lkft/sashal-linus-next - v6.13-rc7-43108-gb6b7fc407c99 - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

July 1, 2025, 12:10 a.m.

Environment
qemu-arm64

[   20.554574] ==================================================================
[   20.554681] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   20.554983] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269
[   20.555309] 
[   20.555364] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   20.555741] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.555790] Hardware name: linux,dummy-virt (DT)
[   20.555888] Call trace:
[   20.556506]  show_stack+0x20/0x38 (C)
[   20.556763]  dump_stack_lvl+0x8c/0xd0
[   20.556999]  print_report+0x310/0x608
[   20.557120]  kasan_report+0xdc/0x128
[   20.557354]  __asan_report_load1_noabort+0x20/0x30
[   20.557625]  vmalloc_oob+0x578/0x5d0
[   20.557902]  kunit_try_run_case+0x170/0x3f0
[   20.558172]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.558525]  kthread+0x328/0x630
[   20.558615]  ret_from_fork+0x10/0x20
[   20.558864] 
[   20.559043] The buggy address belongs to the virtual mapping at
[   20.559043]  [ffff8000800fe000, ffff800080100000) created by:
[   20.559043]  vmalloc_oob+0x98/0x5d0
[   20.559291] 
[   20.559640] The buggy address belongs to the physical page:
[   20.559689] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fc
[   20.559923] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.560235] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   20.560657] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.560758] page dumped because: kasan: bad access detected
[   20.560964] 
[   20.561045] Memory state around the buggy address:
[   20.561312]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.561403]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.561610] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   20.561830]                                                              ^
[   20.561915]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   20.562148]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   20.563006] ==================================================================
[   20.565052] ==================================================================
[   20.565242] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   20.565627] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269
[   20.565805] 
[   20.565928] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   20.566023] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.566051] Hardware name: linux,dummy-virt (DT)
[   20.566085] Call trace:
[   20.566109]  show_stack+0x20/0x38 (C)
[   20.566411]  dump_stack_lvl+0x8c/0xd0
[   20.566611]  print_report+0x310/0x608
[   20.566842]  kasan_report+0xdc/0x128
[   20.566902]  __asan_report_load1_noabort+0x20/0x30
[   20.567159]  vmalloc_oob+0x51c/0x5d0
[   20.567574]  kunit_try_run_case+0x170/0x3f0
[   20.567813]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.567909]  kthread+0x328/0x630
[   20.568157]  ret_from_fork+0x10/0x20
[   20.568390] 
[   20.568533] The buggy address belongs to the virtual mapping at
[   20.568533]  [ffff8000800fe000, ffff800080100000) created by:
[   20.568533]  vmalloc_oob+0x98/0x5d0
[   20.568647] 
[   20.568690] The buggy address belongs to the physical page:
[   20.568999] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fc
[   20.569640] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.569998] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   20.570115] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.570337] page dumped because: kasan: bad access detected
[   20.570551] 
[   20.570722] Memory state around the buggy address:
[   20.570763]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.570980]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.571212] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   20.571486]                                                                 ^
[   20.571719]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   20.571924]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   20.571972] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zFZ7AA8ZD9Hxk7VnRiY3mXiAkW

job_id

TEST:linaro@lkft#2zFZAgR4HGSChCPu8KuJLPt15ei

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zFZAgR4HGSChCPu8KuJLPt15ei

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zFZ8Eq0rkowvxSWbsvfUT0ci3V/Image.gz
sha256sum	f21f2f7031b771bca830a5b3afef9252dc911b1937cfdab3c3cb3770ee1dfdef

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zFZ8Eq0rkowvxSWbsvfUT0ci3V/modules.tar.xz
sha256sum	373376c87789d93a6bf9062ae250416e65b9f0b18e5cf538a39cc351f73c170d

durations

tests

boot	0
kunit	175.76

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit