Date
June 18, 2025, 6:43 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 20.474363] ================================================================== [ 20.474603] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 20.474796] Read of size 18446744073709551614 at addr fff00000ffe9c004 by task kunit_try_catch/190 [ 20.475421] [ 20.475542] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250618 #1 PREEMPT [ 20.475750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.475819] Hardware name: linux,dummy-virt (DT) [ 20.475894] Call trace: [ 20.475947] show_stack+0x20/0x38 (C) [ 20.476069] dump_stack_lvl+0x8c/0xd0 [ 20.476173] print_report+0x118/0x608 [ 20.476267] kasan_report+0xdc/0x128 [ 20.476400] kasan_check_range+0x100/0x1a8 [ 20.476543] __asan_memmove+0x3c/0x98 [ 20.476694] kmalloc_memmove_negative_size+0x154/0x2e0 [ 20.476815] kunit_try_run_case+0x170/0x3f0 [ 20.476919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.477054] kthread+0x328/0x630 [ 20.477160] ret_from_fork+0x10/0x20 [ 20.477308] [ 20.477399] Allocated by task 2846403498: [ 20.477907] ------------[ cut here ]------------ [ 20.478034] pool index 44973 out of bounds (214) for stack id adacafae [ 20.480984] WARNING: lib/stackdepot.c:451 at depot_fetch_stack+0x6c/0x90, CPU#0: kunit_try_catch/190 [ 21.007519] Modules linked in: [ 21.009094] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250618 #1 PREEMPT [ 21.009981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.010343] Hardware name: linux,dummy-virt (DT) [ 21.010954] pstate: 624020c9 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 21.011609] pc : depot_fetch_stack+0x6c/0x90 [ 21.011974] lr : depot_fetch_stack+0x6c/0x90 [ 21.012457] sp : ffff8000809a7a20 [ 21.012855] x29: ffff8000809a7a20 x28: ffffacab7ce6f000 x27: 1ffff00010010f60 [ 21.013811] x26: 1ffff00010010f5f x25: 0000000000000000 x24: ffffacab75d665dc [ 21.014478] x23: ffffc1ffc3ffa700 x22: ffffacab7a7e1750 x21: ffffacab7a7e4ab8 [ 21.015130] x20: fff00000ffe9c004 x19: ffff8000809a7b30 x18: 0000000069a4f0ae [ 21.015757] x17: 00000000d797b4ed x16: 00000000f1f1f1f1 x15: 0000000000000007 [ 21.016456] x14: 0000000000000000 x13: 0000000000000007 x12: ffff700010134ea1 [ 21.017249] x11: 1ffff00010134ea0 x10: ffff700010134ea0 x9 : ffffacab756eba6c [ 21.017973] x8 : ffff8000809a7507 x7 : 0000000000000001 x6 : ffff700010134ea0 [ 21.018609] x5 : ffff8000809a7500 x4 : 1ffe000018ee7799 x3 : dfff800000000000 [ 21.019251] x2 : 0000000000000000 x1 : 0000000000000000 x0 : fff00000c773bcc0 [ 21.019946] Call trace: [ 21.020283] depot_fetch_stack+0x6c/0x90 (P) [ 21.020687] stack_depot_print+0x24/0x60 [ 21.021120] print_report+0x5e4/0x608 [ 21.021503] kasan_report+0xdc/0x128 [ 21.021847] kasan_check_range+0x100/0x1a8 [ 21.022306] __asan_memmove+0x3c/0x98 [ 21.022683] kmalloc_memmove_negative_size+0x154/0x2e0 [ 21.023187] kunit_try_run_case+0x170/0x3f0 [ 21.023537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.024045] kthread+0x328/0x630 [ 21.024401] ret_from_fork+0x10/0x20 [ 21.024974] ---[ end trace 0000000000000000 ]--- [ 21.025902] ------------[ cut here ]------------ [ 21.025975] corrupt handle or use after stack_depot_put() [ 21.026097] WARNING: lib/stackdepot.c:723 at stack_depot_print+0x54/0x60, CPU#0: kunit_try_catch/190 [ 21.027202] Modules linked in: [ 21.027672] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc2-next-20250618 #1 PREEMPT [ 21.028479] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 21.028924] Hardware name: linux,dummy-virt (DT) [ 21.029295] pstate: 624020c9 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 21.029822] pc : stack_depot_print+0x54/0x60 [ 21.030307] lr : stack_depot_print+0x54/0x60 [ 21.030654] sp : ffff8000809a7a30 [ 21.030960] x29: ffff8000809a7a30 x28: ffffacab7ce6f000 x27: 1ffff00010010f60 [ 21.031606] x26: 1ffff00010010f5f x25: 0000000000000000 x24: ffffacab75d665dc [ 21.032279] x23: ffffc1ffc3ffa700 x22: ffffacab7a7e1750 x21: ffffacab7a7e4ab8 [ 21.033057] x20: fff00000ffe9c004 x19: ffff8000809a7b30 x18: 0000000069a4f0ae [ 21.033723] x17: 00000000d797b4ed x16: 00000000f1f1f1f1 x15: 00000000f3f3f3f3 [ 21.034463] x14: ffff700010134f26 x13: 1ffe000018ee7799 x12: ffff75956f8b17c5 [ 21.035149] x11: 1ffff5956f8b17c4 x10: ffff75956f8b17c4 x9 : ffffacab756eba6c [ 21.035756] x8 : ffffacab7c58be23 x7 : 0000000000000001 x6 : ffff75956f8b17c4 [ 21.036511] x5 : ffffacab7c58be20 x4 : 1ffe000018ee7799 x3 : dfff800000000000 [ 21.037288] x2 : 0000000000000000 x1 : 0000000000000000 x0 : fff00000c773bcc0 [ 21.038070] Call trace: [ 21.038301] stack_depot_print+0x54/0x60 (P) [ 21.038725] print_report+0x5e4/0x608 [ 21.039164] kasan_report+0xdc/0x128 [ 21.039550] kasan_check_range+0x100/0x1a8 [ 21.039929] __asan_memmove+0x3c/0x98 [ 21.040355] kmalloc_memmove_negative_size+0x154/0x2e0 [ 21.040827] kunit_try_run_case+0x170/0x3f0 [ 21.041272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.041733] kthread+0x328/0x630 [ 21.042141] ret_from_fork+0x10/0x20 [ 21.042502] ---[ end trace 0000000000000000 ]--- [ 21.042971] [ 21.043053] Last potentially related work creation: [ 21.043142] ------------[ cut here ]------------ [ 21.043198] pool index 43945 out of bounds (214) for stack id a9a8abaa [ 21.043410] WARNING: lib/stackdepot.c:451 at depot_fetch_stack+0x6c/0x90, CPU#0: kunit_try_catch/190 [ 21.044947] Modules linked in: [ 21.045425] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc2-next-20250618 #1 PREEMPT [ 21.046040] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 21.046431] Hardware name: linux,dummy-virt (DT) [ 21.046871] pstate: 624020c9 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 21.047439] pc : depot_fetch_stack+0x6c/0x90 [ 21.047885] lr : depot_fetch_stack+0x6c/0x90 [ 21.048354] sp : ffff8000809a7a00 [ 21.048639] x29: ffff8000809a7a00 x28: ffffacab7ce6f000 x27: 1ffff00010010f60 [ 21.049424] x26: 1ffff00010010f5f x25: 0000000000000000 x24: ffffacab75d665dc [ 21.050160] x23: ffffc1ffc3ffa700 x22: ffffacab7a7e1750 x21: ffffacab7a7e4ab8 [ 21.050759] x20: fff00000ffe9c004 x19: fff00000ffe9c040 x18: 0000000069a4f0ae [ 21.051504] x17: 00000000d797b4ed x16: 00000000f1f1f1f1 x15: 0000000000000007 [ 21.052231] x14: 0000000000000000 x13: 0000000000000007 x12: ffff75956f8b17c5 [ 21.052935] x11: 1ffff5956f8b17c4 x10: ffff75956f8b17c4 x9 : ffffacab756eba6c [ 21.053608] x8 : ffffacab7c58be23 x7 : 0000000000000001 x6 : ffff75956f8b17c4 [ 21.054185] x5 : ffffacab7c58be20 x4 : 1ffe000018ee7799 x3 : dfff800000000000 [ 21.054779] x2 : 0000000000000000 x1 : 0000000000000000 x0 : fff00000c773bcc0 [ 21.055394] Call trace: [ 21.055715] depot_fetch_stack+0x6c/0x90 (P) [ 21.056248] stack_depot_print+0x24/0x60 [ 21.056748] kasan_print_aux_stacks+0x50/0x98 [ 21.057188] print_report+0x348/0x608 [ 21.057585] kasan_report+0xdc/0x128 [ 21.058055] kasan_check_range+0x100/0x1a8 [ 21.058427] __asan_memmove+0x3c/0x98 [ 21.058886] kmalloc_memmove_negative_size+0x154/0x2e0 [ 21.059390] kunit_try_run_case+0x170/0x3f0 [ 21.059802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.060336] kthread+0x328/0x630 [ 21.060690] ret_from_fork+0x10/0x20 [ 21.061158] ---[ end trace 0000000000000000 ]--- [ 21.061556] ------------[ cut here ]------------ [ 21.061629] corrupt handle or use after stack_depot_put() [ 21.061785] WARNING: lib/stackdepot.c:723 at stack_depot_print+0x54/0x60, CPU#0: kunit_try_catch/190 [ 21.063173] Modules linked in: [ 21.063657] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc2-next-20250618 #1 PREEMPT [ 21.064510] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 21.065053] Hardware name: linux,dummy-virt (DT) [ 21.065485] pstate: 624020c9 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 21.066149] pc : stack_depot_print+0x54/0x60 [ 21.066517] lr : stack_depot_print+0x54/0x60 [ 21.066988] sp : ffff8000809a7a10 [ 21.067321] x29: ffff8000809a7a10 x28: ffffacab7ce6f000 x27: 1ffff00010010f60 [ 21.068157] x26: 1ffff00010010f5f x25: 0000000000000000 x24: ffffacab75d665dc [ 21.068815] x23: ffffc1ffc3ffa700 x22: ffffacab7a7e1750 x21: ffffacab7a7e4ab8 [ 21.069386] x20: fff00000ffe9c004 x19: fff00000ffe9c040 x18: 0000000069a4f0ae [ 21.070205] x17: 00000000d797b4ed x16: 00000000f1f1f1f1 x15: 00000000f3f3f3f3 [ 21.070947] x14: ffff700010134f22 x13: 1ffe000018ee7799 x12: ffff75956f8b17c5 [ 21.071670] x11: 1ffff5956f8b17c4 x10: ffff75956f8b17c4 x9 : ffffacab756eba6c [ 21.072331] x8 : ffffacab7c58be23 x7 : 0000000000000001 x6 : ffff75956f8b17c4 [ 21.072987] x5 : ffffacab7c58be20 x4 : 1ffe000018ee7799 x3 : dfff800000000000 [ 21.073633] x2 : 0000000000000000 x1 : 0000000000000000 x0 : fff00000c773bcc0 [ 21.074436] Call trace: [ 21.074645] stack_depot_print+0x54/0x60 (P) [ 21.075195] kasan_print_aux_stacks+0x50/0x98 [ 21.075689] print_report+0x348/0x608 [ 21.076194] kasan_report+0xdc/0x128 [ 21.076671] kasan_check_range+0x100/0x1a8 [ 21.077214] __asan_memmove+0x3c/0x98 [ 21.077722] kmalloc_memmove_negative_size+0x154/0x2e0 [ 21.078207] kunit_try_run_case+0x170/0x3f0 [ 21.078702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.079246] kthread+0x328/0x630 [ 21.079540] ret_from_fork+0x10/0x20 [ 21.080062] ---[ end trace 0000000000000000 ]--- [ 21.080675] [ 21.080760] Second to last potentially related work creation: [ 21.080842] ------------[ cut here ]------------ [ 21.080926] pool index 44973 out of bounds (214) for stack id adacafae [ 21.081156] WARNING: lib/stackdepot.c:451 at depot_fetch_stack+0x6c/0x90, CPU#0: kunit_try_catch/190 [ 21.083031] Modules linked in: [ 21.083550] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc2-next-20250618 #1 PREEMPT [ 21.084319] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 21.084843] Hardware name: linux,dummy-virt (DT) [ 21.085158] pstate: 624020c9 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 21.085852] pc : depot_fetch_stack+0x6c/0x90 [ 21.086279] lr : depot_fetch_stack+0x6c/0x90 [ 21.086683] sp : ffff8000809a7a00 [ 21.087027] x29: ffff8000809a7a00 x28: ffffacab7ce6f000 x27: 1ffff00010010f60 [ 21.087717] x26: 1ffff00010010f5f x25: 0000000000000000 x24: ffffacab75d665dc [ 21.088389] x23: ffffc1ffc3ffa700 x22: ffffacab7a7e1750 x21: ffffacab7a7e4ab8 [ 21.089232] x20: fff00000ffe9c004 x19: fff00000ffe9c040 x18: 0000000069a4f0ae [ 21.089912] x17: 00000000d797b4ed x16: 00000000f1f1f1f1 x15: 0000000000000007 [ 21.090622] x14: 0000000000000000 x13: 0000000000000007 x12: ffff75956f8b17c5 [ 21.091322] x11: 1ffff5956f8b17c4 x10: ffff75956f8b17c4 x9 : ffffacab756eba6c [ 21.092068] x8 : ffffacab7c58be23 x7 : 0000000000000001 x6 : ffff75956f8b17c4 [ 21.092920] x5 : ffffacab7c58be20 x4 : 1ffe000018ee7799 x3 : dfff800000000000 [ 21.093617] x2 : 0000000000000000 x1 : 0000000000000000 x0 : fff00000c773bcc0 [ 21.094309] Call trace: [ 21.094576] depot_fetch_stack+0x6c/0x90 (P) [ 21.095081] stack_depot_print+0x24/0x60 [ 21.095524] kasan_print_aux_stacks+0x78/0x98 [ 21.095887] print_report+0x348/0x608 [ 21.096188] kasan_report+0xdc/0x128 [ 21.096713] kasan_check_range+0x100/0x1a8 [ 21.097193] __asan_memmove+0x3c/0x98 [ 21.097628] kmalloc_memmove_negative_size+0x154/0x2e0 [ 21.098139] kunit_try_run_case+0x170/0x3f0 [ 21.098489] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.099084] kthread+0x328/0x630 [ 21.099455] ret_from_fork+0x10/0x20 [ 21.099833] ---[ end trace 0000000000000000 ]--- [ 21.100271] ------------[ cut here ]------------ [ 21.100345] corrupt handle or use after stack_depot_put() [ 21.100507] WARNING: lib/stackdepot.c:723 at stack_depot_print+0x54/0x60, CPU#0: kunit_try_catch/190 [ 21.102007] Modules linked in: [ 21.102523] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc2-next-20250618 #1 PREEMPT [ 21.103214] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 21.103515] Hardware name: linux,dummy-virt (DT) [ 21.103975] pstate: 624020c9 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 21.104523] pc : stack_depot_print+0x54/0x60 [ 21.105033] lr : stack_depot_print+0x54/0x60 [ 21.105461] sp : ffff8000809a7a10 [ 21.105812] x29: ffff8000809a7a10 x28: ffffacab7ce6f000 x27: 1ffff00010010f60 [ 21.106409] x26: 1ffff00010010f5f x25: 0000000000000000 x24: ffffacab75d665dc [ 21.107217] x23: ffffc1ffc3ffa700 x22: ffffacab7a7e1750 x21: ffffacab7a7e4ab8 [ 21.107980] x20: fff00000ffe9c004 x19: fff00000ffe9c040 x18: 0000000069a4f0ae [ 21.108606] x17: 00000000d797b4ed x16: 00000000f1f1f1f1 x15: 00000000f3f3f3f3 [ 21.109219] x14: ffff700010134f22 x13: 1ffe000018ee7799 x12: ffff75956f8b17c5 [ 21.109968] x11: 1ffff5956f8b17c4 x10: ffff75956f8b17c4 x9 : ffffacab756eba6c [ 21.110578] x8 : ffffacab7c58be23 x7 : 0000000000000001 x6 : ffff75956f8b17c4 [ 21.111304] x5 : ffffacab7c58be20 x4 : 1ffe000018ee7799 x3 : dfff800000000000 [ 21.111681] x2 : 0000000000000000 x1 : 0000000000000000 x0 : fff00000c773bcc0 [ 21.112449] Call trace: [ 21.112732] stack_depot_print+0x54/0x60 (P) [ 21.113242] kasan_print_aux_stacks+0x78/0x98 [ 21.113701] print_report+0x348/0x608 [ 21.114155] kasan_report+0xdc/0x128 [ 21.114491] kasan_check_range+0x100/0x1a8 [ 21.114906] __asan_memmove+0x3c/0x98 [ 21.115376] kmalloc_memmove_negative_size+0x154/0x2e0 [ 21.115823] kunit_try_run_case+0x170/0x3f0 [ 21.116255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.116735] kthread+0x328/0x630 [ 21.117101] ret_from_fork+0x10/0x20 [ 21.117497] ---[ end trace 0000000000000000 ]--- [ 21.117945] [ 21.118045] The buggy address belongs to the object at fff00000ffe9c000 [ 21.118045] which belongs to the cache kmalloc-64 of size 64 [ 21.118169] The buggy address is located 4 bytes inside of [ 21.118169] 64-byte region [fff00000ffe9c000, fff00000ffe9c040) [ 21.118294] [ 21.118355] The buggy address belongs to the physical page: [ 21.118423] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x13fe9c [ 21.118543] memcg:fff00000d9d64169 [ 21.118598] flags: 0xbfffe0000002000(reserved|node=0|zone=2|lastcpupid=0x1ffff) [ 21.118713] page_type: f5(slab) [ 21.118786] raw: 0bfffe0000002000 fff00000c00018c0 ffffc1ffc3ffa708 0000000000000000 [ 21.118838] raw: 0000000000000000 0000000000010000 00000001f5000000 fff00000d9d64169 [ 21.118880] page dumped because: kasan: bad access detected [ 21.118913] [ 21.118931] Memory state around the buggy address: [ 21.118968] fff00000ffe9bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.119011] fff00000ffe9bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.119083] >fff00000ffe9c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.119122] ^ [ 21.119153] fff00000ffe9c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.119196] fff00000ffe9c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.119235] ==================================================================
[ 11.313713] ================================================================== [ 11.314155] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.314737] Read of size 18446744073709551614 at addr ffff888102620004 by task kunit_try_catch/206 [ 11.315152] [ 11.315523] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250618 #1 PREEMPT(voluntary) [ 11.315577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.315620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.315663] Call Trace: [ 11.315677] <TASK> [ 11.315693] dump_stack_lvl+0x73/0xb0 [ 11.315722] print_report+0xd1/0x650 [ 11.315743] ? __virt_addr_valid+0x1db/0x2d0 [ 11.315765] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.315864] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.315889] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.315935] kasan_report+0x141/0x180 [ 11.315956] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.315983] kasan_check_range+0x10c/0x1c0 [ 11.316005] __asan_memmove+0x27/0x70 [ 11.316027] kmalloc_memmove_negative_size+0x171/0x330 [ 11.316090] ? __kasan_check_write+0x18/0x20 [ 11.316112] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.316135] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.316159] ? trace_hardirqs_on+0x37/0xe0 [ 11.316182] ? __pfx_read_tsc+0x10/0x10 [ 11.316214] ? ktime_get_ts64+0x86/0x230 [ 11.316238] kunit_try_run_case+0x1a5/0x480 [ 11.316262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.316284] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.316307] ? __kthread_parkme+0x82/0x180 [ 11.316327] ? preempt_count_sub+0x50/0x80 [ 11.316350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.316372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.316394] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.316415] kthread+0x337/0x6f0 [ 11.316474] ? trace_preempt_on+0x20/0xc0 [ 11.316498] ? __pfx_kthread+0x10/0x10 [ 11.316517] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.316537] ? calculate_sigpending+0x7b/0xa0 [ 11.316560] ? __pfx_kthread+0x10/0x10 [ 11.316580] ret_from_fork+0x116/0x1d0 [ 11.316598] ? __pfx_kthread+0x10/0x10 [ 11.316617] ret_from_fork_asm+0x1a/0x30 [ 11.316646] </TASK> [ 11.316661] [ 11.325265] Allocated by task 206: [ 11.325435] kasan_save_stack+0x45/0x70 [ 11.325629] kasan_save_track+0x18/0x40 [ 11.325816] kasan_save_alloc_info+0x3b/0x50 [ 11.325977] __kasan_kmalloc+0xb7/0xc0 [ 11.326122] __kmalloc_cache_noprof+0x189/0x420 [ 11.326578] kmalloc_memmove_negative_size+0xac/0x330 [ 11.326824] kunit_try_run_case+0x1a5/0x480 [ 11.327010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.327213] kthread+0x337/0x6f0 [ 11.327328] ret_from_fork+0x116/0x1d0 [ 11.327513] ret_from_fork_asm+0x1a/0x30 [ 11.327712] [ 11.327801] The buggy address belongs to the object at ffff888102620000 [ 11.327801] which belongs to the cache kmalloc-64 of size 64 [ 11.328610] The buggy address is located 4 bytes inside of [ 11.328610] 64-byte region [ffff888102620000, ffff888102620040) [ 11.329105] [ 11.329189] The buggy address belongs to the physical page: [ 11.329360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102620 [ 11.329938] flags: 0x200000000000000(node=0|zone=2) [ 11.330215] page_type: f5(slab) [ 11.330406] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.330700] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.332340] page dumped because: kasan: bad access detected [ 11.334056] [ 11.334150] Memory state around the buggy address: [ 11.334347] ffff88810261ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.334648] ffff88810261ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.334934] >ffff888102620000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.336017] ^ [ 11.336491] ffff888102620080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.337080] ffff888102620100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.337661] ==================================================================