Date
July 18, 2025, 11:11 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 15.033237] ================================================================== [ 15.033325] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 15.033399] Read of size 1 at addr fff00000c3f17880 by task kunit_try_catch/136 [ 15.033494] [ 15.033582] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.033726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.033817] Hardware name: linux,dummy-virt (DT) [ 15.033917] Call trace: [ 15.034007] show_stack+0x20/0x38 (C) [ 15.034156] dump_stack_lvl+0x8c/0xd0 [ 15.034231] print_report+0x118/0x5d0 [ 15.034277] kasan_report+0xdc/0x128 [ 15.034352] __asan_report_load1_noabort+0x20/0x30 [ 15.034403] kmalloc_oob_right+0x5d0/0x660 [ 15.034447] kunit_try_run_case+0x170/0x3f0 [ 15.034519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.034570] kthread+0x328/0x630 [ 15.034612] ret_from_fork+0x10/0x20 [ 15.034657] [ 15.034675] Allocated by task 136: [ 15.034702] kasan_save_stack+0x3c/0x68 [ 15.034740] kasan_save_track+0x20/0x40 [ 15.034776] kasan_save_alloc_info+0x40/0x58 [ 15.034815] __kasan_kmalloc+0xd4/0xd8 [ 15.034850] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.034887] kmalloc_oob_right+0xb0/0x660 [ 15.034921] kunit_try_run_case+0x170/0x3f0 [ 15.034957] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.034998] kthread+0x328/0x630 [ 15.035029] ret_from_fork+0x10/0x20 [ 15.035063] [ 15.035081] The buggy address belongs to the object at fff00000c3f17800 [ 15.035081] which belongs to the cache kmalloc-128 of size 128 [ 15.035135] The buggy address is located 13 bytes to the right of [ 15.035135] allocated 115-byte region [fff00000c3f17800, fff00000c3f17873) [ 15.035197] [ 15.035216] The buggy address belongs to the physical page: [ 15.035245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 15.035293] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.035347] page_type: f5(slab) [ 15.035383] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.035431] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.035540] page dumped because: kasan: bad access detected [ 15.035664] [ 15.035682] Memory state around the buggy address: [ 15.035752] fff00000c3f17780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035810] fff00000c3f17800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.035960] >fff00000c3f17880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035997] ^ [ 15.036024] fff00000c3f17900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.036065] fff00000c3f17980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.036102] ================================================================== [ 15.015603] ================================================================== [ 15.015929] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 15.016817] Write of size 1 at addr fff00000c3f17873 by task kunit_try_catch/136 [ 15.017199] [ 15.018392] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 15.018850] Tainted: [N]=TEST [ 15.019018] Hardware name: linux,dummy-virt (DT) [ 15.019494] Call trace: [ 15.019964] show_stack+0x20/0x38 (C) [ 15.020920] dump_stack_lvl+0x8c/0xd0 [ 15.021216] print_report+0x118/0x5d0 [ 15.021282] kasan_report+0xdc/0x128 [ 15.021339] __asan_report_store1_noabort+0x20/0x30 [ 15.021391] kmalloc_oob_right+0x5a4/0x660 [ 15.021437] kunit_try_run_case+0x170/0x3f0 [ 15.021488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.021540] kthread+0x328/0x630 [ 15.021760] ret_from_fork+0x10/0x20 [ 15.022870] [ 15.022914] Allocated by task 136: [ 15.023085] kasan_save_stack+0x3c/0x68 [ 15.023159] kasan_save_track+0x20/0x40 [ 15.023196] kasan_save_alloc_info+0x40/0x58 [ 15.023235] __kasan_kmalloc+0xd4/0xd8 [ 15.023271] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.023310] kmalloc_oob_right+0xb0/0x660 [ 15.023358] kunit_try_run_case+0x170/0x3f0 [ 15.023395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.023436] kthread+0x328/0x630 [ 15.023489] ret_from_fork+0x10/0x20 [ 15.023547] [ 15.023681] The buggy address belongs to the object at fff00000c3f17800 [ 15.023681] which belongs to the cache kmalloc-128 of size 128 [ 15.023885] The buggy address is located 0 bytes to the right of [ 15.023885] allocated 115-byte region [fff00000c3f17800, fff00000c3f17873) [ 15.024005] [ 15.024250] The buggy address belongs to the physical page: [ 15.024798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 15.025883] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.026574] page_type: f5(slab) [ 15.027232] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.027311] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.027480] page dumped because: kasan: bad access detected [ 15.027525] [ 15.027551] Memory state around the buggy address: [ 15.028131] fff00000c3f17700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.028201] fff00000c3f17780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.028255] >fff00000c3f17800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.028586] ^ [ 15.028985] fff00000c3f17880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.029029] fff00000c3f17900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.029135] ================================================================== [ 15.030370] ================================================================== [ 15.030412] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 15.030485] Write of size 1 at addr fff00000c3f17878 by task kunit_try_catch/136 [ 15.030657] [ 15.030729] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.030832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.030859] Hardware name: linux,dummy-virt (DT) [ 15.030926] Call trace: [ 15.030955] show_stack+0x20/0x38 (C) [ 15.031022] dump_stack_lvl+0x8c/0xd0 [ 15.031077] print_report+0x118/0x5d0 [ 15.031178] kasan_report+0xdc/0x128 [ 15.031242] __asan_report_store1_noabort+0x20/0x30 [ 15.031294] kmalloc_oob_right+0x538/0x660 [ 15.031350] kunit_try_run_case+0x170/0x3f0 [ 15.031399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.031450] kthread+0x328/0x630 [ 15.031515] ret_from_fork+0x10/0x20 [ 15.031562] [ 15.031579] Allocated by task 136: [ 15.031606] kasan_save_stack+0x3c/0x68 [ 15.031663] kasan_save_track+0x20/0x40 [ 15.031700] kasan_save_alloc_info+0x40/0x58 [ 15.031766] __kasan_kmalloc+0xd4/0xd8 [ 15.031842] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.031898] kmalloc_oob_right+0xb0/0x660 [ 15.031934] kunit_try_run_case+0x170/0x3f0 [ 15.032020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.032063] kthread+0x328/0x630 [ 15.032160] ret_from_fork+0x10/0x20 [ 15.032203] [ 15.032221] The buggy address belongs to the object at fff00000c3f17800 [ 15.032221] which belongs to the cache kmalloc-128 of size 128 [ 15.032283] The buggy address is located 5 bytes to the right of [ 15.032283] allocated 115-byte region [fff00000c3f17800, fff00000c3f17873) [ 15.032353] [ 15.032372] The buggy address belongs to the physical page: [ 15.032402] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 15.032452] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.032520] page_type: f5(slab) [ 15.032557] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.032605] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.032644] page dumped because: kasan: bad access detected [ 15.032673] [ 15.032690] Memory state around the buggy address: [ 15.032759] fff00000c3f17700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.032826] fff00000c3f17780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.032869] >fff00000c3f17800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.032906] ^ [ 15.032966] fff00000c3f17880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.033044] fff00000c3f17900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.033109] ==================================================================
[ 11.335711] ================================================================== [ 11.336720] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.337768] Write of size 1 at addr ffff8881029c3e73 by task kunit_try_catch/155 [ 11.338575] [ 11.339719] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.340072] Tainted: [N]=TEST [ 11.340106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.340330] Call Trace: [ 11.340399] <TASK> [ 11.340553] dump_stack_lvl+0x73/0xb0 [ 11.340643] print_report+0xd1/0x610 [ 11.340672] ? __virt_addr_valid+0x1db/0x2d0 [ 11.340696] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.340717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.340739] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.340760] kasan_report+0x141/0x180 [ 11.340781] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.340807] __asan_report_store1_noabort+0x1b/0x30 [ 11.340832] kmalloc_oob_right+0x6f0/0x7f0 [ 11.340854] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.340877] ? __schedule+0x10cc/0x2b60 [ 11.340900] ? __pfx_read_tsc+0x10/0x10 [ 11.340933] ? ktime_get_ts64+0x86/0x230 [ 11.340959] kunit_try_run_case+0x1a5/0x480 [ 11.340985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.341006] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.341031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.341054] ? __kthread_parkme+0x82/0x180 [ 11.341075] ? preempt_count_sub+0x50/0x80 [ 11.341099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.341122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.341145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.341168] kthread+0x337/0x6f0 [ 11.341188] ? trace_preempt_on+0x20/0xc0 [ 11.341212] ? __pfx_kthread+0x10/0x10 [ 11.341231] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.341252] ? calculate_sigpending+0x7b/0xa0 [ 11.341287] ? __pfx_kthread+0x10/0x10 [ 11.341308] ret_from_fork+0x116/0x1d0 [ 11.341326] ? __pfx_kthread+0x10/0x10 [ 11.341345] ret_from_fork_asm+0x1a/0x30 [ 11.341399] </TASK> [ 11.341477] [ 11.353219] Allocated by task 155: [ 11.353504] kasan_save_stack+0x45/0x70 [ 11.353907] kasan_save_track+0x18/0x40 [ 11.354335] kasan_save_alloc_info+0x3b/0x50 [ 11.354808] __kasan_kmalloc+0xb7/0xc0 [ 11.355199] __kmalloc_cache_noprof+0x189/0x420 [ 11.355661] kmalloc_oob_right+0xa9/0x7f0 [ 11.356154] kunit_try_run_case+0x1a5/0x480 [ 11.356661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.356862] kthread+0x337/0x6f0 [ 11.357229] ret_from_fork+0x116/0x1d0 [ 11.357666] ret_from_fork_asm+0x1a/0x30 [ 11.358021] [ 11.358323] The buggy address belongs to the object at ffff8881029c3e00 [ 11.358323] which belongs to the cache kmalloc-128 of size 128 [ 11.358950] The buggy address is located 0 bytes to the right of [ 11.358950] allocated 115-byte region [ffff8881029c3e00, ffff8881029c3e73) [ 11.359784] [ 11.359932] The buggy address belongs to the physical page: [ 11.360457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c3 [ 11.361665] flags: 0x200000000000000(node=0|zone=2) [ 11.362519] page_type: f5(slab) [ 11.363201] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.363981] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.364625] page dumped because: kasan: bad access detected [ 11.365127] [ 11.365401] Memory state around the buggy address: [ 11.366057] ffff8881029c3d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.366611] ffff8881029c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.367134] >ffff8881029c3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.367821] ^ [ 11.368330] ffff8881029c3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.368823] ffff8881029c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.369284] ================================================================== [ 11.401735] ================================================================== [ 11.402490] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.403133] Read of size 1 at addr ffff8881029c3e80 by task kunit_try_catch/155 [ 11.403529] [ 11.403728] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.403768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.403779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.403817] Call Trace: [ 11.403832] <TASK> [ 11.403845] dump_stack_lvl+0x73/0xb0 [ 11.403871] print_report+0xd1/0x610 [ 11.403903] ? __virt_addr_valid+0x1db/0x2d0 [ 11.403923] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.403944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.403965] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.403986] kasan_report+0x141/0x180 [ 11.404007] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.404033] __asan_report_load1_noabort+0x18/0x20 [ 11.404056] kmalloc_oob_right+0x68a/0x7f0 [ 11.404078] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.404100] ? __schedule+0x10cc/0x2b60 [ 11.404334] ? __pfx_read_tsc+0x10/0x10 [ 11.404353] ? ktime_get_ts64+0x86/0x230 [ 11.404378] kunit_try_run_case+0x1a5/0x480 [ 11.404410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.404432] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.404454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.404487] ? __kthread_parkme+0x82/0x180 [ 11.404506] ? preempt_count_sub+0x50/0x80 [ 11.404529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.404553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.404576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.404599] kthread+0x337/0x6f0 [ 11.404617] ? trace_preempt_on+0x20/0xc0 [ 11.404639] ? __pfx_kthread+0x10/0x10 [ 11.404658] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.404678] ? calculate_sigpending+0x7b/0xa0 [ 11.404701] ? __pfx_kthread+0x10/0x10 [ 11.404722] ret_from_fork+0x116/0x1d0 [ 11.404739] ? __pfx_kthread+0x10/0x10 [ 11.404758] ret_from_fork_asm+0x1a/0x30 [ 11.404788] </TASK> [ 11.404798] [ 11.414236] Allocated by task 155: [ 11.414484] kasan_save_stack+0x45/0x70 [ 11.414688] kasan_save_track+0x18/0x40 [ 11.414876] kasan_save_alloc_info+0x3b/0x50 [ 11.415094] __kasan_kmalloc+0xb7/0xc0 [ 11.415475] __kmalloc_cache_noprof+0x189/0x420 [ 11.415689] kmalloc_oob_right+0xa9/0x7f0 [ 11.415887] kunit_try_run_case+0x1a5/0x480 [ 11.416090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.416416] kthread+0x337/0x6f0 [ 11.416613] ret_from_fork+0x116/0x1d0 [ 11.416810] ret_from_fork_asm+0x1a/0x30 [ 11.416995] [ 11.417087] The buggy address belongs to the object at ffff8881029c3e00 [ 11.417087] which belongs to the cache kmalloc-128 of size 128 [ 11.417565] The buggy address is located 13 bytes to the right of [ 11.417565] allocated 115-byte region [ffff8881029c3e00, ffff8881029c3e73) [ 11.417940] [ 11.418017] The buggy address belongs to the physical page: [ 11.418272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c3 [ 11.418936] flags: 0x200000000000000(node=0|zone=2) [ 11.419169] page_type: f5(slab) [ 11.419413] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.419766] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.420156] page dumped because: kasan: bad access detected [ 11.420349] [ 11.420418] Memory state around the buggy address: [ 11.420587] ffff8881029c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.420888] ffff8881029c3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.421405] >ffff8881029c3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.421730] ^ [ 11.421874] ffff8881029c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.422345] ffff8881029c3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.422848] ================================================================== [ 11.370925] ================================================================== [ 11.371687] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.372168] Write of size 1 at addr ffff8881029c3e78 by task kunit_try_catch/155 [ 11.372769] [ 11.372870] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.372911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.372931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.372951] Call Trace: [ 11.372962] <TASK> [ 11.372976] dump_stack_lvl+0x73/0xb0 [ 11.373002] print_report+0xd1/0x610 [ 11.373022] ? __virt_addr_valid+0x1db/0x2d0 [ 11.373044] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.373064] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.373086] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.373107] kasan_report+0x141/0x180 [ 11.373128] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.373154] __asan_report_store1_noabort+0x1b/0x30 [ 11.373178] kmalloc_oob_right+0x6bd/0x7f0 [ 11.373200] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.373221] ? __schedule+0x10cc/0x2b60 [ 11.373242] ? __pfx_read_tsc+0x10/0x10 [ 11.373261] ? ktime_get_ts64+0x86/0x230 [ 11.373294] kunit_try_run_case+0x1a5/0x480 [ 11.373317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.373338] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.373360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.373383] ? __kthread_parkme+0x82/0x180 [ 11.373401] ? preempt_count_sub+0x50/0x80 [ 11.373424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.373461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.373491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.373514] kthread+0x337/0x6f0 [ 11.373543] ? trace_preempt_on+0x20/0xc0 [ 11.373566] ? __pfx_kthread+0x10/0x10 [ 11.373596] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.373746] ? calculate_sigpending+0x7b/0xa0 [ 11.373780] ? __pfx_kthread+0x10/0x10 [ 11.373800] ret_from_fork+0x116/0x1d0 [ 11.373817] ? __pfx_kthread+0x10/0x10 [ 11.373836] ret_from_fork_asm+0x1a/0x30 [ 11.373866] </TASK> [ 11.373876] [ 11.387029] Allocated by task 155: [ 11.387190] kasan_save_stack+0x45/0x70 [ 11.387590] kasan_save_track+0x18/0x40 [ 11.388073] kasan_save_alloc_info+0x3b/0x50 [ 11.388490] __kasan_kmalloc+0xb7/0xc0 [ 11.388839] __kmalloc_cache_noprof+0x189/0x420 [ 11.389309] kmalloc_oob_right+0xa9/0x7f0 [ 11.389651] kunit_try_run_case+0x1a5/0x480 [ 11.389824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.390237] kthread+0x337/0x6f0 [ 11.390666] ret_from_fork+0x116/0x1d0 [ 11.390945] ret_from_fork_asm+0x1a/0x30 [ 11.391392] [ 11.391608] The buggy address belongs to the object at ffff8881029c3e00 [ 11.391608] which belongs to the cache kmalloc-128 of size 128 [ 11.392491] The buggy address is located 5 bytes to the right of [ 11.392491] allocated 115-byte region [ffff8881029c3e00, ffff8881029c3e73) [ 11.393039] [ 11.393113] The buggy address belongs to the physical page: [ 11.393294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c3 [ 11.394340] flags: 0x200000000000000(node=0|zone=2) [ 11.394893] page_type: f5(slab) [ 11.395195] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.396041] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.396830] page dumped because: kasan: bad access detected [ 11.397010] [ 11.397081] Memory state around the buggy address: [ 11.397348] ffff8881029c3d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.398068] ffff8881029c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.398725] >ffff8881029c3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.399538] ^ [ 11.400167] ffff8881029c3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.400452] ffff8881029c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.400856] ==================================================================