lkft/linux-stable-rc-linux-6.15.y - v6.15.4-264-gf6977c36decb - log-parser-boot/kfence-bug-kfence-use-after-free-write-in-__memset

Date

July 4, 2025, 3:11 p.m.

Environment
qemu-arm64

[   15.675636] ==================================================================
[   15.676495] BUG: KFENCE: use-after-free write in __memset+0xc/0x20
[   15.676495] 
[   15.676925] Use-after-free write at 0x00000000c02c8890 (in kfence-#57):
[   15.677575]  __memset+0xc/0x20
[   15.677616]  kmalloc_uaf_memset+0x170/0x310
[   15.677900]  kunit_try_run_case+0x170/0x3f0
[   15.677995]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.678170]  kthread+0x328/0x630
[   15.678242]  ret_from_fork+0x10/0x20
[   15.678403] 
[   15.678885] kfence-#57: 0x00000000c02c8890-0x0000000004de3278, size=33, cache=kmalloc-64
[   15.678885] 
[   15.679922] allocated by task 191 on cpu 0 at 15.673777s (0.005932s ago):
[   15.681348]  kmalloc_uaf_memset+0xb8/0x310
[   15.681541]  kunit_try_run_case+0x170/0x3f0
[   15.681761]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.681815]  kthread+0x328/0x630
[   15.681851]  ret_from_fork+0x10/0x20
[   15.681999] 
[   15.682161] freed by task 191 on cpu 0 at 15.673839s (0.008221s ago):
[   15.682362]  kmalloc_uaf_memset+0x11c/0x310
[   15.682412]  kunit_try_run_case+0x170/0x3f0
[   15.682449]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.682493]  kthread+0x328/0x630
[   15.682536]  ret_from_fork+0x10/0x20
[   15.682590] 
[   15.682671] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G    B            N  6.15.5-rc2 #1 PREEMPT 
[   15.682926] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.683183] Hardware name: linux,dummy-virt (DT)
[   15.683271] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zPnxoxgfqLIMGwIhjY8YiWerZe

job_id

TEST:linaro@lkft#2zPo2I57qRsZQJxzVxwHE8t7FHh

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zPo2I57qRsZQJxzVxwHE8t7FHh

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zPnyxYPiqABaJxZ9acDEOmmQzx/Image.gz
sha256sum	327dd0d804120b39f71c58ea91214999e4c5cabcfe180191381a33c73e5cbb20

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zPnyxYPiqABaJxZ9acDEOmmQzx/modules.tar.xz
sha256sum	3cea64824b7650c49ea1931a18dc99c6bfdf185eb87f64d9aba8bc6614673c1b

durations

tests

boot	0
kunit	198.30

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit