Date
April 20, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 | |
| rk3399-rock-pi-4b |
[ 27.978718] ================================================================== [ 27.978821] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 27.979541] Write of size 121 at addr fff00000c67e4900 by task kunit_try_catch/287 [ 27.980312] [ 27.980388] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 27.980671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.980762] Hardware name: linux,dummy-virt (DT) [ 27.980888] Call trace: [ 27.981055] show_stack+0x20/0x38 (C) [ 27.981272] dump_stack_lvl+0x8c/0xd0 [ 27.981449] print_report+0x118/0x608 [ 27.981688] kasan_report+0xdc/0x128 [ 27.981891] kasan_check_range+0x100/0x1a8 [ 27.982210] __kasan_check_write+0x20/0x30 [ 27.982348] strncpy_from_user+0x3c/0x2a0 [ 27.982690] copy_user_test_oob+0x5c0/0xec8 [ 27.982960] kunit_try_run_case+0x170/0x3f0 [ 27.983103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.983266] kthread+0x328/0x630 [ 27.983406] ret_from_fork+0x10/0x20 [ 27.983591] [ 27.983652] Allocated by task 287: [ 27.983748] kasan_save_stack+0x3c/0x68 [ 27.983861] kasan_save_track+0x20/0x40 [ 27.983991] kasan_save_alloc_info+0x40/0x58 [ 27.984101] __kasan_kmalloc+0xd4/0xd8 [ 27.984223] __kmalloc_noprof+0x190/0x4d0 [ 27.984416] kunit_kmalloc_array+0x34/0x88 [ 27.984608] copy_user_test_oob+0xac/0xec8 [ 27.984730] kunit_try_run_case+0x170/0x3f0 [ 27.984996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.985129] kthread+0x328/0x630 [ 27.985244] ret_from_fork+0x10/0x20 [ 27.985359] [ 27.985436] The buggy address belongs to the object at fff00000c67e4900 [ 27.985436] which belongs to the cache kmalloc-128 of size 128 [ 27.985582] The buggy address is located 0 bytes inside of [ 27.985582] allocated 120-byte region [fff00000c67e4900, fff00000c67e4978) [ 27.985733] [ 27.985782] The buggy address belongs to the physical page: [ 27.985860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067e4 [ 27.986033] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.986334] page_type: f5(slab) [ 27.986439] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.986601] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.986706] page dumped because: kasan: bad access detected [ 27.986804] [ 27.986862] Memory state around the buggy address: [ 27.986972] fff00000c67e4800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.987101] fff00000c67e4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.987217] >fff00000c67e4900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.987443] ^ [ 27.987661] fff00000c67e4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.987805] fff00000c67e4a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.988052] ================================================================== [ 27.989127] ================================================================== [ 27.989231] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 27.989337] Write of size 1 at addr fff00000c67e4978 by task kunit_try_catch/287 [ 27.989452] [ 27.993522] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 27.995478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.995594] Hardware name: linux,dummy-virt (DT) [ 27.995700] Call trace: [ 27.995768] show_stack+0x20/0x38 (C) [ 27.995983] dump_stack_lvl+0x8c/0xd0 [ 27.996156] print_report+0x118/0x608 [ 27.996363] kasan_report+0xdc/0x128 [ 27.997717] __asan_report_store1_noabort+0x20/0x30 [ 27.997870] strncpy_from_user+0x270/0x2a0 [ 27.998019] copy_user_test_oob+0x5c0/0xec8 [ 27.999978] kunit_try_run_case+0x170/0x3f0 [ 28.000135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.000321] kthread+0x328/0x630 [ 28.000723] ret_from_fork+0x10/0x20 [ 28.001277] [ 28.001341] Allocated by task 287: [ 28.001724] kasan_save_stack+0x3c/0x68 [ 28.002038] kasan_save_track+0x20/0x40 [ 28.002221] kasan_save_alloc_info+0x40/0x58 [ 28.002439] __kasan_kmalloc+0xd4/0xd8 [ 28.002583] __kmalloc_noprof+0x190/0x4d0 [ 28.003032] kunit_kmalloc_array+0x34/0x88 [ 28.003338] copy_user_test_oob+0xac/0xec8 [ 28.003567] kunit_try_run_case+0x170/0x3f0 [ 28.004117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.004369] kthread+0x328/0x630 [ 28.004531] ret_from_fork+0x10/0x20 [ 28.004654] [ 28.004724] The buggy address belongs to the object at fff00000c67e4900 [ 28.004724] which belongs to the cache kmalloc-128 of size 128 [ 28.005413] The buggy address is located 0 bytes to the right of [ 28.005413] allocated 120-byte region [fff00000c67e4900, fff00000c67e4978) [ 28.005966] [ 28.006318] The buggy address belongs to the physical page: [ 28.006775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067e4 [ 28.007097] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.007253] page_type: f5(slab) [ 28.007366] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.007974] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.008135] page dumped because: kasan: bad access detected [ 28.008235] [ 28.008306] Memory state around the buggy address: [ 28.008388] fff00000c67e4800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.008464] fff00000c67e4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.008521] >fff00000c67e4900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.008572] ^ [ 28.008625] fff00000c67e4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.008680] fff00000c67e4a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.008730] ==================================================================
[ 15.569670] ================================================================== [ 15.570034] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 15.570507] Write of size 121 at addr ffff888102b49800 by task kunit_try_catch/306 [ 15.570808] [ 15.570919] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.570963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.570976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.570997] Call Trace: [ 15.571012] <TASK> [ 15.571028] dump_stack_lvl+0x73/0xb0 [ 15.571053] print_report+0xd1/0x650 [ 15.571077] ? __virt_addr_valid+0x1db/0x2d0 [ 15.571100] ? strncpy_from_user+0x2e/0x1d0 [ 15.571123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.571158] ? strncpy_from_user+0x2e/0x1d0 [ 15.571182] kasan_report+0x141/0x180 [ 15.571206] ? strncpy_from_user+0x2e/0x1d0 [ 15.571235] kasan_check_range+0x10c/0x1c0 [ 15.571261] __kasan_check_write+0x18/0x20 [ 15.571283] strncpy_from_user+0x2e/0x1d0 [ 15.571306] ? __kasan_check_read+0x15/0x20 [ 15.571340] copy_user_test_oob+0x760/0x10f0 [ 15.571364] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.571385] ? finish_task_switch.isra.0+0x153/0x700 [ 15.571411] ? __switch_to+0x5d9/0xf60 [ 15.571432] ? dequeue_task_fair+0x166/0x4e0 [ 15.571458] ? __schedule+0x10cc/0x2b30 [ 15.571482] ? __pfx_read_tsc+0x10/0x10 [ 15.571502] ? ktime_get_ts64+0x86/0x230 [ 15.571528] kunit_try_run_case+0x1a5/0x480 [ 15.571554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.571576] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.571601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.571627] ? __kthread_parkme+0x82/0x180 [ 15.571651] ? preempt_count_sub+0x50/0x80 [ 15.571678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.571703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.571726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.571749] kthread+0x337/0x6f0 [ 15.571771] ? trace_preempt_on+0x20/0xc0 [ 15.571795] ? __pfx_kthread+0x10/0x10 [ 15.571819] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.571842] ? calculate_sigpending+0x7b/0xa0 [ 15.571864] ? __pfx_kthread+0x10/0x10 [ 15.571888] ret_from_fork+0x41/0x80 [ 15.571909] ? __pfx_kthread+0x10/0x10 [ 15.571933] ret_from_fork_asm+0x1a/0x30 [ 15.571966] </TASK> [ 15.571978] [ 15.580014] Allocated by task 306: [ 15.580157] kasan_save_stack+0x45/0x70 [ 15.580303] kasan_save_track+0x18/0x40 [ 15.580449] kasan_save_alloc_info+0x3b/0x50 [ 15.580591] __kasan_kmalloc+0xb7/0xc0 [ 15.580979] __kmalloc_noprof+0x1c9/0x500 [ 15.581422] kunit_kmalloc_array+0x25/0x60 [ 15.581569] copy_user_test_oob+0xab/0x10f0 [ 15.581709] kunit_try_run_case+0x1a5/0x480 [ 15.581859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.582028] kthread+0x337/0x6f0 [ 15.582392] ret_from_fork+0x41/0x80 [ 15.582791] ret_from_fork_asm+0x1a/0x30 [ 15.583221] [ 15.583438] The buggy address belongs to the object at ffff888102b49800 [ 15.583438] which belongs to the cache kmalloc-128 of size 128 [ 15.584590] The buggy address is located 0 bytes inside of [ 15.584590] allocated 120-byte region [ffff888102b49800, ffff888102b49878) [ 15.585720] [ 15.585862] The buggy address belongs to the physical page: [ 15.586378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.586616] flags: 0x200000000000000(node=0|zone=2) [ 15.586776] page_type: f5(slab) [ 15.586897] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.587146] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.587874] page dumped because: kasan: bad access detected [ 15.588418] [ 15.588576] Memory state around the buggy address: [ 15.589056] ffff888102b49700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.589725] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.590394] >ffff888102b49800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.591022] ^ [ 15.591532] ffff888102b49880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.591742] ffff888102b49900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.591949] ================================================================== [ 15.592539] ================================================================== [ 15.593204] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 15.593879] Write of size 1 at addr ffff888102b49878 by task kunit_try_catch/306 [ 15.594548] [ 15.594723] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.594779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.594792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.594823] Call Trace: [ 15.594840] <TASK> [ 15.594857] dump_stack_lvl+0x73/0xb0 [ 15.594881] print_report+0xd1/0x650 [ 15.594905] ? __virt_addr_valid+0x1db/0x2d0 [ 15.594936] ? strncpy_from_user+0x1a5/0x1d0 [ 15.594959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.594983] ? strncpy_from_user+0x1a5/0x1d0 [ 15.595016] kasan_report+0x141/0x180 [ 15.595040] ? strncpy_from_user+0x1a5/0x1d0 [ 15.595068] __asan_report_store1_noabort+0x1b/0x30 [ 15.595091] strncpy_from_user+0x1a5/0x1d0 [ 15.595135] copy_user_test_oob+0x760/0x10f0 [ 15.595159] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.595180] ? finish_task_switch.isra.0+0x153/0x700 [ 15.595204] ? __switch_to+0x5d9/0xf60 [ 15.595224] ? dequeue_task_fair+0x166/0x4e0 [ 15.595250] ? __schedule+0x10cc/0x2b30 [ 15.595275] ? __pfx_read_tsc+0x10/0x10 [ 15.595295] ? ktime_get_ts64+0x86/0x230 [ 15.595329] kunit_try_run_case+0x1a5/0x480 [ 15.595355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.595377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.595401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.595427] ? __kthread_parkme+0x82/0x180 [ 15.595449] ? preempt_count_sub+0x50/0x80 [ 15.595474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.595498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.595522] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.595546] kthread+0x337/0x6f0 [ 15.595568] ? trace_preempt_on+0x20/0xc0 [ 15.595592] ? __pfx_kthread+0x10/0x10 [ 15.595614] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.595637] ? calculate_sigpending+0x7b/0xa0 [ 15.595659] ? __pfx_kthread+0x10/0x10 [ 15.595682] ret_from_fork+0x41/0x80 [ 15.595703] ? __pfx_kthread+0x10/0x10 [ 15.595727] ret_from_fork_asm+0x1a/0x30 [ 15.595759] </TASK> [ 15.595770] [ 15.607702] Allocated by task 306: [ 15.608030] kasan_save_stack+0x45/0x70 [ 15.608429] kasan_save_track+0x18/0x40 [ 15.608789] kasan_save_alloc_info+0x3b/0x50 [ 15.609124] __kasan_kmalloc+0xb7/0xc0 [ 15.609448] __kmalloc_noprof+0x1c9/0x500 [ 15.609593] kunit_kmalloc_array+0x25/0x60 [ 15.609738] copy_user_test_oob+0xab/0x10f0 [ 15.609887] kunit_try_run_case+0x1a5/0x480 [ 15.610033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.610254] kthread+0x337/0x6f0 [ 15.610436] ret_from_fork+0x41/0x80 [ 15.610569] ret_from_fork_asm+0x1a/0x30 [ 15.610758] [ 15.610851] The buggy address belongs to the object at ffff888102b49800 [ 15.610851] which belongs to the cache kmalloc-128 of size 128 [ 15.611289] The buggy address is located 0 bytes to the right of [ 15.611289] allocated 120-byte region [ffff888102b49800, ffff888102b49878) [ 15.611836] [ 15.611946] The buggy address belongs to the physical page: [ 15.612162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.612437] flags: 0x200000000000000(node=0|zone=2) [ 15.612692] page_type: f5(slab) [ 15.612862] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.613318] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.613996] page dumped because: kasan: bad access detected [ 15.614407] [ 15.614505] Memory state around the buggy address: [ 15.614719] ffff888102b49700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.615018] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.615728] >ffff888102b49800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.616555] ^ [ 15.616865] ffff888102b49880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.617438] ffff888102b49900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.617758] ==================================================================
[ 25.899034] ================================================================== [ 25.899689] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 25.900320] Write of size 1 at addr ffff0000101ea578 by task kunit_try_catch/339 [ 25.900991] [ 25.901139] CPU: 4 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 25.901171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.901182] Hardware name: Radxa ROCK Pi 4B (DT) [ 25.901192] Call trace: [ 25.901199] show_stack+0x20/0x38 (C) [ 25.901220] dump_stack_lvl+0x8c/0xd0 [ 25.901239] print_report+0x118/0x608 [ 25.901259] kasan_report+0xdc/0x128 [ 25.901277] __asan_report_store1_noabort+0x20/0x30 [ 25.901300] strncpy_from_user+0x270/0x2a0 [ 25.901318] copy_user_test_oob+0x5c0/0xec8 [ 25.901337] kunit_try_run_case+0x170/0x3f0 [ 25.901359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.901385] kthread+0x328/0x630 [ 25.901407] ret_from_fork+0x10/0x20 [ 25.901428] [ 25.907322] Allocated by task 339: [ 25.907637] kasan_save_stack+0x3c/0x68 [ 25.907996] kasan_save_track+0x20/0x40 [ 25.908354] kasan_save_alloc_info+0x40/0x58 [ 25.908753] __kasan_kmalloc+0xd4/0xd8 [ 25.909104] __kmalloc_noprof+0x190/0x4d0 [ 25.909479] kunit_kmalloc_array+0x34/0x88 [ 25.909864] copy_user_test_oob+0xac/0xec8 [ 25.910245] kunit_try_run_case+0x170/0x3f0 [ 25.910637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.911146] kthread+0x328/0x630 [ 25.911454] ret_from_fork+0x10/0x20 [ 25.911792] [ 25.911939] The buggy address belongs to the object at ffff0000101ea500 [ 25.911939] which belongs to the cache kmalloc-128 of size 128 [ 25.913053] The buggy address is located 0 bytes to the right of [ 25.913053] allocated 120-byte region [ffff0000101ea500, ffff0000101ea578) [ 25.914210] [ 25.914357] The buggy address belongs to the physical page: [ 25.914861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ea [ 25.915577] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 25.916171] page_type: f5(slab) [ 25.916469] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 25.917169] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.917864] page dumped because: kasan: bad access detected [ 25.918368] [ 25.918513] Memory state around the buggy address: [ 25.918950] ffff0000101ea400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.919603] ffff0000101ea480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.920256] >ffff0000101ea500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.920906] ^ [ 25.921550] ffff0000101ea580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.922203] ffff0000101ea600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.922853] ================================================================== [ 25.874177] ================================================================== [ 25.874832] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 25.875459] Write of size 121 at addr ffff0000101ea500 by task kunit_try_catch/339 [ 25.876144] [ 25.876294] CPU: 4 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 25.876326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.876335] Hardware name: Radxa ROCK Pi 4B (DT) [ 25.876346] Call trace: [ 25.876354] show_stack+0x20/0x38 (C) [ 25.876374] dump_stack_lvl+0x8c/0xd0 [ 25.876392] print_report+0x118/0x608 [ 25.876412] kasan_report+0xdc/0x128 [ 25.876430] kasan_check_range+0x100/0x1a8 [ 25.876451] __kasan_check_write+0x20/0x30 [ 25.876472] strncpy_from_user+0x3c/0x2a0 [ 25.876490] copy_user_test_oob+0x5c0/0xec8 [ 25.876508] kunit_try_run_case+0x170/0x3f0 [ 25.876530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.876557] kthread+0x328/0x630 [ 25.876578] ret_from_fork+0x10/0x20 [ 25.876599] [ 25.882782] Allocated by task 339: [ 25.883098] kasan_save_stack+0x3c/0x68 [ 25.883457] kasan_save_track+0x20/0x40 [ 25.883815] kasan_save_alloc_info+0x40/0x58 [ 25.884214] __kasan_kmalloc+0xd4/0xd8 [ 25.884565] __kmalloc_noprof+0x190/0x4d0 [ 25.884938] kunit_kmalloc_array+0x34/0x88 [ 25.885323] copy_user_test_oob+0xac/0xec8 [ 25.885703] kunit_try_run_case+0x170/0x3f0 [ 25.886095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.886604] kthread+0x328/0x630 [ 25.886913] ret_from_fork+0x10/0x20 [ 25.887251] [ 25.887397] The buggy address belongs to the object at ffff0000101ea500 [ 25.887397] which belongs to the cache kmalloc-128 of size 128 [ 25.888514] The buggy address is located 0 bytes inside of [ 25.888514] allocated 120-byte region [ffff0000101ea500, ffff0000101ea578) [ 25.889626] [ 25.889773] The buggy address belongs to the physical page: [ 25.890276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ea [ 25.890991] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 25.891586] page_type: f5(slab) [ 25.891885] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 25.892584] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.893280] page dumped because: kasan: bad access detected [ 25.893784] [ 25.893930] Memory state around the buggy address: [ 25.894367] ffff0000101ea400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.895019] ffff0000101ea480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.895673] >ffff0000101ea500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.896322] ^ [ 25.896967] ffff0000101ea580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.897621] ffff0000101ea600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.898271] ==================================================================