lkft/linux-stable-rc-linux-6.15.y - v6.15.6-193-ge6001d5f7944 - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read

Date

July 15, 2025, 2:09 p.m.

Environment
qemu-arm64
qemu-x86_64

[   22.714636] ==================================================================
[   22.714997] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   22.714997] 
[   22.715104] Use-after-free read at 0x0000000091d925ae (in kfence-#92):
[   22.715158]  test_use_after_free_read+0x114/0x248
[   22.715408]  kunit_try_run_case+0x170/0x3f0
[   22.715590]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.715650]  kthread+0x328/0x630
[   22.715752]  ret_from_fork+0x10/0x20
[   22.715793] 
[   22.715816] kfence-#92: 0x0000000091d925ae-0x00000000f8321f6c, size=32, cache=test
[   22.715816] 
[   22.716079] allocated by task 299 on cpu 0 at 22.714301s (0.001746s ago):
[   22.716267]  test_alloc+0x230/0x628
[   22.716407]  test_use_after_free_read+0xd0/0x248
[   22.716594]  kunit_try_run_case+0x170/0x3f0
[   22.716858]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.716906]  kthread+0x328/0x630
[   22.716944]  ret_from_fork+0x10/0x20
[   22.716983] 
[   22.717007] freed by task 299 on cpu 0 at 22.714513s (0.002491s ago):
[   22.717502]  test_use_after_free_read+0xf0/0x248
[   22.717560]  kunit_try_run_case+0x170/0x3f0
[   22.717625]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.717671]  kthread+0x328/0x630
[   22.717711]  ret_from_fork+0x10/0x20
[   22.717776] 
[   22.717861] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT 
[   22.718148] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.718183] Hardware name: linux,dummy-virt (DT)
[   22.718228] ==================================================================
[   22.607504] ==================================================================
[   22.607601] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248
[   22.607601] 
[   22.607693] Use-after-free read at 0x000000002ea02368 (in kfence-#91):
[   22.607745]  test_use_after_free_read+0x114/0x248
[   22.607790]  kunit_try_run_case+0x170/0x3f0
[   22.607834]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.607881]  kthread+0x328/0x630
[   22.608437]  ret_from_fork+0x10/0x20
[   22.608516] 
[   22.608974] kfence-#91: 0x000000002ea02368-0x0000000070e729a0, size=32, cache=kmalloc-32
[   22.608974] 
[   22.609097] allocated by task 297 on cpu 0 at 22.606974s (0.002098s ago):
[   22.609562]  test_alloc+0x29c/0x628
[   22.609628]  test_use_after_free_read+0xd0/0x248
[   22.609768]  kunit_try_run_case+0x170/0x3f0
[   22.609980]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.610570]  kthread+0x328/0x630
[   22.610746]  ret_from_fork+0x10/0x20
[   22.611083] 
[   22.611121] freed by task 297 on cpu 0 at 22.607079s (0.004037s ago):
[   22.611656]  test_use_after_free_read+0x1c0/0x248
[   22.611811]  kunit_try_run_case+0x170/0x3f0
[   22.611960]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.612009]  kthread+0x328/0x630
[   22.612047]  ret_from_fork+0x10/0x20
[   22.612679] 
[   22.612737] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT 
[   22.612955] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.612995] Hardware name: linux,dummy-virt (DT)
[   22.613045] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zuksIaOJhpjSmtbAsWt4KX8xLf

job_id

TEST:linaro@lkft#2zukwdBCddr8O80gGskAZRJ92TK

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zukwdBCddr8O80gGskAZRJ92TK

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zuktS95biAMQtU3jJQgFHtrRzl/Image.gz
sha256sum	b0e860f17b10076c4d346cc4e669f0a4314b9c47de014734fef43b203ae0e34e

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zuktS95biAMQtU3jJQgFHtrRzl/modules.tar.xz
sha256sum	ba72242d720b0973d3bbe494c38fcb449b610f739295df61530720aaf0f78e60

durations

tests

boot	0
kunit	190.02

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   16.060255] ==================================================================
[   16.060654] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270
[   16.060654] 
[   16.061117] Use-after-free read at 0x(____ptrval____) (in kfence-#70):
[   16.061398]  test_use_after_free_read+0x129/0x270
[   16.061578]  kunit_try_run_case+0x1a5/0x480
[   16.061799]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.062033]  kthread+0x337/0x6f0
[   16.062175]  ret_from_fork+0x41/0x80
[   16.062364]  ret_from_fork_asm+0x1a/0x30
[   16.062563] 
[   16.062644] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test
[   16.062644] 
[   16.063043] allocated by task 316 on cpu 1 at 16.060052s (0.002989s ago):
[   16.063354]  test_alloc+0x2a6/0x10f0
[   16.063484]  test_use_after_free_read+0xdc/0x270
[   16.063709]  kunit_try_run_case+0x1a5/0x480
[   16.063990]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.064241]  kthread+0x337/0x6f0
[   16.064362]  ret_from_fork+0x41/0x80
[   16.064579]  ret_from_fork_asm+0x1a/0x30
[   16.064789] 
[   16.064898] freed by task 316 on cpu 1 at 16.060101s (0.004794s ago):
[   16.065239]  test_use_after_free_read+0xfb/0x270
[   16.065501]  kunit_try_run_case+0x1a5/0x480
[   16.065659]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.065915]  kthread+0x337/0x6f0
[   16.066046]  ret_from_fork+0x41/0x80
[   16.066224]  ret_from_fork_asm+0x1a/0x30
[   16.066412] 
[   16.066542] CPU: 1 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT(voluntary) 
[   16.067044] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.067202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.067561] ==================================================================
[   15.956259] ==================================================================
[   15.956742] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270
[   15.956742] 
[   15.957207] Use-after-free read at 0x(____ptrval____) (in kfence-#69):
[   15.957451]  test_use_after_free_read+0x129/0x270
[   15.957662]  kunit_try_run_case+0x1a5/0x480
[   15.957893]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.958106]  kthread+0x337/0x6f0
[   15.958262]  ret_from_fork+0x41/0x80
[   15.958427]  ret_from_fork_asm+0x1a/0x30
[   15.958626] 
[   15.958717] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32
[   15.958717] 
[   15.959110] allocated by task 314 on cpu 0 at 15.956044s (0.003063s ago):
[   15.959419]  test_alloc+0x364/0x10f0
[   15.959550]  test_use_after_free_read+0xdc/0x270
[   15.959733]  kunit_try_run_case+0x1a5/0x480
[   15.960067]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.960241]  kthread+0x337/0x6f0
[   15.960359]  ret_from_fork+0x41/0x80
[   15.960533]  ret_from_fork_asm+0x1a/0x30
[   15.960732] 
[   15.960841] freed by task 314 on cpu 0 at 15.956109s (0.004729s ago):
[   15.961165]  test_use_after_free_read+0x1e7/0x270
[   15.961337]  kunit_try_run_case+0x1a5/0x480
[   15.961479]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.961730]  kthread+0x337/0x6f0
[   15.962007]  ret_from_fork+0x41/0x80
[   15.962159]  ret_from_fork_asm+0x1a/0x30
[   15.962352] 
[   15.962445] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT(voluntary) 
[   15.962777] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.963080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   15.963489] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zuksIaOJhpjSmtbAsWt4KX8xLf

job_id

TEST:linaro@lkft#2zukxmzNrsaISlcQpWi8gxQVWk6

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zukxmzNrsaISlcQpWi8gxQVWk6

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zukuSKMlE7br8rY3BGGi0kunXf/bzImage
sha256sum	6359b76b264b4bf459aa8408711bf0e517a07721ad97f1471de243ff17baef19

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zukuSKMlE7br8rY3BGGi0kunXf/modules.tar.xz
sha256sum	f6ea602678cc1fbeece7230b895aa5bbae863bca90c89576af624930df349f2a

durations

tests

boot	0
kunit	210.46

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit