Hay
Sign in
Date
July 15, 2025, 2:10 p.m.

Environment
qemu-arm64 

[  107.963370] ==================================================================
[  107.963915] BUG: KASAN: double-free in __kmem_cache_free+0x15c/0x2a0
[  107.964579] Free of addr ffff0000c66abb00 by task kunit_try_catch/251
[  107.965328] 
[  107.965563] CPU: 1 PID: 251 Comm: kunit_try_catch Tainted: G    B            N 6.1.146-rc1 #1
[  107.966319] Hardware name: linux,dummy-virt (DT)
[  107.966793] Call trace:
[  107.967104]  dump_backtrace+0xe0/0x134
[  107.967551]  show_stack+0x20/0x2c
[  107.968266]  dump_stack_lvl+0x88/0xb4
[  107.968928]  print_report+0x158/0x44c
[  107.969314]  kasan_report_invalid_free+0xa8/0x13c
[  107.969823]  __kasan_slab_free+0x134/0x170
[  107.970272]  slab_free_freelist_hook+0xd8/0x1c0
[  107.970768]  __kmem_cache_free+0x15c/0x2a0
[  107.971230]  kfree+0x88/0x150
[  107.971601]  kfree_sensitive+0x2c/0x64
[  107.972068]  kmalloc_double_kzfree+0xcc/0x1e0
[  107.972768]  kunit_try_run_case+0x8c/0x124
[  107.973248]  kunit_generic_run_threadfn_adapter+0x38/0x54
[  107.973806]  kthread+0x15c/0x170
[  107.974202]  ret_from_fork+0x10/0x20
[  107.974644] 
[  107.974861] Allocated by task 251:
[  107.975236]  kasan_save_stack+0x3c/0x70
[  107.975654]  kasan_set_track+0x2c/0x40
[  107.976117]  kasan_save_alloc_info+0x24/0x34
[  107.976791]  __kasan_kmalloc+0xd4/0xe0
[  107.977220]  kmalloc_trace+0x8c/0x150
[  107.977659]  kmalloc_double_kzfree+0x9c/0x1e0
[  107.978137]  kunit_try_run_case+0x8c/0x124
[  107.978585]  kunit_generic_run_threadfn_adapter+0x38/0x54
[  107.979143]  kthread+0x15c/0x170
[  107.979534]  ret_from_fork+0x10/0x20
[  107.979972] 
[  107.980163] Freed by task 251:
[  107.980692]  kasan_save_stack+0x3c/0x70
[  107.981152]  kasan_set_track+0x2c/0x40
[  107.981598]  kasan_save_free_info+0x38/0x5c
[  107.982101]  __kasan_slab_free+0x100/0x170
[  107.982567]  slab_free_freelist_hook+0xd8/0x1c0
[  107.983066]  __kmem_cache_free+0x15c/0x2a0
[  107.983528]  kfree+0x88/0x150
[  107.983922]  kfree_sensitive+0x54/0x64
[  107.984379]  kmalloc_double_kzfree+0xbc/0x1e0
[  107.984895]  kunit_try_run_case+0x8c/0x124
[  107.985379]  kunit_generic_run_threadfn_adapter+0x38/0x54
[  107.985944]  kthread+0x15c/0x170
[  107.986400]  ret_from_fork+0x10/0x20
[  107.987898] 
[  107.988415] The buggy address belongs to the object at ffff0000c66abb00
[  107.988415]  which belongs to the cache kmalloc-128 of size 128
[  107.989625] The buggy address is located 0 bytes inside of
[  107.989625]  128-byte region [ffff0000c66abb00, ffff0000c66abb80)
[  107.990610] 
[  107.990880] The buggy address belongs to the physical page:
[  107.991410] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab
[  107.992274] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff)
[  107.993215] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300
[  107.993897] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  107.994534] page dumped because: kasan: bad access detected
[  107.994930] 
[  107.995117] Memory state around the buggy address:
[  107.995487]  ffff0000c66aba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[  107.996274]  ffff0000c66aba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  107.997320] >ffff0000c66abb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  107.998215]                    ^
[  107.998726]  ffff0000c66abb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  107.999635]  ffff0000c66abc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  108.000539] ==================================================================
Metadata Full log Test run details