Date
July 15, 2025, 2:10 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 107.219300] ================================================================== [ 107.219893] BUG: KASAN: use-after-free in strncmp+0x3c/0x90 [ 107.220636] Read of size 1 at addr ffff0000c66ab410 by task kunit_try_catch/248 [ 107.221664] [ 107.221967] CPU: 1 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.222897] Hardware name: linux,dummy-virt (DT) [ 107.223300] Call trace: [ 107.223546] dump_backtrace+0xe0/0x134 [ 107.224003] show_stack+0x20/0x2c [ 107.224793] dump_stack_lvl+0x88/0xb4 [ 107.225253] print_report+0x158/0x44c [ 107.225674] kasan_report+0xc8/0x180 [ 107.226127] __asan_load1+0x68/0x74 [ 107.226559] strncmp+0x3c/0x90 [ 107.226959] kasan_strings+0x150/0x530 [ 107.227395] kunit_try_run_case+0x8c/0x124 [ 107.227879] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.229253] kthread+0x15c/0x170 [ 107.229651] ret_from_fork+0x10/0x20 [ 107.230097] [ 107.230289] Allocated by task 248: [ 107.230658] kasan_save_stack+0x3c/0x70 [ 107.231120] kasan_set_track+0x2c/0x40 [ 107.231551] kasan_save_alloc_info+0x24/0x34 [ 107.232065] __kasan_kmalloc+0xd4/0xe0 [ 107.232866] kmalloc_trace+0x8c/0x150 [ 107.233296] kasan_strings+0xa0/0x530 [ 107.233755] kunit_try_run_case+0x8c/0x124 [ 107.234234] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.234789] kthread+0x15c/0x170 [ 107.235193] ret_from_fork+0x10/0x20 [ 107.235625] [ 107.235840] Freed by task 248: [ 107.236191] kasan_save_stack+0x3c/0x70 [ 107.237497] kasan_set_track+0x2c/0x40 [ 107.237939] kasan_save_free_info+0x38/0x5c [ 107.238388] __kasan_slab_free+0x100/0x170 [ 107.238881] slab_free_freelist_hook+0xd8/0x1c0 [ 107.239371] __kmem_cache_free+0x15c/0x2a0 [ 107.239841] kfree+0x88/0x150 [ 107.240234] kasan_strings+0xc0/0x530 [ 107.241026] kunit_try_run_case+0x8c/0x124 [ 107.241530] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.242096] kthread+0x15c/0x170 [ 107.242486] ret_from_fork+0x10/0x20 [ 107.242914] [ 107.243129] The buggy address belongs to the object at ffff0000c66ab400 [ 107.243129] which belongs to the cache kmalloc-128 of size 128 [ 107.244074] The buggy address is located 16 bytes inside of [ 107.244074] 128-byte region [ffff0000c66ab400, ffff0000c66ab480) [ 107.245089] [ 107.245320] The buggy address belongs to the physical page: [ 107.245800] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.246565] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.248025] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.248849] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.249454] page dumped because: kasan: bad access detected [ 107.249935] [ 107.250128] Memory state around the buggy address: [ 107.250558] ffff0000c66ab300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.251407] ffff0000c66ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.252048] >ffff0000c66ab400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.253518] ^ [ 107.253901] ffff0000c66ab480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.254548] ffff0000c66ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.255181] ==================================================================
[ 76.912309] ================================================================== [ 76.913153] BUG: KASAN: use-after-free in strncmp+0x3c/0xa0 [ 76.913747] Read of size 1 at addr ffff0000c5abca10 by task kunit_try_catch/164 [ 76.914334] [ 76.914567] CPU: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 76.915298] Hardware name: linux,dummy-virt (DT) [ 76.915698] Call trace: [ 76.916001] dump_backtrace+0xf8/0x118 [ 76.916462] show_stack+0x18/0x24 [ 76.916908] __dump_stack+0x28/0x38 [ 76.917324] dump_stack_lvl+0x54/0x6c [ 76.917744] print_address_description+0x7c/0x1ec [ 76.918286] print_report+0x50/0x68 [ 76.918724] kasan_report+0xac/0x100 [ 76.919680] __asan_load1+0x6c/0x70 [ 76.920137] strncmp+0x3c/0xa0 [ 76.920535] kasan_strings+0x1a0/0x404 [ 76.921218] kunit_try_run_case+0x80/0x184 [ 76.921720] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.922317] kthread+0x16c/0x21c [ 76.922749] ret_from_fork+0x10/0x20 [ 76.923167] [ 76.923372] Allocated by task 164: [ 76.923693] kasan_set_track+0x4c/0x80 [ 76.924144] kasan_save_alloc_info+0x28/0x34 [ 76.925091] __kasan_kmalloc+0x88/0xa0 [ 76.925561] kmalloc_trace+0x54/0x68 [ 76.926018] kasan_strings+0x48/0x404 [ 76.926447] kunit_try_run_case+0x80/0x184 [ 76.926947] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.927510] kthread+0x16c/0x21c [ 76.927924] ret_from_fork+0x10/0x20 [ 76.928368] [ 76.928551] Freed by task 164: [ 76.928926] kasan_set_track+0x4c/0x80 [ 76.929416] kasan_save_free_info+0x3c/0x60 [ 76.929860] ____kasan_slab_free+0xe8/0x140 [ 76.930329] __kasan_slab_free+0x18/0x28 [ 76.931052] __kmem_cache_free+0xdc/0x284 [ 76.931515] kfree+0x60/0x74 [ 76.931894] kasan_strings+0x90/0x404 [ 76.932364] kunit_try_run_case+0x80/0x184 [ 76.933293] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.933941] kthread+0x16c/0x21c [ 76.934388] ret_from_fork+0x10/0x20 [ 76.934840] [ 76.935058] The buggy address belongs to the object at ffff0000c5abca00 [ 76.935058] which belongs to the cache kmalloc-128 of size 128 [ 76.936045] The buggy address is located 16 bytes inside of [ 76.936045] 128-byte region [ffff0000c5abca00, ffff0000c5abca80) [ 76.937262] [ 76.937483] The buggy address belongs to the physical page: [ 76.937946] page:00000000b0163b2b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105abc [ 76.938720] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 76.939421] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 76.940109] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 76.941278] page dumped because: kasan: bad access detected [ 76.941720] [ 76.941952] Memory state around the buggy address: [ 76.942360] ffff0000c5abc900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.943025] ffff0000c5abc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.943645] >ffff0000c5abca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.944259] ^ [ 76.944876] ffff0000c5abca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.945492] ffff0000c5abcb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.946128] ==================================================================
[ 76.057400] ================================================================== [ 76.057892] BUG: KASAN: use-after-free in strncmp+0x3c/0xa0 [ 76.058480] Read of size 1 at addr ffff0000c58a7510 by task kunit_try_catch/164 [ 76.059117] [ 76.059332] CPU: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 76.060284] Hardware name: linux,dummy-virt (DT) [ 76.060958] Call trace: [ 76.061237] dump_backtrace+0xf4/0x114 [ 76.061771] show_stack+0x18/0x24 [ 76.062224] __dump_stack+0x28/0x38 [ 76.062732] dump_stack_lvl+0x50/0x68 [ 76.063205] print_address_description+0x7c/0x1ec [ 76.064304] print_report+0x50/0x68 [ 76.064838] kasan_report+0xac/0xfc [ 76.065325] __asan_load1+0x6c/0x70 [ 76.065830] strncmp+0x3c/0xa0 [ 76.066272] kasan_strings+0x1a0/0x404 [ 76.066695] kunit_try_run_case+0x80/0x184 [ 76.067180] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.068013] kthread+0x16c/0x21c [ 76.068448] ret_from_fork+0x10/0x20 [ 76.068920] [ 76.069137] Allocated by task 164: [ 76.069492] kasan_set_track+0x4c/0x80 [ 76.070005] kasan_save_alloc_info+0x28/0x34 [ 76.070462] __kasan_kmalloc+0x88/0xa0 [ 76.070956] kmalloc_trace+0x54/0x68 [ 76.071380] kasan_strings+0x48/0x404 [ 76.072335] kunit_try_run_case+0x80/0x184 [ 76.072876] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.073440] kthread+0x16c/0x21c [ 76.073867] ret_from_fork+0x10/0x20 [ 76.074318] [ 76.074509] Freed by task 164: [ 76.074874] kasan_set_track+0x4c/0x80 [ 76.075377] kasan_save_free_info+0x3c/0x60 [ 76.076102] ____kasan_slab_free+0xe8/0x140 [ 76.076644] __kasan_slab_free+0x18/0x28 [ 76.077129] __kmem_cache_free+0xdc/0x27c [ 76.077581] kfree+0x60/0x74 [ 76.077975] kasan_strings+0x90/0x404 [ 76.078422] kunit_try_run_case+0x80/0x184 [ 76.078925] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.079480] kthread+0x16c/0x21c [ 76.080450] ret_from_fork+0x10/0x20 [ 76.080924] [ 76.081152] The buggy address belongs to the object at ffff0000c58a7500 [ 76.081152] which belongs to the cache kmalloc-128 of size 128 [ 76.082112] The buggy address is located 16 bytes inside of [ 76.082112] 128-byte region [ffff0000c58a7500, ffff0000c58a7580) [ 76.082847] [ 76.083039] The buggy address belongs to the physical page: [ 76.083409] page:00000000333134b1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 76.084884] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 76.085848] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 76.086838] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 76.088250] page dumped because: kasan: bad access detected [ 76.088962] [ 76.089242] Memory state around the buggy address: [ 76.089877] ffff0000c58a7400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.090771] ffff0000c58a7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.091382] >ffff0000c58a7500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.092230] ^ [ 76.092656] ffff0000c58a7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.093315] ffff0000c58a7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.093920] ==================================================================
[ 74.638244] ================================================================== [ 74.639101] BUG: KASAN: use-after-free in strncmp+0x3c/0x90 [ 74.639897] Read of size 1 at addr ffff0000c5938710 by task kunit_try_catch/164 [ 74.640749] [ 74.641018] CPU: 1 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 74.642161] Hardware name: linux,dummy-virt (DT) [ 74.643262] Call trace: [ 74.643645] dump_backtrace.part.0+0xdc/0xf0 [ 74.644315] show_stack+0x18/0x30 [ 74.644867] dump_stack_lvl+0x64/0x80 [ 74.645431] print_report+0x158/0x438 [ 74.646043] kasan_report+0xb4/0xf4 [ 74.646593] __asan_load1+0x68/0x74 [ 74.647194] strncmp+0x3c/0x90 [ 74.647730] kasan_strings+0x148/0x520 [ 74.648316] kunit_try_run_case+0x84/0x120 [ 74.648937] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 74.649535] kthread+0x180/0x190 [ 74.650032] ret_from_fork+0x10/0x20 [ 74.650408] [ 74.650575] Allocated by task 164: [ 74.650843] kasan_save_stack+0x3c/0x70 [ 74.651185] kasan_set_track+0x2c/0x40 [ 74.651528] kasan_save_alloc_info+0x24/0x34 [ 74.652052] __kasan_kmalloc+0xb8/0xc0 [ 74.652526] kmalloc_trace+0x58/0x6c [ 74.652932] kasan_strings+0x98/0x520 [ 74.653382] kunit_try_run_case+0x84/0x120 [ 74.653835] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 74.654565] kthread+0x180/0x190 [ 74.654932] ret_from_fork+0x10/0x20 [ 74.655330] [ 74.655543] Freed by task 164: [ 74.655840] kasan_save_stack+0x3c/0x70 [ 74.656266] kasan_set_track+0x2c/0x40 [ 74.656688] kasan_save_free_info+0x38/0x5c [ 74.657131] __kasan_slab_free+0xe4/0x150 [ 74.657560] __kmem_cache_free+0x130/0x2a4 [ 74.658153] kfree+0x58/0x80 [ 74.658562] kasan_strings+0xb8/0x520 [ 74.658924] kunit_try_run_case+0x84/0x120 [ 74.659299] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 74.660073] kthread+0x180/0x190 [ 74.660573] ret_from_fork+0x10/0x20 [ 74.661108] [ 74.661362] The buggy address belongs to the object at ffff0000c5938700 [ 74.661362] which belongs to the cache kmalloc-128 of size 128 [ 74.662863] The buggy address is located 16 bytes inside of [ 74.662863] 128-byte region [ffff0000c5938700, ffff0000c5938780) [ 74.664843] [ 74.665117] The buggy address belongs to the physical page: [ 74.665790] page:000000003af4cecf refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105938 [ 74.666694] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 74.667220] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 74.667990] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 74.668509] page dumped because: kasan: bad access detected [ 74.669159] [ 74.669418] Memory state around the buggy address: [ 74.670042] ffff0000c5938600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 74.671055] ffff0000c5938680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.671716] >ffff0000c5938700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 74.672156] ^ [ 74.672463] ffff0000c5938780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.672927] ffff0000c5938800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.673361] ==================================================================
[ 66.048514] ================================================================== [ 66.048945] BUG: KASAN: use-after-free in strncmp+0x30/0xe0 [ 66.049571] Read of size 1 at addr ffff0000c59bd910 by task kunit_try_catch/162 [ 66.050528] [ 66.050863] CPU: 1 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.051903] Hardware name: linux,dummy-virt (DT) [ 66.052490] Call trace: [ 66.052857] dump_backtrace+0x110/0x120 [ 66.053511] show_stack+0x18/0x28 [ 66.054111] dump_stack_lvl+0x68/0x84 [ 66.054728] print_report+0x158/0x484 [ 66.055292] kasan_report+0x98/0xe0 [ 66.055813] __asan_load1+0x68/0x78 [ 66.056347] strncmp+0x30/0xe0 [ 66.056833] kasan_strings+0x174/0x4e0 [ 66.057434] kunit_try_run_case+0x7c/0x120 [ 66.058136] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.058730] kthread+0x1a4/0x1b8 [ 66.059031] ret_from_fork+0x10/0x20 [ 66.059379] [ 66.059598] Allocated by task 162: [ 66.059902] kasan_save_stack+0x2c/0x58 [ 66.060287] kasan_set_track+0x2c/0x40 [ 66.060692] kasan_save_alloc_info+0x24/0x38 [ 66.061097] __kasan_kmalloc+0xa0/0xb8 [ 66.061643] kmalloc_trace+0x50/0x68 [ 66.062077] kasan_strings+0xa8/0x4e0 [ 66.062810] kunit_try_run_case+0x7c/0x120 [ 66.063235] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.063801] kthread+0x1a4/0x1b8 [ 66.064174] ret_from_fork+0x10/0x20 [ 66.064564] [ 66.064747] Freed by task 162: [ 66.065077] kasan_save_stack+0x2c/0x58 [ 66.065524] kasan_set_track+0x2c/0x40 [ 66.065909] kasan_save_free_info+0x38/0x60 [ 66.066419] __kasan_slab_free+0xe8/0x158 [ 66.067001] __kmem_cache_free+0x138/0x2b0 [ 66.067486] kfree+0x5c/0x70 [ 66.067811] kasan_strings+0xc8/0x4e0 [ 66.068224] kunit_try_run_case+0x7c/0x120 [ 66.068661] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.069209] kthread+0x1a4/0x1b8 [ 66.069790] ret_from_fork+0x10/0x20 [ 66.070168] [ 66.070367] The buggy address belongs to the object at ffff0000c59bd900 [ 66.070367] which belongs to the cache kmalloc-128 of size 128 [ 66.071236] The buggy address is located 16 bytes inside of [ 66.071236] 128-byte region [ffff0000c59bd900, ffff0000c59bd980) [ 66.072077] [ 66.072640] The buggy address belongs to the physical page: [ 66.073059] page:00000000a3aeb2fe refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059bd [ 66.073999] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.074604] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.075367] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.075948] page dumped because: kasan: bad access detected [ 66.076404] [ 66.076604] Memory state around the buggy address: [ 66.077019] ffff0000c59bd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.077837] ffff0000c59bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.078380] >ffff0000c59bd900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.079282] ^ [ 66.079662] ffff0000c59bd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.080235] ffff0000c59bda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.080781] ==================================================================
[ 32.156219] ================================================================== [ 32.156725] BUG: KASAN: use-after-free in strncmp+0x32/0x80 [ 32.157024] Read of size 1 at addr ffff8881037341d0 by task kunit_try_catch/268 [ 32.157920] [ 32.158316] CPU: 1 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 32.158735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.159249] Call Trace: [ 32.159592] <TASK> [ 32.159815] dump_stack_lvl+0x49/0x62 [ 32.160061] print_report+0x189/0x492 [ 32.160532] ? kasan_complete_mode_report_info+0x7c/0x200 [ 32.160854] ? strncmp+0x32/0x80 [ 32.161065] kasan_report+0x10c/0x190 [ 32.161551] ? kasan_report.cold+0xc/0x11 [ 32.161806] ? strncmp+0x32/0x80 [ 32.162113] __asan_load1+0x62/0x70 [ 32.162490] strncmp+0x32/0x80 [ 32.162796] kasan_strings+0x18c/0x4e0 [ 32.163124] ? kmalloc_oob_right+0x310/0x310 [ 32.163545] ? __kunit_add_resource+0xd1/0x100 [ 32.163970] ? kasan_test_init+0x13e/0x1b0 [ 32.164304] kunit_try_run_case+0x8f/0xd0 [ 32.164686] ? kunit_catch_run_case+0x80/0x80 [ 32.164981] ? kunit_try_catch_throw+0x40/0x40 [ 32.165230] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 32.165530] kthread+0x17b/0x1b0 [ 32.165711] ? kthread_complete_and_exit+0x30/0x30 [ 32.165959] ret_from_fork+0x22/0x30 [ 32.166579] </TASK> [ 32.166742] [ 32.166851] Allocated by task 268: [ 32.167147] kasan_save_stack+0x41/0x70 [ 32.167566] kasan_set_track+0x25/0x40 [ 32.167871] kasan_save_alloc_info+0x1e/0x30 [ 32.168112] __kasan_kmalloc+0xb6/0xc0 [ 32.168557] kmalloc_trace+0x48/0xb0 [ 32.168753] kasan_strings+0x99/0x4e0 [ 32.169109] kunit_try_run_case+0x8f/0xd0 [ 32.169476] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 32.169773] kthread+0x17b/0x1b0 [ 32.169956] ret_from_fork+0x22/0x30 [ 32.170354] [ 32.170463] Freed by task 268: [ 32.170757] kasan_save_stack+0x41/0x70 [ 32.171041] kasan_set_track+0x25/0x40 [ 32.171405] kasan_save_free_info+0x2e/0x50 [ 32.171713] ____kasan_slab_free+0x175/0x1d0 [ 32.171930] __kasan_slab_free+0x12/0x20 [ 32.172151] __kmem_cache_free+0x188/0x2f0 [ 32.172414] kfree+0x78/0x120 [ 32.172872] kasan_strings+0xbd/0x4e0 [ 32.173248] kunit_try_run_case+0x8f/0xd0 [ 32.173540] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 32.173888] kthread+0x17b/0x1b0 [ 32.174152] ret_from_fork+0x22/0x30 [ 32.174412] [ 32.174510] The buggy address belongs to the object at ffff8881037341c0 [ 32.174510] which belongs to the cache kmalloc-32 of size 32 [ 32.175025] The buggy address is located 16 bytes inside of [ 32.175025] 32-byte region [ffff8881037341c0, ffff8881037341e0) [ 32.175943] [ 32.176076] The buggy address belongs to the physical page: [ 32.176477] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103734 [ 32.176992] flags: 0x200000000000200(slab|node=0|zone=2) [ 32.177428] raw: 0200000000000200 0000000000000000 dead000000000122 ffff888100041500 [ 32.177840] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 32.178280] page dumped because: kasan: bad access detected [ 32.178609] [ 32.178725] Memory state around the buggy address: [ 32.179105] ffff888103734080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.179501] ffff888103734100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.180005] >ffff888103734180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.180315] ^ [ 32.180815] ffff888103734200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.181157] ffff888103734280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.181768] ==================================================================