lkft/linux-stable-rc-linux-6.15.y - v6.15-50-g86677b94d603 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper

Date

June 2, 2025, 2:11 p.m.

Environment
e850-96
qemu-arm64
qemu-x86_64

[   22.315679] ==================================================================
[   22.322798] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   22.330346] Write of size 1 at addr ffff0008031fe0f0 by task kunit_try_catch/207
[   22.337724] 
[   22.339206] CPU: 5 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   22.339256] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.339272] Hardware name: WinLink E850-96 board (DT)
[   22.339287] Call trace:
[   22.339300]  show_stack+0x20/0x38 (C)
[   22.339329]  dump_stack_lvl+0x8c/0xd0
[   22.339361]  print_report+0x118/0x608
[   22.339393]  kasan_report+0xdc/0x128
[   22.339419]  __asan_report_store1_noabort+0x20/0x30
[   22.339451]  krealloc_more_oob_helper+0x5c0/0x678
[   22.339486]  krealloc_large_more_oob+0x20/0x38
[   22.339518]  kunit_try_run_case+0x170/0x3f0
[   22.339553]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.339591]  kthread+0x328/0x630
[   22.339622]  ret_from_fork+0x10/0x20
[   22.339653] 
[   22.407080] The buggy address belongs to the physical page:
[   22.412638] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8831fc
[   22.420623] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.428262] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.435205] page_type: f8(unknown)
[   22.438598] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.446322] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.454048] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.461860] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.469673] head: 0bfffe0000000002 fffffdffe00c7f01 00000000ffffffff 00000000ffffffff
[   22.477485] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   22.485291] page dumped because: kasan: bad access detected
[   22.490846] 
[   22.492322] Memory state around the buggy address:
[   22.497101]  ffff0008031fdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.504305]  ffff0008031fe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.511509] >ffff0008031fe080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   22.518710]                                                              ^
[   22.525571]  ffff0008031fe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.532776]  ffff0008031fe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.539977] ==================================================================
[   19.926730] ==================================================================
[   19.935854] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   19.943403] Write of size 1 at addr ffff0008030fc8eb by task kunit_try_catch/203
[   19.950780] 
[   19.952266] CPU: 5 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   19.952319] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.952333] Hardware name: WinLink E850-96 board (DT)
[   19.952352] Call trace:
[   19.952364]  show_stack+0x20/0x38 (C)
[   19.952400]  dump_stack_lvl+0x8c/0xd0
[   19.952440]  print_report+0x118/0x608
[   19.952471]  kasan_report+0xdc/0x128
[   19.952497]  __asan_report_store1_noabort+0x20/0x30
[   19.952531]  krealloc_more_oob_helper+0x60c/0x678
[   19.952565]  krealloc_more_oob+0x20/0x38
[   19.952596]  kunit_try_run_case+0x170/0x3f0
[   19.952631]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.952668]  kthread+0x328/0x630
[   19.952701]  ret_from_fork+0x10/0x20
[   19.952736] 
[   20.019617] Allocated by task 203:
[   20.023005]  kasan_save_stack+0x3c/0x68
[   20.026821]  kasan_save_track+0x20/0x40
[   20.030640]  kasan_save_alloc_info+0x40/0x58
[   20.034894]  __kasan_krealloc+0x118/0x178
[   20.038887]  krealloc_noprof+0x128/0x360
[   20.042793]  krealloc_more_oob_helper+0x168/0x678
[   20.047482]  krealloc_more_oob+0x20/0x38
[   20.051386]  kunit_try_run_case+0x170/0x3f0
[   20.055553]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.061021]  kthread+0x328/0x630
[   20.064233]  ret_from_fork+0x10/0x20
[   20.067792] 
[   20.069271] The buggy address belongs to the object at ffff0008030fc800
[   20.069271]  which belongs to the cache kmalloc-256 of size 256
[   20.081770] The buggy address is located 0 bytes to the right of
[   20.081770]  allocated 235-byte region [ffff0008030fc800, ffff0008030fc8eb)
[   20.094701] 
[   20.096181] The buggy address belongs to the physical page:
[   20.101738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8830fc
[   20.109722] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.117360] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.124304] page_type: f5(slab)
[   20.127440] raw: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   20.135159] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   20.142886] head: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   20.150697] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   20.158510] head: 0bfffe0000000002 fffffdffe00c3f01 00000000ffffffff 00000000ffffffff
[   20.166322] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   20.174127] page dumped because: kasan: bad access detected
[   20.179684] 
[   20.181160] Memory state around the buggy address:
[   20.185940]  ffff0008030fc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.193141]  ffff0008030fc800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.200347] >ffff0008030fc880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   20.207547]                                                           ^
[   20.214148]  ffff0008030fc900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.221353]  ffff0008030fc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.228555] ==================================================================
[   22.082075] ==================================================================
[   22.091464] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   22.099014] Write of size 1 at addr ffff0008031fe0eb by task kunit_try_catch/207
[   22.106391] 
[   22.107876] CPU: 5 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   22.107926] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.107941] Hardware name: WinLink E850-96 board (DT)
[   22.107961] Call trace:
[   22.107976]  show_stack+0x20/0x38 (C)
[   22.108012]  dump_stack_lvl+0x8c/0xd0
[   22.108045]  print_report+0x118/0x608
[   22.108076]  kasan_report+0xdc/0x128
[   22.108104]  __asan_report_store1_noabort+0x20/0x30
[   22.108139]  krealloc_more_oob_helper+0x60c/0x678
[   22.108175]  krealloc_large_more_oob+0x20/0x38
[   22.108207]  kunit_try_run_case+0x170/0x3f0
[   22.108244]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.108284]  kthread+0x328/0x630
[   22.108322]  ret_from_fork+0x10/0x20
[   22.108356] 
[   22.175750] The buggy address belongs to the physical page:
[   22.181306] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8831fc
[   22.189292] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.196931] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.203873] page_type: f8(unknown)
[   22.207267] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.214989] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.222715] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.230527] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.238339] head: 0bfffe0000000002 fffffdffe00c7f01 00000000ffffffff 00000000ffffffff
[   22.246151] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   22.253957] page dumped because: kasan: bad access detected
[   22.259514] 
[   22.260990] Memory state around the buggy address:
[   22.265768]  ffff0008031fdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.272972]  ffff0008031fe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.280176] >ffff0008031fe080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   22.287377]                                                           ^
[   22.293978]  ffff0008031fe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.301183]  ffff0008031fe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.308385] ==================================================================
[   20.236014] ==================================================================
[   20.242969] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   20.250515] Write of size 1 at addr ffff0008030fc8f0 by task kunit_try_catch/203
[   20.257894] 
[   20.259378] CPU: 5 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   20.259432] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.259447] Hardware name: WinLink E850-96 board (DT)
[   20.259467] Call trace:
[   20.259479]  show_stack+0x20/0x38 (C)
[   20.259512]  dump_stack_lvl+0x8c/0xd0
[   20.259543]  print_report+0x118/0x608
[   20.259570]  kasan_report+0xdc/0x128
[   20.259599]  __asan_report_store1_noabort+0x20/0x30
[   20.259633]  krealloc_more_oob_helper+0x5c0/0x678
[   20.259666]  krealloc_more_oob+0x20/0x38
[   20.259698]  kunit_try_run_case+0x170/0x3f0
[   20.259732]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.259768]  kthread+0x328/0x630
[   20.259800]  ret_from_fork+0x10/0x20
[   20.259830] 
[   20.326731] Allocated by task 203:
[   20.330115]  kasan_save_stack+0x3c/0x68
[   20.333934]  kasan_save_track+0x20/0x40
[   20.337754]  kasan_save_alloc_info+0x40/0x58
[   20.342007]  __kasan_krealloc+0x118/0x178
[   20.346000]  krealloc_noprof+0x128/0x360
[   20.349906]  krealloc_more_oob_helper+0x168/0x678
[   20.354595]  krealloc_more_oob+0x20/0x38
[   20.358500]  kunit_try_run_case+0x170/0x3f0
[   20.362667]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.368135]  kthread+0x328/0x630
[   20.371347]  ret_from_fork+0x10/0x20
[   20.374906] 
[   20.376383] The buggy address belongs to the object at ffff0008030fc800
[   20.376383]  which belongs to the cache kmalloc-256 of size 256
[   20.388883] The buggy address is located 5 bytes to the right of
[   20.388883]  allocated 235-byte region [ffff0008030fc800, ffff0008030fc8eb)
[   20.401815] 
[   20.403292] The buggy address belongs to the physical page:
[   20.408848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8830fc
[   20.416834] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.424473] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.431417] page_type: f5(slab)
[   20.434549] raw: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   20.442272] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   20.449999] head: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   20.457810] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   20.465623] head: 0bfffe0000000002 fffffdffe00c3f01 00000000ffffffff 00000000ffffffff
[   20.473435] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   20.481241] page dumped because: kasan: bad access detected
[   20.486798] 
[   20.488272] Memory state around the buggy address:
[   20.493052]  ffff0008030fc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.500255]  ffff0008030fc800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.507460] >ffff0008030fc880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   20.514661]                                                              ^
[   20.521521]  ffff0008030fc900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.528726]  ffff0008030fc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.535928] ==================================================================

Metadata Full log Test run details

[   17.544296] ==================================================================
[   17.544344] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   17.544419] Write of size 1 at addr fff00000c5ade6f0 by task kunit_try_catch/159
[   17.544467] 
[   17.544498] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.544577] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.544603] Hardware name: linux,dummy-virt (DT)
[   17.544633] Call trace:
[   17.544655]  show_stack+0x20/0x38 (C)
[   17.544704]  dump_stack_lvl+0x8c/0xd0
[   17.544753]  print_report+0x118/0x608
[   17.544798]  kasan_report+0xdc/0x128
[   17.544842]  __asan_report_store1_noabort+0x20/0x30
[   17.544894]  krealloc_more_oob_helper+0x5c0/0x678
[   17.544945]  krealloc_more_oob+0x20/0x38
[   17.544993]  kunit_try_run_case+0x170/0x3f0
[   17.545047]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.545104]  kthread+0x328/0x630
[   17.545151]  ret_from_fork+0x10/0x20
[   17.545199] 
[   17.545217] Allocated by task 159:
[   17.545246]  kasan_save_stack+0x3c/0x68
[   17.545285]  kasan_save_track+0x20/0x40
[   17.545320]  kasan_save_alloc_info+0x40/0x58
[   17.549622]  __kasan_krealloc+0x118/0x178
[   17.549679]  krealloc_noprof+0x128/0x360
[   17.550239]  krealloc_more_oob_helper+0x168/0x678
[   17.550622]  krealloc_more_oob+0x20/0x38
[   17.550665]  kunit_try_run_case+0x170/0x3f0
[   17.550706]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.551036]  kthread+0x328/0x630
[   17.551076]  ret_from_fork+0x10/0x20
[   17.551113] 
[   17.551133] The buggy address belongs to the object at fff00000c5ade600
[   17.551133]  which belongs to the cache kmalloc-256 of size 256
[   17.551862] The buggy address is located 5 bytes to the right of
[   17.551862]  allocated 235-byte region [fff00000c5ade600, fff00000c5ade6eb)
[   17.551929] 
[   17.551950] The buggy address belongs to the physical page:
[   17.551988] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ade
[   17.552041] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.552087] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.552139] page_type: f5(slab)
[   17.552177] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.552227] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.552276] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.552327] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.552388] head: 0bfffe0000000001 ffffc1ffc316b781 00000000ffffffff 00000000ffffffff
[   17.552435] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.552474] page dumped because: kasan: bad access detected
[   17.552504] 
[   17.552522] Memory state around the buggy address:
[   17.552553]  fff00000c5ade580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.552596]  fff00000c5ade600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.552638] >fff00000c5ade680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   17.552675]                                                              ^
[   17.552713]  fff00000c5ade700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.552753]  fff00000c5ade780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.552790] ==================================================================
[   17.534661] ==================================================================
[   17.534726] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   17.534793] Write of size 1 at addr fff00000c5ade6eb by task kunit_try_catch/159
[   17.534842] 
[   17.534878] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.534961] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.534986] Hardware name: linux,dummy-virt (DT)
[   17.535025] Call trace:
[   17.535048]  show_stack+0x20/0x38 (C)
[   17.535101]  dump_stack_lvl+0x8c/0xd0
[   17.535152]  print_report+0x118/0x608
[   17.535197]  kasan_report+0xdc/0x128
[   17.535242]  __asan_report_store1_noabort+0x20/0x30
[   17.535293]  krealloc_more_oob_helper+0x60c/0x678
[   17.535345]  krealloc_more_oob+0x20/0x38
[   17.535407]  kunit_try_run_case+0x170/0x3f0
[   17.535458]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.535513]  kthread+0x328/0x630
[   17.535559]  ret_from_fork+0x10/0x20
[   17.535609] 
[   17.535627] Allocated by task 159:
[   17.535655]  kasan_save_stack+0x3c/0x68
[   17.535694]  kasan_save_track+0x20/0x40
[   17.535730]  kasan_save_alloc_info+0x40/0x58
[   17.535768]  __kasan_krealloc+0x118/0x178
[   17.535803]  krealloc_noprof+0x128/0x360
[   17.535841]  krealloc_more_oob_helper+0x168/0x678
[   17.535882]  krealloc_more_oob+0x20/0x38
[   17.535920]  kunit_try_run_case+0x170/0x3f0
[   17.535958]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.536003]  kthread+0x328/0x630
[   17.536037]  ret_from_fork+0x10/0x20
[   17.536073] 
[   17.536092] The buggy address belongs to the object at fff00000c5ade600
[   17.536092]  which belongs to the cache kmalloc-256 of size 256
[   17.536150] The buggy address is located 0 bytes to the right of
[   17.536150]  allocated 235-byte region [fff00000c5ade600, fff00000c5ade6eb)
[   17.536211] 
[   17.536231] The buggy address belongs to the physical page:
[   17.536264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ade
[   17.536317] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.541361] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.541438] page_type: f5(slab)
[   17.541727] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.541779] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.541828] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.542573] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.542627] head: 0bfffe0000000001 ffffc1ffc316b781 00000000ffffffff 00000000ffffffff
[   17.542873] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.543148] page dumped because: kasan: bad access detected
[   17.543182] 
[   17.543200] Memory state around the buggy address:
[   17.543236]  fff00000c5ade580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.543570]  fff00000c5ade600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.543620] >fff00000c5ade680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   17.543657]                                                           ^
[   17.543697]  fff00000c5ade700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.543738]  fff00000c5ade780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.543775] ==================================================================
[   17.665742] ==================================================================
[   17.665792] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   17.665851] Write of size 1 at addr fff00000c65aa0f0 by task kunit_try_catch/163
[   17.665902] 
[   17.665938] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.666018] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.666044] Hardware name: linux,dummy-virt (DT)
[   17.666075] Call trace:
[   17.666098]  show_stack+0x20/0x38 (C)
[   17.666146]  dump_stack_lvl+0x8c/0xd0
[   17.666196]  print_report+0x118/0x608
[   17.666241]  kasan_report+0xdc/0x128
[   17.666285]  __asan_report_store1_noabort+0x20/0x30
[   17.666338]  krealloc_more_oob_helper+0x5c0/0x678
[   17.666403]  krealloc_large_more_oob+0x20/0x38
[   17.666454]  kunit_try_run_case+0x170/0x3f0
[   17.666504]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.666559]  kthread+0x328/0x630
[   17.666605]  ret_from_fork+0x10/0x20
[   17.666654] 
[   17.666673] The buggy address belongs to the physical page:
[   17.666704] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a8
[   17.666757] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.666804] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.666855] page_type: f8(unknown)
[   17.666893] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.666943] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.666993] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.667047] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.668782] head: 0bfffe0000000002 ffffc1ffc3196a01 00000000ffffffff 00000000ffffffff
[   17.669028] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.669296] page dumped because: kasan: bad access detected
[   17.669606] 
[   17.669628] Memory state around the buggy address:
[   17.669664]  fff00000c65a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.669709]  fff00000c65aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.669752] >fff00000c65aa080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   17.669789]                                                              ^
[   17.669853]  fff00000c65aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.669897]  fff00000c65aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.669934] ==================================================================
[   17.652331] ==================================================================
[   17.652422] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   17.652496] Write of size 1 at addr fff00000c65aa0eb by task kunit_try_catch/163
[   17.652546] 
[   17.652585] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT 
[   17.652669] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.652696] Hardware name: linux,dummy-virt (DT)
[   17.652729] Call trace:
[   17.652752]  show_stack+0x20/0x38 (C)
[   17.652803]  dump_stack_lvl+0x8c/0xd0
[   17.652853]  print_report+0x118/0x608
[   17.652898]  kasan_report+0xdc/0x128
[   17.652942]  __asan_report_store1_noabort+0x20/0x30
[   17.652993]  krealloc_more_oob_helper+0x60c/0x678
[   17.653045]  krealloc_large_more_oob+0x20/0x38
[   17.653095]  kunit_try_run_case+0x170/0x3f0
[   17.653146]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.656740]  kthread+0x328/0x630
[   17.656869]  ret_from_fork+0x10/0x20
[   17.657338] 
[   17.658718] The buggy address belongs to the physical page:
[   17.660077] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a8
[   17.661455] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.661551] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.661612] page_type: f8(unknown)
[   17.662438] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.662511] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.662696] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.662843] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.663052] head: 0bfffe0000000002 ffffc1ffc3196a01 00000000ffffffff 00000000ffffffff
[   17.663144] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.663290] page dumped because: kasan: bad access detected
[   17.663342] 
[   17.663373] Memory state around the buggy address:
[   17.663409]  fff00000c65a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.663794]  fff00000c65aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.663992] >fff00000c65aa080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   17.664084]                                                           ^
[   17.664152]  fff00000c65aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.664254]  fff00000c65aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.665145] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2xxIi03DVYToIy9dKnbnDmUoyr6

job_id

TEST:linaro@lkft#2xxImRmF075dm0nsBZ5X666mMHe

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxImRmF075dm0nsBZ5X666mMHe

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIiyPUR36zsQ0H1UAU7CDbti8/Image.gz
sha256sum	b9a9fd4a9b1eed9b2355eb855fcee61950b1feb6d9174198b03424c9d229f427

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIiyPUR36zsQ0H1UAU7CDbti8/modules.tar.xz
sha256sum	369c25ed9d51a74f47b283fc088bebcc674124ca3658d6e259bf0d14f2ebcf1f

durations

tests

boot	0
kunit	197.32

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   16.173557] ==================================================================
[   16.174268] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   16.175044] Write of size 1 at addr ffff888103a020eb by task kunit_try_catch/181
[   16.175410] 
[   16.175575] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   16.175690] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.175777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.175817] Call Trace:
[   16.175844]  <TASK>
[   16.175880]  dump_stack_lvl+0x73/0xb0
[   16.175947]  print_report+0xd1/0x650
[   16.175996]  ? __virt_addr_valid+0x1db/0x2d0
[   16.176044]  ? krealloc_more_oob_helper+0x821/0x930
[   16.176077]  ? kasan_addr_to_slab+0x11/0xa0
[   16.176118]  ? krealloc_more_oob_helper+0x821/0x930
[   16.176153]  kasan_report+0x141/0x180
[   16.176192]  ? krealloc_more_oob_helper+0x821/0x930
[   16.176237]  __asan_report_store1_noabort+0x1b/0x30
[   16.176280]  krealloc_more_oob_helper+0x821/0x930
[   16.176313]  ? __schedule+0x10cc/0x2b30
[   16.176362]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   16.176408]  ? finish_task_switch.isra.0+0x153/0x700
[   16.176462]  ? __switch_to+0x5d9/0xf60
[   16.176895]  ? dequeue_task_fair+0x166/0x4e0
[   16.177256]  ? __schedule+0x10cc/0x2b30
[   16.177328]  ? __pfx_read_tsc+0x10/0x10
[   16.177371]  krealloc_large_more_oob+0x1c/0x30
[   16.177408]  kunit_try_run_case+0x1a5/0x480
[   16.177450]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.177484]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.177522]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.177558]  ? __kthread_parkme+0x82/0x180
[   16.177593]  ? preempt_count_sub+0x50/0x80
[   16.177634]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.177670]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.177705]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.177740]  kthread+0x337/0x6f0
[   16.177786]  ? trace_preempt_on+0x20/0xc0
[   16.177828]  ? __pfx_kthread+0x10/0x10
[   16.177858]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.177895]  ? calculate_sigpending+0x7b/0xa0
[   16.177938]  ? __pfx_kthread+0x10/0x10
[   16.177979]  ret_from_fork+0x41/0x80
[   16.178026]  ? __pfx_kthread+0x10/0x10
[   16.178068]  ret_from_fork_asm+0x1a/0x30
[   16.178258]  </TASK>
[   16.178290] 
[   16.194588] The buggy address belongs to the physical page:
[   16.195322] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00
[   16.195828] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.196728] flags: 0x200000000000040(head|node=0|zone=2)
[   16.196983] page_type: f8(unknown)
[   16.197108] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.197715] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.199133] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.199861] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.200421] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff
[   16.201064] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.201800] page dumped because: kasan: bad access detected
[   16.202070] 
[   16.202759] Memory state around the buggy address:
[   16.203352]  ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.203980]  ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.204679] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   16.204867]                                                           ^
[   16.205012]  ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.205217]  ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.205533] ==================================================================
[   15.886718] ==================================================================
[   15.887321] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   15.888026] Write of size 1 at addr ffff8881003570eb by task kunit_try_catch/177
[   15.889034] 
[   15.889174] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   15.889362] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.889390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   15.889465] Call Trace:
[   15.889500]  <TASK>
[   15.889552]  dump_stack_lvl+0x73/0xb0
[   15.889635]  print_report+0xd1/0x650
[   15.889691]  ? __virt_addr_valid+0x1db/0x2d0
[   15.889741]  ? krealloc_more_oob_helper+0x821/0x930
[   15.889800]  ? kasan_complete_mode_report_info+0x2a/0x200
[   15.889850]  ? krealloc_more_oob_helper+0x821/0x930
[   15.889900]  kasan_report+0x141/0x180
[   15.889953]  ? krealloc_more_oob_helper+0x821/0x930
[   15.890004]  __asan_report_store1_noabort+0x1b/0x30
[   15.890042]  krealloc_more_oob_helper+0x821/0x930
[   15.890076]  ? trace_hardirqs_on+0x37/0xe0
[   15.890125]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   15.890174]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   15.890210]  ? __pfx_krealloc_more_oob+0x10/0x10
[   15.890237]  krealloc_more_oob+0x1c/0x30
[   15.890257]  kunit_try_run_case+0x1a5/0x480
[   15.890287]  ? __pfx_kunit_try_run_case+0x10/0x10
[   15.890311]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   15.890338]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   15.890363]  ? __kthread_parkme+0x82/0x180
[   15.890388]  ? preempt_count_sub+0x50/0x80
[   15.890417]  ? __pfx_kunit_try_run_case+0x10/0x10
[   15.890443]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.890468]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   15.890493]  kthread+0x337/0x6f0
[   15.890513]  ? trace_preempt_on+0x20/0xc0
[   15.890537]  ? __pfx_kthread+0x10/0x10
[   15.890557]  ? _raw_spin_unlock_irq+0x47/0x80
[   15.890581]  ? calculate_sigpending+0x7b/0xa0
[   15.890605]  ? __pfx_kthread+0x10/0x10
[   15.890626]  ret_from_fork+0x41/0x80
[   15.890651]  ? __pfx_kthread+0x10/0x10
[   15.890671]  ret_from_fork_asm+0x1a/0x30
[   15.890706]  </TASK>
[   15.890722] 
[   15.901448] Allocated by task 177:
[   15.901911]  kasan_save_stack+0x45/0x70
[   15.902353]  kasan_save_track+0x18/0x40
[   15.902706]  kasan_save_alloc_info+0x3b/0x50
[   15.903062]  __kasan_krealloc+0x190/0x1f0
[   15.903467]  krealloc_noprof+0xf3/0x340
[   15.903807]  krealloc_more_oob_helper+0x1a9/0x930
[   15.904142]  krealloc_more_oob+0x1c/0x30
[   15.904503]  kunit_try_run_case+0x1a5/0x480
[   15.904837]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.905280]  kthread+0x337/0x6f0
[   15.905619]  ret_from_fork+0x41/0x80
[   15.905823]  ret_from_fork_asm+0x1a/0x30
[   15.906243] 
[   15.906437] The buggy address belongs to the object at ffff888100357000
[   15.906437]  which belongs to the cache kmalloc-256 of size 256
[   15.907198] The buggy address is located 0 bytes to the right of
[   15.907198]  allocated 235-byte region [ffff888100357000, ffff8881003570eb)
[   15.907869] 
[   15.908032] The buggy address belongs to the physical page:
[   15.908540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100356
[   15.908987] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.909517] flags: 0x200000000000040(head|node=0|zone=2)
[   15.909892] page_type: f5(slab)
[   15.910240] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   15.910647] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.911285] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   15.911688] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.912006] head: 0200000000000001 ffffea000400d581 00000000ffffffff 00000000ffffffff
[   15.912480] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   15.913098] page dumped because: kasan: bad access detected
[   15.913554] 
[   15.913730] Memory state around the buggy address:
[   15.914172]  ffff888100356f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.914701]  ffff888100357000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.915247] >ffff888100357080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   15.915719]                                                           ^
[   15.916220]  ffff888100357100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.916705]  ffff888100357180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.917097] ==================================================================
[   15.918838] ==================================================================
[   15.919372] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   15.921393] Write of size 1 at addr ffff8881003570f0 by task kunit_try_catch/177
[   15.922064] 
[   15.922376] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   15.922513] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.922541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   15.922587] Call Trace:
[   15.922629]  <TASK>
[   15.922674]  dump_stack_lvl+0x73/0xb0
[   15.922771]  print_report+0xd1/0x650
[   15.922807]  ? __virt_addr_valid+0x1db/0x2d0
[   15.922835]  ? krealloc_more_oob_helper+0x7eb/0x930
[   15.922858]  ? kasan_complete_mode_report_info+0x2a/0x200
[   15.922884]  ? krealloc_more_oob_helper+0x7eb/0x930
[   15.922907]  kasan_report+0x141/0x180
[   15.922932]  ? krealloc_more_oob_helper+0x7eb/0x930
[   15.922960]  __asan_report_store1_noabort+0x1b/0x30
[   15.922984]  krealloc_more_oob_helper+0x7eb/0x930
[   15.923005]  ? trace_hardirqs_on+0x37/0xe0
[   15.923032]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   15.923054]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   15.923087]  ? __pfx_krealloc_more_oob+0x10/0x10
[   15.923122]  krealloc_more_oob+0x1c/0x30
[   15.923171]  kunit_try_run_case+0x1a5/0x480
[   15.923202]  ? __pfx_kunit_try_run_case+0x10/0x10
[   15.923227]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   15.923252]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   15.923278]  ? __kthread_parkme+0x82/0x180
[   15.923303]  ? preempt_count_sub+0x50/0x80
[   15.923332]  ? __pfx_kunit_try_run_case+0x10/0x10
[   15.923357]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.923382]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   15.923406]  kthread+0x337/0x6f0
[   15.923425]  ? trace_preempt_on+0x20/0xc0
[   15.923450]  ? __pfx_kthread+0x10/0x10
[   15.923470]  ? _raw_spin_unlock_irq+0x47/0x80
[   15.923493]  ? calculate_sigpending+0x7b/0xa0
[   15.923517]  ? __pfx_kthread+0x10/0x10
[   15.923537]  ret_from_fork+0x41/0x80
[   15.923562]  ? __pfx_kthread+0x10/0x10
[   15.923582]  ret_from_fork_asm+0x1a/0x30
[   15.923616]  </TASK>
[   15.923642] 
[   15.934881] Allocated by task 177:
[   15.936164]  kasan_save_stack+0x45/0x70
[   15.936593]  kasan_save_track+0x18/0x40
[   15.936802]  kasan_save_alloc_info+0x3b/0x50
[   15.937045]  __kasan_krealloc+0x190/0x1f0
[   15.937767]  krealloc_noprof+0xf3/0x340
[   15.938326]  krealloc_more_oob_helper+0x1a9/0x930
[   15.938593]  krealloc_more_oob+0x1c/0x30
[   15.938780]  kunit_try_run_case+0x1a5/0x480
[   15.938976]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.939401]  kthread+0x337/0x6f0
[   15.939792]  ret_from_fork+0x41/0x80
[   15.939985]  ret_from_fork_asm+0x1a/0x30
[   15.940412] 
[   15.940727] The buggy address belongs to the object at ffff888100357000
[   15.940727]  which belongs to the cache kmalloc-256 of size 256
[   15.941817] The buggy address is located 5 bytes to the right of
[   15.941817]  allocated 235-byte region [ffff888100357000, ffff8881003570eb)
[   15.942951] 
[   15.943134] The buggy address belongs to the physical page:
[   15.943366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100356
[   15.943931] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.944349] flags: 0x200000000000040(head|node=0|zone=2)
[   15.944730] page_type: f5(slab)
[   15.945049] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   15.945490] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.945922] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   15.946691] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.947479] head: 0200000000000001 ffffea000400d581 00000000ffffffff 00000000ffffffff
[   15.947832] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   15.948341] page dumped because: kasan: bad access detected
[   15.949012] 
[   15.949220] Memory state around the buggy address:
[   15.949739]  ffff888100356f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.950203]  ffff888100357000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.950809] >ffff888100357080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   15.951612]                                                              ^
[   15.952035]  ffff888100357100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.952388]  ffff888100357180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.952898] ==================================================================
[   16.207799] ==================================================================
[   16.208681] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   16.209533] Write of size 1 at addr ffff888103a020f0 by task kunit_try_catch/181
[   16.209898] 
[   16.210073] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G    B            N  6.15.1-rc1 #1 PREEMPT(voluntary) 
[   16.210201] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.210231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.210278] Call Trace:
[   16.210767]  <TASK>
[   16.210836]  dump_stack_lvl+0x73/0xb0
[   16.210917]  print_report+0xd1/0x650
[   16.210947]  ? __virt_addr_valid+0x1db/0x2d0
[   16.210975]  ? krealloc_more_oob_helper+0x7eb/0x930
[   16.210997]  ? kasan_addr_to_slab+0x11/0xa0
[   16.211019]  ? krealloc_more_oob_helper+0x7eb/0x930
[   16.211041]  kasan_report+0x141/0x180
[   16.211065]  ? krealloc_more_oob_helper+0x7eb/0x930
[   16.211093]  __asan_report_store1_noabort+0x1b/0x30
[   16.211124]  krealloc_more_oob_helper+0x7eb/0x930
[   16.211175]  ? __schedule+0x10cc/0x2b30
[   16.211219]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   16.211254]  ? finish_task_switch.isra.0+0x153/0x700
[   16.211294]  ? __switch_to+0x5d9/0xf60
[   16.211329]  ? dequeue_task_fair+0x166/0x4e0
[   16.211358]  ? __schedule+0x10cc/0x2b30
[   16.211381]  ? __pfx_read_tsc+0x10/0x10
[   16.211407]  krealloc_large_more_oob+0x1c/0x30
[   16.211428]  kunit_try_run_case+0x1a5/0x480
[   16.211455]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.211478]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.211503]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.211528]  ? __kthread_parkme+0x82/0x180
[   16.211551]  ? preempt_count_sub+0x50/0x80
[   16.211577]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.211601]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.211638]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.211665]  kthread+0x337/0x6f0
[   16.211685]  ? trace_preempt_on+0x20/0xc0
[   16.211711]  ? __pfx_kthread+0x10/0x10
[   16.211731]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.211774]  ? calculate_sigpending+0x7b/0xa0
[   16.211801]  ? __pfx_kthread+0x10/0x10
[   16.211822]  ret_from_fork+0x41/0x80
[   16.211844]  ? __pfx_kthread+0x10/0x10
[   16.211864]  ret_from_fork_asm+0x1a/0x30
[   16.211899]  </TASK>
[   16.211914] 
[   16.226971] The buggy address belongs to the physical page:
[   16.228004] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00
[   16.229446] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.230026] flags: 0x200000000000040(head|node=0|zone=2)
[   16.230452] page_type: f8(unknown)
[   16.230996] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.231470] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.232561] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.232964] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.233193] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff
[   16.233593] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.234218] page dumped because: kasan: bad access detected
[   16.234768] 
[   16.234916] Memory state around the buggy address:
[   16.235637]  ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.236419]  ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.237490] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   16.237667]                                                              ^
[   16.238196]  ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.238501]  ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.239077] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2xxIi03DVYToIy9dKnbnDmUoyr6

job_id

TEST:linaro@lkft#2xxInfPddVDXGngffC9JR7X5Cmc

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxInfPddVDXGngffC9JR7X5Cmc

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIk5ew4LuOqFkcEQccT7nGfYz/bzImage
sha256sum	fa931e11017c8ca987af58467ceac4cfbdb749e86f43584874b54f325b4fc4f3

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIk5ew4LuOqFkcEQccT7nGfYz/modules.tar.xz
sha256sum	7c34359c003080a3ab3b531ece9044002fd87f98de8d7cd8150985fcf69c24ac

durations

tests

boot	0
kunit	459.25

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - e850-96 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit