lkft/linux-mainline-master - v6.16-rc5-121-gbc9ff192a6c9 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper

Date

July 10, 2025, 11:10 p.m.

Environment
qemu-arm64
qemu-x86_64

[   15.792538] ==================================================================
[   15.792613] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   15.792685] Write of size 1 at addr fff00000c17b6cc9 by task kunit_try_catch/158
[   15.792733] 
[   15.792766] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   15.792850] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.792877] Hardware name: linux,dummy-virt (DT)
[   15.792912] Call trace:
[   15.792934]  show_stack+0x20/0x38 (C)
[   15.792988]  dump_stack_lvl+0x8c/0xd0
[   15.793038]  print_report+0x118/0x608
[   15.793107]  kasan_report+0xdc/0x128
[   15.793154]  __asan_report_store1_noabort+0x20/0x30
[   15.793205]  krealloc_less_oob_helper+0xa48/0xc50
[   15.793263]  krealloc_less_oob+0x20/0x38
[   15.793310]  kunit_try_run_case+0x170/0x3f0
[   15.793358]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.793411]  kthread+0x328/0x630
[   15.793454]  ret_from_fork+0x10/0x20
[   15.793511] 
[   15.793530] Allocated by task 158:
[   15.793565]  kasan_save_stack+0x3c/0x68
[   15.793605]  kasan_save_track+0x20/0x40
[   15.793642]  kasan_save_alloc_info+0x40/0x58
[   15.793681]  __kasan_krealloc+0x118/0x178
[   15.793723]  krealloc_noprof+0x128/0x360
[   15.793797]  krealloc_less_oob_helper+0x168/0xc50
[   15.793843]  krealloc_less_oob+0x20/0x38
[   15.793880]  kunit_try_run_case+0x170/0x3f0
[   15.793918]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.793961]  kthread+0x328/0x630
[   15.793993]  ret_from_fork+0x10/0x20
[   15.794028] 
[   15.794047] The buggy address belongs to the object at fff00000c17b6c00
[   15.794047]  which belongs to the cache kmalloc-256 of size 256
[   15.794444] The buggy address is located 0 bytes to the right of
[   15.794444]  allocated 201-byte region [fff00000c17b6c00, fff00000c17b6cc9)
[   15.794512] 
[   15.794532] The buggy address belongs to the physical page:
[   15.794562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6
[   15.794613] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.794671] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   15.794757] page_type: f5(slab)
[   15.794795] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   15.794937] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.795006] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   15.795065] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.795151] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff
[   15.795259] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   15.795341] page dumped because: kasan: bad access detected
[   15.795372] 
[   15.795389] Memory state around the buggy address:
[   15.795460]  fff00000c17b6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.795505]  fff00000c17b6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.795789] >fff00000c17b6c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   15.795857]                                               ^
[   15.795925]  fff00000c17b6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.796013]  fff00000c17b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.796062] ==================================================================
[   15.867644] ==================================================================
[   15.867821] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   15.867883] Write of size 1 at addr fff00000c663e0eb by task kunit_try_catch/162
[   15.867932] 
[   15.868275] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   15.868399] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.868447] Hardware name: linux,dummy-virt (DT)
[   15.868481] Call trace:
[   15.868511]  show_stack+0x20/0x38 (C)
[   15.868657]  dump_stack_lvl+0x8c/0xd0
[   15.868717]  print_report+0x118/0x608
[   15.868765]  kasan_report+0xdc/0x128
[   15.868837]  __asan_report_store1_noabort+0x20/0x30
[   15.868890]  krealloc_less_oob_helper+0xa58/0xc50
[   15.868939]  krealloc_large_less_oob+0x20/0x38
[   15.868987]  kunit_try_run_case+0x170/0x3f0
[   15.869045]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.869125]  kthread+0x328/0x630
[   15.869169]  ret_from_fork+0x10/0x20
[   15.869217] 
[   15.869237] The buggy address belongs to the physical page:
[   15.869275] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10663c
[   15.869326] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.869378] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   15.869442] page_type: f8(unknown)
[   15.869480] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   15.869542] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   15.869590] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   15.869637] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   15.869684] head: 0bfffe0000000002 ffffc1ffc3198f01 00000000ffffffff 00000000ffffffff
[   15.869730] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   15.869767] page dumped because: kasan: bad access detected
[   15.870102] 
[   15.870286] Memory state around the buggy address:
[   15.870354]  fff00000c663df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.870398]  fff00000c663e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.870438] >fff00000c663e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   15.870797]                                                           ^
[   15.871002]  fff00000c663e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.871451]  fff00000c663e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.871568] ==================================================================
[   15.860574] ==================================================================
[   15.860644] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   15.860796] Write of size 1 at addr fff00000c663e0ea by task kunit_try_catch/162
[   15.860850] 
[   15.860878] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   15.860981] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.861007] Hardware name: linux,dummy-virt (DT)
[   15.861035] Call trace:
[   15.861065]  show_stack+0x20/0x38 (C)
[   15.861129]  dump_stack_lvl+0x8c/0xd0
[   15.861366]  print_report+0x118/0x608
[   15.861423]  kasan_report+0xdc/0x128
[   15.861469]  __asan_report_store1_noabort+0x20/0x30
[   15.861521]  krealloc_less_oob_helper+0xae4/0xc50
[   15.861569]  krealloc_large_less_oob+0x20/0x38
[   15.861616]  kunit_try_run_case+0x170/0x3f0
[   15.861662]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.861715]  kthread+0x328/0x630
[   15.861756]  ret_from_fork+0x10/0x20
[   15.861803] 
[   15.861828] The buggy address belongs to the physical page:
[   15.861866] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10663c
[   15.861917] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.861961] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   15.862009] page_type: f8(unknown)
[   15.863921] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   15.864606] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   15.864693] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   15.864778] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   15.864851] head: 0bfffe0000000002 ffffc1ffc3198f01 00000000ffffffff 00000000ffffffff
[   15.865102] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   15.865269] page dumped because: kasan: bad access detected
[   15.865767] 
[   15.865866] Memory state around the buggy address:
[   15.865924]  fff00000c663df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.865990]  fff00000c663e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.866140] >fff00000c663e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   15.866222]                                                           ^
[   15.866279]  fff00000c663e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.866337]  fff00000c663e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.866576] ==================================================================
[   15.816233] ==================================================================
[   15.816277] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   15.816324] Write of size 1 at addr fff00000c17b6ceb by task kunit_try_catch/158
[   15.816371] 
[   15.816399] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   15.816502] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.816528] Hardware name: linux,dummy-virt (DT)
[   15.816564] Call trace:
[   15.816594]  show_stack+0x20/0x38 (C)
[   15.816641]  dump_stack_lvl+0x8c/0xd0
[   15.816688]  print_report+0x118/0x608
[   15.816734]  kasan_report+0xdc/0x128
[   15.816779]  __asan_report_store1_noabort+0x20/0x30
[   15.816831]  krealloc_less_oob_helper+0xa58/0xc50
[   15.816888]  krealloc_less_oob+0x20/0x38
[   15.816934]  kunit_try_run_case+0x170/0x3f0
[   15.816982]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.817037]  kthread+0x328/0x630
[   15.817095]  ret_from_fork+0x10/0x20
[   15.817143] 
[   15.817160] Allocated by task 158:
[   15.817195]  kasan_save_stack+0x3c/0x68
[   15.817235]  kasan_save_track+0x20/0x40
[   15.817271]  kasan_save_alloc_info+0x40/0x58
[   15.817311]  __kasan_krealloc+0x118/0x178
[   15.817348]  krealloc_noprof+0x128/0x360
[   15.817384]  krealloc_less_oob_helper+0x168/0xc50
[   15.817422]  krealloc_less_oob+0x20/0x38
[   15.817463]  kunit_try_run_case+0x170/0x3f0
[   15.817500]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.817542]  kthread+0x328/0x630
[   15.817574]  ret_from_fork+0x10/0x20
[   15.817609] 
[   15.817627] The buggy address belongs to the object at fff00000c17b6c00
[   15.817627]  which belongs to the cache kmalloc-256 of size 256
[   15.817690] The buggy address is located 34 bytes to the right of
[   15.817690]  allocated 201-byte region [fff00000c17b6c00, fff00000c17b6cc9)
[   15.817782] 
[   15.817801] The buggy address belongs to the physical page:
[   15.817833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6
[   15.817883] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.817927] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   15.817976] page_type: f5(slab)
[   15.818012] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   15.818445] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.818518] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   15.818577] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.818637] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff
[   15.818703] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   15.818818] page dumped because: kasan: bad access detected
[   15.818899] 
[   15.818949] Memory state around the buggy address:
[   15.818981]  fff00000c17b6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.819027]  fff00000c17b6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.819100] >fff00000c17b6c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   15.819148]                                                           ^
[   15.819185]  fff00000c17b6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.819239]  fff00000c17b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.819275] ==================================================================
[   15.796973] ==================================================================
[   15.797049] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   15.797114] Write of size 1 at addr fff00000c17b6cd0 by task kunit_try_catch/158
[   15.797187] 
[   15.797217] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   15.797491] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.797527] Hardware name: linux,dummy-virt (DT)
[   15.797577] Call trace:
[   15.797604]  show_stack+0x20/0x38 (C)
[   15.797678]  dump_stack_lvl+0x8c/0xd0
[   15.797775]  print_report+0x118/0x608
[   15.797829]  kasan_report+0xdc/0x128
[   15.797894]  __asan_report_store1_noabort+0x20/0x30
[   15.797947]  krealloc_less_oob_helper+0xb9c/0xc50
[   15.798004]  krealloc_less_oob+0x20/0x38
[   15.798090]  kunit_try_run_case+0x170/0x3f0
[   15.798141]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.798221]  kthread+0x328/0x630
[   15.798263]  ret_from_fork+0x10/0x20
[   15.798310] 
[   15.798328] Allocated by task 158:
[   15.798364]  kasan_save_stack+0x3c/0x68
[   15.798404]  kasan_save_track+0x20/0x40
[   15.798533]  kasan_save_alloc_info+0x40/0x58
[   15.798618]  __kasan_krealloc+0x118/0x178
[   15.798755]  krealloc_noprof+0x128/0x360
[   15.798853]  krealloc_less_oob_helper+0x168/0xc50
[   15.798930]  krealloc_less_oob+0x20/0x38
[   15.799024]  kunit_try_run_case+0x170/0x3f0
[   15.799063]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.799375]  kthread+0x328/0x630
[   15.799483]  ret_from_fork+0x10/0x20
[   15.799563] 
[   15.799665] The buggy address belongs to the object at fff00000c17b6c00
[   15.799665]  which belongs to the cache kmalloc-256 of size 256
[   15.799861] The buggy address is located 7 bytes to the right of
[   15.799861]  allocated 201-byte region [fff00000c17b6c00, fff00000c17b6cc9)
[   15.799955] 
[   15.799974] The buggy address belongs to the physical page:
[   15.800003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6
[   15.800156] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.800374] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   15.800466] page_type: f5(slab)
[   15.800521] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   15.800602] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.800650] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   15.800898] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.800985] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff
[   15.801095] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   15.801152] page dumped because: kasan: bad access detected
[   15.801218] 
[   15.801303] Memory state around the buggy address:
[   15.801333]  fff00000c17b6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.801382]  fff00000c17b6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.801532] >fff00000c17b6c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   15.801681]                                                  ^
[   15.801743]  fff00000c17b6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.801812]  fff00000c17b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.801859] ==================================================================
[   15.851289] ==================================================================
[   15.851373] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   15.851447] Write of size 1 at addr fff00000c663e0c9 by task kunit_try_catch/162
[   15.851502] 
[   15.851556] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   15.851639] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.851664] Hardware name: linux,dummy-virt (DT)
[   15.851705] Call trace:
[   15.851728]  show_stack+0x20/0x38 (C)
[   15.851778]  dump_stack_lvl+0x8c/0xd0
[   15.851958]  print_report+0x118/0x608
[   15.852175]  kasan_report+0xdc/0x128
[   15.852255]  __asan_report_store1_noabort+0x20/0x30
[   15.852317]  krealloc_less_oob_helper+0xa48/0xc50
[   15.852373]  krealloc_large_less_oob+0x20/0x38
[   15.852421]  kunit_try_run_case+0x170/0x3f0
[   15.852478]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.852531]  kthread+0x328/0x630
[   15.852574]  ret_from_fork+0x10/0x20
[   15.852671] 
[   15.852700] The buggy address belongs to the physical page:
[   15.852749] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10663c
[   15.852802] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.852856] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   15.852912] page_type: f8(unknown)
[   15.853059] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   15.853228] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   15.853356] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   15.853425] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   15.853480] head: 0bfffe0000000002 ffffc1ffc3198f01 00000000ffffffff 00000000ffffffff
[   15.853534] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   15.853653] page dumped because: kasan: bad access detected
[   15.853684] 
[   15.853701] Memory state around the buggy address:
[   15.853860]  fff00000c663df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.853933]  fff00000c663e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.853986] >fff00000c663e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   15.854035]                                               ^
[   15.854157]  fff00000c663e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.854225]  fff00000c663e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.854302] ==================================================================
[   15.811269] ==================================================================
[   15.811335] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   15.811386] Write of size 1 at addr fff00000c17b6cea by task kunit_try_catch/158
[   15.811443] 
[   15.811505] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   15.811589] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.811614] Hardware name: linux,dummy-virt (DT)
[   15.811644] Call trace:
[   15.811665]  show_stack+0x20/0x38 (C)
[   15.811830]  dump_stack_lvl+0x8c/0xd0
[   15.812041]  print_report+0x118/0x608
[   15.812136]  kasan_report+0xdc/0x128
[   15.812203]  __asan_report_store1_noabort+0x20/0x30
[   15.812255]  krealloc_less_oob_helper+0xae4/0xc50
[   15.812321]  krealloc_less_oob+0x20/0x38
[   15.812396]  kunit_try_run_case+0x170/0x3f0
[   15.812451]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.812505]  kthread+0x328/0x630
[   15.812558]  ret_from_fork+0x10/0x20
[   15.812607] 
[   15.812625] Allocated by task 158:
[   15.812757]  kasan_save_stack+0x3c/0x68
[   15.812824]  kasan_save_track+0x20/0x40
[   15.812950]  kasan_save_alloc_info+0x40/0x58
[   15.813069]  __kasan_krealloc+0x118/0x178
[   15.813131]  krealloc_noprof+0x128/0x360
[   15.813250]  krealloc_less_oob_helper+0x168/0xc50
[   15.813332]  krealloc_less_oob+0x20/0x38
[   15.813396]  kunit_try_run_case+0x170/0x3f0
[   15.813453]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.813497]  kthread+0x328/0x630
[   15.813553]  ret_from_fork+0x10/0x20
[   15.813599] 
[   15.813655] The buggy address belongs to the object at fff00000c17b6c00
[   15.813655]  which belongs to the cache kmalloc-256 of size 256
[   15.813721] The buggy address is located 33 bytes to the right of
[   15.813721]  allocated 201-byte region [fff00000c17b6c00, fff00000c17b6cc9)
[   15.813831] 
[   15.813858] The buggy address belongs to the physical page:
[   15.813888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6
[   15.813954] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.814135] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   15.814304] page_type: f5(slab)
[   15.814383] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   15.814480] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.814599] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   15.814675] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.814797] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff
[   15.814876] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   15.814945] page dumped because: kasan: bad access detected
[   15.814988] 
[   15.815067] Memory state around the buggy address:
[   15.815168]  fff00000c17b6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.815220]  fff00000c17b6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.815260] >fff00000c17b6c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   15.815412]                                                           ^
[   15.815618]  fff00000c17b6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.815721]  fff00000c17b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.815800] ==================================================================
[   15.854903] ==================================================================
[   15.854971] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   15.855019] Write of size 1 at addr fff00000c663e0d0 by task kunit_try_catch/162
[   15.855072] 
[   15.855112] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   15.855290] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.855321] Hardware name: linux,dummy-virt (DT)
[   15.855374] Call trace:
[   15.855400]  show_stack+0x20/0x38 (C)
[   15.855456]  dump_stack_lvl+0x8c/0xd0
[   15.855516]  print_report+0x118/0x608
[   15.855562]  kasan_report+0xdc/0x128
[   15.855608]  __asan_report_store1_noabort+0x20/0x30
[   15.855659]  krealloc_less_oob_helper+0xb9c/0xc50
[   15.855708]  krealloc_large_less_oob+0x20/0x38
[   15.855767]  kunit_try_run_case+0x170/0x3f0
[   15.855814]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.855889]  kthread+0x328/0x630
[   15.855931]  ret_from_fork+0x10/0x20
[   15.855978] 
[   15.855997] The buggy address belongs to the physical page:
[   15.856025] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10663c
[   15.856074] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.856130] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   15.856178] page_type: f8(unknown)
[   15.856214] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   15.856262] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   15.856309] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   15.856356] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   15.856403] head: 0bfffe0000000002 ffffc1ffc3198f01 00000000ffffffff 00000000ffffffff
[   15.856449] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   15.856497] page dumped because: kasan: bad access detected
[   15.856532] 
[   15.856549] Memory state around the buggy address:
[   15.856578]  fff00000c663df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.856617]  fff00000c663e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.856658] >fff00000c663e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   15.856693]                                                  ^
[   15.856726]  fff00000c663e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.856766]  fff00000c663e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.856810] ==================================================================
[   15.802394] ==================================================================
[   15.802466] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   15.802523] Write of size 1 at addr fff00000c17b6cda by task kunit_try_catch/158
[   15.802579] 
[   15.802623] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   15.802729] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.802759] Hardware name: linux,dummy-virt (DT)
[   15.802790] Call trace:
[   15.802818]  show_stack+0x20/0x38 (C)
[   15.802873]  dump_stack_lvl+0x8c/0xd0
[   15.802920]  print_report+0x118/0x608
[   15.802972]  kasan_report+0xdc/0x128
[   15.803018]  __asan_report_store1_noabort+0x20/0x30
[   15.803070]  krealloc_less_oob_helper+0xa80/0xc50
[   15.803131]  krealloc_less_oob+0x20/0x38
[   15.803176]  kunit_try_run_case+0x170/0x3f0
[   15.803239]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.803302]  kthread+0x328/0x630
[   15.803344]  ret_from_fork+0x10/0x20
[   15.803391] 
[   15.803423] Allocated by task 158:
[   15.803458]  kasan_save_stack+0x3c/0x68
[   15.803498]  kasan_save_track+0x20/0x40
[   15.803534]  kasan_save_alloc_info+0x40/0x58
[   15.803578]  __kasan_krealloc+0x118/0x178
[   15.803624]  krealloc_noprof+0x128/0x360
[   15.803661]  krealloc_less_oob_helper+0x168/0xc50
[   15.803699]  krealloc_less_oob+0x20/0x38
[   15.803742]  kunit_try_run_case+0x170/0x3f0
[   15.803780]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.803822]  kthread+0x328/0x630
[   15.803854]  ret_from_fork+0x10/0x20
[   15.803888] 
[   15.803906] The buggy address belongs to the object at fff00000c17b6c00
[   15.803906]  which belongs to the cache kmalloc-256 of size 256
[   15.803968] The buggy address is located 17 bytes to the right of
[   15.803968]  allocated 201-byte region [fff00000c17b6c00, fff00000c17b6cc9)
[   15.804029] 
[   15.804057] The buggy address belongs to the physical page:
[   15.804096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6
[   15.804145] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.804189] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   15.804237] page_type: f5(slab)
[   15.804274] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   15.804321] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.804626] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   15.805797] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.805883] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff
[   15.807110] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   15.807155] page dumped because: kasan: bad access detected
[   15.807185] 
[   15.808866] Memory state around the buggy address:
[   15.808907]  fff00000c17b6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.809777]  fff00000c17b6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.810153] >fff00000c17b6c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   15.810196]                                                     ^
[   15.810233]  fff00000c17b6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.810296]  fff00000c17b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.810333] ==================================================================
[   15.856859] ==================================================================
[   15.856892] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   15.856932] Write of size 1 at addr fff00000c663e0da by task kunit_try_catch/162
[   15.856978] 
[   15.857003] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   15.857087] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.857138] Hardware name: linux,dummy-virt (DT)
[   15.857168] Call trace:
[   15.857187]  show_stack+0x20/0x38 (C)
[   15.857234]  dump_stack_lvl+0x8c/0xd0
[   15.857279]  print_report+0x118/0x608
[   15.857325]  kasan_report+0xdc/0x128
[   15.857370]  __asan_report_store1_noabort+0x20/0x30
[   15.857421]  krealloc_less_oob_helper+0xa80/0xc50
[   15.857824]  krealloc_large_less_oob+0x20/0x38
[   15.857928]  kunit_try_run_case+0x170/0x3f0
[   15.858017]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   15.858188]  kthread+0x328/0x630
[   15.858265]  ret_from_fork+0x10/0x20
[   15.858395] 
[   15.858426] The buggy address belongs to the physical page:
[   15.858462] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10663c
[   15.858595] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.858672] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   15.858778] page_type: f8(unknown)
[   15.858824] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   15.858873] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   15.858920] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   15.858966] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   15.859013] head: 0bfffe0000000002 ffffc1ffc3198f01 00000000ffffffff 00000000ffffffff
[   15.859300] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   15.859392] page dumped because: kasan: bad access detected
[   15.859504] 
[   15.859544] Memory state around the buggy address:
[   15.859601]  fff00000c663df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.859702]  fff00000c663e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.859749] >fff00000c663e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   15.859798]                                                     ^
[   15.859888]  fff00000c663e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.859934]  fff00000c663e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.859993] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zhh1TJxKKGPTGH75tVSg7ZQ5K3

job_id

TEST:linaro@lkft#2zhh6X6WqdeLDmlh57VpXaQEIUm

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zhh6X6WqdeLDmlh57VpXaQEIUm

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zhh2whOnzYxMMUeqyuTKj9MhA1/Image.gz
sha256sum	6a33a49c12017576e8ec763ec43b279cc0364750541d180ab972292e17b20e1f

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zhh2whOnzYxMMUeqyuTKj9MhA1/modules.tar.xz
sha256sum	763eb41fbf87dbccc620abd6da1c60b3280f435cb05c0722314c5afc56c818a8

durations

tests

boot	0
kunit	169.25

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   12.451592] ==================================================================
[   12.452119] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   12.452537] Write of size 1 at addr ffff8881003588da by task kunit_try_catch/175
[   12.452849] 
[   12.452953] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.452990] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.453001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.453020] Call Trace:
[   12.453034]  <TASK>
[   12.453047]  dump_stack_lvl+0x73/0xb0
[   12.453074]  print_report+0xd1/0x650
[   12.453096]  ? __virt_addr_valid+0x1db/0x2d0
[   12.453117]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.453140]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.453162]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.453186]  kasan_report+0x141/0x180
[   12.453208]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.453236]  __asan_report_store1_noabort+0x1b/0x30
[   12.453262]  krealloc_less_oob_helper+0xec6/0x11d0
[   12.453288]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.453312]  ? irqentry_exit+0x2a/0x60
[   12.453332]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.453372]  ? __pfx_read_tsc+0x10/0x10
[   12.453406]  krealloc_less_oob+0x1c/0x30
[   12.453427]  kunit_try_run_case+0x1a5/0x480
[   12.453451]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.453484]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.453507]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.453530]  ? __kthread_parkme+0x82/0x180
[   12.453550]  ? preempt_count_sub+0x50/0x80
[   12.453572]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.453596]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.453620]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.453644]  kthread+0x337/0x6f0
[   12.453663]  ? trace_preempt_on+0x20/0xc0
[   12.453685]  ? __pfx_kthread+0x10/0x10
[   12.453705]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.453726]  ? calculate_sigpending+0x7b/0xa0
[   12.453749]  ? __pfx_kthread+0x10/0x10
[   12.453770]  ret_from_fork+0x116/0x1d0
[   12.453788]  ? __pfx_kthread+0x10/0x10
[   12.453808]  ret_from_fork_asm+0x1a/0x30
[   12.453839]  </TASK>
[   12.453848] 
[   12.461151] Allocated by task 175:
[   12.461280]  kasan_save_stack+0x45/0x70
[   12.461506]  kasan_save_track+0x18/0x40
[   12.461765]  kasan_save_alloc_info+0x3b/0x50
[   12.461982]  __kasan_krealloc+0x190/0x1f0
[   12.462184]  krealloc_noprof+0xf3/0x340
[   12.462382]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.462660]  krealloc_less_oob+0x1c/0x30
[   12.462821]  kunit_try_run_case+0x1a5/0x480
[   12.462966]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.463140]  kthread+0x337/0x6f0
[   12.463257]  ret_from_fork+0x116/0x1d0
[   12.463405]  ret_from_fork_asm+0x1a/0x30
[   12.463604] 
[   12.463701] The buggy address belongs to the object at ffff888100358800
[   12.463701]  which belongs to the cache kmalloc-256 of size 256
[   12.464238] The buggy address is located 17 bytes to the right of
[   12.464238]  allocated 201-byte region [ffff888100358800, ffff8881003588c9)
[   12.464854] 
[   12.464978] The buggy address belongs to the physical page:
[   12.465286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100358
[   12.465995] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.466327] flags: 0x200000000000040(head|node=0|zone=2)
[   12.467204] page_type: f5(slab)
[   12.467345] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.468296] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.469000] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.469231] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.469471] head: 0200000000000001 ffffea000400d601 00000000ffffffff 00000000ffffffff
[   12.469692] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.469905] page dumped because: kasan: bad access detected
[   12.470066] 
[   12.470134] Memory state around the buggy address:
[   12.470280]  ffff888100358780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.470549]  ffff888100358800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.470761] >ffff888100358880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.471073]                                                     ^
[   12.471568]  ffff888100358900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.471832]  ffff888100358980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.472359] ==================================================================
[   12.577356] ==================================================================
[   12.577806] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   12.578176] Write of size 1 at addr ffff8881021160d0 by task kunit_try_catch/179
[   12.578720] 
[   12.578806] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.578844] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.578854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.578872] Call Trace:
[   12.578884]  <TASK>
[   12.578898]  dump_stack_lvl+0x73/0xb0
[   12.578925]  print_report+0xd1/0x650
[   12.578947]  ? __virt_addr_valid+0x1db/0x2d0
[   12.578968]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.578992]  ? kasan_addr_to_slab+0x11/0xa0
[   12.579012]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.579036]  kasan_report+0x141/0x180
[   12.579057]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.579085]  __asan_report_store1_noabort+0x1b/0x30
[   12.579110]  krealloc_less_oob_helper+0xe23/0x11d0
[   12.579137]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.579162]  ? finish_task_switch.isra.0+0x153/0x700
[   12.579183]  ? __switch_to+0x47/0xf50
[   12.579207]  ? __schedule+0x10cc/0x2b60
[   12.579228]  ? __pfx_read_tsc+0x10/0x10
[   12.579252]  krealloc_large_less_oob+0x1c/0x30
[   12.579275]  kunit_try_run_case+0x1a5/0x480
[   12.579298]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.579321]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.579345]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.579392]  ? __kthread_parkme+0x82/0x180
[   12.579412]  ? preempt_count_sub+0x50/0x80
[   12.579435]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.579504]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.579528]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.579553]  kthread+0x337/0x6f0
[   12.579572]  ? trace_preempt_on+0x20/0xc0
[   12.579595]  ? __pfx_kthread+0x10/0x10
[   12.579615]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.579636]  ? calculate_sigpending+0x7b/0xa0
[   12.579659]  ? __pfx_kthread+0x10/0x10
[   12.579680]  ret_from_fork+0x116/0x1d0
[   12.579698]  ? __pfx_kthread+0x10/0x10
[   12.579718]  ret_from_fork_asm+0x1a/0x30
[   12.579748]  </TASK>
[   12.579757] 
[   12.587205] The buggy address belongs to the physical page:
[   12.587586] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102114
[   12.587891] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.588192] flags: 0x200000000000040(head|node=0|zone=2)
[   12.588421] page_type: f8(unknown)
[   12.588638] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.588924] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.589212] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.589719] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.590014] head: 0200000000000002 ffffea0004084501 00000000ffffffff 00000000ffffffff
[   12.590308] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.590713] page dumped because: kasan: bad access detected
[   12.590887] 
[   12.590955] Memory state around the buggy address:
[   12.591104]  ffff888102115f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.591319]  ffff888102116000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.591627] >ffff888102116080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.592010]                                                  ^
[   12.592307]  ffff888102116100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.592668]  ffff888102116180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.592881] ==================================================================
[   12.503289] ==================================================================
[   12.503723] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   12.503999] Write of size 1 at addr ffff8881003588eb by task kunit_try_catch/175
[   12.504292] 
[   12.504408] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.504447] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.504458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.504476] Call Trace:
[   12.504488]  <TASK>
[   12.504501]  dump_stack_lvl+0x73/0xb0
[   12.504528]  print_report+0xd1/0x650
[   12.504550]  ? __virt_addr_valid+0x1db/0x2d0
[   12.504571]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.504594]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.504616]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.504640]  kasan_report+0x141/0x180
[   12.504662]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.504690]  __asan_report_store1_noabort+0x1b/0x30
[   12.504717]  krealloc_less_oob_helper+0xd47/0x11d0
[   12.504743]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.504767]  ? irqentry_exit+0x2a/0x60
[   12.504788]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.504816]  ? __pfx_read_tsc+0x10/0x10
[   12.504840]  krealloc_less_oob+0x1c/0x30
[   12.504861]  kunit_try_run_case+0x1a5/0x480
[   12.504884]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.504906]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.504929]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.504952]  ? __kthread_parkme+0x82/0x180
[   12.504972]  ? preempt_count_sub+0x50/0x80
[   12.504995]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.505018]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.505042]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.505067]  kthread+0x337/0x6f0
[   12.505085]  ? trace_preempt_on+0x20/0xc0
[   12.505108]  ? __pfx_kthread+0x10/0x10
[   12.505128]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.505149]  ? calculate_sigpending+0x7b/0xa0
[   12.505172]  ? __pfx_kthread+0x10/0x10
[   12.505193]  ret_from_fork+0x116/0x1d0
[   12.505211]  ? __pfx_kthread+0x10/0x10
[   12.505230]  ret_from_fork_asm+0x1a/0x30
[   12.505260]  </TASK>
[   12.505270] 
[   12.512241] Allocated by task 175:
[   12.512419]  kasan_save_stack+0x45/0x70
[   12.512583]  kasan_save_track+0x18/0x40
[   12.512775]  kasan_save_alloc_info+0x3b/0x50
[   12.512959]  __kasan_krealloc+0x190/0x1f0
[   12.513111]  krealloc_noprof+0xf3/0x340
[   12.513244]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.513415]  krealloc_less_oob+0x1c/0x30
[   12.513630]  kunit_try_run_case+0x1a5/0x480
[   12.513836]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.514085]  kthread+0x337/0x6f0
[   12.514250]  ret_from_fork+0x116/0x1d0
[   12.514402]  ret_from_fork_asm+0x1a/0x30
[   12.514694] 
[   12.514761] The buggy address belongs to the object at ffff888100358800
[   12.514761]  which belongs to the cache kmalloc-256 of size 256
[   12.515224] The buggy address is located 34 bytes to the right of
[   12.515224]  allocated 201-byte region [ffff888100358800, ffff8881003588c9)
[   12.515957] 
[   12.516040] The buggy address belongs to the physical page:
[   12.516274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100358
[   12.516633] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.516917] flags: 0x200000000000040(head|node=0|zone=2)
[   12.517116] page_type: f5(slab)
[   12.517275] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.517596] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.517884] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.518193] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.518477] head: 0200000000000001 ffffea000400d601 00000000ffffffff 00000000ffffffff
[   12.518831] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.519056] page dumped because: kasan: bad access detected
[   12.519226] 
[   12.519295] Memory state around the buggy address:
[   12.519576]  ffff888100358780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.519904]  ffff888100358800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.520226] >ffff888100358880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.520586]                                                           ^
[   12.520789]  ffff888100358900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.521000]  ffff888100358980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.521291] ==================================================================
[   12.627965] ==================================================================
[   12.628218] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   12.628836] Write of size 1 at addr ffff8881021160eb by task kunit_try_catch/179
[   12.629220] 
[   12.629332] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.629389] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.629400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.629421] Call Trace:
[   12.629436]  <TASK>
[   12.629450]  dump_stack_lvl+0x73/0xb0
[   12.629480]  print_report+0xd1/0x650
[   12.629503]  ? __virt_addr_valid+0x1db/0x2d0
[   12.629526]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.629551]  ? kasan_addr_to_slab+0x11/0xa0
[   12.629572]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.629596]  kasan_report+0x141/0x180
[   12.629821]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.629851]  __asan_report_store1_noabort+0x1b/0x30
[   12.629877]  krealloc_less_oob_helper+0xd47/0x11d0
[   12.629904]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.629929]  ? finish_task_switch.isra.0+0x153/0x700
[   12.629952]  ? __switch_to+0x47/0xf50
[   12.629977]  ? __schedule+0x10cc/0x2b60
[   12.629999]  ? __pfx_read_tsc+0x10/0x10
[   12.630022]  krealloc_large_less_oob+0x1c/0x30
[   12.630046]  kunit_try_run_case+0x1a5/0x480
[   12.630069]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.630092]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.630116]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.630140]  ? __kthread_parkme+0x82/0x180
[   12.630160]  ? preempt_count_sub+0x50/0x80
[   12.630183]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.630207]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.630232]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.630257]  kthread+0x337/0x6f0
[   12.630275]  ? trace_preempt_on+0x20/0xc0
[   12.630298]  ? __pfx_kthread+0x10/0x10
[   12.630318]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.630340]  ? calculate_sigpending+0x7b/0xa0
[   12.630376]  ? __pfx_kthread+0x10/0x10
[   12.630398]  ret_from_fork+0x116/0x1d0
[   12.630416]  ? __pfx_kthread+0x10/0x10
[   12.630436]  ret_from_fork_asm+0x1a/0x30
[   12.630467]  </TASK>
[   12.630477] 
[   12.640771] The buggy address belongs to the physical page:
[   12.641208] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102114
[   12.641666] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.641967] flags: 0x200000000000040(head|node=0|zone=2)
[   12.642208] page_type: f8(unknown)
[   12.642378] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.642956] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.643390] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.643863] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.644249] head: 0200000000000002 ffffea0004084501 00000000ffffffff 00000000ffffffff
[   12.644716] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.645136] page dumped because: kasan: bad access detected
[   12.645689] 
[   12.645807] Memory state around the buggy address:
[   12.645999]  ffff888102115f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.646572]  ffff888102116000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.646884] >ffff888102116080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.647176]                                                           ^
[   12.647721]  ffff888102116100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.648036]  ffff888102116180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.648470] ==================================================================
[   12.474014] ==================================================================
[   12.474638] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   12.474876] Write of size 1 at addr ffff8881003588ea by task kunit_try_catch/175
[   12.475089] 
[   12.475170] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.475209] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.475221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.475240] Call Trace:
[   12.475250]  <TASK>
[   12.475263]  dump_stack_lvl+0x73/0xb0
[   12.475290]  print_report+0xd1/0x650
[   12.475312]  ? __virt_addr_valid+0x1db/0x2d0
[   12.475336]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.475359]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.475402]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.475446]  kasan_report+0x141/0x180
[   12.475796]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.475831]  __asan_report_store1_noabort+0x1b/0x30
[   12.475858]  krealloc_less_oob_helper+0xe90/0x11d0
[   12.475884]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.475909]  ? irqentry_exit+0x2a/0x60
[   12.475929]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.475959]  ? __pfx_read_tsc+0x10/0x10
[   12.475983]  krealloc_less_oob+0x1c/0x30
[   12.476004]  kunit_try_run_case+0x1a5/0x480
[   12.476027]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.476050]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.476072]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.476095]  ? __kthread_parkme+0x82/0x180
[   12.476115]  ? preempt_count_sub+0x50/0x80
[   12.476139]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.476162]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.476193]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.476218]  kthread+0x337/0x6f0
[   12.476236]  ? trace_preempt_on+0x20/0xc0
[   12.476258]  ? __pfx_kthread+0x10/0x10
[   12.476278]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.476299]  ? calculate_sigpending+0x7b/0xa0
[   12.476323]  ? __pfx_kthread+0x10/0x10
[   12.476344]  ret_from_fork+0x116/0x1d0
[   12.476549]  ? __pfx_kthread+0x10/0x10
[   12.476581]  ret_from_fork_asm+0x1a/0x30
[   12.476611]  </TASK>
[   12.476621] 
[   12.488165] Allocated by task 175:
[   12.488342]  kasan_save_stack+0x45/0x70
[   12.488975]  kasan_save_track+0x18/0x40
[   12.489225]  kasan_save_alloc_info+0x3b/0x50
[   12.489551]  __kasan_krealloc+0x190/0x1f0
[   12.489926]  krealloc_noprof+0xf3/0x340
[   12.490227]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.490606]  krealloc_less_oob+0x1c/0x30
[   12.490800]  kunit_try_run_case+0x1a5/0x480
[   12.490994]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.491224]  kthread+0x337/0x6f0
[   12.491384]  ret_from_fork+0x116/0x1d0
[   12.491975]  ret_from_fork_asm+0x1a/0x30
[   12.492231] 
[   12.492476] The buggy address belongs to the object at ffff888100358800
[   12.492476]  which belongs to the cache kmalloc-256 of size 256
[   12.493207] The buggy address is located 33 bytes to the right of
[   12.493207]  allocated 201-byte region [ffff888100358800, ffff8881003588c9)
[   12.493997] 
[   12.494086] The buggy address belongs to the physical page:
[   12.494313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100358
[   12.494959] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.495575] flags: 0x200000000000040(head|node=0|zone=2)
[   12.495889] page_type: f5(slab)
[   12.496163] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.496666] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.496984] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.497287] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.498046] head: 0200000000000001 ffffea000400d601 00000000ffffffff 00000000ffffffff
[   12.498558] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.499181] page dumped because: kasan: bad access detected
[   12.499684] 
[   12.499772] Memory state around the buggy address:
[   12.500164]  ffff888100358780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.500693]  ffff888100358800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.501174] >ffff888100358880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.501987]                                                           ^
[   12.502202]  ffff888100358900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.502550]  ffff888100358980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.502799] ==================================================================
[   12.608947] ==================================================================
[   12.609341] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   12.609688] Write of size 1 at addr ffff8881021160ea by task kunit_try_catch/179
[   12.609906] 
[   12.609983] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.610019] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.610029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.610046] Call Trace:
[   12.610060]  <TASK>
[   12.610073]  dump_stack_lvl+0x73/0xb0
[   12.610097]  print_report+0xd1/0x650
[   12.610118]  ? __virt_addr_valid+0x1db/0x2d0
[   12.610139]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.610161]  ? kasan_addr_to_slab+0x11/0xa0
[   12.610180]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.610202]  kasan_report+0x141/0x180
[   12.610223]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.610249]  __asan_report_store1_noabort+0x1b/0x30
[   12.610273]  krealloc_less_oob_helper+0xe90/0x11d0
[   12.610297]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.610320]  ? finish_task_switch.isra.0+0x153/0x700
[   12.610340]  ? __switch_to+0x47/0xf50
[   12.610416]  ? __schedule+0x10cc/0x2b60
[   12.610441]  ? __pfx_read_tsc+0x10/0x10
[   12.610465]  krealloc_large_less_oob+0x1c/0x30
[   12.610488]  kunit_try_run_case+0x1a5/0x480
[   12.610511]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.610534]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.610556]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.610579]  ? __kthread_parkme+0x82/0x180
[   12.610599]  ? preempt_count_sub+0x50/0x80
[   12.610621]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.610645]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.610668]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.610693]  kthread+0x337/0x6f0
[   12.610711]  ? trace_preempt_on+0x20/0xc0
[   12.610734]  ? __pfx_kthread+0x10/0x10
[   12.610754]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.610775]  ? calculate_sigpending+0x7b/0xa0
[   12.610798]  ? __pfx_kthread+0x10/0x10
[   12.610819]  ret_from_fork+0x116/0x1d0
[   12.610837]  ? __pfx_kthread+0x10/0x10
[   12.610858]  ret_from_fork_asm+0x1a/0x30
[   12.610887]  </TASK>
[   12.610896] 
[   12.618619] The buggy address belongs to the physical page:
[   12.618878] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102114
[   12.619244] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.619729] flags: 0x200000000000040(head|node=0|zone=2)
[   12.620085] page_type: f8(unknown)
[   12.620263] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.621070] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.621953] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.622236] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.623442] head: 0200000000000002 ffffea0004084501 00000000ffffffff 00000000ffffffff
[   12.623761] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.624084] page dumped because: kasan: bad access detected
[   12.624330] 
[   12.624874] Memory state around the buggy address:
[   12.625073]  ffff888102115f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.625542]  ffff888102116000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.625839] >ffff888102116080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.626129]                                                           ^
[   12.626657]  ffff888102116100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.626912]  ffff888102116180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.627204] ==================================================================
[   12.593219] ==================================================================
[   12.593563] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   12.593918] Write of size 1 at addr ffff8881021160da by task kunit_try_catch/179
[   12.594438] 
[   12.594548] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.594585] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.594596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.594614] Call Trace:
[   12.594625]  <TASK>
[   12.594638]  dump_stack_lvl+0x73/0xb0
[   12.594665]  print_report+0xd1/0x650
[   12.594686]  ? __virt_addr_valid+0x1db/0x2d0
[   12.594708]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.594731]  ? kasan_addr_to_slab+0x11/0xa0
[   12.594751]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.594775]  kasan_report+0x141/0x180
[   12.594796]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.594825]  __asan_report_store1_noabort+0x1b/0x30
[   12.594850]  krealloc_less_oob_helper+0xec6/0x11d0
[   12.594875]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.594900]  ? finish_task_switch.isra.0+0x153/0x700
[   12.594922]  ? __switch_to+0x47/0xf50
[   12.594945]  ? __schedule+0x10cc/0x2b60
[   12.594966]  ? __pfx_read_tsc+0x10/0x10
[   12.594990]  krealloc_large_less_oob+0x1c/0x30
[   12.595013]  kunit_try_run_case+0x1a5/0x480
[   12.595036]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.595058]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.595081]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.595105]  ? __kthread_parkme+0x82/0x180
[   12.595124]  ? preempt_count_sub+0x50/0x80
[   12.595147]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.595170]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.595194]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.595219]  kthread+0x337/0x6f0
[   12.595237]  ? trace_preempt_on+0x20/0xc0
[   12.595260]  ? __pfx_kthread+0x10/0x10
[   12.595280]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.595301]  ? calculate_sigpending+0x7b/0xa0
[   12.595325]  ? __pfx_kthread+0x10/0x10
[   12.595346]  ret_from_fork+0x116/0x1d0
[   12.595373]  ? __pfx_kthread+0x10/0x10
[   12.595394]  ret_from_fork_asm+0x1a/0x30
[   12.595424]  </TASK>
[   12.595433] 
[   12.602580] The buggy address belongs to the physical page:
[   12.602839] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102114
[   12.603197] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.603542] flags: 0x200000000000040(head|node=0|zone=2)
[   12.603764] page_type: f8(unknown)
[   12.603893] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.604122] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.604770] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.605123] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.605405] head: 0200000000000002 ffffea0004084501 00000000ffffffff 00000000ffffffff
[   12.606077] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.606494] page dumped because: kasan: bad access detected
[   12.606793] 
[   12.606883] Memory state around the buggy address:
[   12.607036]  ffff888102115f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.607373]  ffff888102116000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.607666] >ffff888102116080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.607876]                                                     ^
[   12.608058]  ffff888102116100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.608275]  ffff888102116180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.608570] ==================================================================
[   12.561066] ==================================================================
[   12.561568] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   12.562216] Write of size 1 at addr ffff8881021160c9 by task kunit_try_catch/179
[   12.562548] 
[   12.562850] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.562894] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.562906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.562924] Call Trace:
[   12.562935]  <TASK>
[   12.562950]  dump_stack_lvl+0x73/0xb0
[   12.562981]  print_report+0xd1/0x650
[   12.563003]  ? __virt_addr_valid+0x1db/0x2d0
[   12.563026]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.563050]  ? kasan_addr_to_slab+0x11/0xa0
[   12.563070]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.563094]  kasan_report+0x141/0x180
[   12.563115]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.563144]  __asan_report_store1_noabort+0x1b/0x30
[   12.563168]  krealloc_less_oob_helper+0xd70/0x11d0
[   12.563194]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.563219]  ? finish_task_switch.isra.0+0x153/0x700
[   12.563241]  ? __switch_to+0x47/0xf50
[   12.563266]  ? __schedule+0x10cc/0x2b60
[   12.563288]  ? __pfx_read_tsc+0x10/0x10
[   12.563311]  krealloc_large_less_oob+0x1c/0x30
[   12.563334]  kunit_try_run_case+0x1a5/0x480
[   12.563385]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.563408]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.563431]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.563454]  ? __kthread_parkme+0x82/0x180
[   12.563476]  ? preempt_count_sub+0x50/0x80
[   12.563498]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.563522]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.563546]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.563570]  kthread+0x337/0x6f0
[   12.563589]  ? trace_preempt_on+0x20/0xc0
[   12.563612]  ? __pfx_kthread+0x10/0x10
[   12.563632]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.563653]  ? calculate_sigpending+0x7b/0xa0
[   12.563676]  ? __pfx_kthread+0x10/0x10
[   12.563697]  ret_from_fork+0x116/0x1d0
[   12.563715]  ? __pfx_kthread+0x10/0x10
[   12.563735]  ret_from_fork_asm+0x1a/0x30
[   12.563765]  </TASK>
[   12.563774] 
[   12.571213] The buggy address belongs to the physical page:
[   12.571435] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102114
[   12.571701] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.572080] flags: 0x200000000000040(head|node=0|zone=2)
[   12.572271] page_type: f8(unknown)
[   12.572422] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.572816] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.573166] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.573555] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.573798] head: 0200000000000002 ffffea0004084501 00000000ffffffff 00000000ffffffff
[   12.574050] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.574391] page dumped because: kasan: bad access detected
[   12.574725] 
[   12.574832] Memory state around the buggy address:
[   12.575035]  ffff888102115f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.575441]  ffff888102116000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.575740] >ffff888102116080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.576000]                                               ^
[   12.576207]  ffff888102116100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.576432]  ffff888102116180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.576940] ==================================================================
[   12.406585] ==================================================================
[   12.408840] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   12.410122] Write of size 1 at addr ffff8881003588c9 by task kunit_try_catch/175
[   12.411360] 
[   12.411623] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.411678] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.411690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.411711] Call Trace:
[   12.411723]  <TASK>
[   12.411739]  dump_stack_lvl+0x73/0xb0
[   12.411770]  print_report+0xd1/0x650
[   12.411791]  ? __virt_addr_valid+0x1db/0x2d0
[   12.411814]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.411838]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.411860]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.411884]  kasan_report+0x141/0x180
[   12.411906]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.411934]  __asan_report_store1_noabort+0x1b/0x30
[   12.411960]  krealloc_less_oob_helper+0xd70/0x11d0
[   12.411985]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.412010]  ? irqentry_exit+0x2a/0x60
[   12.412031]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.412059]  ? __pfx_read_tsc+0x10/0x10
[   12.412083]  krealloc_less_oob+0x1c/0x30
[   12.412104]  kunit_try_run_case+0x1a5/0x480
[   12.412127]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.412149]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.412172]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.412203]  ? __kthread_parkme+0x82/0x180
[   12.412224]  ? preempt_count_sub+0x50/0x80
[   12.412247]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.412271]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.412294]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.412318]  kthread+0x337/0x6f0
[   12.412336]  ? trace_preempt_on+0x20/0xc0
[   12.412360]  ? __pfx_kthread+0x10/0x10
[   12.412392]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.412413]  ? calculate_sigpending+0x7b/0xa0
[   12.412436]  ? __pfx_kthread+0x10/0x10
[   12.412457]  ret_from_fork+0x116/0x1d0
[   12.412474]  ? __pfx_kthread+0x10/0x10
[   12.412494]  ret_from_fork_asm+0x1a/0x30
[   12.412570]  </TASK>
[   12.412580] 
[   12.420416] Allocated by task 175:
[   12.420602]  kasan_save_stack+0x45/0x70
[   12.420819]  kasan_save_track+0x18/0x40
[   12.421051]  kasan_save_alloc_info+0x3b/0x50
[   12.421287]  __kasan_krealloc+0x190/0x1f0
[   12.421554]  krealloc_noprof+0xf3/0x340
[   12.421734]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.421910]  krealloc_less_oob+0x1c/0x30
[   12.422107]  kunit_try_run_case+0x1a5/0x480
[   12.422338]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.422581]  kthread+0x337/0x6f0
[   12.422700]  ret_from_fork+0x116/0x1d0
[   12.422829]  ret_from_fork_asm+0x1a/0x30
[   12.423030] 
[   12.423135] The buggy address belongs to the object at ffff888100358800
[   12.423135]  which belongs to the cache kmalloc-256 of size 256
[   12.423675] The buggy address is located 0 bytes to the right of
[   12.423675]  allocated 201-byte region [ffff888100358800, ffff8881003588c9)
[   12.424085] 
[   12.424157] The buggy address belongs to the physical page:
[   12.424425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100358
[   12.424805] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.425106] flags: 0x200000000000040(head|node=0|zone=2)
[   12.425356] page_type: f5(slab)
[   12.425546] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.425861] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.426195] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.426538] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.426883] head: 0200000000000001 ffffea000400d601 00000000ffffffff 00000000ffffffff
[   12.427208] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.427548] page dumped because: kasan: bad access detected
[   12.427795] 
[   12.427877] Memory state around the buggy address:
[   12.428085]  ffff888100358780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.428372]  ffff888100358800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.428792] >ffff888100358880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.429124]                                               ^
[   12.429562]  ffff888100358900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.429889]  ffff888100358980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.430119] ==================================================================
[   12.431145] ==================================================================
[   12.431687] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   12.432111] Write of size 1 at addr ffff8881003588d0 by task kunit_try_catch/175
[   12.432467] 
[   12.432585] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.432623] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.432635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.432665] Call Trace:
[   12.432675]  <TASK>
[   12.432688]  dump_stack_lvl+0x73/0xb0
[   12.432717]  print_report+0xd1/0x650
[   12.432739]  ? __virt_addr_valid+0x1db/0x2d0
[   12.432760]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.432793]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.432815]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.432839]  kasan_report+0x141/0x180
[   12.432872]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.432901]  __asan_report_store1_noabort+0x1b/0x30
[   12.432927]  krealloc_less_oob_helper+0xe23/0x11d0
[   12.432962]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.432986]  ? irqentry_exit+0x2a/0x60
[   12.433006]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.433045]  ? __pfx_read_tsc+0x10/0x10
[   12.433069]  krealloc_less_oob+0x1c/0x30
[   12.433099]  kunit_try_run_case+0x1a5/0x480
[   12.433122]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.433144]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.433176]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.433199]  ? __kthread_parkme+0x82/0x180
[   12.433219]  ? preempt_count_sub+0x50/0x80
[   12.433241]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.433265]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.433288]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.433312]  kthread+0x337/0x6f0
[   12.433331]  ? trace_preempt_on+0x20/0xc0
[   12.433353]  ? __pfx_kthread+0x10/0x10
[   12.433390]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.433411]  ? calculate_sigpending+0x7b/0xa0
[   12.433445]  ? __pfx_kthread+0x10/0x10
[   12.433466]  ret_from_fork+0x116/0x1d0
[   12.433483]  ? __pfx_kthread+0x10/0x10
[   12.433503]  ret_from_fork_asm+0x1a/0x30
[   12.433533]  </TASK>
[   12.433542] 
[   12.440891] Allocated by task 175:
[   12.441023]  kasan_save_stack+0x45/0x70
[   12.441258]  kasan_save_track+0x18/0x40
[   12.441456]  kasan_save_alloc_info+0x3b/0x50
[   12.441665]  __kasan_krealloc+0x190/0x1f0
[   12.441861]  krealloc_noprof+0xf3/0x340
[   12.442047]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.442269]  krealloc_less_oob+0x1c/0x30
[   12.442414]  kunit_try_run_case+0x1a5/0x480
[   12.442575]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.442828]  kthread+0x337/0x6f0
[   12.443012]  ret_from_fork+0x116/0x1d0
[   12.443212]  ret_from_fork_asm+0x1a/0x30
[   12.443413] 
[   12.443543] The buggy address belongs to the object at ffff888100358800
[   12.443543]  which belongs to the cache kmalloc-256 of size 256
[   12.444038] The buggy address is located 7 bytes to the right of
[   12.444038]  allocated 201-byte region [ffff888100358800, ffff8881003588c9)
[   12.444619] 
[   12.444713] The buggy address belongs to the physical page:
[   12.444943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100358
[   12.445279] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.445677] flags: 0x200000000000040(head|node=0|zone=2)
[   12.445907] page_type: f5(slab)
[   12.446026] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.446253] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.446544] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.446894] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.447235] head: 0200000000000001 ffffea000400d601 00000000ffffffff 00000000ffffffff
[   12.447625] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.447849] page dumped because: kasan: bad access detected
[   12.448017] 
[   12.448084] Memory state around the buggy address:
[   12.448312]  ffff888100358780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.448935]  ffff888100358800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.449271] >ffff888100358880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.449782]                                                  ^
[   12.450048]  ffff888100358900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.450392]  ffff888100358980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.450695] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zhh1TJxKKGPTGH75tVSg7ZQ5K3

job_id

TEST:linaro@lkft#2zhh7dPmlkqdlppZDQ6XzM0iF30

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zhh7dPmlkqdlppZDQ6XzM0iF30

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zhh4brPbFRP8L5HT7aQLwDEuSt/bzImage
sha256sum	51ed52f1f68ba5ea27b558c10c847ec34107981e2f70718cbc1574acf045c7d6

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zhh4brPbFRP8L5HT7aQLwDEuSt/modules.tar.xz
sha256sum	39c646aa7715edec9a01d30f4285c974624ae561cc143942bb43adde90a6040d

durations

tests

boot	0
kunit	203.16

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit