lkft/linux-stable-rc-linux-6.14.y - v6.14.10-25-g1927b72132da - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

June 7, 2025, 10:40 a.m.

Environment
qemu-arm64

[   30.812337] ==================================================================
[   30.813626] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   30.814500] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/258
[   30.815337] 
[   30.815650] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G    B            N 6.14.11-rc1 #1
[   30.815857] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.815961] Hardware name: linux,dummy-virt (DT)
[   30.816059] Call trace:
[   30.816129]  show_stack+0x20/0x38 (C)
[   30.816276]  dump_stack_lvl+0x8c/0xd0
[   30.816418]  print_report+0x310/0x608
[   30.816561]  kasan_report+0xdc/0x128
[   30.816705]  __asan_report_load1_noabort+0x20/0x30
[   30.816846]  vmalloc_oob+0x578/0x5d0
[   30.817017]  kunit_try_run_case+0x170/0x3f0
[   30.817152]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.817299]  kthread+0x318/0x620
[   30.817379]  ret_from_fork+0x10/0x20
[   30.817441] 
[   30.824008] The buggy address belongs to the virtual mapping at
[   30.824008]  [ffff80008010b000, ffff80008010d000) created by:
[   30.824008]  vmalloc_oob+0x98/0x5d0
[   30.826057] 
[   30.826545] The buggy address belongs to the physical page:
[   30.827109] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106366
[   30.828118] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   30.828988] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   30.830089] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   30.831010] page dumped because: kasan: bad access detected
[   30.831751] 
[   30.832238] Memory state around the buggy address:
[   30.832754]  ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.833967]  ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.834567] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   30.835246]                                                              ^
[   30.835987]  ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   30.836858]  ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   30.838033] ==================================================================
[   30.840768] ==================================================================
[   30.841584] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   30.842446] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/258
[   30.843303] 
[   30.843662] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G    B            N 6.14.11-rc1 #1
[   30.844192] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.844285] Hardware name: linux,dummy-virt (DT)
[   30.844380] Call trace:
[   30.844452]  show_stack+0x20/0x38 (C)
[   30.844594]  dump_stack_lvl+0x8c/0xd0
[   30.844667]  print_report+0x310/0x608
[   30.844728]  kasan_report+0xdc/0x128
[   30.844788]  __asan_report_load1_noabort+0x20/0x30
[   30.844849]  vmalloc_oob+0x51c/0x5d0
[   30.845066]  kunit_try_run_case+0x170/0x3f0
[   30.845262]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.845339]  kthread+0x318/0x620
[   30.845399]  ret_from_fork+0x10/0x20
[   30.845458] 
[   30.852254] The buggy address belongs to the virtual mapping at
[   30.852254]  [ffff80008010b000, ffff80008010d000) created by:
[   30.852254]  vmalloc_oob+0x98/0x5d0
[   30.853862] 
[   30.854252] The buggy address belongs to the physical page:
[   30.855354] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106366
[   30.856145] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   30.857287] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   30.858380] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   30.859617] page dumped because: kasan: bad access detected
[   30.860714] 
[   30.861397] Memory state around the buggy address:
[   30.862393]  ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.863339]  ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.864340] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   30.865305]                                                                 ^
[   30.866154]  ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   30.867097]  ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   30.867973] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2yB0eM52aWnpBzat5wiiqw9rWLe

job_id

TEST:linaro@lkft#2yB0jDj3dzoKAVHewXjQjbfx00X

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yB0jDj3dzoKAVHewXjQjbfx00X

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yB0fiECQTyCzg0gk2BL2iLGGgS/Image.gz
sha256sum	59317a9b1325f69b70eacbe0d68aae469f41cd3de2d350f0a01cc93b16483b66

rootfs

url	https://storage.tuxboot.com/debian/20250605/trixie/arm64/rootfs.ext4.xz
sha256sum	905f5619346e1db164ac162d2472afab1c1502c840ccd8eb365c2a644148903b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yB0fiECQTyCzg0gk2BL2iLGGgS/modules.tar.xz
sha256sum	e93dd590b175415cb1602cfbff2f87d3a29514f7a8e4b42f3d9cf2e1857c5d45

durations

tests

boot	0
kunit	325.17

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit