lkft/linux-next-master - next-20250718 - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read

Date

July 18, 2025, 1:09 p.m.

Environment
qemu-arm64
qemu-x86_64

[   35.997205] ==================================================================
[   35.997318] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   35.997318] 
[   35.997400] Use-after-free read at 0x0000000089c33237 (in kfence-#126):
[   35.997521]  test_use_after_free_read+0x114/0x248
[   35.997572]  kunit_try_run_case+0x170/0x3f0
[   35.997614]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.997939]  kthread+0x328/0x630
[   35.998009]  ret_from_fork+0x10/0x20
[   35.998067] 
[   35.998104] kfence-#126: 0x0000000089c33237-0x0000000003f57add, size=32, cache=test
[   35.998104] 
[   35.998155] allocated by task 328 on cpu 0 at 35.996730s (0.001421s ago):
[   35.998692]  test_alloc+0x230/0x628
[   35.998783]  test_use_after_free_read+0xd0/0x248
[   35.998829]  kunit_try_run_case+0x170/0x3f0
[   35.998928]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.998973]  kthread+0x328/0x630
[   35.999009]  ret_from_fork+0x10/0x20
[   35.999218] 
[   35.999356] freed by task 328 on cpu 0 at 35.997061s (0.002287s ago):
[   35.999537]  test_use_after_free_read+0xf0/0x248
[   35.999604]  kunit_try_run_case+0x170/0x3f0
[   35.999650]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.999750]  kthread+0x328/0x630
[   35.999787]  ret_from_fork+0x10/0x20
[   35.999920] 
[   36.000322] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250718 #1 PREEMPT 
[   36.000475] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.000600] Hardware name: linux,dummy-virt (DT)
[   36.000687] ==================================================================
[   35.893576] ==================================================================
[   35.893909] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   35.893909] 
[   35.894308] Use-after-free read at 0x0000000017f7fd76 (in kfence-#125):
[   35.894431]  test_use_after_free_read+0x114/0x248
[   35.894485]  kunit_try_run_case+0x170/0x3f0
[   35.894543]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.894722]  kthread+0x328/0x630
[   35.894766]  ret_from_fork+0x10/0x20
[   35.895040] 
[   35.895093] kfence-#125: 0x0000000017f7fd76-0x0000000018bd24b1, size=32, cache=kmalloc-32
[   35.895093] 
[   35.895168] allocated by task 326 on cpu 0 at 35.892729s (0.002417s ago):
[   35.895248]  test_alloc+0x29c/0x628
[   35.895530]  test_use_after_free_read+0xd0/0x248
[   35.895592]  kunit_try_run_case+0x170/0x3f0
[   35.895649]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.895815]  kthread+0x328/0x630
[   35.896041]  ret_from_fork+0x10/0x20
[   35.896134] 
[   35.896759] freed by task 326 on cpu 0 at 35.892803s (0.003455s ago):
[   35.897367]  test_use_after_free_read+0x1c0/0x248
[   35.897528]  kunit_try_run_case+0x170/0x3f0
[   35.897599]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.897785]  kthread+0x328/0x630
[   35.897991]  ret_from_fork+0x10/0x20
[   35.898374] 
[   35.898649] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250718 #1 PREEMPT 
[   35.898931] Tainted: [B]=BAD_PAGE, [N]=TEST
[   35.899095] Hardware name: linux,dummy-virt (DT)
[   35.899205] ==================================================================

KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read: Failure

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

3036v5IOku9kbGwPAxMzAEIc53c

job_id

TEST:linaro@lkft#3036zhqEIPBB9ZWiNqxrt9yzBCZ

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/3036zhqEIPBB9ZWiNqxrt9yzBCZ

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3036wEt97kKkGLPer9c9xRyYEUW/Image.gz
sha256sum	ef45bb451b92e0e364dae8f4a03204dbe06c728b275ab06b9f73ab6225c4cc39

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3036wEt97kKkGLPer9c9xRyYEUW/modules.tar.xz
sha256sum	5b93974edad32ed66a90059bce180e27102c332dbf4de7f92fd7321ca4fe262a

durations

tests

boot	0
kunit	167.80

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   30.026274] ==================================================================
[   30.026692] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270
[   30.026692] 
[   30.027057] Use-after-free read at 0x(____ptrval____) (in kfence-#95):
[   30.027374]  test_use_after_free_read+0x129/0x270
[   30.027566]  kunit_try_run_case+0x1a5/0x480
[   30.027731]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   30.027987]  kthread+0x337/0x6f0
[   30.028153]  ret_from_fork+0x116/0x1d0
[   30.028343]  ret_from_fork_asm+0x1a/0x30
[   30.028517] 
[   30.028586] kfence-#95: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test
[   30.028586] 
[   30.028976] allocated by task 345 on cpu 0 at 30.026119s (0.002855s ago):
[   30.029255]  test_alloc+0x2a6/0x10f0
[   30.029429]  test_use_after_free_read+0xdc/0x270
[   30.029627]  kunit_try_run_case+0x1a5/0x480
[   30.029809]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   30.029977]  kthread+0x337/0x6f0
[   30.030090]  ret_from_fork+0x116/0x1d0
[   30.030215]  ret_from_fork_asm+0x1a/0x30
[   30.030414] 
[   30.030503] freed by task 345 on cpu 0 at 30.026181s (0.004320s ago):
[   30.030817]  test_use_after_free_read+0xfb/0x270
[   30.030971]  kunit_try_run_case+0x1a5/0x480
[   30.031113]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   30.031363]  kthread+0x337/0x6f0
[   30.031539]  ret_from_fork+0x116/0x1d0
[   30.031726]  ret_from_fork_asm+0x1a/0x30
[   30.031921] 
[   30.032030] CPU: 0 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) 
[   30.032493] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.032668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   30.033030] ==================================================================
[   29.922262] ==================================================================
[   29.922702] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270
[   29.922702] 
[   29.923248] Use-after-free read at 0x(____ptrval____) (in kfence-#94):
[   29.923502]  test_use_after_free_read+0x129/0x270
[   29.923726]  kunit_try_run_case+0x1a5/0x480
[   29.923937]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   29.924171]  kthread+0x337/0x6f0
[   29.924292]  ret_from_fork+0x116/0x1d0
[   29.924460]  ret_from_fork_asm+0x1a/0x30
[   29.924657] 
[   29.924753] kfence-#94: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32
[   29.924753] 
[   29.925080] allocated by task 343 on cpu 1 at 29.922055s (0.003022s ago):
[   29.925383]  test_alloc+0x364/0x10f0
[   29.925571]  test_use_after_free_read+0xdc/0x270
[   29.925790]  kunit_try_run_case+0x1a5/0x480
[   29.925974]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   29.926163]  kthread+0x337/0x6f0
[   29.926279]  ret_from_fork+0x116/0x1d0
[   29.926416]  ret_from_fork_asm+0x1a/0x30
[   29.926564] 
[   29.926654] freed by task 343 on cpu 1 at 29.922104s (0.004548s ago):
[   29.926954]  test_use_after_free_read+0x1e7/0x270
[   29.927173]  kunit_try_run_case+0x1a5/0x480
[   29.927339]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   29.927544]  kthread+0x337/0x6f0
[   29.927685]  ret_from_fork+0x116/0x1d0
[   29.927871]  ret_from_fork_asm+0x1a/0x30
[   29.928060] 
[   29.928155] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) 
[   29.928634] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.928810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   29.929143] ==================================================================

KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read: Failure

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

3036v5IOku9kbGwPAxMzAEIc53c

job_id

TEST:linaro@lkft#30370jamGaSAgcfW3PKLOLBtw8U

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30370jamGaSAgcfW3PKLOLBtw8U

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3036xDpRrR5V90dzCJK3rrsTyNi/bzImage
sha256sum	fe25299d7ea64504487f8eb839cd1708aceb4f0c82b81f45634bb8a73b3edfa6

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3036xDpRrR5V90dzCJK3rrsTyNi/modules.tar.xz
sha256sum	bb9109246fd36b7a8249a4772c2bee7e93157a7bc523efedb3b113d0ba7942ea

durations

tests

boot	0
kunit	224.21

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit KNOWN ISSUE Automatically assigned

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit KNOWN ISSUE Automatically assigned