Date
March 19, 2025, 10:35 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 33.292935] ================================================================== [ 33.293660] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 33.295071] Write of size 1 at addr fff00000c6818473 by task kunit_try_catch/138 [ 33.295256] [ 33.296557] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G N 6.14.0-rc7-next-20250319 #1 PREEMPT [ 33.296984] Tainted: [N]=TEST [ 33.297108] Hardware name: linux,dummy-virt (DT) [ 33.297611] Call trace: [ 33.297857] show_stack+0x20/0x38 (C) [ 33.298107] dump_stack_lvl+0x8c/0xd0 [ 33.298218] print_report+0x118/0x5f0 [ 33.298295] kasan_report+0xc8/0x118 [ 33.298368] __asan_report_store1_noabort+0x20/0x30 [ 33.298449] kmalloc_oob_right+0x5a4/0x660 [ 33.298527] kunit_try_run_case+0x14c/0x3d0 [ 33.298609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.298696] kthread+0x318/0x618 [ 33.298771] ret_from_fork+0x10/0x20 [ 33.299028] [ 33.299108] Allocated by task 138: [ 33.299301] kasan_save_stack+0x3c/0x68 [ 33.299406] kasan_save_track+0x20/0x40 [ 33.299469] kasan_save_alloc_info+0x40/0x58 [ 33.299532] __kasan_kmalloc+0xd4/0xd8 [ 33.299589] __kmalloc_cache_noprof+0x15c/0x3c0 [ 33.299658] kmalloc_oob_right+0xb0/0x660 [ 33.299719] kunit_try_run_case+0x14c/0x3d0 [ 33.299783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.299855] kthread+0x318/0x618 [ 33.299912] ret_from_fork+0x10/0x20 [ 33.300006] [ 33.300120] The buggy address belongs to the object at fff00000c6818400 [ 33.300120] which belongs to the cache kmalloc-128 of size 128 [ 33.300274] The buggy address is located 0 bytes to the right of [ 33.300274] allocated 115-byte region [fff00000c6818400, fff00000c6818473) [ 33.300459] [ 33.300684] The buggy address belongs to the physical page: [ 33.301191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106818 [ 33.301870] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.302375] page_type: f5(slab) [ 33.302854] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 33.302970] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 33.303168] page dumped because: kasan: bad access detected [ 33.303242] [ 33.303285] Memory state around the buggy address: [ 33.303647] fff00000c6818300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.303769] fff00000c6818380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.303863] >fff00000c6818400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 33.303954] ^ [ 33.304102] fff00000c6818480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.304175] fff00000c6818500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.304281] ================================================================== [ 33.305688] ================================================================== [ 33.305929] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 33.306091] Write of size 1 at addr fff00000c6818478 by task kunit_try_catch/138 [ 33.306247] [ 33.306333] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT [ 33.306593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.306678] Hardware name: linux,dummy-virt (DT) [ 33.306776] Call trace: [ 33.306842] show_stack+0x20/0x38 (C) [ 33.307001] dump_stack_lvl+0x8c/0xd0 [ 33.310020] print_report+0x118/0x5f0 [ 33.310190] kasan_report+0xc8/0x118 [ 33.310330] __asan_report_store1_noabort+0x20/0x30 [ 33.310481] kmalloc_oob_right+0x538/0x660 [ 33.310629] kunit_try_run_case+0x14c/0x3d0 [ 33.311653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.312133] kthread+0x318/0x618 [ 33.312590] ret_from_fork+0x10/0x20 [ 33.312763] [ 33.312820] Allocated by task 138: [ 33.312901] kasan_save_stack+0x3c/0x68 [ 33.313394] kasan_save_track+0x20/0x40 [ 33.313537] kasan_save_alloc_info+0x40/0x58 [ 33.313662] __kasan_kmalloc+0xd4/0xd8 [ 33.313957] __kmalloc_cache_noprof+0x15c/0x3c0 [ 33.314313] kmalloc_oob_right+0xb0/0x660 [ 33.314703] kunit_try_run_case+0x14c/0x3d0 [ 33.315154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.315319] kthread+0x318/0x618 [ 33.315447] ret_from_fork+0x10/0x20 [ 33.315576] [ 33.315636] The buggy address belongs to the object at fff00000c6818400 [ 33.315636] which belongs to the cache kmalloc-128 of size 128 [ 33.315878] The buggy address is located 5 bytes to the right of [ 33.315878] allocated 115-byte region [fff00000c6818400, fff00000c6818473) [ 33.316206] [ 33.316266] The buggy address belongs to the physical page: [ 33.316412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106818 [ 33.316572] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.316720] page_type: f5(slab) [ 33.316831] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 33.316979] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 33.317133] page dumped because: kasan: bad access detected [ 33.317248] [ 33.317341] Memory state around the buggy address: [ 33.317470] fff00000c6818300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.317624] fff00000c6818380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.317815] >fff00000c6818400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 33.317988] ^ [ 33.318170] fff00000c6818480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.318304] fff00000c6818500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.318421] ================================================================== [ 33.319152] ================================================================== [ 33.319277] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 33.319470] Read of size 1 at addr fff00000c6818480 by task kunit_try_catch/138 [ 33.319794] [ 33.319945] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT [ 33.320918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.321247] Hardware name: linux,dummy-virt (DT) [ 33.321367] Call trace: [ 33.321549] show_stack+0x20/0x38 (C) [ 33.321716] dump_stack_lvl+0x8c/0xd0 [ 33.321860] print_report+0x118/0x5f0 [ 33.322001] kasan_report+0xc8/0x118 [ 33.322158] __asan_report_load1_noabort+0x20/0x30 [ 33.323224] kmalloc_oob_right+0x5d0/0x660 [ 33.323389] kunit_try_run_case+0x14c/0x3d0 [ 33.323540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.323709] kthread+0x318/0x618 [ 33.323852] ret_from_fork+0x10/0x20 [ 33.324006] [ 33.324121] Allocated by task 138: [ 33.324226] kasan_save_stack+0x3c/0x68 [ 33.324399] kasan_save_track+0x20/0x40 [ 33.324582] kasan_save_alloc_info+0x40/0x58 [ 33.324708] __kasan_kmalloc+0xd4/0xd8 [ 33.324817] __kmalloc_cache_noprof+0x15c/0x3c0 [ 33.324935] kmalloc_oob_right+0xb0/0x660 [ 33.325112] kunit_try_run_case+0x14c/0x3d0 [ 33.325236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.325374] kthread+0x318/0x618 [ 33.325486] ret_from_fork+0x10/0x20 [ 33.325650] [ 33.325723] The buggy address belongs to the object at fff00000c6818400 [ 33.325723] which belongs to the cache kmalloc-128 of size 128 [ 33.326007] The buggy address is located 13 bytes to the right of [ 33.326007] allocated 115-byte region [fff00000c6818400, fff00000c6818473) [ 33.326271] [ 33.326329] The buggy address belongs to the physical page: [ 33.326423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106818 [ 33.326585] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.326733] page_type: f5(slab) [ 33.326888] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 33.327302] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 33.327714] page dumped because: kasan: bad access detected [ 33.327835] [ 33.327890] Memory state around the buggy address: [ 33.327984] fff00000c6818380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.328349] fff00000c6818400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 33.328552] >fff00000c6818480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.328685] ^ [ 33.328775] fff00000c6818500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.328944] fff00000c6818580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.329122] ==================================================================
[ 20.259193] ================================================================== [ 20.260581] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 20.262257] Write of size 1 at addr ffff88810305a073 by task kunit_try_catch/157 [ 20.263227] [ 20.265942] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.266398] Tainted: [N]=TEST [ 20.266449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.266880] Call Trace: [ 20.266997] <TASK> [ 20.267240] dump_stack_lvl+0x73/0xb0 [ 20.267374] print_report+0xd1/0x660 [ 20.267421] ? __virt_addr_valid+0x1db/0x2d0 [ 20.267490] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.267527] kasan_report+0x104/0x140 [ 20.267556] ? kmalloc_oob_right+0x6f0/0x7f0 [ 20.267599] ? kmalloc_oob_right+0x6f0/0x7f0 [ 20.267659] __asan_report_store1_noabort+0x1b/0x30 [ 20.267738] kmalloc_oob_right+0x6f0/0x7f0 [ 20.267825] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 20.267889] ? __schedule+0xd46/0x29c0 [ 20.267959] ? __pfx_read_tsc+0x10/0x10 [ 20.268012] ? ktime_get_ts64+0x86/0x240 [ 20.268077] kunit_try_run_case+0x1b2/0x490 [ 20.268170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.268203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.268237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.268268] ? __kthread_parkme+0x82/0x160 [ 20.268300] ? preempt_count_sub+0x50/0x80 [ 20.268338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.268371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.268404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.268436] kthread+0x323/0x710 [ 20.268465] ? trace_preempt_on+0x20/0xc0 [ 20.268500] ? __pfx_kthread+0x10/0x10 [ 20.268531] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.268560] ? calculate_sigpending+0x7b/0xa0 [ 20.268591] ? __pfx_kthread+0x10/0x10 [ 20.268623] ret_from_fork+0x41/0x80 [ 20.268653] ? __pfx_kthread+0x10/0x10 [ 20.268684] ret_from_fork_asm+0x1a/0x30 [ 20.268891] </TASK> [ 20.269011] [ 20.281844] Allocated by task 157: [ 20.282649] kasan_save_stack+0x3d/0x60 [ 20.283277] kasan_save_track+0x18/0x40 [ 20.283870] kasan_save_alloc_info+0x3b/0x50 [ 20.284426] __kasan_kmalloc+0xb7/0xc0 [ 20.284905] __kmalloc_cache_noprof+0x183/0x410 [ 20.285436] kmalloc_oob_right+0xa9/0x7f0 [ 20.286385] kunit_try_run_case+0x1b2/0x490 [ 20.286799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.287351] kthread+0x323/0x710 [ 20.287957] ret_from_fork+0x41/0x80 [ 20.288443] ret_from_fork_asm+0x1a/0x30 [ 20.289045] [ 20.289423] The buggy address belongs to the object at ffff88810305a000 [ 20.289423] which belongs to the cache kmalloc-128 of size 128 [ 20.291433] The buggy address is located 0 bytes to the right of [ 20.291433] allocated 115-byte region [ffff88810305a000, ffff88810305a073) [ 20.292984] [ 20.293527] The buggy address belongs to the physical page: [ 20.295006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 20.296884] flags: 0x200000000000000(node=0|zone=2) [ 20.299090] page_type: f5(slab) [ 20.301031] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.302038] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.302932] page dumped because: kasan: bad access detected [ 20.303509] [ 20.303796] Memory state around the buggy address: [ 20.305560] ffff888103059f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.306644] ffff888103059f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.307417] >ffff88810305a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.308292] ^ [ 20.309389] ffff88810305a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.310279] ffff88810305a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.311053] ================================================================== [ 20.351477] ================================================================== [ 20.352388] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 20.353017] Read of size 1 at addr ffff88810305a080 by task kunit_try_catch/157 [ 20.353557] [ 20.353741] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.353858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.353891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.353944] Call Trace: [ 20.353975] <TASK> [ 20.354006] dump_stack_lvl+0x73/0xb0 [ 20.354080] print_report+0xd1/0x660 [ 20.354169] ? __virt_addr_valid+0x1db/0x2d0 [ 20.354291] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.354365] kasan_report+0x104/0x140 [ 20.354424] ? kmalloc_oob_right+0x68a/0x7f0 [ 20.354490] ? kmalloc_oob_right+0x68a/0x7f0 [ 20.354568] __asan_report_load1_noabort+0x18/0x20 [ 20.354632] kmalloc_oob_right+0x68a/0x7f0 [ 20.354699] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 20.354765] ? __schedule+0xd46/0x29c0 [ 20.354827] ? __pfx_read_tsc+0x10/0x10 [ 20.354884] ? ktime_get_ts64+0x86/0x240 [ 20.354953] kunit_try_run_case+0x1b2/0x490 [ 20.355022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.355083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.355536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.355644] ? __kthread_parkme+0x82/0x160 [ 20.355709] ? preempt_count_sub+0x50/0x80 [ 20.355783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.355853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.355921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.355998] kthread+0x323/0x710 [ 20.356056] ? trace_preempt_on+0x20/0xc0 [ 20.356141] ? __pfx_kthread+0x10/0x10 [ 20.356207] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.356265] ? calculate_sigpending+0x7b/0xa0 [ 20.356325] ? __pfx_kthread+0x10/0x10 [ 20.356388] ret_from_fork+0x41/0x80 [ 20.356448] ? __pfx_kthread+0x10/0x10 [ 20.356510] ret_from_fork_asm+0x1a/0x30 [ 20.356600] </TASK> [ 20.356630] [ 20.378333] Allocated by task 157: [ 20.378573] kasan_save_stack+0x3d/0x60 [ 20.379058] kasan_save_track+0x18/0x40 [ 20.379580] kasan_save_alloc_info+0x3b/0x50 [ 20.381062] __kasan_kmalloc+0xb7/0xc0 [ 20.381495] __kmalloc_cache_noprof+0x183/0x410 [ 20.382209] kmalloc_oob_right+0xa9/0x7f0 [ 20.382646] kunit_try_run_case+0x1b2/0x490 [ 20.383324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.384314] kthread+0x323/0x710 [ 20.384880] ret_from_fork+0x41/0x80 [ 20.385329] ret_from_fork_asm+0x1a/0x30 [ 20.386031] [ 20.386277] The buggy address belongs to the object at ffff88810305a000 [ 20.386277] which belongs to the cache kmalloc-128 of size 128 [ 20.387275] The buggy address is located 13 bytes to the right of [ 20.387275] allocated 115-byte region [ffff88810305a000, ffff88810305a073) [ 20.388972] [ 20.389224] The buggy address belongs to the physical page: [ 20.389747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 20.390357] flags: 0x200000000000000(node=0|zone=2) [ 20.390813] page_type: f5(slab) [ 20.391094] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.392550] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.393291] page dumped because: kasan: bad access detected [ 20.393594] [ 20.393940] Memory state around the buggy address: [ 20.394415] ffff888103059f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.395342] ffff88810305a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.396504] >ffff88810305a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.397265] ^ [ 20.397658] ffff88810305a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.398391] ffff88810305a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.399234] ================================================================== [ 20.314936] ================================================================== [ 20.315481] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 20.316369] Write of size 1 at addr ffff88810305a078 by task kunit_try_catch/157 [ 20.316864] [ 20.317051] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.317192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.317227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.317282] Call Trace: [ 20.317312] <TASK> [ 20.317344] dump_stack_lvl+0x73/0xb0 [ 20.317420] print_report+0xd1/0x660 [ 20.317480] ? __virt_addr_valid+0x1db/0x2d0 [ 20.317603] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.317675] kasan_report+0x104/0x140 [ 20.317732] ? kmalloc_oob_right+0x6bd/0x7f0 [ 20.317796] ? kmalloc_oob_right+0x6bd/0x7f0 [ 20.317873] __asan_report_store1_noabort+0x1b/0x30 [ 20.317935] kmalloc_oob_right+0x6bd/0x7f0 [ 20.318000] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 20.318058] ? __schedule+0xd46/0x29c0 [ 20.318328] ? __pfx_read_tsc+0x10/0x10 [ 20.318414] ? ktime_get_ts64+0x86/0x240 [ 20.318485] kunit_try_run_case+0x1b2/0x490 [ 20.318548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.318593] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.318626] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.318658] ? __kthread_parkme+0x82/0x160 [ 20.318690] ? preempt_count_sub+0x50/0x80 [ 20.318795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.318884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.318946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.319004] kthread+0x323/0x710 [ 20.319056] ? trace_preempt_on+0x20/0xc0 [ 20.319142] ? __pfx_kthread+0x10/0x10 [ 20.319176] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.319206] ? calculate_sigpending+0x7b/0xa0 [ 20.319237] ? __pfx_kthread+0x10/0x10 [ 20.319269] ret_from_fork+0x41/0x80 [ 20.319301] ? __pfx_kthread+0x10/0x10 [ 20.319332] ret_from_fork_asm+0x1a/0x30 [ 20.319380] </TASK> [ 20.319395] [ 20.331994] Allocated by task 157: [ 20.332917] kasan_save_stack+0x3d/0x60 [ 20.333375] kasan_save_track+0x18/0x40 [ 20.333956] kasan_save_alloc_info+0x3b/0x50 [ 20.334446] __kasan_kmalloc+0xb7/0xc0 [ 20.334893] __kmalloc_cache_noprof+0x183/0x410 [ 20.335296] kmalloc_oob_right+0xa9/0x7f0 [ 20.335647] kunit_try_run_case+0x1b2/0x490 [ 20.336742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.337603] kthread+0x323/0x710 [ 20.337991] ret_from_fork+0x41/0x80 [ 20.338292] ret_from_fork_asm+0x1a/0x30 [ 20.338563] [ 20.338919] The buggy address belongs to the object at ffff88810305a000 [ 20.338919] which belongs to the cache kmalloc-128 of size 128 [ 20.340011] The buggy address is located 5 bytes to the right of [ 20.340011] allocated 115-byte region [ffff88810305a000, ffff88810305a073) [ 20.341734] [ 20.341897] The buggy address belongs to the physical page: [ 20.342221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 20.342640] flags: 0x200000000000000(node=0|zone=2) [ 20.343155] page_type: f5(slab) [ 20.343494] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.344225] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.345264] page dumped because: kasan: bad access detected [ 20.345935] [ 20.346168] Memory state around the buggy address: [ 20.346523] ffff888103059f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.347069] ffff888103059f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.348038] >ffff88810305a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.348435] ^ [ 20.348866] ffff88810305a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.349622] ffff88810305a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.350287] ==================================================================