lkft/linux-next-master - next-20241203 - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read

Date

Dec. 3, 2024, 11:38 p.m.

Environment
qemu-arm64
qemu-x86_64

[   39.704273] ==================================================================
[   39.705221] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   39.705221] 
[   39.706375] Use-after-free read at 0x00000000f6f42316 (in kfence-#151):
[   39.707065]  test_use_after_free_read+0x114/0x248
[   39.708029]  test_use_after_free_read+0x1c0/0x248
[   39.708706]  kunit_try_run_case+0x14c/0x3d0
[   39.709424]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   39.710135]  kthread+0x24c/0x2d0
[   39.710664]  ret_from_fork+0x10/0x20
[   39.711193] 
[   39.711566] kfence-#151: 0x00000000f6f42316-0x0000000070235cd7, size=32, cache=kmalloc-32
[   39.711566] 
[   39.712667] allocated by task 284 on cpu 0 at 39.703808s (0.008849s ago):
[   39.713655]  test_alloc+0x298/0x620
[   39.714288]  test_use_after_free_read+0xd0/0x248
[   39.714839]  kunit_try_run_case+0x14c/0x3d0
[   39.715581]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   39.716233]  kthread+0x24c/0x2d0
[   39.716848]  ret_from_fork+0x10/0x20
[   39.717428] 
[   39.717726] freed by task 284 on cpu 0 at 39.703927s (0.013789s ago):
[   39.718681]  test_use_after_free_read+0x1c0/0x248
[   39.719302]  kunit_try_run_case+0x14c/0x3d0
[   39.719950]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   39.720722]  kthread+0x24c/0x2d0
[   39.721240]  ret_from_fork+0x10/0x20
[   39.721812] 
[   39.722189] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241203 #1
[   39.723404] Tainted: [B]=BAD_PAGE, [N]=TEST
[   39.724036] Hardware name: linux,dummy-virt (DT)
[   39.724758] ==================================================================
[   39.808255] ==================================================================
[   39.809137] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   39.809137] 
[   39.810034] Use-after-free read at 0x0000000020178f0f (in kfence-#152):
[   39.810994]  test_use_after_free_read+0x114/0x248
[   39.811583]  test_use_after_free_read+0xf0/0x248
[   39.812479]  kunit_try_run_case+0x14c/0x3d0
[   39.813175]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   39.813854]  kthread+0x24c/0x2d0
[   39.814538]  ret_from_fork+0x10/0x20
[   39.815004] 
[   39.815383] kfence-#152: 0x0000000020178f0f-0x000000009a3e87fb, size=32, cache=test
[   39.815383] 
[   39.816558] allocated by task 286 on cpu 1 at 39.807823s (0.008726s ago):
[   39.817472]  test_alloc+0x22c/0x620
[   39.818161]  test_use_after_free_read+0xd0/0x248
[   39.818703]  kunit_try_run_case+0x14c/0x3d0
[   39.819444]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   39.820188]  kthread+0x24c/0x2d0
[   39.820759]  ret_from_fork+0x10/0x20
[   39.821405] 
[   39.821765] freed by task 286 on cpu 1 at 39.807927s (0.013827s ago):
[   39.822689]  test_use_after_free_read+0xf0/0x248
[   39.823321]  kunit_try_run_case+0x14c/0x3d0
[   39.824038]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   39.824709]  kthread+0x24c/0x2d0
[   39.825257]  ret_from_fork+0x10/0x20
[   39.825869] 
[   39.826207] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241203 #1
[   39.827479] Tainted: [B]=BAD_PAGE, [N]=TEST
[   39.828075] Hardware name: linux,dummy-virt (DT)
[   39.828687] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2pjANFhcTUHYUD8KvmkoTjVeTmt

job_id

TEST:linaro@lkft#2pjARytps7if5HJMuumTS46nTsj

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pjARytps7if5HJMuumTS46nTsj

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pjAOc9bkDiDA04up4xCb2C3vN5/Image.gz
sha256sum	7696a40d025f98ea7e22dbff6285b0cd7a198a045c5b4811710fc4905df88b37

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	f592205e64add7389d8a1055c235aa3685e13c7cfdfdbe5f212ab22afdbeb656

