Date
July 12, 2025, 11:09 a.m.
| Environment | |
|---|---|
| qemu-arm64 |
[ 20.822911] ================================================================== [ 20.823131] BUG: KFENCE: use-after-free read in kmem_cache_rcu_uaf+0x1f4/0x468 [ 20.823131] [ 20.823336] Use-after-free read at 0x00000000a6896088 (in kfence-#94): [ 20.823445] kmem_cache_rcu_uaf+0x1f4/0x468 [ 20.823547] kunit_try_run_case+0x170/0x3f0 [ 20.823641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.823740] kthread+0x328/0x630 [ 20.823816] ret_from_fork+0x10/0x20 [ 20.825496] [ 20.825574] kfence-#94: 0x00000000a6896088-0x00000000f606a18e, size=200, cache=test_cache [ 20.825574] [ 20.826009] allocated by task 214 on cpu 0 at 20.676610s (0.149384s ago): [ 20.826508] kmem_cache_rcu_uaf+0x12c/0x468 [ 20.826622] kunit_try_run_case+0x170/0x3f0 [ 20.826714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.826813] kthread+0x328/0x630 [ 20.827287] ret_from_fork+0x10/0x20 [ 20.827557] [ 20.827739] freed by task 214 on cpu 0 at 20.676752s (0.150974s ago): [ 20.828111] kmem_cache_rcu_uaf+0x16c/0x468 [ 20.828196] kunit_try_run_case+0x170/0x3f0 [ 20.828583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.828700] kthread+0x328/0x630 [ 20.828937] ret_from_fork+0x10/0x20 [ 20.829216] [ 20.829533] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.829741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.829805] Hardware name: linux,dummy-virt (DT) [ 20.830198] ==================================================================