lkft/linux-stable-rc-linux-6.14.y - v6.14.9-74-gd9764ae24926 - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read

Date

June 2, 2025, 2:13 p.m.

Environment
qemu-arm64
qemu-x86_64

[   23.323356] ==================================================================
[   23.323908] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   23.323908] 
[   23.324492] Use-after-free read at 0x00000000b3eb8da3 (in kfence-#115):
[   23.324899]  test_use_after_free_read+0x114/0x248
[   23.325434]  kunit_try_run_case+0x170/0x3f0
[   23.325965]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.326420]  kthread+0x318/0x620
[   23.326868]  ret_from_fork+0x10/0x20
[   23.327358] 
[   23.327614] kfence-#115: 0x00000000b3eb8da3-0x00000000074baaa7, size=32, cache=test
[   23.327614] 
[   23.328477] allocated by task 287 on cpu 0 at 23.323010s (0.005454s ago):
[   23.329043]  test_alloc+0x230/0x628
[   23.329550]  test_use_after_free_read+0xd0/0x248
[   23.330020]  kunit_try_run_case+0x170/0x3f0
[   23.330467]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.330910]  kthread+0x318/0x620
[   23.331378]  ret_from_fork+0x10/0x20
[   23.331723] 
[   23.331961] freed by task 287 on cpu 0 at 23.323117s (0.008833s ago):
[   23.332477]  test_use_after_free_read+0xf0/0x248
[   23.333014]  kunit_try_run_case+0x170/0x3f0
[   23.333676]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.334068]  kthread+0x318/0x620
[   23.334729]  ret_from_fork+0x10/0x20
[   23.335209] 
[   23.335526] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G    B            N 6.14.10-rc1 #1
[   23.336081] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.336811] Hardware name: linux,dummy-virt (DT)
[   23.337140] ==================================================================
[   23.219303] ==================================================================
[   23.219836] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   23.219836] 
[   23.220456] Use-after-free read at 0x00000000d171f372 (in kfence-#114):
[   23.220836]  test_use_after_free_read+0x114/0x248
[   23.221353]  kunit_try_run_case+0x170/0x3f0
[   23.221826]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.222301]  kthread+0x318/0x620
[   23.222694]  ret_from_fork+0x10/0x20
[   23.223119] 
[   23.223394] kfence-#114: 0x00000000d171f372-0x00000000896c6e04, size=32, cache=kmalloc-32
[   23.223394] 
[   23.224089] allocated by task 285 on cpu 0 at 23.218834s (0.005243s ago):
[   23.224575]  test_alloc+0x29c/0x628
[   23.225020]  test_use_after_free_read+0xd0/0x248
[   23.225536]  kunit_try_run_case+0x170/0x3f0
[   23.226045]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.226583]  kthread+0x318/0x620
[   23.226932]  ret_from_fork+0x10/0x20
[   23.227361] 
[   23.227631] freed by task 285 on cpu 0 at 23.218956s (0.008663s ago):
[   23.228129]  test_use_after_free_read+0x1c0/0x248
[   23.228678]  kunit_try_run_case+0x170/0x3f0
[   23.229067]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.229662]  kthread+0x318/0x620
[   23.230100]  ret_from_fork+0x10/0x20
[   23.230454] 
[   23.230759] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G    B            N 6.14.10-rc1 #1
[   23.231449] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.231855] Hardware name: linux,dummy-virt (DT)
[   23.232364] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2xxIrjnY3qrEVj7fL32ZBFnpdUJ

job_id

TEST:linaro@lkft#2xxIwXuNlIzxQj0IpkkVRHMEZcO

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxIwXuNlIzxQj0IpkkVRHMEZcO

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIt2FGzQnKvGggP0xsi4xIwvI/Image.gz
sha256sum	32a8b72922f193882a307c25103255c66d67e9f963c008702ba8ba647a4a98c3

