lkft/linux-next-master - next-20250718 - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc

Date

July 18, 2025, 1:09 p.m.

Environment
qemu-arm64
qemu-x86_64

[   64.908807] ==================================================================
[   64.908880] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830
[   64.908880] 
[   64.908965] Use-after-free read at 0x00000000a4e5f289 (in kfence-#182):
[   64.909018]  test_krealloc+0x51c/0x830
[   64.909061]  kunit_try_run_case+0x170/0x3f0
[   64.909123]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   64.909167]  kthread+0x328/0x630
[   64.909207]  ret_from_fork+0x10/0x20
[   64.909248] 
[   64.909273] kfence-#182: 0x00000000a4e5f289-0x000000000a8f2520, size=32, cache=kmalloc-32
[   64.909273] 
[   64.909327] allocated by task 368 on cpu 0 at 64.908191s (0.001133s ago):
[   64.909398]  test_alloc+0x29c/0x628
[   64.909435]  test_krealloc+0xc0/0x830
[   64.909472]  kunit_try_run_case+0x170/0x3f0
[   64.909512]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   64.909554]  kthread+0x328/0x630
[   64.909589]  ret_from_fork+0x10/0x20
[   64.909626] 
[   64.909651] freed by task 368 on cpu 0 at 64.908419s (0.001228s ago):
[   64.909711]  krealloc_noprof+0x148/0x360
[   64.909751]  test_krealloc+0x1dc/0x830
[   64.909789]  kunit_try_run_case+0x170/0x3f0
[   64.909827]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   64.909869]  kthread+0x328/0x630
[   64.909904]  ret_from_fork+0x10/0x20
[   64.909943] 
[   64.909984] CPU: 0 UID: 0 PID: 368 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250718 #1 PREEMPT 
[   64.910069] Tainted: [B]=BAD_PAGE, [N]=TEST
[   64.910108] Hardware name: linux,dummy-virt (DT)
[   64.910142] ==================================================================

KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc: Failure

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

3036v5IOku9kbGwPAxMzAEIc53c

job_id

TEST:linaro@lkft#3036zhqEIPBB9ZWiNqxrt9yzBCZ

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/3036zhqEIPBB9ZWiNqxrt9yzBCZ

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3036wEt97kKkGLPer9c9xRyYEUW/Image.gz
sha256sum	ef45bb451b92e0e364dae8f4a03204dbe06c728b275ab06b9f73ab6225c4cc39

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3036wEt97kKkGLPer9c9xRyYEUW/modules.tar.xz
sha256sum	5b93974edad32ed66a90059bce180e27102c332dbf4de7f92fd7321ca4fe262a

durations

tests

boot	0
kunit	167.80

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   61.330741] ==================================================================
[   61.331249] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0
[   61.331249] 
[   61.331685] Use-after-free read at 0x(____ptrval____) (in kfence-#158):
[   61.331948]  test_krealloc+0x6fc/0xbe0
[   61.332117]  kunit_try_run_case+0x1a5/0x480
[   61.332435]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   61.332624]  kthread+0x337/0x6f0
[   61.332740]  ret_from_fork+0x116/0x1d0
[   61.333108]  ret_from_fork_asm+0x1a/0x30
[   61.333384] 
[   61.333479] kfence-#158: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32
[   61.333479] 
[   61.333941] allocated by task 385 on cpu 1 at 61.330093s (0.003845s ago):
[   61.334295]  test_alloc+0x364/0x10f0
[   61.334434]  test_krealloc+0xad/0xbe0
[   61.334562]  kunit_try_run_case+0x1a5/0x480
[   61.334750]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   61.334987]  kthread+0x337/0x6f0
[   61.335197]  ret_from_fork+0x116/0x1d0
[   61.335333]  ret_from_fork_asm+0x1a/0x30
[   61.335465] 
[   61.335529] freed by task 385 on cpu 1 at 61.330378s (0.005149s ago):
[   61.335808]  krealloc_noprof+0x108/0x340
[   61.336036]  test_krealloc+0x226/0xbe0
[   61.336276]  kunit_try_run_case+0x1a5/0x480
[   61.336525]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   61.336754]  kthread+0x337/0x6f0
[   61.336867]  ret_from_fork+0x116/0x1d0
[   61.337105]  ret_from_fork_asm+0x1a/0x30
[   61.337316] 
[   61.337501] CPU: 1 UID: 0 PID: 385 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) 
[   61.338087] Tainted: [B]=BAD_PAGE, [N]=TEST
[   61.338240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   61.338656] ==================================================================

KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc: Failure

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

3036v5IOku9kbGwPAxMzAEIc53c

job_id

TEST:linaro@lkft#30370jamGaSAgcfW3PKLOLBtw8U

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30370jamGaSAgcfW3PKLOLBtw8U

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3036xDpRrR5V90dzCJK3rrsTyNi/bzImage
sha256sum	fe25299d7ea64504487f8eb839cd1708aceb4f0c82b81f45634bb8a73b3edfa6

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3036xDpRrR5V90dzCJK3rrsTyNi/modules.tar.xz
sha256sum	bb9109246fd36b7a8249a4772c2bee7e93157a7bc523efedb3b113d0ba7942ea

durations

tests

boot	0
kunit	224.21

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit KNOWN ISSUE Automatically assigned

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit KNOWN ISSUE Automatically assigned