Date
July 9, 2025, 11:07 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 16.319527] ================================================================== [ 16.319890] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.320727] Write of size 1 at addr fff00000c638b573 by task kunit_try_catch/136 [ 16.320834] [ 16.321603] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 16.321743] Tainted: [N]=TEST [ 16.321775] Hardware name: linux,dummy-virt (DT) [ 16.321995] Call trace: [ 16.322176] show_stack+0x20/0x38 (C) [ 16.322313] dump_stack_lvl+0x8c/0xd0 [ 16.322379] print_report+0x118/0x608 [ 16.322427] kasan_report+0xdc/0x128 [ 16.322472] __asan_report_store1_noabort+0x20/0x30 [ 16.322523] kmalloc_oob_right+0x5a4/0x660 [ 16.322568] kunit_try_run_case+0x170/0x3f0 [ 16.322618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.322671] kthread+0x328/0x630 [ 16.322716] ret_from_fork+0x10/0x20 [ 16.322873] [ 16.322911] Allocated by task 136: [ 16.323023] kasan_save_stack+0x3c/0x68 [ 16.323090] kasan_save_track+0x20/0x40 [ 16.323140] kasan_save_alloc_info+0x40/0x58 [ 16.323179] __kasan_kmalloc+0xd4/0xd8 [ 16.323215] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.323256] kmalloc_oob_right+0xb0/0x660 [ 16.323291] kunit_try_run_case+0x170/0x3f0 [ 16.323329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.323372] kthread+0x328/0x630 [ 16.323405] ret_from_fork+0x10/0x20 [ 16.323462] [ 16.323522] The buggy address belongs to the object at fff00000c638b500 [ 16.323522] which belongs to the cache kmalloc-128 of size 128 [ 16.323618] The buggy address is located 0 bytes to the right of [ 16.323618] allocated 115-byte region [fff00000c638b500, fff00000c638b573) [ 16.323820] [ 16.323916] The buggy address belongs to the physical page: [ 16.324140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.324420] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.324708] page_type: f5(slab) [ 16.324997] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.325061] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.325178] page dumped because: kasan: bad access detected [ 16.325218] [ 16.325243] Memory state around the buggy address: [ 16.325459] fff00000c638b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.325530] fff00000c638b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.325584] >fff00000c638b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.325636] ^ [ 16.325716] fff00000c638b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.325757] fff00000c638b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.325818] ================================================================== [ 16.333856] ================================================================== [ 16.333907] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.333952] Read of size 1 at addr fff00000c638b580 by task kunit_try_catch/136 [ 16.334007] [ 16.334087] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.334217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.334384] Hardware name: linux,dummy-virt (DT) [ 16.334420] Call trace: [ 16.334441] show_stack+0x20/0x38 (C) [ 16.334536] dump_stack_lvl+0x8c/0xd0 [ 16.334589] print_report+0x118/0x608 [ 16.334635] kasan_report+0xdc/0x128 [ 16.334679] __asan_report_load1_noabort+0x20/0x30 [ 16.334753] kmalloc_oob_right+0x5d0/0x660 [ 16.334820] kunit_try_run_case+0x170/0x3f0 [ 16.334868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.335072] kthread+0x328/0x630 [ 16.335133] ret_from_fork+0x10/0x20 [ 16.335247] [ 16.335285] Allocated by task 136: [ 16.335406] kasan_save_stack+0x3c/0x68 [ 16.335451] kasan_save_track+0x20/0x40 [ 16.335493] kasan_save_alloc_info+0x40/0x58 [ 16.335549] __kasan_kmalloc+0xd4/0xd8 [ 16.335586] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.335724] kmalloc_oob_right+0xb0/0x660 [ 16.335894] kunit_try_run_case+0x170/0x3f0 [ 16.335943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.335992] kthread+0x328/0x630 [ 16.336023] ret_from_fork+0x10/0x20 [ 16.336176] [ 16.336198] The buggy address belongs to the object at fff00000c638b500 [ 16.336198] which belongs to the cache kmalloc-128 of size 128 [ 16.336281] The buggy address is located 13 bytes to the right of [ 16.336281] allocated 115-byte region [fff00000c638b500, fff00000c638b573) [ 16.336466] [ 16.336505] The buggy address belongs to the physical page: [ 16.336564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.336740] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.336902] page_type: f5(slab) [ 16.337000] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.337212] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.337284] page dumped because: kasan: bad access detected [ 16.337315] [ 16.337332] Memory state around the buggy address: [ 16.337400] fff00000c638b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.337464] fff00000c638b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.337553] >fff00000c638b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.337601] ^ [ 16.337630] fff00000c638b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.337672] fff00000c638b680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.337736] ================================================================== [ 16.326883] ================================================================== [ 16.326931] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.326979] Write of size 1 at addr fff00000c638b578 by task kunit_try_catch/136 [ 16.327367] [ 16.327421] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.327533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.327560] Hardware name: linux,dummy-virt (DT) [ 16.328108] Call trace: [ 16.328258] show_stack+0x20/0x38 (C) [ 16.328313] dump_stack_lvl+0x8c/0xd0 [ 16.328581] print_report+0x118/0x608 [ 16.328814] kasan_report+0xdc/0x128 [ 16.328869] __asan_report_store1_noabort+0x20/0x30 [ 16.328921] kmalloc_oob_right+0x538/0x660 [ 16.329101] kunit_try_run_case+0x170/0x3f0 [ 16.329257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.329439] kthread+0x328/0x630 [ 16.329542] ret_from_fork+0x10/0x20 [ 16.329720] [ 16.329758] Allocated by task 136: [ 16.329792] kasan_save_stack+0x3c/0x68 [ 16.330065] kasan_save_track+0x20/0x40 [ 16.330254] kasan_save_alloc_info+0x40/0x58 [ 16.330305] __kasan_kmalloc+0xd4/0xd8 [ 16.330431] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.330554] kmalloc_oob_right+0xb0/0x660 [ 16.330642] kunit_try_run_case+0x170/0x3f0 [ 16.330759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.330931] kthread+0x328/0x630 [ 16.331044] ret_from_fork+0x10/0x20 [ 16.331146] [ 16.331176] The buggy address belongs to the object at fff00000c638b500 [ 16.331176] which belongs to the cache kmalloc-128 of size 128 [ 16.331327] The buggy address is located 5 bytes to the right of [ 16.331327] allocated 115-byte region [fff00000c638b500, fff00000c638b573) [ 16.331449] [ 16.331507] The buggy address belongs to the physical page: [ 16.331538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.331886] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.332071] page_type: f5(slab) [ 16.332125] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.332182] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.332226] page dumped because: kasan: bad access detected [ 16.332256] [ 16.332273] Memory state around the buggy address: [ 16.332302] fff00000c638b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.332343] fff00000c638b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.332508] >fff00000c638b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.332768] ^ [ 16.332952] fff00000c638b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.333056] fff00000c638b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.333245] ==================================================================
[ 11.873371] ================================================================== [ 11.873599] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.874154] Write of size 1 at addr ffff8881031db578 by task kunit_try_catch/153 [ 11.874394] [ 11.874579] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.874654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.874666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.874697] Call Trace: [ 11.874718] <TASK> [ 11.874732] dump_stack_lvl+0x73/0xb0 [ 11.874760] print_report+0xd1/0x650 [ 11.874781] ? __virt_addr_valid+0x1db/0x2d0 [ 11.874803] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.874823] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.874846] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.874868] kasan_report+0x141/0x180 [ 11.874889] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.874915] __asan_report_store1_noabort+0x1b/0x30 [ 11.874940] kmalloc_oob_right+0x6bd/0x7f0 [ 11.874961] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.874983] ? __schedule+0x10cc/0x2b60 [ 11.875005] ? __pfx_read_tsc+0x10/0x10 [ 11.875026] ? ktime_get_ts64+0x86/0x230 [ 11.875065] kunit_try_run_case+0x1a5/0x480 [ 11.875089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.875112] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.875135] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.875158] ? __kthread_parkme+0x82/0x180 [ 11.875177] ? preempt_count_sub+0x50/0x80 [ 11.875201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.875225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.875249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.875273] kthread+0x337/0x6f0 [ 11.875291] ? trace_preempt_on+0x20/0xc0 [ 11.875314] ? __pfx_kthread+0x10/0x10 [ 11.875334] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.875355] ? calculate_sigpending+0x7b/0xa0 [ 11.875381] ? __pfx_kthread+0x10/0x10 [ 11.875401] ret_from_fork+0x116/0x1d0 [ 11.875419] ? __pfx_kthread+0x10/0x10 [ 11.875439] ret_from_fork_asm+0x1a/0x30 [ 11.875469] </TASK> [ 11.875478] [ 11.884411] Allocated by task 153: [ 11.884586] kasan_save_stack+0x45/0x70 [ 11.884795] kasan_save_track+0x18/0x40 [ 11.884985] kasan_save_alloc_info+0x3b/0x50 [ 11.885290] __kasan_kmalloc+0xb7/0xc0 [ 11.885471] __kmalloc_cache_noprof+0x189/0x420 [ 11.885661] kmalloc_oob_right+0xa9/0x7f0 [ 11.885840] kunit_try_run_case+0x1a5/0x480 [ 11.886032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.886251] kthread+0x337/0x6f0 [ 11.886384] ret_from_fork+0x116/0x1d0 [ 11.886567] ret_from_fork_asm+0x1a/0x30 [ 11.886776] [ 11.886868] The buggy address belongs to the object at ffff8881031db500 [ 11.886868] which belongs to the cache kmalloc-128 of size 128 [ 11.887363] The buggy address is located 5 bytes to the right of [ 11.887363] allocated 115-byte region [ffff8881031db500, ffff8881031db573) [ 11.887748] [ 11.887854] The buggy address belongs to the physical page: [ 11.888174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 11.888534] flags: 0x200000000000000(node=0|zone=2) [ 11.888728] page_type: f5(slab) [ 11.888846] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.889074] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.889525] page dumped because: kasan: bad access detected [ 11.889792] [ 11.889882] Memory state around the buggy address: [ 11.890110] ffff8881031db400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.890544] ffff8881031db480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.890790] >ffff8881031db500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.891178] ^ [ 11.891470] ffff8881031db580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.891713] ffff8881031db600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.892030] ================================================================== [ 11.845728] ================================================================== [ 11.846432] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.847136] Write of size 1 at addr ffff8881031db573 by task kunit_try_catch/153 [ 11.847604] [ 11.848724] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.849100] Tainted: [N]=TEST [ 11.849132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.849348] Call Trace: [ 11.849413] <TASK> [ 11.849555] dump_stack_lvl+0x73/0xb0 [ 11.849642] print_report+0xd1/0x650 [ 11.849671] ? __virt_addr_valid+0x1db/0x2d0 [ 11.849696] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.849746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.849769] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.849791] kasan_report+0x141/0x180 [ 11.849812] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.849838] __asan_report_store1_noabort+0x1b/0x30 [ 11.849863] kmalloc_oob_right+0x6f0/0x7f0 [ 11.849885] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.849907] ? __schedule+0x10cc/0x2b60 [ 11.849929] ? __pfx_read_tsc+0x10/0x10 [ 11.849951] ? ktime_get_ts64+0x86/0x230 [ 11.849977] kunit_try_run_case+0x1a5/0x480 [ 11.850003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.850044] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.850070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.850093] ? __kthread_parkme+0x82/0x180 [ 11.850115] ? preempt_count_sub+0x50/0x80 [ 11.850139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.850163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.850187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.850211] kthread+0x337/0x6f0 [ 11.850230] ? trace_preempt_on+0x20/0xc0 [ 11.850253] ? __pfx_kthread+0x10/0x10 [ 11.850273] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.850294] ? calculate_sigpending+0x7b/0xa0 [ 11.850321] ? __pfx_kthread+0x10/0x10 [ 11.850342] ret_from_fork+0x116/0x1d0 [ 11.850360] ? __pfx_kthread+0x10/0x10 [ 11.850380] ret_from_fork_asm+0x1a/0x30 [ 11.850437] </TASK> [ 11.850502] [ 11.859003] Allocated by task 153: [ 11.859530] kasan_save_stack+0x45/0x70 [ 11.859775] kasan_save_track+0x18/0x40 [ 11.860021] kasan_save_alloc_info+0x3b/0x50 [ 11.860219] __kasan_kmalloc+0xb7/0xc0 [ 11.860353] __kmalloc_cache_noprof+0x189/0x420 [ 11.860508] kmalloc_oob_right+0xa9/0x7f0 [ 11.860644] kunit_try_run_case+0x1a5/0x480 [ 11.861046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.861479] kthread+0x337/0x6f0 [ 11.861671] ret_from_fork+0x116/0x1d0 [ 11.861906] ret_from_fork_asm+0x1a/0x30 [ 11.862189] [ 11.862392] The buggy address belongs to the object at ffff8881031db500 [ 11.862392] which belongs to the cache kmalloc-128 of size 128 [ 11.862999] The buggy address is located 0 bytes to the right of [ 11.862999] allocated 115-byte region [ffff8881031db500, ffff8881031db573) [ 11.863609] [ 11.863901] The buggy address belongs to the physical page: [ 11.864523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 11.865293] flags: 0x200000000000000(node=0|zone=2) [ 11.866071] page_type: f5(slab) [ 11.866590] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.867015] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.867549] page dumped because: kasan: bad access detected [ 11.867960] [ 11.868095] Memory state around the buggy address: [ 11.868641] ffff8881031db400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.869125] ffff8881031db480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.869433] >ffff8881031db500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.869740] ^ [ 11.870061] ffff8881031db580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.870420] ffff8881031db600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.870770] ================================================================== [ 11.892632] ================================================================== [ 11.892939] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.893283] Read of size 1 at addr ffff8881031db580 by task kunit_try_catch/153 [ 11.893608] [ 11.893688] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.893740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.893751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.893769] Call Trace: [ 11.893781] <TASK> [ 11.893793] dump_stack_lvl+0x73/0xb0 [ 11.893818] print_report+0xd1/0x650 [ 11.893838] ? __virt_addr_valid+0x1db/0x2d0 [ 11.893862] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.893884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.893907] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.893928] kasan_report+0x141/0x180 [ 11.893949] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.893975] __asan_report_load1_noabort+0x18/0x20 [ 11.893999] kmalloc_oob_right+0x68a/0x7f0 [ 11.894020] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.894042] ? __schedule+0x10cc/0x2b60 [ 11.894064] ? __pfx_read_tsc+0x10/0x10 [ 11.894084] ? ktime_get_ts64+0x86/0x230 [ 11.894107] kunit_try_run_case+0x1a5/0x480 [ 11.894130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.894152] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.894175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.894497] ? __kthread_parkme+0x82/0x180 [ 11.894522] ? preempt_count_sub+0x50/0x80 [ 11.894545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.894569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.894593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.894617] kthread+0x337/0x6f0 [ 11.894635] ? trace_preempt_on+0x20/0xc0 [ 11.894723] ? __pfx_kthread+0x10/0x10 [ 11.894746] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.894767] ? calculate_sigpending+0x7b/0xa0 [ 11.894793] ? __pfx_kthread+0x10/0x10 [ 11.894814] ret_from_fork+0x116/0x1d0 [ 11.894832] ? __pfx_kthread+0x10/0x10 [ 11.894852] ret_from_fork_asm+0x1a/0x30 [ 11.894882] </TASK> [ 11.894892] [ 11.901809] Allocated by task 153: [ 11.901964] kasan_save_stack+0x45/0x70 [ 11.902143] kasan_save_track+0x18/0x40 [ 11.902279] kasan_save_alloc_info+0x3b/0x50 [ 11.902426] __kasan_kmalloc+0xb7/0xc0 [ 11.902557] __kmalloc_cache_noprof+0x189/0x420 [ 11.902722] kmalloc_oob_right+0xa9/0x7f0 [ 11.902873] kunit_try_run_case+0x1a5/0x480 [ 11.903078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.903326] kthread+0x337/0x6f0 [ 11.903490] ret_from_fork+0x116/0x1d0 [ 11.903676] ret_from_fork_asm+0x1a/0x30 [ 11.904048] [ 11.904135] The buggy address belongs to the object at ffff8881031db500 [ 11.904135] which belongs to the cache kmalloc-128 of size 128 [ 11.904493] The buggy address is located 13 bytes to the right of [ 11.904493] allocated 115-byte region [ffff8881031db500, ffff8881031db573) [ 11.904872] [ 11.904941] The buggy address belongs to the physical page: [ 11.905308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 11.905592] flags: 0x200000000000000(node=0|zone=2) [ 11.905825] page_type: f5(slab) [ 11.905988] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.906312] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.906616] page dumped because: kasan: bad access detected [ 11.906839] [ 11.906907] Memory state around the buggy address: [ 11.907075] ffff8881031db480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.907389] ffff8881031db500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.907679] >ffff8881031db580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.907988] ^ [ 11.908143] ffff8881031db600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.908401] ffff8881031db680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.908732] ==================================================================