lkft/linux-next-master - next-20250616 - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

June 16, 2025, 7:07 a.m.

Environment
qemu-arm64

[   22.919849] ==================================================================
[   22.919921] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   22.919991] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/278
[   22.920051] 
[   22.920093] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250616 #1 PREEMPT 
[   22.920197] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.920232] Hardware name: linux,dummy-virt (DT)
[   22.920271] Call trace:
[   22.920301]  show_stack+0x20/0x38 (C)
[   22.920359]  dump_stack_lvl+0x8c/0xd0
[   22.920413]  print_report+0x310/0x608
[   22.920467]  kasan_report+0xdc/0x128
[   22.920519]  __asan_report_load1_noabort+0x20/0x30
[   22.920574]  vmalloc_oob+0x51c/0x5d0
[   22.920625]  kunit_try_run_case+0x170/0x3f0
[   22.920678]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.920737]  kthread+0x328/0x630
[   22.921432]  ret_from_fork+0x10/0x20
[   22.921563] 
[   22.921600] The buggy address belongs to the virtual mapping at
[   22.921600]  [ffff8000800fe000, ffff800080100000) created by:
[   22.921600]  vmalloc_oob+0x98/0x5d0
[   22.921781] 
[   22.921982] The buggy address belongs to the physical page:
[   22.922034] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063bd
[   22.922150] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   22.922259] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   22.922384] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   22.922549] page dumped because: kasan: bad access detected
[   22.922593] 
[   22.922861] Memory state around the buggy address:
[   22.923109]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.923265]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.923322] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   22.923556]                                                                 ^
[   22.923741]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   22.923801]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   22.924001] ==================================================================
[   22.914647] ==================================================================
[   22.914748] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   22.914828] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/278
[   22.914915] 
[   22.914966] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250616 #1 PREEMPT 
[   22.915073] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.915111] Hardware name: linux,dummy-virt (DT)
[   22.915153] Call trace:
[   22.915189]  show_stack+0x20/0x38 (C)
[   22.915251]  dump_stack_lvl+0x8c/0xd0
[   22.915315]  print_report+0x310/0x608
[   22.915373]  kasan_report+0xdc/0x128
[   22.915428]  __asan_report_load1_noabort+0x20/0x30
[   22.915488]  vmalloc_oob+0x578/0x5d0
[   22.915543]  kunit_try_run_case+0x170/0x3f0
[   22.915602]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.915668]  kthread+0x328/0x630
[   22.915719]  ret_from_fork+0x10/0x20
[   22.915781] 
[   22.915821] The buggy address belongs to the virtual mapping at
[   22.915821]  [ffff8000800fe000, ffff800080100000) created by:
[   22.915821]  vmalloc_oob+0x98/0x5d0
[   22.917123] 
[   22.917157] The buggy address belongs to the physical page:
[   22.917199] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063bd
[   22.917308] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   22.917391] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   22.917454] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   22.917506] page dumped because: kasan: bad access detected
[   22.917581] 
[   22.917649] Memory state around the buggy address:
[   22.917699]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.917916]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.918089] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   22.918227]                                                              ^
[   22.918283]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   22.918675]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   22.918896] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2ya0ugKRCJtb13dVOA29wtwRk9p

job_id

TEST:linaro@lkft#2ya0zPCLTsXcgMlhuwl4B74eGRP

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2ya0zPCLTsXcgMlhuwl4B74eGRP

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ya0vm6yYjmTuogwAyFUW0mW6fI/Image.gz
sha256sum	a07f652b6ef2a3b23147f3c325e2115d921a305a0923eab0aef242be63afbe4f

rootfs

url	https://storage.tuxboot.com/debian/20250605/trixie/arm64/rootfs.ext4.xz
sha256sum	905f5619346e1db164ac162d2472afab1c1502c840ccd8eb365c2a644148903b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ya0vm6yYjmTuogwAyFUW0mW6fI/modules.tar.xz
sha256sum	793787324999d0aa7d217eac21d3f904d0017c4f6b9bafdc8cd21afd90a18cf2

durations

tests

boot	0
kunit	252.96

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit