lkft/linux-next-master - next-20250625 - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

June 25, 2025, 8:08 a.m.

Environment
qemu-arm64

[   29.628500] ==================================================================
[   29.628591] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   29.628753] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/281
[   29.628844] 
[   29.628924] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250625 #1 PREEMPT 
[   29.629163] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.629211] Hardware name: linux,dummy-virt (DT)
[   29.629246] Call trace:
[   29.629287]  show_stack+0x20/0x38 (C)
[   29.629340]  dump_stack_lvl+0x8c/0xd0
[   29.629433]  print_report+0x310/0x608
[   29.629510]  kasan_report+0xdc/0x128
[   29.629566]  __asan_report_load1_noabort+0x20/0x30
[   29.629670]  vmalloc_oob+0x578/0x5d0
[   29.629745]  kunit_try_run_case+0x170/0x3f0
[   29.629825]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.629907]  kthread+0x328/0x630
[   29.629952]  ret_from_fork+0x10/0x20
[   29.630002] 
[   29.630032] The buggy address belongs to the virtual mapping at
[   29.630032]  [ffff8000800fe000, ffff800080100000) created by:
[   29.630032]  vmalloc_oob+0x98/0x5d0
[   29.630248] 
[   29.630277] The buggy address belongs to the physical page:
[   29.630453] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786e
[   29.630533] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   29.630641] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   29.630706] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   29.630965] page dumped because: kasan: bad access detected
[   29.631131] 
[   29.631161] Memory state around the buggy address:
[   29.631198]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.631243]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.631569] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   29.631667]                                                              ^
[   29.631711]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   29.631755]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   29.631813] ==================================================================
[   29.632920] ==================================================================
[   29.632976] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   29.633055] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/281
[   29.633378] 
[   29.633442] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250625 #1 PREEMPT 
[   29.633530] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.633569] Hardware name: linux,dummy-virt (DT)
[   29.633648] Call trace:
[   29.633679]  show_stack+0x20/0x38 (C)
[   29.633730]  dump_stack_lvl+0x8c/0xd0
[   29.633778]  print_report+0x310/0x608
[   29.633823]  kasan_report+0xdc/0x128
[   29.633870]  __asan_report_load1_noabort+0x20/0x30
[   29.633917]  vmalloc_oob+0x51c/0x5d0
[   29.633962]  kunit_try_run_case+0x170/0x3f0
[   29.634022]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.634076]  kthread+0x328/0x630
[   29.634121]  ret_from_fork+0x10/0x20
[   29.634183] 
[   29.634210] The buggy address belongs to the virtual mapping at
[   29.634210]  [ffff8000800fe000, ffff800080100000) created by:
[   29.634210]  vmalloc_oob+0x98/0x5d0
[   29.634283] 
[   29.634314] The buggy address belongs to the physical page:
[   29.634346] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786e
[   29.634407] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   29.634467] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   29.634517] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   29.634559] page dumped because: kasan: bad access detected
[   29.634596] 
[   29.634642] Memory state around the buggy address:
[   29.634677]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.634893]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.635046] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   29.635090]                                                                 ^
[   29.635230]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   29.635284]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   29.635325] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2yzYOk343WUC6Wpt3myROi1ycEp

job_id

TEST:linaro@lkft#2yzYUHdREalZeVuTYEtZ0Vg4zyC

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yzYUHdREalZeVuTYEtZ0Vg4zyC

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yzYQLBlrPZKRLNAwKs2gdkoA38/Image.gz
sha256sum	ecffa73d9c53e178bc58f77e3a2aaadac22dbb2340351d938f09d8930cf3c815

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yzYQLBlrPZKRLNAwKs2gdkoA38/modules.tar.xz
sha256sum	d909e31b2675c9cfa4c6c68cb67b8b55a898f72165169b4030348d19c0ca4f80

durations

tests

boot	0
kunit	168.59

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit