Hay
Sign in
Date
May 12, 2025, 6:12 p.m.

Environment
qemu-arm64
qemu-x86_64 

[   18.097420] ==================================================================
[   18.098153] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x614/0x680
[   18.099308] Write of size 1 at addr fff00000c49e0eeb by task kunit_try_catch/145
[   18.100082] 
[   18.100380] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   18.100587] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.100656] Hardware name: linux,dummy-virt (DT)
[   18.100746] Call trace:
[   18.100792]  show_stack+0x20/0x38 (C)
[   18.100865]  dump_stack_lvl+0x8c/0xd0
[   18.100946]  print_report+0x118/0x608
[   18.101048]  kasan_report+0xdc/0x128
[   18.101146]  __asan_report_store1_noabort+0x20/0x30
[   18.101255]  krealloc_more_oob_helper+0x614/0x680
[   18.101374]  krealloc_more_oob+0x20/0x38
[   18.101476]  kunit_try_run_case+0x170/0x3f0
[   18.101593]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.101686]  kthread+0x318/0x620
[   18.101765]  ret_from_fork+0x10/0x20
[   18.101830] 
[   18.106605] Allocated by task 145:
[   18.107296]  kasan_save_stack+0x3c/0x68
[   18.107801]  kasan_save_track+0x20/0x40
[   18.108260]  kasan_save_alloc_info+0x40/0x58
[   18.108610]  __kasan_krealloc+0x118/0x178
[   18.109080]  krealloc_noprof+0x128/0x360
[   18.109418]  krealloc_more_oob_helper+0x168/0x680
[   18.109927]  krealloc_more_oob+0x20/0x38
[   18.110287]  kunit_try_run_case+0x170/0x3f0
[   18.111049]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.111565]  kthread+0x318/0x620
[   18.111889]  ret_from_fork+0x10/0x20
[   18.112321] 
[   18.112564] The buggy address belongs to the object at fff00000c49e0e00
[   18.112564]  which belongs to the cache kmalloc-256 of size 256
[   18.113504] The buggy address is located 0 bytes to the right of
[   18.113504]  allocated 235-byte region [fff00000c49e0e00, fff00000c49e0eeb)
[   18.114367] 
[   18.115143] The buggy address belongs to the physical page:
[   18.115563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1049e0
[   18.116137] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   18.116814] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   18.117402] page_type: f5(slab)
[   18.117780] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   18.118378] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   18.119275] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   18.119928] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   18.120557] head: 0bfffe0000000001 ffffc1ffc3127801 ffffffffffffffff 0000000000000000
[   18.121202] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   18.121818] page dumped because: kasan: bad access detected
[   18.122250] 
[   18.122790] Memory state around the buggy address:
[   18.123252]  fff00000c49e0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.123870]  fff00000c49e0e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.124487] >fff00000c49e0e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   18.125148]                                                           ^
[   18.125668]  fff00000c49e0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.126298]  fff00000c49e0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.127087] ==================================================================
[   18.330011] ==================================================================
[   18.331120] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x614/0x680
[   18.332412] Write of size 1 at addr fff00000c64ce0eb by task kunit_try_catch/149
[   18.332860] 
[   18.333098] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   18.333288] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.333355] Hardware name: linux,dummy-virt (DT)
[   18.333426] Call trace:
[   18.333474]  show_stack+0x20/0x38 (C)
[   18.333592]  dump_stack_lvl+0x8c/0xd0
[   18.333690]  print_report+0x118/0x608
[   18.333805]  kasan_report+0xdc/0x128
[   18.333912]  __asan_report_store1_noabort+0x20/0x30
[   18.334026]  krealloc_more_oob_helper+0x614/0x680
[   18.334153]  krealloc_large_more_oob+0x20/0x38
[   18.334255]  kunit_try_run_case+0x170/0x3f0
[   18.334315]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.334379]  kthread+0x318/0x620
[   18.334457]  ret_from_fork+0x10/0x20
[   18.334543] 
[   18.339483] The buggy address belongs to the physical page:
[   18.340355] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064cc
[   18.341019] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   18.341610] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   18.342261] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.343192] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   18.343879] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.344439] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   18.345062] head: 0bfffe0000000002 ffffc1ffc3193301 ffffffffffffffff 0000000000000000
[   18.345593] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   18.346171] page dumped because: kasan: bad access detected
[   18.346923] 
[   18.347119] Memory state around the buggy address:
[   18.347392]  fff00000c64cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.348034]  fff00000c64ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.348544] >fff00000c64ce080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   18.349178]                                                           ^
[   18.349596]  fff00000c64ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   18.350282]  fff00000c64ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   18.351109] ==================================================================
[   18.131443] ==================================================================
[   18.131979] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c8/0x680
[   18.132484] Write of size 1 at addr fff00000c49e0ef0 by task kunit_try_catch/145
[   18.133063] 
[   18.133381] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   18.133590] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.133654] Hardware name: linux,dummy-virt (DT)
[   18.133724] Call trace:
[   18.133792]  show_stack+0x20/0x38 (C)
[   18.133918]  dump_stack_lvl+0x8c/0xd0
[   18.134036]  print_report+0x118/0x608
[   18.134165]  kasan_report+0xdc/0x128
[   18.134239]  __asan_report_store1_noabort+0x20/0x30
[   18.134293]  krealloc_more_oob_helper+0x5c8/0x680
[   18.134347]  krealloc_more_oob+0x20/0x38
[   18.134398]  kunit_try_run_case+0x170/0x3f0
[   18.134453]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.134572]  kthread+0x318/0x620
[   18.134667]  ret_from_fork+0x10/0x20
[   18.134790] 
[   18.139624] Allocated by task 145:
[   18.139950]  kasan_save_stack+0x3c/0x68
[   18.140424]  kasan_save_track+0x20/0x40
[   18.140948]  kasan_save_alloc_info+0x40/0x58
[   18.141461]  __kasan_krealloc+0x118/0x178
[   18.141951]  krealloc_noprof+0x128/0x360
[   18.142365]  krealloc_more_oob_helper+0x168/0x680
[   18.143077]  krealloc_more_oob+0x20/0x38
[   18.143600]  kunit_try_run_case+0x170/0x3f0
[   18.144128]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.144640]  kthread+0x318/0x620
[   18.145084]  ret_from_fork+0x10/0x20
[   18.145532] 
[   18.145823] The buggy address belongs to the object at fff00000c49e0e00
[   18.145823]  which belongs to the cache kmalloc-256 of size 256
[   18.146959] The buggy address is located 5 bytes to the right of
[   18.146959]  allocated 235-byte region [fff00000c49e0e00, fff00000c49e0eeb)
[   18.148093] 
[   18.148368] The buggy address belongs to the physical page:
[   18.149103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1049e0
[   18.149979] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   18.150990] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   18.151649] page_type: f5(slab)
[   18.152179] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   18.152836] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   18.153488] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   18.154165] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   18.154823] head: 0bfffe0000000001 ffffc1ffc3127801 ffffffffffffffff 0000000000000000
[   18.155201] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   18.155877] page dumped because: kasan: bad access detected
[   18.156477] 
[   18.156767] Memory state around the buggy address:
[   18.157259]  fff00000c49e0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.157916]  fff00000c49e0e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.158465] >fff00000c49e0e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   18.159154]                                                              ^
[   18.159711]  fff00000c49e0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.160364]  fff00000c49e0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.161017] ==================================================================
[   18.352406] ==================================================================
[   18.352831] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c8/0x680
[   18.353357] Write of size 1 at addr fff00000c64ce0f0 by task kunit_try_catch/149
[   18.354003] 
[   18.354316] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   18.354534] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.354593] Hardware name: linux,dummy-virt (DT)
[   18.354655] Call trace:
[   18.354700]  show_stack+0x20/0x38 (C)
[   18.354823]  dump_stack_lvl+0x8c/0xd0
[   18.354916]  print_report+0x118/0x608
[   18.355016]  kasan_report+0xdc/0x128
[   18.355107]  __asan_report_store1_noabort+0x20/0x30
[   18.355193]  krealloc_more_oob_helper+0x5c8/0x680
[   18.355274]  krealloc_large_more_oob+0x20/0x38
[   18.355363]  kunit_try_run_case+0x170/0x3f0
[   18.355459]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.355569]  kthread+0x318/0x620
[   18.355664]  ret_from_fork+0x10/0x20
[   18.355777] 
[   18.360136] The buggy address belongs to the physical page:
[   18.360482] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064cc
[   18.362338] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   18.363282] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   18.363912] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.364481] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   18.365079] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.365640] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   18.366207] head: 0bfffe0000000002 ffffc1ffc3193301 ffffffffffffffff 0000000000000000
[   18.367022] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   18.367906] page dumped because: kasan: bad access detected
[   18.368611] 
[   18.368862] Memory state around the buggy address:
[   18.369243]  fff00000c64cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.369828]  fff00000c64ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.370363] >fff00000c64ce080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   18.371277]                                                              ^
[   18.371965]  fff00000c64ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   18.372496]  fff00000c64ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   18.372990] ==================================================================
Metadata Full log Test run details 

[   12.171014] ==================================================================
[   12.171405] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930
[   12.171772] Write of size 1 at addr ffff88810293a0f0 by task kunit_try_catch/168
[   12.172136] 
[   12.172674] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   12.172723] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.172736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.172757] Call Trace:
[   12.172779]  <TASK>
[   12.172813]  dump_stack_lvl+0x73/0xb0
[   12.172858]  print_report+0xd1/0x650
[   12.172881]  ? __virt_addr_valid+0x1db/0x2d0
[   12.172903]  ? krealloc_more_oob_helper+0x7ed/0x930
[   12.172926]  ? kasan_addr_to_slab+0x11/0xa0
[   12.172945]  ? krealloc_more_oob_helper+0x7ed/0x930
[   12.172967]  kasan_report+0x140/0x180
[   12.172988]  ? krealloc_more_oob_helper+0x7ed/0x930
[   12.173014]  __asan_report_store1_noabort+0x1b/0x30
[   12.173037]  krealloc_more_oob_helper+0x7ed/0x930
[   12.173057]  ? __schedule+0xce8/0x2840
[   12.173199]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   12.173223]  ? finish_task_switch.isra.0+0x153/0x700
[   12.173246]  ? __switch_to+0x5d9/0xf60
[   12.173272]  ? __schedule+0xce8/0x2840
[   12.173294]  ? __pfx_read_tsc+0x10/0x10
[   12.173318]  krealloc_large_more_oob+0x1c/0x30
[   12.173339]  kunit_try_run_case+0x1a6/0x480
[   12.173362]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.173382]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   12.173402]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.173426]  ? __kthread_parkme+0x82/0x160
[   12.173447]  ? preempt_count_sub+0x50/0x80
[   12.173470]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.173491]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.173516]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.173540]  kthread+0x324/0x6e0
[   12.173561]  ? trace_preempt_on+0x20/0xc0
[   12.173584]  ? __pfx_kthread+0x10/0x10
[   12.173605]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.173628]  ? calculate_sigpending+0x7b/0xa0
[   12.173648]  ? __pfx_kthread+0x10/0x10
[   12.173670]  ret_from_fork+0x41/0x80
[   12.173688]  ? __pfx_kthread+0x10/0x10
[   12.173709]  ret_from_fork_asm+0x1a/0x30
[   12.173746]  </TASK>
[   12.173757] 
[   12.185162] The buggy address belongs to the physical page:
[   12.185465] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938
[   12.185819] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.186454] flags: 0x200000000000040(head|node=0|zone=2)
[   12.186692] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.187335] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   12.187708] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.188374] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   12.188656] head: 0200000000000002 ffffea00040a4e01 ffffffffffffffff 0000000000000000
[   12.189181] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   12.189574] page dumped because: kasan: bad access detected
[   12.189814] 
[   12.189921] Memory state around the buggy address:
[   12.190118]  ffff888102939f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.190409]  ffff88810293a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.190687] >ffff88810293a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   12.191364]                                                              ^
[   12.191859]  ffff88810293a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.192464]  ffff88810293a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.192865] ==================================================================
[   11.960983] ==================================================================
[   11.962032] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930
[   11.962878] Write of size 1 at addr ffff888100a458eb by task kunit_try_catch/164
[   11.963601] 
[   11.963780] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   11.963826] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.963850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.963872] Call Trace:
[   11.963885]  <TASK>
[   11.963905]  dump_stack_lvl+0x73/0xb0
[   11.963934]  print_report+0xd1/0x650
[   11.963956]  ? __virt_addr_valid+0x1db/0x2d0
[   11.963978]  ? krealloc_more_oob_helper+0x823/0x930
[   11.964000]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.964024]  ? krealloc_more_oob_helper+0x823/0x930
[   11.964047]  kasan_report+0x140/0x180
[   11.964067]  ? krealloc_more_oob_helper+0x823/0x930
[   11.964093]  __asan_report_store1_noabort+0x1b/0x30
[   11.964116]  krealloc_more_oob_helper+0x823/0x930
[   11.964137]  ? __schedule+0xce8/0x2840
[   11.964161]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.964184]  ? finish_task_switch.isra.0+0x153/0x700
[   11.964208]  ? __switch_to+0x5d9/0xf60
[   11.964249]  ? __schedule+0xce8/0x2840
[   11.964272]  ? __pfx_read_tsc+0x10/0x10
[   11.964296]  krealloc_more_oob+0x1c/0x30
[   11.964316]  kunit_try_run_case+0x1a6/0x480
[   11.964340]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.964360]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.964380]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.964404]  ? __kthread_parkme+0x82/0x160
[   11.964426]  ? preempt_count_sub+0x50/0x80
[   11.964449]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.964470]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.964495]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.964520]  kthread+0x324/0x6e0
[   11.964541]  ? trace_preempt_on+0x20/0xc0
[   11.964564]  ? __pfx_kthread+0x10/0x10
[   11.964586]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.964608]  ? calculate_sigpending+0x7b/0xa0
[   11.964629]  ? __pfx_kthread+0x10/0x10
[   11.964651]  ret_from_fork+0x41/0x80
[   11.964669]  ? __pfx_kthread+0x10/0x10
[   11.964690]  ret_from_fork_asm+0x1a/0x30
[   11.964722]  </TASK>
[   11.964732] 
[   11.976647] Allocated by task 164:
[   11.976831]  kasan_save_stack+0x45/0x70
[   11.977031]  kasan_save_track+0x18/0x40
[   11.977225]  kasan_save_alloc_info+0x3b/0x50
[   11.977439]  __kasan_krealloc+0x190/0x1f0
[   11.977616]  krealloc_noprof+0xf3/0x340
[   11.977790]  krealloc_more_oob_helper+0x1aa/0x930
[   11.978221]  krealloc_more_oob+0x1c/0x30
[   11.978477]  kunit_try_run_case+0x1a6/0x480
[   11.978710]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.978900]  kthread+0x324/0x6e0
[   11.979163]  ret_from_fork+0x41/0x80
[   11.979439]  ret_from_fork_asm+0x1a/0x30
[   11.979580] 
[   11.979653] The buggy address belongs to the object at ffff888100a45800
[   11.979653]  which belongs to the cache kmalloc-256 of size 256
[   11.980211] The buggy address is located 0 bytes to the right of
[   11.980211]  allocated 235-byte region [ffff888100a45800, ffff888100a458eb)
[   11.980680] 
[   11.980757] The buggy address belongs to the physical page:
[   11.980970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a44
[   11.982070] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.982424] flags: 0x200000000000040(head|node=0|zone=2)
[   11.982692] page_type: f5(slab)
[   11.982873] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.983289] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.983615] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.983926] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.984301] head: 0200000000000001 ffffea0004029101 ffffffffffffffff 0000000000000000
[   11.984606] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   11.984892] page dumped because: kasan: bad access detected
[   11.985086] 
[   11.985157] Memory state around the buggy address:
[   11.985317]  ffff888100a45780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.985609]  ffff888100a45800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.986540] >ffff888100a45880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   11.986857]                                                           ^
[   11.987214]  ffff888100a45900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.987476]  ffff888100a45980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.987687] ==================================================================
[   12.148480] ==================================================================
[   12.148956] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930
[   12.149524] Write of size 1 at addr ffff88810293a0eb by task kunit_try_catch/168
[   12.149862] 
[   12.149980] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   12.150106] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.150120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.150141] Call Trace:
[   12.150155]  <TASK>
[   12.150175]  dump_stack_lvl+0x73/0xb0
[   12.150204]  print_report+0xd1/0x650
[   12.150236]  ? __virt_addr_valid+0x1db/0x2d0
[   12.150258]  ? krealloc_more_oob_helper+0x823/0x930
[   12.150280]  ? kasan_addr_to_slab+0x11/0xa0
[   12.150299]  ? krealloc_more_oob_helper+0x823/0x930
[   12.150332]  kasan_report+0x140/0x180
[   12.150353]  ? krealloc_more_oob_helper+0x823/0x930
[   12.150379]  __asan_report_store1_noabort+0x1b/0x30
[   12.150402]  krealloc_more_oob_helper+0x823/0x930
[   12.150423]  ? __schedule+0xce8/0x2840
[   12.150447]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   12.150470]  ? finish_task_switch.isra.0+0x153/0x700
[   12.150494]  ? __switch_to+0x5d9/0xf60
[   12.150520]  ? __schedule+0xce8/0x2840
[   12.150542]  ? __pfx_read_tsc+0x10/0x10
[   12.150567]  krealloc_large_more_oob+0x1c/0x30
[   12.150588]  kunit_try_run_case+0x1a6/0x480
[   12.150611]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.150631]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   12.150652]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.150675]  ? __kthread_parkme+0x82/0x160
[   12.150707]  ? preempt_count_sub+0x50/0x80
[   12.150730]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.150751]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.150786]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.150811]  kthread+0x324/0x6e0
[   12.150832]  ? trace_preempt_on+0x20/0xc0
[   12.150865]  ? __pfx_kthread+0x10/0x10
[   12.150887]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.150910]  ? calculate_sigpending+0x7b/0xa0
[   12.150932]  ? __pfx_kthread+0x10/0x10
[   12.150954]  ret_from_fork+0x41/0x80
[   12.150972]  ? __pfx_kthread+0x10/0x10
[   12.150993]  ret_from_fork_asm+0x1a/0x30
[   12.151076]  </TASK>
[   12.151087] 
[   12.161991] The buggy address belongs to the physical page:
[   12.162410] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938
[   12.162931] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.163469] flags: 0x200000000000040(head|node=0|zone=2)
[   12.163854] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.164574] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   12.165032] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.165576] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   12.165943] head: 0200000000000002 ffffea00040a4e01 ffffffffffffffff 0000000000000000
[   12.166474] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   12.166907] page dumped because: kasan: bad access detected
[   12.167342] 
[   12.167437] Memory state around the buggy address:
[   12.167777]  ffff888102939f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.168547]  ffff88810293a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.168809] >ffff88810293a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   12.169260]                                                           ^
[   12.169612]  ffff88810293a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.169889]  ffff88810293a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.170472] ==================================================================
[   11.988392] ==================================================================
[   11.988742] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930
[   11.989386] Write of size 1 at addr ffff888100a458f0 by task kunit_try_catch/164
[   11.989635] 
[   11.989734] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   11.989785] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.989797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.989821] Call Trace:
[   11.989847]  <TASK>
[   11.989870]  dump_stack_lvl+0x73/0xb0
[   11.989899]  print_report+0xd1/0x650
[   11.989924]  ? __virt_addr_valid+0x1db/0x2d0
[   11.989948]  ? krealloc_more_oob_helper+0x7ed/0x930
[   11.989972]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.989999]  ? krealloc_more_oob_helper+0x7ed/0x930
[   11.990039]  kasan_report+0x140/0x180
[   11.990060]  ? krealloc_more_oob_helper+0x7ed/0x930
[   11.990087]  __asan_report_store1_noabort+0x1b/0x30
[   11.990110]  krealloc_more_oob_helper+0x7ed/0x930
[   11.990131]  ? __schedule+0xce8/0x2840
[   11.990155]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.990178]  ? finish_task_switch.isra.0+0x153/0x700
[   11.990203]  ? __switch_to+0x5d9/0xf60
[   11.990230]  ? __schedule+0xce8/0x2840
[   11.990252]  ? __pfx_read_tsc+0x10/0x10
[   11.990276]  krealloc_more_oob+0x1c/0x30
[   11.990297]  kunit_try_run_case+0x1a6/0x480
[   11.990320]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.990340]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   11.990360]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.990385]  ? __kthread_parkme+0x82/0x160
[   11.990406]  ? preempt_count_sub+0x50/0x80
[   11.990429]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.990451]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.990475]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.990500]  kthread+0x324/0x6e0
[   11.990521]  ? trace_preempt_on+0x20/0xc0
[   11.990544]  ? __pfx_kthread+0x10/0x10
[   11.990565]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.990588]  ? calculate_sigpending+0x7b/0xa0
[   11.991095]  ? __pfx_kthread+0x10/0x10
[   11.991129]  ret_from_fork+0x41/0x80
[   11.991148]  ? __pfx_kthread+0x10/0x10
[   11.991169]  ret_from_fork_asm+0x1a/0x30
[   11.991201]  </TASK>
[   11.991211] 
[   11.999911] Allocated by task 164:
[   12.000306]  kasan_save_stack+0x45/0x70
[   12.000599]  kasan_save_track+0x18/0x40
[   12.000776]  kasan_save_alloc_info+0x3b/0x50
[   12.001036]  __kasan_krealloc+0x190/0x1f0
[   12.001698]  krealloc_noprof+0xf3/0x340
[   12.001941]  krealloc_more_oob_helper+0x1aa/0x930
[   12.002244]  krealloc_more_oob+0x1c/0x30
[   12.002603]  kunit_try_run_case+0x1a6/0x480
[   12.002813]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.003199]  kthread+0x324/0x6e0
[   12.003366]  ret_from_fork+0x41/0x80
[   12.003547]  ret_from_fork_asm+0x1a/0x30
[   12.003738] 
[   12.003850] The buggy address belongs to the object at ffff888100a45800
[   12.003850]  which belongs to the cache kmalloc-256 of size 256
[   12.004446] The buggy address is located 5 bytes to the right of
[   12.004446]  allocated 235-byte region [ffff888100a45800, ffff888100a458eb)
[   12.004801] 
[   12.004904] The buggy address belongs to the physical page:
[   12.005520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a44
[   12.006322] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.006734] flags: 0x200000000000040(head|node=0|zone=2)
[   12.007179] page_type: f5(slab)
[   12.007346] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.007667] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.007986] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.008377] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.008693] head: 0200000000000001 ffffea0004029101 ffffffffffffffff 0000000000000000
[   12.009191] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   12.009470] page dumped because: kasan: bad access detected
[   12.009636] 
[   12.009705] Memory state around the buggy address:
[   12.009946]  ffff888100a45780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.010722]  ffff888100a45800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.011067] >ffff888100a45880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   12.011313]                                                              ^
[   12.011593]  ffff888100a45900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.011938]  ffff888100a45980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.012220] ==================================================================
Metadata Full log Test run details