lkft/linux-next-master - next-20241127 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper

Date

Nov. 27, 2024, 3:37 a.m.

Environment
qemu-arm64
qemu-x86_64

[   47.234330] ==================================================================
[   47.235174] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   47.237224] Write of size 1 at addr fff00000c45462ea by task kunit_try_catch/147
[   47.238997] 
[   47.239402] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   47.240601] Tainted: [B]=BAD_PAGE, [N]=TEST
[   47.241247] Hardware name: linux,dummy-virt (DT)
[   47.241882] Call trace:
[   47.242242]  show_stack+0x20/0x38 (C)
[   47.243007]  dump_stack_lvl+0x8c/0xd0
[   47.243645]  print_report+0x118/0x5e0
[   47.244224]  kasan_report+0xc8/0x118
[   47.244839]  __asan_report_store1_noabort+0x20/0x30
[   47.245585]  krealloc_less_oob_helper+0xae4/0xc50
[   47.246355]  krealloc_less_oob+0x20/0x38
[   47.246989]  kunit_try_run_case+0x14c/0x3d0
[   47.247683]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.248487]  kthread+0x24c/0x2d0
[   47.249083]  ret_from_fork+0x10/0x20
[   47.249695] 
[   47.250026] Allocated by task 147:
[   47.250584]  kasan_save_stack+0x3c/0x68
[   47.251264]  kasan_save_track+0x20/0x40
[   47.251943]  kasan_save_alloc_info+0x40/0x58
[   47.252587]  __kasan_krealloc+0x118/0x178
[   47.253229]  krealloc_noprof+0x128/0x360
[   47.253999]  krealloc_less_oob_helper+0x168/0xc50
[   47.254736]  krealloc_less_oob+0x20/0x38
[   47.255453]  kunit_try_run_case+0x14c/0x3d0
[   47.256205]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.256990]  kthread+0x24c/0x2d0
[   47.257716]  ret_from_fork+0x10/0x20
[   47.258379] 
[   47.258772] The buggy address belongs to the object at fff00000c4546200
[   47.258772]  which belongs to the cache kmalloc-256 of size 256
[   47.260222] The buggy address is located 33 bytes to the right of
[   47.260222]  allocated 201-byte region [fff00000c4546200, fff00000c45462c9)
[   47.261625] 
[   47.262070] The buggy address belongs to the physical page:
[   47.262861] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104546
[   47.263895] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   47.264878] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   47.265778] page_type: f5(slab)
[   47.266343] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   47.267336] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   47.268361] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   47.269334] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   47.270436] head: 0bfffe0000000001 ffffc1ffc3115181 ffffffffffffffff 0000000000000000
[   47.271414] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   47.272358] page dumped because: kasan: bad access detected
[   47.273090] 
[   47.273429] Memory state around the buggy address:
[   47.274088]  fff00000c4546180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.275066]  fff00000c4546200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.275975] >fff00000c4546280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   47.276861]                                                           ^
[   47.277750]  fff00000c4546300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.278645]  fff00000c4546380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.279548] ==================================================================
[   47.528186] ==================================================================
[   47.529366] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   47.530537] Write of size 1 at addr fff00000c65760ea by task kunit_try_catch/151
[   47.531837] 
[   47.532182] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   47.533547] Tainted: [B]=BAD_PAGE, [N]=TEST
[   47.534079] Hardware name: linux,dummy-virt (DT)
[   47.535983] Call trace:
[   47.537139]  show_stack+0x20/0x38 (C)
[   47.538319]  dump_stack_lvl+0x8c/0xd0
[   47.539386]  print_report+0x118/0x5e0
[   47.539868]  kasan_report+0xc8/0x118
[   47.540884]  __asan_report_store1_noabort+0x20/0x30
[   47.542183]  krealloc_less_oob_helper+0xae4/0xc50
[   47.543444]  krealloc_large_less_oob+0x20/0x38
[   47.544424]  kunit_try_run_case+0x14c/0x3d0
[   47.545248]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.546532]  kthread+0x24c/0x2d0
[   47.547205]  ret_from_fork+0x10/0x20
[   47.547777] 
[   47.548104] The buggy address belongs to the physical page:
[   47.548796] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106574
[   47.549602] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   47.551069] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   47.552457] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   47.553241] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   47.554383] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   47.555724] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   47.556422] head: 0bfffe0000000002 ffffc1ffc3195d01 ffffffffffffffff 0000000000000000
[   47.557346] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   47.558177] page dumped because: kasan: bad access detected
[   47.558879] 
[   47.559193] Memory state around the buggy address:
[   47.559979]  fff00000c6575f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.560958]  fff00000c6576000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.562061] >fff00000c6576080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   47.563105]                                                           ^
[   47.564065]  fff00000c6576100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   47.564898]  fff00000c6576180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   47.565653] ==================================================================
[   47.192643] ==================================================================
[   47.193358] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   47.194094] Write of size 1 at addr fff00000c45462da by task kunit_try_catch/147
[   47.194897] 
[   47.195370] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   47.196514] Tainted: [B]=BAD_PAGE, [N]=TEST
[   47.197058] Hardware name: linux,dummy-virt (DT)
[   47.197746] Call trace:
[   47.198145]  show_stack+0x20/0x38 (C)
[   47.198670]  dump_stack_lvl+0x8c/0xd0
[   47.199276]  print_report+0x118/0x5e0
[   47.199829]  kasan_report+0xc8/0x118
[   47.200437]  __asan_report_store1_noabort+0x20/0x30
[   47.201069]  krealloc_less_oob_helper+0xa80/0xc50
[   47.201715]  krealloc_less_oob+0x20/0x38
[   47.202224]  kunit_try_run_case+0x14c/0x3d0
[   47.202902]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.203528]  kthread+0x24c/0x2d0
[   47.204175]  ret_from_fork+0x10/0x20
[   47.204739] 
[   47.205135] Allocated by task 147:
[   47.205689]  kasan_save_stack+0x3c/0x68
[   47.206183]  kasan_save_track+0x20/0x40
[   47.206871]  kasan_save_alloc_info+0x40/0x58
[   47.207542]  __kasan_krealloc+0x118/0x178
[   47.208080]  krealloc_noprof+0x128/0x360
[   47.208687]  krealloc_less_oob_helper+0x168/0xc50
[   47.209363]  krealloc_less_oob+0x20/0x38
[   47.209851]  kunit_try_run_case+0x14c/0x3d0
[   47.210507]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.211211]  kthread+0x24c/0x2d0
[   47.211727]  ret_from_fork+0x10/0x20
[   47.212254] 
[   47.212662] The buggy address belongs to the object at fff00000c4546200
[   47.212662]  which belongs to the cache kmalloc-256 of size 256
[   47.214023] The buggy address is located 17 bytes to the right of
[   47.214023]  allocated 201-byte region [fff00000c4546200, fff00000c45462c9)
[   47.215545] 
[   47.215843] The buggy address belongs to the physical page:
[   47.216471] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104546
[   47.217391] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   47.218251] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   47.219081] page_type: f5(slab)
[   47.219596] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   47.220517] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   47.221500] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   47.222767] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   47.223804] head: 0bfffe0000000001 ffffc1ffc3115181 ffffffffffffffff 0000000000000000
[   47.224408] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   47.224967] page dumped because: kasan: bad access detected
[   47.226066] 
[   47.226379] Memory state around the buggy address:
[   47.227165]  fff00000c4546180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.228017]  fff00000c4546200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.228993] >fff00000c4546280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   47.229757]                                                     ^
[   47.230480]  fff00000c4546300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.231473]  fff00000c4546380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.232436] ==================================================================
[   47.567264] ==================================================================
[   47.568427] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   47.569176] Write of size 1 at addr fff00000c65760eb by task kunit_try_catch/151
[   47.570044] 
[   47.570502] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   47.572193] Tainted: [B]=BAD_PAGE, [N]=TEST
[   47.573408] Hardware name: linux,dummy-virt (DT)
[   47.574533] Call trace:
[   47.574923]  show_stack+0x20/0x38 (C)
[   47.575617]  dump_stack_lvl+0x8c/0xd0
[   47.576104]  print_report+0x118/0x5e0
[   47.576775]  kasan_report+0xc8/0x118
[   47.577764]  __asan_report_store1_noabort+0x20/0x30
[   47.578515]  krealloc_less_oob_helper+0xa58/0xc50
[   47.579158]  krealloc_large_less_oob+0x20/0x38
[   47.579734]  kunit_try_run_case+0x14c/0x3d0
[   47.580412]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.581277]  kthread+0x24c/0x2d0
[   47.581824]  ret_from_fork+0x10/0x20
[   47.582369] 
[   47.582709] The buggy address belongs to the physical page:
[   47.584152] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106574
[   47.585140] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   47.586150] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   47.587050] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   47.588067] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   47.589066] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   47.590411] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   47.591463] head: 0bfffe0000000002 ffffc1ffc3195d01 ffffffffffffffff 0000000000000000
[   47.592355] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   47.593412] page dumped because: kasan: bad access detected
[   47.594086] 
[   47.594482] Memory state around the buggy address:
[   47.595127]  fff00000c6575f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.596322]  fff00000c6576000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.597582] >fff00000c6576080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   47.598225]                                                           ^
[   47.598966]  fff00000c6576100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   47.600168]  fff00000c6576180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   47.600990] ==================================================================
[   47.095888] ==================================================================
[   47.098064] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   47.099235] Write of size 1 at addr fff00000c45462c9 by task kunit_try_catch/147
[   47.100314] 
[   47.100734] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   47.102725] Tainted: [B]=BAD_PAGE, [N]=TEST
[   47.103415] Hardware name: linux,dummy-virt (DT)
[   47.104013] Call trace:
[   47.104431]  show_stack+0x20/0x38 (C)
[   47.104927]  dump_stack_lvl+0x8c/0xd0
[   47.105422]  print_report+0x118/0x5e0
[   47.106233]  kasan_report+0xc8/0x118
[   47.107103]  __asan_report_store1_noabort+0x20/0x30
[   47.107809]  krealloc_less_oob_helper+0xa48/0xc50
[   47.108443]  krealloc_less_oob+0x20/0x38
[   47.109137]  kunit_try_run_case+0x14c/0x3d0
[   47.109829]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.110674]  kthread+0x24c/0x2d0
[   47.111355]  ret_from_fork+0x10/0x20
[   47.111893] 
[   47.112326] Allocated by task 147:
[   47.112843]  kasan_save_stack+0x3c/0x68
[   47.113878]  kasan_save_track+0x20/0x40
[   47.114590]  kasan_save_alloc_info+0x40/0x58
[   47.115734]  __kasan_krealloc+0x118/0x178
[   47.116383]  krealloc_noprof+0x128/0x360
[   47.117014]  krealloc_less_oob_helper+0x168/0xc50
[   47.118027]  krealloc_less_oob+0x20/0x38
[   47.118805]  kunit_try_run_case+0x14c/0x3d0
[   47.119474]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.120435]  kthread+0x24c/0x2d0
[   47.121263]  ret_from_fork+0x10/0x20
[   47.122020] 
[   47.122372] The buggy address belongs to the object at fff00000c4546200
[   47.122372]  which belongs to the cache kmalloc-256 of size 256
[   47.123770] The buggy address is located 0 bytes to the right of
[   47.123770]  allocated 201-byte region [fff00000c4546200, fff00000c45462c9)
[   47.125286] 
[   47.125925] The buggy address belongs to the physical page:
[   47.126628] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104546
[   47.127762] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   47.128673] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   47.129666] page_type: f5(slab)
[   47.130137] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   47.131204] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   47.132214] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   47.133262] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   47.134752] head: 0bfffe0000000001 ffffc1ffc3115181 ffffffffffffffff 0000000000000000
[   47.135612] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   47.136542] page dumped because: kasan: bad access detected
[   47.137226] 
[   47.137600] Memory state around the buggy address:
[   47.138248]  fff00000c4546180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.139374]  fff00000c4546200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.140186] >fff00000c4546280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   47.141179]                                               ^
[   47.141818]  fff00000c4546300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.142817]  fff00000c4546380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.143734] ==================================================================
[   47.447862] ==================================================================
[   47.449621] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   47.450678] Write of size 1 at addr fff00000c65760d0 by task kunit_try_catch/151
[   47.451499] 
[   47.451819] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   47.453003] Tainted: [B]=BAD_PAGE, [N]=TEST
[   47.453693] Hardware name: linux,dummy-virt (DT)
[   47.454757] Call trace:
[   47.455755]  show_stack+0x20/0x38 (C)
[   47.456413]  dump_stack_lvl+0x8c/0xd0
[   47.456875]  print_report+0x118/0x5e0
[   47.457870]  kasan_report+0xc8/0x118
[   47.458477]  __asan_report_store1_noabort+0x20/0x30
[   47.459088]  krealloc_less_oob_helper+0xb9c/0xc50
[   47.459721]  krealloc_large_less_oob+0x20/0x38
[   47.460230]  kunit_try_run_case+0x14c/0x3d0
[   47.460950]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.462568]  kthread+0x24c/0x2d0
[   47.463147]  ret_from_fork+0x10/0x20
[   47.463834] 
[   47.464199] The buggy address belongs to the physical page:
[   47.464948] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106574
[   47.466386] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   47.467562] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   47.468417] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   47.469422] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   47.470178] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   47.471044] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   47.472279] head: 0bfffe0000000002 ffffc1ffc3195d01 ffffffffffffffff 0000000000000000
[   47.473487] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   47.474477] page dumped because: kasan: bad access detected
[   47.475163] 
[   47.475648] Memory state around the buggy address:
[   47.476885]  fff00000c6575f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.479310]  fff00000c6576000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.479873] >fff00000c6576080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   47.480444]                                                  ^
[   47.480916]  fff00000c6576100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   47.483839]  fff00000c6576180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   47.486146] ==================================================================
[   47.148402] ==================================================================
[   47.149180] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   47.150116] Write of size 1 at addr fff00000c45462d0 by task kunit_try_catch/147
[   47.151561] 
[   47.151964] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   47.153206] Tainted: [B]=BAD_PAGE, [N]=TEST
[   47.153786] Hardware name: linux,dummy-virt (DT)
[   47.154445] Call trace:
[   47.154834]  show_stack+0x20/0x38 (C)
[   47.155377]  dump_stack_lvl+0x8c/0xd0
[   47.155902]  print_report+0x118/0x5e0
[   47.156482]  kasan_report+0xc8/0x118
[   47.157040]  __asan_report_store1_noabort+0x20/0x30
[   47.157713]  krealloc_less_oob_helper+0xb9c/0xc50
[   47.158405]  krealloc_less_oob+0x20/0x38
[   47.159008]  kunit_try_run_case+0x14c/0x3d0
[   47.159668]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.160326]  kthread+0x24c/0x2d0
[   47.160946]  ret_from_fork+0x10/0x20
[   47.161506] 
[   47.161808] Allocated by task 147:
[   47.162341]  kasan_save_stack+0x3c/0x68
[   47.162936]  kasan_save_track+0x20/0x40
[   47.163473]  kasan_save_alloc_info+0x40/0x58
[   47.164095]  __kasan_krealloc+0x118/0x178
[   47.164829]  krealloc_noprof+0x128/0x360
[   47.165356]  krealloc_less_oob_helper+0x168/0xc50
[   47.166161]  krealloc_less_oob+0x20/0x38
[   47.166674]  kunit_try_run_case+0x14c/0x3d0
[   47.167347]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.168140]  kthread+0x24c/0x2d0
[   47.168798]  ret_from_fork+0x10/0x20
[   47.169268] 
[   47.169637] The buggy address belongs to the object at fff00000c4546200
[   47.169637]  which belongs to the cache kmalloc-256 of size 256
[   47.171038] The buggy address is located 7 bytes to the right of
[   47.171038]  allocated 201-byte region [fff00000c4546200, fff00000c45462c9)
[   47.172421] 
[   47.172718] The buggy address belongs to the physical page:
[   47.173369] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104546
[   47.174257] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   47.175136] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   47.175990] page_type: f5(slab)
[   47.176474] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   47.177368] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   47.178357] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   47.179233] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   47.180137] head: 0bfffe0000000001 ffffc1ffc3115181 ffffffffffffffff 0000000000000000
[   47.181066] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   47.181985] page dumped because: kasan: bad access detected
[   47.182641] 
[   47.182942] Memory state around the buggy address:
[   47.183544]  fff00000c4546180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.184485]  fff00000c4546200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.185350] >fff00000c4546280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   47.186213]                                                  ^
[   47.186954]  fff00000c4546300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.188150]  fff00000c4546380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.189009] ==================================================================
[   47.411330] ==================================================================
[   47.412577] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   47.413537] Write of size 1 at addr fff00000c65760c9 by task kunit_try_catch/151
[   47.414850] 
[   47.415173] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   47.416515] Tainted: [B]=BAD_PAGE, [N]=TEST
[   47.417189] Hardware name: linux,dummy-virt (DT)
[   47.417937] Call trace:
[   47.418731]  show_stack+0x20/0x38 (C)
[   47.419251]  dump_stack_lvl+0x8c/0xd0
[   47.419857]  print_report+0x118/0x5e0
[   47.420490]  kasan_report+0xc8/0x118
[   47.421337]  __asan_report_store1_noabort+0x20/0x30
[   47.422444]  krealloc_less_oob_helper+0xa48/0xc50
[   47.423281]  krealloc_large_less_oob+0x20/0x38
[   47.424091]  kunit_try_run_case+0x14c/0x3d0
[   47.424735]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.425847]  kthread+0x24c/0x2d0
[   47.426553]  ret_from_fork+0x10/0x20
[   47.427156] 
[   47.427572] The buggy address belongs to the physical page:
[   47.428233] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106574
[   47.429285] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   47.430482] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   47.431386] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   47.432279] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   47.433767] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   47.434626] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   47.435625] head: 0bfffe0000000002 ffffc1ffc3195d01 ffffffffffffffff 0000000000000000
[   47.436656] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   47.437682] page dumped because: kasan: bad access detected
[   47.438703] 
[   47.438976] Memory state around the buggy address:
[   47.439656]  fff00000c6575f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.440838]  fff00000c6576000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.442053] >fff00000c6576080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   47.443105]                                               ^
[   47.443954]  fff00000c6576100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   47.444900]  fff00000c6576180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   47.445927] ==================================================================
[   47.281659] ==================================================================
[   47.282692] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   47.283867] Write of size 1 at addr fff00000c45462eb by task kunit_try_catch/147
[   47.285183] 
[   47.285736] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   47.286793] Tainted: [B]=BAD_PAGE, [N]=TEST
[   47.287069] Hardware name: linux,dummy-virt (DT)
[   47.287438] Call trace:
[   47.288027]  show_stack+0x20/0x38 (C)
[   47.288861]  dump_stack_lvl+0x8c/0xd0
[   47.289417]  print_report+0x118/0x5e0
[   47.290149]  kasan_report+0xc8/0x118
[   47.290721]  __asan_report_store1_noabort+0x20/0x30
[   47.291062]  krealloc_less_oob_helper+0xa58/0xc50
[   47.291674]  krealloc_less_oob+0x20/0x38
[   47.292554]  kunit_try_run_case+0x14c/0x3d0
[   47.293052]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.293984]  kthread+0x24c/0x2d0
[   47.294672]  ret_from_fork+0x10/0x20
[   47.295123] 
[   47.295449] Allocated by task 147:
[   47.295901]  kasan_save_stack+0x3c/0x68
[   47.296589]  kasan_save_track+0x20/0x40
[   47.297114]  kasan_save_alloc_info+0x40/0x58
[   47.297937]  __kasan_krealloc+0x118/0x178
[   47.298509]  krealloc_noprof+0x128/0x360
[   47.299006]  krealloc_less_oob_helper+0x168/0xc50
[   47.299820]  krealloc_less_oob+0x20/0x38
[   47.300386]  kunit_try_run_case+0x14c/0x3d0
[   47.301003]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.301933]  kthread+0x24c/0x2d0
[   47.302428]  ret_from_fork+0x10/0x20
[   47.303065] 
[   47.303504] The buggy address belongs to the object at fff00000c4546200
[   47.303504]  which belongs to the cache kmalloc-256 of size 256
[   47.305192] The buggy address is located 34 bytes to the right of
[   47.305192]  allocated 201-byte region [fff00000c4546200, fff00000c45462c9)
[   47.306701] 
[   47.307025] The buggy address belongs to the physical page:
[   47.308020] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104546
[   47.308903] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   47.309681] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   47.310671] page_type: f5(slab)
[   47.311210] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   47.312202] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   47.313133] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   47.314044] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   47.315055] head: 0bfffe0000000001 ffffc1ffc3115181 ffffffffffffffff 0000000000000000
[   47.316013] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   47.316971] page dumped because: kasan: bad access detected
[   47.317844] 
[   47.318322] Memory state around the buggy address:
[   47.319034]  fff00000c4546180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.319904]  fff00000c4546200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.320746] >fff00000c4546280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   47.321602]                                                           ^
[   47.322332]  fff00000c4546300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.323101]  fff00000c4546380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.323987] ==================================================================
[   47.491037] ==================================================================
[   47.491973] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   47.492980] Write of size 1 at addr fff00000c65760da by task kunit_try_catch/151
[   47.494762] 
[   47.495168] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   47.496530] Tainted: [B]=BAD_PAGE, [N]=TEST
[   47.497156] Hardware name: linux,dummy-virt (DT)
[   47.498122] Call trace:
[   47.498589]  show_stack+0x20/0x38 (C)
[   47.499344]  dump_stack_lvl+0x8c/0xd0
[   47.499980]  print_report+0x118/0x5e0
[   47.500536]  kasan_report+0xc8/0x118
[   47.501934]  __asan_report_store1_noabort+0x20/0x30
[   47.502634]  krealloc_less_oob_helper+0xa80/0xc50
[   47.503255]  krealloc_large_less_oob+0x20/0x38
[   47.503906]  kunit_try_run_case+0x14c/0x3d0
[   47.504606]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   47.505549]  kthread+0x24c/0x2d0
[   47.506310]  ret_from_fork+0x10/0x20
[   47.507048] 
[   47.507466] The buggy address belongs to the physical page:
[   47.508135] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106574
[   47.509902] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   47.510872] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   47.511846] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   47.512810] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   47.514391] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   47.515332] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   47.516187] head: 0bfffe0000000002 ffffc1ffc3195d01 ffffffffffffffff 0000000000000000
[   47.517214] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   47.518083] page dumped because: kasan: bad access detected
[   47.518869] 
[   47.519809] Memory state around the buggy address:
[   47.520621]  fff00000c6575f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.521542]  fff00000c6576000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.522506] >fff00000c6576080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   47.523406]                                                     ^
[   47.524189]  fff00000c6576100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   47.525105]  fff00000c6576180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   47.526225] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2pPrWzZCaknSLHWPXWgqldRCWId

job_id

TEST:linaro@lkft#2pPrasgygr18pFmDML3VW5NSaLA

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pPrasgygr18pFmDML3VW5NSaLA

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pPrXvafjAOnBSZ2PDjzBqmMUCC/Image.gz
sha256sum	7f51b42fbc42b34211545db145326239f0db4bfb7b996201cdd5797585c0f9c7

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	f592205e64add7389d8a1055c235aa3685e13c7cfdfdbe5f212ab22afdbeb656

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pPrXvafjAOnBSZ2PDjzBqmMUCC/modules.tar.xz
sha256sum	1038ada13ea7237536e1543e3019652e5ec1fb8ccb58d0df0b9351c266f001b7

durations

tests

boot	391.39
kunit	431.29

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

[   24.601603] ==================================================================
[   24.603541] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0
[   24.604122] Write of size 1 at addr ffff888102cc20c9 by task kunit_try_catch/170
[   24.604862] 
[   24.605328] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   24.606278] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.606868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.607912] Call Trace:
[   24.608369]  <TASK>
[   24.608800]  dump_stack_lvl+0x73/0xb0
[   24.609440]  print_report+0xd1/0x640
[   24.609879]  ? __virt_addr_valid+0x1db/0x2d0
[   24.610631]  ? kasan_addr_to_slab+0x11/0xa0
[   24.611335]  kasan_report+0x102/0x140
[   24.612155]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   24.612742]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   24.613772]  __asan_report_store1_noabort+0x1b/0x30
[   24.614675]  krealloc_less_oob_helper+0xd72/0x11d0
[   24.615543]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   24.616243]  ? finish_task_switch.isra.0+0x153/0x700
[   24.616708]  ? __switch_to+0x5d9/0xf60
[   24.617512]  ? __schedule+0xc3e/0x2790
[   24.618165]  ? __pfx_read_tsc+0x10/0x10
[   24.619141]  krealloc_large_less_oob+0x1c/0x30
[   24.620489]  kunit_try_run_case+0x1b3/0x490
[   24.620879]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.621770]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   24.622266]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.623370]  ? __kthread_parkme+0x82/0x160
[   24.623666]  ? preempt_count_sub+0x50/0x80
[   24.624483]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.625408]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.626490]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.627161]  kthread+0x257/0x310
[   24.627550]  ? __pfx_kthread+0x10/0x10
[   24.628673]  ret_from_fork+0x41/0x80
[   24.629036]  ? __pfx_kthread+0x10/0x10
[   24.630387]  ret_from_fork_asm+0x1a/0x30
[   24.630787]  </TASK>
[   24.631185] 
[   24.632023] The buggy address belongs to the physical page:
[   24.632857] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0
[   24.633846] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.635199] flags: 0x200000000000040(head|node=0|zone=2)
[   24.635691] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.636955] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.638638] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.639940] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.640688] head: 0200000000000002 ffffea00040b3001 ffffffffffffffff 0000000000000000
[   24.641433] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   24.642594] page dumped because: kasan: bad access detected
[   24.643264] 
[   24.643414] Memory state around the buggy address:
[   24.644403]  ffff888102cc1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.645241]  ffff888102cc2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.646374] >ffff888102cc2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   24.647175]                                               ^
[   24.647842]  ffff888102cc2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.649065]  ffff888102cc2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.649833] ==================================================================
[   24.777450] ==================================================================
[   24.778627] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0
[   24.779405] Write of size 1 at addr ffff888102cc20eb by task kunit_try_catch/170
[   24.779687] 
[   24.779789] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   24.780618] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.782150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.782763] Call Trace:
[   24.782897]  <TASK>
[   24.783590]  dump_stack_lvl+0x73/0xb0
[   24.784442]  print_report+0xd1/0x640
[   24.785269]  ? __virt_addr_valid+0x1db/0x2d0
[   24.785723]  ? kasan_addr_to_slab+0x11/0xa0
[   24.786197]  kasan_report+0x102/0x140
[   24.786571]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   24.787391]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   24.788262]  __asan_report_store1_noabort+0x1b/0x30
[   24.788709]  krealloc_less_oob_helper+0xd49/0x11d0
[   24.789501]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   24.790133]  ? finish_task_switch.isra.0+0x153/0x700
[   24.790562]  ? __switch_to+0x5d9/0xf60
[   24.791045]  ? __schedule+0xc3e/0x2790
[   24.791597]  ? __pfx_read_tsc+0x10/0x10
[   24.792788]  krealloc_large_less_oob+0x1c/0x30
[   24.793517]  kunit_try_run_case+0x1b3/0x490
[   24.794538]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.794914]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   24.795492]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.795735]  ? __kthread_parkme+0x82/0x160
[   24.796380]  ? preempt_count_sub+0x50/0x80
[   24.796765]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.797832]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.798755]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.799527]  kthread+0x257/0x310
[   24.800093]  ? __pfx_kthread+0x10/0x10
[   24.800720]  ret_from_fork+0x41/0x80
[   24.801524]  ? __pfx_kthread+0x10/0x10
[   24.802021]  ret_from_fork_asm+0x1a/0x30
[   24.802783]  </TASK>
[   24.803621] 
[   24.803788] The buggy address belongs to the physical page:
[   24.804309] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0
[   24.806044] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.806710] flags: 0x200000000000040(head|node=0|zone=2)
[   24.807324] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.808358] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.809097] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.810074] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.811034] head: 0200000000000002 ffffea00040b3001 ffffffffffffffff 0000000000000000
[   24.812211] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   24.813009] page dumped because: kasan: bad access detected
[   24.813566] 
[   24.813760] Memory state around the buggy address:
[   24.814215]  ffff888102cc1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.815332]  ffff888102cc2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.815864] >ffff888102cc2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   24.817310]                                                           ^
[   24.818068]  ffff888102cc2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.818891]  ffff888102cc2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.819902] ==================================================================
[   24.307314] ==================================================================
[   24.307733] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0
[   24.309620] Write of size 1 at addr ffff8881009998da by task kunit_try_catch/166
[   24.310751] 
[   24.311564] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   24.312767] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.314050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.314763] Call Trace:
[   24.315254]  <TASK>
[   24.315948]  dump_stack_lvl+0x73/0xb0
[   24.317406]  print_report+0xd1/0x640
[   24.317774]  ? __virt_addr_valid+0x1db/0x2d0
[   24.318662]  ? kasan_complete_mode_report_info+0x2a/0x200
[   24.319237]  kasan_report+0x102/0x140
[   24.320548]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   24.320822]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   24.322035]  __asan_report_store1_noabort+0x1b/0x30
[   24.322921]  krealloc_less_oob_helper+0xec8/0x11d0
[   24.323768]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   24.324606]  ? finish_task_switch.isra.0+0x153/0x700
[   24.325517]  ? __switch_to+0x5d9/0xf60
[   24.325908]  ? __schedule+0xc3e/0x2790
[   24.326716]  ? __pfx_read_tsc+0x10/0x10
[   24.327490]  krealloc_less_oob+0x1c/0x30
[   24.328481]  kunit_try_run_case+0x1b3/0x490
[   24.328879]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.329739]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   24.330589]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.331398]  ? __kthread_parkme+0x82/0x160
[   24.332501]  ? preempt_count_sub+0x50/0x80
[   24.332897]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.333774]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.334685]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.335505]  kthread+0x257/0x310
[   24.335833]  ? __pfx_kthread+0x10/0x10
[   24.336773]  ret_from_fork+0x41/0x80
[   24.337417]  ? __pfx_kthread+0x10/0x10
[   24.337853]  ret_from_fork_asm+0x1a/0x30
[   24.338262]  </TASK>
[   24.338604] 
[   24.338964] Allocated by task 166:
[   24.339616]  kasan_save_stack+0x3d/0x60
[   24.340501]  kasan_save_track+0x18/0x40
[   24.341626]  kasan_save_alloc_info+0x3b/0x50
[   24.342116]  __kasan_krealloc+0x190/0x1f0
[   24.343097]  krealloc_noprof+0xf3/0x340
[   24.344167]  krealloc_less_oob_helper+0x1ab/0x11d0
[   24.344691]  krealloc_less_oob+0x1c/0x30
[   24.345290]  kunit_try_run_case+0x1b3/0x490
[   24.345654]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.346241]  kthread+0x257/0x310
[   24.346747]  ret_from_fork+0x41/0x80
[   24.347288]  ret_from_fork_asm+0x1a/0x30
[   24.347630] 
[   24.347886] The buggy address belongs to the object at ffff888100999800
[   24.347886]  which belongs to the cache kmalloc-256 of size 256
[   24.349407] The buggy address is located 17 bytes to the right of
[   24.349407]  allocated 201-byte region [ffff888100999800, ffff8881009998c9)
[   24.350500] 
[   24.350654] The buggy address belongs to the physical page:
[   24.351454] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100998
[   24.352447] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.353231] flags: 0x200000000000040(head|node=0|zone=2)
[   24.353566] page_type: f5(slab)
[   24.354378] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   24.355342] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   24.355965] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   24.356846] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   24.357621] head: 0200000000000001 ffffea0004026601 ffffffffffffffff 0000000000000000
[   24.358792] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   24.359600] page dumped because: kasan: bad access detected
[   24.360551] 
[   24.360785] Memory state around the buggy address:
[   24.361384]  ffff888100999780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.362327]  ffff888100999800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.363596] >ffff888100999880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   24.364420]                                                     ^
[   24.365576]  ffff888100999900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.366772]  ffff888100999980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.367843] ==================================================================
[   24.447797] ==================================================================
[   24.448860] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0
[   24.449889] Write of size 1 at addr ffff8881009998eb by task kunit_try_catch/166
[   24.451052] 
[   24.451402] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   24.452395] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.453262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.454343] Call Trace:
[   24.454850]  <TASK>
[   24.455241]  dump_stack_lvl+0x73/0xb0
[   24.455962]  print_report+0xd1/0x640
[   24.456386]  ? __virt_addr_valid+0x1db/0x2d0
[   24.456819]  ? kasan_complete_mode_report_info+0x2a/0x200
[   24.457838]  kasan_report+0x102/0x140
[   24.458201]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   24.459127]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   24.459681]  __asan_report_store1_noabort+0x1b/0x30
[   24.460581]  krealloc_less_oob_helper+0xd49/0x11d0
[   24.461004]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   24.461719]  ? finish_task_switch.isra.0+0x153/0x700
[   24.462469]  ? __switch_to+0x5d9/0xf60
[   24.462954]  ? __schedule+0xc3e/0x2790
[   24.463794]  ? __pfx_read_tsc+0x10/0x10
[   24.464564]  krealloc_less_oob+0x1c/0x30
[   24.464964]  kunit_try_run_case+0x1b3/0x490
[   24.465944]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.466643]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   24.467341]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.467819]  ? __kthread_parkme+0x82/0x160
[   24.468699]  ? preempt_count_sub+0x50/0x80
[   24.469130]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.469848]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.470773]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.471705]  kthread+0x257/0x310
[   24.472074]  ? __pfx_kthread+0x10/0x10
[   24.472599]  ret_from_fork+0x41/0x80
[   24.473378]  ? __pfx_kthread+0x10/0x10
[   24.473869]  ret_from_fork_asm+0x1a/0x30
[   24.474835]  </TASK>
[   24.475400] 
[   24.475613] Allocated by task 166:
[   24.476346]  kasan_save_stack+0x3d/0x60
[   24.476807]  kasan_save_track+0x18/0x40
[   24.477599]  kasan_save_alloc_info+0x3b/0x50
[   24.478342]  __kasan_krealloc+0x190/0x1f0
[   24.478686]  krealloc_noprof+0xf3/0x340
[   24.479106]  krealloc_less_oob_helper+0x1ab/0x11d0
[   24.479965]  krealloc_less_oob+0x1c/0x30
[   24.480833]  kunit_try_run_case+0x1b3/0x490
[   24.481498]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.482374]  kthread+0x257/0x310
[   24.482969]  ret_from_fork+0x41/0x80
[   24.483455]  ret_from_fork_asm+0x1a/0x30
[   24.484389] 
[   24.484649] The buggy address belongs to the object at ffff888100999800
[   24.484649]  which belongs to the cache kmalloc-256 of size 256
[   24.486255] The buggy address is located 34 bytes to the right of
[   24.486255]  allocated 201-byte region [ffff888100999800, ffff8881009998c9)
[   24.487839] 
[   24.488215] The buggy address belongs to the physical page:
[   24.489017] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100998
[   24.489883] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.490761] flags: 0x200000000000040(head|node=0|zone=2)
[   24.491008] page_type: f5(slab)
[   24.491546] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   24.492717] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   24.493517] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   24.494756] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   24.495736] head: 0200000000000001 ffffea0004026601 ffffffffffffffff 0000000000000000
[   24.496517] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   24.497682] page dumped because: kasan: bad access detected
[   24.498178] 
[   24.498422] Memory state around the buggy address:
[   24.499382]  ffff888100999780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.500010]  ffff888100999800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.500846] >ffff888100999880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   24.501872]                                                           ^
[   24.502692]  ffff888100999900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.503618]  ffff888100999980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.504497] ==================================================================
[   24.368621] ==================================================================
[   24.370924] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0
[   24.371731] Write of size 1 at addr ffff8881009998ea by task kunit_try_catch/166
[   24.373775] 
[   24.374421] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   24.376182] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.377339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.379973] Call Trace:
[   24.380430]  <TASK>
[   24.380803]  dump_stack_lvl+0x73/0xb0
[   24.381928]  print_report+0xd1/0x640
[   24.382875]  ? __virt_addr_valid+0x1db/0x2d0
[   24.383729]  ? kasan_complete_mode_report_info+0x2a/0x200
[   24.384547]  kasan_report+0x102/0x140
[   24.385584]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   24.386534]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   24.388677]  __asan_report_store1_noabort+0x1b/0x30
[   24.389629]  krealloc_less_oob_helper+0xe92/0x11d0
[   24.390890]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   24.391915]  ? finish_task_switch.isra.0+0x153/0x700
[   24.392590]  ? __switch_to+0x5d9/0xf60
[   24.393579]  ? __schedule+0xc3e/0x2790
[   24.394896]  ? __pfx_read_tsc+0x10/0x10
[   24.395793]  krealloc_less_oob+0x1c/0x30
[   24.396763]  kunit_try_run_case+0x1b3/0x490
[   24.397422]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.397839]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   24.398435]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.399170]  ? __kthread_parkme+0x82/0x160
[   24.399553]  ? preempt_count_sub+0x50/0x80
[   24.400292]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.400815]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.401646]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.402367]  kthread+0x257/0x310
[   24.402841]  ? __pfx_kthread+0x10/0x10
[   24.403515]  ret_from_fork+0x41/0x80
[   24.404068]  ? __pfx_kthread+0x10/0x10
[   24.404431]  ret_from_fork_asm+0x1a/0x30
[   24.405176]  </TASK>
[   24.405364] 
[   24.405753] Allocated by task 166:
[   24.406359]  kasan_save_stack+0x3d/0x60
[   24.406672]  kasan_save_track+0x18/0x40
[   24.407358]  kasan_save_alloc_info+0x3b/0x50
[   24.407660]  __kasan_krealloc+0x190/0x1f0
[   24.408483]  krealloc_noprof+0xf3/0x340
[   24.409051]  krealloc_less_oob_helper+0x1ab/0x11d0
[   24.409803]  krealloc_less_oob+0x1c/0x30
[   24.410837]  kunit_try_run_case+0x1b3/0x490
[   24.411667]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.413118]  kthread+0x257/0x310
[   24.413944]  ret_from_fork+0x41/0x80
[   24.415226]  ret_from_fork_asm+0x1a/0x30
[   24.416432] 
[   24.416793] The buggy address belongs to the object at ffff888100999800
[   24.416793]  which belongs to the cache kmalloc-256 of size 256
[   24.418304] The buggy address is located 33 bytes to the right of
[   24.418304]  allocated 201-byte region [ffff888100999800, ffff8881009998c9)
[   24.421173] 
[   24.421366] The buggy address belongs to the physical page:
[   24.422116] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100998
[   24.422803] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.423751] flags: 0x200000000000040(head|node=0|zone=2)
[   24.424483] page_type: f5(slab)
[   24.424897] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   24.425927] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   24.426805] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   24.428954] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   24.429831] head: 0200000000000001 ffffea0004026601 ffffffffffffffff 0000000000000000
[   24.431766] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   24.433382] page dumped because: kasan: bad access detected
[   24.434355] 
[   24.434632] Memory state around the buggy address:
[   24.434965]  ffff888100999780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.436579]  ffff888100999800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.438303] >ffff888100999880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   24.440261]                                                           ^
[   24.443043]  ffff888100999900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.443452]  ffff888100999980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.445009] ==================================================================
[   24.696139] ==================================================================
[   24.697138] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0
[   24.697667] Write of size 1 at addr ffff888102cc20da by task kunit_try_catch/170
[   24.698805] 
[   24.699056] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   24.699609] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.700452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.701791] Call Trace:
[   24.702031]  <TASK>
[   24.702227]  dump_stack_lvl+0x73/0xb0
[   24.702521]  print_report+0xd1/0x640
[   24.703655]  ? __virt_addr_valid+0x1db/0x2d0
[   24.704588]  ? kasan_addr_to_slab+0x11/0xa0
[   24.705022]  kasan_report+0x102/0x140
[   24.705313]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   24.706041]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   24.707084]  __asan_report_store1_noabort+0x1b/0x30
[   24.708070]  krealloc_less_oob_helper+0xec8/0x11d0
[   24.708690]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   24.709667]  ? finish_task_switch.isra.0+0x153/0x700
[   24.710242]  ? __switch_to+0x5d9/0xf60
[   24.710870]  ? __schedule+0xc3e/0x2790
[   24.711742]  ? __pfx_read_tsc+0x10/0x10
[   24.712605]  krealloc_large_less_oob+0x1c/0x30
[   24.713525]  kunit_try_run_case+0x1b3/0x490
[   24.713870]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.714808]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   24.715580]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.716521]  ? __kthread_parkme+0x82/0x160
[   24.716830]  ? preempt_count_sub+0x50/0x80
[   24.717843]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.718730]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.720049]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.720836]  kthread+0x257/0x310
[   24.721631]  ? __pfx_kthread+0x10/0x10
[   24.722745]  ret_from_fork+0x41/0x80
[   24.723304]  ? __pfx_kthread+0x10/0x10
[   24.723775]  ret_from_fork_asm+0x1a/0x30
[   24.724774]  </TASK>
[   24.725088] 
[   24.726005] The buggy address belongs to the physical page:
[   24.726528] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0
[   24.727715] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.728628] flags: 0x200000000000040(head|node=0|zone=2)
[   24.728976] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.729296] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.729581] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.729865] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.730496] head: 0200000000000002 ffffea00040b3001 ffffffffffffffff 0000000000000000
[   24.731482] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   24.732352] page dumped because: kasan: bad access detected
[   24.732829] 
[   24.733428] Memory state around the buggy address:
[   24.734146]  ffff888102cc1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.734705]  ffff888102cc2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.735623] >ffff888102cc2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   24.736284]                                                     ^
[   24.736720]  ffff888102cc2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.737760]  ffff888102cc2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.738591] ==================================================================
[   24.246386] ==================================================================
[   24.248854] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0
[   24.249831] Write of size 1 at addr ffff8881009998d0 by task kunit_try_catch/166
[   24.251171] 
[   24.251375] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   24.252265] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.252673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.253574] Call Trace:
[   24.253870]  <TASK>
[   24.254305]  dump_stack_lvl+0x73/0xb0
[   24.255460]  print_report+0xd1/0x640
[   24.256100]  ? __virt_addr_valid+0x1db/0x2d0
[   24.256778]  ? kasan_complete_mode_report_info+0x2a/0x200
[   24.257540]  kasan_report+0x102/0x140
[   24.258131]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   24.259131]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   24.259591]  __asan_report_store1_noabort+0x1b/0x30
[   24.260218]  krealloc_less_oob_helper+0xe25/0x11d0
[   24.261104]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   24.261587]  ? finish_task_switch.isra.0+0x153/0x700
[   24.262046]  ? __switch_to+0x5d9/0xf60
[   24.263194]  ? __schedule+0xc3e/0x2790
[   24.263841]  ? __pfx_read_tsc+0x10/0x10
[   24.264577]  krealloc_less_oob+0x1c/0x30
[   24.265323]  kunit_try_run_case+0x1b3/0x490
[   24.266190]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.266605]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   24.267627]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.268162]  ? __kthread_parkme+0x82/0x160
[   24.268778]  ? preempt_count_sub+0x50/0x80
[   24.269631]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.270503]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.271164]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.271799]  kthread+0x257/0x310
[   24.272502]  ? __pfx_kthread+0x10/0x10
[   24.273159]  ret_from_fork+0x41/0x80
[   24.273599]  ? __pfx_kthread+0x10/0x10
[   24.274018]  ret_from_fork_asm+0x1a/0x30
[   24.275062]  </TASK>
[   24.275751] 
[   24.275906] Allocated by task 166:
[   24.276735]  kasan_save_stack+0x3d/0x60
[   24.277344]  kasan_save_track+0x18/0x40
[   24.277598]  kasan_save_alloc_info+0x3b/0x50
[   24.278577]  __kasan_krealloc+0x190/0x1f0
[   24.279075]  krealloc_noprof+0xf3/0x340
[   24.279455]  krealloc_less_oob_helper+0x1ab/0x11d0
[   24.279954]  krealloc_less_oob+0x1c/0x30
[   24.280668]  kunit_try_run_case+0x1b3/0x490
[   24.281123]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.281486]  kthread+0x257/0x310
[   24.282000]  ret_from_fork+0x41/0x80
[   24.283101]  ret_from_fork_asm+0x1a/0x30
[   24.283427] 
[   24.283708] The buggy address belongs to the object at ffff888100999800
[   24.283708]  which belongs to the cache kmalloc-256 of size 256
[   24.284671] The buggy address is located 7 bytes to the right of
[   24.284671]  allocated 201-byte region [ffff888100999800, ffff8881009998c9)
[   24.286793] 
[   24.287076] The buggy address belongs to the physical page:
[   24.287401] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100998
[   24.288742] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.289864] flags: 0x200000000000040(head|node=0|zone=2)
[   24.291051] page_type: f5(slab)
[   24.291848] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   24.293288] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   24.294458] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   24.295096] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   24.296941] head: 0200000000000001 ffffea0004026601 ffffffffffffffff 0000000000000000
[   24.298018] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   24.298708] page dumped because: kasan: bad access detected
[   24.300049] 
[   24.300414] Memory state around the buggy address:
[   24.301363]  ffff888100999780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.301727]  ffff888100999800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.302090] >ffff888100999880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   24.303660]                                                  ^
[   24.304380]  ffff888100999900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.305440]  ffff888100999980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.306228] ==================================================================
[   24.739427] ==================================================================
[   24.739864] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0
[   24.740784] Write of size 1 at addr ffff888102cc20ea by task kunit_try_catch/170
[   24.741588] 
[   24.741809] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   24.743060] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.743506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.744373] Call Trace:
[   24.744680]  <TASK>
[   24.745307]  dump_stack_lvl+0x73/0xb0
[   24.745692]  print_report+0xd1/0x640
[   24.746179]  ? __virt_addr_valid+0x1db/0x2d0
[   24.746731]  ? kasan_addr_to_slab+0x11/0xa0
[   24.747428]  kasan_report+0x102/0x140
[   24.747796]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   24.748579]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   24.749418]  __asan_report_store1_noabort+0x1b/0x30
[   24.749880]  krealloc_less_oob_helper+0xe92/0x11d0
[   24.750580]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   24.751259]  ? finish_task_switch.isra.0+0x153/0x700
[   24.751705]  ? __switch_to+0x5d9/0xf60
[   24.752262]  ? __schedule+0xc3e/0x2790
[   24.752690]  ? __pfx_read_tsc+0x10/0x10
[   24.753549]  krealloc_large_less_oob+0x1c/0x30
[   24.754087]  kunit_try_run_case+0x1b3/0x490
[   24.754625]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.755223]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   24.755673]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.756357]  ? __kthread_parkme+0x82/0x160
[   24.756672]  ? preempt_count_sub+0x50/0x80
[   24.757390]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.758009]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.758633]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.759294]  kthread+0x257/0x310
[   24.759571]  ? __pfx_kthread+0x10/0x10
[   24.760141]  ret_from_fork+0x41/0x80
[   24.760601]  ? __pfx_kthread+0x10/0x10
[   24.761211]  ret_from_fork_asm+0x1a/0x30
[   24.761735]  </TASK>
[   24.762132] 
[   24.762292] The buggy address belongs to the physical page:
[   24.763054] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0
[   24.763745] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.764550] flags: 0x200000000000040(head|node=0|zone=2)
[   24.765245] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.766164] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.766677] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.767550] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.768385] head: 0200000000000002 ffffea00040b3001 ffffffffffffffff 0000000000000000
[   24.769389] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   24.770012] page dumped because: kasan: bad access detected
[   24.770459] 
[   24.770663] Memory state around the buggy address:
[   24.771065]  ffff888102cc1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.771938]  ffff888102cc2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.772759] >ffff888102cc2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   24.773292]                                                           ^
[   24.774421]  ffff888102cc2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.775228]  ffff888102cc2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.776481] ==================================================================
[   24.651083] ==================================================================
[   24.651736] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0
[   24.653977] Write of size 1 at addr ffff888102cc20d0 by task kunit_try_catch/170
[   24.654728] 
[   24.655042] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   24.656539] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.657590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.658743] Call Trace:
[   24.659160]  <TASK>
[   24.659627]  dump_stack_lvl+0x73/0xb0
[   24.660474]  print_report+0xd1/0x640
[   24.660755]  ? __virt_addr_valid+0x1db/0x2d0
[   24.661415]  ? kasan_addr_to_slab+0x11/0xa0
[   24.662217]  kasan_report+0x102/0x140
[   24.662621]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   24.663324]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   24.663757]  __asan_report_store1_noabort+0x1b/0x30
[   24.664297]  krealloc_less_oob_helper+0xe25/0x11d0
[   24.665439]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   24.665915]  ? finish_task_switch.isra.0+0x153/0x700
[   24.666650]  ? __switch_to+0x5d9/0xf60
[   24.667096]  ? __schedule+0xc3e/0x2790
[   24.667718]  ? __pfx_read_tsc+0x10/0x10
[   24.668271]  krealloc_large_less_oob+0x1c/0x30
[   24.669020]  kunit_try_run_case+0x1b3/0x490
[   24.669592]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.670277]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   24.670615]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.671582]  ? __kthread_parkme+0x82/0x160
[   24.672287]  ? preempt_count_sub+0x50/0x80
[   24.672793]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.673456]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.674144]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.674797]  kthread+0x257/0x310
[   24.675316]  ? __pfx_kthread+0x10/0x10
[   24.676022]  ret_from_fork+0x41/0x80
[   24.676404]  ? __pfx_kthread+0x10/0x10
[   24.676683]  ret_from_fork_asm+0x1a/0x30
[   24.677616]  </TASK>
[   24.677916] 
[   24.678326] The buggy address belongs to the physical page:
[   24.678900] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0
[   24.679466] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.680737] flags: 0x200000000000040(head|node=0|zone=2)
[   24.681553] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.682565] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.683600] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.684508] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.685754] head: 0200000000000002 ffffea00040b3001 ffffffffffffffff 0000000000000000
[   24.687046] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   24.687878] page dumped because: kasan: bad access detected
[   24.688532] 
[   24.688891] Memory state around the buggy address:
[   24.689806]  ffff888102cc1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.690864]  ffff888102cc2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.691712] >ffff888102cc2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   24.692530]                                                  ^
[   24.693614]  ffff888102cc2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.694422]  ffff888102cc2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.695059] ==================================================================
[   24.193763] ==================================================================
[   24.194892] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0
[   24.195700] Write of size 1 at addr ffff8881009998c9 by task kunit_try_catch/166
[   24.196335] 
[   24.196589] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   24.197912] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.198675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.199774] Call Trace:
[   24.200545]  <TASK>
[   24.200828]  dump_stack_lvl+0x73/0xb0
[   24.201593]  print_report+0xd1/0x640
[   24.202389]  ? __virt_addr_valid+0x1db/0x2d0
[   24.202858]  ? kasan_complete_mode_report_info+0x2a/0x200
[   24.203358]  kasan_report+0x102/0x140
[   24.203737]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   24.204221]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   24.204681]  __asan_report_store1_noabort+0x1b/0x30
[   24.205156]  krealloc_less_oob_helper+0xd72/0x11d0
[   24.205668]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   24.206358]  ? finish_task_switch.isra.0+0x153/0x700
[   24.206725]  ? __switch_to+0x5d9/0xf60
[   24.207397]  ? __schedule+0xc3e/0x2790
[   24.207779]  ? __pfx_read_tsc+0x10/0x10
[   24.208403]  krealloc_less_oob+0x1c/0x30
[   24.208897]  kunit_try_run_case+0x1b3/0x490
[   24.209442]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.209865]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   24.210494]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.211193]  ? __kthread_parkme+0x82/0x160
[   24.211586]  ? preempt_count_sub+0x50/0x80
[   24.212229]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.212705]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.213449]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.214076]  kthread+0x257/0x310
[   24.214512]  ? __pfx_kthread+0x10/0x10
[   24.215054]  ret_from_fork+0x41/0x80
[   24.215397]  ? __pfx_kthread+0x10/0x10
[   24.215874]  ret_from_fork_asm+0x1a/0x30
[   24.216471]  </TASK>
[   24.216684] 
[   24.217039] Allocated by task 166:
[   24.217400]  kasan_save_stack+0x3d/0x60
[   24.217791]  kasan_save_track+0x18/0x40
[   24.218340]  kasan_save_alloc_info+0x3b/0x50
[   24.218836]  __kasan_krealloc+0x190/0x1f0
[   24.219355]  krealloc_noprof+0xf3/0x340
[   24.219832]  krealloc_less_oob_helper+0x1ab/0x11d0
[   24.220484]  krealloc_less_oob+0x1c/0x30
[   24.220792]  kunit_try_run_case+0x1b3/0x490
[   24.221454]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.222086]  kthread+0x257/0x310
[   24.222515]  ret_from_fork+0x41/0x80
[   24.222903]  ret_from_fork_asm+0x1a/0x30
[   24.223514] 
[   24.223753] The buggy address belongs to the object at ffff888100999800
[   24.223753]  which belongs to the cache kmalloc-256 of size 256
[   24.225494] The buggy address is located 0 bytes to the right of
[   24.225494]  allocated 201-byte region [ffff888100999800, ffff8881009998c9)
[   24.226683] 
[   24.226885] The buggy address belongs to the physical page:
[   24.228569] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100998
[   24.229105] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.230243] flags: 0x200000000000040(head|node=0|zone=2)
[   24.230608] page_type: f5(slab)
[   24.231551] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   24.232626] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   24.233468] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   24.234727] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   24.235912] head: 0200000000000001 ffffea0004026601 ffffffffffffffff 0000000000000000
[   24.236657] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   24.237549] page dumped because: kasan: bad access detected
[   24.238299] 
[   24.238694] Memory state around the buggy address:
[   24.239575]  ffff888100999780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.240449]  ffff888100999800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.241379] >ffff888100999880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   24.242128]                                               ^
[   24.242856]  ffff888100999900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.243876]  ffff888100999980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.245085] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2pPrWzZCaknSLHWPXWgqldRCWId

job_id

TEST:linaro@lkft#2pPrbhaVR3ariJUhOI7IYbIBUdI

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pPrbhaVR3ariJUhOI7IYbIBUdI

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pPrYqhbLSrtk8tmKdo61CYQmn7/bzImage
sha256sum	bc7020f6c9906b0c5d6906e81b0f41206db7445f5dae748cf179d16decb29c87

rootfs

url	https://storage.tuxboot.com/debian/trixie/amd64/rootfs.ext4.xz
sha256sum	c6ceed53712217894b72c37cdc18ddb1157eb9bca95bb5bb312b9c30db3bb83b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pPrYqhbLSrtk8tmKdo61CYQmn7/modules.tar.xz
sha256sum	e54cf87147493578594c767c66018773df97ab776c89d3f19e69e678f47aed9d

durations

tests

boot	322.07
kunit	429.13

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit