Date
July 23, 2025, 2:10 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 15.045072] ================================================================== [ 15.045423] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 15.046237] Write of size 1 at addr fff00000c3f39173 by task kunit_try_catch/136 [ 15.046346] [ 15.047172] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7 #1 PREEMPT [ 15.047316] Tainted: [N]=TEST [ 15.047348] Hardware name: linux,dummy-virt (DT) [ 15.047563] Call trace: [ 15.047729] show_stack+0x20/0x38 (C) [ 15.047932] dump_stack_lvl+0x8c/0xd0 [ 15.048005] print_report+0x118/0x5d0 [ 15.048053] kasan_report+0xdc/0x128 [ 15.048099] __asan_report_store1_noabort+0x20/0x30 [ 15.048150] kmalloc_oob_right+0x5a4/0x660 [ 15.048197] kunit_try_run_case+0x170/0x3f0 [ 15.048249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.048303] kthread+0x328/0x630 [ 15.048346] ret_from_fork+0x10/0x20 [ 15.048501] [ 15.048539] Allocated by task 136: [ 15.048656] kasan_save_stack+0x3c/0x68 [ 15.048720] kasan_save_track+0x20/0x40 [ 15.048759] kasan_save_alloc_info+0x40/0x58 [ 15.048799] __kasan_kmalloc+0xd4/0xd8 [ 15.048835] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.048891] kmalloc_oob_right+0xb0/0x660 [ 15.048927] kunit_try_run_case+0x170/0x3f0 [ 15.048964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.049008] kthread+0x328/0x630 [ 15.049040] ret_from_fork+0x10/0x20 [ 15.049096] [ 15.049155] The buggy address belongs to the object at fff00000c3f39100 [ 15.049155] which belongs to the cache kmalloc-128 of size 128 [ 15.049249] The buggy address is located 0 bytes to the right of [ 15.049249] allocated 115-byte region [fff00000c3f39100, fff00000c3f39173) [ 15.049318] [ 15.049399] The buggy address belongs to the physical page: [ 15.049604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.049899] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.050183] page_type: f5(slab) [ 15.050490] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.050555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.050678] page dumped because: kasan: bad access detected [ 15.050720] [ 15.050746] Memory state around the buggy address: [ 15.050975] fff00000c3f39000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.051044] fff00000c3f39080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.051099] >fff00000c3f39100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.051153] ^ [ 15.051234] fff00000c3f39180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.051277] fff00000c3f39200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.051341] ================================================================== [ 15.057782] ================================================================== [ 15.057946] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 15.058035] Read of size 1 at addr fff00000c3f39180 by task kunit_try_catch/136 [ 15.058086] [ 15.058114] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.058193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.058314] Hardware name: linux,dummy-virt (DT) [ 15.058344] Call trace: [ 15.058503] show_stack+0x20/0x38 (C) [ 15.058667] dump_stack_lvl+0x8c/0xd0 [ 15.058765] print_report+0x118/0x5d0 [ 15.058964] kasan_report+0xdc/0x128 [ 15.059013] __asan_report_load1_noabort+0x20/0x30 [ 15.059064] kmalloc_oob_right+0x5d0/0x660 [ 15.059251] kunit_try_run_case+0x170/0x3f0 [ 15.059309] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.059425] kthread+0x328/0x630 [ 15.059573] ret_from_fork+0x10/0x20 [ 15.059631] [ 15.059649] Allocated by task 136: [ 15.059678] kasan_save_stack+0x3c/0x68 [ 15.059718] kasan_save_track+0x20/0x40 [ 15.059754] kasan_save_alloc_info+0x40/0x58 [ 15.059935] __kasan_kmalloc+0xd4/0xd8 [ 15.060055] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.060148] kmalloc_oob_right+0xb0/0x660 [ 15.060216] kunit_try_run_case+0x170/0x3f0 [ 15.060283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.060325] kthread+0x328/0x630 [ 15.060357] ret_from_fork+0x10/0x20 [ 15.060401] [ 15.060420] The buggy address belongs to the object at fff00000c3f39100 [ 15.060420] which belongs to the cache kmalloc-128 of size 128 [ 15.060487] The buggy address is located 13 bytes to the right of [ 15.060487] allocated 115-byte region [fff00000c3f39100, fff00000c3f39173) [ 15.060569] [ 15.060588] The buggy address belongs to the physical page: [ 15.060625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.060677] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.060734] page_type: f5(slab) [ 15.060781] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.060840] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.060891] page dumped because: kasan: bad access detected [ 15.060922] [ 15.060939] Memory state around the buggy address: [ 