lkft/linux-next-master - next-20250715 - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

July 15, 2025, 11:35 a.m.

Environment
e850-96
qemu-arm64

[   80.734994] ==================================================================
[   80.749391] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   80.756071] Read of size 1 at addr ffff800087c8d7f3 by task kunit_try_catch/350
[   80.763361] 
[   80.764845] CPU: 7 UID: 0 PID: 350 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250715 #1 PREEMPT 
[   80.764902] Tainted: [B]=BAD_PAGE, [N]=TEST
[   80.764920] Hardware name: WinLink E850-96 board (DT)
[   80.764942] Call trace:
[   80.764959]  show_stack+0x20/0x38 (C)
[   80.764996]  dump_stack_lvl+0x8c/0xd0
[   80.765032]  print_report+0x310/0x5d0
[   80.765061]  kasan_report+0xdc/0x128
[   80.765089]  __asan_report_load1_noabort+0x20/0x30
[   80.765124]  vmalloc_oob+0x578/0x5d0
[   80.765158]  kunit_try_run_case+0x170/0x3f0
[   80.765191]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   80.765229]  kthread+0x328/0x630
[   80.765258]  ret_from_fork+0x10/0x20
[   80.765295] 
[   80.828294] The buggy address ffff800087c8d7f3 belongs to a vmalloc virtual mapping
[   80.835933] The buggy address belongs to the physical page:
[   80.841489] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x888889
[   80.849473] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   80.855995] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   80.863713] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   80.871434] page dumped because: kasan: bad access detected
[   80.876987] 
[   80.878463] Memory state around the buggy address:
[   80.883242]  ffff800087c8d680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   80.890446]  ffff800087c8d700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   80.897650] >ffff800087c8d780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   80.904852]                                                              ^
[   80.911714]  ffff800087c8d800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   80.918917]  ffff800087c8d880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   80.926120] ==================================================================
[   80.933433] ==================================================================
[   80.940531] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   80.947212] Read of size 1 at addr ffff800087c8d7f8 by task kunit_try_catch/350
[   80.954504] 
[   80.955986] CPU: 7 UID: 0 PID: 350 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250715 #1 PREEMPT 
[   80.956042] Tainted: [B]=BAD_PAGE, [N]=TEST
[   80.956057] Hardware name: WinLink E850-96 board (DT)
[   80.956076] Call trace:
[   80.956088]  show_stack+0x20/0x38 (C)
[   80.956119]  dump_stack_lvl+0x8c/0xd0
[   80.956156]  print_report+0x310/0x5d0
[   80.956185]  kasan_report+0xdc/0x128
[   80.956212]  __asan_report_load1_noabort+0x20/0x30
[   80.956244]  vmalloc_oob+0x51c/0x5d0
[   80.956275]  kunit_try_run_case+0x170/0x3f0
[   80.956306]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   80.956342]  kthread+0x328/0x630
[   80.956373]  ret_from_fork+0x10/0x20
[   80.956408] 
[   81.019435] The buggy address ffff800087c8d7f8 belongs to a vmalloc virtual mapping
[   81.027076] The buggy address belongs to the physical page:
[   81.032632] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x888889
[   81.040615] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   81.047135] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   81.054856] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   81.062575] page dumped because: kasan: bad access detected
[   81.068130] 
[   81.069606] Memory state around the buggy address:
[   81.074387]  ffff800087c8d680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   81.081589]  ffff800087c8d700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   81.088793] >ffff800087c8d780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   81.095995]                                                                 ^
[   81.103116]  ffff800087c8d800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   81.110321]  ffff800087c8d880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   81.117522] ==================================================================

Metadata Full log Test run details

[   33.561343] ==================================================================
[   33.561420] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   33.561503] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/301
[   33.561556] 
[   33.561594] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250715 #1 PREEMPT 
[   33.561690] Tainted: [B]=BAD_PAGE, [N]=TEST
[   33.561717] Hardware name: linux,dummy-virt (DT)
[   33.562245] Call trace:
[   33.562287]  show_stack+0x20/0x38 (C)
[   33.562689]  dump_stack_lvl+0x8c/0xd0
[   33.562838]  print_report+0x310/0x5d0
[   33.562953]  kasan_report+0xdc/0x128
[   33.563120]  __asan_report_load1_noabort+0x20/0x30
[   33.563171]  vmalloc_oob+0x578/0x5d0
[   33.563219]  kunit_try_run_case+0x170/0x3f0
[   33.563270]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.563324]  kthread+0x328/0x630
[   33.563372]  ret_from_fork+0x10/0x20
[   33.563424] 
[   33.563460] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping
[   33.563522] The buggy address belongs to the physical page:
[   33.563557] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064f6
[   33.563790] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   33.563969] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   33.564184] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   33.564323] page dumped because: kasan: bad access detected
[   33.564390] 
[   33.564874] Memory state around the buggy address:
[   33.565136]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.565652]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.565707] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   33.565748]                                                              ^
[   33.565948]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   33.566250]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   33.566301] ==================================================================
[   33.569000] ==================================================================
[   33.569055] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   33.569576] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/301
[   33.569691] 
[   33.569726] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250715 #1 PREEMPT 
[   33.569813] Tainted: [B]=BAD_PAGE, [N]=TEST
[   33.569866] Hardware name: linux,dummy-virt (DT)
[   33.569900] Call trace:
[   33.569973]  show_stack+0x20/0x38 (C)
[   33.570112]  dump_stack_lvl+0x8c/0xd0
[   33.570532]  print_report+0x310/0x5d0
[   33.570777]  kasan_report+0xdc/0x128
[   33.570845]  __asan_report_load1_noabort+0x20/0x30
[   33.570895]  vmalloc_oob+0x51c/0x5d0
[   33.570943]  kunit_try_run_case+0x170/0x3f0
[   33.571137]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.571342]  kthread+0x328/0x630
[   33.571392]  ret_from_fork+0x10/0x20
[   33.571791] 
[   33.571822] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping
[   33.571967] The buggy address belongs to the physical page:
[   33.572020] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064f6
[   33.572075] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   33.572141] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   33.572193] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   33.572234] page dumped because: kasan: bad access detected
[   33.572267] 
[   33.572308] Memory state around the buggy address:
[   33.572474]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.572595]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.572641] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   33.572791]                                                                 ^
[   33.572833]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   33.572915]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   33.573068] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zuS6DosVUhzL9DaDmqO9nLybFJ

job_id

TEST:linaro@lkft#2zuSB6ZD0TprNwndx8osoZfzNbs

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zuSB6ZD0TprNwndx8osoZfzNbs

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zuS7fFjob8Lq2iSUNxlIF41bYW/Image.gz
sha256sum	118b4ece9a238a43bf808c098cf2bf253d887d33e129eb81e3c965d23e20b8c5

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zuS7fFjob8Lq2iSUNxlIF41bYW/modules.tar.xz
sha256sum	01435f1d178968cd8186d4f9b9cf47e1273301cd5c54bfdff2cd2593d26e1adb

durations

tests

boot	0
kunit	165.28

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - e850-96 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit