lkft/linux-stable-rc-linux-6.12.y - v6.12.31-56-gce2ebbe0294c - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper

Date

June 2, 2025, 2:10 p.m.

Environment
qemu-arm64
qemu-x86_64

[   19.374197] ==================================================================
[   19.374957] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa2c/0xbc8
[   19.376658] Write of size 1 at addr fff00000c44796c9 by task kunit_try_catch/145
[   19.377226] 
[   19.377577] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.377777] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.377836] Hardware name: linux,dummy-virt (DT)
[   19.377911] Call trace:
[   19.377963]  dump_backtrace+0x9c/0x128
[   19.378078]  show_stack+0x20/0x38
[   19.378158]  dump_stack_lvl+0x8c/0xd0
[   19.378269]  print_report+0x118/0x5f0
[   19.378344]  kasan_report+0xdc/0x128
[   19.378399]  __asan_report_store1_noabort+0x20/0x30
[   19.378448]  krealloc_less_oob_helper+0xa2c/0xbc8
[   19.378496]  krealloc_less_oob+0x20/0x38
[   19.378540]  kunit_try_run_case+0x170/0x3f0
[   19.378586]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.378635]  kthread+0x24c/0x2d0
[   19.378677]  ret_from_fork+0x10/0x20
[   19.378724] 
[   19.383813] Allocated by task 145:
[   19.384080]  kasan_save_stack+0x3c/0x68
[   19.384430]  kasan_save_track+0x20/0x40
[   19.385667]  kasan_save_alloc_info+0x40/0x58
[   19.386259]  __kasan_krealloc+0x118/0x178
[   19.386782]  krealloc_noprof+0x10c/0x1a0
[   19.387746]  krealloc_less_oob_helper+0x170/0xbc8
[   19.388119]  krealloc_less_oob+0x20/0x38
[   19.389203]  kunit_try_run_case+0x170/0x3f0
[   19.389739]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.390282]  kthread+0x24c/0x2d0
[   19.390620]  ret_from_fork+0x10/0x20
[   19.390991] 
[   19.391278] The buggy address belongs to the object at fff00000c4479600
[   19.391278]  which belongs to the cache kmalloc-256 of size 256
[   19.392081] The buggy address is located 0 bytes to the right of
[   19.392081]  allocated 201-byte region [fff00000c4479600, fff00000c44796c9)
[   19.393135] 
[   19.393969] The buggy address belongs to the physical page:
[   19.394611] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104478
[   19.395666] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.395942] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.396179] page_type: f5(slab)
[   19.396362] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.396599] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.396829] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.397059] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.397407] head: 0bfffe0000000001 ffffc1ffc3111e01 ffffffffffffffff 0000000000000000
[   19.398259] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   19.399067] page dumped because: kasan: bad access detected
[   19.400074] 
[   19.400367] Memory state around the buggy address:
[   19.400874]  fff00000c4479580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.402019]  fff00000c4479600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.402794] >fff00000c4479680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   19.403814]                                               ^
[   19.404451]  fff00000c4479700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.405012]  fff00000c4479780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.405650] ==================================================================
[   19.511096] ==================================================================
[   19.512656] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa3c/0xbc8
[   19.513291] Write of size 1 at addr fff00000c44796eb by task kunit_try_catch/145
[   19.513937] 
[   19.514194] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.514421] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.514489] Hardware name: linux,dummy-virt (DT)
[   19.514575] Call trace:
[   19.514631]  dump_backtrace+0x9c/0x128
[   19.514743]  show_stack+0x20/0x38
[   19.514828]  dump_stack_lvl+0x8c/0xd0
[   19.514919]  print_report+0x118/0x5f0
[   19.515015]  kasan_report+0xdc/0x128
[   19.515311]  __asan_report_store1_noabort+0x20/0x30
[   19.515434]  krealloc_less_oob_helper+0xa3c/0xbc8
[   19.515495]  krealloc_less_oob+0x20/0x38
[   19.515541]  kunit_try_run_case+0x170/0x3f0
[   19.515589]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.515638]  kthread+0x24c/0x2d0
[   19.515680]  ret_from_fork+0x10/0x20
[   19.515727] 
[   19.522821] Allocated by task 145:
[   19.523287]  kasan_save_stack+0x3c/0x68
[   19.523854]  kasan_save_track+0x20/0x40
[   19.524440]  kasan_save_alloc_info+0x40/0x58
[   19.524874]  __kasan_krealloc+0x118/0x178
[   19.525406]  krealloc_noprof+0x10c/0x1a0
[   19.525676]  krealloc_less_oob_helper+0x170/0xbc8
[   19.526269]  krealloc_less_oob+0x20/0x38
[   19.526749]  kunit_try_run_case+0x170/0x3f0
[   19.527498]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.528130]  kthread+0x24c/0x2d0
[   19.528449]  ret_from_fork+0x10/0x20
[   19.528937] 
[   19.529202] The buggy address belongs to the object at fff00000c4479600
[   19.529202]  which belongs to the cache kmalloc-256 of size 256
[   19.530636] The buggy address is located 34 bytes to the right of
[   19.530636]  allocated 201-byte region [fff00000c4479600, fff00000c44796c9)
[   19.531738] 
[   19.531908] The buggy address belongs to the physical page:
[   19.532181] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104478
[   19.533164] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.533662] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.534206] page_type: f5(slab)
[   19.534646] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.535702] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.536123] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.536563] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.537392] head: 0bfffe0000000001 ffffc1ffc3111e01 ffffffffffffffff 0000000000000000
[   19.538013] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   19.538729] page dumped because: kasan: bad access detected
[   19.539410] 
[   19.539987] Memory state around the buggy address:
[   19.540463]  fff00000c4479580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.541091]  fff00000c4479600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.541736] >fff00000c4479680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   19.542337]                                                           ^
[   19.542904]  fff00000c4479700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.543596]  fff00000c4479780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.544190] ==================================================================
[   19.441302] ==================================================================
[   19.441734] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa54/0xbc8
[   19.442002] Write of size 1 at addr fff00000c44796da by task kunit_try_catch/145
[   19.442230] 
[   19.442572] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.442860] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.442940] Hardware name: linux,dummy-virt (DT)
[   19.443049] Call trace:
[   19.443101]  dump_backtrace+0x9c/0x128
[   19.443262]  show_stack+0x20/0x38
[   19.443399]  dump_stack_lvl+0x8c/0xd0
[   19.443503]  print_report+0x118/0x5f0
[   19.443604]  kasan_report+0xdc/0x128
[   19.443701]  __asan_report_store1_noabort+0x20/0x30
[   19.443809]  krealloc_less_oob_helper+0xa54/0xbc8
[   19.443903]  krealloc_less_oob+0x20/0x38
[   19.443990]  kunit_try_run_case+0x170/0x3f0
[   19.444539]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.444683]  kthread+0x24c/0x2d0
[   19.444787]  ret_from_fork+0x10/0x20
[   19.444897] 
[   19.452212] Allocated by task 145:
[   19.452746]  kasan_save_stack+0x3c/0x68
[   19.453317]  kasan_save_track+0x20/0x40
[   19.453862]  kasan_save_alloc_info+0x40/0x58
[   19.454372]  __kasan_krealloc+0x118/0x178
[   19.454878]  krealloc_noprof+0x10c/0x1a0
[   19.455502]  krealloc_less_oob_helper+0x170/0xbc8
[   19.456396]  krealloc_less_oob+0x20/0x38
[   19.456715]  kunit_try_run_case+0x170/0x3f0
[   19.457049]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.457745]  kthread+0x24c/0x2d0
[   19.458100]  ret_from_fork+0x10/0x20
[   19.458521] 
[   19.458783] The buggy address belongs to the object at fff00000c4479600
[   19.458783]  which belongs to the cache kmalloc-256 of size 256
[   19.460147] The buggy address is located 17 bytes to the right of
[   19.460147]  allocated 201-byte region [fff00000c4479600, fff00000c44796c9)
[   19.461050] 
[   19.461358] The buggy address belongs to the physical page:
[   19.461895] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104478
[   19.462561] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.463172] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.463842] page_type: f5(slab)
[   19.464709] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.465416] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.465988] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.466664] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.467557] head: 0bfffe0000000001 ffffc1ffc3111e01 ffffffffffffffff 0000000000000000
[   19.468218] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   19.468773] page dumped because: kasan: bad access detected
[   19.470071] 
[   19.470271] Memory state around the buggy address:
[   19.470545]  fff00000c4479580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.471701]  fff00000c4479600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.472284] >fff00000c4479680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   19.472881]                                                     ^
[   19.473427]  fff00000c4479700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.474036]  fff00000c4479780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.474603] ==================================================================
[   19.408199] ==================================================================
[   19.408736] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb20/0xbc8
[   19.409356] Write of size 1 at addr fff00000c44796d0 by task kunit_try_catch/145
[   19.409815] 
[   19.410141] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.410320] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.410381] Hardware name: linux,dummy-virt (DT)
[   19.410459] Call trace:
[   19.410518]  dump_backtrace+0x9c/0x128
[   19.410645]  show_stack+0x20/0x38
[   19.410734]  dump_stack_lvl+0x8c/0xd0
[   19.410826]  print_report+0x118/0x5f0
[   19.410921]  kasan_report+0xdc/0x128
[   19.410994]  __asan_report_store1_noabort+0x20/0x30
[   19.411045]  krealloc_less_oob_helper+0xb20/0xbc8
[   19.411139]  krealloc_less_oob+0x20/0x38
[   19.411215]  kunit_try_run_case+0x170/0x3f0
[   19.411322]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.411409]  kthread+0x24c/0x2d0
[   19.411484]  ret_from_fork+0x10/0x20
[   19.411555] 
[   19.416475] Allocated by task 145:
[   19.416933]  kasan_save_stack+0x3c/0x68
[   19.418546]  kasan_save_track+0x20/0x40
[   19.418833]  kasan_save_alloc_info+0x40/0x58
[   19.419117]  __kasan_krealloc+0x118/0x178
[   19.419411]  krealloc_noprof+0x10c/0x1a0
[   19.419696]  krealloc_less_oob_helper+0x170/0xbc8
[   19.420008]  krealloc_less_oob+0x20/0x38
[   19.420377]  kunit_try_run_case+0x170/0x3f0
[   19.420736]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.421257]  kthread+0x24c/0x2d0
[   19.421548]  ret_from_fork+0x10/0x20
[   19.421815] 
[   19.421987] The buggy address belongs to the object at fff00000c4479600
[   19.421987]  which belongs to the cache kmalloc-256 of size 256
[   19.424110] The buggy address is located 7 bytes to the right of
[   19.424110]  allocated 201-byte region [fff00000c4479600, fff00000c44796c9)
[   19.425735] 
[   19.426040] The buggy address belongs to the physical page:
[   19.426669] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104478
[   19.427290] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.427893] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.428879] page_type: f5(slab)
[   19.429146] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.429959] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.430639] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.431344] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.432816] head: 0bfffe0000000001 ffffc1ffc3111e01 ffffffffffffffff 0000000000000000
[   19.433446] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   19.434012] page dumped because: kasan: bad access detected
[   19.434825] 
[   19.435326] Memory state around the buggy address:
[   19.435626]  fff00000c4479580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.436612]  fff00000c4479600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.437329] >fff00000c4479680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   19.437978]                                                  ^
[   19.438339]  fff00000c4479700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.439135]  fff00000c4479780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.440219] ==================================================================
[   19.707961] ==================================================================
[   19.708503] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa3c/0xbc8
[   19.709965] Write of size 1 at addr fff00000c6c6e0eb by task kunit_try_catch/149
[   19.710735] 
[   19.711015] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.711261] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.711752] Hardware name: linux,dummy-virt (DT)
[   19.711854] Call trace:
[   19.711914]  dump_backtrace+0x9c/0x128
[   19.711997]  show_stack+0x20/0x38
[   19.712040]  dump_stack_lvl+0x8c/0xd0
[   19.712087]  print_report+0x118/0x5f0
[   19.712164]  kasan_report+0xdc/0x128
[   19.712206]  __asan_report_store1_noabort+0x20/0x30
[   19.712278]  krealloc_less_oob_helper+0xa3c/0xbc8
[   19.712331]  krealloc_large_less_oob+0x20/0x38
[   19.712377]  kunit_try_run_case+0x170/0x3f0
[   19.712423]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.712471]  kthread+0x24c/0x2d0
[   19.712514]  ret_from_fork+0x10/0x20
[   19.712562] 
[   19.717295] The buggy address belongs to the physical page:
[   19.717590] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106c6c
[   19.717971] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.718348] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.719301] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.719687] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.720032] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.720419] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.720902] head: 0bfffe0000000002 ffffc1ffc31b1b01 ffffffffffffffff 0000000000000000
[   19.721583] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   19.722402] page dumped because: kasan: bad access detected
[   19.723038] 
[   19.723859] Memory state around the buggy address:
[   19.724457]  fff00000c6c6df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.724890]  fff00000c6c6e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.725230] >fff00000c6c6e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   19.726287]                                                           ^
[   19.726882]  fff00000c6c6e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.728399]  fff00000c6c6e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.728972] ==================================================================
[   19.615539] ==================================================================
[   19.616615] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa2c/0xbc8
[   19.617418] Write of size 1 at addr fff00000c6c6e0c9 by task kunit_try_catch/149
[   19.618042] 
[   19.618300] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.618499] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.618562] Hardware name: linux,dummy-virt (DT)
[   19.618643] Call trace:
[   19.618701]  dump_backtrace+0x9c/0x128
[   19.618822]  show_stack+0x20/0x38
[   19.618914]  dump_stack_lvl+0x8c/0xd0
[   19.619017]  print_report+0x118/0x5f0
[   19.619287]  kasan_report+0xdc/0x128
[   19.619397]  __asan_report_store1_noabort+0x20/0x30
[   19.619502]  krealloc_less_oob_helper+0xa2c/0xbc8
[   19.619624]  krealloc_large_less_oob+0x20/0x38
[   19.619723]  kunit_try_run_case+0x170/0x3f0
[   19.619798]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.619850]  kthread+0x24c/0x2d0
[   19.619894]  ret_from_fork+0x10/0x20
[   19.619944] 
[   19.625596] The buggy address belongs to the physical page:
[   19.626103] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106c6c
[   19.626750] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.627679] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.628347] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.628948] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.629634] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.630273] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.630908] head: 0bfffe0000000002 ffffc1ffc31b1b01 ffffffffffffffff 0000000000000000
[   19.631657] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   19.632272] page dumped because: kasan: bad access detected
[   19.632734] 
[   19.632964] Memory state around the buggy address:
[   19.633912]  fff00000c6c6df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.634378]  fff00000c6c6e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.635076] >fff00000c6c6e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   19.636028]                                               ^
[   19.636399]  fff00000c6c6e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.637036]  fff00000c6c6e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.637546] ==================================================================
[   19.684356] ==================================================================
[   19.684889] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa98/0xbc8
[   19.685468] Write of size 1 at addr fff00000c6c6e0ea by task kunit_try_catch/149
[   19.686179] 
[   19.686514] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.686731] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.686800] Hardware name: linux,dummy-virt (DT)
[   19.686878] Call trace:
[   19.686933]  dump_backtrace+0x9c/0x128
[   19.687048]  show_stack+0x20/0x38
[   19.687136]  dump_stack_lvl+0x8c/0xd0
[   19.687226]  print_report+0x118/0x5f0
[   19.688047]  kasan_report+0xdc/0x128
[   19.688171]  __asan_report_store1_noabort+0x20/0x30
[   19.688300]  krealloc_less_oob_helper+0xa98/0xbc8
[   19.688414]  krealloc_large_less_oob+0x20/0x38
[   19.688512]  kunit_try_run_case+0x170/0x3f0
[   19.688598]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.688650]  kthread+0x24c/0x2d0
[   19.688695]  ret_from_fork+0x10/0x20
[   19.688743] 
[   19.693089] The buggy address belongs to the physical page:
[   19.694313] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106c6c
[   19.695344] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.696132] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.696844] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.697482] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.698055] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.698645] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.699253] head: 0bfffe0000000002 ffffc1ffc31b1b01 ffffffffffffffff 0000000000000000
[   19.700264] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   19.700875] page dumped because: kasan: bad access detected
[   19.701405] 
[   19.701664] Memory state around the buggy address:
[   19.702096]  fff00000c6c6df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.702792]  fff00000c6c6e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.703674] >fff00000c6c6e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   19.704292]                                                           ^
[   19.704969]  fff00000c6c6e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.705571]  fff00000c6c6e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.706136] ==================================================================
[   19.661608] ==================================================================
[   19.662214] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa54/0xbc8
[   19.662839] Write of size 1 at addr fff00000c6c6e0da by task kunit_try_catch/149
[   19.663660] 
[   19.664003] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.664225] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.664310] Hardware name: linux,dummy-virt (DT)
[   19.664388] Call trace:
[   19.664447]  dump_backtrace+0x9c/0x128
[   19.664559]  show_stack+0x20/0x38
[   19.664649]  dump_stack_lvl+0x8c/0xd0
[   19.664745]  print_report+0x118/0x5f0
[   19.664807]  kasan_report+0xdc/0x128
[   19.664848]  __asan_report_store1_noabort+0x20/0x30
[   19.664896]  krealloc_less_oob_helper+0xa54/0xbc8
[   19.664943]  krealloc_large_less_oob+0x20/0x38
[   19.664989]  kunit_try_run_case+0x170/0x3f0
[   19.665034]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.665083]  kthread+0x24c/0x2d0
[   19.665124]  ret_from_fork+0x10/0x20
[   19.665170] 
[   19.671764] The buggy address belongs to the physical page:
[   19.672284] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106c6c
[   19.672900] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.673577] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.674082] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.674427] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.675400] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.676063] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.676704] head: 0bfffe0000000002 ffffc1ffc31b1b01 ffffffffffffffff 0000000000000000
[   19.677343] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   19.677943] page dumped because: kasan: bad access detected
[   19.678425] 
[   19.678676] Memory state around the buggy address:
[   19.680111]  fff00000c6c6df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.680619]  fff00000c6c6e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.681105] >fff00000c6c6e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   19.681798]                                                     ^
[   19.682420]  fff00000c6c6e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.683004]  fff00000c6c6e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.683700] ==================================================================
[   19.639122] ==================================================================
[   19.640302] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb20/0xbc8
[   19.640736] Write of size 1 at addr fff00000c6c6e0d0 by task kunit_try_catch/149
[   19.640977] 
[   19.641100] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.641207] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.641260] Hardware name: linux,dummy-virt (DT)
[   19.641308] Call trace:
[   19.641335]  dump_backtrace+0x9c/0x128
[   19.641390]  show_stack+0x20/0x38
[   19.641430]  dump_stack_lvl+0x8c/0xd0
[   19.641476]  print_report+0x118/0x5f0
[   19.641538]  kasan_report+0xdc/0x128
[   19.641579]  __asan_report_store1_noabort+0x20/0x30
[   19.641626]  krealloc_less_oob_helper+0xb20/0xbc8
[   19.641673]  krealloc_large_less_oob+0x20/0x38
[   19.641719]  kunit_try_run_case+0x170/0x3f0
[   19.641764]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.641813]  kthread+0x24c/0x2d0
[   19.641856]  ret_from_fork+0x10/0x20
[   19.641903] 
[   19.647130] The buggy address belongs to the physical page:
[   19.647750] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106c6c
[   19.648586] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.649756] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.650576] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.651533] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.652052] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.652802] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.653348] head: 0bfffe0000000002 ffffc1ffc31b1b01 ffffffffffffffff 0000000000000000
[   19.654039] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   19.654567] page dumped because: kasan: bad access detected
[   19.654988] 
[   19.656187] Memory state around the buggy address:
[   19.656515]  fff00000c6c6df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.657195]  fff00000c6c6e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.657826] >fff00000c6c6e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   19.658376]                                                  ^
[   19.658878]  fff00000c6c6e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.659504]  fff00000c6c6e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.660106] ==================================================================
[   19.476045] ==================================================================
[   19.477248] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa98/0xbc8
[   19.477848] Write of size 1 at addr fff00000c44796ea by task kunit_try_catch/145
[   19.478269] 
[   19.478544] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.478769] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.478833] Hardware name: linux,dummy-virt (DT)
[   19.478912] Call trace:
[   19.478964]  dump_backtrace+0x9c/0x128
[   19.479074]  show_stack+0x20/0x38
[   19.479160]  dump_stack_lvl+0x8c/0xd0
[   19.479276]  print_report+0x118/0x5f0
[   19.479802]  kasan_report+0xdc/0x128
[   19.479891]  __asan_report_store1_noabort+0x20/0x30
[   19.479942]  krealloc_less_oob_helper+0xa98/0xbc8
[   19.479991]  krealloc_less_oob+0x20/0x38
[   19.480035]  kunit_try_run_case+0x170/0x3f0
[   19.480083]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.480131]  kthread+0x24c/0x2d0
[   19.480174]  ret_from_fork+0x10/0x20
[   19.480222] 
[   19.486253] Allocated by task 145:
[   19.486723]  kasan_save_stack+0x3c/0x68
[   19.487076]  kasan_save_track+0x20/0x40
[   19.488023]  kasan_save_alloc_info+0x40/0x58
[   19.488456]  __kasan_krealloc+0x118/0x178
[   19.488864]  krealloc_noprof+0x10c/0x1a0
[   19.489802]  krealloc_less_oob_helper+0x170/0xbc8
[   19.490215]  krealloc_less_oob+0x20/0x38
[   19.490798]  kunit_try_run_case+0x170/0x3f0
[   19.491533]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.492133]  kthread+0x24c/0x2d0
[   19.492867]  ret_from_fork+0x10/0x20
[   19.493318] 
[   19.493610] The buggy address belongs to the object at fff00000c4479600
[   19.493610]  which belongs to the cache kmalloc-256 of size 256
[   19.494745] The buggy address is located 33 bytes to the right of
[   19.494745]  allocated 201-byte region [fff00000c4479600, fff00000c44796c9)
[   19.496063] 
[   19.496434] The buggy address belongs to the physical page:
[   19.496865] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104478
[   19.497787] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.498384] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.499026] page_type: f5(slab)
[   19.499378] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.500034] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.500730] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.501858] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.502543] head: 0bfffe0000000001 ffffc1ffc3111e01 ffffffffffffffff 0000000000000000
[   19.504030] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   19.504543] page dumped because: kasan: bad access detected
[   19.505174] 
[   19.505464] Memory state around the buggy address:
[   19.505867]  fff00000c4479580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.506508]  fff00000c4479600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.507089] >fff00000c4479680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   19.507637]                                                           ^
[   19.508144]  fff00000c4479700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.509092]  fff00000c4479780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.509525] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2xxIdguHQMrEdKxoALYIR9ORtte

job_id

TEST:linaro@lkft#2xxIi5L09t6kwacBs4tI1udRkOz

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxIi5L09t6kwacBs4tI1udRkOz

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIehear0M0Ft1sAorKdZqICoH/Image.gz
sha256sum	1699fd6562f7c67b73aebbbfc05df065ca914300415a41191475cca040c72e2b

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIehear0M0Ft1sAorKdZqICoH/modules.tar.xz
sha256sum	13068219ffd7182216805f46c87c8cd5d18ce5749d8957176cfe56777451bb79

durations

tests

boot	0
kunit	307.64

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   11.643021] ==================================================================
[   11.643632] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0
[   11.644038] Write of size 1 at addr ffff8881003a14c9 by task kunit_try_catch/163
[   11.644354] 
[   11.645451] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.645557] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.645578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.645612] Call Trace:
[   11.645637]  <TASK>
[   11.645677]  dump_stack_lvl+0x73/0xb0
[   11.645731]  print_report+0xd1/0x640
[   11.645766]  ? __virt_addr_valid+0x1db/0x2d0
[   11.645807]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   11.645839]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.645882]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   11.645932]  kasan_report+0x140/0x180
[   11.645981]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   11.646034]  __asan_report_store1_noabort+0x1b/0x30
[   11.646073]  krealloc_less_oob_helper+0xd72/0x11d0
[   11.646111]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.646145]  ? finish_task_switch.isra.0+0x153/0x700
[   11.646180]  ? __switch_to+0x5d9/0xf60
[   11.646216]  ? __schedule+0xc49/0x27a0
[   11.646250]  ? __pfx_read_tsc+0x10/0x10
[   11.646290]  krealloc_less_oob+0x1c/0x30
[   11.646320]  kunit_try_run_case+0x1a6/0x480
[   11.646361]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.646396]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.646433]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.646473]  ? __kthread_parkme+0x82/0x160
[   11.646503]  ? preempt_count_sub+0x50/0x80
[   11.646538]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.646567]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.646603]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.646640]  kthread+0x257/0x310
[   11.647256]  ? __pfx_kthread+0x10/0x10
[   11.647300]  ret_from_fork+0x41/0x80
[   11.647336]  ? __pfx_kthread+0x10/0x10
[   11.647368]  ret_from_fork_asm+0x1a/0x30
[   11.647426]  </TASK>
[   11.647445] 
[   11.661754] Allocated by task 163:
[   11.662225]  kasan_save_stack+0x45/0x70
[   11.662519]  kasan_save_track+0x18/0x40
[   11.662718]  kasan_save_alloc_info+0x3b/0x50
[   11.663026]  __kasan_krealloc+0x190/0x1f0
[   11.663448]  krealloc_noprof+0xc1/0x140
[   11.663708]  krealloc_less_oob_helper+0x1ab/0x11d0
[   11.663993]  krealloc_less_oob+0x1c/0x30
[   11.664348]  kunit_try_run_case+0x1a6/0x480
[   11.664645]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.664917]  kthread+0x257/0x310
[   11.665143]  ret_from_fork+0x41/0x80
[   11.665833]  ret_from_fork_asm+0x1a/0x30
[   11.666173] 
[   11.666366] The buggy address belongs to the object at ffff8881003a1400
[   11.666366]  which belongs to the cache kmalloc-256 of size 256
[   11.667117] The buggy address is located 0 bytes to the right of
[   11.667117]  allocated 201-byte region [ffff8881003a1400, ffff8881003a14c9)
[   11.667764] 
[   11.668113] The buggy address belongs to the physical page:
[   11.668605] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0
[   11.668943] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.669581] flags: 0x200000000000040(head|node=0|zone=2)
[   11.669941] page_type: f5(slab)
[   11.670479] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.671386] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.671783] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.672301] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.672759] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000
[   11.673432] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   11.673856] page dumped because: kasan: bad access detected
[   11.674415] 
[   11.674525] Memory state around the buggy address:
[   11.674790]  ffff8881003a1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.675056]  ffff8881003a1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.675589] >ffff8881003a1480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.675899]                                               ^
[   11.676366]  ffff8881003a1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.676716]  ffff8881003a1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.677650] ==================================================================
[   11.879197] ==================================================================
[   11.879443] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0
[   11.880008] Write of size 1 at addr ffff88810257e0d0 by task kunit_try_catch/167
[   11.880351] 
[   11.881082] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.881297] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.881321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.881355] Call Trace:
[   11.881380]  <TASK>
[   11.881405]  dump_stack_lvl+0x73/0xb0
[   11.881867]  print_report+0xd1/0x640
[   11.881932]  ? __virt_addr_valid+0x1db/0x2d0
[   11.881975]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   11.882012]  ? kasan_addr_to_slab+0x11/0xa0
[   11.882106]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   11.882143]  kasan_report+0x140/0x180
[   11.882187]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   11.882235]  __asan_report_store1_noabort+0x1b/0x30
[   11.882277]  krealloc_less_oob_helper+0xe25/0x11d0
[   11.882319]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.882480]  ? finish_task_switch.isra.0+0x153/0x700
[   11.882525]  ? __switch_to+0x5d9/0xf60
[   11.882558]  ? __schedule+0xc49/0x27a0
[   11.882578]  ? __pfx_read_tsc+0x10/0x10
[   11.882600]  krealloc_large_less_oob+0x1c/0x30
[   11.882621]  kunit_try_run_case+0x1a6/0x480
[   11.882642]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.882681]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.882703]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.882726]  ? __kthread_parkme+0x82/0x160
[   11.882745]  ? preempt_count_sub+0x50/0x80
[   11.882765]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.882783]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.882807]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.882830]  kthread+0x257/0x310
[   11.882847]  ? __pfx_kthread+0x10/0x10
[   11.882865]  ret_from_fork+0x41/0x80
[   11.882883]  ? __pfx_kthread+0x10/0x10
[   11.882900]  ret_from_fork_asm+0x1a/0x30
[   11.882928]  </TASK>
[   11.882940] 
[   11.891785] The buggy address belongs to the physical page:
[   11.892257] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257c
[   11.892924] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.893345] flags: 0x200000000000040(head|node=0|zone=2)
[   11.893567] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.894088] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.894720] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.895167] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.895684] head: 0200000000000002 ffffea0004095f01 ffffffffffffffff 0000000000000000
[   11.896015] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   11.896628] page dumped because: kasan: bad access detected
[   11.896965] 
[   11.897237] Memory state around the buggy address:
[   11.897442]  ffff88810257df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.897869]  ffff88810257e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.898609] >ffff88810257e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.899165]                                                  ^
[   11.899810]  ffff88810257e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.900165]  ffff88810257e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.900729] ==================================================================
[   11.856298] ==================================================================
[   11.856806] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0
[   11.857209] Write of size 1 at addr ffff88810257e0c9 by task kunit_try_catch/167
[   11.857648] 
[   11.857784] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.858122] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.858158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.858204] Call Trace:
[   11.858234]  <TASK>
[   11.858280]  dump_stack_lvl+0x73/0xb0
[   11.858338]  print_report+0xd1/0x640
[   11.858375]  ? __virt_addr_valid+0x1db/0x2d0
[   11.858402]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   11.858423]  ? kasan_addr_to_slab+0x11/0xa0
[   11.858444]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   11.858465]  kasan_report+0x140/0x180
[   11.858489]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   11.858514]  __asan_report_store1_noabort+0x1b/0x30
[   11.858536]  krealloc_less_oob_helper+0xd72/0x11d0
[   11.858559]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.858579]  ? finish_task_switch.isra.0+0x153/0x700
[   11.858602]  ? __switch_to+0x5d9/0xf60
[   11.858626]  ? __schedule+0xc49/0x27a0
[   11.858647]  ? __pfx_read_tsc+0x10/0x10
[   11.858701]  krealloc_large_less_oob+0x1c/0x30
[   11.858733]  kunit_try_run_case+0x1a6/0x480
[   11.858774]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.858810]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.858848]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.858896]  ? __kthread_parkme+0x82/0x160
[   11.858936]  ? preempt_count_sub+0x50/0x80
[   11.858973]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.859005]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.859042]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.859329]  kthread+0x257/0x310
[   11.859371]  ? __pfx_kthread+0x10/0x10
[   11.859407]  ret_from_fork+0x41/0x80
[   11.859442]  ? __pfx_kthread+0x10/0x10
[   11.859477]  ret_from_fork_asm+0x1a/0x30
[   11.859516]  </TASK>
[   11.859529] 
[   11.869824] The buggy address belongs to the physical page:
[   11.870456] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257c
[   11.870891] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.871198] flags: 0x200000000000040(head|node=0|zone=2)
[   11.871550] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.872039] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.872618] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.873023] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.873823] head: 0200000000000002 ffffea0004095f01 ffffffffffffffff 0000000000000000
[   11.874515] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   11.874931] page dumped because: kasan: bad access detected
[   11.875283] 
[   11.875611] Memory state around the buggy address:
[   11.875890]  ffff88810257df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.876164]  ffff88810257e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.876870] >ffff88810257e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.877269]                                               ^
[   11.877677]  ffff88810257e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.878052]  ffff88810257e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.878584] ==================================================================
[   11.950364] ==================================================================
[   11.950858] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0
[   11.951577] Write of size 1 at addr ffff88810257e0eb by task kunit_try_catch/167
[   11.952381] 
[   11.952573] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.952677] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.952710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.952744] Call Trace:
[   11.952768]  <TASK>
[   11.952792]  dump_stack_lvl+0x73/0xb0
[   11.952844]  print_report+0xd1/0x640
[   11.952884]  ? __virt_addr_valid+0x1db/0x2d0
[   11.952928]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   11.952966]  ? kasan_addr_to_slab+0x11/0xa0
[   11.953003]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   11.953040]  kasan_report+0x140/0x180
[   11.953254]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   11.953300]  __asan_report_store1_noabort+0x1b/0x30
[   11.953333]  krealloc_less_oob_helper+0xd49/0x11d0
[   11.953372]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.953409]  ? finish_task_switch.isra.0+0x153/0x700
[   11.953448]  ? __switch_to+0x5d9/0xf60
[   11.953493]  ? __schedule+0xc49/0x27a0
[   11.953535]  ? __pfx_read_tsc+0x10/0x10
[   11.953565]  krealloc_large_less_oob+0x1c/0x30
[   11.953584]  kunit_try_run_case+0x1a6/0x480
[   11.953606]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.953624]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.953644]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.953688]  ? __kthread_parkme+0x82/0x160
[   11.953708]  ? preempt_count_sub+0x50/0x80
[   11.953728]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.953747]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.953771]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.953795]  kthread+0x257/0x310
[   11.953812]  ? __pfx_kthread+0x10/0x10
[   11.953829]  ret_from_fork+0x41/0x80
[   11.953848]  ? __pfx_kthread+0x10/0x10
[   11.953865]  ret_from_fork_asm+0x1a/0x30
[   11.953906]  </TASK>
[   11.953921] 
[   11.965759] The buggy address belongs to the physical page:
[   11.966045] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257c
[   11.966592] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.967123] flags: 0x200000000000040(head|node=0|zone=2)
[   11.967508] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.967901] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.968460] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.969067] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.969700] head: 0200000000000002 ffffea0004095f01 ffffffffffffffff 0000000000000000
[   11.970167] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   11.970728] page dumped because: kasan: bad access detected
[   11.971000] 
[   11.971321] Memory state around the buggy address:
[   11.971543]  ffff88810257df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.971787]  ffff88810257e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.972399] >ffff88810257e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.972885]                                                           ^
[   11.973433]  ffff88810257e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.973894]  ffff88810257e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.974400] ==================================================================
[   11.770817] ==================================================================
[   11.771834] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0
[   11.772499] Write of size 1 at addr ffff8881003a14eb by task kunit_try_catch/163
[   11.772833] 
[   11.773034] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.773227] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.773258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.773287] Call Trace:
[   11.773305]  <TASK>
[   11.773322]  dump_stack_lvl+0x73/0xb0
[   11.773356]  print_report+0xd1/0x640
[   11.773377]  ? __virt_addr_valid+0x1db/0x2d0
[   11.773399]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   11.773418]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.773439]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   11.773458]  kasan_report+0x140/0x180
[   11.773480]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   11.773503]  __asan_report_store1_noabort+0x1b/0x30
[   11.773523]  krealloc_less_oob_helper+0xd49/0x11d0
[   11.773544]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.773563]  ? finish_task_switch.isra.0+0x153/0x700
[   11.773583]  ? __switch_to+0x5d9/0xf60
[   11.773604]  ? __schedule+0xc49/0x27a0
[   11.773624]  ? __pfx_read_tsc+0x10/0x10
[   11.773645]  krealloc_less_oob+0x1c/0x30
[   11.773687]  kunit_try_run_case+0x1a6/0x480
[   11.773725]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.773757]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.773791]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.773833]  ? __kthread_parkme+0x82/0x160
[   11.773871]  ? preempt_count_sub+0x50/0x80
[   11.773921]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.773958]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.773989]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.774016]  kthread+0x257/0x310
[   11.774034]  ? __pfx_kthread+0x10/0x10
[   11.774059]  ret_from_fork+0x41/0x80
[   11.774245]  ? __pfx_kthread+0x10/0x10
[   11.774306]  ret_from_fork_asm+0x1a/0x30
[   11.774372]  </TASK>
[   11.774396] 
[   11.785160] Allocated by task 163:
[   11.785329]  kasan_save_stack+0x45/0x70
[   11.785630]  kasan_save_track+0x18/0x40
[   11.785942]  kasan_save_alloc_info+0x3b/0x50
[   11.786243]  __kasan_krealloc+0x190/0x1f0
[   11.786708]  krealloc_noprof+0xc1/0x140
[   11.786896]  krealloc_less_oob_helper+0x1ab/0x11d0
[   11.787206]  krealloc_less_oob+0x1c/0x30
[   11.787518]  kunit_try_run_case+0x1a6/0x480
[   11.787873]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.788685]  kthread+0x257/0x310
[   11.788976]  ret_from_fork+0x41/0x80
[   11.789411]  ret_from_fork_asm+0x1a/0x30
[   11.789574] 
[   11.789797] The buggy address belongs to the object at ffff8881003a1400
[   11.789797]  which belongs to the cache kmalloc-256 of size 256
[   11.790455] The buggy address is located 34 bytes to the right of
[   11.790455]  allocated 201-byte region [ffff8881003a1400, ffff8881003a14c9)
[   11.791052] 
[   11.791554] The buggy address belongs to the physical page:
[   11.792253] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0
[   11.792573] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.793018] flags: 0x200000000000040(head|node=0|zone=2)
[   11.793718] page_type: f5(slab)
[   11.793874] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.794385] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.794970] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.795425] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.796273] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000
[   11.796564] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   11.796789] page dumped because: kasan: bad access detected
[   11.797078] 
[   11.797222] Memory state around the buggy address:
[   11.797448]  ffff8881003a1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.797798]  ffff8881003a1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.798210] >ffff8881003a1480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.798623]                                                           ^
[   11.799021]  ffff8881003a1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.799264]  ffff8881003a1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.799748] ==================================================================
[   11.709753] ==================================================================
[   11.710422] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0
[   11.711627] Write of size 1 at addr ffff8881003a14da by task kunit_try_catch/163
[   11.711985] 
[   11.712313] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.712399] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.712421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.712453] Call Trace:
[   11.712481]  <TASK>
[   11.712508]  dump_stack_lvl+0x73/0xb0
[   11.712564]  print_report+0xd1/0x640
[   11.712608]  ? __virt_addr_valid+0x1db/0x2d0
[   11.712654]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   11.712705]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.712738]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   11.712758]  kasan_report+0x140/0x180
[   11.712781]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   11.712805]  __asan_report_store1_noabort+0x1b/0x30
[   11.712825]  krealloc_less_oob_helper+0xec8/0x11d0
[   11.712846]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.712865]  ? finish_task_switch.isra.0+0x153/0x700
[   11.712886]  ? __switch_to+0x5d9/0xf60
[   11.712908]  ? __schedule+0xc49/0x27a0
[   11.712928]  ? __pfx_read_tsc+0x10/0x10
[   11.712948]  krealloc_less_oob+0x1c/0x30
[   11.712966]  kunit_try_run_case+0x1a6/0x480
[   11.712986]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.713004]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.713024]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.713046]  ? __kthread_parkme+0x82/0x160
[   11.713065]  ? preempt_count_sub+0x50/0x80
[   11.713085]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.713103]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.713126]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.713189]  kthread+0x257/0x310
[   11.713235]  ? __pfx_kthread+0x10/0x10
[   11.713267]  ret_from_fork+0x41/0x80
[   11.713295]  ? __pfx_kthread+0x10/0x10
[   11.713313]  ret_from_fork_asm+0x1a/0x30
[   11.713342]  </TASK>
[   11.713354] 
[   11.724696] Allocated by task 163:
[   11.724885]  kasan_save_stack+0x45/0x70
[   11.725372]  kasan_save_track+0x18/0x40
[   11.725748]  kasan_save_alloc_info+0x3b/0x50
[   11.725950]  __kasan_krealloc+0x190/0x1f0
[   11.726272]  krealloc_noprof+0xc1/0x140
[   11.726585]  krealloc_less_oob_helper+0x1ab/0x11d0
[   11.726810]  krealloc_less_oob+0x1c/0x30
[   11.727102]  kunit_try_run_case+0x1a6/0x480
[   11.727378]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.727699]  kthread+0x257/0x310
[   11.727958]  ret_from_fork+0x41/0x80
[   11.728193]  ret_from_fork_asm+0x1a/0x30
[   11.728416] 
[   11.728505] The buggy address belongs to the object at ffff8881003a1400
[   11.728505]  which belongs to the cache kmalloc-256 of size 256
[   11.729652] The buggy address is located 17 bytes to the right of
[   11.729652]  allocated 201-byte region [ffff8881003a1400, ffff8881003a14c9)
[   11.730271] 
[   11.730443] The buggy address belongs to the physical page:
[   11.730834] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0
[   11.731460] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.731709] flags: 0x200000000000040(head|node=0|zone=2)
[   11.732207] page_type: f5(slab)
[   11.732466] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.732962] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.733825] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.734456] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.734870] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000
[   11.735417] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   11.735761] page dumped because: kasan: bad access detected
[   11.736221] 
[   11.736377] Memory state around the buggy address:
[   11.736570]  ffff8881003a1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.737007]  ffff8881003a1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.737456] >ffff8881003a1480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.737924]                                                     ^
[   11.738250]  ffff8881003a1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.739244]  ffff8881003a1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.739459] ==================================================================
[   11.901476] ==================================================================
[   11.901994] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0
[   11.902506] Write of size 1 at addr ffff88810257e0da by task kunit_try_catch/167
[   11.902791] 
[   11.902964] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.903043] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.903066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.903104] Call Trace:
[   11.903129]  <TASK>
[   11.903156]  dump_stack_lvl+0x73/0xb0
[   11.903316]  print_report+0xd1/0x640
[   11.903358]  ? __virt_addr_valid+0x1db/0x2d0
[   11.903398]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   11.903434]  ? kasan_addr_to_slab+0x11/0xa0
[   11.903469]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   11.903530]  kasan_report+0x140/0x180
[   11.903573]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   11.903618]  __asan_report_store1_noabort+0x1b/0x30
[   11.903667]  krealloc_less_oob_helper+0xec8/0x11d0
[   11.903711]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.903766]  ? finish_task_switch.isra.0+0x153/0x700
[   11.903805]  ? __switch_to+0x5d9/0xf60
[   11.903848]  ? __schedule+0xc49/0x27a0
[   11.903887]  ? __pfx_read_tsc+0x10/0x10
[   11.903927]  krealloc_large_less_oob+0x1c/0x30
[   11.903980]  kunit_try_run_case+0x1a6/0x480
[   11.904023]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.904058]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.904194]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.904221]  ? __kthread_parkme+0x82/0x160
[   11.904242]  ? preempt_count_sub+0x50/0x80
[   11.904263]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.904297]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.904335]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.904376]  kthread+0x257/0x310
[   11.904409]  ? __pfx_kthread+0x10/0x10
[   11.904441]  ret_from_fork+0x41/0x80
[   11.904643]  ? __pfx_kthread+0x10/0x10
[   11.904703]  ret_from_fork_asm+0x1a/0x30
[   11.904764]  </TASK>
[   11.904781] 
[   11.917152] The buggy address belongs to the physical page:
[   11.917334] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257c
[   11.917578] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.918754] flags: 0x200000000000040(head|node=0|zone=2)
[   11.919513] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.920757] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.922444] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.923105] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.923482] head: 0200000000000002 ffffea0004095f01 ffffffffffffffff 0000000000000000
[   11.923934] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   11.924242] page dumped because: kasan: bad access detected
[   11.924548] 
[   11.924916] Memory state around the buggy address:
[   11.925120]  ffff88810257df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.925708]  ffff88810257e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.926373] >ffff88810257e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.926740]                                                     ^
[   11.926936]  ffff88810257e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.927414]  ffff88810257e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.928242] ==================================================================
[   11.928672] ==================================================================
[   11.929161] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0
[   11.929553] Write of size 1 at addr ffff88810257e0ea by task kunit_try_catch/167
[   11.929936] 
[   11.930099] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.930187] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.930211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.930249] Call Trace:
[   11.930279]  <TASK>
[   11.930308]  dump_stack_lvl+0x73/0xb0
[   11.930365]  print_report+0xd1/0x640
[   11.930413]  ? __virt_addr_valid+0x1db/0x2d0
[   11.930456]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   11.930687]  ? kasan_addr_to_slab+0x11/0xa0
[   11.930778]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   11.930956]  kasan_report+0x140/0x180
[   11.931013]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   11.931075]  __asan_report_store1_noabort+0x1b/0x30
[   11.931121]  krealloc_less_oob_helper+0xe92/0x11d0
[   11.931169]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.931207]  ? finish_task_switch.isra.0+0x153/0x700
[   11.931251]  ? __switch_to+0x5d9/0xf60
[   11.931301]  ? __schedule+0xc49/0x27a0
[   11.931340]  ? __pfx_read_tsc+0x10/0x10
[   11.931379]  krealloc_large_less_oob+0x1c/0x30
[   11.931509]  kunit_try_run_case+0x1a6/0x480
[   11.931533]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.931553]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.931572]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.931596]  ? __kthread_parkme+0x82/0x160
[   11.931615]  ? preempt_count_sub+0x50/0x80
[   11.931635]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.931669]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.931702]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.931727]  kthread+0x257/0x310
[   11.931745]  ? __pfx_kthread+0x10/0x10
[   11.931763]  ret_from_fork+0x41/0x80
[   11.931782]  ? __pfx_kthread+0x10/0x10
[   11.931800]  ret_from_fork_asm+0x1a/0x30
[   11.931829]  </TASK>
[   11.931840] 
[   11.941059] The buggy address belongs to the physical page:
[   11.941786] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257c
[   11.942348] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.942766] flags: 0x200000000000040(head|node=0|zone=2)
[   11.943418] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.943857] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.944211] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.944763] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.945219] head: 0200000000000002 ffffea0004095f01 ffffffffffffffff 0000000000000000
[   11.945633] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   11.945984] page dumped because: kasan: bad access detected
[   11.946645] 
[   11.946842] Memory state around the buggy address:
[   11.947119]  ffff88810257df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.947629]  ffff88810257e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.947983] >ffff88810257e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.948546]                                                           ^
[   11.948781]  ffff88810257e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.949390]  ffff88810257e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.949722] ==================================================================
[   11.679200] ==================================================================
[   11.679838] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0
[   11.680500] Write of size 1 at addr ffff8881003a14d0 by task kunit_try_catch/163
[   11.680787] 
[   11.680957] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.681039] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.681079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.681114] Call Trace:
[   11.681185]  <TASK>
[   11.681228]  dump_stack_lvl+0x73/0xb0
[   11.681287]  print_report+0xd1/0x640
[   11.681333]  ? __virt_addr_valid+0x1db/0x2d0
[   11.681378]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   11.681418]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.681464]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   11.681518]  kasan_report+0x140/0x180
[   11.681556]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   11.681613]  __asan_report_store1_noabort+0x1b/0x30
[   11.681652]  krealloc_less_oob_helper+0xe25/0x11d0
[   11.681734]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.681773]  ? finish_task_switch.isra.0+0x153/0x700
[   11.681829]  ? __switch_to+0x5d9/0xf60
[   11.681870]  ? __schedule+0xc49/0x27a0
[   11.681911]  ? __pfx_read_tsc+0x10/0x10
[   11.681947]  krealloc_less_oob+0x1c/0x30
[   11.681967]  kunit_try_run_case+0x1a6/0x480
[   11.681989]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.682009]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.682029]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.682073]  ? __kthread_parkme+0x82/0x160
[   11.682130]  ? preempt_count_sub+0x50/0x80
[   11.682162]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.682205]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.682232]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.682257]  kthread+0x257/0x310
[   11.682275]  ? __pfx_kthread+0x10/0x10
[   11.682293]  ret_from_fork+0x41/0x80
[   11.682313]  ? __pfx_kthread+0x10/0x10
[   11.682330]  ret_from_fork_asm+0x1a/0x30
[   11.682360]  </TASK>
[   11.682372] 
[   11.692935] Allocated by task 163:
[   11.693154]  kasan_save_stack+0x45/0x70
[   11.693341]  kasan_save_track+0x18/0x40
[   11.693806]  kasan_save_alloc_info+0x3b/0x50
[   11.694327]  __kasan_krealloc+0x190/0x1f0
[   11.694694]  krealloc_noprof+0xc1/0x140
[   11.695299]  krealloc_less_oob_helper+0x1ab/0x11d0
[   11.695792]  krealloc_less_oob+0x1c/0x30
[   11.696205]  kunit_try_run_case+0x1a6/0x480
[   11.696510]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.696837]  kthread+0x257/0x310
[   11.697260]  ret_from_fork+0x41/0x80
[   11.697483]  ret_from_fork_asm+0x1a/0x30
[   11.697830] 
[   11.698020] The buggy address belongs to the object at ffff8881003a1400
[   11.698020]  which belongs to the cache kmalloc-256 of size 256
[   11.698877] The buggy address is located 7 bytes to the right of
[   11.698877]  allocated 201-byte region [ffff8881003a1400, ffff8881003a14c9)
[   11.699759] 
[   11.700256] The buggy address belongs to the physical page:
[   11.700529] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0
[   11.701048] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.701939] flags: 0x200000000000040(head|node=0|zone=2)
[   11.702397] page_type: f5(slab)
[   11.702713] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.703355] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.703897] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.704270] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.704858] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000
[   11.705396] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   11.705883] page dumped because: kasan: bad access detected
[   11.706674] 
[   11.706786] Memory state around the buggy address:
[   11.707011]  ffff8881003a1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.707415]  ffff8881003a1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.707816] >ffff8881003a1480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.708170]                                                  ^
[   11.708462]  ffff8881003a1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.708810]  ffff8881003a1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.709050] ==================================================================
[   11.740482] ==================================================================
[   11.741116] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0
[   11.741816] Write of size 1 at addr ffff8881003a14ea by task kunit_try_catch/163
[   11.742477] 
[   11.742691] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.742804] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.742826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.742858] Call Trace:
[   11.742887]  <TASK>
[   11.742915]  dump_stack_lvl+0x73/0xb0
[   11.742969]  print_report+0xd1/0x640
[   11.743011]  ? __virt_addr_valid+0x1db/0x2d0
[   11.743063]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   11.743099]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.743128]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   11.743159]  kasan_report+0x140/0x180
[   11.743239]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   11.743285]  __asan_report_store1_noabort+0x1b/0x30
[   11.743325]  krealloc_less_oob_helper+0xe92/0x11d0
[   11.743362]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.743392]  ? finish_task_switch.isra.0+0x153/0x700
[   11.743423]  ? __switch_to+0x5d9/0xf60
[   11.743453]  ? __schedule+0xc49/0x27a0
[   11.743473]  ? __pfx_read_tsc+0x10/0x10
[   11.743494]  krealloc_less_oob+0x1c/0x30
[   11.743512]  kunit_try_run_case+0x1a6/0x480
[   11.743532]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.743551]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.743570]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.743593]  ? __kthread_parkme+0x82/0x160
[   11.743612]  ? preempt_count_sub+0x50/0x80
[   11.743632]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.743650]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.743697]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.743721]  kthread+0x257/0x310
[   11.743738]  ? __pfx_kthread+0x10/0x10
[   11.743756]  ret_from_fork+0x41/0x80
[   11.743775]  ? __pfx_kthread+0x10/0x10
[   11.743792]  ret_from_fork_asm+0x1a/0x30
[   11.743819]  </TASK>
[   11.743831] 
[   11.753729] Allocated by task 163:
[   11.754179]  kasan_save_stack+0x45/0x70
[   11.754566]  kasan_save_track+0x18/0x40
[   11.754945]  kasan_save_alloc_info+0x3b/0x50
[   11.755367]  __kasan_krealloc+0x190/0x1f0
[   11.755527]  krealloc_noprof+0xc1/0x140
[   11.755957]  krealloc_less_oob_helper+0x1ab/0x11d0
[   11.756573]  krealloc_less_oob+0x1c/0x30
[   11.757053]  kunit_try_run_case+0x1a6/0x480
[   11.757310]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.757712]  kthread+0x257/0x310
[   11.757972]  ret_from_fork+0x41/0x80
[   11.758233]  ret_from_fork_asm+0x1a/0x30
[   11.758607] 
[   11.759274] The buggy address belongs to the object at ffff8881003a1400
[   11.759274]  which belongs to the cache kmalloc-256 of size 256
[   11.759836] The buggy address is located 33 bytes to the right of
[   11.759836]  allocated 201-byte region [ffff8881003a1400, ffff8881003a14c9)
[   11.760872] 
[   11.760995] The buggy address belongs to the physical page:
[   11.761435] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0
[   11.761837] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.762185] flags: 0x200000000000040(head|node=0|zone=2)
[   11.762584] page_type: f5(slab)
[   11.762845] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.763441] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.763889] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.764308] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.765201] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000
[   11.765538] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   11.765804] page dumped because: kasan: bad access detected
[   11.766199] 
[   11.766299] Memory state around the buggy address:
[   11.766628]  ffff8881003a1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.767160]  ffff8881003a1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.767592] >ffff8881003a1480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.768200]                                                           ^
[   11.768569]  ffff8881003a1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.769005]  ffff8881003a1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.769369] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2xxIdguHQMrEdKxoALYIR9ORtte

job_id

TEST:linaro@lkft#2xxIjQJxRrEeLpwsZsY9SnQG5nO

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxIjQJxRrEeLpwsZsY9SnQG5nO

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIfo3dmcsvEb3fP79mZuPfKgN/bzImage
sha256sum	f47939369a08d100f31f22eb9ab10753d515d52b53c2b455387dc257dc689080

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIfo3dmcsvEb3fP79mZuPfKgN/modules.tar.xz
sha256sum	3f0efe0d9f1c7488cb69dab3e9481c90b1ede5362ab3cae6ced46f43b3c86196

durations

tests

boot	0
kunit	261.07

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit