lkft/linux-next-master - next-20250711 - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

July 11, 2025, 10:11 a.m.

Environment
e850-96
qemu-arm64

[   80.765891] ==================================================================
[   80.780266] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   80.786949] Read of size 1 at addr ffff800087c7d7f3 by task kunit_try_catch/353
[   80.794239] 
[   80.795724] CPU: 6 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   80.795782] Tainted: [B]=BAD_PAGE, [N]=TEST
[   80.795798] Hardware name: WinLink E850-96 board (DT)
[   80.795823] Call trace:
[   80.795841]  show_stack+0x20/0x38 (C)
[   80.795880]  dump_stack_lvl+0x8c/0xd0
[   80.795917]  print_report+0x310/0x5d0
[   80.795948]  kasan_report+0xdc/0x128
[   80.795973]  __asan_report_load1_noabort+0x20/0x30
[   80.796008]  vmalloc_oob+0x578/0x5d0
[   80.796037]  kunit_try_run_case+0x170/0x3f0
[   80.796077]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   80.796110]  kthread+0x328/0x630
[   80.796141]  ret_from_fork+0x10/0x20
[   80.796178] 
[   80.859173] The buggy address ffff800087c7d7f3 belongs to a vmalloc virtual mapping
[   80.866811] The buggy address belongs to the physical page:
[   80.872365] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x888889
[   80.880352] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   80.886870] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   80.894591] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   80.902311] page dumped because: kasan: bad access detected
[   80.907865] 
[   80.909342] Memory state around the buggy address:
[   80.914125]  ffff800087c7d680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   80.921323]  ffff800087c7d700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   80.928529] >ffff800087c7d780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   80.935729]                                                              ^
[   80.942591]  ffff800087c7d800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   80.949795]  ffff800087c7d880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   80.956997] ==================================================================
[   80.964301] ==================================================================
[   80.971407] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   80.978090] Read of size 1 at addr ffff800087c7d7f8 by task kunit_try_catch/353
[   80.985381] 
[   80.986864] CPU: 6 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   80.986915] Tainted: [B]=BAD_PAGE, [N]=TEST
[   80.986932] Hardware name: WinLink E850-96 board (DT)
[   80.986954] Call trace:
[   80.986967]  show_stack+0x20/0x38 (C)
[   80.987003]  dump_stack_lvl+0x8c/0xd0
[   80.987036]  print_report+0x310/0x5d0
[   80.987064]  kasan_report+0xdc/0x128
[   80.987090]  __asan_report_load1_noabort+0x20/0x30
[   80.987123]  vmalloc_oob+0x51c/0x5d0
[   80.987154]  kunit_try_run_case+0x170/0x3f0
[   80.987194]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   80.987226]  kthread+0x328/0x630
[   80.987256]  ret_from_fork+0x10/0x20
[   80.987292] 
[   81.050314] The buggy address ffff800087c7d7f8 belongs to a vmalloc virtual mapping
[   81.057953] The buggy address belongs to the physical page:
[   81.063509] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x888889
[   81.071493] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   81.078010] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   81.085734] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   81.093454] page dumped because: kasan: bad access detected
[   81.099008] 
[   81.100483] Memory state around the buggy address:
[   81.105262]  ffff800087c7d680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   81.112466]  ffff800087c7d700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   81.119671] >ffff800087c7d780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   81.126872]                                                                 ^
[   81.133994]  ffff800087c7d800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   81.141199]  ffff800087c7d880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   81.148399] ==================================================================

Metadata Full log Test run details

[   33.357055] ==================================================================
[   33.357113] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   33.357545] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/300
[   33.357652] 
[   33.357732] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   33.357903] Tainted: [B]=BAD_PAGE, [N]=TEST
[   33.357932] Hardware name: linux,dummy-virt (DT)
[   33.357966] Call trace:
[   33.358285]  show_stack+0x20/0x38 (C)
[   33.358420]  dump_stack_lvl+0x8c/0xd0
[   33.358793]  print_report+0x310/0x5d0
[   33.358955]  kasan_report+0xdc/0x128
[   33.359277]  __asan_report_load1_noabort+0x20/0x30
[   33.359488]  vmalloc_oob+0x51c/0x5d0
[   33.359841]  kunit_try_run_case+0x170/0x3f0
[   33.359963]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.360078]  kthread+0x328/0x630
[   33.360157]  ret_from_fork+0x10/0x20
[   33.360577] 
[   33.360635] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping
[   33.360785] The buggy address belongs to the physical page:
[   33.360843] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091c8
[   33.361206] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   33.361308] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   33.361477] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   33.361540] page dumped because: kasan: bad access detected
[   33.361663] 
[   33.361685] Memory state around the buggy address:
[   33.361722]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.361775]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.361821] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   33.362158]                                                                 ^
[   33.362349]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   33.362575]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   33.362697] ==================================================================
[   33.348944] ==================================================================
[   33.349036] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   33.349111] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/300
[   33.349165] 
[   33.349208] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   33.349310] Tainted: [B]=BAD_PAGE, [N]=TEST
[   33.350311] Hardware name: linux,dummy-virt (DT)
[   33.350746] Call trace:
[   33.350860]  show_stack+0x20/0x38 (C)
[   33.350930]  dump_stack_lvl+0x8c/0xd0
[   33.351030]  print_report+0x310/0x5d0
[   33.351221]  kasan_report+0xdc/0x128
[   33.351420]  __asan_report_load1_noabort+0x20/0x30
[   33.351719]  vmalloc_oob+0x578/0x5d0
[   33.351926]  kunit_try_run_case+0x170/0x3f0
[   33.352275]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.352435]  kthread+0x328/0x630
[   33.352523]  ret_from_fork+0x10/0x20
[   33.352712] 
[   33.352742] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping
[   33.352804] The buggy address belongs to the physical page:
[   33.353152] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091c8
[   33.353414] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   33.353594] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   33.353687] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   33.353734] page dumped because: kasan: bad access detected
[   33.353769] 
[   33.353804] Memory state around the buggy address:
[   33.354127]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.354280]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.354616] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   33.354680]                                                              ^
[   33.354820]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   33.354893]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   33.355289] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zizK5DpLdiSo5JTRmUPvSCnGxG

job_id

TEST:linaro@lkft#2zizOeD8Jm6gvF6WEX3HpY0Yiv3

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zizOeD8Jm6gvF6WEX3HpY0Yiv3

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zizLHXy0YY4Eb3Uvf7RBZBjPJe/Image.gz
sha256sum	37d9d8f3bf88d1e931fe46cf36571593b5a433a5d7333af6ff92cab414d2ee0c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zizLHXy0YY4Eb3Uvf7RBZBjPJe/modules.tar.xz
sha256sum	f716ec16fb4ddf54116cb1eb73ee916ed3bd359ff95e4d969af9a161c3cb0a9f

durations

tests

boot	0
kunit	172.65

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - e850-96 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit