Date
Dec. 4, 2024, 3:07 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 34.349559] ================================================================== [ 34.351261] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 34.351953] Read of size 1 at addr fff00000c664e2bb by task kunit_try_catch/213 [ 34.352571] [ 34.353111] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 34.354863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.355651] Hardware name: linux,dummy-virt (DT) [ 34.356503] Call trace: [ 34.358137] show_stack+0x20/0x38 (C) [ 34.359675] dump_stack_lvl+0x8c/0xd0 [ 34.360694] print_report+0x118/0x5e0 [ 34.362032] kasan_report+0xc8/0x118 [ 34.363066] __asan_report_load1_noabort+0x20/0x30 [ 34.364116] mempool_oob_right_helper+0x2ac/0x2f0 [ 34.364869] mempool_slab_oob_right+0xb8/0x110 [ 34.365486] kunit_try_run_case+0x14c/0x3d0 [ 34.366529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.367528] kthread+0x24c/0x2d0 [ 34.368503] ret_from_fork+0x10/0x20 [ 34.369156] [ 34.369547] Allocated by task 213: [ 34.370236] kasan_save_stack+0x3c/0x68 [ 34.371160] kasan_save_track+0x20/0x40 [ 34.371573] kasan_save_alloc_info+0x40/0x58 [ 34.372538] __kasan_mempool_unpoison_object+0xbc/0x180 [ 34.373646] remove_element+0x16c/0x1f8 [ 34.375038] mempool_alloc_preallocated+0x58/0xc0 [ 34.376272] mempool_oob_right_helper+0x98/0x2f0 [ 34.377056] mempool_slab_oob_right+0xb8/0x110 [ 34.377663] kunit_try_run_case+0x14c/0x3d0 [ 34.378978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.379854] kthread+0x24c/0x2d0 [ 34.380753] ret_from_fork+0x10/0x20 [ 34.381280] [ 34.381570] The buggy address belongs to the object at fff00000c664e240 [ 34.381570] which belongs to the cache test_cache of size 123 [ 34.383490] The buggy address is located 0 bytes to the right of [ 34.383490] allocated 123-byte region [fff00000c664e240, fff00000c664e2bb) [ 34.385127] [ 34.385457] The buggy address belongs to the physical page: [ 34.387258] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10664e [ 34.388210] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.388956] page_type: f5(slab) [ 34.389477] raw: 0bfffe0000000000 fff00000c6651000 dead000000000122 0000000000000000 [ 34.391191] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 34.392257] page dumped because: kasan: bad access detected [ 34.392603] [ 34.392888] Memory state around the buggy address: [ 34.393481] fff00000c664e180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 34.395826] fff00000c664e200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 34.396469] >fff00000c664e280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 34.397096] ^ [ 34.397596] fff00000c664e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.398714] fff00000c664e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.400377] ================================================================== [ 34.249312] ================================================================== [ 34.250669] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 34.251395] Read of size 1 at addr fff00000c66e1373 by task kunit_try_catch/209 [ 34.252514] [ 34.252873] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 34.253984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.254648] Hardware name: linux,dummy-virt (DT) [ 34.255262] Call trace: [ 34.255765] show_stack+0x20/0x38 (C) [ 34.256380] dump_stack_lvl+0x8c/0xd0 [ 34.256903] print_report+0x118/0x5e0 [ 34.257548] kasan_report+0xc8/0x118 [ 34.258119] __asan_report_load1_noabort+0x20/0x30 [ 34.258923] mempool_oob_right_helper+0x2ac/0x2f0 [ 34.259730] mempool_kmalloc_oob_right+0xbc/0x118 [ 34.260346] kunit_try_run_case+0x14c/0x3d0 [ 34.261053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.261809] kthread+0x24c/0x2d0 [ 34.262363] ret_from_fork+0x10/0x20 [ 34.263068] [ 34.263374] Allocated by task 209: [ 34.263918] kasan_save_stack+0x3c/0x68 [ 34.264601] kasan_save_track+0x20/0x40 [ 34.265117] kasan_save_alloc_info+0x40/0x58 [ 34.265758] __kasan_mempool_unpoison_object+0x11c/0x180 [ 34.266222] remove_element+0x130/0x1f8 [ 34.266595] mempool_alloc_preallocated+0x58/0xc0 [ 34.267062] mempool_oob_right_helper+0x98/0x2f0 [ 34.267476] mempool_kmalloc_oob_right+0xbc/0x118 [ 34.267989] kunit_try_run_case+0x14c/0x3d0 [ 34.268462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.269437] kthread+0x24c/0x2d0 [ 34.270046] ret_from_fork+0x10/0x20 [ 34.270644] [ 34.270984] The buggy address belongs to the object at fff00000c66e1300 [ 34.270984] which belongs to the cache kmalloc-128 of size 128 [ 34.272257] The buggy address is located 0 bytes to the right of [ 34.272257] allocated 115-byte region [fff00000c66e1300, fff00000c66e1373) [ 34.273912] [ 34.274263] The buggy address belongs to the physical page: [ 34.274883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066e1 [ 34.275954] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.276672] page_type: f5(slab) [ 34.277239] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 34.278347] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 34.279126] page dumped because: kasan: bad access detected [ 34.279959] [ 34.280297] Memory state around the buggy address: [ 34.281036] fff00000c66e1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 34.281947] fff00000c66e1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.282770] >fff00000c66e1300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 34.283736] ^ [ 34.284395] fff00000c66e1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.285335] fff00000c66e1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 34.286258] ================================================================== [ 34.299973] ================================================================== [ 34.301215] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 34.302399] Read of size 1 at addr fff00000c6856001 by task kunit_try_catch/211 [ 34.303357] [ 34.303720] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 34.305719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.306614] Hardware name: linux,dummy-virt (DT) [ 34.307298] Call trace: [ 34.307719] show_stack+0x20/0x38 (C) [ 34.308524] dump_stack_lvl+0x8c/0xd0 [ 34.309224] print_report+0x118/0x5e0 [ 34.310167] kasan_report+0xc8/0x118 [ 34.310733] __asan_report_load1_noabort+0x20/0x30 [ 34.311604] mempool_oob_right_helper+0x2ac/0x2f0 [ 34.312348] mempool_kmalloc_large_oob_right+0xbc/0x118 [ 34.313386] kunit_try_run_case+0x14c/0x3d0 [ 34.314794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.315549] kthread+0x24c/0x2d0 [ 34.316211] ret_from_fork+0x10/0x20 [ 34.316898] [ 34.317258] The buggy address belongs to the physical page: [ 34.318344] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106854 [ 34.319470] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 34.320379] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 34.321512] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 34.322517] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 34.324260] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 34.325918] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 34.326996] head: 0bfffe0000000002 ffffc1ffc31a1501 ffffffffffffffff 0000000000000000 [ 34.328034] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 34.328917] page dumped because: kasan: bad access detected [ 34.329567] [ 34.329920] Memory state around the buggy address: [ 34.330658] fff00000c6855f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.331416] fff00000c6855f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.332395] >fff00000c6856000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 34.333286] ^ [ 34.333959] fff00000c6856080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 34.334802] fff00000c6856100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 34.335740] ==================================================================
[ 25.039509] ================================================================== [ 25.041162] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 25.041935] Read of size 1 at addr ffff888102b3e001 by task kunit_try_catch/231 [ 25.043313] [ 25.043542] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.045502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.046265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.047045] Call Trace: [ 25.047445] <TASK> [ 25.047886] dump_stack_lvl+0x73/0xb0 [ 25.048919] print_report+0xd1/0x640 [ 25.049837] ? __virt_addr_valid+0x1db/0x2d0 [ 25.050489] ? kasan_addr_to_slab+0x11/0xa0 [ 25.050879] kasan_report+0x102/0x140 [ 25.051634] ? mempool_oob_right_helper+0x31a/0x380 [ 25.052246] ? mempool_oob_right_helper+0x31a/0x380 [ 25.053181] __asan_report_load1_noabort+0x18/0x20 [ 25.053779] mempool_oob_right_helper+0x31a/0x380 [ 25.054541] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 25.055018] ? finish_task_switch.isra.0+0x153/0x700 [ 25.055975] mempool_kmalloc_large_oob_right+0xb6/0x100 [ 25.056984] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 25.058116] ? __switch_to+0x5d9/0xf60 [ 25.058987] ? __pfx_mempool_kmalloc+0x10/0x10 [ 25.059513] ? __pfx_mempool_kfree+0x10/0x10 [ 25.060293] ? __pfx_read_tsc+0x10/0x10 [ 25.061256] ? ktime_get_ts64+0x86/0x230 [ 25.061735] kunit_try_run_case+0x1b3/0x490 [ 25.062532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.063109] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.063797] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.065154] ? __kthread_parkme+0x82/0x160 [ 25.065775] ? preempt_count_sub+0x50/0x80 [ 25.066151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.066721] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.067547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.068035] kthread+0x257/0x310 [ 25.068922] ? __pfx_kthread+0x10/0x10 [ 25.069252] ret_from_fork+0x41/0x80 [ 25.069775] ? __pfx_kthread+0x10/0x10 [ 25.070268] ret_from_fork_asm+0x1a/0x30 [ 25.070880] </TASK> [ 25.071209] [ 25.071558] The buggy address belongs to the physical page: [ 25.072039] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3c [ 25.072867] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.073879] flags: 0x200000000000040(head|node=0|zone=2) [ 25.074982] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.075717] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.076323] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.077303] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.078132] head: 0200000000000002 ffffea00040acf01 ffffffffffffffff 0000000000000000 [ 25.079484] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.080691] page dumped because: kasan: bad access detected [ 25.081172] [ 25.081406] Memory state around the buggy address: [ 25.082067] ffff888102b3df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.083333] ffff888102b3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.084542] >ffff888102b3e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.085624] ^ [ 25.086943] ffff888102b3e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.088145] ffff888102b3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.089879] ================================================================== [ 25.098685] ================================================================== [ 25.100595] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 25.101510] Read of size 1 at addr ffff888101af92bb by task kunit_try_catch/233 [ 25.103051] [ 25.103288] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.104510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.104945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.105645] Call Trace: [ 25.105994] <TASK> [ 25.106663] dump_stack_lvl+0x73/0xb0 [ 25.107413] print_report+0xd1/0x640 [ 25.108221] ? __virt_addr_valid+0x1db/0x2d0 [ 25.109132] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.109473] kasan_report+0x102/0x140 [ 25.110601] ? mempool_oob_right_helper+0x31a/0x380 [ 25.111617] ? mempool_oob_right_helper+0x31a/0x380 [ 25.112393] __asan_report_load1_noabort+0x18/0x20 [ 25.113168] mempool_oob_right_helper+0x31a/0x380 [ 25.114259] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 25.115597] ? finish_task_switch.isra.0+0x153/0x700 [ 25.116122] mempool_slab_oob_right+0xb1/0x100 [ 25.117015] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 25.117753] ? __switch_to+0x5d9/0xf60 [ 25.118295] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 25.119072] ? __pfx_mempool_free_slab+0x10/0x10 [ 25.120027] ? __pfx_read_tsc+0x10/0x10 [ 25.120570] ? ktime_get_ts64+0x86/0x230 [ 25.120951] kunit_try_run_case+0x1b3/0x490 [ 25.121922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.122830] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.123278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.124584] ? __kthread_parkme+0x82/0x160 [ 25.125025] ? preempt_count_sub+0x50/0x80 [ 25.125845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.126644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.127482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.128315] kthread+0x257/0x310 [ 25.129190] ? __pfx_kthread+0x10/0x10 [ 25.129983] ret_from_fork+0x41/0x80 [ 25.130483] ? __pfx_kthread+0x10/0x10 [ 25.131671] ret_from_fork_asm+0x1a/0x30 [ 25.132311] </TASK> [ 25.132766] [ 25.133464] Allocated by task 233: [ 25.134022] kasan_save_stack+0x3d/0x60 [ 25.134769] kasan_save_track+0x18/0x40 [ 25.135139] kasan_save_alloc_info+0x3b/0x50 [ 25.136162] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 25.136829] remove_element+0x11e/0x190 [ 25.137704] mempool_alloc_preallocated+0x4d/0x90 [ 25.138831] mempool_oob_right_helper+0x8b/0x380 [ 25.139739] mempool_slab_oob_right+0xb1/0x100 [ 25.140191] kunit_try_run_case+0x1b3/0x490 [ 25.140555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.142396] kthread+0x257/0x310 [ 25.143010] ret_from_fork+0x41/0x80 [ 25.143428] ret_from_fork_asm+0x1a/0x30 [ 25.144318] [ 25.144750] The buggy address belongs to the object at ffff888101af9240 [ 25.144750] which belongs to the cache test_cache of size 123 [ 25.146575] The buggy address is located 0 bytes to the right of [ 25.146575] allocated 123-byte region [ffff888101af9240, ffff888101af92bb) [ 25.148255] [ 25.148654] The buggy address belongs to the physical page: [ 25.149688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101af9 [ 25.150583] flags: 0x200000000000000(node=0|zone=2) [ 25.151430] page_type: f5(slab) [ 25.151775] raw: 0200000000000000 ffff888101a9c780 dead000000000122 0000000000000000 [ 25.152506] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 25.153210] page dumped because: kasan: bad access detected [ 25.154844] [ 25.155081] Memory state around the buggy address: [ 25.156168] ffff888101af9180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.157517] ffff888101af9200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 25.158478] >ffff888101af9280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 25.159205] ^ [ 25.159680] ffff888101af9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.160584] ffff888101af9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.161371] ================================================================== [ 24.983894] ================================================================== [ 24.984928] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 24.986382] Read of size 1 at addr ffff888101af5a73 by task kunit_try_catch/229 [ 24.987208] [ 24.987417] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 24.988235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.988603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.989486] Call Trace: [ 24.989711] <TASK> [ 24.989958] dump_stack_lvl+0x73/0xb0 [ 24.990552] print_report+0xd1/0x640 [ 24.990979] ? __virt_addr_valid+0x1db/0x2d0 [ 24.991399] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.991963] kasan_report+0x102/0x140 [ 24.992414] ? mempool_oob_right_helper+0x31a/0x380 [ 24.992839] ? mempool_oob_right_helper+0x31a/0x380 [ 24.993309] __asan_report_load1_noabort+0x18/0x20 [ 24.993785] mempool_oob_right_helper+0x31a/0x380 [ 24.994366] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 24.995651] ? finish_task_switch.isra.0+0x153/0x700 [ 24.996130] mempool_kmalloc_oob_right+0xb6/0x100 [ 24.996725] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 24.997120] ? __switch_to+0x5d9/0xf60 [ 24.997722] ? __pfx_mempool_kmalloc+0x10/0x10 [ 24.998202] ? __pfx_mempool_kfree+0x10/0x10 [ 24.999022] ? __pfx_read_tsc+0x10/0x10 [ 24.999714] ? ktime_get_ts64+0x86/0x230 [ 25.000231] kunit_try_run_case+0x1b3/0x490 [ 25.000871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.001468] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.001936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.003125] ? __kthread_parkme+0x82/0x160 [ 25.003633] ? preempt_count_sub+0x50/0x80 [ 25.004137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.004562] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.005231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.005689] kthread+0x257/0x310 [ 25.006225] ? __pfx_kthread+0x10/0x10 [ 25.006951] ret_from_fork+0x41/0x80 [ 25.007274] ? __pfx_kthread+0x10/0x10 [ 25.007790] ret_from_fork_asm+0x1a/0x30 [ 25.008232] </TASK> [ 25.008482] [ 25.008727] Allocated by task 229: [ 25.009222] kasan_save_stack+0x3d/0x60 [ 25.009632] kasan_save_track+0x18/0x40 [ 25.010182] kasan_save_alloc_info+0x3b/0x50 [ 25.010904] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 25.011711] remove_element+0x11e/0x190 [ 25.012018] mempool_alloc_preallocated+0x4d/0x90 [ 25.013202] mempool_oob_right_helper+0x8b/0x380 [ 25.013654] mempool_kmalloc_oob_right+0xb6/0x100 [ 25.014112] kunit_try_run_case+0x1b3/0x490 [ 25.014793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.015216] kthread+0x257/0x310 [ 25.016002] ret_from_fork+0x41/0x80 [ 25.016470] ret_from_fork_asm+0x1a/0x30 [ 25.016762] [ 25.017041] The buggy address belongs to the object at ffff888101af5a00 [ 25.017041] which belongs to the cache kmalloc-128 of size 128 [ 25.018395] The buggy address is located 0 bytes to the right of [ 25.018395] allocated 115-byte region [ffff888101af5a00, ffff888101af5a73) [ 25.019414] [ 25.019719] The buggy address belongs to the physical page: [ 25.020141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101af5 [ 25.020631] flags: 0x200000000000000(node=0|zone=2) [ 25.021194] page_type: f5(slab) [ 25.022031] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.022492] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.023756] page dumped because: kasan: bad access detected [ 25.024204] [ 25.024486] Memory state around the buggy address: [ 25.024934] ffff888101af5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.025957] ffff888101af5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.027063] >ffff888101af5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.027876] ^ [ 25.028758] ffff888101af5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.030003] ffff888101af5b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.031010] ==================================================================