Date
July 16, 2025, 12:11 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 30.287059] ================================================================== [ 30.287097] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 30.287138] Read of size 1 at addr fff00000c6361680 by task kunit_try_catch/167 [ 30.287185] [ 30.287214] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 30.287294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.287320] Hardware name: linux,dummy-virt (DT) [ 30.287349] Call trace: [ 30.287369] show_stack+0x20/0x38 (C) [ 30.287414] dump_stack_lvl+0x8c/0xd0 [ 30.287460] print_report+0x118/0x5d0 [ 30.287503] kasan_report+0xdc/0x128 [ 30.287557] __asan_report_load1_noabort+0x20/0x30 [ 30.287605] kmalloc_oob_right+0x5d0/0x660 [ 30.287651] kunit_try_run_case+0x170/0x3f0 [ 30.287757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.287949] kthread+0x328/0x630 [ 30.288020] ret_from_fork+0x10/0x20 [ 30.288066] [ 30.288084] Allocated by task 167: [ 30.288111] kasan_save_stack+0x3c/0x68 [ 30.288222] kasan_save_track+0x20/0x40 [ 30.288291] kasan_save_alloc_info+0x40/0x58 [ 30.288483] __kasan_kmalloc+0xd4/0xd8 [ 30.288670] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.288728] kmalloc_oob_right+0xb0/0x660 [ 30.288765] kunit_try_run_case+0x170/0x3f0 [ 30.288801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.288843] kthread+0x328/0x630 [ 30.288874] ret_from_fork+0x10/0x20 [ 30.288909] [ 30.288981] The buggy address belongs to the object at fff00000c6361600 [ 30.288981] which belongs to the cache kmalloc-128 of size 128 [ 30.289294] The buggy address is located 13 bytes to the right of [ 30.289294] allocated 115-byte region [fff00000c6361600, fff00000c6361673) [ 30.289414] [ 30.289469] The buggy address belongs to the physical page: [ 30.289572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106361 [ 30.289622] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.290466] page_type: f5(slab) [ 30.290614] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.290760] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.290863] page dumped because: kasan: bad access detected [ 30.290943] [ 30.290961] Memory state around the buggy address: [ 30.290993] fff00000c6361580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.291317] fff00000c6361600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.291374] >fff00000c6361680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.291668] ^ [ 30.291794] fff00000c6361700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.291901] fff00000c6361780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.292027] ================================================================== [ 30.277349] ================================================================== [ 30.277699] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 30.278536] Write of size 1 at addr fff00000c6361673 by task kunit_try_catch/167 [ 30.278646] [ 30.279436] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 30.279615] Tainted: [N]=TEST [ 30.279648] Hardware name: linux,dummy-virt (DT) [ 30.279933] Call trace: [ 30.280115] show_stack+0x20/0x38 (C) [ 30.280256] dump_stack_lvl+0x8c/0xd0 [ 30.280310] print_report+0x118/0x5d0 [ 30.280354] kasan_report+0xdc/0x128 [ 30.280397] __asan_report_store1_noabort+0x20/0x30 [ 30.280446] kmalloc_oob_right+0x5a4/0x660 [ 30.280493] kunit_try_run_case+0x170/0x3f0 [ 30.280556] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.280608] kthread+0x328/0x630 [ 30.280652] ret_from_fork+0x10/0x20 [ 30.280811] [ 30.280849] Allocated by task 167: [ 30.280962] kasan_save_stack+0x3c/0x68 [ 30.281025] kasan_save_track+0x20/0x40 [ 30.281061] kasan_save_alloc_info+0x40/0x58 [ 30.281099] __kasan_kmalloc+0xd4/0xd8 [ 30.281137] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.281179] kmalloc_oob_right+0xb0/0x660 [ 30.281217] kunit_try_run_case+0x170/0x3f0 [ 30.281252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.281295] kthread+0x328/0x630 [ 30.281326] ret_from_fork+0x10/0x20 [ 30.281378] [ 30.281435] The buggy address belongs to the object at fff00000c6361600 [ 30.281435] which belongs to the cache kmalloc-128 of size 128 [ 30.281538] The buggy address is located 0 bytes to the right of [ 30.281538] allocated 115-byte region [fff00000c6361600, fff00000c6361673) [ 30.281608] [ 30.281690] The buggy address belongs to the physical page: [ 30.281858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106361 [ 30.282122] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.282410] page_type: f5(slab) [ 30.282714] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.282791] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.282898] page dumped because: kasan: bad access detected [ 30.282937] [ 30.282962] Memory state around the buggy address: [ 30.283178] fff00000c6361500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.283242] fff00000c6361580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.283296] >fff00000c6361600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.283350] ^ [ 30.283435] fff00000c6361680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.283478] fff00000c6361700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.283555] ================================================================== [ 30.284638] ================================================================== [ 30.284677] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 30.284725] Write of size 1 at addr fff00000c6361678 by task kunit_try_catch/167 [ 30.284773] [ 30.284802] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 30.284884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.284910] Hardware name: linux,dummy-virt (DT) [ 30.284939] Call trace: [ 30.284959] show_stack+0x20/0x38 (C) [ 30.285005] dump_stack_lvl+0x8c/0xd0 [ 30.285050] print_report+0x118/0x5d0 [ 30.285093] kasan_report+0xdc/0x128 [ 30.285136] __asan_report_store1_noabort+0x20/0x30 [ 30.285185] kmalloc_oob_right+0x538/0x660 [ 30.285231] kunit_try_run_case+0x170/0x3f0 [ 30.285277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.285329] kthread+0x328/0x630 [ 30.285370] ret_from_fork+0x10/0x20 [ 30.285415] [ 30.285432] Allocated by task 167: [ 30.285458] kasan_save_stack+0x3c/0x68 [ 30.285496] kasan_save_track+0x20/0x40 [ 30.285561] kasan_save_alloc_info+0x40/0x58 [ 30.285600] __kasan_kmalloc+0xd4/0xd8 [ 30.285636] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.285704] kmalloc_oob_right+0xb0/0x660 [ 30.285816] kunit_try_run_case+0x170/0x3f0 [ 30.285852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.285895] kthread+0x328/0x630 [ 30.285946] ret_from_fork+0x10/0x20 [ 30.286041] [ 30.286125] The buggy address belongs to the object at fff00000c6361600 [ 30.286125] which belongs to the cache kmalloc-128 of size 128 [ 30.286249] The buggy address is located 5 bytes to the right of [ 30.286249] allocated 115-byte region [fff00000c6361600, fff00000c6361673) [ 30.286339] [ 30.286359] The buggy address belongs to the physical page: [ 30.286393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106361 [ 30.286444] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.286489] page_type: f5(slab) [ 30.286535] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.286584] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.286623] page dumped because: kasan: bad access detected [ 30.286653] [ 30.286671] Memory state around the buggy address: [ 30.286702] fff00000c6361500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.286744] fff00000c6361580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.286786] >fff00000c6361600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.286823] ^ [ 30.286861] fff00000c6361680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.286902] fff00000c6361700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.286939] ==================================================================
[ 22.563756] ================================================================== [ 22.564133] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 22.564379] Read of size 1 at addr ffff88810539f780 by task kunit_try_catch/185 [ 22.564868] [ 22.565014] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 22.565060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.565072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.565092] Call Trace: [ 22.565108] <TASK> [ 22.565121] dump_stack_lvl+0x73/0xb0 [ 22.565148] print_report+0xd1/0x610 [ 22.565169] ? __virt_addr_valid+0x1db/0x2d0 [ 22.565191] ? kmalloc_oob_right+0x68a/0x7f0 [ 22.565211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.565236] ? kmalloc_oob_right+0x68a/0x7f0 [ 22.565268] kasan_report+0x141/0x180 [ 22.565289] ? kmalloc_oob_right+0x68a/0x7f0 [ 22.565314] __asan_report_load1_noabort+0x18/0x20 [ 22.565337] kmalloc_oob_right+0x68a/0x7f0 [ 22.565358] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 22.565380] ? __schedule+0x10c6/0x2b60 [ 22.565401] ? __pfx_read_tsc+0x10/0x10 [ 22.565423] ? ktime_get_ts64+0x86/0x230 [ 22.565447] kunit_try_run_case+0x1a5/0x480 [ 22.565470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.565491] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.565513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.565535] ? __kthread_parkme+0x82/0x180 [ 22.565570] ? preempt_count_sub+0x50/0x80 [ 22.565594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.565617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.565642] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.565668] kthread+0x337/0x6f0 [ 22.565687] ? trace_preempt_on+0x20/0xc0 [ 22.565708] ? __pfx_kthread+0x10/0x10 [ 22.565728] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.565748] ? calculate_sigpending+0x7b/0xa0 [ 22.565770] ? __pfx_kthread+0x10/0x10 [ 22.565791] ret_from_fork+0x116/0x1d0 [ 22.565809] ? __pfx_kthread+0x10/0x10 [ 22.565829] ret_from_fork_asm+0x1a/0x30 [ 22.565859] </TASK> [ 22.565869] [ 22.573145] Allocated by task 185: [ 22.573333] kasan_save_stack+0x45/0x70 [ 22.573717] kasan_save_track+0x18/0x40 [ 22.573893] kasan_save_alloc_info+0x3b/0x50 [ 22.574083] __kasan_kmalloc+0xb7/0xc0 [ 22.574208] __kmalloc_cache_noprof+0x189/0x420 [ 22.574382] kmalloc_oob_right+0xa9/0x7f0 [ 22.574579] kunit_try_run_case+0x1a5/0x480 [ 22.574896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.575192] kthread+0x337/0x6f0 [ 22.575330] ret_from_fork+0x116/0x1d0 [ 22.575456] ret_from_fork_asm+0x1a/0x30 [ 22.575617] [ 22.575704] The buggy address belongs to the object at ffff88810539f700 [ 22.575704] which belongs to the cache kmalloc-128 of size 128 [ 22.576198] The buggy address is located 13 bytes to the right of [ 22.576198] allocated 115-byte region [ffff88810539f700, ffff88810539f773) [ 22.576793] [ 22.576935] The buggy address belongs to the physical page: [ 22.577142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10539f [ 22.577453] flags: 0x200000000000000(node=0|zone=2) [ 22.577725] page_type: f5(slab) [ 22.577853] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.578130] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.578471] page dumped because: kasan: bad access detected [ 22.578834] [ 22.579015] Memory state around the buggy address: [ 22.579206] ffff88810539f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.579498] ffff88810539f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.579778] >ffff88810539f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.579982] ^ [ 22.580091] ffff88810539f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.580335] ffff88810539f880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.580731] ================================================================== [ 22.546084] ================================================================== [ 22.546417] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 22.546716] Write of size 1 at addr ffff88810539f778 by task kunit_try_catch/185 [ 22.547016] [ 22.547325] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 22.547377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.547389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.547408] Call Trace: [ 22.547420] <TASK> [ 22.547435] dump_stack_lvl+0x73/0xb0 [ 22.547464] print_report+0xd1/0x610 [ 22.547486] ? __virt_addr_valid+0x1db/0x2d0 [ 22.547508] ? kmalloc_oob_right+0x6bd/0x7f0 [ 22.547528] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.547563] ? kmalloc_oob_right+0x6bd/0x7f0 [ 22.547584] kasan_report+0x141/0x180 [ 22.547605] ? kmalloc_oob_right+0x6bd/0x7f0 [ 22.547630] __asan_report_store1_noabort+0x1b/0x30 [ 22.547654] kmalloc_oob_right+0x6bd/0x7f0 [ 22.547675] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 22.547697] ? __schedule+0x10c6/0x2b60 [ 22.547718] ? __pfx_read_tsc+0x10/0x10 [ 22.547740] ? ktime_get_ts64+0x86/0x230 [ 22.547764] kunit_try_run_case+0x1a5/0x480 [ 22.547786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.547807] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.547829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.547851] ? __kthread_parkme+0x82/0x180 [ 22.547871] ? preempt_count_sub+0x50/0x80 [ 22.547905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.547928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.547954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.547980] kthread+0x337/0x6f0 [ 22.547999] ? trace_preempt_on+0x20/0xc0 [ 22.548023] ? __pfx_kthread+0x10/0x10 [ 22.548044] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.548066] ? calculate_sigpending+0x7b/0xa0 [ 22.548089] ? __pfx_kthread+0x10/0x10 [ 22.548110] ret_from_fork+0x116/0x1d0 [ 22.548129] ? __pfx_kthread+0x10/0x10 [ 22.548149] ret_from_fork_asm+0x1a/0x30 [ 22.548179] </TASK> [ 22.548189] [ 22.555379] Allocated by task 185: [ 22.555506] kasan_save_stack+0x45/0x70 [ 22.555642] kasan_save_track+0x18/0x40 [ 22.555774] kasan_save_alloc_info+0x3b/0x50 [ 22.556015] __kasan_kmalloc+0xb7/0xc0 [ 22.556244] __kmalloc_cache_noprof+0x189/0x420 [ 22.556466] kmalloc_oob_right+0xa9/0x7f0 [ 22.556670] kunit_try_run_case+0x1a5/0x480 [ 22.556809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.557055] kthread+0x337/0x6f0 [ 22.557273] ret_from_fork+0x116/0x1d0 [ 22.557453] ret_from_fork_asm+0x1a/0x30 [ 22.557705] [ 22.557771] The buggy address belongs to the object at ffff88810539f700 [ 22.557771] which belongs to the cache kmalloc-128 of size 128 [ 22.558448] The buggy address is located 5 bytes to the right of [ 22.558448] allocated 115-byte region [ffff88810539f700, ffff88810539f773) [ 22.558822] [ 22.558887] The buggy address belongs to the physical page: [ 22.559095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10539f [ 22.559456] flags: 0x200000000000000(node=0|zone=2) [ 22.559774] page_type: f5(slab) [ 22.560043] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.560530] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.560889] page dumped because: kasan: bad access detected [ 22.561091] [ 22.561181] Memory state around the buggy address: [ 22.561380] ffff88810539f600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.561702] ffff88810539f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.562142] >ffff88810539f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.562432] ^ [ 22.562767] ffff88810539f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.562977] ffff88810539f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.563290] ================================================================== [ 22.510538] ================================================================== [ 22.511743] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 22.513175] Write of size 1 at addr ffff88810539f773 by task kunit_try_catch/185 [ 22.514347] [ 22.515975] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 22.516346] Tainted: [N]=TEST [ 22.516379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.516590] Call Trace: [ 22.516657] <TASK> [ 22.516799] dump_stack_lvl+0x73/0xb0 [ 22.516913] print_report+0xd1/0x610 [ 22.516942] ? __virt_addr_valid+0x1db/0x2d0 [ 22.516968] ? kmalloc_oob_right+0x6f0/0x7f0 [ 22.516988] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.517013] ? kmalloc_oob_right+0x6f0/0x7f0 [ 22.517034] kasan_report+0x141/0x180 [ 22.517055] ? kmalloc_oob_right+0x6f0/0x7f0 [ 22.517081] __asan_report_store1_noabort+0x1b/0x30 [ 22.517104] kmalloc_oob_right+0x6f0/0x7f0 [ 22.517125] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 22.517147] ? __schedule+0x10c6/0x2b60 [ 22.517170] ? __pfx_read_tsc+0x10/0x10 [ 22.517195] ? ktime_get_ts64+0x86/0x230 [ 22.517223] kunit_try_run_case+0x1a5/0x480 [ 22.517249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.517283] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.517306] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.517328] ? __kthread_parkme+0x82/0x180 [ 22.517349] ? preempt_count_sub+0x50/0x80 [ 22.517374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.517397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.517423] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.517449] kthread+0x337/0x6f0 [ 22.517468] ? trace_preempt_on+0x20/0xc0 [ 22.517492] ? __pfx_kthread+0x10/0x10 [ 22.517512] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.517532] ? calculate_sigpending+0x7b/0xa0 [ 22.517564] ? __pfx_kthread+0x10/0x10 [ 22.517584] ret_from_fork+0x116/0x1d0 [ 22.517603] ? __pfx_kthread+0x10/0x10 [ 22.517623] ret_from_fork_asm+0x1a/0x30 [ 22.517677] </TASK> [ 22.517741] [ 22.529080] Allocated by task 185: [ 22.529528] kasan_save_stack+0x45/0x70 [ 22.529947] kasan_save_track+0x18/0x40 [ 22.530244] kasan_save_alloc_info+0x3b/0x50 [ 22.530654] __kasan_kmalloc+0xb7/0xc0 [ 22.530788] __kmalloc_cache_noprof+0x189/0x420 [ 22.531082] kmalloc_oob_right+0xa9/0x7f0 [ 22.531458] kunit_try_run_case+0x1a5/0x480 [ 22.531849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.532385] kthread+0x337/0x6f0 [ 22.532511] ret_from_fork+0x116/0x1d0 [ 22.532851] ret_from_fork_asm+0x1a/0x30 [ 22.533304] [ 22.533583] The buggy address belongs to the object at ffff88810539f700 [ 22.533583] which belongs to the cache kmalloc-128 of size 128 [ 22.534460] The buggy address is located 0 bytes to the right of [ 22.534460] allocated 115-byte region [ffff88810539f700, ffff88810539f773) [ 22.535484] [ 22.535762] The buggy address belongs to the physical page: [ 22.536507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10539f [ 22.537352] flags: 0x200000000000000(node=0|zone=2) [ 22.538220] page_type: f5(slab) [ 22.538696] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.539436] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.540226] page dumped because: kasan: bad access detected [ 22.540431] [ 22.540505] Memory state around the buggy address: [ 22.541148] ffff88810539f600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.541891] ffff88810539f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.542757] >ffff88810539f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.543305] ^ [ 22.543993] ffff88810539f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.544211] ffff88810539f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.544488] ==================================================================