Date
July 25, 2025, 3:13 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 67.552360] ================================================================== [ 67.552465] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 67.552465] [ 67.552561] Use-after-free read at 0x00000000808e9a85 (in kfence-#205): [ 67.552614] test_krealloc+0x51c/0x830 [ 67.552678] kunit_try_run_case+0x170/0x3f0 [ 67.552724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 67.552769] kthread+0x328/0x630 [ 67.552810] ret_from_fork+0x10/0x20 [ 67.552851] [ 67.552876] kfence-#205: 0x00000000808e9a85-0x0000000099274d74, size=32, cache=kmalloc-32 [ 67.552876] [ 67.552932] allocated by task 369 on cpu 0 at 67.551488s (0.001440s ago): [ 67.553004] test_alloc+0x29c/0x628 [ 67.553042] test_krealloc+0xc0/0x830 [ 67.553077] kunit_try_run_case+0x170/0x3f0 [ 67.553118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 67.553161] kthread+0x328/0x630 [ 67.553196] ret_from_fork+0x10/0x20 [ 67.553234] [ 67.553258] freed by task 369 on cpu 0 at 67.551777s (0.001477s ago): [ 67.553319] krealloc_noprof+0x148/0x360 [ 67.553360] test_krealloc+0x1dc/0x830 [ 67.553396] kunit_try_run_case+0x170/0x3f0 [ 67.553435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 67.553475] kthread+0x328/0x630 [ 67.553512] ret_from_fork+0x10/0x20 [ 67.553549] [ 67.553597] CPU: 0 UID: 0 PID: 369 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 67.553691] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 67.553723] Hardware name: linux,dummy-virt (DT) [ 67.553759] ==================================================================
[ 60.972641] ================================================================== [ 60.973149] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 60.973149] [ 60.973562] Use-after-free read at 0x(____ptrval____) (in kfence-#143): [ 60.973858] test_krealloc+0x6fc/0xbe0 [ 60.974067] kunit_try_run_case+0x1a5/0x480 [ 60.974349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 60.974624] kthread+0x337/0x6f0 [ 60.974787] ret_from_fork+0x116/0x1d0 [ 60.974993] ret_from_fork_asm+0x1a/0x30 [ 60.975236] [ 60.975379] kfence-#143: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 60.975379] [ 60.975734] allocated by task 386 on cpu 1 at 60.972025s (0.003706s ago): [ 60.976073] test_alloc+0x364/0x10f0 [ 60.976351] test_krealloc+0xad/0xbe0 [ 60.976566] kunit_try_run_case+0x1a5/0x480 [ 60.976796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 60.976999] kthread+0x337/0x6f0 [ 60.977133] ret_from_fork+0x116/0x1d0 [ 60.977359] ret_from_fork_asm+0x1a/0x30 [ 60.977571] [ 60.977697] freed by task 386 on cpu 1 at 60.972289s (0.005406s ago): [ 60.978154] krealloc_noprof+0x108/0x340 [ 60.978301] test_krealloc+0x226/0xbe0 [ 60.978451] kunit_try_run_case+0x1a5/0x480 [ 60.978660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 60.978975] kthread+0x337/0x6f0 [ 60.979221] ret_from_fork+0x116/0x1d0 [ 60.979482] ret_from_fork_asm+0x1a/0x30 [ 60.979640] [ 60.979734] CPU: 1 UID: 0 PID: 386 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 60.980510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.980674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 60.981084] ==================================================================