Hay
Sign in
Date
June 7, 2025, 10:40 a.m.

Environment
qemu-arm64
qemu-x86_64 

[   20.551104] ==================================================================
[   20.552143] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x628/0x690
[   20.552792] Write of size 1 at addr fff00000c1e2d6eb by task kunit_try_catch/144
[   20.554151] 
[   20.554619] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   20.554870] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.554949] Hardware name: linux,dummy-virt (DT)
[   20.555036] Call trace:
[   20.555067]  dump_backtrace+0x9c/0x128
[   20.555123]  show_stack+0x20/0x38
[   20.555167]  dump_stack_lvl+0x8c/0xd0
[   20.555212]  print_report+0x118/0x5f0
[   20.555254]  kasan_report+0xdc/0x128
[   20.555296]  __asan_report_store1_noabort+0x20/0x30
[   20.555345]  krealloc_more_oob_helper+0x628/0x690
[   20.555450]  krealloc_more_oob+0x20/0x38
[   20.555558]  kunit_try_run_case+0x170/0x3f0
[   20.555663]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.555746]  kthread+0x24c/0x2d0
[   20.555795]  ret_from_fork+0x10/0x20
[   20.555842] 
[   20.563622] Allocated by task 144:
[   20.564044]  kasan_save_stack+0x3c/0x68
[   20.564745]  kasan_save_track+0x20/0x40
[   20.565403]  kasan_save_alloc_info+0x40/0x58
[   20.566013]  __kasan_krealloc+0x118/0x178
[   20.566856]  krealloc_noprof+0x10c/0x1a0
[   20.567737]  krealloc_more_oob_helper+0x170/0x690
[   20.569041]  krealloc_more_oob+0x20/0x38
[   20.569776]  kunit_try_run_case+0x170/0x3f0
[   20.570333]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.571055]  kthread+0x24c/0x2d0
[   20.571553]  ret_from_fork+0x10/0x20
[   20.572021] 
[   20.572372] The buggy address belongs to the object at fff00000c1e2d600
[   20.572372]  which belongs to the cache kmalloc-256 of size 256
[   20.573583] The buggy address is located 0 bytes to the right of
[   20.573583]  allocated 235-byte region [fff00000c1e2d600, fff00000c1e2d6eb)
[   20.574809] 
[   20.575183] The buggy address belongs to the physical page:
[   20.575887] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e2c
[   20.577301] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.578278] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.579054] page_type: f5(slab)
[   20.579468] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.580633] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.581538] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.582461] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.583407] head: 0bfffe0000000001 ffffc1ffc3078b01 ffffffffffffffff 0000000000000000
[   20.584422] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   20.585375] page dumped because: kasan: bad access detected
[   20.586009] 
[   20.586296] Memory state around the buggy address:
[   20.586837]  fff00000c1e2d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.587872]  fff00000c1e2d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.588875] >fff00000c1e2d680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   20.589927]                                                           ^
[   20.590576]  fff00000c1e2d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.591511]  fff00000c1e2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.592340] ==================================================================
[   20.901491] ==================================================================
[   20.902849] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5dc/0x690
[   20.904635] Write of size 1 at addr fff00000c68ee0f0 by task kunit_try_catch/148
[   20.905777] 
[   20.906127] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   20.906331] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.906405] Hardware name: linux,dummy-virt (DT)
[   20.906496] Call trace:
[   20.906560]  dump_backtrace+0x9c/0x128
[   20.906671]  show_stack+0x20/0x38
[   20.906774]  dump_stack_lvl+0x8c/0xd0
[   20.906865]  print_report+0x118/0x5f0
[   20.906911]  kasan_report+0xdc/0x128
[   20.906954]  __asan_report_store1_noabort+0x20/0x30
[   20.907039]  krealloc_more_oob_helper+0x5dc/0x690
[   20.907094]  krealloc_large_more_oob+0x20/0x38
[   20.907146]  kunit_try_run_case+0x170/0x3f0
[   20.907194]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.907248]  kthread+0x24c/0x2d0
[   20.907291]  ret_from_fork+0x10/0x20
[   20.907339] 
[   20.914275] The buggy address belongs to the physical page:
[   20.915050] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1068ec
[   20.915890] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.916685] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.917506] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.918328] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.919091] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.919889] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.920726] head: 0bfffe0000000002 ffffc1ffc31a3b01 ffffffffffffffff 0000000000000000
[   20.921553] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   20.922393] page dumped because: kasan: bad access detected
[   20.922819] 
[   20.924362] Memory state around the buggy address:
[   20.925597]  fff00000c68edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.927655]  fff00000c68ee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.928956] >fff00000c68ee080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   20.931039]                                                              ^
[   20.932215]  fff00000c68ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.932736]  fff00000c68ee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.934313] ==================================================================
[   20.594176] ==================================================================
[   20.595436] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5dc/0x690
[   20.596526] Write of size 1 at addr fff00000c1e2d6f0 by task kunit_try_catch/144
[   20.597091] 
[   20.597365] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   20.597465] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.597497] Hardware name: linux,dummy-virt (DT)
[   20.597534] Call trace:
[   20.597560]  dump_backtrace+0x9c/0x128
[   20.597614]  show_stack+0x20/0x38
[   20.597656]  dump_stack_lvl+0x8c/0xd0
[   20.597702]  print_report+0x118/0x5f0
[   20.597747]  kasan_report+0xdc/0x128
[   20.597794]  __asan_report_store1_noabort+0x20/0x30
[   20.597847]  krealloc_more_oob_helper+0x5dc/0x690
[   20.597901]  krealloc_more_oob+0x20/0x38
[   20.597951]  kunit_try_run_case+0x170/0x3f0
[   20.598098]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.598310]  kthread+0x24c/0x2d0
[   20.598477]  ret_from_fork+0x10/0x20
[   20.598626] 
[   20.606235] Allocated by task 144:
[   20.606730]  kasan_save_stack+0x3c/0x68
[   20.608270]  kasan_save_track+0x20/0x40
[   20.608827]  kasan_save_alloc_info+0x40/0x58
[   20.609453]  __kasan_krealloc+0x118/0x178
[   20.610075]  krealloc_noprof+0x10c/0x1a0
[   20.610719]  krealloc_more_oob_helper+0x170/0x690
[   20.611348]  krealloc_more_oob+0x20/0x38
[   20.612289]  kunit_try_run_case+0x170/0x3f0
[   20.612877]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.613542]  kthread+0x24c/0x2d0
[   20.614038]  ret_from_fork+0x10/0x20
[   20.614546] 
[   20.614876] The buggy address belongs to the object at fff00000c1e2d600
[   20.614876]  which belongs to the cache kmalloc-256 of size 256
[   20.616265] The buggy address is located 5 bytes to the right of
[   20.616265]  allocated 235-byte region [fff00000c1e2d600, fff00000c1e2d6eb)
[   20.617461] 
[   20.617746] The buggy address belongs to the physical page:
[   20.619344] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e2c
[   20.620453] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.621265] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.622030] page_type: f5(slab)
[   20.622512] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.623306] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.624739] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   20.625654] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   20.626483] head: 0bfffe0000000001 ffffc1ffc3078b01 ffffffffffffffff 0000000000000000
[   20.627285] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   20.628335] page dumped because: kasan: bad access detected
[   20.628945] 
[   20.629467] Memory state around the buggy address:
[   20.629914]  fff00000c1e2d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.630772]  fff00000c1e2d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.632227] >fff00000c1e2d680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   20.633055]                                                              ^
[   20.634001]  fff00000c1e2d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.634751]  fff00000c1e2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.635809] ==================================================================
[   20.870281] ==================================================================
[   20.871299] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x628/0x690
[   20.872501] Write of size 1 at addr fff00000c68ee0eb by task kunit_try_catch/148
[   20.873915] 
[   20.874387] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   20.874600] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.874694] Hardware name: linux,dummy-virt (DT)
[   20.874809] Call trace:
[   20.874878]  dump_backtrace+0x9c/0x128
[   20.875008]  show_stack+0x20/0x38
[   20.875070]  dump_stack_lvl+0x8c/0xd0
[   20.875123]  print_report+0x118/0x5f0
[   20.875166]  kasan_report+0xdc/0x128
[   20.875209]  __asan_report_store1_noabort+0x20/0x30
[   20.875259]  krealloc_more_oob_helper+0x628/0x690
[   20.875310]  krealloc_large_more_oob+0x20/0x38
[   20.875365]  kunit_try_run_case+0x170/0x3f0
[   20.875499]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.875617]  kthread+0x24c/0x2d0
[   20.875711]  ret_from_fork+0x10/0x20
[   20.875768] 
[   20.884459] The buggy address belongs to the physical page:
[   20.885371] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1068ec
[   20.886168] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.886921] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.887926] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.889084] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.889886] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.890638] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.891443] head: 0bfffe0000000002 ffffc1ffc31a3b01 ffffffffffffffff 0000000000000000
[   20.892376] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   20.893121] page dumped because: kasan: bad access detected
[   20.893674] 
[   20.893991] Memory state around the buggy address:
[   20.894525]  fff00000c68edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.895306]  fff00000c68ee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.896662] >fff00000c68ee080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   20.897617]                                                           ^
[   20.898160]  fff00000c68ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.898921]  fff00000c68ee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.900217] ==================================================================
Metadata Full log Test run details 

[   17.087359] ==================================================================
[   17.090327] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930
[   17.090922] Write of size 1 at addr ffff8881022c60f0 by task kunit_try_catch/165
[   17.092172] 
[   17.092453] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   17.092583] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.092619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.092679] Call Trace:
[   17.092731]  <TASK>
[   17.092783]  dump_stack_lvl+0x73/0xb0
[   17.092883]  print_report+0xd1/0x640
[   17.092968]  ? __virt_addr_valid+0x1db/0x2d0
[   17.093007]  ? krealloc_more_oob_helper+0x7ed/0x930
[   17.093036]  ? kasan_addr_to_slab+0x11/0xa0
[   17.093069]  ? krealloc_more_oob_helper+0x7ed/0x930
[   17.093099]  kasan_report+0x140/0x180
[   17.093132]  ? krealloc_more_oob_helper+0x7ed/0x930
[   17.093166]  __asan_report_store1_noabort+0x1b/0x30
[   17.093197]  krealloc_more_oob_helper+0x7ed/0x930
[   17.093256]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   17.093293]  ? __schedule+0x1bb4/0x27a0
[   17.093320]  ? schedule+0x7c/0x310
[   17.093344]  ? trace_hardirqs_on+0x37/0xe0
[   17.093377]  ? __schedule+0x1bb4/0x27a0
[   17.093402]  ? __pfx_read_tsc+0x10/0x10
[   17.093432]  krealloc_large_more_oob+0x1c/0x30
[   17.093459]  kunit_try_run_case+0x1a6/0x480
[   17.093491]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.093519]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   17.093546]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.093581]  ? __kthread_parkme+0x82/0x160
[   17.093608]  ? preempt_count_sub+0x50/0x80
[   17.093638]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.093664]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.093699]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.093735]  kthread+0x257/0x310
[   17.093759]  ? __pfx_kthread+0x10/0x10
[   17.093785]  ret_from_fork+0x41/0x80
[   17.093824]  ? __pfx_kthread+0x10/0x10
[   17.093878]  ret_from_fork_asm+0x1a/0x30
[   17.093921]  </TASK>
[   17.093935] 
[   17.114226] The buggy address belongs to the physical page:
[   17.115457] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c4
[   17.116601] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.117410] flags: 0x200000000000040(head|node=0|zone=2)
[   17.118164] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.118755] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.119437] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.120352] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.121416] head: 0200000000000002 ffffea000408b101 ffffffffffffffff 0000000000000000
[   17.121949] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   17.122524] page dumped because: kasan: bad access detected
[   17.122981] 
[   17.123187] Memory state around the buggy address:
[   17.124073]  ffff8881022c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.124771]  ffff8881022c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.125614] >ffff8881022c6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   17.126506]                                                              ^
[   17.127234]  ffff8881022c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.127739]  ffff8881022c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.128523] ==================================================================
[   17.048281] ==================================================================
[   17.049126] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930
[   17.049769] Write of size 1 at addr ffff8881022c60eb by task kunit_try_catch/165
[   17.051188] 
[   17.051415] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   17.051490] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.051526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   17.051582] Call Trace:
[   17.051623]  <TASK>
[   17.051672]  dump_stack_lvl+0x73/0xb0
[   17.051730]  print_report+0xd1/0x640
[   17.051785]  ? __virt_addr_valid+0x1db/0x2d0
[   17.051880]  ? krealloc_more_oob_helper+0x823/0x930
[   17.051930]  ? kasan_addr_to_slab+0x11/0xa0
[   17.051963]  ? krealloc_more_oob_helper+0x823/0x930
[   17.051992]  kasan_report+0x140/0x180
[   17.052026]  ? krealloc_more_oob_helper+0x823/0x930
[   17.052061]  __asan_report_store1_noabort+0x1b/0x30
[   17.052092]  krealloc_more_oob_helper+0x823/0x930
[   17.052123]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   17.052153]  ? __schedule+0x1bb4/0x27a0
[   17.052179]  ? schedule+0x7c/0x310
[   17.052201]  ? trace_hardirqs_on+0x37/0xe0
[   17.052298]  ? __schedule+0x1bb4/0x27a0
[   17.052368]  ? __pfx_read_tsc+0x10/0x10
[   17.052423]  krealloc_large_more_oob+0x1c/0x30
[   17.052453]  kunit_try_run_case+0x1a6/0x480
[   17.052486]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.052516]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   17.052544]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   17.052579]  ? __kthread_parkme+0x82/0x160
[   17.052606]  ? preempt_count_sub+0x50/0x80
[   17.052636]  ? __pfx_kunit_try_run_case+0x10/0x10
[   17.052663]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   17.052698]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   17.052734]  kthread+0x257/0x310
[   17.052761]  ? __pfx_kthread+0x10/0x10
[   17.052788]  ret_from_fork+0x41/0x80
[   17.052834]  ? __pfx_kthread+0x10/0x10
[   17.052887]  ret_from_fork_asm+0x1a/0x30
[   17.052930]  </TASK>
[   17.052944] 
[   17.071628] The buggy address belongs to the physical page:
[   17.072871] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c4
[   17.073723] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.074404] flags: 0x200000000000040(head|node=0|zone=2)
[   17.074869] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.075774] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.076565] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   17.076833] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.078400] head: 0200000000000002 ffffea000408b101 ffffffffffffffff 0000000000000000
[   17.079055] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   17.079638] page dumped because: kasan: bad access detected
[   17.080530] 
[   17.080700] Memory state around the buggy address:
[   17.081016]  ffff8881022c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.082125]  ffff8881022c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.082802] >ffff8881022c6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   17.083587]                                                           ^
[   17.084310]  ffff8881022c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.085152]  ffff8881022c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.086166] ==================================================================
[   16.689190] ==================================================================
[   16.690459] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930
[   16.691428] Write of size 1 at addr ffff88810099d2eb by task kunit_try_catch/161
[   16.692320] 
[   16.692502] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   16.692565] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.692581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.692611] Call Trace:
[   16.692630]  <TASK>
[   16.692654]  dump_stack_lvl+0x73/0xb0
[   16.692695]  print_report+0xd1/0x640
[   16.692729]  ? __virt_addr_valid+0x1db/0x2d0
[   16.692764]  ? krealloc_more_oob_helper+0x823/0x930
[   16.692791]  ? kasan_complete_mode_report_info+0x2a/0x200
[   16.692851]  ? krealloc_more_oob_helper+0x823/0x930
[   16.692885]  kasan_report+0x140/0x180
[   16.692921]  ? krealloc_more_oob_helper+0x823/0x930
[   16.692956]  __asan_report_store1_noabort+0x1b/0x30
[   16.692987]  krealloc_more_oob_helper+0x823/0x930
[   16.693014]  ? __schedule+0xc49/0x27a0
[   16.693044]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   16.693073]  ? finish_task_switch.isra.0+0x153/0x700
[   16.693107]  ? __switch_to+0x5d9/0xf60
[   16.693156]  ? __schedule+0xc49/0x27a0
[   16.693182]  ? __pfx_read_tsc+0x10/0x10
[   16.693234]  krealloc_more_oob+0x1c/0x30
[   16.693301]  kunit_try_run_case+0x1a6/0x480
[   16.693376]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.693443]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   16.693510]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.693588]  ? __kthread_parkme+0x82/0x160
[   16.693759]  ? preempt_count_sub+0x50/0x80
[   16.693861]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.693928]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.694003]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.694084]  kthread+0x257/0x310
[   16.694197]  ? __pfx_kthread+0x10/0x10
[   16.694252]  ret_from_fork+0x41/0x80
[   16.694283]  ? __pfx_kthread+0x10/0x10
[   16.694309]  ret_from_fork_asm+0x1a/0x30
[   16.694351]  </TASK>
[   16.694364] 
[   16.711995] Allocated by task 161:
[   16.712879]  kasan_save_stack+0x45/0x70
[   16.713300]  kasan_save_track+0x18/0x40
[   16.713728]  kasan_save_alloc_info+0x3b/0x50
[   16.714155]  __kasan_krealloc+0x190/0x1f0
[   16.714817]  krealloc_noprof+0xc1/0x140
[   16.715276]  krealloc_more_oob_helper+0x1aa/0x930
[   16.715930]  krealloc_more_oob+0x1c/0x30
[   16.716337]  kunit_try_run_case+0x1a6/0x480
[   16.716921]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.717378]  kthread+0x257/0x310
[   16.717998]  ret_from_fork+0x41/0x80
[   16.718432]  ret_from_fork_asm+0x1a/0x30
[   16.719046] 
[   16.719306] The buggy address belongs to the object at ffff88810099d200
[   16.719306]  which belongs to the cache kmalloc-256 of size 256
[   16.720403] The buggy address is located 0 bytes to the right of
[   16.720403]  allocated 235-byte region [ffff88810099d200, ffff88810099d2eb)
[   16.721705] 
[   16.721988] The buggy address belongs to the physical page:
[   16.722537] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c
[   16.723471] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.724058] flags: 0x200000000000040(head|node=0|zone=2)
[   16.724501] page_type: f5(slab)
[   16.724856] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.725685] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   16.726239] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.727058] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   16.727862] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000
[   16.728433] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   16.729287] page dumped because: kasan: bad access detected
[   16.729958] 
[   16.730174] Memory state around the buggy address:
[   16.730731]  ffff88810099d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.731567]  ffff88810099d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.732163] >ffff88810099d280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   16.732859]                                                           ^
[   16.733690]  ffff88810099d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.734287]  ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.735031] ==================================================================
[   16.738164] ==================================================================
[   16.738910] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930
[   16.739532] Write of size 1 at addr ffff88810099d2f0 by task kunit_try_catch/161
[   16.740478] 
[   16.740724] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   16.740786] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.740803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.740855] Call Trace:
[   16.740898]  <TASK>
[   16.741009]  dump_stack_lvl+0x73/0xb0
[   16.741264]  print_report+0xd1/0x640
[   16.741346]  ? __virt_addr_valid+0x1db/0x2d0
[   16.741423]  ? krealloc_more_oob_helper+0x7ed/0x930
[   16.741508]  ? kasan_complete_mode_report_info+0x2a/0x200
[   16.741718]  ? krealloc_more_oob_helper+0x7ed/0x930
[   16.741789]  kasan_report+0x140/0x180
[   16.741871]  ? krealloc_more_oob_helper+0x7ed/0x930
[   16.741980]  __asan_report_store1_noabort+0x1b/0x30
[   16.742014]  krealloc_more_oob_helper+0x7ed/0x930
[   16.742042]  ? __schedule+0xc49/0x27a0
[   16.742072]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   16.742101]  ? finish_task_switch.isra.0+0x153/0x700
[   16.742129]  ? __switch_to+0x5d9/0xf60
[   16.742161]  ? __schedule+0xc49/0x27a0
[   16.742186]  ? __pfx_read_tsc+0x10/0x10
[   16.742243]  krealloc_more_oob+0x1c/0x30
[   16.742273]  kunit_try_run_case+0x1a6/0x480
[   16.742307]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.742335]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   16.742363]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.742397]  ? __kthread_parkme+0x82/0x160
[   16.742423]  ? preempt_count_sub+0x50/0x80
[   16.742490]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.742561]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.742629]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.742670]  kthread+0x257/0x310
[   16.742695]  ? __pfx_kthread+0x10/0x10
[   16.742720]  ret_from_fork+0x41/0x80
[   16.742748]  ? __pfx_kthread+0x10/0x10
[   16.742798]  ret_from_fork_asm+0x1a/0x30
[   16.742899]  </TASK>
[   16.742916] 
[   16.759832] Allocated by task 161:
[   16.760269]  kasan_save_stack+0x45/0x70
[   16.760872]  kasan_save_track+0x18/0x40
[   16.761880]  kasan_save_alloc_info+0x3b/0x50
[   16.762268]  __kasan_krealloc+0x190/0x1f0
[   16.762633]  krealloc_noprof+0xc1/0x140
[   16.763043]  krealloc_more_oob_helper+0x1aa/0x930
[   16.763724]  krealloc_more_oob+0x1c/0x30
[   16.764039]  kunit_try_run_case+0x1a6/0x480
[   16.764423]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.764923]  kthread+0x257/0x310
[   16.765547]  ret_from_fork+0x41/0x80
[   16.766028]  ret_from_fork_asm+0x1a/0x30
[   16.766464] 
[   16.766814] The buggy address belongs to the object at ffff88810099d200
[   16.766814]  which belongs to the cache kmalloc-256 of size 256
[   16.767638] The buggy address is located 5 bytes to the right of
[   16.767638]  allocated 235-byte region [ffff88810099d200, ffff88810099d2eb)
[   16.768999] 
[   16.769267] The buggy address belongs to the physical page:
[   16.769778] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c
[   16.770512] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.772162] flags: 0x200000000000040(head|node=0|zone=2)
[   16.773181] page_type: f5(slab)
[   16.773597] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.774714] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   16.775490] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.776703] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   16.777411] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000
[   16.778599] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   16.779408] page dumped because: kasan: bad access detected
[   16.780175] 
[   16.780593] Memory state around the buggy address:
[   16.781248]  ffff88810099d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.781754]  ffff88810099d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.783096] >ffff88810099d280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   16.783714]                                                              ^
[   16.784666]  ffff88810099d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.785415]  ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.786400] ==================================================================
Metadata Full log Test run details