lkft/linux-next-master - next-20241205 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper

Date

Dec. 5, 2024, 2:07 p.m.

Environment
qemu-arm64
qemu-x86_64

[   29.674160] ==================================================================
[   29.675331] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   29.677486] Write of size 1 at addr fff00000c644e0c9 by task kunit_try_catch/151
[   29.678379] 
[   29.678706] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   29.680433] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.681041] Hardware name: linux,dummy-virt (DT)
[   29.681625] Call trace:
[   29.682025]  show_stack+0x20/0x38 (C)
[   29.682544]  dump_stack_lvl+0x8c/0xd0
[   29.683085]  print_report+0x118/0x5e0
[   29.683683]  kasan_report+0xc8/0x118
[   29.684424]  __asan_report_store1_noabort+0x20/0x30
[   29.685514]  krealloc_less_oob_helper+0xa48/0xc50
[   29.686062]  krealloc_large_less_oob+0x20/0x38
[   29.686761]  kunit_try_run_case+0x14c/0x3d0
[   29.687423]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.688203]  kthread+0x24c/0x2d0
[   29.688784]  ret_from_fork+0x10/0x20
[   29.689585] 
[   29.689927] The buggy address belongs to the physical page:
[   29.690616] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10644c
[   29.692028] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   29.692899] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   29.693736] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   29.694806] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   29.695701] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   29.696956] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   29.697819] head: 0bfffe0000000002 ffffc1ffc3191301 ffffffffffffffff 0000000000000000
[   29.698768] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   29.700001] page dumped because: kasan: bad access detected
[   29.700722] 
[   29.701117] Memory state around the buggy address:
[   29.701954]  fff00000c644df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.702766]  fff00000c644e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.703689] >fff00000c644e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   29.704931]                                               ^
[   29.705646]  fff00000c644e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   29.706545]  fff00000c644e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   29.707555] ==================================================================
[   29.370784] ==================================================================
[   29.372699] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   29.373441] Write of size 1 at addr fff00000c09762c9 by task kunit_try_catch/147
[   29.374260] 
[   29.374669] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   29.375865] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.376437] Hardware name: linux,dummy-virt (DT)
[   29.377202] Call trace:
[   29.377720]  show_stack+0x20/0x38 (C)
[   29.378325]  dump_stack_lvl+0x8c/0xd0
[   29.378857]  print_report+0x118/0x5e0
[   29.379523]  kasan_report+0xc8/0x118
[   29.380113]  __asan_report_store1_noabort+0x20/0x30
[   29.380870]  krealloc_less_oob_helper+0xa48/0xc50
[   29.381459]  krealloc_less_oob+0x20/0x38
[   29.382196]  kunit_try_run_case+0x14c/0x3d0
[   29.382794]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.383607]  kthread+0x24c/0x2d0
[   29.384134]  ret_from_fork+0x10/0x20
[   29.384719] 
[   29.385048] Allocated by task 147:
[   29.385559]  kasan_save_stack+0x3c/0x68
[   29.386237]  kasan_save_track+0x20/0x40
[   29.386861]  kasan_save_alloc_info+0x40/0x58
[   29.387471]  __kasan_krealloc+0x118/0x178
[   29.388097]  krealloc_noprof+0x128/0x360
[   29.388641]  krealloc_less_oob_helper+0x168/0xc50
[   29.389305]  krealloc_less_oob+0x20/0x38
[   29.389902]  kunit_try_run_case+0x14c/0x3d0
[   29.390558]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.391314]  kthread+0x24c/0x2d0
[   29.391845]  ret_from_fork+0x10/0x20
[   29.392422] 
[   29.392732] The buggy address belongs to the object at fff00000c0976200
[   29.392732]  which belongs to the cache kmalloc-256 of size 256
[   29.394121] The buggy address is located 0 bytes to the right of
[   29.394121]  allocated 201-byte region [fff00000c0976200, fff00000c09762c9)
[   29.395561] 
[   29.395856] The buggy address belongs to the physical page:
[   29.396479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100976
[   29.397475] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   29.398522] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   29.399388] page_type: f5(slab)
[   29.400110] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   29.401242] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   29.402171] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   29.403096] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   29.404003] head: 0bfffe0000000001 ffffc1ffc3025d81 ffffffffffffffff 0000000000000000
[   29.404902] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   29.405909] page dumped because: kasan: bad access detected
[   29.406663] 
[   29.407053] Memory state around the buggy address:
[   29.407668]  fff00000c0976180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.408525]  fff00000c0976200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.409437] >fff00000c0976280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   29.410301]                                               ^
[   29.410982]  fff00000c0976300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.411847]  fff00000c0976380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.412736] ==================================================================
[   29.708911] ==================================================================
[   29.709604] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   29.711217] Write of size 1 at addr fff00000c644e0d0 by task kunit_try_catch/151
[   29.711971] 
[   29.713439] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   29.714592] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.715179] Hardware name: linux,dummy-virt (DT)
[   29.715755] Call trace:
[   29.716270]  show_stack+0x20/0x38 (C)
[   29.716790]  dump_stack_lvl+0x8c/0xd0
[   29.717928]  print_report+0x118/0x5e0
[   29.718479]  kasan_report+0xc8/0x118
[   29.719132]  __asan_report_store1_noabort+0x20/0x30
[   29.720311]  krealloc_less_oob_helper+0xb9c/0xc50
[   29.721034]  krealloc_large_less_oob+0x20/0x38
[   29.721723]  kunit_try_run_case+0x14c/0x3d0
[   29.722318]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.723050]  kthread+0x24c/0x2d0
[   29.724149]  ret_from_fork+0x10/0x20
[   29.724809] 
[   29.725151] The buggy address belongs to the physical page:
[   29.725791] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10644c
[   29.726704] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   29.727672] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   29.728812] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   29.730194] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   29.731595] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   29.732559] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   29.733371] head: 0bfffe0000000002 ffffc1ffc3191301 ffffffffffffffff 0000000000000000
[   29.734349] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   29.735327] page dumped because: kasan: bad access detected
[   29.736432] 
[   29.736718] Memory state around the buggy address:
[   29.737206]  fff00000c644df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.737903]  fff00000c644e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.738743] >fff00000c644e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   29.740305]                                                  ^
[   29.741008]  fff00000c644e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   29.741891]  fff00000c644e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   29.742738] ==================================================================
[   29.814951] ==================================================================
[   29.816299] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   29.818143] Write of size 1 at addr fff00000c644e0eb by task kunit_try_catch/151
[   29.819120] 
[   29.819398] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   29.820802] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.821362] Hardware name: linux,dummy-virt (DT)
[   29.821957] Call trace:
[   29.822482]  show_stack+0x20/0x38 (C)
[   29.823106]  dump_stack_lvl+0x8c/0xd0
[   29.823816]  print_report+0x118/0x5e0
[   29.824318]  kasan_report+0xc8/0x118
[   29.825437]  __asan_report_store1_noabort+0x20/0x30
[   29.826095]  krealloc_less_oob_helper+0xa58/0xc50
[   29.826751]  krealloc_large_less_oob+0x20/0x38
[   29.828015]  kunit_try_run_case+0x14c/0x3d0
[   29.828555]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.829350]  kthread+0x24c/0x2d0
[   29.829846]  ret_from_fork+0x10/0x20
[   29.830507] 
[   29.830839] The buggy address belongs to the physical page:
[   29.832303] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10644c
[   29.833204] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   29.834139] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   29.834999] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   29.836256] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   29.837462] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   29.838382] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   29.840104] head: 0bfffe0000000002 ffffc1ffc3191301 ffffffffffffffff 0000000000000000
[   29.841014] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   29.841836] page dumped because: kasan: bad access detected
[   29.842691] 
[   29.843048] Memory state around the buggy address:
[   29.844408]  fff00000c644df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.845303]  fff00000c644e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.846186] >fff00000c644e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   29.847069]                                                           ^
[   29.848396]  fff00000c644e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   29.849295]  fff00000c644e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   29.850168] ==================================================================
[   29.744669] ==================================================================
[   29.745743] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   29.747958] Write of size 1 at addr fff00000c644e0da by task kunit_try_catch/151
[   29.748698] 
[   29.749199] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   29.750426] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.750903] Hardware name: linux,dummy-virt (DT)
[   29.752601] Call trace:
[   29.753008]  show_stack+0x20/0x38 (C)
[   29.753611]  dump_stack_lvl+0x8c/0xd0
[   29.754160]  print_report+0x118/0x5e0
[   29.754703]  kasan_report+0xc8/0x118
[   29.755346]  __asan_report_store1_noabort+0x20/0x30
[   29.756009]  krealloc_less_oob_helper+0xa80/0xc50
[   29.756730]  krealloc_large_less_oob+0x20/0x38
[   29.757803]  kunit_try_run_case+0x14c/0x3d0
[   29.758437]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.759409]  kthread+0x24c/0x2d0
[   29.760399]  ret_from_fork+0x10/0x20
[   29.760974] 
[   29.761292] The buggy address belongs to the physical page:
[   29.761965] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10644c
[   29.762722] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   29.764069] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   29.765337] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   29.766177] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   29.767156] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   29.768197] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   29.769607] head: 0bfffe0000000002 ffffc1ffc3191301 ffffffffffffffff 0000000000000000
[   29.770908] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   29.771762] page dumped because: kasan: bad access detected
[   29.772443] 
[   29.772743] Memory state around the buggy address:
[   29.773803]  fff00000c644df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.774636]  fff00000c644e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.775931] >fff00000c644e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   29.776721]                                                     ^
[   29.777573]  fff00000c644e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   29.779068]  fff00000c644e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   29.780261] ==================================================================
[   29.549001] ==================================================================
[   29.549769] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   29.551577] Write of size 1 at addr fff00000c09762eb by task kunit_try_catch/147
[   29.553269] 
[   29.553806] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   29.554978] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.555494] Hardware name: linux,dummy-virt (DT)
[   29.556079] Call trace:
[   29.556525]  show_stack+0x20/0x38 (C)
[   29.557264]  dump_stack_lvl+0x8c/0xd0
[   29.558010]  print_report+0x118/0x5e0
[   29.558581]  kasan_report+0xc8/0x118
[   29.559151]  __asan_report_store1_noabort+0x20/0x30
[   29.559707]  krealloc_less_oob_helper+0xa58/0xc50
[   29.560459]  krealloc_less_oob+0x20/0x38
[   29.561082]  kunit_try_run_case+0x14c/0x3d0
[   29.561781]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.562518]  kthread+0x24c/0x2d0
[   29.563169]  ret_from_fork+0x10/0x20
[   29.563792] 
[   29.564126] Allocated by task 147:
[   29.564622]  kasan_save_stack+0x3c/0x68
[   29.565179]  kasan_save_track+0x20/0x40
[   29.565740]  kasan_save_alloc_info+0x40/0x58
[   29.566281]  __kasan_krealloc+0x118/0x178
[   29.566962]  krealloc_noprof+0x128/0x360
[   29.567543]  krealloc_less_oob_helper+0x168/0xc50
[   29.568227]  krealloc_less_oob+0x20/0x38
[   29.568799]  kunit_try_run_case+0x14c/0x3d0
[   29.569376]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.570238]  kthread+0x24c/0x2d0
[   29.570724]  ret_from_fork+0x10/0x20
[   29.571374] 
[   29.571699] The buggy address belongs to the object at fff00000c0976200
[   29.571699]  which belongs to the cache kmalloc-256 of size 256
[   29.573176] The buggy address is located 34 bytes to the right of
[   29.573176]  allocated 201-byte region [fff00000c0976200, fff00000c09762c9)
[   29.574468] 
[   29.574945] The buggy address belongs to the physical page:
[   29.575500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100976
[   29.576474] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   29.577380] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   29.578234] page_type: f5(slab)
[   29.578763] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   29.579749] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   29.580746] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   29.581785] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   29.582636] head: 0bfffe0000000001 ffffc1ffc3025d81 ffffffffffffffff 0000000000000000
[   29.583548] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   29.584426] page dumped because: kasan: bad access detected
[   29.585129] 
[   29.585442] Memory state around the buggy address:
[   29.586126]  fff00000c0976180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.586992]  fff00000c0976200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.587808] >fff00000c0976280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   29.588619]                                                           ^
[   29.589477]  fff00000c0976300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.590344]  fff00000c0976380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.591187] ==================================================================
[   29.460976] ==================================================================
[   29.461681] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   29.462296] Write of size 1 at addr fff00000c09762da by task kunit_try_catch/147
[   29.463105] 
[   29.463491] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   29.464606] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.465310] Hardware name: linux,dummy-virt (DT)
[   29.466019] Call trace:
[   29.466401]  show_stack+0x20/0x38 (C)
[   29.467035]  dump_stack_lvl+0x8c/0xd0
[   29.467637]  print_report+0x118/0x5e0
[   29.468404]  kasan_report+0xc8/0x118
[   29.469000]  __asan_report_store1_noabort+0x20/0x30
[   29.469757]  krealloc_less_oob_helper+0xa80/0xc50
[   29.470480]  krealloc_less_oob+0x20/0x38
[   29.471184]  kunit_try_run_case+0x14c/0x3d0
[   29.471730]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.472464]  kthread+0x24c/0x2d0
[   29.473079]  ret_from_fork+0x10/0x20
[   29.473702] 
[   29.474137] Allocated by task 147:
[   29.474685]  kasan_save_stack+0x3c/0x68
[   29.475322]  kasan_save_track+0x20/0x40
[   29.475813]  kasan_save_alloc_info+0x40/0x58
[   29.476448]  __kasan_krealloc+0x118/0x178
[   29.477141]  krealloc_noprof+0x128/0x360
[   29.477731]  krealloc_less_oob_helper+0x168/0xc50
[   29.478328]  krealloc_less_oob+0x20/0x38
[   29.478949]  kunit_try_run_case+0x14c/0x3d0
[   29.479568]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.480325]  kthread+0x24c/0x2d0
[   29.480817]  ret_from_fork+0x10/0x20
[   29.481441] 
[   29.481890] The buggy address belongs to the object at fff00000c0976200
[   29.481890]  which belongs to the cache kmalloc-256 of size 256
[   29.483339] The buggy address is located 17 bytes to the right of
[   29.483339]  allocated 201-byte region [fff00000c0976200, fff00000c09762c9)
[   29.484730] 
[   29.485048] The buggy address belongs to the physical page:
[   29.485811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100976
[   29.486742] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   29.487722] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   29.488573] page_type: f5(slab)
[   29.489044] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   29.489942] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   29.490930] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   29.492040] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   29.492866] head: 0bfffe0000000001 ffffc1ffc3025d81 ffffffffffffffff 0000000000000000
[   29.493751] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   29.494799] page dumped because: kasan: bad access detected
[   29.495473] 
[   29.495816] Memory state around the buggy address:
[   29.496471]  fff00000c0976180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.497524]  fff00000c0976200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.498591] >fff00000c0976280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   29.499572]                                                     ^
[   29.500507]  fff00000c0976300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.501479]  fff00000c0976380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.502271] ==================================================================
[   29.503907] ==================================================================
[   29.505562] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   29.506665] Write of size 1 at addr fff00000c09762ea by task kunit_try_catch/147
[   29.507850] 
[   29.508294] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   29.509566] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.510128] Hardware name: linux,dummy-virt (DT)
[   29.510682] Call trace:
[   29.511144]  show_stack+0x20/0x38 (C)
[   29.511702]  dump_stack_lvl+0x8c/0xd0
[   29.512820]  print_report+0x118/0x5e0
[   29.513687]  kasan_report+0xc8/0x118
[   29.514419]  __asan_report_store1_noabort+0x20/0x30
[   29.515264]  krealloc_less_oob_helper+0xae4/0xc50
[   29.516095]  krealloc_less_oob+0x20/0x38
[   29.516662]  kunit_try_run_case+0x14c/0x3d0
[   29.517236]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.518084]  kthread+0x24c/0x2d0
[   29.518652]  ret_from_fork+0x10/0x20
[   29.519369] 
[   29.519609] Allocated by task 147:
[   29.520198]  kasan_save_stack+0x3c/0x68
[   29.520787]  kasan_save_track+0x20/0x40
[   29.521440]  kasan_save_alloc_info+0x40/0x58
[   29.522180]  __kasan_krealloc+0x118/0x178
[   29.522835]  krealloc_noprof+0x128/0x360
[   29.523447]  krealloc_less_oob_helper+0x168/0xc50
[   29.524121]  krealloc_less_oob+0x20/0x38
[   29.524724]  kunit_try_run_case+0x14c/0x3d0
[   29.525309]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.526075]  kthread+0x24c/0x2d0
[   29.526653]  ret_from_fork+0x10/0x20
[   29.527182] 
[   29.527518] The buggy address belongs to the object at fff00000c0976200
[   29.527518]  which belongs to the cache kmalloc-256 of size 256
[   29.529020] The buggy address is located 33 bytes to the right of
[   29.529020]  allocated 201-byte region [fff00000c0976200, fff00000c09762c9)
[   29.530431] 
[   29.530711] The buggy address belongs to the physical page:
[   29.531505] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100976
[   29.532405] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   29.533331] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   29.534153] page_type: f5(slab)
[   29.534684] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   29.535563] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   29.536583] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   29.537599] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   29.538535] head: 0bfffe0000000001 ffffc1ffc3025d81 ffffffffffffffff 0000000000000000
[   29.539589] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   29.540541] page dumped because: kasan: bad access detected
[   29.541220] 
[   29.541555] Memory state around the buggy address:
[   29.542144]  fff00000c0976180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.543059]  fff00000c0976200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.543892] >fff00000c0976280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   29.544734]                                                           ^
[   29.545639]  fff00000c0976300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.546602]  fff00000c0976380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.547513] ==================================================================
[   29.414662] ==================================================================
[   29.416408] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   29.417304] Write of size 1 at addr fff00000c09762d0 by task kunit_try_catch/147
[   29.418103] 
[   29.419167] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   29.420541] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.421096] Hardware name: linux,dummy-virt (DT)
[   29.421648] Call trace:
[   29.422781]  show_stack+0x20/0x38 (C)
[   29.423384]  dump_stack_lvl+0x8c/0xd0
[   29.423934]  print_report+0x118/0x5e0
[   29.424513]  kasan_report+0xc8/0x118
[   29.425394]  __asan_report_store1_noabort+0x20/0x30
[   29.426027]  krealloc_less_oob_helper+0xb9c/0xc50
[   29.426663]  krealloc_less_oob+0x20/0x38
[   29.427682]  kunit_try_run_case+0x14c/0x3d0
[   29.428335]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.429281]  kthread+0x24c/0x2d0
[   29.429997]  ret_from_fork+0x10/0x20
[   29.430650] 
[   29.431021] Allocated by task 147:
[   29.431712]  kasan_save_stack+0x3c/0x68
[   29.432900]  kasan_save_track+0x20/0x40
[   29.433518]  kasan_save_alloc_info+0x40/0x58
[   29.434205]  __kasan_krealloc+0x118/0x178
[   29.434841]  krealloc_noprof+0x128/0x360
[   29.435413]  krealloc_less_oob_helper+0x168/0xc50
[   29.436043]  krealloc_less_oob+0x20/0x38
[   29.436631]  kunit_try_run_case+0x14c/0x3d0
[   29.437223]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.437978]  kthread+0x24c/0x2d0
[   29.438450]  ret_from_fork+0x10/0x20
[   29.439084] 
[   29.439491] The buggy address belongs to the object at fff00000c0976200
[   29.439491]  which belongs to the cache kmalloc-256 of size 256
[   29.440930] The buggy address is located 7 bytes to the right of
[   29.440930]  allocated 201-byte region [fff00000c0976200, fff00000c09762c9)
[   29.442280] 
[   29.442652] The buggy address belongs to the physical page:
[   29.443355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100976
[   29.444293] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   29.445198] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   29.446085] page_type: f5(slab)
[   29.446556] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   29.447428] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   29.448446] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   29.449410] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   29.450359] head: 0bfffe0000000001 ffffc1ffc3025d81 ffffffffffffffff 0000000000000000
[   29.451302] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   29.452190] page dumped because: kasan: bad access detected
[   29.452843] 
[   29.453197] Memory state around the buggy address:
[   29.453940]  fff00000c0976180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.454898]  fff00000c0976200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.455692] >fff00000c0976280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   29.456608]                                                  ^
[   29.457307]  fff00000c0976300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.458171]  fff00000c0976380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   29.459132] ==================================================================
[   29.781608] ==================================================================
[   29.782433] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   29.784090] Write of size 1 at addr fff00000c644e0ea by task kunit_try_catch/151
[   29.785052] 
[   29.785422] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   29.786600] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.787130] Hardware name: linux,dummy-virt (DT)
[   29.788128] Call trace:
[   29.788449]  show_stack+0x20/0x38 (C)
[   29.789161]  dump_stack_lvl+0x8c/0xd0
[   29.789702]  print_report+0x118/0x5e0
[   29.790312]  kasan_report+0xc8/0x118
[   29.790863]  __asan_report_store1_noabort+0x20/0x30
[   29.792334]  krealloc_less_oob_helper+0xae4/0xc50
[   29.793028]  krealloc_large_less_oob+0x20/0x38
[   29.793657]  kunit_try_run_case+0x14c/0x3d0
[   29.794336]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.795526]  kthread+0x24c/0x2d0
[   29.796163]  ret_from_fork+0x10/0x20
[   29.796740] 
[   29.797117] The buggy address belongs to the physical page:
[   29.797862] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10644c
[   29.798766] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   29.800001] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   29.801040] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   29.801841] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   29.803057] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   29.804216] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   29.805412] head: 0bfffe0000000002 ffffc1ffc3191301 ffffffffffffffff 0000000000000000
[   29.806321] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   29.807120] page dumped because: kasan: bad access detected
[   29.807891] 
[   29.808190] Memory state around the buggy address:
[   29.809546]  fff00000c644df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.810183]  fff00000c644e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.810612] >fff00000c644e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   29.811035]                                                           ^
[   29.811416]  fff00000c644e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   29.811819]  fff00000c644e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   29.813448] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2pnhC7sMGO3mZSKEpi2hQOshVKK

job_id

TEST:linaro@lkft#2pnhGOQkwFo1HvTfLArQnxPtO0I

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pnhGOQkwFo1HvTfLArQnxPtO0I

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pnhDDDmMVdXLj6DmVWKmIo5UuB/Image.gz
sha256sum	a3a8ddbb98eb5f4750cc8f3a81da5ad969a6f518cf5722d432de7312e72d1e19

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	f592205e64add7389d8a1055c235aa3685e13c7cfdfdbe5f212ab22afdbeb656

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pnhDDDmMVdXLj6DmVWKmIo5UuB/modules.tar.xz
sha256sum	bf63a42a45d4c5a423fba686bca6ce06daee4626a049ed0143a18a7fdc0aa05b

durations

tests

boot	368.30
kunit	453.57

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

[   27.124896] ==================================================================
[   27.126159] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0
[   27.127570] Write of size 1 at addr ffff8881009ab0ea by task kunit_try_catch/165
[   27.129550] 
[   27.130074] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   27.131413] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.132658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.134073] Call Trace:
[   27.134400]  <TASK>
[   27.134872]  dump_stack_lvl+0x73/0xb0
[   27.135829]  print_report+0xd1/0x640
[   27.136310]  ? __virt_addr_valid+0x1db/0x2d0
[   27.137349]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.137919]  kasan_report+0x102/0x140
[   27.139018]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   27.139483]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   27.140781]  __asan_report_store1_noabort+0x1b/0x30
[   27.141405]  krealloc_less_oob_helper+0xe92/0x11d0
[   27.142004]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.142665]  ? finish_task_switch.isra.0+0x153/0x700
[   27.144059]  ? __switch_to+0x5d9/0xf60
[   27.144617]  ? __schedule+0xc70/0x27e0
[   27.145480]  ? __pfx_read_tsc+0x10/0x10
[   27.146497]  krealloc_less_oob+0x1c/0x30
[   27.147879]  kunit_try_run_case+0x1b3/0x490
[   27.148904]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.150331]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.151405]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.152621]  ? __kthread_parkme+0x82/0x160
[   27.154312]  ? preempt_count_sub+0x50/0x80
[   27.155172]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.155724]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.157263]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.157956]  kthread+0x257/0x310
[   27.158395]  ? __pfx_kthread+0x10/0x10
[   27.159141]  ret_from_fork+0x41/0x80
[   27.159450]  ? __pfx_kthread+0x10/0x10
[   27.160353]  ret_from_fork_asm+0x1a/0x30
[   27.160910]  </TASK>
[   27.161355] 
[   27.161557] Allocated by task 165:
[   27.162589]  kasan_save_stack+0x3d/0x60
[   27.163343]  kasan_save_track+0x18/0x40
[   27.164362]  kasan_save_alloc_info+0x3b/0x50
[   27.165416]  __kasan_krealloc+0x190/0x1f0
[   27.166481]  krealloc_noprof+0xf3/0x340
[   27.167207]  krealloc_less_oob_helper+0x1ab/0x11d0
[   27.167588]  krealloc_less_oob+0x1c/0x30
[   27.167971]  kunit_try_run_case+0x1b3/0x490
[   27.168350]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.169031]  kthread+0x257/0x310
[   27.170446]  ret_from_fork+0x41/0x80
[   27.171381]  ret_from_fork_asm+0x1a/0x30
[   27.172395] 
[   27.172796] The buggy address belongs to the object at ffff8881009ab000
[   27.172796]  which belongs to the cache kmalloc-256 of size 256
[   27.174619] The buggy address is located 33 bytes to the right of
[   27.174619]  allocated 201-byte region [ffff8881009ab000, ffff8881009ab0c9)
[   27.177509] 
[   27.177790] The buggy address belongs to the physical page:
[   27.178406] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa
[   27.180251] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.181756] flags: 0x200000000000040(head|node=0|zone=2)
[   27.182660] page_type: f5(slab)
[   27.183465] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.184721] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.186320] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.188161] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.190045] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000
[   27.191456] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   27.192584] page dumped because: kasan: bad access detected
[   27.194553] 
[   27.195757] Memory state around the buggy address:
[   27.196122]  ffff8881009aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.197493]  ffff8881009ab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.198502] >ffff8881009ab080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   27.199119]                                                           ^
[   27.200294]  ffff8881009ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.202133]  ffff8881009ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.203342] ==================================================================
[   27.205071] ==================================================================
[   27.205888] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0
[   27.206473] Write of size 1 at addr ffff8881009ab0eb by task kunit_try_catch/165
[   27.207440] 
[   27.207626] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   27.209413] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.209996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.210640] Call Trace:
[   27.211126]  <TASK>
[   27.211658]  dump_stack_lvl+0x73/0xb0
[   27.212461]  print_report+0xd1/0x640
[   27.212770]  ? __virt_addr_valid+0x1db/0x2d0
[   27.213830]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.214805]  kasan_report+0x102/0x140
[   27.215093]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   27.215959]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   27.216651]  __asan_report_store1_noabort+0x1b/0x30
[   27.217722]  krealloc_less_oob_helper+0xd49/0x11d0
[   27.218963]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.219975]  ? finish_task_switch.isra.0+0x153/0x700
[   27.220767]  ? __switch_to+0x5d9/0xf60
[   27.221595]  ? __schedule+0xc70/0x27e0
[   27.222070]  ? __pfx_read_tsc+0x10/0x10
[   27.222499]  krealloc_less_oob+0x1c/0x30
[   27.223379]  kunit_try_run_case+0x1b3/0x490
[   27.223817]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.224434]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.225425]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.226206]  ? __kthread_parkme+0x82/0x160
[   27.226936]  ? preempt_count_sub+0x50/0x80
[   27.227559]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.228603]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.229264]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.230015]  kthread+0x257/0x310
[   27.230667]  ? __pfx_kthread+0x10/0x10
[   27.231541]  ret_from_fork+0x41/0x80
[   27.232204]  ? __pfx_kthread+0x10/0x10
[   27.232853]  ret_from_fork_asm+0x1a/0x30
[   27.233344]  </TASK>
[   27.233584] 
[   27.233806] Allocated by task 165:
[   27.234156]  kasan_save_stack+0x3d/0x60
[   27.234540]  kasan_save_track+0x18/0x40
[   27.235583]  kasan_save_alloc_info+0x3b/0x50
[   27.236537]  __kasan_krealloc+0x190/0x1f0
[   27.237638]  krealloc_noprof+0xf3/0x340
[   27.238223]  krealloc_less_oob_helper+0x1ab/0x11d0
[   27.238484]  krealloc_less_oob+0x1c/0x30
[   27.238672]  kunit_try_run_case+0x1b3/0x490
[   27.239192]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.240220]  kthread+0x257/0x310
[   27.240976]  ret_from_fork+0x41/0x80
[   27.241443]  ret_from_fork_asm+0x1a/0x30
[   27.242162] 
[   27.242500] The buggy address belongs to the object at ffff8881009ab000
[   27.242500]  which belongs to the cache kmalloc-256 of size 256
[   27.244439] The buggy address is located 34 bytes to the right of
[   27.244439]  allocated 201-byte region [ffff8881009ab000, ffff8881009ab0c9)
[   27.245779] 
