Hay
Date
July 20, 2025, 11:12 p.m.

Environment
qemu-arm64
qemu-x86_64

[   16.460498] ==================================================================
[   16.460545] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   16.460592] Write of size 1 at addr fff00000c653c4eb by task kunit_try_catch/158
[   16.460642] 
[   16.460671] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.460749] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.460775] Hardware name: linux,dummy-virt (DT)
[   16.460804] Call trace:
[   16.460834]  show_stack+0x20/0x38 (C)
[   16.461134]  dump_stack_lvl+0x8c/0xd0
[   16.461416]  print_report+0x118/0x5d0
[   16.461490]  kasan_report+0xdc/0x128
[   16.461536]  __asan_report_store1_noabort+0x20/0x30
[   16.462184]  krealloc_less_oob_helper+0xa58/0xc50
[   16.462665]  krealloc_less_oob+0x20/0x38
[   16.462720]  kunit_try_run_case+0x170/0x3f0
[   16.462871]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.462951]  kthread+0x328/0x630
[   16.463065]  ret_from_fork+0x10/0x20
[   16.463113] 
[   16.463140] Allocated by task 158:
[   16.463225]  kasan_save_stack+0x3c/0x68
[   16.463365]  kasan_save_track+0x20/0x40
[   16.463423]  kasan_save_alloc_info+0x40/0x58
[   16.463549]  __kasan_krealloc+0x118/0x178
[   16.463586]  krealloc_noprof+0x128/0x360
[   16.463654]  krealloc_less_oob_helper+0x168/0xc50
[   16.463692]  krealloc_less_oob+0x20/0x38
[   16.463727]  kunit_try_run_case+0x170/0x3f0
[   16.463926]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.464053]  kthread+0x328/0x630
[   16.464086]  ret_from_fork+0x10/0x20
[   16.464120] 
[   16.464139] The buggy address belongs to the object at fff00000c653c400
[   16.464139]  which belongs to the cache kmalloc-256 of size 256
[   16.464199] The buggy address is located 34 bytes to the right of
[   16.464199]  allocated 201-byte region [fff00000c653c400, fff00000c653c4c9)
[   16.464345] 
[   16.464366] The buggy address belongs to the physical page:
[   16.465018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653c
[   16.465123] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.465187] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.465237] page_type: f5(slab)
[   16.465353] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.465404] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.465460] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.465642] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.465691] head: 0bfffe0000000001 ffffc1ffc3194f01 00000000ffffffff 00000000ffffffff
[   16.466253] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.466305] page dumped because: kasan: bad access detected
[   16.466335] 
[   16.466353] Memory state around the buggy address:
[   16.466385]  fff00000c653c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.466484]  fff00000c653c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.466526] >fff00000c653c480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.466804]                                                           ^
[   16.466925]  fff00000c653c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.467063]  fff00000c653c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.467187] ==================================================================
[   16.400722] ==================================================================
[   16.401106] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   16.401519] Write of size 1 at addr fff00000c653c4c9 by task kunit_try_catch/158
[   16.401572] 
[   16.402001] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.402120] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.402147] Hardware name: linux,dummy-virt (DT)
[   16.402178] Call trace:
[   16.402214]  show_stack+0x20/0x38 (C)
[   16.402266]  dump_stack_lvl+0x8c/0xd0
[   16.402506]  print_report+0x118/0x5d0
[   16.402853]  kasan_report+0xdc/0x128
[   16.402911]  __asan_report_store1_noabort+0x20/0x30
[   16.403198]  krealloc_less_oob_helper+0xa48/0xc50
[   16.403425]  krealloc_less_oob+0x20/0x38
[   16.403556]  kunit_try_run_case+0x170/0x3f0
[   16.403634]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.403687]  kthread+0x328/0x630
[   16.403728]  ret_from_fork+0x10/0x20
[   16.403775] 
[   16.403793] Allocated by task 158:
[   16.403821]  kasan_save_stack+0x3c/0x68
[   16.403862]  kasan_save_track+0x20/0x40
[   16.403916]  kasan_save_alloc_info+0x40/0x58
[   16.403956]  __kasan_krealloc+0x118/0x178
[   16.404125]  krealloc_noprof+0x128/0x360
[   16.404289]  krealloc_less_oob_helper+0x168/0xc50
[   16.404340]  krealloc_less_oob+0x20/0x38
[   16.404377]  kunit_try_run_case+0x170/0x3f0
[   16.404416]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.404546]  kthread+0x328/0x630
[   16.404594]  ret_from_fork+0x10/0x20
[   16.404629] 
[   16.404649] The buggy address belongs to the object at fff00000c653c400
[   16.404649]  which belongs to the cache kmalloc-256 of size 256
[   16.404705] The buggy address is located 0 bytes to the right of
[   16.404705]  allocated 201-byte region [fff00000c653c400, fff00000c653c4c9)
[   16.405204] 
[   16.405249] The buggy address belongs to the physical page:
[   16.405397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653c
[   16.405732] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.406029] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.406553] page_type: f5(slab)
[   16.406779] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.407366] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.408118] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.408393] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.409018] head: 0bfffe0000000001 ffffc1ffc3194f01 00000000ffffffff 00000000ffffffff
[   16.409212] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.409714] page dumped because: kasan: bad access detected
[   16.409864] 
[   16.409918] Memory state around the buggy address:
[   16.410175]  fff00000c653c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.410991]  fff00000c653c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.411650] >fff00000c653c480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.411704]                                               ^
[   16.412376]  fff00000c653c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.412602]  fff00000c653c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.412975] ==================================================================
[   16.440755] ==================================================================
[   16.441471] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   16.441581] Write of size 1 at addr fff00000c653c4da by task kunit_try_catch/158
[   16.441635] 
[   16.441667] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.441748] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.441775] Hardware name: linux,dummy-virt (DT)
[   16.443935] Call trace:
[   16.444120]  show_stack+0x20/0x38 (C)
[   16.444441]  dump_stack_lvl+0x8c/0xd0
[   16.445405]  print_report+0x118/0x5d0
[   16.445612]  kasan_report+0xdc/0x128
[   16.445671]  __asan_report_store1_noabort+0x20/0x30
[   16.445722]  krealloc_less_oob_helper+0xa80/0xc50
[   16.445856]  krealloc_less_oob+0x20/0x38
[   16.446390]  kunit_try_run_case+0x170/0x3f0
[   16.446454]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.446540]  kthread+0x328/0x630
[   16.446583]  ret_from_fork+0x10/0x20
[   16.446635] 
[   16.446728] Allocated by task 158:
[   16.446987]  kasan_save_stack+0x3c/0x68
[   16.447033]  kasan_save_track+0x20/0x40
[   16.447242]  kasan_save_alloc_info+0x40/0x58
[   16.447386]  __kasan_krealloc+0x118/0x178
[   16.447698]  krealloc_noprof+0x128/0x360
[   16.447830]  krealloc_less_oob_helper+0x168/0xc50
[   16.448184]  krealloc_less_oob+0x20/0x38
[   16.448468]  kunit_try_run_case+0x170/0x3f0
[   16.448558]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.448603]  kthread+0x328/0x630
[   16.448634]  ret_from_fork+0x10/0x20
[   16.448669] 
[   16.448688] The buggy address belongs to the object at fff00000c653c400
[   16.448688]  which belongs to the cache kmalloc-256 of size 256
[   16.448746] The buggy address is located 17 bytes to the right of
[   16.448746]  allocated 201-byte region [fff00000c653c400, fff00000c653c4c9)
[   16.448814] 
[   16.448847] The buggy address belongs to the physical page:
[   16.448879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653c
[   16.449105] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.449280] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.449502] page_type: f5(slab)
[   16.449541] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.449591] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.449940] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.450099] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.450208] head: 0bfffe0000000001 ffffc1ffc3194f01 00000000ffffffff 00000000ffffffff
[   16.450348] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.450388] page dumped because: kasan: bad access detected
[   16.450420] 
[   16.450437] Memory state around the buggy address:
[   16.450658]  fff00000c653c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.450803]  fff00000c653c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.450849] >fff00000c653c480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.450885]                                                     ^
[   16.450934]  fff00000c653c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.450978]  fff00000c653c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.451015] ==================================================================
[   16.517056] ==================================================================
[   16.517097] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   16.517580] Write of size 1 at addr fff00000c78c20eb by task kunit_try_catch/162
[   16.517708] 
[   16.517743] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.517913] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.517939] Hardware name: linux,dummy-virt (DT)
[   16.517969] Call trace:
[   16.518015]  show_stack+0x20/0x38 (C)
[   16.518064]  dump_stack_lvl+0x8c/0xd0
[   16.518394]  print_report+0x118/0x5d0
[   16.518465]  kasan_report+0xdc/0x128
[   16.518600]  __asan_report_store1_noabort+0x20/0x30
[   16.518718]  krealloc_less_oob_helper+0xa58/0xc50
[   16.518767]  krealloc_large_less_oob+0x20/0x38
[   16.518821]  kunit_try_run_case+0x170/0x3f0
[   16.518947]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.519002]  kthread+0x328/0x630
[   16.519045]  ret_from_fork+0x10/0x20
[   16.519091] 
[   16.519346] The buggy address belongs to the physical page:
[   16.519494] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c0
[   16.519607] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.519653] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.519703] page_type: f8(unknown)
[   16.519797] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.519907] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.519957] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.520005] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.520275] head: 0bfffe0000000002 ffffc1ffc31e3001 00000000ffffffff 00000000ffffffff
[   16.520386] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.520492] page dumped because: kasan: bad access detected
[   16.520555] 
[   16.520581] Memory state around the buggy address:
[   16.520612]  fff00000c78c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.520654]  fff00000c78c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.520696] >fff00000c78c2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.520733]                                                           ^
[   16.520801]  fff00000c78c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.520849]  fff00000c78c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.521174] ==================================================================
[   16.508068] ==================================================================
[   16.508393] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   16.508443] Write of size 1 at addr fff00000c78c20da by task kunit_try_catch/162
[   16.508490] 
[   16.508518] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.508777] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.508809] Hardware name: linux,dummy-virt (DT)
[   16.508838] Call trace:
[   16.508859]  show_stack+0x20/0x38 (C)
[   16.508920]  dump_stack_lvl+0x8c/0xd0
[   16.508967]  print_report+0x118/0x5d0
[   16.509013]  kasan_report+0xdc/0x128
[   16.509059]  __asan_report_store1_noabort+0x20/0x30
[   16.509109]  krealloc_less_oob_helper+0xa80/0xc50
[   16.509157]  krealloc_large_less_oob+0x20/0x38
[   16.509204]  kunit_try_run_case+0x170/0x3f0
[   16.509260]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.509313]  kthread+0x328/0x630
[   16.509377]  ret_from_fork+0x10/0x20
[   16.509661] 
[   16.509806] The buggy address belongs to the physical page:
[   16.509871] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c0
[   16.509935] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.510134] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.510205] page_type: f8(unknown)
[   16.510354] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.510403] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.510468] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.510567] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.510742] head: 0bfffe0000000002 ffffc1ffc31e3001 00000000ffffffff 00000000ffffffff
[   16.510818] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.511170] page dumped because: kasan: bad access detected
[   16.511281] 
[   16.511322] Memory state around the buggy address:
[   16.511353]  fff00000c78c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.511419]  fff00000c78c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.511461] >fff00000c78c2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.511498]                                                     ^
[   16.511537]  fff00000c78c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.511584]  fff00000c78c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.511650] ==================================================================
[   16.417812] ==================================================================
[   16.418563] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   16.418858] Write of size 1 at addr fff00000c653c4d0 by task kunit_try_catch/158
[   16.418931] 
[   16.419936] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.420675] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.420881] Hardware name: linux,dummy-virt (DT)
[   16.421128] Call trace:
[   16.421379]  show_stack+0x20/0x38 (C)
[   16.421434]  dump_stack_lvl+0x8c/0xd0
[   16.421481]  print_report+0x118/0x5d0
[   16.421526]  kasan_report+0xdc/0x128
[   16.421571]  __asan_report_store1_noabort+0x20/0x30
[   16.422774]  krealloc_less_oob_helper+0xb9c/0xc50
[   16.423298]  krealloc_less_oob+0x20/0x38
[   16.423345]  kunit_try_run_case+0x170/0x3f0
[   16.423397]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.424374]  kthread+0x328/0x630
[   16.424430]  ret_from_fork+0x10/0x20
[   16.425280] 
[   16.425656] Allocated by task 158:
[   16.425813]  kasan_save_stack+0x3c/0x68
[   16.426177]  kasan_save_track+0x20/0x40
[   16.426471]  kasan_save_alloc_info+0x40/0x58
[   16.426860]  __kasan_krealloc+0x118/0x178
[   16.427020]  krealloc_noprof+0x128/0x360
[   16.427741]  krealloc_less_oob_helper+0x168/0xc50
[   16.428378]  krealloc_less_oob+0x20/0x38
[   16.428665]  kunit_try_run_case+0x170/0x3f0
[   16.429011]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.429225]  kthread+0x328/0x630
[   16.429746]  ret_from_fork+0x10/0x20
[   16.430511] 
[   16.430685] The buggy address belongs to the object at fff00000c653c400
[   16.430685]  which belongs to the cache kmalloc-256 of size 256
[   16.430778] The buggy address is located 7 bytes to the right of
[   16.430778]  allocated 201-byte region [fff00000c653c400, fff00000c653c4c9)
[   16.430953] 
[   16.430975] The buggy address belongs to the physical page:
[   16.431007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653c
[   16.431063] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.432133] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.432634] page_type: f5(slab)
[   16.433251] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.433358] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.434194] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.434261] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.434311] head: 0bfffe0000000001 ffffc1ffc3194f01 00000000ffffffff 00000000ffffffff
[   16.434684] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.435698] page dumped because: kasan: bad access detected
[   16.435940] 
[   16.436045] Memory state around the buggy address:
[   16.436119]  fff00000c653c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.436314]  fff00000c653c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.436465] >fff00000c653c480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.436504]                                                  ^
[   16.436541]  fff00000c653c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.436582]  fff00000c653c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.437469] ==================================================================
[   16.512652] ==================================================================
[   16.512730] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   16.512998] Write of size 1 at addr fff00000c78c20ea by task kunit_try_catch/162
[   16.513223] 
[   16.513280] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.513367] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.513501] Hardware name: linux,dummy-virt (DT)
[   16.513607] Call trace:
[   16.513656]  show_stack+0x20/0x38 (C)
[   16.513732]  dump_stack_lvl+0x8c/0xd0
[   16.513786]  print_report+0x118/0x5d0
[   16.513832]  kasan_report+0xdc/0x128
[   16.513878]  __asan_report_store1_noabort+0x20/0x30
[   16.513938]  krealloc_less_oob_helper+0xae4/0xc50
[   16.513986]  krealloc_large_less_oob+0x20/0x38
[   16.514033]  kunit_try_run_case+0x170/0x3f0
[   16.514368]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.514733]  kthread+0x328/0x630
[   16.514817]  ret_from_fork+0x10/0x20
[   16.514864] 
[   16.514884] The buggy address belongs to the physical page:
[   16.514924] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c0
[   16.515240] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.515291] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.515395] page_type: f8(unknown)
[   16.515486] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.515536] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.515598] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.515714] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.516054] head: 0bfffe0000000002 ffffc1ffc31e3001 00000000ffffffff 00000000ffffffff
[   16.516118] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.516158] page dumped because: kasan: bad access detected
[   16.516188] 
[   16.516206] Memory state around the buggy address:
[   16.516505]  fff00000c78c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.516577]  fff00000c78c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.516660] >fff00000c78c2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.516725]                                                           ^
[   16.516818]  fff00000c78c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.516860]  fff00000c78c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.516907] ==================================================================
[   16.497049] ==================================================================
[   16.497108] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   16.497177] Write of size 1 at addr fff00000c78c20c9 by task kunit_try_catch/162
[   16.497400] 
[   16.497434] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.497765] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.498146] Hardware name: linux,dummy-virt (DT)
[   16.498220] Call trace:
[   16.498344]  show_stack+0x20/0x38 (C)
[   16.498397]  dump_stack_lvl+0x8c/0xd0
[   16.498447]  print_report+0x118/0x5d0
[   16.498494]  kasan_report+0xdc/0x128
[   16.499095]  __asan_report_store1_noabort+0x20/0x30
[   16.499222]  krealloc_less_oob_helper+0xa48/0xc50
[   16.499330]  krealloc_large_less_oob+0x20/0x38
[   16.499379]  kunit_try_run_case+0x170/0x3f0
[   16.499426]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.499480]  kthread+0x328/0x630
[   16.499522]  ret_from_fork+0x10/0x20
[   16.499570] 
[   16.499591] The buggy address belongs to the physical page:
[   16.499622] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c0
[   16.500106] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.500194] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.500332] page_type: f8(unknown)
[   16.500418] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.500469] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.500833] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.500979] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.501030] head: 0bfffe0000000002 ffffc1ffc31e3001 00000000ffffffff 00000000ffffffff
[   16.501078] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.501128] page dumped because: kasan: bad access detected
[   16.501160] 
[   16.501178] Memory state around the buggy address:
[   16.501730]  fff00000c78c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.501807]  fff00000c78c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.501850] >fff00000c78c2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.501888]                                               ^
[   16.502314]  fff00000c78c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.502372]  fff00000c78c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.502416] ==================================================================
[   16.452876] ==================================================================
[   16.453055] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   16.453107] Write of size 1 at addr fff00000c653c4ea by task kunit_try_catch/158
[   16.453155] 
[   16.453680] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.453769] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.453912] Hardware name: linux,dummy-virt (DT)
[   16.453979] Call trace:
[   16.454063]  show_stack+0x20/0x38 (C)
[   16.454136]  dump_stack_lvl+0x8c/0xd0
[   16.454183]  print_report+0x118/0x5d0
[   16.454229]  kasan_report+0xdc/0x128
[   16.454274]  __asan_report_store1_noabort+0x20/0x30
[   16.454325]  krealloc_less_oob_helper+0xae4/0xc50
[   16.454833]  krealloc_less_oob+0x20/0x38
[   16.454908]  kunit_try_run_case+0x170/0x3f0
[   16.455049]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.455101]  kthread+0x328/0x630
[   16.455142]  ret_from_fork+0x10/0x20
[   16.455200] 
[   16.455234] Allocated by task 158:
[   16.455261]  kasan_save_stack+0x3c/0x68
[   16.455355]  kasan_save_track+0x20/0x40
[   16.455392]  kasan_save_alloc_info+0x40/0x58
[   16.455430]  __kasan_krealloc+0x118/0x178
[   16.455835]  krealloc_noprof+0x128/0x360
[   16.456112]  krealloc_less_oob_helper+0x168/0xc50
[   16.456223]  krealloc_less_oob+0x20/0x38
[   16.456321]  kunit_try_run_case+0x170/0x3f0
[   16.456358]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.456418]  kthread+0x328/0x630
[   16.456450]  ret_from_fork+0x10/0x20
[   16.456514] 
[   16.456540] The buggy address belongs to the object at fff00000c653c400
[   16.456540]  which belongs to the cache kmalloc-256 of size 256
[   16.456625] The buggy address is located 33 bytes to the right of
[   16.456625]  allocated 201-byte region [fff00000c653c400, fff00000c653c4c9)
[   16.456688] 
[   16.456708] The buggy address belongs to the physical page:
[   16.456744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653c
[   16.456856] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.457051] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.457209] page_type: f5(slab)
[   16.457263] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.457325] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.457458] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.457516] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.457644] head: 0bfffe0000000001 ffffc1ffc3194f01 00000000ffffffff 00000000ffffffff
[   16.457764] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.457810] page dumped because: kasan: bad access detected
[   16.457840] 
[   16.457857] Memory state around the buggy address:
[   16.457950]  fff00000c653c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.458196]  fff00000c653c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.458409] >fff00000c653c480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.458543]                                                           ^
[   16.458955]  fff00000c653c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.459101]  fff00000c653c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.459507] ==================================================================
[   16.503322] ==================================================================
[   16.503380] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   16.503504] Write of size 1 at addr fff00000c78c20d0 by task kunit_try_catch/162
[   16.503753] 
[   16.503815] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.503895] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.503930] Hardware name: linux,dummy-virt (DT)
[   16.504439] Call trace:
[   16.504473]  show_stack+0x20/0x38 (C)
[   16.504609]  dump_stack_lvl+0x8c/0xd0
[   16.504657]  print_report+0x118/0x5d0
[   16.504718]  kasan_report+0xdc/0x128
[   16.504764]  __asan_report_store1_noabort+0x20/0x30
[   16.504822]  krealloc_less_oob_helper+0xb9c/0xc50
[   16.505057]  krealloc_large_less_oob+0x20/0x38
[   16.505155]  kunit_try_run_case+0x170/0x3f0
[   16.505208]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.505423]  kthread+0x328/0x630
[   16.505465]  ret_from_fork+0x10/0x20
[   16.505511] 
[   16.505531] The buggy address belongs to the physical page:
[   16.505560] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c0
[   16.505618] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.505817] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.505868] page_type: f8(unknown)
[   16.506271] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.506710] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.506813] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.506862] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.506922] head: 0bfffe0000000002 ffffc1ffc31e3001 00000000ffffffff 00000000ffffffff
[   16.506970] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.507183] page dumped because: kasan: bad access detected
[   16.507217] 
[   16.507235] Memory state around the buggy address:
[   16.507266]  fff00000c78c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.507308]  fff00000c78c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.507446] >fff00000c78c2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.507666]                                                  ^
[   16.507725]  fff00000c78c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.507768]  fff00000c78c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.507804] ==================================================================

[   16.490387] ==================================================================
[   16.490437] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   16.490512] Write of size 1 at addr fff00000c790a0eb by task kunit_try_catch/162
[   16.490567] 
[   16.490601] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.490702] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.490729] Hardware name: linux,dummy-virt (DT)
[   16.490759] Call trace:
[   16.490780]  show_stack+0x20/0x38 (C)
[   16.490981]  dump_stack_lvl+0x8c/0xd0
[   16.491029]  print_report+0x118/0x5d0
[   16.491075]  kasan_report+0xdc/0x128
[   16.491247]  __asan_report_store1_noabort+0x20/0x30
[   16.491363]  krealloc_less_oob_helper+0xa58/0xc50
[   16.491419]  krealloc_large_less_oob+0x20/0x38
[   16.491473]  kunit_try_run_case+0x170/0x3f0
[   16.491521]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.491582]  kthread+0x328/0x630
[   16.491656]  ret_from_fork+0x10/0x20
[   16.491721] 
[   16.491748] The buggy address belongs to the physical page:
[   16.491815] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107908
[   16.491870] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.491923] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.491973] page_type: f8(unknown)
[   16.492119] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.492278] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.492340] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.492434] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.492504] head: 0bfffe0000000002 ffffc1ffc31e4201 00000000ffffffff 00000000ffffffff
[   16.492559] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.492615] page dumped because: kasan: bad access detected
[   16.492705] 
[   16.492743] Memory state around the buggy address:
[   16.492791]  fff00000c7909f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.492849]  fff00000c790a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.492891] >fff00000c790a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.492928]                                                           ^
[   16.493026]  fff00000c790a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.493089]  fff00000c790a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.493126] ==================================================================
[   16.484798] ==================================================================
[   16.484965] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   16.485021] Write of size 1 at addr fff00000c790a0ea by task kunit_try_catch/162
[   16.485347] 
[   16.485408] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.485513] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.485596] Hardware name: linux,dummy-virt (DT)
[   16.485642] Call trace:
[   16.485665]  show_stack+0x20/0x38 (C)
[   16.485736]  dump_stack_lvl+0x8c/0xd0
[   16.485782]  print_report+0x118/0x5d0
[   16.486099]  kasan_report+0xdc/0x128
[   16.486285]  __asan_report_store1_noabort+0x20/0x30
[   16.486399]  krealloc_less_oob_helper+0xae4/0xc50
[   16.486527]  krealloc_large_less_oob+0x20/0x38
[   16.486616]  kunit_try_run_case+0x170/0x3f0
[   16.486723]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.486794]  kthread+0x328/0x630
[   16.486879]  ret_from_fork+0x10/0x20
[   16.487227] 
[   16.487343] The buggy address belongs to the physical page:
[   16.487391] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107908
[   16.487465] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.487571] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.487703] page_type: f8(unknown)
[   16.487802] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.487881] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.487930] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.488278] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.488358] head: 0bfffe0000000002 ffffc1ffc31e4201 00000000ffffffff 00000000ffffffff
[   16.488755] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.488895] page dumped because: kasan: bad access detected
[   16.488942] 
[   16.489020] Memory state around the buggy address:
[   16.489112]  fff00000c7909f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.489195]  fff00000c790a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.489268] >fff00000c790a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.489306]                                                           ^
[   16.489344]  fff00000c790a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.489385]  fff00000c790a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.489719] ==================================================================
[   16.450225] ==================================================================
[   16.450292] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   16.450340] Write of size 1 at addr fff00000c5b4fceb by task kunit_try_catch/158
[   16.450389] 
[   16.450443] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.450638] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.450668] Hardware name: linux,dummy-virt (DT)
[   16.450698] Call trace:
[   16.450738]  show_stack+0x20/0x38 (C)
[   16.450789]  dump_stack_lvl+0x8c/0xd0
[   16.450886]  print_report+0x118/0x5d0
[   16.450953]  kasan_report+0xdc/0x128
[   16.451009]  __asan_report_store1_noabort+0x20/0x30
[   16.451060]  krealloc_less_oob_helper+0xa58/0xc50
[   16.451146]  krealloc_less_oob+0x20/0x38
[   16.451246]  kunit_try_run_case+0x170/0x3f0
[   16.451294]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.451355]  kthread+0x328/0x630
[   16.451534]  ret_from_fork+0x10/0x20
[   16.451582] 
[   16.451600] Allocated by task 158:
[   16.451750]  kasan_save_stack+0x3c/0x68
[   16.451803]  kasan_save_track+0x20/0x40
[   16.451952]  kasan_save_alloc_info+0x40/0x58
[   16.451992]  __kasan_krealloc+0x118/0x178
[   16.452155]  krealloc_noprof+0x128/0x360
[   16.452232]  krealloc_less_oob_helper+0x168/0xc50
[   16.452272]  krealloc_less_oob+0x20/0x38
[   16.452355]  kunit_try_run_case+0x170/0x3f0
[   16.452421]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.452464]  kthread+0x328/0x630
[   16.452509]  ret_from_fork+0x10/0x20
[   16.452544] 
[   16.452564] The buggy address belongs to the object at fff00000c5b4fc00
[   16.452564]  which belongs to the cache kmalloc-256 of size 256
[   16.452817] The buggy address is located 34 bytes to the right of
[   16.452817]  allocated 201-byte region [fff00000c5b4fc00, fff00000c5b4fcc9)
[   16.452899] 
[   16.452961] The buggy address belongs to the physical page:
[   16.453005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b4e
[   16.453114] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.453203] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.453288] page_type: f5(slab)
[   16.453416] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.453504] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.453628] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.453714] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.453774] head: 0bfffe0000000001 ffffc1ffc316d381 00000000ffffffff 00000000ffffffff
[   16.453822] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.454008] page dumped because: kasan: bad access detected
[   16.454039] 
[   16.454056] Memory state around the buggy address:
[   16.454222]  fff00000c5b4fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.454394]  fff00000c5b4fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.454510] >fff00000c5b4fc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.454698]                                                           ^
[   16.454781]  fff00000c5b4fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.454937]  fff00000c5b4fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.455031] ==================================================================
[   16.439835] ==================================================================
[   16.439880] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   16.439927] Write of size 1 at addr fff00000c5b4fcda by task kunit_try_catch/158
[   16.440344] 
[   16.440402] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.440482] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.440525] Hardware name: linux,dummy-virt (DT)
[   16.440582] Call trace:
[   16.440611]  show_stack+0x20/0x38 (C)
[   16.440704]  dump_stack_lvl+0x8c/0xd0
[   16.440768]  print_report+0x118/0x5d0
[   16.440852]  kasan_report+0xdc/0x128
[   16.440915]  __asan_report_store1_noabort+0x20/0x30
[   16.441002]  krealloc_less_oob_helper+0xa80/0xc50
[   16.441050]  krealloc_less_oob+0x20/0x38
[   16.441095]  kunit_try_run_case+0x170/0x3f0
[   16.441234]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.441454]  kthread+0x328/0x630
[   16.441570]  ret_from_fork+0x10/0x20
[   16.441640] 
[   16.441658] Allocated by task 158:
[   16.441719]  kasan_save_stack+0x3c/0x68
[   16.441807]  kasan_save_track+0x20/0x40
[   16.441844]  kasan_save_alloc_info+0x40/0x58
[   16.441945]  __kasan_krealloc+0x118/0x178
[   16.441983]  krealloc_noprof+0x128/0x360
[   16.442020]  krealloc_less_oob_helper+0x168/0xc50
[   16.442058]  krealloc_less_oob+0x20/0x38
[   16.442095]  kunit_try_run_case+0x170/0x3f0
[   16.442246]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.442320]  kthread+0x328/0x630
[   16.442363]  ret_from_fork+0x10/0x20
[   16.442398] 
[   16.442493] The buggy address belongs to the object at fff00000c5b4fc00
[   16.442493]  which belongs to the cache kmalloc-256 of size 256
[   16.442578] The buggy address is located 17 bytes to the right of
[   16.442578]  allocated 201-byte region [fff00000c5b4fc00, fff00000c5b4fcc9)
[   16.442721] 
[   16.442768] The buggy address belongs to the physical page:
[   16.442823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b4e
[   16.442952] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.443031] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.443158] page_type: f5(slab)
[   16.443211] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.443304] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.443660] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.443734] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.443904] head: 0bfffe0000000001 ffffc1ffc316d381 00000000ffffffff 00000000ffffffff
[   16.444027] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.444151] page dumped because: kasan: bad access detected
[   16.444227] 
[   16.444245] Memory state around the buggy address:
[   16.444275]  fff00000c5b4fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.444649]  fff00000c5b4fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.444723] >fff00000c5b4fc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.444916]                                                     ^
[   16.445067]  fff00000c5b4fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.445140]  fff00000c5b4fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.445264] ==================================================================
[   16.427889] ==================================================================
[   16.427970] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   16.428045] Write of size 1 at addr fff00000c5b4fcc9 by task kunit_try_catch/158
[   16.428124] 
[   16.428172] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.428252] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.428293] Hardware name: linux,dummy-virt (DT)
[   16.428331] Call trace:
[   16.428359]  show_stack+0x20/0x38 (C)
[   16.428408]  dump_stack_lvl+0x8c/0xd0
[   16.428455]  print_report+0x118/0x5d0
[   16.428501]  kasan_report+0xdc/0x128
[   16.428546]  __asan_report_store1_noabort+0x20/0x30
[   16.428632]  krealloc_less_oob_helper+0xa48/0xc50
[   16.428821]  krealloc_less_oob+0x20/0x38
[   16.428919]  kunit_try_run_case+0x170/0x3f0
[   16.429049]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.429209]  kthread+0x328/0x630
[   16.429301]  ret_from_fork+0x10/0x20
[   16.429418] 
[   16.429466] Allocated by task 158:
[   16.429494]  kasan_save_stack+0x3c/0x68
[   16.429705]  kasan_save_track+0x20/0x40
[   16.429742]  kasan_save_alloc_info+0x40/0x58
[   16.429781]  __kasan_krealloc+0x118/0x178
[   16.429819]  krealloc_noprof+0x128/0x360
[   16.429855]  krealloc_less_oob_helper+0x168/0xc50
[   16.429994]  krealloc_less_oob+0x20/0x38
[   16.430113]  kunit_try_run_case+0x170/0x3f0
[   16.430210]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.430310]  kthread+0x328/0x630
[   16.430356]  ret_from_fork+0x10/0x20
[   16.430391] 
[   16.430432] The buggy address belongs to the object at fff00000c5b4fc00
[   16.430432]  which belongs to the cache kmalloc-256 of size 256
[   16.430771] The buggy address is located 0 bytes to the right of
[   16.430771]  allocated 201-byte region [fff00000c5b4fc00, fff00000c5b4fcc9)
[   16.430940] 
[   16.431038] The buggy address belongs to the physical page:
[   16.431074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b4e
[   16.431144] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.431190] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.431490] page_type: f5(slab)
[   16.431596] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.431702] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.431791] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.431840] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.431925] head: 0bfffe0000000001 ffffc1ffc316d381 00000000ffffffff 00000000ffffffff
[   16.432250] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.432318] page dumped because: kasan: bad access detected
[   16.432389] 
[   16.432426] Memory state around the buggy address:
[   16.432457]  fff00000c5b4fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.432730]  fff00000c5b4fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.432852] >fff00000c5b4fc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.432961]                                               ^
[   16.433071]  fff00000c5b4fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.433162]  fff00000c5b4fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.433200] ==================================================================
[   16.472776] ==================================================================
[   16.472972] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   16.473145] Write of size 1 at addr fff00000c790a0c9 by task kunit_try_catch/162
[   16.473342] 
[   16.473385] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.473466] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.473492] Hardware name: linux,dummy-virt (DT)
[   16.473676] Call trace:
[   16.473704]  show_stack+0x20/0x38 (C)
[   16.474091]  dump_stack_lvl+0x8c/0xd0
[   16.474149]  print_report+0x118/0x5d0
[   16.474197]  kasan_report+0xdc/0x128
[   16.474243]  __asan_report_store1_noabort+0x20/0x30
[   16.474295]  krealloc_less_oob_helper+0xa48/0xc50
[   16.474343]  krealloc_large_less_oob+0x20/0x38
[   16.474390]  kunit_try_run_case+0x170/0x3f0
[   16.474437]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.474491]  kthread+0x328/0x630
[   16.474534]  ret_from_fork+0x10/0x20
[   16.474581] 
[   16.474601] The buggy address belongs to the physical page:
[   16.474664] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107908
[   16.474750] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.474798] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.474848] page_type: f8(unknown)
[   16.474963] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.475142] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.475203] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.475476] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.475589] head: 0bfffe0000000002 ffffc1ffc31e4201 00000000ffffffff 00000000ffffffff
[   16.475661] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.475701] page dumped because: kasan: bad access detected
[   16.475732] 
[   16.475751] Memory state around the buggy address:
[   16.475782]  fff00000c7909f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.476000]  fff00000c790a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.476105] >fff00000c790a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.476171]                                               ^
[   16.476214]  fff00000c790a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.476256]  fff00000c790a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.476294] ==================================================================
[   16.479766] ==================================================================
[   16.479801] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   16.479842] Write of size 1 at addr fff00000c790a0da by task kunit_try_catch/162
[   16.479889] 
[   16.479914] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.480041] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.480068] Hardware name: linux,dummy-virt (DT)
[   16.480506] Call trace:
[   16.480554]  show_stack+0x20/0x38 (C)
[   16.480606]  dump_stack_lvl+0x8c/0xd0
[   16.480664]  print_report+0x118/0x5d0
[   16.480710]  kasan_report+0xdc/0x128
[   16.480755]  __asan_report_store1_noabort+0x20/0x30
[   16.480806]  krealloc_less_oob_helper+0xa80/0xc50
[   16.480977]  krealloc_large_less_oob+0x20/0x38
[   16.481108]  kunit_try_run_case+0x170/0x3f0
[   16.481194]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.481323]  kthread+0x328/0x630
[   16.481399]  ret_from_fork+0x10/0x20
[   16.481514] 
[   16.481562] The buggy address belongs to the physical page:
[   16.481592] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107908
[   16.481655] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.481700] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.481874] page_type: f8(unknown)
[   16.481920] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.481970] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.482048] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.482143] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.482263] head: 0bfffe0000000002 ffffc1ffc31e4201 00000000ffffffff 00000000ffffffff
[   16.482352] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.482426] page dumped because: kasan: bad access detected
[   16.482492] 
[   16.482510] Memory state around the buggy address:
[   16.482571]  fff00000c7909f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.482883]  fff00000c790a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.483030] >fff00000c790a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.483133]                                                     ^
[   16.483180]  fff00000c790a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.483223]  fff00000c790a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.483294] ==================================================================
[   16.434322] ==================================================================
[   16.434373] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   16.434517] Write of size 1 at addr fff00000c5b4fcd0 by task kunit_try_catch/158
[   16.434730] 
[   16.434815] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.434916] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.434961] Hardware name: linux,dummy-virt (DT)
[   16.435017] Call trace:
[   16.435056]  show_stack+0x20/0x38 (C)
[   16.435106]  dump_stack_lvl+0x8c/0xd0
[   16.435155]  print_report+0x118/0x5d0
[   16.435429]  kasan_report+0xdc/0x128
[   16.435490]  __asan_report_store1_noabort+0x20/0x30
[   16.435558]  krealloc_less_oob_helper+0xb9c/0xc50
[   16.435642]  krealloc_less_oob+0x20/0x38
[   16.435743]  kunit_try_run_case+0x170/0x3f0
[   16.435792]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.435844]  kthread+0x328/0x630
[   16.435919]  ret_from_fork+0x10/0x20
[   16.436058] 
[   16.436113] Allocated by task 158:
[   16.436236]  kasan_save_stack+0x3c/0x68
[   16.436359]  kasan_save_track+0x20/0x40
[   16.436403]  kasan_save_alloc_info+0x40/0x58
[   16.436479]  __kasan_krealloc+0x118/0x178
[   16.436544]  krealloc_noprof+0x128/0x360
[   16.436581]  krealloc_less_oob_helper+0x168/0xc50
[   16.436739]  krealloc_less_oob+0x20/0x38
[   16.436870]  kunit_try_run_case+0x170/0x3f0
[   16.436929]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.436977]  kthread+0x328/0x630
[   16.437041]  ret_from_fork+0x10/0x20
[   16.437146] 
[   16.437213] The buggy address belongs to the object at fff00000c5b4fc00
[   16.437213]  which belongs to the cache kmalloc-256 of size 256
[   16.437357] The buggy address is located 7 bytes to the right of
[   16.437357]  allocated 201-byte region [fff00000c5b4fc00, fff00000c5b4fcc9)
[   16.437421] 
[   16.437441] The buggy address belongs to the physical page:
[   16.437478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b4e
[   16.437530] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.437754] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.437957] page_type: f5(slab)
[   16.438055] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.438150] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.438201] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.438364] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.438535] head: 0bfffe0000000001 ffffc1ffc316d381 00000000ffffffff 00000000ffffffff
[   16.438586] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.438651] page dumped because: kasan: bad access detected
[   16.438696] 
[   16.438714] Memory state around the buggy address:
[   16.438744]  fff00000c5b4fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.438794]  fff00000c5b4fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.438836] >fff00000c5b4fc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.438873]                                                  ^
[   16.438909]  fff00000c5b4fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.438951]  fff00000c5b4fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.438991] ==================================================================
[   16.446208] ==================================================================
[   16.446278] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   16.446333] Write of size 1 at addr fff00000c5b4fcea by task kunit_try_catch/158
[   16.446426] 
[   16.446472] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.446551] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.446596] Hardware name: linux,dummy-virt (DT)
[   16.446700] Call trace:
[   16.446749]  show_stack+0x20/0x38 (C)
[   16.446814]  dump_stack_lvl+0x8c/0xd0
[   16.446891]  print_report+0x118/0x5d0
[   16.446966]  kasan_report+0xdc/0x128
[   16.447030]  __asan_report_store1_noabort+0x20/0x30
[   16.447137]  krealloc_less_oob_helper+0xae4/0xc50
[   16.447186]  krealloc_less_oob+0x20/0x38
[   16.447232]  kunit_try_run_case+0x170/0x3f0
[   16.447279]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.447331]  kthread+0x328/0x630
[   16.447482]  ret_from_fork+0x10/0x20
[   16.447563] 
[   16.447726] Allocated by task 158:
[   16.447782]  kasan_save_stack+0x3c/0x68
[   16.447882]  kasan_save_track+0x20/0x40
[   16.447938]  kasan_save_alloc_info+0x40/0x58
[   16.447995]  __kasan_krealloc+0x118/0x178
[   16.448037]  krealloc_noprof+0x128/0x360
[   16.448120]  krealloc_less_oob_helper+0x168/0xc50
[   16.448176]  krealloc_less_oob+0x20/0x38
[   16.448212]  kunit_try_run_case+0x170/0x3f0
[   16.448249]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.448308]  kthread+0x328/0x630
[   16.448455]  ret_from_fork+0x10/0x20
[   16.448596] 
[   16.448633] The buggy address belongs to the object at fff00000c5b4fc00
[   16.448633]  which belongs to the cache kmalloc-256 of size 256
[   16.448734] The buggy address is located 33 bytes to the right of
[   16.448734]  allocated 201-byte region [fff00000c5b4fc00, fff00000c5b4fcc9)
[   16.448821] 
[   16.448849] The buggy address belongs to the physical page:
[   16.448879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b4e
[   16.448931] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.448991] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.449045] page_type: f5(slab)
[   16.449091] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.449141] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.449195] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.449244] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.449292] head: 0bfffe0000000001 ffffc1ffc316d381 00000000ffffffff 00000000ffffffff
[   16.449340] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.449383] page dumped because: kasan: bad access detected
[   16.449415] 
[   16.449442] Memory state around the buggy address:
[   16.449477]  fff00000c5b4fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.449520]  fff00000c5b4fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.449567] >fff00000c5b4fc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.449604]                                                           ^
[   16.449653]  fff00000c5b4fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.449695]  fff00000c5b4fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.449732] ==================================================================
[   16.477540] ==================================================================
[   16.477586] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   16.477781] Write of size 1 at addr fff00000c790a0d0 by task kunit_try_catch/162
[   16.477899] 
[   16.478026] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.478168] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.478196] Hardware name: linux,dummy-virt (DT)
[   16.478226] Call trace:
[   16.478249]  show_stack+0x20/0x38 (C)
[   16.478317]  dump_stack_lvl+0x8c/0xd0
[   16.478365]  print_report+0x118/0x5d0
[   16.478410]  kasan_report+0xdc/0x128
[   16.478464]  __asan_report_store1_noabort+0x20/0x30
[   16.478515]  krealloc_less_oob_helper+0xb9c/0xc50
[   16.478571]  krealloc_large_less_oob+0x20/0x38
[   16.478631]  kunit_try_run_case+0x170/0x3f0
[   16.478678]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.478729]  kthread+0x328/0x630
[   16.478770]  ret_from_fork+0x10/0x20
[   16.478817] 
[   16.478836] The buggy address belongs to the physical page:
[   16.478875] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107908
[   16.478936] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.478981] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.479038] page_type: f8(unknown)
[   16.479076] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.479126] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.479184] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.479241] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.479290] head: 0bfffe0000000002 ffffc1ffc31e4201 00000000ffffffff 00000000ffffffff
[   16.479338] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.479385] page dumped because: kasan: bad access detected
[   16.479424] 
[   16.479442] Memory state around the buggy address:
[   16.479472]  fff00000c7909f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.479514]  fff00000c790a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.479555] >fff00000c790a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.479592]                                                  ^
[   16.479636]  fff00000c790a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.479679]  fff00000c790a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.479716] ==================================================================

[   12.425164] ==================================================================
[   12.425483] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   12.426377] Write of size 1 at addr ffff888100ab08eb by task kunit_try_catch/176
[   12.426720] 
[   12.426808] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.426850] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.426861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.426883] Call Trace:
[   12.426895]  <TASK>
[   12.426909]  dump_stack_lvl+0x73/0xb0
[   12.426935]  print_report+0xd1/0x610
[   12.426957]  ? __virt_addr_valid+0x1db/0x2d0
[   12.426978]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.427001]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.427022]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.427046]  kasan_report+0x141/0x180
[   12.427067]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.427096]  __asan_report_store1_noabort+0x1b/0x30
[   12.427120]  krealloc_less_oob_helper+0xd47/0x11d0
[   12.427146]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.427168]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.427198]  ? __pfx_krealloc_less_oob+0x10/0x10
[   12.427226]  krealloc_less_oob+0x1c/0x30
[   12.427247]  kunit_try_run_case+0x1a5/0x480
[   12.427270]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.427292]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.427315]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.427338]  ? __kthread_parkme+0x82/0x180
[   12.427357]  ? preempt_count_sub+0x50/0x80
[   12.427381]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.427417]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.427439]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.427462]  kthread+0x337/0x6f0
[   12.427481]  ? trace_preempt_on+0x20/0xc0
[   12.427503]  ? __pfx_kthread+0x10/0x10
[   12.427524]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.427544]  ? calculate_sigpending+0x7b/0xa0
[   12.427568]  ? __pfx_kthread+0x10/0x10
[   12.427590]  ret_from_fork+0x116/0x1d0
[   12.427608]  ? __pfx_kthread+0x10/0x10
[   12.427628]  ret_from_fork_asm+0x1a/0x30
[   12.427659]  </TASK>
[   12.427669] 
[   12.435267] Allocated by task 176:
[   12.435412]  kasan_save_stack+0x45/0x70
[   12.435724]  kasan_save_track+0x18/0x40
[   12.435919]  kasan_save_alloc_info+0x3b/0x50
[   12.436244]  __kasan_krealloc+0x190/0x1f0
[   12.436412]  krealloc_noprof+0xf3/0x340
[   12.436613]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.436849]  krealloc_less_oob+0x1c/0x30
[   12.437016]  kunit_try_run_case+0x1a5/0x480
[   12.437211]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.437389]  kthread+0x337/0x6f0
[   12.437522]  ret_from_fork+0x116/0x1d0
[   12.437656]  ret_from_fork_asm+0x1a/0x30
[   12.437796] 
[   12.437870] The buggy address belongs to the object at ffff888100ab0800
[   12.437870]  which belongs to the cache kmalloc-256 of size 256
[   12.438227] The buggy address is located 34 bytes to the right of
[   12.438227]  allocated 201-byte region [ffff888100ab0800, ffff888100ab08c9)
[   12.439101] 
[   12.439335] The buggy address belongs to the physical page:
[   12.439621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab0
[   12.439975] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.440755] flags: 0x200000000000040(head|node=0|zone=2)
[   12.440940] page_type: f5(slab)
[   12.441145] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.441497] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.441858] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.442221] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.442495] head: 0200000000000001 ffffea000402ac01 00000000ffffffff 00000000ffffffff
[   12.442729] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.443142] page dumped because: kasan: bad access detected
[   12.443410] 
[   12.443506] Memory state around the buggy address:
[   12.443730]  ffff888100ab0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.443991]  ffff888100ab0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.444644] >ffff888100ab0880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.444925]                                                           ^
[   12.445237]  ffff888100ab0900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.445473]  ffff888100ab0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.445690] ==================================================================
[   12.585061] ==================================================================
[   12.585338] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   12.585642] Write of size 1 at addr ffff8881038a20eb by task kunit_try_catch/180
[   12.586708] 
[   12.586953] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.587000] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.587153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.587176] Call Trace:
[   12.587192]  <TASK>
[   12.587208]  dump_stack_lvl+0x73/0xb0
[   12.587237]  print_report+0xd1/0x610
[   12.587260]  ? __virt_addr_valid+0x1db/0x2d0
[   12.587281]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.587304]  ? kasan_addr_to_slab+0x11/0xa0
[   12.587324]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.587347]  kasan_report+0x141/0x180
[   12.587369]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.587409]  __asan_report_store1_noabort+0x1b/0x30
[   12.587434]  krealloc_less_oob_helper+0xd47/0x11d0
[   12.587460]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.587484]  ? finish_task_switch.isra.0+0x153/0x700
[   12.587505]  ? __switch_to+0x47/0xf50
[   12.587530]  ? __schedule+0x10c6/0x2b60
[   12.587552]  ? __pfx_read_tsc+0x10/0x10
[   12.587576]  krealloc_large_less_oob+0x1c/0x30
[   12.587607]  kunit_try_run_case+0x1a5/0x480
[   12.587630]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.587652]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.587675]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.587698]  ? __kthread_parkme+0x82/0x180
[   12.587718]  ? preempt_count_sub+0x50/0x80
[   12.587740]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.587764]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.587786]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.587809]  kthread+0x337/0x6f0
[   12.587828]  ? trace_preempt_on+0x20/0xc0
[   12.587850]  ? __pfx_kthread+0x10/0x10
[   12.587871]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.587891]  ? calculate_sigpending+0x7b/0xa0
[   12.587914]  ? __pfx_kthread+0x10/0x10
[   12.587936]  ret_from_fork+0x116/0x1d0
[   12.587954]  ? __pfx_kthread+0x10/0x10
[   12.587974]  ret_from_fork_asm+0x1a/0x30
[   12.588008]  </TASK>
[   12.588017] 
[   12.598107] The buggy address belongs to the physical page:
[   12.598426] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038a0
[   12.598937] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.599329] flags: 0x200000000000040(head|node=0|zone=2)
[   12.599586] page_type: f8(unknown)
[   12.599744] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.600084] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.600693] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.601007] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.601412] head: 0200000000000002 ffffea00040e2801 00000000ffffffff 00000000ffffffff
[   12.601885] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.602297] page dumped because: kasan: bad access detected
[   12.602627] 
[   12.602730] Memory state around the buggy address:
[   12.603047]  ffff8881038a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.603420]  ffff8881038a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.603827] >ffff8881038a2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.604185]                                                           ^
[   12.604539]  ffff8881038a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.605023]  ffff8881038a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.605305] ==================================================================
[   12.564273] ==================================================================
[   12.564606] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   12.565427] Write of size 1 at addr ffff8881038a20ea by task kunit_try_catch/180
[   12.566052] 
[   12.566193] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.566322] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.566337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.566359] Call Trace:
[   12.566371]  <TASK>
[   12.566387]  dump_stack_lvl+0x73/0xb0
[   12.566433]  print_report+0xd1/0x610
[   12.566456]  ? __virt_addr_valid+0x1db/0x2d0
[   12.566477]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.566501]  ? kasan_addr_to_slab+0x11/0xa0
[   12.566521]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.566544]  kasan_report+0x141/0x180
[   12.566566]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.566595]  __asan_report_store1_noabort+0x1b/0x30
[   12.566619]  krealloc_less_oob_helper+0xe90/0x11d0
[   12.566645]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.566669]  ? finish_task_switch.isra.0+0x153/0x700
[   12.566690]  ? __switch_to+0x47/0xf50
[   12.566716]  ? __schedule+0x10c6/0x2b60
[   12.566739]  ? __pfx_read_tsc+0x10/0x10
[   12.566764]  krealloc_large_less_oob+0x1c/0x30
[   12.566787]  kunit_try_run_case+0x1a5/0x480
[   12.566811]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.566834]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.566857]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.566882]  ? __kthread_parkme+0x82/0x180
[   12.566903]  ? preempt_count_sub+0x50/0x80
[   12.566927]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.566950]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.566973]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.566998]  kthread+0x337/0x6f0
[   12.567018]  ? trace_preempt_on+0x20/0xc0
[   12.567041]  ? __pfx_kthread+0x10/0x10
[   12.567062]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.567083]  ? calculate_sigpending+0x7b/0xa0
[   12.567107]  ? __pfx_kthread+0x10/0x10
[   12.567129]  ret_from_fork+0x116/0x1d0
[   12.567147]  ? __pfx_kthread+0x10/0x10
[   12.567168]  ret_from_fork_asm+0x1a/0x30
[   12.567201]  </TASK>
[   12.567212] 
[   12.577096] The buggy address belongs to the physical page:
[   12.577502] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038a0
[   12.577966] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.578314] flags: 0x200000000000040(head|node=0|zone=2)
[   12.578573] page_type: f8(unknown)
[   12.578727] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.579056] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.579378] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.580026] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.580449] head: 0200000000000002 ffffea00040e2801 00000000ffffffff 00000000ffffffff
[   12.580887] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.581313] page dumped because: kasan: bad access detected
[   12.581622] 
[   12.581785] Memory state around the buggy address:
[   12.581995]  ffff8881038a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.582294]  ffff8881038a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.582599] >ffff8881038a2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.583138]                                                           ^
[   12.583503]  ffff8881038a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.583960]  ffff8881038a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.584342] ==================================================================
[   12.349185] ==================================================================
[   12.349458] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   12.349738] Write of size 1 at addr ffff888100ab08d0 by task kunit_try_catch/176
[   12.350331] 
[   12.350452] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.350537] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.350551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.350572] Call Trace:
[   12.350583]  <TASK>
[   12.350597]  dump_stack_lvl+0x73/0xb0
[   12.350624]  print_report+0xd1/0x610
[   12.350647]  ? __virt_addr_valid+0x1db/0x2d0
[   12.350670]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.350693]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.350715]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.350739]  kasan_report+0x141/0x180
[   12.350761]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.350790]  __asan_report_store1_noabort+0x1b/0x30
[   12.350814]  krealloc_less_oob_helper+0xe23/0x11d0
[   12.350839]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.350862]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.350891]  ? __pfx_krealloc_less_oob+0x10/0x10
[   12.350918]  krealloc_less_oob+0x1c/0x30
[   12.350939]  kunit_try_run_case+0x1a5/0x480
[   12.350963]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.350985]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.351008]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.351076]  ? __kthread_parkme+0x82/0x180
[   12.351098]  ? preempt_count_sub+0x50/0x80
[   12.351123]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.351146]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.351169]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.351192]  kthread+0x337/0x6f0
[   12.351211]  ? trace_preempt_on+0x20/0xc0
[   12.351233]  ? __pfx_kthread+0x10/0x10
[   12.351254]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.351275]  ? calculate_sigpending+0x7b/0xa0
[   12.351297]  ? __pfx_kthread+0x10/0x10
[   12.351319]  ret_from_fork+0x116/0x1d0
[   12.351337]  ? __pfx_kthread+0x10/0x10
[   12.351357]  ret_from_fork_asm+0x1a/0x30
[   12.351389]  </TASK>
[   12.351410] 
[   12.358924] Allocated by task 176:
[   12.359213]  kasan_save_stack+0x45/0x70
[   12.359426]  kasan_save_track+0x18/0x40
[   12.359623]  kasan_save_alloc_info+0x3b/0x50
[   12.359838]  __kasan_krealloc+0x190/0x1f0
[   12.360011]  krealloc_noprof+0xf3/0x340
[   12.360154]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.360319]  krealloc_less_oob+0x1c/0x30
[   12.360508]  kunit_try_run_case+0x1a5/0x480
[   12.360770]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.361022]  kthread+0x337/0x6f0
[   12.361190]  ret_from_fork+0x116/0x1d0
[   12.361379]  ret_from_fork_asm+0x1a/0x30
[   12.361584] 
[   12.361919] The buggy address belongs to the object at ffff888100ab0800
[   12.361919]  which belongs to the cache kmalloc-256 of size 256
[   12.362474] The buggy address is located 7 bytes to the right of
[   12.362474]  allocated 201-byte region [ffff888100ab0800, ffff888100ab08c9)
[   12.362973] 
[   12.363118] The buggy address belongs to the physical page:
[   12.363386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab0
[   12.363747] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.364022] flags: 0x200000000000040(head|node=0|zone=2)
[   12.364285] page_type: f5(slab)
[   12.364464] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.364784] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.365168] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.365486] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.365792] head: 0200000000000001 ffffea000402ac01 00000000ffffffff 00000000ffffffff
[   12.366025] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.366526] page dumped because: kasan: bad access detected
[   12.366776] 
[   12.366869] Memory state around the buggy address:
[   12.367040]  ffff888100ab0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.368557]  ffff888100ab0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.369377] >ffff888100ab0880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.369784]                                                  ^
[   12.370113]  ffff888100ab0900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.370423]  ffff888100ab0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.370862] ==================================================================
[   12.519647] ==================================================================
[   12.519924] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   12.520175] Write of size 1 at addr ffff8881038a20d0 by task kunit_try_catch/180
[   12.520415] 
[   12.520597] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.520640] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.520651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.520676] Call Trace:
[   12.520687]  <TASK>
[   12.520703]  dump_stack_lvl+0x73/0xb0
[   12.520732]  print_report+0xd1/0x610
[   12.520755]  ? __virt_addr_valid+0x1db/0x2d0
[   12.520779]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.520802]  ? kasan_addr_to_slab+0x11/0xa0
[   12.520823]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.520847]  kasan_report+0x141/0x180
[   12.520868]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.520900]  __asan_report_store1_noabort+0x1b/0x30
[   12.520924]  krealloc_less_oob_helper+0xe23/0x11d0
[   12.520949]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.520973]  ? finish_task_switch.isra.0+0x153/0x700
[   12.520995]  ? __switch_to+0x47/0xf50
[   12.521020]  ? __schedule+0x10c6/0x2b60
[   12.521042]  ? __pfx_read_tsc+0x10/0x10
[   12.521067]  krealloc_large_less_oob+0x1c/0x30
[   12.521089]  kunit_try_run_case+0x1a5/0x480
[   12.521113]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.521135]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.521158]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.521181]  ? __kthread_parkme+0x82/0x180
[   12.521200]  ? preempt_count_sub+0x50/0x80
[   12.521223]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.521247]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.521269]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.521292]  kthread+0x337/0x6f0
[   12.521311]  ? trace_preempt_on+0x20/0xc0
[   12.521334]  ? __pfx_kthread+0x10/0x10
[   12.521354]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.521375]  ? calculate_sigpending+0x7b/0xa0
[   12.521408]  ? __pfx_kthread+0x10/0x10
[   12.521430]  ret_from_fork+0x116/0x1d0
[   12.521448]  ? __pfx_kthread+0x10/0x10
[   12.521468]  ret_from_fork_asm+0x1a/0x30
[   12.521500]  </TASK>
[   12.521511] 
[   12.532930] The buggy address belongs to the physical page:
[   12.533423] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038a0
[   12.534186] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.534843] flags: 0x200000000000040(head|node=0|zone=2)
[   12.535054] page_type: f8(unknown)
[   12.535183] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.535425] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.535790] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.536434] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.537202] head: 0200000000000002 ffffea00040e2801 00000000ffffffff 00000000ffffffff
[   12.537902] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.538546] page dumped because: kasan: bad access detected
[   12.539065] 
[   12.539223] Memory state around the buggy address:
[   12.539696]  ffff8881038a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.540058]  ffff8881038a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.540277] >ffff8881038a2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.540501]                                                  ^
[   12.540876]  ffff8881038a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.541485]  ffff8881038a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.542155] ==================================================================
[   12.403442] ==================================================================
[   12.404200] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   12.404542] Write of size 1 at addr ffff888100ab08ea by task kunit_try_catch/176
[   12.404879] 
[   12.404997] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.405044] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.405058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.405082] Call Trace:
[   12.405098]  <TASK>
[   12.405115]  dump_stack_lvl+0x73/0xb0
[   12.405143]  print_report+0xd1/0x610
[   12.405165]  ? __virt_addr_valid+0x1db/0x2d0
[   12.405189]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.405212]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.405300]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.405324]  kasan_report+0x141/0x180
[   12.405346]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.405375]  __asan_report_store1_noabort+0x1b/0x30
[   12.405411]  krealloc_less_oob_helper+0xe90/0x11d0
[   12.405437]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.405459]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.405489]  ? __pfx_krealloc_less_oob+0x10/0x10
[   12.405516]  krealloc_less_oob+0x1c/0x30
[   12.405537]  kunit_try_run_case+0x1a5/0x480
[   12.405560]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.405583]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.405616]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.405639]  ? __kthread_parkme+0x82/0x180
[   12.405660]  ? preempt_count_sub+0x50/0x80
[   12.405684]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.405707]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.405730]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.405753]  kthread+0x337/0x6f0
[   12.405772]  ? trace_preempt_on+0x20/0xc0
[   12.405794]  ? __pfx_kthread+0x10/0x10
[   12.405814]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.405835]  ? calculate_sigpending+0x7b/0xa0
[   12.405858]  ? __pfx_kthread+0x10/0x10
[   12.405880]  ret_from_fork+0x116/0x1d0
[   12.405898]  ? __pfx_kthread+0x10/0x10
[   12.405918]  ret_from_fork_asm+0x1a/0x30
[   12.405950]  </TASK>
[   12.405960] 
[   12.413667] Allocated by task 176:
[   12.413802]  kasan_save_stack+0x45/0x70
[   12.413949]  kasan_save_track+0x18/0x40
[   12.414120]  kasan_save_alloc_info+0x3b/0x50
[   12.414334]  __kasan_krealloc+0x190/0x1f0
[   12.414554]  krealloc_noprof+0xf3/0x340
[   12.414805]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.415069]  krealloc_less_oob+0x1c/0x30
[   12.415240]  kunit_try_run_case+0x1a5/0x480
[   12.415446]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.415652]  kthread+0x337/0x6f0
[   12.415975]  ret_from_fork+0x116/0x1d0
[   12.416177]  ret_from_fork_asm+0x1a/0x30
[   12.416323] 
[   12.416408] The buggy address belongs to the object at ffff888100ab0800
[   12.416408]  which belongs to the cache kmalloc-256 of size 256
[   12.417425] The buggy address is located 33 bytes to the right of
[   12.417425]  allocated 201-byte region [ffff888100ab0800, ffff888100ab08c9)
[   12.417969] 
[   12.418125] The buggy address belongs to the physical page:
[   12.418352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab0
[   12.418731] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.418963] flags: 0x200000000000040(head|node=0|zone=2)
[   12.419141] page_type: f5(slab)
[   12.419263] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.419555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.419946] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.420615] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.420862] head: 0200000000000001 ffffea000402ac01 00000000ffffffff 00000000ffffffff
[   12.421096] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.421728] page dumped because: kasan: bad access detected
[   12.421991] 
[   12.422082] Memory state around the buggy address:
[   12.422550]  ffff888100ab0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.423155]  ffff888100ab0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.423434] >ffff888100ab0880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.423685]                                                           ^
[   12.423978]  ffff888100ab0900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.424368]  ffff888100ab0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.424605] ==================================================================
[   12.372363] ==================================================================
[   12.372887] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   12.373715] Write of size 1 at addr ffff888100ab08da by task kunit_try_catch/176
[   12.374604] 
[   12.374903] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.374948] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.374960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.375066] Call Trace:
[   12.375083]  <TASK>
[   12.375099]  dump_stack_lvl+0x73/0xb0
[   12.375127]  print_report+0xd1/0x610
[   12.375149]  ? __virt_addr_valid+0x1db/0x2d0
[   12.375171]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.375195]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.375217]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.375240]  kasan_report+0x141/0x180
[   12.375262]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.375291]  __asan_report_store1_noabort+0x1b/0x30
[   12.375315]  krealloc_less_oob_helper+0xec6/0x11d0
[   12.375340]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.375362]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.375392]  ? __pfx_krealloc_less_oob+0x10/0x10
[   12.375432]  krealloc_less_oob+0x1c/0x30
[   12.375453]  kunit_try_run_case+0x1a5/0x480
[   12.375477]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.375499]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.375521]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.375544]  ? __kthread_parkme+0x82/0x180
[   12.375564]  ? preempt_count_sub+0x50/0x80
[   12.375588]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.375613]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.375635]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.375658]  kthread+0x337/0x6f0
[   12.375677]  ? trace_preempt_on+0x20/0xc0
[   12.375699]  ? __pfx_kthread+0x10/0x10
[   12.375719]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.375740]  ? calculate_sigpending+0x7b/0xa0
[   12.375763]  ? __pfx_kthread+0x10/0x10
[   12.375784]  ret_from_fork+0x116/0x1d0
[   12.375802]  ? __pfx_kthread+0x10/0x10
[   12.375822]  ret_from_fork_asm+0x1a/0x30
[   12.375854]  </TASK>
[   12.375865] 
[   12.388967] Allocated by task 176:
[   12.389392]  kasan_save_stack+0x45/0x70
[   12.389799]  kasan_save_track+0x18/0x40
[   12.390182]  kasan_save_alloc_info+0x3b/0x50
[   12.390725]  __kasan_krealloc+0x190/0x1f0
[   12.391179]  krealloc_noprof+0xf3/0x340
[   12.391456]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.391640]  krealloc_less_oob+0x1c/0x30
[   12.391988]  kunit_try_run_case+0x1a5/0x480
[   12.392417]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.392910]  kthread+0x337/0x6f0
[   12.393254]  ret_from_fork+0x116/0x1d0
[   12.393610]  ret_from_fork_asm+0x1a/0x30
[   12.393981] 
[   12.394151] The buggy address belongs to the object at ffff888100ab0800
[   12.394151]  which belongs to the cache kmalloc-256 of size 256
[   12.394538] The buggy address is located 17 bytes to the right of
[   12.394538]  allocated 201-byte region [ffff888100ab0800, ffff888100ab08c9)
[   12.395702] 
[   12.395866] The buggy address belongs to the physical page:
[   12.396417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab0
[   12.397269] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.397762] flags: 0x200000000000040(head|node=0|zone=2)
[   12.398356] page_type: f5(slab)
[   12.398575] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.398810] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.399104] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.399406] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.399693] head: 0200000000000001 ffffea000402ac01 00000000ffffffff 00000000ffffffff
[   12.400033] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.400307] page dumped because: kasan: bad access detected
[   12.400568] 
[   12.400699] Memory state around the buggy address:
[   12.400886]  ffff888100ab0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.401180]  ffff888100ab0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.401498] >ffff888100ab0880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.401914]                                                     ^
[   12.402159]  ffff888100ab0900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.402419]  ffff888100ab0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.402829] ==================================================================
[   12.327318] ==================================================================
[   12.327884] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   12.328315] Write of size 1 at addr ffff888100ab08c9 by task kunit_try_catch/176
[   12.328867] 
[   12.328987] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.329095] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.329110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.329131] Call Trace:
[   12.329143]  <TASK>
[   12.329158]  dump_stack_lvl+0x73/0xb0
[   12.329187]  print_report+0xd1/0x610
[   12.329209]  ? __virt_addr_valid+0x1db/0x2d0
[   12.329231]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.329253]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.329275]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.329299]  kasan_report+0x141/0x180
[   12.329320]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.329349]  __asan_report_store1_noabort+0x1b/0x30
[   12.329373]  krealloc_less_oob_helper+0xd70/0x11d0
[   12.329411]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.329434]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.329464]  ? __pfx_krealloc_less_oob+0x10/0x10
[   12.329491]  krealloc_less_oob+0x1c/0x30
[   12.329512]  kunit_try_run_case+0x1a5/0x480
[   12.329536]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.329558]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.329581]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.329616]  ? __kthread_parkme+0x82/0x180
[   12.329636]  ? preempt_count_sub+0x50/0x80
[   12.329660]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.329683]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.329706]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.329728]  kthread+0x337/0x6f0
[   12.329747]  ? trace_preempt_on+0x20/0xc0
[   12.329770]  ? __pfx_kthread+0x10/0x10
[   12.329791]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.329813]  ? calculate_sigpending+0x7b/0xa0
[   12.329836]  ? __pfx_kthread+0x10/0x10
[   12.329858]  ret_from_fork+0x116/0x1d0
[   12.329877]  ? __pfx_kthread+0x10/0x10
[   12.329898]  ret_from_fork_asm+0x1a/0x30
[   12.329930]  </TASK>
[   12.329940] 
[   12.337861] Allocated by task 176:
[   12.338221]  kasan_save_stack+0x45/0x70
[   12.338451]  kasan_save_track+0x18/0x40
[   12.338698]  kasan_save_alloc_info+0x3b/0x50
[   12.338891]  __kasan_krealloc+0x190/0x1f0
[   12.339110]  krealloc_noprof+0xf3/0x340
[   12.339292]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.339524]  krealloc_less_oob+0x1c/0x30
[   12.339809]  kunit_try_run_case+0x1a5/0x480
[   12.339970]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.340206]  kthread+0x337/0x6f0
[   12.340357]  ret_from_fork+0x116/0x1d0
[   12.340501]  ret_from_fork_asm+0x1a/0x30
[   12.340671] 
[   12.340767] The buggy address belongs to the object at ffff888100ab0800
[   12.340767]  which belongs to the cache kmalloc-256 of size 256
[   12.341364] The buggy address is located 0 bytes to the right of
[   12.341364]  allocated 201-byte region [ffff888100ab0800, ffff888100ab08c9)
[   12.342110] 
[   12.342214] The buggy address belongs to the physical page:
[   12.342434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab0
[   12.342779] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.343134] flags: 0x200000000000040(head|node=0|zone=2)
[   12.343330] page_type: f5(slab)
[   12.343466] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.343703] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.343936] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.344171] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.344977] head: 0200000000000001 ffffea000402ac01 00000000ffffffff 00000000ffffffff
[   12.345343] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.345626] page dumped because: kasan: bad access detected
[   12.345798] 
[   12.345868] Memory state around the buggy address:
[   12.346023]  ffff888100ab0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.346237]  ffff888100ab0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.347049] >ffff888100ab0880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.347381]                                               ^
[   12.347745]  ffff888100ab0900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.348141]  ffff888100ab0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.348443] ==================================================================
[   12.492297] ==================================================================
[   12.493319] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   12.493632] Write of size 1 at addr ffff8881038a20c9 by task kunit_try_catch/180
[   12.494741] 
[   12.494980] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.495155] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.495168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.495189] Call Trace:
[   12.495202]  <TASK>
[   12.495219]  dump_stack_lvl+0x73/0xb0
[   12.495251]  print_report+0xd1/0x610
[   12.495272]  ? __virt_addr_valid+0x1db/0x2d0
[   12.495294]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.495316]  ? kasan_addr_to_slab+0x11/0xa0
[   12.495336]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.495361]  kasan_report+0x141/0x180
[   12.495382]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.495422]  __asan_report_store1_noabort+0x1b/0x30
[   12.495446]  krealloc_less_oob_helper+0xd70/0x11d0
[   12.495471]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.495495]  ? finish_task_switch.isra.0+0x153/0x700
[   12.495516]  ? __switch_to+0x47/0xf50
[   12.495543]  ? __schedule+0x10c6/0x2b60
[   12.495566]  ? __pfx_read_tsc+0x10/0x10
[   12.495598]  krealloc_large_less_oob+0x1c/0x30
[   12.495620]  kunit_try_run_case+0x1a5/0x480
[   12.495643]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.495665]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.495688]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.495710]  ? __kthread_parkme+0x82/0x180
[   12.495730]  ? preempt_count_sub+0x50/0x80
[   12.495752]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.495776]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.495798]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.495821]  kthread+0x337/0x6f0
[   12.495840]  ? trace_preempt_on+0x20/0xc0
[   12.495862]  ? __pfx_kthread+0x10/0x10
[   12.495883]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.495903]  ? calculate_sigpending+0x7b/0xa0
[   12.495926]  ? __pfx_kthread+0x10/0x10
[   12.495947]  ret_from_fork+0x116/0x1d0
[   12.495965]  ? __pfx_kthread+0x10/0x10
[   12.495985]  ret_from_fork_asm+0x1a/0x30
[   12.496018]  </TASK>
[   12.496028] 
[   12.510506] The buggy address belongs to the physical page:
[   12.511030] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038a0
[   12.511279] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.511513] flags: 0x200000000000040(head|node=0|zone=2)
[   12.511706] page_type: f8(unknown)
[   12.512001] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.512305] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.512954] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.513349] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.513712] head: 0200000000000002 ffffea00040e2801 00000000ffffffff 00000000ffffffff
[   12.514213] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.514687] page dumped because: kasan: bad access detected
[   12.515035] 
[   12.515141] Memory state around the buggy address:
[   12.515562]  ffff8881038a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.516006]  ffff8881038a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.516441] >ffff8881038a2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.516872]                                               ^
[   12.517220]  ffff8881038a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.517555]  ffff8881038a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.518012] ==================================================================
[   12.543215] ==================================================================
[   12.543895] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   12.544575] Write of size 1 at addr ffff8881038a20da by task kunit_try_catch/180
[   12.544938] 
[   12.545023] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.545063] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.545074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.545095] Call Trace:
[   12.545110]  <TASK>
[   12.545126]  dump_stack_lvl+0x73/0xb0
[   12.545152]  print_report+0xd1/0x610
[   12.545173]  ? __virt_addr_valid+0x1db/0x2d0
[   12.545195]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.545218]  ? kasan_addr_to_slab+0x11/0xa0
[   12.545238]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.545261]  kasan_report+0x141/0x180
[   12.545283]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.545312]  __asan_report_store1_noabort+0x1b/0x30
[   12.545335]  krealloc_less_oob_helper+0xec6/0x11d0
[   12.545361]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.545384]  ? finish_task_switch.isra.0+0x153/0x700
[   12.545415]  ? __switch_to+0x47/0xf50
[   12.545441]  ? __schedule+0x10c6/0x2b60
[   12.545463]  ? __pfx_read_tsc+0x10/0x10
[   12.545486]  krealloc_large_less_oob+0x1c/0x30
[   12.545508]  kunit_try_run_case+0x1a5/0x480
[   12.545532]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.545554]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.545577]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.545621]  ? __kthread_parkme+0x82/0x180
[   12.545642]  ? preempt_count_sub+0x50/0x80
[   12.545664]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.545688]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.545710]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.545733]  kthread+0x337/0x6f0
[   12.545752]  ? trace_preempt_on+0x20/0xc0
[   12.545775]  ? __pfx_kthread+0x10/0x10
[   12.545795]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.545816]  ? calculate_sigpending+0x7b/0xa0
[   12.545839]  ? __pfx_kthread+0x10/0x10
[   12.545860]  ret_from_fork+0x116/0x1d0
[   12.545880]  ? __pfx_kthread+0x10/0x10
[   12.545901]  ret_from_fork_asm+0x1a/0x30
[   12.545935]  </TASK>
[   12.545944] 
[   12.555378] The buggy address belongs to the physical page:
[   12.555636] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038a0
[   12.555971] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.556262] flags: 0x200000000000040(head|node=0|zone=2)
[   12.556448] page_type: f8(unknown)
[   12.556647] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.557021] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.558334] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.558984] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.559319] head: 0200000000000002 ffffea00040e2801 00000000ffffffff 00000000ffffffff
[   12.559812] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.560203] page dumped because: kasan: bad access detected
[   12.560463] 
[   12.560550] Memory state around the buggy address:
[   12.561012]  ffff8881038a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.561342]  ffff8881038a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.561734] >ffff8881038a2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.562120]                                                     ^
[   12.562548]  ffff8881038a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.562882]  ffff8881038a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.563256] ==================================================================

[   12.487089] ==================================================================
[   12.487463] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   12.487817] Write of size 1 at addr ffff88810034c4ea by task kunit_try_catch/175
[   12.488207] 
[   12.488307] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.488357] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.488368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.488390] Call Trace:
[   12.488408]  <TASK>
[   12.488427]  dump_stack_lvl+0x73/0xb0
[   12.488454]  print_report+0xd1/0x610
[   12.488476]  ? __virt_addr_valid+0x1db/0x2d0
[   12.488498]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.488521]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.488542]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.488565]  kasan_report+0x141/0x180
[   12.488586]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.488613]  __asan_report_store1_noabort+0x1b/0x30
[   12.488637]  krealloc_less_oob_helper+0xe90/0x11d0
[   12.488662]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.488685]  ? finish_task_switch.isra.0+0x153/0x700
[   12.488707]  ? __switch_to+0x47/0xf50
[   12.488732]  ? __schedule+0x10c6/0x2b60
[   12.488753]  ? __pfx_read_tsc+0x10/0x10
[   12.488776]  krealloc_less_oob+0x1c/0x30
[   12.488797]  kunit_try_run_case+0x1a5/0x480
[   12.488821]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.488842]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.488908]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.488931]  ? __kthread_parkme+0x82/0x180
[   12.488950]  ? preempt_count_sub+0x50/0x80
[   12.488972]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.488995]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.489018]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.489041]  kthread+0x337/0x6f0
[   12.489059]  ? trace_preempt_on+0x20/0xc0
[   12.489082]  ? __pfx_kthread+0x10/0x10
[   12.489102]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.489123]  ? calculate_sigpending+0x7b/0xa0
[   12.489157]  ? __pfx_kthread+0x10/0x10
[   12.489177]  ret_from_fork+0x116/0x1d0
[   12.489195]  ? __pfx_kthread+0x10/0x10
[   12.489215]  ret_from_fork_asm+0x1a/0x30
[   12.489245]  </TASK>
[   12.489255] 
[   12.497279] Allocated by task 175:
[   12.497420]  kasan_save_stack+0x45/0x70
[   12.497572]  kasan_save_track+0x18/0x40
[   12.497713]  kasan_save_alloc_info+0x3b/0x50
[   12.497868]  __kasan_krealloc+0x190/0x1f0
[   12.498013]  krealloc_noprof+0xf3/0x340
[   12.498163]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.498397]  krealloc_less_oob+0x1c/0x30
[   12.498851]  kunit_try_run_case+0x1a5/0x480
[   12.499490]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.499984]  kthread+0x337/0x6f0
[   12.500118]  ret_from_fork+0x116/0x1d0
[   12.500270]  ret_from_fork_asm+0x1a/0x30
[   12.500420] 
[   12.500498] The buggy address belongs to the object at ffff88810034c400
[   12.500498]  which belongs to the cache kmalloc-256 of size 256
[   12.500869] The buggy address is located 33 bytes to the right of
[   12.500869]  allocated 201-byte region [ffff88810034c400, ffff88810034c4c9)
[   12.501662] 
[   12.501847] The buggy address belongs to the physical page:
[   12.502416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034c
[   12.502972] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.503311] flags: 0x200000000000040(head|node=0|zone=2)
[   12.503595] page_type: f5(slab)
[   12.503754] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.503995] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.504405] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.504749] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.505296] head: 0200000000000001 ffffea000400d301 00000000ffffffff 00000000ffffffff
[   12.505673] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.506030] page dumped because: kasan: bad access detected
[   12.506253] 
[   12.506363] Memory state around the buggy address:
[   12.506576]  ffff88810034c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.506818]  ffff88810034c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.507337] >ffff88810034c480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.507623]                                                           ^
[   12.507950]  ffff88810034c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.508248]  ffff88810034c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.508566] ==================================================================
[   12.655184] ==================================================================
[   12.656075] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   12.656445] Write of size 1 at addr ffff8881038d60da by task kunit_try_catch/179
[   12.657056] 
[   12.657295] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.657351] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.657362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.657384] Call Trace:
[   12.657398]  <TASK>
[   12.657415]  dump_stack_lvl+0x73/0xb0
[   12.657443]  print_report+0xd1/0x610
[   12.657464]  ? __virt_addr_valid+0x1db/0x2d0
[   12.657487]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.657509]  ? kasan_addr_to_slab+0x11/0xa0
[   12.657529]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.657551]  kasan_report+0x141/0x180
[   12.657572]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.657599]  __asan_report_store1_noabort+0x1b/0x30
[   12.657623]  krealloc_less_oob_helper+0xec6/0x11d0
[   12.657647]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.657670]  ? finish_task_switch.isra.0+0x153/0x700
[   12.657694]  ? __switch_to+0x47/0xf50
[   12.657719]  ? __schedule+0x10c6/0x2b60
[   12.657740]  ? __pfx_read_tsc+0x10/0x10
[   12.657764]  krealloc_large_less_oob+0x1c/0x30
[   12.657785]  kunit_try_run_case+0x1a5/0x480
[   12.657810]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.657831]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.657867]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.657890]  ? __kthread_parkme+0x82/0x180
[   12.657910]  ? preempt_count_sub+0x50/0x80
[   12.657932]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.657955]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.657977]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.658001]  kthread+0x337/0x6f0
[   12.658019]  ? trace_preempt_on+0x20/0xc0
[   12.658043]  ? __pfx_kthread+0x10/0x10
[   12.658062]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.658083]  ? calculate_sigpending+0x7b/0xa0
[   12.658106]  ? __pfx_kthread+0x10/0x10
[   12.658127]  ret_from_fork+0x116/0x1d0
[   12.658155]  ? __pfx_kthread+0x10/0x10
[   12.658175]  ret_from_fork_asm+0x1a/0x30
[   12.658205]  </TASK>
[   12.658215] 
[   12.672257] The buggy address belongs to the physical page:
[   12.672911] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d4
[   12.673189] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.673478] flags: 0x200000000000040(head|node=0|zone=2)
[   12.673702] page_type: f8(unknown)
[   12.673866] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.674244] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.674579] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.674958] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.675265] head: 0200000000000002 ffffea00040e3501 00000000ffffffff 00000000ffffffff
[   12.675834] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.676190] page dumped because: kasan: bad access detected
[   12.676557] 
[   12.676711] Memory state around the buggy address:
[   12.677032]  ffff8881038d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.677325]  ffff8881038d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.677650] >ffff8881038d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.677987]                                                     ^
[   12.678244]  ffff8881038d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.678611]  ffff8881038d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.678870] ==================================================================
[   12.679388] ==================================================================
[   12.680127] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   12.680675] Write of size 1 at addr ffff8881038d60ea by task kunit_try_catch/179
[   12.680974] 
[   12.681094] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.681139] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.681212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.681235] Call Trace:
[   12.681252]  <TASK>
[   12.681267]  dump_stack_lvl+0x73/0xb0
[   12.681295]  print_report+0xd1/0x610
[   12.681318]  ? __virt_addr_valid+0x1db/0x2d0
[   12.681340]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.681362]  ? kasan_addr_to_slab+0x11/0xa0
[   12.681382]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.681406]  kasan_report+0x141/0x180
[   12.681463]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.681503]  __asan_report_store1_noabort+0x1b/0x30
[   12.681538]  krealloc_less_oob_helper+0xe90/0x11d0
[   12.681562]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.681585]  ? finish_task_switch.isra.0+0x153/0x700
[   12.681607]  ? __switch_to+0x47/0xf50
[   12.681633]  ? __schedule+0x10c6/0x2b60
[   12.681657]  ? __pfx_read_tsc+0x10/0x10
[   12.681683]  krealloc_large_less_oob+0x1c/0x30
[   12.681706]  kunit_try_run_case+0x1a5/0x480
[   12.681731]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.681752]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.681775]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.681797]  ? __kthread_parkme+0x82/0x180
[   12.681817]  ? preempt_count_sub+0x50/0x80
[   12.681839]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.681914]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.681937]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.681993]  kthread+0x337/0x6f0
[   12.682012]  ? trace_preempt_on+0x20/0xc0
[   12.682034]  ? __pfx_kthread+0x10/0x10
[   12.682090]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.682112]  ? calculate_sigpending+0x7b/0xa0
[   12.682135]  ? __pfx_kthread+0x10/0x10
[   12.682170]  ret_from_fork+0x116/0x1d0
[   12.682188]  ? __pfx_kthread+0x10/0x10
[   12.682208]  ret_from_fork_asm+0x1a/0x30
[   12.682238]  </TASK>
[   12.682248] 
[   12.691223] The buggy address belongs to the physical page:
[   12.691514] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d4
[   12.692105] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.692506] flags: 0x200000000000040(head|node=0|zone=2)
[   12.692763] page_type: f8(unknown)
[   12.692943] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.693486] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.693811] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.694159] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.694592] head: 0200000000000002 ffffea00040e3501 00000000ffffffff 00000000ffffffff
[   12.694918] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.695426] page dumped because: kasan: bad access detected
[   12.695615] 
[   12.695710] Memory state around the buggy address:
[   12.696194]  ffff8881038d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.696437]  ffff8881038d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.696977] >ffff8881038d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.697467]                                                           ^
[   12.697738]  ffff8881038d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.698129]  ffff8881038d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.698467] ==================================================================
[   12.420760] ==================================================================
[   12.421348] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   12.421725] Write of size 1 at addr ffff88810034c4c9 by task kunit_try_catch/175
[   12.422030] 
[   12.422218] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.422269] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.422281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.422303] Call Trace:
[   12.422316]  <TASK>
[   12.422334]  dump_stack_lvl+0x73/0xb0
[   12.422366]  print_report+0xd1/0x610
[   12.422388]  ? __virt_addr_valid+0x1db/0x2d0
[   12.422412]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.422434]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.422455]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.422478]  kasan_report+0x141/0x180
[   12.422499]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.422527]  __asan_report_store1_noabort+0x1b/0x30
[   12.422550]  krealloc_less_oob_helper+0xd70/0x11d0
[   12.422576]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.422599]  ? finish_task_switch.isra.0+0x153/0x700
[   12.422623]  ? __switch_to+0x47/0xf50
[   12.422652]  ? __schedule+0x10c6/0x2b60
[   12.422674]  ? __pfx_read_tsc+0x10/0x10
[   12.422698]  krealloc_less_oob+0x1c/0x30
[   12.422719]  kunit_try_run_case+0x1a5/0x480
[   12.422745]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.422766]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.422789]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.422812]  ? __kthread_parkme+0x82/0x180
[   12.422832]  ? preempt_count_sub+0x50/0x80
[   12.422898]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.422923]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.422945]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.422968]  kthread+0x337/0x6f0
[   12.422987]  ? trace_preempt_on+0x20/0xc0
[   12.423010]  ? __pfx_kthread+0x10/0x10
[   12.423032]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.423053]  ? calculate_sigpending+0x7b/0xa0
[   12.423077]  ? __pfx_kthread+0x10/0x10
[   12.423098]  ret_from_fork+0x116/0x1d0
[   12.423116]  ? __pfx_kthread+0x10/0x10
[   12.423135]  ret_from_fork_asm+0x1a/0x30
[   12.423176]  </TASK>
[   12.423187] 
[   12.431369] Allocated by task 175:
[   12.431518]  kasan_save_stack+0x45/0x70
[   12.431674]  kasan_save_track+0x18/0x40
[   12.431813]  kasan_save_alloc_info+0x3b/0x50
[   12.432017]  __kasan_krealloc+0x190/0x1f0
[   12.432230]  krealloc_noprof+0xf3/0x340
[   12.432430]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.432834]  krealloc_less_oob+0x1c/0x30
[   12.432998]  kunit_try_run_case+0x1a5/0x480
[   12.433156]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.433644]  kthread+0x337/0x6f0
[   12.433815]  ret_from_fork+0x116/0x1d0
[   12.434062]  ret_from_fork_asm+0x1a/0x30
[   12.434249] 
[   12.434353] The buggy address belongs to the object at ffff88810034c400
[   12.434353]  which belongs to the cache kmalloc-256 of size 256
[   12.434907] The buggy address is located 0 bytes to the right of
[   12.434907]  allocated 201-byte region [ffff88810034c400, ffff88810034c4c9)
[   12.435433] 
[   12.435534] The buggy address belongs to the physical page:
[   12.435789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034c
[   12.436235] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.436582] flags: 0x200000000000040(head|node=0|zone=2)
[   12.436779] page_type: f5(slab)
[   12.436907] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.437155] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.437390] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.437772] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.438512] head: 0200000000000001 ffffea000400d301 00000000ffffffff 00000000ffffffff
[   12.438759] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.439383] page dumped because: kasan: bad access detected
[   12.439612] 
[   12.439711] Memory state around the buggy address:
[   12.439981]  ffff88810034c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.440218]  ffff88810034c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.440684] >ffff88810034c480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.441025]                                               ^
[   12.441294]  ffff88810034c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.441701]  ffff88810034c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.442037] ==================================================================
[   12.464832] ==================================================================
[   12.466161] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   12.466471] Write of size 1 at addr ffff88810034c4da by task kunit_try_catch/175
[   12.466828] 
[   12.466944] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.466988] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.467000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.467022] Call Trace:
[   12.467034]  <TASK>
[   12.467051]  dump_stack_lvl+0x73/0xb0
[   12.467077]  print_report+0xd1/0x610
[   12.467099]  ? __virt_addr_valid+0x1db/0x2d0
[   12.467121]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.467144]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.467179]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.467202]  kasan_report+0x141/0x180
[   12.467223]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.467250]  __asan_report_store1_noabort+0x1b/0x30
[   12.467274]  krealloc_less_oob_helper+0xec6/0x11d0
[   12.467298]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.467322]  ? finish_task_switch.isra.0+0x153/0x700
[   12.467343]  ? __switch_to+0x47/0xf50
[   12.467367]  ? __schedule+0x10c6/0x2b60
[   12.467389]  ? __pfx_read_tsc+0x10/0x10
[   12.467412]  krealloc_less_oob+0x1c/0x30
[   12.467432]  kunit_try_run_case+0x1a5/0x480
[   12.467456]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.467477]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.467500]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.467522]  ? __kthread_parkme+0x82/0x180
[   12.467542]  ? preempt_count_sub+0x50/0x80
[   12.467564]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.467587]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.467609]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.467632]  kthread+0x337/0x6f0
[   12.467650]  ? trace_preempt_on+0x20/0xc0
[   12.467673]  ? __pfx_kthread+0x10/0x10
[   12.467693]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.467713]  ? calculate_sigpending+0x7b/0xa0
[   12.467737]  ? __pfx_kthread+0x10/0x10
[   12.467757]  ret_from_fork+0x116/0x1d0
[   12.467775]  ? __pfx_kthread+0x10/0x10
[   12.467795]  ret_from_fork_asm+0x1a/0x30
[   12.467825]  </TASK>
[   12.467835] 
[   12.475790] Allocated by task 175:
[   12.475980]  kasan_save_stack+0x45/0x70
[   12.476205]  kasan_save_track+0x18/0x40
[   12.476407]  kasan_save_alloc_info+0x3b/0x50
[   12.477040]  __kasan_krealloc+0x190/0x1f0
[   12.477243]  krealloc_noprof+0xf3/0x340
[   12.477476]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.477659]  krealloc_less_oob+0x1c/0x30
[   12.477803]  kunit_try_run_case+0x1a5/0x480
[   12.477955]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.478135]  kthread+0x337/0x6f0
[   12.478317]  ret_from_fork+0x116/0x1d0
[   12.478573]  ret_from_fork_asm+0x1a/0x30
[   12.478773] 
[   12.478874] The buggy address belongs to the object at ffff88810034c400
[   12.478874]  which belongs to the cache kmalloc-256 of size 256
[   12.479345] The buggy address is located 17 bytes to the right of
[   12.479345]  allocated 201-byte region [ffff88810034c400, ffff88810034c4c9)
[   12.480032] 
[   12.480136] The buggy address belongs to the physical page:
[   12.480357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034c
[   12.480716] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.481221] flags: 0x200000000000040(head|node=0|zone=2)
[   12.481557] page_type: f5(slab)
[   12.481718] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.482045] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.482363] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.482706] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.483084] head: 0200000000000001 ffffea000400d301 00000000ffffffff 00000000ffffffff
[   12.483473] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.483790] page dumped because: kasan: bad access detected
[   12.484171] 
[   12.484276] Memory state around the buggy address:
[   12.484475]  ffff88810034c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.484721]  ffff88810034c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.485094] >ffff88810034c480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.485513]                                                     ^
[   12.485769]  ffff88810034c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.486040]  ffff88810034c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.486642] ==================================================================
[   12.626086] ==================================================================
[   12.626364] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   12.626693] Write of size 1 at addr ffff8881038d60d0 by task kunit_try_catch/179
[   12.627417] 
[   12.627521] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.627566] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.627577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.627601] Call Trace:
[   12.627619]  <TASK>
[   12.627637]  dump_stack_lvl+0x73/0xb0
[   12.627666]  print_report+0xd1/0x610
[   12.627688]  ? __virt_addr_valid+0x1db/0x2d0
[   12.627710]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.627744]  ? kasan_addr_to_slab+0x11/0xa0
[   12.627763]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.627786]  kasan_report+0x141/0x180
[   12.627806]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.627834]  __asan_report_store1_noabort+0x1b/0x30
[   12.628059]  krealloc_less_oob_helper+0xe23/0x11d0
[   12.628089]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.628112]  ? finish_task_switch.isra.0+0x153/0x700
[   12.628134]  ? __switch_to+0x47/0xf50
[   12.628173]  ? __schedule+0x10c6/0x2b60
[   12.628195]  ? __pfx_read_tsc+0x10/0x10
[   12.628218]  krealloc_large_less_oob+0x1c/0x30
[   12.628240]  kunit_try_run_case+0x1a5/0x480
[   12.628264]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.628286]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.628309]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.628335]  ? __kthread_parkme+0x82/0x180
[   12.628355]  ? preempt_count_sub+0x50/0x80
[   12.628377]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.628399]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.628421]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.628444]  kthread+0x337/0x6f0
[   12.628462]  ? trace_preempt_on+0x20/0xc0
[   12.628485]  ? __pfx_kthread+0x10/0x10
[   12.628504]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.628525]  ? calculate_sigpending+0x7b/0xa0
[   12.628547]  ? __pfx_kthread+0x10/0x10
[   12.628568]  ret_from_fork+0x116/0x1d0
[   12.628585]  ? __pfx_kthread+0x10/0x10
[   12.628605]  ret_from_fork_asm+0x1a/0x30
[   12.628637]  </TASK>
[   12.628648] 
[   12.643706] The buggy address belongs to the physical page:
[   12.643981] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d4
[   12.644721] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.645450] flags: 0x200000000000040(head|node=0|zone=2)
[   12.645962] page_type: f8(unknown)
[   12.646363] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.646776] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.647567] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.648275] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.648972] head: 0200000000000002 ffffea00040e3501 00000000ffffffff 00000000ffffffff
[   12.649225] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.649709] page dumped because: kasan: bad access detected
[   12.650307] 
[   12.650466] Memory state around the buggy address:
[   12.650887]  ffff8881038d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.651776]  ffff8881038d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.652433] >ffff8881038d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.652802]                                                  ^
[   12.653329]  ffff8881038d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.653999]  ffff8881038d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.654283] ==================================================================
[   12.698841] ==================================================================
[   12.699220] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   12.699637] Write of size 1 at addr ffff8881038d60eb by task kunit_try_catch/179
[   12.700098] 
[   12.700360] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.700404] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.700416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.700436] Call Trace:
[   12.700452]  <TASK>
[   12.700468]  dump_stack_lvl+0x73/0xb0
[   12.700495]  print_report+0xd1/0x610
[   12.700516]  ? __virt_addr_valid+0x1db/0x2d0
[   12.700537]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.700560]  ? kasan_addr_to_slab+0x11/0xa0
[   12.700579]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.700602]  kasan_report+0x141/0x180
[   12.700623]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.700650]  __asan_report_store1_noabort+0x1b/0x30
[   12.700673]  krealloc_less_oob_helper+0xd47/0x11d0
[   12.700698]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.700721]  ? finish_task_switch.isra.0+0x153/0x700
[   12.700742]  ? __switch_to+0x47/0xf50
[   12.700766]  ? __schedule+0x10c6/0x2b60
[   12.700787]  ? __pfx_read_tsc+0x10/0x10
[   12.700810]  krealloc_large_less_oob+0x1c/0x30
[   12.700831]  kunit_try_run_case+0x1a5/0x480
[   12.700854]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.700876]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.700898]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.700920]  ? __kthread_parkme+0x82/0x180
[   12.700940]  ? preempt_count_sub+0x50/0x80
[   12.700961]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.700984]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.701006]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.701028]  kthread+0x337/0x6f0
[   12.701047]  ? trace_preempt_on+0x20/0xc0
[   12.701069]  ? __pfx_kthread+0x10/0x10
[   12.701089]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.701109]  ? calculate_sigpending+0x7b/0xa0
[   12.701131]  ? __pfx_kthread+0x10/0x10
[   12.701163]  ret_from_fork+0x116/0x1d0
[   12.701181]  ? __pfx_kthread+0x10/0x10
[   12.701202]  ret_from_fork_asm+0x1a/0x30
[   12.701233]  </TASK>
[   12.701243] 
[   12.710881] The buggy address belongs to the physical page:
[   12.711209] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d4
[   12.711992] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.712497] flags: 0x200000000000040(head|node=0|zone=2)
[   12.712795] page_type: f8(unknown)
[   12.713179] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.713765] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.714215] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.714716] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.715304] head: 0200000000000002 ffffea00040e3501 00000000ffffffff 00000000ffffffff
[   12.715639] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.716045] page dumped because: kasan: bad access detected
[   12.716523] 
[   12.716604] Memory state around the buggy address:
[   12.716842]  ffff8881038d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.717349]  ffff8881038d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.717804] >ffff8881038d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.718187]                                                           ^
[   12.718588]  ffff8881038d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.718901]  ffff8881038d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.719432] ==================================================================
[   12.598225] ==================================================================
[   12.599543] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   12.600351] Write of size 1 at addr ffff8881038d60c9 by task kunit_try_catch/179
[   12.601065] 
[   12.601266] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.601314] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.601325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.601347] Call Trace:
[   12.601360]  <TASK>
[   12.601378]  dump_stack_lvl+0x73/0xb0
[   12.601431]  print_report+0xd1/0x610
[   12.601453]  ? __virt_addr_valid+0x1db/0x2d0
[   12.601476]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.601498]  ? kasan_addr_to_slab+0x11/0xa0
[   12.601520]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.601542]  kasan_report+0x141/0x180
[   12.601565]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.601593]  __asan_report_store1_noabort+0x1b/0x30
[   12.601617]  krealloc_less_oob_helper+0xd70/0x11d0
[   12.601641]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.601664]  ? finish_task_switch.isra.0+0x153/0x700
[   12.601687]  ? __switch_to+0x47/0xf50
[   12.601714]  ? __schedule+0x10c6/0x2b60
[   12.601736]  ? __pfx_read_tsc+0x10/0x10
[   12.601760]  krealloc_large_less_oob+0x1c/0x30
[   12.601781]  kunit_try_run_case+0x1a5/0x480
[   12.601806]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.601828]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.601852]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.601875]  ? __kthread_parkme+0x82/0x180
[   12.601895]  ? preempt_count_sub+0x50/0x80
[   12.601917]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.601940]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.601962]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.601984]  kthread+0x337/0x6f0
[   12.602002]  ? trace_preempt_on+0x20/0xc0
[   12.602024]  ? __pfx_kthread+0x10/0x10
[   12.602044]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.602064]  ? calculate_sigpending+0x7b/0xa0
[   12.602087]  ? __pfx_kthread+0x10/0x10
[   12.602108]  ret_from_fork+0x116/0x1d0
[   12.602125]  ? __pfx_kthread+0x10/0x10
[   12.602154]  ret_from_fork_asm+0x1a/0x30
[   12.602184]  </TASK>
[   12.602194] 
[   12.616138] The buggy address belongs to the physical page:
[   12.616358] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d4
[   12.617189] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.617902] flags: 0x200000000000040(head|node=0|zone=2)
[   12.618477] page_type: f8(unknown)
[   12.618798] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.619269] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.619976] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.620331] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.621069] head: 0200000000000002 ffffea00040e3501 00000000ffffffff 00000000ffffffff
[   12.621492] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.621715] page dumped because: kasan: bad access detected
[   12.621945] 
[   12.622108] Memory state around the buggy address:
[   12.622564]  ffff8881038d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.623215]  ffff8881038d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.623830] >ffff8881038d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.624538]                                               ^
[   12.625083]  ffff8881038d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.625429]  ffff8881038d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.625639] ==================================================================
[   12.509005] ==================================================================
[   12.509319] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   12.509672] Write of size 1 at addr ffff88810034c4eb by task kunit_try_catch/175
[   12.510002] 
[   12.510121] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.510325] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.510339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.510360] Call Trace:
[   12.510377]  <TASK>
[   12.510393]  dump_stack_lvl+0x73/0xb0
[   12.510423]  print_report+0xd1/0x610
[   12.510444]  ? __virt_addr_valid+0x1db/0x2d0
[   12.510466]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.510489]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.510511]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.510533]  kasan_report+0x141/0x180
[   12.510554]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.510581]  __asan_report_store1_noabort+0x1b/0x30
[   12.510605]  krealloc_less_oob_helper+0xd47/0x11d0
[   12.510630]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.510653]  ? finish_task_switch.isra.0+0x153/0x700
[   12.510675]  ? __switch_to+0x47/0xf50
[   12.510699]  ? __schedule+0x10c6/0x2b60
[   12.510720]  ? __pfx_read_tsc+0x10/0x10
[   12.510743]  krealloc_less_oob+0x1c/0x30
[   12.510764]  kunit_try_run_case+0x1a5/0x480
[   12.510787]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.510809]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.510831]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.510906]  ? __kthread_parkme+0x82/0x180
[   12.510926]  ? preempt_count_sub+0x50/0x80
[   12.510948]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.510972]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.510995]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.511017]  kthread+0x337/0x6f0
[   12.511037]  ? trace_preempt_on+0x20/0xc0
[   12.511059]  ? __pfx_kthread+0x10/0x10
[   12.511079]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.511100]  ? calculate_sigpending+0x7b/0xa0
[   12.511123]  ? __pfx_kthread+0x10/0x10
[   12.511157]  ret_from_fork+0x116/0x1d0
[   12.511176]  ? __pfx_kthread+0x10/0x10
[   12.511196]  ret_from_fork_asm+0x1a/0x30
[   12.511226]  </TASK>
[   12.511235] 
[   12.519633] Allocated by task 175:
[   12.519775]  kasan_save_stack+0x45/0x70
[   12.520194]  kasan_save_track+0x18/0x40
[   12.520462]  kasan_save_alloc_info+0x3b/0x50
[   12.520651]  __kasan_krealloc+0x190/0x1f0
[   12.520832]  krealloc_noprof+0xf3/0x340
[   12.521035]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.521276]  krealloc_less_oob+0x1c/0x30
[   12.521509]  kunit_try_run_case+0x1a5/0x480
[   12.521721]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.522288]  kthread+0x337/0x6f0
[   12.522467]  ret_from_fork+0x116/0x1d0
[   12.522631]  ret_from_fork_asm+0x1a/0x30
[   12.522832] 
[   12.522952] The buggy address belongs to the object at ffff88810034c400
[   12.522952]  which belongs to the cache kmalloc-256 of size 256
[   12.523552] The buggy address is located 34 bytes to the right of
[   12.523552]  allocated 201-byte region [ffff88810034c400, ffff88810034c4c9)
[   12.524306] 
[   12.524424] The buggy address belongs to the physical page:
[   12.524636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034c
[   12.525016] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.525386] flags: 0x200000000000040(head|node=0|zone=2)
[   12.525601] page_type: f5(slab)
[   12.525760] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.526140] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.526478] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.526713] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.526948] head: 0200000000000001 ffffea000400d301 00000000ffffffff 00000000ffffffff
[   12.527244] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.527868] page dumped because: kasan: bad access detected
[   12.528624] 
[   12.528798] Memory state around the buggy address:
[   12.529340]  ffff88810034c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.530009]  ffff88810034c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.530770] >ffff88810034c480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.531435]                                                           ^
[   12.532039]  ffff88810034c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.532418]  ffff88810034c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.532639] ==================================================================
[   12.442683] ==================================================================
[   12.443180] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   12.443541] Write of size 1 at addr ffff88810034c4d0 by task kunit_try_catch/175
[   12.443822] 
[   12.443914] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.443958] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.443969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.443991] Call Trace:
[   12.444003]  <TASK>
[   12.444018]  dump_stack_lvl+0x73/0xb0
[   12.444046]  print_report+0xd1/0x610
[   12.444067]  ? __virt_addr_valid+0x1db/0x2d0
[   12.444089]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.444112]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.444133]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.444167]  kasan_report+0x141/0x180
[   12.444189]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.444217]  __asan_report_store1_noabort+0x1b/0x30
[   12.444241]  krealloc_less_oob_helper+0xe23/0x11d0
[   12.444266]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.444350]  ? finish_task_switch.isra.0+0x153/0x700
[   12.444374]  ? __switch_to+0x47/0xf50
[   12.444399]  ? __schedule+0x10c6/0x2b60
[   12.444421]  ? __pfx_read_tsc+0x10/0x10
[   12.444444]  krealloc_less_oob+0x1c/0x30
[   12.444465]  kunit_try_run_case+0x1a5/0x480
[   12.444489]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.444511]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.444535]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.444558]  ? __kthread_parkme+0x82/0x180
[   12.444577]  ? preempt_count_sub+0x50/0x80
[   12.444599]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.444621]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.444644]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.444666]  kthread+0x337/0x6f0
[   12.444685]  ? trace_preempt_on+0x20/0xc0
[   12.444708]  ? __pfx_kthread+0x10/0x10
[   12.444727]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.444748]  ? calculate_sigpending+0x7b/0xa0
[   12.444771]  ? __pfx_kthread+0x10/0x10
[   12.444792]  ret_from_fork+0x116/0x1d0
[   12.444809]  ? __pfx_kthread+0x10/0x10
[   12.444829]  ret_from_fork_asm+0x1a/0x30
[   12.444858]  </TASK>
[   12.444869] 
[   12.453432] Allocated by task 175:
[   12.453607]  kasan_save_stack+0x45/0x70
[   12.453817]  kasan_save_track+0x18/0x40
[   12.453977]  kasan_save_alloc_info+0x3b/0x50
[   12.454199]  __kasan_krealloc+0x190/0x1f0
[   12.454386]  krealloc_noprof+0xf3/0x340
[   12.454570]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.454737]  krealloc_less_oob+0x1c/0x30
[   12.454879]  kunit_try_run_case+0x1a5/0x480
[   12.455030]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.455247]  kthread+0x337/0x6f0
[   12.455418]  ret_from_fork+0x116/0x1d0
[   12.455615]  ret_from_fork_asm+0x1a/0x30
[   12.455814] 
[   12.455913] The buggy address belongs to the object at ffff88810034c400
[   12.455913]  which belongs to the cache kmalloc-256 of size 256
[   12.456796] The buggy address is located 7 bytes to the right of
[   12.456796]  allocated 201-byte region [ffff88810034c400, ffff88810034c4c9)
[   12.457574] 
[   12.457683] The buggy address belongs to the physical page:
[   12.457907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034c
[   12.458457] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.458762] flags: 0x200000000000040(head|node=0|zone=2)
[   12.459085] page_type: f5(slab)
[   12.459236] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.459548] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.459897] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.460591] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.460988] head: 0200000000000001 ffffea000400d301 00000000ffffffff 00000000ffffffff
[   12.461265] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.461624] page dumped because: kasan: bad access detected
[   12.461912] 
[   12.462012] Memory state around the buggy address:
[   12.462196]  ffff88810034c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.462460]  ffff88810034c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.462786] >ffff88810034c480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.463158]                                                  ^
[   12.463504]  ffff88810034c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.463777]  ffff88810034c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.464158] ==================================================================