lkft/linux-next-master - next-20250725 - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

July 25, 2025, 3:13 a.m.

Environment
qemu-arm64

[   35.504984] ==================================================================
[   35.505111] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   35.505333] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/301
[   35.505555] 
[   35.505628] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250725 #1 PREEMPT 
[   35.505784] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   35.505829] Hardware name: linux,dummy-virt (DT)
[   35.505868] Call trace:
[   35.505915]  show_stack+0x20/0x38 (C)
[   35.506133]  dump_stack_lvl+0x8c/0xd0
[   35.506187]  print_report+0x310/0x5e8
[   35.506234]  kasan_report+0xdc/0x128
[   35.506280]  __asan_report_load1_noabort+0x20/0x30
[   35.506675]  vmalloc_oob+0x578/0x5d0
[   35.506756]  kunit_try_run_case+0x170/0x3f0
[   35.506962]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.507151]  kthread+0x328/0x630
[   35.507495]  ret_from_fork+0x10/0x20
[   35.507704] 
[   35.507745] The buggy address belongs to a 1-page vmalloc region starting at 0xffff8000800fe000 allocated at vmalloc_oob+0x98/0x5d0
[   35.508047] The buggy address belongs to the physical page:
[   35.508112] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a9d
[   35.508210] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   35.508876] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   35.508964] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   35.509029] page dumped because: kasan: bad access detected
[   35.509225] 
[   35.509316] Memory state around the buggy address:
[   35.509549]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.509636]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.510018] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   35.510119]                                                              ^
[   35.510217]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   35.510350]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   35.510480] ==================================================================
[   35.512624] ==================================================================
[   35.512710] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   35.512776] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/301
[   35.513147] 
[   35.513281] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250725 #1 PREEMPT 
[   35.513398] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   35.513460] Hardware name: linux,dummy-virt (DT)
[   35.513495] Call trace:
[   35.513536]  show_stack+0x20/0x38 (C)
[   35.513788]  dump_stack_lvl+0x8c/0xd0
[   35.514163]  print_report+0x310/0x5e8
[   35.514376]  kasan_report+0xdc/0x128
[   35.514523]  __asan_report_load1_noabort+0x20/0x30
[   35.514598]  vmalloc_oob+0x51c/0x5d0
[   35.514727]  kunit_try_run_case+0x170/0x3f0
[   35.514782]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.514837]  kthread+0x328/0x630
[   35.515022]  ret_from_fork+0x10/0x20
[   35.515325] 
[   35.515392] The buggy address belongs to a 1-page vmalloc region starting at 0xffff8000800fe000 allocated at vmalloc_oob+0x98/0x5d0
[   35.515728] The buggy address belongs to the physical page:
[   35.515854] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a9d
[   35.516310] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   35.516418] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   35.516474] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   35.516518] page dumped because: kasan: bad access detected
[   35.516571] 
[   35.516601] Memory state around the buggy address:
[   35.516651]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.516712]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.516759] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   35.516808]                                                                 ^
[   35.516868]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   35.516922]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   35.516962] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

30LiGXj2ae9l37rDh9ES2ygGLcy

job_id

TEST:linaro@lkft#30LiLIPqWNQvRNRqDtBDxUwGxZz

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30LiLIPqWNQvRNRqDtBDxUwGxZz

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30LiHjVcRKNbgRBrU4jkvDoxC50/Image.gz
sha256sum	1f162015f4a75f9e6216abaa8065e831691a375e1ff18255465960f4188e179e

rootfs

url	https://storage.tuxboot.com/debian/20250722/trixie/arm64/rootfs.ext4.xz
sha256sum	4416595f610fe19a3fb374a6dd0942354bf27ddb827c7f1e8e5524ec95492466

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30LiHjVcRKNbgRBrU4jkvDoxC50/modules.tar.xz
sha256sum	874d5b7c11e52abbdf6f386f72a342d5a69f5ce0dd54af8193144a32e6d2a204

durations

tests

boot	0
kunit	181.35

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit