Date
April 22, 2025, 11:09 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 | |
| rk3399-rock-pi-4b |
[ 21.510388] ================================================================== [ 21.510600] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 21.510947] Read of size 8 at addr fff00000c42a5278 by task kunit_try_catch/283 [ 21.511095] [ 21.511440] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.511853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.512081] Hardware name: linux,dummy-virt (DT) [ 21.512219] Call trace: [ 21.512489] show_stack+0x20/0x38 (C) [ 21.512660] dump_stack_lvl+0x8c/0xd0 [ 21.512768] print_report+0x118/0x608 [ 21.513041] kasan_report+0xdc/0x128 [ 21.513168] __asan_report_load8_noabort+0x20/0x30 [ 21.513298] copy_to_kernel_nofault+0x204/0x250 [ 21.513422] copy_to_kernel_nofault_oob+0x158/0x418 [ 21.513574] kunit_try_run_case+0x170/0x3f0 [ 21.513705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.513848] kthread+0x328/0x630 [ 21.513966] ret_from_fork+0x10/0x20 [ 21.514088] [ 21.514140] Allocated by task 283: [ 21.514214] kasan_save_stack+0x3c/0x68 [ 21.514313] kasan_save_track+0x20/0x40 [ 21.514403] kasan_save_alloc_info+0x40/0x58 [ 21.514497] __kasan_kmalloc+0xd4/0xd8 [ 21.515154] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.515388] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.515492] kunit_try_run_case+0x170/0x3f0 [ 21.515782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.515904] kthread+0x328/0x630 [ 21.515994] ret_from_fork+0x10/0x20 [ 21.516080] [ 21.516255] The buggy address belongs to the object at fff00000c42a5200 [ 21.516255] which belongs to the cache kmalloc-128 of size 128 [ 21.516714] The buggy address is located 0 bytes to the right of [ 21.516714] allocated 120-byte region [fff00000c42a5200, fff00000c42a5278) [ 21.517461] [ 21.517553] The buggy address belongs to the physical page: [ 21.517628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a5 [ 21.517755] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.517884] page_type: f5(slab) [ 21.517982] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.518439] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.518608] page dumped because: kasan: bad access detected [ 21.519013] [ 21.519096] Memory state around the buggy address: [ 21.519228] fff00000c42a5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.519341] fff00000c42a5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.519438] >fff00000c42a5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.519512] ^ [ 21.519614] fff00000c42a5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.519713] fff00000c42a5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.519813] ================================================================== [ 21.523388] ================================================================== [ 21.523642] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 21.523770] Write of size 8 at addr fff00000c42a5278 by task kunit_try_catch/283 [ 21.523872] [ 21.523954] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.524146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.524214] Hardware name: linux,dummy-virt (DT) [ 21.524749] Call trace: [ 21.524821] show_stack+0x20/0x38 (C) [ 21.525004] dump_stack_lvl+0x8c/0xd0 [ 21.525345] print_report+0x118/0x608 [ 21.525610] kasan_report+0xdc/0x128 [ 21.525734] kasan_check_range+0x100/0x1a8 [ 21.525845] __kasan_check_write+0x20/0x30 [ 21.525960] copy_to_kernel_nofault+0x8c/0x250 [ 21.526076] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 21.526197] kunit_try_run_case+0x170/0x3f0 [ 21.526319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.526455] kthread+0x328/0x630 [ 21.527006] ret_from_fork+0x10/0x20 [ 21.527224] [ 21.527270] Allocated by task 283: [ 21.527376] kasan_save_stack+0x3c/0x68 [ 21.527562] kasan_save_track+0x20/0x40 [ 21.527654] kasan_save_alloc_info+0x40/0x58 [ 21.527961] __kasan_kmalloc+0xd4/0xd8 [ 21.528112] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.528205] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.528290] kunit_try_run_case+0x170/0x3f0 [ 21.528454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.528580] kthread+0x328/0x630 [ 21.528711] ret_from_fork+0x10/0x20 [ 21.528796] [ 21.528840] The buggy address belongs to the object at fff00000c42a5200 [ 21.528840] which belongs to the cache kmalloc-128 of size 128 [ 21.529167] The buggy address is located 0 bytes to the right of [ 21.529167] allocated 120-byte region [fff00000c42a5200, fff00000c42a5278) [ 21.529326] [ 21.529378] The buggy address belongs to the physical page: [ 21.529450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a5 [ 21.529608] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.530498] page_type: f5(slab) [ 21.530618] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.531127] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.531679] page dumped because: kasan: bad access detected [ 21.531792] [ 21.531894] Memory state around the buggy address: [ 21.531988] fff00000c42a5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.532257] fff00000c42a5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.532356] >fff00000c42a5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.532638] ^ [ 21.532757] fff00000c42a5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.532861] fff00000c42a5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.532952] ==================================================================
[ 25.245038] ================================================================== [ 25.246066] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 25.246916] Read of size 8 at addr ffff888103c6f278 by task kunit_try_catch/301 [ 25.247790] [ 25.248028] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.248748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.248771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.248804] Call Trace: [ 25.248823] <TASK> [ 25.248847] dump_stack_lvl+0x73/0xb0 [ 25.248892] print_report+0xd1/0x650 [ 25.248932] ? __virt_addr_valid+0x1db/0x2d0 [ 25.248967] ? copy_to_kernel_nofault+0x225/0x260 [ 25.249005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.249040] ? copy_to_kernel_nofault+0x225/0x260 [ 25.249079] kasan_report+0x141/0x180 [ 25.249113] ? copy_to_kernel_nofault+0x225/0x260 [ 25.249159] __asan_report_load8_noabort+0x18/0x20 [ 25.249192] copy_to_kernel_nofault+0x225/0x260 [ 25.249232] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 25.249272] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 25.249310] ? finish_task_switch.isra.0+0x153/0x700 [ 25.249349] ? __schedule+0x10cc/0x2b30 [ 25.249386] ? trace_hardirqs_on+0x37/0xe0 [ 25.249497] ? __pfx_read_tsc+0x10/0x10 [ 25.249539] ? ktime_get_ts64+0x86/0x230 [ 25.249593] kunit_try_run_case+0x1a5/0x480 [ 25.249632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.249666] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.249703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.249740] ? __kthread_parkme+0x82/0x180 [ 25.249774] ? preempt_count_sub+0x50/0x80 [ 25.249811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.249846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.249880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.249915] kthread+0x337/0x6f0 [ 25.249948] ? trace_preempt_on+0x20/0xc0 [ 25.249983] ? __pfx_kthread+0x10/0x10 [ 25.250017] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.250051] ? calculate_sigpending+0x7b/0xa0 [ 25.250084] ? __pfx_kthread+0x10/0x10 [ 25.250118] ret_from_fork+0x41/0x80 [ 25.250151] ? __pfx_kthread+0x10/0x10 [ 25.250185] ret_from_fork_asm+0x1a/0x30 [ 25.250233] </TASK> [ 25.250249] [ 25.273345] Allocated by task 301: [ 25.273842] kasan_save_stack+0x45/0x70 [ 25.274261] kasan_save_track+0x18/0x40 [ 25.274738] kasan_save_alloc_info+0x3b/0x50 [ 25.275147] __kasan_kmalloc+0xb7/0xc0 [ 25.275558] __kmalloc_cache_noprof+0x189/0x420 [ 25.275910] copy_to_kernel_nofault_oob+0x12f/0x560 [ 25.276460] kunit_try_run_case+0x1a5/0x480 [ 25.276953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.277542] kthread+0x337/0x6f0 [ 25.277951] ret_from_fork+0x41/0x80 [ 25.278296] ret_from_fork_asm+0x1a/0x30 [ 25.278781] [ 25.278970] The buggy address belongs to the object at ffff888103c6f200 [ 25.278970] which belongs to the cache kmalloc-128 of size 128 [ 25.280029] The buggy address is located 0 bytes to the right of [ 25.280029] allocated 120-byte region [ffff888103c6f200, ffff888103c6f278) [ 25.281007] [ 25.281240] The buggy address belongs to the physical page: [ 25.281730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6f [ 25.282235] flags: 0x200000000000000(node=0|zone=2) [ 25.282783] page_type: f5(slab) [ 25.283175] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.283935] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.284582] page dumped because: kasan: bad access detected [ 25.285050] [ 25.285231] Memory state around the buggy address: [ 25.285696] ffff888103c6f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.286310] ffff888103c6f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.286992] >ffff888103c6f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.287619] ^ [ 25.288164] ffff888103c6f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.288754] ffff888103c6f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.289260] ================================================================== [ 25.291729] ================================================================== [ 25.292244] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 25.293583] Write of size 8 at addr ffff888103c6f278 by task kunit_try_catch/301 [ 25.294872] [ 25.295250] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.295374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.295434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.295508] Call Trace: [ 25.295546] <TASK> [ 25.295589] dump_stack_lvl+0x73/0xb0 [ 25.295674] print_report+0xd1/0x650 [ 25.295760] ? __virt_addr_valid+0x1db/0x2d0 [ 25.295833] ? copy_to_kernel_nofault+0x99/0x260 [ 25.295909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.295975] ? copy_to_kernel_nofault+0x99/0x260 [ 25.296058] kasan_report+0x141/0x180 [ 25.296143] ? copy_to_kernel_nofault+0x99/0x260 [ 25.296242] kasan_check_range+0x10c/0x1c0 [ 25.296326] __kasan_check_write+0x18/0x20 [ 25.296406] copy_to_kernel_nofault+0x99/0x260 [ 25.296540] copy_to_kernel_nofault_oob+0x288/0x560 [ 25.296631] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 25.296693] ? finish_task_switch.isra.0+0x153/0x700 [ 25.296730] ? __schedule+0x10cc/0x2b30 [ 25.296764] ? trace_hardirqs_on+0x37/0xe0 [ 25.296811] ? __pfx_read_tsc+0x10/0x10 [ 25.296839] ? ktime_get_ts64+0x86/0x230 [ 25.296875] kunit_try_run_case+0x1a5/0x480 [ 25.296908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.296940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.296976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.297011] ? __kthread_parkme+0x82/0x180 [ 25.297044] ? preempt_count_sub+0x50/0x80 [ 25.297080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.297115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.297147] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.297181] kthread+0x337/0x6f0 [ 25.297212] ? trace_preempt_on+0x20/0xc0 [ 25.297244] ? __pfx_kthread+0x10/0x10 [ 25.297276] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.297308] ? calculate_sigpending+0x7b/0xa0 [ 25.297339] ? __pfx_kthread+0x10/0x10 [ 25.297371] ret_from_fork+0x41/0x80 [ 25.297422] ? __pfx_kthread+0x10/0x10 [ 25.297502] ret_from_fork_asm+0x1a/0x30 [ 25.297553] </TASK> [ 25.297576] [ 25.318460] Allocated by task 301: [ 25.318896] kasan_save_stack+0x45/0x70 [ 25.319349] kasan_save_track+0x18/0x40 [ 25.320166] kasan_save_alloc_info+0x3b/0x50 [ 25.320393] __kasan_kmalloc+0xb7/0xc0 [ 25.320709] __kmalloc_cache_noprof+0x189/0x420 [ 25.321665] copy_to_kernel_nofault_oob+0x12f/0x560 [ 25.322151] kunit_try_run_case+0x1a5/0x480 [ 25.322726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.323379] kthread+0x337/0x6f0 [ 25.323855] ret_from_fork+0x41/0x80 [ 25.324157] ret_from_fork_asm+0x1a/0x30 [ 25.325303] [ 25.325508] The buggy address belongs to the object at ffff888103c6f200 [ 25.325508] which belongs to the cache kmalloc-128 of size 128 [ 25.326767] The buggy address is located 0 bytes to the right of [ 25.326767] allocated 120-byte region [ffff888103c6f200, ffff888103c6f278) [ 25.328218] [ 25.328456] The buggy address belongs to the physical page: [ 25.329008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6f [ 25.329714] flags: 0x200000000000000(node=0|zone=2) [ 25.330122] page_type: f5(slab) [ 25.331085] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.331717] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.331972] page dumped because: kasan: bad access detected [ 25.332163] [ 25.332250] Memory state around the buggy address: [ 25.332503] ffff888103c6f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.333564] ffff888103c6f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.334431] >ffff888103c6f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.335574] ^ [ 25.336246] ffff888103c6f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.337662] ffff888103c6f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.338414] ==================================================================
[ 24.026331] ================================================================== [ 24.027007] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 24.027699] Write of size 8 at addr ffff00000c992d78 by task kunit_try_catch/339 [ 24.028373] [ 24.028531] CPU: 3 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 24.028568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.028579] Hardware name: Radxa ROCK Pi 4B (DT) [ 24.028593] Call trace: [ 24.028602] show_stack+0x20/0x38 (C) [ 24.028627] dump_stack_lvl+0x8c/0xd0 [ 24.028651] print_report+0x118/0x608 [ 24.028674] kasan_report+0xdc/0x128 [ 24.028695] kasan_check_range+0x100/0x1a8 [ 24.028718] __kasan_check_write+0x20/0x30 [ 24.028742] copy_to_kernel_nofault+0x8c/0x250 [ 24.028763] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 24.028790] kunit_try_run_case+0x170/0x3f0 [ 24.028816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.028845] kthread+0x328/0x630 [ 24.028870] ret_from_fork+0x10/0x20 [ 24.028895] [ 24.035188] Allocated by task 339: [ 24.035509] kasan_save_stack+0x3c/0x68 [ 24.035873] kasan_save_track+0x20/0x40 [ 24.036234] kasan_save_alloc_info+0x40/0x58 [ 24.036637] __kasan_kmalloc+0xd4/0xd8 [ 24.036989] __kmalloc_cache_noprof+0x15c/0x3c0 [ 24.037418] copy_to_kernel_nofault_oob+0xc8/0x418 [ 24.037867] kunit_try_run_case+0x170/0x3f0 [ 24.038262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.038773] kthread+0x328/0x630 [ 24.039084] ret_from_fork+0x10/0x20 [ 24.039425] [ 24.039573] The buggy address belongs to the object at ffff00000c992d00 [ 24.039573] which belongs to the cache kmalloc-128 of size 128 [ 24.040692] The buggy address is located 0 bytes to the right of [ 24.040692] allocated 120-byte region [ffff00000c992d00, ffff00000c992d78) [ 24.041851] [ 24.041999] The buggy address belongs to the physical page: [ 24.042507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc992 [ 24.043220] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 24.043819] page_type: f5(slab) [ 24.044120] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 24.044823] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.045522] page dumped because: kasan: bad access detected [ 24.046029] [ 24.046175] Memory state around the buggy address: [ 24.046615] ffff00000c992c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.047271] ffff00000c992c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.047926] >ffff00000c992d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.048578] ^ [ 24.049224] ffff00000c992d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.049879] ffff00000c992e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.050533] ================================================================== [ 24.000387] ================================================================== [ 24.001759] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 24.002463] Read of size 8 at addr ffff00000c992d78 by task kunit_try_catch/339 [ 24.003142] [ 24.003309] CPU: 3 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 24.003360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.003376] Hardware name: Radxa ROCK Pi 4B (DT) [ 24.003395] Call trace: [ 24.003408] show_stack+0x20/0x38 (C) [ 24.003442] dump_stack_lvl+0x8c/0xd0 [ 24.003475] print_report+0x118/0x608 [ 24.003508] kasan_report+0xdc/0x128 [ 24.003537] __asan_report_load8_noabort+0x20/0x30 [ 24.003572] copy_to_kernel_nofault+0x204/0x250 [ 24.003603] copy_to_kernel_nofault_oob+0x158/0x418 [ 24.003640] kunit_try_run_case+0x170/0x3f0 [ 24.003677] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.003717] kthread+0x328/0x630 [ 24.003752] ret_from_fork+0x10/0x20 [ 24.003786] [ 24.009829] Allocated by task 339: [ 24.010165] kasan_save_stack+0x3c/0x68 [ 24.010544] kasan_save_track+0x20/0x40 [ 24.010919] kasan_save_alloc_info+0x40/0x58 [ 24.011333] __kasan_kmalloc+0xd4/0xd8 [ 24.011698] __kmalloc_cache_noprof+0x15c/0x3c0 [ 24.012141] copy_to_kernel_nofault_oob+0xc8/0x418 [ 24.012604] kunit_try_run_case+0x170/0x3f0 [ 24.013013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.013539] kthread+0x328/0x630 [ 24.013867] ret_from_fork+0x10/0x20 [ 24.014218] [ 24.014372] The buggy address belongs to the object at ffff00000c992d00 [ 24.014372] which belongs to the cache kmalloc-128 of size 128 [ 24.015507] The buggy address is located 0 bytes to the right of [ 24.015507] allocated 120-byte region [ffff00000c992d00, ffff00000c992d78) [ 24.016683] [ 24.016839] The buggy address belongs to the physical page: [ 24.017357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc992 [ 24.018081] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 24.018697] page_type: f5(slab) [ 24.019012] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 24.019729] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.020438] page dumped because: kasan: bad access detected [ 24.020955] [ 24.021108] Memory state around the buggy address: [ 24.021559] ffff00000c992c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.022227] ffff00000c992c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.022896] >ffff00000c992d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.023560] ^ [ 24.024216] ffff00000c992d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.024884] ffff00000c992e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.025547] ==================================================================