lkft/linux-next-master - next-20241120 - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read

Date

Nov. 20, 2024, 6:35 a.m.

Environment
qemu-arm64
qemu-x86_64

[   45.614833] ==================================================================
[   45.615677] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   45.615677] 
[   45.616554] Use-after-free read at 0x0000000039a5448e (in kfence-#171):
[   45.617703]  test_use_after_free_read+0x114/0x248
[   45.618328]  test_use_after_free_read+0x1c0/0x248
[   45.618871]  kunit_try_run_case+0x14c/0x3d0
[   45.619527]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   45.620253]  kthread+0x24c/0x2d0
[   45.620810]  ret_from_fork+0x10/0x20
[   45.621368] 
[   45.621733] kfence-#171: 0x0000000039a5448e-0x00000000bc89df75, size=32, cache=kmalloc-32
[   45.621733] 
[   45.622540] allocated by task 284 on cpu 1 at 45.614263s (0.008265s ago):
[   45.623397]  test_alloc+0x298/0x620
[   45.623953]  test_use_after_free_read+0xd0/0x248
[   45.624515]  kunit_try_run_case+0x14c/0x3d0
[   45.625168]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   45.625767]  kthread+0x24c/0x2d0
[   45.626302]  ret_from_fork+0x10/0x20
[   45.626897] 
[   45.627198] freed by task 284 on cpu 1 at 45.614391s (0.012795s ago):
[   45.627959]  test_use_after_free_read+0x1c0/0x248
[   45.628637]  kunit_try_run_case+0x14c/0x3d0
[   45.629145]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   45.629880]  kthread+0x24c/0x2d0
[   45.630413]  ret_from_fork+0x10/0x20
[   45.630939] 
[   45.631333] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   45.632356] Tainted: [B]=BAD_PAGE, [N]=TEST
[   45.632877] Hardware name: linux,dummy-virt (DT)
[   45.633412] ==================================================================
[   45.718767] ==================================================================
[   45.719500] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   45.719500] 
[   45.720396] Use-after-free read at 0x0000000022c28eab (in kfence-#172):
[   45.721260]  test_use_after_free_read+0x114/0x248
[   45.721862]  test_use_after_free_read+0xf0/0x248
[   45.722599]  kunit_try_run_case+0x14c/0x3d0
[   45.723278]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   45.724053]  kthread+0x24c/0x2d0
[   45.724633]  ret_from_fork+0x10/0x20
[   45.725286] 
[   45.725665] kfence-#172: 0x0000000022c28eab-0x00000000eb049ac8, size=32, cache=test
[   45.725665] 
[   45.726658] allocated by task 286 on cpu 1 at 45.718370s (0.008275s ago):
[   45.727523]  test_alloc+0x22c/0x620
[   45.728074]  test_use_after_free_read+0xd0/0x248
[   45.728741]  kunit_try_run_case+0x14c/0x3d0
[   45.729386]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   45.730167]  kthread+0x24c/0x2d0
[   45.730727]  ret_from_fork+0x10/0x20
[   45.731323] 
[   45.731687] freed by task 286 on cpu 1 at 45.718497s (0.013178s ago):
[   45.732661]  test_use_after_free_read+0xf0/0x248
[   45.733354]  kunit_try_run_case+0x14c/0x3d0
[   45.733896]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   45.734663]  kthread+0x24c/0x2d0
[   45.735207]  ret_from_fork+0x10/0x20
[   45.735772] 
[   45.736200] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   45.737303] Tainted: [B]=BAD_PAGE, [N]=TEST
[   45.737923] Hardware name: linux,dummy-virt (DT)
[   45.738486] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2p6RKtSaQzM9AH7EW4wB6TaFUpc

job_id

TEST:linaro@lkft#2p6RORe3bvOVFFyikCIIMIqvDuf

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2p6RORe3bvOVFFyikCIIMIqvDuf

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2p6RLcQ3A7IaWr2y5V43PS9SGkI/Image.gz
sha256sum	9d3350185f371d5540b7a890915c7b2d520978ac8bacbcab31ceb8e94c9d6874

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	f592205e64add7389d8a1055c235aa3685e13c7cfdfdbe5f212ab22afdbeb656

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2p6RLcQ3A7IaWr2y5V43PS9SGkI/modules.tar.xz
sha256sum	b4e07e5fcad0be04916ab3c60d2c95a83a8f3b78bb90a3779ae77006e754e02b

durations

tests

boot	391.28
kunit	457.10

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

[   37.480637] ==================================================================
[   37.481314] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270
[   37.481314] 
[   37.482111] Use-after-free read at 0x(____ptrval____) (in kfence-#107):
[   37.482919]  test_use_after_free_read+0x12a/0x270
[   37.483678]  kunit_try_run_case+0x1b3/0x490
[   37.484418]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   37.485280]  kthread+0x257/0x310
[   37.485730]  ret_from_fork+0x41/0x80
[   37.486149]  ret_from_fork_asm+0x1a/0x30
[   37.486456] 
[   37.486837] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test
[   37.486837] 
[   37.487678] allocated by task 304 on cpu 0 at 37.480487s (0.007187s ago):
[   37.488361]  test_alloc+0x2a7/0x10d0
[   37.488825]  test_use_after_free_read+0xdd/0x270
[   37.489168]  kunit_try_run_case+0x1b3/0x490
[   37.489815]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   37.490256]  kthread+0x257/0x310
[   37.490848]  ret_from_fork+0x41/0x80
[   37.491140]  ret_from_fork_asm+0x1a/0x30
[   37.491770] 
[   37.491930] freed by task 304 on cpu 0 at 37.480548s (0.011379s ago):
[   37.492761]  test_use_after_free_read+0xfc/0x270
[   37.493208]  kunit_try_run_case+0x1b3/0x490
[   37.493812]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   37.494258]  kthread+0x257/0x310
[   37.494807]  ret_from_fork+0x41/0x80
[   37.495276]  ret_from_fork_asm+0x1a/0x30
[   37.495784] 
[   37.495998] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   37.496954] Tainted: [B]=BAD_PAGE, [N]=TEST
[   37.497452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   37.498225] ==================================================================
[   37.376777] ==================================================================
[   37.377222] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270
[   37.377222] 
[   37.377623] Use-after-free read at 0x(____ptrval____) (in kfence-#106):
[   37.378674]  test_use_after_free_read+0x12a/0x270
[   37.379669]  kunit_try_run_case+0x1b3/0x490
[   37.380247]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   37.380758]  kthread+0x257/0x310
[   37.381137]  ret_from_fork+0x41/0x80
[   37.381520]  ret_from_fork_asm+0x1a/0x30
[   37.381989] 
[   37.382198] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32
[   37.382198] 
[   37.383128] allocated by task 302 on cpu 0 at 37.376463s (0.006661s ago):
[   37.383780]  test_alloc+0x35f/0x10d0
[   37.384202]  test_use_after_free_read+0xdd/0x270
[   37.384740]  kunit_try_run_case+0x1b3/0x490
[   37.385084]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   37.385660]  kthread+0x257/0x310
[   37.386013]  ret_from_fork+0x41/0x80
[   37.386442]  ret_from_fork_asm+0x1a/0x30
[   37.386995] 
[   37.387183] freed by task 302 on cpu 0 at 37.376542s (0.010637s ago):
[   37.387595]  test_use_after_free_read+0x1e9/0x270
[   37.388228]  kunit_try_run_case+0x1b3/0x490
[   37.388818]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   37.389224]  kthread+0x257/0x310
[   37.389514]  ret_from_fork+0x41/0x80
[   37.390052]  ret_from_fork_asm+0x1a/0x30
[   37.390491] 
[   37.390764] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   37.391580] Tainted: [B]=BAD_PAGE, [N]=TEST
[   37.392083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   37.392855] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2p6RKtSaQzM9AH7EW4wB6TaFUpc

job_id

TEST:linaro@lkft#2p6RPNr2y12YowxKLQRV451JlM6

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2p6RPNr2y12YowxKLQRV451JlM6

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2p6RMMbTDFmoXOOndi5FyihCrgs/bzImage
sha256sum	033988f45e2f1e9750522611d893414390f020e65edd5241101f29f781737e7a

rootfs

url	https://storage.tuxboot.com/debian/trixie/amd64/rootfs.ext4.xz
sha256sum	c6ceed53712217894b72c37cdc18ddb1157eb9bca95bb5bb312b9c30db3bb83b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2p6RMMbTDFmoXOOndi5FyihCrgs/modules.tar.xz
sha256sum	a8bcebf93a9097643183a46eaffe84a5850dabf2d773ab9730b5f5a7eed98e79

durations

tests

boot	377.87
kunit	413.53

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit