Date
June 25, 2025, 8:08 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 26.261594] ================================================================== [ 26.261631] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 26.261671] Read of size 1 at addr fff00000c3fada80 by task kunit_try_catch/148 [ 26.261717] [ 26.261744] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 26.261822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.261847] Hardware name: linux,dummy-virt (DT) [ 26.261876] Call trace: [ 26.261896] show_stack+0x20/0x38 (C) [ 26.261940] dump_stack_lvl+0x8c/0xd0 [ 26.261984] print_report+0x118/0x608 [ 26.262029] kasan_report+0xdc/0x128 [ 26.262073] __asan_report_load1_noabort+0x20/0x30 [ 26.262127] kmalloc_oob_right+0x5d0/0x660 [ 26.262172] kunit_try_run_case+0x170/0x3f0 [ 26.262217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.262268] kthread+0x328/0x630 [ 26.262309] ret_from_fork+0x10/0x20 [ 26.262353] [ 26.262370] Allocated by task 148: [ 26.262498] kasan_save_stack+0x3c/0x68 [ 26.262585] kasan_save_track+0x20/0x40 [ 26.262711] kasan_save_alloc_info+0x40/0x58 [ 26.262768] __kasan_kmalloc+0xd4/0xd8 [ 26.262804] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.262863] kmalloc_oob_right+0xb0/0x660 [ 26.262899] kunit_try_run_case+0x170/0x3f0 [ 26.262938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.262980] kthread+0x328/0x630 [ 26.263011] ret_from_fork+0x10/0x20 [ 26.263045] [ 26.263119] The buggy address belongs to the object at fff00000c3fada00 [ 26.263119] which belongs to the cache kmalloc-128 of size 128 [ 26.263229] The buggy address is located 13 bytes to the right of [ 26.263229] allocated 115-byte region [fff00000c3fada00, fff00000c3fada73) [ 26.263310] [ 26.263340] The buggy address belongs to the physical page: [ 26.263386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fad [ 26.263470] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.263538] page_type: f5(slab) [ 26.263575] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000100 dead000000000122 [ 26.263731] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.263911] page dumped because: kasan: bad access detected [ 26.263967] [ 26.263994] Memory state around the buggy address: [ 26.264024] fff00000c3fad980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.264080] fff00000c3fada00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.264344] >fff00000c3fada80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.264451] ^ [ 26.264483] fff00000c3fadb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.264820] fff00000c3fadb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.264975] ================================================================== [ 26.258157] ================================================================== [ 26.258298] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 26.258374] Write of size 1 at addr fff00000c3fada78 by task kunit_try_catch/148 [ 26.258464] [ 26.258539] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 26.258837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.258864] Hardware name: linux,dummy-virt (DT) [ 26.258961] Call trace: [ 26.258995] show_stack+0x20/0x38 (C) [ 26.259042] dump_stack_lvl+0x8c/0xd0 [ 26.259262] print_report+0x118/0x608 [ 26.259482] kasan_report+0xdc/0x128 [ 26.259542] __asan_report_store1_noabort+0x20/0x30 [ 26.259592] kmalloc_oob_right+0x538/0x660 [ 26.259639] kunit_try_run_case+0x170/0x3f0 [ 26.259727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.259780] kthread+0x328/0x630 [ 26.260248] ret_from_fork+0x10/0x20 [ 26.260315] [ 26.260334] Allocated by task 148: [ 26.260361] kasan_save_stack+0x3c/0x68 [ 26.260412] kasan_save_track+0x20/0x40 [ 26.260448] kasan_save_alloc_info+0x40/0x58 [ 26.260483] __kasan_kmalloc+0xd4/0xd8 [ 26.260519] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.260558] kmalloc_oob_right+0xb0/0x660 [ 26.260594] kunit_try_run_case+0x170/0x3f0 [ 26.260631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.260674] kthread+0x328/0x630 [ 26.260706] ret_from_fork+0x10/0x20 [ 26.260744] [ 26.260763] The buggy address belongs to the object at fff00000c3fada00 [ 26.260763] which belongs to the cache kmalloc-128 of size 128 [ 26.260818] The buggy address is located 5 bytes to the right of [ 26.260818] allocated 115-byte region [fff00000c3fada00, fff00000c3fada73) [ 26.260879] [ 26.260899] The buggy address belongs to the physical page: [ 26.260928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fad [ 26.260977] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.261023] page_type: f5(slab) [ 26.261059] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000100 dead000000000122 [ 26.261106] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.261145] page dumped because: kasan: bad access detected [ 26.261174] [ 26.261190] Memory state around the buggy address: [ 26.261219] fff00000c3fad900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.261260] fff00000c3fad980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.261300] >fff00000c3fada00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.261335] ^ [ 26.261372] fff00000c3fada80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.261422] fff00000c3fadb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.261457] ================================================================== [ 26.251341] ================================================================== [ 26.251702] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 26.252609] Write of size 1 at addr fff00000c3fada73 by task kunit_try_catch/148 [ 26.252716] [ 26.253475] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 26.253621] Tainted: [N]=TEST [ 26.253655] Hardware name: linux,dummy-virt (DT) [ 26.253870] Call trace: [ 26.254043] show_stack+0x20/0x38 (C) [ 26.254184] dump_stack_lvl+0x8c/0xd0 [ 26.254238] print_report+0x118/0x608 [ 26.254286] kasan_report+0xdc/0x128 [ 26.254331] __asan_report_store1_noabort+0x20/0x30 [ 26.254378] kmalloc_oob_right+0x5a4/0x660 [ 26.254436] kunit_try_run_case+0x170/0x3f0 [ 26.254487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.254539] kthread+0x328/0x630 [ 26.254582] ret_from_fork+0x10/0x20 [ 26.254741] [ 26.254779] Allocated by task 148: [ 26.254892] kasan_save_stack+0x3c/0x68 [ 26.254948] kasan_save_track+0x20/0x40 [ 26.254986] kasan_save_alloc_info+0x40/0x58 [ 26.255022] __kasan_kmalloc+0xd4/0xd8 [ 26.255058] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.255098] kmalloc_oob_right+0xb0/0x660 [ 26.255134] kunit_try_run_case+0x170/0x3f0 [ 26.255170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.255213] kthread+0x328/0x630 [ 26.255243] ret_from_fork+0x10/0x20 [ 26.255295] [ 26.255352] The buggy address belongs to the object at fff00000c3fada00 [ 26.255352] which belongs to the cache kmalloc-128 of size 128 [ 26.255453] The buggy address is located 0 bytes to the right of [ 26.255453] allocated 115-byte region [fff00000c3fada00, fff00000c3fada73) [ 26.255518] [ 26.255597] The buggy address belongs to the physical page: [ 26.255793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fad [ 26.256116] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.256421] page_type: f5(slab) [ 26.256708] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000100 dead000000000122 [ 26.256770] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.256873] page dumped because: kasan: bad access detected [ 26.256912] [ 26.256938] Memory state around the buggy address: [ 26.257149] fff00000c3fad900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.257211] fff00000c3fad980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.257263] >fff00000c3fada00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.257315] ^ [ 26.257407] fff00000c3fada80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.257448] fff00000c3fadb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.257509] ==================================================================
[ 21.212313] ================================================================== [ 21.212993] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 21.213285] Write of size 1 at addr ffff88810257e678 by task kunit_try_catch/165 [ 21.213585] [ 21.213665] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 21.213711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.213722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.213743] Call Trace: [ 21.213755] <TASK> [ 21.213770] dump_stack_lvl+0x73/0xb0 [ 21.213794] print_report+0xd1/0x650 [ 21.213814] ? __virt_addr_valid+0x1db/0x2d0 [ 21.213835] ? kmalloc_oob_right+0x6bd/0x7f0 [ 21.213855] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.213878] ? kmalloc_oob_right+0x6bd/0x7f0 [ 21.213898] kasan_report+0x141/0x180 [ 21.213918] ? kmalloc_oob_right+0x6bd/0x7f0 [ 21.213954] __asan_report_store1_noabort+0x1b/0x30 [ 21.213976] kmalloc_oob_right+0x6bd/0x7f0 [ 21.213997] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 21.214017] ? __schedule+0x10cc/0x2b60 [ 21.214040] ? __pfx_read_tsc+0x10/0x10 [ 21.214061] ? ktime_get_ts64+0x86/0x230 [ 21.214085] kunit_try_run_case+0x1a5/0x480 [ 21.214109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.214131] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.214150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.214173] ? __kthread_parkme+0x82/0x180 [ 21.214192] ? preempt_count_sub+0x50/0x80 [ 21.214213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.214236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.214258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.214280] kthread+0x337/0x6f0 [ 21.214298] ? trace_preempt_on+0x20/0xc0 [ 21.214320] ? __pfx_kthread+0x10/0x10 [ 21.214339] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.214360] ? calculate_sigpending+0x7b/0xa0 [ 21.214382] ? __pfx_kthread+0x10/0x10 [ 21.214402] ret_from_fork+0x116/0x1d0 [ 21.214419] ? __pfx_kthread+0x10/0x10 [ 21.214438] ret_from_fork_asm+0x1a/0x30 [ 21.214466] </TASK> [ 21.214476] [ 21.220773] Allocated by task 165: [ 21.220891] kasan_save_stack+0x45/0x70 [ 21.221077] kasan_save_track+0x18/0x40 [ 21.221345] kasan_save_alloc_info+0x3b/0x50 [ 21.221591] __kasan_kmalloc+0xb7/0xc0 [ 21.221770] __kmalloc_cache_noprof+0x189/0x420 [ 21.221932] kmalloc_oob_right+0xa9/0x7f0 [ 21.222106] kunit_try_run_case+0x1a5/0x480 [ 21.222293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.222494] kthread+0x337/0x6f0 [ 21.222600] ret_from_fork+0x116/0x1d0 [ 21.222717] ret_from_fork_asm+0x1a/0x30 [ 21.222850] [ 21.222947] The buggy address belongs to the object at ffff88810257e600 [ 21.222947] which belongs to the cache kmalloc-128 of size 128 [ 21.223541] The buggy address is located 5 bytes to the right of [ 21.223541] allocated 115-byte region [ffff88810257e600, ffff88810257e673) [ 21.224001] [ 21.224077] The buggy address belongs to the physical page: [ 21.224294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257e [ 21.224617] flags: 0x200000000000000(node=0|zone=2) [ 21.224767] page_type: f5(slab) [ 21.224875] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.225329] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.225656] page dumped because: kasan: bad access detected [ 21.225818] [ 21.225878] Memory state around the buggy address: [ 21.226028] ffff88810257e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.226227] ffff88810257e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.226425] >ffff88810257e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.226922] ^ [ 21.227224] ffff88810257e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.227522] ffff88810257e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.227816] ================================================================== [ 21.181386] ================================================================== [ 21.182271] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 21.183031] Write of size 1 at addr ffff88810257e673 by task kunit_try_catch/165 [ 21.183481] [ 21.184558] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 21.184968] Tainted: [N]=TEST [ 21.185003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.185234] Call Trace: [ 21.185303] <TASK> [ 21.185445] dump_stack_lvl+0x73/0xb0 [ 21.185536] print_report+0xd1/0x650 [ 21.185564] ? __virt_addr_valid+0x1db/0x2d0 [ 21.185590] ? kmalloc_oob_right+0x6f0/0x7f0 [ 21.185610] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.185634] ? kmalloc_oob_right+0x6f0/0x7f0 [ 21.185654] kasan_report+0x141/0x180 [ 21.185674] ? kmalloc_oob_right+0x6f0/0x7f0 [ 21.185698] __asan_report_store1_noabort+0x1b/0x30 [ 21.185721] kmalloc_oob_right+0x6f0/0x7f0 [ 21.185741] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 21.185762] ? __schedule+0x10cc/0x2b60 [ 21.185786] ? __pfx_read_tsc+0x10/0x10 [ 21.185809] ? ktime_get_ts64+0x86/0x230 [ 21.185849] kunit_try_run_case+0x1a5/0x480 [ 21.185876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.185898] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.185917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.185951] ? __kthread_parkme+0x82/0x180 [ 21.185971] ? preempt_count_sub+0x50/0x80 [ 21.185994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.186017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.186039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.186061] kthread+0x337/0x6f0 [ 21.186079] ? trace_preempt_on+0x20/0xc0 [ 21.186102] ? __pfx_kthread+0x10/0x10 [ 21.186121] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.186142] ? calculate_sigpending+0x7b/0xa0 [ 21.186165] ? __pfx_kthread+0x10/0x10 [ 21.186185] ret_from_fork+0x116/0x1d0 [ 21.186203] ? __pfx_kthread+0x10/0x10 [ 21.186222] ret_from_fork_asm+0x1a/0x30 [ 21.186273] </TASK> [ 21.186337] [ 21.197509] Allocated by task 165: [ 21.197774] kasan_save_stack+0x45/0x70 [ 21.198263] kasan_save_track+0x18/0x40 [ 21.198628] kasan_save_alloc_info+0x3b/0x50 [ 21.199077] __kasan_kmalloc+0xb7/0xc0 [ 21.199368] __kmalloc_cache_noprof+0x189/0x420 [ 21.199716] kmalloc_oob_right+0xa9/0x7f0 [ 21.199987] kunit_try_run_case+0x1a5/0x480 [ 21.200415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.200722] kthread+0x337/0x6f0 [ 21.200854] ret_from_fork+0x116/0x1d0 [ 21.201240] ret_from_fork_asm+0x1a/0x30 [ 21.201573] [ 21.201689] The buggy address belongs to the object at ffff88810257e600 [ 21.201689] which belongs to the cache kmalloc-128 of size 128 [ 21.203102] The buggy address is located 0 bytes to the right of [ 21.203102] allocated 115-byte region [ffff88810257e600, ffff88810257e673) [ 21.203752] [ 21.203970] The buggy address belongs to the physical page: [ 21.204692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257e [ 21.205604] flags: 0x200000000000000(node=0|zone=2) [ 21.206277] page_type: f5(slab) [ 21.206705] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.206995] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.207753] page dumped because: kasan: bad access detected [ 21.208195] [ 21.208303] Memory state around the buggy address: [ 21.208790] ffff88810257e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.209193] ffff88810257e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.209526] >ffff88810257e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.209790] ^ [ 21.210287] ffff88810257e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.210598] ffff88810257e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.210918] ================================================================== [ 21.228361] ================================================================== [ 21.228575] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 21.228772] Read of size 1 at addr ffff88810257e680 by task kunit_try_catch/165 [ 21.229418] [ 21.229527] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 21.229573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.229586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.229606] Call Trace: [ 21.229619] <TASK> [ 21.229634] dump_stack_lvl+0x73/0xb0 [ 21.229658] print_report+0xd1/0x650 [ 21.229678] ? __virt_addr_valid+0x1db/0x2d0 [ 21.229700] ? kmalloc_oob_right+0x68a/0x7f0 [ 21.229719] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.229743] ? kmalloc_oob_right+0x68a/0x7f0 [ 21.229763] kasan_report+0x141/0x180 [ 21.229782] ? kmalloc_oob_right+0x68a/0x7f0 [ 21.229806] __asan_report_load1_noabort+0x18/0x20 [ 21.229827] kmalloc_oob_right+0x68a/0x7f0 [ 21.229847] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 21.229868] ? __schedule+0x10cc/0x2b60 [ 21.229891] ? __pfx_read_tsc+0x10/0x10 [ 21.229911] ? ktime_get_ts64+0x86/0x230 [ 21.229934] kunit_try_run_case+0x1a5/0x480 [ 21.229974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.229995] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.230015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.230038] ? __kthread_parkme+0x82/0x180 [ 21.230056] ? preempt_count_sub+0x50/0x80 [ 21.230078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.230100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.230135] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.230157] kthread+0x337/0x6f0 [ 21.230175] ? trace_preempt_on+0x20/0xc0 [ 21.230196] ? __pfx_kthread+0x10/0x10 [ 21.230215] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.230237] ? calculate_sigpending+0x7b/0xa0 [ 21.230258] ? __pfx_kthread+0x10/0x10 [ 21.230278] ret_from_fork+0x116/0x1d0 [ 21.230295] ? __pfx_kthread+0x10/0x10 [ 21.230314] ret_from_fork_asm+0x1a/0x30 [ 21.230342] </TASK> [ 21.230351] [ 21.236550] Allocated by task 165: [ 21.236715] kasan_save_stack+0x45/0x70 [ 21.236896] kasan_save_track+0x18/0x40 [ 21.237079] kasan_save_alloc_info+0x3b/0x50 [ 21.237490] __kasan_kmalloc+0xb7/0xc0 [ 21.237633] __kmalloc_cache_noprof+0x189/0x420 [ 21.237772] kmalloc_oob_right+0xa9/0x7f0 [ 21.237896] kunit_try_run_case+0x1a5/0x480 [ 21.238096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.238357] kthread+0x337/0x6f0 [ 21.238510] ret_from_fork+0x116/0x1d0 [ 21.238723] ret_from_fork_asm+0x1a/0x30 [ 21.238895] [ 21.238989] The buggy address belongs to the object at ffff88810257e600 [ 21.238989] which belongs to the cache kmalloc-128 of size 128 [ 21.239472] The buggy address is located 13 bytes to the right of [ 21.239472] allocated 115-byte region [ffff88810257e600, ffff88810257e673) [ 21.239909] [ 21.239981] The buggy address belongs to the physical page: [ 21.240159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257e [ 21.240610] flags: 0x200000000000000(node=0|zone=2) [ 21.240888] page_type: f5(slab) [ 21.241086] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.241424] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.241632] page dumped because: kasan: bad access detected [ 21.241788] [ 21.241848] Memory state around the buggy address: [ 21.242022] ffff88810257e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.242335] ffff88810257e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.242646] >ffff88810257e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.242964] ^ [ 21.243158] ffff88810257e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.243447] ffff88810257e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.243647] ==================================================================