lkft/linux-stable-rc-linux-6.12.y - v6.12.31-56-gce2ebbe0294c - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read

Date

June 2, 2025, 2:10 p.m.

Environment
qemu-arm64
qemu-x86_64

[   26.408253] ==================================================================
[   26.408904] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   26.408904] 
[   26.409674] Use-after-free read at 0x00000000adb4cf78 (in kfence-#109):
[   26.410128]  test_use_after_free_read+0x114/0x248
[   26.410786]  kunit_try_run_case+0x170/0x3f0
[   26.411348]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   26.412182]  kthread+0x24c/0x2d0
[   26.412752]  ret_from_fork+0x10/0x20
[   26.413302] 
[   26.413710] kfence-#109: 0x00000000adb4cf78-0x000000006474594f, size=32, cache=test
[   26.413710] 
[   26.414428] allocated by task 280 on cpu 0 at 26.407895s (0.006521s ago):
[   26.415195]  test_alloc+0x230/0x628
[   26.415565]  test_use_after_free_read+0xd0/0x248
[   26.416041]  kunit_try_run_case+0x170/0x3f0
[   26.416434]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   26.417013]  kthread+0x24c/0x2d0
[   26.417402]  ret_from_fork+0x10/0x20
[   26.417876] 
[   26.418136] freed by task 280 on cpu 0 at 26.407994s (0.010130s ago):
[   26.418931]  test_use_after_free_read+0xf0/0x248
[   26.419412]  kunit_try_run_case+0x170/0x3f0
[   26.419784]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   26.420315]  kthread+0x24c/0x2d0
[   26.420703]  ret_from_fork+0x10/0x20
[   26.421101] 
[   26.421410] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   26.422249] Tainted: [B]=BAD_PAGE, [N]=TEST
[   26.422709] Hardware name: linux,dummy-virt (DT)
[   26.423127] ==================================================================
[   26.304467] ==================================================================
[   26.305083] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   26.305083] 
[   26.305873] Use-after-free read at 0x00000000a0dc4f83 (in kfence-#108):
[   26.306601]  test_use_after_free_read+0x114/0x248
[   26.307129]  kunit_try_run_case+0x170/0x3f0
[   26.307700]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   26.308252]  kthread+0x24c/0x2d0
[   26.308700]  ret_from_fork+0x10/0x20
[   26.309031] 
[   26.309341] kfence-#108: 0x00000000a0dc4f83-0x000000006d46ef31, size=32, cache=kmalloc-32
[   26.309341] 
[   26.310218] allocated by task 278 on cpu 0 at 26.303994s (0.006211s ago):
[   26.310969]  test_alloc+0x29c/0x628
[   26.311399]  test_use_after_free_read+0xd0/0x248
[   26.311775]  kunit_try_run_case+0x170/0x3f0
[   26.312262]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   26.312856]  kthread+0x24c/0x2d0
[   26.313313]  ret_from_fork+0x10/0x20
[   26.313825] 
[   26.314371] freed by task 278 on cpu 0 at 26.304119s (0.010055s ago):
[   26.315168]  test_use_after_free_read+0x1c0/0x248
[   26.315710]  kunit_try_run_case+0x170/0x3f0
[   26.316068]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   26.316639]  kthread+0x24c/0x2d0
[   26.317099]  ret_from_fork+0x10/0x20
[   26.317619] 
[   26.317960] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   26.318788] Tainted: [B]=BAD_PAGE, [N]=TEST
[   26.319130] Hardware name: linux,dummy-virt (DT)
[   26.319532] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2xxIdguHQMrEdKxoALYIR9ORtte

job_id

TEST:linaro@lkft#2xxIi5L09t6kwacBs4tI1udRkOz

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxIi5L09t6kwacBs4tI1udRkOz

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIehear0M0Ft1sAorKdZqICoH/Image.gz
sha256sum	1699fd6562f7c67b73aebbbfc05df065ca914300415a41191475cca040c72e2b

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIehear0M0Ft1sAorKdZqICoH/modules.tar.xz
sha256sum	13068219ffd7182216805f46c87c8cd5d18ce5749d8957176cfe56777451bb79

durations

tests

boot	0
kunit	307.64

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   17.430925] ==================================================================
[   17.431344] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270
[   17.431344] 
[   17.431635] Use-after-free read at 0x(____ptrval____) (in kfence-#76):
[   17.431995]  test_use_after_free_read+0x12a/0x270
[   17.432454]  kunit_try_run_case+0x1a6/0x480
[   17.432642]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.432855]  kthread+0x257/0x310
[   17.433060]  ret_from_fork+0x41/0x80
[   17.433361]  ret_from_fork_asm+0x1a/0x30
[   17.433683] 
[   17.433933] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32
[   17.433933] 
[   17.434768] allocated by task 296 on cpu 1 at 17.430646s (0.004117s ago):
[   17.435050]  test_alloc+0x365/0x10f0
[   17.435280]  test_use_after_free_read+0xdd/0x270
[   17.435662]  kunit_try_run_case+0x1a6/0x480
[   17.436056]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.436445]  kthread+0x257/0x310
[   17.436607]  ret_from_fork+0x41/0x80
[   17.436786]  ret_from_fork_asm+0x1a/0x30
[   17.436981] 
[   17.437143] freed by task 296 on cpu 1 at 17.430758s (0.006361s ago):
[   17.437629]  test_use_after_free_read+0x1e9/0x270
[   17.437997]  kunit_try_run_case+0x1a6/0x480
[   17.438252]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.438503]  kthread+0x257/0x310
[   17.438810]  ret_from_fork+0x41/0x80
[   17.439109]  ret_from_fork_asm+0x1a/0x30
[   17.439532] 
[   17.439738] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   17.440396] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.440628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.441087] ==================================================================
[   17.534889] ==================================================================
[   17.535300] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270
[   17.535300] 
[   17.535619] Use-after-free read at 0x(____ptrval____) (in kfence-#77):
[   17.536058]  test_use_after_free_read+0x12a/0x270
[   17.536461]  kunit_try_run_case+0x1a6/0x480
[   17.536746]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.536972]  kthread+0x257/0x310
[   17.537894]  ret_from_fork+0x41/0x80
[   17.538374]  ret_from_fork_asm+0x1a/0x30
[   17.538724] 
[   17.538855] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test
[   17.538855] 
[   17.539414] allocated by task 298 on cpu 0 at 17.534660s (0.004748s ago):
[   17.539907]  test_alloc+0x2a7/0x10f0
[   17.540258]  test_use_after_free_read+0xdd/0x270
[   17.540636]  kunit_try_run_case+0x1a6/0x480
[   17.541015]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.541438]  kthread+0x257/0x310
[   17.541718]  ret_from_fork+0x41/0x80
[   17.541937]  ret_from_fork_asm+0x1a/0x30
[   17.542176] 
[   17.542366] freed by task 298 on cpu 0 at 17.534762s (0.007599s ago):
[   17.542779]  test_use_after_free_read+0xfc/0x270
[   17.543134]  kunit_try_run_case+0x1a6/0x480
[   17.543433]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.543815]  kthread+0x257/0x310
[   17.544092]  ret_from_fork+0x41/0x80
[   17.544410]  ret_from_fork_asm+0x1a/0x30
[   17.544732] 
[   17.544929] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   17.545375] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.545728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.546202] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2xxIdguHQMrEdKxoALYIR9ORtte

job_id

TEST:linaro@lkft#2xxIjQJxRrEeLpwsZsY9SnQG5nO

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxIjQJxRrEeLpwsZsY9SnQG5nO

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIfo3dmcsvEb3fP79mZuPfKgN/bzImage
sha256sum	f47939369a08d100f31f22eb9ab10753d515d52b53c2b455387dc257dc689080

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIfo3dmcsvEb3fP79mZuPfKgN/modules.tar.xz
sha256sum	3f0efe0d9f1c7488cb69dab3e9481c90b1ede5362ab3cae6ced46f43b3c86196

durations

tests

boot	0
kunit	261.07

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit