lkft/linux-next-master - next-20241122 - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree

Date

Nov. 22, 2024, 6:35 a.m.

Environment
qemu-arm64
qemu-x86_64

[   32.458981] ==================================================================
[   32.460885] BUG: KASAN: invalid-free in kfree+0x278/0x3d0
[   32.461740] Free of addr fff00000c69f0001 by task kunit_try_catch/139
[   32.462823] 
[   32.463350] CPU: 1 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241122 #1
[   32.465260] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.465977] Hardware name: linux,dummy-virt (DT)
[   32.466599] Call trace:
[   32.467079]  show_stack+0x20/0x38 (C)
[   32.467740]  dump_stack_lvl+0x8c/0xd0
[   32.468391]  print_report+0x118/0x5e0
[   32.469521]  kasan_report_invalid_free+0xb0/0xd8
[   32.470191]  __kasan_kfree_large+0x5c/0xa8
[   32.471167]  free_large_kmalloc+0x58/0x140
[   32.472235]  kfree+0x278/0x3d0
[   32.473136]  kmalloc_large_invalid_free+0x108/0x270
[   32.473921]  kunit_try_run_case+0x14c/0x3d0
[   32.474671]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.475470]  kthread+0x24c/0x2d0
[   32.476032]  ret_from_fork+0x10/0x20
[   32.477158] 
[   32.477536] The buggy address belongs to the physical page:
[   32.478520] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1069f0
[   32.480505] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   32.481728] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   32.483019] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   32.483962] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   32.485186] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   32.486558] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   32.487490] head: 0bfffe0000000002 ffffc1ffc31a7c01 ffffffffffffffff 0000000000000000
[   32.488402] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   32.489453] page dumped because: kasan: bad access detected
[   32.490110] 
[   32.490544] Memory state around the buggy address:
[   32.491579]  fff00000c69eff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   32.492463]  fff00000c69eff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   32.493339] >fff00000c69f0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.495349]                    ^
[   32.496257]  fff00000c69f0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.497344]  fff00000c69f0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.498237] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2pC5b8oaJWXHgnXV09vT5LVgOaw

job_id

TEST:linaro@lkft#2pC5fJPu1U0syxXCEatKhpHAVGc

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pC5fJPu1U0syxXCEatKhpHAVGc

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pC5cJkcKwJlHcbGFpkgrIsh5rv/Image.gz
sha256sum	c7dd7dbcf7d483b1d1dd11cc623170a05fa77e79300cd8b3c90dab3ce454e75a

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	f592205e64add7389d8a1055c235aa3685e13c7cfdfdbe5f212ab22afdbeb656

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pC5cJkcKwJlHcbGFpkgrIsh5rv/modules.tar.xz
sha256sum	5eca046fbd2122c8407be146a89207cf131b2811a5bb49c1bd70a7799382ee91

durations

tests

boot	412.61
kunit	528.55

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

[   24.106612] ==================================================================
[   24.107811] BUG: KASAN: invalid-free in kfree+0x271/0x3f0
[   24.108558] Free of addr ffff888102328001 by task kunit_try_catch/158
[   24.109344] 
[   24.109580] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241122 #1
[   24.110880] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.111780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.113069] Call Trace:
[   24.113554]  <TASK>
[   24.113864]  dump_stack_lvl+0x73/0xb0
[   24.114205]  print_report+0xd1/0x640
[   24.114809]  ? __virt_addr_valid+0x1db/0x2d0
[   24.115168]  ? kfree+0x271/0x3f0
[   24.115617]  ? kasan_addr_to_slab+0x11/0xa0
[   24.115995]  ? kfree+0x271/0x3f0
[   24.116241]  kasan_report_invalid_free+0xc0/0xf0
[   24.116842]  ? kfree+0x271/0x3f0
[   24.117449]  ? kfree+0x271/0x3f0
[   24.117768]  __kasan_kfree_large+0x86/0xd0
[   24.118126]  free_large_kmalloc+0x3b/0xd0
[   24.118648]  kfree+0x271/0x3f0
[   24.119112]  kmalloc_large_invalid_free+0x121/0x2b0
[   24.119632]  ? __pfx_kmalloc_large_invalid_free+0x10/0x10
[   24.120286]  ? __schedule+0xc3e/0x2790
[   24.120575]  ? __pfx_read_tsc+0x10/0x10
[   24.121103]  ? ktime_get_ts64+0x84/0x230
[   24.121580]  kunit_try_run_case+0x1b3/0x490
[   24.122186]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.122565]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   24.122916]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.123481]  ? __kthread_parkme+0x82/0x160
[   24.123936]  ? preempt_count_sub+0x50/0x80
[   24.124366]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.124922]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.125538]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.126112]  kthread+0x257/0x310
[   24.126586]  ? __pfx_kthread+0x10/0x10
[   24.127031]  ret_from_fork+0x41/0x80
[   24.127416]  ? __pfx_kthread+0x10/0x10
[   24.127848]  ret_from_fork_asm+0x1a/0x30
[   24.128425]  </TASK>
[   24.128615] 
[   24.128772] The buggy address belongs to the physical page:
[   24.129341] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102328
[   24.130141] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.131047] flags: 0x200000000000040(head|node=0|zone=2)
[   24.131700] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.132106] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.132970] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.133984] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.134556] head: 0200000000000002 ffffea000408ca01 ffffffffffffffff 0000000000000000
[   24.135071] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   24.135878] page dumped because: kasan: bad access detected
[   24.136237] 
[   24.136528] Memory state around the buggy address:
[   24.137094]  ffff888102327f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.137602]  ffff888102327f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.138002] >ffff888102328000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.138705]                    ^
[   24.139041]  ffff888102328080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.139803]  ffff888102328100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.140376] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2pC5b8oaJWXHgnXV09vT5LVgOaw

job_id

TEST:linaro@lkft#2pC5gJrOhOMCPVCTwF6RWUbKkzV

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pC5gJrOhOMCPVCTwF6RWUbKkzV

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pC5d8hM9aExmiriR2zCnDddb2O/bzImage
sha256sum	9e430a5c45c1c4d501e13019c577f1fb3e738d06e3c62c75693b9374ef9b548d

rootfs

url	https://storage.tuxboot.com/debian/trixie/amd64/rootfs.ext4.xz
sha256sum	c6ceed53712217894b72c37cdc18ddb1157eb9bca95bb5bb312b9c30db3bb83b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pC5d8hM9aExmiriR2zCnDddb2O/modules.tar.xz
sha256sum	342d3a3609bc12bfde714988d31ce95ccf57861e8edbfa31f0f2d2d1be459952

durations

tests

boot	362.79
kunit	484.51

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit