lkft/linux-stable-rc-linux-6.12.y - v6.12.31-56-gce2ebbe0294c - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper

Date

June 2, 2025, 2:10 p.m.

Environment
qemu-arm64
qemu-x86_64

[   19.292311] ==================================================================
[   19.293096] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x628/0x690
[   19.294224] Write of size 1 at addr fff00000c44794eb by task kunit_try_catch/143
[   19.295365] 
[   19.295924] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.296142] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.296201] Hardware name: linux,dummy-virt (DT)
[   19.296283] Call trace:
[   19.296330]  dump_backtrace+0x9c/0x128
[   19.296442]  show_stack+0x20/0x38
[   19.296489]  dump_stack_lvl+0x8c/0xd0
[   19.296537]  print_report+0x118/0x5f0
[   19.296580]  kasan_report+0xdc/0x128
[   19.296621]  __asan_report_store1_noabort+0x20/0x30
[   19.296668]  krealloc_more_oob_helper+0x628/0x690
[   19.296716]  krealloc_more_oob+0x20/0x38
[   19.296759]  kunit_try_run_case+0x170/0x3f0
[   19.296804]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.296852]  kthread+0x24c/0x2d0
[   19.296894]  ret_from_fork+0x10/0x20
[   19.296942] 
[   19.302559] Allocated by task 143:
[   19.302932]  kasan_save_stack+0x3c/0x68
[   19.303415]  kasan_save_track+0x20/0x40
[   19.303908]  kasan_save_alloc_info+0x40/0x58
[   19.304692]  __kasan_krealloc+0x118/0x178
[   19.305110]  krealloc_noprof+0x10c/0x1a0
[   19.305571]  krealloc_more_oob_helper+0x170/0x690
[   19.306024]  krealloc_more_oob+0x20/0x38
[   19.307530]  kunit_try_run_case+0x170/0x3f0
[   19.307951]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.308344]  kthread+0x24c/0x2d0
[   19.308783]  ret_from_fork+0x10/0x20
[   19.309166] 
[   19.309445] The buggy address belongs to the object at fff00000c4479400
[   19.309445]  which belongs to the cache kmalloc-256 of size 256
[   19.310205] The buggy address is located 0 bytes to the right of
[   19.310205]  allocated 235-byte region [fff00000c4479400, fff00000c44794eb)
[   19.311198] 
[   19.311676] The buggy address belongs to the physical page:
[   19.312658] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104478
[   19.313252] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.314323] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.315117] page_type: f5(slab)
[   19.315424] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.316071] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.317115] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.317528] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.318289] head: 0bfffe0000000001 ffffc1ffc3111e01 ffffffffffffffff 0000000000000000
[   19.318868] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   19.319566] page dumped because: kasan: bad access detected
[   19.320065] 
[   19.320552] Memory state around the buggy address:
[   19.320867]  fff00000c4479380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.321298]  fff00000c4479400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.322295] >fff00000c4479480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   19.323027]                                                           ^
[   19.323574]  fff00000c4479500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.324386]  fff00000c4479580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.324968] ==================================================================
[   19.577036] ==================================================================
[   19.577797] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5dc/0x690
[   19.578345] Write of size 1 at addr fff00000c6c520f0 by task kunit_try_catch/147
[   19.579001] 
[   19.579780] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.580005] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.580070] Hardware name: linux,dummy-virt (DT)
[   19.580144] Call trace:
[   19.580201]  dump_backtrace+0x9c/0x128
[   19.580334]  show_stack+0x20/0x38
[   19.580416]  dump_stack_lvl+0x8c/0xd0
[   19.580507]  print_report+0x118/0x5f0
[   19.580596]  kasan_report+0xdc/0x128
[   19.580660]  __asan_report_store1_noabort+0x20/0x30
[   19.580710]  krealloc_more_oob_helper+0x5dc/0x690
[   19.580760]  krealloc_large_more_oob+0x20/0x38
[   19.580807]  kunit_try_run_case+0x170/0x3f0
[   19.580852]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.580900]  kthread+0x24c/0x2d0
[   19.580941]  ret_from_fork+0x10/0x20
[   19.580989] 
[   19.586748] The buggy address belongs to the physical page:
[   19.587373] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106c50
[   19.587922] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.589111] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.589814] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.590475] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.591972] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.592420] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.593036] head: 0bfffe0000000002 ffffc1ffc31b1401 ffffffffffffffff 0000000000000000
[   19.593784] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   19.594367] page dumped because: kasan: bad access detected
[   19.594850] 
[   19.596341] Memory state around the buggy address:
[   19.596764]  fff00000c6c51f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.597160]  fff00000c6c52000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.597573] >fff00000c6c52080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   19.597961]                                                              ^
[   19.600105]  fff00000c6c52100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.602555]  fff00000c6c52180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.603993] ==================================================================
[   19.553368] ==================================================================
[   19.554316] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x628/0x690
[   19.555038] Write of size 1 at addr fff00000c6c520eb by task kunit_try_catch/147
[   19.556109] 
[   19.556707] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.556952] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.557025] Hardware name: linux,dummy-virt (DT)
[   19.557089] Call trace:
[   19.557119]  dump_backtrace+0x9c/0x128
[   19.557185]  show_stack+0x20/0x38
[   19.557226]  dump_stack_lvl+0x8c/0xd0
[   19.557301]  print_report+0x118/0x5f0
[   19.557344]  kasan_report+0xdc/0x128
[   19.557385]  __asan_report_store1_noabort+0x20/0x30
[   19.557431]  krealloc_more_oob_helper+0x628/0x690
[   19.557490]  krealloc_large_more_oob+0x20/0x38
[   19.557543]  kunit_try_run_case+0x170/0x3f0
[   19.557589]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.557638]  kthread+0x24c/0x2d0
[   19.557680]  ret_from_fork+0x10/0x20
[   19.557728] 
[   19.563704] The buggy address belongs to the physical page:
[   19.564179] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106c50
[   19.564718] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.565263] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.565917] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.566584] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.567582] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.568419] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.568988] head: 0bfffe0000000002 ffffc1ffc31b1401 ffffffffffffffff 0000000000000000
[   19.569563] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   19.570154] page dumped because: kasan: bad access detected
[   19.570955] 
[   19.571537] Memory state around the buggy address:
[   19.571788]  fff00000c6c51f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.572011]  fff00000c6c52000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.572224] >fff00000c6c52080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   19.573133]                                                           ^
[   19.573813]  fff00000c6c52100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.574358]  fff00000c6c52180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.574688] ==================================================================
[   19.327010] ==================================================================
[   19.327594] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5dc/0x690
[   19.328503] Write of size 1 at addr fff00000c44794f0 by task kunit_try_catch/143
[   19.328939] 
[   19.329645] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   19.329863] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.329926] Hardware name: linux,dummy-virt (DT)
[   19.330002] Call trace:
[   19.330052]  dump_backtrace+0x9c/0x128
[   19.330156]  show_stack+0x20/0x38
[   19.330233]  dump_stack_lvl+0x8c/0xd0
[   19.330334]  print_report+0x118/0x5f0
[   19.330422]  kasan_report+0xdc/0x128
[   19.330893]  __asan_report_store1_noabort+0x20/0x30
[   19.331013]  krealloc_more_oob_helper+0x5dc/0x690
[   19.331126]  krealloc_more_oob+0x20/0x38
[   19.331206]  kunit_try_run_case+0x170/0x3f0
[   19.331305]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.331390]  kthread+0x24c/0x2d0
[   19.331470]  ret_from_fork+0x10/0x20
[   19.331563] 
[   19.340515] Allocated by task 143:
[   19.341333]  kasan_save_stack+0x3c/0x68
[   19.342776]  kasan_save_track+0x20/0x40
[   19.343589]  kasan_save_alloc_info+0x40/0x58
[   19.345101]  __kasan_krealloc+0x118/0x178
[   19.345683]  krealloc_noprof+0x10c/0x1a0
[   19.346044]  krealloc_more_oob_helper+0x170/0x690
[   19.346679]  krealloc_more_oob+0x20/0x38
[   19.347193]  kunit_try_run_case+0x170/0x3f0
[   19.347619]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.348660]  kthread+0x24c/0x2d0
[   19.348946]  ret_from_fork+0x10/0x20
[   19.349486] 
[   19.349750] The buggy address belongs to the object at fff00000c4479400
[   19.349750]  which belongs to the cache kmalloc-256 of size 256
[   19.350591] The buggy address is located 5 bytes to the right of
[   19.350591]  allocated 235-byte region [fff00000c4479400, fff00000c44794eb)
[   19.352589] 
[   19.352900] The buggy address belongs to the physical page:
[   19.353577] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104478
[   19.354279] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.354990] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.355973] page_type: f5(slab)
[   19.356459] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.357197] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.357935] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   19.358648] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   19.359934] head: 0bfffe0000000001 ffffc1ffc3111e01 ffffffffffffffff 0000000000000000
[   19.360336] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   19.360571] page dumped because: kasan: bad access detected
[   19.360750] 
[   19.360850] Memory state around the buggy address:
[   19.361019]  fff00000c4479380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.361236]  fff00000c4479400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.361600] >fff00000c4479480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   19.362356]                                                              ^
[   19.363017]  fff00000c4479500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.364136]  fff00000c4479580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.364756] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2xxIdguHQMrEdKxoALYIR9ORtte

job_id

TEST:linaro@lkft#2xxIi5L09t6kwacBs4tI1udRkOz

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxIi5L09t6kwacBs4tI1udRkOz

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIehear0M0Ft1sAorKdZqICoH/Image.gz
sha256sum	1699fd6562f7c67b73aebbbfc05df065ca914300415a41191475cca040c72e2b

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIehear0M0Ft1sAorKdZqICoH/modules.tar.xz
sha256sum	13068219ffd7182216805f46c87c8cd5d18ce5749d8957176cfe56777451bb79

durations

tests

boot	0
kunit	307.64

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   11.576568] ==================================================================
[   11.576995] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930
[   11.577432] Write of size 1 at addr ffff888100994ceb by task kunit_try_catch/161
[   11.577862] 
[   11.578064] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.578526] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.578556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.578596] Call Trace:
[   11.578623]  <TASK>
[   11.578668]  dump_stack_lvl+0x73/0xb0
[   11.578729]  print_report+0xd1/0x640
[   11.578778]  ? __virt_addr_valid+0x1db/0x2d0
[   11.578827]  ? krealloc_more_oob_helper+0x823/0x930
[   11.578864]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.578899]  ? krealloc_more_oob_helper+0x823/0x930
[   11.578930]  kasan_report+0x140/0x180
[   11.578969]  ? krealloc_more_oob_helper+0x823/0x930
[   11.579012]  __asan_report_store1_noabort+0x1b/0x30
[   11.579049]  krealloc_more_oob_helper+0x823/0x930
[   11.579083]  ? trace_hardirqs_on+0x37/0xe0
[   11.579130]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.579160]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.579203]  ? __pfx_krealloc_more_oob+0x10/0x10
[   11.579270]  krealloc_more_oob+0x1c/0x30
[   11.579298]  kunit_try_run_case+0x1a6/0x480
[   11.579331]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.579360]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.579390]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.579429]  ? __kthread_parkme+0x82/0x160
[   11.579466]  ? preempt_count_sub+0x50/0x80
[   11.579510]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.579547]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.579580]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.579604]  kthread+0x257/0x310
[   11.579621]  ? __pfx_kthread+0x10/0x10
[   11.579638]  ret_from_fork+0x41/0x80
[   11.579677]  ? __pfx_kthread+0x10/0x10
[   11.579697]  ret_from_fork_asm+0x1a/0x30
[   11.579726]  </TASK>
[   11.579738] 
[   11.589688] Allocated by task 161:
[   11.590256]  kasan_save_stack+0x45/0x70
[   11.590653]  kasan_save_track+0x18/0x40
[   11.590838]  kasan_save_alloc_info+0x3b/0x50
[   11.591015]  __kasan_krealloc+0x190/0x1f0
[   11.591371]  krealloc_noprof+0xc1/0x140
[   11.591673]  krealloc_more_oob_helper+0x1aa/0x930
[   11.592169]  krealloc_more_oob+0x1c/0x30
[   11.592769]  kunit_try_run_case+0x1a6/0x480
[   11.593332]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.593687]  kthread+0x257/0x310
[   11.593977]  ret_from_fork+0x41/0x80
[   11.594460]  ret_from_fork_asm+0x1a/0x30
[   11.594754] 
[   11.594855] The buggy address belongs to the object at ffff888100994c00
[   11.594855]  which belongs to the cache kmalloc-256 of size 256
[   11.595602] The buggy address is located 0 bytes to the right of
[   11.595602]  allocated 235-byte region [ffff888100994c00, ffff888100994ceb)
[   11.596598] 
[   11.596895] The buggy address belongs to the physical page:
[   11.597458] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100994
[   11.597916] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.598326] flags: 0x200000000000040(head|node=0|zone=2)
[   11.598773] page_type: f5(slab)
[   11.598939] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.599419] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.599910] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.601193] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.601595] head: 0200000000000001 ffffea0004026501 ffffffffffffffff 0000000000000000
[   11.602312] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   11.602553] page dumped because: kasan: bad access detected
[   11.602915] 
[   11.603233] Memory state around the buggy address:
[   11.603569]  ffff888100994b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.603977]  ffff888100994c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.604785] >ffff888100994c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   11.605364]                                                           ^
[   11.605693]  ffff888100994d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.606030]  ffff888100994d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.606722] ==================================================================
[   11.828504] ==================================================================
[   11.828924] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930
[   11.829178] Write of size 1 at addr ffff8881025160f0 by task kunit_try_catch/165
[   11.829847] 
[   11.830065] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.830163] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.830188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.830225] Call Trace:
[   11.830255]  <TASK>
[   11.830284]  dump_stack_lvl+0x73/0xb0
[   11.830340]  print_report+0xd1/0x640
[   11.830385]  ? __virt_addr_valid+0x1db/0x2d0
[   11.830427]  ? krealloc_more_oob_helper+0x7ed/0x930
[   11.830461]  ? kasan_addr_to_slab+0x11/0xa0
[   11.830718]  ? krealloc_more_oob_helper+0x7ed/0x930
[   11.830767]  kasan_report+0x140/0x180
[   11.830827]  ? krealloc_more_oob_helper+0x7ed/0x930
[   11.830880]  __asan_report_store1_noabort+0x1b/0x30
[   11.830923]  krealloc_more_oob_helper+0x7ed/0x930
[   11.830963]  ? __schedule+0xc49/0x27a0
[   11.831008]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.831046]  ? finish_task_switch.isra.0+0x153/0x700
[   11.831221]  ? __switch_to+0x5d9/0xf60
[   11.831281]  ? __schedule+0xc49/0x27a0
[   11.831332]  ? __pfx_read_tsc+0x10/0x10
[   11.831375]  krealloc_large_more_oob+0x1c/0x30
[   11.831412]  kunit_try_run_case+0x1a6/0x480
[   11.831451]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.831486]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.831521]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.831567]  ? __kthread_parkme+0x82/0x160
[   11.831605]  ? preempt_count_sub+0x50/0x80
[   11.831674]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.831702]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.831725]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.831749]  kthread+0x257/0x310
[   11.831766]  ? __pfx_kthread+0x10/0x10
[   11.831783]  ret_from_fork+0x41/0x80
[   11.831801]  ? __pfx_kthread+0x10/0x10
[   11.831818]  ret_from_fork_asm+0x1a/0x30
[   11.831846]  </TASK>
[   11.831859] 
[   11.842011] The buggy address belongs to the physical page:
[   11.842422] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102514
[   11.843016] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.843875] flags: 0x200000000000040(head|node=0|zone=2)
[   11.844327] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.844963] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.845523] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.846381] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.846871] head: 0200000000000002 ffffea0004094501 ffffffffffffffff 0000000000000000
[   11.847154] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   11.847562] page dumped because: kasan: bad access detected
[   11.847843] 
[   11.847963] Memory state around the buggy address:
[   11.848144]  ffff888102515f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.848592]  ffff888102516000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.849496] >ffff888102516080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   11.849876]                                                              ^
[   11.850453]  ffff888102516100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.850714]  ffff888102516180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.851283] ==================================================================
[   11.804879] ==================================================================
[   11.805324] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930
[   11.805837] Write of size 1 at addr ffff8881025160eb by task kunit_try_catch/165
[   11.806149] 
[   11.806321] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.806402] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.806426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.806464] Call Trace:
[   11.806490]  <TASK>
[   11.806517]  dump_stack_lvl+0x73/0xb0
[   11.806567]  print_report+0xd1/0x640
[   11.806608]  ? __virt_addr_valid+0x1db/0x2d0
[   11.806646]  ? krealloc_more_oob_helper+0x823/0x930
[   11.807182]  ? kasan_addr_to_slab+0x11/0xa0
[   11.807226]  ? krealloc_more_oob_helper+0x823/0x930
[   11.807260]  kasan_report+0x140/0x180
[   11.807302]  ? krealloc_more_oob_helper+0x823/0x930
[   11.807395]  __asan_report_store1_noabort+0x1b/0x30
[   11.807473]  krealloc_more_oob_helper+0x823/0x930
[   11.807519]  ? __schedule+0xc49/0x27a0
[   11.807560]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.807598]  ? finish_task_switch.isra.0+0x153/0x700
[   11.807783]  ? __switch_to+0x5d9/0xf60
[   11.807811]  ? __schedule+0xc49/0x27a0
[   11.807830]  ? __pfx_read_tsc+0x10/0x10
[   11.807851]  krealloc_large_more_oob+0x1c/0x30
[   11.807871]  kunit_try_run_case+0x1a6/0x480
[   11.807892]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.807909]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.807928]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.807949]  ? __kthread_parkme+0x82/0x160
[   11.807968]  ? preempt_count_sub+0x50/0x80
[   11.807988]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.808006]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.808028]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.808065]  kthread+0x257/0x310
[   11.808337]  ? __pfx_kthread+0x10/0x10
[   11.808358]  ret_from_fork+0x41/0x80
[   11.808377]  ? __pfx_kthread+0x10/0x10
[   11.808393]  ret_from_fork_asm+0x1a/0x30
[   11.808422]  </TASK>
[   11.808434] 
[   11.818457] The buggy address belongs to the physical page:
[   11.818775] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102514
[   11.819261] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.819770] flags: 0x200000000000040(head|node=0|zone=2)
[   11.820003] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.820731] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.821224] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.821642] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   11.822508] head: 0200000000000002 ffffea0004094501 ffffffffffffffff 0000000000000000
[   11.822889] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   11.823535] page dumped because: kasan: bad access detected
[   11.823829] 
[   11.823981] Memory state around the buggy address:
[   11.824354]  ffff888102515f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.825182]  ffff888102516000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.825474] >ffff888102516080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   11.826017]                                                           ^
[   11.826704]  ffff888102516100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.826933]  ffff888102516180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.827574] ==================================================================
[   11.607748] ==================================================================
[   11.608566] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930
[   11.609116] Write of size 1 at addr ffff888100994cf0 by task kunit_try_catch/161
[   11.609592] 
[   11.609788] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   11.609876] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.609908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.609961] Call Trace:
[   11.609989]  <TASK>
[   11.610019]  dump_stack_lvl+0x73/0xb0
[   11.610294]  print_report+0xd1/0x640
[   11.610340]  ? __virt_addr_valid+0x1db/0x2d0
[   11.610391]  ? krealloc_more_oob_helper+0x7ed/0x930
[   11.610442]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.610488]  ? krealloc_more_oob_helper+0x7ed/0x930
[   11.610524]  kasan_report+0x140/0x180
[   11.610567]  ? krealloc_more_oob_helper+0x7ed/0x930
[   11.610619]  __asan_report_store1_noabort+0x1b/0x30
[   11.610674]  krealloc_more_oob_helper+0x7ed/0x930
[   11.610715]  ? trace_hardirqs_on+0x37/0xe0
[   11.610761]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.610794]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.610824]  ? __pfx_krealloc_more_oob+0x10/0x10
[   11.610849]  krealloc_more_oob+0x1c/0x30
[   11.610866]  kunit_try_run_case+0x1a6/0x480
[   11.610887]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.610904]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.610924]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.610947]  ? __kthread_parkme+0x82/0x160
[   11.610964]  ? preempt_count_sub+0x50/0x80
[   11.610986]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.611003]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.611026]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.611062]  kthread+0x257/0x310
[   11.611136]  ? __pfx_kthread+0x10/0x10
[   11.611168]  ret_from_fork+0x41/0x80
[   11.611197]  ? __pfx_kthread+0x10/0x10
[   11.611221]  ret_from_fork_asm+0x1a/0x30
[   11.611249]  </TASK>
[   11.611261] 
[   11.621808] Allocated by task 161:
[   11.621992]  kasan_save_stack+0x45/0x70
[   11.622186]  kasan_save_track+0x18/0x40
[   11.622471]  kasan_save_alloc_info+0x3b/0x50
[   11.622943]  __kasan_krealloc+0x190/0x1f0
[   11.623495]  krealloc_noprof+0xc1/0x140
[   11.624028]  krealloc_more_oob_helper+0x1aa/0x930
[   11.624430]  krealloc_more_oob+0x1c/0x30
[   11.624606]  kunit_try_run_case+0x1a6/0x480
[   11.624856]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.625541]  kthread+0x257/0x310
[   11.626047]  ret_from_fork+0x41/0x80
[   11.626552]  ret_from_fork_asm+0x1a/0x30
[   11.627511] 
[   11.627635] The buggy address belongs to the object at ffff888100994c00
[   11.627635]  which belongs to the cache kmalloc-256 of size 256
[   11.628516] The buggy address is located 5 bytes to the right of
[   11.628516]  allocated 235-byte region [ffff888100994c00, ffff888100994ceb)
[   11.629395] 
[   11.629556] The buggy address belongs to the physical page:
[   11.629735] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100994
[   11.630363] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.630692] flags: 0x200000000000040(head|node=0|zone=2)
[   11.630939] page_type: f5(slab)
[   11.631213] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.631499] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.632488] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.632743] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   11.633210] head: 0200000000000001 ffffea0004026501 ffffffffffffffff 0000000000000000
[   11.633668] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   11.634112] page dumped because: kasan: bad access detected
[   11.634463] 
[   11.634561] Memory state around the buggy address:
[   11.634903]  ffff888100994b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.635173]  ffff888100994c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.635486] >ffff888100994c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   11.636392]                                                              ^
[   11.636794]  ffff888100994d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.637253]  ffff888100994d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.637575] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2xxIdguHQMrEdKxoALYIR9ORtte

job_id

TEST:linaro@lkft#2xxIjQJxRrEeLpwsZsY9SnQG5nO

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxIjQJxRrEeLpwsZsY9SnQG5nO

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIfo3dmcsvEb3fP79mZuPfKgN/bzImage
sha256sum	f47939369a08d100f31f22eb9ab10753d515d52b53c2b455387dc257dc689080

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIfo3dmcsvEb3fP79mZuPfKgN/modules.tar.xz
sha256sum	3f0efe0d9f1c7488cb69dab3e9481c90b1ede5362ab3cae6ced46f43b3c86196

durations

tests

boot	0
kunit	261.07

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit