lkft/linux-next-master - next-20241209 - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

Dec. 9, 2024, 6:35 a.m.

Environment
qemu-arm64

[   30.259818] ==================================================================
[   30.261048] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   30.261854] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/257
[   30.262591] 
[   30.262983] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc2-next-20241209 #1
[   30.264014] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.264563] Hardware name: linux,dummy-virt (DT)
[   30.265143] Call trace:
[   30.265543]  show_stack+0x20/0x38 (C)
[   30.266092]  dump_stack_lvl+0x8c/0xd0
[   30.266689]  print_report+0x2fc/0x5e0
[   30.267304]  kasan_report+0xc8/0x118
[   30.267794]  __asan_report_load1_noabort+0x20/0x30
[   30.268514]  vmalloc_oob+0x578/0x5d0
[   30.269188]  kunit_try_run_case+0x14c/0x3d0
[   30.270104]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.270947]  kthread+0x24c/0x2d0
[   30.271541]  ret_from_fork+0x10/0x20
[   30.272125] 
[   30.272735] The buggy address belongs to the virtual mapping at
[   30.272735]  [ffff80008010b000, ffff80008010d000) created by:
[   30.272735]  vmalloc_oob+0x98/0x5d0
[   30.274108] 
[   30.274448] The buggy address belongs to the physical page:
[   30.275217] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101306
[   30.276546] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   30.277338] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   30.278176] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   30.279038] page dumped because: kasan: bad access detected
[   30.279902] 
[   30.280140] Memory state around the buggy address:
[   30.280796]  ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.281789]  ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.282669] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   30.283855]                                                              ^
[   30.284211]  ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   30.284540]  ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   30.285382] ==================================================================
[   30.287127] ==================================================================
[   30.288459] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   30.289451] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/257
[   30.290395] 
[   30.290734] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc2-next-20241209 #1
[   30.291833] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.292495] Hardware name: linux,dummy-virt (DT)
[   30.293220] Call trace:
[   30.293575]  show_stack+0x20/0x38 (C)
[   30.294099]  dump_stack_lvl+0x8c/0xd0
[   30.294776]  print_report+0x2fc/0x5e0
[   30.295401]  kasan_report+0xc8/0x118
[   30.295942]  __asan_report_load1_noabort+0x20/0x30
[   30.296574]  vmalloc_oob+0x51c/0x5d0
[   30.297142]  kunit_try_run_case+0x14c/0x3d0
[   30.297799]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.298436]  kthread+0x24c/0x2d0
[   30.299100]  ret_from_fork+0x10/0x20
[   30.299666] 
[   30.300076] The buggy address belongs to the virtual mapping at
[   30.300076]  [ffff80008010b000, ffff80008010d000) created by:
[   30.300076]  vmalloc_oob+0x98/0x5d0
[   30.302523] 
[   30.302945] The buggy address belongs to the physical page:
[   30.303599] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101306
[   30.304505] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   30.305688] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   30.306648] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   30.307953] page dumped because: kasan: bad access detected
[   30.308908] 
[   30.309229] Memory state around the buggy address:
[   30.310054]  ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.310912]  ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.312128] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   30.312460]                                                                 ^
[   30.313423]  ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   30.314216]  ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   30.315074] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2py6iNW3A19OotmKMY53lmGd6oj

job_id

TEST:linaro@lkft#2py6nFdPiknWFOsEIA8yVXfzW70

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2py6nFdPiknWFOsEIA8yVXfzW70

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2py6jouhw76XPtptNZqsJZuZSQp/Image.gz
sha256sum	585f992ebe50618c33d06c91b201dcdd77d849fd5a2ae15648a255921e68d327

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	f592205e64add7389d8a1055c235aa3685e13c7cfdfdbe5f212ab22afdbeb656

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2py6jouhw76XPtptNZqsJZuZSQp/modules.tar.xz
sha256sum	c030e654f042d75e88e5e0f533f0d246e75ce1cd54b338d0c8f2e891828c0660

durations

tests

boot	494.17
kunit	331.08

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit