Date
July 23, 2025, 3:10 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 30.018758] ================================================================== [ 30.019125] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 30.019944] Write of size 1 at addr fff00000c99bc573 by task kunit_try_catch/169 [ 30.020052] [ 30.020888] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 30.021063] Tainted: [N]=TEST [ 30.021096] Hardware name: linux,dummy-virt (DT) [ 30.021312] Call trace: [ 30.021482] show_stack+0x20/0x38 (C) [ 30.021617] dump_stack_lvl+0x8c/0xd0 [ 30.021668] print_report+0x118/0x5e8 [ 30.021712] kasan_report+0xdc/0x128 [ 30.021753] __asan_report_store1_noabort+0x20/0x30 [ 30.021801] kmalloc_oob_right+0x5a4/0x660 [ 30.021847] kunit_try_run_case+0x170/0x3f0 [ 30.021908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.021959] kthread+0x328/0x630 [ 30.022002] ret_from_fork+0x10/0x20 [ 30.022166] [ 30.022228] Allocated by task 169: [ 30.022344] kasan_save_stack+0x3c/0x68 [ 30.022418] kasan_save_track+0x20/0x40 [ 30.022464] kasan_save_alloc_info+0x40/0x58 [ 30.022501] __kasan_kmalloc+0xd4/0xd8 [ 30.022534] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.022576] kmalloc_oob_right+0xb0/0x660 [ 30.022613] kunit_try_run_case+0x170/0x3f0 [ 30.022649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.022690] kthread+0x328/0x630 [ 30.022722] ret_from_fork+0x10/0x20 [ 30.022775] [ 30.022832] The buggy address belongs to the object at fff00000c99bc500 [ 30.022832] which belongs to the cache kmalloc-128 of size 128 [ 30.022939] The buggy address is located 0 bytes to the right of [ 30.022939] allocated 115-byte region [fff00000c99bc500, fff00000c99bc573) [ 30.023006] [ 30.023085] The buggy address belongs to the physical page: [ 30.023430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1099bc [ 30.023669] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.023958] page_type: f5(slab) [ 30.024248] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.024308] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.024406] page dumped because: kasan: bad access detected [ 30.024446] [ 30.024472] Memory state around the buggy address: [ 30.024748] fff00000c99bc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.024821] fff00000c99bc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.024873] >fff00000c99bc500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.024937] ^ [ 30.025024] fff00000c99bc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.025066] fff00000c99bc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.025128] ================================================================== [ 30.027468] ================================================================== [ 30.027509] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 30.027561] Write of size 1 at addr fff00000c99bc578 by task kunit_try_catch/169 [ 30.027609] [ 30.027642] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 30.027727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.027753] Hardware name: linux,dummy-virt (DT) [ 30.027784] Call trace: [ 30.027807] show_stack+0x20/0x38 (C) [ 30.027854] dump_stack_lvl+0x8c/0xd0 [ 30.027915] print_report+0x118/0x5e8 [ 30.027959] kasan_report+0xdc/0x128 [ 30.028000] __asan_report_store1_noabort+0x20/0x30 [ 30.028048] kmalloc_oob_right+0x538/0x660 [ 30.028093] kunit_try_run_case+0x170/0x3f0 [ 30.028140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.028190] kthread+0x328/0x630 [ 30.028231] ret_from_fork+0x10/0x20 [ 30.028277] [ 30.029375] Allocated by task 169: [ 30.029420] kasan_save_stack+0x3c/0x68 [ 30.029469] kasan_save_track+0x20/0x40 [ 30.029507] kasan_save_alloc_info+0x40/0x58 [ 30.029544] __kasan_kmalloc+0xd4/0xd8 [ 30.029577] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.029618] kmalloc_oob_right+0xb0/0x660 [ 30.029654] kunit_try_run_case+0x170/0x3f0 [ 30.029690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.029731] kthread+0x328/0x630 [ 30.029763] ret_from_fork+0x10/0x20 [ 30.029797] [ 30.029816] The buggy address belongs to the object at fff00000c99bc500 [ 30.029816] which belongs to the cache kmalloc-128 of size 128 [ 30.029872] The buggy address is located 5 bytes to the right of [ 30.029872] allocated 115-byte region [fff00000c99bc500, fff00000c99bc573) [ 30.029947] [ 30.029967] The buggy address belongs to the physical page: [ 30.030000] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1099bc [ 30.030051] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.030098] page_type: f5(slab) [ 30.030135] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.030182] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.030220] page dumped because: kasan: bad access detected [ 30.030251] [ 30.030269] Memory state around the buggy address: [ 30.030300] fff00000c99bc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.030342] fff00000c99bc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.030390] >fff00000c99bc500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.030426] ^ [ 30.030467] fff00000c99bc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.030507] fff00000c99bc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.030543] ================================================================== [ 30.031135] ================================================================== [ 30.031184] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 30.031231] Read of size 1 at addr fff00000c99bc580 by task kunit_try_catch/169 [ 30.031279] [ 30.031308] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 30.031458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.031576] Hardware name: linux,dummy-virt (DT) [ 30.031612] Call trace: [ 30.031734] show_stack+0x20/0x38 (C) [ 30.031803] dump_stack_lvl+0x8c/0xd0 [ 30.031851] print_report+0x118/0x5e8 [ 30.032132] kasan_report+0xdc/0x128 [ 30.032289] __asan_report_load1_noabort+0x20/0x30 [ 30.032354] kmalloc_oob_right+0x5d0/0x660 [ 30.032401] kunit_try_run_case+0x170/0x3f0 [ 30.032448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.032509] kthread+0x328/0x630 [ 30.032551] ret_from_fork+0x10/0x20 [ 30.032597] [ 30.032615] Allocated by task 169: [ 30.032778] kasan_save_stack+0x3c/0x68 [ 30.032822] kasan_save_track+0x20/0x40 [ 30.032960] kasan_save_alloc_info+0x40/0x58 [ 30.033090] __kasan_kmalloc+0xd4/0xd8 [ 30.033160] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.033292] kmalloc_oob_right+0xb0/0x660 [ 30.033393] kunit_try_run_case+0x170/0x3f0 [ 30.033440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.033481] kthread+0x328/0x630 [ 30.033824] ret_from_fork+0x10/0x20 [ 30.033924] [ 30.033985] The buggy address belongs to the object at fff00000c99bc500 [ 30.033985] which belongs to the cache kmalloc-128 of size 128 [ 30.034097] The buggy address is located 13 bytes to the right of [ 30.034097] allocated 115-byte region [fff00000c99bc500, fff00000c99bc573) [ 30.034163] [ 30.034183] The buggy address belongs to the physical page: [ 30.034218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1099bc [ 30.034281] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.034329] page_type: f5(slab) [ 30.034377] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.034426] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.034464] page dumped because: kasan: bad access detected [ 30.034493] [ 30.034520] Memory state around the buggy address: [ 30.034550] fff00000c99bc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.034591] fff00000c99bc500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.034631] >fff00000c99bc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.034676] ^ [ 30.034712] fff00000c99bc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.034767] fff00000c99bc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.034819] ==================================================================
[ 24.398543] ================================================================== [ 24.399290] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 24.399524] Read of size 1 at addr ffff888104964480 by task kunit_try_catch/185 [ 24.399902] [ 24.400056] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 24.400121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.400134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.400180] Call Trace: [ 24.400200] <TASK> [ 24.400234] dump_stack_lvl+0x73/0xb0 [ 24.400279] print_report+0xd1/0x640 [ 24.400304] ? __virt_addr_valid+0x1db/0x2d0 [ 24.400329] ? kmalloc_oob_right+0x68a/0x7f0 [ 24.400350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.400421] ? kmalloc_oob_right+0x68a/0x7f0 [ 24.400447] kasan_report+0x141/0x180 [ 24.400469] ? kmalloc_oob_right+0x68a/0x7f0 [ 24.400496] __asan_report_load1_noabort+0x18/0x20 [ 24.400520] kmalloc_oob_right+0x68a/0x7f0 [ 24.400542] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 24.400564] ? __schedule+0x10da/0x2b60 [ 24.400589] ? __pfx_read_tsc+0x10/0x10 [ 24.400611] ? ktime_get_ts64+0x86/0x230 [ 24.400636] kunit_try_run_case+0x1a5/0x480 [ 24.400661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.400683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.400707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.400754] ? __kthread_parkme+0x82/0x180 [ 24.400775] ? preempt_count_sub+0x50/0x80 [ 24.400800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.400824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.400847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.400870] kthread+0x337/0x6f0 [ 24.400889] ? trace_preempt_on+0x20/0xc0 [ 24.400930] ? __pfx_kthread+0x10/0x10 [ 24.400959] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.400996] ? calculate_sigpending+0x7b/0xa0 [ 24.401020] ? __pfx_kthread+0x10/0x10 [ 24.401054] ret_from_fork+0x116/0x1d0 [ 24.401086] ? __pfx_kthread+0x10/0x10 [ 24.401107] ret_from_fork_asm+0x1a/0x30 [ 24.401177] </TASK> [ 24.401189] [ 24.408772] Allocated by task 185: [ 24.408957] kasan_save_stack+0x45/0x70 [ 24.409174] kasan_save_track+0x18/0x40 [ 24.409335] kasan_save_alloc_info+0x3b/0x50 [ 24.409531] __kasan_kmalloc+0xb7/0xc0 [ 24.409721] __kmalloc_cache_noprof+0x189/0x420 [ 24.409951] kmalloc_oob_right+0xa9/0x7f0 [ 24.410177] kunit_try_run_case+0x1a5/0x480 [ 24.410378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.410615] kthread+0x337/0x6f0 [ 24.410772] ret_from_fork+0x116/0x1d0 [ 24.410947] ret_from_fork_asm+0x1a/0x30 [ 24.411171] [ 24.411595] The buggy address belongs to the object at ffff888104964400 [ 24.411595] which belongs to the cache kmalloc-128 of size 128 [ 24.412221] The buggy address is located 13 bytes to the right of [ 24.412221] allocated 115-byte region [ffff888104964400, ffff888104964473) [ 24.412794] [ 24.412890] The buggy address belongs to the physical page: [ 24.413421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104964 [ 24.413803] flags: 0x200000000000000(node=0|zone=2) [ 24.414038] page_type: f5(slab) [ 24.414234] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.414633] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.414978] page dumped because: kasan: bad access detected [ 24.415226] [ 24.415311] Memory state around the buggy address: [ 24.415521] ffff888104964380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.415817] ffff888104964400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.416119] >ffff888104964480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.416532] ^ [ 24.416695] ffff888104964500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.417293] ffff888104964580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.417622] ================================================================== [ 24.352474] ================================================================== [ 24.353324] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 24.354047] Write of size 1 at addr ffff888104964473 by task kunit_try_catch/185 [ 24.354690] [ 24.355792] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 24.356160] Tainted: [N]=TEST [ 24.356194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.356438] Call Trace: [ 24.356510] <TASK> [ 24.356655] dump_stack_lvl+0x73/0xb0 [ 24.356750] print_report+0xd1/0x640 [ 24.356781] ? __virt_addr_valid+0x1db/0x2d0 [ 24.356807] ? kmalloc_oob_right+0x6f0/0x7f0 [ 24.356829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.356854] ? kmalloc_oob_right+0x6f0/0x7f0 [ 24.356876] kasan_report+0x141/0x180 [ 24.356897] ? kmalloc_oob_right+0x6f0/0x7f0 [ 24.356923] __asan_report_store1_noabort+0x1b/0x30 [ 24.356949] kmalloc_oob_right+0x6f0/0x7f0 [ 24.356971] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 24.356993] ? __schedule+0x10da/0x2b60 [ 24.357019] ? __pfx_read_tsc+0x10/0x10 [ 24.357041] ? ktime_get_ts64+0x86/0x230 [ 24.357068] kunit_try_run_case+0x1a5/0x480 [ 24.357095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.357117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.357142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.357180] ? __kthread_parkme+0x82/0x180 [ 24.357202] ? preempt_count_sub+0x50/0x80 [ 24.357227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.357250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.357274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.357297] kthread+0x337/0x6f0 [ 24.357317] ? trace_preempt_on+0x20/0xc0 [ 24.357342] ? __pfx_kthread+0x10/0x10 [ 24.357362] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.357397] ? calculate_sigpending+0x7b/0xa0 [ 24.357423] ? __pfx_kthread+0x10/0x10 [ 24.357445] ret_from_fork+0x116/0x1d0 [ 24.357464] ? __pfx_kthread+0x10/0x10 [ 24.357485] ret_from_fork_asm+0x1a/0x30 [ 24.357545] </TASK> [ 24.357611] [ 24.365087] Allocated by task 185: [ 24.365406] kasan_save_stack+0x45/0x70 [ 24.365654] kasan_save_track+0x18/0x40 [ 24.365900] kasan_save_alloc_info+0x3b/0x50 [ 24.366136] __kasan_kmalloc+0xb7/0xc0 [ 24.366330] __kmalloc_cache_noprof+0x189/0x420 [ 24.366622] kmalloc_oob_right+0xa9/0x7f0 [ 24.366814] kunit_try_run_case+0x1a5/0x480 [ 24.367068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.367294] kthread+0x337/0x6f0 [ 24.367506] ret_from_fork+0x116/0x1d0 [ 24.367664] ret_from_fork_asm+0x1a/0x30 [ 24.368178] [ 24.368330] The buggy address belongs to the object at ffff888104964400 [ 24.368330] which belongs to the cache kmalloc-128 of size 128 [ 24.368978] The buggy address is located 0 bytes to the right of [ 24.368978] allocated 115-byte region [ffff888104964400, ffff888104964473) [ 24.369596] [ 24.369829] The buggy address belongs to the physical page: [ 24.370650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104964 [ 24.371396] flags: 0x200000000000000(node=0|zone=2) [ 24.372130] page_type: f5(slab) [ 24.372769] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.373356] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.373669] page dumped because: kasan: bad access detected [ 24.373850] [ 24.374043] Memory state around the buggy address: [ 24.374693] ffff888104964300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.375118] ffff888104964380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.375564] >ffff888104964400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.375940] ^ [ 24.376334] ffff888104964480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.376742] ffff888104964500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.377088] ================================================================== [ 24.379049] ================================================================== [ 24.379464] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 24.379794] Write of size 1 at addr ffff888104964478 by task kunit_try_catch/185 [ 24.380166] [ 24.380295] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 24.380345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.380357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.380398] Call Trace: [ 24.380412] <TASK> [ 24.380431] dump_stack_lvl+0x73/0xb0 [ 24.380462] print_report+0xd1/0x640 [ 24.380485] ? __virt_addr_valid+0x1db/0x2d0 [ 24.380510] ? kmalloc_oob_right+0x6bd/0x7f0 [ 24.380531] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.380556] ? kmalloc_oob_right+0x6bd/0x7f0 [ 24.380577] kasan_report+0x141/0x180 [ 24.380599] ? kmalloc_oob_right+0x6bd/0x7f0 [ 24.380624] __asan_report_store1_noabort+0x1b/0x30 [ 24.380649] kmalloc_oob_right+0x6bd/0x7f0 [ 24.380671] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 24.380693] ? __schedule+0x10da/0x2b60 [ 24.380717] ? __pfx_read_tsc+0x10/0x10 [ 24.380739] ? ktime_get_ts64+0x86/0x230 [ 24.380763] kunit_try_run_case+0x1a5/0x480 [ 24.380788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.380810] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.380835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.380861] ? __kthread_parkme+0x82/0x180 [ 24.380884] ? preempt_count_sub+0x50/0x80 [ 24.380908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.380931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.380971] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.380995] kthread+0x337/0x6f0 [ 24.381015] ? trace_preempt_on+0x20/0xc0 [ 24.381039] ? __pfx_kthread+0x10/0x10 [ 24.381059] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.381082] ? calculate_sigpending+0x7b/0xa0 [ 24.381106] ? __pfx_kthread+0x10/0x10 [ 24.381127] ret_from_fork+0x116/0x1d0 [ 24.381158] ? __pfx_kthread+0x10/0x10 [ 24.381178] ret_from_fork_asm+0x1a/0x30 [ 24.381222] </TASK> [ 24.381253] [ 24.388948] Allocated by task 185: [ 24.389155] kasan_save_stack+0x45/0x70 [ 24.389368] kasan_save_track+0x18/0x40 [ 24.389565] kasan_save_alloc_info+0x3b/0x50 [ 24.390019] __kasan_kmalloc+0xb7/0xc0 [ 24.390226] __kmalloc_cache_noprof+0x189/0x420 [ 24.390698] kmalloc_oob_right+0xa9/0x7f0 [ 24.390913] kunit_try_run_case+0x1a5/0x480 [ 24.391125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.391433] kthread+0x337/0x6f0 [ 24.391597] ret_from_fork+0x116/0x1d0 [ 24.391731] ret_from_fork_asm+0x1a/0x30 [ 24.391904] [ 24.392026] The buggy address belongs to the object at ffff888104964400 [ 24.392026] which belongs to the cache kmalloc-128 of size 128 [ 24.392656] The buggy address is located 5 bytes to the right of [ 24.392656] allocated 115-byte region [ffff888104964400, ffff888104964473) [ 24.393222] [ 24.393301] The buggy address belongs to the physical page: [ 24.393642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104964 [ 24.393999] flags: 0x200000000000000(node=0|zone=2) [ 24.394211] page_type: f5(slab) [ 24.394428] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.394749] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.395130] page dumped because: kasan: bad access detected [ 24.395318] [ 24.395636] Memory state around the buggy address: [ 24.395875] ffff888104964300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.396271] ffff888104964380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.396546] >ffff888104964400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.396980] ^ [ 24.397294] ffff888104964480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.397603] ffff888104964500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.397939] ==================================================================