Date
April 20, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 | |
| rk3399-rock-pi-4b |
[ 27.782119] ================================================================== [ 27.782386] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 27.782528] Read of size 8 at addr fff00000c67e4878 by task kunit_try_catch/283 [ 27.782707] [ 27.782851] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 27.784288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.784371] Hardware name: linux,dummy-virt (DT) [ 27.784465] Call trace: [ 27.784570] show_stack+0x20/0x38 (C) [ 27.785020] dump_stack_lvl+0x8c/0xd0 [ 27.785233] print_report+0x118/0x608 [ 27.785610] kasan_report+0xdc/0x128 [ 27.786019] __asan_report_load8_noabort+0x20/0x30 [ 27.786172] copy_to_kernel_nofault+0x204/0x250 [ 27.786319] copy_to_kernel_nofault_oob+0x158/0x418 [ 27.786863] kunit_try_run_case+0x170/0x3f0 [ 27.787020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.787158] kthread+0x328/0x630 [ 27.787280] ret_from_fork+0x10/0x20 [ 27.787427] [ 27.787565] Allocated by task 283: [ 27.787650] kasan_save_stack+0x3c/0x68 [ 27.788112] kasan_save_track+0x20/0x40 [ 27.788292] kasan_save_alloc_info+0x40/0x58 [ 27.788409] __kasan_kmalloc+0xd4/0xd8 [ 27.788515] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.788857] copy_to_kernel_nofault_oob+0xc8/0x418 [ 27.788990] kunit_try_run_case+0x170/0x3f0 [ 27.789095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.789267] kthread+0x328/0x630 [ 27.789374] ret_from_fork+0x10/0x20 [ 27.789523] [ 27.789626] The buggy address belongs to the object at fff00000c67e4800 [ 27.789626] which belongs to the cache kmalloc-128 of size 128 [ 27.789820] The buggy address is located 0 bytes to the right of [ 27.789820] allocated 120-byte region [fff00000c67e4800, fff00000c67e4878) [ 27.790027] [ 27.790411] The buggy address belongs to the physical page: [ 27.790506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067e4 [ 27.790647] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.791236] page_type: f5(slab) [ 27.791404] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.791609] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.792007] page dumped because: kasan: bad access detected [ 27.792102] [ 27.792157] Memory state around the buggy address: [ 27.792241] fff00000c67e4700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.792361] fff00000c67e4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.792478] >fff00000c67e4800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.792605] ^ [ 27.793067] fff00000c67e4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.793193] fff00000c67e4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.793295] ================================================================== [ 27.800693] ================================================================== [ 27.800829] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 27.801227] Write of size 8 at addr fff00000c67e4878 by task kunit_try_catch/283 [ 27.801724] [ 27.801803] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 27.802179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.802640] Hardware name: linux,dummy-virt (DT) [ 27.802760] Call trace: [ 27.802827] show_stack+0x20/0x38 (C) [ 27.802975] dump_stack_lvl+0x8c/0xd0 [ 27.803100] print_report+0x118/0x608 [ 27.803216] kasan_report+0xdc/0x128 [ 27.803377] kasan_check_range+0x100/0x1a8 [ 27.803531] __kasan_check_write+0x20/0x30 [ 27.803664] copy_to_kernel_nofault+0x8c/0x250 [ 27.803991] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 27.804146] kunit_try_run_case+0x170/0x3f0 [ 27.804292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.804437] kthread+0x328/0x630 [ 27.805153] ret_from_fork+0x10/0x20 [ 27.805353] [ 27.805409] Allocated by task 283: [ 27.805511] kasan_save_stack+0x3c/0x68 [ 27.805802] kasan_save_track+0x20/0x40 [ 27.806021] kasan_save_alloc_info+0x40/0x58 [ 27.806123] __kasan_kmalloc+0xd4/0xd8 [ 27.806231] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.806507] copy_to_kernel_nofault_oob+0xc8/0x418 [ 27.806654] kunit_try_run_case+0x170/0x3f0 [ 27.806755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.806899] kthread+0x328/0x630 [ 27.807030] ret_from_fork+0x10/0x20 [ 27.807687] [ 27.807751] The buggy address belongs to the object at fff00000c67e4800 [ 27.807751] which belongs to the cache kmalloc-128 of size 128 [ 27.808165] The buggy address is located 0 bytes to the right of [ 27.808165] allocated 120-byte region [fff00000c67e4800, fff00000c67e4878) [ 27.808428] [ 27.808481] The buggy address belongs to the physical page: [ 27.808558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067e4 [ 27.808685] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.808827] page_type: f5(slab) [ 27.809192] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.809388] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.809501] page dumped because: kasan: bad access detected [ 27.809579] [ 27.809645] Memory state around the buggy address: [ 27.809821] fff00000c67e4700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.809981] fff00000c67e4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.810657] >fff00000c67e4800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.810925] ^ [ 27.811098] fff00000c67e4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.811394] fff00000c67e4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.811768] ==================================================================
[ 15.354083] ================================================================== [ 15.355888] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 15.356467] Read of size 8 at addr ffff888102756778 by task kunit_try_catch/302 [ 15.357318] [ 15.357678] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.357733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.357748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.357779] Call Trace: [ 15.357794] <TASK> [ 15.357814] dump_stack_lvl+0x73/0xb0 [ 15.357845] print_report+0xd1/0x650 [ 15.357871] ? __virt_addr_valid+0x1db/0x2d0 [ 15.357896] ? copy_to_kernel_nofault+0x225/0x260 [ 15.357921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.357945] ? copy_to_kernel_nofault+0x225/0x260 [ 15.357970] kasan_report+0x141/0x180 [ 15.357994] ? copy_to_kernel_nofault+0x225/0x260 [ 15.358024] __asan_report_load8_noabort+0x18/0x20 [ 15.358046] copy_to_kernel_nofault+0x225/0x260 [ 15.358073] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 15.358099] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.358132] ? finish_task_switch.isra.0+0x153/0x700 [ 15.358158] ? __schedule+0x10cc/0x2b30 [ 15.358184] ? trace_hardirqs_on+0x37/0xe0 [ 15.358218] ? __pfx_read_tsc+0x10/0x10 [ 15.358239] ? ktime_get_ts64+0x86/0x230 [ 15.358266] kunit_try_run_case+0x1a5/0x480 [ 15.358291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.358314] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.358479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.358506] ? __kthread_parkme+0x82/0x180 [ 15.358531] ? preempt_count_sub+0x50/0x80 [ 15.358556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.358613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.358639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.358663] kthread+0x337/0x6f0 [ 15.358686] ? trace_preempt_on+0x20/0xc0 [ 15.358710] ? __pfx_kthread+0x10/0x10 [ 15.358733] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.358756] ? calculate_sigpending+0x7b/0xa0 [ 15.358780] ? __pfx_kthread+0x10/0x10 [ 15.358803] ret_from_fork+0x41/0x80 [ 15.358825] ? __pfx_kthread+0x10/0x10 [ 15.358847] ret_from_fork_asm+0x1a/0x30 [ 15.358881] </TASK> [ 15.358893] [ 15.375628] Allocated by task 302: [ 15.376079] kasan_save_stack+0x45/0x70 [ 15.376676] kasan_save_track+0x18/0x40 [ 15.377208] kasan_save_alloc_info+0x3b/0x50 [ 15.377889] __kasan_kmalloc+0xb7/0xc0 [ 15.378307] __kmalloc_cache_noprof+0x189/0x420 [ 15.378776] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.379438] kunit_try_run_case+0x1a5/0x480 [ 15.379766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.379954] kthread+0x337/0x6f0 [ 15.380081] ret_from_fork+0x41/0x80 [ 15.380392] ret_from_fork_asm+0x1a/0x30 [ 15.380893] [ 15.381059] The buggy address belongs to the object at ffff888102756700 [ 15.381059] which belongs to the cache kmalloc-128 of size 128 [ 15.382359] The buggy address is located 0 bytes to the right of [ 15.382359] allocated 120-byte region [ffff888102756700, ffff888102756778) [ 15.383288] [ 15.383375] The buggy address belongs to the physical page: [ 15.383596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102756 [ 15.384354] flags: 0x200000000000000(node=0|zone=2) [ 15.384817] page_type: f5(slab) [ 15.384948] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.385205] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.385976] page dumped because: kasan: bad access detected [ 15.386474] [ 15.386668] Memory state around the buggy address: [ 15.387160] ffff888102756600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.388384] ffff888102756680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.388668] >ffff888102756700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.388887] ^ [ 15.389104] ffff888102756780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.389319] ffff888102756800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.389579] ================================================================== [ 15.391572] ================================================================== [ 15.392024] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 15.392763] Write of size 8 at addr ffff888102756778 by task kunit_try_catch/302 [ 15.393312] [ 15.393425] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.393473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.393485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.393507] Call Trace: [ 15.393519] <TASK> [ 15.393533] dump_stack_lvl+0x73/0xb0 [ 15.393559] print_report+0xd1/0x650 [ 15.393584] ? __virt_addr_valid+0x1db/0x2d0 [ 15.393607] ? copy_to_kernel_nofault+0x99/0x260 [ 15.393631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.393655] ? copy_to_kernel_nofault+0x99/0x260 [ 15.393681] kasan_report+0x141/0x180 [ 15.393705] ? copy_to_kernel_nofault+0x99/0x260 [ 15.393736] kasan_check_range+0x10c/0x1c0 [ 15.393761] __kasan_check_write+0x18/0x20 [ 15.393795] copy_to_kernel_nofault+0x99/0x260 [ 15.393822] copy_to_kernel_nofault_oob+0x288/0x560 [ 15.393848] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.393872] ? finish_task_switch.isra.0+0x153/0x700 [ 15.393896] ? __schedule+0x10cc/0x2b30 [ 15.393919] ? trace_hardirqs_on+0x37/0xe0 [ 15.393951] ? __pfx_read_tsc+0x10/0x10 [ 15.393971] ? ktime_get_ts64+0x86/0x230 [ 15.393998] kunit_try_run_case+0x1a5/0x480 [ 15.394021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.394044] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.394067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.394092] ? __kthread_parkme+0x82/0x180 [ 15.394114] ? preempt_count_sub+0x50/0x80 [ 15.394139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.394163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.394186] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.394210] kthread+0x337/0x6f0 [ 15.394231] ? trace_preempt_on+0x20/0xc0 [ 15.394254] ? __pfx_kthread+0x10/0x10 [ 15.394277] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.394299] ? calculate_sigpending+0x7b/0xa0 [ 15.394333] ? __pfx_kthread+0x10/0x10 [ 15.394356] ret_from_fork+0x41/0x80 [ 15.394377] ? __pfx_kthread+0x10/0x10 [ 15.394400] ret_from_fork_asm+0x1a/0x30 [ 15.394432] </TASK> [ 15.394444] [ 15.402456] Allocated by task 302: [ 15.402635] kasan_save_stack+0x45/0x70 [ 15.402787] kasan_save_track+0x18/0x40 [ 15.402928] kasan_save_alloc_info+0x3b/0x50 [ 15.403193] __kasan_kmalloc+0xb7/0xc0 [ 15.403425] __kmalloc_cache_noprof+0x189/0x420 [ 15.403654] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.403856] kunit_try_run_case+0x1a5/0x480 [ 15.404047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.404305] kthread+0x337/0x6f0 [ 15.404569] ret_from_fork+0x41/0x80 [ 15.404757] ret_from_fork_asm+0x1a/0x30 [ 15.404932] [ 15.405005] The buggy address belongs to the object at ffff888102756700 [ 15.405005] which belongs to the cache kmalloc-128 of size 128 [ 15.405407] The buggy address is located 0 bytes to the right of [ 15.405407] allocated 120-byte region [ffff888102756700, ffff888102756778) [ 15.405942] [ 15.406037] The buggy address belongs to the physical page: [ 15.406320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102756 [ 15.406669] flags: 0x200000000000000(node=0|zone=2) [ 15.406832] page_type: f5(slab) [ 15.406952] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.407301] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.408191] page dumped because: kasan: bad access detected [ 15.408386] [ 15.408790] Memory state around the buggy address: [ 15.409040] ffff888102756600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.409727] ffff888102756680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.410249] >ffff888102756700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.410781] ^ [ 15.411088] ffff888102756780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.411786] ffff888102756800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.412299] ==================================================================
[ 25.667227] ================================================================== [ 25.668612] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 25.669307] Read of size 8 at addr ffff00001019f778 by task kunit_try_catch/335 [ 25.669978] [ 25.670156] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 25.670210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.670227] Hardware name: Radxa ROCK Pi 4B (DT) [ 25.670246] Call trace: [ 25.670259] show_stack+0x20/0x38 (C) [ 25.670296] dump_stack_lvl+0x8c/0xd0 [ 25.670330] print_report+0x118/0x608 [ 25.670363] kasan_report+0xdc/0x128 [ 25.670392] __asan_report_load8_noabort+0x20/0x30 [ 25.670428] copy_to_kernel_nofault+0x204/0x250 [ 25.670460] copy_to_kernel_nofault_oob+0x158/0x418 [ 25.670497] kunit_try_run_case+0x170/0x3f0 [ 25.670533] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.670574] kthread+0x328/0x630 [ 25.670609] ret_from_fork+0x10/0x20 [ 25.670643] [ 25.676693] Allocated by task 335: [ 25.677021] kasan_save_stack+0x3c/0x68 [ 25.677396] kasan_save_track+0x20/0x40 [ 25.677768] kasan_save_alloc_info+0x40/0x58 [ 25.678183] __kasan_kmalloc+0xd4/0xd8 [ 25.678546] __kmalloc_cache_noprof+0x15c/0x3c0 [ 25.678988] copy_to_kernel_nofault_oob+0xc8/0x418 [ 25.679452] kunit_try_run_case+0x170/0x3f0 [ 25.679859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.680385] kthread+0x328/0x630 [ 25.680710] ret_from_fork+0x10/0x20 [ 25.681060] [ 25.681215] The buggy address belongs to the object at ffff00001019f700 [ 25.681215] which belongs to the cache kmalloc-128 of size 128 [ 25.682350] The buggy address is located 0 bytes to the right of [ 25.682350] allocated 120-byte region [ffff00001019f700, ffff00001019f778) [ 25.683526] [ 25.683681] The buggy address belongs to the physical page: [ 25.684199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1019f [ 25.684933] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 25.685546] page_type: f5(slab) [ 25.685859] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 25.686576] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.687285] page dumped because: kasan: bad access detected [ 25.687802] [ 25.687955] Memory state around the buggy address: [ 25.688405] ffff00001019f600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.689072] ffff00001019f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.689740] >ffff00001019f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.690403] ^ [ 25.691060] ffff00001019f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.691726] ffff00001019f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.692390] ================================================================== [ 25.693455] ================================================================== [ 25.694139] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 25.694824] Write of size 8 at addr ffff00001019f778 by task kunit_try_catch/335 [ 25.695499] [ 25.695657] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 25.695695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.695707] Hardware name: Radxa ROCK Pi 4B (DT) [ 25.695720] Call trace: [ 25.695730] show_stack+0x20/0x38 (C) [ 25.695755] dump_stack_lvl+0x8c/0xd0 [ 25.695779] print_report+0x118/0x608 [ 25.695802] kasan_report+0xdc/0x128 [ 25.695823] kasan_check_range+0x100/0x1a8 [ 25.695846] __kasan_check_write+0x20/0x30 [ 25.695870] copy_to_kernel_nofault+0x8c/0x250 [ 25.695892] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 25.695918] kunit_try_run_case+0x170/0x3f0 [ 25.695944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.695973] kthread+0x328/0x630 [ 25.695998] ret_from_fork+0x10/0x20 [ 25.696022] [ 25.702318] Allocated by task 335: [ 25.702636] kasan_save_stack+0x3c/0x68 [ 25.703000] kasan_save_track+0x20/0x40 [ 25.703360] kasan_save_alloc_info+0x40/0x58 [ 25.703763] __kasan_kmalloc+0xd4/0xd8 [ 25.704116] __kmalloc_cache_noprof+0x15c/0x3c0 [ 25.704546] copy_to_kernel_nofault_oob+0xc8/0x418 [ 25.704995] kunit_try_run_case+0x170/0x3f0 [ 25.705390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.705902] kthread+0x328/0x630 [ 25.706214] ret_from_fork+0x10/0x20 [ 25.706554] [ 25.706702] The buggy address belongs to the object at ffff00001019f700 [ 25.706702] which belongs to the cache kmalloc-128 of size 128 [ 25.707821] The buggy address is located 0 bytes to the right of [ 25.707821] allocated 120-byte region [ffff00001019f700, ffff00001019f778) [ 25.708982] [ 25.709131] The buggy address belongs to the physical page: [ 25.709639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1019f [ 25.710359] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 25.710960] page_type: f5(slab) [ 25.711262] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 25.711966] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.712665] page dumped because: kasan: bad access detected [ 25.713170] [ 25.713318] Memory state around the buggy address: [ 25.713757] ffff00001019f600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.714415] ffff00001019f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.715070] >ffff00001019f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.715722] ^ [ 25.716369] ffff00001019f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.717024] ffff00001019f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.717678] ==================================================================