Date
July 15, 2025, 2:10 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 107.141520] ================================================================== [ 107.142786] BUG: KASAN: use-after-free in strrchr+0x28/0x54 [ 107.143643] Read of size 1 at addr ffff0000c66ab410 by task kunit_try_catch/248 [ 107.144632] [ 107.145029] CPU: 1 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.145998] Hardware name: linux,dummy-virt (DT) [ 107.146337] Call trace: [ 107.146568] dump_backtrace+0xe0/0x134 [ 107.146946] show_stack+0x20/0x2c [ 107.147464] dump_stack_lvl+0x88/0xb4 [ 107.148005] print_report+0x158/0x44c [ 107.148496] kasan_report+0xc8/0x180 [ 107.148963] __asan_load1+0x68/0x74 [ 107.149451] strrchr+0x28/0x54 [ 107.149909] kasan_strings+0xfc/0x530 [ 107.150357] kunit_try_run_case+0x8c/0x124 [ 107.150948] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.151490] kthread+0x15c/0x170 [ 107.151976] ret_from_fork+0x10/0x20 [ 107.152599] [ 107.152907] Allocated by task 248: [ 107.153493] kasan_save_stack+0x3c/0x70 [ 107.154185] kasan_set_track+0x2c/0x40 [ 107.154784] kasan_save_alloc_info+0x24/0x34 [ 107.155520] __kasan_kmalloc+0xd4/0xe0 [ 107.156120] kmalloc_trace+0x8c/0x150 [ 107.156718] kasan_strings+0xa0/0x530 [ 107.157537] kunit_try_run_case+0x8c/0x124 [ 107.157965] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.158459] kthread+0x15c/0x170 [ 107.158823] ret_from_fork+0x10/0x20 [ 107.159192] [ 107.159371] Freed by task 248: [ 107.159637] kasan_save_stack+0x3c/0x70 [ 107.160029] kasan_set_track+0x2c/0x40 [ 107.160537] kasan_save_free_info+0x38/0x5c [ 107.161801] __kasan_slab_free+0x100/0x170 [ 107.162306] slab_free_freelist_hook+0xd8/0x1c0 [ 107.162717] __kmem_cache_free+0x15c/0x2a0 [ 107.163333] kfree+0x88/0x150 [ 107.163886] kasan_strings+0xc0/0x530 [ 107.164434] kunit_try_run_case+0x8c/0x124 [ 107.165189] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.165854] kthread+0x15c/0x170 [ 107.166214] ret_from_fork+0x10/0x20 [ 107.166576] [ 107.166769] The buggy address belongs to the object at ffff0000c66ab400 [ 107.166769] which belongs to the cache kmalloc-128 of size 128 [ 107.167476] The buggy address is located 16 bytes inside of [ 107.167476] 128-byte region [ffff0000c66ab400, ffff0000c66ab480) [ 107.168275] [ 107.168533] The buggy address belongs to the physical page: [ 107.169058] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.169918] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.170812] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.171507] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.172053] page dumped because: kasan: bad access detected [ 107.172594] [ 107.172858] Memory state around the buggy address: [ 107.173307] ffff0000c66ab300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.174313] ffff0000c66ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.175074] >ffff0000c66ab400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.175982] ^ [ 107.176636] ffff0000c66ab480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.177642] ffff0000c66ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.178737] ==================================================================
[ 76.842082] ================================================================== [ 76.842651] BUG: KASAN: use-after-free in strrchr+0x34/0x68 [ 76.843365] Read of size 1 at addr ffff0000c5abca10 by task kunit_try_catch/164 [ 76.843990] [ 76.844232] CPU: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 76.845009] Hardware name: linux,dummy-virt (DT) [ 76.845601] Call trace: [ 76.845888] dump_backtrace+0xf8/0x118 [ 76.846381] show_stack+0x18/0x24 [ 76.847208] __dump_stack+0x28/0x38 [ 76.847660] dump_stack_lvl+0x54/0x6c [ 76.848145] print_address_description+0x7c/0x1ec [ 76.848974] print_report+0x50/0x68 [ 76.849426] kasan_report+0xac/0x100 [ 76.849886] __asan_load1+0x6c/0x70 [ 76.850363] strrchr+0x34/0x68 [ 76.850721] kasan_strings+0xf8/0x404 [ 76.851156] kunit_try_run_case+0x80/0x184 [ 76.851608] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.852193] kthread+0x16c/0x21c [ 76.853052] ret_from_fork+0x10/0x20 [ 76.853490] [ 76.853678] Allocated by task 164: [ 76.854061] kasan_set_track+0x4c/0x80 [ 76.854511] kasan_save_alloc_info+0x28/0x34 [ 76.854994] __kasan_kmalloc+0x88/0xa0 [ 76.855441] kmalloc_trace+0x54/0x68 [ 76.855901] kasan_strings+0x48/0x404 [ 76.856368] kunit_try_run_case+0x80/0x184 [ 76.857119] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.857705] kthread+0x16c/0x21c [ 76.858159] ret_from_fork+0x10/0x20 [ 76.858630] [ 76.858858] Freed by task 164: [ 76.859201] kasan_set_track+0x4c/0x80 [ 76.859689] kasan_save_free_info+0x3c/0x60 [ 76.860146] ____kasan_slab_free+0xe8/0x140 [ 76.860686] __kasan_slab_free+0x18/0x28 [ 76.861163] __kmem_cache_free+0xdc/0x284 [ 76.861625] kfree+0x60/0x74 [ 76.862000] kasan_strings+0x90/0x404 [ 76.862463] kunit_try_run_case+0x80/0x184 [ 76.863420] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.864060] kthread+0x16c/0x21c [ 76.864472] ret_from_fork+0x10/0x20 [ 76.865158] [ 76.865357] The buggy address belongs to the object at ffff0000c5abca00 [ 76.865357] which belongs to the cache kmalloc-128 of size 128 [ 76.866348] The buggy address is located 16 bytes inside of [ 76.866348] 128-byte region [ffff0000c5abca00, ffff0000c5abca80) [ 76.867276] [ 76.867517] The buggy address belongs to the physical page: [ 76.867988] page:00000000b0163b2b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105abc [ 76.869332] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 76.870010] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 76.870701] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 76.871346] page dumped because: kasan: bad access detected [ 76.871826] [ 76.872025] Memory state around the buggy address: [ 76.872471] ffff0000c5abc900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.873118] ffff0000c5abc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.873751] >ffff0000c5abca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.874590] ^ [ 76.874967] ffff0000c5abca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.875609] ffff0000c5abcb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.876242] ==================================================================
[ 75.963529] ================================================================== [ 75.964659] BUG: KASAN: use-after-free in strrchr+0x34/0x68 [ 75.965472] Read of size 1 at addr ffff0000c58a7510 by task kunit_try_catch/164 [ 75.966388] [ 75.966681] CPU: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 75.968242] Hardware name: linux,dummy-virt (DT) [ 75.969280] Call trace: [ 75.969684] dump_backtrace+0xf4/0x114 [ 75.970428] show_stack+0x18/0x24 [ 75.971042] __dump_stack+0x28/0x38 [ 75.971995] dump_stack_lvl+0x50/0x68 [ 75.972421] print_address_description+0x7c/0x1ec [ 75.972942] print_report+0x50/0x68 [ 75.973363] kasan_report+0xac/0xfc [ 75.974411] __asan_load1+0x6c/0x70 [ 75.975195] strrchr+0x34/0x68 [ 75.975944] kasan_strings+0xf8/0x404 [ 75.976536] kunit_try_run_case+0x80/0x184 [ 75.977796] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 75.978638] kthread+0x16c/0x21c [ 75.979583] ret_from_fork+0x10/0x20 [ 75.980593] [ 75.981084] Allocated by task 164: [ 75.981661] kasan_set_track+0x4c/0x80 [ 75.982602] kasan_save_alloc_info+0x28/0x34 [ 75.983218] __kasan_kmalloc+0x88/0xa0 [ 75.983888] kmalloc_trace+0x54/0x68 [ 75.984611] kasan_strings+0x48/0x404 [ 75.985495] kunit_try_run_case+0x80/0x184 [ 75.986407] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 75.987490] kthread+0x16c/0x21c [ 75.988373] ret_from_fork+0x10/0x20 [ 75.989096] [ 75.989291] Freed by task 164: [ 75.989572] kasan_set_track+0x4c/0x80 [ 75.990330] kasan_save_free_info+0x3c/0x60 [ 75.991025] ____kasan_slab_free+0xe8/0x140 [ 75.991798] __kasan_slab_free+0x18/0x28 [ 75.992601] __kmem_cache_free+0xdc/0x27c [ 75.993307] kfree+0x60/0x74 [ 75.993875] kasan_strings+0x90/0x404 [ 75.994518] kunit_try_run_case+0x80/0x184 [ 75.995208] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 75.995882] kthread+0x16c/0x21c [ 75.996279] ret_from_fork+0x10/0x20 [ 75.996653] [ 75.996883] The buggy address belongs to the object at ffff0000c58a7500 [ 75.996883] which belongs to the cache kmalloc-128 of size 128 [ 75.998530] The buggy address is located 16 bytes inside of [ 75.998530] 128-byte region [ffff0000c58a7500, ffff0000c58a7580) [ 76.000003] [ 76.000331] The buggy address belongs to the physical page: [ 76.001133] page:00000000333134b1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 76.002316] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 76.003149] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 76.003699] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 76.004876] page dumped because: kasan: bad access detected [ 76.005596] [ 76.005882] Memory state around the buggy address: [ 76.006505] ffff0000c58a7400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.007396] ffff0000c58a7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.008408] >ffff0000c58a7500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.009425] ^ [ 76.010047] ffff0000c58a7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.010758] ffff0000c58a7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.011219] ==================================================================
[ 74.555188] ================================================================== [ 74.556071] BUG: KASAN: use-after-free in strrchr+0x28/0x54 [ 74.556858] Read of size 1 at addr ffff0000c5938710 by task kunit_try_catch/164 [ 74.558526] [ 74.558932] CPU: 1 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 74.559710] Hardware name: linux,dummy-virt (DT) [ 74.560038] Call trace: [ 74.560251] dump_backtrace.part.0+0xdc/0xf0 [ 74.561341] show_stack+0x18/0x30 [ 74.562146] dump_stack_lvl+0x64/0x80 [ 74.563132] print_report+0x158/0x438 [ 74.564077] kasan_report+0xb4/0xf4 [ 74.564799] __asan_load1+0x68/0x74 [ 74.565562] strrchr+0x28/0x54 [ 74.566299] kasan_strings+0xf4/0x520 [ 74.567118] kunit_try_run_case+0x84/0x120 [ 74.567993] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 74.568954] kthread+0x180/0x190 [ 74.569471] ret_from_fork+0x10/0x20 [ 74.570249] [ 74.570804] Allocated by task 164: [ 74.571331] kasan_save_stack+0x3c/0x70 [ 74.571711] kasan_set_track+0x2c/0x40 [ 74.572057] kasan_save_alloc_info+0x24/0x34 [ 74.572703] __kasan_kmalloc+0xb8/0xc0 [ 74.573521] kmalloc_trace+0x58/0x6c [ 74.574537] kasan_strings+0x98/0x520 [ 74.575315] kunit_try_run_case+0x84/0x120 [ 74.576201] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 74.577224] kthread+0x180/0x190 [ 74.577983] ret_from_fork+0x10/0x20 [ 74.578761] [ 74.579167] Freed by task 164: [ 74.579787] kasan_save_stack+0x3c/0x70 [ 74.580569] kasan_set_track+0x2c/0x40 [ 74.581335] kasan_save_free_info+0x38/0x5c [ 74.582303] __kasan_slab_free+0xe4/0x150 [ 74.583038] __kmem_cache_free+0x130/0x2a4 [ 74.583856] kfree+0x58/0x80 [ 74.584548] kasan_strings+0xb8/0x520 [ 74.585066] kunit_try_run_case+0x84/0x120 [ 74.585927] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 74.586926] kthread+0x180/0x190 [ 74.587431] ret_from_fork+0x10/0x20 [ 74.587788] [ 74.587954] The buggy address belongs to the object at ffff0000c5938700 [ 74.587954] which belongs to the cache kmalloc-128 of size 128 [ 74.589002] The buggy address is located 16 bytes inside of [ 74.589002] 128-byte region [ffff0000c5938700, ffff0000c5938780) [ 74.590453] [ 74.590719] The buggy address belongs to the physical page: [ 74.591401] page:000000003af4cecf refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105938 [ 74.592488] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 74.593411] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 74.594451] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 74.595699] page dumped because: kasan: bad access detected [ 74.596066] [ 74.596238] Memory state around the buggy address: [ 74.596618] ffff0000c5938600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 74.597207] ffff0000c5938680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.597893] >ffff0000c5938700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 74.598617] ^ [ 74.599333] ffff0000c5938780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.599954] ffff0000c5938800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.600534] ==================================================================
[ 65.977351] ================================================================== [ 65.978244] BUG: KASAN: use-after-free in strrchr+0x28/0x58 [ 65.978747] Read of size 1 at addr ffff0000c59bd910 by task kunit_try_catch/162 [ 65.979319] [ 65.979512] CPU: 1 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.980147] Hardware name: linux,dummy-virt (DT) [ 65.980535] Call trace: [ 65.980809] dump_backtrace+0x110/0x120 [ 65.981267] show_stack+0x18/0x28 [ 65.981690] dump_stack_lvl+0x68/0x84 [ 65.982096] print_report+0x158/0x484 [ 65.982462] kasan_report+0x98/0xe0 [ 65.982827] __asan_load1+0x68/0x78 [ 65.983195] strrchr+0x28/0x58 [ 65.983999] kasan_strings+0x110/0x4e0 [ 65.984427] kunit_try_run_case+0x7c/0x120 [ 65.984853] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.985373] kthread+0x1a4/0x1b8 [ 65.985959] ret_from_fork+0x10/0x20 [ 65.986362] [ 65.986549] Allocated by task 162: [ 65.986848] kasan_save_stack+0x2c/0x58 [ 65.987224] kasan_set_track+0x2c/0x40 [ 65.987586] kasan_save_alloc_info+0x24/0x38 [ 65.988041] __kasan_kmalloc+0xa0/0xb8 [ 65.988423] kmalloc_trace+0x50/0x68 [ 65.988815] kasan_strings+0xa8/0x4e0 [ 65.989213] kunit_try_run_case+0x7c/0x120 [ 65.990165] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.990705] kthread+0x1a4/0x1b8 [ 65.991025] ret_from_fork+0x10/0x20 [ 65.991418] [ 65.991606] Freed by task 162: [ 65.991876] kasan_save_stack+0x2c/0x58 [ 65.992254] kasan_set_track+0x2c/0x40 [ 65.992635] kasan_save_free_info+0x38/0x60 [ 65.993046] __kasan_slab_free+0xe8/0x158 [ 65.993599] __kmem_cache_free+0x138/0x2b0 [ 65.994038] kfree+0x5c/0x70 [ 65.994387] kasan_strings+0xc8/0x4e0 [ 65.994779] kunit_try_run_case+0x7c/0x120 [ 65.995180] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.995794] kthread+0x1a4/0x1b8 [ 65.996142] ret_from_fork+0x10/0x20 [ 65.996506] [ 65.996697] The buggy address belongs to the object at ffff0000c59bd900 [ 65.996697] which belongs to the cache kmalloc-128 of size 128 [ 65.997565] The buggy address is located 16 bytes inside of [ 65.997565] 128-byte region [ffff0000c59bd900, ffff0000c59bd980) [ 65.998836] [ 65.999054] The buggy address belongs to the physical page: [ 65.999466] page:00000000a3aeb2fe refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059bd [ 66.000182] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.000795] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.001398] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.001962] page dumped because: kasan: bad access detected [ 66.002643] [ 66.002815] Memory state around the buggy address: [ 66.003212] ffff0000c59bd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.003805] ffff0000c59bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.004380] >ffff0000c59bd900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.004887] ^ [ 66.005206] ffff0000c59bd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.006006] ffff0000c59bda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.006548] ==================================================================
[ 32.101964] ================================================================== [ 32.102424] BUG: KASAN: use-after-free in strrchr+0x1a/0x40 [ 32.102747] Read of size 1 at addr ffff8881037341d0 by task kunit_try_catch/268 [ 32.103092] [ 32.103218] CPU: 1 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 32.103624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.104060] Call Trace: [ 32.104225] <TASK> [ 32.104391] dump_stack_lvl+0x49/0x62 [ 32.104623] print_report+0x189/0x492 [ 32.104890] ? kasan_complete_mode_report_info+0x7c/0x200 [ 32.105200] ? strrchr+0x1a/0x40 [ 32.105468] kasan_report+0x10c/0x190 [ 32.105672] ? kasan_quarantine_put+0xba/0x1c0 [ 32.105933] ? strrchr+0x1a/0x40 [ 32.106187] __asan_load1+0x62/0x70 [ 32.106403] strrchr+0x1a/0x40 [ 32.106604] kasan_strings+0x112/0x4e0 [ 32.106846] ? kmalloc_oob_right+0x310/0x310 [ 32.107121] ? __kunit_add_resource+0xd1/0x100 [ 32.107446] ? kasan_test_init+0x13e/0x1b0 [ 32.107667] kunit_try_run_case+0x8f/0xd0 [ 32.107916] ? kunit_catch_run_case+0x80/0x80 [ 32.108797] ? kunit_try_catch_throw+0x40/0x40 [ 32.109001] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 32.109316] kthread+0x17b/0x1b0 [ 32.109517] ? kthread_complete_and_exit+0x30/0x30 [ 32.109771] ret_from_fork+0x22/0x30 [ 32.109953] </TASK> [ 32.110178] [ 32.110335] Allocated by task 268: [ 32.110526] kasan_save_stack+0x41/0x70 [ 32.110758] kasan_set_track+0x25/0x40 [ 32.110968] kasan_save_alloc_info+0x1e/0x30 [ 32.111181] __kasan_kmalloc+0xb6/0xc0 [ 32.111479] kmalloc_trace+0x48/0xb0 [ 32.111708] kasan_strings+0x99/0x4e0 [ 32.111967] kunit_try_run_case+0x8f/0xd0 [ 32.112289] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 32.112592] kthread+0x17b/0x1b0 [ 32.112791] ret_from_fork+0x22/0x30 [ 32.113034] [ 32.113200] Freed by task 268: [ 32.113392] kasan_save_stack+0x41/0x70 [ 32.113656] kasan_set_track+0x25/0x40 [ 32.113879] kasan_save_free_info+0x2e/0x50 [ 32.114055] ____kasan_slab_free+0x175/0x1d0 [ 32.114248] __kasan_slab_free+0x12/0x20 [ 32.114478] __kmem_cache_free+0x188/0x2f0 [ 32.114779] kfree+0x78/0x120 [ 32.115048] kasan_strings+0xbd/0x4e0 [ 32.115699] kunit_try_run_case+0x8f/0xd0 [ 32.115947] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 32.116591] kthread+0x17b/0x1b0 [ 32.116910] ret_from_fork+0x22/0x30 [ 32.117244] [ 32.117570] The buggy address belongs to the object at ffff8881037341c0 [ 32.117570] which belongs to the cache kmalloc-32 of size 32 [ 32.118233] The buggy address is located 16 bytes inside of [ 32.118233] 32-byte region [ffff8881037341c0, ffff8881037341e0) [ 32.119034] [ 32.119278] The buggy address belongs to the physical page: [ 32.119703] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103734 [ 32.120379] flags: 0x200000000000200(slab|node=0|zone=2) [ 32.120800] raw: 0200000000000200 0000000000000000 dead000000000122 ffff888100041500 [ 32.121320] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 32.121824] page dumped because: kasan: bad access detected [ 32.122211] [ 32.122475] Memory state around the buggy address: [ 32.122808] ffff888103734080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.123283] ffff888103734100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.123745] >ffff888103734180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.124199] ^ [ 32.124619] ffff888103734200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.125096] ffff888103734280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.125546] ==================================================================