Date
June 2, 2025, 2:11 p.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 |
[ 31.885707] ================================================================== [ 31.889174] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 31.896116] Free of addr ffff000802444001 by task kunit_try_catch/258 [ 31.902538] [ 31.904026] CPU: 7 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 31.904080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.904101] Hardware name: WinLink E850-96 board (DT) [ 31.904124] Call trace: [ 31.904138] show_stack+0x20/0x38 (C) [ 31.904178] dump_stack_lvl+0x8c/0xd0 [ 31.904214] print_report+0x118/0x608 [ 31.904246] kasan_report_invalid_free+0xc0/0xe8 [ 31.904280] check_slab_allocation+0xfc/0x108 [ 31.904312] __kasan_slab_pre_free+0x2c/0x48 [ 31.904340] kmem_cache_free+0xf0/0x468 [ 31.904371] kmem_cache_invalid_free+0x184/0x3c8 [ 31.904406] kunit_try_run_case+0x170/0x3f0 [ 31.904441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.904482] kthread+0x328/0x630 [ 31.904517] ret_from_fork+0x10/0x20 [ 31.904552] [ 31.975975] Allocated by task 258: [ 31.979363] kasan_save_stack+0x3c/0x68 [ 31.983179] kasan_save_track+0x20/0x40 [ 31.986999] kasan_save_alloc_info+0x40/0x58 [ 31.991251] __kasan_slab_alloc+0xa8/0xb0 [ 31.995244] kmem_cache_alloc_noprof+0x10c/0x398 [ 31.999845] kmem_cache_invalid_free+0x12c/0x3c8 [ 32.004446] kunit_try_run_case+0x170/0x3f0 [ 32.008612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.014081] kthread+0x328/0x630 [ 32.017293] ret_from_fork+0x10/0x20 [ 32.020852] [ 32.022329] The buggy address belongs to the object at ffff000802444000 [ 32.022329] which belongs to the cache test_cache of size 200 [ 32.034744] The buggy address is located 1 bytes inside of [ 32.034744] 200-byte region [ffff000802444000, ffff0008024440c8) [ 32.046285] [ 32.047764] The buggy address belongs to the physical page: [ 32.053322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882444 [ 32.061306] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 32.068945] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 32.075888] page_type: f5(slab) [ 32.079027] raw: 0bfffe0000000040 ffff000802440140 dead000000000122 0000000000000000 [ 32.086743] raw: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 32.094469] head: 0bfffe0000000040 ffff000802440140 dead000000000122 0000000000000000 [ 32.102280] head: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 32.110093] head: 0bfffe0000000001 fffffdffe0091101 00000000ffffffff 00000000ffffffff [ 32.117905] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 32.125711] page dumped because: kasan: bad access detected [ 32.131266] [ 32.132742] Memory state around the buggy address: [ 32.137525] ffff000802443f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.144726] ffff000802443f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.151931] >ffff000802444000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.159131] ^ [ 32.162346] ffff000802444080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 32.169551] ffff000802444100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.176754] ==================================================================
[ 19.695833] ================================================================== [ 19.696405] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 19.696641] Free of addr fff00000c3f48001 by task kunit_try_catch/214 [ 19.696687] [ 19.696803] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B W N 6.15.1-rc1 #1 PREEMPT [ 19.696905] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 19.697000] Hardware name: linux,dummy-virt (DT) [ 19.697038] Call trace: [ 19.697063] show_stack+0x20/0x38 (C) [ 19.697132] dump_stack_lvl+0x8c/0xd0 [ 19.697192] print_report+0x118/0x608 [ 19.697474] kasan_report_invalid_free+0xc0/0xe8 [ 19.697738] check_slab_allocation+0xfc/0x108 [ 19.697822] __kasan_slab_pre_free+0x2c/0x48 [ 19.697903] kmem_cache_free+0xf0/0x468 [ 19.698031] kmem_cache_invalid_free+0x184/0x3c8 [ 19.698130] kunit_try_run_case+0x170/0x3f0 [ 19.698322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.698617] kthread+0x328/0x630 [ 19.698717] ret_from_fork+0x10/0x20 [ 19.698823] [ 19.698929] Allocated by task 214: [ 19.698976] kasan_save_stack+0x3c/0x68 [ 19.699587] kasan_save_track+0x20/0x40 [ 19.699671] kasan_save_alloc_info+0x40/0x58 [ 19.699859] __kasan_slab_alloc+0xa8/0xb0 [ 19.699952] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.700011] kmem_cache_invalid_free+0x12c/0x3c8 [ 19.700432] kunit_try_run_case+0x170/0x3f0 [ 19.700541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.700695] kthread+0x328/0x630 [ 19.700776] ret_from_fork+0x10/0x20 [ 19.700848] [ 19.700932] The buggy address belongs to the object at fff00000c3f48000 [ 19.700932] which belongs to the cache test_cache of size 200 [ 19.701001] The buggy address is located 1 bytes inside of [ 19.701001] 200-byte region [fff00000c3f48000, fff00000c3f480c8) [ 19.701415] [ 19.701525] The buggy address belongs to the physical page: [ 19.701603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f48 [ 19.701725] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.701798] page_type: f5(slab) [ 19.701858] raw: 0bfffe0000000000 fff00000c586f780 dead000000000122 0000000000000000 [ 19.702013] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.702373] page dumped because: kasan: bad access detected [ 19.702525] [ 19.702575] Memory state around the buggy address: [ 19.702630] fff00000c3f47f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.703254] fff00000c3f47f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.703508] >fff00000c3f48000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.703556] ^ [ 19.706100] fff00000c3f48080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.706155] fff00000c3f48100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.706217] ==================================================================
[ 17.515600] ================================================================== [ 17.516252] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 17.516459] Free of addr ffff888102b38001 by task kunit_try_catch/232 [ 17.516790] [ 17.516965] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.517032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.517047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.517075] Call Trace: [ 17.517094] <TASK> [ 17.517120] dump_stack_lvl+0x73/0xb0 [ 17.517160] print_report+0xd1/0x650 [ 17.517188] ? __virt_addr_valid+0x1db/0x2d0 [ 17.517219] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.517246] ? kmem_cache_invalid_free+0x1d8/0x460 [ 17.517271] kasan_report_invalid_free+0x10a/0x130 [ 17.517298] ? kmem_cache_invalid_free+0x1d8/0x460 [ 17.517324] ? kmem_cache_invalid_free+0x1d8/0x460 [ 17.517347] check_slab_allocation+0x11f/0x130 [ 17.517372] __kasan_slab_pre_free+0x28/0x40 [ 17.517396] kmem_cache_free+0xed/0x420 [ 17.517421] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.517445] ? kmem_cache_invalid_free+0x1d8/0x460 [ 17.517550] kmem_cache_invalid_free+0x1d8/0x460 [ 17.517679] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 17.517706] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.517745] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 17.517790] kunit_try_run_case+0x1a5/0x480 [ 17.517824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.517850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.517879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.517906] ? __kthread_parkme+0x82/0x180 [ 17.517934] ? preempt_count_sub+0x50/0x80 [ 17.517966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.517994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.518023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.518053] kthread+0x337/0x6f0 [ 17.518074] ? trace_preempt_on+0x20/0xc0 [ 17.518117] ? __pfx_kthread+0x10/0x10 [ 17.518199] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.518245] ? calculate_sigpending+0x7b/0xa0 [ 17.518283] ? __pfx_kthread+0x10/0x10 [ 17.518311] ret_from_fork+0x41/0x80 [ 17.518342] ? __pfx_kthread+0x10/0x10 [ 17.518368] ret_from_fork_asm+0x1a/0x30 [ 17.518410] </TASK> [ 17.518429] [ 17.529881] Allocated by task 232: [ 17.530567] kasan_save_stack+0x45/0x70 [ 17.530979] kasan_save_track+0x18/0x40 [ 17.531298] kasan_save_alloc_info+0x3b/0x50 [ 17.532055] __kasan_slab_alloc+0x91/0xa0 [ 17.532534] kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.532911] kmem_cache_invalid_free+0x157/0x460 [ 17.533068] kunit_try_run_case+0x1a5/0x480 [ 17.533483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.533756] kthread+0x337/0x6f0 [ 17.534076] ret_from_fork+0x41/0x80 [ 17.534335] ret_from_fork_asm+0x1a/0x30 [ 17.534474] [ 17.534621] The buggy address belongs to the object at ffff888102b38000 [ 17.534621] which belongs to the cache test_cache of size 200 [ 17.535277] The buggy address is located 1 bytes inside of [ 17.535277] 200-byte region [ffff888102b38000, ffff888102b380c8) [ 17.535942] [ 17.536266] The buggy address belongs to the physical page: [ 17.536746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b38 [ 17.537120] flags: 0x200000000000000(node=0|zone=2) [ 17.537619] page_type: f5(slab) [ 17.537785] raw: 0200000000000000 ffff88810150cc80 dead000000000122 0000000000000000 [ 17.538322] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.538593] page dumped because: kasan: bad access detected [ 17.539037] [ 17.539339] Memory state around the buggy address: [ 17.539684] ffff888102b37f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.540231] ffff888102b37f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.540536] >ffff888102b38000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.540976] ^ [ 17.541167] ffff888102b38080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.541497] ffff888102b38100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.541977] ==================================================================