lkft/linux-stable-rc-linux-6.15.y - v6.15.3-590-gd93bc5feded1 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper

Date

June 26, 2025, 11:12 a.m.

Environment
e850-96
qemu-arm64
qemu-x86_64

[   22.974400] ==================================================================
[   22.981410] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   22.988956] Write of size 1 at addr ffff000803310ad0 by task kunit_try_catch/207
[   22.996334] 
[   22.997821] CPU: 7 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   22.997877] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.997892] Hardware name: WinLink E850-96 board (DT)
[   22.997912] Call trace:
[   22.997926]  show_stack+0x20/0x38 (C)
[   22.997958]  dump_stack_lvl+0x8c/0xd0
[   22.997997]  print_report+0x118/0x608
[   22.998028]  kasan_report+0xdc/0x128
[   22.998058]  __asan_report_store1_noabort+0x20/0x30
[   22.998094]  krealloc_less_oob_helper+0xb9c/0xc50
[   22.998123]  krealloc_less_oob+0x20/0x38
[   22.998150]  kunit_try_run_case+0x170/0x3f0
[   22.998188]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.998225]  kthread+0x328/0x630
[   22.998259]  ret_from_fork+0x10/0x20
[   22.998295] 
[   23.065170] Allocated by task 207:
[   23.068559]  kasan_save_stack+0x3c/0x68
[   23.072375]  kasan_save_track+0x20/0x40
[   23.076194]  kasan_save_alloc_info+0x40/0x58
[   23.080448]  __kasan_krealloc+0x118/0x178
[   23.084441]  krealloc_noprof+0x128/0x360
[   23.088347]  krealloc_less_oob_helper+0x168/0xc50
[   23.093034]  krealloc_less_oob+0x20/0x38
[   23.096940]  kunit_try_run_case+0x170/0x3f0
[   23.101108]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.106576]  kthread+0x328/0x630
[   23.109788]  ret_from_fork+0x10/0x20
[   23.113346] 
[   23.114824] The buggy address belongs to the object at ffff000803310a00
[   23.114824]  which belongs to the cache kmalloc-256 of size 256
[   23.127324] The buggy address is located 7 bytes to the right of
[   23.127324]  allocated 201-byte region [ffff000803310a00, ffff000803310ac9)
[   23.140256] 
[   23.141733] The buggy address belongs to the physical page:
[   23.147292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883310
[   23.155274] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.162912] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   23.169856] page_type: f5(slab)
[   23.172995] raw: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   23.180713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   23.188440] head: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   23.196251] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   23.204065] head: 0bfffe0000000002 fffffdffe00cc401 00000000ffffffff 00000000ffffffff
[   23.211876] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.219682] page dumped because: kasan: bad access detected
[   23.225237] 
[   23.226712] Memory state around the buggy address:
[   23.231494]  ffff000803310980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.238696]  ffff000803310a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.245901] >ffff000803310a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   23.253103]                                                  ^
[   23.258921]  ffff000803310b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.266126]  ffff000803310b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.273327] ==================================================================
[   25.133653] ==================================================================
[   25.140749] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   25.148299] Write of size 1 at addr ffff0008033260da by task kunit_try_catch/211
[   25.155677] 
[   25.157161] CPU: 7 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   25.157205] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.157218] Hardware name: WinLink E850-96 board (DT)
[   25.157236] Call trace:
[   25.157249]  show_stack+0x20/0x38 (C)
[   25.157280]  dump_stack_lvl+0x8c/0xd0
[   25.157315]  print_report+0x118/0x608
[   25.157346]  kasan_report+0xdc/0x128
[   25.157373]  __asan_report_store1_noabort+0x20/0x30
[   25.157405]  krealloc_less_oob_helper+0xa80/0xc50
[   25.157433]  krealloc_large_less_oob+0x20/0x38
[   25.157461]  kunit_try_run_case+0x170/0x3f0
[   25.157497]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   25.157535]  kthread+0x328/0x630
[   25.157569]  ret_from_fork+0x10/0x20
[   25.157603] 
[   25.225035] The buggy address belongs to the physical page:
[   25.230592] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883324
[   25.238575] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   25.246214] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   25.253158] page_type: f8(unknown)
[   25.256554] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   25.264276] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   25.272002] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   25.279814] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   25.287627] head: 0bfffe0000000002 fffffdffe00cc901 00000000ffffffff 00000000ffffffff
[   25.295438] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   25.303244] page dumped because: kasan: bad access detected
[   25.308799] 
[   25.310275] Memory state around the buggy address:
[   25.315056]  ffff000803325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   25.322258]  ffff000803326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   25.329463] >ffff000803326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   25.336664]                                                     ^
[   25.342744]  ffff000803326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   25.349949]  ffff000803326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   25.357150] ==================================================================
[   23.894760] ==================================================================
[   23.901620] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   23.909168] Write of size 1 at addr ffff000803310aeb by task kunit_try_catch/207
[   23.916546] 
[   23.918031] CPU: 7 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   23.918080] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.918097] Hardware name: WinLink E850-96 board (DT)
[   23.918115] Call trace:
[   23.918127]  show_stack+0x20/0x38 (C)
[   23.918160]  dump_stack_lvl+0x8c/0xd0
[   23.918197]  print_report+0x118/0x608
[   23.918226]  kasan_report+0xdc/0x128
[   23.918254]  __asan_report_store1_noabort+0x20/0x30
[   23.918287]  krealloc_less_oob_helper+0xa58/0xc50
[   23.918316]  krealloc_less_oob+0x20/0x38
[   23.918343]  kunit_try_run_case+0x170/0x3f0
[   23.918379]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.918417]  kthread+0x328/0x630
[   23.918448]  ret_from_fork+0x10/0x20
[   23.918481] 
[   23.985382] Allocated by task 207:
[   23.988769]  kasan_save_stack+0x3c/0x68
[   23.992586]  kasan_save_track+0x20/0x40
[   23.996406]  kasan_save_alloc_info+0x40/0x58
[   24.000659]  __kasan_krealloc+0x118/0x178
[   24.004653]  krealloc_noprof+0x128/0x360
[   24.008559]  krealloc_less_oob_helper+0x168/0xc50
[   24.013246]  krealloc_less_oob+0x20/0x38
[   24.017153]  kunit_try_run_case+0x170/0x3f0
[   24.021321]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.026788]  kthread+0x328/0x630
[   24.029999]  ret_from_fork+0x10/0x20
[   24.033558] 
[   24.035036] The buggy address belongs to the object at ffff000803310a00
[   24.035036]  which belongs to the cache kmalloc-256 of size 256
[   24.047537] The buggy address is located 34 bytes to the right of
[   24.047537]  allocated 201-byte region [ffff000803310a00, ffff000803310ac9)
[   24.060555] 
[   24.062033] The buggy address belongs to the physical page:
[   24.067590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883310
[   24.075573] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.083211] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.090155] page_type: f5(slab)
[   24.093291] raw: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   24.101012] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   24.108739] head: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   24.116550] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   24.124363] head: 0bfffe0000000002 fffffdffe00cc401 00000000ffffffff 00000000ffffffff
[   24.132175] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   24.139980] page dumped because: kasan: bad access detected
[   24.145535] 
[   24.147011] Memory state around the buggy address:
[   24.151793]  ffff000803310980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.158994]  ffff000803310a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.166199] >ffff000803310a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   24.173400]                                                           ^
[   24.180001]  ffff000803310b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.187206]  ffff000803310b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.194407] ==================================================================
[   25.364435] ==================================================================
[   25.371561] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   25.379111] Write of size 1 at addr ffff0008033260ea by task kunit_try_catch/211
[   25.386489] 
[   25.387974] CPU: 7 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   25.388017] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.388031] Hardware name: WinLink E850-96 board (DT)
[   25.388048] Call trace:
[   25.388057]  show_stack+0x20/0x38 (C)
[   25.388091]  dump_stack_lvl+0x8c/0xd0
[   25.388127]  print_report+0x118/0x608
[   25.388156]  kasan_report+0xdc/0x128
[   25.388186]  __asan_report_store1_noabort+0x20/0x30
[   25.388219]  krealloc_less_oob_helper+0xae4/0xc50
[   25.388248]  krealloc_large_less_oob+0x20/0x38
[   25.388278]  kunit_try_run_case+0x170/0x3f0
[   25.388312]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   25.388350]  kthread+0x328/0x630
[   25.388383]  ret_from_fork+0x10/0x20
[   25.388415] 
[   25.455848] The buggy address belongs to the physical page:
[   25.461404] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883324
[   25.469388] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   25.477026] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   25.483971] page_type: f8(unknown)
[   25.487367] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   25.495089] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   25.502814] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   25.510626] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   25.518441] head: 0bfffe0000000002 fffffdffe00cc901 00000000ffffffff 00000000ffffffff
[   25.526251] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   25.534057] page dumped because: kasan: bad access detected
[   25.539612] 
[   25.541088] Memory state around the buggy address:
[   25.545868]  ffff000803325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   25.553071]  ffff000803326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   25.560275] >ffff000803326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   25.567476]                                                           ^
[   25.574077]  ffff000803326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   25.581282]  ffff000803326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   25.588483] ==================================================================
[   24.903303] ==================================================================
[   24.910200] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   24.917747] Write of size 1 at addr ffff0008033260d0 by task kunit_try_catch/211
[   24.925125] 
[   24.926612] CPU: 7 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   24.926663] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.926679] Hardware name: WinLink E850-96 board (DT)
[   24.926697] Call trace:
[   24.926710]  show_stack+0x20/0x38 (C)
[   24.926743]  dump_stack_lvl+0x8c/0xd0
[   24.926782]  print_report+0x118/0x608
[   24.926812]  kasan_report+0xdc/0x128
[   24.926842]  __asan_report_store1_noabort+0x20/0x30
[   24.926877]  krealloc_less_oob_helper+0xb9c/0xc50
[   24.926906]  krealloc_large_less_oob+0x20/0x38
[   24.926934]  kunit_try_run_case+0x170/0x3f0
[   24.926972]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.927010]  kthread+0x328/0x630
[   24.927044]  ret_from_fork+0x10/0x20
[   24.927079] 
[   24.994484] The buggy address belongs to the physical page:
[   25.000042] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883324
[   25.008023] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   25.015664] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   25.022606] page_type: f8(unknown)
[   25.026003] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   25.033724] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   25.041450] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   25.049262] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   25.057075] head: 0bfffe0000000002 fffffdffe00cc901 00000000ffffffff 00000000ffffffff
[   25.064886] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   25.072692] page dumped because: kasan: bad access detected
[   25.078247] 
[   25.079723] Memory state around the buggy address:
[   25.084503]  ffff000803325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   25.091706]  ffff000803326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   25.098911] >ffff000803326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   25.106112]                                                  ^
[   25.111931]  ffff000803326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   25.119136]  ffff000803326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   25.126337] ==================================================================
[   23.587323] ==================================================================
[   23.594422] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   23.601968] Write of size 1 at addr ffff000803310aea by task kunit_try_catch/207
[   23.609346] 
[   23.610831] CPU: 7 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   23.610878] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.610892] Hardware name: WinLink E850-96 board (DT)
[   23.610909] Call trace:
[   23.610920]  show_stack+0x20/0x38 (C)
[   23.610954]  dump_stack_lvl+0x8c/0xd0
[   23.610991]  print_report+0x118/0x608
[   23.611022]  kasan_report+0xdc/0x128
[   23.611050]  __asan_report_store1_noabort+0x20/0x30
[   23.611088]  krealloc_less_oob_helper+0xae4/0xc50
[   23.611116]  krealloc_less_oob+0x20/0x38
[   23.611144]  kunit_try_run_case+0x170/0x3f0
[   23.611182]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.611219]  kthread+0x328/0x630
[   23.611254]  ret_from_fork+0x10/0x20
[   23.611289] 
[   23.678181] Allocated by task 207:
[   23.681569]  kasan_save_stack+0x3c/0x68
[   23.685386]  kasan_save_track+0x20/0x40
[   23.689206]  kasan_save_alloc_info+0x40/0x58
[   23.693459]  __kasan_krealloc+0x118/0x178
[   23.697452]  krealloc_noprof+0x128/0x360
[   23.701359]  krealloc_less_oob_helper+0x168/0xc50
[   23.706046]  krealloc_less_oob+0x20/0x38
[   23.709952]  kunit_try_run_case+0x170/0x3f0
[   23.714119]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.719587]  kthread+0x328/0x630
[   23.722799]  ret_from_fork+0x10/0x20
[   23.726358] 
[   23.727835] The buggy address belongs to the object at ffff000803310a00
[   23.727835]  which belongs to the cache kmalloc-256 of size 256
[   23.740335] The buggy address is located 33 bytes to the right of
[   23.740335]  allocated 201-byte region [ffff000803310a00, ffff000803310ac9)
[   23.753354] 
[   23.754831] The buggy address belongs to the physical page:
[   23.760390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883310
[   23.768372] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.776010] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   23.782957] page_type: f5(slab)
[   23.786092] raw: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   23.793812] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   23.801543] head: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   23.809350] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   23.817163] head: 0bfffe0000000002 fffffdffe00cc401 00000000ffffffff 00000000ffffffff
[   23.824974] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.832780] page dumped because: kasan: bad access detected
[   23.838335] 
[   23.839811] Memory state around the buggy address:
[   23.844591]  ffff000803310980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.851794]  ffff000803310a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.858999] >ffff000803310a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   23.866200]                                                           ^
[   23.872801]  ffff000803310b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.880005]  ffff000803310b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.887206] ==================================================================
[   22.666013] ==================================================================
[   22.675336] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   22.682887] Write of size 1 at addr ffff000803310ac9 by task kunit_try_catch/207
[   22.690262] 
[   22.691749] CPU: 7 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   22.691802] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.691819] Hardware name: WinLink E850-96 board (DT)
[   22.691840] Call trace:
[   22.691855]  show_stack+0x20/0x38 (C)
[   22.691889]  dump_stack_lvl+0x8c/0xd0
[   22.691927]  print_report+0x118/0x608
[   22.691961]  kasan_report+0xdc/0x128
[   22.691990]  __asan_report_store1_noabort+0x20/0x30
[   22.692028]  krealloc_less_oob_helper+0xa48/0xc50
[   22.692057]  krealloc_less_oob+0x20/0x38
[   22.692086]  kunit_try_run_case+0x170/0x3f0
[   22.692124]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.692161]  kthread+0x328/0x630
[   22.692197]  ret_from_fork+0x10/0x20
[   22.692234] 
[   22.759098] Allocated by task 207:
[   22.762487]  kasan_save_stack+0x3c/0x68
[   22.766304]  kasan_save_track+0x20/0x40
[   22.770122]  kasan_save_alloc_info+0x40/0x58
[   22.774376]  __kasan_krealloc+0x118/0x178
[   22.778369]  krealloc_noprof+0x128/0x360
[   22.782275]  krealloc_less_oob_helper+0x168/0xc50
[   22.786963]  krealloc_less_oob+0x20/0x38
[   22.790869]  kunit_try_run_case+0x170/0x3f0
[   22.795037]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.800504]  kthread+0x328/0x630
[   22.803716]  ret_from_fork+0x10/0x20
[   22.807275] 
[   22.808754] The buggy address belongs to the object at ffff000803310a00
[   22.808754]  which belongs to the cache kmalloc-256 of size 256
[   22.821253] The buggy address is located 0 bytes to the right of
[   22.821253]  allocated 201-byte region [ffff000803310a00, ffff000803310ac9)
[   22.834184] 
[   22.835664] The buggy address belongs to the physical page:
[   22.841220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883310
[   22.849205] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.856842] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.863786] page_type: f5(slab)
[   22.866925] raw: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   22.874642] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   22.882368] head: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   22.890180] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   22.897992] head: 0bfffe0000000002 fffffdffe00cc401 00000000ffffffff 00000000ffffffff
[   22.905804] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   22.913610] page dumped because: kasan: bad access detected
[   22.919167] 
[   22.920641] Memory state around the buggy address:
[   22.925420]  ffff000803310980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.932624]  ffff000803310a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.939829] >ffff000803310a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   22.947030]                                               ^
[   22.952589]  ffff000803310b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.959793]  ffff000803310b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.966996] ==================================================================
[   25.595796] ==================================================================
[   25.602895] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   25.610445] Write of size 1 at addr ffff0008033260eb by task kunit_try_catch/211
[   25.617823] 
[   25.619308] CPU: 7 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   25.619356] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.619371] Hardware name: WinLink E850-96 board (DT)
[   25.619387] Call trace:
[   25.619400]  show_stack+0x20/0x38 (C)
[   25.619435]  dump_stack_lvl+0x8c/0xd0
[   25.619470]  print_report+0x118/0x608
[   25.619500]  kasan_report+0xdc/0x128
[   25.619530]  __asan_report_store1_noabort+0x20/0x30
[   25.619563]  krealloc_less_oob_helper+0xa58/0xc50
[   25.619593]  krealloc_large_less_oob+0x20/0x38
[   25.619622]  kunit_try_run_case+0x170/0x3f0
[   25.619660]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   25.619698]  kthread+0x328/0x630
[   25.619730]  ret_from_fork+0x10/0x20
[   25.619762] 
[   25.687181] The buggy address belongs to the physical page:
[   25.692739] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883324
[   25.700721] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   25.708360] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   25.715305] page_type: f8(unknown)
[   25.718703] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   25.726423] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   25.734149] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   25.741959] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   25.749773] head: 0bfffe0000000002 fffffdffe00cc901 00000000ffffffff 00000000ffffffff
[   25.757584] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   25.765390] page dumped because: kasan: bad access detected
[   25.770945] 
[   25.772421] Memory state around the buggy address:
[   25.777203]  ffff000803325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   25.784404]  ffff000803326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   25.791609] >ffff000803326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   25.798810]                                                           ^
[   25.805411]  ffff000803326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   25.812615]  ffff000803326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   25.819816] ==================================================================
[   23.280653] ==================================================================
[   23.287740] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   23.295288] Write of size 1 at addr ffff000803310ada by task kunit_try_catch/207
[   23.302667] 
[   23.304151] CPU: 7 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   23.304198] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.304212] Hardware name: WinLink E850-96 board (DT)
[   23.304228] Call trace:
[   23.304242]  show_stack+0x20/0x38 (C)
[   23.304278]  dump_stack_lvl+0x8c/0xd0
[   23.304315]  print_report+0x118/0x608
[   23.304343]  kasan_report+0xdc/0x128
[   23.304371]  __asan_report_store1_noabort+0x20/0x30
[   23.304403]  krealloc_less_oob_helper+0xa80/0xc50
[   23.304432]  krealloc_less_oob+0x20/0x38
[   23.304459]  kunit_try_run_case+0x170/0x3f0
[   23.304495]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.304535]  kthread+0x328/0x630
[   23.304569]  ret_from_fork+0x10/0x20
[   23.304600] 
[   23.371502] Allocated by task 207:
[   23.374890]  kasan_save_stack+0x3c/0x68
[   23.378707]  kasan_save_track+0x20/0x40
[   23.382526]  kasan_save_alloc_info+0x40/0x58
[   23.386780]  __kasan_krealloc+0x118/0x178
[   23.390773]  krealloc_noprof+0x128/0x360
[   23.394679]  krealloc_less_oob_helper+0x168/0xc50
[   23.399367]  krealloc_less_oob+0x20/0x38
[   23.403273]  kunit_try_run_case+0x170/0x3f0
[   23.407439]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.412908]  kthread+0x328/0x630
[   23.416120]  ret_from_fork+0x10/0x20
[   23.419679] 
[   23.421156] The buggy address belongs to the object at ffff000803310a00
[   23.421156]  which belongs to the cache kmalloc-256 of size 256
[   23.433654] The buggy address is located 17 bytes to the right of
[   23.433654]  allocated 201-byte region [ffff000803310a00, ffff000803310ac9)
[   23.446675] 
[   23.448152] The buggy address belongs to the physical page:
[   23.453710] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883310
[   23.461692] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.469331] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   23.476275] page_type: f5(slab)
[   23.479410] raw: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   23.487132] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   23.494859] head: 0bfffe0000000040 ffff000800002b40 dead000000000122 0000000000000000
[   23.502670] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   23.510484] head: 0bfffe0000000002 fffffdffe00cc401 00000000ffffffff 00000000ffffffff
[   23.518295] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.526101] page dumped because: kasan: bad access detected
[   23.531656] 
[   23.533132] Memory state around the buggy address:
[   23.537913]  ffff000803310980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.545115]  ffff000803310a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.552319] >ffff000803310a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   23.559520]                                                     ^
[   23.565600]  ffff000803310b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.572805]  ffff000803310b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.580006] ==================================================================
[   24.670060] ==================================================================
[   24.679908] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   24.687456] Write of size 1 at addr ffff0008033260c9 by task kunit_try_catch/211
[   24.694834] 
[   24.696319] CPU: 7 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   24.696376] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.696392] Hardware name: WinLink E850-96 board (DT)
[   24.696412] Call trace:
[   24.696426]  show_stack+0x20/0x38 (C)
[   24.696459]  dump_stack_lvl+0x8c/0xd0
[   24.696501]  print_report+0x118/0x608
[   24.696535]  kasan_report+0xdc/0x128
[   24.696565]  __asan_report_store1_noabort+0x20/0x30
[   24.696603]  krealloc_less_oob_helper+0xa48/0xc50
[   24.696633]  krealloc_large_less_oob+0x20/0x38
[   24.696661]  kunit_try_run_case+0x170/0x3f0
[   24.696699]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.696737]  kthread+0x328/0x630
[   24.696773]  ret_from_fork+0x10/0x20
[   24.696807] 
[   24.764194] The buggy address belongs to the physical page:
[   24.769752] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883324
[   24.777734] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.785372] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.792316] page_type: f8(unknown)
[   24.795711] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.803432] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.811159] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.818970] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.826783] head: 0bfffe0000000002 fffffdffe00cc901 00000000ffffffff 00000000ffffffff
[   24.834595] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   24.842400] page dumped because: kasan: bad access detected
[   24.847956] 
[   24.849434] Memory state around the buggy address:
[   24.854211]  ffff000803325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.861414]  ffff000803326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.868620] >ffff000803326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   24.875820]                                               ^
[   24.881379]  ffff000803326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.888584]  ffff000803326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.895785] ==================================================================

Metadata Full log Test run details

[   17.864446] ==================================================================
[   17.864491] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   17.864538] Write of size 1 at addr fff00000c79160ea by task kunit_try_catch/164
[   17.864773] 
[   17.864957] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   17.865047] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.865082] Hardware name: linux,dummy-virt (DT)
[   17.865206] Call trace:
[   17.865255]  show_stack+0x20/0x38 (C)
[   17.865373]  dump_stack_lvl+0x8c/0xd0
[   17.865660]  print_report+0x118/0x608
[   17.865795]  kasan_report+0xdc/0x128
[   17.865880]  __asan_report_store1_noabort+0x20/0x30
[   17.865988]  krealloc_less_oob_helper+0xae4/0xc50
[   17.866038]  krealloc_large_less_oob+0x20/0x38
[   17.866084]  kunit_try_run_case+0x170/0x3f0
[   17.866131]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.866184]  kthread+0x328/0x630
[   17.866235]  ret_from_fork+0x10/0x20
[   17.866291] 
[   17.866320] The buggy address belongs to the physical page:
[   17.866358] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107914
[   17.866409] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.866455] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.866504] page_type: f8(unknown)
[   17.866542] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.866603] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.866663] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.866714] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.866764] head: 0bfffe0000000002 ffffc1ffc31e4501 00000000ffffffff 00000000ffffffff
[   17.866814] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.866866] page dumped because: kasan: bad access detected
[   17.866908] 
[   17.867137] Memory state around the buggy address:
[   17.867327]  fff00000c7915f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.867470]  fff00000c7916000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.867530] >fff00000c7916080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.867705]                                                           ^
[   17.867748]  fff00000c7916100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.867926]  fff00000c7916180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.868062] ==================================================================
[   17.847845] ==================================================================
[   17.847984] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   17.848134] Write of size 1 at addr fff00000c79160c9 by task kunit_try_catch/164
[   17.848397] 
[   17.848560] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   17.848667] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.848815] Hardware name: linux,dummy-virt (DT)
[   17.848944] Call trace:
[   17.849020]  show_stack+0x20/0x38 (C)
[   17.849100]  dump_stack_lvl+0x8c/0xd0
[   17.849229]  print_report+0x118/0x608
[   17.849275]  kasan_report+0xdc/0x128
[   17.849319]  __asan_report_store1_noabort+0x20/0x30
[   17.849547]  krealloc_less_oob_helper+0xa48/0xc50
[   17.849682]  krealloc_large_less_oob+0x20/0x38
[   17.849730]  kunit_try_run_case+0x170/0x3f0
[   17.850126]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.850202]  kthread+0x328/0x630
[   17.850279]  ret_from_fork+0x10/0x20
[   17.850441] 
[   17.850519] The buggy address belongs to the physical page:
[   17.850776] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107914
[   17.850886] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.850949] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.851075] page_type: f8(unknown)
[   17.851163] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.851330] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.851485] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.851603] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.851792] head: 0bfffe0000000002 ffffc1ffc31e4501 00000000ffffffff 00000000ffffffff
[   17.851910] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.851986] page dumped because: kasan: bad access detected
[   17.852032] 
[   17.852088] Memory state around the buggy address:
[   17.852130]  fff00000c7915f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.852175]  fff00000c7916000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.852221] >fff00000c7916080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.852261]                                               ^
[   17.852304]  fff00000c7916100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.852357]  fff00000c7916180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.852397] ==================================================================
[   17.853494] ==================================================================
[   17.853543] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   17.853783] Write of size 1 at addr fff00000c79160d0 by task kunit_try_catch/164
[   17.853924] 
[   17.853963] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   17.854046] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.854080] Hardware name: linux,dummy-virt (DT)
[   17.854226] Call trace:
[   17.854277]  show_stack+0x20/0x38 (C)
[   17.854361]  dump_stack_lvl+0x8c/0xd0
[   17.854442]  print_report+0x118/0x608
[   17.854487]  kasan_report+0xdc/0x128
[   17.854531]  __asan_report_store1_noabort+0x20/0x30
[   17.854614]  krealloc_less_oob_helper+0xb9c/0xc50
[   17.854720]  krealloc_large_less_oob+0x20/0x38
[   17.854915]  kunit_try_run_case+0x170/0x3f0
[   17.854968]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.855021]  kthread+0x328/0x630
[   17.855072]  ret_from_fork+0x10/0x20
[   17.855119] 
[   17.855140] The buggy address belongs to the physical page:
[   17.855383] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107914
[   17.855518] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.855615] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.855736] page_type: f8(unknown)
[   17.855849] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.856126] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.856188] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.856568] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.856740] head: 0bfffe0000000002 ffffc1ffc31e4501 00000000ffffffff 00000000ffffffff
[   17.857004] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.857155] page dumped because: kasan: bad access detected
[   17.857309] 
[   17.857366] Memory state around the buggy address:
[   17.857400]  fff00000c7915f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.857445]  fff00000c7916000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.857495] >fff00000c7916080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.857580]                                                  ^
[   17.857638]  fff00000c7916100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.857690]  fff00000c7916180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.857744] ==================================================================
[   17.790769] ==================================================================
[   17.790822] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   17.791058] Write of size 1 at addr fff00000c4775ed0 by task kunit_try_catch/160
[   17.791112] 
[   17.791327] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   17.791545] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.791601] Hardware name: linux,dummy-virt (DT)
[   17.791635] Call trace:
[   17.791656]  show_stack+0x20/0x38 (C)
[   17.792023]  dump_stack_lvl+0x8c/0xd0
[   17.792145]  print_report+0x118/0x608
[   17.792548]  kasan_report+0xdc/0x128
[   17.792733]  __asan_report_store1_noabort+0x20/0x30
[   17.792797]  krealloc_less_oob_helper+0xb9c/0xc50
[   17.793022]  krealloc_less_oob+0x20/0x38
[   17.793099]  kunit_try_run_case+0x170/0x3f0
[   17.793275]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.793468]  kthread+0x328/0x630
[   17.793610]  ret_from_fork+0x10/0x20
[   17.793765] 
[   17.793959] Allocated by task 160:
[   17.794023]  kasan_save_stack+0x3c/0x68
[   17.794166]  kasan_save_track+0x20/0x40
[   17.794241]  kasan_save_alloc_info+0x40/0x58
[   17.794339]  __kasan_krealloc+0x118/0x178
[   17.794428]  krealloc_noprof+0x128/0x360
[   17.794570]  krealloc_less_oob_helper+0x168/0xc50
[   17.794686]  krealloc_less_oob+0x20/0x38
[   17.794721]  kunit_try_run_case+0x170/0x3f0
[   17.794915]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.795104]  kthread+0x328/0x630
[   17.795154]  ret_from_fork+0x10/0x20
[   17.795189] 
[   17.795463] The buggy address belongs to the object at fff00000c4775e00
[   17.795463]  which belongs to the cache kmalloc-256 of size 256
[   17.795695] The buggy address is located 7 bytes to the right of
[   17.795695]  allocated 201-byte region [fff00000c4775e00, fff00000c4775ec9)
[   17.795801] 
[   17.795958] The buggy address belongs to the physical page:
[   17.796138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104774
[   17.796204] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.796249] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.796323] page_type: f5(slab)
[   17.796636] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.796723] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.796864] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.796966] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.797118] head: 0bfffe0000000001 ffffc1ffc311dd01 00000000ffffffff 00000000ffffffff
[   17.797282] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.797631] page dumped because: kasan: bad access detected
[   17.797739] 
[   17.797813] Memory state around the buggy address:
[   17.797970]  fff00000c4775d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.798042]  fff00000c4775e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.798124] >fff00000c4775e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.798575]                                                  ^
[   17.798656]  fff00000c4775f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.798712]  fff00000c4775f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.798922] ==================================================================
[   17.782758] ==================================================================
[   17.782815] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   17.783419] Write of size 1 at addr fff00000c4775ec9 by task kunit_try_catch/160
[   17.783601] 
[   17.783673] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   17.783761] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.783789] Hardware name: linux,dummy-virt (DT)
[   17.783822] Call trace:
[   17.783844]  show_stack+0x20/0x38 (C)
[   17.784070]  dump_stack_lvl+0x8c/0xd0
[   17.784119]  print_report+0x118/0x608
[   17.784164]  kasan_report+0xdc/0x128
[   17.784590]  __asan_report_store1_noabort+0x20/0x30
[   17.784750]  krealloc_less_oob_helper+0xa48/0xc50
[   17.784909]  krealloc_less_oob+0x20/0x38
[   17.785245]  kunit_try_run_case+0x170/0x3f0
[   17.785312]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.785697]  kthread+0x328/0x630
[   17.785789]  ret_from_fork+0x10/0x20
[   17.785838] 
[   17.785893] Allocated by task 160:
[   17.785923]  kasan_save_stack+0x3c/0x68
[   17.785983]  kasan_save_track+0x20/0x40
[   17.786032]  kasan_save_alloc_info+0x40/0x58
[   17.786080]  __kasan_krealloc+0x118/0x178
[   17.786127]  krealloc_noprof+0x128/0x360
[   17.786164]  krealloc_less_oob_helper+0x168/0xc50
[   17.786201]  krealloc_less_oob+0x20/0x38
[   17.786235]  kunit_try_run_case+0x170/0x3f0
[   17.786278]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.786327]  kthread+0x328/0x630
[   17.786377]  ret_from_fork+0x10/0x20
[   17.786422] 
[   17.786441] The buggy address belongs to the object at fff00000c4775e00
[   17.786441]  which belongs to the cache kmalloc-256 of size 256
[   17.786508] The buggy address is located 0 bytes to the right of
[   17.786508]  allocated 201-byte region [fff00000c4775e00, fff00000c4775ec9)
[   17.786587] 
[   17.786607] The buggy address belongs to the physical page:
[   17.786638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104774
[   17.786690] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.786737] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.786798] page_type: f5(slab)
[   17.786869] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.786922] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.786975] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.787583] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.787651] head: 0bfffe0000000001 ffffc1ffc311dd01 00000000ffffffff 00000000ffffffff
[   17.787728] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.787935] page dumped because: kasan: bad access detected
[   17.787974] 
[   17.788009] Memory state around the buggy address:
[   17.788042]  fff00000c4775d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.788399]  fff00000c4775e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.788452] >fff00000c4775e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.788621]                                               ^
[   17.788790]  fff00000c4775f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.789008]  fff00000c4775f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.789122] ==================================================================
[   17.817228] ==================================================================
[   17.817441] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   17.817513] Write of size 1 at addr fff00000c4775eeb by task kunit_try_catch/160
[   17.817698] 
[   17.817930] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   17.818029] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.818206] Hardware name: linux,dummy-virt (DT)
[   17.818274] Call trace:
[   17.818322]  show_stack+0x20/0x38 (C)
[   17.818545]  dump_stack_lvl+0x8c/0xd0
[   17.818608]  print_report+0x118/0x608
[   17.818653]  kasan_report+0xdc/0x128
[   17.818705]  __asan_report_store1_noabort+0x20/0x30
[   17.818946]  krealloc_less_oob_helper+0xa58/0xc50
[   17.819028]  krealloc_less_oob+0x20/0x38
[   17.819079]  kunit_try_run_case+0x170/0x3f0
[   17.819127]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.819185]  kthread+0x328/0x630
[   17.819441]  ret_from_fork+0x10/0x20
[   17.819626] 
[   17.819665] Allocated by task 160:
[   17.819712]  kasan_save_stack+0x3c/0x68
[   17.819907]  kasan_save_track+0x20/0x40
[   17.819953]  kasan_save_alloc_info+0x40/0x58
[   17.820119]  __kasan_krealloc+0x118/0x178
[   17.820210]  krealloc_noprof+0x128/0x360
[   17.820390]  krealloc_less_oob_helper+0x168/0xc50
[   17.820479]  krealloc_less_oob+0x20/0x38
[   17.820515]  kunit_try_run_case+0x170/0x3f0
[   17.820805]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.821044]  kthread+0x328/0x630
[   17.821088]  ret_from_fork+0x10/0x20
[   17.821420] 
[   17.821473] The buggy address belongs to the object at fff00000c4775e00
[   17.821473]  which belongs to the cache kmalloc-256 of size 256
[   17.821673] The buggy address is located 34 bytes to the right of
[   17.821673]  allocated 201-byte region [fff00000c4775e00, fff00000c4775ec9)
[   17.821759] 
[   17.822142] The buggy address belongs to the physical page:
[   17.822263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104774
[   17.822387] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.822516] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.822677] page_type: f5(slab)
[   17.822786] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.822931] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.823006] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.823096] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.823426] head: 0bfffe0000000001 ffffc1ffc311dd01 00000000ffffffff 00000000ffffffff
[   17.823498] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.823655] page dumped because: kasan: bad access detected
[   17.823707] 
[   17.823933] Memory state around the buggy address:
[   17.824180]  fff00000c4775d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.824237]  fff00000c4775e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.824303] >fff00000c4775e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.824453]                                                           ^
[   17.824659]  fff00000c4775f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.824773]  fff00000c4775f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.824891] ==================================================================
[   17.868415] ==================================================================
[   17.868460] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   17.868517] Write of size 1 at addr fff00000c79160eb by task kunit_try_catch/164
[   17.868884] 
[   17.869159] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   17.869426] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.869494] Hardware name: linux,dummy-virt (DT)
[   17.869555] Call trace:
[   17.869732]  show_stack+0x20/0x38 (C)
[   17.869795]  dump_stack_lvl+0x8c/0xd0
[   17.869895]  print_report+0x118/0x608
[   17.870072]  kasan_report+0xdc/0x128
[   17.870248]  __asan_report_store1_noabort+0x20/0x30
[   17.870382]  krealloc_less_oob_helper+0xa58/0xc50
[   17.870487]  krealloc_large_less_oob+0x20/0x38
[   17.870671]  kunit_try_run_case+0x170/0x3f0
[   17.870730]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.870816]  kthread+0x328/0x630
[   17.870974]  ret_from_fork+0x10/0x20
[   17.871289] 
[   17.871345] The buggy address belongs to the physical page:
[   17.871377] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107914
[   17.871463] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.871610] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.871730] page_type: f8(unknown)
[   17.871770] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.872039] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.872562] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.872744] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.872910] head: 0bfffe0000000002 ffffc1ffc31e4501 00000000ffffffff 00000000ffffffff
[   17.873013] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.873056] page dumped because: kasan: bad access detected
[   17.873119] 
[   17.873138] Memory state around the buggy address:
[   17.873170]  fff00000c7915f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.873339]  fff00000c7916000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.873428] >fff00000c7916080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.873475]                                                           ^
[   17.873745]  fff00000c7916100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.873951]  fff00000c7916180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.874165] ==================================================================
[   17.859078] ==================================================================
[   17.859179] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   17.859375] Write of size 1 at addr fff00000c79160da by task kunit_try_catch/164
[   17.859451] 
[   17.859599] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   17.859719] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.859747] Hardware name: linux,dummy-virt (DT)
[   17.859841] Call trace:
[   17.859966]  show_stack+0x20/0x38 (C)
[   17.860124]  dump_stack_lvl+0x8c/0xd0
[   17.860358]  print_report+0x118/0x608
[   17.860409]  kasan_report+0xdc/0x128
[   17.860471]  __asan_report_store1_noabort+0x20/0x30
[   17.860528]  krealloc_less_oob_helper+0xa80/0xc50
[   17.860576]  krealloc_large_less_oob+0x20/0x38
[   17.860801]  kunit_try_run_case+0x170/0x3f0
[   17.861013]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.861126]  kthread+0x328/0x630
[   17.861287]  ret_from_fork+0x10/0x20
[   17.861383] 
[   17.861555] The buggy address belongs to the physical page:
[   17.861749] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107914
[   17.861825] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.862145] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.862226] page_type: f8(unknown)
[   17.862418] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.862480] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.862723] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.862789] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.862850] head: 0bfffe0000000002 ffffc1ffc31e4501 00000000ffffffff 00000000ffffffff
[   17.863020] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.863151] page dumped because: kasan: bad access detected
[   17.863250] 
[   17.863344] Memory state around the buggy address:
[   17.863376]  fff00000c7915f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.863588]  fff00000c7916000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.863669] >fff00000c7916080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   17.863711]                                                     ^
[   17.863779]  fff00000c7916100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.863846]  fff00000c7916180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.863958] ==================================================================
[   17.800653] ==================================================================
[   17.800705] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   17.801133] Write of size 1 at addr fff00000c4775eda by task kunit_try_catch/160
[   17.801203] 
[   17.801261] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   17.801509] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.801728] Hardware name: linux,dummy-virt (DT)
[   17.801801] Call trace:
[   17.801824]  show_stack+0x20/0x38 (C)
[   17.801949]  dump_stack_lvl+0x8c/0xd0
[   17.801998]  print_report+0x118/0x608
[   17.802043]  kasan_report+0xdc/0x128
[   17.802086]  __asan_report_store1_noabort+0x20/0x30
[   17.802136]  krealloc_less_oob_helper+0xa80/0xc50
[   17.802182]  krealloc_less_oob+0x20/0x38
[   17.802235]  kunit_try_run_case+0x170/0x3f0
[   17.802285]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.802339]  kthread+0x328/0x630
[   17.802398]  ret_from_fork+0x10/0x20
[   17.802446] 
[   17.802464] Allocated by task 160:
[   17.802491]  kasan_save_stack+0x3c/0x68
[   17.802537]  kasan_save_track+0x20/0x40
[   17.802573]  kasan_save_alloc_info+0x40/0x58
[   17.802610]  __kasan_krealloc+0x118/0x178
[   17.802653]  krealloc_noprof+0x128/0x360
[   17.802695]  krealloc_less_oob_helper+0x168/0xc50
[   17.802740]  krealloc_less_oob+0x20/0x38
[   17.802779]  kunit_try_run_case+0x170/0x3f0
[   17.802826]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.802881]  kthread+0x328/0x630
[   17.802915]  ret_from_fork+0x10/0x20
[   17.802961] 
[   17.802980] The buggy address belongs to the object at fff00000c4775e00
[   17.802980]  which belongs to the cache kmalloc-256 of size 256
[   17.803038] The buggy address is located 17 bytes to the right of
[   17.803038]  allocated 201-byte region [fff00000c4775e00, fff00000c4775ec9)
[   17.803112] 
[   17.803131] The buggy address belongs to the physical page:
[   17.803167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104774
[   17.803217] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.803263] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.803313] page_type: f5(slab)
[   17.803350] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.803401] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.803463] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.803513] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.803564] head: 0bfffe0000000001 ffffc1ffc311dd01 00000000ffffffff 00000000ffffffff
[   17.803620] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.803670] page dumped because: kasan: bad access detected
[   17.803704] 
[   17.803722] Memory state around the buggy address:
[   17.803760]  fff00000c4775d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.803806]  fff00000c4775e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.803850] >fff00000c4775e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.804150]                                                     ^
[   17.804469]  fff00000c4775f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.804675]  fff00000c4775f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.805011] ==================================================================
[   17.807576] ==================================================================
[   17.807667] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   17.807838] Write of size 1 at addr fff00000c4775eea by task kunit_try_catch/160
[   17.808058] 
[   17.808167] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   17.808324] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.808468] Hardware name: linux,dummy-virt (DT)
[   17.808523] Call trace:
[   17.808545]  show_stack+0x20/0x38 (C)
[   17.808890]  dump_stack_lvl+0x8c/0xd0
[   17.808962]  print_report+0x118/0x608
[   17.809069]  kasan_report+0xdc/0x128
[   17.809166]  __asan_report_store1_noabort+0x20/0x30
[   17.809282]  krealloc_less_oob_helper+0xae4/0xc50
[   17.809382]  krealloc_less_oob+0x20/0x38
[   17.809744]  kunit_try_run_case+0x170/0x3f0
[   17.809869]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.810118]  kthread+0x328/0x630
[   17.810317]  ret_from_fork+0x10/0x20
[   17.810496] 
[   17.810839] Allocated by task 160:
[   17.810910]  kasan_save_stack+0x3c/0x68
[   17.811003]  kasan_save_track+0x20/0x40
[   17.811109]  kasan_save_alloc_info+0x40/0x58
[   17.811155]  __kasan_krealloc+0x118/0x178
[   17.811433]  krealloc_noprof+0x128/0x360
[   17.811580]  krealloc_less_oob_helper+0x168/0xc50
[   17.811661]  krealloc_less_oob+0x20/0x38
[   17.811747]  kunit_try_run_case+0x170/0x3f0
[   17.811982]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.812259]  kthread+0x328/0x630
[   17.812440]  ret_from_fork+0x10/0x20
[   17.812496] 
[   17.812557] The buggy address belongs to the object at fff00000c4775e00
[   17.812557]  which belongs to the cache kmalloc-256 of size 256
[   17.812702] The buggy address is located 33 bytes to the right of
[   17.812702]  allocated 201-byte region [fff00000c4775e00, fff00000c4775ec9)
[   17.812932] 
[   17.813137] The buggy address belongs to the physical page:
[   17.813560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104774
[   17.813636] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.813707] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.813823] page_type: f5(slab)
[   17.813921] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.814051] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.814119] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   17.814191] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.814537] head: 0bfffe0000000001 ffffc1ffc311dd01 00000000ffffffff 00000000ffffffff
[   17.814724] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   17.814787] page dumped because: kasan: bad access detected
[   17.814903] 
[   17.814922] Memory state around the buggy address:
[   17.814989]  fff00000c4775d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.815201]  fff00000c4775e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.815383] >fff00000c4775e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   17.815447]                                                           ^
[   17.815662]  fff00000c4775f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.816090]  fff00000c4775f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.816190] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2z2jyLmJ6z1BqjhwiejBJ9RGyCS

job_id

TEST:linaro@lkft#2z2k2l9byJaNN182er1n5wXsS9a

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2z2k2l9byJaNN182er1n5wXsS9a

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2z2jzZjd6XwbIkbAqyFkpO4xknj/Image.gz
sha256sum	4fe981caa8e1ab0677344dea9975703ca09f32389026eeb9f77fae76c6c0e9ba

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2z2jzZjd6XwbIkbAqyFkpO4xknj/modules.tar.xz
sha256sum	74a01e20d3d706452182b8388f6aa7ab2c9166f6c4a19d7a4587dd3d7a7ca51e

durations

tests

boot	0
kunit	192.49

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   10.603872] ==================================================================
[   10.604527] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   10.605065] Write of size 1 at addr ffff8881009a2cda by task kunit_try_catch/177
[   10.605289] 
[   10.605376] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   10.605420] Tainted: [B]=BAD_PAGE, [N]=TEST
[   10.605430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   10.605450] Call Trace:
[   10.605463]  <TASK>
[   10.605480]  dump_stack_lvl+0x73/0xb0
[   10.605506]  print_report+0xd1/0x650
[   10.605528]  ? __virt_addr_valid+0x1db/0x2d0
[   10.605570]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   10.605590]  ? kasan_complete_mode_report_info+0x2a/0x200
[   10.605612]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   10.605632]  kasan_report+0x141/0x180
[   10.605656]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   10.605683]  __asan_report_store1_noabort+0x1b/0x30
[   10.605706]  krealloc_less_oob_helper+0xec6/0x11d0
[   10.605728]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   10.605748]  ? finish_task_switch.isra.0+0x153/0x700
[   10.605770]  ? __switch_to+0x5d9/0xf60
[   10.605790]  ? dequeue_task_fair+0x166/0x4e0
[   10.605814]  ? __schedule+0x10cc/0x2b60
[   10.605836]  ? __pfx_read_tsc+0x10/0x10
[   10.605859]  krealloc_less_oob+0x1c/0x30
[   10.605894]  kunit_try_run_case+0x1a5/0x480
[   10.605928]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.605951]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   10.605973]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   10.605996]  ? __kthread_parkme+0x82/0x180
[   10.606017]  ? preempt_count_sub+0x50/0x80
[   10.606040]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.606063]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.606105]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   10.606133]  kthread+0x337/0x6f0
[   10.606150]  ? trace_preempt_on+0x20/0xc0
[   10.606172]  ? __pfx_kthread+0x10/0x10
[   10.606190]  ? _raw_spin_unlock_irq+0x47/0x80
[   10.606210]  ? calculate_sigpending+0x7b/0xa0
[   10.606231]  ? __pfx_kthread+0x10/0x10
[   10.606249]  ret_from_fork+0x41/0x80
[   10.606269]  ? __pfx_kthread+0x10/0x10
[   10.606286]  ret_from_fork_asm+0x1a/0x30
[   10.606316]  </TASK>
[   10.606326] 
[   10.613448] Allocated by task 177:
[   10.613640]  kasan_save_stack+0x45/0x70
[   10.613786]  kasan_save_track+0x18/0x40
[   10.613988]  kasan_save_alloc_info+0x3b/0x50
[   10.614200]  __kasan_krealloc+0x190/0x1f0
[   10.614366]  krealloc_noprof+0xf3/0x340
[   10.614501]  krealloc_less_oob_helper+0x1aa/0x11d0
[   10.614750]  krealloc_less_oob+0x1c/0x30
[   10.614949]  kunit_try_run_case+0x1a5/0x480
[   10.615129]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.615301]  kthread+0x337/0x6f0
[   10.615438]  ret_from_fork+0x41/0x80
[   10.615645]  ret_from_fork_asm+0x1a/0x30
[   10.615840] 
[   10.615946] The buggy address belongs to the object at ffff8881009a2c00
[   10.615946]  which belongs to the cache kmalloc-256 of size 256
[   10.616439] The buggy address is located 17 bytes to the right of
[   10.616439]  allocated 201-byte region [ffff8881009a2c00, ffff8881009a2cc9)
[   10.616963] 
[   10.617038] The buggy address belongs to the physical page:
[   10.617270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2
[   10.617515] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   10.617872] flags: 0x200000000000040(head|node=0|zone=2)
[   10.618135] page_type: f5(slab)
[   10.618286] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   10.618606] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   10.618858] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   10.619214] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   10.619474] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff
[   10.619728] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   10.620020] page dumped because: kasan: bad access detected
[   10.620280] 
[   10.620371] Memory state around the buggy address:
[   10.620621]  ffff8881009a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.620949]  ffff8881009a2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.621261] >ffff8881009a2c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   10.621597]                                                     ^
[   10.621835]  ffff8881009a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.622096]  ffff8881009a2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.622392] ==================================================================
[   10.724940] ==================================================================
[   10.725274] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   10.725643] Write of size 1 at addr ffff8881028960d0 by task kunit_try_catch/181
[   10.725934] 
[   10.726047] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   10.726091] Tainted: [B]=BAD_PAGE, [N]=TEST
[   10.726103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   10.726122] Call Trace:
[   10.726138]  <TASK>
[   10.726155]  dump_stack_lvl+0x73/0xb0
[   10.726178]  print_report+0xd1/0x650
[   10.726200]  ? __virt_addr_valid+0x1db/0x2d0
[   10.726222]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   10.726241]  ? kasan_addr_to_slab+0x11/0xa0
[   10.726262]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   10.726282]  kasan_report+0x141/0x180
[   10.726304]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   10.726328]  __asan_report_store1_noabort+0x1b/0x30
[   10.726348]  krealloc_less_oob_helper+0xe23/0x11d0
[   10.726370]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   10.726390]  ? finish_task_switch.isra.0+0x153/0x700
[   10.726414]  ? __switch_to+0x5d9/0xf60
[   10.726435]  ? dequeue_task_fair+0x156/0x4e0
[   10.726459]  ? __schedule+0x10cc/0x2b60
[   10.726482]  ? __pfx_read_tsc+0x10/0x10
[   10.726504]  krealloc_large_less_oob+0x1c/0x30
[   10.726523]  kunit_try_run_case+0x1a5/0x480
[   10.726548]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.726569]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   10.726592]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   10.726614]  ? __kthread_parkme+0x82/0x180
[   10.726635]  ? preempt_count_sub+0x50/0x80
[   10.726659]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.726681]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.726703]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   10.726725]  kthread+0x337/0x6f0
[   10.726742]  ? trace_preempt_on+0x20/0xc0
[   10.726764]  ? __pfx_kthread+0x10/0x10
[   10.726781]  ? _raw_spin_unlock_irq+0x47/0x80
[   10.726802]  ? calculate_sigpending+0x7b/0xa0
[   10.726822]  ? __pfx_kthread+0x10/0x10
[   10.726840]  ret_from_fork+0x41/0x80
[   10.726861]  ? __pfx_kthread+0x10/0x10
[   10.726878]  ret_from_fork_asm+0x1a/0x30
[   10.726907]  </TASK>
[   10.726927] 
[   10.734696] The buggy address belongs to the physical page:
[   10.735002] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894
[   10.735304] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   10.735647] flags: 0x200000000000040(head|node=0|zone=2)
[   10.735910] page_type: f8(unknown)
[   10.736105] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   10.736412] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   10.736793] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   10.737108] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   10.737365] head: 0200000000000002 ffffea00040a2501 00000000ffffffff 00000000ffffffff
[   10.737619] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   10.738101] page dumped because: kasan: bad access detected
[   10.738356] 
[   10.738449] Memory state around the buggy address:
[   10.738671]  ffff888102895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.739048]  ffff888102896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.739290] >ffff888102896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   10.739512]                                                  ^
[   10.739864]  ffff888102896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   10.740198]  ffff888102896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   10.740505] ==================================================================
[   10.740956] ==================================================================
[   10.741233] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   10.741559] Write of size 1 at addr ffff8881028960da by task kunit_try_catch/181
[   10.741925] 
[   10.742039] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   10.742081] Tainted: [B]=BAD_PAGE, [N]=TEST
[   10.742091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   10.742110] Call Trace:
[   10.742124]  <TASK>
[   10.742137]  dump_stack_lvl+0x73/0xb0
[   10.742160]  print_report+0xd1/0x650
[   10.742183]  ? __virt_addr_valid+0x1db/0x2d0
[   10.742204]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   10.742224]  ? kasan_addr_to_slab+0x11/0xa0
[   10.742244]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   10.742263]  kasan_report+0x141/0x180
[   10.742285]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   10.742312]  __asan_report_store1_noabort+0x1b/0x30
[   10.742335]  krealloc_less_oob_helper+0xec6/0x11d0
[   10.742357]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   10.742377]  ? finish_task_switch.isra.0+0x153/0x700
[   10.742400]  ? __switch_to+0x5d9/0xf60
[   10.742421]  ? dequeue_task_fair+0x156/0x4e0
[   10.742444]  ? __schedule+0x10cc/0x2b60
[   10.742467]  ? __pfx_read_tsc+0x10/0x10
[   10.742489]  krealloc_large_less_oob+0x1c/0x30
[   10.742508]  kunit_try_run_case+0x1a5/0x480
[   10.742532]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.742553]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   10.742577]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   10.742620]  ? __kthread_parkme+0x82/0x180
[   10.742642]  ? preempt_count_sub+0x50/0x80
[   10.742667]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.742690]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.742773]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   10.742797]  kthread+0x337/0x6f0
[   10.742815]  ? trace_preempt_on+0x20/0xc0
[   10.742838]  ? __pfx_kthread+0x10/0x10
[   10.742856]  ? _raw_spin_unlock_irq+0x47/0x80
[   10.742877]  ? calculate_sigpending+0x7b/0xa0
[   10.742898]  ? __pfx_kthread+0x10/0x10
[   10.742926]  ret_from_fork+0x41/0x80
[   10.742947]  ? __pfx_kthread+0x10/0x10
[   10.742965]  ret_from_fork_asm+0x1a/0x30
[   10.742995]  </TASK>
[   10.743005] 
[   10.750605] The buggy address belongs to the physical page:
[   10.750851] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894
[   10.751227] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   10.751519] flags: 0x200000000000040(head|node=0|zone=2)
[   10.751732] page_type: f8(unknown)
[   10.751861] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   10.752332] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   10.752758] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   10.753107] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   10.753394] head: 0200000000000002 ffffea00040a2501 00000000ffffffff 00000000ffffffff
[   10.753699] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   10.754329] page dumped because: kasan: bad access detected
[   10.754552] 
[   10.754620] Memory state around the buggy address:
[   10.754773]  ffff888102895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.755184]  ffff888102896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.755508] >ffff888102896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   10.755889]                                                     ^
[   10.756134]  ffff888102896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   10.756426]  ffff888102896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   10.756775] ==================================================================
[   10.708040] ==================================================================
[   10.708500] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   10.708835] Write of size 1 at addr ffff8881028960c9 by task kunit_try_catch/181
[   10.709145] 
[   10.709249] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   10.709297] Tainted: [B]=BAD_PAGE, [N]=TEST
[   10.709308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   10.709329] Call Trace:
[   10.709341]  <TASK>
[   10.709357]  dump_stack_lvl+0x73/0xb0
[   10.709383]  print_report+0xd1/0x650
[   10.709405]  ? __virt_addr_valid+0x1db/0x2d0
[   10.709427]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   10.709446]  ? kasan_addr_to_slab+0x11/0xa0
[   10.709466]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   10.709486]  kasan_report+0x141/0x180
[   10.709508]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   10.709531]  __asan_report_store1_noabort+0x1b/0x30
[   10.709552]  krealloc_less_oob_helper+0xd70/0x11d0
[   10.709573]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   10.709593]  ? finish_task_switch.isra.0+0x153/0x700
[   10.709616]  ? __switch_to+0x5d9/0xf60
[   10.709637]  ? dequeue_task_fair+0x156/0x4e0
[   10.709661]  ? __schedule+0x10cc/0x2b60
[   10.709683]  ? __pfx_read_tsc+0x10/0x10
[   10.709705]  krealloc_large_less_oob+0x1c/0x30
[   10.709724]  kunit_try_run_case+0x1a5/0x480
[   10.709749]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.709770]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   10.709793]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   10.709815]  ? __kthread_parkme+0x82/0x180
[   10.709836]  ? preempt_count_sub+0x50/0x80
[   10.709861]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.709883]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.709905]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   10.709961]  kthread+0x337/0x6f0
[   10.709978]  ? trace_preempt_on+0x20/0xc0
[   10.710002]  ? __pfx_kthread+0x10/0x10
[   10.710019]  ? _raw_spin_unlock_irq+0x47/0x80
[   10.710040]  ? calculate_sigpending+0x7b/0xa0
[   10.710061]  ? __pfx_kthread+0x10/0x10
[   10.710093]  ret_from_fork+0x41/0x80
[   10.710115]  ? __pfx_kthread+0x10/0x10
[   10.710132]  ret_from_fork_asm+0x1a/0x30
[   10.710174]  </TASK>
[   10.710185] 
[   10.718173] The buggy address belongs to the physical page:
[   10.718431] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894
[   10.719072] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   10.719359] flags: 0x200000000000040(head|node=0|zone=2)
[   10.719617] page_type: f8(unknown)
[   10.719753] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   10.720156] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   10.720477] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   10.720876] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   10.721188] head: 0200000000000002 ffffea00040a2501 00000000ffffffff 00000000ffffffff
[   10.721504] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   10.721891] page dumped because: kasan: bad access detected
[   10.722115] 
[   10.722183] Memory state around the buggy address:
[   10.722340]  ffff888102895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.722687]  ffff888102896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.723071] >ffff888102896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   10.723378]                                               ^
[   10.723602]  ffff888102896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   10.724181]  ffff888102896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   10.724474] ==================================================================
[   10.572282] ==================================================================
[   10.572939] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   10.573191] Write of size 1 at addr ffff8881009a2cd0 by task kunit_try_catch/177
[   10.573413] 
[   10.573502] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   10.573546] Tainted: [B]=BAD_PAGE, [N]=TEST
[   10.573583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   10.573603] Call Trace:
[   10.573616]  <TASK>
[   10.573633]  dump_stack_lvl+0x73/0xb0
[   10.573657]  print_report+0xd1/0x650
[   10.573679]  ? __virt_addr_valid+0x1db/0x2d0
[   10.573700]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   10.573737]  ? kasan_complete_mode_report_info+0x2a/0x200
[   10.573759]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   10.573780]  kasan_report+0x141/0x180
[   10.573802]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   10.573826]  __asan_report_store1_noabort+0x1b/0x30
[   10.573845]  krealloc_less_oob_helper+0xe23/0x11d0
[   10.573867]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   10.573886]  ? finish_task_switch.isra.0+0x153/0x700
[   10.573909]  ? __switch_to+0x5d9/0xf60
[   10.573939]  ? dequeue_task_fair+0x166/0x4e0
[   10.573961]  ? __schedule+0x10cc/0x2b60
[   10.573984]  ? __pfx_read_tsc+0x10/0x10
[   10.574006]  krealloc_less_oob+0x1c/0x30
[   10.574023]  kunit_try_run_case+0x1a5/0x480
[   10.574048]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.574069]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   10.574092]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   10.574114]  ? __kthread_parkme+0x82/0x180
[   10.574135]  ? preempt_count_sub+0x50/0x80
[   10.574158]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.574181]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.574204]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   10.574226]  kthread+0x337/0x6f0
[   10.574242]  ? trace_preempt_on+0x20/0xc0
[   10.574265]  ? __pfx_kthread+0x10/0x10
[   10.574282]  ? _raw_spin_unlock_irq+0x47/0x80
[   10.574303]  ? calculate_sigpending+0x7b/0xa0
[   10.574324]  ? __pfx_kthread+0x10/0x10
[   10.574341]  ret_from_fork+0x41/0x80
[   10.574361]  ? __pfx_kthread+0x10/0x10
[   10.574378]  ret_from_fork_asm+0x1a/0x30
[   10.574407]  </TASK>
[   10.574418] 
[   10.587723] Allocated by task 177:
[   10.588069]  kasan_save_stack+0x45/0x70
[   10.588346]  kasan_save_track+0x18/0x40
[   10.588480]  kasan_save_alloc_info+0x3b/0x50
[   10.588782]  __kasan_krealloc+0x190/0x1f0
[   10.589149]  krealloc_noprof+0xf3/0x340
[   10.589508]  krealloc_less_oob_helper+0x1aa/0x11d0
[   10.589942]  krealloc_less_oob+0x1c/0x30
[   10.590290]  kunit_try_run_case+0x1a5/0x480
[   10.590435]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.590724]  kthread+0x337/0x6f0
[   10.591018]  ret_from_fork+0x41/0x80
[   10.591333]  ret_from_fork_asm+0x1a/0x30
[   10.591700] 
[   10.591853] The buggy address belongs to the object at ffff8881009a2c00
[   10.591853]  which belongs to the cache kmalloc-256 of size 256
[   10.592544] The buggy address is located 7 bytes to the right of
[   10.592544]  allocated 201-byte region [ffff8881009a2c00, ffff8881009a2cc9)
[   10.593628] 
[   10.593784] The buggy address belongs to the physical page:
[   10.594013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2
[   10.594255] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   10.594481] flags: 0x200000000000040(head|node=0|zone=2)
[   10.594880] page_type: f5(slab)
[   10.595193] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   10.595849] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   10.596485] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   10.597152] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   10.597813] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff
[   10.598446] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   10.598942] page dumped because: kasan: bad access detected
[   10.599113] 
[   10.599180] Memory state around the buggy address:
[   10.599335]  ffff8881009a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.599570]  ffff8881009a2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.600156] >ffff8881009a2c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   10.600762]                                                  ^
[   10.601246]  ffff8881009a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.601848]  ffff8881009a2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.602445] ==================================================================
[   10.757181] ==================================================================
[   10.757454] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   10.757852] Write of size 1 at addr ffff8881028960ea by task kunit_try_catch/181
[   10.758173] 
[   10.758280] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   10.758322] Tainted: [B]=BAD_PAGE, [N]=TEST
[   10.758333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   10.758353] Call Trace:
[   10.758369]  <TASK>
[   10.758385]  dump_stack_lvl+0x73/0xb0
[   10.758407]  print_report+0xd1/0x650
[   10.758431]  ? __virt_addr_valid+0x1db/0x2d0
[   10.758452]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   10.758471]  ? kasan_addr_to_slab+0x11/0xa0
[   10.758491]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   10.758511]  kasan_report+0x141/0x180
[   10.758532]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   10.758557]  __asan_report_store1_noabort+0x1b/0x30
[   10.758577]  krealloc_less_oob_helper+0xe90/0x11d0
[   10.758621]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   10.758640]  ? finish_task_switch.isra.0+0x153/0x700
[   10.758663]  ? __switch_to+0x5d9/0xf60
[   10.758684]  ? dequeue_task_fair+0x156/0x4e0
[   10.758767]  ? __schedule+0x10cc/0x2b60
[   10.758792]  ? __pfx_read_tsc+0x10/0x10
[   10.758815]  krealloc_large_less_oob+0x1c/0x30
[   10.758835]  kunit_try_run_case+0x1a5/0x480
[   10.758859]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.758881]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   10.758904]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   10.758937]  ? __kthread_parkme+0x82/0x180
[   10.758958]  ? preempt_count_sub+0x50/0x80
[   10.758982]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.759005]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.759027]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   10.759049]  kthread+0x337/0x6f0
[   10.759065]  ? trace_preempt_on+0x20/0xc0
[   10.759087]  ? __pfx_kthread+0x10/0x10
[   10.759105]  ? _raw_spin_unlock_irq+0x47/0x80
[   10.759125]  ? calculate_sigpending+0x7b/0xa0
[   10.759146]  ? __pfx_kthread+0x10/0x10
[   10.759164]  ret_from_fork+0x41/0x80
[   10.759184]  ? __pfx_kthread+0x10/0x10
[   10.759201]  ret_from_fork_asm+0x1a/0x30
[   10.759232]  </TASK>
[   10.759242] 
[   10.766969] The buggy address belongs to the physical page:
[   10.767195] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894
[   10.767450] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   10.768061] flags: 0x200000000000040(head|node=0|zone=2)
[   10.768284] page_type: f8(unknown)
[   10.768440] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   10.768802] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   10.769057] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   10.769398] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   10.769709] head: 0200000000000002 ffffea00040a2501 00000000ffffffff 00000000ffffffff
[   10.770016] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   10.770247] page dumped because: kasan: bad access detected
[   10.770418] 
[   10.770486] Memory state around the buggy address:
[   10.770799]  ffff888102895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.771125]  ffff888102896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.771439] >ffff888102896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   10.771753]                                                           ^
[   10.771970]  ffff888102896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   10.772184]  ffff888102896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   10.772404] ==================================================================
[   10.642093] ==================================================================
[   10.642438] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   10.642778] Write of size 1 at addr ffff8881009a2ceb by task kunit_try_catch/177
[   10.643083] 
[   10.643189] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   10.643231] Tainted: [B]=BAD_PAGE, [N]=TEST
[   10.643241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   10.643260] Call Trace:
[   10.643275]  <TASK>
[   10.643289]  dump_stack_lvl+0x73/0xb0
[   10.643311]  print_report+0xd1/0x650
[   10.643332]  ? __virt_addr_valid+0x1db/0x2d0
[   10.643352]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   10.643371]  ? kasan_complete_mode_report_info+0x2a/0x200
[   10.643393]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   10.643413]  kasan_report+0x141/0x180
[   10.643434]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   10.643458]  __asan_report_store1_noabort+0x1b/0x30
[   10.643478]  krealloc_less_oob_helper+0xd47/0x11d0
[   10.643499]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   10.643519]  ? finish_task_switch.isra.0+0x153/0x700
[   10.643541]  ? __switch_to+0x5d9/0xf60
[   10.643560]  ? dequeue_task_fair+0x166/0x4e0
[   10.643583]  ? __schedule+0x10cc/0x2b60
[   10.643605]  ? __pfx_read_tsc+0x10/0x10
[   10.643626]  krealloc_less_oob+0x1c/0x30
[   10.643643]  kunit_try_run_case+0x1a5/0x480
[   10.643666]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.643687]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   10.643709]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   10.643731]  ? __kthread_parkme+0x82/0x180
[   10.643751]  ? preempt_count_sub+0x50/0x80
[   10.643774]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.643796]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.643817]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   10.643839]  kthread+0x337/0x6f0
[   10.643856]  ? trace_preempt_on+0x20/0xc0
[   10.643878]  ? __pfx_kthread+0x10/0x10
[   10.643895]  ? _raw_spin_unlock_irq+0x47/0x80
[   10.644322]  ? calculate_sigpending+0x7b/0xa0
[   10.644358]  ? __pfx_kthread+0x10/0x10
[   10.644377]  ret_from_fork+0x41/0x80
[   10.644399]  ? __pfx_kthread+0x10/0x10
[   10.644416]  ret_from_fork_asm+0x1a/0x30
[   10.644445]  </TASK>
[   10.644456] 
[   10.651566] Allocated by task 177:
[   10.651735]  kasan_save_stack+0x45/0x70
[   10.651902]  kasan_save_track+0x18/0x40
[   10.652093]  kasan_save_alloc_info+0x3b/0x50
[   10.652295]  __kasan_krealloc+0x190/0x1f0
[   10.652479]  krealloc_noprof+0xf3/0x340
[   10.652678]  krealloc_less_oob_helper+0x1aa/0x11d0
[   10.652875]  krealloc_less_oob+0x1c/0x30
[   10.653054]  kunit_try_run_case+0x1a5/0x480
[   10.653200]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.653443]  kthread+0x337/0x6f0
[   10.653638]  ret_from_fork+0x41/0x80
[   10.653819]  ret_from_fork_asm+0x1a/0x30
[   10.653966] 
[   10.654038] The buggy address belongs to the object at ffff8881009a2c00
[   10.654038]  which belongs to the cache kmalloc-256 of size 256
[   10.654574] The buggy address is located 34 bytes to the right of
[   10.654574]  allocated 201-byte region [ffff8881009a2c00, ffff8881009a2cc9)
[   10.655064] 
[   10.655158] The buggy address belongs to the physical page:
[   10.655390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2
[   10.655722] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   10.656030] flags: 0x200000000000040(head|node=0|zone=2)
[   10.656286] page_type: f5(slab)
[   10.656450] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   10.656788] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   10.657091] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   10.657357] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   10.657610] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff
[   10.657839] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   10.658076] page dumped because: kasan: bad access detected
[   10.658328] 
[   10.658419] Memory state around the buggy address:
[   10.658666]  ffff8881009a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.658990]  ffff8881009a2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.659255] >ffff8881009a2c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   10.659464]                                                           ^
[   10.659685]  ffff8881009a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.659903]  ffff8881009a2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.660229] ==================================================================
[   10.622983] ==================================================================
[   10.623339] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   10.624023] Write of size 1 at addr ffff8881009a2cea by task kunit_try_catch/177
[   10.624324] 
[   10.624429] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   10.624473] Tainted: [B]=BAD_PAGE, [N]=TEST
[   10.624484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   10.624503] Call Trace:
[   10.624518]  <TASK>
[   10.624535]  dump_stack_lvl+0x73/0xb0
[   10.624583]  print_report+0xd1/0x650
[   10.624605]  ? __virt_addr_valid+0x1db/0x2d0
[   10.624627]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   10.624646]  ? kasan_complete_mode_report_info+0x2a/0x200
[   10.624668]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   10.624688]  kasan_report+0x141/0x180
[   10.624710]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   10.624734]  __asan_report_store1_noabort+0x1b/0x30
[   10.624754]  krealloc_less_oob_helper+0xe90/0x11d0
[   10.624776]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   10.624797]  ? finish_task_switch.isra.0+0x153/0x700
[   10.624820]  ? __switch_to+0x5d9/0xf60
[   10.624839]  ? dequeue_task_fair+0x166/0x4e0
[   10.624863]  ? __schedule+0x10cc/0x2b60
[   10.624885]  ? __pfx_read_tsc+0x10/0x10
[   10.624907]  krealloc_less_oob+0x1c/0x30
[   10.624934]  kunit_try_run_case+0x1a5/0x480
[   10.624958]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.624980]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   10.625002]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   10.625025]  ? __kthread_parkme+0x82/0x180
[   10.625045]  ? preempt_count_sub+0x50/0x80
[   10.625069]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.625091]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.625113]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   10.625135]  kthread+0x337/0x6f0
[   10.625151]  ? trace_preempt_on+0x20/0xc0
[   10.625174]  ? __pfx_kthread+0x10/0x10
[   10.625191]  ? _raw_spin_unlock_irq+0x47/0x80
[   10.625211]  ? calculate_sigpending+0x7b/0xa0
[   10.625232]  ? __pfx_kthread+0x10/0x10
[   10.625250]  ret_from_fork+0x41/0x80
[   10.625269]  ? __pfx_kthread+0x10/0x10
[   10.625286]  ret_from_fork_asm+0x1a/0x30
[   10.625316]  </TASK>
[   10.625326] 
[   10.632249] Allocated by task 177:
[   10.632426]  kasan_save_stack+0x45/0x70
[   10.632650]  kasan_save_track+0x18/0x40
[   10.632845]  kasan_save_alloc_info+0x3b/0x50
[   10.633069]  __kasan_krealloc+0x190/0x1f0
[   10.633283]  krealloc_noprof+0xf3/0x340
[   10.633466]  krealloc_less_oob_helper+0x1aa/0x11d0
[   10.633662]  krealloc_less_oob+0x1c/0x30
[   10.633797]  kunit_try_run_case+0x1a5/0x480
[   10.634008]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.634263]  kthread+0x337/0x6f0
[   10.634428]  ret_from_fork+0x41/0x80
[   10.634633]  ret_from_fork_asm+0x1a/0x30
[   10.634782] 
[   10.634865] The buggy address belongs to the object at ffff8881009a2c00
[   10.634865]  which belongs to the cache kmalloc-256 of size 256
[   10.635369] The buggy address is located 33 bytes to the right of
[   10.635369]  allocated 201-byte region [ffff8881009a2c00, ffff8881009a2cc9)
[   10.635900] 
[   10.635979] The buggy address belongs to the physical page:
[   10.636235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2
[   10.636505] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   10.636753] flags: 0x200000000000040(head|node=0|zone=2)
[   10.636948] page_type: f5(slab)
[   10.637078] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   10.637394] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   10.637758] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   10.638109] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   10.638444] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff
[   10.638817] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   10.639059] page dumped because: kasan: bad access detected
[   10.639227] 
[   10.639294] Memory state around the buggy address:
[   10.639448]  ffff8881009a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.639766]  ffff8881009a2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.640097] >ffff8881009a2c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   10.640424]                                                           ^
[   10.640741]  ffff8881009a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.641076]  ffff8881009a2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.641393] ==================================================================
[   10.539656] ==================================================================
[   10.540849] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   10.541597] Write of size 1 at addr ffff8881009a2cc9 by task kunit_try_catch/177
[   10.542391] 
[   10.542489] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   10.542536] Tainted: [B]=BAD_PAGE, [N]=TEST
[   10.542555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   10.542575] Call Trace:
[   10.542588]  <TASK>
[   10.542606]  dump_stack_lvl+0x73/0xb0
[   10.542633]  print_report+0xd1/0x650
[   10.542656]  ? __virt_addr_valid+0x1db/0x2d0
[   10.542677]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   10.542697]  ? kasan_complete_mode_report_info+0x2a/0x200
[   10.542719]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   10.542739]  kasan_report+0x141/0x180
[   10.542761]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   10.542785]  __asan_report_store1_noabort+0x1b/0x30
[   10.542805]  krealloc_less_oob_helper+0xd70/0x11d0
[   10.542827]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   10.542846]  ? finish_task_switch.isra.0+0x153/0x700
[   10.542869]  ? __switch_to+0x5d9/0xf60
[   10.542889]  ? dequeue_task_fair+0x166/0x4e0
[   10.542912]  ? __schedule+0x10cc/0x2b60
[   10.542946]  ? __pfx_read_tsc+0x10/0x10
[   10.542970]  krealloc_less_oob+0x1c/0x30
[   10.542987]  kunit_try_run_case+0x1a5/0x480
[   10.543012]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.543034]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   10.543056]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   10.543079]  ? __kthread_parkme+0x82/0x180
[   10.543100]  ? preempt_count_sub+0x50/0x80
[   10.543123]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.543146]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.543168]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   10.543190]  kthread+0x337/0x6f0
[   10.543206]  ? trace_preempt_on+0x20/0xc0
[   10.543320]  ? __pfx_kthread+0x10/0x10
[   10.543358]  ? _raw_spin_unlock_irq+0x47/0x80
[   10.543379]  ? calculate_sigpending+0x7b/0xa0
[   10.543400]  ? __pfx_kthread+0x10/0x10
[   10.543417]  ret_from_fork+0x41/0x80
[   10.543438]  ? __pfx_kthread+0x10/0x10
[   10.543455]  ret_from_fork_asm+0x1a/0x30
[   10.543486]  </TASK>
[   10.543497] 
[   10.555322] Allocated by task 177:
[   10.555500]  kasan_save_stack+0x45/0x70
[   10.556033]  kasan_save_track+0x18/0x40
[   10.556191]  kasan_save_alloc_info+0x3b/0x50
[   10.556409]  __kasan_krealloc+0x190/0x1f0
[   10.556612]  krealloc_noprof+0xf3/0x340
[   10.557126]  krealloc_less_oob_helper+0x1aa/0x11d0
[   10.557314]  krealloc_less_oob+0x1c/0x30
[   10.557454]  kunit_try_run_case+0x1a5/0x480
[   10.557611]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.557786]  kthread+0x337/0x6f0
[   10.557902]  ret_from_fork+0x41/0x80
[   10.558312]  ret_from_fork_asm+0x1a/0x30
[   10.558674] 
[   10.558748] The buggy address belongs to the object at ffff8881009a2c00
[   10.558748]  which belongs to the cache kmalloc-256 of size 256
[   10.560099] The buggy address is located 0 bytes to the right of
[   10.560099]  allocated 201-byte region [ffff8881009a2c00, ffff8881009a2cc9)
[   10.561061] 
[   10.561231] The buggy address belongs to the physical page:
[   10.561765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2
[   10.562198] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   10.562778] flags: 0x200000000000040(head|node=0|zone=2)
[   10.562968] page_type: f5(slab)
[   10.563094] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   10.563323] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   10.563552] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   10.563782] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   10.564313] head: 0200000000000001 ffffea0004026881 00000000ffffffff 00000000ffffffff
[   10.565135] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   10.565861] page dumped because: kasan: bad access detected
[   10.566444] 
[   10.566627] Memory state around the buggy address:
[   10.567200]  ffff8881009a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.567867]  ffff8881009a2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.568482] >ffff8881009a2c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   10.569218]                                               ^
[   10.569739]  ffff8881009a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.570349]  ffff8881009a2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   10.571044] ==================================================================
[   10.772930] ==================================================================
[   10.773277] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   10.773663] Write of size 1 at addr ffff8881028960eb by task kunit_try_catch/181
[   10.774262] 
[   10.774385] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   10.774430] Tainted: [B]=BAD_PAGE, [N]=TEST
[   10.774442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   10.774462] Call Trace:
[   10.774479]  <TASK>
[   10.774496]  dump_stack_lvl+0x73/0xb0
[   10.774521]  print_report+0xd1/0x650
[   10.774544]  ? __virt_addr_valid+0x1db/0x2d0
[   10.774565]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   10.774585]  ? kasan_addr_to_slab+0x11/0xa0
[   10.774605]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   10.774625]  kasan_report+0x141/0x180
[   10.774646]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   10.774670]  __asan_report_store1_noabort+0x1b/0x30
[   10.774691]  krealloc_less_oob_helper+0xd47/0x11d0
[   10.774713]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   10.774733]  ? finish_task_switch.isra.0+0x153/0x700
[   10.774757]  ? __switch_to+0x5d9/0xf60
[   10.774854]  ? dequeue_task_fair+0x156/0x4e0
[   10.774880]  ? __schedule+0x10cc/0x2b60
[   10.774903]  ? __pfx_read_tsc+0x10/0x10
[   10.775491]  krealloc_large_less_oob+0x1c/0x30
[   10.775524]  kunit_try_run_case+0x1a5/0x480
[   10.775553]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.775575]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   10.775645]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   10.775671]  ? __kthread_parkme+0x82/0x180
[   10.775694]  ? preempt_count_sub+0x50/0x80
[   10.775753]  ? __pfx_kunit_try_run_case+0x10/0x10
[   10.775778]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   10.775801]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   10.775823]  kthread+0x337/0x6f0
[   10.775840]  ? trace_preempt_on+0x20/0xc0
[   10.775864]  ? __pfx_kthread+0x10/0x10
[   10.775881]  ? _raw_spin_unlock_irq+0x47/0x80
[   10.775902]  ? calculate_sigpending+0x7b/0xa0
[   10.775934]  ? __pfx_kthread+0x10/0x10
[   10.775952]  ret_from_fork+0x41/0x80
[   10.775973]  ? __pfx_kthread+0x10/0x10
[   10.775990]  ret_from_fork_asm+0x1a/0x30
[   10.776020]  </TASK>
[   10.776031] 
[   10.787335] The buggy address belongs to the physical page:
[   10.787605] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894
[   10.788156] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   10.788488] flags: 0x200000000000040(head|node=0|zone=2)
[   10.788929] page_type: f8(unknown)
[   10.789121] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   10.789555] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   10.790070] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   10.790506] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   10.791009] head: 0200000000000002 ffffea00040a2501 00000000ffffffff 00000000ffffffff
[   10.791420] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   10.791902] page dumped because: kasan: bad access detected
[   10.792128] 
[   10.792350] Memory state around the buggy address:
[   10.792536]  ffff888102895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.792904]  ffff888102896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.793396] >ffff888102896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   10.793905]                                                           ^
[   10.794268]  ffff888102896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   10.794568]  ffff888102896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   10.795039] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2z2jyLmJ6z1BqjhwiejBJ9RGyCS

job_id

TEST:linaro@lkft#2z2k43Ith0GXrqHIS1HUQzGmLgm

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2z2k43Ith0GXrqHIS1HUQzGmLgm

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2z2k0bZqZSn9XVzQywnOj3pF9S9/bzImage
sha256sum	9197980208d3516ab74c7966c051fb8dc8a70a6c93c6b0af7bd520b43d93459e

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2z2k0bZqZSn9XVzQywnOj3pF9S9/modules.tar.xz
sha256sum	ead902337972221197eb985803def87a4a8d3b17e572371d2f5392640490b3a8

durations

tests

boot	0
kunit	236.11

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - e850-96 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit