lkft/linux-next-master - next-20241120 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper

Date

Nov. 20, 2024, 6:35 a.m.

Environment
qemu-arm64
qemu-x86_64

[   36.304907] ==================================================================
[   36.306034] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   36.307223] Write of size 1 at addr fff00000c67360c9 by task kunit_try_catch/151
[   36.308804] 
[   36.309735] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   36.310886] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.311598] Hardware name: linux,dummy-virt (DT)
[   36.312291] Call trace:
[   36.312676]  show_stack+0x20/0x38 (C)
[   36.312957]  dump_stack_lvl+0x8c/0xd0
[   36.313222]  print_report+0x118/0x5e0
[   36.313989]  kasan_report+0xc8/0x118
[   36.314596]  __asan_report_store1_noabort+0x20/0x30
[   36.315386]  krealloc_less_oob_helper+0xa48/0xc50
[   36.316105]  krealloc_large_less_oob+0x20/0x38
[   36.316803]  kunit_try_run_case+0x14c/0x3d0
[   36.317340]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.318167]  kthread+0x24c/0x2d0
[   36.318716]  ret_from_fork+0x10/0x20
[   36.319406] 
[   36.319816] The buggy address belongs to the physical page:
[   36.320575] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106734
[   36.321551] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.322512] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.323409] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   36.324413] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   36.325177] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   36.326219] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   36.327361] head: 0bfffe0000000002 ffffc1ffc319cd01 ffffffffffffffff 0000000000000000
[   36.328799] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   36.330191] page dumped because: kasan: bad access detected
[   36.330915] 
[   36.331079] Memory state around the buggy address:
[   36.331337]  fff00000c6735f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.332437]  fff00000c6736000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.333239] >fff00000c6736080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   36.334229]                                               ^
[   36.334633]  fff00000c6736100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.335384]  fff00000c6736180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.336088] ==================================================================
[   36.007581] ==================================================================
[   36.008713] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   36.009504] Write of size 1 at addr fff00000c449b6c9 by task kunit_try_catch/147
[   36.010350] 
[   36.011302] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   36.012649] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.013252] Hardware name: linux,dummy-virt (DT)
[   36.014046] Call trace:
[   36.014412]  show_stack+0x20/0x38 (C)
[   36.014979]  dump_stack_lvl+0x8c/0xd0
[   36.015911]  print_report+0x118/0x5e0
[   36.016460]  kasan_report+0xc8/0x118
[   36.017158]  __asan_report_store1_noabort+0x20/0x30
[   36.018089]  krealloc_less_oob_helper+0xa48/0xc50
[   36.018884]  krealloc_less_oob+0x20/0x38
[   36.019628]  kunit_try_run_case+0x14c/0x3d0
[   36.020293]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.021038]  kthread+0x24c/0x2d0
[   36.021820]  ret_from_fork+0x10/0x20
[   36.022561] 
[   36.022905] Allocated by task 147:
[   36.023405]  kasan_save_stack+0x3c/0x68
[   36.024364]  kasan_save_track+0x20/0x40
[   36.025104]  kasan_save_alloc_info+0x40/0x58
[   36.025966]  __kasan_krealloc+0x118/0x178
[   36.026693]  krealloc_noprof+0x128/0x360
[   36.027417]  krealloc_less_oob_helper+0x168/0xc50
[   36.028202]  krealloc_less_oob+0x20/0x38
[   36.028915]  kunit_try_run_case+0x14c/0x3d0
[   36.029996]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.031119]  kthread+0x24c/0x2d0
[   36.031564]  ret_from_fork+0x10/0x20
[   36.031901] 
[   36.032743] The buggy address belongs to the object at fff00000c449b600
[   36.032743]  which belongs to the cache kmalloc-256 of size 256
[   36.034245] The buggy address is located 0 bytes to the right of
[   36.034245]  allocated 201-byte region [fff00000c449b600, fff00000c449b6c9)
[   36.035432] 
[   36.035807] The buggy address belongs to the physical page:
[   36.036437] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10449a
[   36.037368] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.038346] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.039224] page_type: f5(slab)
[   36.039687] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   36.040594] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   36.041498] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   36.042418] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   36.043251] head: 0bfffe0000000001 ffffc1ffc3112681 ffffffffffffffff 0000000000000000
[   36.044101] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   36.044913] page dumped because: kasan: bad access detected
[   36.045837] 
[   36.046207] Memory state around the buggy address:
[   36.046839]  fff00000c449b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.047637]  fff00000c449b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.048454] >fff00000c449b680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   36.049196]                                               ^
[   36.049948]  fff00000c449b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.050989]  fff00000c449b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.052390] ==================================================================
[   36.339582] ==================================================================
[   36.340399] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   36.341047] Write of size 1 at addr fff00000c67360d0 by task kunit_try_catch/151
[   36.341922] 
[   36.342268] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   36.343343] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.343856] Hardware name: linux,dummy-virt (DT)
[   36.344358] Call trace:
[   36.344792]  show_stack+0x20/0x38 (C)
[   36.345276]  dump_stack_lvl+0x8c/0xd0
[   36.345882]  print_report+0x118/0x5e0
[   36.346425]  kasan_report+0xc8/0x118
[   36.347104]  __asan_report_store1_noabort+0x20/0x30
[   36.347798]  krealloc_less_oob_helper+0xb9c/0xc50
[   36.348345]  krealloc_large_less_oob+0x20/0x38
[   36.349006]  kunit_try_run_case+0x14c/0x3d0
[   36.349639]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.350380]  kthread+0x24c/0x2d0
[   36.350944]  ret_from_fork+0x10/0x20
[   36.351517] 
[   36.351860] The buggy address belongs to the physical page:
[   36.352417] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106734
[   36.353311] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.354137] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.354930] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   36.355827] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   36.356670] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   36.357543] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   36.358389] head: 0bfffe0000000002 ffffc1ffc319cd01 ffffffffffffffff 0000000000000000
[   36.359210] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   36.359993] page dumped because: kasan: bad access detected
[   36.360631] 
[   36.360965] Memory state around the buggy address:
[   36.361538]  fff00000c6735f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.362376]  fff00000c6736000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.363091] >fff00000c6736080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   36.363912]                                                  ^
[   36.364581]  fff00000c6736100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.365385]  fff00000c6736180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.366043] ==================================================================
[   36.368850] ==================================================================
[   36.369559] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   36.370384] Write of size 1 at addr fff00000c67360da by task kunit_try_catch/151
[   36.371011] 
[   36.371390] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   36.372551] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.373003] Hardware name: linux,dummy-virt (DT)
[   36.373618] Call trace:
[   36.374030]  show_stack+0x20/0x38 (C)
[   36.374566]  dump_stack_lvl+0x8c/0xd0
[   36.375150]  print_report+0x118/0x5e0
[   36.375712]  kasan_report+0xc8/0x118
[   36.376284]  __asan_report_store1_noabort+0x20/0x30
[   36.376850]  krealloc_less_oob_helper+0xa80/0xc50
[   36.377537]  krealloc_large_less_oob+0x20/0x38
[   36.378181]  kunit_try_run_case+0x14c/0x3d0
[   36.378805]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.379482]  kthread+0x24c/0x2d0
[   36.379934]  ret_from_fork+0x10/0x20
[   36.380531] 
[   36.380860] The buggy address belongs to the physical page:
[   36.381491] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106734
[   36.382401] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.383178] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.384097] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   36.384817] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   36.385721] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   36.386560] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   36.387463] head: 0bfffe0000000002 ffffc1ffc319cd01 ffffffffffffffff 0000000000000000
[   36.388216] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   36.389029] page dumped because: kasan: bad access detected
[   36.389592] 
[   36.389927] Memory state around the buggy address:
[   36.390520]  fff00000c6735f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.391273]  fff00000c6736000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.391897] >fff00000c6736080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   36.392731]                                                     ^
[   36.393333]  fff00000c6736100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.394208]  fff00000c6736180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.394915] ==================================================================
[   36.426334] ==================================================================
[   36.427071] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   36.427806] Write of size 1 at addr fff00000c67360eb by task kunit_try_catch/151
[   36.428529] 
[   36.428883] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   36.429902] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.430420] Hardware name: linux,dummy-virt (DT)
[   36.430986] Call trace:
[   36.431405]  show_stack+0x20/0x38 (C)
[   36.431905]  dump_stack_lvl+0x8c/0xd0
[   36.432522]  print_report+0x118/0x5e0
[   36.433092]  kasan_report+0xc8/0x118
[   36.433688]  __asan_report_store1_noabort+0x20/0x30
[   36.434251]  krealloc_less_oob_helper+0xa58/0xc50
[   36.434874]  krealloc_large_less_oob+0x20/0x38
[   36.435502]  kunit_try_run_case+0x14c/0x3d0
[   36.436130]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.436778]  kthread+0x24c/0x2d0
[   36.437315]  ret_from_fork+0x10/0x20
[   36.437907] 
[   36.438208] The buggy address belongs to the physical page:
[   36.438797] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106734
[   36.439724] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.440524] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.441218] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   36.442120] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   36.442885] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   36.443658] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   36.444515] head: 0bfffe0000000002 ffffc1ffc319cd01 ffffffffffffffff 0000000000000000
[   36.445276] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   36.446050] page dumped because: kasan: bad access detected
[   36.446688] 
[   36.447026] Memory state around the buggy address:
[   36.447667]  fff00000c6735f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.448387]  fff00000c6736000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.449130] >fff00000c6736080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   36.449762]                                                           ^
[   36.450547]  fff00000c6736100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.451253]  fff00000c6736180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.452052] ==================================================================
[   36.139849] ==================================================================
[   36.140901] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   36.141668] Write of size 1 at addr fff00000c449b6ea by task kunit_try_catch/147
[   36.142524] 
[   36.142900] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   36.144825] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.145502] Hardware name: linux,dummy-virt (DT)
[   36.146226] Call trace:
[   36.146789]  show_stack+0x20/0x38 (C)
[   36.147509]  dump_stack_lvl+0x8c/0xd0
[   36.148205]  print_report+0x118/0x5e0
[   36.148914]  kasan_report+0xc8/0x118
[   36.149600]  __asan_report_store1_noabort+0x20/0x30
[   36.150358]  krealloc_less_oob_helper+0xae4/0xc50
[   36.150892]  krealloc_less_oob+0x20/0x38
[   36.151405]  kunit_try_run_case+0x14c/0x3d0
[   36.152035]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.152772]  kthread+0x24c/0x2d0
[   36.153215]  ret_from_fork+0x10/0x20
[   36.153813] 
[   36.154136] Allocated by task 147:
[   36.154635]  kasan_save_stack+0x3c/0x68
[   36.155254]  kasan_save_track+0x20/0x40
[   36.155823]  kasan_save_alloc_info+0x40/0x58
[   36.156423]  __kasan_krealloc+0x118/0x178
[   36.157027]  krealloc_noprof+0x128/0x360
[   36.157575]  krealloc_less_oob_helper+0x168/0xc50
[   36.158154]  krealloc_less_oob+0x20/0x38
[   36.158633]  kunit_try_run_case+0x14c/0x3d0
[   36.159239]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.159819]  kthread+0x24c/0x2d0
[   36.160357]  ret_from_fork+0x10/0x20
[   36.160911] 
[   36.161250] The buggy address belongs to the object at fff00000c449b600
[   36.161250]  which belongs to the cache kmalloc-256 of size 256
[   36.162305] The buggy address is located 33 bytes to the right of
[   36.162305]  allocated 201-byte region [fff00000c449b600, fff00000c449b6c9)
[   36.163525] 
[   36.163860] The buggy address belongs to the physical page:
[   36.164569] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10449a
[   36.165457] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.166178] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.166988] page_type: f5(slab)
[   36.167428] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   36.168268] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   36.169037] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   36.169854] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   36.170745] head: 0bfffe0000000001 ffffc1ffc3112681 ffffffffffffffff 0000000000000000
[   36.171546] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   36.172257] page dumped because: kasan: bad access detected
[   36.172924] 
[   36.173263] Memory state around the buggy address:
[   36.173809]  fff00000c449b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.174609]  fff00000c449b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.175356] >fff00000c449b680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   36.176097]                                                           ^
[   36.176890]  fff00000c449b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.177600]  fff00000c449b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.178416] ==================================================================
[   36.054004] ==================================================================
[   36.054690] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   36.055414] Write of size 1 at addr fff00000c449b6d0 by task kunit_try_catch/147
[   36.057238] 
[   36.057818] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   36.059533] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.060211] Hardware name: linux,dummy-virt (DT)
[   36.061149] Call trace:
[   36.061538]  show_stack+0x20/0x38 (C)
[   36.062081]  dump_stack_lvl+0x8c/0xd0
[   36.062564]  print_report+0x118/0x5e0
[   36.063055]  kasan_report+0xc8/0x118
[   36.063656]  __asan_report_store1_noabort+0x20/0x30
[   36.064413]  krealloc_less_oob_helper+0xb9c/0xc50
[   36.065134]  krealloc_less_oob+0x20/0x38
[   36.065807]  kunit_try_run_case+0x14c/0x3d0
[   36.066365]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.067032]  kthread+0x24c/0x2d0
[   36.067577]  ret_from_fork+0x10/0x20
[   36.068088] 
[   36.068435] Allocated by task 147:
[   36.068938]  kasan_save_stack+0x3c/0x68
[   36.069542]  kasan_save_track+0x20/0x40
[   36.070111]  kasan_save_alloc_info+0x40/0x58
[   36.070686]  __kasan_krealloc+0x118/0x178
[   36.071236]  krealloc_noprof+0x128/0x360
[   36.071834]  krealloc_less_oob_helper+0x168/0xc50
[   36.072494]  krealloc_less_oob+0x20/0x38
[   36.073010]  kunit_try_run_case+0x14c/0x3d0
[   36.073571]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.074223]  kthread+0x24c/0x2d0
[   36.074709]  ret_from_fork+0x10/0x20
[   36.075166] 
[   36.075507] The buggy address belongs to the object at fff00000c449b600
[   36.075507]  which belongs to the cache kmalloc-256 of size 256
[   36.076666] The buggy address is located 7 bytes to the right of
[   36.076666]  allocated 201-byte region [fff00000c449b600, fff00000c449b6c9)
[   36.077920] 
[   36.078222] The buggy address belongs to the physical page:
[   36.078905] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10449a
[   36.079713] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.080592] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.081287] page_type: f5(slab)
[   36.081824] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   36.082670] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   36.083576] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   36.084305] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   36.085115] head: 0bfffe0000000001 ffffc1ffc3112681 ffffffffffffffff 0000000000000000
[   36.085893] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   36.086698] page dumped because: kasan: bad access detected
[   36.087372] 
[   36.087713] Memory state around the buggy address:
[   36.088272]  fff00000c449b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.089009]  fff00000c449b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.089723] >fff00000c449b680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   36.090535]                                                  ^
[   36.091217]  fff00000c449b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.092084]  fff00000c449b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.092775] ==================================================================
[   36.096761] ==================================================================
[   36.097488] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   36.098245] Write of size 1 at addr fff00000c449b6da by task kunit_try_catch/147
[   36.099002] 
[   36.099373] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   36.100877] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.101716] Hardware name: linux,dummy-virt (DT)
[   36.102291] Call trace:
[   36.102657]  show_stack+0x20/0x38 (C)
[   36.103212]  dump_stack_lvl+0x8c/0xd0
[   36.103759]  print_report+0x118/0x5e0
[   36.104260]  kasan_report+0xc8/0x118
[   36.104886]  __asan_report_store1_noabort+0x20/0x30
[   36.106041]  krealloc_less_oob_helper+0xa80/0xc50
[   36.106674]  krealloc_less_oob+0x20/0x38
[   36.107180]  kunit_try_run_case+0x14c/0x3d0
[   36.107835]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.108557]  kthread+0x24c/0x2d0
[   36.109080]  ret_from_fork+0x10/0x20
[   36.109948] 
[   36.110264] Allocated by task 147:
[   36.110819]  kasan_save_stack+0x3c/0x68
[   36.111418]  kasan_save_track+0x20/0x40
[   36.111938]  kasan_save_alloc_info+0x40/0x58
[   36.112587]  __kasan_krealloc+0x118/0x178
[   36.113160]  krealloc_noprof+0x128/0x360
[   36.113774]  krealloc_less_oob_helper+0x168/0xc50
[   36.114934]  krealloc_less_oob+0x20/0x38
[   36.115328]  kunit_try_run_case+0x14c/0x3d0
[   36.116300]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.117101]  kthread+0x24c/0x2d0
[   36.117521]  ret_from_fork+0x10/0x20
[   36.118139] 
[   36.118555] The buggy address belongs to the object at fff00000c449b600
[   36.118555]  which belongs to the cache kmalloc-256 of size 256
[   36.119853] The buggy address is located 17 bytes to the right of
[   36.119853]  allocated 201-byte region [fff00000c449b600, fff00000c449b6c9)
[   36.121212] 
[   36.121684] The buggy address belongs to the physical page:
[   36.122318] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10449a
[   36.123035] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.123947] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.124868] page_type: f5(slab)
[   36.125342] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   36.126119] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   36.127024] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   36.127869] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   36.128677] head: 0bfffe0000000001 ffffc1ffc3112681 ffffffffffffffff 0000000000000000
[   36.129561] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   36.130314] page dumped because: kasan: bad access detected
[   36.130919] 
[   36.131258] Memory state around the buggy address:
[   36.131791]  fff00000c449b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.132593]  fff00000c449b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.133368] >fff00000c449b680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   36.134100]                                                     ^
[   36.134787]  fff00000c449b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.135550]  fff00000c449b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.136296] ==================================================================
[   36.182322] ==================================================================
[   36.183552] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   36.184146] Write of size 1 at addr fff00000c449b6eb by task kunit_try_catch/147
[   36.185053] 
[   36.186118] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   36.187590] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.188273] Hardware name: linux,dummy-virt (DT)
[   36.188834] Call trace:
[   36.189206]  show_stack+0x20/0x38 (C)
[   36.189823]  dump_stack_lvl+0x8c/0xd0
[   36.190397]  print_report+0x118/0x5e0
[   36.191027]  kasan_report+0xc8/0x118
[   36.191643]  __asan_report_store1_noabort+0x20/0x30
[   36.192250]  krealloc_less_oob_helper+0xa58/0xc50
[   36.192957]  krealloc_less_oob+0x20/0x38
[   36.193523]  kunit_try_run_case+0x14c/0x3d0
[   36.194182]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.194818]  kthread+0x24c/0x2d0
[   36.195388]  ret_from_fork+0x10/0x20
[   36.195962] 
[   36.196344] Allocated by task 147:
[   36.196904]  kasan_save_stack+0x3c/0x68
[   36.197416]  kasan_save_track+0x20/0x40
[   36.198033]  kasan_save_alloc_info+0x40/0x58
[   36.198634]  __kasan_krealloc+0x118/0x178
[   36.199259]  krealloc_noprof+0x128/0x360
[   36.199805]  krealloc_less_oob_helper+0x168/0xc50
[   36.200551]  krealloc_less_oob+0x20/0x38
[   36.201090]  kunit_try_run_case+0x14c/0x3d0
[   36.201697]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.202391]  kthread+0x24c/0x2d0
[   36.202935]  ret_from_fork+0x10/0x20
[   36.203462] 
[   36.203840] The buggy address belongs to the object at fff00000c449b600
[   36.203840]  which belongs to the cache kmalloc-256 of size 256
[   36.204980] The buggy address is located 34 bytes to the right of
[   36.204980]  allocated 201-byte region [fff00000c449b600, fff00000c449b6c9)
[   36.206246] 
[   36.206627] The buggy address belongs to the physical page:
[   36.207274] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10449a
[   36.208124] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.209019] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.209852] page_type: f5(slab)
[   36.210296] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   36.211181] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   36.212079] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   36.212957] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   36.213737] head: 0bfffe0000000001 ffffc1ffc3112681 ffffffffffffffff 0000000000000000
[   36.214111] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   36.214477] page dumped because: kasan: bad access detected
[   36.215120] 
[   36.215479] Memory state around the buggy address:
[   36.216398]  fff00000c449b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.217162]  fff00000c449b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.217590] >fff00000c449b680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   36.218530]                                                           ^
[   36.219385]  fff00000c449b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.220281]  fff00000c449b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.221146] ==================================================================
[   36.396426] ==================================================================
[   36.397995] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   36.398855] Write of size 1 at addr fff00000c67360ea by task kunit_try_catch/151
[   36.399709] 
[   36.400070] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   36.402369] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.402847] Hardware name: linux,dummy-virt (DT)
[   36.403394] Call trace:
[   36.403825]  show_stack+0x20/0x38 (C)
[   36.404374]  dump_stack_lvl+0x8c/0xd0
[   36.404897]  print_report+0x118/0x5e0
[   36.405410]  kasan_report+0xc8/0x118
[   36.405995]  __asan_report_store1_noabort+0x20/0x30
[   36.406680]  krealloc_less_oob_helper+0xae4/0xc50
[   36.407337]  krealloc_large_less_oob+0x20/0x38
[   36.408005]  kunit_try_run_case+0x14c/0x3d0
[   36.408655]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.409341]  kthread+0x24c/0x2d0
[   36.409836]  ret_from_fork+0x10/0x20
[   36.410354] 
[   36.410687] The buggy address belongs to the physical page:
[   36.411354] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106734
[   36.412159] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.412966] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.413769] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   36.414518] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   36.415301] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   36.416036] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   36.416901] head: 0bfffe0000000002 ffffc1ffc319cd01 ffffffffffffffff 0000000000000000
[   36.417744] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   36.418606] page dumped because: kasan: bad access detected
[   36.419198] 
[   36.419528] Memory state around the buggy address:
[   36.420002]  fff00000c6735f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.420855]  fff00000c6736000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.421599] >fff00000c6736080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   36.422307]                                                           ^
[   36.423108]  fff00000c6736100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.423811]  fff00000c6736180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.424560] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2p6RKtSaQzM9AH7EW4wB6TaFUpc

job_id

TEST:linaro@lkft#2p6RORe3bvOVFFyikCIIMIqvDuf

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2p6RORe3bvOVFFyikCIIMIqvDuf

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2p6RLcQ3A7IaWr2y5V43PS9SGkI/Image.gz
sha256sum	9d3350185f371d5540b7a890915c7b2d520978ac8bacbcab31ceb8e94c9d6874

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	f592205e64add7389d8a1055c235aa3685e13c7cfdfdbe5f212ab22afdbeb656

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2p6RLcQ3A7IaWr2y5V43PS9SGkI/modules.tar.xz
sha256sum	b4e07e5fcad0be04916ab3c60d2c95a83a8f3b78bb90a3779ae77006e754e02b

durations

tests

boot	391.28
kunit	457.10

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

[   27.268648] ==================================================================
[   27.269707] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0
[   27.270390] Write of size 1 at addr ffff888100aa18c9 by task kunit_try_catch/165
[   27.271165] 
[   27.271416] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   27.272212] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.272701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.273404] Call Trace:
[   27.274012]  <TASK>
[   27.274229]  dump_stack_lvl+0x73/0xb0
[   27.274743]  print_report+0xd1/0x640
[   27.275439]  ? __virt_addr_valid+0x1db/0x2d0
[   27.275794]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.276372]  kasan_report+0x102/0x140
[   27.276973]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   27.277313]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   27.277947]  __asan_report_store1_noabort+0x1b/0x30
[   27.278518]  krealloc_less_oob_helper+0xd72/0x11d0
[   27.279030]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.279486]  ? finish_task_switch.isra.0+0x153/0x700
[   27.280328]  ? __switch_to+0x5d9/0xf60
[   27.280621]  ? __schedule+0xc3e/0x2790
[   27.281249]  ? __pfx_read_tsc+0x10/0x10
[   27.281764]  krealloc_less_oob+0x1c/0x30
[   27.282102]  kunit_try_run_case+0x1b3/0x490
[   27.282415]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.282882]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.283450]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.284505]  ? __kthread_parkme+0x82/0x160
[   27.285031]  ? preempt_count_sub+0x50/0x80
[   27.285837]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.286289]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.286671]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.287177]  kthread+0x257/0x310
[   27.287614]  ? __pfx_kthread+0x10/0x10
[   27.288107]  ret_from_fork+0x41/0x80
[   27.288551]  ? __pfx_kthread+0x10/0x10
[   27.289301]  ret_from_fork_asm+0x1a/0x30
[   27.289808]  </TASK>
[   27.290114] 
[   27.290266] Allocated by task 165:
[   27.290506]  kasan_save_stack+0x3d/0x60
[   27.290876]  kasan_save_track+0x18/0x40
[   27.291669]  kasan_save_alloc_info+0x3b/0x50
[   27.292180]  __kasan_krealloc+0x190/0x1f0
[   27.292882]  krealloc_noprof+0xf3/0x340
[   27.293408]  krealloc_less_oob_helper+0x1ab/0x11d0
[   27.293886]  krealloc_less_oob+0x1c/0x30
[   27.294533]  kunit_try_run_case+0x1b3/0x490
[   27.295324]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.295717]  kthread+0x257/0x310
[   27.296234]  ret_from_fork+0x41/0x80
[   27.296501]  ret_from_fork_asm+0x1a/0x30
[   27.297078] 
[   27.297305] The buggy address belongs to the object at ffff888100aa1800
[   27.297305]  which belongs to the cache kmalloc-256 of size 256
[   27.298347] The buggy address is located 0 bytes to the right of
[   27.298347]  allocated 201-byte region [ffff888100aa1800, ffff888100aa18c9)
[   27.299062] 
[   27.299304] The buggy address belongs to the physical page:
[   27.300165] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0
[   27.301247] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.301750] flags: 0x200000000000040(head|node=0|zone=2)
[   27.302181] page_type: f5(slab)
[   27.302428] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.303049] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   27.303893] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.305753] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   27.306381] head: 0200000000000001 ffffea000402a801 ffffffffffffffff 0000000000000000
[   27.307444] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   27.308178] page dumped because: kasan: bad access detected
[   27.308575] 
[   27.308932] Memory state around the buggy address:
[   27.309599]  ffff888100aa1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.310163]  ffff888100aa1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.310568] >ffff888100aa1880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   27.311430]                                               ^
[   27.312284]  ffff888100aa1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.312944]  ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.313430] ==================================================================
[   27.314866] ==================================================================
[   27.316052] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0
[   27.316509] Write of size 1 at addr ffff888100aa18d0 by task kunit_try_catch/165
[   27.317436] 
[   27.317605] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   27.319439] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.319755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.320812] Call Trace:
[   27.321039]  <TASK>
[   27.321443]  dump_stack_lvl+0x73/0xb0
[   27.321817]  print_report+0xd1/0x640
[   27.322353]  ? __virt_addr_valid+0x1db/0x2d0
[   27.322678]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.323709]  kasan_report+0x102/0x140
[   27.323996]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   27.324336]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   27.324963]  __asan_report_store1_noabort+0x1b/0x30
[   27.325819]  krealloc_less_oob_helper+0xe25/0x11d0
[   27.326327]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.326677]  ? finish_task_switch.isra.0+0x153/0x700
[   27.327631]  ? __switch_to+0x5d9/0xf60
[   27.328412]  ? __schedule+0xc3e/0x2790
[   27.329007]  ? __pfx_read_tsc+0x10/0x10
[   27.329784]  krealloc_less_oob+0x1c/0x30
[   27.330317]  kunit_try_run_case+0x1b3/0x490
[   27.330642]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.331246]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.331788]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.332125]  ? __kthread_parkme+0x82/0x160
[   27.332997]  ? preempt_count_sub+0x50/0x80
[   27.333709]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.334447]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.335331]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.335869]  kthread+0x257/0x310
[   27.336427]  ? __pfx_kthread+0x10/0x10
[   27.337039]  ret_from_fork+0x41/0x80
[   27.337747]  ? __pfx_kthread+0x10/0x10
[   27.338398]  ret_from_fork_asm+0x1a/0x30
[   27.339036]  </TASK>
[   27.339479] 
[   27.339748] Allocated by task 165:
[   27.340536]  kasan_save_stack+0x3d/0x60
[   27.341020]  kasan_save_track+0x18/0x40
[   27.341658]  kasan_save_alloc_info+0x3b/0x50
[   27.342316]  __kasan_krealloc+0x190/0x1f0
[   27.342890]  krealloc_noprof+0xf3/0x340
[   27.343441]  krealloc_less_oob_helper+0x1ab/0x11d0
[   27.343988]  krealloc_less_oob+0x1c/0x30
[   27.344886]  kunit_try_run_case+0x1b3/0x490
[   27.345386]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.345920]  kthread+0x257/0x310
[   27.346325]  ret_from_fork+0x41/0x80
[   27.346866]  ret_from_fork_asm+0x1a/0x30
[   27.347453] 
[   27.347644] The buggy address belongs to the object at ffff888100aa1800
[   27.347644]  which belongs to the cache kmalloc-256 of size 256
[   27.349408] The buggy address is located 7 bytes to the right of
[   27.349408]  allocated 201-byte region [ffff888100aa1800, ffff888100aa18c9)
[   27.350786] 
[   27.350990] The buggy address belongs to the physical page:
[   27.351790] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0
[   27.352798] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.353750] flags: 0x200000000000040(head|node=0|zone=2)
[   27.354243] page_type: f5(slab)
[   27.354754] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.355672] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   27.356863] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.357721] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   27.358430] head: 0200000000000001 ffffea000402a801 ffffffffffffffff 0000000000000000
[   27.359403] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   27.360429] page dumped because: kasan: bad access detected
[   27.360950] 
[   27.361225] Memory state around the buggy address:
[   27.361753]  ffff888100aa1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.362671]  ffff888100aa1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.363315] >ffff888100aa1880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   27.364087]                                                  ^
[   27.364595]  ffff888100aa1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.365215]  ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.366206] ==================================================================
[   27.487742] ==================================================================
[   27.488145] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0
[   27.489553] Write of size 1 at addr ffff888100aa18eb by task kunit_try_catch/165
[   27.490513] 
[   27.490749] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   27.492058] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.492828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.494275] Call Trace:
[   27.494581]  <TASK>
[   27.494985]  dump_stack_lvl+0x73/0xb0
[   27.495782]  print_report+0xd1/0x640
[   27.496493]  ? __virt_addr_valid+0x1db/0x2d0
[   27.497497]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.498055]  kasan_report+0x102/0x140
[   27.498611]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   27.499426]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   27.500407]  __asan_report_store1_noabort+0x1b/0x30
[   27.500895]  krealloc_less_oob_helper+0xd49/0x11d0
[   27.501933]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.502537]  ? finish_task_switch.isra.0+0x153/0x700
[   27.503273]  ? __switch_to+0x5d9/0xf60
[   27.503980]  ? __schedule+0xc3e/0x2790
[   27.504587]  ? __pfx_read_tsc+0x10/0x10
[   27.505210]  krealloc_less_oob+0x1c/0x30
[   27.505746]  kunit_try_run_case+0x1b3/0x490
[   27.506581]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.507483]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.508157]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.508744]  ? __kthread_parkme+0x82/0x160
[   27.509515]  ? preempt_count_sub+0x50/0x80
[   27.510024]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.510719]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.511477]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.512321]  kthread+0x257/0x310
[   27.512773]  ? __pfx_kthread+0x10/0x10
[   27.513496]  ret_from_fork+0x41/0x80
[   27.514153]  ? __pfx_kthread+0x10/0x10
[   27.514527]  ret_from_fork_asm+0x1a/0x30
[   27.515091]  </TASK>
[   27.515342] 
[   27.515529] Allocated by task 165:
[   27.516591]  kasan_save_stack+0x3d/0x60
[   27.517113]  kasan_save_track+0x18/0x40
[   27.517982]  kasan_save_alloc_info+0x3b/0x50
[   27.518518]  __kasan_krealloc+0x190/0x1f0
[   27.519417]  krealloc_noprof+0xf3/0x340
[   27.520527]  krealloc_less_oob_helper+0x1ab/0x11d0
[   27.521458]  krealloc_less_oob+0x1c/0x30
[   27.522213]  kunit_try_run_case+0x1b3/0x490
[   27.522632]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.523767]  kthread+0x257/0x310
[   27.524173]  ret_from_fork+0x41/0x80
[   27.524941]  ret_from_fork_asm+0x1a/0x30
[   27.525402] 
[   27.525556] The buggy address belongs to the object at ffff888100aa1800
[   27.525556]  which belongs to the cache kmalloc-256 of size 256
[   27.527277] The buggy address is located 34 bytes to the right of
[   27.527277]  allocated 201-byte region [ffff888100aa1800, ffff888100aa18c9)
[   27.529456] 
[   27.529650] The buggy address belongs to the physical page:
[   27.530272] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0
[   27.531196] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.532411] flags: 0x200000000000040(head|node=0|zone=2)
[   27.533314] page_type: f5(slab)
[   27.533545] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.534336] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   27.535885] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.536732] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   27.537422] head: 0200000000000001 ffffea000402a801 ffffffffffffffff 0000000000000000
[   27.538450] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   27.539309] page dumped because: kasan: bad access detected
[   27.539947] 
[   27.540418] Memory state around the buggy address:
[   27.540748]  ffff888100aa1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.542113]  ffff888100aa1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.543011] >ffff888100aa1880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   27.543806]                                                           ^
[   27.544995]  ffff888100aa1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.545852]  ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.546978] ==================================================================
[   27.746400] ==================================================================
[   27.747291] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0
[   27.748067] Write of size 1 at addr ffff8881023260da by task kunit_try_catch/169
[   27.748603] 
[   27.749157] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   27.749886] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.750745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.751647] Call Trace:
[   27.752045]  <TASK>
[   27.752404]  dump_stack_lvl+0x73/0xb0
[   27.753438]  print_report+0xd1/0x640
[   27.753861]  ? __virt_addr_valid+0x1db/0x2d0
[   27.754518]  ? kasan_addr_to_slab+0x11/0xa0
[   27.755018]  kasan_report+0x102/0x140
[   27.755495]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   27.756492]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   27.757065]  __asan_report_store1_noabort+0x1b/0x30
[   27.757669]  krealloc_less_oob_helper+0xec8/0x11d0
[   27.758026]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.759107]  ? finish_task_switch.isra.0+0x153/0x700
[   27.759721]  ? __switch_to+0x5d9/0xf60
[   27.760492]  ? __schedule+0xc3e/0x2790
[   27.761039]  ? __pfx_read_tsc+0x10/0x10
[   27.761543]  krealloc_large_less_oob+0x1c/0x30
[   27.761971]  kunit_try_run_case+0x1b3/0x490
[   27.762308]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.762871]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.763334]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.764130]  ? __kthread_parkme+0x82/0x160
[   27.764608]  ? preempt_count_sub+0x50/0x80
[   27.765577]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.766253]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.766971]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.767614]  kthread+0x257/0x310
[   27.768208]  ? __pfx_kthread+0x10/0x10
[   27.768549]  ret_from_fork+0x41/0x80
[   27.769304]  ? __pfx_kthread+0x10/0x10
[   27.770200]  ret_from_fork_asm+0x1a/0x30
[   27.770813]  </TASK>
[   27.771114] 
[   27.771414] The buggy address belongs to the physical page:
[   27.772133] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102324
[   27.772891] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.773664] flags: 0x200000000000040(head|node=0|zone=2)
[   27.774634] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.775275] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.776363] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.777111] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.778650] head: 0200000000000002 ffffea000408c901 ffffffffffffffff 0000000000000000
[   27.779333] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   27.780230] page dumped because: kasan: bad access detected
[   27.780935] 
[   27.781120] Memory state around the buggy address:
[   27.781596]  ffff888102325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.782257]  ffff888102326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.784200] >ffff888102326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   27.785323]                                                     ^
[   27.786016]  ffff888102326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.787074]  ffff888102326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.787859] ==================================================================
[   27.789933] ==================================================================
[   27.791259] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0
[   27.792249] Write of size 1 at addr ffff8881023260ea by task kunit_try_catch/169
[   27.793790] 
[   27.794422] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   27.795611] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.796332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.797668] Call Trace:
[   27.798247]  <TASK>
[   27.798642]  dump_stack_lvl+0x73/0xb0
[   27.799345]  print_report+0xd1/0x640
[   27.800040]  ? __virt_addr_valid+0x1db/0x2d0
[   27.800843]  ? kasan_addr_to_slab+0x11/0xa0
[   27.801665]  kasan_report+0x102/0x140
[   27.802303]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   27.803233]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   27.803642]  __asan_report_store1_noabort+0x1b/0x30
[   27.804448]  krealloc_less_oob_helper+0xe92/0x11d0
[   27.805058]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.805454]  ? finish_task_switch.isra.0+0x153/0x700
[   27.806341]  ? __switch_to+0x5d9/0xf60
[   27.807233]  ? __schedule+0xc3e/0x2790
[   27.807785]  ? __pfx_read_tsc+0x10/0x10
[   27.808280]  krealloc_large_less_oob+0x1c/0x30
[   27.808885]  kunit_try_run_case+0x1b3/0x490
[   27.809935]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.810607]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.811167]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.811957]  ? __kthread_parkme+0x82/0x160
[   27.812634]  ? preempt_count_sub+0x50/0x80
[   27.812985]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.813934]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.814792]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.815365]  kthread+0x257/0x310
[   27.815997]  ? __pfx_kthread+0x10/0x10
[   27.816361]  ret_from_fork+0x41/0x80
[   27.816955]  ? __pfx_kthread+0x10/0x10
[   27.817994]  ret_from_fork_asm+0x1a/0x30
[   27.818556]  </TASK>
[   27.819003] 
[   27.819404] The buggy address belongs to the physical page:
[   27.819945] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102324
[   27.821006] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.822253] flags: 0x200000000000040(head|node=0|zone=2)
[   27.822754] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.823755] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.824408] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.825547] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.826346] head: 0200000000000002 ffffea000408c901 ffffffffffffffff 0000000000000000
[   27.827278] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   27.827964] page dumped because: kasan: bad access detected
[   27.828585] 
[   27.828838] Memory state around the buggy address:
[   27.829268]  ffff888102325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.829853]  ffff888102326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.830468] >ffff888102326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   27.831587]                                                           ^
[   27.832410]  ffff888102326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.833126]  ffff888102326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.833936] ==================================================================
[   27.836021] ==================================================================
[   27.837179] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0
[   27.837807] Write of size 1 at addr ffff8881023260eb by task kunit_try_catch/169
[   27.838594] 
[   27.838845] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   27.839879] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.840300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.841530] Call Trace:
[   27.841825]  <TASK>
[   27.842264]  dump_stack_lvl+0x73/0xb0
[   27.842740]  print_report+0xd1/0x640
[   27.843313]  ? __virt_addr_valid+0x1db/0x2d0
[   27.843811]  ? kasan_addr_to_slab+0x11/0xa0
[   27.844472]  kasan_report+0x102/0x140
[   27.844910]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   27.846047]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   27.846556]  __asan_report_store1_noabort+0x1b/0x30
[   27.847266]  krealloc_less_oob_helper+0xd49/0x11d0
[   27.847916]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.848446]  ? finish_task_switch.isra.0+0x153/0x700
[   27.849227]  ? __switch_to+0x5d9/0xf60
[   27.849587]  ? __schedule+0xc3e/0x2790
[   27.850465]  ? __pfx_read_tsc+0x10/0x10
[   27.851079]  krealloc_large_less_oob+0x1c/0x30
[   27.851729]  kunit_try_run_case+0x1b3/0x490
[   27.852387]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.852992]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.853383]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.853734]  ? __kthread_parkme+0x82/0x160
[   27.854791]  ? preempt_count_sub+0x50/0x80
[   27.855508]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.856094]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.856859]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.857296]  kthread+0x257/0x310
[   27.857559]  ? __pfx_kthread+0x10/0x10
[   27.858066]  ret_from_fork+0x41/0x80
[   27.859074]  ? __pfx_kthread+0x10/0x10
[   27.859498]  ret_from_fork_asm+0x1a/0x30
[   27.860274]  </TASK>
[   27.860462] 
[   27.860779] The buggy address belongs to the physical page:
[   27.861410] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102324
[   27.862559] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.863030] flags: 0x200000000000040(head|node=0|zone=2)
[   27.863854] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.864642] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.865404] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.866166] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.867480] head: 0200000000000002 ffffea000408c901 ffffffffffffffff 0000000000000000
[   27.868325] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   27.869398] page dumped because: kasan: bad access detected
[   27.869910] 
[   27.870055] Memory state around the buggy address:
[   27.871383]  ffff888102325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.872027]  ffff888102326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.873319] >ffff888102326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   27.874010]                                                           ^
[   27.875627]  ffff888102326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.876219]  ffff888102326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.877248] ==================================================================
[   27.431656] ==================================================================
[   27.432311] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0
[   27.433342] Write of size 1 at addr ffff888100aa18ea by task kunit_try_catch/165
[   27.434432] 
[   27.434836] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   27.436161] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.436890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.438086] Call Trace:
[   27.438436]  <TASK>
[   27.438931]  dump_stack_lvl+0x73/0xb0
[   27.439677]  print_report+0xd1/0x640
[   27.440155]  ? __virt_addr_valid+0x1db/0x2d0
[   27.440839]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.441701]  kasan_report+0x102/0x140
[   27.442182]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   27.442910]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   27.443528]  __asan_report_store1_noabort+0x1b/0x30
[   27.444373]  krealloc_less_oob_helper+0xe92/0x11d0
[   27.445106]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.445880]  ? finish_task_switch.isra.0+0x153/0x700
[   27.446379]  ? __switch_to+0x5d9/0xf60
[   27.447053]  ? __schedule+0xc3e/0x2790
[   27.447869]  ? __pfx_read_tsc+0x10/0x10
[   27.448501]  krealloc_less_oob+0x1c/0x30
[   27.449081]  kunit_try_run_case+0x1b3/0x490
[   27.449513]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.450094]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.450528]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.451180]  ? __kthread_parkme+0x82/0x160
[   27.451476]  ? preempt_count_sub+0x50/0x80
[   27.452513]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.453820]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.454824]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.455893]  kthread+0x257/0x310
[   27.456381]  ? __pfx_kthread+0x10/0x10
[   27.457025]  ret_from_fork+0x41/0x80
[   27.457487]  ? __pfx_kthread+0x10/0x10
[   27.458142]  ret_from_fork_asm+0x1a/0x30
[   27.458775]  </TASK>
[   27.458985] 
[   27.459231] Allocated by task 165:
[   27.460113]  kasan_save_stack+0x3d/0x60
[   27.460607]  kasan_save_track+0x18/0x40
[   27.461311]  kasan_save_alloc_info+0x3b/0x50
[   27.461683]  __kasan_krealloc+0x190/0x1f0
[   27.462514]  krealloc_noprof+0xf3/0x340
[   27.462883]  krealloc_less_oob_helper+0x1ab/0x11d0
[   27.463533]  krealloc_less_oob+0x1c/0x30
[   27.464480]  kunit_try_run_case+0x1b3/0x490
[   27.465301]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.465750]  kthread+0x257/0x310
[   27.466133]  ret_from_fork+0x41/0x80
[   27.466659]  ret_from_fork_asm+0x1a/0x30
[   27.467406] 
[   27.467724] The buggy address belongs to the object at ffff888100aa1800
[   27.467724]  which belongs to the cache kmalloc-256 of size 256
[   27.469113] The buggy address is located 33 bytes to the right of
[   27.469113]  allocated 201-byte region [ffff888100aa1800, ffff888100aa18c9)
[   27.470325] 
[   27.470576] The buggy address belongs to the physical page:
[   27.471648] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0
[   27.472351] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.473190] flags: 0x200000000000040(head|node=0|zone=2)
[   27.474073] page_type: f5(slab)
[   27.474315] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.475315] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   27.476311] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.477071] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   27.477946] head: 0200000000000001 ffffea000402a801 ffffffffffffffff 0000000000000000
[   27.478638] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   27.479475] page dumped because: kasan: bad access detected
[   27.480584] 
[   27.480833] Memory state around the buggy address:
[   27.481216]  ffff888100aa1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.482199]  ffff888100aa1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.483079] >ffff888100aa1880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   27.484251]                                                           ^
[   27.485009]  ffff888100aa1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.486023]  ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.486816] ==================================================================
[   27.370043] ==================================================================
[   27.370718] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0
[   27.371595] Write of size 1 at addr ffff888100aa18da by task kunit_try_catch/165
[   27.372870] 
[   27.373237] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   27.374620] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.375141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.376211] Call Trace:
[   27.376804]  <TASK>
[   27.377423]  dump_stack_lvl+0x73/0xb0
[   27.377947]  print_report+0xd1/0x640
[   27.378634]  ? __virt_addr_valid+0x1db/0x2d0
[   27.379407]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.380070]  kasan_report+0x102/0x140
[   27.380638]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   27.381359]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   27.381866]  __asan_report_store1_noabort+0x1b/0x30
[   27.382890]  krealloc_less_oob_helper+0xec8/0x11d0
[   27.383705]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.384511]  ? finish_task_switch.isra.0+0x153/0x700
[   27.385063]  ? __switch_to+0x5d9/0xf60
[   27.385622]  ? __schedule+0xc3e/0x2790
[   27.386441]  ? __pfx_read_tsc+0x10/0x10
[   27.387075]  krealloc_less_oob+0x1c/0x30
[   27.387780]  kunit_try_run_case+0x1b3/0x490
[   27.388331]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.389053]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.389425]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.390233]  ? __kthread_parkme+0x82/0x160
[   27.390681]  ? preempt_count_sub+0x50/0x80
[   27.391103]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.391559]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.392642]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.393531]  kthread+0x257/0x310
[   27.394204]  ? __pfx_kthread+0x10/0x10
[   27.394785]  ret_from_fork+0x41/0x80
[   27.395366]  ? __pfx_kthread+0x10/0x10
[   27.395940]  ret_from_fork_asm+0x1a/0x30
[   27.396569]  </TASK>
[   27.396972] 
[   27.397568] Allocated by task 165:
[   27.397956]  kasan_save_stack+0x3d/0x60
[   27.398765]  kasan_save_track+0x18/0x40
[   27.399386]  kasan_save_alloc_info+0x3b/0x50
[   27.399803]  __kasan_krealloc+0x190/0x1f0
[   27.400511]  krealloc_noprof+0xf3/0x340
[   27.401053]  krealloc_less_oob_helper+0x1ab/0x11d0
[   27.401897]  krealloc_less_oob+0x1c/0x30
[   27.402735]  kunit_try_run_case+0x1b3/0x490
[   27.403386]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.404070]  kthread+0x257/0x310
[   27.404579]  ret_from_fork+0x41/0x80
[   27.405060]  ret_from_fork_asm+0x1a/0x30
[   27.405884] 
[   27.406206] The buggy address belongs to the object at ffff888100aa1800
[   27.406206]  which belongs to the cache kmalloc-256 of size 256
[   27.408118] The buggy address is located 17 bytes to the right of
[   27.408118]  allocated 201-byte region [ffff888100aa1800, ffff888100aa18c9)
[   27.409293] 
[   27.409466] The buggy address belongs to the physical page:
[   27.410532] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0
[   27.410959] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.411329] flags: 0x200000000000040(head|node=0|zone=2)
[   27.411621] page_type: f5(slab)
[   27.411883] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.412565] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   27.413661] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.414446] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   27.417060] head: 0200000000000001 ffffea000402a801 ffffffffffffffff 0000000000000000
[   27.419868] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   27.420240] page dumped because: kasan: bad access detected
[   27.420521] 
[   27.420653] Memory state around the buggy address:
[   27.420950]  ffff888100aa1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.421314]  ffff888100aa1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.421669] >ffff888100aa1880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   27.425415]                                                     ^
[   27.427140]  ffff888100aa1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.428761]  ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.430199] ==================================================================
[   27.653765] ==================================================================
[   27.655056] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0
[   27.655584] Write of size 1 at addr ffff8881023260c9 by task kunit_try_catch/169
[   27.656672] 
[   27.656993] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   27.658675] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.659445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.660334] Call Trace:
[   27.660794]  <TASK>
[   27.661075]  dump_stack_lvl+0x73/0xb0
[   27.661579]  print_report+0xd1/0x640
[   27.662374]  ? __virt_addr_valid+0x1db/0x2d0
[   27.662967]  ? kasan_addr_to_slab+0x11/0xa0
[   27.663385]  kasan_report+0x102/0x140
[   27.663966]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   27.664535]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   27.665358]  __asan_report_store1_noabort+0x1b/0x30
[   27.665866]  krealloc_less_oob_helper+0xd72/0x11d0
[   27.666761]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.667415]  ? finish_task_switch.isra.0+0x153/0x700
[   27.667998]  ? __switch_to+0x5d9/0xf60
[   27.668481]  ? __schedule+0xc3e/0x2790
[   27.669059]  ? __pfx_read_tsc+0x10/0x10
[   27.669620]  krealloc_large_less_oob+0x1c/0x30
[   27.670210]  kunit_try_run_case+0x1b3/0x490
[   27.671026]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.671650]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.672271]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.672681]  ? __kthread_parkme+0x82/0x160
[   27.673395]  ? preempt_count_sub+0x50/0x80
[   27.673873]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.674657]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.675307]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.675963]  kthread+0x257/0x310
[   27.676284]  ? __pfx_kthread+0x10/0x10
[   27.676538]  ret_from_fork+0x41/0x80
[   27.679304]  ? __pfx_kthread+0x10/0x10
[   27.680375]  ret_from_fork_asm+0x1a/0x30
[   27.681626]  </TASK>
[   27.682334] 
[   27.682497] The buggy address belongs to the physical page:
[   27.684194] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102324
[   27.686035] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.688148] flags: 0x200000000000040(head|node=0|zone=2)
[   27.689195] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.689591] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.691538] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.692072] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.693483] head: 0200000000000002 ffffea000408c901 ffffffffffffffff 0000000000000000
[   27.693991] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   27.695042] page dumped because: kasan: bad access detected
[   27.695574] 
[   27.696494] Memory state around the buggy address:
[   27.697565]  ffff888102325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.698501]  ffff888102326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.699404] >ffff888102326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   27.700940]                                               ^
[   27.701758]  ffff888102326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.703079]  ffff888102326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.703915] ==================================================================
[   27.704961] ==================================================================
[   27.706450] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0
[   27.708568] Write of size 1 at addr ffff8881023260d0 by task kunit_try_catch/169
[   27.709323] 
[   27.709530] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241120 #1
[   27.710978] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.711722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.713081] Call Trace:
[   27.713764]  <TASK>
[   27.714215]  dump_stack_lvl+0x73/0xb0
[   27.714885]  print_report+0xd1/0x640
[   27.715566]  ? __virt_addr_valid+0x1db/0x2d0
[   27.716033]  ? kasan_addr_to_slab+0x11/0xa0
[   27.716515]  kasan_report+0x102/0x140
[   27.716886]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   27.717291]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   27.718040]  __asan_report_store1_noabort+0x1b/0x30
[   27.718562]  krealloc_less_oob_helper+0xe25/0x11d0
[   27.719343]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.719924]  ? finish_task_switch.isra.0+0x153/0x700
[   27.720590]  ? __switch_to+0x5d9/0xf60
[   27.721235]  ? __schedule+0xc3e/0x2790
[   27.721534]  ? __pfx_read_tsc+0x10/0x10
[   27.722207]  krealloc_large_less_oob+0x1c/0x30
[   27.722624]  kunit_try_run_case+0x1b3/0x490
[   27.723462]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.723877]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.724527]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.725066]  ? __kthread_parkme+0x82/0x160
[   27.725709]  ? preempt_count_sub+0x50/0x80
[   27.726245]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.726619]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.727541]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.728229]  kthread+0x257/0x310
[   27.728583]  ? __pfx_kthread+0x10/0x10
[   27.728954]  ret_from_fork+0x41/0x80
[   27.729535]  ? __pfx_kthread+0x10/0x10
[   27.729951]  ret_from_fork_asm+0x1a/0x30
[   27.730524]  </TASK>
[   27.730854] 
[   27.731077] The buggy address belongs to the physical page:
[   27.731603] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102324
[   27.732131] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.733211] flags: 0x200000000000040(head|node=0|zone=2)
[   27.733917] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.734745] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.735469] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.736455] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.737005] head: 0200000000000002 ffffea000408c901 ffffffffffffffff 0000000000000000
[   27.737649] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   27.738269] page dumped because: kasan: bad access detected
[   27.738755] 
[   27.738966] Memory state around the buggy address:
[   27.739559]  ffff888102325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.740577]  ffff888102326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.741422] >ffff888102326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   27.742048]                                                  ^
[   27.742450]  ffff888102326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.743352]  ffff888102326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.744030] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2p6RKtSaQzM9AH7EW4wB6TaFUpc

job_id

TEST:linaro@lkft#2p6RPNr2y12YowxKLQRV451JlM6

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2p6RPNr2y12YowxKLQRV451JlM6

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2p6RMMbTDFmoXOOndi5FyihCrgs/bzImage
sha256sum	033988f45e2f1e9750522611d893414390f020e65edd5241101f29f781737e7a

rootfs

url	https://storage.tuxboot.com/debian/trixie/amd64/rootfs.ext4.xz
sha256sum	c6ceed53712217894b72c37cdc18ddb1157eb9bca95bb5bb312b9c30db3bb83b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2p6RMMbTDFmoXOOndi5FyihCrgs/modules.tar.xz
sha256sum	a8bcebf93a9097643183a46eaffe84a5850dabf2d773ab9730b5f5a7eed98e79

durations

tests

boot	377.87
kunit	413.53

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit