lkft/linux-stable-rc-linux-6.15.y - v6.15-50-g86677b94d603 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper

Date

June 2, 2025, 2:11 p.m.

Environment
e850-96
qemu-arm64
qemu-x86_64

[   22.781909] ==================================================================
[   22.789020] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   22.796571] Write of size 1 at addr ffff0008032360d0 by task kunit_try_catch/209
[   22.803949] 
[   22.805432] CPU: 6 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   22.805479] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.805496] Hardware name: WinLink E850-96 board (DT)
[   22.805517] Call trace:
[   22.805528]  show_stack+0x20/0x38 (C)
[   22.805559]  dump_stack_lvl+0x8c/0xd0
[   22.805592]  print_report+0x118/0x608
[   22.805620]  kasan_report+0xdc/0x128
[   22.805645]  __asan_report_store1_noabort+0x20/0x30
[   22.805678]  krealloc_less_oob_helper+0xb9c/0xc50
[   22.805712]  krealloc_large_less_oob+0x20/0x38
[   22.805748]  kunit_try_run_case+0x170/0x3f0
[   22.805784]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.805821]  kthread+0x328/0x630
[   22.805855]  ret_from_fork+0x10/0x20
[   22.805890] 
[   22.873306] The buggy address belongs to the physical page:
[   22.878865] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883234
[   22.886850] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.894489] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.901430] page_type: f8(unknown)
[   22.904825] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.912548] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.920274] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.928085] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.935899] head: 0bfffe0000000002 fffffdffe00c8d01 00000000ffffffff 00000000ffffffff
[   22.943711] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   22.951516] page dumped because: kasan: bad access detected
[   22.957072] 
[   22.958547] Memory state around the buggy address:
[   22.963327]  ffff000803235f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.970530]  ffff000803236000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.977735] >ffff000803236080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   22.984936]                                                  ^
[   22.990755]  ffff000803236100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.997960]  ffff000803236180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.005162] ==================================================================
[   21.466255] ==================================================================
[   21.473245] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   21.480792] Write of size 1 at addr ffff0008030fcaea by task kunit_try_catch/205
[   21.488170] 
[   21.489655] CPU: 2 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   21.489706] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.489722] Hardware name: WinLink E850-96 board (DT)
[   21.489742] Call trace:
[   21.489754]  show_stack+0x20/0x38 (C)
[   21.489787]  dump_stack_lvl+0x8c/0xd0
[   21.489821]  print_report+0x118/0x608
[   21.489848]  kasan_report+0xdc/0x128
[   21.489875]  __asan_report_store1_noabort+0x20/0x30
[   21.489907]  krealloc_less_oob_helper+0xae4/0xc50
[   21.489941]  krealloc_less_oob+0x20/0x38
[   21.489973]  kunit_try_run_case+0x170/0x3f0
[   21.490009]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.490044]  kthread+0x328/0x630
[   21.490078]  ret_from_fork+0x10/0x20
[   21.490111] 
[   21.557006] Allocated by task 205:
[   21.560394]  kasan_save_stack+0x3c/0x68
[   21.564211]  kasan_save_track+0x20/0x40
[   21.568030]  kasan_save_alloc_info+0x40/0x58
[   21.572284]  __kasan_krealloc+0x118/0x178
[   21.576276]  krealloc_noprof+0x128/0x360
[   21.580183]  krealloc_less_oob_helper+0x168/0xc50
[   21.584872]  krealloc_less_oob+0x20/0x38
[   21.588777]  kunit_try_run_case+0x170/0x3f0
[   21.592943]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.598412]  kthread+0x328/0x630
[   21.601624]  ret_from_fork+0x10/0x20
[   21.605183] 
[   21.606658] The buggy address belongs to the object at ffff0008030fca00
[   21.606658]  which belongs to the cache kmalloc-256 of size 256
[   21.619160] The buggy address is located 33 bytes to the right of
[   21.619160]  allocated 201-byte region [ffff0008030fca00, ffff0008030fcac9)
[   21.632179] 
[   21.633656] The buggy address belongs to the physical page:
[   21.639214] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8830fc
[   21.647198] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.654835] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   21.661779] page_type: f5(slab)
[   21.664913] raw: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   21.672636] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   21.680362] head: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   21.688174] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   21.695987] head: 0bfffe0000000002 fffffdffe00c3f01 00000000ffffffff 00000000ffffffff
[   21.703799] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.711604] page dumped because: kasan: bad access detected
[   21.717160] 
[   21.718634] Memory state around the buggy address:
[   21.723414]  ffff0008030fc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.730618]  ffff0008030fca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.737823] >ffff0008030fca80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   21.745024]                                                           ^
[   21.751625]  ffff0008030fcb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.758829]  ffff0008030fcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.766031] ==================================================================
[   21.159529] ==================================================================
[   21.166567] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   21.174115] Write of size 1 at addr ffff0008030fcada by task kunit_try_catch/205
[   21.181491] 
[   21.182977] CPU: 2 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   21.183032] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.183047] Hardware name: WinLink E850-96 board (DT)
[   21.183069] Call trace:
[   21.183081]  show_stack+0x20/0x38 (C)
[   21.183115]  dump_stack_lvl+0x8c/0xd0
[   21.183147]  print_report+0x118/0x608
[   21.183175]  kasan_report+0xdc/0x128
[   21.183201]  __asan_report_store1_noabort+0x20/0x30
[   21.183231]  krealloc_less_oob_helper+0xa80/0xc50
[   21.183264]  krealloc_less_oob+0x20/0x38
[   21.183297]  kunit_try_run_case+0x170/0x3f0
[   21.183334]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.183372]  kthread+0x328/0x630
[   21.183405]  ret_from_fork+0x10/0x20
[   21.183440] 
[   21.250326] Allocated by task 205:
[   21.253715]  kasan_save_stack+0x3c/0x68
[   21.257531]  kasan_save_track+0x20/0x40
[   21.261351]  kasan_save_alloc_info+0x40/0x58
[   21.265604]  __kasan_krealloc+0x118/0x178
[   21.269597]  krealloc_noprof+0x128/0x360
[   21.273503]  krealloc_less_oob_helper+0x168/0xc50
[   21.278192]  krealloc_less_oob+0x20/0x38
[   21.282097]  kunit_try_run_case+0x170/0x3f0
[   21.286264]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.291732]  kthread+0x328/0x630
[   21.294944]  ret_from_fork+0x10/0x20
[   21.298503] 
[   21.299981] The buggy address belongs to the object at ffff0008030fca00
[   21.299981]  which belongs to the cache kmalloc-256 of size 256
[   21.312480] The buggy address is located 17 bytes to the right of
[   21.312480]  allocated 201-byte region [ffff0008030fca00, ffff0008030fcac9)
[   21.325499] 
[   21.326977] The buggy address belongs to the physical page:
[   21.332535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8830fc
[   21.340519] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.348157] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   21.355101] page_type: f5(slab)
[   21.358235] raw: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   21.365956] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   21.373683] head: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   21.381494] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   21.389307] head: 0bfffe0000000002 fffffdffe00c3f01 00000000ffffffff 00000000ffffffff
[   21.397119] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.404925] page dumped because: kasan: bad access detected
[   21.410480] 
[   21.411956] Memory state around the buggy address:
[   21.416736]  ffff0008030fc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.423939]  ffff0008030fca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.431143] >ffff0008030fca80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   21.438345]                                                     ^
[   21.444424]  ffff0008030fcb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.451629]  ffff0008030fcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.458831] ==================================================================
[   20.544885] ==================================================================
[   20.554163] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   20.561709] Write of size 1 at addr ffff0008030fcac9 by task kunit_try_catch/205
[   20.569087] 
[   20.570572] CPU: 5 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   20.570621] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.570637] Hardware name: WinLink E850-96 board (DT)
[   20.570659] Call trace:
[   20.570670]  show_stack+0x20/0x38 (C)
[   20.570706]  dump_stack_lvl+0x8c/0xd0
[   20.570742]  print_report+0x118/0x608
[   20.570772]  kasan_report+0xdc/0x128
[   20.570801]  __asan_report_store1_noabort+0x20/0x30
[   20.570836]  krealloc_less_oob_helper+0xa48/0xc50
[   20.570870]  krealloc_less_oob+0x20/0x38
[   20.570900]  kunit_try_run_case+0x170/0x3f0
[   20.570935]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.570971]  kthread+0x328/0x630
[   20.571006]  ret_from_fork+0x10/0x20
[   20.571041] 
[   20.637924] Allocated by task 205:
[   20.641311]  kasan_save_stack+0x3c/0x68
[   20.645128]  kasan_save_track+0x20/0x40
[   20.648947]  kasan_save_alloc_info+0x40/0x58
[   20.653201]  __kasan_krealloc+0x118/0x178
[   20.657193]  krealloc_noprof+0x128/0x360
[   20.661099]  krealloc_less_oob_helper+0x168/0xc50
[   20.665786]  krealloc_less_oob+0x20/0x38
[   20.669693]  kunit_try_run_case+0x170/0x3f0
[   20.673860]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.679328]  kthread+0x328/0x630
[   20.682540]  ret_from_fork+0x10/0x20
[   20.686099] 
[   20.687577] The buggy address belongs to the object at ffff0008030fca00
[   20.687577]  which belongs to the cache kmalloc-256 of size 256
[   20.700076] The buggy address is located 0 bytes to the right of
[   20.700076]  allocated 201-byte region [ffff0008030fca00, ffff0008030fcac9)
[   20.713008] 
[   20.714487] The buggy address belongs to the physical page:
[   20.720044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8830fc
[   20.728029] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.735668] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.742610] page_type: f5(slab)
[   20.745748] raw: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   20.753466] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   20.761192] head: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   20.769003] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   20.776817] head: 0bfffe0000000002 fffffdffe00c3f01 00000000ffffffff 00000000ffffffff
[   20.784628] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   20.792434] page dumped because: kasan: bad access detected
[   20.797989] 
[   20.799465] Memory state around the buggy address:
[   20.804247]  ffff0008030fc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.811448]  ffff0008030fca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.818654] >ffff0008030fca80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   20.825853]                                               ^
[   20.831413]  ffff0008030fcb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.838618]  ffff0008030fcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.845820] ==================================================================
[   22.548747] ==================================================================
[   22.558729] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   22.566281] Write of size 1 at addr ffff0008032360c9 by task kunit_try_catch/209
[   22.573657] 
[   22.575142] CPU: 6 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   22.575195] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.575211] Hardware name: WinLink E850-96 board (DT)
[   22.575234] Call trace:
[   22.575250]  show_stack+0x20/0x38 (C)
[   22.575282]  dump_stack_lvl+0x8c/0xd0
[   22.575314]  print_report+0x118/0x608
[   22.575343]  kasan_report+0xdc/0x128
[   22.575370]  __asan_report_store1_noabort+0x20/0x30
[   22.575403]  krealloc_less_oob_helper+0xa48/0xc50
[   22.575442]  krealloc_large_less_oob+0x20/0x38
[   22.575475]  kunit_try_run_case+0x170/0x3f0
[   22.575514]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.575553]  kthread+0x328/0x630
[   22.575589]  ret_from_fork+0x10/0x20
[   22.575623] 
[   22.643017] The buggy address belongs to the physical page:
[   22.648573] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883234
[   22.656559] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.664198] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.671139] page_type: f8(unknown)
[   22.674536] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.682256] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.689982] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.697794] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.705607] head: 0bfffe0000000002 fffffdffe00c8d01 00000000ffffffff 00000000ffffffff
[   22.713419] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   22.721224] page dumped because: kasan: bad access detected
[   22.726780] 
[   22.728255] Memory state around the buggy address:
[   22.733035]  ffff000803235f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.740238]  ffff000803236000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.747443] >ffff000803236080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   22.754644]                                               ^
[   22.760203]  ffff000803236100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.767408]  ffff000803236180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.774611] ==================================================================
[   23.474648] ==================================================================
[   23.481720] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   23.489272] Write of size 1 at addr ffff0008032360eb by task kunit_try_catch/209
[   23.496648] 
[   23.498131] CPU: 6 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   23.498181] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.498196] Hardware name: WinLink E850-96 board (DT)
[   23.498215] Call trace:
[   23.498229]  show_stack+0x20/0x38 (C)
[   23.498262]  dump_stack_lvl+0x8c/0xd0
[   23.498295]  print_report+0x118/0x608
[   23.498325]  kasan_report+0xdc/0x128
[   23.498351]  __asan_report_store1_noabort+0x20/0x30
[   23.498385]  krealloc_less_oob_helper+0xa58/0xc50
[   23.498423]  krealloc_large_less_oob+0x20/0x38
[   23.498459]  kunit_try_run_case+0x170/0x3f0
[   23.498494]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.498534]  kthread+0x328/0x630
[   23.498567]  ret_from_fork+0x10/0x20
[   23.498600] 
[   23.566007] The buggy address belongs to the physical page:
[   23.571563] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883234
[   23.579545] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.587186] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   23.594128] page_type: f8(unknown)
[   23.597524] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.605246] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.612971] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.620783] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.628597] head: 0bfffe0000000002 fffffdffe00c8d01 00000000ffffffff 00000000ffffffff
[   23.636409] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.644214] page dumped because: kasan: bad access detected
[   23.649771] 
[   23.651245] Memory state around the buggy address:
[   23.656025]  ffff000803235f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.663228]  ffff000803236000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.670432] >ffff000803236080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   23.677634]                                                           ^
[   23.684235]  ffff000803236100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.691440]  ffff000803236180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.698642] ==================================================================
[   23.012480] ==================================================================
[   23.019575] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   23.027125] Write of size 1 at addr ffff0008032360da by task kunit_try_catch/209
[   23.034501] 
[   23.035985] CPU: 6 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   23.036031] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.036046] Hardware name: WinLink E850-96 board (DT)
[   23.036066] Call trace:
[   23.036077]  show_stack+0x20/0x38 (C)
[   23.036109]  dump_stack_lvl+0x8c/0xd0
[   23.036140]  print_report+0x118/0x608
[   23.036167]  kasan_report+0xdc/0x128
[   23.036195]  __asan_report_store1_noabort+0x20/0x30
[   23.036231]  krealloc_less_oob_helper+0xa80/0xc50
[   23.036266]  krealloc_large_less_oob+0x20/0x38
[   23.036303]  kunit_try_run_case+0x170/0x3f0
[   23.036338]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.036376]  kthread+0x328/0x630
[   23.036410]  ret_from_fork+0x10/0x20
[   23.036444] 
[   23.103859] The buggy address belongs to the physical page:
[   23.109416] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883234
[   23.117401] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.125038] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   23.131983] page_type: f8(unknown)
[   23.135378] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.143100] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.150826] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.158637] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.166451] head: 0bfffe0000000002 fffffdffe00c8d01 00000000ffffffff 00000000ffffffff
[   23.174263] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.182068] page dumped because: kasan: bad access detected
[   23.187624] 
[   23.189100] Memory state around the buggy address:
[   23.193879]  ffff000803235f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.201083]  ffff000803236000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.208287] >ffff000803236080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   23.215488]                                                     ^
[   23.221568]  ffff000803236100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.228773]  ffff000803236180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.235974] ==================================================================
[   21.773353] ==================================================================
[   21.780443] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   21.787992] Write of size 1 at addr ffff0008030fcaeb by task kunit_try_catch/205
[   21.795371] 
[   21.796856] CPU: 2 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   21.796902] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.796917] Hardware name: WinLink E850-96 board (DT)
[   21.796935] Call trace:
[   21.796946]  show_stack+0x20/0x38 (C)
[   21.796978]  dump_stack_lvl+0x8c/0xd0
[   21.797011]  print_report+0x118/0x608
[   21.797042]  kasan_report+0xdc/0x128
[   21.797068]  __asan_report_store1_noabort+0x20/0x30
[   21.797100]  krealloc_less_oob_helper+0xa58/0xc50
[   21.797136]  krealloc_less_oob+0x20/0x38
[   21.797167]  kunit_try_run_case+0x170/0x3f0
[   21.797202]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.797241]  kthread+0x328/0x630
[   21.797272]  ret_from_fork+0x10/0x20
[   21.797305] 
[   21.864206] Allocated by task 205:
[   21.867593]  kasan_save_stack+0x3c/0x68
[   21.871411]  kasan_save_track+0x20/0x40
[   21.875231]  kasan_save_alloc_info+0x40/0x58
[   21.879484]  __kasan_krealloc+0x118/0x178
[   21.883477]  krealloc_noprof+0x128/0x360
[   21.887383]  krealloc_less_oob_helper+0x168/0xc50
[   21.892072]  krealloc_less_oob+0x20/0x38
[   21.895977]  kunit_try_run_case+0x170/0x3f0
[   21.900143]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.905612]  kthread+0x328/0x630
[   21.908824]  ret_from_fork+0x10/0x20
[   21.912382] 
[   21.913859] The buggy address belongs to the object at ffff0008030fca00
[   21.913859]  which belongs to the cache kmalloc-256 of size 256
[   21.926360] The buggy address is located 34 bytes to the right of
[   21.926360]  allocated 201-byte region [ffff0008030fca00, ffff0008030fcac9)
[   21.939379] 
[   21.940855] The buggy address belongs to the physical page:
[   21.946413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8830fc
[   21.954397] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.962035] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   21.968979] page_type: f5(slab)
[   21.972114] raw: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   21.979836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   21.987563] head: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   21.995374] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   22.003187] head: 0bfffe0000000002 fffffdffe00c3f01 00000000ffffffff 00000000ffffffff
[   22.010999] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   22.018805] page dumped because: kasan: bad access detected
[   22.024360] 
[   22.025836] Memory state around the buggy address:
[   22.030616]  ffff0008030fc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.037818]  ffff0008030fca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.045023] >ffff0008030fca80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   22.052224]                                                           ^
[   22.058825]  ffff0008030fcb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.066030]  ffff0008030fcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.073232] ==================================================================
[   23.243259] ==================================================================
[   23.250386] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   23.257936] Write of size 1 at addr ffff0008032360ea by task kunit_try_catch/209
[   23.265314] 
[   23.266796] CPU: 6 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   23.266841] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.266857] Hardware name: WinLink E850-96 board (DT)
[   23.266873] Call trace:
[   23.266882]  show_stack+0x20/0x38 (C)
[   23.266914]  dump_stack_lvl+0x8c/0xd0
[   23.266944]  print_report+0x118/0x608
[   23.266972]  kasan_report+0xdc/0x128
[   23.267000]  __asan_report_store1_noabort+0x20/0x30
[   23.267033]  krealloc_less_oob_helper+0xae4/0xc50
[   23.267068]  krealloc_large_less_oob+0x20/0x38
[   23.267101]  kunit_try_run_case+0x170/0x3f0
[   23.267134]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.267173]  kthread+0x328/0x630
[   23.267205]  ret_from_fork+0x10/0x20
[   23.267237] 
[   23.334671] The buggy address belongs to the physical page:
[   23.340228] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883234
[   23.348212] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.355850] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   23.362795] page_type: f8(unknown)
[   23.366189] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.373912] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.381638] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   23.389450] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.397263] head: 0bfffe0000000002 fffffdffe00c8d01 00000000ffffffff 00000000ffffffff
[   23.405075] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.412881] page dumped because: kasan: bad access detected
[   23.418437] 
[   23.419912] Memory state around the buggy address:
[   23.424690]  ffff000803235f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.431895]  ffff000803236000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.439100] >ffff000803236080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   23.446301]                                                           ^
[   23.452901]  ffff000803236100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.460106]  ffff000803236180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.467307] ==================================================================
[   20.853212] ==================================================================
[   20.860234] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   20.867780] Write of size 1 at addr ffff0008030fcad0 by task kunit_try_catch/205
[   20.875159] 
[   20.876644] CPU: 5 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   20.876690] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.876705] Hardware name: WinLink E850-96 board (DT)
[   20.876724] Call trace:
[   20.876738]  show_stack+0x20/0x38 (C)
[   20.876772]  dump_stack_lvl+0x8c/0xd0
[   20.876804]  print_report+0x118/0x608
[   20.876830]  kasan_report+0xdc/0x128
[   20.876857]  __asan_report_store1_noabort+0x20/0x30
[   20.876888]  krealloc_less_oob_helper+0xb9c/0xc50
[   20.876922]  krealloc_less_oob+0x20/0x38
[   20.876953]  kunit_try_run_case+0x170/0x3f0
[   20.876989]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.877025]  kthread+0x328/0x630
[   20.877059]  ret_from_fork+0x10/0x20
[   20.877091] 
[   20.943994] Allocated by task 205:
[   20.947381]  kasan_save_stack+0x3c/0x68
[   20.951199]  kasan_save_track+0x20/0x40
[   20.955018]  kasan_save_alloc_info+0x40/0x58
[   20.959272]  __kasan_krealloc+0x118/0x178
[   20.963265]  krealloc_noprof+0x128/0x360
[   20.967171]  krealloc_less_oob_helper+0x168/0xc50
[   20.971860]  krealloc_less_oob+0x20/0x38
[   20.975765]  kunit_try_run_case+0x170/0x3f0
[   20.979932]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.985400]  kthread+0x328/0x630
[   20.988612]  ret_from_fork+0x10/0x20
[   20.992171] 
[   20.993648] The buggy address belongs to the object at ffff0008030fca00
[   20.993648]  which belongs to the cache kmalloc-256 of size 256
[   21.006148] The buggy address is located 7 bytes to the right of
[   21.006148]  allocated 201-byte region [ffff0008030fca00, ffff0008030fcac9)
[   21.019080] 
[   21.020559] The buggy address belongs to the physical page:
[   21.026115] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8830fc
[   21.034100] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.041739] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   21.048682] page_type: f5(slab)
[   21.051816] raw: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   21.059537] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   21.067264] head: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   21.075075] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   21.082888] head: 0bfffe0000000002 fffffdffe00c3f01 00000000ffffffff 00000000ffffffff
[   21.090700] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.098506] page dumped because: kasan: bad access detected
[   21.104061] 
[   21.105537] Memory state around the buggy address:
[   21.110319]  ffff0008030fc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.117520]  ffff0008030fca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.124725] >ffff0008030fca80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   21.131926]                                                  ^
[   21.137745]  ffff0008030fcb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.144950]  ffff0008030fcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.152151] ==================================================================

Metadata Full log Test run details

[   17.600032] ==================================================================
[   17.600083] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   17.600139] Write of size 1 at addr fff00000c5ade8ea by task kunit_try_catch/161
[   17.600188] 
[   17.600220] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.600299] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.600325] Hardware name: linux,dummy-virt (DT)
[   17.602081] Call trace:
[   17.602113]  show_stack+0x20/0x38 (C)
[   17.602168]  dump_stack_lvl+0x8c/0xd0
[   17.602523]  print_report+0x118/0x608
[   17.602574]  kasan_report+0xdc/0x128
[   17.602876]  __asan_report_store1_noabort+0x20/0x30
[   17.602933]  krealloc_less_oob_helper+0xae4/0xc50
[   17.603282]  krealloc_less_oob+0x20/0x38
[   17.603768]  kunit_try_run_case+0x170/0x3f0
[   17.603999]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.604242]  kthread+0x328/0x630
[   17.604293]  ret_from_fork+0x10/0x20
[   17.604344] 
[   17.605016] Allocated by task 161:
[   17.605054]  kasan_save_stack+0x3c/0x68
[   17.605101]  kasan_save_track+0x20/0x40
[   17.605138]  kasan_save_alloc_info+0x40/0x58
[   17.605177]  __kasan_krealloc+0x118/0x178
[   17.605213]  krealloc_noprof+0x128/0x360
[   17.605249]  krealloc_less_oob_helper+0x168/0xc50
[   17.605291]  krealloc_less_oob+0x20/0x38
[   17.605331]  kunit_try_run_case+0x170/0x3f0
[   17.605382]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.605428]  kthread+0x328/0x630
[   17.606214]  ret_from_fork+0x10/0x20
[   17.606744] 
[   17.606771] The buggy address belongs to the object at fff00000c5ade800
[   17.606771]  which belongs to the cache kmalloc-256 of size 256
[   17.606830] The buggy address is located 33 bytes to the right of
[   17.606830]  allocated 201-byte region [fff00000c5ade800, fff00000c5ade8c9)
[   17.607619] 
[   17.607642] The buggy address belongs to the physical page:
[   17.607675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ade
[   17.607731] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.607777] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.607831] page_type: f5(slab)
[   17.607870] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.607920] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.607969] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.608016] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.608065] head: 0bfffe0000000001 ffffc1ffc316b781 00000000ffffffff 00000000ffffffff
[   17.608113] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.608152] page dumped because: kasan: bad access detected
[   17.608183] 
[   17.608202] Memory state around the buggy address:
[   17.608233]  fff00000c5ade780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.608276]  fff00000c5ade800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.608317] >fff00000c5ade880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.609382]                                                           ^
[   17.609425]  fff00000c5ade900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.609492]  fff00000c5ade980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.609528] ==================================================================
[   17.575613] ==================================================================
[   17.575663] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   17.575716] Write of size 1 at addr fff00000c5ade8d0 by task kunit_try_catch/161
[   17.575764] 
[   17.575795] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.575874] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.575900] Hardware name: linux,dummy-virt (DT)
[   17.575930] Call trace:
[   17.575952]  show_stack+0x20/0x38 (C)
[   17.576001]  dump_stack_lvl+0x8c/0xd0
[   17.576049]  print_report+0x118/0x608
[   17.576095]  kasan_report+0xdc/0x128
[   17.576139]  __asan_report_store1_noabort+0x20/0x30
[   17.576190]  krealloc_less_oob_helper+0xb9c/0xc50
[   17.576241]  krealloc_less_oob+0x20/0x38
[   17.576289]  kunit_try_run_case+0x170/0x3f0
[   17.576338]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.578884]  kthread+0x328/0x630
[   17.578976]  ret_from_fork+0x10/0x20
[   17.579549] 
[   17.579584] Allocated by task 161:
[   17.579615]  kasan_save_stack+0x3c/0x68
[   17.580481]  kasan_save_track+0x20/0x40
[   17.580535]  kasan_save_alloc_info+0x40/0x58
[   17.580575]  __kasan_krealloc+0x118/0x178
[   17.580612]  krealloc_noprof+0x128/0x360
[   17.580650]  krealloc_less_oob_helper+0x168/0xc50
[   17.580691]  krealloc_less_oob+0x20/0x38
[   17.580729]  kunit_try_run_case+0x170/0x3f0
[   17.580769]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.580814]  kthread+0x328/0x630
[   17.580851]  ret_from_fork+0x10/0x20
[   17.580887] 
[   17.580908] The buggy address belongs to the object at fff00000c5ade800
[   17.580908]  which belongs to the cache kmalloc-256 of size 256
[   17.580964] The buggy address is located 7 bytes to the right of
[   17.580964]  allocated 201-byte region [fff00000c5ade800, fff00000c5ade8c9)
[   17.581026] 
[   17.581046] The buggy address belongs to the physical page:
[   17.581077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ade
[   17.581129] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.581175] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.581228] page_type: f5(slab)
[   17.581269] raw: 0
[   17.581269] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.581318] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.581383] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.581431] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.581486] head: 0bfffe0000000001 ffffc1ffc316b781 00000000ffffffff 00000000ffffffff
[   17.581532] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.581571] page dumped because: kasan: bad access detected
[   17.581601] 
[   17.581619] Memory state around the buggy address:
[   17.581649]  fff00000c5ade780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.581691]  fff00000c5ade800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.581732] >fff00000c5ade880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.581768]                                                  ^
[   17.581802]  fff00000c5ade900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.581842]  fff00000c5ade980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.581878] ==================================================================
[   17.688197] ==================================================================
[   17.688249] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   17.688301] Write of size 1 at addr fff00000c65aa0d0 by task kunit_try_catch/165
[   17.688386] 
[   17.688417] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.688497] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.688532] Hardware name: linux,dummy-virt (DT)
[   17.688571] Call trace:
[   17.688593]  show_stack+0x20/0x38 (C)
[   17.688643]  dump_stack_lvl+0x8c/0xd0
[   17.688692]  print_report+0x118/0x608
[   17.688737]  kasan_report+0xdc/0x128
[   17.688792]  __asan_report_store1_noabort+0x20/0x30
[   17.688846]  krealloc_less_oob_helper+0xb9c/0xc50
[   17.688907]  krealloc_large_less_oob+0x20/0x38
[   17.688959]  kunit_try_run_case+0x170/0x3f0
[   17.689009]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.689064]  kthread+0x328/0x630
[   17.689109]  ret_from_fork+0x10/0x20
[   17.689158] 
[   17.689177] The buggy address belongs to the physical page:
[   17.689215] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a8
[   17.689276] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.689322] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.689383] page_type: f8(unknown)
[   17.689421] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.689495] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.689551] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.689598] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.689645] head: 0bfffe0000000002 ffffc1ffc3196a01 00000000ffffffff 00000000ffffffff
[   17.689691] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.689844] page dumped because: kasan: bad access detected
[   17.689910] 
[   17.690032] Memory state around the buggy address:
[   17.690066]  fff00000c65a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.690109]  fff00000c65aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.690150] >fff00000c65aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.690188]                                                  ^
[   17.690223]  fff00000c65aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.690263]  fff00000c65aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.690410] ==================================================================
[   17.587486] ==================================================================
[   17.587543] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   17.587600] Write of size 1 at addr fff00000c5ade8da by task kunit_try_catch/161
[   17.587649] 
[   17.587681] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.587764] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.587790] Hardware name: linux,dummy-virt (DT)
[   17.587821] Call trace:
[   17.587843]  show_stack+0x20/0x38 (C)
[   17.587892]  dump_stack_lvl+0x8c/0xd0
[   17.587941]  print_report+0x118/0x608
[   17.587986]  kasan_report+0xdc/0x128
[   17.588030]  __asan_report_store1_noabort+0x20/0x30
[   17.588081]  krealloc_less_oob_helper+0xa80/0xc50
[   17.588132]  krealloc_less_oob+0x20/0x38
[   17.588180]  kunit_try_run_case+0x170/0x3f0
[   17.588229]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.588287]  kthread+0x328/0x630
[   17.588334]  ret_from_fork+0x10/0x20
[   17.588401] 
[   17.588419] Allocated by task 161:
[   17.588447]  kasan_save_stack+0x3c/0x68
[   17.588486]  kasan_save_track+0x20/0x40
[   17.588521]  kasan_save_alloc_info+0x40/0x58
[   17.588559]  __kasan_krealloc+0x118/0x178
[   17.588595]  krealloc_noprof+0x128/0x360
[   17.588631]  krealloc_less_oob_helper+0x168/0xc50
[   17.588672]  krealloc_less_oob+0x20/0x38
[   17.588710]  kunit_try_run_case+0x170/0x3f0
[   17.588748]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.588794]  kthread+0x328/0x630
[   17.588829]  ret_from_fork+0x10/0x20
[   17.588865] 
[   17.588886] The buggy address belongs to the object at fff00000c5ade800
[   17.588886]  which belongs to the cache kmalloc-256 of size 256
[   17.588942] The buggy address is located 17 bytes to the right of
[   17.588942]  allocated 201-byte region [fff00000c5ade800, fff00000c5ade8c9)
[   17.589005] 
[   17.589024] The buggy address belongs to the physical page:
[   17.589055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ade
[   17.589107] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.589152] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.589202] page_type: f5(slab)
[   17.589240] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.589290] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.589338] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.593859] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.593913] head: 0bfffe0000000001 ffffc1ffc316b781 00000000ffffffff 00000000ffffffff
[   17.599050] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.599101] page dumped because: kasan: bad access detected
[   17.599133] 
[   17.599160] Memory state around the buggy address:
[   17.599195]  fff00000c5ade780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.599238]  fff00000c5ade800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.599280] >fff00000c5ade880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.599317]                                                     ^
[   17.599364]  fff00000c5ade900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.599406]  fff00000c5ade980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.599443] ==================================================================
[   17.682971] ==================================================================
[   17.683051] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   17.683122] Write of size 1 at addr fff00000c65aa0c9 by task kunit_try_catch/165
[   17.683952] 
[   17.684011] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.684247] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.684321] Hardware name: linux,dummy-virt (DT)
[   17.684478] Call trace:
[   17.684555]  show_stack+0x20/0x38 (C)
[   17.684661]  dump_stack_lvl+0x8c/0xd0
[   17.684712]  print_report+0x118/0x608
[   17.684759]  kasan_report+0xdc/0x128
[   17.684803]  __asan_report_store1_noabort+0x20/0x30
[   17.684878]  krealloc_less_oob_helper+0xa48/0xc50
[   17.685020]  krealloc_large_less_oob+0x20/0x38
[   17.685166]  kunit_try_run_case+0x170/0x3f0
[   17.685308]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.685411]  kthread+0x328/0x630
[   17.685496]  ret_from_fork+0x10/0x20
[   17.685651] 
[   17.685673] The buggy address belongs to the physical page:
[   17.685707] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a8
[   17.685762] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.685816] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.685874] page_type: f8(unknown)
[   17.685935] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.685986] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.686034] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.686081] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.686128] head: 0bfffe0000000002 ffffc1ffc3196a01 00000000ffffffff 00000000ffffffff
[   17.686175] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.686213] page dumped because: kasan: bad access detected
[   17.686243] 
[   17.686261] Memory state around the buggy address:
[   17.686293]  fff00000c65a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.686335]  fff00000c65aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.686396] >fff00000c65aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.686433]                                               ^
[   17.686467]  fff00000c65aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.686671]  fff00000c65aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.686965] ==================================================================
[   17.614619] ==================================================================
[   17.614670] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   17.614724] Write of size 1 at addr fff00000c5ade8eb by task kunit_try_catch/161
[   17.614772] 
[   17.614805] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.614884] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.614910] Hardware name: linux,dummy-virt (DT)
[   17.614941] Call trace:
[   17.614963]  show_stack+0x20/0x38 (C)
[   17.615021]  dump_stack_lvl+0x8c/0xd0
[   17.615070]  print_report+0x118/0x608
[   17.615115]  kasan_report+0xdc/0x128
[   17.615161]  __asan_report_store1_noabort+0x20/0x30
[   17.615214]  krealloc_less_oob_helper+0xa58/0xc50
[   17.615266]  krealloc_less_oob+0x20/0x38
[   17.615314]  kunit_try_run_case+0x170/0x3f0
[   17.619408]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.619477]  kthread+0x328/0x630
[   17.619525]  ret_from_fork+0x10/0x20
[   17.619575] 
[   17.619593] Allocated by task 161:
[   17.619622]  kasan_save_stack+0x3c/0x68
[   17.619661]  kasan_save_track+0x20/0x40
[   17.619699]  kasan_save_alloc_info+0x40/0x58
[   17.619738]  __kasan_krealloc+0x118/0x178
[   17.619775]  krealloc_noprof+0x128/0x360
[   17.619812]  krealloc_less_oob_helper+0x168/0xc50
[   17.619853]  krealloc_less_oob+0x20/0x38
[   17.619891]  kunit_try_run_case+0x170/0x3f0
[   17.619930]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.620024]  kthread+0x328/0x630
[   17.620307]  ret_from_fork+0x10/0x20
[   17.620932] 
[   17.620958] The buggy address belongs to the object at fff00000c5ade800
[   17.620958]  which belongs to the cache kmalloc-256 of size 256
[   17.621187] The buggy address is located 34 bytes to the right of
[   17.621187]  allocated 201-byte region [fff00000c5ade800, fff00000c5ade8c9)
[   17.621334] 
[   17.621411] The buggy address belongs to the physical page:
[   17.621534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ade
[   17.621780] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.621879] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.621945] page_type: f5(slab)
[   17.621986] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.622035] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.622441] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.622535] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.622624] head: 0bfffe0000000001 ffffc1ffc316b781 00000000ffffffff 00000000ffffffff
[   17.622691] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.622819] page dumped because: kasan: bad access detected
[   17.624201] 
[   17.624315] Memory state around the buggy address:
[   17.624490]  fff00000c5ade780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.624581]  fff00000c5ade800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.624635] >fff00000c5ade880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.624964]                                                           ^
[   17.625033]  fff00000c5ade900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.625106]  fff00000c5ade980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.625764] ==================================================================
[   17.563146] ==================================================================
[   17.563206] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   17.563266] Write of size 1 at addr fff00000c5ade8c9 by task kunit_try_catch/161
[   17.563315] 
[   17.566610] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.566710] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.566737] Hardware name: linux,dummy-virt (DT)
[   17.566769] Call trace:
[   17.566794]  show_stack+0x20/0x38 (C)
[   17.566854]  dump_stack_lvl+0x8c/0xd0
[   17.566903]  print_report+0x118/0x608
[   17.566950]  kasan_report+0xdc/0x128
[   17.566995]  __asan_report_store1_noabort+0x20/0x30
[   17.567052]  krealloc_less_oob_helper+0xa48/0xc50
[   17.567105]  krealloc_less_oob+0x20/0x38
[   17.567153]  kunit_try_run_case+0x170/0x3f0
[   17.567206]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.567262]  kthread+0x328/0x630
[   17.567310]  ret_from_fork+0x10/0x20
[   17.567375] 
[   17.567393] Allocated by task 161:
[   17.567421]  kasan_save_stack+0x3c/0x68
[   17.567461]  kasan_save_track+0x20/0x40
[   17.567498]  kasan_save_alloc_info+0x40/0x58
[   17.567536]  __kasan_krealloc+0x118/0x178
[   17.567573]  krealloc_noprof+0x128/0x360
[   17.567609]  krealloc_less_oob_helper+0x168/0xc50
[   17.567650]  krealloc_less_oob+0x20/0x38
[   17.567688]  kunit_try_run_case+0x170/0x3f0
[   17.567726]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.567771]  kthread+0x328/0x630
[   17.567806]  ret_from_fork+0x10/0x20
[   17.567841] 
[   17.567861] The buggy address belongs to the object at fff00000c5ade800
[   17.567861]  which belongs to the cache kmalloc-256 of size 256
[   17.567918] The buggy address is located 0 bytes to the right of
[   17.567918]  allocated 201-byte region [fff00000c5ade800, fff00000c5ade8c9)
[   17.567979] 
[   17.567999] The buggy address belongs to the physical page:
[   17.568030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ade
[   17.568083] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.568130] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.568185] page_type: f5(slab)
[   17.568226] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.568275] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.568324] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.571659] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.571974] head: 0bfffe0000000001 ffffc1ffc316b781 00000000ffffffff 00000000ffffffff
[   17.572027] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.572067] page dumped because: kasan: bad access detected
[   17.572098] 
[   17.572484] Memory state around the buggy address:
[   17.572968]  fff00000c5ade780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.573089]  fff00000c5ade800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.573443] >fff00000c5ade880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.573564]                                               ^
[   17.573913]  fff00000c5ade900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.573960]  fff00000c5ade980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.573998] ==================================================================
[   17.691492] ==================================================================
[   17.691740] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   17.691956] Write of size 1 at addr fff00000c65aa0da by task kunit_try_catch/165
[   17.692014] 
[   17.692051] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.692131] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.692157] Hardware name: linux,dummy-virt (DT)
[   17.692186] Call trace:
[   17.692208]  show_stack+0x20/0x38 (C)
[   17.692259]  dump_stack_lvl+0x8c/0xd0
[   17.692308]  print_report+0x118/0x608
[   17.692370]  kasan_report+0xdc/0x128
[   17.692415]  __asan_report_store1_noabort+0x20/0x30
[   17.692467]  krealloc_less_oob_helper+0xa80/0xc50
[   17.692519]  krealloc_large_less_oob+0x20/0x38
[   17.692569]  kunit_try_run_case+0x170/0x3f0
[   17.692618]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.692674]  kthread+0x328/0x630
[   17.692721]  ret_from_fork+0x10/0x20
[   17.692772] 
[   17.692791] The buggy address belongs to the physical page:
[   17.692822] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a8
[   17.692873] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.692919] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.692970] page_type: f8(unknown)
[   17.693023] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.693072] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.693120] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.693167] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.693214] head: 0bfffe0000000002 ffffc1ffc3196a01 00000000ffffffff 00000000ffffffff
[   17.693260] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.693298] page dumped because: kasan: bad access detected
[   17.693328] 
[   17.693345] Memory state around the buggy address:
[   17.694512]  fff00000c65a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.694584]  fff00000c65aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.694628] >fff00000c65aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.694666]                                                     ^
[   17.694704]  fff00000c65aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.694746]  fff00000c65aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.694783] ==================================================================
[   17.704749] ==================================================================
[   17.704797] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   17.704853] Write of size 1 at addr fff00000c65aa0eb by task kunit_try_catch/165
[   17.704901] 
[   17.704936] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.705015] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.705040] Hardware name: linux,dummy-virt (DT)
[   17.705071] Call trace:
[   17.705094]  show_stack+0x20/0x38 (C)
[   17.705143]  dump_stack_lvl+0x8c/0xd0
[   17.705191]  print_report+0x118/0x608
[   17.705236]  kasan_report+0xdc/0x128
[   17.705280]  __asan_report_store1_noabort+0x20/0x30
[   17.705332]  krealloc_less_oob_helper+0xa58/0xc50
[   17.705402]  krealloc_large_less_oob+0x20/0x38
[   17.705453]  kunit_try_run_case+0x170/0x3f0
[   17.705507]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.705562]  kthread+0x328/0x630
[   17.705608]  ret_from_fork+0x10/0x20
[   17.705658] 
[   17.705677] The buggy address belongs to the physical page:
[   17.705708] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a8
[   17.706149] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.706237] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.706292] page_type: f8(unknown)
[   17.706489] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.706545] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.706596] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.706644] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.706693] head: 0bfffe0000000002 ffffc1ffc3196a01 00000000ffffffff 00000000ffffffff
[   17.706803] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.707634] page dumped because: kasan: bad access detected
[   17.708413] 
[   17.708448] Memory state around the buggy address:
[   17.708497]  fff00000c65a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.709092]  fff00000c65aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.709141] >fff00000c65aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.709178]                                                           ^
[   17.709217]  fff00000c65aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.711091]  fff00000c65aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.711140] ==================================================================
[   17.695225] ==================================================================
[   17.695273] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   17.695555] Write of size 1 at addr fff00000c65aa0ea by task kunit_try_catch/165
[   17.695618] 
[   17.695649] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.696015] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.696145] Hardware name: linux,dummy-virt (DT)
[   17.696882] Call trace:
[   17.697167]  show_stack+0x20/0x38 (C)
[   17.697342]  dump_stack_lvl+0x8c/0xd0
[   17.697501]  print_report+0x118/0x608
[   17.698782]  kasan_report+0xdc/0x128
[   17.698846]  __asan_report_store1_noabort+0x20/0x30
[   17.698899]  krealloc_less_oob_helper+0xae4/0xc50
[   17.698952]  krealloc_large_less_oob+0x20/0x38
[   17.699003]  kunit_try_run_case+0x170/0x3f0
[   17.699063]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.699119]  kthread+0x328/0x630
[   17.699166]  ret_from_fork+0x10/0x20
[   17.699217] 
[   17.699238] The buggy address belongs to the physical page:
[   17.699271] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a8
[   17.699325] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.699760] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.699970] page_type: f8(unknown)
[   17.700071] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.700164] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.700213] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.701203] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.701276] head: 0bfffe0000000002 ffffc1ffc3196a01 00000000ffffffff 00000000ffffffff
[   17.701329] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.701384] page dumped because: kasan: bad access detected
[   17.702289] 
[   17.702317] Memory state around the buggy address:
[   17.702444]  fff00000c65a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.702490]  fff00000c65aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.702534] >fff00000c65aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.702570]                                                           ^
[   17.702609]  fff00000c65aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.703119]  fff00000c65aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.704203] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2xxIi03DVYToIy9dKnbnDmUoyr6

job_id

TEST:linaro@lkft#2xxImRmF075dm0nsBZ5X666mMHe

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxImRmF075dm0nsBZ5X666mMHe

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIiyPUR36zsQ0H1UAU7CDbti8/Image.gz
sha256sum	b9a9fd4a9b1eed9b2355eb855fcee61950b1feb6d9174198b03424c9d229f427

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIiyPUR36zsQ0H1UAU7CDbti8/modules.tar.xz
sha256sum	369c25ed9d51a74f47b283fc088bebcc674124ca3658d6e259bf0d14f2ebcf1f

durations

tests

boot	0
kunit	197.32

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   16.005103] ==================================================================
[   16.005508] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   16.006379] Write of size 1 at addr ffff88810099d4d0 by task kunit_try_catch/179
[   16.007299] 
[   16.007945] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   16.008054] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.008078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.008384] Call Trace:
[   16.008453]  <TASK>
[   16.008558]  dump_stack_lvl+0x73/0xb0
[   16.008626]  print_report+0xd1/0x650
[   16.008655]  ? __virt_addr_valid+0x1db/0x2d0
[   16.008682]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   16.008708]  ? kasan_complete_mode_report_info+0x2a/0x200
[   16.008732]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   16.008782]  kasan_report+0x141/0x180
[   16.008809]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   16.008840]  __asan_report_store1_noabort+0x1b/0x30
[   16.008862]  krealloc_less_oob_helper+0xe23/0x11d0
[   16.008886]  ? __perf_event_task_sched_in+0x151/0x360
[   16.008915]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.008940]  ? finish_task_switch.isra.0+0x153/0x700
[   16.008966]  ? __switch_to+0x5d9/0xf60
[   16.008988]  ? dequeue_task_fair+0x166/0x4e0
[   16.009015]  ? __schedule+0x10cc/0x2b30
[   16.009038]  ? __pfx_read_tsc+0x10/0x10
[   16.009064]  krealloc_less_oob+0x1c/0x30
[   16.009088]  kunit_try_run_case+0x1a5/0x480
[   16.009152]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.009179]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.009221]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.009260]  ? __kthread_parkme+0x82/0x180
[   16.009297]  ? preempt_count_sub+0x50/0x80
[   16.009336]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.009360]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.009385]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.009418]  kthread+0x337/0x6f0
[   16.009443]  ? trace_preempt_on+0x20/0xc0
[   16.009469]  ? __pfx_kthread+0x10/0x10
[   16.009488]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.009510]  ? calculate_sigpending+0x7b/0xa0
[   16.009533]  ? __pfx_kthread+0x10/0x10
[   16.009552]  ret_from_fork+0x41/0x80
[   16.009574]  ? __pfx_kthread+0x10/0x10
[   16.009594]  ret_from_fork_asm+0x1a/0x30
[   16.009628]  </TASK>
[   16.009642] 
[   16.024439] Allocated by task 179:
[   16.024954]  kasan_save_stack+0x45/0x70
[   16.025238]  kasan_save_track+0x18/0x40
[   16.025439]  kasan_save_alloc_info+0x3b/0x50
[   16.025670]  __kasan_krealloc+0x190/0x1f0
[   16.026599]  krealloc_noprof+0xf3/0x340
[   16.027211]  krealloc_less_oob_helper+0x1aa/0x11d0
[   16.027845]  krealloc_less_oob+0x1c/0x30
[   16.028682]  kunit_try_run_case+0x1a5/0x480
[   16.029229]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.029977]  kthread+0x337/0x6f0
[   16.030219]  ret_from_fork+0x41/0x80
[   16.030620]  ret_from_fork_asm+0x1a/0x30
[   16.031150] 
[   16.031339] The buggy address belongs to the object at ffff88810099d400
[   16.031339]  which belongs to the cache kmalloc-256 of size 256
[   16.032083] The buggy address is located 7 bytes to the right of
[   16.032083]  allocated 201-byte region [ffff88810099d400, ffff88810099d4c9)
[   16.032685] 
[   16.033843] The buggy address belongs to the physical page:
[   16.034109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c
[   16.034796] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.035684] flags: 0x200000000000040(head|node=0|zone=2)
[   16.036001] page_type: f5(slab)
[   16.036580] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.037231] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.037513] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.038600] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.038865] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff
[   16.039094] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.040298] page dumped because: kasan: bad access detected
[   16.040793] 
[   16.040914] Memory state around the buggy address:
[   16.041610]  ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.042370]  ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.042858] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.043306]                                                  ^
[   16.043494]  ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.044692]  ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.045411] ==================================================================
[   16.357513] ==================================================================
[   16.358119] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   16.358529] Write of size 1 at addr ffff888103a020eb by task kunit_try_catch/183
[   16.358852] 
[   16.359028] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   16.359139] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.359163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.359203] Call Trace:
[   16.359245]  <TASK>
[   16.359283]  dump_stack_lvl+0x73/0xb0
[   16.359349]  print_report+0xd1/0x650
[   16.359396]  ? __virt_addr_valid+0x1db/0x2d0
[   16.359444]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   16.359494]  ? kasan_addr_to_slab+0x11/0xa0
[   16.359536]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   16.359573]  kasan_report+0x141/0x180
[   16.359608]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   16.359665]  __asan_report_store1_noabort+0x1b/0x30
[   16.359696]  krealloc_less_oob_helper+0xd47/0x11d0
[   16.359735]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.359786]  ? finish_task_switch.isra.0+0x153/0x700
[   16.359825]  ? __switch_to+0x5d9/0xf60
[   16.359858]  ? dequeue_task_fair+0x166/0x4e0
[   16.359894]  ? __schedule+0x10cc/0x2b30
[   16.359926]  ? __pfx_read_tsc+0x10/0x10
[   16.359962]  krealloc_large_less_oob+0x1c/0x30
[   16.359998]  kunit_try_run_case+0x1a5/0x480
[   16.360035]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.360067]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.360102]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.360136]  ? __kthread_parkme+0x82/0x180
[   16.360170]  ? preempt_count_sub+0x50/0x80
[   16.360205]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.360237]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.360269]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.360301]  kthread+0x337/0x6f0
[   16.360326]  ? trace_preempt_on+0x20/0xc0
[   16.360362]  ? __pfx_kthread+0x10/0x10
[   16.360390]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.360421]  ? calculate_sigpending+0x7b/0xa0
[   16.360456]  ? __pfx_kthread+0x10/0x10
[   16.360630]  ret_from_fork+0x41/0x80
[   16.360682]  ? __pfx_kthread+0x10/0x10
[   16.360721]  ret_from_fork_asm+0x1a/0x30
[   16.360800]  </TASK>
[   16.360827] 
[   16.371982] The buggy address belongs to the physical page:
[   16.372667] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00
[   16.373082] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.373379] flags: 0x200000000000040(head|node=0|zone=2)
[   16.373640] page_type: f8(unknown)
[   16.373907] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.374598] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.375180] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.375780] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.376441] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff
[   16.376821] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.377134] page dumped because: kasan: bad access detected
[   16.377565] 
[   16.377736] Memory state around the buggy address:
[   16.378140]  ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.378615]  ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.379007] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.379677]                                                           ^
[   16.380090]  ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.380452]  ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.380736] ==================================================================
[   16.089626] ==================================================================
[   16.090433] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   16.091655] Write of size 1 at addr ffff88810099d4ea by task kunit_try_catch/179
[   16.092224] 
[   16.092417] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   16.092566] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.092598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.092673] Call Trace:
[   16.092874]  <TASK>
[   16.092918]  dump_stack_lvl+0x73/0xb0
[   16.092993]  print_report+0xd1/0x650
[   16.093032]  ? __virt_addr_valid+0x1db/0x2d0
[   16.093070]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   16.093105]  ? kasan_complete_mode_report_info+0x2a/0x200
[   16.093155]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   16.093191]  kasan_report+0x141/0x180
[   16.093225]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   16.093268]  __asan_report_store1_noabort+0x1b/0x30
[   16.093300]  krealloc_less_oob_helper+0xe90/0x11d0
[   16.093333]  ? __perf_event_task_sched_in+0x151/0x360
[   16.093374]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.093413]  ? finish_task_switch.isra.0+0x153/0x700
[   16.093450]  ? __switch_to+0x5d9/0xf60
[   16.093485]  ? dequeue_task_fair+0x166/0x4e0
[   16.093525]  ? __schedule+0x10cc/0x2b30
[   16.093560]  ? __pfx_read_tsc+0x10/0x10
[   16.093597]  krealloc_less_oob+0x1c/0x30
[   16.093635]  kunit_try_run_case+0x1a5/0x480
[   16.093675]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.093716]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.093776]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.093819]  ? __kthread_parkme+0x82/0x180
[   16.093861]  ? preempt_count_sub+0x50/0x80
[   16.094089]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.094169]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.094229]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.094271]  kthread+0x337/0x6f0
[   16.094305]  ? trace_preempt_on+0x20/0xc0
[   16.094341]  ? __pfx_kthread+0x10/0x10
[   16.094362]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.094386]  ? calculate_sigpending+0x7b/0xa0
[   16.094410]  ? __pfx_kthread+0x10/0x10
[   16.094430]  ret_from_fork+0x41/0x80
[   16.094454]  ? __pfx_kthread+0x10/0x10
[   16.094474]  ret_from_fork_asm+0x1a/0x30
[   16.094508]  </TASK>
[   16.094523] 
[   16.109135] Allocated by task 179:
[   16.109596]  kasan_save_stack+0x45/0x70
[   16.109894]  kasan_save_track+0x18/0x40
[   16.110091]  kasan_save_alloc_info+0x3b/0x50
[   16.110549]  __kasan_krealloc+0x190/0x1f0
[   16.110891]  krealloc_noprof+0xf3/0x340
[   16.111216]  krealloc_less_oob_helper+0x1aa/0x11d0
[   16.111679]  krealloc_less_oob+0x1c/0x30
[   16.112084]  kunit_try_run_case+0x1a5/0x480
[   16.112538]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.112994]  kthread+0x337/0x6f0
[   16.113390]  ret_from_fork+0x41/0x80
[   16.113891]  ret_from_fork_asm+0x1a/0x30
[   16.114359] 
[   16.114601] The buggy address belongs to the object at ffff88810099d400
[   16.114601]  which belongs to the cache kmalloc-256 of size 256
[   16.114956] The buggy address is located 33 bytes to the right of
[   16.114956]  allocated 201-byte region [ffff88810099d400, ffff88810099d4c9)
[   16.115775] 
[   16.116025] The buggy address belongs to the physical page:
[   16.116529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c
[   16.117252] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.118030] flags: 0x200000000000040(head|node=0|zone=2)
[   16.118612] page_type: f5(slab)
[   16.119018] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.119707] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.120235] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.120659] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.121286] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff
[   16.121985] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.122780] page dumped because: kasan: bad access detected
[   16.123141] 
[   16.123416] Memory state around the buggy address:
[   16.123880]  ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.124605]  ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.124848] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.125089]                                                           ^
[   16.125712]  ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.126391]  ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.127064] ==================================================================
[   16.128282] ==================================================================
[   16.128979] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   16.130458] Write of size 1 at addr ffff88810099d4eb by task kunit_try_catch/179
[   16.131055] 
[   16.131239] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   16.131348] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.131373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.131410] Call Trace:
[   16.131452]  <TASK>
[   16.131490]  dump_stack_lvl+0x73/0xb0
[   16.131546]  print_report+0xd1/0x650
[   16.131576]  ? __virt_addr_valid+0x1db/0x2d0
[   16.131603]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   16.131645]  ? kasan_complete_mode_report_info+0x2a/0x200
[   16.131678]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   16.131703]  kasan_report+0x141/0x180
[   16.131728]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   16.131787]  __asan_report_store1_noabort+0x1b/0x30
[   16.131825]  krealloc_less_oob_helper+0xd47/0x11d0
[   16.131867]  ? __perf_event_task_sched_in+0x151/0x360
[   16.131918]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.131961]  ? finish_task_switch.isra.0+0x153/0x700
[   16.132003]  ? __switch_to+0x5d9/0xf60
[   16.132044]  ? dequeue_task_fair+0x166/0x4e0
[   16.132088]  ? __schedule+0x10cc/0x2b30
[   16.132131]  ? __pfx_read_tsc+0x10/0x10
[   16.132180]  krealloc_less_oob+0x1c/0x30
[   16.132227]  kunit_try_run_case+0x1a5/0x480
[   16.132428]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.132470]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.132523]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.132559]  ? __kthread_parkme+0x82/0x180
[   16.132585]  ? preempt_count_sub+0x50/0x80
[   16.132627]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.132666]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.132691]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.132715]  kthread+0x337/0x6f0
[   16.132734]  ? trace_preempt_on+0x20/0xc0
[   16.132777]  ? __pfx_kthread+0x10/0x10
[   16.132799]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.132821]  ? calculate_sigpending+0x7b/0xa0
[   16.132845]  ? __pfx_kthread+0x10/0x10
[   16.132866]  ret_from_fork+0x41/0x80
[   16.132889]  ? __pfx_kthread+0x10/0x10
[   16.132909]  ret_from_fork_asm+0x1a/0x30
[   16.132944]  </TASK>
[   16.132960] 
[   16.146876] Allocated by task 179:
[   16.147267]  kasan_save_stack+0x45/0x70
[   16.147554]  kasan_save_track+0x18/0x40
[   16.148366]  kasan_save_alloc_info+0x3b/0x50
[   16.148790]  __kasan_krealloc+0x190/0x1f0
[   16.150130]  krealloc_noprof+0xf3/0x340
[   16.150606]  krealloc_less_oob_helper+0x1aa/0x11d0
[   16.150901]  krealloc_less_oob+0x1c/0x30
[   16.151677]  kunit_try_run_case+0x1a5/0x480
[   16.151897]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.152460]  kthread+0x337/0x6f0
[   16.152668]  ret_from_fork+0x41/0x80
[   16.153005]  ret_from_fork_asm+0x1a/0x30
[   16.154041] 
[   16.154181] The buggy address belongs to the object at ffff88810099d400
[   16.154181]  which belongs to the cache kmalloc-256 of size 256
[   16.154834] The buggy address is located 34 bytes to the right of
[   16.154834]  allocated 201-byte region [ffff88810099d400, ffff88810099d4c9)
[   16.155491] 
[   16.155671] The buggy address belongs to the physical page:
[   16.156363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c
[   16.156960] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.158581] flags: 0x200000000000040(head|node=0|zone=2)
[   16.158756] page_type: f5(slab)
[   16.158870] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.159026] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.159550] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.160202] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.161065] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff
[   16.161671] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.162277] page dumped because: kasan: bad access detected
[   16.162877] 
[   16.163029] Memory state around the buggy address:
[   16.163277]  ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.163495]  ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.163788] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.164049]                                                           ^
[   16.164642]  ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.165601]  ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.166089] ==================================================================
[   15.959787] ==================================================================
[   15.960792] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   15.961169] Write of size 1 at addr ffff88810099d4c9 by task kunit_try_catch/179
[   15.961578] 
[   15.961822] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   15.961933] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.961957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   15.961996] Call Trace:
[   15.962026]  <TASK>
[   15.962063]  dump_stack_lvl+0x73/0xb0
[   15.962152]  print_report+0xd1/0x650
[   15.962227]  ? __virt_addr_valid+0x1db/0x2d0
[   15.962279]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   15.962332]  ? kasan_complete_mode_report_info+0x2a/0x200
[   15.962383]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   15.962437]  kasan_report+0x141/0x180
[   15.962485]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   15.962680]  __asan_report_store1_noabort+0x1b/0x30
[   15.962727]  krealloc_less_oob_helper+0xd70/0x11d0
[   15.962857]  ? __perf_event_task_sched_in+0x151/0x360
[   15.962924]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   15.962976]  ? finish_task_switch.isra.0+0x153/0x700
[   15.963021]  ? __switch_to+0x5d9/0xf60
[   15.963062]  ? dequeue_task_fair+0x166/0x4e0
[   15.963113]  ? __schedule+0x10cc/0x2b30
[   15.963157]  ? __pfx_read_tsc+0x10/0x10
[   15.963243]  krealloc_less_oob+0x1c/0x30
[   15.963309]  kunit_try_run_case+0x1a5/0x480
[   15.963362]  ? __pfx_kunit_try_run_case+0x10/0x10
[   15.963404]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   15.963446]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   15.963486]  ? __kthread_parkme+0x82/0x180
[   15.963520]  ? preempt_count_sub+0x50/0x80
[   15.963558]  ? __pfx_kunit_try_run_case+0x10/0x10
[   15.963594]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.963686]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   15.963758]  kthread+0x337/0x6f0
[   15.963802]  ? trace_preempt_on+0x20/0xc0
[   15.963857]  ? __pfx_kthread+0x10/0x10
[   15.963902]  ? _raw_spin_unlock_irq+0x47/0x80
[   15.963945]  ? calculate_sigpending+0x7b/0xa0
[   15.963974]  ? __pfx_kthread+0x10/0x10
[   15.963995]  ret_from_fork+0x41/0x80
[   15.964021]  ? __pfx_kthread+0x10/0x10
[   15.964042]  ret_from_fork_asm+0x1a/0x30
[   15.964079]  </TASK>
[   15.964095] 
[   15.977743] Allocated by task 179:
[   15.978276]  kasan_save_stack+0x45/0x70
[   15.978961]  kasan_save_track+0x18/0x40
[   15.979554]  kasan_save_alloc_info+0x3b/0x50
[   15.979767]  __kasan_krealloc+0x190/0x1f0
[   15.980170]  krealloc_noprof+0xf3/0x340
[   15.981224]  krealloc_less_oob_helper+0x1aa/0x11d0
[   15.981866]  krealloc_less_oob+0x1c/0x30
[   15.982194]  kunit_try_run_case+0x1a5/0x480
[   15.982827]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.983374]  kthread+0x337/0x6f0
[   15.983720]  ret_from_fork+0x41/0x80
[   15.983912]  ret_from_fork_asm+0x1a/0x30
[   15.984315] 
[   15.984512] The buggy address belongs to the object at ffff88810099d400
[   15.984512]  which belongs to the cache kmalloc-256 of size 256
[   15.986829] The buggy address is located 0 bytes to the right of
[   15.986829]  allocated 201-byte region [ffff88810099d400, ffff88810099d4c9)
[   15.990507] 
[   15.990784] The buggy address belongs to the physical page:
[   15.991717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c
[   15.992070] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.992338] flags: 0x200000000000040(head|node=0|zone=2)
[   15.992559] page_type: f5(slab)
[   15.992733] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   15.996598] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.997600] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   15.997864] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.998085] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff
[   15.998651] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   15.999102] page dumped because: kasan: bad access detected
[   15.999438] 
[   15.999568] Memory state around the buggy address:
[   16.001045]  ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.001650]  ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.001887] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.002148]                                               ^
[   16.002718]  ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.003416]  ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.004137] ==================================================================
[   16.046455] ==================================================================
[   16.046811] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   16.048119] Write of size 1 at addr ffff88810099d4da by task kunit_try_catch/179
[   16.048985] 
[   16.049425] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   16.049547] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.049577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.049631] Call Trace:
[   16.049689]  <TASK>
[   16.049733]  dump_stack_lvl+0x73/0xb0
[   16.049829]  print_report+0xd1/0x650
[   16.049886]  ? __virt_addr_valid+0x1db/0x2d0
[   16.049953]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   16.050008]  ? kasan_complete_mode_report_info+0x2a/0x200
[   16.050050]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   16.050077]  kasan_report+0x141/0x180
[   16.050117]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   16.050196]  __asan_report_store1_noabort+0x1b/0x30
[   16.050234]  krealloc_less_oob_helper+0xec6/0x11d0
[   16.050695]  ? __perf_event_task_sched_in+0x151/0x360
[   16.050734]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.050792]  ? finish_task_switch.isra.0+0x153/0x700
[   16.050829]  ? __switch_to+0x5d9/0xf60
[   16.050857]  ? dequeue_task_fair+0x166/0x4e0
[   16.050884]  ? __schedule+0x10cc/0x2b30
[   16.050908]  ? __pfx_read_tsc+0x10/0x10
[   16.050935]  krealloc_less_oob+0x1c/0x30
[   16.050958]  kunit_try_run_case+0x1a5/0x480
[   16.050985]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.051008]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.051033]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.051057]  ? __kthread_parkme+0x82/0x180
[   16.051080]  ? preempt_count_sub+0x50/0x80
[   16.051105]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.051144]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.051170]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.051206]  kthread+0x337/0x6f0
[   16.051236]  ? trace_preempt_on+0x20/0xc0
[   16.051277]  ? __pfx_kthread+0x10/0x10
[   16.051309]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.051340]  ? calculate_sigpending+0x7b/0xa0
[   16.051364]  ? __pfx_kthread+0x10/0x10
[   16.051385]  ret_from_fork+0x41/0x80
[   16.051408]  ? __pfx_kthread+0x10/0x10
[   16.051428]  ret_from_fork_asm+0x1a/0x30
[   16.051464]  </TASK>
[   16.051480] 
[   16.067829] Allocated by task 179:
[   16.068856]  kasan_save_stack+0x45/0x70
[   16.069435]  kasan_save_track+0x18/0x40
[   16.069991]  kasan_save_alloc_info+0x3b/0x50
[   16.070492]  __kasan_krealloc+0x190/0x1f0
[   16.070858]  krealloc_noprof+0xf3/0x340
[   16.071200]  krealloc_less_oob_helper+0x1aa/0x11d0
[   16.071514]  krealloc_less_oob+0x1c/0x30
[   16.072026]  kunit_try_run_case+0x1a5/0x480
[   16.073024]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.073500]  kthread+0x337/0x6f0
[   16.073716]  ret_from_fork+0x41/0x80
[   16.073969]  ret_from_fork_asm+0x1a/0x30
[   16.074598] 
[   16.074758] The buggy address belongs to the object at ffff88810099d400
[   16.074758]  which belongs to the cache kmalloc-256 of size 256
[   16.075788] The buggy address is located 17 bytes to the right of
[   16.075788]  allocated 201-byte region [ffff88810099d400, ffff88810099d4c9)
[   16.077080] 
[   16.077293] The buggy address belongs to the physical page:
[   16.077638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c
[   16.078489] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.078927] flags: 0x200000000000040(head|node=0|zone=2)
[   16.079356] page_type: f5(slab)
[   16.079652] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.080111] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.080452] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   16.081829] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.082260] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff
[   16.082765] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.083140] page dumped because: kasan: bad access detected
[   16.083501] 
[   16.083695] Memory state around the buggy address:
[   16.084784]  ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.085719]  ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.086138] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.086680]                                                     ^
[   16.087000]  ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.087601]  ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.088759] ==================================================================
[   16.307761] ==================================================================
[   16.308384] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   16.310061] Write of size 1 at addr ffff888103a020da by task kunit_try_catch/183
[   16.310952] 
[   16.311225] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   16.311335] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.311363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.311406] Call Trace:
[   16.311444]  <TASK>
[   16.311482]  dump_stack_lvl+0x73/0xb0
[   16.311556]  print_report+0xd1/0x650
[   16.311599]  ? __virt_addr_valid+0x1db/0x2d0
[   16.311660]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   16.311709]  ? kasan_addr_to_slab+0x11/0xa0
[   16.311737]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   16.311788]  kasan_report+0x141/0x180
[   16.311814]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   16.311845]  __asan_report_store1_noabort+0x1b/0x30
[   16.311868]  krealloc_less_oob_helper+0xec6/0x11d0
[   16.311896]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.311922]  ? finish_task_switch.isra.0+0x153/0x700
[   16.311948]  ? __switch_to+0x5d9/0xf60
[   16.311971]  ? dequeue_task_fair+0x166/0x4e0
[   16.311997]  ? __schedule+0x10cc/0x2b30
[   16.312020]  ? __pfx_read_tsc+0x10/0x10
[   16.312046]  krealloc_large_less_oob+0x1c/0x30
[   16.312071]  kunit_try_run_case+0x1a5/0x480
[   16.312098]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.312132]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.312165]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.312189]  ? __kthread_parkme+0x82/0x180
[   16.312213]  ? preempt_count_sub+0x50/0x80
[   16.312239]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.312264]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.312287]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.312311]  kthread+0x337/0x6f0
[   16.312330]  ? trace_preempt_on+0x20/0xc0
[   16.312357]  ? __pfx_kthread+0x10/0x10
[   16.312377]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.312399]  ? calculate_sigpending+0x7b/0xa0
[   16.312422]  ? __pfx_kthread+0x10/0x10
[   16.312442]  ret_from_fork+0x41/0x80
[   16.312464]  ? __pfx_kthread+0x10/0x10
[   16.312484]  ret_from_fork_asm+0x1a/0x30
[   16.312519]  </TASK>
[   16.312534] 
[   16.323096] The buggy address belongs to the physical page:
[   16.323620] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00
[   16.324083] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.324631] flags: 0x200000000000040(head|node=0|zone=2)
[   16.325194] page_type: f8(unknown)
[   16.325444] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.325812] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.326338] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.326756] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.327481] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff
[   16.327815] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.328276] page dumped because: kasan: bad access detected
[   16.328506] 
[   16.328628] Memory state around the buggy address:
[   16.328863]  ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.329150]  ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.329429] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.330005]                                                     ^
[   16.330441]  ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.331123]  ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.331903] ==================================================================
[   16.245898] ==================================================================
[   16.246458] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   16.247723] Write of size 1 at addr ffff888103a020c9 by task kunit_try_catch/183
[   16.249276] 
[   16.249472] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   16.249585] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.249610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.249653] Call Trace:
[   16.249685]  <TASK>
[   16.249725]  dump_stack_lvl+0x73/0xb0
[   16.249820]  print_report+0xd1/0x650
[   16.249862]  ? __virt_addr_valid+0x1db/0x2d0
[   16.249909]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   16.249954]  ? kasan_addr_to_slab+0x11/0xa0
[   16.249993]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   16.250038]  kasan_report+0x141/0x180
[   16.250079]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   16.250141]  __asan_report_store1_noabort+0x1b/0x30
[   16.250177]  krealloc_less_oob_helper+0xd70/0x11d0
[   16.250217]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.250266]  ? finish_task_switch.isra.0+0x153/0x700
[   16.250318]  ? __switch_to+0x5d9/0xf60
[   16.250357]  ? dequeue_task_fair+0x166/0x4e0
[   16.250396]  ? __schedule+0x10cc/0x2b30
[   16.250435]  ? __pfx_read_tsc+0x10/0x10
[   16.250484]  krealloc_large_less_oob+0x1c/0x30
[   16.250527]  kunit_try_run_case+0x1a5/0x480
[   16.250576]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.250618]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.250664]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.250707]  ? __kthread_parkme+0x82/0x180
[   16.251579]  ? preempt_count_sub+0x50/0x80
[   16.251688]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.251735]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.251795]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.251833]  kthread+0x337/0x6f0
[   16.251865]  ? trace_preempt_on+0x20/0xc0
[   16.251906]  ? __pfx_kthread+0x10/0x10
[   16.251942]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.251984]  ? calculate_sigpending+0x7b/0xa0
[   16.252027]  ? __pfx_kthread+0x10/0x10
[   16.252064]  ret_from_fork+0x41/0x80
[   16.252144]  ? __pfx_kthread+0x10/0x10
[   16.252183]  ret_from_fork_asm+0x1a/0x30
[   16.252246]  </TASK>
[   16.252272] 
[   16.271854] The buggy address belongs to the physical page:
[   16.272456] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00
[   16.273074] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.273472] flags: 0x200000000000040(head|node=0|zone=2)
[   16.273796] page_type: f8(unknown)
[   16.274119] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.274512] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.275126] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.275466] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.275795] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff
[   16.276536] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.277170] page dumped because: kasan: bad access detected
[   16.277479] 
[   16.277608] Memory state around the buggy address:
[   16.278061]  ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.278720]  ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.279163] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.279619]                                               ^
[   16.280233]  ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.280822]  ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.281236] ==================================================================
[   16.282688] ==================================================================
[   16.283062] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   16.283405] Write of size 1 at addr ffff888103a020d0 by task kunit_try_catch/183
[   16.284116] 
[   16.285180] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   16.285285] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.285307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.285345] Call Trace:
[   16.285579]  <TASK>
[   16.285618]  dump_stack_lvl+0x73/0xb0
[   16.285703]  print_report+0xd1/0x650
[   16.285760]  ? __virt_addr_valid+0x1db/0x2d0
[   16.285806]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   16.285844]  ? kasan_addr_to_slab+0x11/0xa0
[   16.285884]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   16.285931]  kasan_report+0x141/0x180
[   16.285969]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   16.286027]  __asan_report_store1_noabort+0x1b/0x30
[   16.286076]  krealloc_less_oob_helper+0xe23/0x11d0
[   16.286173]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.286224]  ? finish_task_switch.isra.0+0x153/0x700
[   16.286259]  ? __switch_to+0x5d9/0xf60
[   16.286282]  ? dequeue_task_fair+0x166/0x4e0
[   16.286309]  ? __schedule+0x10cc/0x2b30
[   16.286333]  ? __pfx_read_tsc+0x10/0x10
[   16.286359]  krealloc_large_less_oob+0x1c/0x30
[   16.286384]  kunit_try_run_case+0x1a5/0x480
[   16.286411]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.286434]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.286459]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.286483]  ? __kthread_parkme+0x82/0x180
[   16.286507]  ? preempt_count_sub+0x50/0x80
[   16.286532]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.286557]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.286580]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.286604]  kthread+0x337/0x6f0
[   16.286623]  ? trace_preempt_on+0x20/0xc0
[   16.286648]  ? __pfx_kthread+0x10/0x10
[   16.286668]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.286690]  ? calculate_sigpending+0x7b/0xa0
[   16.286713]  ? __pfx_kthread+0x10/0x10
[   16.286733]  ret_from_fork+0x41/0x80
[   16.286781]  ? __pfx_kthread+0x10/0x10
[   16.286804]  ret_from_fork_asm+0x1a/0x30
[   16.286839]  </TASK>
[   16.286854] 
[   16.296920] The buggy address belongs to the physical page:
[   16.297450] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00
[   16.297893] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.298330] flags: 0x200000000000040(head|node=0|zone=2)
[   16.298601] page_type: f8(unknown)
[   16.298821] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.299310] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.299912] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.300525] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.300867] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff
[   16.301238] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.301802] page dumped because: kasan: bad access detected
[   16.302250] 
[   16.302435] Memory state around the buggy address:
[   16.302833]  ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.303203]  ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.303488] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.303776]                                                  ^
[   16.304028]  ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.304564]  ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.305152] ==================================================================
[   16.333180] ==================================================================
[   16.333532] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   16.333817] Write of size 1 at addr ffff888103a020ea by task kunit_try_catch/183
[   16.334032] 
[   16.334160] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   16.334249] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.334272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.334309] Call Trace:
[   16.334347]  <TASK>
[   16.334383]  dump_stack_lvl+0x73/0xb0
[   16.334442]  print_report+0xd1/0x650
[   16.334488]  ? __virt_addr_valid+0x1db/0x2d0
[   16.334537]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   16.334589]  ? kasan_addr_to_slab+0x11/0xa0
[   16.334636]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   16.334689]  kasan_report+0x141/0x180
[   16.334741]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   16.334822]  __asan_report_store1_noabort+0x1b/0x30
[   16.334875]  krealloc_less_oob_helper+0xe90/0x11d0
[   16.334934]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   16.334986]  ? finish_task_switch.isra.0+0x153/0x700
[   16.335036]  ? __switch_to+0x5d9/0xf60
[   16.335081]  ? dequeue_task_fair+0x166/0x4e0
[   16.335134]  ? __schedule+0x10cc/0x2b30
[   16.335182]  ? __pfx_read_tsc+0x10/0x10
[   16.335234]  krealloc_large_less_oob+0x1c/0x30
[   16.335274]  kunit_try_run_case+0x1a5/0x480
[   16.335328]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.335375]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.335428]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.335479]  ? __kthread_parkme+0x82/0x180
[   16.335521]  ? preempt_count_sub+0x50/0x80
[   16.335564]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.335609]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.335664]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.335704]  kthread+0x337/0x6f0
[   16.335739]  ? trace_preempt_on+0x20/0xc0
[   16.335801]  ? __pfx_kthread+0x10/0x10
[   16.335843]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.335890]  ? calculate_sigpending+0x7b/0xa0
[   16.335940]  ? __pfx_kthread+0x10/0x10
[   16.335984]  ret_from_fork+0x41/0x80
[   16.336032]  ? __pfx_kthread+0x10/0x10
[   16.336074]  ret_from_fork_asm+0x1a/0x30
[   16.336148]  </TASK>
[   16.336178] 
[   16.347290] The buggy address belongs to the physical page:
[   16.347851] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00
[   16.348633] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.348952] flags: 0x200000000000040(head|node=0|zone=2)
[   16.349413] page_type: f8(unknown)
[   16.349766] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.350402] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.350726] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.351040] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.351850] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff
[   16.352561] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.352952] page dumped because: kasan: bad access detected
[   16.353310] 
[   16.353484] Memory state around the buggy address:
[   16.353869]  ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.354396]  ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.354839] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.355164]                                                           ^
[   16.355572]  ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.356072]  ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.356475] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2xxIi03DVYToIy9dKnbnDmUoyr6

job_id

TEST:linaro@lkft#2xxInfPddVDXGngffC9JR7X5Cmc

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxInfPddVDXGngffC9JR7X5Cmc

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIk5ew4LuOqFkcEQccT7nGfYz/bzImage
sha256sum	fa931e11017c8ca987af58467ceac4cfbdb749e86f43584874b54f325b4fc4f3

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIk5ew4LuOqFkcEQccT7nGfYz/modules.tar.xz
sha256sum	7c34359c003080a3ab3b531ece9044002fd87f98de8d7cd8150985fcf69c24ac

durations

tests

boot	0
kunit	459.25

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - e850-96 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit