lkft/linux-next-master - next-20241126 - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

Nov. 26, 2024, 6:09 a.m.

Environment
qemu-arm64

[   38.018558] ==================================================================
[   38.018980] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   38.019895] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/258
[   38.020838] 
[   38.021376] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241126 #1
[   38.022595] Tainted: [B]=BAD_PAGE, [N]=TEST
[   38.023794] Hardware name: linux,dummy-virt (DT)
[   38.024928] Call trace:
[   38.025430]  show_stack+0x20/0x38 (C)
[   38.026132]  dump_stack_lvl+0x8c/0xd0
[   38.026886]  print_report+0x2fc/0x5e0
[   38.027595]  kasan_report+0xc8/0x118
[   38.028224]  __asan_report_load1_noabort+0x20/0x30
[   38.029013]  vmalloc_oob+0x51c/0x5d0
[   38.029833]  kunit_try_run_case+0x14c/0x3d0
[   38.030661]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.031507]  kthread+0x24c/0x2d0
[   38.032081]  ret_from_fork+0x10/0x20
[   38.032841] 
[   38.033214] The buggy address belongs to the virtual mapping at
[   38.033214]  [ffff80008010b000, ffff80008010d000) created by:
[   38.033214]  vmalloc_oob+0x98/0x5d0
[   38.034688] 
[   38.035075] The buggy address belongs to the physical page:
[   38.035721] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10594b
[   38.037238] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   38.037854] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   38.038966] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   38.039965] page dumped because: kasan: bad access detected
[   38.040826] 
[   38.041496] Memory state around the buggy address:
[   38.041983]  ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.042798]  ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.044385] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   38.045550]                                                                 ^
[   38.046381]  ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   38.046772]  ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   38.047566] ==================================================================
[   37.986493] ==================================================================
[   37.987803] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   37.988578] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/258
[   37.990201] 
[   37.990627] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241126 #1
[   37.991881] Tainted: [B]=BAD_PAGE, [N]=TEST
[   37.992636] Hardware name: linux,dummy-virt (DT)
[   37.993956] Call trace:
[   37.994421]  show_stack+0x20/0x38 (C)
[   37.995217]  dump_stack_lvl+0x8c/0xd0
[   37.995837]  print_report+0x2fc/0x5e0
[   37.996787]  kasan_report+0xc8/0x118
[   37.997404]  __asan_report_load1_noabort+0x20/0x30
[   37.998069]  vmalloc_oob+0x578/0x5d0
[   37.998670]  kunit_try_run_case+0x14c/0x3d0
[   37.999324]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.000131]  kthread+0x24c/0x2d0
[   38.001024]  ret_from_fork+0x10/0x20
[   38.001458] 
[   38.001858] The buggy address belongs to the virtual mapping at
[   38.001858]  [ffff80008010b000, ffff80008010d000) created by:
[   38.001858]  vmalloc_oob+0x98/0x5d0
[   38.003343] 
[   38.003721] The buggy address belongs to the physical page:
[   38.004360] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10594b
[   38.005666] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   38.006476] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   38.007417] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   38.008293] page dumped because: kasan: bad access detected
[   38.009410] 
[   38.009692] Memory state around the buggy address:
[   38.010275]  ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.011363]  ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.012612] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   38.013489]                                                              ^
[   38.014555]  ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   38.015577]  ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   38.016999] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2pNLRA0IBHuJTf07d272FmWDvGc

job_id

TEST:linaro@lkft#2pNLVChLm6O8OE9kFFUb2JRePJW

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pNLVChLm6O8OE9kFFUb2JRePJW

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pNLSEqM3byntpC85gJqI4B2WZl/Image.gz
sha256sum	7e81128b3f5cd5661a1ca94f4014d04ea2b4d60c42ee0538da245262b16ff790

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	f592205e64add7389d8a1055c235aa3685e13c7cfdfdbe5f212ab22afdbeb656

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pNLSEqM3byntpC85gJqI4B2WZl/modules.tar.xz
sha256sum	639d946629d114008a931ff40c21d2d44d7004c1191b97766b75eddb21223f93

durations

tests

boot	405.85
kunit	501.79

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

[   38.127232] ==================================================================
[   38.127991] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   38.128793] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/258
[   38.129601] 
[   38.130044] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241126 #1
[   38.131735] Tainted: [B]=BAD_PAGE, [N]=TEST
[   38.132273] Hardware name: linux,dummy-virt (DT)
[   38.132956] Call trace:
[   38.133335]  show_stack+0x20/0x38 (C)
[   38.133977]  dump_stack_lvl+0x8c/0xd0
[   38.134595]  print_report+0x2fc/0x5e0
[   38.135505]  kasan_report+0xc8/0x118
[   38.136060]  __asan_report_load1_noabort+0x20/0x30
[   38.136844]  vmalloc_oob+0x51c/0x5d0
[   38.137476]  kunit_try_run_case+0x14c/0x3d0
[   38.138350]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.139156]  kthread+0x24c/0x2d0
[   38.139800]  ret_from_fork+0x10/0x20
[   38.140435] 
[   38.140822] The buggy address belongs to the virtual mapping at
[   38.140822]  [ffff80008010b000, ffff80008010d000) created by:
[   38.140822]  vmalloc_oob+0x98/0x5d0
[   38.142563] 
[   38.142946] The buggy address belongs to the physical page:
[   38.143586] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f26
[   38.144464] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   38.145383] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   38.146511] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   38.147438] page dumped because: kasan: bad access detected
[   38.148224] 
[   38.148667] Memory state around the buggy address:
[   38.149357]  ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.150863]  ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.151848] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   38.152624]                                                                 ^
[   38.153664]  ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   38.154599]  ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   38.155421] ==================================================================
[   38.094795] ==================================================================
[   38.096339] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   38.097316] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/258
[   38.098234] 
[   38.099422] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241126 #1
[   38.100909] Tainted: [B]=BAD_PAGE, [N]=TEST
[   38.101808] Hardware name: linux,dummy-virt (DT)
[   38.102666] Call trace:
[   38.103047]  show_stack+0x20/0x38 (C)
[   38.103886]  dump_stack_lvl+0x8c/0xd0
[   38.104558]  print_report+0x2fc/0x5e0
[   38.105204]  kasan_report+0xc8/0x118
[   38.106096]  __asan_report_load1_noabort+0x20/0x30
[   38.106983]  vmalloc_oob+0x578/0x5d0
[   38.107624]  kunit_try_run_case+0x14c/0x3d0
[   38.107945]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.108288]  kthread+0x24c/0x2d0
[   38.108576]  ret_from_fork+0x10/0x20
[   38.109152] 
[   38.109571] The buggy address belongs to the virtual mapping at
[   38.109571]  [ffff80008010b000, ffff80008010d000) created by:
[   38.109571]  vmalloc_oob+0x98/0x5d0
[   38.111988] 
[   38.112453] The buggy address belongs to the physical page:
[   38.112879] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f26
[   38.113281] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   38.113850] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   38.115043] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   38.115828] page dumped because: kasan: bad access detected
[   38.116847] 
[   38.117279] Memory state around the buggy address:
[   38.118019]  ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.119270]  ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.120246] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   38.121116]                                                              ^
[   38.122318]  ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   38.123227]  ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   38.124122] ==================================================================