Date
July 24, 2025, 4:41 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 32.094826] ================================================================== [ 32.095144] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 32.096066] Write of size 1 at addr fff00000c3f77d73 by task kunit_try_catch/167 [ 32.096384] [ 32.098270] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 32.098475] Tainted: [N]=TEST [ 32.098522] Hardware name: linux,dummy-virt (DT) [ 32.098835] Call trace: [ 32.099460] show_stack+0x20/0x38 (C) [ 32.099720] dump_stack_lvl+0x8c/0xd0 [ 32.099937] print_report+0x118/0x5e8 [ 32.099985] kasan_report+0xdc/0x128 [ 32.100029] __asan_report_store1_noabort+0x20/0x30 [ 32.100080] kmalloc_oob_right+0x5a4/0x660 [ 32.100126] kunit_try_run_case+0x170/0x3f0 [ 32.100368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.100534] kthread+0x328/0x630 [ 32.100648] ret_from_fork+0x10/0x20 [ 32.101662] [ 32.101712] Allocated by task 167: [ 32.102164] kasan_save_stack+0x3c/0x68 [ 32.102570] kasan_save_track+0x20/0x40 [ 32.102669] kasan_save_alloc_info+0x40/0x58 [ 32.102790] __kasan_kmalloc+0xd4/0xd8 [ 32.102845] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.103198] kmalloc_oob_right+0xb0/0x660 [ 32.103443] kunit_try_run_case+0x170/0x3f0 [ 32.103670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.103814] kthread+0x328/0x630 [ 32.103904] ret_from_fork+0x10/0x20 [ 32.104017] [ 32.104113] The buggy address belongs to the object at fff00000c3f77d00 [ 32.104113] which belongs to the cache kmalloc-128 of size 128 [ 32.104246] The buggy address is located 0 bytes to the right of [ 32.104246] allocated 115-byte region [fff00000c3f77d00, fff00000c3f77d73) [ 32.104333] [ 32.104447] The buggy address belongs to the physical page: [ 32.105742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f77 [ 32.106173] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.107320] page_type: f5(slab) [ 32.108529] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.108704] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.109296] page dumped because: kasan: bad access detected [ 32.109463] [ 32.109493] Memory state around the buggy address: [ 32.109784] fff00000c3f77c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.109865] fff00000c3f77c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.109945] >fff00000c3f77d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 32.110024] ^ [ 32.110127] fff00000c3f77d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.110187] fff00000c3f77e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.110267] ================================================================== [ 32.112431] ================================================================== [ 32.112474] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 32.112532] Write of size 1 at addr fff00000c3f77d78 by task kunit_try_catch/167 [ 32.112581] [ 32.112618] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 32.112795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.112886] Hardware name: linux,dummy-virt (DT) [ 32.112958] Call trace: [ 32.113028] show_stack+0x20/0x38 (C) [ 32.113112] dump_stack_lvl+0x8c/0xd0 [ 32.113189] print_report+0x118/0x5e8 [ 32.113235] kasan_report+0xdc/0x128 [ 32.113278] __asan_report_store1_noabort+0x20/0x30 [ 32.113326] kmalloc_oob_right+0x538/0x660 [ 32.113593] kunit_try_run_case+0x170/0x3f0 [ 32.113719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.113821] kthread+0x328/0x630 [ 32.113898] ret_from_fork+0x10/0x20 [ 32.113946] [ 32.114215] Allocated by task 167: [ 32.114292] kasan_save_stack+0x3c/0x68 [ 32.114547] kasan_save_track+0x20/0x40 [ 32.114607] kasan_save_alloc_info+0x40/0x58 [ 32.114725] __kasan_kmalloc+0xd4/0xd8 [ 32.114820] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.114908] kmalloc_oob_right+0xb0/0x660 [ 32.114974] kunit_try_run_case+0x170/0x3f0 [ 32.115013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.115222] kthread+0x328/0x630 [ 32.115328] ret_from_fork+0x10/0x20 [ 32.115415] [ 32.115498] The buggy address belongs to the object at fff00000c3f77d00 [ 32.115498] which belongs to the cache kmalloc-128 of size 128 [ 32.115618] The buggy address is located 5 bytes to the right of [ 32.115618] allocated 115-byte region [fff00000c3f77d00, fff00000c3f77d73) [ 32.115683] [ 32.115703] The buggy address belongs to the physical page: [ 32.115767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f77 [ 32.115823] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.116087] page_type: f5(slab) [ 32.116225] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.116324] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.116464] page dumped because: kasan: bad access detected [ 32.116515] [ 32.116533] Memory state around the buggy address: [ 32.116588] fff00000c3f77c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.116900] fff00000c3f77c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.117012] >fff00000c3f77d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 32.117136] ^ [ 32.117228] fff00000c3f77d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.117274] fff00000c3f77e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.117459] ================================================================== [ 32.118536] ================================================================== [ 32.118586] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 32.118636] Read of size 1 at addr fff00000c3f77d80 by task kunit_try_catch/167 [ 32.118683] [ 32.118715] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 32.118932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.119008] Hardware name: linux,dummy-virt (DT) [ 32.119040] Call trace: [ 32.119063] show_stack+0x20/0x38 (C) [ 32.119152] dump_stack_lvl+0x8c/0xd0 [ 32.119288] print_report+0x118/0x5e8 [ 32.119376] kasan_report+0xdc/0x128 [ 32.119517] __asan_report_load1_noabort+0x20/0x30 [ 32.119581] kmalloc_oob_right+0x5d0/0x660 [ 32.119628] kunit_try_run_case+0x170/0x3f0 [ 32.119673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.119744] kthread+0x328/0x630 [ 32.119797] ret_from_fork+0x10/0x20 [ 32.119844] [ 32.119862] Allocated by task 167: [ 32.119890] kasan_save_stack+0x3c/0x68 [ 32.119926] kasan_save_track+0x20/0x40 [ 32.119960] kasan_save_alloc_info+0x40/0x58 [ 32.119996] __kasan_kmalloc+0xd4/0xd8 [ 32.120028] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.120068] kmalloc_oob_right+0xb0/0x660 [ 32.120104] kunit_try_run_case+0x170/0x3f0 [ 32.120139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.120180] kthread+0x328/0x630 [ 32.120211] ret_from_fork+0x10/0x20 [ 32.120245] [ 32.120264] The buggy address belongs to the object at fff00000c3f77d00 [ 32.120264] which belongs to the cache kmalloc-128 of size 128 [ 32.120319] The buggy address is located 13 bytes to the right of [ 32.120319] allocated 115-byte region [fff00000c3f77d00, fff00000c3f77d73) [ 32.120385] [ 32.120405] The buggy address belongs to the physical page: [ 32.120437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f77 [ 32.120487] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.120534] page_type: f5(slab) [ 32.120570] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.120884] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.120954] page dumped because: kasan: bad access detected [ 32.121027] [ 32.121095] Memory state around the buggy address: [ 32.121206] fff00000c3f77c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.121270] fff00000c3f77d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 32.121311] >fff00000c3f77d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.121348] ^ [ 32.121374] fff00000c3f77e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.121538] fff00000c3f77e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.121604] ==================================================================
[ 26.065056] ================================================================== [ 26.066447] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 26.067535] Write of size 1 at addr ffff888105454673 by task kunit_try_catch/184 [ 26.067990] [ 26.068933] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 26.069367] Tainted: [N]=TEST [ 26.069400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.069649] Call Trace: [ 26.069723] <TASK> [ 26.070102] dump_stack_lvl+0x73/0xb0 [ 26.070202] print_report+0xd1/0x640 [ 26.070233] ? __virt_addr_valid+0x1db/0x2d0 [ 26.070259] ? kmalloc_oob_right+0x6f0/0x7f0 [ 26.070279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.070305] ? kmalloc_oob_right+0x6f0/0x7f0 [ 26.070327] kasan_report+0x141/0x180 [ 26.070349] ? kmalloc_oob_right+0x6f0/0x7f0 [ 26.070374] __asan_report_store1_noabort+0x1b/0x30 [ 26.070398] kmalloc_oob_right+0x6f0/0x7f0 [ 26.070419] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 26.070441] ? __schedule+0x10da/0x2b60 [ 26.070468] ? __pfx_read_tsc+0x10/0x10 [ 26.070491] ? ktime_get_ts64+0x86/0x230 [ 26.070517] kunit_try_run_case+0x1a5/0x480 [ 26.070543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.070564] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.070605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.070630] ? __kthread_parkme+0x82/0x180 [ 26.070650] ? preempt_count_sub+0x50/0x80 [ 26.070675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.070698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.070721] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.070744] kthread+0x337/0x6f0 [ 26.070764] ? trace_preempt_on+0x20/0xc0 [ 26.070841] ? __pfx_kthread+0x10/0x10 [ 26.070863] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.070886] ? calculate_sigpending+0x7b/0xa0 [ 26.070911] ? __pfx_kthread+0x10/0x10 [ 26.070945] ret_from_fork+0x116/0x1d0 [ 26.070965] ? __pfx_kthread+0x10/0x10 [ 26.070984] ret_from_fork_asm+0x1a/0x30 [ 26.071047] </TASK> [ 26.071115] [ 26.078977] Allocated by task 184: [ 26.079262] kasan_save_stack+0x45/0x70 [ 26.079486] kasan_save_track+0x18/0x40 [ 26.079775] kasan_save_alloc_info+0x3b/0x50 [ 26.080078] __kasan_kmalloc+0xb7/0xc0 [ 26.080249] __kmalloc_cache_noprof+0x189/0x420 [ 26.080413] kmalloc_oob_right+0xa9/0x7f0 [ 26.080545] kunit_try_run_case+0x1a5/0x480 [ 26.080737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.081184] kthread+0x337/0x6f0 [ 26.081352] ret_from_fork+0x116/0x1d0 [ 26.081514] ret_from_fork_asm+0x1a/0x30 [ 26.081742] [ 26.081889] The buggy address belongs to the object at ffff888105454600 [ 26.081889] which belongs to the cache kmalloc-128 of size 128 [ 26.082316] The buggy address is located 0 bytes to the right of [ 26.082316] allocated 115-byte region [ffff888105454600, ffff888105454673) [ 26.082902] [ 26.083108] The buggy address belongs to the physical page: [ 26.083765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105454 [ 26.084352] flags: 0x200000000000000(node=0|zone=2) [ 26.085079] page_type: f5(slab) [ 26.085665] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.086005] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.086373] page dumped because: kasan: bad access detected [ 26.086642] [ 26.086732] Memory state around the buggy address: [ 26.087208] ffff888105454500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.087542] ffff888105454580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.087923] >ffff888105454600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.088221] ^ [ 26.088509] ffff888105454680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.088730] ffff888105454700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.089063] ================================================================== [ 26.111944] ================================================================== [ 26.112281] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 26.112597] Read of size 1 at addr ffff888105454680 by task kunit_try_catch/184 [ 26.112919] [ 26.113197] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 26.113246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.113258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.113279] Call Trace: [ 26.113296] <TASK> [ 26.113312] dump_stack_lvl+0x73/0xb0 [ 26.113339] print_report+0xd1/0x640 [ 26.113362] ? __virt_addr_valid+0x1db/0x2d0 [ 26.113386] ? kmalloc_oob_right+0x68a/0x7f0 [ 26.113406] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.113430] ? kmalloc_oob_right+0x68a/0x7f0 [ 26.113451] kasan_report+0x141/0x180 [ 26.113472] ? kmalloc_oob_right+0x68a/0x7f0 [ 26.113497] __asan_report_load1_noabort+0x18/0x20 [ 26.113521] kmalloc_oob_right+0x68a/0x7f0 [ 26.113563] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 26.113598] ? __schedule+0x10da/0x2b60 [ 26.113622] ? __pfx_read_tsc+0x10/0x10 [ 26.113643] ? ktime_get_ts64+0x86/0x230 [ 26.113666] kunit_try_run_case+0x1a5/0x480 [ 26.113691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.113713] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.113737] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.113761] ? __kthread_parkme+0x82/0x180 [ 26.114053] ? preempt_count_sub+0x50/0x80 [ 26.114086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.114111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.114134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.114157] kthread+0x337/0x6f0 [ 26.114176] ? trace_preempt_on+0x20/0xc0 [ 26.114199] ? __pfx_kthread+0x10/0x10 [ 26.114219] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.114242] ? calculate_sigpending+0x7b/0xa0 [ 26.114266] ? __pfx_kthread+0x10/0x10 [ 26.114286] ret_from_fork+0x116/0x1d0 [ 26.114305] ? __pfx_kthread+0x10/0x10 [ 26.114324] ret_from_fork_asm+0x1a/0x30 [ 26.114356] </TASK> [ 26.114366] [ 26.123797] Allocated by task 184: [ 26.124205] kasan_save_stack+0x45/0x70 [ 26.124390] kasan_save_track+0x18/0x40 [ 26.124563] kasan_save_alloc_info+0x3b/0x50 [ 26.124763] __kasan_kmalloc+0xb7/0xc0 [ 26.125303] __kmalloc_cache_noprof+0x189/0x420 [ 26.125479] kmalloc_oob_right+0xa9/0x7f0 [ 26.125749] kunit_try_run_case+0x1a5/0x480 [ 26.126126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.126499] kthread+0x337/0x6f0 [ 26.126677] ret_from_fork+0x116/0x1d0 [ 26.126833] ret_from_fork_asm+0x1a/0x30 [ 26.127161] [ 26.127381] The buggy address belongs to the object at ffff888105454600 [ 26.127381] which belongs to the cache kmalloc-128 of size 128 [ 26.127894] The buggy address is located 13 bytes to the right of [ 26.127894] allocated 115-byte region [ffff888105454600, ffff888105454673) [ 26.128826] [ 26.129023] The buggy address belongs to the physical page: [ 26.129256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105454 [ 26.129612] flags: 0x200000000000000(node=0|zone=2) [ 26.129827] page_type: f5(slab) [ 26.130380] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.130708] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.131197] page dumped because: kasan: bad access detected [ 26.131565] [ 26.131682] Memory state around the buggy address: [ 26.132156] ffff888105454580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.132549] ffff888105454600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.133154] >ffff888105454680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.133465] ^ [ 26.133801] ffff888105454700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.134176] ffff888105454780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.134836] ================================================================== [ 26.090420] ================================================================== [ 26.090739] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 26.091081] Write of size 1 at addr ffff888105454678 by task kunit_try_catch/184 [ 26.091443] [ 26.091527] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 26.091586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.091598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.091619] Call Trace: [ 26.091631] <TASK> [ 26.091648] dump_stack_lvl+0x73/0xb0 [ 26.091674] print_report+0xd1/0x640 [ 26.091697] ? __virt_addr_valid+0x1db/0x2d0 [ 26.091720] ? kmalloc_oob_right+0x6bd/0x7f0 [ 26.091741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.091767] ? kmalloc_oob_right+0x6bd/0x7f0 [ 26.091787] kasan_report+0x141/0x180 [ 26.091809] ? kmalloc_oob_right+0x6bd/0x7f0 [ 26.091834] __asan_report_store1_noabort+0x1b/0x30 [ 26.091857] kmalloc_oob_right+0x6bd/0x7f0 [ 26.091879] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 26.091901] ? __schedule+0x10da/0x2b60 [ 26.091937] ? __pfx_read_tsc+0x10/0x10 [ 26.091959] ? ktime_get_ts64+0x86/0x230 [ 26.091983] kunit_try_run_case+0x1a5/0x480 [ 26.092008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.092030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.092054] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.092078] ? __kthread_parkme+0x82/0x180 [ 26.092098] ? preempt_count_sub+0x50/0x80 [ 26.092120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.092143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.092166] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.092189] kthread+0x337/0x6f0 [ 26.092208] ? trace_preempt_on+0x20/0xc0 [ 26.092247] ? __pfx_kthread+0x10/0x10 [ 26.092273] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.092298] ? calculate_sigpending+0x7b/0xa0 [ 26.092327] ? __pfx_kthread+0x10/0x10 [ 26.092348] ret_from_fork+0x116/0x1d0 [ 26.092366] ? __pfx_kthread+0x10/0x10 [ 26.092386] ret_from_fork_asm+0x1a/0x30 [ 26.092417] </TASK> [ 26.092428] [ 26.099262] Allocated by task 184: [ 26.099421] kasan_save_stack+0x45/0x70 [ 26.099557] kasan_save_track+0x18/0x40 [ 26.099694] kasan_save_alloc_info+0x3b/0x50 [ 26.099835] __kasan_kmalloc+0xb7/0xc0 [ 26.100059] __kmalloc_cache_noprof+0x189/0x420 [ 26.100276] kmalloc_oob_right+0xa9/0x7f0 [ 26.100472] kunit_try_run_case+0x1a5/0x480 [ 26.100881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.101280] kthread+0x337/0x6f0 [ 26.101435] ret_from_fork+0x116/0x1d0 [ 26.101611] ret_from_fork_asm+0x1a/0x30 [ 26.101757] [ 26.101820] The buggy address belongs to the object at ffff888105454600 [ 26.101820] which belongs to the cache kmalloc-128 of size 128 [ 26.102559] The buggy address is located 5 bytes to the right of [ 26.102559] allocated 115-byte region [ffff888105454600, ffff888105454673) [ 26.103516] [ 26.103601] The buggy address belongs to the physical page: [ 26.103771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105454 [ 26.104003] flags: 0x200000000000000(node=0|zone=2) [ 26.104229] page_type: f5(slab) [ 26.104388] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.105425] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.105783] page dumped because: kasan: bad access detected [ 26.106192] [ 26.106265] Memory state around the buggy address: [ 26.106483] ffff888105454500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.106778] ffff888105454580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.107455] >ffff888105454600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.107681] ^ [ 26.107887] ffff888105454680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.108094] ffff888105454700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.109518] ==================================================================