lkft/linux-next-master - next-20250702 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper

Date

July 2, 2025, 11:10 a.m.

Environment
qemu-arm64
qemu-x86_64

[   30.651207] ==================================================================
[   30.651265] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   30.651317] Write of size 1 at addr fff00000c8f6f8eb by task kunit_try_catch/189
[   30.651736] 
[   30.651845] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT 
[   30.652327] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.652382] Hardware name: linux,dummy-virt (DT)
[   30.652437] Call trace:
[   30.652553]  show_stack+0x20/0x38 (C)
[   30.652635]  dump_stack_lvl+0x8c/0xd0
[   30.652684]  print_report+0x118/0x608
[   30.653025]  kasan_report+0xdc/0x128
[   30.653127]  __asan_report_store1_noabort+0x20/0x30
[   30.653194]  krealloc_more_oob_helper+0x60c/0x678
[   30.653506]  krealloc_more_oob+0x20/0x38
[   30.653608]  kunit_try_run_case+0x170/0x3f0
[   30.653766]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.653836]  kthread+0x328/0x630
[   30.653970]  ret_from_fork+0x10/0x20
[   30.654039] 
[   30.654103] Allocated by task 189:
[   30.654400]  kasan_save_stack+0x3c/0x68
[   30.654593]  kasan_save_track+0x20/0x40
[   30.654759]  kasan_save_alloc_info+0x40/0x58
[   30.654868]  __kasan_krealloc+0x118/0x178
[   30.654921]  krealloc_noprof+0x128/0x360
[   30.654971]  krealloc_more_oob_helper+0x168/0x678
[   30.655012]  krealloc_more_oob+0x20/0x38
[   30.655048]  kunit_try_run_case+0x170/0x3f0
[   30.655086]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.655129]  kthread+0x328/0x630
[   30.655169]  ret_from_fork+0x10/0x20
[   30.655204] 
[   30.655234] The buggy address belongs to the object at fff00000c8f6f800
[   30.655234]  which belongs to the cache kmalloc-256 of size 256
[   30.655302] The buggy address is located 0 bytes to the right of
[   30.655302]  allocated 235-byte region [fff00000c8f6f800, fff00000c8f6f8eb)
[   30.655365] 
[   30.655393] The buggy address belongs to the physical page:
[   30.655430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108f6e
[   30.655499] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   30.655804] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   30.655864] page_type: f5(slab)
[   30.656272] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   30.656387] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   30.656577] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   30.656673] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   30.656941] head: 0bfffe0000000001 ffffc1ffc323db81 00000000ffffffff 00000000ffffffff
[   30.657181] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   30.657272] page dumped because: kasan: bad access detected
[   30.657361] 
[   30.657401] Memory state around the buggy address:
[   30.657461]  fff00000c8f6f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.657558]  fff00000c8f6f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.657620] >fff00000c8f6f880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   30.657895]                                                           ^
[   30.658139]  fff00000c8f6f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.658212]  fff00000c8f6f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.658269] ==================================================================
[   30.659437] ==================================================================
[   30.659806] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   30.659955] Write of size 1 at addr fff00000c8f6f8f0 by task kunit_try_catch/189
[   30.660022] 
[   30.660158] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT 
[   30.660243] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.660572] Hardware name: linux,dummy-virt (DT)
[   30.660624] Call trace:
[   30.660674]  show_stack+0x20/0x38 (C)
[   30.660809]  dump_stack_lvl+0x8c/0xd0
[   30.660889]  print_report+0x118/0x608
[   30.661084]  kasan_report+0xdc/0x128
[   30.661172]  __asan_report_store1_noabort+0x20/0x30
[   30.661488]  krealloc_more_oob_helper+0x5c0/0x678
[   30.661637]  krealloc_more_oob+0x20/0x38
[   30.661703]  kunit_try_run_case+0x170/0x3f0
[   30.661878]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.662146]  kthread+0x328/0x630
[   30.662307]  ret_from_fork+0x10/0x20
[   30.662390] 
[   30.662499] Allocated by task 189:
[   30.662558]  kasan_save_stack+0x3c/0x68
[   30.662653]  kasan_save_track+0x20/0x40
[   30.662984]  kasan_save_alloc_info+0x40/0x58
[   30.663068]  __kasan_krealloc+0x118/0x178
[   30.663184]  krealloc_noprof+0x128/0x360
[   30.663244]  krealloc_more_oob_helper+0x168/0x678
[   30.663386]  krealloc_more_oob+0x20/0x38
[   30.663432]  kunit_try_run_case+0x170/0x3f0
[   30.663469]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.663512]  kthread+0x328/0x630
[   30.663916]  ret_from_fork+0x10/0x20
[   30.664003] 
[   30.664107] The buggy address belongs to the object at fff00000c8f6f800
[   30.664107]  which belongs to the cache kmalloc-256 of size 256
[   30.664183] The buggy address is located 5 bytes to the right of
[   30.664183]  allocated 235-byte region [fff00000c8f6f800, fff00000c8f6f8eb)
[   30.664336] 
[   30.664432] The buggy address belongs to the physical page:
[   30.664491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108f6e
[   30.664617] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   30.664665] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   30.664757] page_type: f5(slab)
[   30.665149] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   30.665305] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   30.665393] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   30.665495] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   30.665591] head: 0bfffe0000000001 ffffc1ffc323db81 00000000ffffffff 00000000ffffffff
[   30.665663] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   30.665972] page dumped because: kasan: bad access detected
[   30.666116] 
[   30.666145] Memory state around the buggy address:
[   30.666203]  fff00000c8f6f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.666247]  fff00000c8f6f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.666288] >fff00000c8f6f880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   30.666335]                                                              ^
[   30.666387]  fff00000c8f6f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.666429]  fff00000c8f6f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.666465] ==================================================================
[   30.724349] ==================================================================
[   30.724397] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   30.724445] Write of size 1 at addr fff00000c99d60f0 by task kunit_try_catch/193
[   30.724493] 
[   30.724523] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT 
[   30.724830] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.724875] Hardware name: linux,dummy-virt (DT)
[   30.725097] Call trace:
[   30.725133]  show_stack+0x20/0x38 (C)
[   30.725185]  dump_stack_lvl+0x8c/0xd0
[   30.725242]  print_report+0x118/0x608
[   30.725419]  kasan_report+0xdc/0x128
[   30.725480]  __asan_report_store1_noabort+0x20/0x30
[   30.725538]  krealloc_more_oob_helper+0x5c0/0x678
[   30.725587]  krealloc_large_more_oob+0x20/0x38
[   30.725636]  kunit_try_run_case+0x170/0x3f0
[   30.725684]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.725748]  kthread+0x328/0x630
[   30.725791]  ret_from_fork+0x10/0x20
[   30.725839] 
[   30.725861] The buggy address belongs to the physical page:
[   30.725898] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1099d4
[   30.725967] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   30.726015] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   30.726066] page_type: f8(unknown)
[   30.726104] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   30.726152] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   30.726200] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   30.726247] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   30.726295] head: 0bfffe0000000002 ffffc1ffc3267501 00000000ffffffff 00000000ffffffff
[   30.726342] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   30.726380] page dumped because: kasan: bad access detected
[   30.726415] 
[   30.726434] Memory state around the buggy address:
[   30.726463]  fff00000c99d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.726503]  fff00000c99d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.726543] >fff00000c99d6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   30.726580]                                                              ^
[   30.726619]  fff00000c99d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   30.726659]  fff00000c99d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   30.726694] ==================================================================
[   30.717336] ==================================================================
[   30.717392] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   30.717442] Write of size 1 at addr fff00000c99d60eb by task kunit_try_catch/193
[   30.717696] 
[   30.717841] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT 
[   30.717980] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.718048] Hardware name: linux,dummy-virt (DT)
[   30.718081] Call trace:
[   30.718109]  show_stack+0x20/0x38 (C)
[   30.718292]  dump_stack_lvl+0x8c/0xd0
[   30.718513]  print_report+0x118/0x608
[   30.718615]  kasan_report+0xdc/0x128
[   30.718827]  __asan_report_store1_noabort+0x20/0x30
[   30.718899]  krealloc_more_oob_helper+0x60c/0x678
[   30.718963]  krealloc_large_more_oob+0x20/0x38
[   30.719329]  kunit_try_run_case+0x170/0x3f0
[   30.719470]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.719577]  kthread+0x328/0x630
[   30.719779]  ret_from_fork+0x10/0x20
[   30.719989] 
[   30.720033] The buggy address belongs to the physical page:
[   30.720075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1099d4
[   30.720198] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   30.720256] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   30.720440] page_type: f8(unknown)
[   30.720652] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   30.720720] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   30.720873] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   30.721131] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   30.721220] head: 0bfffe0000000002 ffffc1ffc3267501 00000000ffffffff 00000000ffffffff
[   30.721403] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   30.721463] page dumped because: kasan: bad access detected
[   30.721494] 
[   30.721710] Memory state around the buggy address:
[   30.721945]  fff00000c99d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.722013]  fff00000c99d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.722121] >fff00000c99d6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   30.722202]                                                           ^
[   30.722260]  fff00000c99d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   30.722436]  fff00000c99d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   30.722620] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zJjVuY8CWIlVXTEux5Wdhwbsnl

job_id

TEST:linaro@lkft#2zJjafLF9SmbRpQYzvYRsbAp7df

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zJjafLF9SmbRpQYzvYRsbAp7df

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zJjX2doCXR4zeonnwBjJk8bBMH/Image.gz
sha256sum	85c5f8492d02f00134559b4c525d8c115890fb18f9f1a98f66474795be2b220c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zJjX2doCXR4zeonnwBjJk8bBMH/modules.tar.xz
sha256sum	1d59f082c2851f878fb4e179ce3326e01ee1a06bb2287f35b0c3c51598de1e42

durations

tests

boot	0
kunit	162.41

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   32.460203] ==================================================================
[   32.460259] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   32.460365] Write of size 1 at addr fff00000c893f2f0 by task kunit_try_catch/187
[   32.460415] 
[   32.460444] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT 
[   32.460635] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.460714] Hardware name: linux,dummy-virt (DT)
[   32.460751] Call trace:
[   32.460773]  show_stack+0x20/0x38 (C)
[   32.460821]  dump_stack_lvl+0x8c/0xd0
[   32.460875]  print_report+0x118/0x608
[   32.461062]  kasan_report+0xdc/0x128
[   32.461128]  __asan_report_store1_noabort+0x20/0x30
[   32.461738]  krealloc_more_oob_helper+0x5c0/0x678
[   32.461797]  krealloc_more_oob+0x20/0x38
[   32.461843]  kunit_try_run_case+0x170/0x3f0
[   32.461891]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.461944]  kthread+0x328/0x630
[   32.461989]  ret_from_fork+0x10/0x20
[   32.462038] 
[   32.462056] Allocated by task 187:
[   32.462090]  kasan_save_stack+0x3c/0x68
[   32.462191]  kasan_save_track+0x20/0x40
[   32.462228]  kasan_save_alloc_info+0x40/0x58
[   32.462263]  __kasan_krealloc+0x118/0x178
[   32.462300]  krealloc_noprof+0x128/0x360
[   32.462336]  krealloc_more_oob_helper+0x168/0x678
[   32.462374]  krealloc_more_oob+0x20/0x38
[   32.462409]  kunit_try_run_case+0x170/0x3f0
[   32.462446]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.462625]  kthread+0x328/0x630
[   32.462739]  ret_from_fork+0x10/0x20
[   32.462775] 
[   32.462793] The buggy address belongs to the object at fff00000c893f200
[   32.462793]  which belongs to the cache kmalloc-256 of size 256
[   32.462848] The buggy address is located 5 bytes to the right of
[   32.462848]  allocated 235-byte region [fff00000c893f200, fff00000c893f2eb)
[   32.462909] 
[   32.462928] The buggy address belongs to the physical page:
[   32.463352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10893e
[   32.463406] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   32.463451] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   32.463584] page_type: f5(slab)
[   32.463643] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122
[   32.463699] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   32.463762] head: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122
[   32.463909] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   32.464012] head: 0bfffe0000000001 ffffc1ffc3224f81 00000000ffffffff 00000000ffffffff
[   32.464166] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   32.464233] page dumped because: kasan: bad access detected
[   32.464285] 
[   32.464389] Memory state around the buggy address:
[   32.464459]  fff00000c893f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.464500]  fff00000c893f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.464541] >fff00000c893f280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   32.464577]                                                              ^
[   32.464615]  fff00000c893f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.464733]  fff00000c893f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.464773] ==================================================================
[   32.499497] ==================================================================
[   32.499551] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   32.499602] Write of size 1 at addr fff00000c99ee0eb by task kunit_try_catch/191
[   32.499666] 
[   32.499699] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT 
[   32.499827] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.499958] Hardware name: linux,dummy-virt (DT)
[   32.500122] Call trace:
[   32.500148]  show_stack+0x20/0x38 (C)
[   32.500211]  dump_stack_lvl+0x8c/0xd0
[   32.500260]  print_report+0x118/0x608
[   32.500306]  kasan_report+0xdc/0x128
[   32.500352]  __asan_report_store1_noabort+0x20/0x30
[   32.500400]  krealloc_more_oob_helper+0x60c/0x678
[   32.500450]  krealloc_large_more_oob+0x20/0x38
[   32.500497]  kunit_try_run_case+0x170/0x3f0
[   32.500545]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.500720]  kthread+0x328/0x630
[   32.500806]  ret_from_fork+0x10/0x20
[   32.500906] 
[   32.500960] The buggy address belongs to the physical page:
[   32.501036] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1099ec
[   32.501112] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   32.501207] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   32.501293] page_type: f8(unknown)
[   32.501349] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   32.501432] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   32.501523] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   32.501607] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   32.501862] head: 0bfffe0000000002 ffffc1ffc3267b01 00000000ffffffff 00000000ffffffff
[   32.501932] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   32.502009] page dumped because: kasan: bad access detected
[   32.502103] 
[   32.502121] Memory state around the buggy address:
[   32.502177]  fff00000c99edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.502301]  fff00000c99ee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.502342] >fff00000c99ee080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   32.502379]                                                           ^
[   32.502474]  fff00000c99ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   32.502654]  fff00000c99ee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   32.502812] ==================================================================
[   32.452544] ==================================================================
[   32.452754] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   32.453217] Write of size 1 at addr fff00000c893f2eb by task kunit_try_catch/187
[   32.453274] 
[   32.453307] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT 
[   32.453440] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.453564] Hardware name: linux,dummy-virt (DT)
[   32.453635] Call trace:
[   32.453768]  show_stack+0x20/0x38 (C)
[   32.453841]  dump_stack_lvl+0x8c/0xd0
[   32.453929]  print_report+0x118/0x608
[   32.453976]  kasan_report+0xdc/0x128
[   32.454023]  __asan_report_store1_noabort+0x20/0x30
[   32.454256]  krealloc_more_oob_helper+0x60c/0x678
[   32.454398]  krealloc_more_oob+0x20/0x38
[   32.454456]  kunit_try_run_case+0x170/0x3f0
[   32.454533]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.454594]  kthread+0x328/0x630
[   32.454639]  ret_from_fork+0x10/0x20
[   32.454795] 
[   32.454853] Allocated by task 187:
[   32.454883]  kasan_save_stack+0x3c/0x68
[   32.454943]  kasan_save_track+0x20/0x40
[   32.454980]  kasan_save_alloc_info+0x40/0x58
[   32.455096]  __kasan_krealloc+0x118/0x178
[   32.455151]  krealloc_noprof+0x128/0x360
[   32.455199]  krealloc_more_oob_helper+0x168/0x678
[   32.455469]  krealloc_more_oob+0x20/0x38
[   32.455512]  kunit_try_run_case+0x170/0x3f0
[   32.455625]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.455791]  kthread+0x328/0x630
[   32.455823]  ret_from_fork+0x10/0x20
[   32.455858] 
[   32.456097] The buggy address belongs to the object at fff00000c893f200
[   32.456097]  which belongs to the cache kmalloc-256 of size 256
[   32.456278] The buggy address is located 0 bytes to the right of
[   32.456278]  allocated 235-byte region [fff00000c893f200, fff00000c893f2eb)
[   32.456363] 
[   32.456439] The buggy address belongs to the physical page:
[   32.456479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10893e
[   32.456549] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   32.456639] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   32.456713] page_type: f5(slab)
[   32.456752] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122
[   32.456801] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   32.456902] head: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122
[   32.456994] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   32.457422] head: 0bfffe0000000001 ffffc1ffc3224f81 00000000ffffffff 00000000ffffffff
[   32.457674] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   32.457902] page dumped because: kasan: bad access detected
[   32.457963] 
[   32.457983] Memory state around the buggy address:
[   32.458015]  fff00000c893f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.458056]  fff00000c893f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.458097] >fff00000c893f280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   32.458134]                                                           ^
[   32.458183]  fff00000c893f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.458233]  fff00000c893f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.458502] ==================================================================
[   32.504604] ==================================================================
[   32.504653] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   32.504778] Write of size 1 at addr fff00000c99ee0f0 by task kunit_try_catch/191
[   32.504997] 
[   32.505105] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT 
[   32.505224] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.505250] Hardware name: linux,dummy-virt (DT)
[   32.505287] Call trace:
[   32.505387]  show_stack+0x20/0x38 (C)
[   32.505435]  dump_stack_lvl+0x8c/0xd0
[   32.505488]  print_report+0x118/0x608
[   32.505535]  kasan_report+0xdc/0x128
[   32.505581]  __asan_report_store1_noabort+0x20/0x30
[   32.505628]  krealloc_more_oob_helper+0x5c0/0x678
[   32.505683]  krealloc_large_more_oob+0x20/0x38
[   32.505775]  kunit_try_run_case+0x170/0x3f0
[   32.505944]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.506168]  kthread+0x328/0x630
[   32.506304]  ret_from_fork+0x10/0x20
[   32.506352] 
[   32.506463] The buggy address belongs to the physical page:
[   32.506495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1099ec
[   32.506694] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   32.507017] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   32.507214] page_type: f8(unknown)
[   32.507254] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   32.507303] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   32.507351] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   32.507398] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   32.507529] head: 0bfffe0000000002 ffffc1ffc3267b01 00000000ffffffff 00000000ffffffff
[   32.507578] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   32.507616] page dumped because: kasan: bad access detected
[   32.507646] 
[   32.507664] Memory state around the buggy address:
[   32.507715]  fff00000c99edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.507756]  fff00000c99ee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.507797] >fff00000c99ee080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   32.507833]                                                              ^
[   32.507871]  fff00000c99ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   32.507911]  fff00000c99ee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   32.508194] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zJgQh5RpNnxHn5fYu3cjvVNtfe

job_id

TEST:linaro@lkft#2zJgVNbTMWSdgH2toga97GQ1Q7f

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zJgVNbTMWSdgH2toga97GQ1Q7f

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zJgRtf8Z6sIAbl985f65Rf9q1j/Image.gz
sha256sum	0bc9f899cfd087a8afeca5d2e97cbfde074f219701c595cf032b0638edac4ebb

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zJgRtf8Z6sIAbl985f65Rf9q1j/modules.tar.xz
sha256sum	a7c57519c6dd39ab91f2f3c11d9473bcddc038b16e47bd1dafe42a18ff05f66f

durations

tests

boot	0
kunit	166.37

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   22.720239] ==================================================================
[   22.721168] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   22.721619] Write of size 1 at addr ffff888100a038f0 by task kunit_try_catch/204
[   22.722111] 
[   22.722220] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) 
[   22.722269] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.722283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   22.722303] Call Trace:
[   22.722330]  <TASK>
[   22.722346]  dump_stack_lvl+0x73/0xb0
[   22.722375]  print_report+0xd1/0x650
[   22.722397]  ? __virt_addr_valid+0x1db/0x2d0
[   22.722419]  ? krealloc_more_oob_helper+0x7eb/0x930
[   22.722442]  ? kasan_complete_mode_report_info+0x2a/0x200
[   22.722466]  ? krealloc_more_oob_helper+0x7eb/0x930
[   22.722633]  kasan_report+0x141/0x180
[   22.722662]  ? krealloc_more_oob_helper+0x7eb/0x930
[   22.722690]  __asan_report_store1_noabort+0x1b/0x30
[   22.722714]  krealloc_more_oob_helper+0x7eb/0x930
[   22.722736]  ? __schedule+0x10cc/0x2b60
[   22.722757]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   22.722815]  ? finish_task_switch.isra.0+0x153/0x700
[   22.722837]  ? __switch_to+0x47/0xf50
[   22.722863]  ? __schedule+0x10cc/0x2b60
[   22.722883]  ? __pfx_read_tsc+0x10/0x10
[   22.722908]  krealloc_more_oob+0x1c/0x30
[   22.722928]  kunit_try_run_case+0x1a5/0x480
[   22.722953]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.722977]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   22.722998]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   22.723018]  ? __kthread_parkme+0x82/0x180
[   22.723039]  ? preempt_count_sub+0x50/0x80
[   22.723061]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.723085]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.723109]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   22.723135]  kthread+0x337/0x6f0
[   22.723155]  ? trace_preempt_on+0x20/0xc0
[   22.723177]  ? __pfx_kthread+0x10/0x10
[   22.723197]  ? _raw_spin_unlock_irq+0x47/0x80
[   22.723221]  ? calculate_sigpending+0x7b/0xa0
[   22.723244]  ? __pfx_kthread+0x10/0x10
[   22.723265]  ret_from_fork+0x116/0x1d0
[   22.723283]  ? __pfx_kthread+0x10/0x10
[   22.723304]  ret_from_fork_asm+0x1a/0x30
[   22.723344]  </TASK>
[   22.723355] 
[   22.733795] Allocated by task 204:
[   22.734074]  kasan_save_stack+0x45/0x70
[   22.734327]  kasan_save_track+0x18/0x40
[   22.734640]  kasan_save_alloc_info+0x3b/0x50
[   22.734846]  __kasan_krealloc+0x190/0x1f0
[   22.735018]  krealloc_noprof+0xf3/0x340
[   22.735190]  krealloc_more_oob_helper+0x1a9/0x930
[   22.735398]  krealloc_more_oob+0x1c/0x30
[   22.735817]  kunit_try_run_case+0x1a5/0x480
[   22.736241]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.736678]  kthread+0x337/0x6f0
[   22.736960]  ret_from_fork+0x116/0x1d0
[   22.737249]  ret_from_fork_asm+0x1a/0x30
[   22.737603] 
[   22.737702] The buggy address belongs to the object at ffff888100a03800
[   22.737702]  which belongs to the cache kmalloc-256 of size 256
[   22.738194] The buggy address is located 5 bytes to the right of
[   22.738194]  allocated 235-byte region [ffff888100a03800, ffff888100a038eb)
[   22.739003] 
[   22.739220] The buggy address belongs to the physical page:
[   22.739657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a02
[   22.740145] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.740684] flags: 0x200000000000040(head|node=0|zone=2)
[   22.741031] page_type: f5(slab)
[   22.741198] raw: 0200000000000040 ffff888100041b40 ffffea0004028480 dead000000000002
[   22.741721] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.742145] head: 0200000000000040 ffff888100041b40 ffffea0004028480 dead000000000002
[   22.742625] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.742934] head: 0200000000000001 ffffea0004028081 00000000ffffffff 00000000ffffffff
[   22.743242] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   22.743624] page dumped because: kasan: bad access detected
[   22.743853] 
[   22.743938] Memory state around the buggy address:
[   22.744141]  ffff888100a03780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.744772]  ffff888100a03800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.745295] >ffff888100a03880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   22.745785]                                                              ^
[   22.746260]  ffff888100a03900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.746794]  ffff888100a03980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.747273] ==================================================================
[   22.884411] ==================================================================
[   22.884842] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   22.885148] Write of size 1 at addr ffff8881060c60f0 by task kunit_try_catch/208
[   22.885525] 
[   22.885621] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) 
[   22.885664] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.885708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   22.885727] Call Trace:
[   22.885743]  <TASK>
[   22.885758]  dump_stack_lvl+0x73/0xb0
[   22.885796]  print_report+0xd1/0x650
[   22.885817]  ? __virt_addr_valid+0x1db/0x2d0
[   22.885838]  ? krealloc_more_oob_helper+0x7eb/0x930
[   22.885860]  ? kasan_addr_to_slab+0x11/0xa0
[   22.885879]  ? krealloc_more_oob_helper+0x7eb/0x930
[   22.885901]  kasan_report+0x141/0x180
[   22.885922]  ? krealloc_more_oob_helper+0x7eb/0x930
[   22.885949]  __asan_report_store1_noabort+0x1b/0x30
[   22.885972]  krealloc_more_oob_helper+0x7eb/0x930
[   22.885993]  ? __schedule+0x10cc/0x2b60
[   22.886013]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   22.886059]  ? finish_task_switch.isra.0+0x153/0x700
[   22.886079]  ? __switch_to+0x47/0xf50
[   22.886104]  ? __schedule+0x10cc/0x2b60
[   22.886124]  ? __pfx_read_tsc+0x10/0x10
[   22.886147]  krealloc_large_more_oob+0x1c/0x30
[   22.886169]  kunit_try_run_case+0x1a5/0x480
[   22.886208]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.886230]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   22.886251]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   22.886272]  ? __kthread_parkme+0x82/0x180
[   22.886291]  ? preempt_count_sub+0x50/0x80
[   22.886322]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.886346]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.886369]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   22.886392]  kthread+0x337/0x6f0
[   22.886411]  ? trace_preempt_on+0x20/0xc0
[   22.886433]  ? __pfx_kthread+0x10/0x10
[   22.886453]  ? _raw_spin_unlock_irq+0x47/0x80
[   22.886476]  ? calculate_sigpending+0x7b/0xa0
[   22.886510]  ? __pfx_kthread+0x10/0x10
[   22.886531]  ret_from_fork+0x116/0x1d0
[   22.886549]  ? __pfx_kthread+0x10/0x10
[   22.886580]  ret_from_fork_asm+0x1a/0x30
[   22.886610]  </TASK>
[   22.886622] 
[   22.894954] The buggy address belongs to the physical page:
[   22.895249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060c4
[   22.895600] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.895821] flags: 0x200000000000040(head|node=0|zone=2)
[   22.896052] page_type: f8(unknown)
[   22.896253] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   22.896981] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   22.897406] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   22.897923] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   22.898161] head: 0200000000000002 ffffea0004183101 00000000ffffffff 00000000ffffffff
[   22.898400] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   22.899071] page dumped because: kasan: bad access detected
[   22.899381] 
[   22.899448] Memory state around the buggy address:
[   22.899598]  ffff8881060c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.900079]  ffff8881060c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.900383] >ffff8881060c6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   22.900811]                                                              ^
[   22.901184]  ffff8881060c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.901475]  ffff8881060c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.901681] ==================================================================
[   22.693278] ==================================================================
[   22.694327] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   22.695545] Write of size 1 at addr ffff888100a038eb by task kunit_try_catch/204
[   22.696367] 
[   22.696647] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) 
[   22.696711] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.696725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   22.696747] Call Trace:
[   22.696761]  <TASK>
[   22.696781]  dump_stack_lvl+0x73/0xb0
[   22.696825]  print_report+0xd1/0x650
[   22.696848]  ? __virt_addr_valid+0x1db/0x2d0
[   22.696872]  ? krealloc_more_oob_helper+0x821/0x930
[   22.696896]  ? kasan_complete_mode_report_info+0x2a/0x200
[   22.696922]  ? krealloc_more_oob_helper+0x821/0x930
[   22.696944]  kasan_report+0x141/0x180
[   22.696966]  ? krealloc_more_oob_helper+0x821/0x930
[   22.696993]  __asan_report_store1_noabort+0x1b/0x30
[   22.697017]  krealloc_more_oob_helper+0x821/0x930
[   22.697038]  ? __schedule+0x10cc/0x2b60
[   22.697059]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   22.697082]  ? finish_task_switch.isra.0+0x153/0x700
[   22.697104]  ? __switch_to+0x47/0xf50
[   22.697130]  ? __schedule+0x10cc/0x2b60
[   22.697150]  ? __pfx_read_tsc+0x10/0x10
[   22.697175]  krealloc_more_oob+0x1c/0x30
[   22.697196]  kunit_try_run_case+0x1a5/0x480
[   22.697222]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.697244]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   22.697265]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   22.697287]  ? __kthread_parkme+0x82/0x180
[   22.697316]  ? preempt_count_sub+0x50/0x80
[   22.697338]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.697362]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.697385]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   22.697409]  kthread+0x337/0x6f0
[   22.697428]  ? trace_preempt_on+0x20/0xc0
[   22.697452]  ? __pfx_kthread+0x10/0x10
[   22.697472]  ? _raw_spin_unlock_irq+0x47/0x80
[   22.697502]  ? calculate_sigpending+0x7b/0xa0
[   22.697526]  ? __pfx_kthread+0x10/0x10
[   22.697547]  ret_from_fork+0x116/0x1d0
[   22.697566]  ? __pfx_kthread+0x10/0x10
[   22.697598]  ret_from_fork_asm+0x1a/0x30
[   22.697629]  </TASK>
[   22.697642] 
[   22.705702] Allocated by task 204:
[   22.705905]  kasan_save_stack+0x45/0x70
[   22.706105]  kasan_save_track+0x18/0x40
[   22.706289]  kasan_save_alloc_info+0x3b/0x50
[   22.706494]  __kasan_krealloc+0x190/0x1f0
[   22.706699]  krealloc_noprof+0xf3/0x340
[   22.707289]  krealloc_more_oob_helper+0x1a9/0x930
[   22.707727]  krealloc_more_oob+0x1c/0x30
[   22.708062]  kunit_try_run_case+0x1a5/0x480
[   22.708454]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.708828]  kthread+0x337/0x6f0
[   22.708991]  ret_from_fork+0x116/0x1d0
[   22.709163]  ret_from_fork_asm+0x1a/0x30
[   22.709353] 
[   22.709441] The buggy address belongs to the object at ffff888100a03800
[   22.709441]  which belongs to the cache kmalloc-256 of size 256
[   22.710340] The buggy address is located 0 bytes to the right of
[   22.710340]  allocated 235-byte region [ffff888100a03800, ffff888100a038eb)
[   22.711151] 
[   22.711384] The buggy address belongs to the physical page:
[   22.711779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a02
[   22.712119] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.712433] flags: 0x200000000000040(head|node=0|zone=2)
[   22.712917] page_type: f5(slab)
[   22.713261] raw: 0200000000000040 ffff888100041b40 ffffea0004028480 dead000000000002
[   22.713802] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.714292] head: 0200000000000040 ffff888100041b40 ffffea0004028480 dead000000000002
[   22.714722] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.715153] head: 0200000000000001 ffffea0004028081 00000000ffffffff 00000000ffffffff
[   22.715476] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   22.715781] page dumped because: kasan: bad access detected
[   22.716004] 
[   22.716086] Memory state around the buggy address:
[   22.716287]  ffff888100a03780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.716917]  ffff888100a03800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.717410] >ffff888100a03880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   22.718120]                                                           ^
[   22.718625]  ffff888100a03900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.719110]  ffff888100a03980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.719560] ==================================================================
[   22.864683] ==================================================================
[   22.865364] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   22.866443] Write of size 1 at addr ffff8881060c60eb by task kunit_try_catch/208
[   22.866991] 
[   22.867087] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) 
[   22.867166] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.867178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   22.867210] Call Trace:
[   22.867223]  <TASK>
[   22.867239]  dump_stack_lvl+0x73/0xb0
[   22.867288]  print_report+0xd1/0x650
[   22.867326]  ? __virt_addr_valid+0x1db/0x2d0
[   22.867348]  ? krealloc_more_oob_helper+0x821/0x930
[   22.867370]  ? kasan_addr_to_slab+0x11/0xa0
[   22.867389]  ? krealloc_more_oob_helper+0x821/0x930
[   22.867411]  kasan_report+0x141/0x180
[   22.867432]  ? krealloc_more_oob_helper+0x821/0x930
[   22.867459]  __asan_report_store1_noabort+0x1b/0x30
[   22.867482]  krealloc_more_oob_helper+0x821/0x930
[   22.867519]  ? __schedule+0x10cc/0x2b60
[   22.867540]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   22.867563]  ? finish_task_switch.isra.0+0x153/0x700
[   22.867584]  ? __switch_to+0x47/0xf50
[   22.867609]  ? __schedule+0x10cc/0x2b60
[   22.867628]  ? __pfx_read_tsc+0x10/0x10
[   22.867652]  krealloc_large_more_oob+0x1c/0x30
[   22.867725]  kunit_try_run_case+0x1a5/0x480
[   22.867753]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.867776]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   22.867797]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   22.867818]  ? __kthread_parkme+0x82/0x180
[   22.867837]  ? preempt_count_sub+0x50/0x80
[   22.867859]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.867883]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.867906]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   22.867929]  kthread+0x337/0x6f0
[   22.867948]  ? trace_preempt_on+0x20/0xc0
[   22.867971]  ? __pfx_kthread+0x10/0x10
[   22.867991]  ? _raw_spin_unlock_irq+0x47/0x80
[   22.868013]  ? calculate_sigpending+0x7b/0xa0
[   22.868036]  ? __pfx_kthread+0x10/0x10
[   22.868056]  ret_from_fork+0x116/0x1d0
[   22.868074]  ? __pfx_kthread+0x10/0x10
[   22.868094]  ret_from_fork_asm+0x1a/0x30
[   22.868124]  </TASK>
[   22.868135] 
[   22.877222] The buggy address belongs to the physical page:
[   22.877422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060c4
[   22.877724] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.878111] flags: 0x200000000000040(head|node=0|zone=2)
[   22.878377] page_type: f8(unknown)
[   22.878576] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   22.879021] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   22.879391] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   22.879851] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   22.880084] head: 0200000000000002 ffffea0004183101 00000000ffffffff 00000000ffffffff
[   22.880450] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   22.880826] page dumped because: kasan: bad access detected
[   22.881362] 
[   22.881515] Memory state around the buggy address:
[   22.881672]  ffff8881060c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.882123]  ffff8881060c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.882406] >ffff8881060c6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   22.882950]                                                           ^
[   22.883264]  ffff8881060c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.883579]  ffff8881060c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.883914] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zJjVuY8CWIlVXTEux5Wdhwbsnl

job_id

TEST:linaro@lkft#2zJjbo5vUf6Wgav2dNg23QBILve

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zJjbo5vUf6Wgav2dNg23QBILve

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zJjY2X2HWOVFakdzDdk9bWjF5Q/bzImage
sha256sum	4acfb3ef7d1c5960d9bb8d8c6946992d600ffa1a2e100775f86dbb73a7e052b1

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zJjY2X2HWOVFakdzDdk9bWjF5Q/modules.tar.xz
sha256sum	9d3b3583400db11d5b102f8eb0fbef431a8d5f7a81319fa4c86c7d93acce21b0

durations

tests

boot	0
kunit	219.79

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   23.084104] ==================================================================
[   23.084870] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   23.085266] Write of size 1 at addr ffff8881057a20eb by task kunit_try_catch/209
[   23.085600] 
[   23.085692] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) 
[   23.085747] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.085760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.085805] Call Trace:
[   23.085828]  <TASK>
[   23.085850]  dump_stack_lvl+0x73/0xb0
[   23.085883]  print_report+0xd1/0x650
[   23.085926]  ? __virt_addr_valid+0x1db/0x2d0
[   23.085968]  ? krealloc_more_oob_helper+0x821/0x930
[   23.085991]  ? kasan_addr_to_slab+0x11/0xa0
[   23.086011]  ? krealloc_more_oob_helper+0x821/0x930
[   23.086034]  kasan_report+0x141/0x180
[   23.086055]  ? krealloc_more_oob_helper+0x821/0x930
[   23.086093]  __asan_report_store1_noabort+0x1b/0x30
[   23.086133]  krealloc_more_oob_helper+0x821/0x930
[   23.086155]  ? __schedule+0x10cc/0x2b60
[   23.086191]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   23.086214]  ? finish_task_switch.isra.0+0x153/0x700
[   23.086237]  ? __switch_to+0x47/0xf50
[   23.086264]  ? __schedule+0x10cc/0x2b60
[   23.086284]  ? __pfx_read_tsc+0x10/0x10
[   23.086309]  krealloc_large_more_oob+0x1c/0x30
[   23.086332]  kunit_try_run_case+0x1a5/0x480
[   23.086359]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.086382]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.086403]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.086425]  ? __kthread_parkme+0x82/0x180
[   23.086446]  ? preempt_count_sub+0x50/0x80
[   23.086468]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.086492]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.086534]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.086558]  kthread+0x337/0x6f0
[   23.086591]  ? trace_preempt_on+0x20/0xc0
[   23.086616]  ? __pfx_kthread+0x10/0x10
[   23.086636]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.086660]  ? calculate_sigpending+0x7b/0xa0
[   23.086685]  ? __pfx_kthread+0x10/0x10
[   23.086706]  ret_from_fork+0x116/0x1d0
[   23.086725]  ? __pfx_kthread+0x10/0x10
[   23.086745]  ret_from_fork_asm+0x1a/0x30
[   23.086777]  </TASK>
[   23.086790] 
[   23.096374] The buggy address belongs to the physical page:
[   23.096677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057a0
[   23.097266] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.097732] flags: 0x200000000000040(head|node=0|zone=2)
[   23.098145] page_type: f8(unknown)
[   23.098327] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.098631] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   23.098935] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.099250] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   23.099556] head: 0200000000000002 ffffea000415e801 00000000ffffffff 00000000ffffffff
[   23.099858] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.100615] page dumped because: kasan: bad access detected
[   23.101129] 
[   23.101235] Memory state around the buggy address:
[   23.101652]  ffff8881057a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.102107]  ffff8881057a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.102571] >ffff8881057a2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   23.103057]                                                           ^
[   23.103517]  ffff8881057a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.103992]  ffff8881057a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.104458] ==================================================================
[   22.905857] ==================================================================
[   22.906889] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   22.907424] Write of size 1 at addr ffff8881055726eb by task kunit_try_catch/205
[   22.907717] 
[   22.907808] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) 
[   22.907861] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.907874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   22.907896] Call Trace:
[   22.907910]  <TASK>
[   22.907940]  dump_stack_lvl+0x73/0xb0
[   22.907973]  print_report+0xd1/0x650
[   22.907997]  ? __virt_addr_valid+0x1db/0x2d0
[   22.908022]  ? krealloc_more_oob_helper+0x821/0x930
[   22.908045]  ? kasan_complete_mode_report_info+0x2a/0x200
[   22.908084]  ? krealloc_more_oob_helper+0x821/0x930
[   22.908108]  kasan_report+0x141/0x180
[   22.908129]  ? krealloc_more_oob_helper+0x821/0x930
[   22.908156]  __asan_report_store1_noabort+0x1b/0x30
[   22.908179]  krealloc_more_oob_helper+0x821/0x930
[   22.908252]  ? __schedule+0x10cc/0x2b60
[   22.908274]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   22.908298]  ? finish_task_switch.isra.0+0x153/0x700
[   22.908319]  ? __switch_to+0x47/0xf50
[   22.908347]  ? __schedule+0x10cc/0x2b60
[   22.908367]  ? __pfx_read_tsc+0x10/0x10
[   22.908391]  krealloc_more_oob+0x1c/0x30
[   22.908412]  kunit_try_run_case+0x1a5/0x480
[   22.908439]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.908462]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   22.908484]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   22.908505]  ? __kthread_parkme+0x82/0x180
[   22.908525]  ? preempt_count_sub+0x50/0x80
[   22.908547]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.908572]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.908595]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   22.908619]  kthread+0x337/0x6f0
[   22.908638]  ? trace_preempt_on+0x20/0xc0
[   22.908661]  ? __pfx_kthread+0x10/0x10
[   22.908681]  ? _raw_spin_unlock_irq+0x47/0x80
[   22.908705]  ? calculate_sigpending+0x7b/0xa0
[   22.908728]  ? __pfx_kthread+0x10/0x10
[   22.908749]  ret_from_fork+0x116/0x1d0
[   22.908768]  ? __pfx_kthread+0x10/0x10
[   22.908788]  ret_from_fork_asm+0x1a/0x30
[   22.908818]  </TASK>
[   22.908831] 
[   22.922758] Allocated by task 205:
[   22.923172]  kasan_save_stack+0x45/0x70
[   22.923505]  kasan_save_track+0x18/0x40
[   22.923642]  kasan_save_alloc_info+0x3b/0x50
[   22.923784]  __kasan_krealloc+0x190/0x1f0
[   22.923915]  krealloc_noprof+0xf3/0x340
[   22.924295]  krealloc_more_oob_helper+0x1a9/0x930
[   22.924778]  krealloc_more_oob+0x1c/0x30
[   22.925223]  kunit_try_run_case+0x1a5/0x480
[   22.925984]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.926529]  kthread+0x337/0x6f0
[   22.926827]  ret_from_fork+0x116/0x1d0
[   22.927224]  ret_from_fork_asm+0x1a/0x30
[   22.927407] 
[   22.927475] The buggy address belongs to the object at ffff888105572600
[   22.927475]  which belongs to the cache kmalloc-256 of size 256
[   22.927828] The buggy address is located 0 bytes to the right of
[   22.927828]  allocated 235-byte region [ffff888105572600, ffff8881055726eb)
[   22.928299] 
[   22.928408] The buggy address belongs to the physical page:
[   22.928609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105572
[   22.928978] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.929364] flags: 0x200000000000040(head|node=0|zone=2)
[   22.929562] page_type: f5(slab)
[   22.929699] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   22.930073] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.930650] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   22.930963] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.931343] head: 0200000000000001 ffffea0004155c81 00000000ffffffff 00000000ffffffff
[   22.931696] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   22.932024] page dumped because: kasan: bad access detected
[   22.932230] 
[   22.932295] Memory state around the buggy address:
[   22.932514]  ffff888105572580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.932919]  ffff888105572600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.933191] >ffff888105572680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   22.933480]                                                           ^
[   22.933733]  ffff888105572700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.933992]  ffff888105572780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.934319] ==================================================================
[   23.105297] ==================================================================
[   23.106170] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   23.106498] Write of size 1 at addr ffff8881057a20f0 by task kunit_try_catch/209
[   23.106790] 
[   23.106891] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) 
[   23.107172] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.107190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.107214] Call Trace:
[   23.107236]  <TASK>
[   23.107257]  dump_stack_lvl+0x73/0xb0
[   23.107289]  print_report+0xd1/0x650
[   23.107492]  ? __virt_addr_valid+0x1db/0x2d0
[   23.107519]  ? krealloc_more_oob_helper+0x7eb/0x930
[   23.107542]  ? kasan_addr_to_slab+0x11/0xa0
[   23.107562]  ? krealloc_more_oob_helper+0x7eb/0x930
[   23.107585]  kasan_report+0x141/0x180
[   23.107607]  ? krealloc_more_oob_helper+0x7eb/0x930
[   23.107635]  __asan_report_store1_noabort+0x1b/0x30
[   23.107658]  krealloc_more_oob_helper+0x7eb/0x930
[   23.107680]  ? __schedule+0x10cc/0x2b60
[   23.107702]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   23.107725]  ? finish_task_switch.isra.0+0x153/0x700
[   23.107747]  ? __switch_to+0x47/0xf50
[   23.107772]  ? __schedule+0x10cc/0x2b60
[   23.107792]  ? __pfx_read_tsc+0x10/0x10
[   23.107817]  krealloc_large_more_oob+0x1c/0x30
[   23.107838]  kunit_try_run_case+0x1a5/0x480
[   23.107864]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.107887]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.107909]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.107940]  ? __kthread_parkme+0x82/0x180
[   23.107960]  ? preempt_count_sub+0x50/0x80
[   23.107982]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.108006]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.108031]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.108055]  kthread+0x337/0x6f0
[   23.108087]  ? trace_preempt_on+0x20/0xc0
[   23.108110]  ? __pfx_kthread+0x10/0x10
[   23.108130]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.108154]  ? calculate_sigpending+0x7b/0xa0
[   23.108178]  ? __pfx_kthread+0x10/0x10
[   23.108199]  ret_from_fork+0x116/0x1d0
[   23.108218]  ? __pfx_kthread+0x10/0x10
[   23.108238]  ret_from_fork_asm+0x1a/0x30
[   23.108269]  </TASK>
[   23.108281] 
[   23.118633] The buggy address belongs to the physical page:
[   23.119207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057a0
[   23.119670] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.120169] flags: 0x200000000000040(head|node=0|zone=2)
[   23.120407] page_type: f8(unknown)
[   23.120571] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.120874] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   23.121665] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.122376] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   23.122961] head: 0200000000000002 ffffea000415e801 00000000ffffffff 00000000ffffffff
[   23.123391] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.123855] page dumped because: kasan: bad access detected
[   23.124317] 
[   23.124532] Memory state around the buggy address:
[   23.124862]  ffff8881057a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.125459]  ffff8881057a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.125685] >ffff8881057a2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   23.126018]                                                              ^
[   23.126305]  ffff8881057a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.126553]  ffff8881057a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.126840] ==================================================================
[   22.934916] ==================================================================
[   22.935442] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   22.935787] Write of size 1 at addr ffff8881055726f0 by task kunit_try_catch/205
[   22.936089] 
[   22.936234] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) 
[   22.936286] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.936298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   22.936321] Call Trace:
[   22.936335]  <TASK>
[   22.936355]  dump_stack_lvl+0x73/0xb0
[   22.936383]  print_report+0xd1/0x650
[   22.936405]  ? __virt_addr_valid+0x1db/0x2d0
[   22.936429]  ? krealloc_more_oob_helper+0x7eb/0x930
[   22.936451]  ? kasan_complete_mode_report_info+0x2a/0x200
[   22.936477]  ? krealloc_more_oob_helper+0x7eb/0x930
[   22.936500]  kasan_report+0x141/0x180
[   22.936521]  ? krealloc_more_oob_helper+0x7eb/0x930
[   22.936549]  __asan_report_store1_noabort+0x1b/0x30
[   22.936573]  krealloc_more_oob_helper+0x7eb/0x930
[   22.936594]  ? __schedule+0x10cc/0x2b60
[   22.936616]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   22.936639]  ? finish_task_switch.isra.0+0x153/0x700
[   22.936661]  ? __switch_to+0x47/0xf50
[   22.936686]  ? __schedule+0x10cc/0x2b60
[   22.936706]  ? __pfx_read_tsc+0x10/0x10
[   22.936731]  krealloc_more_oob+0x1c/0x30
[   22.936751]  kunit_try_run_case+0x1a5/0x480
[   22.936778]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.936801]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   22.936822]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   22.936843]  ? __kthread_parkme+0x82/0x180
[   22.936863]  ? preempt_count_sub+0x50/0x80
[   22.936885]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.936909]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.936945]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   22.936969]  kthread+0x337/0x6f0
[   22.936988]  ? trace_preempt_on+0x20/0xc0
[   22.937011]  ? __pfx_kthread+0x10/0x10
[   22.937031]  ? _raw_spin_unlock_irq+0x47/0x80
[   22.937055]  ? calculate_sigpending+0x7b/0xa0
[   22.937089]  ? __pfx_kthread+0x10/0x10
[   22.937110]  ret_from_fork+0x116/0x1d0
[   22.937129]  ? __pfx_kthread+0x10/0x10
[   22.937149]  ret_from_fork_asm+0x1a/0x30
[   22.937179]  </TASK>
[   22.937192] 
[   22.944231] Allocated by task 205:
[   22.944414]  kasan_save_stack+0x45/0x70
[   22.944621]  kasan_save_track+0x18/0x40
[   22.944813]  kasan_save_alloc_info+0x3b/0x50
[   22.945154]  __kasan_krealloc+0x190/0x1f0
[   22.945341]  krealloc_noprof+0xf3/0x340
[   22.945517]  krealloc_more_oob_helper+0x1a9/0x930
[   22.945688]  krealloc_more_oob+0x1c/0x30
[   22.945878]  kunit_try_run_case+0x1a5/0x480
[   22.946123]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.946342]  kthread+0x337/0x6f0
[   22.946471]  ret_from_fork+0x116/0x1d0
[   22.946656]  ret_from_fork_asm+0x1a/0x30
[   22.946813] 
[   22.946901] The buggy address belongs to the object at ffff888105572600
[   22.946901]  which belongs to the cache kmalloc-256 of size 256
[   22.947887] The buggy address is located 5 bytes to the right of
[   22.947887]  allocated 235-byte region [ffff888105572600, ffff8881055726eb)
[   22.948556] 
[   22.948658] The buggy address belongs to the physical page:
[   22.948862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105572
[   22.949212] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.949574] flags: 0x200000000000040(head|node=0|zone=2)
[   22.949768] page_type: f5(slab)
[   22.949947] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   22.950348] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.950614] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   22.950837] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.951149] head: 0200000000000001 ffffea0004155c81 00000000ffffffff 00000000ffffffff
[   22.951482] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   22.951957] page dumped because: kasan: bad access detected
[   22.952149] 
[   22.952354] Memory state around the buggy address:
[   22.952591]  ffff888105572580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.952907]  ffff888105572600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.953401] >ffff888105572680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   22.953649]                                                              ^
[   22.953923]  ffff888105572700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.954209]  ffff888105572780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.954412] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zJgQh5RpNnxHn5fYu3cjvVNtfe

job_id

TEST:linaro@lkft#2zJgWLiLp1SzPvoGOQl1Sc7c2xD

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zJgWLiLp1SzPvoGOQl1Sc7c2xD

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zJgSomoncXqQ2IeQhGu4P8l5Uz/bzImage
sha256sum	c63ce0944f5600b46c12779e7ee07bd3abac22ab6ab0025102b975f86834f461

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zJgSomoncXqQ2IeQhGu4P8l5Uz/modules.tar.xz
sha256sum	6bde680c4711a679bf6c233af89c66b0048bd800f61fd1fce42662ca56dcc624

durations

tests

boot	0
kunit	249.71

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit