lkft/linux-next-master - next-20250618 - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

June 18, 2025, 6:43 a.m.

Environment
qemu-arm64

[   24.368207] ==================================================================
[   24.368578] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   24.369098] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/279
[   24.369187] 
[   24.369236] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc2-next-20250618 #1 PREEMPT 
[   24.369339] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   24.369374] Hardware name: linux,dummy-virt (DT)
[   24.369625] Call trace:
[   24.369670]  show_stack+0x20/0x38 (C)
[   24.370043]  dump_stack_lvl+0x8c/0xd0
[   24.370223]  print_report+0x310/0x608
[   24.370520]  kasan_report+0xdc/0x128
[   24.370854]  __asan_report_load1_noabort+0x20/0x30
[   24.370977]  vmalloc_oob+0x51c/0x5d0
[   24.371042]  kunit_try_run_case+0x170/0x3f0
[   24.371419]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.371804]  kthread+0x328/0x630
[   24.372071]  ret_from_fork+0x10/0x20
[   24.372194] 
[   24.372256] The buggy address belongs to the virtual mapping at
[   24.372256]  [ffff8000800fe000, ffff800080100000) created by:
[   24.372256]  vmalloc_oob+0x98/0x5d0
[   24.372608] 
[   24.372652] The buggy address belongs to the physical page:
[   24.372697] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107794
[   24.372911] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   24.373317] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   24.373390] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.373719] page dumped because: kasan: bad access detected
[   24.373776] 
[   24.373836] Memory state around the buggy address:
[   24.373884]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.374099]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.374296] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   24.374348]                                                                 ^
[   24.374400]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   24.374450]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   24.374747] ==================================================================
[   24.361115] ==================================================================
[   24.361218] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   24.361305] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/279
[   24.361366] 
[   24.361415] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc2-next-20250618 #1 PREEMPT 
[   24.361520] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   24.361556] Hardware name: linux,dummy-virt (DT)
[   24.361596] Call trace:
[   24.361628]  show_stack+0x20/0x38 (C)
[   24.361690]  dump_stack_lvl+0x8c/0xd0
[   24.361748]  print_report+0x310/0x608
[   24.361803]  kasan_report+0xdc/0x128
[   24.361854]  __asan_report_load1_noabort+0x20/0x30
[   24.361915]  vmalloc_oob+0x578/0x5d0
[   24.361968]  kunit_try_run_case+0x170/0x3f0
[   24.362462]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.363537]  kthread+0x328/0x630
[   24.364509]  ret_from_fork+0x10/0x20
[   24.364686] 
[   24.364765] The buggy address belongs to the virtual mapping at
[   24.364765]  [ffff8000800fe000, ffff800080100000) created by:
[   24.364765]  vmalloc_oob+0x98/0x5d0
[   24.364859] 
[   24.364888] The buggy address belongs to the physical page:
[   24.364960] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107794
[   24.365040] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   24.365393] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   24.365563] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.365621] page dumped because: kasan: bad access detected
[   24.365910] 
[   24.365973] Memory state around the buggy address:
[   24.366040]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.366097]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.366151] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   24.366212]                                                              ^
[   24.366258]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   24.366304]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   24.366345] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2yfcGW9dh5lrGX66CvXwpPC7okM

job_id

TEST:linaro@lkft#2yfcKukFQMOtwGu89FbiLnnYMcv

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yfcKukFQMOtwGu89FbiLnnYMcv

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yfcHe4K7nlJBWYp4ZhzLcSXWjn/Image.gz
sha256sum	79b35f965911e8ff982969cf0605b0bd2094f0c42bb36563e2c84399e66104a2

rootfs

url	https://storage.tuxboot.com/debian/20250605/trixie/arm64/rootfs.ext4.xz
sha256sum	905f5619346e1db164ac162d2472afab1c1502c840ccd8eb365c2a644148903b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yfcHe4K7nlJBWYp4ZhzLcSXWjn/modules.tar.xz
sha256sum	103eda217975c92326d72877fbd7b01adb7c5cccd1ce9b6932689a978eb4696f

durations

tests

boot	0
kunit	333.34

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit