Date
July 17, 2025, 11:10 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 15.003855] ================================================================== [ 15.003902] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 15.003948] Read of size 1 at addr fff00000c122af80 by task kunit_try_catch/137 [ 15.004011] [ 15.004040] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.004117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.004144] Hardware name: linux,dummy-virt (DT) [ 15.004173] Call trace: [ 15.004192] show_stack+0x20/0x38 (C) [ 15.004237] dump_stack_lvl+0x8c/0xd0 [ 15.004283] print_report+0x118/0x5d0 [ 15.004327] kasan_report+0xdc/0x128 [ 15.004371] __asan_report_load1_noabort+0x20/0x30 [ 15.004420] kmalloc_oob_right+0x5d0/0x660 [ 15.004463] kunit_try_run_case+0x170/0x3f0 [ 15.004858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.005287] kthread+0x328/0x630 [ 15.005370] ret_from_fork+0x10/0x20 [ 15.005418] [ 15.005436] Allocated by task 137: [ 15.005462] kasan_save_stack+0x3c/0x68 [ 15.005628] kasan_save_track+0x20/0x40 [ 15.005669] kasan_save_alloc_info+0x40/0x58 [ 15.005820] __kasan_kmalloc+0xd4/0xd8 [ 15.006013] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.006160] kmalloc_oob_right+0xb0/0x660 [ 15.006197] kunit_try_run_case+0x170/0x3f0 [ 15.006233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.006274] kthread+0x328/0x630 [ 15.006305] ret_from_fork+0x10/0x20 [ 15.006339] [ 15.006590] The buggy address belongs to the object at fff00000c122af00 [ 15.006590] which belongs to the cache kmalloc-128 of size 128 [ 15.006835] The buggy address is located 13 bytes to the right of [ 15.006835] allocated 115-byte region [fff00000c122af00, fff00000c122af73) [ 15.007043] [ 15.007094] The buggy address belongs to the physical page: [ 15.007127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10122a [ 15.007180] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.007255] page_type: f5(slab) [ 15.007292] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.007418] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.007574] page dumped because: kasan: bad access detected [ 15.007607] [ 15.007638] Memory state around the buggy address: [ 15.007680] fff00000c122ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.007722] fff00000c122af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.007763] >fff00000c122af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.007799] ^ [ 15.007831] fff00000c122b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.008213] fff00000c122b080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 15.008343] ================================================================== [ 14.997748] ================================================================== [ 14.997806] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 14.997891] Write of size 1 at addr fff00000c122af78 by task kunit_try_catch/137 [ 14.998007] [ 14.998111] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.998191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.998216] Hardware name: linux,dummy-virt (DT) [ 14.998251] Call trace: [ 14.998352] show_stack+0x20/0x38 (C) [ 14.998595] dump_stack_lvl+0x8c/0xd0 [ 14.998697] print_report+0x118/0x5d0 [ 14.998748] kasan_report+0xdc/0x128 [ 14.998863] __asan_report_store1_noabort+0x20/0x30 [ 14.999277] kmalloc_oob_right+0x538/0x660 [ 14.999646] kunit_try_run_case+0x170/0x3f0 [ 14.999710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.999763] kthread+0x328/0x630 [ 14.999803] ret_from_fork+0x10/0x20 [ 14.999848] [ 14.999866] Allocated by task 137: [ 14.999902] kasan_save_stack+0x3c/0x68 [ 14.999942] kasan_save_track+0x20/0x40 [ 15.000133] kasan_save_alloc_info+0x40/0x58 [ 15.000272] __kasan_kmalloc+0xd4/0xd8 [ 15.000437] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.000649] kmalloc_oob_right+0xb0/0x660 [ 15.000716] kunit_try_run_case+0x170/0x3f0 [ 15.000915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.001188] kthread+0x328/0x630 [ 15.001291] ret_from_fork+0x10/0x20 [ 15.001394] [ 15.001436] The buggy address belongs to the object at fff00000c122af00 [ 15.001436] which belongs to the cache kmalloc-128 of size 128 [ 15.001501] The buggy address is located 5 bytes to the right of [ 15.001501] allocated 115-byte region [fff00000c122af00, fff00000c122af73) [ 15.001564] [ 15.001582] The buggy address belongs to the physical page: [ 15.001613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10122a [ 15.001685] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.001766] page_type: f5(slab) [ 15.001802] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.001852] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.001891] page dumped because: kasan: bad access detected [ 15.001921] [ 15.001939] Memory state around the buggy address: [ 15.001968] fff00000c122ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.002263] fff00000c122ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.002321] >fff00000c122af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.002358] ^ [ 15.002404] fff00000c122af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.002465] fff00000c122b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.002504] ================================================================== [ 14.978526] ================================================================== [ 14.978883] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 14.979711] Write of size 1 at addr fff00000c122af73 by task kunit_try_catch/137 [ 14.980103] [ 14.982662] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 14.982954] Tainted: [N]=TEST [ 14.983072] Hardware name: linux,dummy-virt (DT) [ 14.983605] Call trace: [ 14.984370] show_stack+0x20/0x38 (C) [ 14.985043] dump_stack_lvl+0x8c/0xd0 [ 14.985171] print_report+0x118/0x5d0 [ 14.985329] kasan_report+0xdc/0x128 [ 14.985422] __asan_report_store1_noabort+0x20/0x30 [ 14.985476] kmalloc_oob_right+0x5a4/0x660 [ 14.985555] kunit_try_run_case+0x170/0x3f0 [ 14.985606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.985698] kthread+0x328/0x630 [ 14.986116] ret_from_fork+0x10/0x20 [ 14.986682] [ 14.987025] Allocated by task 137: [ 14.987410] kasan_save_stack+0x3c/0x68 [ 14.987597] kasan_save_track+0x20/0x40 [ 14.987635] kasan_save_alloc_info+0x40/0x58 [ 14.987950] __kasan_kmalloc+0xd4/0xd8 [ 14.988009] __kmalloc_cache_noprof+0x16c/0x3c0 [ 14.988050] kmalloc_oob_right+0xb0/0x660 [ 14.988188] kunit_try_run_case+0x170/0x3f0 [ 14.988369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.988543] kthread+0x328/0x630 [ 14.988574] ret_from_fork+0x10/0x20 [ 14.989101] [ 14.989171] The buggy address belongs to the object at fff00000c122af00 [ 14.989171] which belongs to the cache kmalloc-128 of size 128 [ 14.989551] The buggy address is located 0 bytes to the right of [ 14.989551] allocated 115-byte region [fff00000c122af00, fff00000c122af73) [ 14.989629] [ 14.989929] The buggy address belongs to the physical page: [ 14.990551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10122a [ 14.991316] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.992609] page_type: f5(slab) [ 14.993291] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.993614] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.993843] page dumped because: kasan: bad access detected [ 14.993885] [ 14.993911] Memory state around the buggy address: [ 14.994625] fff00000c122ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.995084] fff00000c122ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.995164] >fff00000c122af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.995293] ^ [ 14.995672] fff00000c122af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.995719] fff00000c122b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.995793] ==================================================================
[ 12.322795] ================================================================== [ 12.323109] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.323569] Write of size 1 at addr ffff8881025bdd78 by task kunit_try_catch/153 [ 12.323951] [ 12.324048] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.324090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.324103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.324123] Call Trace: [ 12.324138] <TASK> [ 12.324154] dump_stack_lvl+0x73/0xb0 [ 12.324181] print_report+0xd1/0x610 [ 12.324203] ? __virt_addr_valid+0x1db/0x2d0 [ 12.324225] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.324247] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.324270] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.324291] kasan_report+0x141/0x180 [ 12.324313] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.324339] __asan_report_store1_noabort+0x1b/0x30 [ 12.324364] kmalloc_oob_right+0x6bd/0x7f0 [ 12.324386] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.324419] ? __schedule+0x10cc/0x2b60 [ 12.324441] ? __pfx_read_tsc+0x10/0x10 [ 12.324462] ? ktime_get_ts64+0x86/0x230 [ 12.324487] kunit_try_run_case+0x1a5/0x480 [ 12.324510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.324533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.324566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.324590] ? __kthread_parkme+0x82/0x180 [ 12.324609] ? preempt_count_sub+0x50/0x80 [ 12.324633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.324658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.324702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.324737] kthread+0x337/0x6f0 [ 12.324756] ? trace_preempt_on+0x20/0xc0 [ 12.324779] ? __pfx_kthread+0x10/0x10 [ 12.324800] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.324821] ? calculate_sigpending+0x7b/0xa0 [ 12.324855] ? __pfx_kthread+0x10/0x10 [ 12.324876] ret_from_fork+0x116/0x1d0 [ 12.324894] ? __pfx_kthread+0x10/0x10 [ 12.324914] ret_from_fork_asm+0x1a/0x30 [ 12.324945] </TASK> [ 12.324954] [ 12.332020] Allocated by task 153: [ 12.332207] kasan_save_stack+0x45/0x70 [ 12.332504] kasan_save_track+0x18/0x40 [ 12.332655] kasan_save_alloc_info+0x3b/0x50 [ 12.332805] __kasan_kmalloc+0xb7/0xc0 [ 12.332936] __kmalloc_cache_noprof+0x189/0x420 [ 12.333094] kmalloc_oob_right+0xa9/0x7f0 [ 12.333318] kunit_try_run_case+0x1a5/0x480 [ 12.333671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.333925] kthread+0x337/0x6f0 [ 12.334214] ret_from_fork+0x116/0x1d0 [ 12.334598] ret_from_fork_asm+0x1a/0x30 [ 12.334777] [ 12.334853] The buggy address belongs to the object at ffff8881025bdd00 [ 12.334853] which belongs to the cache kmalloc-128 of size 128 [ 12.335339] The buggy address is located 5 bytes to the right of [ 12.335339] allocated 115-byte region [ffff8881025bdd00, ffff8881025bdd73) [ 12.336044] [ 12.336116] The buggy address belongs to the physical page: [ 12.336289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025bd [ 12.336649] flags: 0x200000000000000(node=0|zone=2) [ 12.336935] page_type: f5(slab) [ 12.337124] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.337456] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.337734] page dumped because: kasan: bad access detected [ 12.338000] [ 12.338177] Memory state around the buggy address: [ 12.338400] ffff8881025bdc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.338659] ffff8881025bdc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.338875] >ffff8881025bdd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.339086] ^ [ 12.339295] ffff8881025bdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.339748] ffff8881025bde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.340066] ================================================================== [ 12.340590] ================================================================== [ 12.341195] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.341533] Read of size 1 at addr ffff8881025bdd80 by task kunit_try_catch/153 [ 12.341817] [ 12.341924] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.341964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.341974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.341995] Call Trace: [ 12.342009] <TASK> [ 12.342023] dump_stack_lvl+0x73/0xb0 [ 12.342050] print_report+0xd1/0x610 [ 12.342072] ? __virt_addr_valid+0x1db/0x2d0 [ 12.342094] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.342115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.342138] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.342160] kasan_report+0x141/0x180 [ 12.342182] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.342208] __asan_report_load1_noabort+0x18/0x20 [ 12.342233] kmalloc_oob_right+0x68a/0x7f0 [ 12.342255] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.342277] ? __schedule+0x10cc/0x2b60 [ 12.342299] ? __pfx_read_tsc+0x10/0x10 [ 12.342320] ? ktime_get_ts64+0x86/0x230 [ 12.342344] kunit_try_run_case+0x1a5/0x480 [ 12.342369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.342393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.342417] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.342443] ? __kthread_parkme+0x82/0x180 [ 12.342464] ? preempt_count_sub+0x50/0x80 [ 12.342488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.342513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.342537] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.342574] kthread+0x337/0x6f0 [ 12.342592] ? trace_preempt_on+0x20/0xc0 [ 12.342617] ? __pfx_kthread+0x10/0x10 [ 12.342637] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.342659] ? calculate_sigpending+0x7b/0xa0 [ 12.342683] ? __pfx_kthread+0x10/0x10 [ 12.342705] ret_from_fork+0x116/0x1d0 [ 12.342723] ? __pfx_kthread+0x10/0x10 [ 12.342743] ret_from_fork_asm+0x1a/0x30 [ 12.342774] </TASK> [ 12.342782] [ 12.350045] Allocated by task 153: [ 12.350176] kasan_save_stack+0x45/0x70 [ 12.350317] kasan_save_track+0x18/0x40 [ 12.350622] kasan_save_alloc_info+0x3b/0x50 [ 12.350835] __kasan_kmalloc+0xb7/0xc0 [ 12.351023] __kmalloc_cache_noprof+0x189/0x420 [ 12.351265] kmalloc_oob_right+0xa9/0x7f0 [ 12.351674] kunit_try_run_case+0x1a5/0x480 [ 12.351885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.352140] kthread+0x337/0x6f0 [ 12.352362] ret_from_fork+0x116/0x1d0 [ 12.352570] ret_from_fork_asm+0x1a/0x30 [ 12.352737] [ 12.352832] The buggy address belongs to the object at ffff8881025bdd00 [ 12.352832] which belongs to the cache kmalloc-128 of size 128 [ 12.353540] The buggy address is located 13 bytes to the right of [ 12.353540] allocated 115-byte region [ffff8881025bdd00, ffff8881025bdd73) [ 12.354185] [ 12.354256] The buggy address belongs to the physical page: [ 12.354429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025bd [ 12.354679] flags: 0x200000000000000(node=0|zone=2) [ 12.354839] page_type: f5(slab) [ 12.354958] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.355374] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.355882] page dumped because: kasan: bad access detected [ 12.356272] [ 12.356342] Memory state around the buggy address: [ 12.356493] ffff8881025bdc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.356717] ffff8881025bdd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.356933] >ffff8881025bdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.357144] ^ [ 12.357259] ffff8881025bde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.357474] ffff8881025bde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.358010] ================================================================== [ 12.298412] ================================================================== [ 12.299048] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.299758] Write of size 1 at addr ffff8881025bdd73 by task kunit_try_catch/153 [ 12.300144] [ 12.301159] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.301536] Tainted: [N]=TEST [ 12.301582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.301802] Call Trace: [ 12.301870] <TASK> [ 12.302017] dump_stack_lvl+0x73/0xb0 [ 12.302105] print_report+0xd1/0x610 [ 12.302134] ? __virt_addr_valid+0x1db/0x2d0 [ 12.302160] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.302181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.302204] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.302226] kasan_report+0x141/0x180 [ 12.302257] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.302284] __asan_report_store1_noabort+0x1b/0x30 [ 12.302310] kmalloc_oob_right+0x6f0/0x7f0 [ 12.302332] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.302355] ? __schedule+0x10cc/0x2b60 [ 12.302412] ? __pfx_read_tsc+0x10/0x10 [ 12.302459] ? ktime_get_ts64+0x86/0x230 [ 12.302486] kunit_try_run_case+0x1a5/0x480 [ 12.302513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.302536] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.302572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.302596] ? __kthread_parkme+0x82/0x180 [ 12.302617] ? preempt_count_sub+0x50/0x80 [ 12.302642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.302667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.302691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.302716] kthread+0x337/0x6f0 [ 12.302735] ? trace_preempt_on+0x20/0xc0 [ 12.302760] ? __pfx_kthread+0x10/0x10 [ 12.302780] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.302802] ? calculate_sigpending+0x7b/0xa0 [ 12.302827] ? __pfx_kthread+0x10/0x10 [ 12.302849] ret_from_fork+0x116/0x1d0 [ 12.302868] ? __pfx_kthread+0x10/0x10 [ 12.302889] ret_from_fork_asm+0x1a/0x30 [ 12.302945] </TASK> [ 12.303015] [ 12.310235] Allocated by task 153: [ 12.310509] kasan_save_stack+0x45/0x70 [ 12.311287] kasan_save_track+0x18/0x40 [ 12.311479] kasan_save_alloc_info+0x3b/0x50 [ 12.311700] __kasan_kmalloc+0xb7/0xc0 [ 12.312047] __kmalloc_cache_noprof+0x189/0x420 [ 12.312250] kmalloc_oob_right+0xa9/0x7f0 [ 12.312494] kunit_try_run_case+0x1a5/0x480 [ 12.312692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.312956] kthread+0x337/0x6f0 [ 12.313079] ret_from_fork+0x116/0x1d0 [ 12.313213] ret_from_fork_asm+0x1a/0x30 [ 12.313531] [ 12.313702] The buggy address belongs to the object at ffff8881025bdd00 [ 12.313702] which belongs to the cache kmalloc-128 of size 128 [ 12.314341] The buggy address is located 0 bytes to the right of [ 12.314341] allocated 115-byte region [ffff8881025bdd00, ffff8881025bdd73) [ 12.314896] [ 12.315066] The buggy address belongs to the physical page: [ 12.315623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025bd [ 12.316266] flags: 0x200000000000000(node=0|zone=2) [ 12.316928] page_type: f5(slab) [ 12.317408] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.317771] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.318184] page dumped because: kasan: bad access detected [ 12.318600] [ 12.318691] Memory state around the buggy address: [ 12.319124] ffff8881025bdc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.319472] ffff8881025bdc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.320381] >ffff8881025bdd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.320858] ^ [ 12.321191] ffff8881025bdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.321467] ffff8881025bde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.321771] ==================================================================