lkft/linux-mainline-master - v6.15-rc3-1-g9d7a0577c9db - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper

Date

April 20, 2025, 11:09 p.m.

Environment
qemu-arm64
qemu-x86_64
rk3399-rock-pi-4b

[   22.988506] ==================================================================
[   22.989352] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   22.989641] Write of size 1 at addr fff00000c67392eb by task kunit_try_catch/160
[   22.990195] 
[   22.990384] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   22.990564] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.991054] Hardware name: linux,dummy-virt (DT)
[   22.992067] Call trace:
[   22.992152]  show_stack+0x20/0x38 (C)
[   22.992280]  dump_stack_lvl+0x8c/0xd0
[   22.992580]  print_report+0x118/0x608
[   22.992703]  kasan_report+0xdc/0x128
[   22.994307]  __asan_report_store1_noabort+0x20/0x30
[   22.994696]  krealloc_less_oob_helper+0xa58/0xc50
[   22.995530]  krealloc_less_oob+0x20/0x38
[   22.995701]  kunit_try_run_case+0x170/0x3f0
[   22.995840]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.996032]  kthread+0x328/0x630
[   22.996279]  ret_from_fork+0x10/0x20
[   22.996403] 
[   22.996492] Allocated by task 160:
[   22.996572]  kasan_save_stack+0x3c/0x68
[   22.996678]  kasan_save_track+0x20/0x40
[   22.996782]  kasan_save_alloc_info+0x40/0x58
[   22.996890]  __kasan_krealloc+0x118/0x178
[   22.997009]  krealloc_noprof+0x128/0x360
[   22.997206]  krealloc_less_oob_helper+0x168/0xc50
[   22.997395]  krealloc_less_oob+0x20/0x38
[   22.997510]  kunit_try_run_case+0x170/0x3f0
[   22.997729]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.997917]  kthread+0x328/0x630
[   22.998045]  ret_from_fork+0x10/0x20
[   22.998148] 
[   22.998205] The buggy address belongs to the object at fff00000c6739200
[   22.998205]  which belongs to the cache kmalloc-256 of size 256
[   22.998350] The buggy address is located 34 bytes to the right of
[   22.998350]  allocated 201-byte region [fff00000c6739200, fff00000c67392c9)
[   22.998516] 
[   22.998597] The buggy address belongs to the physical page:
[   22.998741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106738
[   22.998864] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.998988] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.999136] page_type: f5(slab)
[   22.999270] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   22.999474] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.999681] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   22.999813] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.999964] head: 0bfffe0000000001 ffffc1ffc319ce01 00000000ffffffff 00000000ffffffff
[   23.000097] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   23.000202] page dumped because: kasan: bad access detected
[   23.000285] 
[   23.000335] Memory state around the buggy address:
[   23.000417]  fff00000c6739180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.000535]  fff00000c6739200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.000650] >fff00000c6739280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   23.000750]                                                           ^
[   23.000853]  fff00000c6739300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.000990]  fff00000c6739380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.001149] ==================================================================
[   23.086449] ==================================================================
[   23.086548] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   23.086656] Write of size 1 at addr fff00000c76ce0ea by task kunit_try_catch/164
[   23.086785] 
[   23.086859] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   23.087078] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.087150] Hardware name: linux,dummy-virt (DT)
[   23.087232] Call trace:
[   23.087345]  show_stack+0x20/0x38 (C)
[   23.087603]  dump_stack_lvl+0x8c/0xd0
[   23.087729]  print_report+0x118/0x608
[   23.087851]  kasan_report+0xdc/0x128
[   23.087985]  __asan_report_store1_noabort+0x20/0x30
[   23.088117]  krealloc_less_oob_helper+0xae4/0xc50
[   23.088338]  krealloc_large_less_oob+0x20/0x38
[   23.088546]  kunit_try_run_case+0x170/0x3f0
[   23.089235]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.089670]  kthread+0x328/0x630
[   23.089817]  ret_from_fork+0x10/0x20
[   23.089968] 
[   23.090024] The buggy address belongs to the physical page:
[   23.090191] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc
[   23.090368] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.091425] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   23.091589] page_type: f8(unknown)
[   23.091704] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.091838] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.091987] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.092204] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.092325] head: 0bfffe0000000002 ffffc1ffc31db301 00000000ffffffff 00000000ffffffff
[   23.092525] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.092791] page dumped because: kasan: bad access detected
[   23.092870] 
[   23.092947] Memory state around the buggy address:
[   23.093025]  fff00000c76cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.093127]  fff00000c76ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.093226] >fff00000c76ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   23.093312]                                                           ^
[   23.093445]  fff00000c76ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.093570]  fff00000c76ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.093673] ==================================================================
[   22.923344] ==================================================================
[   22.923699] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   22.923967] Write of size 1 at addr fff00000c67392c9 by task kunit_try_catch/160
[   22.924210] 
[   22.924329] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   22.924624] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.924866] Hardware name: linux,dummy-virt (DT)
[   22.924965] Call trace:
[   22.925178]  show_stack+0x20/0x38 (C)
[   22.925323]  dump_stack_lvl+0x8c/0xd0
[   22.925449]  print_report+0x118/0x608
[   22.926069]  kasan_report+0xdc/0x128
[   22.926192]  __asan_report_store1_noabort+0x20/0x30
[   22.926371]  krealloc_less_oob_helper+0xa48/0xc50
[   22.926573]  krealloc_less_oob+0x20/0x38
[   22.926695]  kunit_try_run_case+0x170/0x3f0
[   22.926852]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.927263]  kthread+0x328/0x630
[   22.927382]  ret_from_fork+0x10/0x20
[   22.927524] 
[   22.927628] Allocated by task 160:
[   22.927711]  kasan_save_stack+0x3c/0x68
[   22.928986]  kasan_save_track+0x20/0x40
[   22.929386]  kasan_save_alloc_info+0x40/0x58
[   22.929556]  __kasan_krealloc+0x118/0x178
[   22.929653]  krealloc_noprof+0x128/0x360
[   22.929757]  krealloc_less_oob_helper+0x168/0xc50
[   22.929868]  krealloc_less_oob+0x20/0x38
[   22.930005]  kunit_try_run_case+0x170/0x3f0
[   22.930195]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.930396]  kthread+0x328/0x630
[   22.930503]  ret_from_fork+0x10/0x20
[   22.930607] 
[   22.930660] The buggy address belongs to the object at fff00000c6739200
[   22.930660]  which belongs to the cache kmalloc-256 of size 256
[   22.930920] The buggy address is located 0 bytes to the right of
[   22.930920]  allocated 201-byte region [fff00000c6739200, fff00000c67392c9)
[   22.931616] 
[   22.931730] The buggy address belongs to the physical page:
[   22.931968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106738
[   22.932093] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.932778] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.933693] page_type: f5(slab)
[   22.933785] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   22.933898] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.934335] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   22.934470] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.935424] head: 0bfffe0000000001 ffffc1ffc319ce01 00000000ffffffff 00000000ffffffff
[   22.935630] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   22.935910] page dumped because: kasan: bad access detected
[   22.936095] 
[   22.936401] Memory state around the buggy address:
[   22.936555]  fff00000c6739180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.937195]  fff00000c6739200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.937346] >fff00000c6739280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   22.937589]                                               ^
[   22.937679]  fff00000c6739300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.938575]  fff00000c6739380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.938844] ==================================================================
[   22.953991] ==================================================================
[   22.954084] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   22.954188] Write of size 1 at addr fff00000c67392da by task kunit_try_catch/160
[   22.954301] 
[   22.954362] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   22.957017] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.957119] Hardware name: linux,dummy-virt (DT)
[   22.957206] Call trace:
[   22.957268]  show_stack+0x20/0x38 (C)
[   22.957404]  dump_stack_lvl+0x8c/0xd0
[   22.957535]  print_report+0x118/0x608
[   22.957663]  kasan_report+0xdc/0x128
[   22.957770]  __asan_report_store1_noabort+0x20/0x30
[   22.957835]  krealloc_less_oob_helper+0xa80/0xc50
[   22.957897]  krealloc_less_oob+0x20/0x38
[   22.958122]  kunit_try_run_case+0x170/0x3f0
[   22.958340]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.958584]  kthread+0x328/0x630
[   22.958944]  ret_from_fork+0x10/0x20
[   22.959502] 
[   22.960760] Allocated by task 160:
[   22.960902]  kasan_save_stack+0x3c/0x68
[   22.961408]  kasan_save_track+0x20/0x40
[   22.961502]  kasan_save_alloc_info+0x40/0x58
[   22.961592]  __kasan_krealloc+0x118/0x178
[   22.961681]  krealloc_noprof+0x128/0x360
[   22.962332]  krealloc_less_oob_helper+0x168/0xc50
[   22.962465]  krealloc_less_oob+0x20/0x38
[   22.962587]  kunit_try_run_case+0x170/0x3f0
[   22.963263]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.963384]  kthread+0x328/0x630
[   22.963900]  ret_from_fork+0x10/0x20
[   22.964045] 
[   22.964101] The buggy address belongs to the object at fff00000c6739200
[   22.964101]  which belongs to the cache kmalloc-256 of size 256
[   22.964239] The buggy address is located 17 bytes to the right of
[   22.964239]  allocated 201-byte region [fff00000c6739200, fff00000c67392c9)
[   22.964397] 
[   22.964445] The buggy address belongs to the physical page:
[   22.965533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106738
[   22.965657] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.966139] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.966291] page_type: f5(slab)
[   22.966822] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   22.966982] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.967279] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   22.967394] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.967505] head: 0bfffe0000000001 ffffc1ffc319ce01 00000000ffffffff 00000000ffffffff
[   22.968211] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   22.968946] page dumped because: kasan: bad access detected
[   22.969212] 
[   22.969467] Memory state around the buggy address:
[   22.969555]  fff00000c6739180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.969681]  fff00000c6739200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.970257] >fff00000c6739280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   22.970686]                                                     ^
[   22.971235]  fff00000c6739300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.971637]  fff00000c6739380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.971772] ==================================================================
[   22.941236] ==================================================================
[   22.941330] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   22.941435] Write of size 1 at addr fff00000c67392d0 by task kunit_try_catch/160
[   22.941546] 
[   22.941609] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   22.941788] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.941849] Hardware name: linux,dummy-virt (DT)
[   22.941918] Call trace:
[   22.942077]  show_stack+0x20/0x38 (C)
[   22.942293]  dump_stack_lvl+0x8c/0xd0
[   22.942517]  print_report+0x118/0x608
[   22.942829]  kasan_report+0xdc/0x128
[   22.943488]  __asan_report_store1_noabort+0x20/0x30
[   22.943708]  krealloc_less_oob_helper+0xb9c/0xc50
[   22.943854]  krealloc_less_oob+0x20/0x38
[   22.944014]  kunit_try_run_case+0x170/0x3f0
[   22.944201]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.944391]  kthread+0x328/0x630
[   22.944540]  ret_from_fork+0x10/0x20
[   22.944857] 
[   22.944953] Allocated by task 160:
[   22.945023]  kasan_save_stack+0x3c/0x68
[   22.945163]  kasan_save_track+0x20/0x40
[   22.945266]  kasan_save_alloc_info+0x40/0x58
[   22.945451]  __kasan_krealloc+0x118/0x178
[   22.945559]  krealloc_noprof+0x128/0x360
[   22.945660]  krealloc_less_oob_helper+0x168/0xc50
[   22.945763]  krealloc_less_oob+0x20/0x38
[   22.945897]  kunit_try_run_case+0x170/0x3f0
[   22.946029]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.946246]  kthread+0x328/0x630
[   22.946525]  ret_from_fork+0x10/0x20
[   22.946690] 
[   22.946789] The buggy address belongs to the object at fff00000c6739200
[   22.946789]  which belongs to the cache kmalloc-256 of size 256
[   22.947045] The buggy address is located 7 bytes to the right of
[   22.947045]  allocated 201-byte region [fff00000c6739200, fff00000c67392c9)
[   22.947394] 
[   22.947453] The buggy address belongs to the physical page:
[   22.947522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106738
[   22.947955] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.948287] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.948690] page_type: f5(slab)
[   22.948873] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   22.949066] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.949300] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   22.949507] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.949658] head: 0bfffe0000000001 ffffc1ffc319ce01 00000000ffffffff 00000000ffffffff
[   22.950000] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   22.950109] page dumped because: kasan: bad access detected
[   22.950196] 
[   22.950238] Memory state around the buggy address:
[   22.950537]  fff00000c6739180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.951093]  fff00000c6739200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.951217] >fff00000c6739280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   22.951579]                                                  ^
[   22.951954]  fff00000c6739300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.952312]  fff00000c6739380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.952531] ==================================================================
[   23.095244] ==================================================================
[   23.095397] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   23.095522] Write of size 1 at addr fff00000c76ce0eb by task kunit_try_catch/164
[   23.095677] 
[   23.095750] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   23.096000] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.096243] Hardware name: linux,dummy-virt (DT)
[   23.096326] Call trace:
[   23.096570]  show_stack+0x20/0x38 (C)
[   23.096728]  dump_stack_lvl+0x8c/0xd0
[   23.097062]  print_report+0x118/0x608
[   23.097660]  kasan_report+0xdc/0x128
[   23.098109]  __asan_report_store1_noabort+0x20/0x30
[   23.098461]  krealloc_less_oob_helper+0xa58/0xc50
[   23.098631]  krealloc_large_less_oob+0x20/0x38
[   23.098923]  kunit_try_run_case+0x170/0x3f0
[   23.099128]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.099264]  kthread+0x328/0x630
[   23.099373]  ret_from_fork+0x10/0x20
[   23.099483] 
[   23.099527] The buggy address belongs to the physical page:
[   23.099596] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc
[   23.099728] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.099834] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   23.100035] page_type: f8(unknown)
[   23.101032] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.101189] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.101347] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.101513] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.101656] head: 0bfffe0000000002 ffffc1ffc31db301 00000000ffffffff 00000000ffffffff
[   23.101786] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.102048] page dumped because: kasan: bad access detected
[   23.102299] 
[   23.102578] Memory state around the buggy address:
[   23.102769]  fff00000c76cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.102875]  fff00000c76ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.103207] >fff00000c76ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   23.103299]                                                           ^
[   23.103474]  fff00000c76ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.104442]  fff00000c76ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.104787] ==================================================================
[   22.973922] ==================================================================
[   22.974045] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   22.974163] Write of size 1 at addr fff00000c67392ea by task kunit_try_catch/160
[   22.974398] 
[   22.974461] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   22.974819] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.974920] Hardware name: linux,dummy-virt (DT)
[   22.975022] Call trace:
[   22.975086]  show_stack+0x20/0x38 (C)
[   22.975208]  dump_stack_lvl+0x8c/0xd0
[   22.975322]  print_report+0x118/0x608
[   22.975433]  kasan_report+0xdc/0x128
[   22.975544]  __asan_report_store1_noabort+0x20/0x30
[   22.976799]  krealloc_less_oob_helper+0xae4/0xc50
[   22.977042]  krealloc_less_oob+0x20/0x38
[   22.977206]  kunit_try_run_case+0x170/0x3f0
[   22.977399]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.977720]  kthread+0x328/0x630
[   22.977856]  ret_from_fork+0x10/0x20
[   22.978478] 
[   22.978597] Allocated by task 160:
[   22.978799]  kasan_save_stack+0x3c/0x68
[   22.978962]  kasan_save_track+0x20/0x40
[   22.979149]  kasan_save_alloc_info+0x40/0x58
[   22.979255]  __kasan_krealloc+0x118/0x178
[   22.979437]  krealloc_noprof+0x128/0x360
[   22.979531]  krealloc_less_oob_helper+0x168/0xc50
[   22.980046]  krealloc_less_oob+0x20/0x38
[   22.980258]  kunit_try_run_case+0x170/0x3f0
[   22.980382]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.980582]  kthread+0x328/0x630
[   22.980692]  ret_from_fork+0x10/0x20
[   22.981022] 
[   22.981070] The buggy address belongs to the object at fff00000c6739200
[   22.981070]  which belongs to the cache kmalloc-256 of size 256
[   22.981383] The buggy address is located 33 bytes to the right of
[   22.981383]  allocated 201-byte region [fff00000c6739200, fff00000c67392c9)
[   22.982099] 
[   22.982179] The buggy address belongs to the physical page:
[   22.982307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106738
[   22.982457] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.982820] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.983274] page_type: f5(slab)
[   22.983534] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   22.983703] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.983978] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   22.984256] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.984384] head: 0bfffe0000000001 ffffc1ffc319ce01 00000000ffffffff 00000000ffffffff
[   22.985111] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   22.985254] page dumped because: kasan: bad access detected
[   22.985355] 
[   22.985427] Memory state around the buggy address:
[   22.985508]  fff00000c6739180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.985608]  fff00000c6739200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.985723] >fff00000c6739280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   22.985812]                                                           ^
[   22.985907]  fff00000c6739300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.986063]  fff00000c6739380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.986158] ==================================================================
[   23.070356] ==================================================================
[   23.070450] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   23.070554] Write of size 1 at addr fff00000c76ce0d0 by task kunit_try_catch/164
[   23.070666] 
[   23.070727] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   23.070901] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.070982] Hardware name: linux,dummy-virt (DT)
[   23.071054] Call trace:
[   23.071102]  show_stack+0x20/0x38 (C)
[   23.071227]  dump_stack_lvl+0x8c/0xd0
[   23.071514]  print_report+0x118/0x608
[   23.071702]  kasan_report+0xdc/0x128
[   23.071834]  __asan_report_store1_noabort+0x20/0x30
[   23.072000]  krealloc_less_oob_helper+0xb9c/0xc50
[   23.072145]  krealloc_large_less_oob+0x20/0x38
[   23.072288]  kunit_try_run_case+0x170/0x3f0
[   23.072425]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.072574]  kthread+0x328/0x630
[   23.072723]  ret_from_fork+0x10/0x20
[   23.072988] 
[   23.073132] The buggy address belongs to the physical page:
[   23.073300] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc
[   23.073448] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.073586] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   23.073765] page_type: f8(unknown)
[   23.073996] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.074167] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.074329] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.074589] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.074706] head: 0bfffe0000000002 ffffc1ffc31db301 00000000ffffffff 00000000ffffffff
[   23.074819] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.074911] page dumped because: kasan: bad access detected
[   23.075011] 
[   23.075063] Memory state around the buggy address:
[   23.075146]  fff00000c76cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.075261]  fff00000c76ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.075376] >fff00000c76ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   23.075478]                                                  ^
[   23.075632]  fff00000c76ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.075762]  fff00000c76ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.075865] ==================================================================
[   23.059038] ==================================================================
[   23.059161] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   23.059501] Write of size 1 at addr fff00000c76ce0c9 by task kunit_try_catch/164
[   23.059695] 
[   23.059764] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   23.059968] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.060029] Hardware name: linux,dummy-virt (DT)
[   23.060106] Call trace:
[   23.060160]  show_stack+0x20/0x38 (C)
[   23.060279]  dump_stack_lvl+0x8c/0xd0
[   23.060389]  print_report+0x118/0x608
[   23.060496]  kasan_report+0xdc/0x128
[   23.060648]  __asan_report_store1_noabort+0x20/0x30
[   23.060796]  krealloc_less_oob_helper+0xa48/0xc50
[   23.060958]  krealloc_large_less_oob+0x20/0x38
[   23.061084]  kunit_try_run_case+0x170/0x3f0
[   23.061425]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.061627]  kthread+0x328/0x630
[   23.061748]  ret_from_fork+0x10/0x20
[   23.062551] 
[   23.062616] The buggy address belongs to the physical page:
[   23.063038] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc
[   23.063439] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.063733] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   23.063871] page_type: f8(unknown)
[   23.064458] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.064806] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.064943] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.066727] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.066884] head: 0bfffe0000000002 ffffc1ffc31db301 00000000ffffffff 00000000ffffffff
[   23.067381] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.067539] page dumped because: kasan: bad access detected
[   23.067662] 
[   23.067749] Memory state around the buggy address:
[   23.067880]  fff00000c76cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.068005]  fff00000c76ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.068155] >fff00000c76ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   23.068389]                                               ^
[   23.068562]  fff00000c76ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.068669]  fff00000c76ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.068777] ==================================================================
[   23.078555] ==================================================================
[   23.078647] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   23.078752] Write of size 1 at addr fff00000c76ce0da by task kunit_try_catch/164
[   23.078862] 
[   23.078922] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   23.079121] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.079181] Hardware name: linux,dummy-virt (DT)
[   23.079247] Call trace:
[   23.079295]  show_stack+0x20/0x38 (C)
[   23.079407]  dump_stack_lvl+0x8c/0xd0
[   23.079520]  print_report+0x118/0x608
[   23.079656]  kasan_report+0xdc/0x128
[   23.079801]  __asan_report_store1_noabort+0x20/0x30
[   23.079962]  krealloc_less_oob_helper+0xa80/0xc50
[   23.080107]  krealloc_large_less_oob+0x20/0x38
[   23.080247]  kunit_try_run_case+0x170/0x3f0
[   23.080865]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.081041]  kthread+0x328/0x630
[   23.081124]  ret_from_fork+0x10/0x20
[   23.081188] 
[   23.081239] The buggy address belongs to the physical page:
[   23.081313] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc
[   23.081496] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.081748] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   23.082053] page_type: f8(unknown)
[   23.082146] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.083627] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.083776] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.083903] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.084090] head: 0bfffe0000000002 ffffc1ffc31db301 00000000ffffffff 00000000ffffffff
[   23.084296] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.084396] page dumped because: kasan: bad access detected
[   23.084501] 
[   23.084563] Memory state around the buggy address:
[   23.084713]  fff00000c76cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.084824]  fff00000c76ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.085117] >fff00000c76ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   23.085210]                                                     ^
[   23.085296]  fff00000c76ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.085401]  fff00000c76ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.085656] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2w0twD46JnbM3uuwFzFr96Mv09c

job_id

TEST:linaro@lkft#2w0u011gxc9rP28xjZn2LW9dmkk

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2w0u011gxc9rP28xjZn2LW9dmkk

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2w0txFB8nKL1zwrJEbIPml6sHmA/Image.gz
sha256sum	640e60b3f9e880e210b277ab8a14be609af2709a64df1bea735a73952e0c6d8f

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	6e7d093e93027c909f889e69aec109c9a1b0ec1ca5f1beffa4bce78be31bff20

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2w0txFB8nKL1zwrJEbIPml6sHmA/modules.tar.xz
sha256sum	34ed11929e5ab442ddd8b3a4d64f3a51c04d9299dcf90df066391ed31be24330

durations

tests

boot	0
kunit	130.18

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.2.2+ds-1+b2

[   11.246899] ==================================================================
[   11.247254] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   11.247503] Write of size 1 at addr ffff888100a234da by task kunit_try_catch/178
[   11.247998] 
[   11.248109] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT(voluntary) 
[   11.248151] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.248163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.248183] Call Trace:
[   11.248197]  <TASK>
[   11.248212]  dump_stack_lvl+0x73/0xb0
[   11.248235]  print_report+0xd1/0x650
[   11.248258]  ? __virt_addr_valid+0x1db/0x2d0
[   11.248279]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.248303]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.248335]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.248359]  kasan_report+0x141/0x180
[   11.248382]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.248411]  __asan_report_store1_noabort+0x1b/0x30
[   11.248432]  krealloc_less_oob_helper+0xec6/0x11d0
[   11.248458]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.248483]  ? finish_task_switch.isra.0+0x153/0x700
[   11.248505]  ? __switch_to+0x5d9/0xf60
[   11.248524]  ? dequeue_task_fair+0x156/0x4e0
[   11.248549]  ? __schedule+0x10cc/0x2b30
[   11.248572]  ? __pfx_read_tsc+0x10/0x10
[   11.248595]  krealloc_less_oob+0x1c/0x30
[   11.248617]  kunit_try_run_case+0x1a5/0x480
[   11.248640]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.248661]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.248684]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.248708]  ? __kthread_parkme+0x82/0x180
[   11.248729]  ? preempt_count_sub+0x50/0x80
[   11.248753]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.248776]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.248798]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.248820]  kthread+0x337/0x6f0
[   11.248841]  ? trace_preempt_on+0x20/0xc0
[   11.248864]  ? __pfx_kthread+0x10/0x10
[   11.248885]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.248907]  ? calculate_sigpending+0x7b/0xa0
[   11.248928]  ? __pfx_kthread+0x10/0x10
[   11.248950]  ret_from_fork+0x41/0x80
[   11.248971]  ? __pfx_kthread+0x10/0x10
[   11.248993]  ret_from_fork_asm+0x1a/0x30
[   11.249024]  </TASK>
[   11.249034] 
[   11.257866] Allocated by task 178:
[   11.258087]  kasan_save_stack+0x45/0x70
[   11.258314]  kasan_save_track+0x18/0x40
[   11.258583]  kasan_save_alloc_info+0x3b/0x50
[   11.258823]  __kasan_krealloc+0x190/0x1f0
[   11.258969]  krealloc_noprof+0xf3/0x340
[   11.259208]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.259667]  krealloc_less_oob+0x1c/0x30
[   11.259837]  kunit_try_run_case+0x1a5/0x480
[   11.260025]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.260315]  kthread+0x337/0x6f0
[   11.260493]  ret_from_fork+0x41/0x80
[   11.260681]  ret_from_fork_asm+0x1a/0x30
[   11.260879] 
[   11.260974] The buggy address belongs to the object at ffff888100a23400
[   11.260974]  which belongs to the cache kmalloc-256 of size 256
[   11.261614] The buggy address is located 17 bytes to the right of
[   11.261614]  allocated 201-byte region [ffff888100a23400, ffff888100a234c9)
[   11.262068] 
[   11.262213] The buggy address belongs to the physical page:
[   11.262575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22
[   11.262950] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.263210] flags: 0x200000000000040(head|node=0|zone=2)
[   11.263706] page_type: f5(slab)
[   11.263884] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.264220] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.264633] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.264999] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.265376] head: 0200000000000001 ffffea0004028881 00000000ffffffff 00000000ffffffff
[   11.265791] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.266081] page dumped because: kasan: bad access detected
[   11.266368] 
[   11.266465] Memory state around the buggy address:
[   11.266782]  ffff888100a23380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.267066]  ffff888100a23400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.267631] >ffff888100a23480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.267908]                                                     ^
[   11.268218]  ffff888100a23500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.268630]  ffff888100a23580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.268938] ==================================================================
[   11.203049] ==================================================================
[   11.203567] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   11.204012] Write of size 1 at addr ffff888100a234c9 by task kunit_try_catch/178
[   11.204367] 
[   11.204472] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT(voluntary) 
[   11.204515] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.204538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.204557] Call Trace:
[   11.204569]  <TASK>
[   11.204584]  dump_stack_lvl+0x73/0xb0
[   11.204610]  print_report+0xd1/0x650
[   11.204633]  ? __virt_addr_valid+0x1db/0x2d0
[   11.204655]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.204679]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.204701]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.204725]  kasan_report+0x141/0x180
[   11.204747]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.204776]  __asan_report_store1_noabort+0x1b/0x30
[   11.204798]  krealloc_less_oob_helper+0xd70/0x11d0
[   11.204824]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.204848]  ? finish_task_switch.isra.0+0x153/0x700
[   11.204871]  ? __switch_to+0x5d9/0xf60
[   11.204891]  ? dequeue_task_fair+0x156/0x4e0
[   11.204916]  ? __schedule+0x10cc/0x2b30
[   11.204940]  ? __pfx_read_tsc+0x10/0x10
[   11.204963]  krealloc_less_oob+0x1c/0x30
[   11.204985]  kunit_try_run_case+0x1a5/0x480
[   11.205009]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.205030]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.205053]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.205077]  ? __kthread_parkme+0x82/0x180
[   11.205098]  ? preempt_count_sub+0x50/0x80
[   11.205122]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.205157]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.205179]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.205201]  kthread+0x337/0x6f0
[   11.205223]  ? trace_preempt_on+0x20/0xc0
[   11.205246]  ? __pfx_kthread+0x10/0x10
[   11.205268]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.205289]  ? calculate_sigpending+0x7b/0xa0
[   11.205311]  ? __pfx_kthread+0x10/0x10
[   11.205344]  ret_from_fork+0x41/0x80
[   11.205364]  ? __pfx_kthread+0x10/0x10
[   11.205386]  ret_from_fork_asm+0x1a/0x30
[   11.205418]  </TASK>
[   11.205429] 
[   11.213102] Allocated by task 178:
[   11.213257]  kasan_save_stack+0x45/0x70
[   11.213605]  kasan_save_track+0x18/0x40
[   11.213812]  kasan_save_alloc_info+0x3b/0x50
[   11.214018]  __kasan_krealloc+0x190/0x1f0
[   11.214235]  krealloc_noprof+0xf3/0x340
[   11.214415]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.214756]  krealloc_less_oob+0x1c/0x30
[   11.214903]  kunit_try_run_case+0x1a5/0x480
[   11.215093]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.215371]  kthread+0x337/0x6f0
[   11.215555]  ret_from_fork+0x41/0x80
[   11.215741]  ret_from_fork_asm+0x1a/0x30
[   11.215918] 
[   11.215988] The buggy address belongs to the object at ffff888100a23400
[   11.215988]  which belongs to the cache kmalloc-256 of size 256
[   11.216618] The buggy address is located 0 bytes to the right of
[   11.216618]  allocated 201-byte region [ffff888100a23400, ffff888100a234c9)
[   11.217085] 
[   11.217199] The buggy address belongs to the physical page:
[   11.217419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22
[   11.217749] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.217976] flags: 0x200000000000040(head|node=0|zone=2)
[   11.218171] page_type: f5(slab)
[   11.218372] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.218710] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.219056] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.219553] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.219782] head: 0200000000000001 ffffea0004028881 00000000ffffffff 00000000ffffffff
[   11.220049] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.220725] page dumped because: kasan: bad access detected
[   11.220982] 
[   11.221074] Memory state around the buggy address:
[   11.221343]  ffff888100a23380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.221820]  ffff888100a23400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.222063] >ffff888100a23480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.222497]                                               ^
[   11.222670]  ffff888100a23500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.222906]  ffff888100a23580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.223884] ==================================================================
[   11.401927] ==================================================================
[   11.402199] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   11.402557] Write of size 1 at addr ffff888102c5a0da by task kunit_try_catch/182
[   11.402873] 
[   11.402973] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT(voluntary) 
[   11.403011] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.403022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.403040] Call Trace:
[   11.403053]  <TASK>
[   11.403065]  dump_stack_lvl+0x73/0xb0
[   11.403087]  print_report+0xd1/0x650
[   11.403108]  ? __virt_addr_valid+0x1db/0x2d0
[   11.403127]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.403150]  ? kasan_addr_to_slab+0x11/0xa0
[   11.403169]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.403193]  kasan_report+0x141/0x180
[   11.403214]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.403241]  __asan_report_store1_noabort+0x1b/0x30
[   11.403278]  krealloc_less_oob_helper+0xec6/0x11d0
[   11.403305]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.403339]  ? finish_task_switch.isra.0+0x153/0x700
[   11.403360]  ? __switch_to+0x5d9/0xf60
[   11.403379]  ? dequeue_task_fair+0x156/0x4e0
[   11.403403]  ? __schedule+0x10cc/0x2b30
[   11.403425]  ? __pfx_read_tsc+0x10/0x10
[   11.403447]  krealloc_large_less_oob+0x1c/0x30
[   11.403469]  kunit_try_run_case+0x1a5/0x480
[   11.403492]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.403513]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.403535]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.403558]  ? __kthread_parkme+0x82/0x180
[   11.403578]  ? preempt_count_sub+0x50/0x80
[   11.403602]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.403624]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.403646]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.403668]  kthread+0x337/0x6f0
[   11.403688]  ? trace_preempt_on+0x20/0xc0
[   11.403710]  ? __pfx_kthread+0x10/0x10
[   11.403731]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.403753]  ? calculate_sigpending+0x7b/0xa0
[   11.403774]  ? __pfx_kthread+0x10/0x10
[   11.403795]  ret_from_fork+0x41/0x80
[   11.403815]  ? __pfx_kthread+0x10/0x10
[   11.403837]  ret_from_fork_asm+0x1a/0x30
[   11.403868]  </TASK>
[   11.403878] 
[   11.411373] The buggy address belongs to the physical page:
[   11.411609] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58
[   11.411943] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.412613] flags: 0x200000000000040(head|node=0|zone=2)
[   11.412817] page_type: f8(unknown)
[   11.412966] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.413533] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.413842] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.414109] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.414535] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff
[   11.414767] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.414991] page dumped because: kasan: bad access detected
[   11.415158] 
[   11.415226] Memory state around the buggy address:
[   11.415511]  ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.415829]  ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.416136] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.416406]                                                     ^
[   11.416591]  ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.416799]  ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.417256] ==================================================================
[   11.435063] ==================================================================
[   11.435546] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   11.435830] Write of size 1 at addr ffff888102c5a0eb by task kunit_try_catch/182
[   11.436149] 
[   11.436242] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT(voluntary) 
[   11.436282] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.436293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.436311] Call Trace:
[   11.436336]  <TASK>
[   11.436348]  dump_stack_lvl+0x73/0xb0
[   11.436371]  print_report+0xd1/0x650
[   11.436439]  ? __virt_addr_valid+0x1db/0x2d0
[   11.436462]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.436485]  ? kasan_addr_to_slab+0x11/0xa0
[   11.436505]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.436529]  kasan_report+0x141/0x180
[   11.436551]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.436580]  __asan_report_store1_noabort+0x1b/0x30
[   11.436601]  krealloc_less_oob_helper+0xd47/0x11d0
[   11.436627]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.436651]  ? finish_task_switch.isra.0+0x153/0x700
[   11.436672]  ? __switch_to+0x5d9/0xf60
[   11.436691]  ? dequeue_task_fair+0x156/0x4e0
[   11.436715]  ? __schedule+0x10cc/0x2b30
[   11.436738]  ? __pfx_read_tsc+0x10/0x10
[   11.436760]  krealloc_large_less_oob+0x1c/0x30
[   11.436783]  kunit_try_run_case+0x1a5/0x480
[   11.436805]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.436826]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.436850]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.436873]  ? __kthread_parkme+0x82/0x180
[   11.436894]  ? preempt_count_sub+0x50/0x80
[   11.436917]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.436940]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.436962]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.436985]  kthread+0x337/0x6f0
[   11.437005]  ? trace_preempt_on+0x20/0xc0
[   11.437028]  ? __pfx_kthread+0x10/0x10
[   11.437049]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.437070]  ? calculate_sigpending+0x7b/0xa0
[   11.437091]  ? __pfx_kthread+0x10/0x10
[   11.437113]  ret_from_fork+0x41/0x80
[   11.437133]  ? __pfx_kthread+0x10/0x10
[   11.437154]  ret_from_fork_asm+0x1a/0x30
[   11.437185]  </TASK>
[   11.437195] 
[   11.444733] The buggy address belongs to the physical page:
[   11.444910] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58
[   11.445146] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.445380] flags: 0x200000000000040(head|node=0|zone=2)
[   11.445628] page_type: f8(unknown)
[   11.445807] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.446312] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.446608] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.446836] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.447063] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff
[   11.447934] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.448559] page dumped because: kasan: bad access detected
[   11.448872] 
[   11.448945] Memory state around the buggy address:
[   11.449099]  ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.449345]  ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.449832] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.450149]                                                           ^
[   11.450439]  ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.450693]  ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.451019] ==================================================================
[   11.417977] ==================================================================
[   11.418575] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   11.418914] Write of size 1 at addr ffff888102c5a0ea by task kunit_try_catch/182
[   11.419226] 
[   11.419338] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT(voluntary) 
[   11.419379] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.419390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.419409] Call Trace:
[   11.419423]  <TASK>
[   11.419437]  dump_stack_lvl+0x73/0xb0
[   11.419459]  print_report+0xd1/0x650
[   11.419481]  ? __virt_addr_valid+0x1db/0x2d0
[   11.419501]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.419524]  ? kasan_addr_to_slab+0x11/0xa0
[   11.419545]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.419569]  kasan_report+0x141/0x180
[   11.419591]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.419620]  __asan_report_store1_noabort+0x1b/0x30
[   11.419640]  krealloc_less_oob_helper+0xe90/0x11d0
[   11.419666]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.419690]  ? finish_task_switch.isra.0+0x153/0x700
[   11.419712]  ? __switch_to+0x5d9/0xf60
[   11.419731]  ? dequeue_task_fair+0x156/0x4e0
[   11.419755]  ? __schedule+0x10cc/0x2b30
[   11.419780]  ? __pfx_read_tsc+0x10/0x10
[   11.419803]  krealloc_large_less_oob+0x1c/0x30
[   11.419826]  kunit_try_run_case+0x1a5/0x480
[   11.419849]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.419869]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.419892]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.419915]  ? __kthread_parkme+0x82/0x180
[   11.419935]  ? preempt_count_sub+0x50/0x80
[   11.419959]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.419981]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.420003]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.420025]  kthread+0x337/0x6f0
[   11.420045]  ? trace_preempt_on+0x20/0xc0
[   11.420067]  ? __pfx_kthread+0x10/0x10
[   11.420089]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.420110]  ? calculate_sigpending+0x7b/0xa0
[   11.420186]  ? __pfx_kthread+0x10/0x10
[   11.420210]  ret_from_fork+0x41/0x80
[   11.420230]  ? __pfx_kthread+0x10/0x10
[   11.420252]  ret_from_fork_asm+0x1a/0x30
[   11.420283]  </TASK>
[   11.420293] 
[   11.428236] The buggy address belongs to the physical page:
[   11.428510] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58
[   11.428816] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.429037] flags: 0x200000000000040(head|node=0|zone=2)
[   11.429206] page_type: f8(unknown)
[   11.429340] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.429777] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.430123] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.430738] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.431097] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff
[   11.431578] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.431806] page dumped because: kasan: bad access detected
[   11.431975] 
[   11.432043] Memory state around the buggy address:
[   11.432378]  ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.432694]  ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.433010] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.433584]                                                           ^
[   11.433871]  ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.434457]  ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.434742] ==================================================================
[   11.269795] ==================================================================
[   11.270131] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   11.270487] Write of size 1 at addr ffff888100a234ea by task kunit_try_catch/178
[   11.270812] 
[   11.270901] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT(voluntary) 
[   11.270969] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.270981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.271000] Call Trace:
[   11.271024]  <TASK>
[   11.271038]  dump_stack_lvl+0x73/0xb0
[   11.271061]  print_report+0xd1/0x650
[   11.271083]  ? __virt_addr_valid+0x1db/0x2d0
[   11.271104]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.271143]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.271165]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.271189]  kasan_report+0x141/0x180
[   11.271212]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.271241]  __asan_report_store1_noabort+0x1b/0x30
[   11.271262]  krealloc_less_oob_helper+0xe90/0x11d0
[   11.271289]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.271312]  ? finish_task_switch.isra.0+0x153/0x700
[   11.271345]  ? __switch_to+0x5d9/0xf60
[   11.271364]  ? dequeue_task_fair+0x156/0x4e0
[   11.271409]  ? __schedule+0x10cc/0x2b30
[   11.271431]  ? __pfx_read_tsc+0x10/0x10
[   11.271454]  krealloc_less_oob+0x1c/0x30
[   11.271475]  kunit_try_run_case+0x1a5/0x480
[   11.271498]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.271519]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.271542]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.271567]  ? __kthread_parkme+0x82/0x180
[   11.271588]  ? preempt_count_sub+0x50/0x80
[   11.271612]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.271635]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.271657]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.271679]  kthread+0x337/0x6f0
[   11.271700]  ? trace_preempt_on+0x20/0xc0
[   11.271722]  ? __pfx_kthread+0x10/0x10
[   11.271744]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.271766]  ? calculate_sigpending+0x7b/0xa0
[   11.271787]  ? __pfx_kthread+0x10/0x10
[   11.271808]  ret_from_fork+0x41/0x80
[   11.271829]  ? __pfx_kthread+0x10/0x10
[   11.271850]  ret_from_fork_asm+0x1a/0x30
[   11.271881]  </TASK>
[   11.271891] 
[   11.279833] Allocated by task 178:
[   11.279960]  kasan_save_stack+0x45/0x70
[   11.280119]  kasan_save_track+0x18/0x40
[   11.280341]  kasan_save_alloc_info+0x3b/0x50
[   11.280618]  __kasan_krealloc+0x190/0x1f0
[   11.280820]  krealloc_noprof+0xf3/0x340
[   11.280997]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.281186]  krealloc_less_oob+0x1c/0x30
[   11.281457]  kunit_try_run_case+0x1a5/0x480
[   11.281670]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.281896]  kthread+0x337/0x6f0
[   11.282018]  ret_from_fork+0x41/0x80
[   11.282225]  ret_from_fork_asm+0x1a/0x30
[   11.282650] 
[   11.282753] The buggy address belongs to the object at ffff888100a23400
[   11.282753]  which belongs to the cache kmalloc-256 of size 256
[   11.283241] The buggy address is located 33 bytes to the right of
[   11.283241]  allocated 201-byte region [ffff888100a23400, ffff888100a234c9)
[   11.283752] 
[   11.283828] The buggy address belongs to the physical page:
[   11.284072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22
[   11.284529] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.284761] flags: 0x200000000000040(head|node=0|zone=2)
[   11.284931] page_type: f5(slab)
[   11.285065] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.285516] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.285865] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.286233] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.286767] head: 0200000000000001 ffffea0004028881 00000000ffffffff 00000000ffffffff
[   11.287007] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.287454] page dumped because: kasan: bad access detected
[   11.287713] 
[   11.287806] Memory state around the buggy address:
[   11.288026]  ffff888100a23380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.288315]  ffff888100a23400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.288571] >ffff888100a23480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.288891]                                                           ^
[   11.289143]  ffff888100a23500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.289506]  ffff888100a23580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.289792] ==================================================================
[   11.385476] ==================================================================
[   11.385714] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   11.386037] Write of size 1 at addr ffff888102c5a0d0 by task kunit_try_catch/182
[   11.386377] 
[   11.386539] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT(voluntary) 
[   11.386582] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.386594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.386613] Call Trace:
[   11.386624]  <TASK>
[   11.386639]  dump_stack_lvl+0x73/0xb0
[   11.386662]  print_report+0xd1/0x650
[   11.386683]  ? __virt_addr_valid+0x1db/0x2d0
[   11.386704]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.386727]  ? kasan_addr_to_slab+0x11/0xa0
[   11.386747]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.386772]  kasan_report+0x141/0x180
[   11.386794]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.386824]  __asan_report_store1_noabort+0x1b/0x30
[   11.386844]  krealloc_less_oob_helper+0xe23/0x11d0
[   11.386870]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.386894]  ? finish_task_switch.isra.0+0x153/0x700
[   11.386916]  ? __switch_to+0x5d9/0xf60
[   11.386934]  ? dequeue_task_fair+0x156/0x4e0
[   11.386959]  ? __schedule+0x10cc/0x2b30
[   11.386981]  ? __pfx_read_tsc+0x10/0x10
[   11.387003]  krealloc_large_less_oob+0x1c/0x30
[   11.387026]  kunit_try_run_case+0x1a5/0x480
[   11.387049]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.387070]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.387092]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.387115]  ? __kthread_parkme+0x82/0x180
[   11.387137]  ? preempt_count_sub+0x50/0x80
[   11.387176]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.387199]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.387221]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.387243]  kthread+0x337/0x6f0
[   11.387263]  ? trace_preempt_on+0x20/0xc0
[   11.387286]  ? __pfx_kthread+0x10/0x10
[   11.387307]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.387340]  ? calculate_sigpending+0x7b/0xa0
[   11.387361]  ? __pfx_kthread+0x10/0x10
[   11.387382]  ret_from_fork+0x41/0x80
[   11.387402]  ? __pfx_kthread+0x10/0x10
[   11.387423]  ret_from_fork_asm+0x1a/0x30
[   11.387644]  </TASK>
[   11.387657] 
[   11.395425] The buggy address belongs to the physical page:
[   11.395664] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58
[   11.396218] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.396583] flags: 0x200000000000040(head|node=0|zone=2)
[   11.396761] page_type: f8(unknown)
[   11.396889] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.397155] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.397501] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.397911] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.398451] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff
[   11.398689] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.398915] page dumped because: kasan: bad access detected
[   11.399115] 
[   11.399222] Memory state around the buggy address:
[   11.399603]  ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.399936]  ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.400314] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.400717]                                                  ^
[   11.400968]  ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.401343]  ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.401664] ==================================================================
[   11.290247] ==================================================================
[   11.290734] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   11.290988] Write of size 1 at addr ffff888100a234eb by task kunit_try_catch/178
[   11.291335] 
[   11.291533] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT(voluntary) 
[   11.291578] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.291589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.291608] Call Trace:
[   11.291620]  <TASK>
[   11.291634]  dump_stack_lvl+0x73/0xb0
[   11.291659]  print_report+0xd1/0x650
[   11.291681]  ? __virt_addr_valid+0x1db/0x2d0
[   11.291702]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.291726]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.291748]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.291772]  kasan_report+0x141/0x180
[   11.291795]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.291825]  __asan_report_store1_noabort+0x1b/0x30
[   11.291847]  krealloc_less_oob_helper+0xd47/0x11d0
[   11.291874]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.291899]  ? finish_task_switch.isra.0+0x153/0x700
[   11.291921]  ? __switch_to+0x5d9/0xf60
[   11.291940]  ? dequeue_task_fair+0x156/0x4e0
[   11.291965]  ? __schedule+0x10cc/0x2b30
[   11.291987]  ? __pfx_read_tsc+0x10/0x10
[   11.292010]  krealloc_less_oob+0x1c/0x30
[   11.292032]  kunit_try_run_case+0x1a5/0x480
[   11.292056]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.292077]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.292100]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.292146]  ? __kthread_parkme+0x82/0x180
[   11.292168]  ? preempt_count_sub+0x50/0x80
[   11.292192]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.292215]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.292238]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.292263]  kthread+0x337/0x6f0
[   11.292286]  ? trace_preempt_on+0x20/0xc0
[   11.292309]  ? __pfx_kthread+0x10/0x10
[   11.292341]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.292364]  ? calculate_sigpending+0x7b/0xa0
[   11.292460]  ? __pfx_kthread+0x10/0x10
[   11.292484]  ret_from_fork+0x41/0x80
[   11.292506]  ? __pfx_kthread+0x10/0x10
[   11.292528]  ret_from_fork_asm+0x1a/0x30
[   11.292562]  </TASK>
[   11.292572] 
[   11.300567] Allocated by task 178:
[   11.300701]  kasan_save_stack+0x45/0x70
[   11.300888]  kasan_save_track+0x18/0x40
[   11.301074]  kasan_save_alloc_info+0x3b/0x50
[   11.301304]  __kasan_krealloc+0x190/0x1f0
[   11.301604]  krealloc_noprof+0xf3/0x340
[   11.301753]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.301918]  krealloc_less_oob+0x1c/0x30
[   11.302113]  kunit_try_run_case+0x1a5/0x480
[   11.303982]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.304697]  kthread+0x337/0x6f0
[   11.304838]  ret_from_fork+0x41/0x80
[   11.304966]  ret_from_fork_asm+0x1a/0x30
[   11.305099] 
[   11.305169] The buggy address belongs to the object at ffff888100a23400
[   11.305169]  which belongs to the cache kmalloc-256 of size 256
[   11.305516] The buggy address is located 34 bytes to the right of
[   11.305516]  allocated 201-byte region [ffff888100a23400, ffff888100a234c9)
[   11.305872] 
[   11.306497] The buggy address belongs to the physical page:
[   11.307277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22
[   11.309119] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.310622] flags: 0x200000000000040(head|node=0|zone=2)
[   11.311129] page_type: f5(slab)
[   11.311738] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.313049] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.313522] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.313834] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.314154] head: 0200000000000001 ffffea0004028881 00000000ffffffff 00000000ffffffff
[   11.314643] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.314967] page dumped because: kasan: bad access detected
[   11.315204] 
[   11.315302] Memory state around the buggy address:
[   11.315627]  ffff888100a23380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.315900]  ffff888100a23400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.316195] >ffff888100a23480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.316595]                                                           ^
[   11.316838]  ffff888100a23500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.317163]  ffff888100a23580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.317519] ==================================================================
[   11.369229] ==================================================================
[   11.370054] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   11.370447] Write of size 1 at addr ffff888102c5a0c9 by task kunit_try_catch/182
[   11.370741] 
[   11.370848] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT(voluntary) 
[   11.370889] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.370900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.370918] Call Trace:
[   11.370929]  <TASK>
[   11.370942]  dump_stack_lvl+0x73/0xb0
[   11.370967]  print_report+0xd1/0x650
[   11.370988]  ? __virt_addr_valid+0x1db/0x2d0
[   11.371009]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.371032]  ? kasan_addr_to_slab+0x11/0xa0
[   11.371052]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.371076]  kasan_report+0x141/0x180
[   11.371098]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.371128]  __asan_report_store1_noabort+0x1b/0x30
[   11.371158]  krealloc_less_oob_helper+0xd70/0x11d0
[   11.371184]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.371208]  ? finish_task_switch.isra.0+0x153/0x700
[   11.371230]  ? __switch_to+0x5d9/0xf60
[   11.371248]  ? dequeue_task_fair+0x156/0x4e0
[   11.371272]  ? __schedule+0x10cc/0x2b30
[   11.371294]  ? __pfx_read_tsc+0x10/0x10
[   11.371316]  krealloc_large_less_oob+0x1c/0x30
[   11.371353]  kunit_try_run_case+0x1a5/0x480
[   11.371376]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.371413]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.371436]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.371459]  ? __kthread_parkme+0x82/0x180
[   11.371480]  ? preempt_count_sub+0x50/0x80
[   11.371504]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.371526]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.371548]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.371570]  kthread+0x337/0x6f0
[   11.371590]  ? trace_preempt_on+0x20/0xc0
[   11.371613]  ? __pfx_kthread+0x10/0x10
[   11.371634]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.371655]  ? calculate_sigpending+0x7b/0xa0
[   11.371675]  ? __pfx_kthread+0x10/0x10
[   11.371697]  ret_from_fork+0x41/0x80
[   11.371717]  ? __pfx_kthread+0x10/0x10
[   11.371738]  ret_from_fork_asm+0x1a/0x30
[   11.371769]  </TASK>
[   11.371779] 
[   11.378831] The buggy address belongs to the physical page:
[   11.379095] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58
[   11.379569] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.379844] flags: 0x200000000000040(head|node=0|zone=2)
[   11.380094] page_type: f8(unknown)
[   11.380269] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.380611] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.380907] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.381159] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.381399] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff
[   11.381852] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.382185] page dumped because: kasan: bad access detected
[   11.382449] 
[   11.382543] Memory state around the buggy address:
[   11.382750]  ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.383027]  ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.383665] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.383885]                                               ^
[   11.384136]  ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.384723]  ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.385006] ==================================================================
[   11.224749] ==================================================================
[   11.225065] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   11.225717] Write of size 1 at addr ffff888100a234d0 by task kunit_try_catch/178
[   11.226480] 
[   11.226703] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT(voluntary) 
[   11.226748] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.226759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.226778] Call Trace:
[   11.226793]  <TASK>
[   11.226808]  dump_stack_lvl+0x73/0xb0
[   11.226833]  print_report+0xd1/0x650
[   11.226855]  ? __virt_addr_valid+0x1db/0x2d0
[   11.226876]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.226899]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.226922]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.226946]  kasan_report+0x141/0x180
[   11.226968]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.226997]  __asan_report_store1_noabort+0x1b/0x30
[   11.227018]  krealloc_less_oob_helper+0xe23/0x11d0
[   11.227044]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.227069]  ? finish_task_switch.isra.0+0x153/0x700
[   11.227091]  ? __switch_to+0x5d9/0xf60
[   11.227110]  ? dequeue_task_fair+0x156/0x4e0
[   11.227136]  ? __schedule+0x10cc/0x2b30
[   11.227159]  ? __pfx_read_tsc+0x10/0x10
[   11.227182]  krealloc_less_oob+0x1c/0x30
[   11.227203]  kunit_try_run_case+0x1a5/0x480
[   11.227226]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.227248]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.227270]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.227294]  ? __kthread_parkme+0x82/0x180
[   11.227315]  ? preempt_count_sub+0x50/0x80
[   11.227352]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.227374]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.227397]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.227464]  kthread+0x337/0x6f0
[   11.227486]  ? trace_preempt_on+0x20/0xc0
[   11.227509]  ? __pfx_kthread+0x10/0x10
[   11.227530]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.227552]  ? calculate_sigpending+0x7b/0xa0
[   11.227573]  ? __pfx_kthread+0x10/0x10
[   11.227596]  ret_from_fork+0x41/0x80
[   11.227615]  ? __pfx_kthread+0x10/0x10
[   11.227637]  ret_from_fork_asm+0x1a/0x30
[   11.227668]  </TASK>
[   11.227679] 
[   11.235806] Allocated by task 178:
[   11.235967]  kasan_save_stack+0x45/0x70
[   11.236178]  kasan_save_track+0x18/0x40
[   11.236316]  kasan_save_alloc_info+0x3b/0x50
[   11.236530]  __kasan_krealloc+0x190/0x1f0
[   11.236908]  krealloc_noprof+0xf3/0x340
[   11.237110]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.237312]  krealloc_less_oob+0x1c/0x30
[   11.237520]  kunit_try_run_case+0x1a5/0x480
[   11.237666]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.237842]  kthread+0x337/0x6f0
[   11.238084]  ret_from_fork+0x41/0x80
[   11.238281]  ret_from_fork_asm+0x1a/0x30
[   11.238504] 
[   11.238600] The buggy address belongs to the object at ffff888100a23400
[   11.238600]  which belongs to the cache kmalloc-256 of size 256
[   11.239143] The buggy address is located 7 bytes to the right of
[   11.239143]  allocated 201-byte region [ffff888100a23400, ffff888100a234c9)
[   11.239820] 
[   11.239923] The buggy address belongs to the physical page:
[   11.240149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22
[   11.240659] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.240957] flags: 0x200000000000040(head|node=0|zone=2)
[   11.241228] page_type: f5(slab)
[   11.241442] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.241695] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.242043] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.242407] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.242817] head: 0200000000000001 ffffea0004028881 00000000ffffffff 00000000ffffffff
[   11.243097] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.243335] page dumped because: kasan: bad access detected
[   11.243508] 
[   11.243653] Memory state around the buggy address:
[   11.243877]  ffff888100a23380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.244253]  ffff888100a23400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.244765] >ffff888100a23480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.245304]                                                  ^
[   11.245712]  ffff888100a23500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.245966]  ffff888100a23580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.246221] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2w0twD46JnbM3uuwFzFr96Mv09c

job_id

TEST:linaro@lkft#2w0u14eQR7px5dmrFCgo4vyETYO

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2w0u14eQR7px5dmrFCgo4vyETYO

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2w0tyFt71oC7hJPjO2Lp1z5eNSk/bzImage
sha256sum	e1a0a670e3284fb549fd95960a226bdbc1a4af89130c9d16d29bf73d85314532

rootfs

url	https://storage.tuxboot.com/debian/trixie/amd64/rootfs.ext4.xz
sha256sum	46d08c6812c5a56498fb2daa39090f5328578b27d1cc7e901eb03c5578fd0198

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2w0tyFt71oC7hJPjO2Lp1z5eNSk/modules.tar.xz
sha256sum	da9e898c86df01bfb1c22097602c3f24707b53ff8e5ee0c9842a12edfaa298c0

durations

tests

boot	0
kunit	26.78

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.2.2+ds-1+b2

[   21.067591] ==================================================================
[   21.068266] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   21.068969] Write of size 1 at addr ffff00000dc594da by task kunit_try_catch/212
[   21.069642] 
[   21.069797] CPU: 4 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   21.069833] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.069842] Hardware name: Radxa ROCK Pi 4B (DT)
[   21.069853] Call trace:
[   21.069862]  show_stack+0x20/0x38 (C)
[   21.069885]  dump_stack_lvl+0x8c/0xd0
[   21.069905]  print_report+0x118/0x608
[   21.069924]  kasan_report+0xdc/0x128
[   21.069942]  __asan_report_store1_noabort+0x20/0x30
[   21.069964]  krealloc_less_oob_helper+0xa80/0xc50
[   21.069988]  krealloc_less_oob+0x20/0x38
[   21.070010]  kunit_try_run_case+0x170/0x3f0
[   21.070034]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.070059]  kthread+0x328/0x630
[   21.070082]  ret_from_fork+0x10/0x20
[   21.070103] 
[   21.076032] Allocated by task 212:
[   21.076349]  kasan_save_stack+0x3c/0x68
[   21.076711]  kasan_save_track+0x20/0x40
[   21.077068]  kasan_save_alloc_info+0x40/0x58
[   21.077467]  __kasan_krealloc+0x118/0x178
[   21.077840]  krealloc_noprof+0x128/0x360
[   21.078207]  krealloc_less_oob_helper+0x168/0xc50
[   21.078645]  krealloc_less_oob+0x20/0x38
[   21.079015]  kunit_try_run_case+0x170/0x3f0
[   21.079407]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.079915]  kthread+0x328/0x630
[   21.080223]  ret_from_fork+0x10/0x20
[   21.080560] 
[   21.080706] The buggy address belongs to the object at ffff00000dc59400
[   21.080706]  which belongs to the cache kmalloc-256 of size 256
[   21.081822] The buggy address is located 17 bytes to the right of
[   21.081822]  allocated 201-byte region [ffff00000dc59400, ffff00000dc594c9)
[   21.082987] 
[   21.083133] The buggy address belongs to the physical page:
[   21.083638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdc58
[   21.084347] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.085037] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff)
[   21.085673] page_type: f5(slab)
[   21.085971] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000
[   21.086671] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.087370] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000
[   21.088076] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.088782] head: 03fffe0000000001 fffffdffc0371601 00000000ffffffff 00000000ffffffff
[   21.089488] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   21.090189] page dumped because: kasan: bad access detected
[   21.090693] 
[   21.090837] Memory state around the buggy address:
[   21.091273]  ffff00000dc59380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.091926]  ffff00000dc59400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.092578] >ffff00000dc59480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   21.093227]                                                     ^
[   21.093778]  ffff00000dc59500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.094430]  ffff00000dc59580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.095079] ==================================================================
[   21.248842] ==================================================================
[   21.249514] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   21.250217] Write of size 1 at addr ffff00000def60da by task kunit_try_catch/216
[   21.250890] 
[   21.251045] CPU: 4 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   21.251081] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.251090] Hardware name: Radxa ROCK Pi 4B (DT)
[   21.251102] Call trace:
[   21.251110]  show_stack+0x20/0x38 (C)
[   21.251133]  dump_stack_lvl+0x8c/0xd0
[   21.251154]  print_report+0x118/0x608
[   21.251173]  kasan_report+0xdc/0x128
[   21.251191]  __asan_report_store1_noabort+0x20/0x30
[   21.251213]  krealloc_less_oob_helper+0xa80/0xc50
[   21.251237]  krealloc_large_less_oob+0x20/0x38
[   21.251260]  kunit_try_run_case+0x170/0x3f0
[   21.251283]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.251309]  kthread+0x328/0x630
[   21.251332]  ret_from_fork+0x10/0x20
[   21.251353] 
[   21.257329] The buggy address belongs to the physical page:
[   21.257834] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdef4
[   21.258544] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.259235] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff)
[   21.259870] page_type: f8(unknown)
[   21.260193] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.260892] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.261592] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.262299] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.263005] head: 03fffe0000000002 fffffdffc037bd01 00000000ffffffff 00000000ffffffff
[   21.263711] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.264412] page dumped because: kasan: bad access detected
[   21.264915] 
[   21.265060] Memory state around the buggy address:
[   21.265497]  ffff00000def5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.266149]  ffff00000def6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.266801] >ffff00000def6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   21.267449]                                                     ^
[   21.268001]  ffff00000def6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.268653]  ffff00000def6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.269301] ==================================================================
[   21.124347] ==================================================================
[   21.125001] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   21.125692] Write of size 1 at addr ffff00000dc594eb by task kunit_try_catch/212
[   21.126361] 
[   21.126510] CPU: 4 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   21.126542] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.126550] Hardware name: Radxa ROCK Pi 4B (DT)
[   21.126560] Call trace:
[   21.126567]  show_stack+0x20/0x38 (C)
[   21.126587]  dump_stack_lvl+0x8c/0xd0
[   21.126605]  print_report+0x118/0x608
[   21.126623]  kasan_report+0xdc/0x128
[   21.126641]  __asan_report_store1_noabort+0x20/0x30
[   21.126663]  krealloc_less_oob_helper+0xa58/0xc50
[   21.126686]  krealloc_less_oob+0x20/0x38
[   21.126708]  kunit_try_run_case+0x170/0x3f0
[   21.126731]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.126756]  kthread+0x328/0x630
[   21.126777]  ret_from_fork+0x10/0x20
[   21.126797] 
[   21.132727] Allocated by task 212:
[   21.133042]  kasan_save_stack+0x3c/0x68
[   21.133400]  kasan_save_track+0x20/0x40
[   21.133756]  kasan_save_alloc_info+0x40/0x58
[   21.134155]  __kasan_krealloc+0x118/0x178
[   21.134529]  krealloc_noprof+0x128/0x360
[   21.134894]  krealloc_less_oob_helper+0x168/0xc50
[   21.135333]  krealloc_less_oob+0x20/0x38
[   21.135702]  kunit_try_run_case+0x170/0x3f0
[   21.136095]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.136602]  kthread+0x328/0x630
[   21.136911]  ret_from_fork+0x10/0x20
[   21.137247] 
[   21.137392] The buggy address belongs to the object at ffff00000dc59400
[   21.137392]  which belongs to the cache kmalloc-256 of size 256
[   21.138507] The buggy address is located 34 bytes to the right of
[   21.138507]  allocated 201-byte region [ffff00000dc59400, ffff00000dc594c9)
[   21.139670] 
[   21.139816] The buggy address belongs to the physical page:
[   21.140319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdc58
[   21.141026] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.141715] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff)
[   21.142347] page_type: f5(slab)
[   21.142643] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000
[   21.143343] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.144043] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000
[   21.144750] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.145456] head: 03fffe0000000001 fffffdffc0371601 00000000ffffffff 00000000ffffffff
[   21.146162] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   21.146863] page dumped because: kasan: bad access detected
[   21.147367] 
[   21.147511] Memory state around the buggy address:
[   21.147946]  ffff00000dc59380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.148597]  ffff00000dc59400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.149249] >ffff00000dc59480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   21.149897]                                                           ^
[   21.150494]  ffff00000dc59500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.151145]  ffff00000dc59580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.151793] ==================================================================
[   21.038263] ==================================================================
[   21.038936] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   21.039650] Write of size 1 at addr ffff00000dc594d0 by task kunit_try_catch/212
[   21.040334] 
[   21.040497] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   21.040545] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.040559] Hardware name: Radxa ROCK Pi 4B (DT)
[   21.040576] Call trace:
[   21.040586]  show_stack+0x20/0x38 (C)
[   21.040617]  dump_stack_lvl+0x8c/0xd0
[   21.040648]  print_report+0x118/0x608
[   21.040677]  kasan_report+0xdc/0x128
[   21.040704]  __asan_report_store1_noabort+0x20/0x30
[   21.040738]  krealloc_less_oob_helper+0xb9c/0xc50
[   21.040773]  krealloc_less_oob+0x20/0x38
[   21.040806]  kunit_try_run_case+0x170/0x3f0
[   21.040840]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.040878]  kthread+0x328/0x630
[   21.040911]  ret_from_fork+0x10/0x20
[   21.040942] 
[   21.046921] Allocated by task 212:
[   21.047247]  kasan_save_stack+0x3c/0x68
[   21.047618]  kasan_save_track+0x20/0x40
[   21.047990]  kasan_save_alloc_info+0x40/0x58
[   21.048401]  __kasan_krealloc+0x118/0x178
[   21.048788]  krealloc_noprof+0x128/0x360
[   21.049168]  krealloc_less_oob_helper+0x168/0xc50
[   21.049622]  krealloc_less_oob+0x20/0x38
[   21.050005]  kunit_try_run_case+0x170/0x3f0
[   21.050409]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.050933]  kthread+0x328/0x630
[   21.051255]  ret_from_fork+0x10/0x20
[   21.051604] 
[   21.051757] The buggy address belongs to the object at ffff00000dc59400
[   21.051757]  which belongs to the cache kmalloc-256 of size 256
[   21.052888] The buggy address is located 7 bytes to the right of
[   21.052888]  allocated 201-byte region [ffff00000dc59400, ffff00000dc594c9)
[   21.054061] 
[   21.054214] The buggy address belongs to the physical page:
[   21.054729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdc58
[   21.055452] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.056156] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff)
[   21.056807] page_type: f5(slab)
[   21.057119] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000
[   21.057834] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.058549] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000
[   21.059271] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.059994] head: 03fffe0000000001 fffffdffc0371601 00000000ffffffff 00000000ffffffff
[   21.060716] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   21.061431] page dumped because: kasan: bad access detected
[   21.061943] 
[   21.062096] Memory state around the buggy address:
[   21.062543]  ffff00000dc59380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.063208]  ffff00000dc59400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.063873] >ffff00000dc59480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   21.064534]                                                  ^
[   21.065073]  ffff00000dc59500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.065738]  ffff00000dc59580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.066400] ==================================================================
[   21.096023] ==================================================================
[   21.096676] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   21.097367] Write of size 1 at addr ffff00000dc594ea by task kunit_try_catch/212
[   21.098035] 
[   21.098184] CPU: 4 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   21.098216] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.098224] Hardware name: Radxa ROCK Pi 4B (DT)
[   21.098234] Call trace:
[   21.098241]  show_stack+0x20/0x38 (C)
[   21.098260]  dump_stack_lvl+0x8c/0xd0
[   21.098278]  print_report+0x118/0x608
[   21.098296]  kasan_report+0xdc/0x128
[   21.098314]  __asan_report_store1_noabort+0x20/0x30
[   21.098336]  krealloc_less_oob_helper+0xae4/0xc50
[   21.098359]  krealloc_less_oob+0x20/0x38
[   21.098381]  kunit_try_run_case+0x170/0x3f0
[   21.098403]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.098428]  kthread+0x328/0x630
[   21.098450]  ret_from_fork+0x10/0x20
[   21.098470] 
[   21.104398] Allocated by task 212:
[   21.104712]  kasan_save_stack+0x3c/0x68
[   21.105072]  kasan_save_track+0x20/0x40
[   21.105431]  kasan_save_alloc_info+0x40/0x58
[   21.105829]  __kasan_krealloc+0x118/0x178
[   21.106203]  krealloc_noprof+0x128/0x360
[   21.106567]  krealloc_less_oob_helper+0x168/0xc50
[   21.107005]  krealloc_less_oob+0x20/0x38
[   21.107375]  kunit_try_run_case+0x170/0x3f0
[   21.107767]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.108274]  kthread+0x328/0x630
[   21.108584]  ret_from_fork+0x10/0x20
[   21.108921] 
[   21.109066] The buggy address belongs to the object at ffff00000dc59400
[   21.109066]  which belongs to the cache kmalloc-256 of size 256
[   21.110182] The buggy address is located 33 bytes to the right of
[   21.110182]  allocated 201-byte region [ffff00000dc59400, ffff00000dc594c9)
[   21.111345] 
[   21.111491] The buggy address belongs to the physical page:
[   21.111993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdc58
[   21.112700] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.113389] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff)
[   21.114021] page_type: f5(slab)
[   21.114319] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000
[   21.115018] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.115717] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000
[   21.116424] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.117131] head: 03fffe0000000001 fffffdffc0371601 00000000ffffffff 00000000ffffffff
[   21.117836] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   21.118536] page dumped because: kasan: bad access detected
[   21.119040] 
[   21.119185] Memory state around the buggy address:
[   21.119620]  ffff00000dc59380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.120271]  ffff00000dc59400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.120921] >ffff00000dc59480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   21.121570]                                                           ^
[   21.122167]  ffff00000dc59500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.122818]  ffff00000dc59580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.123466] ==================================================================
[   21.008896] ==================================================================
[   21.009937] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   21.010658] Write of size 1 at addr ffff00000dc594c9 by task kunit_try_catch/212
[   21.011342] 
[   21.011505] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   21.011553] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.011567] Hardware name: Radxa ROCK Pi 4B (DT)
[   21.011583] Call trace:
[   21.011594]  show_stack+0x20/0x38 (C)
[   21.011626]  dump_stack_lvl+0x8c/0xd0
[   21.011657]  print_report+0x118/0x608
[   21.011686]  kasan_report+0xdc/0x128
[   21.011713]  __asan_report_store1_noabort+0x20/0x30
[   21.011747]  krealloc_less_oob_helper+0xa48/0xc50
[   21.011783]  krealloc_less_oob+0x20/0x38
[   21.011816]  kunit_try_run_case+0x170/0x3f0
[   21.011850]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.011889]  kthread+0x328/0x630
[   21.011922]  ret_from_fork+0x10/0x20
[   21.011954] 
[   21.017936] Allocated by task 212:
[   21.018261]  kasan_save_stack+0x3c/0x68
[   21.018634]  kasan_save_track+0x20/0x40
[   21.019005]  kasan_save_alloc_info+0x40/0x58
[   21.019417]  __kasan_krealloc+0x118/0x178
[   21.019804]  krealloc_noprof+0x128/0x360
[   21.020183]  krealloc_less_oob_helper+0x168/0xc50
[   21.020637]  krealloc_less_oob+0x20/0x38
[   21.021021]  kunit_try_run_case+0x170/0x3f0
[   21.021426]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.021950]  kthread+0x328/0x630
[   21.022273]  ret_from_fork+0x10/0x20
[   21.022623] 
[   21.022776] The buggy address belongs to the object at ffff00000dc59400
[   21.022776]  which belongs to the cache kmalloc-256 of size 256
[   21.023907] The buggy address is located 0 bytes to the right of
[   21.023907]  allocated 201-byte region [ffff00000dc59400, ffff00000dc594c9)
[   21.025079] 
[   21.025233] The buggy address belongs to the physical page:
[   21.025750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdc58
[   21.026473] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.027178] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff)
[   21.027831] page_type: f5(slab)
[   21.028145] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000
[   21.028860] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.029575] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000
[   21.030297] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.031020] head: 03fffe0000000001 fffffdffc0371601 00000000ffffffff 00000000ffffffff
[   21.031742] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   21.032457] page dumped because: kasan: bad access detected
[   21.032972] 
[   21.033124] Memory state around the buggy address:
[   21.033572]  ffff00000dc59380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.034237]  ffff00000dc59400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.034902] >ffff00000dc59480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   21.035563]                                               ^
[   21.036081]  ffff00000dc59500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.036746]  ffff00000dc59580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.037407] ==================================================================
[   21.291373] ==================================================================
[   21.292027] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   21.292716] Write of size 1 at addr ffff00000def60eb by task kunit_try_catch/216
[   21.293385] 
[   21.293534] CPU: 4 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   21.293565] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.293574] Hardware name: Radxa ROCK Pi 4B (DT)
[   21.293583] Call trace:
[   21.293590]  show_stack+0x20/0x38 (C)
[   21.293610]  dump_stack_lvl+0x8c/0xd0
[   21.293628]  print_report+0x118/0x608
[   21.293646]  kasan_report+0xdc/0x128
[   21.293664]  __asan_report_store1_noabort+0x20/0x30
[   21.293686]  krealloc_less_oob_helper+0xa58/0xc50
[   21.293709]  krealloc_large_less_oob+0x20/0x38
[   21.293732]  kunit_try_run_case+0x170/0x3f0
[   21.293754]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.293780]  kthread+0x328/0x630
[   21.293802]  ret_from_fork+0x10/0x20
[   21.293821] 
[   21.299792] The buggy address belongs to the physical page:
[   21.300296] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdef4
[   21.301002] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.301692] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff)
[   21.302323] page_type: f8(unknown)
[   21.302643] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.303342] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.304040] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.304746] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.305453] head: 03fffe0000000002 fffffdffc037bd01 00000000ffffffff 00000000ffffffff
[   21.306158] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.306860] page dumped because: kasan: bad access detected
[   21.307363] 
[   21.307508] Memory state around the buggy address:
[   21.307944]  ffff00000def5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.308596]  ffff00000def6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.309247] >ffff00000def6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   21.309895]                                                           ^
[   21.310492]  ffff00000def6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.311142]  ffff00000def6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.311791] ==================================================================
[   21.227232] ==================================================================
[   21.227894] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   21.228594] Write of size 1 at addr ffff00000def60d0 by task kunit_try_catch/216
[   21.229265] 
[   21.229419] CPU: 2 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   21.229453] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.229463] Hardware name: Radxa ROCK Pi 4B (DT)
[   21.229476] Call trace:
[   21.229484]  show_stack+0x20/0x38 (C)
[   21.229507]  dump_stack_lvl+0x8c/0xd0
[   21.229529]  print_report+0x118/0x608
[   21.229550]  kasan_report+0xdc/0x128
[   21.229569]  __asan_report_store1_noabort+0x20/0x30
[   21.229594]  krealloc_less_oob_helper+0xb9c/0xc50
[   21.229619]  krealloc_large_less_oob+0x20/0x38
[   21.229644]  kunit_try_run_case+0x170/0x3f0
[   21.229669]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.229697]  kthread+0x328/0x630
[   21.229722]  ret_from_fork+0x10/0x20
[   21.229745] 
[   21.235732] The buggy address belongs to the physical page:
[   21.236238] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdef4
[   21.236948] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.237641] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff)
[   21.238278] page_type: f8(unknown)
[   21.238601] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.239302] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.240004] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.240712] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.241422] head: 03fffe0000000002 fffffdffc037bd01 00000000ffffffff 00000000ffffffff
[   21.242132] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.242835] page dumped because: kasan: bad access detected
[   21.243341] 
[   21.243486] Memory state around the buggy address:
[   21.243924]  ffff00000def5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.244577]  ffff00000def6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.245231] >ffff00000def6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   21.245882]                                                  ^
[   21.246411]  ffff00000def6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.247064]  ffff00000def6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.247714] ==================================================================
[   21.205424] ==================================================================
[   21.206504] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   21.207217] Write of size 1 at addr ffff00000def60c9 by task kunit_try_catch/216
[   21.207889] 
[   21.208046] CPU: 2 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   21.208082] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.208092] Hardware name: Radxa ROCK Pi 4B (DT)
[   21.208104] Call trace:
[   21.208113]  show_stack+0x20/0x38 (C)
[   21.208137]  dump_stack_lvl+0x8c/0xd0
[   21.208160]  print_report+0x118/0x608
[   21.208181]  kasan_report+0xdc/0x128
[   21.208201]  __asan_report_store1_noabort+0x20/0x30
[   21.208226]  krealloc_less_oob_helper+0xa48/0xc50
[   21.208251]  krealloc_large_less_oob+0x20/0x38
[   21.208276]  kunit_try_run_case+0x170/0x3f0
[   21.208302]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.208330]  kthread+0x328/0x630
[   21.208355]  ret_from_fork+0x10/0x20
[   21.208379] 
[   21.214365] The buggy address belongs to the physical page:
[   21.214872] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdef4
[   21.215583] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.216277] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff)
[   21.216914] page_type: f8(unknown)
[   21.217238] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.217941] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.218643] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.219352] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.220062] head: 03fffe0000000002 fffffdffc037bd01 00000000ffffffff 00000000ffffffff
[   21.220772] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.221476] page dumped because: kasan: bad access detected
[   21.221982] 
[   21.222128] Memory state around the buggy address:
[   21.222567]  ffff00000def5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.223221]  ffff00000def6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.223875] >ffff00000def6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   21.224526]                                               ^
[   21.225034]  ffff00000def6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.225687]  ffff00000def6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.226337] ==================================================================
[   21.270138] ==================================================================
[   21.270790] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   21.271480] Write of size 1 at addr ffff00000def60ea by task kunit_try_catch/216
[   21.272149] 
[   21.272297] CPU: 4 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   21.272329] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.272337] Hardware name: Radxa ROCK Pi 4B (DT)
[   21.272347] Call trace:
[   21.272354]  show_stack+0x20/0x38 (C)
[   21.272373]  dump_stack_lvl+0x8c/0xd0
[   21.272392]  print_report+0x118/0x608
[   21.272410]  kasan_report+0xdc/0x128
[   21.272428]  __asan_report_store1_noabort+0x20/0x30
[   21.272450]  krealloc_less_oob_helper+0xae4/0xc50
[   21.272473]  krealloc_large_less_oob+0x20/0x38
[   21.272496]  kunit_try_run_case+0x170/0x3f0
[   21.272518]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.272544]  kthread+0x328/0x630
[   21.272565]  ret_from_fork+0x10/0x20
[   21.272586] 
[   21.278561] The buggy address belongs to the physical page:
[   21.279064] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdef4
[   21.279773] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.280463] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff)
[   21.281095] page_type: f8(unknown)
[   21.281415] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.282115] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.282814] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.283520] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.284226] head: 03fffe0000000002 fffffdffc037bd01 00000000ffffffff 00000000ffffffff
[   21.284932] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.285634] page dumped because: kasan: bad access detected
[   21.286137] 
[   21.286282] Memory state around the buggy address:
[   21.286719]  ffff00000def5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.287370]  ffff00000def6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.288022] >ffff00000def6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   21.288671]                                                           ^
[   21.289269]  ffff00000def6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.289920]  ffff00000def6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.290568] ==================================================================

Metadata Full log Test run details

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit

Failure - rk3399-rock-pi-4b - gcc-13-lkftconfig-kunit