lkft/linux-stable-rc-linux-6.12.y - v6.12.32-25-g6fa41e6c65f7 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper

Date

June 7, 2025, 10:40 a.m.

Environment
qemu-arm64
qemu-x86_64

[   20.778241] ==================================================================
[   20.779091] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa98/0xbc8
[   20.780100] Write of size 1 at addr fff00000c1e2d8ea by task kunit_try_catch/146
[   20.780874] 
[   20.781198] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   20.781391] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.781455] Hardware name: linux,dummy-virt (DT)
[   20.781523] Call trace:
[   20.781573]  dump_backtrace+0x9c/0x128
[   20.781667]  show_stack+0x20/0x38
[   20.781762]  dump_stack_lvl+0x8c/0xd0
[   20.781922]  print_report+0x118/0x5f0
[   20.782057]  kasan_report+0xdc/0x128
[   20.782167]  __asan_report_store1_noabort+0x20/0x30
[   20.782289]  krealloc_less_oob_helper+0xa98/0xbc8
[   20.782412]  krealloc_less_oob+0x20/0x38
[   20.782577]  kunit_try_run_case+0x170/0x3f0
[   20.782691]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.782814]  kthread+0x24c/0x2d0
[   20.782886]  ret_from_fork+0x10/0x20
[   20.782936] 
[   20.793440] Allocated by task 146:
[   20.794181]  kasan_save_stack+0x3c/0x68
[   20.794846]  kasan_save_track+0x20/0x40
[   20.795416]  kasan_save_alloc_info+0x40/0x58
[   20.795950]  __kasan_krealloc+0x118/0x178
[   20.797258]  krealloc_noprof+0x10c/0x1a0
[   20.797804]  krealloc_less_oob_helper+0x170/0xbc8
[   20.798434]  krealloc_less_oob+0x20/0x38
[   20.798981]  kunit_try_run_case+0x170/0x3f0
[   20.799544]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.800213]  kthread+0x24c/0x2d0
[   20.800759]  ret_from_fork+0x10/0x20
[   20.801568] 
[   20.801864] The buggy address belongs to the object at fff00000c1e2d800
[   20.801864]  which belongs to the cache kmalloc-256 of size 256
[   20.803214] The buggy address is located 33 bytes to the right of
[   20.803214]  allocated 201-byte region [fff00000c1e2d800, fff00000c1e2d8c9)
[   20.805039] 
[   20.805358] The buggy address belongs to the physical page:
[   20.805877] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e2c
[   20.806731] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.807701] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.808632] page_type: f5(slab)
[   20.809166] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.809899] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.810742] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.811695] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.812598] head: 0bfffe0000000001 ffffc1ffc3078b01 ffffffffffffffff 0000000000000000
[   20.813398] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   20.814141] page dumped because: kasan: bad access detected
[   20.814725] 
[   20.815122] Memory state around the buggy address:
[   20.815607]  fff00000c1e2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.816560]  fff00000c1e2d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.817414] >fff00000c1e2d880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   20.818098]                                                           ^
[   20.818885]  fff00000c1e2d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.819707]  fff00000c1e2d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.820540] ==================================================================
[   20.972637] ==================================================================
[   20.973796] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb20/0xbc8
[   20.974534] Write of size 1 at addr fff00000c69660d0 by task kunit_try_catch/150
[   20.975249] 
[   20.975651] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   20.975858] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.975935] Hardware name: linux,dummy-virt (DT)
[   20.976041] Call trace:
[   20.976110]  dump_backtrace+0x9c/0x128
[   20.976229]  show_stack+0x20/0x38
[   20.976334]  dump_stack_lvl+0x8c/0xd0
[   20.976436]  print_report+0x118/0x5f0
[   20.976576]  kasan_report+0xdc/0x128
[   20.976679]  __asan_report_store1_noabort+0x20/0x30
[   20.976736]  krealloc_less_oob_helper+0xb20/0xbc8
[   20.976802]  krealloc_large_less_oob+0x20/0x38
[   20.976855]  kunit_try_run_case+0x170/0x3f0
[   20.976904]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.976956]  kthread+0x24c/0x2d0
[   20.977035]  ret_from_fork+0x10/0x20
[   20.977082] 
[   20.983508] The buggy address belongs to the physical page:
[   20.984090] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106964
[   20.985833] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.986627] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.988231] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.989052] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.989853] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.990622] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.991471] head: 0bfffe0000000002 ffffc1ffc31a5901 ffffffffffffffff 0000000000000000
[   20.992256] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   20.993053] page dumped because: kasan: bad access detected
[   20.993683] 
[   20.994048] Memory state around the buggy address:
[   20.994580]  fff00000c6965f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.995320]  fff00000c6966000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.996206] >fff00000c6966080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   20.996982]                                                  ^
[   20.997711]  fff00000c6966100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.998550]  fff00000c6966180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.999266] ==================================================================
[   20.644651] ==================================================================
[   20.645693] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa2c/0xbc8
[   20.646478] Write of size 1 at addr fff00000c1e2d8c9 by task kunit_try_catch/146
[   20.647377] 
[   20.647703] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   20.647899] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.647987] Hardware name: linux,dummy-virt (DT)
[   20.648067] Call trace:
[   20.648126]  dump_backtrace+0x9c/0x128
[   20.648231]  show_stack+0x20/0x38
[   20.648319]  dump_stack_lvl+0x8c/0xd0
[   20.648412]  print_report+0x118/0x5f0
[   20.648513]  kasan_report+0xdc/0x128
[   20.648662]  __asan_report_store1_noabort+0x20/0x30
[   20.648801]  krealloc_less_oob_helper+0xa2c/0xbc8
[   20.648920]  krealloc_less_oob+0x20/0x38
[   20.649056]  kunit_try_run_case+0x170/0x3f0
[   20.649213]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.649342]  kthread+0x24c/0x2d0
[   20.649407]  ret_from_fork+0x10/0x20
[   20.649457] 
[   20.656685] Allocated by task 146:
[   20.657081]  kasan_save_stack+0x3c/0x68
[   20.657486]  kasan_save_track+0x20/0x40
[   20.657855]  kasan_save_alloc_info+0x40/0x58
[   20.661074]  __kasan_krealloc+0x118/0x178
[   20.662281]  krealloc_noprof+0x10c/0x1a0
[   20.664439]  krealloc_less_oob_helper+0x170/0xbc8
[   20.665568]  krealloc_less_oob+0x20/0x38
[   20.666583]  kunit_try_run_case+0x170/0x3f0
[   20.668348]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.670049]  kthread+0x24c/0x2d0
[   20.670618]  ret_from_fork+0x10/0x20
[   20.671251] 
[   20.671743] The buggy address belongs to the object at fff00000c1e2d800
[   20.671743]  which belongs to the cache kmalloc-256 of size 256
[   20.673434] The buggy address is located 0 bytes to the right of
[   20.673434]  allocated 201-byte region [fff00000c1e2d800, fff00000c1e2d8c9)
[   20.674752] 
[   20.675148] The buggy address belongs to the physical page:
[   20.676240] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e2c
[   20.677189] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.678065] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.678734] page_type: f5(slab)
[   20.679421] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.680387] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.681490] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.682447] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.683449] head: 0bfffe0000000001 ffffc1ffc3078b01 ffffffffffffffff 0000000000000000
[   20.684860] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   20.685587] page dumped because: kasan: bad access detected
[   20.686131] 
[   20.686403] Memory state around the buggy address:
[   20.687072]  fff00000c1e2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.688593]  fff00000c1e2d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.689422] >fff00000c1e2d880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   20.690215]                                               ^
[   20.690878]  fff00000c1e2d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.691727]  fff00000c1e2d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.692496] ==================================================================
[   21.000798] ==================================================================
[   21.002185] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa54/0xbc8
[   21.002947] Write of size 1 at addr fff00000c69660da by task kunit_try_catch/150
[   21.004502] 
[   21.004806] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   21.005160] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.005254] Hardware name: linux,dummy-virt (DT)
[   21.005340] Call trace:
[   21.005405]  dump_backtrace+0x9c/0x128
[   21.005474]  show_stack+0x20/0x38
[   21.005516]  dump_stack_lvl+0x8c/0xd0
[   21.005560]  print_report+0x118/0x5f0
[   21.005603]  kasan_report+0xdc/0x128
[   21.005644]  __asan_report_store1_noabort+0x20/0x30
[   21.005693]  krealloc_less_oob_helper+0xa54/0xbc8
[   21.005744]  krealloc_large_less_oob+0x20/0x38
[   21.005793]  kunit_try_run_case+0x170/0x3f0
[   21.005838]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.005890]  kthread+0x24c/0x2d0
[   21.005933]  ret_from_fork+0x10/0x20
[   21.006009] 
[   21.014081] The buggy address belongs to the physical page:
[   21.014702] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106964
[   21.016032] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.016928] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   21.017747] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.018582] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   21.019751] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.020458] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   21.021321] head: 0bfffe0000000002 ffffc1ffc31a5901 ffffffffffffffff 0000000000000000
[   21.022087] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   21.022820] page dumped because: kasan: bad access detected
[   21.023506] 
[   21.023782] Memory state around the buggy address:
[   21.024439]  fff00000c6965f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.025145]  fff00000c6966000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.025891] >fff00000c6966080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   21.026595]                                                     ^
[   21.027257]  fff00000c6966100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.027939]  fff00000c6966180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.029735] ==================================================================
[   21.061080] ==================================================================
[   21.061695] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa3c/0xbc8
[   21.062372] Write of size 1 at addr fff00000c69660eb by task kunit_try_catch/150
[   21.063045] 
[   21.063392] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   21.063596] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.063672] Hardware name: linux,dummy-virt (DT)
[   21.063755] Call trace:
[   21.063819]  dump_backtrace+0x9c/0x128
[   21.063931]  show_stack+0x20/0x38
[   21.064056]  dump_stack_lvl+0x8c/0xd0
[   21.064163]  print_report+0x118/0x5f0
[   21.064267]  kasan_report+0xdc/0x128
[   21.064372]  __asan_report_store1_noabort+0x20/0x30
[   21.064489]  krealloc_less_oob_helper+0xa3c/0xbc8
[   21.064608]  krealloc_large_less_oob+0x20/0x38
[   21.064777]  kunit_try_run_case+0x170/0x3f0
[   21.064885]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.065016]  kthread+0x24c/0x2d0
[   21.065069]  ret_from_fork+0x10/0x20
[   21.065116] 
[   21.074138] The buggy address belongs to the physical page:
[   21.074837] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106964
[   21.075750] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.077294] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   21.078072] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.078914] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   21.079757] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.080590] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   21.081411] head: 0bfffe0000000002 ffffc1ffc31a5901 ffffffffffffffff 0000000000000000
[   21.082192] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   21.082922] page dumped because: kasan: bad access detected
[   21.083524] 
[   21.083839] Memory state around the buggy address:
[   21.084471]  fff00000c6965f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.085319]  fff00000c6966000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.086151] >fff00000c6966080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   21.086867]                                                           ^
[   21.087608]  fff00000c6966100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.088344]  fff00000c6966180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.089091] ==================================================================
[   20.694264] ==================================================================
[   20.695054] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb20/0xbc8
[   20.696039] Write of size 1 at addr fff00000c1e2d8d0 by task kunit_try_catch/146
[   20.697124] 
[   20.697522] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   20.697817] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.697892] Hardware name: linux,dummy-virt (DT)
[   20.697996] Call trace:
[   20.698054]  dump_backtrace+0x9c/0x128
[   20.698157]  show_stack+0x20/0x38
[   20.698246]  dump_stack_lvl+0x8c/0xd0
[   20.698332]  print_report+0x118/0x5f0
[   20.698415]  kasan_report+0xdc/0x128
[   20.698507]  __asan_report_store1_noabort+0x20/0x30
[   20.698618]  krealloc_less_oob_helper+0xb20/0xbc8
[   20.698740]  krealloc_less_oob+0x20/0x38
[   20.698938]  kunit_try_run_case+0x170/0x3f0
[   20.699066]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.699271]  kthread+0x24c/0x2d0
[   20.699405]  ret_from_fork+0x10/0x20
[   20.699628] 
[   20.707357] Allocated by task 146:
[   20.707941]  kasan_save_stack+0x3c/0x68
[   20.708562]  kasan_save_track+0x20/0x40
[   20.709080]  kasan_save_alloc_info+0x40/0x58
[   20.709808]  __kasan_krealloc+0x118/0x178
[   20.710477]  krealloc_noprof+0x10c/0x1a0
[   20.710908]  krealloc_less_oob_helper+0x170/0xbc8
[   20.711904]  krealloc_less_oob+0x20/0x38
[   20.712654]  kunit_try_run_case+0x170/0x3f0
[   20.713405]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.714149]  kthread+0x24c/0x2d0
[   20.714707]  ret_from_fork+0x10/0x20
[   20.715349] 
[   20.715609] The buggy address belongs to the object at fff00000c1e2d800
[   20.715609]  which belongs to the cache kmalloc-256 of size 256
[   20.717136] The buggy address is located 7 bytes to the right of
[   20.717136]  allocated 201-byte region [fff00000c1e2d800, fff00000c1e2d8c9)
[   20.718542] 
[   20.718917] The buggy address belongs to the physical page:
[   20.719518] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e2c
[   20.720200] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.721095] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.721842] page_type: f5(slab)
[   20.722422] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.723199] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.724038] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.724857] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.725669] head: 0bfffe0000000001 ffffc1ffc3078b01 ffffffffffffffff 0000000000000000
[   20.726529] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   20.727305] page dumped because: kasan: bad access detected
[   20.727935] 
[   20.728279] Memory state around the buggy address:
[   20.728901]  fff00000c1e2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.729656]  fff00000c1e2d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.730450] >fff00000c1e2d880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   20.731194]                                                  ^
[   20.731852]  fff00000c1e2d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.732630]  fff00000c1e2d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.733407] ==================================================================
[   20.942075] ==================================================================
[   20.943130] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa2c/0xbc8
[   20.944909] Write of size 1 at addr fff00000c69660c9 by task kunit_try_catch/150
[   20.945640] 
[   20.945979] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   20.946167] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.946231] Hardware name: linux,dummy-virt (DT)
[   20.946319] Call trace:
[   20.946387]  dump_backtrace+0x9c/0x128
[   20.946504]  show_stack+0x20/0x38
[   20.946611]  dump_stack_lvl+0x8c/0xd0
[   20.946773]  print_report+0x118/0x5f0
[   20.946887]  kasan_report+0xdc/0x128
[   20.947012]  __asan_report_store1_noabort+0x20/0x30
[   20.947132]  krealloc_less_oob_helper+0xa2c/0xbc8
[   20.947205]  krealloc_large_less_oob+0x20/0x38
[   20.947256]  kunit_try_run_case+0x170/0x3f0
[   20.947302]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.947354]  kthread+0x24c/0x2d0
[   20.947453]  ret_from_fork+0x10/0x20
[   20.947560] 
[   20.955224] The buggy address belongs to the physical page:
[   20.956270] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106964
[   20.957511] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.958225] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.959035] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.959993] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.960907] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.961726] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.962565] head: 0bfffe0000000002 ffffc1ffc31a5901 ffffffffffffffff 0000000000000000
[   20.963431] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   20.964250] page dumped because: kasan: bad access detected
[   20.964705] 
[   20.964951] Memory state around the buggy address:
[   20.965482]  fff00000c6965f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.966343]  fff00000c6966000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.967056] >fff00000c6966080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   20.968077]                                               ^
[   20.968951]  fff00000c6966100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.969804]  fff00000c6966180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.970926] ==================================================================
[   20.736205] ==================================================================
[   20.736871] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa54/0xbc8
[   20.737733] Write of size 1 at addr fff00000c1e2d8da by task kunit_try_catch/146
[   20.738473] 
[   20.738808] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   20.739059] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.739154] Hardware name: linux,dummy-virt (DT)
[   20.739270] Call trace:
[   20.739325]  dump_backtrace+0x9c/0x128
[   20.739468]  show_stack+0x20/0x38
[   20.739578]  dump_stack_lvl+0x8c/0xd0
[   20.739682]  print_report+0x118/0x5f0
[   20.739782]  kasan_report+0xdc/0x128
[   20.739889]  __asan_report_store1_noabort+0x20/0x30
[   20.740063]  krealloc_less_oob_helper+0xa54/0xbc8
[   20.740187]  krealloc_less_oob+0x20/0x38
[   20.740324]  kunit_try_run_case+0x170/0x3f0
[   20.740465]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.740541]  kthread+0x24c/0x2d0
[   20.740589]  ret_from_fork+0x10/0x20
[   20.740637] 
[   20.748185] Allocated by task 146:
[   20.748687]  kasan_save_stack+0x3c/0x68
[   20.749296]  kasan_save_track+0x20/0x40
[   20.749843]  kasan_save_alloc_info+0x40/0x58
[   20.750472]  __kasan_krealloc+0x118/0x178
[   20.751072]  krealloc_noprof+0x10c/0x1a0
[   20.751901]  krealloc_less_oob_helper+0x170/0xbc8
[   20.752613]  krealloc_less_oob+0x20/0x38
[   20.753233]  kunit_try_run_case+0x170/0x3f0
[   20.753785]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.754494]  kthread+0x24c/0x2d0
[   20.755077]  ret_from_fork+0x10/0x20
[   20.755991] 
[   20.756364] The buggy address belongs to the object at fff00000c1e2d800
[   20.756364]  which belongs to the cache kmalloc-256 of size 256
[   20.758465] The buggy address is located 17 bytes to the right of
[   20.758465]  allocated 201-byte region [fff00000c1e2d800, fff00000c1e2d8c9)
[   20.760048] 
[   20.760389] The buggy address belongs to the physical page:
[   20.761058] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e2c
[   20.761925] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.762815] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.763581] page_type: f5(slab)
[   20.764081] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.764932] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.765778] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.766633] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.767473] head: 0bfffe0000000001 ffffc1ffc3078b01 ffffffffffffffff 0000000000000000
[   20.768319] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   20.769123] page dumped because: kasan: bad access detected
[   20.769743] 
[   20.770107] Memory state around the buggy address:
[   20.770729]  fff00000c1e2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.771488]  fff00000c1e2d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.772290] >fff00000c1e2d880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   20.773073]                                                     ^
[   20.773749]  fff00000c1e2d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.774523]  fff00000c1e2d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.775337] ==================================================================
[   20.822259] ==================================================================
[   20.823015] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa3c/0xbc8
[   20.824281] Write of size 1 at addr fff00000c1e2d8eb by task kunit_try_catch/146
[   20.825088] 
[   20.825430] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   20.825637] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.825714] Hardware name: linux,dummy-virt (DT)
[   20.825799] Call trace:
[   20.825849]  dump_backtrace+0x9c/0x128
[   20.825902]  show_stack+0x20/0x38
[   20.825944]  dump_stack_lvl+0x8c/0xd0
[   20.826063]  print_report+0x118/0x5f0
[   20.826172]  kasan_report+0xdc/0x128
[   20.826284]  __asan_report_store1_noabort+0x20/0x30
[   20.826411]  krealloc_less_oob_helper+0xa3c/0xbc8
[   20.826534]  krealloc_less_oob+0x20/0x38
[   20.826653]  kunit_try_run_case+0x170/0x3f0
[   20.826769]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.826833]  kthread+0x24c/0x2d0
[   20.826876]  ret_from_fork+0x10/0x20
[   20.826923] 
[   20.834765] Allocated by task 146:
[   20.835273]  kasan_save_stack+0x3c/0x68
[   20.835709]  kasan_save_track+0x20/0x40
[   20.836403]  kasan_save_alloc_info+0x40/0x58
[   20.836990]  __kasan_krealloc+0x118/0x178
[   20.837528]  krealloc_noprof+0x10c/0x1a0
[   20.838626]  krealloc_less_oob_helper+0x170/0xbc8
[   20.839392]  krealloc_less_oob+0x20/0x38
[   20.840304]  kunit_try_run_case+0x170/0x3f0
[   20.840717]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.841460]  kthread+0x24c/0x2d0
[   20.841941]  ret_from_fork+0x10/0x20
[   20.842480] 
[   20.842787] The buggy address belongs to the object at fff00000c1e2d800
[   20.842787]  which belongs to the cache kmalloc-256 of size 256
[   20.844212] The buggy address is located 34 bytes to the right of
[   20.844212]  allocated 201-byte region [fff00000c1e2d800, fff00000c1e2d8c9)
[   20.845851] 
[   20.846186] The buggy address belongs to the physical page:
[   20.846739] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e2c
[   20.847905] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.848672] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.849387] page_type: f5(slab)
[   20.849868] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.850723] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.851566] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.852547] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.853366] head: 0bfffe0000000001 ffffc1ffc3078b01 ffffffffffffffff 0000000000000000
[   20.854147] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   20.854850] page dumped because: kasan: bad access detected
[   20.855489] 
[   20.855793] Memory state around the buggy address:
[   20.856427]  fff00000c1e2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.857800]  fff00000c1e2d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.858694] >fff00000c1e2d880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   20.859340]                                                           ^
[   20.860107]  fff00000c1e2d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.860912]  fff00000c1e2d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.861783] ==================================================================
[   21.030657] ==================================================================
[   21.031742] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa98/0xbc8
[   21.032907] Write of size 1 at addr fff00000c69660ea by task kunit_try_catch/150
[   21.033682] 
[   21.034012] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   21.034178] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.034214] Hardware name: linux,dummy-virt (DT)
[   21.034251] Call trace:
[   21.034291]  dump_backtrace+0x9c/0x128
[   21.034453]  show_stack+0x20/0x38
[   21.034562]  dump_stack_lvl+0x8c/0xd0
[   21.034670]  print_report+0x118/0x5f0
[   21.034776]  kasan_report+0xdc/0x128
[   21.034881]  __asan_report_store1_noabort+0x20/0x30
[   21.035016]  krealloc_less_oob_helper+0xa98/0xbc8
[   21.035076]  krealloc_large_less_oob+0x20/0x38
[   21.035129]  kunit_try_run_case+0x170/0x3f0
[   21.035176]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.035228]  kthread+0x24c/0x2d0
[   21.035275]  ret_from_fork+0x10/0x20
[   21.035322] 
[   21.043067] The buggy address belongs to the physical page:
[   21.043592] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106964
[   21.044754] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.046245] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   21.047714] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.048760] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   21.049625] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.050317] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   21.051084] head: 0bfffe0000000002 ffffc1ffc31a5901 ffffffffffffffff 0000000000000000
[   21.052048] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   21.053198] page dumped because: kasan: bad access detected
[   21.053741] 
[   21.053950] Memory state around the buggy address:
[   21.054647]  fff00000c6965f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.055467]  fff00000c6966000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.056271] >fff00000c6966080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   21.057486]                                                           ^
[   21.058325]  fff00000c6966100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.059176]  fff00000c6966180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.060103] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2yB0eeX4UzmhPDfrKWxPX2wv5o6

job_id

TEST:linaro@lkft#2yB0kxwsmMMf5TOSoRfLrMVWl4a

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yB0kxwsmMMf5TOSoRfLrMVWl4a

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yB0gI0RIgAyHD5ANmcqoG6uHhF/Image.gz
sha256sum	75aa95a59a2a16976acc2bfd609dcfec28b7513bcc85801a3037e488e9adec56

rootfs

url	https://storage.tuxboot.com/debian/20250605/trixie/arm64/rootfs.ext4.xz
sha256sum	905f5619346e1db164ac162d2472afab1c1502c840ccd8eb365c2a644148903b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yB0gI0RIgAyHD5ANmcqoG6uHhF/modules.tar.xz
sha256sum	6c780c90e9118abeea50b10cee62a33213c63803d6de8102694a71a1337eb74d

durations

tests

boot	0
kunit	276.63

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   17.136909] ==================================================================
[   17.138685] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0
[   17.140036] Write of size 1 at addr ffff888102be20c9 by task kunit_try_catch/167
[   17.140479] 
[   17.141420] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   17.141705] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.141740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.141798] Call Trace:
[   17.141877]  <TASK>
[   17.141930]  dump_stack_lvl+0x73/0xb0
[   17.142016]  print_report+0xd1/0x640
[   17.142090]  ? __virt_addr_valid+0x1db/0x2d0
[   17.142168]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   17.142249]  ? kasan_addr_to_slab+0x11/0xa0
[   17.142285]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   17.142314]  kasan_report+0x140/0x180
[   17.142351]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   17.142388]  __asan_report_store1_noabort+0x1b/0x30
[   17.142422]  krealloc_less_oob_helper+0xd72/0x11d0
[   17.142553]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.142594]  ? finish_task_switch.isra.0+0x153/0x700
[   17.142627]  ? __switch_to+0x5d9/0xf60
[   17.142661]  ? __schedule+0xc49/0x27a0
[   17.142690]  ? __pfx_read_tsc+0x10/0x10
[   17.142723]  krealloc_large_less_oob+0x1c/0x30
[   17.142751]  kunit_try_run_case+0x1a6/0x480
[   17.142785]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.142827]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   17.142885]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.142921]  ? __kthread_parkme+0x82/0x160
[   17.142951]  ? preempt_count_sub+0x50/0x80
[   17.142980]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.143008]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.143045]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.143082]  kthread+0x257/0x310
[   17.143109]  ? __pfx_kthread+0x10/0x10
[   17.143135]  ret_from_fork+0x41/0x80
[   17.143165]  ? __pfx_kthread+0x10/0x10
[   17.143190]  ret_from_fork_asm+0x1a/0x30
[   17.143266]  </TASK>
[   17.143284] 
[   17.156301] The buggy address belongs to the physical page:
[   17.157010] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be0
[   17.158749] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.159374] flags: 0x200000000000040(head|node=0|zone=2)
[   17.161091] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.162753] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.163385] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.164448] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.165250] head: 0200000000000002 ffffea00040af801 ffffffffffffffff 0000000000000000
[   17.166329] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   17.167157] page dumped because: kasan: bad access detected
[   17.168151] 
[   17.168327] Memory state around the buggy address:
[   17.169313]  ffff888102be1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.170104]  ffff888102be2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.171130] >ffff888102be2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.172033]                                               ^
[   17.172428]  ffff888102be2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.173370]  ffff888102be2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.174190] ==================================================================
[   16.844481] ==================================================================
[   16.845844] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0
[   16.847945] Write of size 1 at addr ffff88810099d4d0 by task kunit_try_catch/163
[   16.849030] 
[   16.849415] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   16.849644] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.849720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.849781] Call Trace:
[   16.849858]  <TASK>
[   16.849910]  dump_stack_lvl+0x73/0xb0
[   16.850001]  print_report+0xd1/0x640
[   16.850077]  ? __virt_addr_valid+0x1db/0x2d0
[   16.850198]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   16.850329]  ? kasan_complete_mode_report_info+0x2a/0x200
[   16.850411]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   16.850896]  kasan_report+0x140/0x180
[   16.850978]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   16.851060]  __asan_report_store1_noabort+0x1b/0x30
[   16.851128]  krealloc_less_oob_helper+0xe25/0x11d0
[   16.851204]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.851308]  ? finish_task_switch.isra.0+0x153/0x700
[   16.851378]  ? __switch_to+0x5d9/0xf60
[   16.851497]  ? __schedule+0xc49/0x27a0
[   16.851572]  ? __pfx_read_tsc+0x10/0x10
[   16.851645]  krealloc_less_oob+0x1c/0x30
[   16.851739]  kunit_try_run_case+0x1a6/0x480
[   16.851785]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.851846]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   16.851883]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.851919]  ? __kthread_parkme+0x82/0x160
[   16.851946]  ? preempt_count_sub+0x50/0x80
[   16.851975]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.852002]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.852038]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.852073]  kthread+0x257/0x310
[   16.852097]  ? __pfx_kthread+0x10/0x10
[   16.852121]  ret_from_fork+0x41/0x80
[   16.852149]  ? __pfx_kthread+0x10/0x10
[   16.852172]  ret_from_fork_asm+0x1a/0x30
[   16.852238]  </TASK>
[   16.852261] 
[   16.868953] Allocated by task 163:
[   16.869361]  kasan_save_stack+0x45/0x70
[   16.869708]  kasan_save_track+0x18/0x40
[   16.870113]  kasan_save_alloc_info+0x3b/0x50
[   16.870707]  __kasan_krealloc+0x190/0x1f0
[   16.871158]  krealloc_noprof+0xc1/0x140
[   16.871730]  krealloc_less_oob_helper+0x1ab/0x11d0
[   16.872183]  krealloc_less_oob+0x1c/0x30
[   16.872951]  kunit_try_run_case+0x1a6/0x480
[   16.873341]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.874001]  kthread+0x257/0x310
[   16.874385]  ret_from_fork+0x41/0x80
[   16.874944]  ret_from_fork_asm+0x1a/0x30
[   16.875375] 
[   16.875747] The buggy address belongs to the object at ffff88810099d400
[   16.875747]  which belongs to the cache kmalloc-256 of size 256
[   16.876589] The buggy address is located 7 bytes to the right of
[   16.876589]  allocated 201-byte region [ffff88810099d400, ffff88810099d4c9)
[   16.877455] 
[   16.877666] The buggy address belongs to the physical page:
[   16.878141] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c
[   16.879415] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.880118] flags: 0x200000000000040(head|node=0|zone=2)
[   16.880721] page_type: f5(slab)
[   16.881119] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.881937] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   16.882621] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.884010] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   16.885001] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000
[   16.886076] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   16.886848] page dumped because: kasan: bad access detected
[   16.887372] 
[   16.887692] Memory state around the buggy address:
[   16.888246]  ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.888869]  ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.889993] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.890625]                                                  ^
[   16.891176]  ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.891766]  ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.892425] ==================================================================
[   16.793286] ==================================================================
[   16.794228] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0
[   16.795538] Write of size 1 at addr ffff88810099d4c9 by task kunit_try_catch/163
[   16.796712] 
[   16.797085] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   16.797408] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.797444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.797520] Call Trace:
[   16.797562]  <TASK>
[   16.797643]  dump_stack_lvl+0x73/0xb0
[   16.797688]  print_report+0xd1/0x640
[   16.797724]  ? __virt_addr_valid+0x1db/0x2d0
[   16.797760]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   16.797788]  ? kasan_complete_mode_report_info+0x2a/0x200
[   16.797840]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   16.797884]  kasan_report+0x140/0x180
[   16.797920]  ? krealloc_less_oob_helper+0xd72/0x11d0
[   16.797956]  __asan_report_store1_noabort+0x1b/0x30
[   16.797987]  krealloc_less_oob_helper+0xd72/0x11d0
[   16.798020]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.798050]  ? finish_task_switch.isra.0+0x153/0x700
[   16.798079]  ? __switch_to+0x5d9/0xf60
[   16.798112]  ? __schedule+0xc49/0x27a0
[   16.798141]  ? __pfx_read_tsc+0x10/0x10
[   16.798173]  krealloc_less_oob+0x1c/0x30
[   16.798203]  kunit_try_run_case+0x1a6/0x480
[   16.798296]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.798391]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   16.798425]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.798481]  ? __kthread_parkme+0x82/0x160
[   16.798559]  ? preempt_count_sub+0x50/0x80
[   16.798621]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.798675]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.798723]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.798761]  kthread+0x257/0x310
[   16.798787]  ? __pfx_kthread+0x10/0x10
[   16.798830]  ret_from_fork+0x41/0x80
[   16.798872]  ? __pfx_kthread+0x10/0x10
[   16.798898]  ret_from_fork_asm+0x1a/0x30
[   16.798940]  </TASK>
[   16.798954] 
[   16.815050] Allocated by task 163:
[   16.815761]  kasan_save_stack+0x45/0x70
[   16.816282]  kasan_save_track+0x18/0x40
[   16.816860]  kasan_save_alloc_info+0x3b/0x50
[   16.817307]  __kasan_krealloc+0x190/0x1f0
[   16.817723]  krealloc_noprof+0xc1/0x140
[   16.818137]  krealloc_less_oob_helper+0x1ab/0x11d0
[   16.818954]  krealloc_less_oob+0x1c/0x30
[   16.819375]  kunit_try_run_case+0x1a6/0x480
[   16.819995]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.820692]  kthread+0x257/0x310
[   16.821111]  ret_from_fork+0x41/0x80
[   16.821701]  ret_from_fork_asm+0x1a/0x30
[   16.822182] 
[   16.822560] The buggy address belongs to the object at ffff88810099d400
[   16.822560]  which belongs to the cache kmalloc-256 of size 256
[   16.823725] The buggy address is located 0 bytes to the right of
[   16.823725]  allocated 201-byte region [ffff88810099d400, ffff88810099d4c9)
[   16.824939] 
[   16.825176] The buggy address belongs to the physical page:
[   16.825837] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c
[   16.826758] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.827610] flags: 0x200000000000040(head|node=0|zone=2)
[   16.828121] page_type: f5(slab)
[   16.828656] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.829357] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   16.830208] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.831632] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   16.832882] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000
[   16.833736] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   16.834629] page dumped because: kasan: bad access detected
[   16.835265] 
[   16.835420] Memory state around the buggy address:
[   16.836348]  ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.837245]  ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.838021] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.839406]                                               ^
[   16.840394]  ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.841848]  ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.842735] ==================================================================
[   16.997537] ==================================================================
[   16.997794] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0
[   16.998057] Write of size 1 at addr ffff88810099d4eb by task kunit_try_catch/163
[   16.998676] 
[   16.999094] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   16.999232] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.999279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.999336] Call Trace:
[   16.999386]  <TASK>
[   16.999435]  dump_stack_lvl+0x73/0xb0
[   16.999515]  print_report+0xd1/0x640
[   16.999588]  ? __virt_addr_valid+0x1db/0x2d0
[   16.999661]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   16.999727]  ? kasan_complete_mode_report_info+0x2a/0x200
[   16.999799]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   16.999888]  kasan_report+0x140/0x180
[   16.999962]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   17.000043]  __asan_report_store1_noabort+0x1b/0x30
[   17.000103]  krealloc_less_oob_helper+0xd49/0x11d0
[   17.000157]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.000270]  ? finish_task_switch.isra.0+0x153/0x700
[   17.000344]  ? __switch_to+0x5d9/0xf60
[   17.000426]  ? __schedule+0xc49/0x27a0
[   17.000500]  ? __pfx_read_tsc+0x10/0x10
[   17.000575]  krealloc_less_oob+0x1c/0x30
[   17.000640]  kunit_try_run_case+0x1a6/0x480
[   17.000713]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.000772]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   17.000889]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.000967]  ? __kthread_parkme+0x82/0x160
[   17.001139]  ? preempt_count_sub+0x50/0x80
[   17.001233]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.001304]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.001386]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.001509]  kthread+0x257/0x310
[   17.001586]  ? __pfx_kthread+0x10/0x10
[   17.001653]  ret_from_fork+0x41/0x80
[   17.001719]  ? __pfx_kthread+0x10/0x10
[   17.001781]  ret_from_fork_asm+0x1a/0x30
[   17.001914]  </TASK>
[   17.001943] 
[   17.019468] Allocated by task 163:
[   17.019794]  kasan_save_stack+0x45/0x70
[   17.020331]  kasan_save_track+0x18/0x40
[   17.020759]  kasan_save_alloc_info+0x3b/0x50
[   17.021318]  __kasan_krealloc+0x190/0x1f0
[   17.021674]  krealloc_noprof+0xc1/0x140
[   17.021997]  krealloc_less_oob_helper+0x1ab/0x11d0
[   17.022637]  krealloc_less_oob+0x1c/0x30
[   17.023164]  kunit_try_run_case+0x1a6/0x480
[   17.023520]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.024026]  kthread+0x257/0x310
[   17.024402]  ret_from_fork+0x41/0x80
[   17.024824]  ret_from_fork_asm+0x1a/0x30
[   17.025354] 
[   17.025972] The buggy address belongs to the object at ffff88810099d400
[   17.025972]  which belongs to the cache kmalloc-256 of size 256
[   17.026971] The buggy address is located 34 bytes to the right of
[   17.026971]  allocated 201-byte region [ffff88810099d400, ffff88810099d4c9)
[   17.028256] 
[   17.028442] The buggy address belongs to the physical page:
[   17.028966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c
[   17.029831] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.030447] flags: 0x200000000000040(head|node=0|zone=2)
[   17.030866] page_type: f5(slab)
[   17.031236] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   17.032562] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   17.033060] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   17.033945] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   17.034623] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000
[   17.035375] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   17.036126] page dumped because: kasan: bad access detected
[   17.036696] 
[   17.037048] Memory state around the buggy address:
[   17.037404]  ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.038044]  ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.038736] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.040087]                                                           ^
[   17.040823]  ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.041439]  ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.042039] ==================================================================
[   17.264065] ==================================================================
[   17.265191] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0
[   17.266186] Write of size 1 at addr ffff888102be20ea by task kunit_try_catch/167
[   17.266676] 
[   17.267178] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   17.267326] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.267363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.267418] Call Trace:
[   17.267469]  <TASK>
[   17.267686]  dump_stack_lvl+0x73/0xb0
[   17.267768]  print_report+0xd1/0x640
[   17.267847]  ? __virt_addr_valid+0x1db/0x2d0
[   17.267915]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   17.267980]  ? kasan_addr_to_slab+0x11/0xa0
[   17.268049]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   17.268116]  kasan_report+0x140/0x180
[   17.268193]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   17.268297]  __asan_report_store1_noabort+0x1b/0x30
[   17.268371]  krealloc_less_oob_helper+0xe92/0x11d0
[   17.268447]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.268516]  ? finish_task_switch.isra.0+0x153/0x700
[   17.268583]  ? __switch_to+0x5d9/0xf60
[   17.268888]  ? __schedule+0xc49/0x27a0
[   17.268920]  ? __pfx_read_tsc+0x10/0x10
[   17.268952]  krealloc_large_less_oob+0x1c/0x30
[   17.268981]  kunit_try_run_case+0x1a6/0x480
[   17.269013]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.269041]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   17.269070]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.269106]  ? __kthread_parkme+0x82/0x160
[   17.269133]  ? preempt_count_sub+0x50/0x80
[   17.269165]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.269193]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.269257]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.269297]  kthread+0x257/0x310
[   17.269324]  ? __pfx_kthread+0x10/0x10
[   17.269350]  ret_from_fork+0x41/0x80
[   17.269379]  ? __pfx_kthread+0x10/0x10
[   17.269406]  ret_from_fork_asm+0x1a/0x30
[   17.269462]  </TASK>
[   17.269508] 
[   17.284883] The buggy address belongs to the physical page:
[   17.285766] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be0
[   17.286468] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.287135] flags: 0x200000000000040(head|node=0|zone=2)
[   17.287576] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.289165] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.290099] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.290719] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.292617] head: 0200000000000002 ffffea00040af801 ffffffffffffffff 0000000000000000
[   17.293454] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   17.294322] page dumped because: kasan: bad access detected
[   17.295288] 
[   17.295455] Memory state around the buggy address:
[   17.296347]  ffff888102be1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.297199]  ffff888102be2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.298284] >ffff888102be2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.299032]                                                           ^
[   17.299618]  ffff888102be2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.300912]  ffff888102be2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.301387] ==================================================================
[   17.302750] ==================================================================
[   17.304181] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0
[   17.305410] Write of size 1 at addr ffff888102be20eb by task kunit_try_catch/167
[   17.306822] 
[   17.307035] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   17.307123] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.307160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.307232] Call Trace:
[   17.307300]  <TASK>
[   17.307334]  dump_stack_lvl+0x73/0xb0
[   17.307379]  print_report+0xd1/0x640
[   17.307415]  ? __virt_addr_valid+0x1db/0x2d0
[   17.307466]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   17.307635]  ? kasan_addr_to_slab+0x11/0xa0
[   17.307685]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   17.307718]  kasan_report+0x140/0x180
[   17.307753]  ? krealloc_less_oob_helper+0xd49/0x11d0
[   17.307791]  __asan_report_store1_noabort+0x1b/0x30
[   17.307842]  krealloc_less_oob_helper+0xd49/0x11d0
[   17.307882]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.307912]  ? finish_task_switch.isra.0+0x153/0x700
[   17.307941]  ? __switch_to+0x5d9/0xf60
[   17.307973]  ? __schedule+0xc49/0x27a0
[   17.308002]  ? __pfx_read_tsc+0x10/0x10
[   17.308033]  krealloc_large_less_oob+0x1c/0x30
[   17.308060]  kunit_try_run_case+0x1a6/0x480
[   17.308092]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.308120]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   17.308149]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.308185]  ? __kthread_parkme+0x82/0x160
[   17.308232]  ? preempt_count_sub+0x50/0x80
[   17.308306]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.308373]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.308432]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.308732]  kthread+0x257/0x310
[   17.308766]  ? __pfx_kthread+0x10/0x10
[   17.308795]  ret_from_fork+0x41/0x80
[   17.308847]  ? __pfx_kthread+0x10/0x10
[   17.308883]  ret_from_fork_asm+0x1a/0x30
[   17.308925]  </TASK>
[   17.308939] 
[   17.327391] The buggy address belongs to the physical page:
[   17.327965] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be0
[   17.328743] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.330012] flags: 0x200000000000040(head|node=0|zone=2)
[   17.330520] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.331208] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.332271] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.333100] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.333735] head: 0200000000000002 ffffea00040af801 ffffffffffffffff 0000000000000000
[   17.334395] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   17.335427] page dumped because: kasan: bad access detected
[   17.336085] 
[   17.336306] Memory state around the buggy address:
[   17.336776]  ffff888102be1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.337755]  ffff888102be2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.338311] >ffff888102be2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.339578]                                                           ^
[   17.340517]  ffff888102be2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.341199]  ffff888102be2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.342364] ==================================================================
[   16.944994] ==================================================================
[   16.946473] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0
[   16.947346] Write of size 1 at addr ffff88810099d4ea by task kunit_try_catch/163
[   16.947958] 
[   16.948794] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   16.948929] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.948964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.949197] Call Trace:
[   16.949246]  <TASK>
[   16.949272]  dump_stack_lvl+0x73/0xb0
[   16.949316]  print_report+0xd1/0x640
[   16.949351]  ? __virt_addr_valid+0x1db/0x2d0
[   16.949386]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   16.949413]  ? kasan_complete_mode_report_info+0x2a/0x200
[   16.949452]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   16.949566]  kasan_report+0x140/0x180
[   16.949610]  ? krealloc_less_oob_helper+0xe92/0x11d0
[   16.949645]  __asan_report_store1_noabort+0x1b/0x30
[   16.949675]  krealloc_less_oob_helper+0xe92/0x11d0
[   16.949705]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.949734]  ? finish_task_switch.isra.0+0x153/0x700
[   16.949763]  ? __switch_to+0x5d9/0xf60
[   16.949794]  ? __schedule+0xc49/0x27a0
[   16.949864]  ? __pfx_read_tsc+0x10/0x10
[   16.949897]  krealloc_less_oob+0x1c/0x30
[   16.949922]  kunit_try_run_case+0x1a6/0x480
[   16.949953]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.949980]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   16.950007]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.950040]  ? __kthread_parkme+0x82/0x160
[   16.950066]  ? preempt_count_sub+0x50/0x80
[   16.950094]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.950120]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.950156]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.950192]  kthread+0x257/0x310
[   16.950240]  ? __pfx_kthread+0x10/0x10
[   16.950268]  ret_from_fork+0x41/0x80
[   16.950296]  ? __pfx_kthread+0x10/0x10
[   16.950321]  ret_from_fork_asm+0x1a/0x30
[   16.950363]  </TASK>
[   16.950377] 
[   16.970408] Allocated by task 163:
[   16.971586]  kasan_save_stack+0x45/0x70
[   16.972012]  kasan_save_track+0x18/0x40
[   16.972179]  kasan_save_alloc_info+0x3b/0x50
[   16.972504]  __kasan_krealloc+0x190/0x1f0
[   16.973162]  krealloc_noprof+0xc1/0x140
[   16.973919]  krealloc_less_oob_helper+0x1ab/0x11d0
[   16.974710]  krealloc_less_oob+0x1c/0x30
[   16.975310]  kunit_try_run_case+0x1a6/0x480
[   16.976062]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.976686]  kthread+0x257/0x310
[   16.977106]  ret_from_fork+0x41/0x80
[   16.977812]  ret_from_fork_asm+0x1a/0x30
[   16.978350] 
[   16.979079] The buggy address belongs to the object at ffff88810099d400
[   16.979079]  which belongs to the cache kmalloc-256 of size 256
[   16.980381] The buggy address is located 33 bytes to the right of
[   16.980381]  allocated 201-byte region [ffff88810099d400, ffff88810099d4c9)
[   16.982176] 
[   16.982758] The buggy address belongs to the physical page:
[   16.983376] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c
[   16.984409] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.985366] flags: 0x200000000000040(head|node=0|zone=2)
[   16.986093] page_type: f5(slab)
[   16.986478] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.987312] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   16.988415] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.989288] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   16.989914] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000
[   16.990500] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   16.991016] page dumped because: kasan: bad access detected
[   16.991852] 
[   16.992132] Memory state around the buggy address:
[   16.992654]  ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.993795]  ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.994055] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.994379]                                                           ^
[   16.995440]  ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.996624]  ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.996972] ==================================================================
[   16.894558] ==================================================================
[   16.895649] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0
[   16.896410] Write of size 1 at addr ffff88810099d4da by task kunit_try_catch/163
[   16.897037] 
[   16.897284] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   16.897401] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.897437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.897493] Call Trace:
[   16.897543]  <TASK>
[   16.897592]  dump_stack_lvl+0x73/0xb0
[   16.897670]  print_report+0xd1/0x640
[   16.897743]  ? __virt_addr_valid+0x1db/0x2d0
[   16.897818]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   16.897982]  ? kasan_complete_mode_report_info+0x2a/0x200
[   16.898057]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   16.898126]  kasan_report+0x140/0x180
[   16.898200]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   16.898305]  __asan_report_store1_noabort+0x1b/0x30
[   16.898377]  krealloc_less_oob_helper+0xec8/0x11d0
[   16.898455]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.898619]  ? finish_task_switch.isra.0+0x153/0x700
[   16.898686]  ? __switch_to+0x5d9/0xf60
[   16.898747]  ? __schedule+0xc49/0x27a0
[   16.898778]  ? __pfx_read_tsc+0x10/0x10
[   16.898815]  krealloc_less_oob+0x1c/0x30
[   16.898876]  kunit_try_run_case+0x1a6/0x480
[   16.898910]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.898938]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   16.898966]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.899001]  ? __kthread_parkme+0x82/0x160
[   16.899028]  ? preempt_count_sub+0x50/0x80
[   16.899056]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.899083]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.899118]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.899154]  kthread+0x257/0x310
[   16.899179]  ? __pfx_kthread+0x10/0x10
[   16.899205]  ret_from_fork+0x41/0x80
[   16.899269]  ? __pfx_kthread+0x10/0x10
[   16.899297]  ret_from_fork_asm+0x1a/0x30
[   16.899337]  </TASK>
[   16.899351] 
[   16.916454] Allocated by task 163:
[   16.916868]  kasan_save_stack+0x45/0x70
[   16.917755]  kasan_save_track+0x18/0x40
[   16.918342]  kasan_save_alloc_info+0x3b/0x50
[   16.918973]  __kasan_krealloc+0x190/0x1f0
[   16.919461]  krealloc_noprof+0xc1/0x140
[   16.919809]  krealloc_less_oob_helper+0x1ab/0x11d0
[   16.920413]  krealloc_less_oob+0x1c/0x30
[   16.920847]  kunit_try_run_case+0x1a6/0x480
[   16.921371]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.922199]  kthread+0x257/0x310
[   16.923010]  ret_from_fork+0x41/0x80
[   16.923401]  ret_from_fork_asm+0x1a/0x30
[   16.923769] 
[   16.924067] The buggy address belongs to the object at ffff88810099d400
[   16.924067]  which belongs to the cache kmalloc-256 of size 256
[   16.924935] The buggy address is located 17 bytes to the right of
[   16.924935]  allocated 201-byte region [ffff88810099d400, ffff88810099d4c9)
[   16.926131] 
[   16.926336] The buggy address belongs to the physical page:
[   16.927110] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c
[   16.928010] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.929648] flags: 0x200000000000040(head|node=0|zone=2)
[   16.930127] page_type: f5(slab)
[   16.930678] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.931744] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   16.932465] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.933272] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   16.934256] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000
[   16.935296] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   16.936161] page dumped because: kasan: bad access detected
[   16.937043] 
[   16.937235] Memory state around the buggy address:
[   16.938426]  ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.939365]  ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.940330] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.941091]                                                     ^
[   16.941470]  ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.942693]  ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.944169] ==================================================================
[   17.175701] ==================================================================
[   17.176782] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0
[   17.177892] Write of size 1 at addr ffff888102be20d0 by task kunit_try_catch/167
[   17.179119] 
[   17.179804] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   17.179907] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.179924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.179954] Call Trace:
[   17.179978]  <TASK>
[   17.180001]  dump_stack_lvl+0x73/0xb0
[   17.180044]  print_report+0xd1/0x640
[   17.180080]  ? __virt_addr_valid+0x1db/0x2d0
[   17.180115]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   17.180144]  ? kasan_addr_to_slab+0x11/0xa0
[   17.180177]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   17.180207]  kasan_report+0x140/0x180
[   17.180271]  ? krealloc_less_oob_helper+0xe25/0x11d0
[   17.180309]  __asan_report_store1_noabort+0x1b/0x30
[   17.180340]  krealloc_less_oob_helper+0xe25/0x11d0
[   17.180373]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.180403]  ? finish_task_switch.isra.0+0x153/0x700
[   17.180433]  ? __switch_to+0x5d9/0xf60
[   17.180547]  ? __schedule+0xc49/0x27a0
[   17.180598]  ? __pfx_read_tsc+0x10/0x10
[   17.180631]  krealloc_large_less_oob+0x1c/0x30
[   17.180659]  kunit_try_run_case+0x1a6/0x480
[   17.180693]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.180722]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   17.180749]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.180783]  ? __kthread_parkme+0x82/0x160
[   17.180837]  ? preempt_count_sub+0x50/0x80
[   17.180894]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.180923]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.180959]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.180995]  kthread+0x257/0x310
[   17.181019]  ? __pfx_kthread+0x10/0x10
[   17.181044]  ret_from_fork+0x41/0x80
[   17.181072]  ? __pfx_kthread+0x10/0x10
[   17.181097]  ret_from_fork_asm+0x1a/0x30
[   17.181137]  </TASK>
[   17.181150] 
[   17.202325] The buggy address belongs to the physical page:
[   17.202841] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be0
[   17.203758] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.205252] flags: 0x200000000000040(head|node=0|zone=2)
[   17.205769] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.206588] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.208199] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.209170] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.209780] head: 0200000000000002 ffffea00040af801 ffffffffffffffff 0000000000000000
[   17.210693] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   17.211691] page dumped because: kasan: bad access detected
[   17.212928] 
[   17.213607] Memory state around the buggy address:
[   17.214025]  ffff888102be1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.214778]  ffff888102be2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.215599] >ffff888102be2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.216281]                                                  ^
[   17.217002]  ffff888102be2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.218005]  ffff888102be2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.219380] ==================================================================
[   17.220901] ==================================================================
[   17.222022] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0
[   17.223123] Write of size 1 at addr ffff888102be20da by task kunit_try_catch/167
[   17.224316] 
[   17.224607] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   17.224745] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.224771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.224845] Call Trace:
[   17.224961]  <TASK>
[   17.225043]  dump_stack_lvl+0x73/0xb0
[   17.225142]  print_report+0xd1/0x640
[   17.225209]  ? __virt_addr_valid+0x1db/0x2d0
[   17.225301]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   17.225365]  ? kasan_addr_to_slab+0x11/0xa0
[   17.225426]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   17.225489]  kasan_report+0x140/0x180
[   17.225555]  ? krealloc_less_oob_helper+0xec8/0x11d0
[   17.225629]  __asan_report_store1_noabort+0x1b/0x30
[   17.225703]  krealloc_less_oob_helper+0xec8/0x11d0
[   17.225785]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   17.225865]  ? finish_task_switch.isra.0+0x153/0x700
[   17.225941]  ? __switch_to+0x5d9/0xf60
[   17.226031]  ? __schedule+0xc49/0x27a0
[   17.226066]  ? __pfx_read_tsc+0x10/0x10
[   17.226100]  krealloc_large_less_oob+0x1c/0x30
[   17.226134]  kunit_try_run_case+0x1a6/0x480
[   17.226172]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.226204]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   17.226312]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.226402]  ? __kthread_parkme+0x82/0x160
[   17.226439]  ? preempt_count_sub+0x50/0x80
[   17.226550]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.226602]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.226646]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.226688]  kthread+0x257/0x310
[   17.226716]  ? __pfx_kthread+0x10/0x10
[   17.226746]  ret_from_fork+0x41/0x80
[   17.226776]  ? __pfx_kthread+0x10/0x10
[   17.226804]  ret_from_fork_asm+0x1a/0x30
[   17.226889]  </TASK>
[   17.226906] 
[   17.248075] The buggy address belongs to the physical page:
[   17.248788] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be0
[   17.249775] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.250402] flags: 0x200000000000040(head|node=0|zone=2)
[   17.251427] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.252340] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.253173] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.253824] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.254936] head: 0200000000000002 ffffea00040af801 ffffffffffffffff 0000000000000000
[   17.255534] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   17.256338] page dumped because: kasan: bad access detected
[   17.257083] 
[   17.257337] Memory state around the buggy address:
[   17.257816]  ffff888102be1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.258631]  ffff888102be2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.259882] >ffff888102be2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.260960]                                                     ^
[   17.261426]  ffff888102be2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.262425]  ffff888102be2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.263131] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2yB0eeX4UzmhPDfrKWxPX2wv5o6

job_id

TEST:linaro@lkft#2yB0m9BWvAXWIadZjt7aBi8BypZ

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yB0m9BWvAXWIadZjt7aBi8BypZ

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yB0hrh7appAmhfJo9vahI2Nd2E/bzImage
sha256sum	7355f8f31abc3d43a9edd45ee27499ce5e6aab34f6b1008ffee878dd3397a30b

rootfs

url	https://storage.tuxboot.com/debian/20250605/trixie/amd64/rootfs.ext4.xz
sha256sum	bb36936f45b20f4af35993e582d98e781104116519f71565c7a97bddc546f892

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yB0hrh7appAmhfJo9vahI2Nd2E/modules.tar.xz
sha256sum	9c4f87fa74376a6842bcdafcd009f619e72e6a6b1e7e60ae1963bf27f31fb32b

durations

tests

boot	0
kunit	327.95

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit