lkft/sashal-linus-next - v6.13-rc7-43871-g530dddedcd5a - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper

Date

July 18, 2025, 2:09 p.m.

Environment
qemu-arm64
qemu-x86_64

[   16.851258] ==================================================================
[   16.851993] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   16.852094] Write of size 1 at addr fff00000c79020da by task kunit_try_catch/162
[   16.852156] 
[   16.852196] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.852431] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.852472] Hardware name: linux,dummy-virt (DT)
[   16.852508] Call trace:
[   16.852530]  show_stack+0x20/0x38 (C)
[   16.852581]  dump_stack_lvl+0x8c/0xd0
[   16.852631]  print_report+0x118/0x5d0
[   16.852677]  kasan_report+0xdc/0x128
[   16.852722]  __asan_report_store1_noabort+0x20/0x30
[   16.852772]  krealloc_less_oob_helper+0xa80/0xc50
[   16.852821]  krealloc_large_less_oob+0x20/0x38
[   16.852877]  kunit_try_run_case+0x170/0x3f0
[   16.852924]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.853665]  kthread+0x328/0x630
[   16.853721]  ret_from_fork+0x10/0x20
[   16.854231] 
[   16.854393] The buggy address belongs to the physical page:
[   16.854800] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900
[   16.854871] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.855250] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.855318] page_type: f8(unknown)
[   16.855722] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.855788] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.855871] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.855918] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.855966] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff
[   16.856389] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.856702] page dumped because: kasan: bad access detected
[   16.856819] 
[   16.856947] Memory state around the buggy address:
[   16.856987]  fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.857029]  fff00000c7902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.857482] >fff00000c7902080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.857651]                                                     ^
[   16.857771]  fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.858025]  fff00000c7902180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.858292] ==================================================================
[   16.860076] ==================================================================
[   16.860135] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   16.860201] Write of size 1 at addr fff00000c79020ea by task kunit_try_catch/162
[   16.860249] 
[   16.860282] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.860789] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.861021] Hardware name: linux,dummy-virt (DT)
[   16.861250] Call trace:
[   16.861274]  show_stack+0x20/0x38 (C)
[   16.861325]  dump_stack_lvl+0x8c/0xd0
[   16.861373]  print_report+0x118/0x5d0
[   16.861419]  kasan_report+0xdc/0x128
[   16.861954]  __asan_report_store1_noabort+0x20/0x30
[   16.862039]  krealloc_less_oob_helper+0xae4/0xc50
[   16.862088]  krealloc_large_less_oob+0x20/0x38
[   16.862294]  kunit_try_run_case+0x170/0x3f0
[   16.862345]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.862396]  kthread+0x328/0x630
[   16.862437]  ret_from_fork+0x10/0x20
[   16.862484] 
[   16.862503] The buggy address belongs to the physical page:
[   16.862534] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900
[   16.862584] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.862982] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.863062] page_type: f8(unknown)
[   16.863101] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.863828] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.863903] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.863979] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.864027] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff
[   16.864277] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.864318] page dumped because: kasan: bad access detected
[   16.864623] 
[   16.864645] Memory state around the buggy address:
[   16.864677]  fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.864720]  fff00000c7902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.864761] >fff00000c7902080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.864798]                                                           ^
[   16.864835]  fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.865029]  fff00000c7902180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.865069] ==================================================================
[   16.737961] ==================================================================
[   16.738120] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   16.738693] Write of size 1 at addr fff00000c1bc46ea by task kunit_try_catch/158
[   16.738752] 
[   16.738928] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.739038] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.739065] Hardware name: linux,dummy-virt (DT)
[   16.739095] Call trace:
[   16.739118]  show_stack+0x20/0x38 (C)
[   16.739173]  dump_stack_lvl+0x8c/0xd0
[   16.739222]  print_report+0x118/0x5d0
[   16.740111]  kasan_report+0xdc/0x128
[   16.740203]  __asan_report_store1_noabort+0x20/0x30
[   16.740521]  krealloc_less_oob_helper+0xae4/0xc50
[   16.740721]  krealloc_less_oob+0x20/0x38
[   16.740839]  kunit_try_run_case+0x170/0x3f0
[   16.741268]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.741353]  kthread+0x328/0x630
[   16.741401]  ret_from_fork+0x10/0x20
[   16.741922] 
[   16.741950] Allocated by task 158:
[   16.742040]  kasan_save_stack+0x3c/0x68
[   16.742087]  kasan_save_track+0x20/0x40
[   16.742124]  kasan_save_alloc_info+0x40/0x58
[   16.742164]  __kasan_krealloc+0x118/0x178
[   16.742201]  krealloc_noprof+0x128/0x360
[   16.742237]  krealloc_less_oob_helper+0x168/0xc50
[   16.742275]  krealloc_less_oob+0x20/0x38
[   16.742312]  kunit_try_run_case+0x170/0x3f0
[   16.742349]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.742392]  kthread+0x328/0x630
[   16.742424]  ret_from_fork+0x10/0x20
[   16.742459] 
[   16.742478] The buggy address belongs to the object at fff00000c1bc4600
[   16.742478]  which belongs to the cache kmalloc-256 of size 256
[   16.744057] The buggy address is located 33 bytes to the right of
[   16.744057]  allocated 201-byte region [fff00000c1bc4600, fff00000c1bc46c9)
[   16.744248] 
[   16.744448] The buggy address belongs to the physical page:
[   16.744483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4
[   16.744707] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.744759] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.744825] page_type: f5(slab)
[   16.744883] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.744933] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.745456] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.745608] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.745868] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff
[   16.746159] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.746201] page dumped because: kasan: bad access detected
[   16.746289] 
[   16.746811] Memory state around the buggy address:
[   16.746934]  fff00000c1bc4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.746978]  fff00000c1bc4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.747021] >fff00000c1bc4680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.747058]                                                           ^
[   16.747612]  fff00000c1bc4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.747768]  fff00000c1bc4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.747853] ==================================================================
[   16.721659] ==================================================================
[   16.721731] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   16.721798] Write of size 1 at addr fff00000c1bc46da by task kunit_try_catch/158
[   16.721865] 
[   16.723730] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.723839] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.723938] Hardware name: linux,dummy-virt (DT)
[   16.723970] Call trace:
[   16.723998]  show_stack+0x20/0x38 (C)
[   16.724158]  dump_stack_lvl+0x8c/0xd0
[   16.724500]  print_report+0x118/0x5d0
[   16.724552]  kasan_report+0xdc/0x128
[   16.724597]  __asan_report_store1_noabort+0x20/0x30
[   16.724860]  krealloc_less_oob_helper+0xa80/0xc50
[   16.724917]  krealloc_less_oob+0x20/0x38
[   16.724962]  kunit_try_run_case+0x170/0x3f0
[   16.725370]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.725764]  kthread+0x328/0x630
[   16.725833]  ret_from_fork+0x10/0x20
[   16.726327] 
[   16.726359] Allocated by task 158:
[   16.726633]  kasan_save_stack+0x3c/0x68
[   16.726683]  kasan_save_track+0x20/0x40
[   16.726720]  kasan_save_alloc_info+0x40/0x58
[   16.726910]  __kasan_krealloc+0x118/0x178
[   16.727287]  krealloc_noprof+0x128/0x360
[   16.727628]  krealloc_less_oob_helper+0x168/0xc50
[   16.727744]  krealloc_less_oob+0x20/0x38
[   16.727783]  kunit_try_run_case+0x170/0x3f0
[   16.728017]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.728073]  kthread+0x328/0x630
[   16.728106]  ret_from_fork+0x10/0x20
[   16.728141] 
[   16.728161] The buggy address belongs to the object at fff00000c1bc4600
[   16.728161]  which belongs to the cache kmalloc-256 of size 256
[   16.728404] The buggy address is located 17 bytes to the right of
[   16.728404]  allocated 201-byte region [fff00000c1bc4600, fff00000c1bc46c9)
[   16.728486] 
[   16.728886] The buggy address belongs to the physical page:
[   16.728955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4
[   16.729062] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.729286] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.729369] page_type: f5(slab)
[   16.729807] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.729878] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.730455] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.730707] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.730797] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff
[   16.730927] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.731128] page dumped because: kasan: bad access detected
[   16.731239] 
[   16.731257] Memory state around the buggy address:
[   16.731325]  fff00000c1bc4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.731693]  fff00000c1bc4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.731924] >fff00000c1bc4680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.731963]                                                     ^
[   16.732001]  fff00000c1bc4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.732149]  fff00000c1bc4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.732188] ==================================================================
[   16.867260] ==================================================================
[   16.867383] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   16.867434] Write of size 1 at addr fff00000c79020eb by task kunit_try_catch/162
[   16.867482] 
[   16.867513] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.867589] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.867615] Hardware name: linux,dummy-virt (DT)
[   16.867644] Call trace:
[   16.868165]  show_stack+0x20/0x38 (C)
[   16.868247]  dump_stack_lvl+0x8c/0xd0
[   16.868298]  print_report+0x118/0x5d0
[   16.868862]  kasan_report+0xdc/0x128
[   16.868924]  __asan_report_store1_noabort+0x20/0x30
[   16.869122]  krealloc_less_oob_helper+0xa58/0xc50
[   16.869400]  krealloc_large_less_oob+0x20/0x38
[   16.869449]  kunit_try_run_case+0x170/0x3f0
[   16.869504]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.869556]  kthread+0x328/0x630
[   16.869598]  ret_from_fork+0x10/0x20
[   16.869862] 
[   16.869886] The buggy address belongs to the physical page:
[   16.869944] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900
[   16.870544] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.870626] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.871105] page_type: f8(unknown)
[   16.871428] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.871481] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.871725] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.871921] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.872157] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff
[   16.872474] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.872756] page dumped because: kasan: bad access detected
[   16.872880] 
[   16.873003] Memory state around the buggy address:
[   16.873251]  fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.873533]  fff00000c7902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.873899] >fff00000c7902080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.874537]                                                           ^
[   16.875473]  fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.875814]  fff00000c7902180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.875870] ==================================================================
[   16.842985] ==================================================================
[   16.843050] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   16.843115] Write of size 1 at addr fff00000c79020d0 by task kunit_try_catch/162
[   16.843164] 
[   16.843575] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.843700] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.843734] Hardware name: linux,dummy-virt (DT)
[   16.843766] Call trace:
[   16.843788]  show_stack+0x20/0x38 (C)
[   16.843916]  dump_stack_lvl+0x8c/0xd0
[   16.844052]  print_report+0x118/0x5d0
[   16.844217]  kasan_report+0xdc/0x128
[   16.844407]  __asan_report_store1_noabort+0x20/0x30
[   16.844725]  krealloc_less_oob_helper+0xb9c/0xc50
[   16.844774]  krealloc_large_less_oob+0x20/0x38
[   16.845006]  kunit_try_run_case+0x170/0x3f0
[   16.845087]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.845237]  kthread+0x328/0x630
[   16.845446]  ret_from_fork+0x10/0x20
[   16.845504] 
[   16.845929] The buggy address belongs to the physical page:
[   16.846110] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900
[   16.846410] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.846500] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.846714] page_type: f8(unknown)
[   16.847001] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.847351] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.847406] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.847686] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.847908] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff
[   16.847958] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.847997] page dumped because: kasan: bad access detected
[   16.848028] 
[   16.848045] Memory state around the buggy address:
[   16.848078]  fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.848543]  fff00000c7902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.848603] >fff00000c7902080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.848641]                                                  ^
[   16.848970]  fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.849016]  fff00000c7902180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.849055] ==================================================================
[   16.751029] ==================================================================
[   16.751383] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   16.751447] Write of size 1 at addr fff00000c1bc46eb by task kunit_try_catch/158
[   16.751685] 
[   16.751769] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.752250] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.752278] Hardware name: linux,dummy-virt (DT)
[   16.752544] Call trace:
[   16.752795]  show_stack+0x20/0x38 (C)
[   16.752943]  dump_stack_lvl+0x8c/0xd0
[   16.753214]  print_report+0x118/0x5d0
[   16.753294]  kasan_report+0xdc/0x128
[   16.753347]  __asan_report_store1_noabort+0x20/0x30
[   16.753397]  krealloc_less_oob_helper+0xa58/0xc50
[   16.754013]  krealloc_less_oob+0x20/0x38
[   16.754072]  kunit_try_run_case+0x170/0x3f0
[   16.754128]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.754180]  kthread+0x328/0x630
[   16.754223]  ret_from_fork+0x10/0x20
[   16.754272] 
[   16.754291] Allocated by task 158:
[   16.755253]  kasan_save_stack+0x3c/0x68
[   16.755394]  kasan_save_track+0x20/0x40
[   16.755432]  kasan_save_alloc_info+0x40/0x58
[   16.755471]  __kasan_krealloc+0x118/0x178
[   16.755508]  krealloc_noprof+0x128/0x360
[   16.755820]  krealloc_less_oob_helper+0x168/0xc50
[   16.755880]  krealloc_less_oob+0x20/0x38
[   16.756106]  kunit_try_run_case+0x170/0x3f0
[   16.756500]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.756667]  kthread+0x328/0x630
[   16.756803]  ret_from_fork+0x10/0x20
[   16.756839] 
[   16.756870] The buggy address belongs to the object at fff00000c1bc4600
[   16.756870]  which belongs to the cache kmalloc-256 of size 256
[   16.757470] The buggy address is located 34 bytes to the right of
[   16.757470]  allocated 201-byte region [fff00000c1bc4600, fff00000c1bc46c9)
[   16.757548] 
[   16.757570] The buggy address belongs to the physical page:
[   16.757603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4
[   16.757657] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.757705] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.757759] page_type: f5(slab)
[   16.758832] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.759395] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.759639] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.759690] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.759738] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff
[   16.759785] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.759824] page dumped because: kasan: bad access detected
[   16.759865] 
[   16.759883] Memory state around the buggy address:
[   16.759916]  fff00000c1bc4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.761084]  fff00000c1bc4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.761136] >fff00000c1bc4680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.761595]                                                           ^
[   16.761918]  fff00000c1bc4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.762172]  fff00000c1bc4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.762249] ==================================================================
[   16.708926] ==================================================================
[   16.708991] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   16.709053] Write of size 1 at addr fff00000c1bc46d0 by task kunit_try_catch/158
[   16.709102] 
[   16.709140] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.709220] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.710405] Hardware name: linux,dummy-virt (DT)
[   16.710457] Call trace:
[   16.710481]  show_stack+0x20/0x38 (C)
[   16.710543]  dump_stack_lvl+0x8c/0xd0
[   16.710690]  print_report+0x118/0x5d0
[   16.710915]  kasan_report+0xdc/0x128
[   16.711056]  __asan_report_store1_noabort+0x20/0x30
[   16.711161]  krealloc_less_oob_helper+0xb9c/0xc50
[   16.711210]  krealloc_less_oob+0x20/0x38
[   16.711255]  kunit_try_run_case+0x170/0x3f0
[   16.712020]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.712299]  kthread+0x328/0x630
[   16.712355]  ret_from_fork+0x10/0x20
[   16.712409] 
[   16.712465] Allocated by task 158:
[   16.712500]  kasan_save_stack+0x3c/0x68
[   16.712544]  kasan_save_track+0x20/0x40
[   16.712770]  kasan_save_alloc_info+0x40/0x58
[   16.712814]  __kasan_krealloc+0x118/0x178
[   16.712862]  krealloc_noprof+0x128/0x360
[   16.712899]  krealloc_less_oob_helper+0x168/0xc50
[   16.713678]  krealloc_less_oob+0x20/0x38
[   16.713739]  kunit_try_run_case+0x170/0x3f0
[   16.714050]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.714274]  kthread+0x328/0x630
[   16.714367]  ret_from_fork+0x10/0x20
[   16.714411] 
[   16.714612] The buggy address belongs to the object at fff00000c1bc4600
[   16.714612]  which belongs to the cache kmalloc-256 of size 256
[   16.714770] The buggy address is located 7 bytes to the right of
[   16.714770]  allocated 201-byte region [fff00000c1bc4600, fff00000c1bc46c9)
[   16.714832] 
[   16.715186] The buggy address belongs to the physical page:
[   16.715224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4
[   16.715633] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.715688] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.715787] page_type: f5(slab)
[   16.715829] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.716240] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.716550] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.716876] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.716935] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff
[   16.716984] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.717025] page dumped because: kasan: bad access detected
[   16.717701] 
[   16.717725] Memory state around the buggy address:
[   16.718163]  fff00000c1bc4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.718363]  fff00000c1bc4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.718490] >fff00000c1bc4680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.718528]                                                  ^
[   16.718565]  fff00000c1bc4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.718606]  fff00000c1bc4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.718644] ==================================================================
[   16.831428] ==================================================================
[   16.832019] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   16.832172] Write of size 1 at addr fff00000c79020c9 by task kunit_try_catch/162
[   16.832227] 
[   16.832272] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.832774] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.832982] Hardware name: linux,dummy-virt (DT)
[   16.833542] Call trace:
[   16.833572]  show_stack+0x20/0x38 (C)
[   16.833788]  dump_stack_lvl+0x8c/0xd0
[   16.833851]  print_report+0x118/0x5d0
[   16.833900]  kasan_report+0xdc/0x128
[   16.833945]  __asan_report_store1_noabort+0x20/0x30
[   16.833995]  krealloc_less_oob_helper+0xa48/0xc50
[   16.834043]  krealloc_large_less_oob+0x20/0x38
[   16.835382]  kunit_try_run_case+0x170/0x3f0
[   16.835572]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.835625]  kthread+0x328/0x630
[   16.835937]  ret_from_fork+0x10/0x20
[   16.836370] 
[   16.836726] The buggy address belongs to the physical page:
[   16.836962] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900
[   16.837451] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.837728] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.837793] page_type: f8(unknown)
[   16.837839] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.838066] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.838377] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.838430] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.838624] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff
[   16.838674] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.839112] page dumped because: kasan: bad access detected
[   16.839152] 
[   16.839227] Memory state around the buggy address:
[   16.839483]  fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.839708]  fff00000c7902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.839755] >fff00000c7902080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.839791]                                               ^
[   16.839828]  fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.839878]  fff00000c7902180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.840075] ==================================================================
[   16.696250] ==================================================================
[   16.696315] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   16.696380] Write of size 1 at addr fff00000c1bc46c9 by task kunit_try_catch/158
[   16.696430] 
[   16.696467] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.696682] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.696774] Hardware name: linux,dummy-virt (DT)
[   16.696810] Call trace:
[   16.697118]  show_stack+0x20/0x38 (C)
[   16.697255]  dump_stack_lvl+0x8c/0xd0
[   16.697712]  print_report+0x118/0x5d0
[   16.697773]  kasan_report+0xdc/0x128
[   16.697819]  __asan_report_store1_noabort+0x20/0x30
[   16.697886]  krealloc_less_oob_helper+0xa48/0xc50
[   16.698387]  krealloc_less_oob+0x20/0x38
[   16.698518]  kunit_try_run_case+0x170/0x3f0
[   16.698755]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.699116]  kthread+0x328/0x630
[   16.699162]  ret_from_fork+0x10/0x20
[   16.699497] 
[   16.699516] Allocated by task 158:
[   16.699629]  kasan_save_stack+0x3c/0x68
[   16.699674]  kasan_save_track+0x20/0x40
[   16.699919]  kasan_save_alloc_info+0x40/0x58
[   16.700194]  __kasan_krealloc+0x118/0x178
[   16.700234]  krealloc_noprof+0x128/0x360
[   16.700271]  krealloc_less_oob_helper+0x168/0xc50
[   16.700310]  krealloc_less_oob+0x20/0x38
[   16.700805]  kunit_try_run_case+0x170/0x3f0
[   16.700867]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.700909]  kthread+0x328/0x630
[   16.701091]  ret_from_fork+0x10/0x20
[   16.701128] 
[   16.701147] The buggy address belongs to the object at fff00000c1bc4600
[   16.701147]  which belongs to the cache kmalloc-256 of size 256
[   16.701203] The buggy address is located 0 bytes to the right of
[   16.701203]  allocated 201-byte region [fff00000c1bc4600, fff00000c1bc46c9)
[   16.701263] 
[   16.701613] The buggy address belongs to the physical page:
[   16.701894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4
[   16.701954] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.701999] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.702054] page_type: f5(slab)
[   16.703146] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.703556] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.703697] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.703744] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.703792] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff
[   16.703839] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.704333] page dumped because: kasan: bad access detected
[   16.704438] 
[   16.704487] Memory state around the buggy address:
[   16.704523]  fff00000c1bc4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.704615]  fff00000c1bc4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.704865] >fff00000c1bc4680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.705107]                                               ^
[   16.705147]  fff00000c1bc4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.705189]  fff00000c1bc4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.705226] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

303EBflBPqSbIUkiUzReBHe3YjN

job_id

TEST:linaro@lkft#303EF25Pp9Vi9nJKRzPLQTha4DW

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303EF25Pp9Vi9nJKRzPLQTha4DW

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303ECYTm040GLO6kXFdSkAckpUQ/Image.gz
sha256sum	0cd43a55510452afcc094a9b71b52e570abcb0018a9c4b3e8c55713d88f43dcd

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303ECYTm040GLO6kXFdSkAckpUQ/modules.tar.xz
sha256sum	1123cbd40eab351130997a1b3dcec1375004e5d45c47d69105fc241be8d9036c

durations

tests

boot	0
kunit	182.38

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   16.491440] ==================================================================
[   16.491499] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   16.491545] Write of size 1 at addr fff00000c45cfed0 by task kunit_try_catch/158
[   16.491600] 
[   16.491630] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.491715] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.491855] Hardware name: linux,dummy-virt (DT)
[   16.492029] Call trace:
[   16.492104]  show_stack+0x20/0x38 (C)
[   16.492194]  dump_stack_lvl+0x8c/0xd0
[   16.492332]  print_report+0x118/0x5d0
[   16.492380]  kasan_report+0xdc/0x128
[   16.492425]  __asan_report_store1_noabort+0x20/0x30
[   16.492498]  krealloc_less_oob_helper+0xb9c/0xc50
[   16.492566]  krealloc_less_oob+0x20/0x38
[   16.492611]  kunit_try_run_case+0x170/0x3f0
[   16.492693]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.492756]  kthread+0x328/0x630
[   16.492797]  ret_from_fork+0x10/0x20
[   16.492927] 
[   16.492981] Allocated by task 158:
[   16.493009]  kasan_save_stack+0x3c/0x68
[   16.493103]  kasan_save_track+0x20/0x40
[   16.493189]  kasan_save_alloc_info+0x40/0x58
[   16.493267]  __kasan_krealloc+0x118/0x178
[   16.493378]  krealloc_noprof+0x128/0x360
[   16.493435]  krealloc_less_oob_helper+0x168/0xc50
[   16.493573]  krealloc_less_oob+0x20/0x38
[   16.493668]  kunit_try_run_case+0x170/0x3f0
[   16.493733]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.493775]  kthread+0x328/0x630
[   16.493806]  ret_from_fork+0x10/0x20
[   16.493854] 
[   16.493871] The buggy address belongs to the object at fff00000c45cfe00
[   16.493871]  which belongs to the cache kmalloc-256 of size 256
[   16.493925] The buggy address is located 7 bytes to the right of
[   16.493925]  allocated 201-byte region [fff00000c45cfe00, fff00000c45cfec9)
[   16.494021] 
[   16.494040] The buggy address belongs to the physical page:
[   16.494081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045ce
[   16.494131] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.494177] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.494242] page_type: f5(slab)
[   16.494285] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.494462] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.494511] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.494558] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.494605] head: 0bfffe0000000001 ffffc1ffc3117381 00000000ffffffff 00000000ffffffff
[   16.494652] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.494690] page dumped because: kasan: bad access detected
[   16.494729] 
[   16.494747] Memory state around the buggy address:
[   16.494777]  fff00000c45cfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.494845]  fff00000c45cfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.494887] >fff00000c45cfe80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.494935]                                                  ^
[   16.495090]  fff00000c45cff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.495211]  fff00000c45cff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.495283] ==================================================================
[   16.486724] ==================================================================
[   16.486967] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   16.487089] Write of size 1 at addr fff00000c45cfec9 by task kunit_try_catch/158
[   16.487343] 
[   16.487384] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.487569] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.487595] Hardware name: linux,dummy-virt (DT)
[   16.487625] Call trace:
[   16.487647]  show_stack+0x20/0x38 (C)
[   16.487695]  dump_stack_lvl+0x8c/0xd0
[   16.487749]  print_report+0x118/0x5d0
[   16.487907]  kasan_report+0xdc/0x128
[   16.488038]  __asan_report_store1_noabort+0x20/0x30
[   16.488304]  krealloc_less_oob_helper+0xa48/0xc50
[   16.488375]  krealloc_less_oob+0x20/0x38
[   16.488420]  kunit_try_run_case+0x170/0x3f0
[   16.488467]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.488518]  kthread+0x328/0x630
[   16.488560]  ret_from_fork+0x10/0x20
[   16.488606] 
[   16.488624] Allocated by task 158:
[   16.488693]  kasan_save_stack+0x3c/0x68
[   16.488735]  kasan_save_track+0x20/0x40
[   16.488784]  kasan_save_alloc_info+0x40/0x58
[   16.488823]  __kasan_krealloc+0x118/0x178
[   16.488859]  krealloc_noprof+0x128/0x360
[   16.488896]  krealloc_less_oob_helper+0x168/0xc50
[   16.488951]  krealloc_less_oob+0x20/0x38
[   16.489001]  kunit_try_run_case+0x170/0x3f0
[   16.489054]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.489109]  kthread+0x328/0x630
[   16.489150]  ret_from_fork+0x10/0x20
[   16.489185] 
[   16.489215] The buggy address belongs to the object at fff00000c45cfe00
[   16.489215]  which belongs to the cache kmalloc-256 of size 256
[   16.489270] The buggy address is located 0 bytes to the right of
[   16.489270]  allocated 201-byte region [fff00000c45cfe00, fff00000c45cfec9)
[   16.489339] 
[   16.489359] The buggy address belongs to the physical page:
[   16.489389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045ce
[   16.489441] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.489488] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.489641] page_type: f5(slab)
[   16.489694] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.489794] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.489843] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.489890] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.489937] head: 0bfffe0000000001 ffffc1ffc3117381 00000000ffffffff 00000000ffffffff
[   16.490027] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.490088] page dumped because: kasan: bad access detected
[   16.490118] 
[   16.490136] Memory state around the buggy address:
[   16.490166]  fff00000c45cfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.490336]  fff00000c45cfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.490378] >fff00000c45cfe80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.490471]                                               ^
[   16.490583]  fff00000c45cff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.490625]  fff00000c45cff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.490703] ==================================================================
[   16.538302] ==================================================================
[   16.538545] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   16.538626] Write of size 1 at addr fff00000c79ba0c9 by task kunit_try_catch/162
[   16.538678] 
[   16.538871] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.539002] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.539110] Hardware name: linux,dummy-virt (DT)
[   16.539147] Call trace:
[   16.539431]  show_stack+0x20/0x38 (C)
[   16.539632]  dump_stack_lvl+0x8c/0xd0
[   16.539755]  print_report+0x118/0x5d0
[   16.539807]  kasan_report+0xdc/0x128
[   16.539853]  __asan_report_store1_noabort+0x20/0x30
[   16.539951]  krealloc_less_oob_helper+0xa48/0xc50
[   16.540014]  krealloc_large_less_oob+0x20/0x38
[   16.540351]  kunit_try_run_case+0x170/0x3f0
[   16.540427]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.540480]  kthread+0x328/0x630
[   16.540700]  ret_from_fork+0x10/0x20
[   16.540832] 
[   16.540905] The buggy address belongs to the physical page:
[   16.540974] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8
[   16.541067] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.541114] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.541461] page_type: f8(unknown)
[   16.541582] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.541655] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.541730] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.541812] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.541860] head: 0bfffe0000000002 ffffc1ffc31e6e01 00000000ffffffff 00000000ffffffff
[   16.541914] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.541964] page dumped because: kasan: bad access detected
[   16.542009] 
[   16.542045] Memory state around the buggy address:
[   16.542078]  fff00000c79b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.542121]  fff00000c79ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.542162] >fff00000c79ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.542208]                                               ^
[   16.542244]  fff00000c79ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.542292]  fff00000c79ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.542340] ==================================================================
[   16.501425] ==================================================================
[   16.501472] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   16.501517] Write of size 1 at addr fff00000c45cfeea by task kunit_try_catch/158
[   16.501564] 
[   16.501594] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.501671] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.501706] Hardware name: linux,dummy-virt (DT)
[   16.501852] Call trace:
[   16.501964]  show_stack+0x20/0x38 (C)
[   16.502136]  dump_stack_lvl+0x8c/0xd0
[   16.502229]  print_report+0x118/0x5d0
[   16.502481]  kasan_report+0xdc/0x128
[   16.502709]  __asan_report_store1_noabort+0x20/0x30
[   16.502865]  krealloc_less_oob_helper+0xae4/0xc50
[   16.503036]  krealloc_less_oob+0x20/0x38
[   16.503272]  kunit_try_run_case+0x170/0x3f0
[   16.503959]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.504020]  kthread+0x328/0x630
[   16.504064]  ret_from_fork+0x10/0x20
[   16.504112] 
[   16.504129] Allocated by task 158:
[   16.504161]  kasan_save_stack+0x3c/0x68
[   16.504200]  kasan_save_track+0x20/0x40
[   16.504236]  kasan_save_alloc_info+0x40/0x58
[   16.504285]  __kasan_krealloc+0x118/0x178
[   16.504333]  krealloc_noprof+0x128/0x360
[   16.504371]  krealloc_less_oob_helper+0x168/0xc50
[   16.504602]  krealloc_less_oob+0x20/0x38
[   16.504773]  kunit_try_run_case+0x170/0x3f0
[   16.504811]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.504852]  kthread+0x328/0x630
[   16.504939]  ret_from_fork+0x10/0x20
[   16.504986] 
[   16.505005] The buggy address belongs to the object at fff00000c45cfe00
[   16.505005]  which belongs to the cache kmalloc-256 of size 256
[   16.505060] The buggy address is located 33 bytes to the right of
[   16.505060]  allocated 201-byte region [fff00000c45cfe00, fff00000c45cfec9)
[   16.505237] 
[   16.505265] The buggy address belongs to the physical page:
[   16.505294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045ce
[   16.505362] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.505408] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.505458] page_type: f5(slab)
[   16.505530] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.505643] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.505806] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.505855] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.505902] head: 0bfffe0000000001 ffffc1ffc3117381 00000000ffffffff 00000000ffffffff
[   16.505949] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.505988] page dumped because: kasan: bad access detected
[   16.506244] 
[   16.506264] Memory state around the buggy address:
[   16.506300]  fff00000c45cfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.506409]  fff00000c45cfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.506451] >fff00000c45cfe80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.506486]                                                           ^
[   16.506524]  fff00000c45cff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.506582]  fff00000c45cff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.506770] ==================================================================
[   16.543953] ==================================================================
[   16.544018] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   16.544357] Write of size 1 at addr fff00000c79ba0d0 by task kunit_try_catch/162
[   16.544409] 
[   16.544448] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.544705] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.544962] Hardware name: linux,dummy-virt (DT)
[   16.545049] Call trace:
[   16.545129]  show_stack+0x20/0x38 (C)
[   16.545409]  dump_stack_lvl+0x8c/0xd0
[   16.545638]  print_report+0x118/0x5d0
[   16.545705]  kasan_report+0xdc/0x128
[   16.545852]  __asan_report_store1_noabort+0x20/0x30
[   16.545930]  krealloc_less_oob_helper+0xb9c/0xc50
[   16.546084]  krealloc_large_less_oob+0x20/0x38
[   16.546136]  kunit_try_run_case+0x170/0x3f0
[   16.546345]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.546563]  kthread+0x328/0x630
[   16.546649]  ret_from_fork+0x10/0x20
[   16.546825] 
[   16.546875] The buggy address belongs to the physical page:
[   16.546906] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8
[   16.547266] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.547474] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.547760] page_type: f8(unknown)
[   16.547975] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.548032] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.548531] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.548818] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.548913] head: 0bfffe0000000002 ffffc1ffc31e6e01 00000000ffffffff 00000000ffffffff
[   16.549050] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.549215] page dumped because: kasan: bad access detected
[   16.549289] 
[   16.549315] Memory state around the buggy address:
[   16.549359]  fff00000c79b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.549634]  fff00000c79ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.549698] >fff00000c79ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.549844]                                                  ^
[   16.549889]  fff00000c79ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.549951]  fff00000c79ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.549997] ==================================================================
[   16.554523] ==================================================================
[   16.554660] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   16.554714] Write of size 1 at addr fff00000c79ba0ea by task kunit_try_catch/162
[   16.554781] 
[   16.554817] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.554895] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.554921] Hardware name: linux,dummy-virt (DT)
[   16.554951] Call trace:
[   16.555386]  show_stack+0x20/0x38 (C)
[   16.555492]  dump_stack_lvl+0x8c/0xd0
[   16.555681]  print_report+0x118/0x5d0
[   16.555745]  kasan_report+0xdc/0x128
[   16.555926]  __asan_report_store1_noabort+0x20/0x30
[   16.556001]  krealloc_less_oob_helper+0xae4/0xc50
[   16.556183]  krealloc_large_less_oob+0x20/0x38
[   16.556469]  kunit_try_run_case+0x170/0x3f0
[   16.556696]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.556778]  kthread+0x328/0x630
[   16.556862]  ret_from_fork+0x10/0x20
[   16.557219] 
[   16.557265] The buggy address belongs to the physical page:
[   16.557380] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8
[   16.557726] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.557845] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.557937] page_type: f8(unknown)
[   16.558025] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.558162] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.558333] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.558418] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.558495] head: 0bfffe0000000002 ffffc1ffc31e6e01 00000000ffffffff 00000000ffffffff
[   16.558674] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.558837] page dumped because: kasan: bad access detected
[   16.558935] 
[   16.558994] Memory state around the buggy address:
[   16.559055]  fff00000c79b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.559195]  fff00000c79ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.559261] >fff00000c79ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.559385]                                                           ^
[   16.559446]  fff00000c79ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.559487]  fff00000c79ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.559682] ==================================================================
[   16.561368] ==================================================================
[   16.561510] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   16.561562] Write of size 1 at addr fff00000c79ba0eb by task kunit_try_catch/162
[   16.561627] 
[   16.561691] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.561773] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.561833] Hardware name: linux,dummy-virt (DT)
[   16.561905] Call trace:
[   16.561955]  show_stack+0x20/0x38 (C)
[   16.562005]  dump_stack_lvl+0x8c/0xd0
[   16.562058]  print_report+0x118/0x5d0
[   16.562102]  kasan_report+0xdc/0x128
[   16.562146]  __asan_report_store1_noabort+0x20/0x30
[   16.562474]  krealloc_less_oob_helper+0xa58/0xc50
[   16.562645]  krealloc_large_less_oob+0x20/0x38
[   16.562698]  kunit_try_run_case+0x170/0x3f0
[   16.562764]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.562901]  kthread+0x328/0x630
[   16.562955]  ret_from_fork+0x10/0x20
[   16.563002] 
[   16.563030] The buggy address belongs to the physical page:
[   16.563211] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8
[   16.563398] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.563464] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.563577] page_type: f8(unknown)
[   16.563635] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.563712] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.563803] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.563899] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.563947] head: 0bfffe0000000002 ffffc1ffc31e6e01 00000000ffffffff 00000000ffffffff
[   16.564168] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.564222] page dumped because: kasan: bad access detected
[   16.564380] 
[   16.564406] Memory state around the buggy address:
[   16.564485]  fff00000c79b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.564701]  fff00000c79ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.564813] >fff00000c79ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.564909]                                                           ^
[   16.564965]  fff00000c79ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.565274]  fff00000c79ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.565442] ==================================================================
[   16.507282] ==================================================================
[   16.507337] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   16.507383] Write of size 1 at addr fff00000c45cfeeb by task kunit_try_catch/158
[   16.507430] 
[   16.507459] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.507535] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.507561] Hardware name: linux,dummy-virt (DT)
[   16.507591] Call trace:
[   16.507613]  show_stack+0x20/0x38 (C)
[   16.507659]  dump_stack_lvl+0x8c/0xd0
[   16.507704]  print_report+0x118/0x5d0
[   16.507750]  kasan_report+0xdc/0x128
[   16.507807]  __asan_report_store1_noabort+0x20/0x30
[   16.507859]  krealloc_less_oob_helper+0xa58/0xc50
[   16.507906]  krealloc_less_oob+0x20/0x38
[   16.508013]  kunit_try_run_case+0x170/0x3f0
[   16.508066]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.508129]  kthread+0x328/0x630
[   16.508314]  ret_from_fork+0x10/0x20
[   16.508378] 
[   16.508474] Allocated by task 158:
[   16.508510]  kasan_save_stack+0x3c/0x68
[   16.508578]  kasan_save_track+0x20/0x40
[   16.508696]  kasan_save_alloc_info+0x40/0x58
[   16.508735]  __kasan_krealloc+0x118/0x178
[   16.508772]  krealloc_noprof+0x128/0x360
[   16.508808]  krealloc_less_oob_helper+0x168/0xc50
[   16.508847]  krealloc_less_oob+0x20/0x38
[   16.508881]  kunit_try_run_case+0x170/0x3f0
[   16.508917]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.508960]  kthread+0x328/0x630
[   16.508990]  ret_from_fork+0x10/0x20
[   16.509035] 
[   16.509053] The buggy address belongs to the object at fff00000c45cfe00
[   16.509053]  which belongs to the cache kmalloc-256 of size 256
[   16.509109] The buggy address is located 34 bytes to the right of
[   16.509109]  allocated 201-byte region [fff00000c45cfe00, fff00000c45cfec9)
[   16.509384] 
[   16.509484] The buggy address belongs to the physical page:
[   16.509514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045ce
[   16.509739] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.509912] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.509961] page_type: f5(slab)
[   16.510276] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.510398] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.510495] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.510563] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.510701] head: 0bfffe0000000001 ffffc1ffc3117381 00000000ffffffff 00000000ffffffff
[   16.510774] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.510856] page dumped because: kasan: bad access detected
[   16.510975] 
[   16.511004] Memory state around the buggy address:
[   16.511034]  fff00000c45cfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.511340]  fff00000c45cfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.511399] >fff00000c45cfe80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.511436]                                                           ^
[   16.511473]  fff00000c45cff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.511515]  fff00000c45cff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.511578] ==================================================================
[   16.550910] ==================================================================
[   16.550956] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   16.551004] Write of size 1 at addr fff00000c79ba0da by task kunit_try_catch/162
[   16.551061] 
[   16.551092] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.551170] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.551206] Hardware name: linux,dummy-virt (DT)
[   16.551241] Call trace:
[   16.551264]  show_stack+0x20/0x38 (C)
[   16.551310]  dump_stack_lvl+0x8c/0xd0
[   16.551367]  print_report+0x118/0x5d0
[   16.551413]  kasan_report+0xdc/0x128
[   16.551457]  __asan_report_store1_noabort+0x20/0x30
[   16.551521]  krealloc_less_oob_helper+0xa80/0xc50
[   16.551569]  krealloc_large_less_oob+0x20/0x38
[   16.551616]  kunit_try_run_case+0x170/0x3f0
[   16.551664]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.551716]  kthread+0x328/0x630
[   16.551766]  ret_from_fork+0x10/0x20
[   16.551813] 
[   16.551832] The buggy address belongs to the physical page:
[   16.551871] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8
[   16.551923] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.551969] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.552017] page_type: f8(unknown)
[   16.552060] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.552108] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.552166] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.552214] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.552261] head: 0bfffe0000000002 ffffc1ffc31e6e01 00000000ffffffff 00000000ffffffff
[   16.552307] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.552355] page dumped because: kasan: bad access detected
[   16.552384] 
[   16.552812] Memory state around the buggy address:
[   16.552848]  fff00000c79b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.552894]  fff00000c79ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.553297] >fff00000c79ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.553360]                                                     ^
[   16.553451]  fff00000c79ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.553509]  fff00000c79ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.553757] ==================================================================
[   16.496225] ==================================================================
[   16.496272] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   16.496333] Write of size 1 at addr fff00000c45cfeda by task kunit_try_catch/158
[   16.496383] 
[   16.496421] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.496948] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.497062] Hardware name: linux,dummy-virt (DT)
[   16.497175] Call trace:
[   16.497212]  show_stack+0x20/0x38 (C)
[   16.497263]  dump_stack_lvl+0x8c/0xd0
[   16.497309]  print_report+0x118/0x5d0
[   16.497597]  kasan_report+0xdc/0x128
[   16.497646]  __asan_report_store1_noabort+0x20/0x30
[   16.497696]  krealloc_less_oob_helper+0xa80/0xc50
[   16.497857]  krealloc_less_oob+0x20/0x38
[   16.497972]  kunit_try_run_case+0x170/0x3f0
[   16.498039]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.498097]  kthread+0x328/0x630
[   16.498140]  ret_from_fork+0x10/0x20
[   16.498187] 
[   16.498205] Allocated by task 158:
[   16.498269]  kasan_save_stack+0x3c/0x68
[   16.498310]  kasan_save_track+0x20/0x40
[   16.498365]  kasan_save_alloc_info+0x40/0x58
[   16.498429]  __kasan_krealloc+0x118/0x178
[   16.498604]  krealloc_noprof+0x128/0x360
[   16.498662]  krealloc_less_oob_helper+0x168/0xc50
[   16.498765]  krealloc_less_oob+0x20/0x38
[   16.498801]  kunit_try_run_case+0x170/0x3f0
[   16.498837]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.498878]  kthread+0x328/0x630
[   16.499207]  ret_from_fork+0x10/0x20
[   16.499297] 
[   16.499410] The buggy address belongs to the object at fff00000c45cfe00
[   16.499410]  which belongs to the cache kmalloc-256 of size 256
[   16.499479] The buggy address is located 17 bytes to the right of
[   16.499479]  allocated 201-byte region [fff00000c45cfe00, fff00000c45cfec9)
[   16.499570] 
[   16.499590] The buggy address belongs to the physical page:
[   16.499621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045ce
[   16.499672] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.499718] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.499768] page_type: f5(slab)
[   16.499804] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.499911] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.500173] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.500329] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.500378] head: 0bfffe0000000001 ffffc1ffc3117381 00000000ffffffff 00000000ffffffff
[   16.500425] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.500464] page dumped because: kasan: bad access detected
[   16.500494] 
[   16.500512] Memory state around the buggy address:
[   16.500542]  fff00000c45cfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.500604]  fff00000c45cfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.500645] >fff00000c45cfe80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.500681]                                                     ^
[   16.500717]  fff00000c45cff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.500758]  fff00000c45cff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.500793] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

303Mu3ntpbAl90E7xFJwTYkz6hg

job_id

TEST:linaro@lkft#303MxbItH1xNBq5DVzgi5f9Vk9B

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303MxbItH1xNBq5DVzgi5f9Vk9B

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303MuvPW3SK4gLbQ1ALw5htqwSd/Image.gz
sha256sum	1d26a50b80602cf96dca0b9e5d4833d551bb9799e3e8f672f61c3fedb7c3633a

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303MuvPW3SK4gLbQ1ALw5htqwSd/modules.tar.xz
sha256sum	8d3b93659e4b7dd2c56e9a38da739978022e2707277d72909e50cc2549d4beb2

durations

tests

boot	0
kunit	169.06

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   16.480133] ==================================================================
[   16.480185] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   16.480294] Write of size 1 at addr fff00000c17c78da by task kunit_try_catch/158
[   16.480347] 
[   16.480379] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.480472] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.480498] Hardware name: linux,dummy-virt (DT)
[   16.480533] Call trace:
[   16.480616]  show_stack+0x20/0x38 (C)
[   16.480671]  dump_stack_lvl+0x8c/0xd0
[   16.480776]  print_report+0x118/0x5d0
[   16.480839]  kasan_report+0xdc/0x128
[   16.480884]  __asan_report_store1_noabort+0x20/0x30
[   16.481134]  krealloc_less_oob_helper+0xa80/0xc50
[   16.481247]  krealloc_less_oob+0x20/0x38
[   16.481330]  kunit_try_run_case+0x170/0x3f0
[   16.481395]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.481447]  kthread+0x328/0x630
[   16.481548]  ret_from_fork+0x10/0x20
[   16.481596] 
[   16.481641] Allocated by task 158:
[   16.481695]  kasan_save_stack+0x3c/0x68
[   16.481968]  kasan_save_track+0x20/0x40
[   16.482032]  kasan_save_alloc_info+0x40/0x58
[   16.482109]  __kasan_krealloc+0x118/0x178
[   16.482147]  krealloc_noprof+0x128/0x360
[   16.482183]  krealloc_less_oob_helper+0x168/0xc50
[   16.482249]  krealloc_less_oob+0x20/0x38
[   16.482285]  kunit_try_run_case+0x170/0x3f0
[   16.482321]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.482465]  kthread+0x328/0x630
[   16.482684]  ret_from_fork+0x10/0x20
[   16.482776] 
[   16.482796] The buggy address belongs to the object at fff00000c17c7800
[   16.482796]  which belongs to the cache kmalloc-256 of size 256
[   16.482863] The buggy address is located 17 bytes to the right of
[   16.482863]  allocated 201-byte region [fff00000c17c7800, fff00000c17c78c9)
[   16.482927] 
[   16.482946] The buggy address belongs to the physical page:
[   16.483127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6
[   16.483257] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.483336] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.483465] page_type: f5(slab)
[   16.483512] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.483560] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.483609] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.483655] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.483729] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff
[   16.483777] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.483975] page dumped because: kasan: bad access detected
[   16.484071] 
[   16.484153] Memory state around the buggy address:
[   16.484236]  fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.484278]  fff00000c17c7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.484330] >fff00000c17c7880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.484366]                                                     ^
[   16.484412]  fff00000c17c7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.484470]  fff00000c17c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.484530] ==================================================================
[   16.490195] ==================================================================
[   16.490273] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   16.490357] Write of size 1 at addr fff00000c17c78eb by task kunit_try_catch/158
[   16.490406] 
[   16.490438] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.490514] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.490539] Hardware name: linux,dummy-virt (DT)
[   16.490569] Call trace:
[   16.490590]  show_stack+0x20/0x38 (C)
[   16.490671]  dump_stack_lvl+0x8c/0xd0
[   16.490946]  print_report+0x118/0x5d0
[   16.491037]  kasan_report+0xdc/0x128
[   16.491137]  __asan_report_store1_noabort+0x20/0x30
[   16.491188]  krealloc_less_oob_helper+0xa58/0xc50
[   16.491246]  krealloc_less_oob+0x20/0x38
[   16.491292]  kunit_try_run_case+0x170/0x3f0
[   16.491338]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.491547]  kthread+0x328/0x630
[   16.491651]  ret_from_fork+0x10/0x20
[   16.491805] 
[   16.491883] Allocated by task 158:
[   16.491955]  kasan_save_stack+0x3c/0x68
[   16.492050]  kasan_save_track+0x20/0x40
[   16.492087]  kasan_save_alloc_info+0x40/0x58
[   16.492125]  __kasan_krealloc+0x118/0x178
[   16.492161]  krealloc_noprof+0x128/0x360
[   16.492378]  krealloc_less_oob_helper+0x168/0xc50
[   16.492497]  krealloc_less_oob+0x20/0x38
[   16.492595]  kunit_try_run_case+0x170/0x3f0
[   16.492750]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.492793]  kthread+0x328/0x630
[   16.492841]  ret_from_fork+0x10/0x20
[   16.493192] 
[   16.493263] The buggy address belongs to the object at fff00000c17c7800
[   16.493263]  which belongs to the cache kmalloc-256 of size 256
[   16.493433] The buggy address is located 34 bytes to the right of
[   16.493433]  allocated 201-byte region [fff00000c17c7800, fff00000c17c78c9)
[   16.493576] 
[   16.493670] The buggy address belongs to the physical page:
[   16.493700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6
[   16.493978] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.494095] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.494203] page_type: f5(slab)
[   16.494332] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.494457] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.494553] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.494601] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.494677] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff
[   16.495099] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.495191] page dumped because: kasan: bad access detected
[   16.495303] 
[   16.495352] Memory state around the buggy address:
[   16.495383]  fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.495424]  fff00000c17c7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.495465] >fff00000c17c7880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.495501]                                                           ^
[   16.495808]  fff00000c17c7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.495893]  fff00000c17c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.495965] ==================================================================
[   16.472805] ==================================================================
[   16.472860] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   16.472921] Write of size 1 at addr fff00000c17c78d0 by task kunit_try_catch/158
[   16.472997] 
[   16.473050] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.473153] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.473179] Hardware name: linux,dummy-virt (DT)
[   16.473254] Call trace:
[   16.473304]  show_stack+0x20/0x38 (C)
[   16.473383]  dump_stack_lvl+0x8c/0xd0
[   16.473430]  print_report+0x118/0x5d0
[   16.473475]  kasan_report+0xdc/0x128
[   16.473637]  __asan_report_store1_noabort+0x20/0x30
[   16.473854]  krealloc_less_oob_helper+0xb9c/0xc50
[   16.473909]  krealloc_less_oob+0x20/0x38
[   16.473953]  kunit_try_run_case+0x170/0x3f0
[   16.474051]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.474103]  kthread+0x328/0x630
[   16.474166]  ret_from_fork+0x10/0x20
[   16.474264] 
[   16.474313] Allocated by task 158:
[   16.474361]  kasan_save_stack+0x3c/0x68
[   16.474414]  kasan_save_track+0x20/0x40
[   16.474522]  kasan_save_alloc_info+0x40/0x58
[   16.474579]  __kasan_krealloc+0x118/0x178
[   16.474616]  krealloc_noprof+0x128/0x360
[   16.474652]  krealloc_less_oob_helper+0x168/0xc50
[   16.474709]  krealloc_less_oob+0x20/0x38
[   16.474836]  kunit_try_run_case+0x170/0x3f0
[   16.474875]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.475136]  kthread+0x328/0x630
[   16.475191]  ret_from_fork+0x10/0x20
[   16.475275] 
[   16.475884] The buggy address belongs to the object at fff00000c17c7800
[   16.475884]  which belongs to the cache kmalloc-256 of size 256
[   16.476050] The buggy address is located 7 bytes to the right of
[   16.476050]  allocated 201-byte region [fff00000c17c7800, fff00000c17c78c9)
[   16.476133] 
[   16.476153] The buggy address belongs to the physical page:
[   16.476182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6
[   16.476234] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.476279] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.476697] page_type: f5(slab)
[   16.476849] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.476964] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.477432] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.477518] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.477638] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff
[   16.477696] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.477901] page dumped because: kasan: bad access detected
[   16.478085] 
[   16.478197] Memory state around the buggy address:
[   16.478285]  fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.478408]  fff00000c17c7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.478502] >fff00000c17c7880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.478613]                                                  ^
[   16.478801]  fff00000c17c7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.478861]  fff00000c17c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.478897] ==================================================================
[   16.530785] ==================================================================
[   16.530848] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   16.530923] Write of size 1 at addr fff00000c76e20c9 by task kunit_try_catch/162
[   16.531035] 
[   16.531099] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.531336] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.531485] Hardware name: linux,dummy-virt (DT)
[   16.531695] Call trace:
[   16.531820]  show_stack+0x20/0x38 (C)
[   16.531956]  dump_stack_lvl+0x8c/0xd0
[   16.532325]  print_report+0x118/0x5d0
[   16.532521]  kasan_report+0xdc/0x128
[   16.532594]  __asan_report_store1_noabort+0x20/0x30
[   16.532742]  krealloc_less_oob_helper+0xa48/0xc50
[   16.532828]  krealloc_large_less_oob+0x20/0x38
[   16.533019]  kunit_try_run_case+0x170/0x3f0
[   16.533079]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.533613]  kthread+0x328/0x630
[   16.533752]  ret_from_fork+0x10/0x20
[   16.534029] 
[   16.534119] The buggy address belongs to the physical page:
[   16.534369] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e0
[   16.534453] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.534693] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.535028] page_type: f8(unknown)
[   16.535102] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.535444] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.535552] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.535648] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.535723] head: 0bfffe0000000002 ffffc1ffc31db801 00000000ffffffff 00000000ffffffff
[   16.535922] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.536158] page dumped because: kasan: bad access detected
[   16.536293] 
[   16.536452] Memory state around the buggy address:
[   16.536537]  fff00000c76e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.536652]  fff00000c76e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.536695] >fff00000c76e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.536781]                                               ^
[   16.536981]  fff00000c76e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.537082]  fff00000c76e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.537259] ==================================================================
[   16.542572] ==================================================================
[   16.542614] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50
[   16.542658] Write of size 1 at addr fff00000c76e20da by task kunit_try_catch/162
[   16.542704] 
[   16.542743] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.543239] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.543283] Hardware name: linux,dummy-virt (DT)
[   16.543702] Call trace:
[   16.543775]  show_stack+0x20/0x38 (C)
[   16.543828]  dump_stack_lvl+0x8c/0xd0
[   16.543877]  print_report+0x118/0x5d0
[   16.544360]  kasan_report+0xdc/0x128
[   16.544597]  __asan_report_store1_noabort+0x20/0x30
[   16.544765]  krealloc_less_oob_helper+0xa80/0xc50
[   16.544845]  krealloc_large_less_oob+0x20/0x38
[   16.545213]  kunit_try_run_case+0x170/0x3f0
[   16.545363]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.545530]  kthread+0x328/0x630
[   16.545634]  ret_from_fork+0x10/0x20
[   16.545696] 
[   16.545726] The buggy address belongs to the physical page:
[   16.546139] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e0
[   16.546414] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.546602] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.546728] page_type: f8(unknown)
[   16.546987] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.547080] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.547129] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.547570] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.547791] head: 0bfffe0000000002 ffffc1ffc31db801 00000000ffffffff 00000000ffffffff
[   16.547944] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.548232] page dumped because: kasan: bad access detected
[   16.548383] 
[   16.548631] Memory state around the buggy address:
[   16.548774]  fff00000c76e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.548887]  fff00000c76e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.549276] >fff00000c76e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.549473]                                                     ^
[   16.549603]  fff00000c76e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.550251]  fff00000c76e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.550566] ==================================================================
[   16.466312] ==================================================================
[   16.467028] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50
[   16.467102] Write of size 1 at addr fff00000c17c78c9 by task kunit_try_catch/158
[   16.467151] 
[   16.467186] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.467263] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.467289] Hardware name: linux,dummy-virt (DT)
[   16.467320] Call trace:
[   16.467342]  show_stack+0x20/0x38 (C)
[   16.467389]  dump_stack_lvl+0x8c/0xd0
[   16.467434]  print_report+0x118/0x5d0
[   16.467479]  kasan_report+0xdc/0x128
[   16.467523]  __asan_report_store1_noabort+0x20/0x30
[   16.467572]  krealloc_less_oob_helper+0xa48/0xc50
[   16.467619]  krealloc_less_oob+0x20/0x38
[   16.467662]  kunit_try_run_case+0x170/0x3f0
[   16.467708]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.467771]  kthread+0x328/0x630
[   16.467917]  ret_from_fork+0x10/0x20
[   16.467965] 
[   16.467983] Allocated by task 158:
[   16.468010]  kasan_save_stack+0x3c/0x68
[   16.468050]  kasan_save_track+0x20/0x40
[   16.468086]  kasan_save_alloc_info+0x40/0x58
[   16.468124]  __kasan_krealloc+0x118/0x178
[   16.468161]  krealloc_noprof+0x128/0x360
[   16.468196]  krealloc_less_oob_helper+0x168/0xc50
[   16.468526]  krealloc_less_oob+0x20/0x38
[   16.468589]  kunit_try_run_case+0x170/0x3f0
[   16.468705]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.468846]  kthread+0x328/0x630
[   16.468926]  ret_from_fork+0x10/0x20
[   16.469012] 
[   16.469119] The buggy address belongs to the object at fff00000c17c7800
[   16.469119]  which belongs to the cache kmalloc-256 of size 256
[   16.469203] The buggy address is located 0 bytes to the right of
[   16.469203]  allocated 201-byte region [fff00000c17c7800, fff00000c17c78c9)
[   16.469341] 
[   16.469380] The buggy address belongs to the physical page:
[   16.469422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6
[   16.469474] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.469519] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.469863] page_type: f5(slab)
[   16.469973] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.470152] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.470256] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.470430] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.470561] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff
[   16.470694] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.470745] page dumped because: kasan: bad access detected
[   16.470837] 
[   16.471173] Memory state around the buggy address:
[   16.471254]  fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.471373]  fff00000c17c7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.471421] >fff00000c17c7880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.471484]                                               ^
[   16.471612]  fff00000c17c7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.471671]  fff00000c17c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.471806] ==================================================================
[   16.538840] ==================================================================
[   16.538891] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50
[   16.539109] Write of size 1 at addr fff00000c76e20d0 by task kunit_try_catch/162
[   16.539347] 
[   16.539484] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.539686] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.539809] Hardware name: linux,dummy-virt (DT)
[   16.539927] Call trace:
[   16.539994]  show_stack+0x20/0x38 (C)
[   16.540085]  dump_stack_lvl+0x8c/0xd0
[   16.540342]  print_report+0x118/0x5d0
[   16.540897]  kasan_report+0xdc/0x128
[   16.541019]  __asan_report_store1_noabort+0x20/0x30
[   16.541083]  krealloc_less_oob_helper+0xb9c/0xc50
[   16.541132]  krealloc_large_less_oob+0x20/0x38
[   16.541178]  kunit_try_run_case+0x170/0x3f0
[   16.541236]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.541298]  kthread+0x328/0x630
[   16.541353]  ret_from_fork+0x10/0x20
[   16.541407] 
[   16.541441] The buggy address belongs to the physical page:
[   16.541472] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e0
[   16.541536] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.541590] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.541640] page_type: f8(unknown)
[   16.541698] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.541762] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.541819] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.541880] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.541942] head: 0bfffe0000000002 ffffc1ffc31db801 00000000ffffffff 00000000ffffffff
[   16.541991] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.542038] page dumped because: kasan: bad access detected
[   16.542076] 
[   16.542094] Memory state around the buggy address:
[   16.542133]  fff00000c76e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.542174]  fff00000c76e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.542229] >fff00000c76e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.542272]                                                  ^
[   16.542311]  fff00000c76e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.542354]  fff00000c76e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.542391] ==================================================================
[   16.561431] ==================================================================
[   16.561625] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50
[   16.561679] Write of size 1 at addr fff00000c76e20eb by task kunit_try_catch/162
[   16.561772] 
[   16.561811] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.561890] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.561916] Hardware name: linux,dummy-virt (DT)
[   16.562180] Call trace:
[   16.562307]  show_stack+0x20/0x38 (C)
[   16.562432]  dump_stack_lvl+0x8c/0xd0
[   16.562483]  print_report+0x118/0x5d0
[   16.562529]  kasan_report+0xdc/0x128
[   16.562573]  __asan_report_store1_noabort+0x20/0x30
[   16.562631]  krealloc_less_oob_helper+0xa58/0xc50
[   16.562679]  krealloc_large_less_oob+0x20/0x38
[   16.562737]  kunit_try_run_case+0x170/0x3f0
[   16.562784]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.562994]  kthread+0x328/0x630
[   16.563055]  ret_from_fork+0x10/0x20
[   16.563212] 
[   16.563243] The buggy address belongs to the physical page:
[   16.563274] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e0
[   16.563697] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.563823] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.563963] page_type: f8(unknown)
[   16.564052] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.564491] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.564641] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.564867] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.564962] head: 0bfffe0000000002 ffffc1ffc31db801 00000000ffffffff 00000000ffffffff
[   16.565144] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.565341] page dumped because: kasan: bad access detected
[   16.565472] 
[   16.565504] Memory state around the buggy address:
[   16.565564]  fff00000c76e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.565623]  fff00000c76e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.565887] >fff00000c76e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.566140]                                                           ^
[   16.566278]  fff00000c76e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.566432]  fff00000c76e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.566510] ==================================================================
[   16.553154] ==================================================================
[   16.553205] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   16.553259] Write of size 1 at addr fff00000c76e20ea by task kunit_try_catch/162
[   16.553316] 
[   16.553351] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.553597] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.553723] Hardware name: linux,dummy-virt (DT)
[   16.553840] Call trace:
[   16.554215]  show_stack+0x20/0x38 (C)
[   16.554278]  dump_stack_lvl+0x8c/0xd0
[   16.554388]  print_report+0x118/0x5d0
[   16.554463]  kasan_report+0xdc/0x128
[   16.554639]  __asan_report_store1_noabort+0x20/0x30
[   16.554692]  krealloc_less_oob_helper+0xae4/0xc50
[   16.554937]  krealloc_large_less_oob+0x20/0x38
[   16.555225]  kunit_try_run_case+0x170/0x3f0
[   16.555425]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.555790]  kthread+0x328/0x630
[   16.555857]  ret_from_fork+0x10/0x20
[   16.556307] 
[   16.556395] The buggy address belongs to the physical page:
[   16.556429] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e0
[   16.556610] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.556861] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.557074] page_type: f8(unknown)
[   16.557332] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.557678] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.557900] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.558010] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.558223] head: 0bfffe0000000002 ffffc1ffc31db801 00000000ffffffff 00000000ffffffff
[   16.558495] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.558601] page dumped because: kasan: bad access detected
[   16.558633] 
[   16.558827] Memory state around the buggy address:
[   16.559131]  fff00000c76e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.559211]  fff00000c76e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.559253] >fff00000c76e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   16.559296]                                                           ^
[   16.559527]  fff00000c76e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.559758]  fff00000c76e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.559929] ==================================================================
[   16.485522] ==================================================================
[   16.485615] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50
[   16.485669] Write of size 1 at addr fff00000c17c78ea by task kunit_try_catch/158
[   16.485729] 
[   16.485789] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.485906] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.485932] Hardware name: linux,dummy-virt (DT)
[   16.486000] Call trace:
[   16.486047]  show_stack+0x20/0x38 (C)
[   16.486096]  dump_stack_lvl+0x8c/0xd0
[   16.486418]  print_report+0x118/0x5d0
[   16.486522]  kasan_report+0xdc/0x128
[   16.486587]  __asan_report_store1_noabort+0x20/0x30
[   16.486640]  krealloc_less_oob_helper+0xae4/0xc50
[   16.486740]  krealloc_less_oob+0x20/0x38
[   16.486815]  kunit_try_run_case+0x170/0x3f0
[   16.486878]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.486963]  kthread+0x328/0x630
[   16.487007]  ret_from_fork+0x10/0x20
[   16.487072] 
[   16.487091] Allocated by task 158:
[   16.487120]  kasan_save_stack+0x3c/0x68
[   16.487399]  kasan_save_track+0x20/0x40
[   16.487507]  kasan_save_alloc_info+0x40/0x58
[   16.487642]  __kasan_krealloc+0x118/0x178
[   16.487702]  krealloc_noprof+0x128/0x360
[   16.487748]  krealloc_less_oob_helper+0x168/0xc50
[   16.487785]  krealloc_less_oob+0x20/0x38
[   16.487820]  kunit_try_run_case+0x170/0x3f0
[   16.487856]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.487897]  kthread+0x328/0x630
[   16.487938]  ret_from_fork+0x10/0x20
[   16.487982] 
[   16.488000] The buggy address belongs to the object at fff00000c17c7800
[   16.488000]  which belongs to the cache kmalloc-256 of size 256
[   16.488056] The buggy address is located 33 bytes to the right of
[   16.488056]  allocated 201-byte region [fff00000c17c7800, fff00000c17c78c9)
[   16.488117] 
[   16.488136] The buggy address belongs to the physical page:
[   16.488166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6
[   16.488218] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.488263] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.488313] page_type: f5(slab)
[   16.488350] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.488398] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.488455] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.488514] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.488561] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff
[   16.488607] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.488646] page dumped because: kasan: bad access detected
[   16.488683] 
[   16.488700] Memory state around the buggy address:
[   16.488741]  fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.488781]  fff00000c17c7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.488821] >fff00000c17c7880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   16.488880]                                                           ^
[   16.488917]  fff00000c17c7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.488957]  fff00000c17c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.489314] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

303Sxu1j8OyuX5lG527CuRMl0zm

job_id

TEST:linaro@lkft#303T1aQDgvcqrgu9gN0OeLGQz0C

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303T1aQDgvcqrgu9gN0OeLGQz0C

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303Syw9B0zr00cacsipIIbuVtmO/Image.gz
sha256sum	5b11eefa6d464ac909c4aaf2b2e503862ad9b898749580b0c74823fda864756c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303Syw9B0zr00cacsipIIbuVtmO/modules.tar.xz
sha256sum	5f304fbdafbe519859f7c742752446676e8da2e281160c33189afc6b1f45e458

durations

tests

boot	0
kunit	175.36

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   12.116177] ==================================================================
[   12.116553] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   12.117072] Write of size 1 at addr ffff888103a0e0ea by task kunit_try_catch/179
[   12.117377] 
[   12.117489] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   12.117549] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.117560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.117579] Call Trace:
[   12.117594]  <TASK>
[   12.117609]  dump_stack_lvl+0x73/0xb0
[   12.117651]  print_report+0xd1/0x610
[   12.117673]  ? __virt_addr_valid+0x1db/0x2d0
[   12.117696]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.117720]  ? kasan_addr_to_slab+0x11/0xa0
[   12.117740]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.117763]  kasan_report+0x141/0x180
[   12.117784]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.117833]  __asan_report_store1_noabort+0x1b/0x30
[   12.117857]  krealloc_less_oob_helper+0xe90/0x11d0
[   12.117883]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.117917]  ? finish_task_switch.isra.0+0x153/0x700
[   12.117939]  ? __switch_to+0x47/0xf50
[   12.117965]  ? __schedule+0x10cc/0x2b60
[   12.117997]  ? __pfx_read_tsc+0x10/0x10
[   12.118021]  krealloc_large_less_oob+0x1c/0x30
[   12.118043]  kunit_try_run_case+0x1a5/0x480
[   12.118067]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.118088]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.118112]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.118134]  ? __kthread_parkme+0x82/0x180
[   12.118155]  ? preempt_count_sub+0x50/0x80
[   12.118177]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.118200]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.118223]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.118246]  kthread+0x337/0x6f0
[   12.118265]  ? trace_preempt_on+0x20/0xc0
[   12.118287]  ? __pfx_kthread+0x10/0x10
[   12.118307]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.118351]  ? calculate_sigpending+0x7b/0xa0
[   12.118379]  ? __pfx_kthread+0x10/0x10
[   12.118400]  ret_from_fork+0x116/0x1d0
[   12.118418]  ? __pfx_kthread+0x10/0x10
[   12.118438]  ret_from_fork_asm+0x1a/0x30
[   12.118470]  </TASK>
[   12.118479] 
[   12.126021] The buggy address belongs to the physical page:
[   12.126285] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c
[   12.127565] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.127827] flags: 0x200000000000040(head|node=0|zone=2)
[   12.128084] page_type: f8(unknown)
[   12.128968] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.129390] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.130089] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.130674] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.131170] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff
[   12.131973] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.132412] page dumped because: kasan: bad access detected
[   12.132832] 
[   12.132990] Memory state around the buggy address:
[   12.133200]  ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.133490]  ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.134148] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.134478]                                                           ^
[   12.135141]  ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.135809]  ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.136266] ==================================================================
[   12.096194] ==================================================================
[   12.096927] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   12.097321] Write of size 1 at addr ffff888103a0e0da by task kunit_try_catch/179
[   12.098121] 
[   12.098326] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   12.098370] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.098381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.098400] Call Trace:
[   12.098418]  <TASK>
[   12.098435]  dump_stack_lvl+0x73/0xb0
[   12.098465]  print_report+0xd1/0x610
[   12.098488]  ? __virt_addr_valid+0x1db/0x2d0
[   12.098511]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.098534]  ? kasan_addr_to_slab+0x11/0xa0
[   12.098554]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.098578]  kasan_report+0x141/0x180
[   12.098599]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.098628]  __asan_report_store1_noabort+0x1b/0x30
[   12.098652]  krealloc_less_oob_helper+0xec6/0x11d0
[   12.098698]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.098722]  ? finish_task_switch.isra.0+0x153/0x700
[   12.098745]  ? __switch_to+0x47/0xf50
[   12.098802]  ? __schedule+0x10cc/0x2b60
[   12.098824]  ? __pfx_read_tsc+0x10/0x10
[   12.098848]  krealloc_large_less_oob+0x1c/0x30
[   12.098871]  kunit_try_run_case+0x1a5/0x480
[   12.098906]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.098927]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.098951]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.098975]  ? __kthread_parkme+0x82/0x180
[   12.099005]  ? preempt_count_sub+0x50/0x80
[   12.099029]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.099052]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.099075]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.099098]  kthread+0x337/0x6f0
[   12.099116]  ? trace_preempt_on+0x20/0xc0
[   12.099140]  ? __pfx_kthread+0x10/0x10
[   12.099161]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.099184]  ? calculate_sigpending+0x7b/0xa0
[   12.099209]  ? __pfx_kthread+0x10/0x10
[   12.099230]  ret_from_fork+0x116/0x1d0
[   12.099248]  ? __pfx_kthread+0x10/0x10
[   12.099268]  ret_from_fork_asm+0x1a/0x30
[   12.099301]  </TASK>
[   12.099311] 
[   12.107551] The buggy address belongs to the physical page:
[   12.107728] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c
[   12.108124] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.108900] flags: 0x200000000000040(head|node=0|zone=2)
[   12.109347] page_type: f8(unknown)
[   12.109650] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.110459] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.110701] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.111380] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.112089] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff
[   12.112866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.113614] page dumped because: kasan: bad access detected
[   12.113803] 
[   12.113872] Memory state around the buggy address:
[   12.114050]  ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.114268]  ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.114478] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.114729]                                                     ^
[   12.114976]  ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.115275]  ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.115723] ==================================================================
[   11.919753] ==================================================================
[   11.920408] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   11.921289] Write of size 1 at addr ffff888100355aea by task kunit_try_catch/175
[   11.921808] 
[   11.922219] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.922271] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.922282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.922303] Call Trace:
[   11.922321]  <TASK>
[   11.922339]  dump_stack_lvl+0x73/0xb0
[   11.922368]  print_report+0xd1/0x610
[   11.922391]  ? __virt_addr_valid+0x1db/0x2d0
[   11.922414]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.922436]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.922459]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.922482]  kasan_report+0x141/0x180
[   11.922504]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.922590]  __asan_report_store1_noabort+0x1b/0x30
[   11.922617]  krealloc_less_oob_helper+0xe90/0x11d0
[   11.922643]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.922669]  ? __kasan_check_write+0x18/0x20
[   11.922688]  ? queued_spin_lock_slowpath+0x116/0xb40
[   11.922712]  ? irqentry_exit+0x2a/0x60
[   11.922734]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.922757]  ? trace_hardirqs_on+0x37/0xe0
[   11.922785]  ? __pfx_read_tsc+0x10/0x10
[   11.922809]  krealloc_less_oob+0x1c/0x30
[   11.922829]  kunit_try_run_case+0x1a5/0x480
[   11.922853]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.922877]  ? queued_spin_lock_slowpath+0x116/0xb40
[   11.922911]  ? __kthread_parkme+0x82/0x180
[   11.922931]  ? preempt_count_sub+0x50/0x80
[   11.922956]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.922979]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.923003]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.923026]  kthread+0x337/0x6f0
[   11.923044]  ? trace_preempt_on+0x20/0xc0
[   11.923065]  ? __pfx_kthread+0x10/0x10
[   11.923085]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.923106]  ? calculate_sigpending+0x7b/0xa0
[   11.923130]  ? __pfx_kthread+0x10/0x10
[   11.923151]  ret_from_fork+0x116/0x1d0
[   11.923169]  ? __pfx_kthread+0x10/0x10
[   11.923188]  ret_from_fork_asm+0x1a/0x30
[   11.923220]  </TASK>
[   11.923230] 
[   11.937192] Allocated by task 175:
[   11.937630]  kasan_save_stack+0x45/0x70
[   11.938036]  kasan_save_track+0x18/0x40
[   11.938326]  kasan_save_alloc_info+0x3b/0x50
[   11.938686]  __kasan_krealloc+0x190/0x1f0
[   11.938944]  krealloc_noprof+0xf3/0x340
[   11.939310]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.939480]  krealloc_less_oob+0x1c/0x30
[   11.939865]  kunit_try_run_case+0x1a5/0x480
[   11.940391]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.941018]  kthread+0x337/0x6f0
[   11.941716]  ret_from_fork+0x116/0x1d0
[   11.941864]  ret_from_fork_asm+0x1a/0x30
[   11.942023] 
[   11.942096] The buggy address belongs to the object at ffff888100355a00
[   11.942096]  which belongs to the cache kmalloc-256 of size 256
[   11.942451] The buggy address is located 33 bytes to the right of
[   11.942451]  allocated 201-byte region [ffff888100355a00, ffff888100355ac9)
[   11.942823] 
[   11.942919] The buggy address belongs to the physical page:
[   11.943399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354
[   11.944247] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.945095] flags: 0x200000000000040(head|node=0|zone=2)
[   11.945691] page_type: f5(slab)
[   11.946015] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.946750] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.947808] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.948690] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.949437] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff
[   11.950269] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.950860] page dumped because: kasan: bad access detected
[   11.951079] 
[   11.951254] Memory state around the buggy address:
[   11.951740]  ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.952462]  ffff888100355a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.952872] >ffff888100355a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.953357]                                                           ^
[   11.954207]  ffff888100355b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.954785]  ffff888100355b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.955077] ==================================================================
[   12.044395] ==================================================================
[   12.045279] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   12.045914] Write of size 1 at addr ffff888103a0e0c9 by task kunit_try_catch/179
[   12.046710] 
[   12.046824] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   12.046875] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.046886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.046919] Call Trace:
[   12.046932]  <TASK>
[   12.046950]  dump_stack_lvl+0x73/0xb0
[   12.046983]  print_report+0xd1/0x610
[   12.047007]  ? __virt_addr_valid+0x1db/0x2d0
[   12.047031]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.047055]  ? kasan_addr_to_slab+0x11/0xa0
[   12.047075]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.047099]  kasan_report+0x141/0x180
[   12.047120]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   12.047149]  __asan_report_store1_noabort+0x1b/0x30
[   12.047174]  krealloc_less_oob_helper+0xd70/0x11d0
[   12.047200]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.047223]  ? finish_task_switch.isra.0+0x153/0x700
[   12.047247]  ? __switch_to+0x47/0xf50
[   12.047274]  ? __schedule+0x10cc/0x2b60
[   12.047297]  ? __pfx_read_tsc+0x10/0x10
[   12.047322]  krealloc_large_less_oob+0x1c/0x30
[   12.047344]  kunit_try_run_case+0x1a5/0x480
[   12.047371]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.047392]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.047417]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.047440]  ? __kthread_parkme+0x82/0x180
[   12.047461]  ? preempt_count_sub+0x50/0x80
[   12.047484]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.047507]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.047700]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.047726]  kthread+0x337/0x6f0
[   12.047760]  ? trace_preempt_on+0x20/0xc0
[   12.047784]  ? __pfx_kthread+0x10/0x10
[   12.047804]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.047826]  ? calculate_sigpending+0x7b/0xa0
[   12.047851]  ? __pfx_kthread+0x10/0x10
[   12.047872]  ret_from_fork+0x116/0x1d0
[   12.047900]  ? __pfx_kthread+0x10/0x10
[   12.047921]  ret_from_fork_asm+0x1a/0x30
[   12.047956]  </TASK>
[   12.047970] 
[   12.059095] The buggy address belongs to the physical page:
[   12.059368] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c
[   12.059691] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.060849] flags: 0x200000000000040(head|node=0|zone=2)
[   12.061221] page_type: f8(unknown)
[   12.061364] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.062014] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.062429] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.062937] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.063403] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff
[   12.063876] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.064337] page dumped because: kasan: bad access detected
[   12.064967] 
[   12.065086] Memory state around the buggy address:
[   12.065407]  ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.065963]  ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.066305] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.066683]                                               ^
[   12.067130]  ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.067521]  ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.068074] ==================================================================
[   12.136846] ==================================================================
[   12.137522] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   12.137985] Write of size 1 at addr ffff888103a0e0eb by task kunit_try_catch/179
[   12.138592] 
[   12.138951] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   12.139002] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.139014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.139041] Call Trace:
[   12.139058]  <TASK>
[   12.139075]  dump_stack_lvl+0x73/0xb0
[   12.139106]  print_report+0xd1/0x610
[   12.139129]  ? __virt_addr_valid+0x1db/0x2d0
[   12.139152]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.139176]  ? kasan_addr_to_slab+0x11/0xa0
[   12.139197]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.139221]  kasan_report+0x141/0x180
[   12.139242]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.139272]  __asan_report_store1_noabort+0x1b/0x30
[   12.139296]  krealloc_less_oob_helper+0xd47/0x11d0
[   12.139322]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.139346]  ? finish_task_switch.isra.0+0x153/0x700
[   12.139369]  ? __switch_to+0x47/0xf50
[   12.139394]  ? __schedule+0x10cc/0x2b60
[   12.139416]  ? __pfx_read_tsc+0x10/0x10
[   12.139441]  krealloc_large_less_oob+0x1c/0x30
[   12.139463]  kunit_try_run_case+0x1a5/0x480
[   12.139488]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.139509]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.139575]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.139600]  ? __kthread_parkme+0x82/0x180
[   12.139621]  ? preempt_count_sub+0x50/0x80
[   12.139644]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.139668]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.139691]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.139715]  kthread+0x337/0x6f0
[   12.139734]  ? trace_preempt_on+0x20/0xc0
[   12.139757]  ? __pfx_kthread+0x10/0x10
[   12.139777]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.139798]  ? calculate_sigpending+0x7b/0xa0
[   12.139823]  ? __pfx_kthread+0x10/0x10
[   12.139843]  ret_from_fork+0x116/0x1d0
[   12.139862]  ? __pfx_kthread+0x10/0x10
[   12.139882]  ret_from_fork_asm+0x1a/0x30
[   12.139925]  </TASK>
[   12.139936] 
[   12.152951] The buggy address belongs to the physical page:
[   12.153369] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c
[   12.153873] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.154438] flags: 0x200000000000040(head|node=0|zone=2)
[   12.154819] page_type: f8(unknown)
[   12.155171] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.155498] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.156110] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.156447] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.157022] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff
[   12.157616] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.158242] page dumped because: kasan: bad access detected
[   12.158466] 
[   12.158734] Memory state around the buggy address:
[   12.159068]  ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.159493]  ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.159911] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.160706]                                                           ^
[   12.161121]  ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.161654]  ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.162119] ==================================================================
[   11.841219] ==================================================================
[   11.841664] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   11.842140] Write of size 1 at addr ffff888100355ac9 by task kunit_try_catch/175
[   11.842439] 
[   11.842532] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.842577] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.842588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.842609] Call Trace:
[   11.842621]  <TASK>
[   11.842636]  dump_stack_lvl+0x73/0xb0
[   11.842664]  print_report+0xd1/0x610
[   11.842686]  ? __virt_addr_valid+0x1db/0x2d0
[   11.842709]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.842733]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.842755]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.842785]  kasan_report+0x141/0x180
[   11.842807]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.842836]  __asan_report_store1_noabort+0x1b/0x30
[   11.842860]  krealloc_less_oob_helper+0xd70/0x11d0
[   11.842886]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.842924]  ? __kasan_check_write+0x18/0x20
[   11.842944]  ? queued_spin_lock_slowpath+0x116/0xb40
[   11.842968]  ? irqentry_exit+0x2a/0x60
[   11.842989]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.843013]  ? trace_hardirqs_on+0x37/0xe0
[   11.843036]  ? __pfx_read_tsc+0x10/0x10
[   11.843060]  krealloc_less_oob+0x1c/0x30
[   11.843081]  kunit_try_run_case+0x1a5/0x480
[   11.843105]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.843129]  ? queued_spin_lock_slowpath+0x116/0xb40
[   11.843152]  ? __kthread_parkme+0x82/0x180
[   11.843173]  ? preempt_count_sub+0x50/0x80
[   11.843197]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.843238]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.843286]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.843310]  kthread+0x337/0x6f0
[   11.843329]  ? trace_preempt_on+0x20/0xc0
[   11.843350]  ? __pfx_kthread+0x10/0x10
[   11.843370]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.843391]  ? calculate_sigpending+0x7b/0xa0
[   11.843414]  ? __pfx_kthread+0x10/0x10
[   11.843435]  ret_from_fork+0x116/0x1d0
[   11.843453]  ? __pfx_kthread+0x10/0x10
[   11.843473]  ret_from_fork_asm+0x1a/0x30
[   11.843505]  </TASK>
[   11.843515] 
[   11.851788] Allocated by task 175:
[   11.851980]  kasan_save_stack+0x45/0x70
[   11.852184]  kasan_save_track+0x18/0x40
[   11.852347]  kasan_save_alloc_info+0x3b/0x50
[   11.852719]  __kasan_krealloc+0x190/0x1f0
[   11.852928]  krealloc_noprof+0xf3/0x340
[   11.853096]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.853330]  krealloc_less_oob+0x1c/0x30
[   11.853495]  kunit_try_run_case+0x1a5/0x480
[   11.853762]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.853957]  kthread+0x337/0x6f0
[   11.854140]  ret_from_fork+0x116/0x1d0
[   11.854326]  ret_from_fork_asm+0x1a/0x30
[   11.854496] 
[   11.854689] The buggy address belongs to the object at ffff888100355a00
[   11.854689]  which belongs to the cache kmalloc-256 of size 256
[   11.855306] The buggy address is located 0 bytes to the right of
[   11.855306]  allocated 201-byte region [ffff888100355a00, ffff888100355ac9)
[   11.855859] 
[   11.855970] The buggy address belongs to the physical page:
[   11.856198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354
[   11.856502] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.856880] flags: 0x200000000000040(head|node=0|zone=2)
[   11.857127] page_type: f5(slab)
[   11.857252] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.857676] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.857996] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.858502] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.858819] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff
[   11.859314] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.859674] page dumped because: kasan: bad access detected
[   11.859880] 
[   11.859960] Memory state around the buggy address:
[   11.860193]  ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.860536]  ffff888100355a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.860790] >ffff888100355a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.861145]                                               ^
[   11.861363]  ffff888100355b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.861577]  ffff888100355b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.861790] ==================================================================
[   11.955992] ==================================================================
[   11.956632] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   11.957213] Write of size 1 at addr ffff888100355aeb by task kunit_try_catch/175
[   11.957914] 
[   11.958171] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.958217] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.958228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.958248] Call Trace:
[   11.958267]  <TASK>
[   11.958296]  dump_stack_lvl+0x73/0xb0
[   11.958325]  print_report+0xd1/0x610
[   11.958360]  ? __virt_addr_valid+0x1db/0x2d0
[   11.958382]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.958405]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.958427]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.958451]  kasan_report+0x141/0x180
[   11.958473]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.958502]  __asan_report_store1_noabort+0x1b/0x30
[   11.958526]  krealloc_less_oob_helper+0xd47/0x11d0
[   11.958562]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.958587]  ? __kasan_check_write+0x18/0x20
[   11.958606]  ? queued_spin_lock_slowpath+0x116/0xb40
[   11.958629]  ? irqentry_exit+0x2a/0x60
[   11.958650]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.958674]  ? trace_hardirqs_on+0x37/0xe0
[   11.958697]  ? __pfx_read_tsc+0x10/0x10
[   11.958721]  krealloc_less_oob+0x1c/0x30
[   11.958741]  kunit_try_run_case+0x1a5/0x480
[   11.958771]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.958794]  ? queued_spin_lock_slowpath+0x116/0xb40
[   11.958817]  ? __kthread_parkme+0x82/0x180
[   11.958837]  ? preempt_count_sub+0x50/0x80
[   11.958862]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.958885]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.958919]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.958952]  kthread+0x337/0x6f0
[   11.958972]  ? trace_preempt_on+0x20/0xc0
[   11.958999]  ? __pfx_kthread+0x10/0x10
[   11.959019]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.959040]  ? calculate_sigpending+0x7b/0xa0
[   11.959064]  ? __pfx_kthread+0x10/0x10
[   11.959084]  ret_from_fork+0x116/0x1d0
[   11.959102]  ? __pfx_kthread+0x10/0x10
[   11.959122]  ret_from_fork_asm+0x1a/0x30
[   11.959154]  </TASK>
[   11.959163] 
[   11.970758] Allocated by task 175:
[   11.970999]  kasan_save_stack+0x45/0x70
[   11.971289]  kasan_save_track+0x18/0x40
[   11.971508]  kasan_save_alloc_info+0x3b/0x50
[   11.971740]  __kasan_krealloc+0x190/0x1f0
[   11.972013]  krealloc_noprof+0xf3/0x340
[   11.972150]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.972311]  krealloc_less_oob+0x1c/0x30
[   11.972449]  kunit_try_run_case+0x1a5/0x480
[   11.972595]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.972878]  kthread+0x337/0x6f0
[   11.973189]  ret_from_fork+0x116/0x1d0
[   11.973380]  ret_from_fork_asm+0x1a/0x30
[   11.973644] 
[   11.973804] The buggy address belongs to the object at ffff888100355a00
[   11.973804]  which belongs to the cache kmalloc-256 of size 256
[   11.974236] The buggy address is located 34 bytes to the right of
[   11.974236]  allocated 201-byte region [ffff888100355a00, ffff888100355ac9)
[   11.974806] 
[   11.974970] The buggy address belongs to the physical page:
[   11.975225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354
[   11.975612] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.976032] flags: 0x200000000000040(head|node=0|zone=2)
[   11.976244] page_type: f5(slab)
[   11.976510] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.976797] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.977081] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.977452] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.977973] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff
[   11.978207] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.978568] page dumped because: kasan: bad access detected
[   11.978836] 
[   11.978911] Memory state around the buggy address:
[   11.979362]  ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.979649]  ffff888100355a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.979956] >ffff888100355a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.980325]                                                           ^
[   11.980674]  ffff888100355b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.980947]  ffff888100355b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.981318] ==================================================================
[   11.885496] ==================================================================
[   11.886288] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   11.887194] Write of size 1 at addr ffff888100355ada by task kunit_try_catch/175
[   11.888002] 
[   11.888385] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.888434] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.888445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.888472] Call Trace:
[   11.888488]  <TASK>
[   11.888504]  dump_stack_lvl+0x73/0xb0
[   11.888532]  print_report+0xd1/0x610
[   11.888554]  ? __virt_addr_valid+0x1db/0x2d0
[   11.888577]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.888600]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.888622]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.888646]  kasan_report+0x141/0x180
[   11.888667]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.888696]  __asan_report_store1_noabort+0x1b/0x30
[   11.888728]  krealloc_less_oob_helper+0xec6/0x11d0
[   11.888754]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.888780]  ? __kasan_check_write+0x18/0x20
[   11.888799]  ? queued_spin_lock_slowpath+0x116/0xb40
[   11.888822]  ? irqentry_exit+0x2a/0x60
[   11.888843]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.888867]  ? trace_hardirqs_on+0x37/0xe0
[   11.888890]  ? __pfx_read_tsc+0x10/0x10
[   11.888924]  krealloc_less_oob+0x1c/0x30
[   11.888945]  kunit_try_run_case+0x1a5/0x480
[   11.888968]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.888992]  ? queued_spin_lock_slowpath+0x116/0xb40
[   11.889015]  ? __kthread_parkme+0x82/0x180
[   11.889035]  ? preempt_count_sub+0x50/0x80
[   11.889059]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.889082]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.889106]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.889129]  kthread+0x337/0x6f0
[   11.889147]  ? trace_preempt_on+0x20/0xc0
[   11.889168]  ? __pfx_kthread+0x10/0x10
[   11.889188]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.889211]  ? calculate_sigpending+0x7b/0xa0
[   11.889235]  ? __pfx_kthread+0x10/0x10
[   11.889256]  ret_from_fork+0x116/0x1d0
[   11.889274]  ? __pfx_kthread+0x10/0x10
[   11.889293]  ret_from_fork_asm+0x1a/0x30
[   11.889325]  </TASK>
[   11.889334] 
[   11.902908] Allocated by task 175:
[   11.903350]  kasan_save_stack+0x45/0x70
[   11.903802]  kasan_save_track+0x18/0x40
[   11.903957]  kasan_save_alloc_info+0x3b/0x50
[   11.904389]  __kasan_krealloc+0x190/0x1f0
[   11.904850]  krealloc_noprof+0xf3/0x340
[   11.905316]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.905485]  krealloc_less_oob+0x1c/0x30
[   11.905924]  kunit_try_run_case+0x1a5/0x480
[   11.906411]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.907004]  kthread+0x337/0x6f0
[   11.907220]  ret_from_fork+0x116/0x1d0
[   11.907356]  ret_from_fork_asm+0x1a/0x30
[   11.907495] 
[   11.907827] The buggy address belongs to the object at ffff888100355a00
[   11.907827]  which belongs to the cache kmalloc-256 of size 256
[   11.909128] The buggy address is located 17 bytes to the right of
[   11.909128]  allocated 201-byte region [ffff888100355a00, ffff888100355ac9)
[   11.910270] 
[   11.910346] The buggy address belongs to the physical page:
[   11.910526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354
[   11.910774] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.911034] flags: 0x200000000000040(head|node=0|zone=2)
[   11.911623] page_type: f5(slab)
[   11.911930] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.912415] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.913223] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.913701] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.914205] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff
[   11.914692] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.914988] page dumped because: kasan: bad access detected
[   11.915522] 
[   11.915623] Memory state around the buggy address:
[   11.915815]  ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.916404]  ffff888100355a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.916886] >ffff888100355a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.917474]                                                     ^
[   11.918064]  ffff888100355b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.918377]  ffff888100355b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.919091] ==================================================================
[   11.862256] ==================================================================
[   11.863010] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   11.863745] Write of size 1 at addr ffff888100355ad0 by task kunit_try_catch/175
[   11.864004] 
[   11.864117] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.864159] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.864169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.864189] Call Trace:
[   11.864203]  <TASK>
[   11.864219]  dump_stack_lvl+0x73/0xb0
[   11.864247]  print_report+0xd1/0x610
[   11.864268]  ? __virt_addr_valid+0x1db/0x2d0
[   11.864291]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.864314]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.864337]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.864361]  kasan_report+0x141/0x180
[   11.864382]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.864411]  __asan_report_store1_noabort+0x1b/0x30
[   11.864436]  krealloc_less_oob_helper+0xe23/0x11d0
[   11.864462]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.864488]  ? __kasan_check_write+0x18/0x20
[   11.864506]  ? queued_spin_lock_slowpath+0x116/0xb40
[   11.864573]  ? irqentry_exit+0x2a/0x60
[   11.864596]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.864620]  ? trace_hardirqs_on+0x37/0xe0
[   11.864644]  ? __pfx_read_tsc+0x10/0x10
[   11.864668]  krealloc_less_oob+0x1c/0x30
[   11.864690]  kunit_try_run_case+0x1a5/0x480
[   11.864713]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.864737]  ? queued_spin_lock_slowpath+0x116/0xb40
[   11.864761]  ? __kthread_parkme+0x82/0x180
[   11.864782]  ? preempt_count_sub+0x50/0x80
[   11.864806]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.864829]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.864853]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.864876]  kthread+0x337/0x6f0
[   11.864906]  ? trace_preempt_on+0x20/0xc0
[   11.864928]  ? __pfx_kthread+0x10/0x10
[   11.864948]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.864968]  ? calculate_sigpending+0x7b/0xa0
[   11.865000]  ? __pfx_kthread+0x10/0x10
[   11.865021]  ret_from_fork+0x116/0x1d0
[   11.865039]  ? __pfx_kthread+0x10/0x10
[   11.865059]  ret_from_fork_asm+0x1a/0x30
[   11.865091]  </TASK>
[   11.865101] 
[   11.873205] Allocated by task 175:
[   11.873401]  kasan_save_stack+0x45/0x70
[   11.873728]  kasan_save_track+0x18/0x40
[   11.873914]  kasan_save_alloc_info+0x3b/0x50
[   11.874103]  __kasan_krealloc+0x190/0x1f0
[   11.874287]  krealloc_noprof+0xf3/0x340
[   11.874479]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.874858]  krealloc_less_oob+0x1c/0x30
[   11.875106]  kunit_try_run_case+0x1a5/0x480
[   11.875291]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.875527]  kthread+0x337/0x6f0
[   11.875695]  ret_from_fork+0x116/0x1d0
[   11.875860]  ret_from_fork_asm+0x1a/0x30
[   11.876083] 
[   11.876158] The buggy address belongs to the object at ffff888100355a00
[   11.876158]  which belongs to the cache kmalloc-256 of size 256
[   11.876664] The buggy address is located 7 bytes to the right of
[   11.876664]  allocated 201-byte region [ffff888100355a00, ffff888100355ac9)
[   11.877046] 
[   11.877117] The buggy address belongs to the physical page:
[   11.877290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354
[   11.877530] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.877759] flags: 0x200000000000040(head|node=0|zone=2)
[   11.878055] page_type: f5(slab)
[   11.878225] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.878623] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.878987] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.879329] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.879804] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff
[   11.880205] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.880515] page dumped because: kasan: bad access detected
[   11.880741] 
[   11.880809] Memory state around the buggy address:
[   11.881142]  ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.881374]  ffff888100355a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.881878] >ffff888100355a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.882551]                                                  ^
[   11.882786]  ffff888100355b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.883872]  ffff888100355b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.884173] ==================================================================
[   12.069086] ==================================================================
[   12.069716] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   12.070419] Write of size 1 at addr ffff888103a0e0d0 by task kunit_try_catch/179
[   12.070668] 
[   12.070769] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   12.070812] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.070823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.070843] Call Trace:
[   12.070858]  <TASK>
[   12.070875]  dump_stack_lvl+0x73/0xb0
[   12.070918]  print_report+0xd1/0x610
[   12.070940]  ? __virt_addr_valid+0x1db/0x2d0
[   12.070963]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.070986]  ? kasan_addr_to_slab+0x11/0xa0
[   12.071006]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.071030]  kasan_report+0x141/0x180
[   12.071051]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   12.071080]  __asan_report_store1_noabort+0x1b/0x30
[   12.071104]  krealloc_less_oob_helper+0xe23/0x11d0
[   12.071130]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.071154]  ? finish_task_switch.isra.0+0x153/0x700
[   12.071176]  ? __switch_to+0x47/0xf50
[   12.071201]  ? __schedule+0x10cc/0x2b60
[   12.071223]  ? __pfx_read_tsc+0x10/0x10
[   12.071246]  krealloc_large_less_oob+0x1c/0x30
[   12.071268]  kunit_try_run_case+0x1a5/0x480
[   12.071292]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.071314]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.071337]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.071360]  ? __kthread_parkme+0x82/0x180
[   12.071380]  ? preempt_count_sub+0x50/0x80
[   12.071402]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.071425]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.071448]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.071471]  kthread+0x337/0x6f0
[   12.071490]  ? trace_preempt_on+0x20/0xc0
[   12.071513]  ? __pfx_kthread+0x10/0x10
[   12.071533]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.071553]  ? calculate_sigpending+0x7b/0xa0
[   12.071576]  ? __pfx_kthread+0x10/0x10
[   12.071597]  ret_from_fork+0x116/0x1d0
[   12.071615]  ? __pfx_kthread+0x10/0x10
[   12.071634]  ret_from_fork_asm+0x1a/0x30
[   12.071666]  </TASK>
[   12.071675] 
[   12.085255] The buggy address belongs to the physical page:
[   12.085501] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c
[   12.086398] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.086961] flags: 0x200000000000040(head|node=0|zone=2)
[   12.087505] page_type: f8(unknown)
[   12.087868] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.088449] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.088758] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.089368] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.090039] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff
[   12.090628] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.091210] page dumped because: kasan: bad access detected
[   12.091763] 
[   12.091833] Memory state around the buggy address:
[   12.092021]  ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.092233]  ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.092441] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.093017]                                                  ^
[   12.093718]  ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.094519]  ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.095279] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

303Sxu1j8OyuX5lG527CuRMl0zm

job_id

TEST:linaro@lkft#303T2OzuK6lIw4rRFlSAhCs7bnu

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303T2OzuK6lIw4rRFlSAhCs7bnu

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303Szma0mGNAiZG6rKGjPWN7fGT/bzImage
sha256sum	42041c61d6e46ef309c371e5fe2f53a0c6849e7beec0f7e1f396b9c65c0adbb2

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303Szma0mGNAiZG6rKGjPWN7fGT/modules.tar.xz
sha256sum	02cd970151971431ac5e5e4fcd602180a5476f25314259d1f76384cd0f280f1b

durations

tests

boot	0
kunit	226.78

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   11.880369] ==================================================================
[   11.881311] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   11.881767] Write of size 1 at addr ffff88810282a0ea by task kunit_try_catch/180
[   11.882073] 
[   11.882180] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.882219] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.882229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.882248] Call Trace:
[   11.882261]  <TASK>
[   11.882275]  dump_stack_lvl+0x73/0xb0
[   11.882301]  print_report+0xd1/0x610
[   11.882322]  ? __virt_addr_valid+0x1db/0x2d0
[   11.882345]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.882368]  ? kasan_addr_to_slab+0x11/0xa0
[   11.882397]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.882421]  kasan_report+0x141/0x180
[   11.882452]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.882481]  __asan_report_store1_noabort+0x1b/0x30
[   11.882507]  krealloc_less_oob_helper+0xe90/0x11d0
[   11.882533]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.882558]  ? finish_task_switch.isra.0+0x153/0x700
[   11.882581]  ? __switch_to+0x47/0xf50
[   11.882607]  ? __schedule+0x10cc/0x2b60
[   11.882629]  ? __pfx_read_tsc+0x10/0x10
[   11.882653]  krealloc_large_less_oob+0x1c/0x30
[   11.882676]  kunit_try_run_case+0x1a5/0x480
[   11.882700]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.882722]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.882745]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.882768]  ? __kthread_parkme+0x82/0x180
[   11.882788]  ? preempt_count_sub+0x50/0x80
[   11.882812]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.882835]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.882860]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.882883]  kthread+0x337/0x6f0
[   11.882902]  ? trace_preempt_on+0x20/0xc0
[   11.882926]  ? __pfx_kthread+0x10/0x10
[   11.882946]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.882967]  ? calculate_sigpending+0x7b/0xa0
[   11.882990]  ? __pfx_kthread+0x10/0x10
[   11.883011]  ret_from_fork+0x116/0x1d0
[   11.883029]  ? __pfx_kthread+0x10/0x10
[   11.883049]  ret_from_fork_asm+0x1a/0x30
[   11.883081]  </TASK>
[   11.883091] 
[   11.895003] The buggy address belongs to the physical page:
[   11.895263] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828
[   11.896228] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.896752] flags: 0x200000000000040(head|node=0|zone=2)
[   11.897030] page_type: f8(unknown)
[   11.897200] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.897963] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.898286] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.898924] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.899425] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff
[   11.899995] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.900475] page dumped because: kasan: bad access detected
[   11.900909] 
[   11.901014] Memory state around the buggy address:
[   11.901244]  ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.901967]  ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.902505] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.902806]                                                           ^
[   11.903366]  ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.903941]  ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.904506] ==================================================================
[   11.741256] ==================================================================
[   11.741529] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   11.741998] Write of size 1 at addr ffff88810034e2eb by task kunit_try_catch/176
[   11.742315] 
[   11.742484] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.742528] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.742538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.742580] Call Trace:
[   11.742595]  <TASK>
[   11.742609]  dump_stack_lvl+0x73/0xb0
[   11.742637]  print_report+0xd1/0x610
[   11.742673]  ? __virt_addr_valid+0x1db/0x2d0
[   11.742708]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.742731]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.742753]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.742776]  kasan_report+0x141/0x180
[   11.742798]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.742826]  __asan_report_store1_noabort+0x1b/0x30
[   11.742850]  krealloc_less_oob_helper+0xd47/0x11d0
[   11.742876]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.742900]  ? irqentry_exit+0x2a/0x60
[   11.742920]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.742950]  ? __pfx_krealloc_less_oob+0x10/0x10
[   11.742975]  krealloc_less_oob+0x1c/0x30
[   11.742996]  kunit_try_run_case+0x1a5/0x480
[   11.743018]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.743039]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.743062]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.743101]  ? __kthread_parkme+0x82/0x180
[   11.743121]  ? preempt_count_sub+0x50/0x80
[   11.743158]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.743181]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.743218]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.743254]  kthread+0x337/0x6f0
[   11.743272]  ? trace_preempt_on+0x20/0xc0
[   11.743294]  ? __pfx_kthread+0x10/0x10
[   11.743326]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.743347]  ? calculate_sigpending+0x7b/0xa0
[   11.743384]  ? __pfx_kthread+0x10/0x10
[   11.743405]  ret_from_fork+0x116/0x1d0
[   11.743601]  ? __pfx_kthread+0x10/0x10
[   11.743627]  ret_from_fork_asm+0x1a/0x30
[   11.743658]  </TASK>
[   11.743667] 
[   11.751330] Allocated by task 176:
[   11.751522]  kasan_save_stack+0x45/0x70
[   11.751717]  kasan_save_track+0x18/0x40
[   11.752222]  kasan_save_alloc_info+0x3b/0x50
[   11.752506]  __kasan_krealloc+0x190/0x1f0
[   11.752719]  krealloc_noprof+0xf3/0x340
[   11.752962]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.753214]  krealloc_less_oob+0x1c/0x30
[   11.753497]  kunit_try_run_case+0x1a5/0x480
[   11.753731]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.753945]  kthread+0x337/0x6f0
[   11.754061]  ret_from_fork+0x116/0x1d0
[   11.754190]  ret_from_fork_asm+0x1a/0x30
[   11.754357] 
[   11.754459] The buggy address belongs to the object at ffff88810034e200
[   11.754459]  which belongs to the cache kmalloc-256 of size 256
[   11.755031] The buggy address is located 34 bytes to the right of
[   11.755031]  allocated 201-byte region [ffff88810034e200, ffff88810034e2c9)
[   11.755803] 
[   11.755883] The buggy address belongs to the physical page:
[   11.756052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e
[   11.756286] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.756605] flags: 0x200000000000040(head|node=0|zone=2)
[   11.756843] page_type: f5(slab)
[   11.757107] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.757557] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.757898] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.758253] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.758664] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff
[   11.759003] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.759333] page dumped because: kasan: bad access detected
[   11.759764] 
[   11.759921] Memory state around the buggy address:
[   11.760074]  ffff88810034e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.760283]  ffff88810034e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.760799] >ffff88810034e280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.761150]                                                           ^
[   11.761482]  ffff88810034e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.761877]  ffff88810034e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.762181] ==================================================================
[   11.717339] ==================================================================
[   11.717796] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   11.718129] Write of size 1 at addr ffff88810034e2ea by task kunit_try_catch/176
[   11.718359] 
[   11.718623] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.718680] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.718692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.718711] Call Trace:
[   11.718725]  <TASK>
[   11.718740]  dump_stack_lvl+0x73/0xb0
[   11.718767]  print_report+0xd1/0x610
[   11.718919]  ? __virt_addr_valid+0x1db/0x2d0
[   11.718942]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.718976]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.718998]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.719022]  kasan_report+0x141/0x180
[   11.719055]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.719085]  __asan_report_store1_noabort+0x1b/0x30
[   11.719111]  krealloc_less_oob_helper+0xe90/0x11d0
[   11.719138]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.719160]  ? irqentry_exit+0x2a/0x60
[   11.719190]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.719220]  ? __pfx_krealloc_less_oob+0x10/0x10
[   11.719256]  krealloc_less_oob+0x1c/0x30
[   11.719277]  kunit_try_run_case+0x1a5/0x480
[   11.719301]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.719322]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.719345]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.719368]  ? __kthread_parkme+0x82/0x180
[   11.719387]  ? preempt_count_sub+0x50/0x80
[   11.719428]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.719461]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.719484]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.719508]  kthread+0x337/0x6f0
[   11.719526]  ? trace_preempt_on+0x20/0xc0
[   11.719618]  ? __pfx_kthread+0x10/0x10
[   11.719656]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.719677]  ? calculate_sigpending+0x7b/0xa0
[   11.719700]  ? __pfx_kthread+0x10/0x10
[   11.719721]  ret_from_fork+0x116/0x1d0
[   11.719748]  ? __pfx_kthread+0x10/0x10
[   11.719768]  ret_from_fork_asm+0x1a/0x30
[   11.719811]  </TASK>
[   11.719821] 
[   11.728191] Allocated by task 176:
[   11.728333]  kasan_save_stack+0x45/0x70
[   11.728489]  kasan_save_track+0x18/0x40
[   11.728673]  kasan_save_alloc_info+0x3b/0x50
[   11.728880]  __kasan_krealloc+0x190/0x1f0
[   11.729249]  krealloc_noprof+0xf3/0x340
[   11.729450]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.729616]  krealloc_less_oob+0x1c/0x30
[   11.729754]  kunit_try_run_case+0x1a5/0x480
[   11.730092]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.730368]  kthread+0x337/0x6f0
[   11.730668]  ret_from_fork+0x116/0x1d0
[   11.730897]  ret_from_fork_asm+0x1a/0x30
[   11.731097] 
[   11.731167] The buggy address belongs to the object at ffff88810034e200
[   11.731167]  which belongs to the cache kmalloc-256 of size 256
[   11.731925] The buggy address is located 33 bytes to the right of
[   11.731925]  allocated 201-byte region [ffff88810034e200, ffff88810034e2c9)
[   11.732652] 
[   11.732767] The buggy address belongs to the physical page:
[   11.732987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e
[   11.733314] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.733555] flags: 0x200000000000040(head|node=0|zone=2)
[   11.733732] page_type: f5(slab)
[   11.733851] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.734424] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.734919] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.735222] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.735614] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff
[   11.736024] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.736366] page dumped because: kasan: bad access detected
[   11.736747] 
[   11.736864] Memory state around the buggy address:
[   11.737051]  ffff88810034e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.737343]  ffff88810034e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.738765] >ffff88810034e280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.739113]                                                           ^
[   11.739385]  ffff88810034e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.740520]  ffff88810034e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.740826] ==================================================================
[   11.841047] ==================================================================
[   11.841518] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   11.841949] Write of size 1 at addr ffff88810282a0d0 by task kunit_try_catch/180
[   11.842286] 
[   11.842482] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.842569] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.842580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.842599] Call Trace:
[   11.842610]  <TASK>
[   11.842635]  dump_stack_lvl+0x73/0xb0
[   11.842665]  print_report+0xd1/0x610
[   11.842688]  ? __virt_addr_valid+0x1db/0x2d0
[   11.842712]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.842735]  ? kasan_addr_to_slab+0x11/0xa0
[   11.842782]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.842807]  kasan_report+0x141/0x180
[   11.842829]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.842869]  __asan_report_store1_noabort+0x1b/0x30
[   11.842894]  krealloc_less_oob_helper+0xe23/0x11d0
[   11.842920]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.842944]  ? finish_task_switch.isra.0+0x153/0x700
[   11.842966]  ? __switch_to+0x47/0xf50
[   11.842992]  ? __schedule+0x10cc/0x2b60
[   11.843040]  ? __pfx_read_tsc+0x10/0x10
[   11.843065]  krealloc_large_less_oob+0x1c/0x30
[   11.843088]  kunit_try_run_case+0x1a5/0x480
[   11.843123]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.843144]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.843168]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.843217]  ? __kthread_parkme+0x82/0x180
[   11.843238]  ? preempt_count_sub+0x50/0x80
[   11.843261]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.843294]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.843318]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.843341]  kthread+0x337/0x6f0
[   11.843360]  ? trace_preempt_on+0x20/0xc0
[   11.843382]  ? __pfx_kthread+0x10/0x10
[   11.843401]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.843445]  ? calculate_sigpending+0x7b/0xa0
[   11.843469]  ? __pfx_kthread+0x10/0x10
[   11.843490]  ret_from_fork+0x116/0x1d0
[   11.843508]  ? __pfx_kthread+0x10/0x10
[   11.843528]  ret_from_fork_asm+0x1a/0x30
[   11.843603]  </TASK>
[   11.843613] 
[   11.852316] The buggy address belongs to the physical page:
[   11.852818] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828
[   11.853231] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.853742] flags: 0x200000000000040(head|node=0|zone=2)
[   11.854041] page_type: f8(unknown)
[   11.854206] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.854680] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.855024] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.855475] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.855909] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff
[   11.856256] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.856799] page dumped because: kasan: bad access detected
[   11.857078] 
[   11.857214] Memory state around the buggy address:
[   11.857574]  ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.857915]  ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.858257] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.858698]                                                  ^
[   11.859014]  ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.859334]  ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.859746] ==================================================================
[   11.819341] ==================================================================
[   11.820735] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   11.821349] Write of size 1 at addr ffff88810282a0c9 by task kunit_try_catch/180
[   11.822103] 
[   11.822313] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.822372] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.822383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.822404] Call Trace:
[   11.822415]  <TASK>
[   11.822429]  dump_stack_lvl+0x73/0xb0
[   11.822468]  print_report+0xd1/0x610
[   11.822490]  ? __virt_addr_valid+0x1db/0x2d0
[   11.822512]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.822537]  ? kasan_addr_to_slab+0x11/0xa0
[   11.822645]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.822671]  kasan_report+0x141/0x180
[   11.822706]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.822735]  __asan_report_store1_noabort+0x1b/0x30
[   11.822760]  krealloc_less_oob_helper+0xd70/0x11d0
[   11.822786]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.822809]  ? finish_task_switch.isra.0+0x153/0x700
[   11.822832]  ? __switch_to+0x47/0xf50
[   11.822857]  ? __schedule+0x10cc/0x2b60
[   11.822879]  ? __pfx_read_tsc+0x10/0x10
[   11.822902]  krealloc_large_less_oob+0x1c/0x30
[   11.822924]  kunit_try_run_case+0x1a5/0x480
[   11.822949]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.822970]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.822993]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.823016]  ? __kthread_parkme+0x82/0x180
[   11.823036]  ? preempt_count_sub+0x50/0x80
[   11.823058]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.823081]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.823104]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.823128]  kthread+0x337/0x6f0
[   11.823146]  ? trace_preempt_on+0x20/0xc0
[   11.823168]  ? __pfx_kthread+0x10/0x10
[   11.823187]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.823208]  ? calculate_sigpending+0x7b/0xa0
[   11.823231]  ? __pfx_kthread+0x10/0x10
[   11.823251]  ret_from_fork+0x116/0x1d0
[   11.823269]  ? __pfx_kthread+0x10/0x10
[   11.823288]  ret_from_fork_asm+0x1a/0x30
[   11.823319]  </TASK>
[   11.823329] 
[   11.832545] The buggy address belongs to the physical page:
[   11.832990] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828
[   11.833489] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.833887] flags: 0x200000000000040(head|node=0|zone=2)
[   11.834322] page_type: f8(unknown)
[   11.834564] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.834845] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.835297] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.835824] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.836211] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff
[   11.836555] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.837146] page dumped because: kasan: bad access detected
[   11.837388] 
[   11.837479] Memory state around the buggy address:
[   11.837887]  ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.838167]  ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.838671] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.839009]                                               ^
[   11.839300]  ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.839706]  ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.840047] ==================================================================
[   11.860103] ==================================================================
[   11.860356] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   11.861013] Write of size 1 at addr ffff88810282a0da by task kunit_try_catch/180
[   11.861268] 
[   11.861353] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.861481] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.861496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.861562] Call Trace:
[   11.861577]  <TASK>
[   11.861606]  dump_stack_lvl+0x73/0xb0
[   11.861670]  print_report+0xd1/0x610
[   11.861692]  ? __virt_addr_valid+0x1db/0x2d0
[   11.861713]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.861747]  ? kasan_addr_to_slab+0x11/0xa0
[   11.861767]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.861792]  kasan_report+0x141/0x180
[   11.861815]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.861844]  __asan_report_store1_noabort+0x1b/0x30
[   11.861868]  krealloc_less_oob_helper+0xec6/0x11d0
[   11.861894]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.861918]  ? finish_task_switch.isra.0+0x153/0x700
[   11.861940]  ? __switch_to+0x47/0xf50
[   11.861965]  ? __schedule+0x10cc/0x2b60
[   11.861986]  ? __pfx_read_tsc+0x10/0x10
[   11.862009]  krealloc_large_less_oob+0x1c/0x30
[   11.862032]  kunit_try_run_case+0x1a5/0x480
[   11.862055]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.862076]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.862099]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.862122]  ? __kthread_parkme+0x82/0x180
[   11.862141]  ? preempt_count_sub+0x50/0x80
[   11.862164]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.862187]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.862210]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.862233]  kthread+0x337/0x6f0
[   11.862252]  ? trace_preempt_on+0x20/0xc0
[   11.862274]  ? __pfx_kthread+0x10/0x10
[   11.862294]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.862314]  ? calculate_sigpending+0x7b/0xa0
[   11.862338]  ? __pfx_kthread+0x10/0x10
[   11.862359]  ret_from_fork+0x116/0x1d0
[   11.862377]  ? __pfx_kthread+0x10/0x10
[   11.862484]  ret_from_fork_asm+0x1a/0x30
[   11.862547]  </TASK>
[   11.862558] 
[   11.871820] The buggy address belongs to the physical page:
[   11.872125] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828
[   11.872825] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.873154] flags: 0x200000000000040(head|node=0|zone=2)
[   11.873808] page_type: f8(unknown)
[   11.874049] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.874338] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.874952] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.875336] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.875824] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff
[   11.876197] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.876738] page dumped because: kasan: bad access detected
[   11.877048] 
[   11.877148] Memory state around the buggy address:
[   11.877657]  ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.877966]  ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.878323] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.878811]                                                     ^
[   11.879111]  ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.879585]  ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.879892] ==================================================================
[   11.671371] ==================================================================
[   11.671806] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   11.672086] Write of size 1 at addr ffff88810034e2d0 by task kunit_try_catch/176
[   11.672406] 
[   11.672805] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.672848] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.672858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.672877] Call Trace:
[   11.672888]  <TASK>
[   11.672901]  dump_stack_lvl+0x73/0xb0
[   11.672927]  print_report+0xd1/0x610
[   11.672947]  ? __virt_addr_valid+0x1db/0x2d0
[   11.672968]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.672991]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.673012]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.673036]  kasan_report+0x141/0x180
[   11.673057]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.673087]  __asan_report_store1_noabort+0x1b/0x30
[   11.673111]  krealloc_less_oob_helper+0xe23/0x11d0
[   11.673141]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.673163]  ? irqentry_exit+0x2a/0x60
[   11.673184]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.673213]  ? __pfx_krealloc_less_oob+0x10/0x10
[   11.673239]  krealloc_less_oob+0x1c/0x30
[   11.673260]  kunit_try_run_case+0x1a5/0x480
[   11.673283]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.673304]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.673327]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.673350]  ? __kthread_parkme+0x82/0x180
[   11.673369]  ? preempt_count_sub+0x50/0x80
[   11.673393]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.673455]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.673479]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.673503]  kthread+0x337/0x6f0
[   11.673521]  ? trace_preempt_on+0x20/0xc0
[   11.673543]  ? __pfx_kthread+0x10/0x10
[   11.673562]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.673583]  ? calculate_sigpending+0x7b/0xa0
[   11.673606]  ? __pfx_kthread+0x10/0x10
[   11.673627]  ret_from_fork+0x116/0x1d0
[   11.673645]  ? __pfx_kthread+0x10/0x10
[   11.673686]  ret_from_fork_asm+0x1a/0x30
[   11.673718]  </TASK>
[   11.673727] 
[   11.682699] Allocated by task 176:
[   11.682901]  kasan_save_stack+0x45/0x70
[   11.683141]  kasan_save_track+0x18/0x40
[   11.683279]  kasan_save_alloc_info+0x3b/0x50
[   11.683449]  __kasan_krealloc+0x190/0x1f0
[   11.683716]  krealloc_noprof+0xf3/0x340
[   11.683914]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.684161]  krealloc_less_oob+0x1c/0x30
[   11.684567]  kunit_try_run_case+0x1a5/0x480
[   11.684800]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.685021]  kthread+0x337/0x6f0
[   11.685179]  ret_from_fork+0x116/0x1d0
[   11.685311]  ret_from_fork_asm+0x1a/0x30
[   11.685656] 
[   11.685767] The buggy address belongs to the object at ffff88810034e200
[   11.685767]  which belongs to the cache kmalloc-256 of size 256
[   11.686469] The buggy address is located 7 bytes to the right of
[   11.686469]  allocated 201-byte region [ffff88810034e200, ffff88810034e2c9)
[   11.686885] 
[   11.686958] The buggy address belongs to the physical page:
[   11.687207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e
[   11.687699] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.688063] flags: 0x200000000000040(head|node=0|zone=2)
[   11.688302] page_type: f5(slab)
[   11.688639] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.688969] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.689308] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.689918] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.690237] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff
[   11.690675] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.690987] page dumped because: kasan: bad access detected
[   11.691263] 
[   11.691385] Memory state around the buggy address:
[   11.691744]  ffff88810034e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.691972]  ffff88810034e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.692369] >ffff88810034e280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.692721]                                                  ^
[   11.693065]  ffff88810034e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.693587]  ffff88810034e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.693967] ==================================================================
[   11.694759] ==================================================================
[   11.695173] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   11.695566] Write of size 1 at addr ffff88810034e2da by task kunit_try_catch/176
[   11.696113] 
[   11.696226] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.696269] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.696280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.696310] Call Trace:
[   11.696320]  <TASK>
[   11.696334]  dump_stack_lvl+0x73/0xb0
[   11.696360]  print_report+0xd1/0x610
[   11.696393]  ? __virt_addr_valid+0x1db/0x2d0
[   11.696489]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.696513]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.696553]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.696577]  kasan_report+0x141/0x180
[   11.696610]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.696640]  __asan_report_store1_noabort+0x1b/0x30
[   11.696664]  krealloc_less_oob_helper+0xec6/0x11d0
[   11.696689]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.696712]  ? irqentry_exit+0x2a/0x60
[   11.696732]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.696762]  ? __pfx_krealloc_less_oob+0x10/0x10
[   11.696787]  krealloc_less_oob+0x1c/0x30
[   11.696808]  kunit_try_run_case+0x1a5/0x480
[   11.696831]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.696861]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.696884]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.696907]  ? __kthread_parkme+0x82/0x180
[   11.696938]  ? preempt_count_sub+0x50/0x80
[   11.696962]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.696985]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.697008]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.697031]  kthread+0x337/0x6f0
[   11.697049]  ? trace_preempt_on+0x20/0xc0
[   11.697071]  ? __pfx_kthread+0x10/0x10
[   11.697091]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.697111]  ? calculate_sigpending+0x7b/0xa0
[   11.697139]  ? __pfx_kthread+0x10/0x10
[   11.697160]  ret_from_fork+0x116/0x1d0
[   11.697178]  ? __pfx_kthread+0x10/0x10
[   11.697197]  ret_from_fork_asm+0x1a/0x30
[   11.697228]  </TASK>
[   11.697238] 
[   11.705301] Allocated by task 176:
[   11.705496]  kasan_save_stack+0x45/0x70
[   11.705981]  kasan_save_track+0x18/0x40
[   11.706208]  kasan_save_alloc_info+0x3b/0x50
[   11.706574]  __kasan_krealloc+0x190/0x1f0
[   11.706812]  krealloc_noprof+0xf3/0x340
[   11.707013]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.707221]  krealloc_less_oob+0x1c/0x30
[   11.707488]  kunit_try_run_case+0x1a5/0x480
[   11.707710]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.707938]  kthread+0x337/0x6f0
[   11.708059]  ret_from_fork+0x116/0x1d0
[   11.708201]  ret_from_fork_asm+0x1a/0x30
[   11.708414] 
[   11.708628] The buggy address belongs to the object at ffff88810034e200
[   11.708628]  which belongs to the cache kmalloc-256 of size 256
[   11.709395] The buggy address is located 17 bytes to the right of
[   11.709395]  allocated 201-byte region [ffff88810034e200, ffff88810034e2c9)
[   11.710107] 
[   11.710208] The buggy address belongs to the physical page:
[   11.710673] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e
[   11.711023] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.711347] flags: 0x200000000000040(head|node=0|zone=2)
[   11.711622] page_type: f5(slab)
[   11.711741] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.711971] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.712394] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.713012] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.713251] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff
[   11.713539] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.713895] page dumped because: kasan: bad access detected
[   11.714224] 
[   11.714527] Memory state around the buggy address:
[   11.714845]  ffff88810034e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.715193]  ffff88810034e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.715491] >ffff88810034e280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.715952]                                                     ^
[   11.716176]  ffff88810034e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.716665]  ffff88810034e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.716885] ==================================================================
[   11.648733] ==================================================================
[   11.649229] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   11.649799] Write of size 1 at addr ffff88810034e2c9 by task kunit_try_catch/176
[   11.650076] 
[   11.650196] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.650242] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.650253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.650274] Call Trace:
[   11.650287]  <TASK>
[   11.650301]  dump_stack_lvl+0x73/0xb0
[   11.650329]  print_report+0xd1/0x610
[   11.650351]  ? __virt_addr_valid+0x1db/0x2d0
[   11.650374]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.650397]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.650420]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.650548]  kasan_report+0x141/0x180
[   11.650570]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.650600]  __asan_report_store1_noabort+0x1b/0x30
[   11.650623]  krealloc_less_oob_helper+0xd70/0x11d0
[   11.650649]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.650672]  ? irqentry_exit+0x2a/0x60
[   11.650708]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.650739]  ? __pfx_krealloc_less_oob+0x10/0x10
[   11.650764]  krealloc_less_oob+0x1c/0x30
[   11.650785]  kunit_try_run_case+0x1a5/0x480
[   11.650809]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.650832]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.650855]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.650879]  ? __kthread_parkme+0x82/0x180
[   11.650898]  ? preempt_count_sub+0x50/0x80
[   11.650922]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.650945]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.650968]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.650991]  kthread+0x337/0x6f0
[   11.651009]  ? trace_preempt_on+0x20/0xc0
[   11.651031]  ? __pfx_kthread+0x10/0x10
[   11.651051]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.651072]  ? calculate_sigpending+0x7b/0xa0
[   11.651095]  ? __pfx_kthread+0x10/0x10
[   11.651116]  ret_from_fork+0x116/0x1d0
[   11.651134]  ? __pfx_kthread+0x10/0x10
[   11.651154]  ret_from_fork_asm+0x1a/0x30
[   11.651185]  </TASK>
[   11.651195] 
[   11.658863] Allocated by task 176:
[   11.659011]  kasan_save_stack+0x45/0x70
[   11.659153]  kasan_save_track+0x18/0x40
[   11.659290]  kasan_save_alloc_info+0x3b/0x50
[   11.659448]  __kasan_krealloc+0x190/0x1f0
[   11.659688]  krealloc_noprof+0xf3/0x340
[   11.660253]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.660704]  krealloc_less_oob+0x1c/0x30
[   11.661089]  kunit_try_run_case+0x1a5/0x480
[   11.661245]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.661469]  kthread+0x337/0x6f0
[   11.661655]  ret_from_fork+0x116/0x1d0
[   11.661881]  ret_from_fork_asm+0x1a/0x30
[   11.662197] 
[   11.662311] The buggy address belongs to the object at ffff88810034e200
[   11.662311]  which belongs to the cache kmalloc-256 of size 256
[   11.662910] The buggy address is located 0 bytes to the right of
[   11.662910]  allocated 201-byte region [ffff88810034e200, ffff88810034e2c9)
[   11.663500] 
[   11.663576] The buggy address belongs to the physical page:
[   11.663752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e
[   11.663992] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.664727] flags: 0x200000000000040(head|node=0|zone=2)
[   11.665200] page_type: f5(slab)
[   11.665511] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.665780] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.666004] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.666341] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.666991] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff
[   11.667224] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.667862] page dumped because: kasan: bad access detected
[   11.668118] 
[   11.668213] Memory state around the buggy address:
[   11.668759]  ffff88810034e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.669058]  ffff88810034e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.669380] >ffff88810034e280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.669801]                                               ^
[   11.670107]  ffff88810034e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.670580]  ffff88810034e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.670830] ==================================================================
[   11.905329] ==================================================================
[   11.906214] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   11.906721] Write of size 1 at addr ffff88810282a0eb by task kunit_try_catch/180
[   11.907037] 
[   11.907151] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.907194] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.907205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.907225] Call Trace:
[   11.907240]  <TASK>
[   11.907256]  dump_stack_lvl+0x73/0xb0
[   11.907283]  print_report+0xd1/0x610
[   11.907307]  ? __virt_addr_valid+0x1db/0x2d0
[   11.907329]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.907353]  ? kasan_addr_to_slab+0x11/0xa0
[   11.907373]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.907398]  kasan_report+0x141/0x180
[   11.907419]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.907463]  __asan_report_store1_noabort+0x1b/0x30
[   11.907487]  krealloc_less_oob_helper+0xd47/0x11d0
[   11.907514]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.907538]  ? finish_task_switch.isra.0+0x153/0x700
[   11.907561]  ? __switch_to+0x47/0xf50
[   11.907586]  ? __schedule+0x10cc/0x2b60
[   11.907608]  ? __pfx_read_tsc+0x10/0x10
[   11.907632]  krealloc_large_less_oob+0x1c/0x30
[   11.907655]  kunit_try_run_case+0x1a5/0x480
[   11.907679]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.907701]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.907725]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.907748]  ? __kthread_parkme+0x82/0x180
[   11.907767]  ? preempt_count_sub+0x50/0x80
[   11.907790]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.907813]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.907891]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.907914]  kthread+0x337/0x6f0
[   11.907933]  ? trace_preempt_on+0x20/0xc0
[   11.907954]  ? __pfx_kthread+0x10/0x10
[   11.907974]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.907995]  ? calculate_sigpending+0x7b/0xa0
[   11.908018]  ? __pfx_kthread+0x10/0x10
[   11.908039]  ret_from_fork+0x116/0x1d0
[   11.908056]  ? __pfx_kthread+0x10/0x10
[   11.908076]  ret_from_fork_asm+0x1a/0x30
[   11.908107]  </TASK>
[   11.908117] 
[   11.918886] The buggy address belongs to the physical page:
[   11.919161] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828
[   11.919971] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.920407] flags: 0x200000000000040(head|node=0|zone=2)
[   11.920884] page_type: f8(unknown)
[   11.921169] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.921721] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.922001] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.922649] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.923018] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff
[   11.923760] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.924216] page dumped because: kasan: bad access detected
[   11.924662] 
[   11.924742] Memory state around the buggy address:
[   11.925050]  ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.925360]  ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.925692] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.925991]                                                           ^
[   11.926269]  ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.927079]  ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.927667] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

303EBflBPqSbIUkiUzReBHe3YjN

job_id

TEST:linaro@lkft#303EFrR321z66uMtHD4l4dQQryi

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303EFrR321z66uMtHD4l4dQQryi

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303EDHUQV2HWml6WToh69KJUFJb/bzImage
sha256sum	c220f70d9515ab3041e245bb6755df814c152e1bb2b5c646740fe1b3afdde8b5

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303EDHUQV2HWml6WToh69KJUFJb/modules.tar.xz
sha256sum	ab8bf28231ab6c259d2b1478935ea551409070bcef8061d01f520819ad2ce3b6

durations

tests

boot	0
kunit	217.45

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   11.750940] ==================================================================
[   11.751909] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   11.753675] Write of size 1 at addr ffff888100348ac9 by task kunit_try_catch/175
[   11.754343] 
[   11.754449] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.754501] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.754512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.754535] Call Trace:
[   11.754550]  <TASK>
[   11.754570]  dump_stack_lvl+0x73/0xb0
[   11.754608]  print_report+0xd1/0x610
[   11.754631]  ? __virt_addr_valid+0x1db/0x2d0
[   11.754655]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.754679]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.754701]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.754725]  kasan_report+0x141/0x180
[   11.754746]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.754774]  __asan_report_store1_noabort+0x1b/0x30
[   11.754800]  krealloc_less_oob_helper+0xd70/0x11d0
[   11.754825]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.754849]  ? finish_task_switch.isra.0+0x153/0x700
[   11.754873]  ? __switch_to+0x47/0xf50
[   11.754898]  ? __schedule+0x10cc/0x2b60
[   11.754920]  ? __pfx_read_tsc+0x10/0x10
[   11.754944]  krealloc_less_oob+0x1c/0x30
[   11.754965]  kunit_try_run_case+0x1a5/0x480
[   11.754990]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.755475]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.755511]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.755535]  ? __kthread_parkme+0x82/0x180
[   11.755557]  ? preempt_count_sub+0x50/0x80
[   11.755580]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.755604]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.755628]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.755651]  kthread+0x337/0x6f0
[   11.755669]  ? trace_preempt_on+0x20/0xc0
[   11.755692]  ? __pfx_kthread+0x10/0x10
[   11.755712]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.755733]  ? calculate_sigpending+0x7b/0xa0
[   11.755758]  ? __pfx_kthread+0x10/0x10
[   11.755779]  ret_from_fork+0x116/0x1d0
[   11.755798]  ? __pfx_kthread+0x10/0x10
[   11.755817]  ret_from_fork_asm+0x1a/0x30
[   11.755848]  </TASK>
[   11.755859] 
[   11.771368] Allocated by task 175:
[   11.771602]  kasan_save_stack+0x45/0x70
[   11.771809]  kasan_save_track+0x18/0x40
[   11.772070]  kasan_save_alloc_info+0x3b/0x50
[   11.772245]  __kasan_krealloc+0x190/0x1f0
[   11.772477]  krealloc_noprof+0xf3/0x340
[   11.772624]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.772817]  krealloc_less_oob+0x1c/0x30
[   11.773101]  kunit_try_run_case+0x1a5/0x480
[   11.773323]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.773567]  kthread+0x337/0x6f0
[   11.773715]  ret_from_fork+0x116/0x1d0
[   11.773870]  ret_from_fork_asm+0x1a/0x30
[   11.774221] 
[   11.774320] The buggy address belongs to the object at ffff888100348a00
[   11.774320]  which belongs to the cache kmalloc-256 of size 256
[   11.774832] The buggy address is located 0 bytes to the right of
[   11.774832]  allocated 201-byte region [ffff888100348a00, ffff888100348ac9)
[   11.775341] 
[   11.775419] The buggy address belongs to the physical page:
[   11.775689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348
[   11.776119] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.776470] flags: 0x200000000000040(head|node=0|zone=2)
[   11.776679] page_type: f5(slab)
[   11.776805] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.777214] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.777578] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.777914] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.778279] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff
[   11.778622] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.778919] page dumped because: kasan: bad access detected
[   11.779264] 
[   11.779362] Memory state around the buggy address:
[   11.779544]  ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.779764]  ffff888100348a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.780156] >ffff888100348a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.780497]                                               ^
[   11.780723]  ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.780945]  ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.781346] ==================================================================
[   12.040162] ==================================================================
[   12.040399] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   12.040653] Write of size 1 at addr ffff8881028520ea by task kunit_try_catch/179
[   12.040883] 
[   12.040975] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   12.041048] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.041059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.041080] Call Trace:
[   12.041100]  <TASK>
[   12.041119]  dump_stack_lvl+0x73/0xb0
[   12.041148]  print_report+0xd1/0x610
[   12.041170]  ? __virt_addr_valid+0x1db/0x2d0
[   12.041605]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.041631]  ? kasan_addr_to_slab+0x11/0xa0
[   12.041653]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.041677]  kasan_report+0x141/0x180
[   12.041699]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   12.041727]  __asan_report_store1_noabort+0x1b/0x30
[   12.041752]  krealloc_less_oob_helper+0xe90/0x11d0
[   12.041777]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.041801]  ? finish_task_switch.isra.0+0x153/0x700
[   12.041824]  ? __switch_to+0x47/0xf50
[   12.041849]  ? __schedule+0x10cc/0x2b60
[   12.041872]  ? __pfx_read_tsc+0x10/0x10
[   12.041895]  krealloc_large_less_oob+0x1c/0x30
[   12.041917]  kunit_try_run_case+0x1a5/0x480
[   12.041942]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.041963]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.041987]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.042305]  ? __kthread_parkme+0x82/0x180
[   12.042329]  ? preempt_count_sub+0x50/0x80
[   12.042351]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.042375]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.042399]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.042422]  kthread+0x337/0x6f0
[   12.042441]  ? trace_preempt_on+0x20/0xc0
[   12.042464]  ? __pfx_kthread+0x10/0x10
[   12.042484]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.042505]  ? calculate_sigpending+0x7b/0xa0
[   12.042529]  ? __pfx_kthread+0x10/0x10
[   12.042549]  ret_from_fork+0x116/0x1d0
[   12.042567]  ? __pfx_kthread+0x10/0x10
[   12.042586]  ret_from_fork_asm+0x1a/0x30
[   12.042617]  </TASK>
[   12.042626] 
[   12.058818] The buggy address belongs to the physical page:
[   12.059349] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850
[   12.059797] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.060329] flags: 0x200000000000040(head|node=0|zone=2)
[   12.060834] page_type: f8(unknown)
[   12.061338] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.061672] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.062005] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.062611] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.063097] head: 0200000000000002 ffffea00040a1401 00000000ffffffff 00000000ffffffff
[   12.063567] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.063977] page dumped because: kasan: bad access detected
[   12.064546] 
[   12.064635] Memory state around the buggy address:
[   12.064953]  ffff888102851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.065252]  ffff888102852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.065577] >ffff888102852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.065877]                                                           ^
[   12.066174]  ffff888102852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.066471]  ffff888102852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.066778] ==================================================================
[   11.784327] ==================================================================
[   11.784795] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   11.785286] Write of size 1 at addr ffff888100348ad0 by task kunit_try_catch/175
[   11.786424] 
[   11.786615] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.786664] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.786675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.786697] Call Trace:
[   11.786711]  <TASK>
[   11.786730]  dump_stack_lvl+0x73/0xb0
[   11.786762]  print_report+0xd1/0x610
[   11.786785]  ? __virt_addr_valid+0x1db/0x2d0
[   11.786808]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.786832]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.786854]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.786878]  kasan_report+0x141/0x180
[   11.786899]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.786927]  __asan_report_store1_noabort+0x1b/0x30
[   11.786951]  krealloc_less_oob_helper+0xe23/0x11d0
[   11.786976]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.787000]  ? finish_task_switch.isra.0+0x153/0x700
[   11.787241]  ? __switch_to+0x47/0xf50
[   11.787269]  ? __schedule+0x10cc/0x2b60
[   11.787293]  ? __pfx_read_tsc+0x10/0x10
[   11.787316]  krealloc_less_oob+0x1c/0x30
[   11.787338]  kunit_try_run_case+0x1a5/0x480
[   11.787362]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.787384]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.787408]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.787444]  ? __kthread_parkme+0x82/0x180
[   11.787465]  ? preempt_count_sub+0x50/0x80
[   11.787487]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.787510]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.787533]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.787557]  kthread+0x337/0x6f0
[   11.787576]  ? trace_preempt_on+0x20/0xc0
[   11.787598]  ? __pfx_kthread+0x10/0x10
[   11.787618]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.787638]  ? calculate_sigpending+0x7b/0xa0
[   11.787662]  ? __pfx_kthread+0x10/0x10
[   11.787682]  ret_from_fork+0x116/0x1d0
[   11.787700]  ? __pfx_kthread+0x10/0x10
[   11.787720]  ret_from_fork_asm+0x1a/0x30
[   11.787749]  </TASK>
[   11.787759] 
[   11.803861] Allocated by task 175:
[   11.804555]  kasan_save_stack+0x45/0x70
[   11.805345]  kasan_save_track+0x18/0x40
[   11.805920]  kasan_save_alloc_info+0x3b/0x50
[   11.806564]  __kasan_krealloc+0x190/0x1f0
[   11.807201]  krealloc_noprof+0xf3/0x340
[   11.807644]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.807832]  krealloc_less_oob+0x1c/0x30
[   11.807975]  kunit_try_run_case+0x1a5/0x480
[   11.808684]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.809525]  kthread+0x337/0x6f0
[   11.809980]  ret_from_fork+0x116/0x1d0
[   11.810510]  ret_from_fork_asm+0x1a/0x30
[   11.810663] 
[   11.810740] The buggy address belongs to the object at ffff888100348a00
[   11.810740]  which belongs to the cache kmalloc-256 of size 256
[   11.811749] The buggy address is located 7 bytes to the right of
[   11.811749]  allocated 201-byte region [ffff888100348a00, ffff888100348ac9)
[   11.813385] 
[   11.813728] The buggy address belongs to the physical page:
[   11.814654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348
[   11.815423] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.815929] flags: 0x200000000000040(head|node=0|zone=2)
[   11.816150] page_type: f5(slab)
[   11.816448] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.817142] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.817901] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.818638] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.819041] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff
[   11.819664] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.819898] page dumped because: kasan: bad access detected
[   11.820114] 
[   11.820188] Memory state around the buggy address:
[   11.820345]  ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.820607]  ffff888100348a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.820823] >ffff888100348a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.821076]                                                  ^
[   11.821267]  ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.821488]  ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.821746] ==================================================================
[   11.972633] ==================================================================
[   11.973374] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0
[   11.974336] Write of size 1 at addr ffff8881028520d0 by task kunit_try_catch/179
[   11.975017] 
[   11.975241] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.975300] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.975312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.975332] Call Trace:
[   11.975351]  <TASK>
[   11.975370]  dump_stack_lvl+0x73/0xb0
[   11.975400]  print_report+0xd1/0x610
[   11.975422]  ? __virt_addr_valid+0x1db/0x2d0
[   11.975456]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.975480]  ? kasan_addr_to_slab+0x11/0xa0
[   11.975500]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.975551]  kasan_report+0x141/0x180
[   11.975573]  ? krealloc_less_oob_helper+0xe23/0x11d0
[   11.975601]  __asan_report_store1_noabort+0x1b/0x30
[   11.975637]  krealloc_less_oob_helper+0xe23/0x11d0
[   11.975663]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.975687]  ? finish_task_switch.isra.0+0x153/0x700
[   11.975709]  ? __switch_to+0x47/0xf50
[   11.975734]  ? __schedule+0x10cc/0x2b60
[   11.975756]  ? __pfx_read_tsc+0x10/0x10
[   11.975780]  krealloc_large_less_oob+0x1c/0x30
[   11.975803]  kunit_try_run_case+0x1a5/0x480
[   11.975827]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.975848]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.975872]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.975895]  ? __kthread_parkme+0x82/0x180
[   11.975915]  ? preempt_count_sub+0x50/0x80
[   11.975938]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.975961]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.975984]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.976017]  kthread+0x337/0x6f0
[   11.976036]  ? trace_preempt_on+0x20/0xc0
[   11.976058]  ? __pfx_kthread+0x10/0x10
[   11.976078]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.976098]  ? calculate_sigpending+0x7b/0xa0
[   11.976122]  ? __pfx_kthread+0x10/0x10
[   11.976143]  ret_from_fork+0x116/0x1d0
[   11.976161]  ? __pfx_kthread+0x10/0x10
[   11.976180]  ret_from_fork_asm+0x1a/0x30
[   11.976211]  </TASK>
[   11.976220] 
[   11.993149] The buggy address belongs to the physical page:
[   11.993638] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850
[   11.994024] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.994604] flags: 0x200000000000040(head|node=0|zone=2)
[   11.994792] page_type: f8(unknown)
[   11.994922] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.995738] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.996696] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.997758] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.998788] head: 0200000000000002 ffffea00040a1401 00000000ffffffff 00000000ffffffff
[   11.999507] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.000307] page dumped because: kasan: bad access detected
[   12.000662] 
[   12.001056] Memory state around the buggy address:
[   12.001649]  ffff888102851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.001879]  ffff888102852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.002601] >ffff888102852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.003467]                                                  ^
[   12.004431]  ffff888102852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.004822]  ffff888102852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.005408] ==================================================================
[   12.006670] ==================================================================
[   12.007725] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   12.007991] Write of size 1 at addr ffff8881028520da by task kunit_try_catch/179
[   12.008231] 
[   12.008323] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   12.008369] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.008380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.008401] Call Trace:
[   12.008413]  <TASK>
[   12.008431]  dump_stack_lvl+0x73/0xb0
[   12.008459]  print_report+0xd1/0x610
[   12.008481]  ? __virt_addr_valid+0x1db/0x2d0
[   12.008505]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.008528]  ? kasan_addr_to_slab+0x11/0xa0
[   12.008548]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.008572]  kasan_report+0x141/0x180
[   12.008593]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   12.008621]  __asan_report_store1_noabort+0x1b/0x30
[   12.008645]  krealloc_less_oob_helper+0xec6/0x11d0
[   12.008983]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.009058]  ? finish_task_switch.isra.0+0x153/0x700
[   12.009084]  ? __switch_to+0x47/0xf50
[   12.009110]  ? __schedule+0x10cc/0x2b60
[   12.009132]  ? __pfx_read_tsc+0x10/0x10
[   12.009156]  krealloc_large_less_oob+0x1c/0x30
[   12.009178]  kunit_try_run_case+0x1a5/0x480
[   12.009203]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.009225]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.009248]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.009271]  ? __kthread_parkme+0x82/0x180
[   12.009292]  ? preempt_count_sub+0x50/0x80
[   12.009314]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.009337]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.009361]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.009384]  kthread+0x337/0x6f0
[   12.009402]  ? trace_preempt_on+0x20/0xc0
[   12.009424]  ? __pfx_kthread+0x10/0x10
[   12.009444]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.009464]  ? calculate_sigpending+0x7b/0xa0
[   12.009488]  ? __pfx_kthread+0x10/0x10
[   12.009508]  ret_from_fork+0x116/0x1d0
[   12.009526]  ? __pfx_kthread+0x10/0x10
[   12.009545]  ret_from_fork_asm+0x1a/0x30
[   12.009575]  </TASK>
[   12.009584] 
[   12.027458] The buggy address belongs to the physical page:
[   12.027965] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850
[   12.028803] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.029308] flags: 0x200000000000040(head|node=0|zone=2)
[   12.029901] page_type: f8(unknown)
[   12.030438] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.030975] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.031833] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.032523] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.033398] head: 0200000000000002 ffffea00040a1401 00000000ffffffff 00000000ffffffff
[   12.033912] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.034572] page dumped because: kasan: bad access detected
[   12.035503] 
[   12.035583] Memory state around the buggy address:
[   12.035744]  ffff888102851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.035965]  ffff888102852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.036959] >ffff888102852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.037811]                                                     ^
[   12.038543]  ffff888102852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.039280]  ffff888102852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.039753] ==================================================================
[   11.822674] ==================================================================
[   11.822983] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0
[   11.823437] Write of size 1 at addr ffff888100348ada by task kunit_try_catch/175
[   11.823721] 
[   11.823835] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.823880] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.823891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.823913] Call Trace:
[   11.823925]  <TASK>
[   11.823943]  dump_stack_lvl+0x73/0xb0
[   11.823973]  print_report+0xd1/0x610
[   11.823995]  ? __virt_addr_valid+0x1db/0x2d0
[   11.824031]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.824054]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.824076]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.824100]  kasan_report+0x141/0x180
[   11.824121]  ? krealloc_less_oob_helper+0xec6/0x11d0
[   11.824173]  __asan_report_store1_noabort+0x1b/0x30
[   11.824198]  krealloc_less_oob_helper+0xec6/0x11d0
[   11.824224]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.824247]  ? finish_task_switch.isra.0+0x153/0x700
[   11.824270]  ? __switch_to+0x47/0xf50
[   11.824295]  ? __schedule+0x10cc/0x2b60
[   11.824316]  ? __pfx_read_tsc+0x10/0x10
[   11.824339]  krealloc_less_oob+0x1c/0x30
[   11.824360]  kunit_try_run_case+0x1a5/0x480
[   11.824384]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.824405]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.824429]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.824461]  ? __kthread_parkme+0x82/0x180
[   11.824482]  ? preempt_count_sub+0x50/0x80
[   11.824504]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.824527]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.824550]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.824573]  kthread+0x337/0x6f0
[   11.824591]  ? trace_preempt_on+0x20/0xc0
[   11.824613]  ? __pfx_kthread+0x10/0x10
[   11.824633]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.824654]  ? calculate_sigpending+0x7b/0xa0
[   11.824678]  ? __pfx_kthread+0x10/0x10
[   11.824698]  ret_from_fork+0x116/0x1d0
[   11.824716]  ? __pfx_kthread+0x10/0x10
[   11.824735]  ret_from_fork_asm+0x1a/0x30
[   11.824765]  </TASK>
[   11.824775] 
[   11.832686] Allocated by task 175:
[   11.833257]  kasan_save_stack+0x45/0x70
[   11.833507]  kasan_save_track+0x18/0x40
[   11.833643]  kasan_save_alloc_info+0x3b/0x50
[   11.833791]  __kasan_krealloc+0x190/0x1f0
[   11.833929]  krealloc_noprof+0xf3/0x340
[   11.834074]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.834331]  krealloc_less_oob+0x1c/0x30
[   11.834521]  kunit_try_run_case+0x1a5/0x480
[   11.834726]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.835155]  kthread+0x337/0x6f0
[   11.835338]  ret_from_fork+0x116/0x1d0
[   11.835468]  ret_from_fork_asm+0x1a/0x30
[   11.835606] 
[   11.835676] The buggy address belongs to the object at ffff888100348a00
[   11.835676]  which belongs to the cache kmalloc-256 of size 256
[   11.836399] The buggy address is located 17 bytes to the right of
[   11.836399]  allocated 201-byte region [ffff888100348a00, ffff888100348ac9)
[   11.837331] 
[   11.837476] The buggy address belongs to the physical page:
[   11.837712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348
[   11.838069] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.838456] flags: 0x200000000000040(head|node=0|zone=2)
[   11.838635] page_type: f5(slab)
[   11.838756] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.838987] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.839227] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.839457] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.839793] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff
[   11.840259] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.840590] page dumped because: kasan: bad access detected
[   11.840833] 
[   11.840927] Memory state around the buggy address:
[   11.841302]  ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.842450]  ffff888100348a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.842680] >ffff888100348a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.842896]                                                     ^
[   11.843422]  ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.844557]  ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.845131] ==================================================================
[   11.846755] ==================================================================
[   11.847383] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0
[   11.848110] Write of size 1 at addr ffff888100348aea by task kunit_try_catch/175
[   11.848550] 
[   11.848788] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.848845] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.848861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.848881] Call Trace:
[   11.848895]  <TASK>
[   11.848913]  dump_stack_lvl+0x73/0xb0
[   11.848945]  print_report+0xd1/0x610
[   11.848967]  ? __virt_addr_valid+0x1db/0x2d0
[   11.848989]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.849025]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.849047]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.849071]  kasan_report+0x141/0x180
[   11.849092]  ? krealloc_less_oob_helper+0xe90/0x11d0
[   11.849120]  __asan_report_store1_noabort+0x1b/0x30
[   11.849144]  krealloc_less_oob_helper+0xe90/0x11d0
[   11.849170]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.849194]  ? finish_task_switch.isra.0+0x153/0x700
[   11.849217]  ? __switch_to+0x47/0xf50
[   11.849243]  ? __schedule+0x10cc/0x2b60
[   11.849265]  ? __pfx_read_tsc+0x10/0x10
[   11.849288]  krealloc_less_oob+0x1c/0x30
[   11.849309]  kunit_try_run_case+0x1a5/0x480
[   11.849333]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.849355]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.849378]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.849401]  ? __kthread_parkme+0x82/0x180
[   11.849421]  ? preempt_count_sub+0x50/0x80
[   11.849574]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.849599]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.849635]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.849659]  kthread+0x337/0x6f0
[   11.849711]  ? trace_preempt_on+0x20/0xc0
[   11.849736]  ? __pfx_kthread+0x10/0x10
[   11.849755]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.849776]  ? calculate_sigpending+0x7b/0xa0
[   11.849800]  ? __pfx_kthread+0x10/0x10
[   11.849820]  ret_from_fork+0x116/0x1d0
[   11.849838]  ? __pfx_kthread+0x10/0x10
[   11.849858]  ret_from_fork_asm+0x1a/0x30
[   11.849889]  </TASK>
[   11.849899] 
[   11.860936] Allocated by task 175:
[   11.861134]  kasan_save_stack+0x45/0x70
[   11.861329]  kasan_save_track+0x18/0x40
[   11.861961]  kasan_save_alloc_info+0x3b/0x50
[   11.862189]  __kasan_krealloc+0x190/0x1f0
[   11.862373]  krealloc_noprof+0xf3/0x340
[   11.862954]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.863255]  krealloc_less_oob+0x1c/0x30
[   11.863618]  kunit_try_run_case+0x1a5/0x480
[   11.863812]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.864048]  kthread+0x337/0x6f0
[   11.864204]  ret_from_fork+0x116/0x1d0
[   11.864383]  ret_from_fork_asm+0x1a/0x30
[   11.865000] 
[   11.865255] The buggy address belongs to the object at ffff888100348a00
[   11.865255]  which belongs to the cache kmalloc-256 of size 256
[   11.866177] The buggy address is located 33 bytes to the right of
[   11.866177]  allocated 201-byte region [ffff888100348a00, ffff888100348ac9)
[   11.867228] 
[   11.867511] The buggy address belongs to the physical page:
[   11.867949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348
[   11.868293] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.868963] flags: 0x200000000000040(head|node=0|zone=2)
[   11.869442] page_type: f5(slab)
[   11.869748] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.870234] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.870886] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.871349] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.871851] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff
[   11.872183] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.872808] page dumped because: kasan: bad access detected
[   11.873288] 
[   11.873403] Memory state around the buggy address:
[   11.873771]  ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.874077]  ffff888100348a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.874358] >ffff888100348a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.875233]                                                           ^
[   11.875742]  ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.876324]  ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.876877] ==================================================================
[   11.877627] ==================================================================
[   11.878425] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   11.878765] Write of size 1 at addr ffff888100348aeb by task kunit_try_catch/175
[   11.879082] 
[   11.879195] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.879241] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.879252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.879273] Call Trace:
[   11.879292]  <TASK>
[   11.879310]  dump_stack_lvl+0x73/0xb0
[   11.879340]  print_report+0xd1/0x610
[   11.879362]  ? __virt_addr_valid+0x1db/0x2d0
[   11.879384]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.879408]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.879878]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.879909]  kasan_report+0x141/0x180
[   11.879946]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   11.879975]  __asan_report_store1_noabort+0x1b/0x30
[   11.880005]  krealloc_less_oob_helper+0xd47/0x11d0
[   11.880039]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.880063]  ? finish_task_switch.isra.0+0x153/0x700
[   11.880087]  ? __switch_to+0x47/0xf50
[   11.880112]  ? __schedule+0x10cc/0x2b60
[   11.880134]  ? __pfx_read_tsc+0x10/0x10
[   11.880157]  krealloc_less_oob+0x1c/0x30
[   11.880178]  kunit_try_run_case+0x1a5/0x480
[   11.880202]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.880224]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.880248]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.880270]  ? __kthread_parkme+0x82/0x180
[   11.880291]  ? preempt_count_sub+0x50/0x80
[   11.880313]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.880336]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.880359]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.880383]  kthread+0x337/0x6f0
[   11.880401]  ? trace_preempt_on+0x20/0xc0
[   11.880423]  ? __pfx_kthread+0x10/0x10
[   11.880667]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.880690]  ? calculate_sigpending+0x7b/0xa0
[   11.880714]  ? __pfx_kthread+0x10/0x10
[   11.880734]  ret_from_fork+0x116/0x1d0
[   11.880753]  ? __pfx_kthread+0x10/0x10
[   11.880774]  ret_from_fork_asm+0x1a/0x30
[   11.880805]  </TASK>
[   11.880815] 
[   11.891328] Allocated by task 175:
[   11.891802]  kasan_save_stack+0x45/0x70
[   11.892084]  kasan_save_track+0x18/0x40
[   11.892412]  kasan_save_alloc_info+0x3b/0x50
[   11.892631]  __kasan_krealloc+0x190/0x1f0
[   11.892818]  krealloc_noprof+0xf3/0x340
[   11.892995]  krealloc_less_oob_helper+0x1aa/0x11d0
[   11.893170]  krealloc_less_oob+0x1c/0x30
[   11.893308]  kunit_try_run_case+0x1a5/0x480
[   11.893574]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.893830]  kthread+0x337/0x6f0
[   11.894025]  ret_from_fork+0x116/0x1d0
[   11.894253]  ret_from_fork_asm+0x1a/0x30
[   11.894427] 
[   11.894501] The buggy address belongs to the object at ffff888100348a00
[   11.894501]  which belongs to the cache kmalloc-256 of size 256
[   11.894995] The buggy address is located 34 bytes to the right of
[   11.894995]  allocated 201-byte region [ffff888100348a00, ffff888100348ac9)
[   11.895504] 
[   11.895603] The buggy address belongs to the physical page:
[   11.895870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348
[   11.896229] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.896609] flags: 0x200000000000040(head|node=0|zone=2)
[   11.896850] page_type: f5(slab)
[   11.897020] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.897327] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.897743] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.898056] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.898280] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff
[   11.898604] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.898942] page dumped because: kasan: bad access detected
[   11.899118] 
[   11.899185] Memory state around the buggy address:
[   11.899549]  ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.899868]  ffff888100348a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.900172] >ffff888100348a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[   11.900407]                                                           ^
[   11.900709]  ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.900986]  ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.901244] ==================================================================
[   11.944777] ==================================================================
[   11.945970] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0
[   11.946258] Write of size 1 at addr ffff8881028520c9 by task kunit_try_catch/179
[   11.946971] 
[   11.947389] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.947469] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.947481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.947505] Call Trace:
[   11.947518]  <TASK>
[   11.947536]  dump_stack_lvl+0x73/0xb0
[   11.947569]  print_report+0xd1/0x610
[   11.947592]  ? __virt_addr_valid+0x1db/0x2d0
[   11.947617]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.947640]  ? kasan_addr_to_slab+0x11/0xa0
[   11.947660]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.947684]  kasan_report+0x141/0x180
[   11.947704]  ? krealloc_less_oob_helper+0xd70/0x11d0
[   11.947732]  __asan_report_store1_noabort+0x1b/0x30
[   11.947756]  krealloc_less_oob_helper+0xd70/0x11d0
[   11.947781]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   11.947804]  ? finish_task_switch.isra.0+0x153/0x700
[   11.947828]  ? __switch_to+0x47/0xf50
[   11.947854]  ? __schedule+0x10cc/0x2b60
[   11.947876]  ? __pfx_read_tsc+0x10/0x10
[   11.947901]  krealloc_large_less_oob+0x1c/0x30
[   11.947923]  kunit_try_run_case+0x1a5/0x480
[   11.947949]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.947971]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.948004]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.948040]  ? __kthread_parkme+0x82/0x180
[   11.948061]  ? preempt_count_sub+0x50/0x80
[   11.948083]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.948106]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.948129]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.948153]  kthread+0x337/0x6f0
[   11.948171]  ? trace_preempt_on+0x20/0xc0
[   11.948195]  ? __pfx_kthread+0x10/0x10
[   11.948215]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.948236]  ? calculate_sigpending+0x7b/0xa0
[   11.948260]  ? __pfx_kthread+0x10/0x10
[   11.948281]  ret_from_fork+0x116/0x1d0
[   11.948299]  ? __pfx_kthread+0x10/0x10
[   11.948318]  ret_from_fork_asm+0x1a/0x30
[   11.948348]  </TASK>
[   11.948360] 
[   11.963576] The buggy address belongs to the physical page:
[   11.964142] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850
[   11.964864] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.965656] flags: 0x200000000000040(head|node=0|zone=2)
[   11.966262] page_type: f8(unknown)
[   11.966679] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.966911] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.967160] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.967391] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.967621] head: 0200000000000002 ffffea00040a1401 00000000ffffffff 00000000ffffffff
[   11.967852] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.968094] page dumped because: kasan: bad access detected
[   11.968269] 
[   11.968338] Memory state around the buggy address:
[   11.968496]  ffff888102851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.968713]  ffff888102852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.968933] >ffff888102852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   11.969589]                                               ^
[   11.970141]  ffff888102852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.970961]  ffff888102852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.971720] ==================================================================
[   12.068171] ==================================================================
[   12.068621] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0
[   12.069475] Write of size 1 at addr ffff8881028520eb by task kunit_try_catch/179
[   12.069908] 
[   12.070297] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   12.070350] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.070361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.070382] Call Trace:
[   12.070402]  <TASK>
[   12.070448]  dump_stack_lvl+0x73/0xb0
[   12.070481]  print_report+0xd1/0x610
[   12.070505]  ? __virt_addr_valid+0x1db/0x2d0
[   12.070529]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.070553]  ? kasan_addr_to_slab+0x11/0xa0
[   12.070573]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.070596]  kasan_report+0x141/0x180
[   12.070617]  ? krealloc_less_oob_helper+0xd47/0x11d0
[   12.070646]  __asan_report_store1_noabort+0x1b/0x30
[   12.070670]  krealloc_less_oob_helper+0xd47/0x11d0
[   12.070696]  ? __pfx_krealloc_less_oob_helper+0x10/0x10
[   12.070720]  ? finish_task_switch.isra.0+0x153/0x700
[   12.070742]  ? __switch_to+0x47/0xf50
[   12.070767]  ? __schedule+0x10cc/0x2b60
[   12.070789]  ? __pfx_read_tsc+0x10/0x10
[   12.070813]  krealloc_large_less_oob+0x1c/0x30
[   12.070836]  kunit_try_run_case+0x1a5/0x480
[   12.070860]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.070881]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.070905]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.070928]  ? __kthread_parkme+0x82/0x180
[   12.070948]  ? preempt_count_sub+0x50/0x80
[   12.070971]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.071024]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.071069]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.071093]  kthread+0x337/0x6f0
[   12.071111]  ? trace_preempt_on+0x20/0xc0
[   12.071135]  ? __pfx_kthread+0x10/0x10
[   12.071155]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.071176]  ? calculate_sigpending+0x7b/0xa0
[   12.071200]  ? __pfx_kthread+0x10/0x10
[   12.071220]  ret_from_fork+0x116/0x1d0
[   12.071239]  ? __pfx_kthread+0x10/0x10
[   12.071258]  ret_from_fork_asm+0x1a/0x30
[   12.071290]  </TASK>
[   12.071299] 
[   12.085469] The buggy address belongs to the physical page:
[   12.085966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850
[   12.086741] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.087213] flags: 0x200000000000040(head|node=0|zone=2)
[   12.087722] page_type: f8(unknown)
[   12.088076] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.088328] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.088567] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.088802] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.089071] head: 0200000000000002 ffffea00040a1401 00000000ffffffff 00000000ffffffff
[   12.089451] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.089766] page dumped because: kasan: bad access detected
[   12.089967] 
[   12.090142] Memory state around the buggy address:
[   12.090329]  ffff888102851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.090636]  ffff888102852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.090917] >ffff888102852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[   12.091536]                                                           ^
[   12.091852]  ffff888102852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.092223]  ffff888102852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.092554] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

303Mu3ntpbAl90E7xFJwTYkz6hg

job_id

TEST:linaro@lkft#303MyNrXgiUK2WQ9kAj3BzGphCF

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303MyNrXgiUK2WQ9kAj3BzGphCF

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303MvjxJUPUp0dSFAYAM6r89zAg/bzImage
sha256sum	e715e0f52245accf83f401d29cc1c2f3b2a59bbdf3f5ad590c1c6f981a5169eb

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303MvjxJUPUp0dSFAYAM6r89zAg/modules.tar.xz
sha256sum	a6fb5fb0c5521f1f236c8b67ce1b76fdcd44954d158362bf4d88d0d9d544c595

durations

tests

boot	0
kunit	233.03

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit