Hay
Date
July 9, 2025, 2:07 p.m.

Environment
qemu-arm64
qemu-x86_64

[   16.832329] ==================================================================
[   16.832574] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   16.832634] Write of size 1 at addr fff00000c4519cda by task kunit_try_catch/158
[   16.832986] 
[   16.833191] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   16.833428] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.833530] Hardware name: linux,dummy-virt (DT)
[   16.833565] Call trace:
[   16.833627]  show_stack+0x20/0x38 (C)
[   16.833802]  dump_stack_lvl+0x8c/0xd0
[   16.833898]  print_report+0x118/0x608
[   16.833985]  kasan_report+0xdc/0x128
[   16.834315]  __asan_report_store1_noabort+0x20/0x30
[   16.834472]  krealloc_less_oob_helper+0xa80/0xc50
[   16.834569]  krealloc_less_oob+0x20/0x38
[   16.834790]  kunit_try_run_case+0x170/0x3f0
[   16.834931]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.834987]  kthread+0x328/0x630
[   16.835076]  ret_from_fork+0x10/0x20
[   16.835280] 
[   16.835303] Allocated by task 158:
[   16.835331]  kasan_save_stack+0x3c/0x68
[   16.835376]  kasan_save_track+0x20/0x40
[   16.835441]  kasan_save_alloc_info+0x40/0x58
[   16.835482]  __kasan_krealloc+0x118/0x178
[   16.835529]  krealloc_noprof+0x128/0x360
[   16.835566]  krealloc_less_oob_helper+0x168/0xc50
[   16.835606]  krealloc_less_oob+0x20/0x38
[   16.835643]  kunit_try_run_case+0x170/0x3f0
[   16.835680]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.835732]  kthread+0x328/0x630
[   16.835764]  ret_from_fork+0x10/0x20
[   16.835809] 
[   16.835827] The buggy address belongs to the object at fff00000c4519c00
[   16.835827]  which belongs to the cache kmalloc-256 of size 256
[   16.835898] The buggy address is located 17 bytes to the right of
[   16.835898]  allocated 201-byte region [fff00000c4519c00, fff00000c4519cc9)
[   16.835962] 
[   16.835982] The buggy address belongs to the physical page:
[   16.836031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518
[   16.836101] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.836767] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.836926] page_type: f5(slab)
[   16.837013] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.837231] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.837492] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.837571] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.837875] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff
[   16.837951] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.838023] page dumped because: kasan: bad access detected
[   16.838054] 
[   16.838078] Memory state around the buggy address:
[   16.838281]  fff00000c4519b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.838504]  fff00000c4519c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.838557] >fff00000c4519c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.838682]                                                     ^
[   16.838843]  fff00000c4519d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.838887]  fff00000c4519d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.838985] ==================================================================
[   16.911622] ==================================================================
[   16.912187] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   16.912499] Write of size 1 at addr fff00000c77e20da by task kunit_try_catch/162
[   16.912611] 
[   16.912928] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   16.913289] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.914254] Hardware name: linux,dummy-virt (DT)
[   16.914320] Call trace:
[   16.914343]  show_stack+0x20/0x38 (C)
[   16.914398]  dump_stack_lvl+0x8c/0xd0
[   16.914447]  print_report+0x118/0x608
[   16.914495]  kasan_report+0xdc/0x128
[   16.914540]  __asan_report_store1_noabort+0x20/0x30
[   16.914592]  krealloc_less_oob_helper+0xa80/0xc50
[   16.914642]  krealloc_large_less_oob+0x20/0x38
[   16.916052]  kunit_try_run_case+0x170/0x3f0
[   16.916298]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.916362]  kthread+0x328/0x630
[   16.916688]  ret_from_fork+0x10/0x20
[   16.916870] 
[   16.916973] The buggy address belongs to the physical page:
[   16.917295] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0
[   16.917641] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.917719] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.917794] page_type: f8(unknown)
[   16.917846] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.918061] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.918334] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.918390] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.918447] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff
[   16.918848] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.918919] page dumped because: kasan: bad access detected
[   16.919031] 
[   16.919254] Memory state around the buggy address:
[   16.919376]  fff00000c77e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.919425]  fff00000c77e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.919677] >fff00000c77e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.919927]                                                     ^
[   16.920196]  fff00000c77e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.920252]  fff00000c77e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.920312] ==================================================================
[   16.813653] ==================================================================
[   16.813712] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   16.814062] Write of size 1 at addr fff00000c4519cc9 by task kunit_try_catch/158
[   16.814340] 
[   16.814480] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   16.814574] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.814974] Hardware name: linux,dummy-virt (DT)
[   16.815026] Call trace:
[   16.815179]  show_stack+0x20/0x38 (C)
[   16.815271]  dump_stack_lvl+0x8c/0xd0
[   16.815491]  print_report+0x118/0x608
[   16.815706]  kasan_report+0xdc/0x128
[   16.815893]  __asan_report_store1_noabort+0x20/0x30
[   16.816232]  krealloc_less_oob_helper+0xa48/0xc50
[   16.816521]  krealloc_less_oob+0x20/0x38
[   16.816725]  kunit_try_run_case+0x170/0x3f0
[   16.816848]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.817044]  kthread+0x328/0x630
[   16.817139]  ret_from_fork+0x10/0x20
[   16.817323] 
[   16.817437] Allocated by task 158:
[   16.817470]  kasan_save_stack+0x3c/0x68
[   16.817546]  kasan_save_track+0x20/0x40
[   16.818005]  kasan_save_alloc_info+0x40/0x58
[   16.818066]  __kasan_krealloc+0x118/0x178
[   16.818119]  krealloc_noprof+0x128/0x360
[   16.818185]  krealloc_less_oob_helper+0x168/0xc50
[   16.818465]  krealloc_less_oob+0x20/0x38
[   16.818579]  kunit_try_run_case+0x170/0x3f0
[   16.818748]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.818794]  kthread+0x328/0x630
[   16.818827]  ret_from_fork+0x10/0x20
[   16.818904] 
[   16.818931] The buggy address belongs to the object at fff00000c4519c00
[   16.818931]  which belongs to the cache kmalloc-256 of size 256
[   16.818991] The buggy address is located 0 bytes to the right of
[   16.818991]  allocated 201-byte region [fff00000c4519c00, fff00000c4519cc9)
[   16.819055] 
[   16.819092] The buggy address belongs to the physical page:
[   16.819125] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518
[   16.819207] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.819257] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.819313] page_type: f5(slab)
[   16.819355] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.819406] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.819467] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.819523] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.819581] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff
[   16.819632] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.819672] page dumped because: kasan: bad access detected
[   16.819712] 
[   16.819730] Memory state around the buggy address:
[   16.819770]  fff00000c4519b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.819812]  fff00000c4519c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.819854] >fff00000c4519c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.819892]                                               ^
[   16.819927]  fff00000c4519d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.819968]  fff00000c4519d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.820006] ==================================================================
[   16.840620] ==================================================================
[   16.840915] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   16.840984] Write of size 1 at addr fff00000c4519cea by task kunit_try_catch/158
[   16.841037] 
[   16.841203] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   16.841357] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.841416] Hardware name: linux,dummy-virt (DT)
[   16.841485] Call trace:
[   16.841620]  show_stack+0x20/0x38 (C)
[   16.841679]  dump_stack_lvl+0x8c/0xd0
[   16.841737]  print_report+0x118/0x608
[   16.841785]  kasan_report+0xdc/0x128
[   16.842331]  __asan_report_store1_noabort+0x20/0x30
[   16.842490]  krealloc_less_oob_helper+0xae4/0xc50
[   16.842677]  krealloc_less_oob+0x20/0x38
[   16.842786]  kunit_try_run_case+0x170/0x3f0
[   16.842836]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.843272]  kthread+0x328/0x630
[   16.843350]  ret_from_fork+0x10/0x20
[   16.843676] 
[   16.843886] Allocated by task 158:
[   16.843962]  kasan_save_stack+0x3c/0x68
[   16.844165]  kasan_save_track+0x20/0x40
[   16.844482]  kasan_save_alloc_info+0x40/0x58
[   16.844690]  __kasan_krealloc+0x118/0x178
[   16.844794]  krealloc_noprof+0x128/0x360
[   16.844902]  krealloc_less_oob_helper+0x168/0xc50
[   16.845076]  krealloc_less_oob+0x20/0x38
[   16.845181]  kunit_try_run_case+0x170/0x3f0
[   16.845229]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.845287]  kthread+0x328/0x630
[   16.845319]  ret_from_fork+0x10/0x20
[   16.845371] 
[   16.845400] The buggy address belongs to the object at fff00000c4519c00
[   16.845400]  which belongs to the cache kmalloc-256 of size 256
[   16.845471] The buggy address is located 33 bytes to the right of
[   16.845471]  allocated 201-byte region [fff00000c4519c00, fff00000c4519cc9)
[   16.845545] 
[   16.845564] The buggy address belongs to the physical page:
[   16.845625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518
[   16.845678] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.845726] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.845779] page_type: f5(slab)
[   16.846198] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.846636] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.846726] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.847354] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.847462] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff
[   16.847547] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.847725] page dumped because: kasan: bad access detected
[   16.847981] 
[   16.848073] Memory state around the buggy address:
[   16.848531]  fff00000c4519b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.848623]  fff00000c4519c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.848803] >fff00000c4519c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.848846]                                                           ^
[   16.848900]  fff00000c4519d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.848942]  fff00000c4519d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.848981] ==================================================================
[   16.888865] ==================================================================
[   16.888951] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   16.889021] Write of size 1 at addr fff00000c77e20c9 by task kunit_try_catch/162
[   16.889074] 
[   16.889125] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   16.889210] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.889492] Hardware name: linux,dummy-virt (DT)
[   16.889547] Call trace:
[   16.889635]  show_stack+0x20/0x38 (C)
[   16.889698]  dump_stack_lvl+0x8c/0xd0
[   16.889766]  print_report+0x118/0x608
[   16.889815]  kasan_report+0xdc/0x128
[   16.889861]  __asan_report_store1_noabort+0x20/0x30
[   16.889915]  krealloc_less_oob_helper+0xa48/0xc50
[   16.889965]  krealloc_large_less_oob+0x20/0x38
[   16.890013]  kunit_try_run_case+0x170/0x3f0
[   16.890275]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.890341]  kthread+0x328/0x630
[   16.890412]  ret_from_fork+0x10/0x20
[   16.890565] 
[   16.890585] The buggy address belongs to the physical page:
[   16.893890] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0
[   16.894178] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.894230] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.894287] page_type: f8(unknown)
[   16.894334] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.894389] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.894444] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.894498] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.894552] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff
[   16.894606] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.894647] page dumped because: kasan: bad access detected
[   16.894677] 
[   16.894695] Memory state around the buggy address:
[   16.894728]  fff00000c77e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.894773]  fff00000c77e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.894818] >fff00000c77e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.894857]                                               ^
[   16.894895]  fff00000c77e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.894939]  fff00000c77e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.894979] ==================================================================
[   16.895417] ==================================================================
[   16.895464] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   16.895512] Write of size 1 at addr fff00000c77e20d0 by task kunit_try_catch/162
[   16.895562] 
[   16.895594] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   16.895674] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.901858] Hardware name: linux,dummy-virt (DT)
[   16.901919] Call trace:
[   16.901957]  show_stack+0x20/0x38 (C)
[   16.902105]  dump_stack_lvl+0x8c/0xd0
[   16.902251]  print_report+0x118/0x608
[   16.902315]  kasan_report+0xdc/0x128
[   16.902976]  __asan_report_store1_noabort+0x20/0x30
[   16.903078]  krealloc_less_oob_helper+0xb9c/0xc50
[   16.903325]  krealloc_large_less_oob+0x20/0x38
[   16.903517]  kunit_try_run_case+0x170/0x3f0
[   16.903899]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.904249]  kthread+0x328/0x630
[   16.904480]  ret_from_fork+0x10/0x20
[   16.904533] 
[   16.904554] The buggy address belongs to the physical page:
[   16.904586] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0
[   16.904639] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.904686] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.905210] page_type: f8(unknown)
[   16.905676] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.905737] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.906021] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.906471] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.906780] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff
[   16.907046] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.907319] page dumped because: kasan: bad access detected
[   16.907355] 
[   16.907372] Memory state around the buggy address:
[   16.907656]  fff00000c77e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.908068]  fff00000c77e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.908247] >fff00000c77e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.908484]                                                  ^
[   16.908533]  fff00000c77e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.908872]  fff00000c77e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.909183] ==================================================================
[   16.926965] ==================================================================
[   16.927009] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   16.927058] Write of size 1 at addr fff00000c77e20eb by task kunit_try_catch/162
[   16.927124] 
[   16.927153] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   16.927233] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.927258] Hardware name: linux,dummy-virt (DT)
[   16.927287] Call trace:
[   16.927309]  show_stack+0x20/0x38 (C)
[   16.927516]  dump_stack_lvl+0x8c/0xd0
[   16.927571]  print_report+0x118/0x608
[   16.927618]  kasan_report+0xdc/0x128
[   16.927664]  __asan_report_store1_noabort+0x20/0x30
[   16.927715]  krealloc_less_oob_helper+0xa58/0xc50
[   16.927821]  krealloc_large_less_oob+0x20/0x38
[   16.927870]  kunit_try_run_case+0x170/0x3f0
[   16.927947]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.928010]  kthread+0x328/0x630
[   16.928059]  ret_from_fork+0x10/0x20
[   16.928186] 
[   16.928234] The buggy address belongs to the physical page:
[   16.928285] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0
[   16.928339] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.928478] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.928662] page_type: f8(unknown)
[   16.928748] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.928823] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.928879] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.928932] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.928986] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff
[   16.929049] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.929102] page dumped because: kasan: bad access detected
[   16.929132] 
[   16.929149] Memory state around the buggy address:
[   16.929180]  fff00000c77e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.929258]  fff00000c77e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.929305] >fff00000c77e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.929345]                                                           ^
[   16.929421]  fff00000c77e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.929505]  fff00000c77e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.929553] ==================================================================
[   16.852757] ==================================================================
[   16.852836] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   16.852891] Write of size 1 at addr fff00000c4519ceb by task kunit_try_catch/158
[   16.853417] 
[   16.853468] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   16.853552] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.853578] Hardware name: linux,dummy-virt (DT)
[   16.853618] Call trace:
[   16.853641]  show_stack+0x20/0x38 (C)
[   16.853697]  dump_stack_lvl+0x8c/0xd0
[   16.853747]  print_report+0x118/0x608
[   16.853794]  kasan_report+0xdc/0x128
[   16.853840]  __asan_report_store1_noabort+0x20/0x30
[   16.853897]  krealloc_less_oob_helper+0xa58/0xc50
[   16.853946]  krealloc_less_oob+0x20/0x38
[   16.853991]  kunit_try_run_case+0x170/0x3f0
[   16.854038]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.855865]  kthread+0x328/0x630
[   16.855925]  ret_from_fork+0x10/0x20
[   16.855976] 
[   16.855994] Allocated by task 158:
[   16.856029]  kasan_save_stack+0x3c/0x68
[   16.856073]  kasan_save_track+0x20/0x40
[   16.856125]  kasan_save_alloc_info+0x40/0x58
[   16.856166]  __kasan_krealloc+0x118/0x178
[   16.856203]  krealloc_noprof+0x128/0x360
[   16.856240]  krealloc_less_oob_helper+0x168/0xc50
[   16.856279]  krealloc_less_oob+0x20/0x38
[   16.856314]  kunit_try_run_case+0x170/0x3f0
[   16.856352]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.856394]  kthread+0x328/0x630
[   16.856426]  ret_from_fork+0x10/0x20
[   16.856461] 
[   16.856479] The buggy address belongs to the object at fff00000c4519c00
[   16.856479]  which belongs to the cache kmalloc-256 of size 256
[   16.856535] The buggy address is located 34 bytes to the right of
[   16.856535]  allocated 201-byte region [fff00000c4519c00, fff00000c4519cc9)
[   16.856599] 
[   16.856618] The buggy address belongs to the physical page:
[   16.857124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518
[   16.857231] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.857338] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.857392] page_type: f5(slab)
[   16.857431] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.857687] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.857929] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.857984] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.858167] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff
[   16.858359] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.858410] page dumped because: kasan: bad access detected
[   16.858442] 
[   16.858459] Memory state around the buggy address:
[   16.858490]  fff00000c4519b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.858532]  fff00000c4519c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.858573] >fff00000c4519c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.858611]                                                           ^
[   16.858648]  fff00000c4519d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.858690]  fff00000c4519d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.858728] ==================================================================
[   16.821822] ==================================================================
[   16.821977] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   16.822030] Write of size 1 at addr fff00000c4519cd0 by task kunit_try_catch/158
[   16.822441] 
[   16.822599] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   16.823018] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.823114] Hardware name: linux,dummy-virt (DT)
[   16.823242] Call trace:
[   16.823282]  show_stack+0x20/0x38 (C)
[   16.823340]  dump_stack_lvl+0x8c/0xd0
[   16.823545]  print_report+0x118/0x608
[   16.823744]  kasan_report+0xdc/0x128
[   16.823893]  __asan_report_store1_noabort+0x20/0x30
[   16.824018]  krealloc_less_oob_helper+0xb9c/0xc50
[   16.824230]  krealloc_less_oob+0x20/0x38
[   16.824667]  kunit_try_run_case+0x170/0x3f0
[   16.824833]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.825008]  kthread+0x328/0x630
[   16.825220]  ret_from_fork+0x10/0x20
[   16.825624] 
[   16.825724] Allocated by task 158:
[   16.825930]  kasan_save_stack+0x3c/0x68
[   16.826121]  kasan_save_track+0x20/0x40
[   16.826227]  kasan_save_alloc_info+0x40/0x58
[   16.826456]  __kasan_krealloc+0x118/0x178
[   16.826627]  krealloc_noprof+0x128/0x360
[   16.826742]  krealloc_less_oob_helper+0x168/0xc50
[   16.826848]  krealloc_less_oob+0x20/0x38
[   16.826892]  kunit_try_run_case+0x170/0x3f0
[   16.827220]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.827423]  kthread+0x328/0x630
[   16.827512]  ret_from_fork+0x10/0x20
[   16.827636] 
[   16.827725] The buggy address belongs to the object at fff00000c4519c00
[   16.827725]  which belongs to the cache kmalloc-256 of size 256
[   16.828144] The buggy address is located 7 bytes to the right of
[   16.828144]  allocated 201-byte region [fff00000c4519c00, fff00000c4519cc9)
[   16.828311] 
[   16.828381] The buggy address belongs to the physical page:
[   16.828514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518
[   16.828597] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.828644] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.828878] page_type: f5(slab)
[   16.828925] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.829365] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.829580] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.829661] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.830116] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff
[   16.830192] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.830333] page dumped because: kasan: bad access detected
[   16.830410] 
[   16.830452] Memory state around the buggy address:
[   16.830585]  fff00000c4519b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.830663]  fff00000c4519c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.830720] >fff00000c4519c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.830758]                                                  ^
[   16.830964]  fff00000c4519d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.831122]  fff00000c4519d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.831285] ==================================================================
[   16.921818] ==================================================================
[   16.921870] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   16.922462] Write of size 1 at addr fff00000c77e20ea by task kunit_try_catch/162
[   16.922531] 
[   16.922565] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   16.922929] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.923362] Hardware name: linux,dummy-virt (DT)
[   16.923437] Call trace:
[   16.923474]  show_stack+0x20/0x38 (C)
[   16.923574]  dump_stack_lvl+0x8c/0xd0
[   16.923627]  print_report+0x118/0x608
[   16.923686]  kasan_report+0xdc/0x128
[   16.923743]  __asan_report_store1_noabort+0x20/0x30
[   16.923795]  krealloc_less_oob_helper+0xae4/0xc50
[   16.923852]  krealloc_large_less_oob+0x20/0x38
[   16.923916]  kunit_try_run_case+0x170/0x3f0
[   16.923999]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.924081]  kthread+0x328/0x630
[   16.924168]  ret_from_fork+0x10/0x20
[   16.924218] 
[   16.924237] The buggy address belongs to the physical page:
[   16.924639] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0
[   16.924700] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.924747] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.924806] page_type: f8(unknown)
[   16.924851] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.924908] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.925715] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.925774] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.925829] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff
[   16.925881] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.925922] page dumped because: kasan: bad access detected
[   16.925953] 
[   16.925970] Memory state around the buggy address:
[   16.926003]  fff00000c77e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.926050]  fff00000c77e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.926108] >fff00000c77e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.926147]                                                           ^
[   16.926206]  fff00000c77e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.926340]  fff00000c77e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.926435] ==================================================================

[   12.459652] ==================================================================
[   12.460262] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   12.460637] Write of size 1 at addr ffff8881003418da by task kunit_try_catch/175
[   12.461145] 
[   12.461440] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.461486] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.461497] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.461517] Call Trace:
[   12.461635]  <TASK>
[   12.461652]  dump_stack_lvl+0x73/0xb0
[   12.461684]  print_report+0xd1/0x650
[   12.461705]  ? __virt_addr_valid+0x1db/0x2d0
[   12.461728]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.461752]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.461774]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.461798]  kasan_report+0x141/0x180
[   12.461872]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.461900]  __asan_report_store1_noabort+0x1b/0x30
[   12.461925]  krealloc_less_oob_helper+0xec6/0x11d0
[   12.461950]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.461974]  ? finish_task_switch.isra.0+0x153/0x700
[   12.461997]  ? __switch_to+0x47/0xf50
[   12.462021]  ? __schedule+0x10cc/0x2b60
[   12.462043]  ? __pfx_read_tsc+0x10/0x10
[   12.462067]  krealloc_less_oob+0x1c/0x30
[   12.462088]  kunit_try_run_case+0x1a5/0x480
[   12.462113]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.462137]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.462162]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.462186]  ? __kthread_parkme+0x82/0x180
[   12.462207]  ? preempt_count_sub+0x50/0x80
[   12.462229]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.462252]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.462276]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.462301]  kthread+0x337/0x6f0
[   12.462319]  ? trace_preempt_on+0x20/0xc0
[   12.462342]  ? __pfx_kthread+0x10/0x10
[   12.462362]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.462384]  ? calculate_sigpending+0x7b/0xa0
[   12.462409]  ? __pfx_kthread+0x10/0x10
[   12.462429]  ret_from_fork+0x116/0x1d0
[   12.462448]  ? __pfx_kthread+0x10/0x10
[   12.462467]  ret_from_fork_asm+0x1a/0x30
[   12.462498]  </TASK>
[   12.462507] 
[   12.473745] Allocated by task 175:
[   12.473997]  kasan_save_stack+0x45/0x70
[   12.474292]  kasan_save_track+0x18/0x40
[   12.474492]  kasan_save_alloc_info+0x3b/0x50
[   12.475135]  __kasan_krealloc+0x190/0x1f0
[   12.475347]  krealloc_noprof+0xf3/0x340
[   12.475536]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.475777]  krealloc_less_oob+0x1c/0x30
[   12.476286]  kunit_try_run_case+0x1a5/0x480
[   12.476467]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.476952]  kthread+0x337/0x6f0
[   12.477101]  ret_from_fork+0x116/0x1d0
[   12.477446]  ret_from_fork_asm+0x1a/0x30
[   12.477759] 
[   12.477856] The buggy address belongs to the object at ffff888100341800
[   12.477856]  which belongs to the cache kmalloc-256 of size 256
[   12.478652] The buggy address is located 17 bytes to the right of
[   12.478652]  allocated 201-byte region [ffff888100341800, ffff8881003418c9)
[   12.479551] 
[   12.479674] The buggy address belongs to the physical page:
[   12.480319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340
[   12.480887] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.481300] flags: 0x200000000000040(head|node=0|zone=2)
[   12.481654] page_type: f5(slab)
[   12.481829] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.482325] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.482671] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.483192] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.483624] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff
[   12.484151] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.484560] page dumped because: kasan: bad access detected
[   12.484947] 
[   12.485150] Memory state around the buggy address:
[   12.485722]  ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.486189]  ffff888100341800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.486475] >ffff888100341880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.487029]                                                     ^
[   12.487297]  ffff888100341900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.487667]  ffff888100341980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.488172] ==================================================================
[   12.646899] ==================================================================
[   12.647453] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   12.647718] Write of size 1 at addr ffff888101eae0ea by task kunit_try_catch/179
[   12.649707] 
[   12.649933] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.649980] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.649991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.650011] Call Trace:
[   12.650026]  <TASK>
[   12.650042]  dump_stack_lvl+0x73/0xb0
[   12.650072]  print_report+0xd1/0x650
[   12.650094]  ? __virt_addr_valid+0x1db/0x2d0
[   12.650117]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.650140]  ? kasan_addr_to_slab+0x11/0xa0
[   12.650161]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.650185]  kasan_report+0x141/0x180
[   12.650206]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.650234]  __asan_report_store1_noabort+0x1b/0x30
[   12.650259]  krealloc_less_oob_helper+0xe90/0x11d0
[   12.650284]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.650308]  ? finish_task_switch.isra.0+0x153/0x700
[   12.650330]  ? __switch_to+0x47/0xf50
[   12.650354]  ? __schedule+0x10cc/0x2b60
[   12.650375]  ? __pfx_read_tsc+0x10/0x10
[   12.650398]  krealloc_large_less_oob+0x1c/0x30
[   12.650421]  kunit_try_run_case+0x1a5/0x480
[   12.650444]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.650466]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.650489]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.650512]  ? __kthread_parkme+0x82/0x180
[   12.650532]  ? preempt_count_sub+0x50/0x80
[   12.650554]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.650578]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.650624]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.650649]  kthread+0x337/0x6f0
[   12.650667]  ? trace_preempt_on+0x20/0xc0
[   12.650690]  ? __pfx_kthread+0x10/0x10
[   12.650709]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.650730]  ? calculate_sigpending+0x7b/0xa0
[   12.650754]  ? __pfx_kthread+0x10/0x10
[   12.650774]  ret_from_fork+0x116/0x1d0
[   12.650804]  ? __pfx_kthread+0x10/0x10
[   12.650828]  ret_from_fork_asm+0x1a/0x30
[   12.650858]  </TASK>
[   12.650868] 
[   12.659353] The buggy address belongs to the physical page:
[   12.659557] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101eac
[   12.659897] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.660125] flags: 0x200000000000040(head|node=0|zone=2)
[   12.660573] page_type: f8(unknown)
[   12.660785] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.661196] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.661430] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.662946] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.663269] head: 0200000000000002 ffffea000407ab01 00000000ffffffff 00000000ffffffff
[   12.663561] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.663879] page dumped because: kasan: bad access detected
[   12.664133] 
[   12.664215] Memory state around the buggy address:
[   12.664447]  ffff888101eadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.664768]  ffff888101eae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.665158] >ffff888101eae080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.665425]                                                           ^
[   12.665722]  ffff888101eae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.666119]  ffff888101eae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.666401] ==================================================================
[   12.593382] ==================================================================
[   12.594060] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   12.594374] Write of size 1 at addr ffff888101eae0c9 by task kunit_try_catch/179
[   12.594707] 
[   12.595143] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.595338] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.595354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.595375] Call Trace:
[   12.595390]  <TASK>
[   12.595406]  dump_stack_lvl+0x73/0xb0
[   12.595439]  print_report+0xd1/0x650
[   12.595461]  ? __virt_addr_valid+0x1db/0x2d0
[   12.595484]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.595507]  ? kasan_addr_to_slab+0x11/0xa0
[   12.595527]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.595551]  kasan_report+0x141/0x180
[   12.595571]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.595611]  __asan_report_store1_noabort+0x1b/0x30
[   12.595635]  krealloc_less_oob_helper+0xd70/0x11d0
[   12.595660]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.595684]  ? finish_task_switch.isra.0+0x153/0x700
[   12.595708]  ? __switch_to+0x47/0xf50
[   12.595732]  ? __schedule+0x10cc/0x2b60
[   12.595754]  ? __pfx_read_tsc+0x10/0x10
[   12.595793]  krealloc_large_less_oob+0x1c/0x30
[   12.595817]  kunit_try_run_case+0x1a5/0x480
[   12.595843]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.595866]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.595890]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.595913]  ? __kthread_parkme+0x82/0x180
[   12.595934]  ? preempt_count_sub+0x50/0x80
[   12.595956]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.595980]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.596003]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.596028]  kthread+0x337/0x6f0
[   12.596046]  ? trace_preempt_on+0x20/0xc0
[   12.596069]  ? __pfx_kthread+0x10/0x10
[   12.596089]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.596110]  ? calculate_sigpending+0x7b/0xa0
[   12.596134]  ? __pfx_kthread+0x10/0x10
[   12.596154]  ret_from_fork+0x116/0x1d0
[   12.596171]  ? __pfx_kthread+0x10/0x10
[   12.596191]  ret_from_fork_asm+0x1a/0x30
[   12.596222]  </TASK>
[   12.596232] 
[   12.605260] The buggy address belongs to the physical page:
[   12.605515] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101eac
[   12.605851] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.606169] flags: 0x200000000000040(head|node=0|zone=2)
[   12.606355] page_type: f8(unknown)
[   12.606531] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.607050] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.607344] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.607666] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.608104] head: 0200000000000002 ffffea000407ab01 00000000ffffffff 00000000ffffffff
[   12.608401] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.608720] page dumped because: kasan: bad access detected
[   12.608993] 
[   12.609077] Memory state around the buggy address:
[   12.609233]  ffff888101eadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.609460]  ffff888101eae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.609789] >ffff888101eae080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.610100]                                               ^
[   12.610676]  ffff888101eae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.611111]  ffff888101eae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.611392] ==================================================================
[   12.628118] ==================================================================
[   12.628461] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   12.628973] Write of size 1 at addr ffff888101eae0da by task kunit_try_catch/179
[   12.629263] 
[   12.629354] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.629395] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.629406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.629426] Call Trace:
[   12.629439]  <TASK>
[   12.629454]  dump_stack_lvl+0x73/0xb0
[   12.629485]  print_report+0xd1/0x650
[   12.629508]  ? __virt_addr_valid+0x1db/0x2d0
[   12.629531]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.629554]  ? kasan_addr_to_slab+0x11/0xa0
[   12.629574]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.629611]  kasan_report+0x141/0x180
[   12.629632]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.629660]  __asan_report_store1_noabort+0x1b/0x30
[   12.629685]  krealloc_less_oob_helper+0xec6/0x11d0
[   12.629711]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.629735]  ? finish_task_switch.isra.0+0x153/0x700
[   12.629758]  ? __switch_to+0x47/0xf50
[   12.629783]  ? __schedule+0x10cc/0x2b60
[   12.629804]  ? __pfx_read_tsc+0x10/0x10
[   12.629879]  krealloc_large_less_oob+0x1c/0x30
[   12.629904]  kunit_try_run_case+0x1a5/0x480
[   12.629932]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.629955]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.629980]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.630004]  ? __kthread_parkme+0x82/0x180
[   12.630024]  ? preempt_count_sub+0x50/0x80
[   12.630047]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.630071]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.630096]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.630121]  kthread+0x337/0x6f0
[   12.630139]  ? trace_preempt_on+0x20/0xc0
[   12.630163]  ? __pfx_kthread+0x10/0x10
[   12.630182]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.630203]  ? calculate_sigpending+0x7b/0xa0
[   12.630227]  ? __pfx_kthread+0x10/0x10
[   12.630248]  ret_from_fork+0x116/0x1d0
[   12.630267]  ? __pfx_kthread+0x10/0x10
[   12.630287]  ret_from_fork_asm+0x1a/0x30
[   12.630317]  </TASK>
[   12.630327] 
[   12.638207] The buggy address belongs to the physical page:
[   12.638392] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101eac
[   12.638810] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.639163] flags: 0x200000000000040(head|node=0|zone=2)
[   12.639452] page_type: f8(unknown)
[   12.639581] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.639903] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.640133] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.640736] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.641173] head: 0200000000000002 ffffea000407ab01 00000000ffffffff 00000000ffffffff
[   12.641518] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.641937] page dumped because: kasan: bad access detected
[   12.642147] 
[   12.642216] Memory state around the buggy address:
[   12.642371]  ffff888101eadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.642587]  ffff888101eae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.643904] >ffff888101eae080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.644714]                                                     ^
