Date
May 15, 2025, 10:38 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 17.638709] ================================================================== [ 17.638755] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 17.638800] Write of size 1 at addr fff00000c5c44f78 by task kunit_try_catch/136 [ 17.638846] [ 17.638874] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250515 #1 PREEMPT [ 17.638967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.638992] Hardware name: linux,dummy-virt (DT) [ 17.639020] Call trace: [ 17.639041] show_stack+0x20/0x38 (C) [ 17.639954] dump_stack_lvl+0x8c/0xd0 [ 17.640025] print_report+0x118/0x608 [ 17.640399] kasan_report+0xdc/0x128 [ 17.640495] __asan_report_store1_noabort+0x20/0x30 [ 17.640556] kmalloc_oob_right+0x538/0x660 [ 17.640768] kunit_try_run_case+0x170/0x3f0 [ 17.640897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.641061] kthread+0x328/0x630 [ 17.641112] ret_from_fork+0x10/0x20 [ 17.641172] [ 17.641191] Allocated by task 136: [ 17.641219] kasan_save_stack+0x3c/0x68 [ 17.641258] kasan_save_track+0x20/0x40 [ 17.641294] kasan_save_alloc_info+0x40/0x58 [ 17.641331] __kasan_kmalloc+0xd4/0xd8 [ 17.641376] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.641417] kmalloc_oob_right+0xb0/0x660 [ 17.641697] kunit_try_run_case+0x170/0x3f0 [ 17.642050] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.642320] kthread+0x328/0x630 [ 17.642363] ret_from_fork+0x10/0x20 [ 17.642883] [ 17.643056] The buggy address belongs to the object at fff00000c5c44f00 [ 17.643056] which belongs to the cache kmalloc-128 of size 128 [ 17.643600] The buggy address is located 5 bytes to the right of [ 17.643600] allocated 115-byte region [fff00000c5c44f00, fff00000c5c44f73) [ 17.644315] [ 17.644433] The buggy address belongs to the physical page: [ 17.644565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c44 [ 17.644892] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.645471] page_type: f5(slab) [ 17.645518] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.646109] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.646461] page dumped because: kasan: bad access detected [ 17.647150] [ 17.647475] Memory state around the buggy address: [ 17.647554] fff00000c5c44e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.647865] fff00000c5c44e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.647909] >fff00000c5c44f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.647946] ^ [ 17.648313] fff00000c5c44f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.649058] fff00000c5c45000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.649947] ================================================================== [ 17.655673] ================================================================== [ 17.655805] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 17.655855] Read of size 1 at addr fff00000c5c44f80 by task kunit_try_catch/136 [ 17.655907] [ 17.655940] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250515 #1 PREEMPT [ 17.657134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.657342] Hardware name: linux,dummy-virt (DT) [ 17.657696] Call trace: [ 17.658226] show_stack+0x20/0x38 (C) [ 17.658796] dump_stack_lvl+0x8c/0xd0 [ 17.659551] print_report+0x118/0x608 [ 17.659921] kasan_report+0xdc/0x128 [ 17.660390] __asan_report_load1_noabort+0x20/0x30 [ 17.660931] kmalloc_oob_right+0x5d0/0x660 [ 17.661318] kunit_try_run_case+0x170/0x3f0 [ 17.662113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.662307] kthread+0x328/0x630 [ 17.662888] ret_from_fork+0x10/0x20 [ 17.663569] [ 17.663685] Allocated by task 136: [ 17.663715] kasan_save_stack+0x3c/0x68 [ 17.663770] kasan_save_track+0x20/0x40 [ 17.663807] kasan_save_alloc_info+0x40/0x58 [ 17.663844] __kasan_kmalloc+0xd4/0xd8 [ 17.664752] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.664802] kmalloc_oob_right+0xb0/0x660 [ 17.664838] kunit_try_run_case+0x170/0x3f0 [ 17.665563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.665662] kthread+0x328/0x630 [ 17.665764] ret_from_fork+0x10/0x20 [ 17.666135] [ 17.666389] The buggy address belongs to the object at fff00000c5c44f00 [ 17.666389] which belongs to the cache kmalloc-128 of size 128 [ 17.667080] The buggy address is located 13 bytes to the right of [ 17.667080] allocated 115-byte region [fff00000c5c44f00, fff00000c5c44f73) [ 17.667763] [ 17.667788] The buggy address belongs to the physical page: [ 17.668540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c44 [ 17.668786] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.668844] page_type: f5(slab) [ 17.668898] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.669976] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.670663] page dumped because: kasan: bad access detected [ 17.670869] [ 17.670989] Memory state around the buggy address: [ 17.671023] fff00000c5c44e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.671066] fff00000c5c44f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.671107] >fff00000c5c44f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.671656] ^ [ 17.672569] fff00000c5c45000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.672661] fff00000c5c45080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 17.672699] ================================================================== [ 17.626952] ================================================================== [ 17.627287] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 17.628085] Write of size 1 at addr fff00000c5c44f73 by task kunit_try_catch/136 [ 17.628199] [ 17.629072] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.15.0-rc6-next-20250515 #1 PREEMPT [ 17.629273] Tainted: [N]=TEST [ 17.629687] Hardware name: linux,dummy-virt (DT) [ 17.630323] Call trace: [ 17.630525] show_stack+0x20/0x38 (C) [ 17.631347] dump_stack_lvl+0x8c/0xd0 [ 17.631770] print_report+0x118/0x608 [ 17.631968] kasan_report+0xdc/0x128 [ 17.632087] __asan_report_store1_noabort+0x20/0x30 [ 17.632250] kmalloc_oob_right+0x5a4/0x660 [ 17.632296] kunit_try_run_case+0x170/0x3f0 [ 17.632371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.632492] kthread+0x328/0x630 [ 17.632743] ret_from_fork+0x10/0x20 [ 17.633020] [ 17.633082] Allocated by task 136: [ 17.633501] kasan_save_stack+0x3c/0x68 [ 17.633796] kasan_save_track+0x20/0x40 [ 17.633850] kasan_save_alloc_info+0x40/0x58 [ 17.633888] __kasan_kmalloc+0xd4/0xd8 [ 17.633937] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.633976] kmalloc_oob_right+0xb0/0x660 [ 17.634020] kunit_try_run_case+0x170/0x3f0 [ 17.634062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.634111] kthread+0x328/0x630 [ 17.634154] ret_from_fork+0x10/0x20 [ 17.634219] [ 17.634303] The buggy address belongs to the object at fff00000c5c44f00 [ 17.634303] which belongs to the cache kmalloc-128 of size 128 [ 17.634425] The buggy address is located 0 bytes to the right of [ 17.634425] allocated 115-byte region [fff00000c5c44f00, fff00000c5c44f73) [ 17.634491] [ 17.634574] The buggy address belongs to the physical page: [ 17.634986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c44 [ 17.635828] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.636326] page_type: f5(slab) [ 17.636951] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.637014] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.637520] page dumped because: kasan: bad access detected [ 17.637568] [ 17.637593] Memory state around the buggy address: [ 17.637832] fff00000c5c44e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.637898] fff00000c5c44e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.637950] >fff00000c5c44f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.638001] ^ [ 17.638082] fff00000c5c44f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.638123] fff00000c5c45000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.638196] ==================================================================
[ 13.189834] ================================================================== [ 13.190750] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 13.191714] Write of size 1 at addr ffff8881022f9b73 by task kunit_try_catch/154 [ 13.192125] [ 13.194033] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.15.0-rc6-next-20250515 #1 PREEMPT(voluntary) [ 13.194385] Tainted: [N]=TEST [ 13.194425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.194682] Call Trace: [ 13.194761] <TASK> [ 13.194924] dump_stack_lvl+0x73/0xb0 [ 13.195030] print_report+0xd1/0x650 [ 13.195062] ? __virt_addr_valid+0x1db/0x2d0 [ 13.195089] ? kmalloc_oob_right+0x6f0/0x7f0 [ 13.195111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.195132] ? kmalloc_oob_right+0x6f0/0x7f0 [ 13.195153] kasan_report+0x141/0x180 [ 13.195175] ? kmalloc_oob_right+0x6f0/0x7f0 [ 13.195202] __asan_report_store1_noabort+0x1b/0x30 [ 13.195234] kmalloc_oob_right+0x6f0/0x7f0 [ 13.195258] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.195282] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.195307] kunit_try_run_case+0x1a5/0x480 [ 13.195332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.195353] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.195375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.195395] ? __kthread_parkme+0x82/0x180 [ 13.195415] ? preempt_count_sub+0x50/0x80 [ 13.195440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.195460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.195480] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.195500] kthread+0x337/0x6f0 [ 13.195518] ? trace_preempt_on+0x20/0xc0 [ 13.195540] ? __pfx_kthread+0x10/0x10 [ 13.195559] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.195579] ? calculate_sigpending+0x7b/0xa0 [ 13.195602] ? __pfx_kthread+0x10/0x10 [ 13.195622] ret_from_fork+0x116/0x1d0 [ 13.195641] ? __pfx_kthread+0x10/0x10 [ 13.195659] ret_from_fork_asm+0x1a/0x30 [ 13.195712] </TASK> [ 13.195779] [ 13.203612] Allocated by task 154: [ 13.204091] kasan_save_stack+0x45/0x70 [ 13.204487] kasan_save_track+0x18/0x40 [ 13.204821] kasan_save_alloc_info+0x3b/0x50 [ 13.205144] __kasan_kmalloc+0xb7/0xc0 [ 13.205361] __kmalloc_cache_noprof+0x189/0x420 [ 13.205671] kmalloc_oob_right+0xa9/0x7f0 [ 13.205991] kunit_try_run_case+0x1a5/0x480 [ 13.206275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.206679] kthread+0x337/0x6f0 [ 13.206908] ret_from_fork+0x116/0x1d0 [ 13.207114] ret_from_fork_asm+0x1a/0x30 [ 13.207527] [ 13.207767] The buggy address belongs to the object at ffff8881022f9b00 [ 13.207767] which belongs to the cache kmalloc-128 of size 128 [ 13.208268] The buggy address is located 0 bytes to the right of [ 13.208268] allocated 115-byte region [ffff8881022f9b00, ffff8881022f9b73) [ 13.208714] [ 13.208945] The buggy address belongs to the physical page: [ 13.209782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022f9 [ 13.210834] flags: 0x200000000000000(node=0|zone=2) [ 13.211893] page_type: f5(slab) [ 13.212731] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.213270] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.213919] page dumped because: kasan: bad access detected [ 13.214314] [ 13.214494] Memory state around the buggy address: [ 13.215175] ffff8881022f9a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.215760] ffff8881022f9a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.216307] >ffff8881022f9b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.216825] ^ [ 13.217295] ffff8881022f9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.217571] ffff8881022f9c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.218057] ================================================================== [ 13.221209] ================================================================== [ 13.221767] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 13.222052] Write of size 1 at addr ffff8881022f9b78 by task kunit_try_catch/154 [ 13.222271] [ 13.222381] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250515 #1 PREEMPT(voluntary) [ 13.222434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.222449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.222470] Call Trace: [ 13.222494] <TASK> [ 13.222516] dump_stack_lvl+0x73/0xb0 [ 13.222546] print_report+0xd1/0x650 [ 13.222569] ? __virt_addr_valid+0x1db/0x2d0 [ 13.222592] ? kmalloc_oob_right+0x6bd/0x7f0 [ 13.222612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.222633] ? kmalloc_oob_right+0x6bd/0x7f0 [ 13.222653] kasan_report+0x141/0x180 [ 13.222674] ? kmalloc_oob_right+0x6bd/0x7f0 [ 13.222700] __asan_report_store1_noabort+0x1b/0x30 [ 13.222720] kmalloc_oob_right+0x6bd/0x7f0 [ 13.222741] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.222765] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.222790] kunit_try_run_case+0x1a5/0x480 [ 13.222813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.222833] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.222855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.222876] ? __kthread_parkme+0x82/0x180 [ 13.222896] ? preempt_count_sub+0x50/0x80 [ 13.222920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.222942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.222963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.222984] kthread+0x337/0x6f0 [ 13.223002] ? trace_preempt_on+0x20/0xc0 [ 13.223025] ? __pfx_kthread+0x10/0x10 [ 13.223045] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.223065] ? calculate_sigpending+0x7b/0xa0 [ 13.223087] ? __pfx_kthread+0x10/0x10 [ 13.223108] ret_from_fork+0x116/0x1d0 [ 13.223127] ? __pfx_kthread+0x10/0x10 [ 13.223146] ret_from_fork_asm+0x1a/0x30 [ 13.223178] </TASK> [ 13.223189] [ 13.232304] Allocated by task 154: [ 13.232611] kasan_save_stack+0x45/0x70 [ 13.232959] kasan_save_track+0x18/0x40 [ 13.233189] kasan_save_alloc_info+0x3b/0x50 [ 13.233382] __kasan_kmalloc+0xb7/0xc0 [ 13.233552] __kmalloc_cache_noprof+0x189/0x420 [ 13.233738] kmalloc_oob_right+0xa9/0x7f0 [ 13.233915] kunit_try_run_case+0x1a5/0x480 [ 13.234097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.234512] kthread+0x337/0x6f0 [ 13.234835] ret_from_fork+0x116/0x1d0 [ 13.235167] ret_from_fork_asm+0x1a/0x30 [ 13.235499] [ 13.235676] The buggy address belongs to the object at ffff8881022f9b00 [ 13.235676] which belongs to the cache kmalloc-128 of size 128 [ 13.236550] The buggy address is located 5 bytes to the right of [ 13.236550] allocated 115-byte region [ffff8881022f9b00, ffff8881022f9b73) [ 13.237131] [ 13.237256] The buggy address belongs to the physical page: [ 13.237465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022f9 [ 13.237735] flags: 0x200000000000000(node=0|zone=2) [ 13.237935] page_type: f5(slab) [ 13.238097] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.238654] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.239211] page dumped because: kasan: bad access detected [ 13.239646] [ 13.239816] Memory state around the buggy address: [ 13.240175] ffff8881022f9a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.240533] ffff8881022f9a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.240770] >ffff8881022f9b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.240996] ^ [ 13.241231] ffff8881022f9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.241719] ffff8881022f9c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.242207] ================================================================== [ 13.243400] ================================================================== [ 13.244001] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 13.244277] Read of size 1 at addr ffff8881022f9b80 by task kunit_try_catch/154 [ 13.244824] [ 13.244997] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250515 #1 PREEMPT(voluntary) [ 13.245086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.245109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.245159] Call Trace: [ 13.245198] <TASK> [ 13.245257] dump_stack_lvl+0x73/0xb0 [ 13.245315] print_report+0xd1/0x650 [ 13.245365] ? __virt_addr_valid+0x1db/0x2d0 [ 13.245410] ? kmalloc_oob_right+0x68a/0x7f0 [ 13.245464] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.245504] ? kmalloc_oob_right+0x68a/0x7f0 [ 13.245545] kasan_report+0x141/0x180 [ 13.245585] ? kmalloc_oob_right+0x68a/0x7f0 [ 13.245636] __asan_report_load1_noabort+0x18/0x20 [ 13.245676] kmalloc_oob_right+0x68a/0x7f0 [ 13.245709] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.245734] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.245758] kunit_try_run_case+0x1a5/0x480 [ 13.245781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.245801] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.245823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.245853] ? __kthread_parkme+0x82/0x180 [ 13.245887] ? preempt_count_sub+0x50/0x80 [ 13.245923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.245961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.246001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.246037] kthread+0x337/0x6f0 [ 13.246068] ? trace_preempt_on+0x20/0xc0 [ 13.246107] ? __pfx_kthread+0x10/0x10 [ 13.246144] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.246182] ? calculate_sigpending+0x7b/0xa0 [ 13.246235] ? __pfx_kthread+0x10/0x10 [ 13.246276] ret_from_fork+0x116/0x1d0 [ 13.246309] ? __pfx_kthread+0x10/0x10 [ 13.246354] ret_from_fork_asm+0x1a/0x30 [ 13.246418] </TASK> [ 13.246439] [ 13.254806] Allocated by task 154: [ 13.255059] kasan_save_stack+0x45/0x70 [ 13.255419] kasan_save_track+0x18/0x40 [ 13.255640] kasan_save_alloc_info+0x3b/0x50 [ 13.255958] __kasan_kmalloc+0xb7/0xc0 [ 13.256267] __kmalloc_cache_noprof+0x189/0x420 [ 13.256498] kmalloc_oob_right+0xa9/0x7f0 [ 13.256823] kunit_try_run_case+0x1a5/0x480 [ 13.257000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.257198] kthread+0x337/0x6f0 [ 13.257366] ret_from_fork+0x116/0x1d0 [ 13.257584] ret_from_fork_asm+0x1a/0x30 [ 13.257911] [ 13.258079] The buggy address belongs to the object at ffff8881022f9b00 [ 13.258079] which belongs to the cache kmalloc-128 of size 128 [ 13.258908] The buggy address is located 13 bytes to the right of [ 13.258908] allocated 115-byte region [ffff8881022f9b00, ffff8881022f9b73) [ 13.259522] [ 13.259696] The buggy address belongs to the physical page: [ 13.259944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022f9 [ 13.260453] flags: 0x200000000000000(node=0|zone=2) [ 13.260747] page_type: f5(slab) [ 13.261024] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.261414] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.261798] page dumped because: kasan: bad access detected [ 13.262124] [ 13.262265] Memory state around the buggy address: [ 13.262617] ffff8881022f9a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.262895] ffff8881022f9b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.263127] >ffff8881022f9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.263556] ^ [ 13.263879] ffff8881022f9c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.264357] ffff8881022f9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.264730] ==================================================================