15.060969] fff00000c3f39080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.061011] fff00000c3f39100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.061090] >fff00000c3f39180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.061307] ^ [ 15.061444] fff00000c3f39200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.061599] fff00000c3f39280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.061694] ================================================================== [ 15.052739] ================================================================== [ 15.052778] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 15.052824] Write of size 1 at addr fff00000c3f39178 by task kunit_try_catch/136 [ 15.052890] [ 15.052919] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.052999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.053025] Hardware name: linux,dummy-virt (DT) [ 15.053054] Call trace: [ 15.053075] show_stack+0x20/0x38 (C) [ 15.053122] dump_stack_lvl+0x8c/0xd0 [ 15.053170] print_report+0x118/0x5d0 [ 15.053218] kasan_report+0xdc/0x128 [ 15.053280] __asan_report_store1_noabort+0x20/0x30 [ 15.053332] kmalloc_oob_right+0x538/0x660 [ 15.053377] kunit_try_run_case+0x170/0x3f0 [ 15.053426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.053478] kthread+0x328/0x630 [ 15.053519] ret_from_fork+0x10/0x20 [ 15.053565] [ 15.053582] Allocated by task 136: [ 15.053610] kasan_save_stack+0x3c/0x68 [ 15.053649] kasan_save_track+0x20/0x40 [ 15.053685] kasan_save_alloc_info+0x40/0x58 [ 15.054390] __kasan_kmalloc+0xd4/0xd8 [ 15.054630] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.054838] kmalloc_oob_right+0xb0/0x660 [ 15.054923] kunit_try_run_case+0x170/0x3f0 [ 15.054971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.055084] kthread+0x328/0x630 [ 15.055151] ret_from_fork+0x10/0x20 [ 15.055280] [ 15.055356] The buggy address belongs to the object at fff00000c3f39100 [ 15.055356] which belongs to the cache kmalloc-128 of size 128 [ 15.055418] The buggy address is located 5 bytes to the right of [ 15.055418] allocated 115-byte region [fff00000c3f39100, fff00000c3f39173) [ 15.055632] [ 15.055651] The buggy address belongs to the physical page: [ 15.055681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.055751] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.056027] page_type: f5(slab) [ 15.056108] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.056161] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.056201] page dumped because: kasan: bad access detected [ 15.056235] [ 15.056255] Memory state around the buggy address: [ 15.056487] fff00000c3f39000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.056565] fff00000c3f39080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.056705] >fff00000c3f39100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.056836] ^ [ 15.056897] fff00000c3f39180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.056939] fff00000c3f39200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.056997] ==================================================================
[ 11.980339] ================================================================== [ 11.981336] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.982058] Write of size 1 at addr ffff8881025bdc73 by task kunit_try_catch/153 [ 11.982793] [ 11.983868] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 11.984233] Tainted: [N]=TEST [ 11.984266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.984484] Call Trace: [ 11.984551] <TASK> [ 11.984696] dump_stack_lvl+0x73/0xb0 [ 11.984781] print_report+0xd1/0x610 [ 11.984809] ? __virt_addr_valid+0x1db/0x2d0 [ 11.984854] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.984875] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.984896] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.984917] kasan_report+0x141/0x180 [ 11.984938] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.984963] __asan_report_store1_noabort+0x1b/0x30 [ 11.984986] kmalloc_oob_right+0x6f0/0x7f0 [ 11.985007] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.985029] ? __schedule+0x10c6/0x2b60 [ 11.985052] ? __pfx_read_tsc+0x10/0x10 [ 11.985095] ? ktime_get_ts64+0x86/0x230 [ 11.985122] kunit_try_run_case+0x1a5/0x480 [ 11.985148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.985170] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.985193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.985216] ? __kthread_parkme+0x82/0x180 [ 11.985236] ? preempt_count_sub+0x50/0x80 [ 11.985261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.985283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.985306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.985328] kthread+0x337/0x6f0 [ 11.985347] ? trace_preempt_on+0x20/0xc0 [ 11.985371] ? __pfx_kthread+0x10/0x10 [ 11.985390] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.985411] ? calculate_sigpending+0x7b/0xa0 [ 11.985435] ? __pfx_kthread+0x10/0x10 [ 11.985456] ret_from_fork+0x116/0x1d0 [ 11.985474] ? __pfx_kthread+0x10/0x10 [ 11.985494] ret_from_fork_asm+0x1a/0x30 [ 11.985551] </TASK> [ 11.985623] [ 11.995391] Allocated by task 153: [ 11.995649] kasan_save_stack+0x45/0x70 [ 11.995827] kasan_save_track+0x18/0x40 [ 11.995991] kasan_save_alloc_info+0x3b/0x50 [ 11.996199] __kasan_kmalloc+0xb7/0xc0 [ 11.996378] __kmalloc_cache_noprof+0x189/0x420 [ 11.996560] kmalloc_oob_right+0xa9/0x7f0 [ 11.996762] kunit_try_run_case+0x1a5/0x480 [ 11.996973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.997203] kthread+0x337/0x6f0 [ 11.997373] ret_from_fork+0x116/0x1d0 [ 11.997549] ret_from_fork_asm+0x1a/0x30 [ 11.997725] [ 11.997856] The buggy address belongs to the object at ffff8881025bdc00 [ 11.997856] which belongs to the cache kmalloc-128 of size 128 [ 11.998490] The buggy address is located 0 bytes to the right of [ 11.998490] allocated 115-byte region [ffff8881025bdc00, ffff8881025bdc73) [ 11.999025] [ 11.999224] The buggy address belongs to the physical page: [ 11.999600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025bd [ 12.000229] flags: 0x200000000000000(node=0|zone=2) [ 12.000871] page_type: f5(slab) [ 12.001383] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.001712] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.002119] page dumped because: kasan: bad access detected [ 12.002359] [ 12.002465] Memory state around the buggy address: [ 12.002896] ffff8881025bdb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.003261] ffff8881025bdb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.003578] >ffff8881025bdc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.003879] ^ [ 12.004245] ffff8881025bdc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.004535] ffff8881025bdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.004871] ================================================================== [ 12.006406] ================================================================== [ 12.006724] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.007034] Write of size 1 at addr ffff8881025bdc78 by task kunit_try_catch/153 [ 12.007424] [ 12.007540] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 12.007586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.007597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.007617] Call Trace: [ 12.007633] <TASK> [ 12.007648] dump_stack_lvl+0x73/0xb0 [ 12.007676] print_report+0xd1/0x610 [ 12.007697] ? __virt_addr_valid+0x1db/0x2d0 [ 12.007719] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.007739] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.007760] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.007781] kasan_report+0x141/0x180 [ 12.007801] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.007837] __asan_report_store1_noabort+0x1b/0x30 [ 12.007861] kmalloc_oob_right+0x6bd/0x7f0 [ 12.007882] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.007904] ? __schedule+0x10c6/0x2b60 [ 12.007925] ? __pfx_read_tsc+0x10/0x10 [ 12.007945] ? ktime_get_ts64+0x86/0x230 [ 12.007968] kunit_try_run_case+0x1a5/0x480 [ 12.007991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.008013] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.008035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.008058] ? __kthread_parkme+0x82/0x180 [ 12.008097] ? preempt_count_sub+0x50/0x80 [ 12.008120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.008143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.008165] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.008188] kthread+0x337/0x6f0 [ 12.008207] ? trace_preempt_on+0x20/0xc0 [ 12.008229] ? __pfx_kthread+0x10/0x10 [ 12.008249] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.008269] ? calculate_sigpending+0x7b/0xa0 [ 12.008292] ? __pfx_kthread+0x10/0x10 [ 12.008313] ret_from_fork+0x116/0x1d0 [ 12.008330] ? __pfx_kthread+0x10/0x10 [ 12.008350] ret_from_fork_asm+0x1a/0x30 [ 12.008379] </TASK> [ 12.008389] [ 12.015002] Allocated by task 153: [ 12.015186] kasan_save_stack+0x45/0x70 [ 12.015360] kasan_save_track+0x18/0x40 [ 12.015505] kasan_save_alloc_info+0x3b/0x50 [ 12.015719] __kasan_kmalloc+0xb7/0xc0 [ 12.015885] __kmalloc_cache_noprof+0x189/0x420 [ 12.016119] kmalloc_oob_right+0xa9/0x7f0 [ 12.016277] kunit_try_run_case+0x1a5/0x480 [ 12.016483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.016659] kthread+0x337/0x6f0 [ 12.016779] ret_from_fork+0x116/0x1d0 [ 12.016926] ret_from_fork_asm+0x1a/0x30 [ 12.017111] [ 12.017204] The buggy address belongs to the object at ffff8881025bdc00 [ 12.017204] which belongs to the cache kmalloc-128 of size 128 [ 12.017724] The buggy address is located 5 bytes to the right of [ 12.017724] allocated 115-byte region [ffff8881025bdc00, ffff8881025bdc73) [ 12.018204] [ 12.018303] The buggy address belongs to the physical page: [ 12.018563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025bd [ 12.018905] flags: 0x200000000000000(node=0|zone=2) [ 12.019149] page_type: f5(slab) [ 12.019292] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.019601] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.019920] page dumped because: kasan: bad access detected [ 12.020159] [ 12.020479] Memory state around the buggy address: [ 12.020689] ffff8881025bdb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.020956] ffff8881025bdb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.021203] >ffff8881025bdc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.021418] ^ [ 12.021632] ffff8881025bdc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.021938] ffff8881025bdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.022273] ================================================================== [ 12.022801] ================================================================== [ 12.023177] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.023517] Read of size 1 at addr ffff8881025bdc80 by task kunit_try_catch/153 [ 12.023808] [ 12.023903] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 12.023945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.023956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.023976] Call Trace: [ 12.023989] <TASK> [ 12.024002] dump_stack_lvl+0x73/0xb0 [ 12.024027] print_report+0xd1/0x610 [ 12.024048] ? __virt_addr_valid+0x1db/0x2d0 [ 12.024069] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.024110] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.024131] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.024151] kasan_report+0x141/0x180 [ 12.024172] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.024197] __asan_report_load1_noabort+0x18/0x20 [ 12.024220] kmalloc_oob_right+0x68a/0x7f0 [ 12.024241] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.024263] ? __schedule+0x10c6/0x2b60 [ 12.024284] ? __pfx_read_tsc+0x10/0x10 [ 12.024304] ? ktime_get_ts64+0x86/0x230 [ 12.024327] kunit_try_run_case+0x1a5/0x480 [ 12.024349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.024371] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.024393] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.024415] ? __kthread_parkme+0x82/0x180 [ 12.024434] ? preempt_count_sub+0x50/0x80 [ 12.024456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.024479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.024501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.024523] kthread+0x337/0x6f0 [ 12.024541] ? trace_preempt_on+0x20/0xc0 [ 12.024563] ? __pfx_kthread+0x10/0x10 [ 12.024582] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.024603] ? calculate_sigpending+0x7b/0xa0 [ 12.024625] ? __pfx_kthread+0x10/0x10 [ 12.024646] ret_from_fork+0x116/0x1d0 [ 12.024663] ? __pfx_kthread+0x10/0x10 [ 12.024683] ret_from_fork_asm+0x1a/0x30 [ 12.024712] </TASK> [ 12.024721] [ 12.033779] Allocated by task 153: [ 12.033929] kasan_save_stack+0x45/0x70 [ 12.034164] kasan_save_track+0x18/0x40 [ 12.034338] kasan_save_alloc_info+0x3b/0x50 [ 12.034525] __kasan_kmalloc+0xb7/0xc0 [ 12.034687] __kmalloc_cache_noprof+0x189/0x420 [ 12.034881] kmalloc_oob_right+0xa9/0x7f0 [ 12.035106] kunit_try_run_case+0x1a5/0x480 [ 12.035320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.035528] kthread+0x337/0x6f0 [ 12.035650] ret_from_fork+0x116/0x1d0 [ 12.035784] ret_from_fork_asm+0x1a/0x30 [ 12.035991] [ 12.036112] The buggy address belongs to the object at ffff8881025bdc00 [ 12.036112] which belongs to the cache kmalloc-128 of size 128 [ 12.036573] The buggy address is located 13 bytes to the right of [ 12.036573] allocated 115-byte region [ffff8881025bdc00, ffff8881025bdc73) [ 12.037114] [ 12.037213] The buggy address belongs to the physical page: [ 12.037465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025bd [ 12.037776] flags: 0x200000000000000(node=0|zone=2) [ 12.037992] page_type: f5(slab) [ 12.038139] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.038487] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.038760] page dumped because: kasan: bad access detected [ 12.038944] [ 12.039016] Memory state around the buggy address: [ 12.039267] ffff8881025bdb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.039586] ffff8881025bdc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.039910] >ffff8881025bdc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.040156] ^ [ 12.040298] ffff8881025bdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.040615] ffff8881025bdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.040940] ==================================================================