[   12.645533]  ffff888101eae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.646294]  ffff888101eae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.646517] ==================================================================
[   12.488713] ==================================================================
[   12.488945] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   12.489689] Write of size 1 at addr ffff8881003418ea by task kunit_try_catch/175
[   12.490293] 
[   12.490408] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.490610] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.490623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.490642] Call Trace:
[   12.490662]  <TASK>
[   12.490680]  dump_stack_lvl+0x73/0xb0
[   12.490712]  print_report+0xd1/0x650
[   12.490734]  ? __virt_addr_valid+0x1db/0x2d0
[   12.490757]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.490781]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.490819]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.490851]  kasan_report+0x141/0x180
[   12.490872]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.490899]  __asan_report_store1_noabort+0x1b/0x30
[   12.490924]  krealloc_less_oob_helper+0xe90/0x11d0
[   12.490949]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.490973]  ? finish_task_switch.isra.0+0x153/0x700
[   12.490995]  ? __switch_to+0x47/0xf50
[   12.491020]  ? __schedule+0x10cc/0x2b60
[   12.491041]  ? __pfx_read_tsc+0x10/0x10
[   12.491065]  krealloc_less_oob+0x1c/0x30
[   12.491088]  kunit_try_run_case+0x1a5/0x480
[   12.491113]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.491135]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.491159]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.491181]  ? __kthread_parkme+0x82/0x180
[   12.491201]  ? preempt_count_sub+0x50/0x80
[   12.491223]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.491247]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.491272]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.491296]  kthread+0x337/0x6f0
[   12.491314]  ? trace_preempt_on+0x20/0xc0
[   12.491337]  ? __pfx_kthread+0x10/0x10
[   12.491357]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.491378]  ? calculate_sigpending+0x7b/0xa0
[   12.491402]  ? __pfx_kthread+0x10/0x10
[   12.491422]  ret_from_fork+0x116/0x1d0
[   12.491439]  ? __pfx_kthread+0x10/0x10
[   12.491459]  ret_from_fork_asm+0x1a/0x30
[   12.491489]  </TASK>
[   12.491499] 
[   12.502208] Allocated by task 175:
[   12.502577]  kasan_save_stack+0x45/0x70
[   12.502808]  kasan_save_track+0x18/0x40
[   12.503037]  kasan_save_alloc_info+0x3b/0x50
[   12.503464]  __kasan_krealloc+0x190/0x1f0
[   12.503668]  krealloc_noprof+0xf3/0x340
[   12.504027]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.504205]  krealloc_less_oob+0x1c/0x30
[   12.504433]  kunit_try_run_case+0x1a5/0x480
[   12.504647]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.505408]  kthread+0x337/0x6f0
[   12.505571]  ret_from_fork+0x116/0x1d0
[   12.506004]  ret_from_fork_asm+0x1a/0x30
[   12.506335] 
[   12.506412] The buggy address belongs to the object at ffff888100341800
[   12.506412]  which belongs to the cache kmalloc-256 of size 256
[   12.507241] The buggy address is located 33 bytes to the right of
[   12.507241]  allocated 201-byte region [ffff888100341800, ffff8881003418c9)
[   12.507900] 
[   12.508013] The buggy address belongs to the physical page:
[   12.508255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340
[   12.508555] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.509217] flags: 0x200000000000040(head|node=0|zone=2)
[   12.509419] page_type: f5(slab)
[   12.509793] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.510464] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.511016] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.511451] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.511966] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff
[   12.512289] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.512625] page dumped because: kasan: bad access detected
[   12.513152] 
[   12.513250] Memory state around the buggy address:
[   12.513443]  ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.513943]  ffff888100341800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.514349] >ffff888100341880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.514714]                                                           ^
[   12.515170]  ffff888100341900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.515753]  ffff888100341980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.516386] ==================================================================
[   12.517146] ==================================================================
[   12.517682] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   12.518356] Write of size 1 at addr ffff8881003418eb by task kunit_try_catch/175
[   12.518693] 
[   12.518793] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.518841] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.518852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.518872] Call Trace:
[   12.518891]  <TASK>
[   12.518909]  dump_stack_lvl+0x73/0xb0
[   12.518939]  print_report+0xd1/0x650
[   12.518960]  ? __virt_addr_valid+0x1db/0x2d0
[   12.518984]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.519007]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.519030]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.519054]  kasan_report+0x141/0x180
[   12.519074]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.519102]  __asan_report_store1_noabort+0x1b/0x30
[   12.519127]  krealloc_less_oob_helper+0xd47/0x11d0
[   12.519152]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.519176]  ? finish_task_switch.isra.0+0x153/0x700
[   12.519198]  ? __switch_to+0x47/0xf50
[   12.519224]  ? __schedule+0x10cc/0x2b60
[   12.519245]  ? __pfx_read_tsc+0x10/0x10
[   12.519269]  krealloc_less_oob+0x1c/0x30
[   12.519289]  kunit_try_run_case+0x1a5/0x480
[   12.519314]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.519336]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.519360]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.519382]  ? __kthread_parkme+0x82/0x180
[   12.519403]  ? preempt_count_sub+0x50/0x80
[   12.519424]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.519448]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.519471]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.519496]  kthread+0x337/0x6f0
[   12.519513]  ? trace_preempt_on+0x20/0xc0
[   12.519536]  ? __pfx_kthread+0x10/0x10
[   12.519556]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.519577]  ? calculate_sigpending+0x7b/0xa0
[   12.519610]  ? __pfx_kthread+0x10/0x10
[   12.519630]  ret_from_fork+0x116/0x1d0
[   12.519649]  ? __pfx_kthread+0x10/0x10
[   12.519884]  ret_from_fork_asm+0x1a/0x30
[   12.519916]  </TASK>
[   12.519926] 
[   12.529928] Allocated by task 175:
[   12.530109]  kasan_save_stack+0x45/0x70
[   12.530269]  kasan_save_track+0x18/0x40
[   12.530465]  kasan_save_alloc_info+0x3b/0x50
[   12.531182]  __kasan_krealloc+0x190/0x1f0
[   12.531362]  krealloc_noprof+0xf3/0x340
[   12.531719]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.532002]  krealloc_less_oob+0x1c/0x30
[   12.532323]  kunit_try_run_case+0x1a5/0x480
[   12.532616]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.533272]  kthread+0x337/0x6f0
[   12.533411]  ret_from_fork+0x116/0x1d0
[   12.533770]  ret_from_fork_asm+0x1a/0x30
[   12.534131] 
[   12.534225] The buggy address belongs to the object at ffff888100341800
[   12.534225]  which belongs to the cache kmalloc-256 of size 256
[   12.534879] The buggy address is located 34 bytes to the right of
[   12.534879]  allocated 201-byte region [ffff888100341800, ffff8881003418c9)
[   12.535607] 
[   12.535693] The buggy address belongs to the physical page:
[   12.535955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340
[   12.536609] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.537114] flags: 0x200000000000040(head|node=0|zone=2)
[   12.537490] page_type: f5(slab)
[   12.537631] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.538471] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.539007] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.539467] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.539934] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff
[   12.540432] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.540969] page dumped because: kasan: bad access detected
[   12.541196] 
[   12.541493] Memory state around the buggy address:
[   12.541887]  ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.542183]  ffff888100341800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.542746] >ffff888100341880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.543136]                                                           ^
[   12.543433]  ffff888100341900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.543752]  ffff888100341980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.544532] ==================================================================
[   12.611972] ==================================================================
[   12.612278] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   12.612605] Write of size 1 at addr ffff888101eae0d0 by task kunit_try_catch/179
[   12.612839] 
[   12.612952] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.613141] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.613157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.613176] Call Trace:
[   12.613188]  <TASK>
[   12.613203]  dump_stack_lvl+0x73/0xb0
[   12.613233]  print_report+0xd1/0x650
[   12.613255]  ? __virt_addr_valid+0x1db/0x2d0
[   12.613279]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.613301]  ? kasan_addr_to_slab+0x11/0xa0
[   12.613321]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.613345]  kasan_report+0x141/0x180
[   12.613366]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.613394]  __asan_report_store1_noabort+0x1b/0x30
[   12.613418]  krealloc_less_oob_helper+0xe23/0x11d0
[   12.613443]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.613467]  ? finish_task_switch.isra.0+0x153/0x700
[   12.613490]  ? __switch_to+0x47/0xf50
[   12.613514]  ? __schedule+0x10cc/0x2b60
[   12.613536]  ? __pfx_read_tsc+0x10/0x10
[   12.613559]  krealloc_large_less_oob+0x1c/0x30
[   12.613581]  kunit_try_run_case+0x1a5/0x480
[   12.613621]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.613644]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.613667]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.613691]  ? __kthread_parkme+0x82/0x180
[   12.613711]  ? preempt_count_sub+0x50/0x80
[   12.613733]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.613757]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.613790]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.613867]  kthread+0x337/0x6f0
[   12.613887]  ? trace_preempt_on+0x20/0xc0
[   12.613911]  ? __pfx_kthread+0x10/0x10
[   12.613930]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.613952]  ? calculate_sigpending+0x7b/0xa0
[   12.613976]  ? __pfx_kthread+0x10/0x10
[   12.613997]  ret_from_fork+0x116/0x1d0
[   12.614016]  ? __pfx_kthread+0x10/0x10
[   12.614036]  ret_from_fork_asm+0x1a/0x30
[   12.614067]  </TASK>
[   12.614077] 
[   12.621492] The buggy address belongs to the physical page:
[   12.621788] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101eac
[   12.622158] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.622537] flags: 0x200000000000040(head|node=0|zone=2)
[   12.622779] page_type: f8(unknown)
[   12.622969] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.623197] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.623582] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.623877] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.624413] head: 0200000000000002 ffffea000407ab01 00000000ffffffff 00000000ffffffff
[   12.624693] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.625002] page dumped because: kasan: bad access detected
[   12.625274] 
[   12.625430] Memory state around the buggy address:
[   12.625618]  ffff888101eadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.625834]  ffff888101eae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.626145] >ffff888101eae080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.626462]                                                  ^
[   12.626741]  ffff888101eae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.626959]  ffff888101eae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.627360] ==================================================================
[   12.666835] ==================================================================
[   12.667340] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   12.667754] Write of size 1 at addr ffff888101eae0eb by task kunit_try_catch/179
[   12.668038] 
[   12.668131] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.668175] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.668186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.668205] Call Trace:
[   12.668223]  <TASK>
[   12.668241]  dump_stack_lvl+0x73/0xb0
[   12.668270]  print_report+0xd1/0x650
[   12.668291]  ? __virt_addr_valid+0x1db/0x2d0
[   12.668315]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.668338]  ? kasan_addr_to_slab+0x11/0xa0
[   12.668358]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.668381]  kasan_report+0x141/0x180
[   12.668402]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.668430]  __asan_report_store1_noabort+0x1b/0x30
[   12.668454]  krealloc_less_oob_helper+0xd47/0x11d0
[   12.668480]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.668504]  ? finish_task_switch.isra.0+0x153/0x700
[   12.668526]  ? __switch_to+0x47/0xf50
[   12.668550]  ? __schedule+0x10cc/0x2b60
[   12.668571]  ? __pfx_read_tsc+0x10/0x10
[   12.668657]  krealloc_large_less_oob+0x1c/0x30
[   12.668684]  kunit_try_run_case+0x1a5/0x480
[   12.668709]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.668731]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.668755]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.668792]  ? __kthread_parkme+0x82/0x180
[   12.668848]  ? preempt_count_sub+0x50/0x80
[   12.668871]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.668895]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.668920]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.668944]  kthread+0x337/0x6f0
[   12.668962]  ? trace_preempt_on+0x20/0xc0
[   12.668986]  ? __pfx_kthread+0x10/0x10
[   12.669005]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.669026]  ? calculate_sigpending+0x7b/0xa0
[   12.669051]  ? __pfx_kthread+0x10/0x10
[   12.669071]  ret_from_fork+0x116/0x1d0
[   12.669090]  ? __pfx_kthread+0x10/0x10
[   12.669110]  ret_from_fork_asm+0x1a/0x30
[   12.669140]  </TASK>
[   12.669149] 
[   12.676724] The buggy address belongs to the physical page:
[   12.677079] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101eac
[   12.677360] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.677634] flags: 0x200000000000040(head|node=0|zone=2)
[   12.677883] page_type: f8(unknown)
[   12.678056] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.678369] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.678608] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.679405] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.679676] head: 0200000000000002 ffffea000407ab01 00000000ffffffff 00000000ffffffff
[   12.680259] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.680551] page dumped because: kasan: bad access detected
[   12.680775] 
[   12.680922] Memory state around the buggy address:
[   12.681130]  ffff888101eadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.681347]  ffff888101eae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.681671] >ffff888101eae080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.682059]                                                           ^
[   12.682313]  ffff888101eae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.682531]  ffff888101eae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.682998] ==================================================================
[   12.430454] ==================================================================
[   12.430790] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   12.431657] Write of size 1 at addr ffff8881003418d0 by task kunit_try_catch/175
[   12.432308] 
[   12.432424] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.432470] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.432481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.432501] Call Trace:
[   12.432513]  <TASK>
[   12.432532]  dump_stack_lvl+0x73/0xb0
[   12.432566]  print_report+0xd1/0x650
[   12.432589]  ? __virt_addr_valid+0x1db/0x2d0
[   12.432627]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.432651]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.432674]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.432697]  kasan_report+0x141/0x180
[   12.432718]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.432746]  __asan_report_store1_noabort+0x1b/0x30
[   12.432770]  krealloc_less_oob_helper+0xe23/0x11d0
[   12.433177]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.433204]  ? finish_task_switch.isra.0+0x153/0x700
[   12.433227]  ? __switch_to+0x47/0xf50
[   12.433253]  ? __schedule+0x10cc/0x2b60
[   12.433276]  ? __pfx_read_tsc+0x10/0x10
[   12.433301]  krealloc_less_oob+0x1c/0x30
[   12.433321]  kunit_try_run_case+0x1a5/0x480
[   12.433347]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.433369]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.433394]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.433417]  ? __kthread_parkme+0x82/0x180
[   12.433437]  ? preempt_count_sub+0x50/0x80
[   12.433459]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.433483]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.433507]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.433532]  kthread+0x337/0x6f0
[   12.433550]  ? trace_preempt_on+0x20/0xc0
[   12.433573]  ? __pfx_kthread+0x10/0x10
[   12.433607]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.433628]  ? calculate_sigpending+0x7b/0xa0
[   12.433652]  ? __pfx_kthread+0x10/0x10
[   12.433673]  ret_from_fork+0x116/0x1d0
[   12.433691]  ? __pfx_kthread+0x10/0x10
[   12.433710]  ret_from_fork_asm+0x1a/0x30
[   12.433740]  </TASK>
[   12.433750] 
[   12.444537] Allocated by task 175:
[   12.444740]  kasan_save_stack+0x45/0x70
[   12.445232]  kasan_save_track+0x18/0x40
[   12.445401]  kasan_save_alloc_info+0x3b/0x50
[   12.445755]  __kasan_krealloc+0x190/0x1f0
[   12.446171]  krealloc_noprof+0xf3/0x340
[   12.446460]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.446694]  krealloc_less_oob+0x1c/0x30
[   12.447281]  kunit_try_run_case+0x1a5/0x480
[   12.447475]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.447990]  kthread+0x337/0x6f0
[   12.448179]  ret_from_fork+0x116/0x1d0
[   12.448363]  ret_from_fork_asm+0x1a/0x30
[   12.448550] 
[   12.448658] The buggy address belongs to the object at ffff888100341800
[   12.448658]  which belongs to the cache kmalloc-256 of size 256
[   12.449629] The buggy address is located 7 bytes to the right of
[   12.449629]  allocated 201-byte region [ffff888100341800, ffff8881003418c9)
[   12.450341] 
[   12.450587] The buggy address belongs to the physical page:
[   12.450842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340
[   12.451322] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.451671] flags: 0x200000000000040(head|node=0|zone=2)
[   12.452304] page_type: f5(slab)
[   12.452458] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.453105] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.453517] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.454001] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.454447] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff
[   12.454879] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.455356] page dumped because: kasan: bad access detected
[   12.455685] 
[   12.455796] Memory state around the buggy address:
[   12.456156]  ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.456481]  ffff888100341800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.456792] >ffff888100341880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.457482]                                                  ^
[   12.457974]  ffff888100341900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.458297]  ffff888100341980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.458657] ==================================================================
[   12.397482] ==================================================================
[   12.398795] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   12.399574] Write of size 1 at addr ffff8881003418c9 by task kunit_try_catch/175
[   12.400505] 
[   12.400727] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   12.400777] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.400787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.400943] Call Trace:
[   12.400958]  <TASK>
[   12.400976]  dump_stack_lvl+0x73/0xb0
[   12.401012]  print_report+0xd1/0x650
[   12.401035]  ? __virt_addr_valid+0x1db/0x2d0
[   12.401060]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.401083]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.401106]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.401130]  kasan_report+0x141/0x180
[   12.401151]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.401179]  __asan_report_store1_noabort+0x1b/0x30
[   12.401204]  krealloc_less_oob_helper+0xd70/0x11d0
[   12.401230]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.401254]  ? finish_task_switch.isra.0+0x153/0x700
[   12.401279]  ? __switch_to+0x47/0xf50
[   12.401305]  ? __schedule+0x10cc/0x2b60
[   12.401328]  ? __pfx_read_tsc+0x10/0x10
[   12.401353]  krealloc_less_oob+0x1c/0x30
[   12.401373]  kunit_try_run_case+0x1a5/0x480
[   12.401399]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.401421]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.401446]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.401469]  ? __kthread_parkme+0x82/0x180
[   12.401490]  ? preempt_count_sub+0x50/0x80
[   12.401512]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.401536]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.401560]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.401584]  kthread+0x337/0x6f0
[   12.401625]  ? trace_preempt_on+0x20/0xc0
[   12.401649]  ? __pfx_kthread+0x10/0x10
[   12.401669]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.401689]  ? calculate_sigpending+0x7b/0xa0
[   12.401714]  ? __pfx_kthread+0x10/0x10
[   12.401734]  ret_from_fork+0x116/0x1d0
[   12.401752]  ? __pfx_kthread+0x10/0x10
[   12.401771]  ret_from_fork_asm+0x1a/0x30
[   12.401812]  </TASK>
[   12.401822] 
[   12.414720] Allocated by task 175:
[   12.415306]  kasan_save_stack+0x45/0x70
[   12.415765]  kasan_save_track+0x18/0x40
[   12.416454]  kasan_save_alloc_info+0x3b/0x50
[   12.417047]  __kasan_krealloc+0x190/0x1f0
[   12.417495]  krealloc_noprof+0xf3/0x340
[   12.418025]  krealloc_less_oob_helper+0x1aa/0x11d0
[   12.418258]  krealloc_less_oob+0x1c/0x30
[   12.418401]  kunit_try_run_case+0x1a5/0x480
[   12.418551]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.418748]  kthread+0x337/0x6f0
[   12.419008]  ret_from_fork+0x116/0x1d0
[   12.419303]  ret_from_fork_asm+0x1a/0x30
[   12.419971] 
[   12.420075] The buggy address belongs to the object at ffff888100341800
[   12.420075]  which belongs to the cache kmalloc-256 of size 256
[   12.420721] The buggy address is located 0 bytes to the right of
[   12.420721]  allocated 201-byte region [ffff888100341800, ffff8881003418c9)
[   12.421708] 
[   12.421816] The buggy address belongs to the physical page:
[   12.422079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340
[   12.422414] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.422746] flags: 0x200000000000040(head|node=0|zone=2)
[   12.423389] page_type: f5(slab)
[   12.423535] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.424073] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.424513] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   12.425047] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.425377] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff
[   12.425712] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   12.426255] page dumped because: kasan: bad access detected
[   12.426628] 
[   12.426703] Memory state around the buggy address:
[   12.427303]  ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.427623]  ffff888100341800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.428161] >ffff888100341880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   12.428530]                                               ^
[   12.428802]  ffff888100341900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.429269]  ffff888100341980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.429670] ==================================================================