Date
July 9, 2025, 1:08 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 29.004387] ================================================================== [ 29.004431] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 29.004479] Read of size 1 at addr fff00000c57d4a80 by task kunit_try_catch/168 [ 29.004526] [ 29.004554] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250709 #1 PREEMPT [ 29.004634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.004660] Hardware name: linux,dummy-virt (DT) [ 29.004688] Call trace: [ 29.004916] show_stack+0x20/0x38 (C) [ 29.004983] dump_stack_lvl+0x8c/0xd0 [ 29.005030] print_report+0x118/0x5d0 [ 29.005227] kasan_report+0xdc/0x128 [ 29.005272] __asan_report_load1_noabort+0x20/0x30 [ 29.005404] kmalloc_oob_right+0x5d0/0x660 [ 29.005479] kunit_try_run_case+0x170/0x3f0 [ 29.005540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.005594] kthread+0x328/0x630 [ 29.005635] ret_from_fork+0x10/0x20 [ 29.005900] [ 29.005927] Allocated by task 168: [ 29.005958] kasan_save_stack+0x3c/0x68 [ 29.006091] kasan_save_track+0x20/0x40 [ 29.006189] kasan_save_alloc_info+0x40/0x58 [ 29.006227] __kasan_kmalloc+0xd4/0xd8 [ 29.006263] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.006462] kmalloc_oob_right+0xb0/0x660 [ 29.006515] kunit_try_run_case+0x170/0x3f0 [ 29.006631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.006716] kthread+0x328/0x630 [ 29.006775] ret_from_fork+0x10/0x20 [ 29.006844] [ 29.006864] The buggy address belongs to the object at fff00000c57d4a00 [ 29.006864] which belongs to the cache kmalloc-128 of size 128 [ 29.006969] The buggy address is located 13 bytes to the right of [ 29.006969] allocated 115-byte region [fff00000c57d4a00, fff00000c57d4a73) [ 29.007237] [ 29.007392] The buggy address belongs to the physical page: [ 29.007429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d4 [ 29.007484] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.007530] page_type: f5(slab) [ 29.007717] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.007922] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.008077] page dumped because: kasan: bad access detected [ 29.008166] [ 29.008184] Memory state around the buggy address: [ 29.008221] fff00000c57d4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.008262] fff00000c57d4a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.008326] >fff00000c57d4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.008363] ^ [ 29.008390] fff00000c57d4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.008473] fff00000c57d4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.008624] ================================================================== [ 28.998544] ================================================================== [ 28.998606] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 28.998655] Write of size 1 at addr fff00000c57d4a78 by task kunit_try_catch/168 [ 28.998894] [ 28.998930] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250709 #1 PREEMPT [ 28.999296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.999339] Hardware name: linux,dummy-virt (DT) [ 28.999417] Call trace: [ 28.999441] show_stack+0x20/0x38 (C) [ 29.000049] dump_stack_lvl+0x8c/0xd0 [ 29.000165] print_report+0x118/0x5d0 [ 29.000211] kasan_report+0xdc/0x128 [ 29.000254] __asan_report_store1_noabort+0x20/0x30 [ 29.000302] kmalloc_oob_right+0x538/0x660 [ 29.000347] kunit_try_run_case+0x170/0x3f0 [ 29.000528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.000922] kthread+0x328/0x630 [ 29.001068] ret_from_fork+0x10/0x20 [ 29.001122] [ 29.001140] Allocated by task 168: [ 29.001170] kasan_save_stack+0x3c/0x68 [ 29.001338] kasan_save_track+0x20/0x40 [ 29.001376] kasan_save_alloc_info+0x40/0x58 [ 29.001711] __kasan_kmalloc+0xd4/0xd8 [ 29.001758] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.002124] kmalloc_oob_right+0xb0/0x660 [ 29.002259] kunit_try_run_case+0x170/0x3f0 [ 29.002353] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.002431] kthread+0x328/0x630 [ 29.002531] ret_from_fork+0x10/0x20 [ 29.002568] [ 29.002598] The buggy address belongs to the object at fff00000c57d4a00 [ 29.002598] which belongs to the cache kmalloc-128 of size 128 [ 29.002655] The buggy address is located 5 bytes to the right of [ 29.002655] allocated 115-byte region [fff00000c57d4a00, fff00000c57d4a73) [ 29.002721] [ 29.002741] The buggy address belongs to the physical page: [ 29.002769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d4 [ 29.002839] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.002885] page_type: f5(slab) [ 29.002924] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.002973] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.003035] page dumped because: kasan: bad access detected [ 29.003252] [ 29.003343] Memory state around the buggy address: [ 29.003396] fff00000c57d4900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.003463] fff00000c57d4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.003658] >fff00000c57d4a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.003727] ^ [ 29.003851] fff00000c57d4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.003957] fff00000c57d4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.004101] ================================================================== [ 28.990882] ================================================================== [ 28.991357] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 28.992264] Write of size 1 at addr fff00000c57d4a73 by task kunit_try_catch/168 [ 28.992371] [ 28.993136] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5-next-20250709 #1 PREEMPT [ 28.993283] Tainted: [N]=TEST [ 28.993316] Hardware name: linux,dummy-virt (DT) [ 28.993538] Call trace: [ 28.993715] show_stack+0x20/0x38 (C) [ 28.993854] dump_stack_lvl+0x8c/0xd0 [ 28.993910] print_report+0x118/0x5d0 [ 28.993955] kasan_report+0xdc/0x128 [ 28.993999] __asan_report_store1_noabort+0x20/0x30 [ 28.994048] kmalloc_oob_right+0x5a4/0x660 [ 28.994108] kunit_try_run_case+0x170/0x3f0 [ 28.994160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.994213] kthread+0x328/0x630 [ 28.994257] ret_from_fork+0x10/0x20 [ 28.994409] [ 28.994449] Allocated by task 168: [ 28.994567] kasan_save_stack+0x3c/0x68 [ 28.994633] kasan_save_track+0x20/0x40 [ 28.994672] kasan_save_alloc_info+0x40/0x58 [ 28.994709] __kasan_kmalloc+0xd4/0xd8 [ 28.994746] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.994788] kmalloc_oob_right+0xb0/0x660 [ 28.994826] kunit_try_run_case+0x170/0x3f0 [ 28.994864] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.994908] kthread+0x328/0x630 [ 28.994939] ret_from_fork+0x10/0x20 [ 28.994992] [ 28.995064] The buggy address belongs to the object at fff00000c57d4a00 [ 28.995064] which belongs to the cache kmalloc-128 of size 128 [ 28.995157] The buggy address is located 0 bytes to the right of [ 28.995157] allocated 115-byte region [fff00000c57d4a00, fff00000c57d4a73) [ 28.995224] [ 28.995302] The buggy address belongs to the physical page: [ 28.995474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d4 [ 28.995820] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.996133] page_type: f5(slab) [ 28.996429] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.996491] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.996597] page dumped because: kasan: bad access detected [ 28.996637] [ 28.996663] Memory state around the buggy address: [ 28.996880] fff00000c57d4900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.996944] fff00000c57d4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.996997] >fff00000c57d4a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.997049] ^ [ 28.997147] fff00000c57d4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.997189] fff00000c57d4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.997251] ==================================================================
[ 23.364607] ================================================================== [ 23.365220] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 23.366109] Write of size 1 at addr ffff88810456ac73 by task kunit_try_catch/186 [ 23.366624] [ 23.367981] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) [ 23.368346] Tainted: [N]=TEST [ 23.368379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.368607] Call Trace: [ 23.368676] <TASK> [ 23.368851] dump_stack_lvl+0x73/0xb0 [ 23.368948] print_report+0xd1/0x610 [ 23.368977] ? __virt_addr_valid+0x1db/0x2d0 [ 23.369004] ? kmalloc_oob_right+0x6f0/0x7f0 [ 23.369025] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.369051] ? kmalloc_oob_right+0x6f0/0x7f0 [ 23.369072] kasan_report+0x141/0x180 [ 23.369093] ? kmalloc_oob_right+0x6f0/0x7f0 [ 23.369119] __asan_report_store1_noabort+0x1b/0x30 [ 23.369143] kmalloc_oob_right+0x6f0/0x7f0 [ 23.369165] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 23.369188] ? __schedule+0x10cc/0x2b60 [ 23.369212] ? __pfx_read_tsc+0x10/0x10 [ 23.369235] ? ktime_get_ts64+0x86/0x230 [ 23.369261] kunit_try_run_case+0x1a5/0x480 [ 23.369285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.369305] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.369328] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.369351] ? __kthread_parkme+0x82/0x180 [ 23.369373] ? preempt_count_sub+0x50/0x80 [ 23.369397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.369418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.369443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.369467] kthread+0x337/0x6f0 [ 23.369487] ? trace_preempt_on+0x20/0xc0 [ 23.369512] ? __pfx_kthread+0x10/0x10 [ 23.369533] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.369554] ? calculate_sigpending+0x7b/0xa0 [ 23.369579] ? __pfx_kthread+0x10/0x10 [ 23.369600] ret_from_fork+0x116/0x1d0 [ 23.369619] ? __pfx_kthread+0x10/0x10 [ 23.369639] ret_from_fork_asm+0x1a/0x30 [ 23.369691] </TASK> [ 23.369793] [ 23.380352] Allocated by task 186: [ 23.380867] kasan_save_stack+0x45/0x70 [ 23.381067] kasan_save_track+0x18/0x40 [ 23.381261] kasan_save_alloc_info+0x3b/0x50 [ 23.381524] __kasan_kmalloc+0xb7/0xc0 [ 23.381754] __kmalloc_cache_noprof+0x189/0x420 [ 23.382144] kmalloc_oob_right+0xa9/0x7f0 [ 23.382349] kunit_try_run_case+0x1a5/0x480 [ 23.382548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.383027] kthread+0x337/0x6f0 [ 23.383246] ret_from_fork+0x116/0x1d0 [ 23.383595] ret_from_fork_asm+0x1a/0x30 [ 23.383892] [ 23.384036] The buggy address belongs to the object at ffff88810456ac00 [ 23.384036] which belongs to the cache kmalloc-128 of size 128 [ 23.384973] The buggy address is located 0 bytes to the right of [ 23.384973] allocated 115-byte region [ffff88810456ac00, ffff88810456ac73) [ 23.385610] [ 23.385968] The buggy address belongs to the physical page: [ 23.386644] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10456a [ 23.387380] flags: 0x200000000000000(node=0|zone=2) [ 23.388142] page_type: f5(slab) [ 23.388682] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.389304] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.389794] page dumped because: kasan: bad access detected [ 23.390100] [ 23.390187] Memory state around the buggy address: [ 23.390716] ffff88810456ab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.391108] ffff88810456ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.391432] >ffff88810456ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.391791] ^ [ 23.392222] ffff88810456ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.392495] ffff88810456ad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.392862] ================================================================== [ 23.394403] ================================================================== [ 23.395407] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 23.395658] Write of size 1 at addr ffff88810456ac78 by task kunit_try_catch/186 [ 23.395902] [ 23.395990] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) [ 23.396040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.396052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.396076] Call Trace: [ 23.396092] <TASK> [ 23.396112] dump_stack_lvl+0x73/0xb0 [ 23.396144] print_report+0xd1/0x610 [ 23.396166] ? __virt_addr_valid+0x1db/0x2d0 [ 23.396191] ? kmalloc_oob_right+0x6bd/0x7f0 [ 23.396211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.396237] ? kmalloc_oob_right+0x6bd/0x7f0 [ 23.396258] kasan_report+0x141/0x180 [ 23.396279] ? kmalloc_oob_right+0x6bd/0x7f0 [ 23.396304] __asan_report_store1_noabort+0x1b/0x30 [ 23.396327] kmalloc_oob_right+0x6bd/0x7f0 [ 23.396348] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 23.396370] ? __schedule+0x10cc/0x2b60 [ 23.396393] ? __pfx_read_tsc+0x10/0x10 [ 23.396415] ? ktime_get_ts64+0x86/0x230 [ 23.396439] kunit_try_run_case+0x1a5/0x480 [ 23.396462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.396482] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.396505] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.396528] ? __kthread_parkme+0x82/0x180 [ 23.396549] ? preempt_count_sub+0x50/0x80 [ 23.396573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.396594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.396618] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.396642] kthread+0x337/0x6f0 [ 23.396661] ? trace_preempt_on+0x20/0xc0 [ 23.396685] ? __pfx_kthread+0x10/0x10 [ 23.396717] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.396740] ? calculate_sigpending+0x7b/0xa0 [ 23.396763] ? __pfx_kthread+0x10/0x10 [ 23.396784] ret_from_fork+0x116/0x1d0 [ 23.396803] ? __pfx_kthread+0x10/0x10 [ 23.396823] ret_from_fork_asm+0x1a/0x30 [ 23.396854] </TASK> [ 23.396864] [ 23.411106] Allocated by task 186: [ 23.411574] kasan_save_stack+0x45/0x70 [ 23.412117] kasan_save_track+0x18/0x40 [ 23.412253] kasan_save_alloc_info+0x3b/0x50 [ 23.412394] __kasan_kmalloc+0xb7/0xc0 [ 23.412518] __kmalloc_cache_noprof+0x189/0x420 [ 23.412666] kmalloc_oob_right+0xa9/0x7f0 [ 23.412933] kunit_try_run_case+0x1a5/0x480 [ 23.413075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.413264] kthread+0x337/0x6f0 [ 23.413433] ret_from_fork+0x116/0x1d0 [ 23.413615] ret_from_fork_asm+0x1a/0x30 [ 23.413874] [ 23.414166] The buggy address belongs to the object at ffff88810456ac00 [ 23.414166] which belongs to the cache kmalloc-128 of size 128 [ 23.414507] The buggy address is located 5 bytes to the right of [ 23.414507] allocated 115-byte region [ffff88810456ac00, ffff88810456ac73) [ 23.415471] [ 23.415580] The buggy address belongs to the physical page: [ 23.416224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10456a [ 23.416766] flags: 0x200000000000000(node=0|zone=2) [ 23.417109] page_type: f5(slab) [ 23.417505] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.418228] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.418766] page dumped because: kasan: bad access detected [ 23.418979] [ 23.419179] Memory state around the buggy address: [ 23.419432] ffff88810456ab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.419876] ffff88810456ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.420130] >ffff88810456ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.420581] ^ [ 23.421219] ffff88810456ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.421548] ffff88810456ad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.422068] ================================================================== [ 23.422676] ================================================================== [ 23.423089] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 23.423356] Read of size 1 at addr ffff88810456ac80 by task kunit_try_catch/186 [ 23.423712] [ 23.423899] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) [ 23.423949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.423961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.423983] Call Trace: [ 23.424004] <TASK> [ 23.424027] dump_stack_lvl+0x73/0xb0 [ 23.424058] print_report+0xd1/0x610 [ 23.424080] ? __virt_addr_valid+0x1db/0x2d0 [ 23.424103] ? kmalloc_oob_right+0x68a/0x7f0 [ 23.424124] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.424149] ? kmalloc_oob_right+0x68a/0x7f0 [ 23.424169] kasan_report+0x141/0x180 [ 23.424191] ? kmalloc_oob_right+0x68a/0x7f0 [ 23.424216] __asan_report_load1_noabort+0x18/0x20 [ 23.424239] kmalloc_oob_right+0x68a/0x7f0 [ 23.424260] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 23.424322] ? __schedule+0x10cc/0x2b60 [ 23.424407] ? __pfx_read_tsc+0x10/0x10 [ 23.424453] ? ktime_get_ts64+0x86/0x230 [ 23.424489] kunit_try_run_case+0x1a5/0x480 [ 23.424512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.424532] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.424555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.424578] ? __kthread_parkme+0x82/0x180 [ 23.424598] ? preempt_count_sub+0x50/0x80 [ 23.424621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.424642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.424666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.424690] kthread+0x337/0x6f0 [ 23.424720] ? trace_preempt_on+0x20/0xc0 [ 23.424744] ? __pfx_kthread+0x10/0x10 [ 23.424764] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.424827] ? calculate_sigpending+0x7b/0xa0 [ 23.424852] ? __pfx_kthread+0x10/0x10 [ 23.424873] ret_from_fork+0x116/0x1d0 [ 23.424903] ? __pfx_kthread+0x10/0x10 [ 23.424923] ret_from_fork_asm+0x1a/0x30 [ 23.424954] </TASK> [ 23.424966] [ 23.436254] Allocated by task 186: [ 23.436597] kasan_save_stack+0x45/0x70 [ 23.437025] kasan_save_track+0x18/0x40 [ 23.437239] kasan_save_alloc_info+0x3b/0x50 [ 23.437424] __kasan_kmalloc+0xb7/0xc0 [ 23.437592] __kmalloc_cache_noprof+0x189/0x420 [ 23.438078] kmalloc_oob_right+0xa9/0x7f0 [ 23.438392] kunit_try_run_case+0x1a5/0x480 [ 23.438603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.438980] kthread+0x337/0x6f0 [ 23.439323] ret_from_fork+0x116/0x1d0 [ 23.439488] ret_from_fork_asm+0x1a/0x30 [ 23.439659] [ 23.439753] The buggy address belongs to the object at ffff88810456ac00 [ 23.439753] which belongs to the cache kmalloc-128 of size 128 [ 23.440541] The buggy address is located 13 bytes to the right of [ 23.440541] allocated 115-byte region [ffff88810456ac00, ffff88810456ac73) [ 23.441495] [ 23.441734] The buggy address belongs to the physical page: [ 23.442307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10456a [ 23.442620] flags: 0x200000000000000(node=0|zone=2) [ 23.443047] page_type: f5(slab) [ 23.443316] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.443781] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.444409] page dumped because: kasan: bad access detected [ 23.444646] [ 23.444745] Memory state around the buggy address: [ 23.445454] ffff88810456ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.446096] ffff88810456ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.446403] >ffff88810456ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.446686] ^ [ 23.447139] ffff88810456ad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.447621] ffff88810456ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.448364] ==================================================================