Hay
Sign in
Date
July 23, 2025, 3:10 a.m.

Environment
qemu-arm64
qemu-x86_64 

[   30.483423] ==================================================================
[   30.483823] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0
[   30.483919] Read of size 18446744073709551614 at addr fff00000ffebe004 by task kunit_try_catch/213
[   30.484268] 
[   30.484352] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250723 #1 PREEMPT 
[   30.484682] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.484841] Hardware name: linux,dummy-virt (DT)
[   30.484986] Call trace:
[   30.485014]  show_stack+0x20/0x38 (C)
[   30.485068]  dump_stack_lvl+0x8c/0xd0
[   30.485262]  print_report+0x118/0x5e8
[   30.485414]  kasan_report+0xdc/0x128
[   30.485569]  kasan_check_range+0x100/0x1a8
[   30.485640]  __asan_memmove+0x3c/0x98
[   30.486045]  kmalloc_memmove_negative_size+0x154/0x2e0
[   30.486166]  kunit_try_run_case+0x170/0x3f0
[   30.486293]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.486538]  kthread+0x328/0x630
[   30.486798]  ret_from_fork+0x10/0x20
[   30.487151] 
[   30.487197] Allocated by task 2846403498:
[   30.487723] ------------[ cut here ]------------
[   30.487945] pool index 44973 out of bounds (219) for stack id adacafae
[   30.491715] WARNING: lib/stackdepot.c:500 at depot_fetch_stack+0x68/0x88, CPU#0: kunit_try_catch/213
[   31.038074] Modules linked in:
[   31.039604] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250723 #1 PREEMPT 
[   31.040876] Tainted: [B]=BAD_PAGE, [N]=TEST
[   31.041532] Hardware name: linux,dummy-virt (DT)
[   31.042293] pstate: 614000c9 (nZCv daIF +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[   31.043298] pc : depot_fetch_stack+0x68/0x88
[   31.043998] lr : depot_fetch_stack+0x68/0x88
[   31.044662] sp : ffff8000809c7a20
[   31.045263] x29: ffff8000809c7a20 x28: ffff91bcfe190000 x27: 1ffff00010010f61
[   31.046414] x26: 1ffff00010010f60 x25: 0000000000000000 x24: ffff91bcf6f7f6c4
[   31.047408] x23: ffffc1ffc3ffaf80 x22: ffff91bcfbaa5360 x21: ffff91bcfbaa86c0
[   31.048298] x20: fff00000ffebe004 x19: ffff8000809c7b30 x18: 00000000f558d2a4
[   31.048663] x17: 000000006a14b336 x16: 00000000f1f1f1f1 x15: 0000000000000007
[   31.049017] x14: 0000000000000000 x13: 0000000000000007 x12: ffff700010138ea1
[   31.049358] x11: 1ffff00010138ea0 x10: ffff700010138ea0 x9 : ffff91bcf68f11ec
[   31.049748] x8 : ffff8000809c7507 x7 : 0000000000000001 x6 : ffff700010138ea0
[   31.050936] x5 : ffff8000809c7500 x4 : 1ffe000019367289 x3 : dfff800000000000
[   31.052016] x2 : 0000000000000000 x1 : 0000000000000000 x0 : fff00000c9b39440
[   31.052948] Call trace:
[   31.053121]  depot_fetch_stack+0x68/0x88 (P)
[   31.053343]  stack_depot_print+0x24/0x60
[   31.053535]  print_report+0x5dc/0x5e8
[   31.053720]  kasan_report+0xdc/0x128
[   31.054304]  kasan_check_range+0x100/0x1a8
[   31.054867]  __asan_memmove+0x3c/0x98
[   31.055465]  kmalloc_memmove_negative_size+0x154/0x2e0
[   31.056305]  kunit_try_run_case+0x170/0x3f0
[   31.056840]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.057663]  kthread+0x328/0x630
[   31.058210]  ret_from_fork+0x10/0x20
[   31.058841] ---[ end trace 0000000000000000 ]---
[   31.059815] ------------[ cut here ]------------
[   31.059875] corrupt handle or use after stack_depot_put()
[   31.060163] WARNING: lib/stackdepot.c:772 at stack_depot_print+0x54/0x60, CPU#0: kunit_try_catch/213
[   31.062284] Modules linked in:
[   31.062505] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250723 #1 PREEMPT 
[   31.063232] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   31.063976] Hardware name: linux,dummy-virt (DT)
[   31.064668] pstate: 614000c9 (nZCv daIF +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[   31.065618] pc : stack_depot_print+0x54/0x60
[   31.066265] lr : stack_depot_print+0x54/0x60
[   31.066913] sp : ffff8000809c7a30
[   31.067507] x29: ffff8000809c7a30 x28: ffff91bcfe190000 x27: 1ffff00010010f61
[   31.068344] x26: 1ffff00010010f60 x25: 0000000000000000 x24: ffff91bcf6f7f6c4
[   31.068714] x23: ffffc1ffc3ffaf80 x22: ffff91bcfbaa5360 x21: ffff91bcfbaa86c0
[   31.069803] x20: fff00000ffebe004 x19: ffff8000809c7b30 x18: 00000000f558d2a4
[   31.070936] x17: 000000006a14b336 x16: 00000000f1f1f1f1 x15: 00000000f3f3f3f3
[   31.071974] x14: ffff700010138f26 x13: 1ffe000019367289 x12: ffff72379fb15509
[   31.073015] x11: 1ffff2379fb15508 x10: ffff72379fb15508 x9 : ffff91bcf68f11ec
[   31.073771] x8 : ffff91bcfd8aa843 x7 : 0000000000000001 x6 : ffff72379fb15508
[   31.074152] x5 : ffff91bcfd8aa840 x4 : 1ffe000019367289 x3 : dfff800000000000
[   31.074509] x2 : 0000000000000000 x1 : 0000000000000000 x0 : fff00000c9b39440
[   31.074857] Call trace:
[   31.075526]  stack_depot_print+0x54/0x60 (P)
[   31.076478]  print_report+0x5dc/0x5e8
[   31.077040]  kasan_report+0xdc/0x128
[   31.077631]  kasan_check_range+0x100/0x1a8
[   31.078338]  __asan_memmove+0x3c/0x98
[   31.078949]  kmalloc_memmove_negative_size+0x154/0x2e0
[   31.079728]  kunit_try_run_case+0x170/0x3f0
[   31.080373]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.081185]  kthread+0x328/0x630
[   31.081717]  ret_from_fork+0x10/0x20
[   31.082170] ---[ end trace 0000000000000000 ]---
[   31.082494] 
[   31.082528] Last potentially related work creation:
[   31.082567] ------------[ cut here ]------------
[   31.082591] pool index 43945 out of bounds (219) for stack id a9a8abaa
[   31.082694] WARNING: lib/stackdepot.c:500 at depot_fetch_stack+0x68/0x88, CPU#0: kunit_try_catch/213
[   31.083950] Modules linked in:
[   31.084192] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250723 #1 PREEMPT 
[   31.084727] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   31.084985] Hardware name: linux,dummy-virt (DT)
[   31.085246] pstate: 614000c9 (nZCv daIF +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[   31.085612] pc : depot_fetch_stack+0x68/0x88
[   31.085871] lr : depot_fetch_stack+0x68/0x88
[   31.086092] sp : ffff8000809c7a00
[   31.086285] x29: ffff8000809c7a00 x28: ffff91bcfe190000 x27: 1ffff00010010f61
[   31.086748] x26: 1ffff00010010f60 x25: 0000000000000000 x24: ffff91bcf6f7f6c4
[   31.087160] x23: ffffc1ffc3ffaf80 x22: ffff91bcfbaa5360 x21: ffff91bcfbaa86c0
[   31.087574] x20: fff00000ffebe004 x19: fff00000ffebe040 x18: 00000000f558d2a4
[   31.088012] x17: 000000006a14b336 x16: 00000000f1f1f1f1 x15: 0000000000000007
[   31.088416] x14: 0000000000000000 x13: 0000000000000007 x12: ffff72379fb15509
[   31.088828] x11: 1ffff2379fb15508 x10: ffff72379fb15508 x9 : ffff91bcf68f11ec
[   31.089235] x8 : ffff91bcfd8aa843 x7 : 0000000000000001 x6 : ffff72379fb15508
[   31.089664] x5 : ffff91bcfd8aa840 x4 : 1ffe000019367289 x3 : dfff800000000000
[   31.090081] x2 : 0000000000000000 x1 : 0000000000000000 x0 : fff00000c9b39440
[   31.090538] Call trace:
[   31.090684]  depot_fetch_stack+0x68/0x88 (P)
[   31.090971]  stack_depot_print+0x24/0x60
[   31.091228]  kasan_print_aux_stacks+0x50/0x98
[   31.091480]  print_report+0x348/0x5e8
[   31.091737]  kasan_report+0xdc/0x128
[   31.091974]  kasan_check_range+0x100/0x1a8
[   31.092195]  __asan_memmove+0x3c/0x98
[   31.092436]  kmalloc_memmove_negative_size+0x154/0x2e0
[   31.092721]  kunit_try_run_case+0x170/0x3f0
[   31.092966]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.093278]  kthread+0x328/0x630
[   31.093490]  ret_from_fork+0x10/0x20
[   31.093692] ---[ end trace 0000000000000000 ]---
[   31.093946] ------------[ cut here ]------------
[   31.093974] corrupt handle or use after stack_depot_put()
[   31.094060] WARNING: lib/stackdepot.c:772 at stack_depot_print+0x54/0x60, CPU#0: kunit_try_catch/213
[   31.095024] Modules linked in:
[   31.095269] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250723 #1 PREEMPT 
[   31.095817] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   31.096059] Hardware name: linux,dummy-virt (DT)
[   31.096330] pstate: 614000c9 (nZCv daIF +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[   31.096688] pc : stack_depot_print+0x54/0x60
[   31.096973] lr : stack_depot_print+0x54/0x60
[   31.097211] sp : ffff8000809c7a10
[   31.097421] x29: ffff8000809c7a10 x28: ffff91bcfe190000 x27: 1ffff00010010f61
[   31.097848] x26: 1ffff00010010f60 x25: 0000000000000000 x24: ffff91bcf6f7f6c4
[   31.098277] x23: ffffc1ffc3ffaf80 x22: ffff91bcfbaa5360 x21: ffff91bcfbaa86c0
[   31.098691] x20: fff00000ffebe004 x19: fff00000ffebe040 x18: 00000000f558d2a4
[   31.099106] x17: 000000006a14b336 x16: 00000000f1f1f1f1 x15: 00000000f3f3f3f3
[   31.099568] x14: ffff700010138f22 x13: 1ffe000019367289 x12: ffff72379fb15509
[   31.100027] x11: 1ffff2379fb15508 x10: ffff72379fb15508 x9 : ffff91bcf68f11ec
[   31.100451] x8 : ffff91bcfd8aa843 x7 : 0000000000000001 x6 : ffff72379fb15508
[   31.100865] x5 : ffff91bcfd8aa840 x4 : 1ffe000019367289 x3 : dfff800000000000
[   31.101288] x2 : 0000000000000000 x1 : 0000000000000000 x0 : fff00000c9b39440
[   31.101697] Call trace:
[   31.101870]  stack_depot_print+0x54/0x60 (P)
[   31.102138]  kasan_print_aux_stacks+0x50/0x98
[   31.102403]  print_report+0x348/0x5e8
[   31.102650]  kasan_report+0xdc/0x128
[   31.102863]  kasan_check_range+0x100/0x1a8
[   31.103133]  __asan_memmove+0x3c/0x98
[   31.103363]  kmalloc_memmove_negative_size+0x154/0x2e0
[   31.103670]  kunit_try_run_case+0x170/0x3f0
[   31.103944]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.104251]  kthread+0x328/0x630
[   31.104447]  ret_from_fork+0x10/0x20
[   31.104695] ---[ end trace 0000000000000000 ]---
[   31.104988] 
[   31.105030] Second to last potentially related work creation:
[   31.105069] ------------[ cut here ]------------
[   31.105094] pool index 44973 out of bounds (219) for stack id adacafae
[   31.105200] WARNING: lib/stackdepot.c:500 at depot_fetch_stack+0x68/0x88, CPU#0: kunit_try_catch/213
[   31.106545] Modules linked in:
[   31.106796] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250723 #1 PREEMPT 
[   31.107355] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   31.107600] Hardware name: linux,dummy-virt (DT)
[   31.107873] pstate: 614000c9 (nZCv daIF +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[   31.108204] pc : depot_fetch_stack+0x68/0x88
[   31.108472] lr : depot_fetch_stack+0x68/0x88
[   31.108735] sp : ffff8000809c7a00
[   31.108942] x29: ffff8000809c7a00 x28: ffff91bcfe190000 x27: 1ffff00010010f61
[   31.109369] x26: 1ffff00010010f60 x25: 0000000000000000 x24: ffff91bcf6f7f6c4
[   31.109756] x23: ffffc1ffc3ffaf80 x22: ffff91bcfbaa5360 x21: ffff91bcfbaa86c0
[   31.110151] x20: fff00000ffebe004 x19: fff00000ffebe040 x18: 00000000f558d2a4
[   31.110607] x17: 000000006a14b336 x16: 00000000f1f1f1f1 x15: 0000000000000007
[   31.111046] x14: 0000000000000000 x13: 0000000000000007 x12: ffff72379fb15509
[   31.111473] x11: 1ffff2379fb15508 x10: ffff72379fb15508 x9 : ffff91bcf68f11ec
[   31.111889] x8 : ffff91bcfd8aa843 x7 : 0000000000000001 x6 : ffff72379fb15508
[   31.112318] x5 : ffff91bcfd8aa840 x4 : 1ffe000019367289 x3 : dfff800000000000
[   31.112709] x2 : 0000000000000000 x1 : 0000000000000000 x0 : fff00000c9b39440
[   31.113158] Call trace:
[   31.113323]  depot_fetch_stack+0x68/0x88 (P)
[   31.113598]  stack_depot_print+0x24/0x60
[   31.113802]  kasan_print_aux_stacks+0x78/0x98
[   31.114090]  print_report+0x348/0x5e8
[   31.114282]  kasan_report+0xdc/0x128
[   31.114530]  kasan_check_range+0x100/0x1a8
[   31.114767]  __asan_memmove+0x3c/0x98
[   31.115022]  kmalloc_memmove_negative_size+0x154/0x2e0
[   31.115299]  kunit_try_run_case+0x170/0x3f0
[   31.115544]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.115856]  kthread+0x328/0x630
[   31.116091]  ret_from_fork+0x10/0x20
[   31.116294] ---[ end trace 0000000000000000 ]---
[   31.116576] ------------[ cut here ]------------
[   31.116607] corrupt handle or use after stack_depot_put()
[   31.116697] WARNING: lib/stackdepot.c:772 at stack_depot_print+0x54/0x60, CPU#0: kunit_try_catch/213
[   31.117618] Modules linked in:
[   31.117859] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250723 #1 PREEMPT 
[   31.118426] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   31.118675] Hardware name: linux,dummy-virt (DT)
[   31.118954] pstate: 614000c9 (nZCv daIF +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[   31.119309] pc : stack_depot_print+0x54/0x60
[   31.119565] lr : stack_depot_print+0x54/0x60
[   31.119811] sp : ffff8000809c7a10
[   31.120007] x29: ffff8000809c7a10 x28: ffff91bcfe190000 x27: 1ffff00010010f61
[   31.120417] x26: 1ffff00010010f60 x25: 0000000000000000 x24: ffff91bcf6f7f6c4
[   31.120869] x23: ffffc1ffc3ffaf80 x22: ffff91bcfbaa5360 x21: ffff91bcfbaa86c0
[   31.121254] x20: fff00000ffebe004 x19: fff00000ffebe040 x18: 00000000f558d2a4
[   31.121715] x17: 000000006a14b336 x16: 00000000f1f1f1f1 x15: 00000000f3f3f3f3
[   31.122178] x14: ffff700010138f22 x13: 1ffe000019367289 x12: ffff72379fb15509
[   31.122609] x11: 1ffff2379fb15508 x10: ffff72379fb15508 x9 : ffff91bcf68f11ec
[   31.123035] x8 : ffff91bcfd8aa843 x7 : 0000000000000001 x6 : ffff72379fb15508
[   31.123444] x5 : ffff91bcfd8aa840 x4 : 1ffe000019367289 x3 : dfff800000000000
[   31.123853] x2 : 0000000000000000 x1 : 0000000000000000 x0 : fff00000c9b39440
[   31.124268] Call trace:
[   31.124439]  stack_depot_print+0x54/0x60 (P)
[   31.124694]  kasan_print_aux_stacks+0x78/0x98
[   31.124957]  print_report+0x348/0x5e8
[   31.125189]  kasan_report+0xdc/0x128
[   31.125407]  kasan_check_range+0x100/0x1a8
[   31.125690]  __asan_memmove+0x3c/0x98
[   31.125928]  kmalloc_memmove_negative_size+0x154/0x2e0
[   31.126221]  kunit_try_run_case+0x170/0x3f0
[   31.126470]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.126794]  kthread+0x328/0x630
[   31.127006]  ret_from_fork+0x10/0x20
[   31.127254] ---[ end trace 0000000000000000 ]---
[   31.127569] 
[   31.127612] The buggy address belongs to the object at fff00000ffebe000
[   31.127612]  which belongs to the cache kmalloc-64 of size 64
[   31.127676] The buggy address is located 4 bytes inside of
[   31.127676]  64-byte region [fff00000ffebe000, fff00000ffebe040)
[   31.127735] 
[   31.127760] The buggy address belongs to the physical page:
[   31.127799] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x13febe
[   31.127863] memcg:fff00000d9d43e71
[   31.127892] flags: 0xbfffe0000002000(reserved|node=0|zone=2|lastcpupid=0x1ffff)
[   31.127968] page_type: f5(slab)
[   31.128009] raw: 0bfffe0000002000 fff00000c00018c0 ffffc1ffc3ffaf88 0000000000000000
[   31.128061] raw: 0000000000000000 0000000000010000 00000001f5000000 fff00000d9d43e71
[   31.128102] page dumped because: kasan: bad access detected
[   31.128131] 
[   31.128151] Memory state around the buggy address:
[   31.128185]  fff00000ffebdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.128229]  fff00000ffebdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.128272] >fff00000ffebe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.128310]                    ^
[   31.128343]  fff00000ffebe080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.128385]  fff00000ffebe100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.128427] ==================================================================
Metadata Full log Test run details 

[   25.361347] ==================================================================
[   25.361838] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330
[   25.362235] Read of size 18446744073709551614 at addr ffff888104793d04 by task kunit_try_catch/229
[   25.362750] 
[   25.362860] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) 
[   25.362915] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.362927] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.363192] Call Trace:
[   25.363214]  <TASK>
[   25.363234]  dump_stack_lvl+0x73/0xb0
[   25.363283]  print_report+0xd1/0x640
[   25.363307]  ? __virt_addr_valid+0x1db/0x2d0
[   25.363333]  ? kmalloc_memmove_negative_size+0x171/0x330
[   25.363359]  ? kasan_complete_mode_report_info+0x2a/0x200
[   25.363409]  ? kmalloc_memmove_negative_size+0x171/0x330
[   25.363456]  kasan_report+0x141/0x180
[   25.363479]  ? kmalloc_memmove_negative_size+0x171/0x330
[   25.363508]  kasan_check_range+0x10c/0x1c0
[   25.363670]  __asan_memmove+0x27/0x70
[   25.363701]  kmalloc_memmove_negative_size+0x171/0x330
[   25.363836]  ? __pfx_kmalloc_memmove_negative_size+0x10/0x10
[   25.363864]  ? __schedule+0x10da/0x2b60
[   25.363892]  ? __pfx_read_tsc+0x10/0x10
[   25.363915]  ? ktime_get_ts64+0x86/0x230
[   25.363941]  kunit_try_run_case+0x1a5/0x480
[   25.363968]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.363990]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.364015]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.364040]  ? __kthread_parkme+0x82/0x180
[   25.364061]  ? preempt_count_sub+0x50/0x80
[   25.364084]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.364108]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.364132]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.364169]  kthread+0x337/0x6f0
[   25.364190]  ? trace_preempt_on+0x20/0xc0
[   25.364215]  ? __pfx_kthread+0x10/0x10
[   25.364235]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.364258]  ? calculate_sigpending+0x7b/0xa0
[   25.364283]  ? __pfx_kthread+0x10/0x10
[   25.364304]  ret_from_fork+0x116/0x1d0
[   25.364325]  ? __pfx_kthread+0x10/0x10
[   25.364346]  ret_from_fork_asm+0x1a/0x30
[   25.364378]  </TASK>
[   25.364392] 
[   25.374207] Allocated by task 229:
[   25.374533]  kasan_save_stack+0x45/0x70
[   25.374887]  kasan_save_track+0x18/0x40
[   25.375283]  kasan_save_alloc_info+0x3b/0x50
[   25.376122]  __kasan_kmalloc+0xb7/0xc0
[   25.376549]  __kmalloc_cache_noprof+0x189/0x420
[   25.377040]  kmalloc_memmove_negative_size+0xac/0x330
[   25.377642]  kunit_try_run_case+0x1a5/0x480
[   25.378133]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.378707]  kthread+0x337/0x6f0
[   25.379023]  ret_from_fork+0x116/0x1d0
[   25.379529]  ret_from_fork_asm+0x1a/0x30
[   25.380028] 
[   25.380485] The buggy address belongs to the object at ffff888104793d00
[   25.380485]  which belongs to the cache kmalloc-64 of size 64
[   25.381630] The buggy address is located 4 bytes inside of
[   25.381630]  64-byte region [ffff888104793d00, ffff888104793d40)
[   25.382292] 
[   25.382453] The buggy address belongs to the physical page:
[   25.382918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104793
[   25.383178] flags: 0x200000000000000(node=0|zone=2)
[   25.383340] page_type: f5(slab)
[   25.383796] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000
[   25.384592] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   25.385352] page dumped because: kasan: bad access detected
[   25.385915] 
[   25.386080] Memory state around the buggy address:
[   25.386563]  ffff888104793c00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc
[   25.386890]  ffff888104793c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   25.387479] >ffff888104793d00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   25.388260]                    ^
[   25.388405]  ffff888104793d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.389088]  ffff888104793e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.389726] ==================================================================
Metadata Full log Test run details