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pjAOc9bkDiDA04up4xCb2C3vN5/modules.tar.xz
sha256sum	bfdbe907add46b30ce9c5dd00a77c19e4fd26300871ba14b257d0d3291f18d7d

durations

tests

boot	386.69
kunit	461.05

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

[   34.394396] ==================================================================
[   34.394827] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270
[   34.394827] 
[   34.395313] Use-after-free read at 0x(____ptrval____) (in kfence-#136):
[   34.395982]  test_use_after_free_read+0x12a/0x270
[   34.396403]  kunit_try_run_case+0x1b3/0x490
[   34.397689]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   34.398307]  kthread+0x257/0x310
[   34.398747]  ret_from_fork+0x41/0x80
[   34.399307]  ret_from_fork_asm+0x1a/0x30
[   34.399895] 
[   34.400141] kfence-#136: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test
[   34.400141] 
[   34.400846] allocated by task 306 on cpu 0 at 34.394208s (0.006633s ago):
[   34.401345]  test_alloc+0x2a7/0x10d0
[   34.401786]  test_use_after_free_read+0xdd/0x270
[   34.402122]  kunit_try_run_case+0x1b3/0x490
[   34.402550]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   34.403002]  kthread+0x257/0x310
[   34.403497]  ret_from_fork+0x41/0x80
[   34.403793]  ret_from_fork_asm+0x1a/0x30
[   34.404076] 
[   34.404291] freed by task 306 on cpu 0 at 34.394296s (0.009990s ago):
[   34.404928]  test_use_after_free_read+0xfc/0x270
[   34.405423]  kunit_try_run_case+0x1b3/0x490
[   34.405883]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   34.406228]  kthread+0x257/0x310
[   34.406651]  ret_from_fork+0x41/0x80
[   34.407032]  ret_from_fork_asm+0x1a/0x30
[   34.407482] 
[   34.407681] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241203 #1
[   34.408592] Tainted: [B]=BAD_PAGE, [N]=TEST
[   34.408962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   34.409505] ==================================================================
[   34.290575] ==================================================================
[   34.291205] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270
[   34.291205] 
[   34.291946] Use-after-free read at 0x(____ptrval____) (in kfence-#135):
[   34.292396]  test_use_after_free_read+0x12a/0x270
[   34.292744]  kunit_try_run_case+0x1b3/0x490
[   34.293024]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   34.293725]  kthread+0x257/0x310
[   34.294001]  ret_from_fork+0x41/0x80
[   34.294277]  ret_from_fork_asm+0x1a/0x30
[   34.294561] 
[   34.294770] kfence-#135: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32
[   34.294770] 
[   34.295504] allocated by task 304 on cpu 1 at 34.290209s (0.005290s ago):
[   34.296182]  test_alloc+0x35f/0x10d0
[   34.296661]  test_use_after_free_read+0xdd/0x270
[   34.296982]  kunit_try_run_case+0x1b3/0x490
[   34.297279]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   34.297762]  kthread+0x257/0x310
[   34.298164]  ret_from_fork+0x41/0x80
[   34.298621]  ret_from_fork_asm+0x1a/0x30
[   34.299121] 
[   34.299675] freed by task 304 on cpu 1 at 34.290319s (0.009166s ago):
[   34.300511]  test_use_after_free_read+0x1e9/0x270
[   34.301023]  kunit_try_run_case+0x1b3/0x490
[   34.301572]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   34.301892]  kthread+0x257/0x310
[   34.302149]  ret_from_fork+0x41/0x80
[   34.302403]  ret_from_fork_asm+0x1a/0x30
[   34.302891] 
[   34.303153] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241203 #1
[   34.303855] Tainted: [B]=BAD_PAGE, [N]=TEST
[   34.304201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   34.304945] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2pjANFhcTUHYUD8KvmkoTjVeTmt

job_id

TEST:linaro@lkft#2pjATBKMghIeGylomk9PK5q1ibs

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pjATBKMghIeGylomk9PK5q1ibs

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pjAPstBpuMa9RC9WsDWMrrsOhu/bzImage
sha256sum	54a91a6c1290c1e7dd4edf5b366196af27bc0d7ee9352ef85db99ca82d4f3570

rootfs

url	https://storage.tuxboot.com/debian/trixie/amd64/rootfs.ext4.xz
sha256sum	c6ceed53712217894b72c37cdc18ddb1157eb9bca95bb5bb312b9c30db3bb83b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pjAPstBpuMa9RC9WsDWMrrsOhu/modules.tar.xz
sha256sum	292a94a98872a6bd57f79164b767d5d7e9b1f24ed204926a5ed6e405a69a6b0c

durations

tests

boot	298.98
kunit	453.95

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit