lkft/linux-next-master - next-20241205 - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read

Date

Dec. 5, 2024, 2:07 p.m.

Environment
qemu-arm64
qemu-x86_64

[   38.544278] ==================================================================
[   38.545141] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   38.545141] 
[   38.546328] Use-after-free read at 0x00000000a3367d76 (in kfence-#142):
[   38.546995]  test_use_after_free_read+0x114/0x248
[   38.547727]  test_use_after_free_read+0xf0/0x248
[   38.548354]  kunit_try_run_case+0x14c/0x3d0
[   38.549002]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.549687]  kthread+0x24c/0x2d0
[   38.550225]  ret_from_fork+0x10/0x20
[   38.550752] 
[   38.551100] kfence-#142: 0x00000000a3367d76-0x00000000f8cfd6d9, size=32, cache=test
[   38.551100] 
[   38.551942] allocated by task 286 on cpu 1 at 38.543981s (0.007952s ago):
[   38.552603]  test_alloc+0x22c/0x620
[   38.553295]  test_use_after_free_read+0xd0/0x248
[   38.554126]  kunit_try_run_case+0x14c/0x3d0
[   38.554987]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.555733]  kthread+0x24c/0x2d0
[   38.556260]  ret_from_fork+0x10/0x20
[   38.556953] 
[   38.557342] freed by task 286 on cpu 1 at 38.544061s (0.013271s ago):
[   38.558475]  test_use_after_free_read+0xf0/0x248
[   38.559035]  kunit_try_run_case+0x14c/0x3d0
[   38.559738]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.560492]  kthread+0x24c/0x2d0
[   38.560947]  ret_from_fork+0x10/0x20
[   38.561644] 
[   38.561994] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   38.563322] Tainted: [B]=BAD_PAGE, [N]=TEST
[   38.563968] Hardware name: linux,dummy-virt (DT)
[   38.564540] ==================================================================
[   38.440370] ==================================================================
[   38.441226] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   38.441226] 
[   38.442359] Use-after-free read at 0x000000005363260a (in kfence-#141):
[   38.443146]  test_use_after_free_read+0x114/0x248
[   38.443771]  test_use_after_free_read+0x1c0/0x248
[   38.444454]  kunit_try_run_case+0x14c/0x3d0
[   38.445158]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.445755]  kthread+0x24c/0x2d0
[   38.446397]  ret_from_fork+0x10/0x20
[   38.447258] 
[   38.448195] kfence-#141: 0x000000005363260a-0x000000008947792c, size=32, cache=kmalloc-32
[   38.448195] 
[   38.449170] allocated by task 284 on cpu 1 at 38.439869s (0.009291s ago):
[   38.450007]  test_alloc+0x298/0x620
[   38.450569]  test_use_after_free_read+0xd0/0x248
[   38.451373]  kunit_try_run_case+0x14c/0x3d0
[   38.451984]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.452677]  kthread+0x24c/0x2d0
[   38.453225]  ret_from_fork+0x10/0x20
[   38.453852] 
[   38.454411] freed by task 284 on cpu 1 at 38.439988s (0.014252s ago):
[   38.455429]  test_use_after_free_read+0x1c0/0x248
[   38.456161]  kunit_try_run_case+0x14c/0x3d0
[   38.456721]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.457488]  kthread+0x24c/0x2d0
[   38.458111]  ret_from_fork+0x10/0x20
[   38.458868] 
[   38.459273] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   38.460627] Tainted: [B]=BAD_PAGE, [N]=TEST
[   38.461264] Hardware name: linux,dummy-virt (DT)
[   38.461909] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2pnhC7sMGO3mZSKEpi2hQOshVKK

job_id

TEST:linaro@lkft#2pnhGOQkwFo1HvTfLArQnxPtO0I

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pnhGOQkwFo1HvTfLArQnxPtO0I

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pnhDDDmMVdXLj6DmVWKmIo5UuB/Image.gz
sha256sum	a3a8ddbb98eb5f4750cc8f3a81da5ad969a6f518cf5722d432de7312e72d1e19

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	f592205e64add7389d8a1055c235aa3685e13c7cfdfdbe5f212ab22afdbeb656

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pnhDDDmMVdXLj6DmVWKmIo5UuB/modules.tar.xz
sha256sum	bf63a42a45d4c5a423fba686bca6ce06daee4626a049ed0143a18a7fdc0aa05b

durations

tests

boot	368.30
kunit	453.57

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

[   36.725955] ==================================================================
[   36.726640] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270
[   36.726640] 
[   36.727455] Use-after-free read at 0x(____ptrval____) (in kfence-#106):
[   36.728156]  test_use_after_free_read+0x12a/0x270
[   36.728697]  kunit_try_run_case+0x1b3/0x490
[   36.729148]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   36.729651]  kthread+0x257/0x310
[   36.730139]  ret_from_fork+0x41/0x80
[   36.730661]  ret_from_fork_asm+0x1a/0x30
[   36.731210] 
[   36.731398] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test
[   36.731398] 
[   36.732350] allocated by task 304 on cpu 0 at 36.725806s (0.006539s ago):
[   36.733098]  test_alloc+0x2a7/0x10d0
[   36.733601]  test_use_after_free_read+0xdd/0x270
[   36.734146]  kunit_try_run_case+0x1b3/0x490
[   36.734468]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   36.735166]  kthread+0x257/0x310
[   36.735472]  ret_from_fork+0x41/0x80
[   36.736141]  ret_from_fork_asm+0x1a/0x30
[   36.736489] 
[   36.736846] freed by task 304 on cpu 0 at 36.725867s (0.010974s ago):
[   36.737316]  test_use_after_free_read+0xfc/0x270
[   36.737998]  kunit_try_run_case+0x1b3/0x490
[   36.738529]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   36.739112]  kthread+0x257/0x310
[   36.739481]  ret_from_fork+0x41/0x80
[   36.740067]  ret_from_fork_asm+0x1a/0x30
[   36.740390] 
[   36.740699] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   36.741646] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.742116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   36.743082] ==================================================================
[   36.621625] ==================================================================
[   36.622360] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270
[   36.622360] 
[   36.623256] Use-after-free read at 0x(____ptrval____) (in kfence-#105):
[   36.623992]  test_use_after_free_read+0x12a/0x270
[   36.624613]  kunit_try_run_case+0x1b3/0x490
[   36.625092]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   36.625970]  kthread+0x257/0x310
[   36.626507]  ret_from_fork+0x41/0x80
[   36.627338]  ret_from_fork_asm+0x1a/0x30
[   36.628004] 
[   36.628158] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32
[   36.628158] 
[   36.629356] allocated by task 302 on cpu 0 at 36.621352s (0.008000s ago):
[   36.630335]  test_alloc+0x35f/0x10d0
[   36.630901]  test_use_after_free_read+0xdd/0x270
[   36.631477]  kunit_try_run_case+0x1b3/0x490
[   36.631952]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   36.632533]  kthread+0x257/0x310
[   36.633107]  ret_from_fork+0x41/0x80
[   36.633582]  ret_from_fork_asm+0x1a/0x30
[   36.634160] 
[   36.634635] freed by task 302 on cpu 0 at 36.621438s (0.012964s ago):
[   36.635381]  test_use_after_free_read+0x1e9/0x270
[   36.635787]  kunit_try_run_case+0x1b3/0x490
[   36.636302]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   36.637187]  kthread+0x257/0x310
[   36.637548]  ret_from_fork+0x41/0x80
[   36.638757]  ret_from_fork_asm+0x1a/0x30
[   36.639276] 
[   36.639794] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   36.640855] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.641434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   36.642434] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2pnhC7sMGO3mZSKEpi2hQOshVKK

job_id

TEST:linaro@lkft#2pnhHWFSK1dbZV5zleHb3KImSng

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pnhHWFSK1dbZV5zleHb3KImSng

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pnhEAoCkYWTiA52ztrhR2JrW2j/bzImage
sha256sum	6ac9a7b09124b3be18977719b6c42062081e4fc708754316fb00f1284d0ffbdc

rootfs

url	https://storage.tuxboot.com/debian/trixie/amd64/rootfs.ext4.xz
sha256sum	c6ceed53712217894b72c37cdc18ddb1157eb9bca95bb5bb312b9c30db3bb83b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pnhEAoCkYWTiA52ztrhR2JrW2j/modules.tar.xz
sha256sum	d3ec141e466e48bcd82ed4ba800c23ee25b64ee01ab02d8038ff3f8c6fd7ed6d

durations

tests

boot	336.99
kunit	512.65

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit