Date
July 12, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 16.381430] ================================================================== [ 16.381473] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.381520] Write of size 1 at addr fff00000c585e778 by task kunit_try_catch/136 [ 16.381598] [ 16.381645] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.381736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.381763] Hardware name: linux,dummy-virt (DT) [ 16.381792] Call trace: [ 16.381813] show_stack+0x20/0x38 (C) [ 16.382050] dump_stack_lvl+0x8c/0xd0 [ 16.382125] print_report+0x118/0x5d0 [ 16.382184] kasan_report+0xdc/0x128 [ 16.382394] __asan_report_store1_noabort+0x20/0x30 [ 16.382567] kmalloc_oob_right+0x538/0x660 [ 16.382664] kunit_try_run_case+0x170/0x3f0 [ 16.382714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.382765] kthread+0x328/0x630 [ 16.382814] ret_from_fork+0x10/0x20 [ 16.382861] [ 16.382885] Allocated by task 136: [ 16.382920] kasan_save_stack+0x3c/0x68 [ 16.382966] kasan_save_track+0x20/0x40 [ 16.383003] kasan_save_alloc_info+0x40/0x58 [ 16.383050] __kasan_kmalloc+0xd4/0xd8 [ 16.383085] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.383123] kmalloc_oob_right+0xb0/0x660 [ 16.383166] kunit_try_run_case+0x170/0x3f0 [ 16.383296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.383579] kthread+0x328/0x630 [ 16.383619] ret_from_fork+0x10/0x20 [ 16.383677] [ 16.383696] The buggy address belongs to the object at fff00000c585e700 [ 16.383696] which belongs to the cache kmalloc-128 of size 128 [ 16.383754] The buggy address is located 5 bytes to the right of [ 16.383754] allocated 115-byte region [fff00000c585e700, fff00000c585e773) [ 16.383818] [ 16.383836] The buggy address belongs to the physical page: [ 16.383915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.384062] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.384114] page_type: f5(slab) [ 16.384154] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.384218] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.384258] page dumped because: kasan: bad access detected [ 16.384287] [ 16.384304] Memory state around the buggy address: [ 16.384334] fff00000c585e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.384376] fff00000c585e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.384417] >fff00000c585e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.384454] ^ [ 16.384493] fff00000c585e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.384534] fff00000c585e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.384570] ================================================================== [ 16.370551] ================================================================== [ 16.370916] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.373565] Write of size 1 at addr fff00000c585e773 by task kunit_try_catch/136 [ 16.373681] [ 16.374664] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 16.374818] Tainted: [N]=TEST [ 16.374850] Hardware name: linux,dummy-virt (DT) [ 16.375077] Call trace: [ 16.375273] show_stack+0x20/0x38 (C) [ 16.375413] dump_stack_lvl+0x8c/0xd0 [ 16.375473] print_report+0x118/0x5d0 [ 16.375523] kasan_report+0xdc/0x128 [ 16.375568] __asan_report_store1_noabort+0x20/0x30 [ 16.375619] kmalloc_oob_right+0x5a4/0x660 [ 16.375665] kunit_try_run_case+0x170/0x3f0 [ 16.375715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.375767] kthread+0x328/0x630 [ 16.375810] ret_from_fork+0x10/0x20 [ 16.375965] [ 16.376002] Allocated by task 136: [ 16.376135] kasan_save_stack+0x3c/0x68 [ 16.376223] kasan_save_track+0x20/0x40 [ 16.376262] kasan_save_alloc_info+0x40/0x58 [ 16.376301] __kasan_kmalloc+0xd4/0xd8 [ 16.376337] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.376377] kmalloc_oob_right+0xb0/0x660 [ 16.376412] kunit_try_run_case+0x170/0x3f0 [ 16.376449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.376491] kthread+0x328/0x630 [ 16.376523] ret_from_fork+0x10/0x20 [ 16.376576] [ 16.376635] The buggy address belongs to the object at fff00000c585e700 [ 16.376635] which belongs to the cache kmalloc-128 of size 128 [ 16.376729] The buggy address is located 0 bytes to the right of [ 16.376729] allocated 115-byte region [fff00000c585e700, fff00000c585e773) [ 16.376797] [ 16.376875] The buggy address belongs to the physical page: [ 16.377084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.377390] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.377678] page_type: f5(slab) [ 16.377979] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.378044] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.378148] page dumped because: kasan: bad access detected [ 16.378201] [ 16.378226] Memory state around the buggy address: [ 16.378444] fff00000c585e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.378510] fff00000c585e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.378564] >fff00000c585e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.378617] ^ [ 16.378697] fff00000c585e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.378740] fff00000c585e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.378799] ================================================================== [ 16.385438] ================================================================== [ 16.385504] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.385564] Read of size 1 at addr fff00000c585e780 by task kunit_try_catch/136 [ 16.385629] [ 16.385659] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.385873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.386061] Hardware name: linux,dummy-virt (DT) [ 16.386158] Call trace: [ 16.386192] show_stack+0x20/0x38 (C) [ 16.386260] dump_stack_lvl+0x8c/0xd0 [ 16.386542] print_report+0x118/0x5d0 [ 16.386661] kasan_report+0xdc/0x128 [ 16.386770] __asan_report_load1_noabort+0x20/0x30 [ 16.386823] kmalloc_oob_right+0x5d0/0x660 [ 16.386868] kunit_try_run_case+0x170/0x3f0 [ 16.387092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.387249] kthread+0x328/0x630 [ 16.387376] ret_from_fork+0x10/0x20 [ 16.387494] [ 16.387511] Allocated by task 136: [ 16.387538] kasan_save_stack+0x3c/0x68 [ 16.387705] kasan_save_track+0x20/0x40 [ 16.387750] kasan_save_alloc_info+0x40/0x58 [ 16.387789] __kasan_kmalloc+0xd4/0xd8 [ 16.387969] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.388052] kmalloc_oob_right+0xb0/0x660 [ 16.388135] kunit_try_run_case+0x170/0x3f0 [ 16.388232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.388315] kthread+0x328/0x630 [ 16.388346] ret_from_fork+0x10/0x20 [ 16.388381] [ 16.388399] The buggy address belongs to the object at fff00000c585e700 [ 16.388399] which belongs to the cache kmalloc-128 of size 128 [ 16.388457] The buggy address is located 13 bytes to the right of [ 16.388457] allocated 115-byte region [fff00000c585e700, fff00000c585e773) [ 16.388753] [ 16.388812] The buggy address belongs to the physical page: [ 16.388893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.388948] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.389053] page_type: f5(slab) [ 16.389406] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.389517] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.389596] page dumped because: kasan: bad access detected [ 16.389657] [ 16.389702] Memory state around the buggy address: [ 16.389733] fff00000c585e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.389780] fff00000c585e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.389830] >fff00000c585e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.389866] ^ [ 16.389900] fff00000c585e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.389953] fff00000c585e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.390006] ==================================================================
[ 12.216837] ================================================================== [ 12.217510] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.218139] Read of size 1 at addr ffff8881029ef480 by task kunit_try_catch/153 [ 12.218758] [ 12.218926] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.218967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.218979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.219000] Call Trace: [ 12.219012] <TASK> [ 12.219027] dump_stack_lvl+0x73/0xb0 [ 12.219054] print_report+0xd1/0x610 [ 12.219076] ? __virt_addr_valid+0x1db/0x2d0 [ 12.219100] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.219121] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.219144] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.219165] kasan_report+0x141/0x180 [ 12.219187] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.219213] __asan_report_load1_noabort+0x18/0x20 [ 12.219238] kmalloc_oob_right+0x68a/0x7f0 [ 12.219270] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.219294] ? __schedule+0x10cc/0x2b60 [ 12.219315] ? __pfx_read_tsc+0x10/0x10 [ 12.219336] ? ktime_get_ts64+0x86/0x230 [ 12.219361] kunit_try_run_case+0x1a5/0x480 [ 12.219386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.219408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.219433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.219457] ? __kthread_parkme+0x82/0x180 [ 12.219477] ? preempt_count_sub+0x50/0x80 [ 12.219502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.219526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.219551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.219576] kthread+0x337/0x6f0 [ 12.219594] ? trace_preempt_on+0x20/0xc0 [ 12.219617] ? __pfx_kthread+0x10/0x10 [ 12.219638] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.219659] ? calculate_sigpending+0x7b/0xa0 [ 12.219683] ? __pfx_kthread+0x10/0x10 [ 12.219704] ret_from_fork+0x116/0x1d0 [ 12.219722] ? __pfx_kthread+0x10/0x10 [ 12.219742] ret_from_fork_asm+0x1a/0x30 [ 12.219773] </TASK> [ 12.219783] [ 12.230612] Allocated by task 153: [ 12.230922] kasan_save_stack+0x45/0x70 [ 12.231138] kasan_save_track+0x18/0x40 [ 12.231284] kasan_save_alloc_info+0x3b/0x50 [ 12.231434] __kasan_kmalloc+0xb7/0xc0 [ 12.231567] __kmalloc_cache_noprof+0x189/0x420 [ 12.231723] kmalloc_oob_right+0xa9/0x7f0 [ 12.231863] kunit_try_run_case+0x1a5/0x480 [ 12.232009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.232187] kthread+0x337/0x6f0 [ 12.232394] ret_from_fork+0x116/0x1d0 [ 12.232725] ret_from_fork_asm+0x1a/0x30 [ 12.233067] [ 12.233220] The buggy address belongs to the object at ffff8881029ef400 [ 12.233220] which belongs to the cache kmalloc-128 of size 128 [ 12.234269] The buggy address is located 13 bytes to the right of [ 12.234269] allocated 115-byte region [ffff8881029ef400, ffff8881029ef473) [ 12.235333] [ 12.235489] The buggy address belongs to the physical page: [ 12.235957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 12.236625] flags: 0x200000000000000(node=0|zone=2) [ 12.237055] page_type: f5(slab) [ 12.237345] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.237988] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.238623] page dumped because: kasan: bad access detected [ 12.238813] [ 12.238882] Memory state around the buggy address: [ 12.239035] ffff8881029ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.239249] ffff8881029ef400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.239842] >ffff8881029ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.240468] ^ [ 12.240750] ffff8881029ef500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.241354] ffff8881029ef580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.241948] ================================================================== [ 12.175190] ================================================================== [ 12.175899] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.176590] Write of size 1 at addr ffff8881029ef473 by task kunit_try_catch/153 [ 12.176991] [ 12.177998] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.178345] Tainted: [N]=TEST [ 12.178376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.178585] Call Trace: [ 12.178652] <TASK> [ 12.178800] dump_stack_lvl+0x73/0xb0 [ 12.178889] print_report+0xd1/0x610 [ 12.178918] ? __virt_addr_valid+0x1db/0x2d0 [ 12.178944] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.178967] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.178990] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.179012] kasan_report+0x141/0x180 [ 12.179034] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.179060] __asan_report_store1_noabort+0x1b/0x30 [ 12.179086] kmalloc_oob_right+0x6f0/0x7f0 [ 12.179108] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.179131] ? __schedule+0x10cc/0x2b60 [ 12.179154] ? __pfx_read_tsc+0x10/0x10 [ 12.179176] ? ktime_get_ts64+0x86/0x230 [ 12.179202] kunit_try_run_case+0x1a5/0x480 [ 12.179229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.179252] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.179291] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.179315] ? __kthread_parkme+0x82/0x180 [ 12.179336] ? preempt_count_sub+0x50/0x80 [ 12.179362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.179387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.179411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.179437] kthread+0x337/0x6f0 [ 12.179455] ? trace_preempt_on+0x20/0xc0 [ 12.179480] ? __pfx_kthread+0x10/0x10 [ 12.179500] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.179522] ? calculate_sigpending+0x7b/0xa0 [ 12.179547] ? __pfx_kthread+0x10/0x10 [ 12.179569] ret_from_fork+0x116/0x1d0 [ 12.179587] ? __pfx_kthread+0x10/0x10 [ 12.179608] ret_from_fork_asm+0x1a/0x30 [ 12.179662] </TASK> [ 12.179723] [ 12.186558] Allocated by task 153: [ 12.186818] kasan_save_stack+0x45/0x70 [ 12.187048] kasan_save_track+0x18/0x40 [ 12.187282] kasan_save_alloc_info+0x3b/0x50 [ 12.187517] __kasan_kmalloc+0xb7/0xc0 [ 12.187722] __kmalloc_cache_noprof+0x189/0x420 [ 12.187952] kmalloc_oob_right+0xa9/0x7f0 [ 12.188170] kunit_try_run_case+0x1a5/0x480 [ 12.188390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.188658] kthread+0x337/0x6f0 [ 12.188812] ret_from_fork+0x116/0x1d0 [ 12.188984] ret_from_fork_asm+0x1a/0x30 [ 12.189201] [ 12.189361] The buggy address belongs to the object at ffff8881029ef400 [ 12.189361] which belongs to the cache kmalloc-128 of size 128 [ 12.189875] The buggy address is located 0 bytes to the right of [ 12.189875] allocated 115-byte region [ffff8881029ef400, ffff8881029ef473) [ 12.190421] [ 12.190587] The buggy address belongs to the physical page: [ 12.191007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 12.191596] flags: 0x200000000000000(node=0|zone=2) [ 12.192143] page_type: f5(slab) [ 12.192577] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.192937] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.193351] page dumped because: kasan: bad access detected [ 12.193612] [ 12.193713] Memory state around the buggy address: [ 12.194165] ffff8881029ef300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.194522] ffff8881029ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.194829] >ffff8881029ef400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.195162] ^ [ 12.195417] ffff8881029ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.195728] ffff8881029ef500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.196039] ================================================================== [ 12.197944] ================================================================== [ 12.198724] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.199003] Write of size 1 at addr ffff8881029ef478 by task kunit_try_catch/153 [ 12.199310] [ 12.199425] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.199467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.199479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.199501] Call Trace: [ 12.199517] <TASK> [ 12.199532] dump_stack_lvl+0x73/0xb0 [ 12.199560] print_report+0xd1/0x610 [ 12.199582] ? __virt_addr_valid+0x1db/0x2d0 [ 12.199605] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.199627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.199650] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.199671] kasan_report+0x141/0x180 [ 12.199693] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.199719] __asan_report_store1_noabort+0x1b/0x30 [ 12.199745] kmalloc_oob_right+0x6bd/0x7f0 [ 12.199767] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.199790] ? __schedule+0x10cc/0x2b60 [ 12.199812] ? __pfx_read_tsc+0x10/0x10 [ 12.199833] ? ktime_get_ts64+0x86/0x230 [ 12.199858] kunit_try_run_case+0x1a5/0x480 [ 12.199882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.199905] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.199929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.199952] ? __kthread_parkme+0x82/0x180 [ 12.199973] ? preempt_count_sub+0x50/0x80 [ 12.199997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.200021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.200046] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.200071] kthread+0x337/0x6f0 [ 12.200090] ? trace_preempt_on+0x20/0xc0 [ 12.200114] ? __pfx_kthread+0x10/0x10 [ 12.200134] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.200155] ? calculate_sigpending+0x7b/0xa0 [ 12.200179] ? __pfx_kthread+0x10/0x10 [ 12.200201] ret_from_fork+0x116/0x1d0 [ 12.200219] ? __pfx_kthread+0x10/0x10 [ 12.200239] ret_from_fork_asm+0x1a/0x30 [ 12.200280] </TASK> [ 12.200290] [ 12.206119] Allocated by task 153: [ 12.206245] kasan_save_stack+0x45/0x70 [ 12.206395] kasan_save_track+0x18/0x40 [ 12.206531] kasan_save_alloc_info+0x3b/0x50 [ 12.206680] __kasan_kmalloc+0xb7/0xc0 [ 12.206876] __kmalloc_cache_noprof+0x189/0x420 [ 12.207100] kmalloc_oob_right+0xa9/0x7f0 [ 12.207307] kunit_try_run_case+0x1a5/0x480 [ 12.207519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.207773] kthread+0x337/0x6f0 [ 12.207941] ret_from_fork+0x116/0x1d0 [ 12.208127] ret_from_fork_asm+0x1a/0x30 [ 12.208333] [ 12.208427] The buggy address belongs to the object at ffff8881029ef400 [ 12.208427] which belongs to the cache kmalloc-128 of size 128 [ 12.208923] The buggy address is located 5 bytes to the right of [ 12.208923] allocated 115-byte region [ffff8881029ef400, ffff8881029ef473) [ 12.209423] [ 12.209512] The buggy address belongs to the physical page: [ 12.209726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 12.210055] flags: 0x200000000000000(node=0|zone=2) [ 12.210340] page_type: f5(slab) [ 12.210627] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.211253] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.211880] page dumped because: kasan: bad access detected [ 12.212341] [ 12.212493] Memory state around the buggy address: [ 12.212897] ffff8881029ef300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.213529] ffff8881029ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.214132] >ffff8881029ef400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.214750] ^ [ 12.215331] ffff8881029ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.215910] ffff8881029ef500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.216124] ==================================================================