lkft/linux-next-master - next-20250603 - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc

Date

June 3, 2025, 7:38 a.m.

Environment
qemu-arm64
qemu-x86_64

[   51.136323] ==================================================================
[   51.136375] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830
[   51.136375] 
[   51.136473] Use-after-free read at 0x00000000e33fe1fd (in kfence-#149):
[   51.136524]  test_krealloc+0x51c/0x830
[   51.136570]  kunit_try_run_case+0x170/0x3f0
[   51.136613]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   51.136658]  kthread+0x328/0x630
[   51.136696]  ret_from_fork+0x10/0x20
[   51.136736] 
[   51.136760] kfence-#149: 0x00000000e33fe1fd-0x00000000da82f877, size=32, cache=kmalloc-32
[   51.136760] 
[   51.136820] allocated by task 337 on cpu 0 at 51.135725s (0.001085s ago):
[   51.136886]  test_alloc+0x29c/0x628
[   51.136926]  test_krealloc+0xc0/0x830
[   51.136966]  kunit_try_run_case+0x170/0x3f0
[   51.137005]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   51.137050]  kthread+0x328/0x630
[   51.137084]  ret_from_fork+0x10/0x20
[   51.137122] 
[   51.137145] freed by task 337 on cpu 0 at 51.135937s (0.001206s ago):
[   51.137206]  krealloc_noprof+0x148/0x360
[   51.137246]  test_krealloc+0x1dc/0x830
[   51.137285]  kunit_try_run_case+0x170/0x3f0
[   51.137324]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   51.137367]  kthread+0x328/0x630
[   51.137403]  ret_from_fork+0x10/0x20
[   51.137451] 
[   51.137495] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250603 #1 PREEMPT 
[   51.137575] Tainted: [B]=BAD_PAGE, [N]=TEST
[   51.137605] Hardware name: linux,dummy-virt (DT)
[   51.137640] ==================================================================

KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc: Failure

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2xzM3oRvKtIZJSjOMliP3GqGi7X

job_id

TEST:linaro@lkft#2xzM8XnnCGj8ubqXi8XliFPzzGU

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xzM8XnnCGj8ubqXi8XliFPzzGU

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xzM538mN80fADe1LXZyIEhRSTS/Image.gz
sha256sum	2c61ffcef56d12e7e85681be7d2e449dad72bb84fd1e724ba956398ec9f29815

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xzM538mN80fADe1LXZyIEhRSTS/modules.tar.xz
sha256sum	399b7e6ffb3d7e5b4689c9f8aaf903f837de7797423a8699dda2ca14b4cab306

durations

tests

boot	0
kunit	184.03

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   52.190395] ==================================================================
[   52.190893] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0
[   52.190893] 
[   52.191252] Use-after-free read at 0x(____ptrval____) (in kfence-#160):
[   52.191702]  test_krealloc+0x6fc/0xbe0
[   52.191893]  kunit_try_run_case+0x1a5/0x480
[   52.192250]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   52.192728]  kthread+0x337/0x6f0
[   52.192929]  ret_from_fork+0x116/0x1d0
[   52.193132]  ret_from_fork_asm+0x1a/0x30
[   52.193522] 
[   52.193752] kfence-#160: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32
[   52.193752] 
[   52.194431] allocated by task 354 on cpu 1 at 52.189384s (0.005041s ago):
[   52.194944]  test_alloc+0x364/0x10f0
[   52.195350]  test_krealloc+0xad/0xbe0
[   52.195567]  kunit_try_run_case+0x1a5/0x480
[   52.195953]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   52.196195]  kthread+0x337/0x6f0
[   52.196387]  ret_from_fork+0x116/0x1d0
[   52.196758]  ret_from_fork_asm+0x1a/0x30
[   52.197138] 
[   52.197387] freed by task 354 on cpu 1 at 52.189915s (0.007467s ago):
[   52.197882]  krealloc_noprof+0x108/0x340
[   52.198302]  test_krealloc+0x226/0xbe0
[   52.198518]  kunit_try_run_case+0x1a5/0x480
[   52.198907]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   52.199401]  kthread+0x337/0x6f0
[   52.199671]  ret_from_fork+0x116/0x1d0
[   52.199913]  ret_from_fork_asm+0x1a/0x30
[   52.200295] 
[   52.200580] CPU: 1 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250603 #1 PREEMPT(voluntary) 
[   52.201088] Tainted: [B]=BAD_PAGE, [N]=TEST
[   52.201291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   52.201935] ==================================================================

KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc: Failure

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2xzM3oRvKtIZJSjOMliP3GqGi7X

job_id

TEST:linaro@lkft#2xzM9Qt22UENjnCVe0KdGcM1XGh

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xzM9Qt22UENjnCVe0KdGcM1XGh

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xzM6ILkoImerzJwt3i36435Qgd/bzImage
sha256sum	41dbba498607ed9b3739ff9baa3c174d4b2923681d46cae35f52620dbf9cdbb6

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xzM6ILkoImerzJwt3i36435Qgd/modules.tar.xz
sha256sum	525634634ad19a8da44f4fdbde0b46fb2b603649630081a93b095b171d4e28c6

durations

tests

boot	0
kunit	370.29

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit KNOWN ISSUE Automatically assigned

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit KNOWN ISSUE Automatically assigned