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIt2FGzQnKvGggP0xsi4xIwvI/modules.tar.xz
sha256sum	58cc75b6d61cea97f72b8fd292af11ead6934a75d8117cee65e72b5a129f94d4

durations

tests

boot	0
kunit	343.69

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   18.262052] ==================================================================
[   18.262417] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270
[   18.262417] 
[   18.262941] Use-after-free read at 0x(____ptrval____) (in kfence-#67):
[   18.263509]  test_use_after_free_read+0x12a/0x270
[   18.263935]  kunit_try_run_case+0x1a6/0x480
[   18.264243]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   18.264425]  kthread+0x324/0x6e0
[   18.264555]  ret_from_fork+0x41/0x80
[   18.264688]  ret_from_fork_asm+0x1a/0x30
[   18.264835] 
[   18.264911] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test
[   18.264911] 
[   18.265241] allocated by task 305 on cpu 0 at 18.261915s (0.003324s ago):
[   18.265508]  test_alloc+0x2a7/0x10f0
[   18.265641]  test_use_after_free_read+0xdd/0x270
[   18.265871]  kunit_try_run_case+0x1a6/0x480
[   18.266113]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   18.266292]  kthread+0x324/0x6e0
[   18.266462]  ret_from_fork+0x41/0x80
[   18.266751]  ret_from_fork_asm+0x1a/0x30
[   18.266959] 
[   18.267065] freed by task 305 on cpu 0 at 18.261962s (0.005101s ago):
[   18.267367]  test_use_after_free_read+0xfc/0x270
[   18.267621]  kunit_try_run_case+0x1a6/0x480
[   18.267798]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   18.267982]  kthread+0x324/0x6e0
[   18.268153]  ret_from_fork+0x41/0x80
[   18.268362]  ret_from_fork_asm+0x1a/0x30
[   18.268570] 
[   18.268798] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G    B            N 6.14.10-rc1 #1
[   18.269164] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.269371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   18.269743] ==================================================================
[   18.158132] ==================================================================
[   18.158552] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270
[   18.158552] 
[   18.159252] Use-after-free read at 0x(____ptrval____) (in kfence-#66):
[   18.159808]  test_use_after_free_read+0x12a/0x270
[   18.160149]  kunit_try_run_case+0x1a6/0x480
[   18.160365]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   18.160756]  kthread+0x324/0x6e0
[   18.161025]  ret_from_fork+0x41/0x80
[   18.161300]  ret_from_fork_asm+0x1a/0x30
[   18.161514] 
[   18.161763] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32
[   18.161763] 
[   18.162165] allocated by task 303 on cpu 1 at 18.157875s (0.004287s ago):
[   18.162491]  test_alloc+0x365/0x10f0
[   18.162686]  test_use_after_free_read+0xdd/0x270
[   18.162889]  kunit_try_run_case+0x1a6/0x480
[   18.163121]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   18.163376]  kthread+0x324/0x6e0
[   18.163497]  ret_from_fork+0x41/0x80
[   18.163640]  ret_from_fork_asm+0x1a/0x30
[   18.163870] 
[   18.164131] freed by task 303 on cpu 1 at 18.157942s (0.006106s ago):
[   18.164523]  test_use_after_free_read+0x1e9/0x270
[   18.164717]  kunit_try_run_case+0x1a6/0x480
[   18.164946]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   18.165196]  kthread+0x324/0x6e0
[   18.165361]  ret_from_fork+0x41/0x80
[   18.165553]  ret_from_fork_asm+0x1a/0x30
[   18.165727] 
[   18.165875] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G    B            N 6.14.10-rc1 #1
[   18.166266] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.166476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   18.166855] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2xxIrjnY3qrEVj7fL32ZBFnpdUJ

job_id

TEST:linaro@lkft#2xxIxn9sGUCjhYDADrJyFeeOXJo

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxIxn9sGUCjhYDADrJyFeeOXJo

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxItzMuImjAiaUtl4SAGohS14v/bzImage
sha256sum	a377c082a32d4d46ee2b75abc46da75add70fe012212fc2b65618c407015869d

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxItzMuImjAiaUtl4SAGohS14v/modules.tar.xz
sha256sum	7b365c5d60d997915f8a000edaa45aecbf60745fa7ace2e9d3d5e4c844fd9dc8

durations

tests

boot	0
kunit	193.97

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit