[   24.632878] ==================================================================
[   24.633009] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   24.633312] Write of size 1 at addr fff00000c77b60eb by task kunit_try_catch/163
[   24.633572] 
[   24.633646] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT 
[   24.634098] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.634162] Hardware name: linux,dummy-virt (DT)
[   24.634234] Call trace:
[   24.634282]  show_stack+0x20/0x38 (C)
[   24.634394]  dump_stack_lvl+0x8c/0xd0
[   24.634505]  print_report+0x118/0x608
[   24.634627]  kasan_report+0xdc/0x128
[   24.634762]  __asan_report_store1_noabort+0x20/0x30
[   24.634939]  krealloc_less_oob_helper+0xa58/0xc50
[   24.635174]  krealloc_large_less_oob+0x20/0x38
[   24.635314]  kunit_try_run_case+0x170/0x3f0
[   24.635462]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.635600]  kthread+0x328/0x630
[   24.635739]  ret_from_fork+0x10/0x20
[   24.636050] 
[   24.636102] The buggy address belongs to the physical page:
[   24.636173] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b4
[   24.636295] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.636412] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.636533] page_type: f8(unknown)
[   24.636621] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.636756] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.636871] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.636981] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.637096] head: 0bfffe0000000002 ffffc1ffc31ded01 00000000ffffffff 00000000ffffffff
[   24.637210] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   24.637329] page dumped because: kasan: bad access detected
[   24.637415] 
[   24.637519] Memory state around the buggy address:
[   24.637632]  fff00000c77b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.637765]  fff00000c77b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.637976] >fff00000c77b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   24.638077]                                                           ^
[   24.638186]  fff00000c77b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.638360]  fff00000c77b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.638487] ==================================================================
[   24.495738] ==================================================================
[   24.495908] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   24.496080] Write of size 1 at addr fff00000c5fb20eb by task kunit_try_catch/159
[   24.496209] 
[   24.496281] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT 
[   24.496569] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.496720] Hardware name: linux,dummy-virt (DT)
[   24.496809] Call trace:
[   24.497118]  show_stack+0x20/0x38 (C)
[   24.497261]  dump_stack_lvl+0x8c/0xd0
[   24.497415]  print_report+0x118/0x608
[   24.497629]  kasan_report+0xdc/0x128
[   24.497775]  __asan_report_store1_noabort+0x20/0x30
[   24.497995]  krealloc_less_oob_helper+0xa58/0xc50
[   24.498130]  krealloc_less_oob+0x20/0x38
[   24.498249]  kunit_try_run_case+0x170/0x3f0
[   24.498372]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.498503]  kthread+0x328/0x630
[   24.498608]  ret_from_fork+0x10/0x20
[   24.498771] 
[   24.498934] Allocated by task 159:
[   24.499095]  kasan_save_stack+0x3c/0x68
[   24.499211]  kasan_save_track+0x20/0x40
[   24.499324]  kasan_save_alloc_info+0x40/0x58
[   24.499528]  __kasan_krealloc+0x118/0x178
[   24.499643]  krealloc_noprof+0x128/0x360
[   24.499769]  krealloc_less_oob_helper+0x168/0xc50
[   24.499915]  krealloc_less_oob+0x20/0x38
[   24.500038]  kunit_try_run_case+0x170/0x3f0
[   24.500234]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.500400]  kthread+0x328/0x630
[   24.500516]  ret_from_fork+0x10/0x20
[   24.500841] 
[   24.500895] The buggy address belongs to the object at fff00000c5fb2000
[   24.500895]  which belongs to the cache kmalloc-256 of size 256
[   24.501104] The buggy address is located 34 bytes to the right of
[   24.501104]  allocated 201-byte region [fff00000c5fb2000, fff00000c5fb20c9)
[   24.501458] 
[   24.501509] The buggy address belongs to the physical page:
[   24.501578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fb2
[   24.501715] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.501828] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.501975] page_type: f5(slab)
[   24.502228] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   24.502366] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.502520] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   24.502635] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.502781] head: 0bfffe0000000001 ffffc1ffc317ec81 00000000ffffffff 00000000ffffffff
[   24.503192] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   24.503301] page dumped because: kasan: bad access detected
[   24.503384] 
[   24.503434] Memory state around the buggy address:
[   24.503516]  fff00000c5fb1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.503625]  fff00000c5fb2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.503823] >fff00000c5fb2080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   24.503918]                                                           ^
[   24.504050]  fff00000c5fb2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.504236]  fff00000c5fb2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.504335] ==================================================================
[   24.486460] ==================================================================
[   24.486708] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   24.486852] Write of size 1 at addr fff00000c5fb20ea by task kunit_try_catch/159
[   24.487132] 
[   24.487222] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT 
[   24.487414] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.487475] Hardware name: linux,dummy-virt (DT)
[   24.487548] Call trace:
[   24.487605]  show_stack+0x20/0x38 (C)
[   24.487775]  dump_stack_lvl+0x8c/0xd0
[   24.487954]  print_report+0x118/0x608
[   24.488095]  kasan_report+0xdc/0x128
[   24.488225]  __asan_report_store1_noabort+0x20/0x30
[   24.488403]  krealloc_less_oob_helper+0xae4/0xc50
[   24.488531]  krealloc_less_oob+0x20/0x38
[   24.488654]  kunit_try_run_case+0x170/0x3f0
[   24.488817]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.489055]  kthread+0x328/0x630
[   24.489379]  ret_from_fork+0x10/0x20
[   24.489512] 
[   24.489563] Allocated by task 159:
[   24.489643]  kasan_save_stack+0x3c/0x68
[   24.489777]  kasan_save_track+0x20/0x40
[   24.489888]  kasan_save_alloc_info+0x40/0x58
[   24.490093]  __kasan_krealloc+0x118/0x178
[   24.490360]  krealloc_noprof+0x128/0x360
[   24.490458]  krealloc_less_oob_helper+0x168/0xc50
[   24.490570]  krealloc_less_oob+0x20/0x38
[   24.490844]  kunit_try_run_case+0x170/0x3f0
[   24.490944]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.491060]  kthread+0x328/0x630
[   24.491301]  ret_from_fork+0x10/0x20
[   24.491394] 
[   24.491469] The buggy address belongs to the object at fff00000c5fb2000
[   24.491469]  which belongs to the cache kmalloc-256 of size 256
[   24.491652] The buggy address is located 33 bytes to the right of
[   24.491652]  allocated 201-byte region [fff00000c5fb2000, fff00000c5fb20c9)
[   24.491914] 
[   24.491974] The buggy address belongs to the physical page:
[   24.492055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fb2
[   24.492189] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.492316] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.492447] page_type: f5(slab)
[   24.492537] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   24.492714] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.492856] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   24.492988] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.493153] head: 0bfffe0000000001 ffffc1ffc317ec81 00000000ffffffff 00000000ffffffff
[   24.493302] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   24.493434] page dumped because: kasan: bad access detected
[   24.493577] 
[   24.493632] Memory state around the buggy address:
[   24.493735]  fff00000c5fb1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.493836]  fff00000c5fb2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.493925] >fff00000c5fb2080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   24.494013]                                                           ^
[   24.494201]  fff00000c5fb2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.494303]  fff00000c5fb2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.494389] ==================================================================
[   24.620642] ==================================================================
[   24.621267] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   24.621594] Write of size 1 at addr fff00000c77b60ea by task kunit_try_catch/163
[   24.621786] 
[   24.621995] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT 
[   24.622196] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.622261] Hardware name: linux,dummy-virt (DT)
[   24.622335] Call trace:
[   24.622383]  show_stack+0x20/0x38 (C)
[   24.622496]  dump_stack_lvl+0x8c/0xd0
[   24.622629]  print_report+0x118/0x608
[   24.622842]  kasan_report+0xdc/0x128
[   24.623612]  __asan_report_store1_noabort+0x20/0x30
[   24.623761]  krealloc_less_oob_helper+0xae4/0xc50
[   24.624220]  krealloc_large_less_oob+0x20/0x38
[   24.624398]  kunit_try_run_case+0x170/0x3f0
[   24.624523]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.624670]  kthread+0x328/0x630
[   24.624896]  ret_from_fork+0x10/0x20
[   24.625165] 
[   24.625295] The buggy address belongs to the physical page:
[   24.625378] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b4
[   24.625531] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.625798] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.625976] page_type: f8(unknown)
[   24.626067] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.626179] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.626291] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.626402] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.626516] head: 0bfffe0000000002 ffffc1ffc31ded01 00000000ffffffff 00000000ffffffff
[   24.627080] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   24.627331] page dumped because: kasan: bad access detected
[   24.627633] 
[   24.627698] Memory state around the buggy address:
[   24.627777]  fff00000c77b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.627882]  fff00000c77b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.629301] >fff00000c77b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   24.630149]                                                           ^
[   24.630451]  fff00000c77b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.630555]  fff00000c77b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.630646] ==================================================================
[   24.589637] ==================================================================
[   24.589772] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   24.589890] Write of size 1 at addr fff00000c77b60d0 by task kunit_try_catch/163
[   24.590005] 
[   24.590075] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT 
[   24.593798] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.593884] Hardware name: linux,dummy-virt (DT)
[   24.594431] Call trace:
[   24.594494]  show_stack+0x20/0x38 (C)
[   24.594626]  dump_stack_lvl+0x8c/0xd0
[   24.595638]  print_report+0x118/0x608
[   24.595809]  kasan_report+0xdc/0x128
[   24.600167]  __asan_report_store1_noabort+0x20/0x30
[   24.600351]  krealloc_less_oob_helper+0xb9c/0xc50
[   24.600500]  krealloc_large_less_oob+0x20/0x38
[   24.600757]  kunit_try_run_case+0x170/0x3f0
[   24.601060]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.601209]  kthread+0x328/0x630
[   24.601337]  ret_from_fork+0x10/0x20
[   24.601475] 
[   24.601534] The buggy address belongs to the physical page:
[   24.601906] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b4
[   24.602384] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.602559] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.602708] page_type: f8(unknown)
[   24.602986] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.603185] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.603462] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.603656] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.603808] head: 0bfffe0000000002 ffffc1ffc31ded01 00000000ffffffff 00000000ffffffff
[   24.604035] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   24.604721] page dumped because: kasan: bad access detected
[   24.604834] 
[   24.604887] Memory state around the buggy address:
[   24.605197]  fff00000c77b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.605319]  fff00000c77b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.605440] >fff00000c77b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   24.605610]                                                  ^
[   24.605749]  fff00000c77b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.606048]  fff00000c77b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.606415] ==================================================================
[   24.418631] ==================================================================
[   24.418781] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   24.418921] Write of size 1 at addr fff00000c5fb20c9 by task kunit_try_catch/159
[   24.419034] 
[   24.419111] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT 
[   24.419302] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.419364] Hardware name: linux,dummy-virt (DT)
[   24.419435] Call trace:
[   24.419484]  show_stack+0x20/0x38 (C)
[   24.419605]  dump_stack_lvl+0x8c/0xd0
[   24.420400]  print_report+0x118/0x608
[   24.420533]  kasan_report+0xdc/0x128
[   24.420880]  __asan_report_store1_noabort+0x20/0x30
[   24.421076]  krealloc_less_oob_helper+0xa48/0xc50
[   24.421459]  krealloc_less_oob+0x20/0x38
[   24.421635]  kunit_try_run_case+0x170/0x3f0
[   24.422009]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.422211]  kthread+0x328/0x630
[   24.422323]  ret_from_fork+0x10/0x20
[   24.423007] 
[   24.423714] Allocated by task 159:
[   24.423803]  kasan_save_stack+0x3c/0x68
[   24.424264]  kasan_save_track+0x20/0x40
[   24.424831]  kasan_save_alloc_info+0x40/0x58
[   24.425060]  __kasan_krealloc+0x118/0x178
[   24.425668]  krealloc_noprof+0x128/0x360
[   24.425786]  krealloc_less_oob_helper+0x168/0xc50
[   24.426428]  krealloc_less_oob+0x20/0x38
[   24.426761]  kunit_try_run_case+0x170/0x3f0
[   24.427035]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.428145]  kthread+0x328/0x630
[   24.428669]  ret_from_fork+0x10/0x20
[   24.429031] 
[   24.429087] The buggy address belongs to the object at fff00000c5fb2000
[   24.429087]  which belongs to the cache kmalloc-256 of size 256
[   24.429219] The buggy address is located 0 bytes to the right of
[   24.429219]  allocated 201-byte region [fff00000c5fb2000, fff00000c5fb20c9)
[   24.429379] 
[   24.429429] The buggy address belongs to the physical page:
[   24.429506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fb2
[   24.429630] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.429755] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.432089] page_type: f5(slab)
[   24.432408] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   24.432525] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.432929] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   24.433727] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.433850] head: 0bfffe0000000001 ffffc1ffc317ec81 00000000ffffffff 00000000ffffffff
[   24.433966] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   24.435153] page dumped because: kasan: bad access detected
[   24.435409] 
[   24.435456] Memory state around the buggy address:
[   24.435756]  fff00000c5fb1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.435969]  fff00000c5fb2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.436068] >fff00000c5fb2080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   24.436153]                                               ^
[   24.437113]  fff00000c5fb2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.437219]  fff00000c5fb2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.438390] ==================================================================
[   24.445601] ==================================================================
[   24.447255] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   24.448151] Write of size 1 at addr fff00000c5fb20d0 by task kunit_try_catch/159
[   24.448319] 
[   24.448710] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT 
[   24.448934] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.448995] Hardware name: linux,dummy-virt (DT)
[   24.449037] Call trace:
[   24.449064]  show_stack+0x20/0x38 (C)
[   24.449160]  dump_stack_lvl+0x8c/0xd0
[   24.449305]  print_report+0x118/0x608
[   24.449656]  kasan_report+0xdc/0x128
[   24.449905]  __asan_report_store1_noabort+0x20/0x30
[   24.450134]  krealloc_less_oob_helper+0xb9c/0xc50
[   24.450355]  krealloc_less_oob+0x20/0x38
[   24.450506]  kunit_try_run_case+0x170/0x3f0
[   24.450736]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.451179]  kthread+0x328/0x630
[   24.451410]  ret_from_fork+0x10/0x20
[   24.451635] 
[   24.451751] Allocated by task 159:
[   24.451837]  kasan_save_stack+0x3c/0x68
[   24.452038]  kasan_save_track+0x20/0x40
[   24.452175]  kasan_save_alloc_info+0x40/0x58
[   24.452362]  __kasan_krealloc+0x118/0x178
[   24.452599]  krealloc_noprof+0x128/0x360
[   24.453324]  krealloc_less_oob_helper+0x168/0xc50
[   24.453432]  krealloc_less_oob+0x20/0x38
[   24.453521]  kunit_try_run_case+0x170/0x3f0
[   24.453610]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.453733]  kthread+0x328/0x630
[   24.453832]  ret_from_fork+0x10/0x20
[   24.455032] 
[   24.455113] The buggy address belongs to the object at fff00000c5fb2000
[   24.455113]  which belongs to the cache kmalloc-256 of size 256
[   24.455423] The buggy address is located 7 bytes to the right of
[   24.455423]  allocated 201-byte region [fff00000c5fb2000, fff00000c5fb20c9)
[   24.455847] 
[   24.455966] The buggy address belongs to the physical page:
[   24.456052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fb2
[   24.456180] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.456295] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.456560] page_type: f5(slab)
[   24.456846] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   24.457600] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.457740] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   24.458570] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.458862] head: 0bfffe0000000001 ffffc1ffc317ec81 00000000ffffffff 00000000ffffffff
[   24.459002] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   24.459649] page dumped because: kasan: bad access detected
[   24.459744] 
[   24.459792] Memory state around the buggy address:
[   24.459870]  fff00000c5fb1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.459973]  fff00000c5fb2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.460076] >fff00000c5fb2080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   24.461510]                                                  ^
[   24.462047]  fff00000c5fb2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.462428]  fff00000c5fb2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.462718] ==================================================================
[   24.464128] ==================================================================
[   24.464443] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   24.464570] Write of size 1 at addr fff00000c5fb20da by task kunit_try_catch/159
[   24.464952] 
[   24.465062] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT 
[   24.465270] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.465336] Hardware name: linux,dummy-virt (DT)
[   24.465411] Call trace:
[   24.465464]  show_stack+0x20/0x38 (C)
[   24.466165]  dump_stack_lvl+0x8c/0xd0
[   24.466403]  print_report+0x118/0x608
[   24.466667]  kasan_report+0xdc/0x128
[   24.466957]  __asan_report_store1_noabort+0x20/0x30
[   24.467328]  krealloc_less_oob_helper+0xa80/0xc50
[   24.467777]  krealloc_less_oob+0x20/0x38
[   24.467955]  kunit_try_run_case+0x170/0x3f0
[   24.468478]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.468621]  kthread+0x328/0x630
[   24.468867]  ret_from_fork+0x10/0x20
[   24.469338] 
[   24.469560] Allocated by task 159:
[   24.469789]  kasan_save_stack+0x3c/0x68
[   24.469969]  kasan_save_track+0x20/0x40
[   24.470232]  kasan_save_alloc_info+0x40/0x58
[   24.470541]  __kasan_krealloc+0x118/0x178
[   24.470745]  krealloc_noprof+0x128/0x360
[   24.470848]  krealloc_less_oob_helper+0x168/0xc50
[   24.470956]  krealloc_less_oob+0x20/0x38
[   24.471423]  kunit_try_run_case+0x170/0x3f0
[   24.472227]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.472592]  kthread+0x328/0x630
[   24.472943]  ret_from_fork+0x10/0x20
[   24.473037] 
[   24.473086] The buggy address belongs to the object at fff00000c5fb2000
[   24.473086]  which belongs to the cache kmalloc-256 of size 256
[   24.474159] The buggy address is located 17 bytes to the right of
[   24.474159]  allocated 201-byte region [fff00000c5fb2000, fff00000c5fb20c9)
[   24.474648] 
[   24.474897] The buggy address belongs to the physical page:
[   24.474980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fb2
[   24.475744] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.476206] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.476390] page_type: f5(slab)
[   24.477409] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   24.477979] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.478352] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   24.478653] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.479411] head: 0bfffe0000000001 ffffc1ffc317ec81 00000000ffffffff 00000000ffffffff
[   24.479552] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   24.479992] page dumped because: kasan: bad access detected
[   24.480068] 
[   24.481077] Memory state around the buggy address:
[   24.481843]  fff00000c5fb1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.482300]  fff00000c5fb2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.482769] >fff00000c5fb2080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   24.483096]                                                     ^
[   24.483731]  fff00000c5fb2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.484296]  fff00000c5fb2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.484392] ==================================================================
[   24.608157] ==================================================================
[   24.608835] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   24.609170] Write of size 1 at addr fff00000c77b60da by task kunit_try_catch/163
[   24.609876] 
[   24.609962] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT 
[   24.610150] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.610211] Hardware name: linux,dummy-virt (DT)
[   24.610281] Call trace:
[   24.610331]  show_stack+0x20/0x38 (C)
[   24.610447]  dump_stack_lvl+0x8c/0xd0
[   24.610564]  print_report+0x118/0x608
[   24.612442]  kasan_report+0xdc/0x128
[   24.612876]  __asan_report_store1_noabort+0x20/0x30
[   24.613368]  krealloc_less_oob_helper+0xa80/0xc50
[   24.613499]  krealloc_large_less_oob+0x20/0x38
[   24.613618]  kunit_try_run_case+0x170/0x3f0
[   24.613755]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.613913]  kthread+0x328/0x630
[   24.614027]  ret_from_fork+0x10/0x20
[   24.614146] 
[   24.614213] The buggy address belongs to the physical page:
[   24.614303] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b4
[   24.614431] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.614549] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.615470] page_type: f8(unknown)
[   24.615569] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.615706] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.616238] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.616479] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.616731] head: 0bfffe0000000002 ffffc1ffc31ded01 00000000ffffffff 00000000ffffffff
[   24.617013] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   24.617121] page dumped because: kasan: bad access detected
[   24.617193] 
[   24.618148] Memory state around the buggy address:
[   24.618290]  fff00000c77b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.618460]  fff00000c77b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.618559] >fff00000c77b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   24.618652]                                                     ^
[   24.618756]  fff00000c77b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.618903]  fff00000c77b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.619145] ==================================================================
[   24.573325] ==================================================================
[   24.573463] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   24.573779] Write of size 1 at addr fff00000c77b60c9 by task kunit_try_catch/163
[   24.573951] 
[   24.574177] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT 
[   24.574406] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.574468] Hardware name: linux,dummy-virt (DT)
[   24.574539] Call trace:
[   24.574599]  show_stack+0x20/0x38 (C)
[   24.574770]  dump_stack_lvl+0x8c/0xd0
[   24.574914]  print_report+0x118/0x608
[   24.575504]  kasan_report+0xdc/0x128
[   24.575637]  __asan_report_store1_noabort+0x20/0x30
[   24.575797]  krealloc_less_oob_helper+0xa48/0xc50
[   24.576173]  krealloc_large_less_oob+0x20/0x38
[   24.576506]  kunit_try_run_case+0x170/0x3f0
[   24.576696]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.576849]  kthread+0x328/0x630
[   24.577060]  ret_from_fork+0x10/0x20
[   24.577373] 
[   24.577506] The buggy address belongs to the physical page:
[   24.577727] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b4
[   24.577854] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.577966] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.578089] page_type: f8(unknown)
[   24.578181] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.578295] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.578408] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.578520] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.578631] head: 0bfffe0000000002 ffffc1ffc31ded01 00000000ffffffff 00000000ffffffff
[   24.578786] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   24.578896] page dumped because: kasan: bad access detected
[   24.578979] 
[   24.579030] Memory state around the buggy address:
[   24.579545]  fff00000c77b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.579665]  fff00000c77b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.579793] >fff00000c77b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   24.579879]                                               ^
[   24.579957]  fff00000c77b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.580053]  fff00000c77b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.580138] ==================================================================

[   17.547855] ==================================================================
[   17.549253] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   17.550995] Write of size 1 at addr ffff888100a242eb by task kunit_try_catch/175
[   17.552645] 
[   17.552894] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT(voluntary) 
[   17.553020] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.553077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.553135] Call Trace:
[   17.553186]  <TASK>
[   17.553237]  dump_stack_lvl+0x73/0xb0
[   17.553320]  print_report+0xd1/0x650
[   17.553395]  ? __virt_addr_valid+0x1db/0x2d0
[   17.553434]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   17.553469]  ? kasan_complete_mode_report_info+0x2a/0x200
[   17.553500]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   17.553534]  kasan_report+0x141/0x180
[   17.553564]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   17.553604]  __asan_report_store1_noabort+0x1b/0x30
[   17.553632]  krealloc_less_oob_helper+0xd47/0x11d0
[   17.553668]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.553701]  ? finish_task_switch.isra.0+0x153/0x700
[   17.553733]  ? __switch_to+0x47/0xf50
[   17.553785]  ? __schedule+0x10cc/0x2b60
[   17.553865]  ? __pfx_read_tsc+0x10/0x10
[   17.553945]  krealloc_less_oob+0x1c/0x30
[   17.554111]  kunit_try_run_case+0x1a5/0x480
[   17.554270]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.554352]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   17.554430]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.554528]  ? __kthread_parkme+0x82/0x180
[   17.554595]  ? preempt_count_sub+0x50/0x80
[   17.554668]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.554741]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.554828]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.554900]  kthread+0x337/0x6f0
[   17.554932]  ? trace_preempt_on+0x20/0xc0
[   17.554964]  ? __pfx_kthread+0x10/0x10
[   17.554992]  ? _raw_spin_unlock_irq+0x47/0x80
[   17.555064]  ? calculate_sigpending+0x7b/0xa0
[   17.555120]  ? __pfx_kthread+0x10/0x10
[   17.555151]  ret_from_fork+0x116/0x1d0
[   17.555217]  ? __pfx_kthread+0x10/0x10
[   17.555296]  ret_from_fork_asm+0x1a/0x30
[   17.555342]  </TASK>
[   17.555356] 
[   17.582947] Allocated by task 175:
[   17.583982]  kasan_save_stack+0x45/0x70
[   17.584592]  kasan_save_track+0x18/0x40
[   17.585360]  kasan_save_alloc_info+0x3b/0x50
[   17.585732]  __kasan_krealloc+0x190/0x1f0
[   17.586299]  krealloc_noprof+0xf3/0x340
[   17.586777]  krealloc_less_oob_helper+0x1aa/0x11d0
[   17.587334]  krealloc_less_oob+0x1c/0x30
[   17.587766]  kunit_try_run_case+0x1a5/0x480
[   17.588141]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.588684]  kthread+0x337/0x6f0
[   17.589788]  ret_from_fork+0x116/0x1d0
[   17.590531]  ret_from_fork_asm+0x1a/0x30
[   17.591236] 
[   17.591705] The buggy address belongs to the object at ffff888100a24200
[   17.591705]  which belongs to the cache kmalloc-256 of size 256
[   17.592681] The buggy address is located 34 bytes to the right of
[   17.592681]  allocated 201-byte region [ffff888100a24200, ffff888100a242c9)
[   17.595231] 
[   17.595444] The buggy address belongs to the physical page:
[   17.595958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24
[   17.597732] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.598755] flags: 0x200000000000040(head|node=0|zone=2)
[   17.599727] page_type: f5(slab)
[   17.600509] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   17.601495] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.602280] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   17.602902] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.603994] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff
[   17.605064] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.605763] page dumped because: kasan: bad access detected
[   17.605979] 
[   17.606091] Memory state around the buggy address:
[   17.606264]  ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.606506]  ffff888100a24200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.606734] >ffff888100a24280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.606990]                                                           ^
[   17.607428]  ffff888100a24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.609384]  ffff888100a24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.610000] ==================================================================
[   17.706674] ==================================================================
[   17.707548] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   17.709332] Write of size 1 at addr ffff8881024ce0c9 by task kunit_try_catch/179
[   17.709890] 
[   17.710491] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT(voluntary) 
[   17.710556] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.710573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.710602] Call Trace:
[   17.710620]  <TASK>
[   17.710642]  dump_stack_lvl+0x73/0xb0
[   17.710680]  print_report+0xd1/0x650
[   17.710711]  ? __virt_addr_valid+0x1db/0x2d0
[   17.710742]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   17.710821]  ? kasan_addr_to_slab+0x11/0xa0
[   17.710854]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   17.710889]  kasan_report+0x141/0x180
[   17.710920]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   17.710959]  __asan_report_store1_noabort+0x1b/0x30
[   17.710988]  krealloc_less_oob_helper+0xd70/0x11d0
[   17.711024]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.711096]  ? finish_task_switch.isra.0+0x153/0x700
[   17.711130]  ? __switch_to+0x47/0xf50
[   17.711165]  ? __schedule+0x10cc/0x2b60
[   17.711198]  ? __pfx_read_tsc+0x10/0x10
[   17.711232]  krealloc_large_less_oob+0x1c/0x30
[   17.711266]  kunit_try_run_case+0x1a5/0x480
[   17.711296]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.711323]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   17.711357]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.711392]  ? __kthread_parkme+0x82/0x180
[   17.711420]  ? preempt_count_sub+0x50/0x80
[   17.711451]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.711480]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.711513]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.711547]  kthread+0x337/0x6f0
[   17.711574]  ? trace_preempt_on+0x20/0xc0
[   17.711605]  ? __pfx_kthread+0x10/0x10
[   17.711633]  ? _raw_spin_unlock_irq+0x47/0x80
[   17.711664]  ? calculate_sigpending+0x7b/0xa0
[   17.711698]  ? __pfx_kthread+0x10/0x10
[   17.711727]  ret_from_fork+0x116/0x1d0
[   17.711755]  ? __pfx_kthread+0x10/0x10
[   17.711809]  ret_from_fork_asm+0x1a/0x30
[   17.711854]  </TASK>
[   17.711868] 
[   17.733004] The buggy address belongs to the physical page:
[   17.733619] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc
[   17.734715] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.735615] flags: 0x200000000000040(head|node=0|zone=2)
[   17.736363] page_type: f8(unknown)
[   17.737201] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.737771] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.738206] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.738469] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.738716] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff
[   17.739916] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.740948] page dumped because: kasan: bad access detected
[   17.741436] 
[   17.741708] Memory state around the buggy address:
[   17.742199]  ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.743275]  ffff8881024ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.743723] >ffff8881024ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.744555]                                               ^
[   17.745303]  ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.745855]  ffff8881024ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.746594] ==================================================================
[   17.863963] ==================================================================
[   17.864595] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   17.865277] Write of size 1 at addr ffff8881024ce0eb by task kunit_try_catch/179
[   17.866125] 
[   17.866362] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT(voluntary) 
[   17.866506] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.866539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.866615] Call Trace:
[   17.866668]  <TASK>
[   17.866708]  dump_stack_lvl+0x73/0xb0
[   17.866778]  print_report+0xd1/0x650
[   17.866846]  ? __virt_addr_valid+0x1db/0x2d0
[   17.866909]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   17.866976]  ? kasan_addr_to_slab+0x11/0xa0
[   17.867099]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   17.867206]  kasan_report+0x141/0x180
[   17.867329]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   17.867445]  __asan_report_store1_noabort+0x1b/0x30
[   17.867519]  krealloc_less_oob_helper+0xd47/0x11d0
[   17.867602]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.867683]  ? finish_task_switch.isra.0+0x153/0x700
[   17.867798]  ? __switch_to+0x47/0xf50
[   17.867906]  ? __schedule+0x10cc/0x2b60
[   17.868017]  ? __pfx_read_tsc+0x10/0x10
[   17.868120]  krealloc_large_less_oob+0x1c/0x30
[   17.868199]  kunit_try_run_case+0x1a5/0x480
[   17.868276]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.868340]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   17.868442]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.868553]  ? __kthread_parkme+0x82/0x180
[   17.868622]  ? preempt_count_sub+0x50/0x80
[   17.868695]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.868733]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.868807]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.868844]  kthread+0x337/0x6f0
[   17.868871]  ? trace_preempt_on+0x20/0xc0
[   17.868906]  ? __pfx_kthread+0x10/0x10
[   17.868935]  ? _raw_spin_unlock_irq+0x47/0x80
[   17.868968]  ? calculate_sigpending+0x7b/0xa0
[   17.869001]  ? __pfx_kthread+0x10/0x10
[   17.869050]  ret_from_fork+0x116/0x1d0
[   17.869085]  ? __pfx_kthread+0x10/0x10
[   17.869168]  ret_from_fork_asm+0x1a/0x30
[   17.869301]  </TASK>
[   17.869340] 
[   17.885532] The buggy address belongs to the physical page:
[   17.886247] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc
[   17.887078] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.887695] flags: 0x200000000000040(head|node=0|zone=2)
[   17.888097] page_type: f8(unknown)
[   17.888397] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.889121] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.889901] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.890496] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.891319] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff
[   17.892057] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.892730] page dumped because: kasan: bad access detected
[   17.893323] 
[   17.893592] Memory state around the buggy address:
[   17.894129]  ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.894816]  ffff8881024ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.895467] >ffff8881024ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.896175]                                                           ^
[   17.896734]  ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.897387]  ffff8881024ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.897979] ==================================================================
[   17.401489] ==================================================================
[   17.402579] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   17.403426] Write of size 1 at addr ffff888100a242da by task kunit_try_catch/175
[   17.404942] 
[   17.405253] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT(voluntary) 
[   17.405620] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.405661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.405780] Call Trace:
[   17.405821]  <TASK>
[   17.405843]  dump_stack_lvl+0x73/0xb0
[   17.405880]  print_report+0xd1/0x650
[   17.405910]  ? __virt_addr_valid+0x1db/0x2d0
[   17.405941]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   17.405974]  ? kasan_complete_mode_report_info+0x2a/0x200
[   17.406004]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   17.406037]  kasan_report+0x141/0x180
[   17.406095]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   17.406135]  __asan_report_store1_noabort+0x1b/0x30
[   17.406171]  krealloc_less_oob_helper+0xec6/0x11d0
[   17.406331]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.406367]  ? finish_task_switch.isra.0+0x153/0x700
[   17.406400]  ? __switch_to+0x47/0xf50
[   17.406434]  ? __schedule+0x10cc/0x2b60
[   17.406467]  ? __pfx_read_tsc+0x10/0x10
[   17.406499]  krealloc_less_oob+0x1c/0x30
[   17.406529]  kunit_try_run_case+0x1a5/0x480
[   17.406558]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.406583]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   17.406617]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.406687]  ? __kthread_parkme+0x82/0x180
[   17.406717]  ? preempt_count_sub+0x50/0x80
[   17.406748]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.406796]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.406847]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.406903]  kthread+0x337/0x6f0
[   17.406933]  ? trace_preempt_on+0x20/0xc0
[   17.406982]  ? __pfx_kthread+0x10/0x10
[   17.407013]  ? _raw_spin_unlock_irq+0x47/0x80
[   17.407074]  ? calculate_sigpending+0x7b/0xa0
[   17.407113]  ? __pfx_kthread+0x10/0x10
[   17.407155]  ret_from_fork+0x116/0x1d0
[   17.407208]  ? __pfx_kthread+0x10/0x10
[   17.407256]  ret_from_fork_asm+0x1a/0x30
[   17.407302]  </TASK>
[   17.407316] 
[   17.435746] Allocated by task 175:
[   17.437066]  kasan_save_stack+0x45/0x70
[   17.437855]  kasan_save_track+0x18/0x40
[   17.438545]  kasan_save_alloc_info+0x3b/0x50
[   17.439348]  __kasan_krealloc+0x190/0x1f0
[   17.440103]  krealloc_noprof+0xf3/0x340
[   17.440914]  krealloc_less_oob_helper+0x1aa/0x11d0
[   17.441827]  krealloc_less_oob+0x1c/0x30
[   17.442596]  kunit_try_run_case+0x1a5/0x480
[   17.443917]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.444508]  kthread+0x337/0x6f0
[   17.444888]  ret_from_fork+0x116/0x1d0
[   17.445298]  ret_from_fork_asm+0x1a/0x30
[   17.445719] 
[   17.445937] The buggy address belongs to the object at ffff888100a24200
[   17.445937]  which belongs to the cache kmalloc-256 of size 256
[   17.448447] The buggy address is located 17 bytes to the right of
[   17.448447]  allocated 201-byte region [ffff888100a24200, ffff888100a242c9)
[   17.450098] 
[   17.450279] The buggy address belongs to the physical page:
[   17.450693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24
[   17.452679] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.453839] flags: 0x200000000000040(head|node=0|zone=2)
[   17.454907] page_type: f5(slab)
[   17.455179] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   17.456555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.457300] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   17.458225] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.460298] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff
[   17.461355] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.462993] page dumped because: kasan: bad access detected
[   17.463476] 
[   17.463721] Memory state around the buggy address:
[   17.464100]  ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.464862]  ffff888100a24200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.466242] >ffff888100a24280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.467331]                                                     ^
[   17.468334]  ffff888100a24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.469283]  ffff888100a24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.469687] ==================================================================
[   17.748210] ==================================================================
[   17.748745] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   17.749407] Write of size 1 at addr ffff8881024ce0d0 by task kunit_try_catch/179
[   17.750481] 
[   17.750692] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT(voluntary) 
[   17.750761] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.750798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.750830] Call Trace:
[   17.750846]  <TASK>
[   17.750865]  dump_stack_lvl+0x73/0xb0
[   17.750899]  print_report+0xd1/0x650
[   17.750929]  ? __virt_addr_valid+0x1db/0x2d0
[   17.750960]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   17.750994]  ? kasan_addr_to_slab+0x11/0xa0
[   17.751022]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   17.751110]  kasan_report+0x141/0x180
[   17.751185]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   17.751274]  __asan_report_store1_noabort+0x1b/0x30
[   17.751344]  krealloc_less_oob_helper+0xe23/0x11d0
[   17.751427]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.751508]  ? finish_task_switch.isra.0+0x153/0x700
[   17.751582]  ? __switch_to+0x47/0xf50
[   17.751662]  ? __schedule+0x10cc/0x2b60
[   17.751726]  ? __pfx_read_tsc+0x10/0x10
[   17.751781]  krealloc_large_less_oob+0x1c/0x30
[   17.751830]  kunit_try_run_case+0x1a5/0x480
[   17.751860]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.751886]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   17.751921]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.751955]  ? __kthread_parkme+0x82/0x180
[   17.751982]  ? preempt_count_sub+0x50/0x80
[   17.752012]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.752576]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.752668]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.752811]  kthread+0x337/0x6f0
[   17.752886]  ? trace_preempt_on+0x20/0xc0
[   17.752963]  ? __pfx_kthread+0x10/0x10
[   17.753065]  ? _raw_spin_unlock_irq+0x47/0x80
[   17.753104]  ? calculate_sigpending+0x7b/0xa0
[   17.753139]  ? __pfx_kthread+0x10/0x10
[   17.753169]  ret_from_fork+0x116/0x1d0
[   17.753195]  ? __pfx_kthread+0x10/0x10
[   17.753223]  ret_from_fork_asm+0x1a/0x30
[   17.753264]  </TASK>
[   17.753279] 
[   17.770743] The buggy address belongs to the physical page:
[   17.771359] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc
[   17.772246] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.773002] flags: 0x200000000000040(head|node=0|zone=2)
[   17.773598] page_type: f8(unknown)
[   17.774131] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.774856] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.775564] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.776394] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.777146] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff
[   17.777941] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.778532] page dumped because: kasan: bad access detected
[   17.779148] 
[   17.779471] Memory state around the buggy address:
[   17.780020]  ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.780669]  ffff8881024ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.781460] >ffff8881024ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.782215]                                                  ^
[   17.782864]  ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.783547]  ffff8881024ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.784333] ==================================================================
[   17.823514] ==================================================================
[   17.824099] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   17.825125] Write of size 1 at addr ffff8881024ce0ea by task kunit_try_catch/179
[   17.825913] 
[   17.826228] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT(voluntary) 
[   17.826478] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.826519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.826639] Call Trace:
[   17.826709]  <TASK>
[   17.826758]  dump_stack_lvl+0x73/0xb0
[   17.826839]  print_report+0xd1/0x650
[   17.826912]  ? __virt_addr_valid+0x1db/0x2d0
[   17.826988]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   17.827116]  ? kasan_addr_to_slab+0x11/0xa0
[   17.827154]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   17.827192]  kasan_report+0x141/0x180
[   17.827224]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   17.827264]  __asan_report_store1_noabort+0x1b/0x30
[   17.827293]  krealloc_less_oob_helper+0xe90/0x11d0
[   17.827329]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.827363]  ? finish_task_switch.isra.0+0x153/0x700
[   17.827396]  ? __switch_to+0x47/0xf50
[   17.827430]  ? __schedule+0x10cc/0x2b60
[   17.827464]  ? __pfx_read_tsc+0x10/0x10
[   17.827499]  krealloc_large_less_oob+0x1c/0x30
[   17.827531]  kunit_try_run_case+0x1a5/0x480
[   17.827561]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.827587]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   17.827623]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.827657]  ? __kthread_parkme+0x82/0x180
[   17.827684]  ? preempt_count_sub+0x50/0x80
[   17.827714]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.827742]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.827818]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.827855]  kthread+0x337/0x6f0
[   17.827882]  ? trace_preempt_on+0x20/0xc0
[   17.827914]  ? __pfx_kthread+0x10/0x10
[   17.827942]  ? _raw_spin_unlock_irq+0x47/0x80
[   17.827974]  ? calculate_sigpending+0x7b/0xa0
[   17.828008]  ? __pfx_kthread+0x10/0x10
[   17.828061]  ret_from_fork+0x116/0x1d0
[   17.828091]  ? __pfx_kthread+0x10/0x10
[   17.828121]  ret_from_fork_asm+0x1a/0x30
[   17.828163]  </TASK>
[   17.828177] 
[   17.850381] The buggy address belongs to the physical page:
[   17.850940] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc
[   17.851689] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.852398] flags: 0x200000000000040(head|node=0|zone=2)
[   17.852987] page_type: f8(unknown)
[   17.853378] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.854122] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.854790] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.855343] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.855999] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff
[   17.856595] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.857352] page dumped because: kasan: bad access detected
[   17.857812] 
[   17.858096] Memory state around the buggy address:
[   17.858602]  ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.859268]  ffff8881024ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.859956] >ffff8881024ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.860568]                                                           ^
[   17.861213]  ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.861915]  ffff8881024ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.862533] ==================================================================
[   17.282969] ==================================================================
[   17.283677] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   17.284949] Write of size 1 at addr ffff888100a242c9 by task kunit_try_catch/175
[   17.286316] 
[   17.286535] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT(voluntary) 
[   17.286707] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.286746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.286810] Call Trace:
[   17.286850]  <TASK>
[   17.286899]  dump_stack_lvl+0x73/0xb0
[   17.287032]  print_report+0xd1/0x650
[   17.287133]  ? __virt_addr_valid+0x1db/0x2d0
[   17.287195]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   17.287241]  ? kasan_complete_mode_report_info+0x2a/0x200
[   17.287273]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   17.287346]  kasan_report+0x141/0x180
[   17.287381]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   17.287421]  __asan_report_store1_noabort+0x1b/0x30
[   17.287449]  krealloc_less_oob_helper+0xd70/0x11d0
[   17.287487]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.287522]  ? finish_task_switch.isra.0+0x153/0x700
[   17.287554]  ? __switch_to+0x47/0xf50
[   17.287590]  ? __schedule+0x10cc/0x2b60
[   17.287624]  ? __pfx_read_tsc+0x10/0x10
[   17.287658]  krealloc_less_oob+0x1c/0x30
[   17.287689]  kunit_try_run_case+0x1a5/0x480
[   17.287721]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.287748]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   17.287914]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.287957]  ? __kthread_parkme+0x82/0x180
[   17.287987]  ? preempt_count_sub+0x50/0x80
[   17.288017]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.288069]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.288111]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.288145]  kthread+0x337/0x6f0
[   17.288253]  ? trace_preempt_on+0x20/0xc0
[   17.288298]  ? __pfx_kthread+0x10/0x10
[   17.288327]  ? _raw_spin_unlock_irq+0x47/0x80
[   17.288360]  ? calculate_sigpending+0x7b/0xa0
[   17.288394]  ? __pfx_kthread+0x10/0x10
[   17.288424]  ret_from_fork+0x116/0x1d0
[   17.288449]  ? __pfx_kthread+0x10/0x10
[   17.288477]  ret_from_fork_asm+0x1a/0x30
[   17.288518]  </TASK>
[   17.288532] 
[   17.310713] Allocated by task 175:
[   17.311036]  kasan_save_stack+0x45/0x70
[   17.311556]  kasan_save_track+0x18/0x40
[   17.313859]  kasan_save_alloc_info+0x3b/0x50
[   17.314085]  __kasan_krealloc+0x190/0x1f0
[   17.315421]  krealloc_noprof+0xf3/0x340
[   17.316225]  krealloc_less_oob_helper+0x1aa/0x11d0
[   17.317037]  krealloc_less_oob+0x1c/0x30
[   17.317491]  kunit_try_run_case+0x1a5/0x480
[   17.318024]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.318795]  kthread+0x337/0x6f0
[   17.319360]  ret_from_fork+0x116/0x1d0
[   17.319877]  ret_from_fork_asm+0x1a/0x30
[   17.320354] 
[   17.320648] The buggy address belongs to the object at ffff888100a24200
[   17.320648]  which belongs to the cache kmalloc-256 of size 256
[   17.322143] The buggy address is located 0 bytes to the right of
[   17.322143]  allocated 201-byte region [ffff888100a24200, ffff888100a242c9)
[   17.323612] 
[   17.324558] The buggy address belongs to the physical page:
[   17.325138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24
[   17.325858] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.326545] flags: 0x200000000000040(head|node=0|zone=2)
[   17.327069] page_type: f5(slab)
[   17.327547] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   17.328915] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.329587] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   17.330598] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.331438] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff
[   17.332475] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.333232] page dumped because: kasan: bad access detected
[   17.333902] 
[   17.334108] Memory state around the buggy address:
[   17.335583]  ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.336319]  ffff888100a24200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.337294] >ffff888100a24280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.337885]                                               ^
[   17.338709]  ffff888100a24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.339603]  ffff888100a24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.340218] ==================================================================
[   17.472886] ==================================================================
[   17.473966] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   17.474788] Write of size 1 at addr ffff888100a242ea by task kunit_try_catch/175
[   17.476119] 
[   17.476424] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT(voluntary) 
[   17.476553] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.476592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.476635] Call Trace:
[   17.476679]  <TASK>
[   17.476705]  dump_stack_lvl+0x73/0xb0
[   17.476743]  print_report+0xd1/0x650
[   17.476815]  ? __virt_addr_valid+0x1db/0x2d0
[   17.476862]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   17.476897]  ? kasan_complete_mode_report_info+0x2a/0x200
[   17.476927]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   17.476961]  kasan_report+0x141/0x180
[   17.476992]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   17.477033]  __asan_report_store1_noabort+0x1b/0x30
[   17.477123]  krealloc_less_oob_helper+0xe90/0x11d0
[   17.477446]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.477507]  ? finish_task_switch.isra.0+0x153/0x700
[   17.477559]  ? __switch_to+0x47/0xf50
[   17.477618]  ? __schedule+0x10cc/0x2b60
[   17.477676]  ? __pfx_read_tsc+0x10/0x10
[   17.477729]  krealloc_less_oob+0x1c/0x30
[   17.477803]  kunit_try_run_case+0x1a5/0x480
[   17.477856]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.477905]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   17.477958]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.478016]  ? __kthread_parkme+0x82/0x180
[   17.478083]  ? preempt_count_sub+0x50/0x80
[   17.478140]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.478192]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.478250]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.478316]  kthread+0x337/0x6f0
[   17.478365]  ? trace_preempt_on+0x20/0xc0
[   17.478418]  ? __pfx_kthread+0x10/0x10
[   17.478465]  ? _raw_spin_unlock_irq+0x47/0x80
[   17.478519]  ? calculate_sigpending+0x7b/0xa0
[   17.478573]  ? __pfx_kthread+0x10/0x10
[   17.478623]  ret_from_fork+0x116/0x1d0
[   17.478666]  ? __pfx_kthread+0x10/0x10
[   17.478717]  ret_from_fork_asm+0x1a/0x30
[   17.478789]  </TASK>
[   17.478815] 
[   17.506773] Allocated by task 175:
[   17.507269]  kasan_save_stack+0x45/0x70
[   17.507717]  kasan_save_track+0x18/0x40
[   17.509138]  kasan_save_alloc_info+0x3b/0x50
[   17.509726]  __kasan_krealloc+0x190/0x1f0
[   17.510331]  krealloc_noprof+0xf3/0x340
[   17.510865]  krealloc_less_oob_helper+0x1aa/0x11d0
[   17.512351]  krealloc_less_oob+0x1c/0x30
[   17.513416]  kunit_try_run_case+0x1a5/0x480
[   17.514231]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.515534]  kthread+0x337/0x6f0
[   17.516338]  ret_from_fork+0x116/0x1d0
[   17.517174]  ret_from_fork_asm+0x1a/0x30
[   17.518207] 
[   17.518587] The buggy address belongs to the object at ffff888100a24200
[   17.518587]  which belongs to the cache kmalloc-256 of size 256
[   17.520529] The buggy address is located 33 bytes to the right of
[   17.520529]  allocated 201-byte region [ffff888100a24200, ffff888100a242c9)
[   17.522984] 
[   17.523266] The buggy address belongs to the physical page:
[   17.523731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24
[   17.526012] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.527226] flags: 0x200000000000040(head|node=0|zone=2)
[   17.527839] page_type: f5(slab)
[   17.528266] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   17.529354] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.530122] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   17.531635] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.532626] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff
[   17.533873] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.535170] page dumped because: kasan: bad access detected
[   17.536453] 
[   17.536756] Memory state around the buggy address:
[   17.538063]  ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.540013]  ffff888100a24200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.541151] >ffff888100a24280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.542303]                                                           ^
[   17.542769]  ffff888100a24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.544257]  ffff888100a24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.545411] ==================================================================
[   17.785734] ==================================================================
[   17.786365] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   17.787006] Write of size 1 at addr ffff8881024ce0da by task kunit_try_catch/179
[   17.787586] 
[   17.787933] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT(voluntary) 
[   17.788069] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.788102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.788148] Call Trace:
[   17.788190]  <TASK>
[   17.788230]  dump_stack_lvl+0x73/0xb0
[   17.788302]  print_report+0xd1/0x650
[   17.788364]  ? __virt_addr_valid+0x1db/0x2d0
[   17.788423]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   17.788488]  ? kasan_addr_to_slab+0x11/0xa0
[   17.788551]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   17.788617]  kasan_report+0x141/0x180
[   17.788684]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   17.788797]  __asan_report_store1_noabort+0x1b/0x30
[   17.788870]  krealloc_less_oob_helper+0xec6/0x11d0
[   17.789002]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.789131]  ? finish_task_switch.isra.0+0x153/0x700
[   17.789394]  ? __switch_to+0x47/0xf50
[   17.789478]  ? __schedule+0x10cc/0x2b60
[   17.789557]  ? __pfx_read_tsc+0x10/0x10
[   17.789636]  krealloc_large_less_oob+0x1c/0x30
[   17.789716]  kunit_try_run_case+0x1a5/0x480
[   17.789820]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.789863]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   17.789899]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.789935]  ? __kthread_parkme+0x82/0x180
[   17.789962]  ? preempt_count_sub+0x50/0x80
[   17.789992]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.790020]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.790086]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.790123]  kthread+0x337/0x6f0
[   17.790151]  ? trace_preempt_on+0x20/0xc0
[   17.790183]  ? __pfx_kthread+0x10/0x10
[   17.790211]  ? _raw_spin_unlock_irq+0x47/0x80
[   17.790243]  ? calculate_sigpending+0x7b/0xa0
[   17.790275]  ? __pfx_kthread+0x10/0x10
[   17.790321]  ret_from_fork+0x116/0x1d0
[   17.790348]  ? __pfx_kthread+0x10/0x10
[   17.790376]  ret_from_fork_asm+0x1a/0x30
[   17.790417]  </TASK>
[   17.790431] 
[   17.807094] The buggy address belongs to the physical page:
[   17.807634] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc
[   17.808455] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.809166] flags: 0x200000000000040(head|node=0|zone=2)
[   17.809696] page_type: f8(unknown)
[   17.810094] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.810594] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.811458] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.813173] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.814312] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff
[   17.814872] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.815461] page dumped because: kasan: bad access detected
[   17.815882] 
[   17.816165] Memory state around the buggy address:
[   17.816686]  ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.817416]  ffff8881024ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.818014] >ffff8881024ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.818819]                                                     ^
[   17.819426]  ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.820179]  ffff8881024ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.820874] ==================================================================
[   17.342853] ==================================================================
[   17.343456] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   17.344089] Write of size 1 at addr ffff888100a242d0 by task kunit_try_catch/175
[   17.344639] 
[   17.344903] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250530 #1 PREEMPT(voluntary) 
[   17.345028] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.345917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.345952] Call Trace:
[   17.345969]  <TASK>
[   17.345990]  dump_stack_lvl+0x73/0xb0
[   17.346029]  print_report+0xd1/0x650
[   17.346089]  ? __virt_addr_valid+0x1db/0x2d0
[   17.346125]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   17.346160]  ? kasan_complete_mode_report_info+0x2a/0x200
[   17.346280]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   17.346334]  kasan_report+0x141/0x180
[   17.346366]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   17.346405]  __asan_report_store1_noabort+0x1b/0x30
[   17.346434]  krealloc_less_oob_helper+0xe23/0x11d0
[   17.346470]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.346503]  ? finish_task_switch.isra.0+0x153/0x700
[   17.346535]  ? __switch_to+0x47/0xf50
[   17.346569]  ? __schedule+0x10cc/0x2b60
[   17.346602]  ? __pfx_read_tsc+0x10/0x10
[   17.346636]  krealloc_less_oob+0x1c/0x30
[   17.346666]  kunit_try_run_case+0x1a5/0x480
[   17.346695]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.346721]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   17.346755]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.346818]  ? __kthread_parkme+0x82/0x180
[   17.346847]  ? preempt_count_sub+0x50/0x80
[   17.346878]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.346905]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.346940]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.346974]  kthread+0x337/0x6f0
[   17.347000]  ? trace_preempt_on+0x20/0xc0
[   17.347032]  ? __pfx_kthread+0x10/0x10
[   17.347086]  ? _raw_spin_unlock_irq+0x47/0x80
[   17.347119]  ? calculate_sigpending+0x7b/0xa0
[   17.347153]  ? __pfx_kthread+0x10/0x10
[   17.347277]  ret_from_fork+0x116/0x1d0
[   17.347308]  ? __pfx_kthread+0x10/0x10
[   17.347337]  ret_from_fork_asm+0x1a/0x30
[   17.347378]  </TASK>
[   17.347392] 
[   17.370491] Allocated by task 175:
[   17.370645]  kasan_save_stack+0x45/0x70
[   17.371105]  kasan_save_track+0x18/0x40
[   17.371823]  kasan_save_alloc_info+0x3b/0x50
[   17.372812]  __kasan_krealloc+0x190/0x1f0
[   17.373824]  krealloc_noprof+0xf3/0x340
[   17.374222]  krealloc_less_oob_helper+0x1aa/0x11d0
[   17.374802]  krealloc_less_oob+0x1c/0x30
[   17.375561]  kunit_try_run_case+0x1a5/0x480
[   17.376089]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.376602]  kthread+0x337/0x6f0
[   17.376986]  ret_from_fork+0x116/0x1d0
[   17.377400]  ret_from_fork_asm+0x1a/0x30
[   17.377754] 
[   17.378532] The buggy address belongs to the object at ffff888100a24200
[   17.378532]  which belongs to the cache kmalloc-256 of size 256
[   17.380094] The buggy address is located 7 bytes to the right of
[   17.380094]  allocated 201-byte region [ffff888100a24200, ffff888100a242c9)
[   17.382006] 
[   17.382373] The buggy address belongs to the physical page:
[   17.383186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24
[   17.383959] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.385120] flags: 0x200000000000040(head|node=0|zone=2)
[   17.385747] page_type: f5(slab)
[   17.386074] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   17.387555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.388533] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   17.389573] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.391012] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff
[   17.391725] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.392821] page dumped because: kasan: bad access detected
[   17.393097] 
[   17.393317] Memory state around the buggy address:
[   17.393716]  ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.394866]  ffff888100a24200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.395507] >ffff888100a24280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.396909]                                                  ^
[   17.397442]  ffff888100a24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.398667]  ffff888100a24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.399826] ==================================================================

[   49.845367] ==================================================================
[   49.852630] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd18/0xea4
[   49.860260] Write of size 1 at addr cb2c3eda by task kunit_try_catch/210
[   49.867004] 
[   49.868499] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G    B   W        N  6.15.0-next-20250530 #1 NONE 
[   49.868530] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   49.868560] Hardware name: Generic DRA74X (Flattened Device Tree)
[   49.868560] Call trace: 
[   49.868560]  unwind_backtrace from show_stack+0x18/0x1c
[   49.868591]  show_stack from dump_stack_lvl+0x70/0x90
[   49.868621]  dump_stack_lvl from print_report+0x158/0x528
[   49.868652]  print_report from kasan_report+0xdc/0x118
[   49.868652]  kasan_report from krealloc_less_oob_helper+0xd18/0xea4
[   49.868682]  krealloc_less_oob_helper from kunit_try_run_case+0x22c/0x5a8
[   49.868713]  kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128
[   49.868743]  kunit_generic_run_threadfn_adapter from kthread+0x464/0x810
[   49.868774]  kthread from ret_from_fork+0x14/0x20
[   49.868774] Exception stack(0xf221bfb0 to 0xf221bff8)
[   49.868804] bfa0:                                     00000000 00000000 00000000 00000000
[   49.868804] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[   49.868835] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000
[   49.868835] 
[   49.975799] Allocated by task 210:
[   49.979217]  kasan_save_track+0x30/0x5c
[   49.983093]  __kasan_krealloc+0xf4/0x140
[   49.987030]  krealloc_noprof+0x104/0x2e4
[   49.990997]  krealloc_less_oob_helper+0x1d8/0xea4
[   49.995727]  kunit_try_run_case+0x22c/0x5a8
[   49.999969]  kunit_generic_run_threadfn_adapter+0xc4/0x128
[   50.005493]  kthread+0x464/0x810
[   50.008728]  ret_from_fork+0x14/0x20
[   50.012329] 
[   50.013854] The buggy address belongs to the object at cb2c3e00
[   50.013854]  which belongs to the cache kmalloc-256 of size 256
[   50.025726] The buggy address is located 17 bytes to the right of
[   50.025726]  allocated 201-byte region [cb2c3e00, cb2c3ec9)
[   50.037475] 
[   50.038970] The buggy address belongs to the physical page:
[   50.044586] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8b2c2
[   50.051849] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   50.059539] flags: 0x40(head|zone=0)
[   50.063140] page_type: f5(slab)
[   50.066314] raw: 00000040 c7001500 00000122 00000000 00000000 80100010 f5000000 00000000
[   50.074462] raw: 00000000
[   50.077117] head: 00000040 c7001500 00000122 00000000 00000000 80100010 f5000000 00000000
[   50.085327] head: 00000000 00000001 eeb91349 ffffffff 00000000 ffffffff 00000000 ffffffff
[   50.093566] head: 00000000 00000002
[   50.097076] page dumped because: kasan: bad access detected
[   50.102691] 
[   50.104187] Memory state around the buggy address:
[   50.109008]  cb2c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.115570]  cb2c3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   50.122161] >cb2c3e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   50.128723]                                             ^
[   50.134155]  cb2c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.140716]  cb2c3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.147277] ==================================================================
[   49.536499] ==================================================================
[   49.543762] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xdd0/0xea4
[   49.551391] Write of size 1 at addr cb2c3ed0 by task kunit_try_catch/210
[   49.558135] 
[   49.559631] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G    B   W        N  6.15.0-next-20250530 #1 NONE 
[   49.559661] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   49.559661] Hardware name: Generic DRA74X (Flattened Device Tree)
[   49.559661] Call trace: 
[   49.559692]  unwind_backtrace from show_stack+0x18/0x1c
[   49.559692]  show_stack from dump_stack_lvl+0x70/0x90
[   49.559722]  dump_stack_lvl from print_report+0x158/0x528
[   49.559753]  print_report from kasan_report+0xdc/0x118
[   49.559783]  kasan_report from krealloc_less_oob_helper+0xdd0/0xea4
[   49.559783]  krealloc_less_oob_helper from kunit_try_run_case+0x22c/0x5a8
[   49.559814]  kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128
[   49.559844]  kunit_generic_run_threadfn_adapter from kthread+0x464/0x810
[   49.559875]  kthread from ret_from_fork+0x14/0x20
[   49.559906] Exception stack(0xf221bfb0 to 0xf221bff8)
[   49.559906] bfa0:                                     00000000 00000000 00000000 00000000
[   49.559936] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[   49.559936] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000
[   49.559936] 
[   49.666900] Allocated by task 210:
[   49.670349]  kasan_save_track+0x30/0x5c
[   49.674194]  __kasan_krealloc+0xf4/0x140
[   49.678161]  krealloc_noprof+0x104/0x2e4
[   49.682098]  krealloc_less_oob_helper+0x1d8/0xea4
[   49.686859]  kunit_try_run_case+0x22c/0x5a8
[   49.691070]  kunit_generic_run_threadfn_adapter+0xc4/0x128
[   49.696594]  kthread+0x464/0x810
[   49.699859]  ret_from_fork+0x14/0x20
[   49.703460] 
[   49.704956] The buggy address belongs to the object at cb2c3e00
[   49.704956]  which belongs to the cache kmalloc-256 of size 256
[   49.716857] The buggy address is located 7 bytes to the right of
[   49.716857]  allocated 201-byte region [cb2c3e00, cb2c3ec9)
[   49.728485] 
[   49.729980] The buggy address belongs to the physical page:
[   49.735595] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8b2c2
[   49.742858] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   49.750579] flags: 0x40(head|zone=0)
[   49.754180] page_type: f5(slab)
[   49.757354] raw: 00000040 c7001500 00000122 00000000 00000000 80100010 f5000000 00000000
[   49.765502] raw: 00000000
[   49.768127] head: 00000040 c7001500 00000122 00000000 00000000 80100010 f5000000 00000000
[   49.776367] head: 00000000 00000001 eeb91349 ffffffff 00000000 ffffffff 00000000 ffffffff
[   49.784606] head: 00000000 00000002
[   49.788116] page dumped because: kasan: bad access detected
[   49.793701] 
[   49.795227] Memory state around the buggy address:
[   49.800048]  cb2c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   49.806610]  cb2c3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.813171] >cb2c3e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   49.819732]                                          ^
[   49.824920]  cb2c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   49.831481]  cb2c3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   49.838073] ==================================================================
[   50.154602] ==================================================================
[   50.161895] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd58/0xea4
[   50.169494] Write of size 1 at addr cb2c3eea by task kunit_try_catch/210
[   50.176269] 
[   50.177764] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G    B   W        N  6.15.0-next-20250530 #1 NONE 
[   50.177795] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   50.177795] Hardware name: Generic DRA74X (Flattened Device Tree)
[   50.177795] Call trace: 
[   50.177825]  unwind_backtrace from show_stack+0x18/0x1c
[   50.177825]  show_stack from dump_stack_lvl+0x70/0x90
[   50.177856]  dump_stack_lvl from print_report+0x158/0x528
[   50.177886]  print_report from kasan_report+0xdc/0x118
[   50.177917]  kasan_report from krealloc_less_oob_helper+0xd58/0xea4
[   50.177917]  krealloc_less_oob_helper from kunit_try_run_case+0x22c/0x5a8
[   50.177947]  kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128
[   50.177978]  kunit_generic_run_threadfn_adapter from kthread+0x464/0x810
[   50.178009]  kthread from ret_from_fork+0x14/0x20
[   50.178039] Exception stack(0xf221bfb0 to 0xf221bff8)
[   50.178039] bfa0:                                     00000000 00000000 00000000 00000000
[   50.178070] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[   50.178070] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000
[   50.178070] 
[   50.285034] Allocated by task 210:
[   50.288482]  kasan_save_track+0x30/0x5c
[   50.292327]  __kasan_krealloc+0xf4/0x140
[   50.296295]  krealloc_noprof+0x104/0x2e4
[   50.300231]  krealloc_less_oob_helper+0x1d8/0xea4
[   50.304992]  kunit_try_run_case+0x22c/0x5a8
[   50.309204]  kunit_generic_run_threadfn_adapter+0xc4/0x128
[   50.314727]  kthread+0x464/0x810
[   50.317993]  ret_from_fork+0x14/0x20
[   50.321594] 
[   50.323089] The buggy address belongs to the object at cb2c3e00
[   50.323089]  which belongs to the cache kmalloc-256 of size 256
[   50.334991] The buggy address is located 33 bytes to the right of
[   50.334991]  allocated 201-byte region [cb2c3e00, cb2c3ec9)
[   50.346710] 
[   50.348205] The buggy address belongs to the physical page:
[   50.353820] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8b2c2
[   50.361083] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   50.368804] flags: 0x40(head|zone=0)
[   50.372406] page_type: f5(slab)
[   50.375579] raw: 00000040 c7001500 00000122 00000000 00000000 80100010 f5000000 00000000
[   50.383697] raw: 00000000
[   50.386352] head: 00000040 c7001500 00000122 00000000 00000000 80100010 f5000000 00000000
[   50.394592] head: 00000000 00000001 eeb91349 ffffffff 00000000 ffffffff 00000000 ffffffff
[   50.402832] head: 00000000 00000002
[   50.406341] page dumped because: kasan: bad access detected
[   50.411926] 
[   50.413421] Memory state around the buggy address:
[   50.418273]  cb2c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.424835]  cb2c3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   50.431396] >cb2c3e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   50.437957]                                                   ^
[   50.443939]  cb2c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.450500]  cb2c3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.457061] ==================================================================
[   51.523834] ==================================================================
[   51.531097] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xdd0/0xea4
[   51.538726] Write of size 1 at addr cc74e0d0 by task kunit_try_catch/214
[   51.545471] 
[   51.546966] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G    B   W        N  6.15.0-next-20250530 #1 NONE 
[   51.546997] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   51.547027] Hardware name: Generic DRA74X (Flattened Device Tree)
[   51.547027] Call trace: 
[   51.547027]  unwind_backtrace from show_stack+0x18/0x1c
[   51.547058]  show_stack from dump_stack_lvl+0x70/0x90
[   51.547088]  dump_stack_lvl from print_report+0x158/0x528
[   51.547119]  print_report from kasan_report+0xdc/0x118
[   51.547119]  kasan_report from krealloc_less_oob_helper+0xdd0/0xea4
[   51.547149]  krealloc_less_oob_helper from kunit_try_run_case+0x22c/0x5a8
[   51.547180]  kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128
[   51.547210]  kunit_generic_run_threadfn_adapter from kthread+0x464/0x810
[   51.547241]  kthread from ret_from_fork+0x14/0x20
[   51.547241] Exception stack(0xf2233fb0 to 0xf2233ff8)
[   51.547271] 3fa0:                                     00000000 00000000 00000000 00000000
[   51.547271] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[   51.547302] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000
[   51.547302] 
[   51.654266] The buggy address belongs to the physical page:
[   51.659881] page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c74c
[   51.667144] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   51.674835] flags: 0x40(head|zone=0)
[   51.678466] page_type: f8(unknown)
[   51.681884] raw: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001
[   51.690032] raw: 00000000
[   51.692657] head: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001
[   51.700897] head: 00000000 00000002 eebbf6b1 ffffffff 00000000 ffffffff 00000000 ffffffff
[   51.709136] head: 00000000 00000004
[   51.712646] page dumped because: kasan: bad access detected
[   51.718231] 
[   51.719757] Memory state around the buggy address:
[   51.724578]  cc74df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.731140]  cc74e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.737701] >cc74e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   51.744293]                                          ^
[   51.749450]  cc74e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   51.756011]  cc74e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   51.762573] ==================================================================
[   51.273590] ==================================================================
[   51.285217] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xcf4/0xea4
[   51.292846] Write of size 1 at addr cc74e0c9 by task kunit_try_catch/214
[   51.299591] 
[   51.301116] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G    B   W        N  6.15.0-next-20250530 #1 NONE 
[   51.301116] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   51.301147] Hardware name: Generic DRA74X (Flattened Device Tree)
[   51.301147] Call trace: 
[   51.301147]  unwind_backtrace from show_stack+0x18/0x1c
[   51.301177]  show_stack from dump_stack_lvl+0x70/0x90
[   51.301208]  dump_stack_lvl from print_report+0x158/0x528
[   51.301239]  print_report from kasan_report+0xdc/0x118
[   51.301239]  kasan_report from krealloc_less_oob_helper+0xcf4/0xea4
[   51.301269]  krealloc_less_oob_helper from kunit_try_run_case+0x22c/0x5a8
[   51.301300]  kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128
[   51.301330]  kunit_generic_run_threadfn_adapter from kthread+0x464/0x810
[   51.301361]  kthread from ret_from_fork+0x14/0x20
[   51.301361] Exception stack(0xf2233fb0 to 0xf2233ff8)
[   51.301391] 3fa0:                                     00000000 00000000 00000000 00000000
[   51.301391] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[   51.301422] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000
[   51.301422] 
[   51.408386] The buggy address belongs to the physical page:
[   51.414001] page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c74c
[   51.421264] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   51.428985] flags: 0x40(head|zone=0)
[   51.432586] page_type: f8(unknown)
[   51.436004] raw: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001
[   51.444152] raw: 00000000
[   51.446807] head: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001
[   51.455017] head: 00000000 00000002 eebbf6b1 ffffffff 00000000 ffffffff 00000000 ffffffff
[   51.463256] head: 00000000 00000004
[   51.466766] page dumped because: kasan: bad access detected
[   51.472381] 
[   51.473876] Memory state around the buggy address:
[   51.478698]  cc74df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.485260]  cc74e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.491851] >cc74e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   51.498413]                                       ^
[   51.503326]  cc74e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   51.509887]  cc74e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   51.516448] ==================================================================
[   51.769927] ==================================================================
[   51.777191] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd18/0xea4
[   51.784820] Write of size 1 at addr cc74e0da by task kunit_try_catch/214
[   51.791564] 
[   51.793060] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G    B   W        N  6.15.0-next-20250530 #1 NONE 
[   51.793090] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   51.793121] Hardware name: Generic DRA74X (Flattened Device Tree)
[   51.793121] Call trace: 
[   51.793121]  unwind_backtrace from show_stack+0x18/0x1c
[   51.793151]  show_stack from dump_stack_lvl+0x70/0x90
[   51.793182]  dump_stack_lvl from print_report+0x158/0x528
[   51.793212]  print_report from kasan_report+0xdc/0x118
[   51.793212]  kasan_report from krealloc_less_oob_helper+0xd18/0xea4
[   51.793243]  krealloc_less_oob_helper from kunit_try_run_case+0x22c/0x5a8
[   51.793273]  kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128
[   51.793304]  kunit_generic_run_threadfn_adapter from kthread+0x464/0x810
[   51.793334]  kthread from ret_from_fork+0x14/0x20
[   51.793334] Exception stack(0xf2233fb0 to 0xf2233ff8)
[   51.793365] 3fa0:                                     00000000 00000000 00000000 00000000
[   51.793365] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[   51.793395] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000
[   51.793395] 
[   51.900360] The buggy address belongs to the physical page:
[   51.905975] page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c74c
[   51.913238] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   51.920959] flags: 0x40(head|zone=0)
[   51.924560] page_type: f8(unknown)
[   51.927978] raw: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001
[   51.936126] raw: 00000000
[   51.938751] head: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001
[   51.946990] head: 00000000 00000002 eebbf6b1 ffffffff 00000000 ffffffff 00000000 ffffffff
[   51.955230] head: 00000000 00000004
[   51.958740] page dumped because: kasan: bad access detected
[   51.964355] 
[   51.965850] Memory state around the buggy address:
[   51.970672]  cc74df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.977233]  cc74e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.983825] >cc74e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   51.990386]                                             ^
[   51.995819]  cc74e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   52.002380]  cc74e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   52.008941] ==================================================================
[   52.263153] ==================================================================
[   52.270416] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd00/0xea4
[   52.278045] Write of size 1 at addr cc74e0eb by task kunit_try_catch/214
[   52.284790] 
[   52.286285] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G    B   W        N  6.15.0-next-20250530 #1 NONE 
[   52.286315] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   52.286315] Hardware name: Generic DRA74X (Flattened Device Tree)
[   52.286315] Call trace: 
[   52.286346]  unwind_backtrace from show_stack+0x18/0x1c
[   52.286346]  show_stack from dump_stack_lvl+0x70/0x90
[   52.286376]  dump_stack_lvl from print_report+0x158/0x528
[   52.286407]  print_report from kasan_report+0xdc/0x118
[   52.286437]  kasan_report from krealloc_less_oob_helper+0xd00/0xea4
[   52.286437]  krealloc_less_oob_helper from kunit_try_run_case+0x22c/0x5a8
[   52.286468]  kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128
[   52.286499]  kunit_generic_run_threadfn_adapter from kthread+0x464/0x810
[   52.286529]  kthread from ret_from_fork+0x14/0x20
[   52.286560] Exception stack(0xf2233fb0 to 0xf2233ff8)
[   52.286560] 3fa0:                                     00000000 00000000 00000000 00000000
[   52.286590] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[   52.286590] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000
[   52.286590] 
[   52.393554] The buggy address belongs to the physical page:
[   52.399169] page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c74c
[   52.406433] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   52.414154] flags: 0x40(head|zone=0)
[   52.417755] page_type: f8(unknown)
[   52.421173] raw: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001
[   52.429321] raw: 00000000
[   52.431976] head: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001
[   52.440216] head: 00000000 00000002 eebbf6b1 ffffffff 00000000 ffffffff 00000000 ffffffff
[   52.448425] head: 00000000 00000004
[   52.451934] page dumped because: kasan: bad access detected
[   52.457550] 
[   52.459045] Memory state around the buggy address:
[   52.463867]  cc74df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.470458]  cc74e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.477020] >cc74e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   52.483581]                                                   ^
[   52.489532]  cc74e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   52.496124]  cc74e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   52.502685] ==================================================================
[   49.223968] ==================================================================
[   49.235107] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xcf4/0xea4
[   49.242736] Write of size 1 at addr cb2c3ec9 by task kunit_try_catch/210
[   49.249481] 
[   49.250976] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G    B   W        N  6.15.0-next-20250530 #1 NONE 
[   49.251007] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   49.251007] Hardware name: Generic DRA74X (Flattened Device Tree)
[   49.251037] Call trace: 
[   49.251037]  unwind_backtrace from show_stack+0x18/0x1c
[   49.251068]  show_stack from dump_stack_lvl+0x70/0x90
[   49.251068]  dump_stack_lvl from print_report+0x158/0x528
[   49.251098]  print_report from kasan_report+0xdc/0x118
[   49.251129]  kasan_report from krealloc_less_oob_helper+0xcf4/0xea4
[   49.251159]  krealloc_less_oob_helper from kunit_try_run_case+0x22c/0x5a8
[   49.251190]  kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128
[   49.251190]  kunit_generic_run_threadfn_adapter from kthread+0x464/0x810
[   49.251220]  kthread from ret_from_fork+0x14/0x20
[   49.251251] Exception stack(0xf221bfb0 to 0xf221bff8)
[   49.251251] bfa0:                                     00000000 00000000 00000000 00000000
[   49.251281] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[   49.251281] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000
[   49.251312] 
[   49.358276] Allocated by task 210:
[   49.361694]  kasan_save_track+0x30/0x5c
[   49.365570]  __kasan_krealloc+0xf4/0x140
[   49.369506]  krealloc_noprof+0x104/0x2e4
[   49.373474]  krealloc_less_oob_helper+0x1d8/0xea4
[   49.378204]  kunit_try_run_case+0x22c/0x5a8
[   49.382415]  kunit_generic_run_threadfn_adapter+0xc4/0x128
[   49.387969]  kthread+0x464/0x810
[   49.391204]  ret_from_fork+0x14/0x20
[   49.394805] 
[   49.396331] The buggy address belongs to the object at cb2c3e00
[   49.396331]  which belongs to the cache kmalloc-256 of size 256
[   49.408203] The buggy address is located 0 bytes to the right of
[   49.408203]  allocated 201-byte region [cb2c3e00, cb2c3ec9)
[   49.419860] 
[   49.421356] The buggy address belongs to the physical page:
[   49.426971] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8b2c2
[   49.434234] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   49.441955] flags: 0x40(head|zone=0)
[   49.445556] page_type: f5(slab)
[   49.448730] raw: 00000040 c7001500 00000122 00000000 00000000 80100010 f5000000 00000000
[   49.456848] raw: 00000000
[   49.459503] head: 00000040 c7001500 00000122 00000000 00000000 80100010 f5000000 00000000
[   49.467742] head: 00000000 00000001 eeb91349 ffffffff 00000000 ffffffff 00000000 ffffffff
[   49.475982] head: 00000000 00000002
[   49.479492] page dumped because: kasan: bad access detected
[   49.485076] 
[   49.486602] Memory state around the buggy address:
[   49.491424]  cb2c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   49.497985]  cb2c3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.504547] >cb2c3e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   49.511108]                                       ^
[   49.516021]  cb2c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   49.522613]  cb2c3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   49.529174] ==================================================================
[   52.016265] ==================================================================
[   52.023529] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd58/0xea4
[   52.031158] Write of size 1 at addr cc74e0ea by task kunit_try_catch/214
[   52.037902] 
[   52.039428] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G    B   W        N  6.15.0-next-20250530 #1 NONE 
[   52.039428] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   52.039459] Hardware name: Generic DRA74X (Flattened Device Tree)
[   52.039459] Call trace: 
[   52.039459]  unwind_backtrace from show_stack+0x18/0x1c
[   52.039489]  show_stack from dump_stack_lvl+0x70/0x90
[   52.039520]  dump_stack_lvl from print_report+0x158/0x528
[   52.039550]  print_report from kasan_report+0xdc/0x118
[   52.039550]  kasan_report from krealloc_less_oob_helper+0xd58/0xea4
[   52.039581]  krealloc_less_oob_helper from kunit_try_run_case+0x22c/0x5a8
[   52.039611]  kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128
[   52.039642]  kunit_generic_run_threadfn_adapter from kthread+0x464/0x810
[   52.039672]  kthread from ret_from_fork+0x14/0x20
[   52.039672] Exception stack(0xf2233fb0 to 0xf2233ff8)
[   52.039703] 3fa0:                                     00000000 00000000 00000000 00000000
[   52.039703] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[   52.039733] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000
[   52.039733] 
[   52.146697] The buggy address belongs to the physical page:
[   52.152313] page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c74c
[   52.159576] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   52.167297] flags: 0x40(head|zone=0)
[   52.170898] page_type: f8(unknown)
[   52.174316] raw: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001
[   52.182464] raw: 00000000
[   52.185119] head: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001
[   52.193328] head: 00000000 00000002 eebbf6b1 ffffffff 00000000 ffffffff 00000000 ffffffff
[   52.201568] head: 00000000 00000004
[   52.205078] page dumped because: kasan: bad access detected
[   52.210693] 
[   52.212188] Memory state around the buggy address:
[   52.217010]  cc74df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.223571]  cc74e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.230163] >cc74e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   52.236724]                                                   ^
[   52.242675]  cc74e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   52.249237]  cc74e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   52.255828] ==================================================================
[   50.464385] ==================================================================
[   50.471649] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd00/0xea4
[   50.479278] Write of size 1 at addr cb2c3eeb by task kunit_try_catch/210
[   50.486022] 
[   50.487518] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G    B   W        N  6.15.0-next-20250530 #1 NONE 
[   50.487548] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   50.487579] Hardware name: Generic DRA74X (Flattened Device Tree)
[   50.487579] Call trace: 
[   50.487579]  unwind_backtrace from show_stack+0x18/0x1c
[   50.487609]  show_stack from dump_stack_lvl+0x70/0x90
[   50.487640]  dump_stack_lvl from print_report+0x158/0x528
[   50.487640]  print_report from kasan_report+0xdc/0x118
[   50.487670]  kasan_report from krealloc_less_oob_helper+0xd00/0xea4
[   50.487701]  krealloc_less_oob_helper from kunit_try_run_case+0x22c/0x5a8
[   50.487731]  kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128
[   50.487762]  kunit_generic_run_threadfn_adapter from kthread+0x464/0x810
[   50.487792]  kthread from ret_from_fork+0x14/0x20
[   50.487792] Exception stack(0xf221bfb0 to 0xf221bff8)
[   50.487823] bfa0:                                     00000000 00000000 00000000 00000000
[   50.487823] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[   50.487854] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000
[   50.487854] 
[   50.594818] Allocated by task 210:
[   50.598236]  kasan_save_track+0x30/0x5c
[   50.602111]  __kasan_krealloc+0xf4/0x140
[   50.606048]  krealloc_noprof+0x104/0x2e4
[   50.610015]  krealloc_less_oob_helper+0x1d8/0xea4
[   50.614746]  kunit_try_run_case+0x22c/0x5a8
[   50.618988]  kunit_generic_run_threadfn_adapter+0xc4/0x128
[   50.624511]  kthread+0x464/0x810
[   50.627746]  ret_from_fork+0x14/0x20
[   50.631347] 
[   50.632873] The buggy address belongs to the object at cb2c3e00
[   50.632873]  which belongs to the cache kmalloc-256 of size 256
[   50.644775] The buggy address is located 34 bytes to the right of
[   50.644775]  allocated 201-byte region [cb2c3e00, cb2c3ec9)
[   50.656494] 
[   50.657989] The buggy address belongs to the physical page:
[   50.663604] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8b2c2
[   50.670867] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   50.678558] flags: 0x40(head|zone=0)
[   50.682159] page_type: f5(slab)
[   50.685333] raw: 00000040 c7001500 00000122 00000000 00000000 80100010 f5000000 00000000
[   50.693481] raw: 00000000
[   50.696136] head: 00000040 c7001500 00000122 00000000 00000000 80100010 f5000000 00000000
[   50.704345] head: 00000000 00000001 eeb91349 ffffffff 00000000 ffffffff 00000000 ffffffff
[   50.712585] head: 00000000 00000002
[   50.716094] page dumped because: kasan: bad access detected
[   50.721710] 
[   50.723205] Memory state around the buggy address:
[   50.728027]  cb2c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.734588]  cb2c3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   50.741180] >cb2c3e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   50.747741]                                                   ^
[   50.753692]  cb2c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.760253]  cb2c3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.766845] ==================================================================