lkft/sashal-linus-next - v6.13-rc7-43871-g530dddedcd5a - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf

Date

July 18, 2025, 2:09 p.m.

Environment
qemu-arm64
qemu-x86_64

[   16.640204] ==================================================================
[   16.640273] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8
[   16.640363] Read of size 1 at addr fff00000c65b0000 by task kunit_try_catch/148
[   16.640439] 
[   16.640479] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.640560] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.640585] Hardware name: linux,dummy-virt (DT)
[   16.640615] Call trace:
[   16.640639]  show_stack+0x20/0x38 (C)
[   16.640689]  dump_stack_lvl+0x8c/0xd0
[   16.640974]  print_report+0x118/0x5d0
[   16.641123]  kasan_report+0xdc/0x128
[   16.641332]  __asan_report_load1_noabort+0x20/0x30
[   16.641440]  kmalloc_large_uaf+0x2cc/0x2f8
[   16.641534]  kunit_try_run_case+0x170/0x3f0
[   16.641630]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.641783]  kthread+0x328/0x630
[   16.642015]  ret_from_fork+0x10/0x20
[   16.642254] 
[   16.642337] The buggy address belongs to the physical page:
[   16.642446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b0
[   16.642588] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   16.642727] raw: 0bfffe0000000000 fff00000da478c40 fff00000da478c40 0000000000000000
[   16.642823] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   16.642940] page dumped because: kasan: bad access detected
[   16.642970] 
[   16.642989] Memory state around the buggy address:
[   16.643363]  fff00000c65aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.643510]  fff00000c65aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.643554] >fff00000c65b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.643590]                    ^
[   16.643620]  fff00000c65b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.643661]  fff00000c65b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.643698] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

303EBflBPqSbIUkiUzReBHe3YjN

job_id

TEST:linaro@lkft#303EF25Pp9Vi9nJKRzPLQTha4DW

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303EF25Pp9Vi9nJKRzPLQTha4DW

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303ECYTm040GLO6kXFdSkAckpUQ/Image.gz
sha256sum	0cd43a55510452afcc094a9b71b52e570abcb0018a9c4b3e8c55713d88f43dcd

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303ECYTm040GLO6kXFdSkAckpUQ/modules.tar.xz
sha256sum	1123cbd40eab351130997a1b3dcec1375004e5d45c47d69105fc241be8d9036c

durations

tests

boot	0
kunit	182.38

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   16.337293] ==================================================================
[   16.337827] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8
[   16.338435] Read of size 1 at addr fff00000c669c000 by task kunit_try_catch/148
[   16.338535] 
[   16.338571] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.338650] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.338675] Hardware name: linux,dummy-virt (DT)
[   16.338823] Call trace:
[   16.338850]  show_stack+0x20/0x38 (C)
[   16.338992]  dump_stack_lvl+0x8c/0xd0
[   16.339069]  print_report+0x118/0x5d0
[   16.339229]  kasan_report+0xdc/0x128
[   16.339275]  __asan_report_load1_noabort+0x20/0x30
[   16.339342]  kmalloc_large_uaf+0x2cc/0x2f8
[   16.339412]  kunit_try_run_case+0x170/0x3f0
[   16.339458]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.339508]  kthread+0x328/0x630
[   16.339612]  ret_from_fork+0x10/0x20
[   16.339672] 
[   16.339700] The buggy address belongs to the physical page:
[   16.340013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10669c
[   16.340069] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   16.340131] raw: 0bfffe0000000000 fff00000da479c40 fff00000da479c40 0000000000000000
[   16.340183] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   16.340222] page dumped because: kasan: bad access detected
[   16.340252] 
[   16.340271] Memory state around the buggy address:
[   16.340538]  fff00000c669bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.340854]  fff00000c669bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.340897] >fff00000c669c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.340960]                    ^
[   16.340988]  fff00000c669c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.341029]  fff00000c669c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.341065] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

303Mu3ntpbAl90E7xFJwTYkz6hg

job_id

TEST:linaro@lkft#303MxbItH1xNBq5DVzgi5f9Vk9B

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303MxbItH1xNBq5DVzgi5f9Vk9B

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303MuvPW3SK4gLbQ1ALw5htqwSd/Image.gz
sha256sum	1d26a50b80602cf96dca0b9e5d4833d551bb9799e3e8f672f61c3fedb7c3633a

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303MuvPW3SK4gLbQ1ALw5htqwSd/modules.tar.xz
sha256sum	8d3b93659e4b7dd2c56e9a38da739978022e2707277d72909e50cc2549d4beb2

durations

tests

boot	0
kunit	169.06

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   16.375057] ==================================================================
[   16.375336] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8
[   16.375645] Read of size 1 at addr fff00000c76d4000 by task kunit_try_catch/148
[   16.375861] 
[   16.375971] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.376334] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.376600] Hardware name: linux,dummy-virt (DT)
[   16.376662] Call trace:
[   16.376881]  show_stack+0x20/0x38 (C)
[   16.377095]  dump_stack_lvl+0x8c/0xd0
[   16.377154]  print_report+0x118/0x5d0
[   16.377253]  kasan_report+0xdc/0x128
[   16.377582]  __asan_report_load1_noabort+0x20/0x30
[   16.377974]  kmalloc_large_uaf+0x2cc/0x2f8
[   16.378344]  kunit_try_run_case+0x170/0x3f0
[   16.378581]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.378880]  kthread+0x328/0x630
[   16.379050]  ret_from_fork+0x10/0x20
[   16.379430] 
[   16.379697] The buggy address belongs to the physical page:
[   16.379836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076d4
[   16.380480] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   16.380665] raw: 0bfffe0000000000 ffffc1ffc31db608 fff00000da457c40 0000000000000000
[   16.380991] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   16.381148] page dumped because: kasan: bad access detected
[   16.381700] 
[   16.381790] Memory state around the buggy address:
[   16.381827]  fff00000c76d3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.382358]  fff00000c76d3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.382430] >fff00000c76d4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.382635]                    ^
[   16.382970]  fff00000c76d4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.383018]  fff00000c76d4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.383056] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

303Sxu1j8OyuX5lG527CuRMl0zm

job_id

TEST:linaro@lkft#303T1aQDgvcqrgu9gN0OeLGQz0C

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303T1aQDgvcqrgu9gN0OeLGQz0C

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303Syw9B0zr00cacsipIIbuVtmO/Image.gz
sha256sum	5b11eefa6d464ac909c4aaf2b2e503862ad9b898749580b0c74823fda864756c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303Syw9B0zr00cacsipIIbuVtmO/modules.tar.xz
sha256sum	5f304fbdafbe519859f7c742752446676e8da2e281160c33189afc6b1f45e458

durations

tests

boot	0
kunit	175.36

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   11.507375] ==================================================================
[   11.508211] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340
[   11.508534] Read of size 1 at addr ffff888102824000 by task kunit_try_catch/166
[   11.508879] 
[   11.508994] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.509037] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.509047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.509067] Call Trace:
[   11.509079]  <TASK>
[   11.509093]  dump_stack_lvl+0x73/0xb0
[   11.509121]  print_report+0xd1/0x610
[   11.509148]  ? __virt_addr_valid+0x1db/0x2d0
[   11.509169]  ? kmalloc_large_uaf+0x2f1/0x340
[   11.509189]  ? kasan_addr_to_slab+0x11/0xa0
[   11.509208]  ? kmalloc_large_uaf+0x2f1/0x340
[   11.509229]  kasan_report+0x141/0x180
[   11.509251]  ? kmalloc_large_uaf+0x2f1/0x340
[   11.509277]  __asan_report_load1_noabort+0x18/0x20
[   11.509300]  kmalloc_large_uaf+0x2f1/0x340
[   11.509321]  ? __pfx_kmalloc_large_uaf+0x10/0x10
[   11.509343]  ? __schedule+0x10cc/0x2b60
[   11.509364]  ? __pfx_read_tsc+0x10/0x10
[   11.509384]  ? ktime_get_ts64+0x86/0x230
[   11.509407]  kunit_try_run_case+0x1a5/0x480
[   11.509431]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.509464]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.509538]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.509561]  ? __kthread_parkme+0x82/0x180
[   11.509581]  ? preempt_count_sub+0x50/0x80
[   11.509604]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.509628]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.509651]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.509674]  kthread+0x337/0x6f0
[   11.509692]  ? trace_preempt_on+0x20/0xc0
[   11.509714]  ? __pfx_kthread+0x10/0x10
[   11.509734]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.509755]  ? calculate_sigpending+0x7b/0xa0
[   11.509778]  ? __pfx_kthread+0x10/0x10
[   11.509799]  ret_from_fork+0x116/0x1d0
[   11.509816]  ? __pfx_kthread+0x10/0x10
[   11.509836]  ret_from_fork_asm+0x1a/0x30
[   11.509868]  </TASK>
[   11.509877] 
[   11.517239] The buggy address belongs to the physical page:
[   11.517547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102824
[   11.517908] flags: 0x200000000000000(node=0|zone=2)
[   11.518133] raw: 0200000000000000 ffffea00040a0a08 ffff888154839f80 0000000000000000
[   11.518597] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   11.518840] page dumped because: kasan: bad access detected
[   11.519085] 
[   11.519178] Memory state around the buggy address:
[   11.519399]  ffff888102823f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.519733]  ffff888102823f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.520040] >ffff888102824000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   11.520254]                    ^
[   11.520416]  ffff888102824080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   11.520847]  ffff888102824100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   11.521166] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

303EBflBPqSbIUkiUzReBHe3YjN

job_id

TEST:linaro@lkft#303EFrR321z66uMtHD4l4dQQryi

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303EFrR321z66uMtHD4l4dQQryi

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303EDHUQV2HWml6WToh69KJUFJb/bzImage
sha256sum	c220f70d9515ab3041e245bb6755df814c152e1bb2b5c646740fe1b3afdde8b5

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303EDHUQV2HWml6WToh69KJUFJb/modules.tar.xz
sha256sum	ab8bf28231ab6c259d2b1478935ea551409070bcef8061d01f520819ad2ce3b6

durations

tests

boot	0
kunit	217.45

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   11.627977] ==================================================================
[   11.628851] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340
[   11.629517] Read of size 1 at addr ffff888102a00000 by task kunit_try_catch/165
[   11.630259] 
[   11.630445] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.630495] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.630505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.630528] Call Trace:
[   11.630542]  <TASK>
[   11.630561]  dump_stack_lvl+0x73/0xb0
[   11.630594]  print_report+0xd1/0x610
[   11.630616]  ? __virt_addr_valid+0x1db/0x2d0
[   11.630641]  ? kmalloc_large_uaf+0x2f1/0x340
[   11.630661]  ? kasan_addr_to_slab+0x11/0xa0
[   11.630681]  ? kmalloc_large_uaf+0x2f1/0x340
[   11.630701]  kasan_report+0x141/0x180
[   11.630722]  ? kmalloc_large_uaf+0x2f1/0x340
[   11.630748]  __asan_report_load1_noabort+0x18/0x20
[   11.630772]  kmalloc_large_uaf+0x2f1/0x340
[   11.630792]  ? __pfx_kmalloc_large_uaf+0x10/0x10
[   11.630813]  ? __schedule+0x10cc/0x2b60
[   11.630835]  ? __pfx_read_tsc+0x10/0x10
[   11.630856]  ? ktime_get_ts64+0x86/0x230
[   11.630880]  kunit_try_run_case+0x1a5/0x480
[   11.630905]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.630926]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.630950]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.630972]  ? __kthread_parkme+0x82/0x180
[   11.630993]  ? preempt_count_sub+0x50/0x80
[   11.631028]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.631051]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.631074]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.631097]  kthread+0x337/0x6f0
[   11.631116]  ? trace_preempt_on+0x20/0xc0
[   11.631180]  ? __pfx_kthread+0x10/0x10
[   11.631200]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.631221]  ? calculate_sigpending+0x7b/0xa0
[   11.631259]  ? __pfx_kthread+0x10/0x10
[   11.631282]  ret_from_fork+0x116/0x1d0
[   11.631300]  ? __pfx_kthread+0x10/0x10
[   11.631319]  ret_from_fork_asm+0x1a/0x30
[   11.631350]  </TASK>
[   11.631360] 
[   11.645942] The buggy address belongs to the physical page:
[   11.646213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a00
[   11.647084] flags: 0x200000000000000(node=0|zone=2)
[   11.647612] raw: 0200000000000000 ffffea00040a8108 ffff88815b039f80 0000000000000000
[   11.648265] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   11.648710] page dumped because: kasan: bad access detected
[   11.648892] 
[   11.648971] Memory state around the buggy address:
[   11.649442]  ffff8881029fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.650171]  ffff8881029fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.650875] >ffff888102a00000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   11.651525]                    ^
[   11.651745]  ffff888102a00080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   11.652591]  ffff888102a00100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   11.653140] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

303Mu3ntpbAl90E7xFJwTYkz6hg

job_id

TEST:linaro@lkft#303MyNrXgiUK2WQ9kAj3BzGphCF

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303MyNrXgiUK2WQ9kAj3BzGphCF

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303MvjxJUPUp0dSFAYAM6r89zAg/bzImage
sha256sum	e715e0f52245accf83f401d29cc1c2f3b2a59bbdf3f5ad590c1c6f981a5169eb

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303MvjxJUPUp0dSFAYAM6r89zAg/modules.tar.xz
sha256sum	a6fb5fb0c5521f1f236c8b67ce1b76fdcd44954d158362bf4d88d0d9d544c595

durations

tests

boot	0
kunit	233.03

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   11.717262] ==================================================================
[   11.718012] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340
[   11.718321] Read of size 1 at addr ffff8881039d8000 by task kunit_try_catch/165
[   11.718734] 
[   11.718850] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.718907] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.718918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.718939] Call Trace:
[   11.718951]  <TASK>
[   11.718967]  dump_stack_lvl+0x73/0xb0
[   11.718998]  print_report+0xd1/0x610
[   11.719020]  ? __virt_addr_valid+0x1db/0x2d0
[   11.719043]  ? kmalloc_large_uaf+0x2f1/0x340
[   11.719063]  ? kasan_addr_to_slab+0x11/0xa0
[   11.719083]  ? kmalloc_large_uaf+0x2f1/0x340
[   11.719116]  kasan_report+0x141/0x180
[   11.719138]  ? kmalloc_large_uaf+0x2f1/0x340
[   11.719164]  __asan_report_load1_noabort+0x18/0x20
[   11.719188]  kmalloc_large_uaf+0x2f1/0x340
[   11.719209]  ? __pfx_kmalloc_large_uaf+0x10/0x10
[   11.719230]  ? __schedule+0x10cc/0x2b60
[   11.719252]  ? __pfx_read_tsc+0x10/0x10
[   11.719273]  ? ktime_get_ts64+0x86/0x230
[   11.719298]  kunit_try_run_case+0x1a5/0x480
[   11.719323]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.719344]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.719368]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.719391]  ? __kthread_parkme+0x82/0x180
[   11.719411]  ? preempt_count_sub+0x50/0x80
[   11.719435]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.719459]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.719482]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.719506]  kthread+0x337/0x6f0
[   11.719524]  ? trace_preempt_on+0x20/0xc0
[   11.719558]  ? __pfx_kthread+0x10/0x10
[   11.719578]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.719599]  ? calculate_sigpending+0x7b/0xa0
[   11.719623]  ? __pfx_kthread+0x10/0x10
[   11.719643]  ret_from_fork+0x116/0x1d0
[   11.719661]  ? __pfx_kthread+0x10/0x10
[   11.719681]  ret_from_fork_asm+0x1a/0x30
[   11.719713]  </TASK>
[   11.719724] 
[   11.727624] The buggy address belongs to the physical page:
[   11.727902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d8
[   11.728168] flags: 0x200000000000000(node=0|zone=2)
[   11.728344] raw: 0200000000000000 ffffea00040e7708 ffff88815b139f80 0000000000000000
[   11.729059] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   11.729401] page dumped because: kasan: bad access detected
[   11.729577] 
[   11.729674] Memory state around the buggy address:
[   11.730129]  ffff8881039d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.730384]  ffff8881039d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.730886] >ffff8881039d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   11.731190]                    ^
[   11.731346]  ffff8881039d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   11.731684]  ffff8881039d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   11.731986] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

303Sxu1j8OyuX5lG527CuRMl0zm

job_id

TEST:linaro@lkft#303T2OzuK6lIw4rRFlSAhCs7bnu

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303T2OzuK6lIw4rRFlSAhCs7bnu

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303Szma0mGNAiZG6rKGjPWN7fGT/bzImage
sha256sum	42041c61d6e46ef309c371e5fe2f53a0c6849e7beec0f7e1f396b9c65c0adbb2

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303Szma0mGNAiZG6rKGjPWN7fGT/modules.tar.xz
sha256sum	02cd970151971431ac5e5e4fcd602180a5476f25314259d1f76384cd0f280f1b

durations

tests

boot	0
kunit	226.78

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit