lkft/linux-mainline-master - v6.16-rc7 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper

Date

July 20, 2025, 11:12 p.m.

Environment
qemu-arm64
qemu-x86_64

[   16.483811] ==================================================================
[   16.484412] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   16.484528] Write of size 1 at addr fff00000c78c20f0 by task kunit_try_catch/160
[   16.484584] 
[   16.484718] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.484836] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.484868] Hardware name: linux,dummy-virt (DT)
[   16.484930] Call trace:
[   16.484951]  show_stack+0x20/0x38 (C)
[   16.485294]  dump_stack_lvl+0x8c/0xd0
[   16.485359]  print_report+0x118/0x5d0
[   16.485406]  kasan_report+0xdc/0x128
[   16.485829]  __asan_report_store1_noabort+0x20/0x30
[   16.485906]  krealloc_more_oob_helper+0x5c0/0x678
[   16.485955]  krealloc_large_more_oob+0x20/0x38
[   16.486230]  kunit_try_run_case+0x170/0x3f0
[   16.486381]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.486473]  kthread+0x328/0x630
[   16.486582]  ret_from_fork+0x10/0x20
[   16.486634] 
[   16.486654] The buggy address belongs to the physical page:
[   16.486684] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c0
[   16.486748] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.486796] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.487154] page_type: f8(unknown)
[   16.487447] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.487764] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.487819] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.487870] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.488026] head: 0bfffe0000000002 ffffc1ffc31e3001 00000000ffffffff 00000000ffffffff
[   16.488304] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.488400] page dumped because: kasan: bad access detected
[   16.488431] 
[   16.488448] Memory state around the buggy address:
[   16.488481]  fff00000c78c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.488523]  fff00000c78c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.488565] >fff00000c78c2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   16.488640]                                                              ^
[   16.488680]  fff00000c78c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.488758]  fff00000c78c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.488833] ==================================================================
[   16.384787] ==================================================================
[   16.384848] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   16.384945] Write of size 1 at addr fff00000c653c2f0 by task kunit_try_catch/156
[   16.385008] 
[   16.385039] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.385119] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.385144] Hardware name: linux,dummy-virt (DT)
[   16.385174] Call trace:
[   16.385196]  show_stack+0x20/0x38 (C)
[   16.385245]  dump_stack_lvl+0x8c/0xd0
[   16.385431]  print_report+0x118/0x5d0
[   16.385517]  kasan_report+0xdc/0x128
[   16.385562]  __asan_report_store1_noabort+0x20/0x30
[   16.385615]  krealloc_more_oob_helper+0x5c0/0x678
[   16.385663]  krealloc_more_oob+0x20/0x38
[   16.385708]  kunit_try_run_case+0x170/0x3f0
[   16.385755]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.385822]  kthread+0x328/0x630
[   16.385863]  ret_from_fork+0x10/0x20
[   16.385919] 
[   16.385938] Allocated by task 156:
[   16.385965]  kasan_save_stack+0x3c/0x68
[   16.386085]  kasan_save_track+0x20/0x40
[   16.386177]  kasan_save_alloc_info+0x40/0x58
[   16.386285]  __kasan_krealloc+0x118/0x178
[   16.386396]  krealloc_noprof+0x128/0x360
[   16.386433]  krealloc_more_oob_helper+0x168/0x678
[   16.386519]  krealloc_more_oob+0x20/0x38
[   16.386589]  kunit_try_run_case+0x170/0x3f0
[   16.386626]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.386694]  kthread+0x328/0x630
[   16.386945]  ret_from_fork+0x10/0x20
[   16.387003] 
[   16.387021] The buggy address belongs to the object at fff00000c653c200
[   16.387021]  which belongs to the cache kmalloc-256 of size 256
[   16.387112] The buggy address is located 5 bytes to the right of
[   16.387112]  allocated 235-byte region [fff00000c653c200, fff00000c653c2eb)
[   16.387202] 
[   16.387311] The buggy address belongs to the physical page:
[   16.387414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653c
[   16.387574] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.387654] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.387707] page_type: f5(slab)
[   16.387748] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.387800] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.387850] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.387919] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.387967] head: 0bfffe0000000001 ffffc1ffc3194f01 00000000ffffffff 00000000ffffffff
[   16.388158] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.388215] page dumped because: kasan: bad access detected
[   16.388247] 
[   16.388264] Memory state around the buggy address:
[   16.388313]  fff00000c653c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.388355]  fff00000c653c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.388397] >fff00000c653c280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   16.388435]                                                              ^
[   16.388473]  fff00000c653c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.388514]  fff00000c653c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.388551] ==================================================================
[   16.475783] ==================================================================
[   16.475842] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   16.475912] Write of size 1 at addr fff00000c78c20eb by task kunit_try_catch/160
[   16.475963] 
[   16.475996] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.476076] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.476102] Hardware name: linux,dummy-virt (DT)
[   16.476131] Call trace:
[   16.476154]  show_stack+0x20/0x38 (C)
[   16.476201]  dump_stack_lvl+0x8c/0xd0
[   16.476247]  print_report+0x118/0x5d0
[   16.476630]  kasan_report+0xdc/0x128
[   16.476809]  __asan_report_store1_noabort+0x20/0x30
[   16.477196]  krealloc_more_oob_helper+0x60c/0x678
[   16.477252]  krealloc_large_more_oob+0x20/0x38
[   16.477300]  kunit_try_run_case+0x170/0x3f0
[   16.478091]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.478235]  kthread+0x328/0x630
[   16.478278]  ret_from_fork+0x10/0x20
[   16.478328] 
[   16.478349] The buggy address belongs to the physical page:
[   16.478428] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c0
[   16.478915] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.479127] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.479210] page_type: f8(unknown)
[   16.479269] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.479321] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.479691] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.479744] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.479793] head: 0bfffe0000000002 ffffc1ffc31e3001 00000000ffffffff 00000000ffffffff
[   16.479843] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.480154] page dumped because: kasan: bad access detected
[   16.480313] 
[   16.480334] Memory state around the buggy address:
[   16.480439]  fff00000c78c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.480569]  fff00000c78c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.480635] >fff00000c78c2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   16.480672]                                                           ^
[   16.480712]  fff00000c78c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.480791]  fff00000c78c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.480910] ==================================================================
[   16.370368] ==================================================================
[   16.370509] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   16.370565] Write of size 1 at addr fff00000c653c2eb by task kunit_try_catch/156
[   16.370616] 
[   16.370653] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.370966] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.371064] Hardware name: linux,dummy-virt (DT)
[   16.371161] Call trace:
[   16.371239]  show_stack+0x20/0x38 (C)
[   16.371292]  dump_stack_lvl+0x8c/0xd0
[   16.371575]  print_report+0x118/0x5d0
[   16.371804]  kasan_report+0xdc/0x128
[   16.371994]  __asan_report_store1_noabort+0x20/0x30
[   16.372079]  krealloc_more_oob_helper+0x60c/0x678
[   16.372236]  krealloc_more_oob+0x20/0x38
[   16.372507]  kunit_try_run_case+0x170/0x3f0
[   16.372589]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.372876]  kthread+0x328/0x630
[   16.373078]  ret_from_fork+0x10/0x20
[   16.373213] 
[   16.373232] Allocated by task 156:
[   16.373262]  kasan_save_stack+0x3c/0x68
[   16.373608]  kasan_save_track+0x20/0x40
[   16.373715]  kasan_save_alloc_info+0x40/0x58
[   16.373891]  __kasan_krealloc+0x118/0x178
[   16.373940]  krealloc_noprof+0x128/0x360
[   16.373977]  krealloc_more_oob_helper+0x168/0x678
[   16.374016]  krealloc_more_oob+0x20/0x38
[   16.374051]  kunit_try_run_case+0x170/0x3f0
[   16.374228]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.374307]  kthread+0x328/0x630
[   16.374510]  ret_from_fork+0x10/0x20
[   16.374639] 
[   16.374719] The buggy address belongs to the object at fff00000c653c200
[   16.374719]  which belongs to the cache kmalloc-256 of size 256
[   16.374795] The buggy address is located 0 bytes to the right of
[   16.374795]  allocated 235-byte region [fff00000c653c200, fff00000c653c2eb)
[   16.375092] 
[   16.375165] The buggy address belongs to the physical page:
[   16.375266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653c
[   16.375362] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.375409] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.375777] page_type: f5(slab)
[   16.375953] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.376069] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.376201] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.376250] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.376321] head: 0bfffe0000000001 ffffc1ffc3194f01 00000000ffffffff 00000000ffffffff
[   16.376612] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.376677] page dumped because: kasan: bad access detected
[   16.376707] 
[   16.376725] Memory state around the buggy address:
[   16.376758]  fff00000c653c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.376803]  fff00000c653c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.376844] >fff00000c653c280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   16.376881]                                                           ^
[   16.376929]  fff00000c653c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.376970]  fff00000c653c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.377007] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

309x5ObUbFzpU8LyzOOSdUfjPcK

job_id

TEST:linaro@lkft#309xBIracfhK9V3GlYfC8LOCkkh

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/309xBIracfhK9V3GlYfC8LOCkkh

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309x6r3VkUT5E36FuuEPEjUKxgS/Image.gz
sha256sum	e30740b6a863df299bf79f0e7d1de6310b817cd727f60b2a9a659035822f0af4

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309x6r3VkUT5E36FuuEPEjUKxgS/modules.tar.xz
sha256sum	eefc2a9ac3129ad696f00a71a502b9c132b90c2da1abb5c62a30781dfd11657a

durations

tests

boot	0
kunit	172.17

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   16.418790] ==================================================================
[   16.418837] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   16.418885] Write of size 1 at addr fff00000c5b4faf0 by task kunit_try_catch/156
[   16.418934] 
[   16.418962] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.419040] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.419066] Hardware name: linux,dummy-virt (DT)
[   16.419096] Call trace:
[   16.419117]  show_stack+0x20/0x38 (C)
[   16.419190]  dump_stack_lvl+0x8c/0xd0
[   16.419238]  print_report+0x118/0x5d0
[   16.419284]  kasan_report+0xdc/0x128
[   16.419329]  __asan_report_store1_noabort+0x20/0x30
[   16.419379]  krealloc_more_oob_helper+0x5c0/0x678
[   16.419437]  krealloc_more_oob+0x20/0x38
[   16.419482]  kunit_try_run_case+0x170/0x3f0
[   16.419529]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.419580]  kthread+0x328/0x630
[   16.419634]  ret_from_fork+0x10/0x20
[   16.419681] 
[   16.419698] Allocated by task 156:
[   16.419741]  kasan_save_stack+0x3c/0x68
[   16.419782]  kasan_save_track+0x20/0x40
[   16.419818]  kasan_save_alloc_info+0x40/0x58
[   16.419857]  __kasan_krealloc+0x118/0x178
[   16.419894]  krealloc_noprof+0x128/0x360
[   16.419930]  krealloc_more_oob_helper+0x168/0x678
[   16.419969]  krealloc_more_oob+0x20/0x38
[   16.420004]  kunit_try_run_case+0x170/0x3f0
[   16.420041]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.420083]  kthread+0x328/0x630
[   16.420115]  ret_from_fork+0x10/0x20
[   16.420159] 
[   16.420178] The buggy address belongs to the object at fff00000c5b4fa00
[   16.420178]  which belongs to the cache kmalloc-256 of size 256
[   16.420233] The buggy address is located 5 bytes to the right of
[   16.420233]  allocated 235-byte region [fff00000c5b4fa00, fff00000c5b4faeb)
[   16.420295] 
[   16.420313] The buggy address belongs to the physical page:
[   16.420352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b4e
[   16.420405] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.420465] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.420523] page_type: f5(slab)
[   16.420560] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.420614] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.421499] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.421589] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.421673] head: 0bfffe0000000001 ffffc1ffc316d381 00000000ffffffff 00000000ffffffff
[   16.421721] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.421848] page dumped because: kasan: bad access detected
[   16.421889] 
[   16.421944] Memory state around the buggy address:
[   16.422041]  fff00000c5b4f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.422144]  fff00000c5b4fa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.422204] >fff00000c5b4fa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   16.422241]                                                              ^
[   16.422280]  fff00000c5b4fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.422321]  fff00000c5b4fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.422358] ==================================================================
[   16.414447] ==================================================================
[   16.414511] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   16.414599] Write of size 1 at addr fff00000c5b4faeb by task kunit_try_catch/156
[   16.414904] 
[   16.414943] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.415024] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.415050] Hardware name: linux,dummy-virt (DT)
[   16.415082] Call trace:
[   16.415104]  show_stack+0x20/0x38 (C)
[   16.415154]  dump_stack_lvl+0x8c/0xd0
[   16.415200]  print_report+0x118/0x5d0
[   16.415246]  kasan_report+0xdc/0x128
[   16.415356]  __asan_report_store1_noabort+0x20/0x30
[   16.415440]  krealloc_more_oob_helper+0x60c/0x678
[   16.415490]  krealloc_more_oob+0x20/0x38
[   16.415535]  kunit_try_run_case+0x170/0x3f0
[   16.415599]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.415693]  kthread+0x328/0x630
[   16.415739]  ret_from_fork+0x10/0x20
[   16.415788] 
[   16.415823] Allocated by task 156:
[   16.415880]  kasan_save_stack+0x3c/0x68
[   16.415923]  kasan_save_track+0x20/0x40
[   16.415959]  kasan_save_alloc_info+0x40/0x58
[   16.415999]  __kasan_krealloc+0x118/0x178
[   16.416066]  krealloc_noprof+0x128/0x360
[   16.416121]  krealloc_more_oob_helper+0x168/0x678
[   16.416161]  krealloc_more_oob+0x20/0x38
[   16.416196]  kunit_try_run_case+0x170/0x3f0
[   16.416282]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.416343]  kthread+0x328/0x630
[   16.416381]  ret_from_fork+0x10/0x20
[   16.416417] 
[   16.416437] The buggy address belongs to the object at fff00000c5b4fa00
[   16.416437]  which belongs to the cache kmalloc-256 of size 256
[   16.416494] The buggy address is located 0 bytes to the right of
[   16.416494]  allocated 235-byte region [fff00000c5b4fa00, fff00000c5b4faeb)
[   16.416556] 
[   16.416576] The buggy address belongs to the physical page:
[   16.416607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b4e
[   16.416764] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.416818] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.416869] page_type: f5(slab)
[   16.416942] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.417064] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.417179] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.417246] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.417294] head: 0bfffe0000000001 ffffc1ffc316d381 00000000ffffffff 00000000ffffffff
[   16.417342] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.417381] page dumped because: kasan: bad access detected
[   16.417411] 
[   16.417428] Memory state around the buggy address:
[   16.417529]  fff00000c5b4f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.417574]  fff00000c5b4fa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.417615] >fff00000c5b4fa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   16.417715]                                                           ^
[   16.417794]  fff00000c5b4fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.417835]  fff00000c5b4fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.417883] ==================================================================
[   16.459422] ==================================================================
[   16.459476] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   16.459528] Write of size 1 at addr fff00000c790a0eb by task kunit_try_catch/160
[   16.459577] 
[   16.459608] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.459704] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.459730] Hardware name: linux,dummy-virt (DT)
[   16.459760] Call trace:
[   16.459783]  show_stack+0x20/0x38 (C)
[   16.459830]  dump_stack_lvl+0x8c/0xd0
[   16.459877]  print_report+0x118/0x5d0
[   16.460313]  kasan_report+0xdc/0x128
[   16.460373]  __asan_report_store1_noabort+0x20/0x30
[   16.460427]  krealloc_more_oob_helper+0x60c/0x678
[   16.460476]  krealloc_large_more_oob+0x20/0x38
[   16.460561]  kunit_try_run_case+0x170/0x3f0
[   16.460628]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.460682]  kthread+0x328/0x630
[   16.460740]  ret_from_fork+0x10/0x20
[   16.460806] 
[   16.460886] The buggy address belongs to the physical page:
[   16.460924] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107908
[   16.460997] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.461043] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.461093] page_type: f8(unknown)
[   16.461131] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.461302] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.461436] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.461597] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.461713] head: 0bfffe0000000002 ffffc1ffc31e4201 00000000ffffffff 00000000ffffffff
[   16.461773] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.461844] page dumped because: kasan: bad access detected
[   16.462254] 
[   16.462416] Memory state around the buggy address:
[   16.462485]  fff00000c7909f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.462578]  fff00000c790a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.462676] >fff00000c790a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   16.462815]                                                           ^
[   16.462853]  fff00000c790a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.463105]  fff00000c790a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.463194] ==================================================================
[   16.463809] ==================================================================
[   16.463869] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   16.463917] Write of size 1 at addr fff00000c790a0f0 by task kunit_try_catch/160
[   16.463971] 
[   16.464113] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT 
[   16.464200] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.464226] Hardware name: linux,dummy-virt (DT)
[   16.464256] Call trace:
[   16.464277]  show_stack+0x20/0x38 (C)
[   16.464395]  dump_stack_lvl+0x8c/0xd0
[   16.464579]  print_report+0x118/0x5d0
[   16.464648]  kasan_report+0xdc/0x128
[   16.464693]  __asan_report_store1_noabort+0x20/0x30
[   16.464854]  krealloc_more_oob_helper+0x5c0/0x678
[   16.464912]  krealloc_large_more_oob+0x20/0x38
[   16.464958]  kunit_try_run_case+0x170/0x3f0
[   16.465064]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.465165]  kthread+0x328/0x630
[   16.465251]  ret_from_fork+0x10/0x20
[   16.465370] 
[   16.465471] The buggy address belongs to the physical page:
[   16.465568] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107908
[   16.465642] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.465720] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.465788] page_type: f8(unknown)
[   16.465825] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.465874] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.465927] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.465995] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.466044] head: 0bfffe0000000002 ffffc1ffc31e4201 00000000ffffffff 00000000ffffffff
[   16.466358] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.466462] page dumped because: kasan: bad access detected
[   16.466531] 
[   16.466592] Memory state around the buggy address:
[   16.466708]  fff00000c7909f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.466752]  fff00000c790a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.466947] >fff00000c790a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   16.467144]                                                              ^
[   16.467347]  fff00000c790a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.467401]  fff00000c790a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.467473] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

309wVITZ6NBRczMm3nMgYoirFB6

job_id

TEST:linaro@lkft#309wZRni24IYUAnxn7vdfI8LQ8Q

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/309wZRni24IYUAnxn7vdfI8LQ8Q

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309wWVmLM5NBt70nqZVpnGHDPJL/Image.gz
sha256sum	74805294b874e6885a29245bb570f9e3417e9e28c8185f5307cf2eda3ff93fb7

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309wWVmLM5NBt70nqZVpnGHDPJL/modules.tar.xz
sha256sum	6bb50cef8948a7c0cb544b1b2c047ab23cb31154624d745dca93084d8a8a44cc

durations

tests

boot	0
kunit	179.93

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   12.303871] ==================================================================
[   12.304350] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   12.304742] Write of size 1 at addr ffff888100341cf0 by task kunit_try_catch/174
[   12.305128] 
[   12.305231] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.305273] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.305284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.305304] Call Trace:
[   12.305317]  <TASK>
[   12.305333]  dump_stack_lvl+0x73/0xb0
[   12.305362]  print_report+0xd1/0x610
[   12.305384]  ? __virt_addr_valid+0x1db/0x2d0
[   12.305417]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.305441]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.305462]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.305486]  kasan_report+0x141/0x180
[   12.305507]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.305536]  __asan_report_store1_noabort+0x1b/0x30
[   12.305560]  krealloc_more_oob_helper+0x7eb/0x930
[   12.305582]  ? __schedule+0x10c6/0x2b60
[   12.305604]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   12.305628]  ? finish_task_switch.isra.0+0x153/0x700
[   12.305650]  ? __switch_to+0x47/0xf50
[   12.305676]  ? __schedule+0x10c6/0x2b60
[   12.305698]  ? __pfx_read_tsc+0x10/0x10
[   12.305722]  krealloc_more_oob+0x1c/0x30
[   12.305743]  kunit_try_run_case+0x1a5/0x480
[   12.305767]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.305789]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.305813]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.305836]  ? __kthread_parkme+0x82/0x180
[   12.305857]  ? preempt_count_sub+0x50/0x80
[   12.305881]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.305904]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.305927]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.305950]  kthread+0x337/0x6f0
[   12.305969]  ? trace_preempt_on+0x20/0xc0
[   12.305992]  ? __pfx_kthread+0x10/0x10
[   12.306013]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.306084]  ? calculate_sigpending+0x7b/0xa0
[   12.306109]  ? __pfx_kthread+0x10/0x10
[   12.306130]  ret_from_fork+0x116/0x1d0
[   12.306149]  ? __pfx_kthread+0x10/0x10
[   12.306169]  ret_from_fork_asm+0x1a/0x30
[   12.306201]  </TASK>
[   12.306211] 
[   12.313954] Allocated by task 174:
[   12.314085]  kasan_save_stack+0x45/0x70
[   12.314484]  kasan_save_track+0x18/0x40
[   12.314678]  kasan_save_alloc_info+0x3b/0x50
[   12.314898]  __kasan_krealloc+0x190/0x1f0
[   12.315153]  krealloc_noprof+0xf3/0x340
[   12.315340]  krealloc_more_oob_helper+0x1a9/0x930
[   12.315529]  krealloc_more_oob+0x1c/0x30
[   12.315686]  kunit_try_run_case+0x1a5/0x480
[   12.315900]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.316155]  kthread+0x337/0x6f0
[   12.316497]  ret_from_fork+0x116/0x1d0
[   12.316702]  ret_from_fork_asm+0x1a/0x30
[   12.316864] 
[   12.316939] The buggy address belongs to the object at ffff888100341c00
[   12.316939]  which belongs to the cache kmalloc-256 of size 256
[   12.317718] The buggy address is located 5 bytes to the right of
[   12.317718]  allocated 235-byte region [ffff888100341c00, ffff888100341ceb)
[   12.318224] 
[   12.318322] The buggy address belongs to the physical page:
[   12.318581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340
[   12.318827] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.319054] flags: 0x200000000000040(head|node=0|zone=2)
[   12.319230] page_type: f5(slab)
[   12.319351] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.319656] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.320065] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.320417] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.320762] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff
[   12.321231] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.321923] page dumped because: kasan: bad access detected
[   12.322372] 
[   12.322485] Memory state around the buggy address:
[   12.322706]  ffff888100341b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.322940]  ffff888100341c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.323546] >ffff888100341c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   12.323866]                                                              ^
[   12.324175]  ffff888100341d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.324471]  ffff888100341d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.324757] ==================================================================
[   12.273938] ==================================================================
[   12.274589] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   12.275291] Write of size 1 at addr ffff888100341ceb by task kunit_try_catch/174
[   12.275950] 
[   12.276113] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.276193] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.276208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.276229] Call Trace:
[   12.276256]  <TASK>
[   12.276276]  dump_stack_lvl+0x73/0xb0
[   12.276309]  print_report+0xd1/0x610
[   12.276334]  ? __virt_addr_valid+0x1db/0x2d0
[   12.276359]  ? krealloc_more_oob_helper+0x821/0x930
[   12.276384]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.276417]  ? krealloc_more_oob_helper+0x821/0x930
[   12.276441]  kasan_report+0x141/0x180
[   12.276464]  ? krealloc_more_oob_helper+0x821/0x930
[   12.276493]  __asan_report_store1_noabort+0x1b/0x30
[   12.276517]  krealloc_more_oob_helper+0x821/0x930
[   12.276539]  ? __schedule+0x10c6/0x2b60
[   12.276562]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   12.276586]  ? finish_task_switch.isra.0+0x153/0x700
[   12.276610]  ? __switch_to+0x47/0xf50
[   12.276638]  ? __schedule+0x10c6/0x2b60
[   12.276659]  ? __pfx_read_tsc+0x10/0x10
[   12.276688]  krealloc_more_oob+0x1c/0x30
[   12.276709]  kunit_try_run_case+0x1a5/0x480
[   12.276734]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.276756]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.276781]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.276804]  ? __kthread_parkme+0x82/0x180
[   12.276825]  ? preempt_count_sub+0x50/0x80
[   12.276848]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.276872]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.276895]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.276918]  kthread+0x337/0x6f0
[   12.276937]  ? trace_preempt_on+0x20/0xc0
[   12.276961]  ? __pfx_kthread+0x10/0x10
[   12.276982]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.277003]  ? calculate_sigpending+0x7b/0xa0
[   12.277082]  ? __pfx_kthread+0x10/0x10
[   12.277106]  ret_from_fork+0x116/0x1d0
[   12.277125]  ? __pfx_kthread+0x10/0x10
[   12.277146]  ret_from_fork_asm+0x1a/0x30
[   12.277178]  </TASK>
[   12.277190] 
[   12.289478] Allocated by task 174:
[   12.289811]  kasan_save_stack+0x45/0x70
[   12.290226]  kasan_save_track+0x18/0x40
[   12.290840]  kasan_save_alloc_info+0x3b/0x50
[   12.291278]  __kasan_krealloc+0x190/0x1f0
[   12.291659]  krealloc_noprof+0xf3/0x340
[   12.291839]  krealloc_more_oob_helper+0x1a9/0x930
[   12.292002]  krealloc_more_oob+0x1c/0x30
[   12.292420]  kunit_try_run_case+0x1a5/0x480
[   12.292842]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.293357]  kthread+0x337/0x6f0
[   12.293718]  ret_from_fork+0x116/0x1d0
[   12.293889]  ret_from_fork_asm+0x1a/0x30
[   12.294030] 
[   12.294254] The buggy address belongs to the object at ffff888100341c00
[   12.294254]  which belongs to the cache kmalloc-256 of size 256
[   12.295575] The buggy address is located 0 bytes to the right of
[   12.295575]  allocated 235-byte region [ffff888100341c00, ffff888100341ceb)
[   12.296448] 
[   12.296529] The buggy address belongs to the physical page:
[   12.296932] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340
[   12.297699] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.298217] flags: 0x200000000000040(head|node=0|zone=2)
[   12.298880] page_type: f5(slab)
[   12.299196] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.299447] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.299736] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.300031] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.300340] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff
[   12.300681] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.301086] page dumped because: kasan: bad access detected
[   12.301261] 
[   12.301336] Memory state around the buggy address:
[   12.301574]  ffff888100341b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.301854]  ffff888100341c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.302146] >ffff888100341c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   12.302464]                                                           ^
[   12.302709]  ffff888100341d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.303012]  ffff888100341d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.303270] ==================================================================
[   12.449370] ==================================================================
[   12.449847] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   12.450156] Write of size 1 at addr ffff88810389e0eb by task kunit_try_catch/178
[   12.450631] 
[   12.450756] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.450802] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.450814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.450835] Call Trace:
[   12.450848]  <TASK>
[   12.450865]  dump_stack_lvl+0x73/0xb0
[   12.450898]  print_report+0xd1/0x610
[   12.450921]  ? __virt_addr_valid+0x1db/0x2d0
[   12.450946]  ? krealloc_more_oob_helper+0x821/0x930
[   12.450970]  ? kasan_addr_to_slab+0x11/0xa0
[   12.450990]  ? krealloc_more_oob_helper+0x821/0x930
[   12.451013]  kasan_report+0x141/0x180
[   12.451274]  ? krealloc_more_oob_helper+0x821/0x930
[   12.451308]  __asan_report_store1_noabort+0x1b/0x30
[   12.451332]  krealloc_more_oob_helper+0x821/0x930
[   12.451355]  ? pick_task_fair+0xc9/0x340
[   12.451381]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   12.451419]  ? __schedule+0x2079/0x2b60
[   12.451440]  ? schedule+0x7c/0x2e0
[   12.451460]  ? trace_hardirqs_on+0x37/0xe0
[   12.451484]  ? __schedule+0x2079/0x2b60
[   12.451506]  ? __pfx_read_tsc+0x10/0x10
[   12.451531]  krealloc_large_more_oob+0x1c/0x30
[   12.451554]  kunit_try_run_case+0x1a5/0x480
[   12.451578]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.451608]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.451631]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.451654]  ? __kthread_parkme+0x82/0x180
[   12.451675]  ? preempt_count_sub+0x50/0x80
[   12.451699]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.451722]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.451745]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.451768]  kthread+0x337/0x6f0
[   12.451787]  ? trace_preempt_on+0x20/0xc0
[   12.451809]  ? __pfx_kthread+0x10/0x10
[   12.451829]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.451850]  ? calculate_sigpending+0x7b/0xa0
[   12.451873]  ? __pfx_kthread+0x10/0x10
[   12.451895]  ret_from_fork+0x116/0x1d0
[   12.451913]  ? __pfx_kthread+0x10/0x10
[   12.451933]  ret_from_fork_asm+0x1a/0x30
[   12.451965]  </TASK>
[   12.451976] 
[   12.460686] The buggy address belongs to the physical page:
[   12.460924] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10389c
[   12.461882] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.462741] flags: 0x200000000000040(head|node=0|zone=2)
[   12.462995] page_type: f8(unknown)
[   12.463533] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.463845] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.464422] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.464848] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.465285] head: 0200000000000002 ffffea00040e2701 00000000ffffffff 00000000ffffffff
[   12.465591] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.466202] page dumped because: kasan: bad access detected
[   12.466406] 
[   12.466635] Memory state around the buggy address:
[   12.466983]  ffff88810389df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.467510]  ffff88810389e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.467970] >ffff88810389e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   12.468485]                                                           ^
[   12.468908]  ffff88810389e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.469305]  ffff88810389e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.469640] ==================================================================
[   12.470294] ==================================================================
[   12.470707] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   12.471117] Write of size 1 at addr ffff88810389e0f0 by task kunit_try_catch/178
[   12.471954] 
[   12.472142] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.472186] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.472198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.472218] Call Trace:
[   12.472232]  <TASK>
[   12.472248]  dump_stack_lvl+0x73/0xb0
[   12.472278]  print_report+0xd1/0x610
[   12.472299]  ? __virt_addr_valid+0x1db/0x2d0
[   12.472321]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.472344]  ? kasan_addr_to_slab+0x11/0xa0
[   12.472364]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.472389]  kasan_report+0x141/0x180
[   12.472425]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.472454]  __asan_report_store1_noabort+0x1b/0x30
[   12.472478]  krealloc_more_oob_helper+0x7eb/0x930
[   12.472500]  ? pick_task_fair+0xc9/0x340
[   12.472525]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   12.472549]  ? __schedule+0x2079/0x2b60
[   12.472569]  ? schedule+0x7c/0x2e0
[   12.472589]  ? trace_hardirqs_on+0x37/0xe0
[   12.472611]  ? __schedule+0x2079/0x2b60
[   12.472633]  ? __pfx_read_tsc+0x10/0x10
[   12.472658]  krealloc_large_more_oob+0x1c/0x30
[   12.472684]  kunit_try_run_case+0x1a5/0x480
[   12.472707]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.472729]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.472752]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.472775]  ? __kthread_parkme+0x82/0x180
[   12.472795]  ? preempt_count_sub+0x50/0x80
[   12.472819]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.472842]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.472865]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.472887]  kthread+0x337/0x6f0
[   12.472906]  ? trace_preempt_on+0x20/0xc0
[   12.472928]  ? __pfx_kthread+0x10/0x10
[   12.472948]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.472969]  ? calculate_sigpending+0x7b/0xa0
[   12.472992]  ? __pfx_kthread+0x10/0x10
[   12.473014]  ret_from_fork+0x116/0x1d0
[   12.473031]  ? __pfx_kthread+0x10/0x10
[   12.473052]  ret_from_fork_asm+0x1a/0x30
[   12.473084]  </TASK>
[   12.473094] 
[   12.481132] The buggy address belongs to the physical page:
[   12.481391] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10389c
[   12.481904] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.482140] flags: 0x200000000000040(head|node=0|zone=2)
[   12.482318] page_type: f8(unknown)
[   12.482563] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.483355] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.483742] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.484087] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.484449] head: 0200000000000002 ffffea00040e2701 00000000ffffffff 00000000ffffffff
[   12.484752] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.485079] page dumped because: kasan: bad access detected
[   12.485256] 
[   12.485329] Memory state around the buggy address:
[   12.485498]  ffff88810389df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.485807]  ffff88810389e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.486307] >ffff88810389e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   12.486720]                                                              ^
[   12.487228]  ffff88810389e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.487482]  ffff88810389e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.488089] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

309x5ObUbFzpU8LyzOOSdUfjPcK

job_id

TEST:linaro@lkft#309xCSsAm8c1VYb5dcu5sknfgSw

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/309xCSsAm8c1VYb5dcu5sknfgSw

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309x8IF1hI1lZOcQSeL4qqQoUy8/bzImage
sha256sum	e3164212926cde5cf5c2db586c7b527178fd0fcaca68ddebd4f9d3c49dc193c9

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309x8IF1hI1lZOcQSeL4qqQoUy8/modules.tar.xz
sha256sum	e261d4379790c6d3277c083da5e816b60769799af5be4eb5dd36081911673279

durations

tests

boot	0
kunit	214.92

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   12.394230] ==================================================================
[   12.394589] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   12.394883] Write of size 1 at addr ffff88810034c2f0 by task kunit_try_catch/173
[   12.395523] 
[   12.395646] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.395691] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.395704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.395725] Call Trace:
[   12.395743]  <TASK>
[   12.395758]  dump_stack_lvl+0x73/0xb0
[   12.395786]  print_report+0xd1/0x610
[   12.395808]  ? __virt_addr_valid+0x1db/0x2d0
[   12.395830]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.395852]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.396132]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.396170]  kasan_report+0x141/0x180
[   12.396192]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.396220]  __asan_report_store1_noabort+0x1b/0x30
[   12.396244]  krealloc_more_oob_helper+0x7eb/0x930
[   12.396266]  ? __schedule+0x10c6/0x2b60
[   12.396287]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   12.396311]  ? finish_task_switch.isra.0+0x153/0x700
[   12.396338]  ? __switch_to+0x47/0xf50
[   12.396364]  ? __schedule+0x10c6/0x2b60
[   12.396385]  ? __pfx_read_tsc+0x10/0x10
[   12.396408]  krealloc_more_oob+0x1c/0x30
[   12.396429]  kunit_try_run_case+0x1a5/0x480
[   12.396453]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.396475]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.396497]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.396519]  ? __kthread_parkme+0x82/0x180
[   12.396539]  ? preempt_count_sub+0x50/0x80
[   12.396561]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.396584]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.396606]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.396629]  kthread+0x337/0x6f0
[   12.396648]  ? trace_preempt_on+0x20/0xc0
[   12.396671]  ? __pfx_kthread+0x10/0x10
[   12.396691]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.396711]  ? calculate_sigpending+0x7b/0xa0
[   12.396734]  ? __pfx_kthread+0x10/0x10
[   12.396755]  ret_from_fork+0x116/0x1d0
[   12.396773]  ? __pfx_kthread+0x10/0x10
[   12.396793]  ret_from_fork_asm+0x1a/0x30
[   12.396822]  </TASK>
[   12.396832] 
[   12.405111] Allocated by task 173:
[   12.405556]  kasan_save_stack+0x45/0x70
[   12.405766]  kasan_save_track+0x18/0x40
[   12.406074]  kasan_save_alloc_info+0x3b/0x50
[   12.406269]  __kasan_krealloc+0x190/0x1f0
[   12.406614]  krealloc_noprof+0xf3/0x340
[   12.406773]  krealloc_more_oob_helper+0x1a9/0x930
[   12.407069]  krealloc_more_oob+0x1c/0x30
[   12.407232]  kunit_try_run_case+0x1a5/0x480
[   12.407385]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.407655]  kthread+0x337/0x6f0
[   12.407833]  ret_from_fork+0x116/0x1d0
[   12.408024]  ret_from_fork_asm+0x1a/0x30
[   12.408231] 
[   12.408305] The buggy address belongs to the object at ffff88810034c200
[   12.408305]  which belongs to the cache kmalloc-256 of size 256
[   12.409187] The buggy address is located 5 bytes to the right of
[   12.409187]  allocated 235-byte region [ffff88810034c200, ffff88810034c2eb)
[   12.409646] 
[   12.409769] The buggy address belongs to the physical page:
[   12.410030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034c
[   12.410355] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.410586] flags: 0x200000000000040(head|node=0|zone=2)
[   12.410763] page_type: f5(slab)
[   12.410885] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.411220] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.411651] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.411993] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.412391] head: 0200000000000001 ffffea000400d301 00000000ffffffff 00000000ffffffff
[   12.412752] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.413397] page dumped because: kasan: bad access detected
[   12.413635] 
[   12.413718] Memory state around the buggy address:
[   12.413985]  ffff88810034c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.414254]  ffff88810034c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.414598] >ffff88810034c280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   12.415069]                                                              ^
[   12.415397]  ffff88810034c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.415623]  ffff88810034c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.415843] ==================================================================
[   12.567550] ==================================================================
[   12.568497] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   12.569443] Write of size 1 at addr ffff8881038a60f0 by task kunit_try_catch/177
[   12.570192] 
[   12.570401] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.570449] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.570461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.570484] Call Trace:
[   12.570498]  <TASK>
[   12.570517]  dump_stack_lvl+0x73/0xb0
[   12.570549]  print_report+0xd1/0x610
[   12.570571]  ? __virt_addr_valid+0x1db/0x2d0
[   12.570595]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.570618]  ? kasan_addr_to_slab+0x11/0xa0
[   12.570638]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.570660]  kasan_report+0x141/0x180
[   12.570681]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.570709]  __asan_report_store1_noabort+0x1b/0x30
[   12.570732]  krealloc_more_oob_helper+0x7eb/0x930
[   12.570754]  ? __schedule+0x10c6/0x2b60
[   12.570776]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   12.570799]  ? finish_task_switch.isra.0+0x153/0x700
[   12.570822]  ? __switch_to+0x47/0xf50
[   12.570848]  ? __schedule+0x10c6/0x2b60
[   12.570868]  ? __pfx_read_tsc+0x10/0x10
[   12.570892]  krealloc_large_more_oob+0x1c/0x30
[   12.570914]  kunit_try_run_case+0x1a5/0x480
[   12.570940]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.570961]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.570984]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.571006]  ? __kthread_parkme+0x82/0x180
[   12.571027]  ? preempt_count_sub+0x50/0x80
[   12.571049]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.571071]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.571094]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.571117]  kthread+0x337/0x6f0
[   12.571136]  ? trace_preempt_on+0x20/0xc0
[   12.571171]  ? __pfx_kthread+0x10/0x10
[   12.571190]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.571211]  ? calculate_sigpending+0x7b/0xa0
[   12.571235]  ? __pfx_kthread+0x10/0x10
[   12.571256]  ret_from_fork+0x116/0x1d0
[   12.571274]  ? __pfx_kthread+0x10/0x10
[   12.571293]  ret_from_fork_asm+0x1a/0x30
[   12.571365]  </TASK>
[   12.571376] 
[   12.584122] The buggy address belongs to the physical page:
[   12.584626] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038a4
[   12.585485] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.586192] flags: 0x200000000000040(head|node=0|zone=2)
[   12.586705] page_type: f8(unknown)
[   12.587061] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.587660] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.588051] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.588827] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.589537] head: 0200000000000002 ffffea00040e2901 00000000ffffffff 00000000ffffffff
[   12.589776] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.590419] page dumped because: kasan: bad access detected
[   12.591018] 
[   12.591191] Memory state around the buggy address:
[   12.591629]  ffff8881038a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.592440]  ffff8881038a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.592826] >ffff8881038a6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   12.593045]                                                              ^
[   12.593626]  ffff8881038a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.594282]  ffff8881038a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.595013] ==================================================================
[   12.372719] ==================================================================
[   12.373279] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   12.373656] Write of size 1 at addr ffff88810034c2eb by task kunit_try_catch/173
[   12.373965] 
[   12.374082] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.374129] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.374141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.374173] Call Trace:
[   12.374186]  <TASK>
[   12.374202]  dump_stack_lvl+0x73/0xb0
[   12.374231]  print_report+0xd1/0x610
[   12.374253]  ? __virt_addr_valid+0x1db/0x2d0
[   12.374276]  ? krealloc_more_oob_helper+0x821/0x930
[   12.374298]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.374320]  ? krealloc_more_oob_helper+0x821/0x930
[   12.374343]  kasan_report+0x141/0x180
[   12.374364]  ? krealloc_more_oob_helper+0x821/0x930
[   12.374392]  __asan_report_store1_noabort+0x1b/0x30
[   12.374415]  krealloc_more_oob_helper+0x821/0x930
[   12.374437]  ? __schedule+0x10c6/0x2b60
[   12.374459]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   12.374555]  ? finish_task_switch.isra.0+0x153/0x700
[   12.374578]  ? __switch_to+0x47/0xf50
[   12.374605]  ? __schedule+0x10c6/0x2b60
[   12.374626]  ? __pfx_read_tsc+0x10/0x10
[   12.374650]  krealloc_more_oob+0x1c/0x30
[   12.374671]  kunit_try_run_case+0x1a5/0x480
[   12.374696]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.374717]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.374740]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.374763]  ? __kthread_parkme+0x82/0x180
[   12.374784]  ? preempt_count_sub+0x50/0x80
[   12.374806]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.374829]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.374852]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.374912]  kthread+0x337/0x6f0
[   12.374931]  ? trace_preempt_on+0x20/0xc0
[   12.374955]  ? __pfx_kthread+0x10/0x10
[   12.374975]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.374996]  ? calculate_sigpending+0x7b/0xa0
[   12.375019]  ? __pfx_kthread+0x10/0x10
[   12.375040]  ret_from_fork+0x116/0x1d0
[   12.375058]  ? __pfx_kthread+0x10/0x10
[   12.375078]  ret_from_fork_asm+0x1a/0x30
[   12.375108]  </TASK>
[   12.375120] 
[   12.383326] Allocated by task 173:
[   12.383470]  kasan_save_stack+0x45/0x70
[   12.383627]  kasan_save_track+0x18/0x40
[   12.383824]  kasan_save_alloc_info+0x3b/0x50
[   12.384041]  __kasan_krealloc+0x190/0x1f0
[   12.384434]  krealloc_noprof+0xf3/0x340
[   12.384630]  krealloc_more_oob_helper+0x1a9/0x930
[   12.384798]  krealloc_more_oob+0x1c/0x30
[   12.384942]  kunit_try_run_case+0x1a5/0x480
[   12.385127]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.385515]  kthread+0x337/0x6f0
[   12.385699]  ret_from_fork+0x116/0x1d0
[   12.386084]  ret_from_fork_asm+0x1a/0x30
[   12.386329] 
[   12.386432] The buggy address belongs to the object at ffff88810034c200
[   12.386432]  which belongs to the cache kmalloc-256 of size 256
[   12.387026] The buggy address is located 0 bytes to the right of
[   12.387026]  allocated 235-byte region [ffff88810034c200, ffff88810034c2eb)
[   12.387564] 
[   12.387662] The buggy address belongs to the physical page:
[   12.387954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034c
[   12.388282] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.388638] flags: 0x200000000000040(head|node=0|zone=2)
[   12.388823] page_type: f5(slab)
[   12.388947] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.389204] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.389606] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.389948] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.390297] head: 0200000000000001 ffffea000400d301 00000000ffffffff 00000000ffffffff
[   12.390612] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.390843] page dumped because: kasan: bad access detected
[   12.391102] 
[   12.391257] Memory state around the buggy address:
[   12.391679]  ffff88810034c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.392058]  ffff88810034c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.392403] >ffff88810034c280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   12.392679]                                                           ^
[   12.393174]  ffff88810034c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.393480]  ffff88810034c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.393702] ==================================================================
[   12.537065] ==================================================================
[   12.538416] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   12.539124] Write of size 1 at addr ffff8881038a60eb by task kunit_try_catch/177
[   12.539767] 
[   12.539976] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7 #1 PREEMPT(voluntary) 
[   12.540023] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.540034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.540055] Call Trace:
[   12.540068]  <TASK>
[   12.540085]  dump_stack_lvl+0x73/0xb0
[   12.540114]  print_report+0xd1/0x610
[   12.540137]  ? __virt_addr_valid+0x1db/0x2d0
[   12.540171]  ? krealloc_more_oob_helper+0x821/0x930
[   12.540195]  ? kasan_addr_to_slab+0x11/0xa0
[   12.540215]  ? krealloc_more_oob_helper+0x821/0x930
[   12.540238]  kasan_report+0x141/0x180
[   12.540259]  ? krealloc_more_oob_helper+0x821/0x930
[   12.540286]  __asan_report_store1_noabort+0x1b/0x30
[   12.540311]  krealloc_more_oob_helper+0x821/0x930
[   12.540338]  ? __schedule+0x10c6/0x2b60
[   12.540371]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   12.540394]  ? finish_task_switch.isra.0+0x153/0x700
[   12.540461]  ? __switch_to+0x47/0xf50
[   12.540486]  ? __schedule+0x10c6/0x2b60
[   12.540507]  ? __pfx_read_tsc+0x10/0x10
[   12.540531]  krealloc_large_more_oob+0x1c/0x30
[   12.540553]  kunit_try_run_case+0x1a5/0x480
[   12.540577]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.540599]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.540623]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.540645]  ? __kthread_parkme+0x82/0x180
[   12.540665]  ? preempt_count_sub+0x50/0x80
[   12.540687]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.540709]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.540732]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.540754]  kthread+0x337/0x6f0
[   12.540773]  ? trace_preempt_on+0x20/0xc0
[   12.540796]  ? __pfx_kthread+0x10/0x10
[   12.540815]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.540836]  ? calculate_sigpending+0x7b/0xa0
[   12.540868]  ? __pfx_kthread+0x10/0x10
[   12.540888]  ret_from_fork+0x116/0x1d0
[   12.540906]  ? __pfx_kthread+0x10/0x10
[   12.540926]  ret_from_fork_asm+0x1a/0x30
[   12.540956]  </TASK>
[   12.540967] 
[   12.555951] The buggy address belongs to the physical page:
[   12.556519] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038a4
[   12.556787] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.557485] flags: 0x200000000000040(head|node=0|zone=2)
[   12.558240] page_type: f8(unknown)
[   12.558607] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.559230] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.559775] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.560571] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.561082] head: 0200000000000002 ffffea00040e2901 00000000ffffffff 00000000ffffffff
[   12.561563] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.561796] page dumped because: kasan: bad access detected
[   12.562284] 
[   12.562566] Memory state around the buggy address:
[   12.563063]  ffff8881038a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.563994]  ffff8881038a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.564682] >ffff8881038a6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   12.565202]                                                           ^
[   12.565845]  ffff8881038a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.566460]  ffff8881038a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.566752] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

309wVITZ6NBRczMm3nMgYoirFB6

job_id

TEST:linaro@lkft#309wac02EW3pU2GjOEm7Gie5p7d

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/309wac02EW3pU2GjOEm7Gie5p7d

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309wXPon0kYFkJJI8TrO96Zkm9k/bzImage
sha256sum	7a3c580951afddeb963eaa58a772442036391e058a51e4a72b3fc35151107371

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309wXPon0kYFkJJI8TrO96Zkm9k/modules.tar.xz
sha256sum	1ece092fe8fa1f4db13c79ba4009b57e1c0b1d389cd2f8e9c3e127922a73f035

durations

tests

boot	0
kunit	209.99

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit