lkft/linux-next-master - next-20250515 - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf

Date

May 15, 2025, 10:38 a.m.

Environment
qemu-arm64
qemu-x86_64

[   17.977080] ==================================================================
[   17.977127] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520
[   17.977189] Read of size 1 at addr fff00000c473de00 by task kunit_try_catch/164
[   17.977349] 
[   17.977425] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc6-next-20250515 #1 PREEMPT 
[   17.977562] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.977617] Hardware name: linux,dummy-virt (DT)
[   17.977647] Call trace:
[   17.977669]  show_stack+0x20/0x38 (C)
[   17.977719]  dump_stack_lvl+0x8c/0xd0
[   17.977949]  print_report+0x118/0x608
[   17.978072]  kasan_report+0xdc/0x128
[   17.978196]  __asan_report_load1_noabort+0x20/0x30
[   17.978308]  krealloc_uaf+0x4c8/0x520
[   17.978429]  kunit_try_run_case+0x170/0x3f0
[   17.978554]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.978637]  kthread+0x328/0x630
[   17.978683]  ret_from_fork+0x10/0x20
[   17.978756] 
[   17.978775] Allocated by task 164:
[   17.978801]  kasan_save_stack+0x3c/0x68
[   17.979016]  kasan_save_track+0x20/0x40
[   17.979122]  kasan_save_alloc_info+0x40/0x58
[   17.979220]  __kasan_kmalloc+0xd4/0xd8
[   17.979294]  __kmalloc_cache_noprof+0x15c/0x3c0
[   17.979393]  krealloc_uaf+0xc8/0x520
[   17.979426]  kunit_try_run_case+0x170/0x3f0
[   17.979609]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.979786]  kthread+0x328/0x630
[   17.979933]  ret_from_fork+0x10/0x20
[   17.980020] 
[   17.980041] Freed by task 164:
[   17.980068]  kasan_save_stack+0x3c/0x68
[   17.980298]  kasan_save_track+0x20/0x40
[   17.980407]  kasan_save_free_info+0x4c/0x78
[   17.980446]  __kasan_slab_free+0x6c/0x98
[   17.980716]  kfree+0x214/0x3c8
[   17.980825]  krealloc_uaf+0x12c/0x520
[   17.980924]  kunit_try_run_case+0x170/0x3f0
[   17.980981]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.981021]  kthread+0x328/0x630
[   17.981065]  ret_from_fork+0x10/0x20
[   17.981099] 
[   17.981118] The buggy address belongs to the object at fff00000c473de00
[   17.981118]  which belongs to the cache kmalloc-256 of size 256
[   17.981183] The buggy address is located 0 bytes inside of
[   17.981183]  freed 256-byte region [fff00000c473de00, fff00000c473df00)
[   17.981241] 
[   17.981269] The buggy address belongs to the physical page:
[   17.981306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10473c
[   17.981374] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.981426] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.981475] page_type: f5(slab)
[   17.981526] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.981584] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.981631] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.981687] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.981762] head: 0bfffe0000000001 ffffc1ffc311cf01 00000000ffffffff 00000000ffffffff
[   17.981811] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.981849] page dumped because: kasan: bad access detected
[   17.981878] 
[   17.981895] Memory state around the buggy address:
[   17.982059]  fff00000c473dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.982222]  fff00000c473dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.982330] >fff00000c473de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.982399]                    ^
[   17.982427]  fff00000c473de80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.982520]  fff00000c473df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.982587] ==================================================================
[   17.969192] ==================================================================
[   17.969333] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520
[   17.969396] Read of size 1 at addr fff00000c473de00 by task kunit_try_catch/164
[   17.969443] 
[   17.969551] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc6-next-20250515 #1 PREEMPT 
[   17.969851] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.969922] Hardware name: linux,dummy-virt (DT)
[   17.969980] Call trace:
[   17.970074]  show_stack+0x20/0x38 (C)
[   17.970210]  dump_stack_lvl+0x8c/0xd0
[   17.970316]  print_report+0x118/0x608
[   17.970378]  kasan_report+0xdc/0x128
[   17.970459]  __kasan_check_byte+0x54/0x70
[   17.970606]  krealloc_noprof+0x44/0x360
[   17.970705]  krealloc_uaf+0x180/0x520
[   17.970829]  kunit_try_run_case+0x170/0x3f0
[   17.970940]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.971041]  kthread+0x328/0x630
[   17.971086]  ret_from_fork+0x10/0x20
[   17.971141] 
[   17.971169] Allocated by task 164:
[   17.971316]  kasan_save_stack+0x3c/0x68
[   17.971550]  kasan_save_track+0x20/0x40
[   17.971648]  kasan_save_alloc_info+0x40/0x58
[   17.971772]  __kasan_kmalloc+0xd4/0xd8
[   17.971841]  __kmalloc_cache_noprof+0x15c/0x3c0
[   17.971946]  krealloc_uaf+0xc8/0x520
[   17.971979]  kunit_try_run_case+0x170/0x3f0
[   17.972044]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.972358]  kthread+0x328/0x630
[   17.972448]  ret_from_fork+0x10/0x20
[   17.972549] 
[   17.972645] Freed by task 164:
[   17.972754]  kasan_save_stack+0x3c/0x68
[   17.972848]  kasan_save_track+0x20/0x40
[   17.973228]  kasan_save_free_info+0x4c/0x78
[   17.973283]  __kasan_slab_free+0x6c/0x98
[   17.973319]  kfree+0x214/0x3c8
[   17.973501]  krealloc_uaf+0x12c/0x520
[   17.973690]  kunit_try_run_case+0x170/0x3f0
[   17.973867]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.973912]  kthread+0x328/0x630
[   17.973947]  ret_from_fork+0x10/0x20
[   17.974015] 
[   17.974040] The buggy address belongs to the object at fff00000c473de00
[   17.974040]  which belongs to the cache kmalloc-256 of size 256
[   17.974379] The buggy address is located 0 bytes inside of
[   17.974379]  freed 256-byte region [fff00000c473de00, fff00000c473df00)
[   17.974462] 
[   17.974499] The buggy address belongs to the physical page:
[   17.974566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10473c
[   17.974615] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.974681] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.974942] page_type: f5(slab)
[   17.975029] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.975169] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.975281] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.975362] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.975409] head: 0bfffe0000000001 ffffc1ffc311cf01 00000000ffffffff 00000000ffffffff
[   17.975455] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.975509] page dumped because: kasan: bad access detected
[   17.975547] 
[   17.975566] Memory state around the buggy address:
[   17.975596]  fff00000c473dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.975635]  fff00000c473dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.975674] >fff00000c473de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.975715]                    ^
[   17.975741]  fff00000c473de80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.975790]  fff00000c473df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.975841] ==================================================================

KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf: Failure

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2x82cn95lnaJcv25aBcIbqxmNlW

job_id

TEST:linaro@lkft#2x82i0VEAX8AHEnAIjjHU38fOa5

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2x82i0VEAX8AHEnAIjjHU38fOa5

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2x82eG237Xz0oehRyoZ2sE2FTZZ/Image.gz
sha256sum	8d10f44ec72bc28243b4fef40985d64e1d2a2da67aaf1203ca0c5f056291b385

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2x82eG237Xz0oehRyoZ2sE2FTZZ/modules.tar.xz
sha256sum	260beefc77a5cb8d14f0b0fb6da10f4b829dae2598932fe8a7db834d3bf2199f

durations

tests

boot	0
kunit	179.62

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   13.961779] ==================================================================
[   13.962343] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0
[   13.963033] Read of size 1 at addr ffff888100ab3800 by task kunit_try_catch/182
[   13.963271] 
[   13.963483] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc6-next-20250515 #1 PREEMPT(voluntary) 
[   13.963576] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.963599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.963638] Call Trace:
[   13.963666]  <TASK>
[   13.963702]  dump_stack_lvl+0x73/0xb0
[   13.963766]  print_report+0xd1/0x650
[   13.963814]  ? __virt_addr_valid+0x1db/0x2d0
[   13.963858]  ? krealloc_uaf+0x1b8/0x5e0
[   13.963895]  ? kasan_complete_mode_report_info+0x64/0x200
[   13.963937]  ? krealloc_uaf+0x1b8/0x5e0
[   13.963978]  kasan_report+0x141/0x180
[   13.964019]  ? krealloc_uaf+0x1b8/0x5e0
[   13.964060]  ? krealloc_uaf+0x1b8/0x5e0
[   13.964097]  __kasan_check_byte+0x3d/0x50
[   13.964136]  krealloc_noprof+0x3f/0x340
[   13.964183]  krealloc_uaf+0x1b8/0x5e0
[   13.964669]  ? __pfx_krealloc_uaf+0x10/0x10
[   13.964723]  ? finish_task_switch.isra.0+0x153/0x700
[   13.964750]  ? __switch_to+0x47/0xf50
[   13.964778]  ? __schedule+0x10cc/0x2b60
[   13.964800]  ? __pfx_read_tsc+0x10/0x10
[   13.964821]  ? ktime_get_ts64+0x86/0x230
[   13.964845]  kunit_try_run_case+0x1a5/0x480
[   13.964872]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.964893]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.964915]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.964936]  ? __kthread_parkme+0x82/0x180
[   13.964958]  ? preempt_count_sub+0x50/0x80
[   13.964979]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.965001]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.965021]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.965042]  kthread+0x337/0x6f0
[   13.965060]  ? trace_preempt_on+0x20/0xc0
[   13.965083]  ? __pfx_kthread+0x10/0x10
[   13.965104]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.965123]  ? calculate_sigpending+0x7b/0xa0
[   13.965147]  ? __pfx_kthread+0x10/0x10
[   13.965167]  ret_from_fork+0x116/0x1d0
[   13.965185]  ? __pfx_kthread+0x10/0x10
[   13.965204]  ret_from_fork_asm+0x1a/0x30
[   13.965251]  </TASK>
[   13.965266] 
[   13.974960] Allocated by task 182:
[   13.975244]  kasan_save_stack+0x45/0x70
[   13.975799]  kasan_save_track+0x18/0x40
[   13.976135]  kasan_save_alloc_info+0x3b/0x50
[   13.977005]  __kasan_kmalloc+0xb7/0xc0
[   13.977352]  __kmalloc_cache_noprof+0x189/0x420
[   13.977847]  krealloc_uaf+0xbb/0x5e0
[   13.978141]  kunit_try_run_case+0x1a5/0x480
[   13.978644]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.979050]  kthread+0x337/0x6f0
[   13.979347]  ret_from_fork+0x116/0x1d0
[   13.979786]  ret_from_fork_asm+0x1a/0x30
[   13.979970] 
[   13.980219] Freed by task 182:
[   13.980693]  kasan_save_stack+0x45/0x70
[   13.981141]  kasan_save_track+0x18/0x40
[   13.981329]  kasan_save_free_info+0x3f/0x60
[   13.981851]  __kasan_slab_free+0x56/0x70
[   13.982198]  kfree+0x222/0x3f0
[   13.982626]  krealloc_uaf+0x13d/0x5e0
[   13.982962]  kunit_try_run_case+0x1a5/0x480
[   13.983140]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.983888]  kthread+0x337/0x6f0
[   13.984135]  ret_from_fork+0x116/0x1d0
[   13.984436]  ret_from_fork_asm+0x1a/0x30
[   13.985213] 
[   13.985362] The buggy address belongs to the object at ffff888100ab3800
[   13.985362]  which belongs to the cache kmalloc-256 of size 256
[   13.985844] The buggy address is located 0 bytes inside of
[   13.985844]  freed 256-byte region [ffff888100ab3800, ffff888100ab3900)
[   13.986504] 
[   13.986676] The buggy address belongs to the physical page:
[   13.987067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab2
[   13.987967] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   13.988359] flags: 0x200000000000040(head|node=0|zone=2)
[   13.989062] page_type: f5(slab)
[   13.989297] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   13.989949] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   13.990393] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   13.991075] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   13.991582] head: 0200000000000001 ffffea000402ac81 00000000ffffffff 00000000ffffffff
[   13.991858] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   13.992408] page dumped because: kasan: bad access detected
[   13.993046] 
[   13.993238] Memory state around the buggy address:
[   13.993760]  ffff888100ab3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.994159]  ffff888100ab3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.994666] >ffff888100ab3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.994913]                    ^
[   13.995237]  ffff888100ab3880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.995615]  ffff888100ab3900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.996047] ==================================================================
[   13.997346] ==================================================================
[   13.997659] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0
[   13.998873] Read of size 1 at addr ffff888100ab3800 by task kunit_try_catch/182
[   13.999286] 
[   13.999441] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc6-next-20250515 #1 PREEMPT(voluntary) 
[   13.999543] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.999660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.999701] Call Trace:
[   13.999743]  <TASK>
[   14.000306]  dump_stack_lvl+0x73/0xb0
[   14.000362]  print_report+0xd1/0x650
[   14.000388]  ? __virt_addr_valid+0x1db/0x2d0
[   14.000413]  ? krealloc_uaf+0x53c/0x5e0
[   14.000433]  ? kasan_complete_mode_report_info+0x64/0x200
[   14.000456]  ? krealloc_uaf+0x53c/0x5e0
[   14.000489]  kasan_report+0x141/0x180
[   14.000544]  ? krealloc_uaf+0x53c/0x5e0
[   14.000584]  __asan_report_load1_noabort+0x18/0x20
[   14.000615]  krealloc_uaf+0x53c/0x5e0
[   14.000664]  ? __pfx_krealloc_uaf+0x10/0x10
[   14.000687]  ? finish_task_switch.isra.0+0x153/0x700
[   14.000709]  ? __switch_to+0x47/0xf50
[   14.000735]  ? __schedule+0x10cc/0x2b60
[   14.000756]  ? __pfx_read_tsc+0x10/0x10
[   14.000777]  ? ktime_get_ts64+0x86/0x230
[   14.000800]  kunit_try_run_case+0x1a5/0x480
[   14.000825]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.000846]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.000867]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.000887]  ? __kthread_parkme+0x82/0x180
[   14.000908]  ? preempt_count_sub+0x50/0x80
[   14.000930]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.000951]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.000971]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.000991]  kthread+0x337/0x6f0
[   14.001009]  ? trace_preempt_on+0x20/0xc0
[   14.001032]  ? __pfx_kthread+0x10/0x10
[   14.001052]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.001071]  ? calculate_sigpending+0x7b/0xa0
[   14.001093]  ? __pfx_kthread+0x10/0x10
[   14.001113]  ret_from_fork+0x116/0x1d0
[   14.001130]  ? __pfx_kthread+0x10/0x10
[   14.001149]  ret_from_fork_asm+0x1a/0x30
[   14.001178]  </TASK>
[   14.001191] 
[   14.012592] Allocated by task 182:
[   14.012731]  kasan_save_stack+0x45/0x70
[   14.012886]  kasan_save_track+0x18/0x40
[   14.013012]  kasan_save_alloc_info+0x3b/0x50
[   14.013146]  __kasan_kmalloc+0xb7/0xc0
[   14.013277]  __kmalloc_cache_noprof+0x189/0x420
[   14.013424]  krealloc_uaf+0xbb/0x5e0
[   14.013549]  kunit_try_run_case+0x1a5/0x480
[   14.013687]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.013847]  kthread+0x337/0x6f0
[   14.013970]  ret_from_fork+0x116/0x1d0
[   14.014100]  ret_from_fork_asm+0x1a/0x30
[   14.016197] 
[   14.016382] Freed by task 182:
[   14.016817]  kasan_save_stack+0x45/0x70
[   14.017050]  kasan_save_track+0x18/0x40
[   14.017265]  kasan_save_free_info+0x3f/0x60
[   14.017588]  __kasan_slab_free+0x56/0x70
[   14.017860]  kfree+0x222/0x3f0
[   14.018087]  krealloc_uaf+0x13d/0x5e0
[   14.018360]  kunit_try_run_case+0x1a5/0x480
[   14.018593]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.018944]  kthread+0x337/0x6f0
[   14.019192]  ret_from_fork+0x116/0x1d0
[   14.020036]  ret_from_fork_asm+0x1a/0x30
[   14.020377] 
[   14.020518] The buggy address belongs to the object at ffff888100ab3800
[   14.020518]  which belongs to the cache kmalloc-256 of size 256
[   14.021021] The buggy address is located 0 bytes inside of
[   14.021021]  freed 256-byte region [ffff888100ab3800, ffff888100ab3900)
[   14.021741] 
[   14.021942] The buggy address belongs to the physical page:
[   14.022194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab2
[   14.022554] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.023014] flags: 0x200000000000040(head|node=0|zone=2)
[   14.023887] page_type: f5(slab)
[   14.024084] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   14.024455] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.025109] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   14.025437] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.026419] head: 0200000000000001 ffffea000402ac81 00000000ffffffff 00000000ffffffff
[   14.026904] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   14.027201] page dumped because: kasan: bad access detected
[   14.027564] 
[   14.027692] Memory state around the buggy address:
[   14.027930]  ffff888100ab3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.028427]  ffff888100ab3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.028673] >ffff888100ab3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.029780]                    ^
[   14.030065]  ffff888100ab3880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.030622]  ffff888100ab3900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.031022] ==================================================================

KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf: Failure

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2x82cn95lnaJcv25aBcIbqxmNlW

job_id

TEST:linaro@lkft#2x82ipUVL9WHfkZvKCNBEYbkXTJ

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2x82ipUVL9WHfkZvKCNBEYbkXTJ

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2x82fkCMGUVy57MkjmocaW2NNv8/bzImage
sha256sum	74edfec95eb8d8148308a14fc1b668c3e17d558cc339e0295e288f4cacaf4e2e

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2x82fkCMGUVy57MkjmocaW2NNv8/modules.tar.xz
sha256sum	07b80db55c46bb7e71e92134a37f3185bcd0da1c71552ff3a0f50f901a05a4fb

durations

tests

boot	0
kunit	322.83

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit KNOWN ISSUE

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit KNOWN ISSUE