Date
July 15, 2025, 2:10 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 107.256166] ================================================================== [ 107.256781] BUG: KASAN: use-after-free in strlen+0x18/0x64 [ 107.257403] Read of size 1 at addr ffff0000c66ab410 by task kunit_try_catch/248 [ 107.258091] [ 107.258297] CPU: 1 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.259872] Hardware name: linux,dummy-virt (DT) [ 107.260325] Call trace: [ 107.261101] dump_backtrace+0xe0/0x134 [ 107.261551] show_stack+0x20/0x2c [ 107.261981] dump_stack_lvl+0x88/0xb4 [ 107.262414] print_report+0x158/0x44c [ 107.262862] kasan_report+0xc8/0x180 [ 107.263319] __asan_load1+0x68/0x74 [ 107.263768] strlen+0x18/0x64 [ 107.264154] kasan_strings+0x170/0x530 [ 107.265499] kunit_try_run_case+0x8c/0x124 [ 107.265949] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.266445] kthread+0x15c/0x170 [ 107.266821] ret_from_fork+0x10/0x20 [ 107.267199] [ 107.267387] Allocated by task 248: [ 107.267801] kasan_save_stack+0x3c/0x70 [ 107.268702] kasan_set_track+0x2c/0x40 [ 107.269099] kasan_save_alloc_info+0x24/0x34 [ 107.269510] __kasan_kmalloc+0xd4/0xe0 [ 107.270159] kmalloc_trace+0x8c/0x150 [ 107.270815] kasan_strings+0xa0/0x530 [ 107.271495] kunit_try_run_case+0x8c/0x124 [ 107.272197] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.273171] kthread+0x15c/0x170 [ 107.273843] ret_from_fork+0x10/0x20 [ 107.274506] [ 107.274901] Freed by task 248: [ 107.275421] kasan_save_stack+0x3c/0x70 [ 107.276137] kasan_set_track+0x2c/0x40 [ 107.276781] kasan_save_free_info+0x38/0x5c [ 107.277450] __kasan_slab_free+0x100/0x170 [ 107.278102] slab_free_freelist_hook+0xd8/0x1c0 [ 107.278780] __kmem_cache_free+0x15c/0x2a0 [ 107.279369] kfree+0x88/0x150 [ 107.279694] kasan_strings+0xc0/0x530 [ 107.280102] kunit_try_run_case+0x8c/0x124 [ 107.280705] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.281626] kthread+0x15c/0x170 [ 107.282222] ret_from_fork+0x10/0x20 [ 107.282840] [ 107.283132] The buggy address belongs to the object at ffff0000c66ab400 [ 107.283132] which belongs to the cache kmalloc-128 of size 128 [ 107.284704] The buggy address is located 16 bytes inside of [ 107.284704] 128-byte region [ffff0000c66ab400, ffff0000c66ab480) [ 107.286038] [ 107.286319] The buggy address belongs to the physical page: [ 107.287074] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.288188] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.289179] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.290198] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.291059] page dumped because: kasan: bad access detected [ 107.291807] [ 107.292131] Memory state around the buggy address: [ 107.292769] ffff0000c66ab300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.293532] ffff0000c66ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.294039] >ffff0000c66ab400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.294498] ^ [ 107.294839] ffff0000c66ab480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.295697] ffff0000c66ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.296545] ==================================================================
[ 76.947148] ================================================================== [ 76.947685] BUG: KASAN: use-after-free in strlen+0x28/0x50 [ 76.948285] Read of size 1 at addr ffff0000c5abca10 by task kunit_try_catch/164 [ 76.949009] [ 76.949210] CPU: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 76.950482] Hardware name: linux,dummy-virt (DT) [ 76.950935] Call trace: [ 76.951200] dump_backtrace+0xf8/0x118 [ 76.951695] show_stack+0x18/0x24 [ 76.952133] __dump_stack+0x28/0x38 [ 76.952567] dump_stack_lvl+0x54/0x6c [ 76.953043] print_address_description+0x7c/0x1ec [ 76.953564] print_report+0x50/0x68 [ 76.954004] kasan_report+0xac/0x100 [ 76.954441] __asan_load1+0x6c/0x70 [ 76.955909] strlen+0x28/0x50 [ 76.956270] kasan_strings+0x1e8/0x404 [ 76.956677] kunit_try_run_case+0x80/0x184 [ 76.957153] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.958319] kthread+0x16c/0x21c [ 76.958715] ret_from_fork+0x10/0x20 [ 76.959491] [ 76.959895] Allocated by task 164: [ 76.960190] kasan_set_track+0x4c/0x80 [ 76.960632] kasan_save_alloc_info+0x28/0x34 [ 76.961670] __kasan_kmalloc+0x88/0xa0 [ 76.962382] kmalloc_trace+0x54/0x68 [ 76.963010] kasan_strings+0x48/0x404 [ 76.963642] kunit_try_run_case+0x80/0x184 [ 76.964335] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.965954] kthread+0x16c/0x21c [ 76.966563] ret_from_fork+0x10/0x20 [ 76.967178] [ 76.967482] Freed by task 164: [ 76.967909] kasan_set_track+0x4c/0x80 [ 76.968341] kasan_save_free_info+0x3c/0x60 [ 76.968784] ____kasan_slab_free+0xe8/0x140 [ 76.969345] __kasan_slab_free+0x18/0x28 [ 76.969863] __kmem_cache_free+0xdc/0x284 [ 76.970333] kfree+0x60/0x74 [ 76.970744] kasan_strings+0x90/0x404 [ 76.971201] kunit_try_run_case+0x80/0x184 [ 76.971746] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.972369] kthread+0x16c/0x21c [ 76.972785] ret_from_fork+0x10/0x20 [ 76.973267] [ 76.973475] The buggy address belongs to the object at ffff0000c5abca00 [ 76.973475] which belongs to the cache kmalloc-128 of size 128 [ 76.974848] The buggy address is located 16 bytes inside of [ 76.974848] 128-byte region [ffff0000c5abca00, ffff0000c5abca80) [ 76.975738] [ 76.975972] The buggy address belongs to the physical page: [ 76.976447] page:00000000b0163b2b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105abc [ 76.977439] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 76.978166] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 76.978824] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 76.979431] page dumped because: kasan: bad access detected [ 76.979888] [ 76.980095] Memory state around the buggy address: [ 76.980510] ffff0000c5abc900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.981305] ffff0000c5abc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.982274] >ffff0000c5abca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.982890] ^ [ 76.983271] ffff0000c5abca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.983872] ffff0000c5abcb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.984494] ==================================================================
[ 76.094900] ================================================================== [ 76.095487] BUG: KASAN: use-after-free in strlen+0x28/0x50 [ 76.096123] Read of size 1 at addr ffff0000c58a7510 by task kunit_try_catch/164 [ 76.096815] [ 76.097132] CPU: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 76.098028] Hardware name: linux,dummy-virt (DT) [ 76.098510] Call trace: [ 76.098803] dump_backtrace+0xf4/0x114 [ 76.099322] show_stack+0x18/0x24 [ 76.099876] __dump_stack+0x28/0x38 [ 76.100362] dump_stack_lvl+0x50/0x68 [ 76.100874] print_address_description+0x7c/0x1ec [ 76.101518] print_report+0x50/0x68 [ 76.102012] kasan_report+0xac/0xfc [ 76.102501] __asan_load1+0x6c/0x70 [ 76.103039] strlen+0x28/0x50 [ 76.103457] kasan_strings+0x1e8/0x404 [ 76.104052] kunit_try_run_case+0x80/0x184 [ 76.104607] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.105206] kthread+0x16c/0x21c [ 76.105645] ret_from_fork+0x10/0x20 [ 76.106086] [ 76.106308] Allocated by task 164: [ 76.106672] kasan_set_track+0x4c/0x80 [ 76.107157] kasan_save_alloc_info+0x28/0x34 [ 76.107635] __kasan_kmalloc+0x88/0xa0 [ 76.108215] kmalloc_trace+0x54/0x68 [ 76.108796] kasan_strings+0x48/0x404 [ 76.109462] kunit_try_run_case+0x80/0x184 [ 76.110066] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.110767] kthread+0x16c/0x21c [ 76.111313] ret_from_fork+0x10/0x20 [ 76.111956] [ 76.112164] Freed by task 164: [ 76.112692] kasan_set_track+0x4c/0x80 [ 76.113197] kasan_save_free_info+0x3c/0x60 [ 76.113722] ____kasan_slab_free+0xe8/0x140 [ 76.114251] __kasan_slab_free+0x18/0x28 [ 76.114748] __kmem_cache_free+0xdc/0x27c [ 76.115214] kfree+0x60/0x74 [ 76.115632] kasan_strings+0x90/0x404 [ 76.116178] kunit_try_run_case+0x80/0x184 [ 76.116659] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.117363] kthread+0x16c/0x21c [ 76.117833] ret_from_fork+0x10/0x20 [ 76.118288] [ 76.118520] The buggy address belongs to the object at ffff0000c58a7500 [ 76.118520] which belongs to the cache kmalloc-128 of size 128 [ 76.119474] The buggy address is located 16 bytes inside of [ 76.119474] 128-byte region [ffff0000c58a7500, ffff0000c58a7580) [ 76.120557] [ 76.120809] The buggy address belongs to the physical page: [ 76.121569] page:00000000333134b1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 76.122365] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 76.123113] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 76.123792] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 76.124526] page dumped because: kasan: bad access detected [ 76.125034] [ 76.125279] Memory state around the buggy address: [ 76.125682] ffff0000c58a7400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.126501] ffff0000c58a7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.127177] >ffff0000c58a7500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.127890] ^ [ 76.128475] ffff0000c58a7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.129198] ffff0000c58a7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.129864] ==================================================================
[ 74.674820] ================================================================== [ 74.675701] BUG: KASAN: use-after-free in strlen+0x18/0x64 [ 74.676477] Read of size 1 at addr ffff0000c5938710 by task kunit_try_catch/164 [ 74.677320] [ 74.677602] CPU: 1 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 74.679059] Hardware name: linux,dummy-virt (DT) [ 74.679659] Call trace: [ 74.680020] dump_backtrace.part.0+0xdc/0xf0 [ 74.680702] show_stack+0x18/0x30 [ 74.681248] dump_stack_lvl+0x64/0x80 [ 74.681947] print_report+0x158/0x438 [ 74.682581] kasan_report+0xb4/0xf4 [ 74.683111] __asan_load1+0x68/0x74 [ 74.683662] strlen+0x18/0x64 [ 74.684159] kasan_strings+0x168/0x520 [ 74.684739] kunit_try_run_case+0x84/0x120 [ 74.685346] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 74.686147] kthread+0x180/0x190 [ 74.686831] ret_from_fork+0x10/0x20 [ 74.687376] [ 74.687651] Allocated by task 164: [ 74.688102] kasan_save_stack+0x3c/0x70 [ 74.688485] kasan_set_track+0x2c/0x40 [ 74.688820] kasan_save_alloc_info+0x24/0x34 [ 74.689198] __kasan_kmalloc+0xb8/0xc0 [ 74.689565] kmalloc_trace+0x58/0x6c [ 74.690087] kasan_strings+0x98/0x520 [ 74.690720] kunit_try_run_case+0x84/0x120 [ 74.691243] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 74.691813] kthread+0x180/0x190 [ 74.692213] ret_from_fork+0x10/0x20 [ 74.692645] [ 74.692848] Freed by task 164: [ 74.693142] kasan_save_stack+0x3c/0x70 [ 74.693555] kasan_set_track+0x2c/0x40 [ 74.694739] kasan_save_free_info+0x38/0x5c [ 74.695562] __kasan_slab_free+0xe4/0x150 [ 74.696205] __kmem_cache_free+0x130/0x2a4 [ 74.696695] kfree+0x58/0x80 [ 74.697086] kasan_strings+0xb8/0x520 [ 74.697565] kunit_try_run_case+0x84/0x120 [ 74.698175] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 74.698806] kthread+0x180/0x190 [ 74.699222] ret_from_fork+0x10/0x20 [ 74.699669] [ 74.699867] The buggy address belongs to the object at ffff0000c5938700 [ 74.699867] which belongs to the cache kmalloc-128 of size 128 [ 74.700807] The buggy address is located 16 bytes inside of [ 74.700807] 128-byte region [ffff0000c5938700, ffff0000c5938780) [ 74.701634] [ 74.701879] The buggy address belongs to the physical page: [ 74.702410] page:000000003af4cecf refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105938 [ 74.703323] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 74.703992] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 74.704689] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 74.705246] page dumped because: kasan: bad access detected [ 74.705703] [ 74.706079] Memory state around the buggy address: [ 74.706527] ffff0000c5938600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 74.707162] ffff0000c5938680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.707863] >ffff0000c5938700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 74.708446] ^ [ 74.708800] ffff0000c5938780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.709368] ffff0000c5938800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.710196] ==================================================================
[ 66.081897] ================================================================== [ 66.082447] BUG: KASAN: use-after-free in strlen+0x18/0x68 [ 66.082967] Read of size 1 at addr ffff0000c59bd910 by task kunit_try_catch/162 [ 66.083584] [ 66.083818] CPU: 1 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.084501] Hardware name: linux,dummy-virt (DT) [ 66.084919] Call trace: [ 66.085166] dump_backtrace+0x110/0x120 [ 66.085695] show_stack+0x18/0x28 [ 66.086167] dump_stack_lvl+0x68/0x84 [ 66.086984] print_report+0x158/0x484 [ 66.087393] kasan_report+0x98/0xe0 [ 66.087755] __asan_load1+0x68/0x78 [ 66.088152] strlen+0x18/0x68 [ 66.088547] kasan_strings+0x19c/0x4e0 [ 66.088978] kunit_try_run_case+0x7c/0x120 [ 66.089426] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.090109] kthread+0x1a4/0x1b8 [ 66.090596] ret_from_fork+0x10/0x20 [ 66.091003] [ 66.091193] Allocated by task 162: [ 66.091552] kasan_save_stack+0x2c/0x58 [ 66.091956] kasan_set_track+0x2c/0x40 [ 66.092350] kasan_save_alloc_info+0x24/0x38 [ 66.092790] __kasan_kmalloc+0xa0/0xb8 [ 66.093169] kmalloc_trace+0x50/0x68 [ 66.093735] kasan_strings+0xa8/0x4e0 [ 66.094128] kunit_try_run_case+0x7c/0x120 [ 66.094911] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.095520] kthread+0x1a4/0x1b8 [ 66.095862] ret_from_fork+0x10/0x20 [ 66.096261] [ 66.096457] Freed by task 162: [ 66.096788] kasan_save_stack+0x2c/0x58 [ 66.097170] kasan_set_track+0x2c/0x40 [ 66.097767] kasan_save_free_info+0x38/0x60 [ 66.098178] __kasan_slab_free+0xe8/0x158 [ 66.098719] __kmem_cache_free+0x138/0x2b0 [ 66.099185] kfree+0x5c/0x70 [ 66.099538] kasan_strings+0xc8/0x4e0 [ 66.099947] kunit_try_run_case+0x7c/0x120 [ 66.100368] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.100920] kthread+0x1a4/0x1b8 [ 66.101280] ret_from_fork+0x10/0x20 [ 66.102111] [ 66.102333] The buggy address belongs to the object at ffff0000c59bd900 [ 66.102333] which belongs to the cache kmalloc-128 of size 128 [ 66.103280] The buggy address is located 16 bytes inside of [ 66.103280] 128-byte region [ffff0000c59bd900, ffff0000c59bd980) [ 66.104158] [ 66.104347] The buggy address belongs to the physical page: [ 66.104794] page:00000000a3aeb2fe refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059bd [ 66.105697] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.106353] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.107120] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.107724] page dumped because: kasan: bad access detected [ 66.108177] [ 66.108382] Memory state around the buggy address: [ 66.108770] ffff0000c59bd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.109347] ffff0000c59bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.110495] >ffff0000c59bd900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.111104] ^ [ 66.111483] ffff0000c59bd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.112073] ffff0000c59bda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.112632] ==================================================================
[ 32.182367] ================================================================== [ 32.182705] BUG: KASAN: use-after-free in strlen+0xf/0x50 [ 32.183192] Read of size 1 at addr ffff8881037341d0 by task kunit_try_catch/268 [ 32.183618] [ 32.183829] CPU: 1 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 32.184191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.184747] Call Trace: [ 32.184948] <TASK> [ 32.185063] dump_stack_lvl+0x49/0x62 [ 32.185379] print_report+0x189/0x492 [ 32.185632] ? kasan_complete_mode_report_info+0x7c/0x200 [ 32.185921] ? strlen+0xf/0x50 [ 32.186110] kasan_report+0x10c/0x190 [ 32.186350] ? strlen+0xf/0x50 [ 32.186560] __asan_load1+0x62/0x70 [ 32.186765] strlen+0xf/0x50 [ 32.186967] kasan_strings+0x1bf/0x4e0 [ 32.187210] ? kmalloc_oob_right+0x310/0x310 [ 32.187494] ? __kunit_add_resource+0xd1/0x100 [ 32.187750] ? kasan_test_init+0x13e/0x1b0 [ 32.187981] kunit_try_run_case+0x8f/0xd0 [ 32.188233] ? kunit_catch_run_case+0x80/0x80 [ 32.188484] ? kunit_try_catch_throw+0x40/0x40 [ 32.188719] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 32.189034] kthread+0x17b/0x1b0 [ 32.189249] ? kthread_complete_and_exit+0x30/0x30 [ 32.189538] ret_from_fork+0x22/0x30 [ 32.189788] </TASK> [ 32.189934] [ 32.190028] Allocated by task 268: [ 32.190239] kasan_save_stack+0x41/0x70 [ 32.190489] kasan_set_track+0x25/0x40 [ 32.190797] kasan_save_alloc_info+0x1e/0x30 [ 32.190991] __kasan_kmalloc+0xb6/0xc0 [ 32.191178] kmalloc_trace+0x48/0xb0 [ 32.191401] kasan_strings+0x99/0x4e0 [ 32.191837] kunit_try_run_case+0x8f/0xd0 [ 32.192061] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 32.192439] kthread+0x17b/0x1b0 [ 32.192646] ret_from_fork+0x22/0x30 [ 32.192880] [ 32.192973] Freed by task 268: [ 32.193105] kasan_save_stack+0x41/0x70 [ 32.193390] kasan_set_track+0x25/0x40 [ 32.193628] kasan_save_free_info+0x2e/0x50 [ 32.193860] ____kasan_slab_free+0x175/0x1d0 [ 32.194128] __kasan_slab_free+0x12/0x20 [ 32.194387] __kmem_cache_free+0x188/0x2f0 [ 32.194615] kfree+0x78/0x120 [ 32.194798] kasan_strings+0xbd/0x4e0 [ 32.194979] kunit_try_run_case+0x8f/0xd0 [ 32.195192] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 32.195451] kthread+0x17b/0x1b0 [ 32.195661] ret_from_fork+0x22/0x30 [ 32.195979] [ 32.196061] The buggy address belongs to the object at ffff8881037341c0 [ 32.196061] which belongs to the cache kmalloc-32 of size 32 [ 32.196901] The buggy address is located 16 bytes inside of [ 32.196901] 32-byte region [ffff8881037341c0, ffff8881037341e0) [ 32.197362] [ 32.197448] The buggy address belongs to the physical page: [ 32.197720] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103734 [ 32.198109] flags: 0x200000000000200(slab|node=0|zone=2) [ 32.198345] raw: 0200000000000200 0000000000000000 dead000000000122 ffff888100041500 [ 32.198609] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 32.199172] page dumped because: kasan: bad access detected [ 32.199455] [ 32.199564] Memory state around the buggy address: [ 32.199767] ffff888103734080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.200011] ffff888103734100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.200452] >ffff888103734180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.200797] ^ [ 32.201101] ffff888103734200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.201569] ffff888103734280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.201902] ==================================================================