[   27.246284] The buggy address belongs to the physical page:
[   27.246821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa
[   27.247552] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.248856] flags: 0x200000000000040(head|node=0|zone=2)
[   27.249457] page_type: f5(slab)
[   27.250503] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.251542] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.252319] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.252979] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.253863] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000
[   27.254560] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   27.255622] page dumped because: kasan: bad access detected
[   27.256397] 
[   27.256546] Memory state around the buggy address:
[   27.257081]  ffff8881009aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.258120]  ffff8881009ab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.259222] >ffff8881009ab080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   27.260142]                                                           ^
[   27.261416]  ffff8881009ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.262502]  ffff8881009ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.263408] ==================================================================
[   27.365533] ==================================================================
[   27.366852] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0
[   27.367562] Write of size 1 at addr ffff8881027aa0c9 by task kunit_try_catch/169
[   27.368417] 
[   27.368866] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   27.370748] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.371573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.372325] Call Trace:
[   27.372628]  <TASK>
[   27.373435]  dump_stack_lvl+0x73/0xb0
[   27.373991]  print_report+0xd1/0x640
[   27.374920]  ? __virt_addr_valid+0x1db/0x2d0
[   27.375560]  ? kasan_addr_to_slab+0x11/0xa0
[   27.376607]  kasan_report+0x102/0x140
[   27.377155]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   27.378277]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   27.378721]  __asan_report_store1_noabort+0x1b/0x30
[   27.379549]  krealloc_less_oob_helper+0xd72/0x11d0
[   27.380397]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.380751]  ? finish_task_switch.isra.0+0x153/0x700
[   27.382121]  ? __switch_to+0x5d9/0xf60
[   27.382479]  ? __schedule+0xc70/0x27e0
[   27.382917]  ? __pfx_read_tsc+0x10/0x10
[   27.383846]  krealloc_large_less_oob+0x1c/0x30
[   27.385162]  kunit_try_run_case+0x1b3/0x490
[   27.385620]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.386702]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.386983]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.388067]  ? __kthread_parkme+0x82/0x160
[   27.388556]  ? preempt_count_sub+0x50/0x80
[   27.389398]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.390331]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.391132]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.392101]  kthread+0x257/0x310
[   27.392992]  ? __pfx_kthread+0x10/0x10
[   27.393412]  ret_from_fork+0x41/0x80
[   27.394053]  ? __pfx_kthread+0x10/0x10
[   27.394598]  ret_from_fork_asm+0x1a/0x30
[   27.395120]  </TASK>
[   27.395447] 
[   27.395672] The buggy address belongs to the physical page:
[   27.396390] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a8
[   27.397729] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.398512] flags: 0x200000000000040(head|node=0|zone=2)
[   27.399738] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.400515] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.401341] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.402610] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.403408] head: 0200000000000002 ffffea000409ea01 ffffffffffffffff 0000000000000000
[   27.404541] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   27.405495] page dumped because: kasan: bad access detected
[   27.406477] 
[   27.406937] Memory state around the buggy address:
[   27.407450]  ffff8881027a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.408643]  ffff8881027aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.409606] >ffff8881027aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   27.410454]                                               ^
[   27.411487]  ffff8881027aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.412319]  ffff8881027aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.413125] ==================================================================
[   27.461318] ==================================================================
[   27.461930] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0
[   27.463885] Write of size 1 at addr ffff8881027aa0da by task kunit_try_catch/169
[   27.464611] 
[   27.465361] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   27.467343] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.467749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.468641] Call Trace:
[   27.469239]  <TASK>
[   27.469545]  dump_stack_lvl+0x73/0xb0
[   27.470195]  print_report+0xd1/0x640
[   27.470567]  ? __virt_addr_valid+0x1db/0x2d0
[   27.471197]  ? kasan_addr_to_slab+0x11/0xa0
[   27.471542]  kasan_report+0x102/0x140
[   27.472322]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   27.472986]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   27.473721]  __asan_report_store1_noabort+0x1b/0x30
[   27.474243]  krealloc_less_oob_helper+0xec8/0x11d0
[   27.474748]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.475499]  ? finish_task_switch.isra.0+0x153/0x700
[   27.476174]  ? __switch_to+0x5d9/0xf60
[   27.476772]  ? __schedule+0xc70/0x27e0
[   27.477407]  ? __pfx_read_tsc+0x10/0x10
[   27.478143]  krealloc_large_less_oob+0x1c/0x30
[   27.479300]  kunit_try_run_case+0x1b3/0x490
[   27.479961]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.480631]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.481511]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.482316]  ? __kthread_parkme+0x82/0x160
[   27.483294]  ? preempt_count_sub+0x50/0x80
[   27.483716]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.484440]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.485493]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.486216]  kthread+0x257/0x310
[   27.486919]  ? __pfx_kthread+0x10/0x10
[   27.487502]  ret_from_fork+0x41/0x80
[   27.487801]  ? __pfx_kthread+0x10/0x10
[   27.488354]  ret_from_fork_asm+0x1a/0x30
[   27.489254]  </TASK>
[   27.489627] 
[   27.490086] The buggy address belongs to the physical page:
[   27.490601] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a8
[   27.491400] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.492303] flags: 0x200000000000040(head|node=0|zone=2)
[   27.493025] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.493854] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.494712] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.495645] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.496737] head: 0200000000000002 ffffea000409ea01 ffffffffffffffff 0000000000000000
[   27.497740] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   27.498434] page dumped because: kasan: bad access detected
[   27.499226] 
[   27.499468] Memory state around the buggy address:
[   27.500342]  ffff8881027a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.501128]  ffff8881027aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.502049] >ffff8881027aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   27.503264]                                                     ^
[   27.503888]  ffff8881027aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.504510]  ffff8881027aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.505283] ==================================================================
[   27.006390] ==================================================================
[   27.007645] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0
[   27.008868] Write of size 1 at addr ffff8881009ab0d0 by task kunit_try_catch/165
[   27.010260] 
[   27.010511] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   27.011944] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.012712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.014018] Call Trace:
[   27.014335]  <TASK>
[   27.014610]  dump_stack_lvl+0x73/0xb0
[   27.015028]  print_report+0xd1/0x640
[   27.015400]  ? __virt_addr_valid+0x1db/0x2d0
[   27.016439]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.017048]  kasan_report+0x102/0x140
[   27.017419]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   27.017981]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   27.018540]  __asan_report_store1_noabort+0x1b/0x30
[   27.020198]  krealloc_less_oob_helper+0xe25/0x11d0
[   27.020802]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.021655]  ? finish_task_switch.isra.0+0x153/0x700
[   27.022159]  ? __switch_to+0x5d9/0xf60
[   27.022519]  ? __schedule+0xc70/0x27e0
[   27.022926]  ? __pfx_read_tsc+0x10/0x10
[   27.023302]  krealloc_less_oob+0x1c/0x30
[   27.024645]  kunit_try_run_case+0x1b3/0x490
[   27.025287]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.025955]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.026798]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.027631]  ? __kthread_parkme+0x82/0x160
[   27.028727]  ? preempt_count_sub+0x50/0x80
[   27.029142]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.029543]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.030924]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.031703]  kthread+0x257/0x310
[   27.032226]  ? __pfx_kthread+0x10/0x10
[   27.032810]  ret_from_fork+0x41/0x80
[   27.033720]  ? __pfx_kthread+0x10/0x10
[   27.034410]  ret_from_fork_asm+0x1a/0x30
[   27.035194]  </TASK>
[   27.035779] 
[   27.036279] Allocated by task 165:
[   27.036468]  kasan_save_stack+0x3d/0x60
[   27.036656]  kasan_save_track+0x18/0x40
[   27.037300]  kasan_save_alloc_info+0x3b/0x50
[   27.038067]  __kasan_krealloc+0x190/0x1f0
[   27.038843]  krealloc_noprof+0xf3/0x340
[   27.039733]  krealloc_less_oob_helper+0x1ab/0x11d0
[   27.040560]  krealloc_less_oob+0x1c/0x30
[   27.041253]  kunit_try_run_case+0x1b3/0x490
[   27.041719]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.042261]  kthread+0x257/0x310
[   27.042821]  ret_from_fork+0x41/0x80
[   27.043138]  ret_from_fork_asm+0x1a/0x30
[   27.043821] 
[   27.044235] The buggy address belongs to the object at ffff8881009ab000
[   27.044235]  which belongs to the cache kmalloc-256 of size 256
[   27.045342] The buggy address is located 7 bytes to the right of
[   27.045342]  allocated 201-byte region [ffff8881009ab000, ffff8881009ab0c9)
[   27.047154] 
[   27.047467] The buggy address belongs to the physical page:
[   27.048179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa
[   27.048922] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.049730] flags: 0x200000000000040(head|node=0|zone=2)
[   27.050232] page_type: f5(slab)
[   27.050751] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.051484] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.052724] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.053507] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.054561] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000
[   27.055471] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   27.056230] page dumped because: kasan: bad access detected
[   27.057157] 
[   27.057431] Memory state around the buggy address:
[   27.057849]  ffff8881009aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.058656]  ffff8881009ab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.059404] >ffff8881009ab080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   27.060485]                                                  ^
[   27.060967]  ffff8881009ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.062069]  ffff8881009ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.062702] ==================================================================
[   27.506103] ==================================================================
[   27.507150] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0
[   27.508357] Write of size 1 at addr ffff8881027aa0ea by task kunit_try_catch/169
[   27.509095] 
[   27.509400] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   27.510329] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.510960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.511857] Call Trace:
[   27.512459]  <TASK>
[   27.512752]  dump_stack_lvl+0x73/0xb0
[   27.513513]  print_report+0xd1/0x640
[   27.513907]  ? __virt_addr_valid+0x1db/0x2d0
[   27.514626]  ? kasan_addr_to_slab+0x11/0xa0
[   27.514971]  kasan_report+0x102/0x140
[   27.515791]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   27.516515]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   27.517415]  __asan_report_store1_noabort+0x1b/0x30
[   27.518060]  krealloc_less_oob_helper+0xe92/0x11d0
[   27.518566]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.519667]  ? finish_task_switch.isra.0+0x153/0x700
[   27.520399]  ? __switch_to+0x5d9/0xf60
[   27.520776]  ? __schedule+0xc70/0x27e0
[   27.521298]  ? __pfx_read_tsc+0x10/0x10
[   27.521903]  krealloc_large_less_oob+0x1c/0x30
[   27.522268]  kunit_try_run_case+0x1b3/0x490
[   27.522963]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.523811]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.524638]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.525021]  ? __kthread_parkme+0x82/0x160
[   27.525545]  ? preempt_count_sub+0x50/0x80
[   27.526085]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.526562]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.526969]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.527674]  kthread+0x257/0x310
[   27.528573]  ? __pfx_kthread+0x10/0x10
[   27.529186]  ret_from_fork+0x41/0x80
[   27.529629]  ? __pfx_kthread+0x10/0x10
[   27.530249]  ret_from_fork_asm+0x1a/0x30
[   27.530667]  </TASK>
[   27.531020] 
[   27.531353] The buggy address belongs to the physical page:
[   27.531997] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a8
[   27.532459] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.533710] flags: 0x200000000000040(head|node=0|zone=2)
[   27.534589] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.535482] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.536731] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.537979] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.538841] head: 0200000000000002 ffffea000409ea01 ffffffffffffffff 0000000000000000
[   27.539850] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   27.540868] page dumped because: kasan: bad access detected
[   27.541561] 
[   27.541843] Memory state around the buggy address:
[   27.542453]  ffff8881027a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.543234]  ffff8881027aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.544180] >ffff8881027aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   27.545307]                                                           ^
[   27.545988]  ffff8881027aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.547019]  ffff8881027aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.547858] ==================================================================
[   27.414446] ==================================================================
[   27.414893] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0
[   27.417311] Write of size 1 at addr ffff8881027aa0d0 by task kunit_try_catch/169
[   27.418258] 
[   27.418484] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   27.419398] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.420459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.421338] Call Trace:
[   27.421589]  <TASK>
[   27.421799]  dump_stack_lvl+0x73/0xb0
[   27.422150]  print_report+0xd1/0x640
[   27.422855]  ? __virt_addr_valid+0x1db/0x2d0
[   27.423756]  ? kasan_addr_to_slab+0x11/0xa0
[   27.424612]  kasan_report+0x102/0x140
[   27.425427]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   27.426664]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   27.427926]  __asan_report_store1_noabort+0x1b/0x30
[   27.428573]  krealloc_less_oob_helper+0xe25/0x11d0
[   27.429735]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.430593]  ? finish_task_switch.isra.0+0x153/0x700
[   27.431395]  ? __switch_to+0x5d9/0xf60
[   27.431809]  ? __schedule+0xc70/0x27e0
[   27.432221]  ? __pfx_read_tsc+0x10/0x10
[   27.432739]  krealloc_large_less_oob+0x1c/0x30
[   27.433406]  kunit_try_run_case+0x1b3/0x490
[   27.434029]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.434381]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.435019]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.435624]  ? __kthread_parkme+0x82/0x160
[   27.436542]  ? preempt_count_sub+0x50/0x80
[   27.437166]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.437713]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.438504]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.439207]  kthread+0x257/0x310
[   27.439641]  ? __pfx_kthread+0x10/0x10
[   27.440304]  ret_from_fork+0x41/0x80
[   27.441099]  ? __pfx_kthread+0x10/0x10
[   27.441462]  ret_from_fork_asm+0x1a/0x30
[   27.442176]  </TASK>
[   27.442441] 
[   27.442913] The buggy address belongs to the physical page:
[   27.443482] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a8
[   27.444441] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.445664] flags: 0x200000000000040(head|node=0|zone=2)
[   27.446782] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.448284] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.448584] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.449521] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.450188] head: 0200000000000002 ffffea000409ea01 ffffffffffffffff 0000000000000000
[   27.450839] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   27.451466] page dumped because: kasan: bad access detected
[   27.452542] 
[   27.452750] Memory state around the buggy address:
[   27.453934]  ffff8881027a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.455103]  ffff8881027aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.456425] >ffff8881027aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   27.457333]                                                  ^
[   27.458147]  ffff8881027aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.458903]  ffff8881027aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.459914] ==================================================================
[   26.951801] ==================================================================
[   26.953176] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0
[   26.953968] Write of size 1 at addr ffff8881009ab0c9 by task kunit_try_catch/165
[   26.954807] 
[   26.955100] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   26.956421] Tainted: [B]=BAD_PAGE, [N]=TEST
[   26.956958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   26.957660] Call Trace:
[   26.958299]  <TASK>
[   26.958663]  dump_stack_lvl+0x73/0xb0
[   26.959195]  print_report+0xd1/0x640
[   26.959623]  ? __virt_addr_valid+0x1db/0x2d0
[   26.960490]  ? kasan_complete_mode_report_info+0x2a/0x200
[   26.961391]  kasan_report+0x102/0x140
[   26.962462]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   26.963066]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   26.963587]  __asan_report_store1_noabort+0x1b/0x30
[   26.964110]  krealloc_less_oob_helper+0xd72/0x11d0
[   26.964656]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   26.965692]  ? finish_task_switch.isra.0+0x153/0x700
[   26.966452]  ? __switch_to+0x5d9/0xf60
[   26.966947]  ? __schedule+0xc70/0x27e0
[   26.967636]  ? __pfx_read_tsc+0x10/0x10
[   26.968155]  krealloc_less_oob+0x1c/0x30
[   26.968900]  kunit_try_run_case+0x1b3/0x490
[   26.969626]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.970302]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   26.971141]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   26.971721]  ? __kthread_parkme+0x82/0x160
[   26.972375]  ? preempt_count_sub+0x50/0x80
[   26.972975]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.973651]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   26.974555]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.975143]  kthread+0x257/0x310
[   26.975737]  ? __pfx_kthread+0x10/0x10
[   26.976386]  ret_from_fork+0x41/0x80
[   26.976821]  ? __pfx_kthread+0x10/0x10
[   26.977510]  ret_from_fork_asm+0x1a/0x30
[   26.978120]  </TASK>
[   26.978354] 
[   26.978615] Allocated by task 165:
[   26.978999]  kasan_save_stack+0x3d/0x60
[   26.979354]  kasan_save_track+0x18/0x40
[   26.980309]  kasan_save_alloc_info+0x3b/0x50
[   26.981094]  __kasan_krealloc+0x190/0x1f0
[   26.981656]  krealloc_noprof+0xf3/0x340
[   26.982321]  krealloc_less_oob_helper+0x1ab/0x11d0
[   26.983089]  krealloc_less_oob+0x1c/0x30
[   26.983610]  kunit_try_run_case+0x1b3/0x490
[   26.984432]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.984859]  kthread+0x257/0x310
[   26.985467]  ret_from_fork+0x41/0x80
[   26.985971]  ret_from_fork_asm+0x1a/0x30
[   26.986475] 
[   26.986718] The buggy address belongs to the object at ffff8881009ab000
[   26.986718]  which belongs to the cache kmalloc-256 of size 256
[   26.988270] The buggy address is located 0 bytes to the right of
[   26.988270]  allocated 201-byte region [ffff8881009ab000, ffff8881009ab0c9)
[   26.989811] 
[   26.990080] The buggy address belongs to the physical page:
[   26.990559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa
[   26.991511] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   26.992520] flags: 0x200000000000040(head|node=0|zone=2)
[   26.993032] page_type: f5(slab)
[   26.993362] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   26.994098] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   26.994768] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   26.995434] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   26.996490] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000
[   26.996970] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   26.997877] page dumped because: kasan: bad access detected
[   26.998505] 
[   26.999103] Memory state around the buggy address:
[   26.999750]  ffff8881009aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.000425]  ffff8881009ab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.001667] >ffff8881009ab080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   27.002302]                                               ^
[   27.002805]  ffff8881009ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.003394]  ffff8881009ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.004651] ==================================================================
[   27.064967] ==================================================================
[   27.065389] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0
[   27.065720] Write of size 1 at addr ffff8881009ab0da by task kunit_try_catch/165
[   27.066731] 
[   27.067129] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   27.069246] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.069656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.070976] Call Trace:
[   27.071379]  <TASK>
[   27.071890]  dump_stack_lvl+0x73/0xb0
[   27.072462]  print_report+0xd1/0x640
[   27.073457]  ? __virt_addr_valid+0x1db/0x2d0
[   27.074221]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.074909]  kasan_report+0x102/0x140
[   27.075761]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   27.076539]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   27.077953]  __asan_report_store1_noabort+0x1b/0x30
[   27.078543]  krealloc_less_oob_helper+0xec8/0x11d0
[   27.079333]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.080157]  ? finish_task_switch.isra.0+0x153/0x700
[   27.081424]  ? __switch_to+0x5d9/0xf60
[   27.081796]  ? __schedule+0xc70/0x27e0
[   27.082434]  ? __pfx_read_tsc+0x10/0x10
[   27.083083]  krealloc_less_oob+0x1c/0x30
[   27.083867]  kunit_try_run_case+0x1b3/0x490
[   27.084727]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.085533]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.086229]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.086981]  ? __kthread_parkme+0x82/0x160
[   27.087445]  ? preempt_count_sub+0x50/0x80
[   27.088505]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.089419]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.090015]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.090765]  kthread+0x257/0x310
[   27.091431]  ? __pfx_kthread+0x10/0x10
[   27.091804]  ret_from_fork+0x41/0x80
[   27.092863]  ? __pfx_kthread+0x10/0x10
[   27.093138]  ret_from_fork_asm+0x1a/0x30
[   27.093693]  </TASK>
[   27.094271] 
[   27.094631] Allocated by task 165:
[   27.095301]  kasan_save_stack+0x3d/0x60
[   27.096009]  kasan_save_track+0x18/0x40
[   27.096538]  kasan_save_alloc_info+0x3b/0x50
[   27.097130]  __kasan_krealloc+0x190/0x1f0
[   27.097702]  krealloc_noprof+0xf3/0x340
[   27.098829]  krealloc_less_oob_helper+0x1ab/0x11d0
[   27.100015]  krealloc_less_oob+0x1c/0x30
[   27.100404]  kunit_try_run_case+0x1b3/0x490
[   27.100908]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.101572]  kthread+0x257/0x310
[   27.101944]  ret_from_fork+0x41/0x80
[   27.102505]  ret_from_fork_asm+0x1a/0x30
[   27.103232] 
[   27.103592] The buggy address belongs to the object at ffff8881009ab000
[   27.103592]  which belongs to the cache kmalloc-256 of size 256
[   27.105040] The buggy address is located 17 bytes to the right of
[   27.105040]  allocated 201-byte region [ffff8881009ab000, ffff8881009ab0c9)
[   27.106199] 
[   27.106615] The buggy address belongs to the physical page:
[   27.107656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa
[   27.108631] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.109296] flags: 0x200000000000040(head|node=0|zone=2)
[   27.110199] page_type: f5(slab)
[   27.110500] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.111442] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.112708] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   27.113366] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.114093] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000
[   27.114985] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   27.116017] page dumped because: kasan: bad access detected
[   27.116400] 
[   27.116701] Memory state around the buggy address:
[   27.117714]  ffff8881009aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.118642]  ffff8881009ab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.119210] >ffff8881009ab080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   27.120562]                                                     ^
[   27.121371]  ffff8881009ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.122410]  ffff8881009ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.123386] ==================================================================
[   27.548776] ==================================================================
[   27.549620] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0
[   27.550413] Write of size 1 at addr ffff8881027aa0eb by task kunit_try_catch/169
[   27.551369] 
[   27.551786] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   27.553094] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.553695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.555177] Call Trace:
[   27.555414]  <TASK>
[   27.555617]  dump_stack_lvl+0x73/0xb0
[   27.556483]  print_report+0xd1/0x640
[   27.556984]  ? __virt_addr_valid+0x1db/0x2d0
[   27.557640]  ? kasan_addr_to_slab+0x11/0xa0
[   27.558732]  kasan_report+0x102/0x140
[   27.559621]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   27.560662]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   27.561636]  __asan_report_store1_noabort+0x1b/0x30
[   27.562630]  krealloc_less_oob_helper+0xd49/0x11d0
[   27.563472]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   27.564435]  ? finish_task_switch.isra.0+0x153/0x700
[   27.565042]  ? __switch_to+0x5d9/0xf60
[   27.565638]  ? __schedule+0xc70/0x27e0
[   27.566547]  ? __pfx_read_tsc+0x10/0x10
[   27.566955]  krealloc_large_less_oob+0x1c/0x30
[   27.567591]  kunit_try_run_case+0x1b3/0x490
[   27.568446]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.569182]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.569655]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.570338]  ? __kthread_parkme+0x82/0x160
[   27.570771]  ? preempt_count_sub+0x50/0x80
[   27.571268]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.571788]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.572505]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.573579]  kthread+0x257/0x310
[   27.573910]  ? __pfx_kthread+0x10/0x10
[   27.574542]  ret_from_fork+0x41/0x80
[   27.575198]  ? __pfx_kthread+0x10/0x10
[   27.575574]  ret_from_fork_asm+0x1a/0x30
[   27.576122]  </TASK>
[   27.576625] 
[   27.576941] The buggy address belongs to the physical page:
[   27.577698] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a8
[   27.578643] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.579377] flags: 0x200000000000040(head|node=0|zone=2)
[   27.580212] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.581106] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.582044] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.582776] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.583747] head: 0200000000000002 ffffea000409ea01 ffffffffffffffff 0000000000000000
[   27.584426] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   27.585668] page dumped because: kasan: bad access detected
[   27.586443] 
[   27.586752] Memory state around the buggy address:
[   27.587310]  ffff8881027a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.588414]  ffff8881027aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.589032] >ffff8881027aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   27.589813]                                                           ^
[   27.590560]  ffff8881027aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.591675]  ffff8881027aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.592717] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2pnhC7sMGO3mZSKEpi2hQOshVKK

job_id

TEST:linaro@lkft#2pnhHWFSK1dbZV5zleHb3KImSng

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pnhHWFSK1dbZV5zleHb3KImSng

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pnhEAoCkYWTiA52ztrhR2JrW2j/bzImage
sha256sum	6ac9a7b09124b3be18977719b6c42062081e4fc708754316fb00f1284d0ffbdc

rootfs

url	https://storage.tuxboot.com/debian/trixie/amd64/rootfs.ext4.xz
sha256sum	c6ceed53712217894b72c37cdc18ddb1157eb9bca95bb5bb312b9c30db3bb83b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pnhEAoCkYWTiA52ztrhR2JrW2j/modules.tar.xz
sha256sum	d3ec141e466e48bcd82ed4ba800c23ee25b64ee01ab02d8038ff3f8c6fd7ed6d

durations

tests

boot	336.99
kunit	512.65

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit