[   16.451531] ==================================================================
[   16.452527] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   16.452670] Write of size 1 at addr fff00000c45cfceb by task kunit_try_catch/156
[   16.452848] 
[   16.453040] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.453583] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.453765] Hardware name: linux,dummy-virt (DT)
[   16.453916] Call trace:
[   16.453942]  show_stack+0x20/0x38 (C)
[   16.454389]  dump_stack_lvl+0x8c/0xd0
[   16.454938]  print_report+0x118/0x5d0
[   16.455207]  kasan_report+0xdc/0x128
[   16.455254]  __asan_report_store1_noabort+0x20/0x30
[   16.455674]  krealloc_more_oob_helper+0x60c/0x678
[   16.456291]  krealloc_more_oob+0x20/0x38
[   16.456476]  kunit_try_run_case+0x170/0x3f0
[   16.456526]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.456926]  kthread+0x328/0x630
[   16.457258]  ret_from_fork+0x10/0x20
[   16.457377] 
[   16.457413] Allocated by task 156:
[   16.457445]  kasan_save_stack+0x3c/0x68
[   16.457634]  kasan_save_track+0x20/0x40
[   16.457708]  kasan_save_alloc_info+0x40/0x58
[   16.458183]  __kasan_krealloc+0x118/0x178
[   16.458375]  krealloc_noprof+0x128/0x360
[   16.458752]  krealloc_more_oob_helper+0x168/0x678
[   16.459065]  krealloc_more_oob+0x20/0x38
[   16.459142]  kunit_try_run_case+0x170/0x3f0
[   16.459181]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.459224]  kthread+0x328/0x630
[   16.459854]  ret_from_fork+0x10/0x20
[   16.459942] 
[   16.459963] The buggy address belongs to the object at fff00000c45cfc00
[   16.459963]  which belongs to the cache kmalloc-256 of size 256
[   16.460022] The buggy address is located 0 bytes to the right of
[   16.460022]  allocated 235-byte region [fff00000c45cfc00, fff00000c45cfceb)
[   16.460084] 
[   16.460105] The buggy address belongs to the physical page:
[   16.460743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045ce
[   16.460805] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.460853] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.460907] page_type: f5(slab)
[   16.461689] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.461744] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.462152] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.462462] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.462522] head: 0bfffe0000000001 ffffc1ffc3117381 00000000ffffffff 00000000ffffffff
[   16.462830] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.463008] page dumped because: kasan: bad access detected
[   16.463212] 
[   16.463535] Memory state around the buggy address:
[   16.463768]  fff00000c45cfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.464013]  fff00000c45cfc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.464294] >fff00000c45cfc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   16.464386]                                                           ^
[   16.464434]  fff00000c45cfd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.464475]  fff00000c45cfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.464879] ==================================================================
[   16.466676] ==================================================================
[   16.467244] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   16.467357] Write of size 1 at addr fff00000c45cfcf0 by task kunit_try_catch/156
[   16.467738] 
[   16.467775] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.468080] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.468373] Hardware name: linux,dummy-virt (DT)
[   16.468424] Call trace:
[   16.468536]  show_stack+0x20/0x38 (C)
[   16.468834]  dump_stack_lvl+0x8c/0xd0
[   16.468883]  print_report+0x118/0x5d0
[   16.468930]  kasan_report+0xdc/0x128
[   16.468979]  __asan_report_store1_noabort+0x20/0x30
[   16.469030]  krealloc_more_oob_helper+0x5c0/0x678
[   16.469782]  krealloc_more_oob+0x20/0x38
[   16.469858]  kunit_try_run_case+0x170/0x3f0
[   16.469914]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.470041]  kthread+0x328/0x630
[   16.470084]  ret_from_fork+0x10/0x20
[   16.470575] 
[   16.470896] Allocated by task 156:
[   16.471261]  kasan_save_stack+0x3c/0x68
[   16.471308]  kasan_save_track+0x20/0x40
[   16.471733]  kasan_save_alloc_info+0x40/0x58
[   16.472168]  __kasan_krealloc+0x118/0x178
[   16.472361]  krealloc_noprof+0x128/0x360
[   16.472595]  krealloc_more_oob_helper+0x168/0x678
[   16.472648]  krealloc_more_oob+0x20/0x38
[   16.472684]  kunit_try_run_case+0x170/0x3f0
[   16.472721]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.472770]  kthread+0x328/0x630
[   16.473180]  ret_from_fork+0x10/0x20
[   16.473440] 
[   16.473699] The buggy address belongs to the object at fff00000c45cfc00
[   16.473699]  which belongs to the cache kmalloc-256 of size 256
[   16.474189] The buggy address is located 5 bytes to the right of
[   16.474189]  allocated 235-byte region [fff00000c45cfc00, fff00000c45cfceb)
[   16.474271] 
[   16.474293] The buggy address belongs to the physical page:
[   16.474335] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045ce
[   16.474386] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.474432] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.474483] page_type: f5(slab)
[   16.475295] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.475568] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.475888] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.476182] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.476430] head: 0bfffe0000000001 ffffc1ffc3117381 00000000ffffffff 00000000ffffffff
[   16.476506] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.476753] page dumped because: kasan: bad access detected
[   16.476791] 
[   16.476862] Memory state around the buggy address:
[   16.476910]  fff00000c45cfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.476953]  fff00000c45cfc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.477200] >fff00000c45cfc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   16.477430]                                                              ^
[   16.477768]  fff00000c45cfd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.477976]  fff00000c45cfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.478576] ==================================================================
[   16.522751] ==================================================================
[   16.522803] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   16.522855] Write of size 1 at addr fff00000c79ba0f0 by task kunit_try_catch/160
[   16.523149] 
[   16.523435] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.523659] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.523694] Hardware name: linux,dummy-virt (DT)
[   16.524013] Call trace:
[   16.524053]  show_stack+0x20/0x38 (C)
[   16.524106]  dump_stack_lvl+0x8c/0xd0
[   16.524420]  print_report+0x118/0x5d0
[   16.524500]  kasan_report+0xdc/0x128
[   16.524761]  __asan_report_store1_noabort+0x20/0x30
[   16.524890]  krealloc_more_oob_helper+0x5c0/0x678
[   16.525270]  krealloc_large_more_oob+0x20/0x38
[   16.525503]  kunit_try_run_case+0x170/0x3f0
[   16.525836]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.526019]  kthread+0x328/0x630
[   16.526085]  ret_from_fork+0x10/0x20
[   16.526491] 
[   16.526591] The buggy address belongs to the physical page:
[   16.526650] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8
[   16.526946] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.526998] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.527049] page_type: f8(unknown)
[   16.527173] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.527237] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.527305] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.527371] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.527419] head: 0bfffe0000000002 ffffc1ffc31e6e01 00000000ffffffff 00000000ffffffff
[   16.527476] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.527514] page dumped because: kasan: bad access detected
[   16.527553] 
[   16.527570] Memory state around the buggy address:
[   16.527609]  fff00000c79b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.527652]  fff00000c79ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.527691] >fff00000c79ba080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   16.527737]                                                              ^
[   16.527782]  fff00000c79ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.527823]  fff00000c79ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.527861] ==================================================================
[   16.518604] ==================================================================
[   16.518660] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   16.518719] Write of size 1 at addr fff00000c79ba0eb by task kunit_try_catch/160
[   16.518846] 
[   16.518940] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.519330] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.519357] Hardware name: linux,dummy-virt (DT)
[   16.519386] Call trace:
[   16.519408]  show_stack+0x20/0x38 (C)
[   16.519481]  dump_stack_lvl+0x8c/0xd0
[   16.519554]  print_report+0x118/0x5d0
[   16.519601]  kasan_report+0xdc/0x128
[   16.519657]  __asan_report_store1_noabort+0x20/0x30
[   16.519708]  krealloc_more_oob_helper+0x60c/0x678
[   16.519768]  krealloc_large_more_oob+0x20/0x38
[   16.519915]  kunit_try_run_case+0x170/0x3f0
[   16.519962]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.520013]  kthread+0x328/0x630
[   16.520081]  ret_from_fork+0x10/0x20
[   16.520128] 
[   16.520163] The buggy address belongs to the physical page:
[   16.520193] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8
[   16.520246] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.520292] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.520368] page_type: f8(unknown)
[   16.520416] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.520475] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.520537] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.520719] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.520936] head: 0bfffe0000000002 ffffc1ffc31e6e01 00000000ffffffff 00000000ffffffff
[   16.520983] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.521491] page dumped because: kasan: bad access detected
[   16.521527] 
[   16.521546] Memory state around the buggy address:
[   16.521577]  fff00000c79b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.521618]  fff00000c79ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.521659] >fff00000c79ba080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   16.521695]                                                           ^
[   16.521733]  fff00000c79ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.521774]  fff00000c79ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.521810] ==================================================================

[   16.441647] ==================================================================
[   16.441725] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   16.442265] Write of size 1 at addr fff00000c17c76eb by task kunit_try_catch/156
[   16.442362] 
[   16.442478] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.442580] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.442661] Hardware name: linux,dummy-virt (DT)
[   16.442695] Call trace:
[   16.442756]  show_stack+0x20/0x38 (C)
[   16.442875]  dump_stack_lvl+0x8c/0xd0
[   16.442959]  print_report+0x118/0x5d0
[   16.443181]  kasan_report+0xdc/0x128
[   16.443295]  __asan_report_store1_noabort+0x20/0x30
[   16.443506]  krealloc_more_oob_helper+0x60c/0x678
[   16.443608]  krealloc_more_oob+0x20/0x38
[   16.443950]  kunit_try_run_case+0x170/0x3f0
[   16.444132]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.444246]  kthread+0x328/0x630
[   16.444423]  ret_from_fork+0x10/0x20
[   16.444557] 
[   16.444840] Allocated by task 156:
[   16.445067]  kasan_save_stack+0x3c/0x68
[   16.445151]  kasan_save_track+0x20/0x40
[   16.445310]  kasan_save_alloc_info+0x40/0x58
[   16.445394]  __kasan_krealloc+0x118/0x178
[   16.445575]  krealloc_noprof+0x128/0x360
[   16.446001]  krealloc_more_oob_helper+0x168/0x678
[   16.446117]  krealloc_more_oob+0x20/0x38
[   16.446170]  kunit_try_run_case+0x170/0x3f0
[   16.446207]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.446249]  kthread+0x328/0x630
[   16.446282]  ret_from_fork+0x10/0x20
[   16.446327] 
[   16.446347] The buggy address belongs to the object at fff00000c17c7600
[   16.446347]  which belongs to the cache kmalloc-256 of size 256
[   16.446405] The buggy address is located 0 bytes to the right of
[   16.446405]  allocated 235-byte region [fff00000c17c7600, fff00000c17c76eb)
[   16.446495] 
[   16.446524] The buggy address belongs to the physical page:
[   16.446563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6
[   16.446641] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.446695] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.446760] page_type: f5(slab)
[   16.446799] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.447106] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.447400] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.447460] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.447509] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff
[   16.447591] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.447801] page dumped because: kasan: bad access detected
[   16.447886] 
[   16.448095] Memory state around the buggy address:
[   16.448278]  fff00000c17c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.448512]  fff00000c17c7600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.448612] >fff00000c17c7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   16.448752]                                                           ^
[   16.448828]  fff00000c17c7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.449215]  fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.449751] ==================================================================
[   16.512598] ==================================================================
[   16.512702] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   16.512778] Write of size 1 at addr fff00000c76de0f0 by task kunit_try_catch/160
[   16.513022] 
[   16.513185] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.513274] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.513300] Hardware name: linux,dummy-virt (DT)
[   16.513532] Call trace:
[   16.513710]  show_stack+0x20/0x38 (C)
[   16.513792]  dump_stack_lvl+0x8c/0xd0
[   16.514327]  print_report+0x118/0x5d0
[   16.514703]  kasan_report+0xdc/0x128
[   16.514774]  __asan_report_store1_noabort+0x20/0x30
[   16.514825]  krealloc_more_oob_helper+0x5c0/0x678
[   16.514910]  krealloc_large_more_oob+0x20/0x38
[   16.514998]  kunit_try_run_case+0x170/0x3f0
[   16.515142]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.515196]  kthread+0x328/0x630
[   16.515237]  ret_from_fork+0x10/0x20
[   16.515792] 
[   16.515863] The buggy address belongs to the physical page:
[   16.515923] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076dc
[   16.516405] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.516756] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.516857] page_type: f8(unknown)
[   16.516913] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.517062] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.517216] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.517337] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.517463] head: 0bfffe0000000002 ffffc1ffc31db701 00000000ffffffff 00000000ffffffff
[   16.517977] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.518202] page dumped because: kasan: bad access detected
[   16.518244] 
[   16.518453] Memory state around the buggy address:
[   16.518567]  fff00000c76ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.518785]  fff00000c76de000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.518831] >fff00000c76de080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   16.519066]                                                              ^
[   16.519403]  fff00000c76de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.519885]  fff00000c76de180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.519937] ==================================================================
[   16.451798] ==================================================================
[   16.451992] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678
[   16.452053] Write of size 1 at addr fff00000c17c76f0 by task kunit_try_catch/156
[   16.452306] 
[   16.452339] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.452416] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.452441] Hardware name: linux,dummy-virt (DT)
[   16.452472] Call trace:
[   16.452771]  show_stack+0x20/0x38 (C)
[   16.452867]  dump_stack_lvl+0x8c/0xd0
[   16.453088]  print_report+0x118/0x5d0
[   16.453249]  kasan_report+0xdc/0x128
[   16.453403]  __asan_report_store1_noabort+0x20/0x30
[   16.453488]  krealloc_more_oob_helper+0x5c0/0x678
[   16.453592]  krealloc_more_oob+0x20/0x38
[   16.453642]  kunit_try_run_case+0x170/0x3f0
[   16.453688]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.453754]  kthread+0x328/0x630
[   16.454122]  ret_from_fork+0x10/0x20
[   16.454224] 
[   16.454281] Allocated by task 156:
[   16.454313]  kasan_save_stack+0x3c/0x68
[   16.454355]  kasan_save_track+0x20/0x40
[   16.454529]  kasan_save_alloc_info+0x40/0x58
[   16.454750]  __kasan_krealloc+0x118/0x178
[   16.454803]  krealloc_noprof+0x128/0x360
[   16.454840]  krealloc_more_oob_helper+0x168/0x678
[   16.455011]  krealloc_more_oob+0x20/0x38
[   16.455148]  kunit_try_run_case+0x170/0x3f0
[   16.455187]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.455229]  kthread+0x328/0x630
[   16.455261]  ret_from_fork+0x10/0x20
[   16.455417] 
[   16.455744] The buggy address belongs to the object at fff00000c17c7600
[   16.455744]  which belongs to the cache kmalloc-256 of size 256
[   16.455865] The buggy address is located 5 bytes to the right of
[   16.455865]  allocated 235-byte region [fff00000c17c7600, fff00000c17c76eb)
[   16.456207] 
[   16.456387] The buggy address belongs to the physical page:
[   16.456461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6
[   16.456515] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.456747] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.457157] page_type: f5(slab)
[   16.457300] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.457439] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.457599] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000
[   16.457706] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.458071] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff
[   16.458207] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   16.458314] page dumped because: kasan: bad access detected
[   16.458347] 
[   16.458365] Memory state around the buggy address:
[   16.458572]  fff00000c17c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.458629]  fff00000c17c7600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.458905] >fff00000c17c7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   16.459426]                                                              ^
[   16.459476]  fff00000c17c7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.459521]  fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.459597] ==================================================================
[   16.506138] ==================================================================
[   16.506210] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678
[   16.506314] Write of size 1 at addr fff00000c76de0eb by task kunit_try_catch/160
[   16.506367] 
[   16.506453] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.506625] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.506652] Hardware name: linux,dummy-virt (DT)
[   16.507268] Call trace:
[   16.507370]  show_stack+0x20/0x38 (C)
[   16.507425]  dump_stack_lvl+0x8c/0xd0
[   16.507472]  print_report+0x118/0x5d0
[   16.507907]  kasan_report+0xdc/0x128
[   16.508140]  __asan_report_store1_noabort+0x20/0x30
[   16.508289]  krealloc_more_oob_helper+0x60c/0x678
[   16.508359]  krealloc_large_more_oob+0x20/0x38
[   16.508445]  kunit_try_run_case+0x170/0x3f0
[   16.508496]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.508548]  kthread+0x328/0x630
[   16.508589]  ret_from_fork+0x10/0x20
[   16.508994] 
[   16.509058] The buggy address belongs to the physical page:
[   16.509092] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076dc
[   16.509160] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.509215] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   16.509269] page_type: f8(unknown)
[   16.509324] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.509373] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.509421] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   16.509477] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.509523] head: 0bfffe0000000002 ffffc1ffc31db701 00000000ffffffff 00000000ffffffff
[   16.509570] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.509618] page dumped because: kasan: bad access detected
[   16.509663] 
[   16.509681] Memory state around the buggy address:
[   16.510035]  fff00000c76ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.510385]  fff00000c76de000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.510461] >fff00000c76de080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   16.510665]                                                           ^
[   16.510908]  fff00000c76de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.511061]  fff00000c76de180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.511184] ==================================================================

[   12.012243] ==================================================================
[   12.013009] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   12.013501] Write of size 1 at addr ffff8881039de0f0 by task kunit_try_catch/177
[   12.014683] 
[   12.014965] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   12.015020] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.015138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.015161] Call Trace:
[   12.015173]  <TASK>
[   12.015190]  dump_stack_lvl+0x73/0xb0
[   12.015223]  print_report+0xd1/0x610
[   12.015246]  ? __virt_addr_valid+0x1db/0x2d0
[   12.015269]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.015296]  ? kasan_addr_to_slab+0x11/0xa0
[   12.015316]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.015342]  kasan_report+0x141/0x180
[   12.015363]  ? krealloc_more_oob_helper+0x7eb/0x930
[   12.015392]  __asan_report_store1_noabort+0x1b/0x30
[   12.015417]  krealloc_more_oob_helper+0x7eb/0x930
[   12.015440]  ? pick_task_fair+0xc9/0x340
[   12.015465]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   12.015489]  ? __schedule+0x207f/0x2b60
[   12.015509]  ? schedule+0x7c/0x2e0
[   12.015615]  ? trace_hardirqs_on+0x37/0xe0
[   12.015642]  ? __schedule+0x207f/0x2b60
[   12.015663]  ? __pfx_read_tsc+0x10/0x10
[   12.015688]  krealloc_large_more_oob+0x1c/0x30
[   12.015712]  kunit_try_run_case+0x1a5/0x480
[   12.015738]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.015759]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.015784]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.015807]  ? __kthread_parkme+0x82/0x180
[   12.015828]  ? preempt_count_sub+0x50/0x80
[   12.015852]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.015875]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.015912]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.015936]  kthread+0x337/0x6f0
[   12.015954]  ? trace_preempt_on+0x20/0xc0
[   12.015975]  ? __pfx_kthread+0x10/0x10
[   12.015995]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.016016]  ? calculate_sigpending+0x7b/0xa0
[   12.016040]  ? __pfx_kthread+0x10/0x10
[   12.016061]  ret_from_fork+0x116/0x1d0
[   12.016079]  ? __pfx_kthread+0x10/0x10
[   12.016100]  ret_from_fork_asm+0x1a/0x30
[   12.016132]  </TASK>
[   12.016142] 
[   12.029410] The buggy address belongs to the physical page:
[   12.030067] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039dc
[   12.030563] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.031281] flags: 0x200000000000040(head|node=0|zone=2)
[   12.031734] page_type: f8(unknown)
[   12.031887] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.032450] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.033109] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.033443] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.034105] head: 0200000000000002 ffffea00040e7701 00000000ffffffff 00000000ffffffff
[   12.034559] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.035246] page dumped because: kasan: bad access detected
[   12.035606] 
[   12.035709] Memory state around the buggy address:
[   12.035940]  ffff8881039ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.036516]  ffff8881039de000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.037108] >ffff8881039de080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   12.037472]                                                              ^
[   12.038043]  ffff8881039de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.038361]  ffff8881039de180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.039008] ==================================================================
[   11.814822] ==================================================================
[   11.815256] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   11.815748] Write of size 1 at addr ffff8881003558f0 by task kunit_try_catch/173
[   11.816085] 
[   11.816190] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.816234] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.816244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.816264] Call Trace:
[   11.816276]  <TASK>
[   11.816292]  dump_stack_lvl+0x73/0xb0
[   11.816320]  print_report+0xd1/0x610
[   11.816342]  ? __virt_addr_valid+0x1db/0x2d0
[   11.816365]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.816388]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.816410]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.816434]  kasan_report+0x141/0x180
[   11.816455]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.816485]  __asan_report_store1_noabort+0x1b/0x30
[   11.816509]  krealloc_more_oob_helper+0x7eb/0x930
[   11.816531]  ? trace_hardirqs_on+0x37/0xe0
[   11.816555]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.816578]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.816609]  ? __pfx_krealloc_more_oob+0x10/0x10
[   11.816636]  krealloc_more_oob+0x1c/0x30
[   11.816657]  kunit_try_run_case+0x1a5/0x480
[   11.816680]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.816702]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.816725]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.816748]  ? __kthread_parkme+0x82/0x180
[   11.816768]  ? preempt_count_sub+0x50/0x80
[   11.816792]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.816816]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.816839]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.816862]  kthread+0x337/0x6f0
[   11.816881]  ? trace_preempt_on+0x20/0xc0
[   11.816913]  ? __pfx_kthread+0x10/0x10
[   11.816933]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.816953]  ? calculate_sigpending+0x7b/0xa0
[   11.816977]  ? __pfx_kthread+0x10/0x10
[   11.817045]  ret_from_fork+0x116/0x1d0
[   11.817064]  ? __pfx_kthread+0x10/0x10
[   11.817083]  ret_from_fork_asm+0x1a/0x30
[   11.817116]  </TASK>
[   11.817126] 
[   11.824677] Allocated by task 173:
[   11.824807]  kasan_save_stack+0x45/0x70
[   11.824960]  kasan_save_track+0x18/0x40
[   11.825124]  kasan_save_alloc_info+0x3b/0x50
[   11.825471]  __kasan_krealloc+0x190/0x1f0
[   11.825668]  krealloc_noprof+0xf3/0x340
[   11.825857]  krealloc_more_oob_helper+0x1a9/0x930
[   11.826282]  krealloc_more_oob+0x1c/0x30
[   11.826483]  kunit_try_run_case+0x1a5/0x480
[   11.826940]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.827176]  kthread+0x337/0x6f0
[   11.827340]  ret_from_fork+0x116/0x1d0
[   11.827472]  ret_from_fork_asm+0x1a/0x30
[   11.827870] 
[   11.827984] The buggy address belongs to the object at ffff888100355800
[   11.827984]  which belongs to the cache kmalloc-256 of size 256
[   11.828454] The buggy address is located 5 bytes to the right of
[   11.828454]  allocated 235-byte region [ffff888100355800, ffff8881003558eb)
[   11.828969] 
[   11.829078] The buggy address belongs to the physical page:
[   11.829328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354
[   11.829743] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.829983] flags: 0x200000000000040(head|node=0|zone=2)
[   11.830158] page_type: f5(slab)
[   11.830277] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.830523] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.830864] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.831360] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.831772] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff
[   11.832347] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.832766] page dumped because: kasan: bad access detected
[   11.832953] 
[   11.833114] Memory state around the buggy address:
[   11.833344]  ffff888100355780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.833746]  ffff888100355800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.834064] >ffff888100355880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   11.834317]                                                              ^
[   11.834525]  ffff888100355900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.835046]  ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.835293] ==================================================================
[   11.788921] ==================================================================
[   11.789454] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   11.789734] Write of size 1 at addr ffff8881003558eb by task kunit_try_catch/173
[   11.789969] 
[   11.790065] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.790110] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.790121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.790143] Call Trace:
[   11.790155]  <TASK>
[   11.790173]  dump_stack_lvl+0x73/0xb0
[   11.790204]  print_report+0xd1/0x610
[   11.790226]  ? __virt_addr_valid+0x1db/0x2d0
[   11.790250]  ? krealloc_more_oob_helper+0x821/0x930
[   11.790272]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.790293]  ? krealloc_more_oob_helper+0x821/0x930
[   11.790315]  kasan_report+0x141/0x180
[   11.790336]  ? krealloc_more_oob_helper+0x821/0x930
[   11.790363]  __asan_report_store1_noabort+0x1b/0x30
[   11.790386]  krealloc_more_oob_helper+0x821/0x930
[   11.790407]  ? trace_hardirqs_on+0x37/0xe0
[   11.790431]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.790453]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   11.790482]  ? __pfx_krealloc_more_oob+0x10/0x10
[   11.790508]  krealloc_more_oob+0x1c/0x30
[   11.790528]  kunit_try_run_case+0x1a5/0x480
[   11.790553]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.790573]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.790597]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.790620]  ? __kthread_parkme+0x82/0x180
[   11.790640]  ? preempt_count_sub+0x50/0x80
[   11.790664]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.790686]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.790708]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.790730]  kthread+0x337/0x6f0
[   11.790748]  ? trace_preempt_on+0x20/0xc0
[   11.790775]  ? __pfx_kthread+0x10/0x10
[   11.790794]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.790813]  ? calculate_sigpending+0x7b/0xa0
[   11.790837]  ? __pfx_kthread+0x10/0x10
[   11.790857]  ret_from_fork+0x116/0x1d0
[   11.790876]  ? __pfx_kthread+0x10/0x10
[   11.791448]  ret_from_fork_asm+0x1a/0x30
[   11.791495]  </TASK>
[   11.791508] 
[   11.803393] Allocated by task 173:
[   11.803556]  kasan_save_stack+0x45/0x70
[   11.803837]  kasan_save_track+0x18/0x40
[   11.804057]  kasan_save_alloc_info+0x3b/0x50
[   11.804213]  __kasan_krealloc+0x190/0x1f0
[   11.804353]  krealloc_noprof+0xf3/0x340
[   11.804545]  krealloc_more_oob_helper+0x1a9/0x930
[   11.804773]  krealloc_more_oob+0x1c/0x30
[   11.804977]  kunit_try_run_case+0x1a5/0x480
[   11.805231]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.805442]  kthread+0x337/0x6f0
[   11.805651]  ret_from_fork+0x116/0x1d0
[   11.805847]  ret_from_fork_asm+0x1a/0x30
[   11.806115] 
[   11.806189] The buggy address belongs to the object at ffff888100355800
[   11.806189]  which belongs to the cache kmalloc-256 of size 256
[   11.806698] The buggy address is located 0 bytes to the right of
[   11.806698]  allocated 235-byte region [ffff888100355800, ffff8881003558eb)
[   11.807151] 
[   11.807226] The buggy address belongs to the physical page:
[   11.807472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354
[   11.808444] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.808852] flags: 0x200000000000040(head|node=0|zone=2)
[   11.809167] page_type: f5(slab)
[   11.809337] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.809663] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.810022] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.810416] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.810771] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff
[   11.811145] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.811398] page dumped because: kasan: bad access detected
[   11.811778] 
[   11.811860] Memory state around the buggy address:
[   11.812027]  ffff888100355780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.812395]  ffff888100355800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.812776] >ffff888100355880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   11.813204]                                                           ^
[   11.813653]  ffff888100355900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.813944]  ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.814280] ==================================================================
[   11.988242] ==================================================================
[   11.988722] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   11.989426] Write of size 1 at addr ffff8881039de0eb by task kunit_try_catch/177
[   11.989887] 
[   11.990026] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.990084] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.990095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.990130] Call Trace:
[   11.990143]  <TASK>
[   11.990161]  dump_stack_lvl+0x73/0xb0
[   11.990205]  print_report+0xd1/0x610
[   11.990228]  ? __virt_addr_valid+0x1db/0x2d0
[   11.990261]  ? krealloc_more_oob_helper+0x821/0x930
[   11.990285]  ? kasan_addr_to_slab+0x11/0xa0
[   11.990305]  ? krealloc_more_oob_helper+0x821/0x930
[   11.990341]  kasan_report+0x141/0x180
[   11.990364]  ? krealloc_more_oob_helper+0x821/0x930
[   11.990393]  __asan_report_store1_noabort+0x1b/0x30
[   11.990417]  krealloc_more_oob_helper+0x821/0x930
[   11.990441]  ? pick_task_fair+0xc9/0x340
[   11.990467]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.990491]  ? __schedule+0x207f/0x2b60
[   11.990521]  ? schedule+0x7c/0x2e0
[   11.990540]  ? trace_hardirqs_on+0x37/0xe0
[   11.990565]  ? __schedule+0x207f/0x2b60
[   11.990596]  ? __pfx_read_tsc+0x10/0x10
[   11.990620]  krealloc_large_more_oob+0x1c/0x30
[   11.990643]  kunit_try_run_case+0x1a5/0x480
[   11.990668]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.990690]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.990715]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.990788]  ? __kthread_parkme+0x82/0x180
[   11.990810]  ? preempt_count_sub+0x50/0x80
[   11.990862]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.990886]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.990922]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.990945]  kthread+0x337/0x6f0
[   11.990964]  ? trace_preempt_on+0x20/0xc0
[   11.990996]  ? __pfx_kthread+0x10/0x10
[   11.991016]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.991037]  ? calculate_sigpending+0x7b/0xa0
[   11.991062]  ? __pfx_kthread+0x10/0x10
[   11.991083]  ret_from_fork+0x116/0x1d0
[   11.991102]  ? __pfx_kthread+0x10/0x10
[   11.991122]  ret_from_fork_asm+0x1a/0x30
[   11.991155]  </TASK>
[   11.991166] 
[   12.002119] The buggy address belongs to the physical page:
[   12.002387] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039dc
[   12.002997] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.003471] flags: 0x200000000000040(head|node=0|zone=2)
[   12.003885] page_type: f8(unknown)
[   12.004129] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.004836] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.005281] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.005924] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.006412] head: 0200000000000002 ffffea00040e7701 00000000ffffffff 00000000ffffffff
[   12.006977] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.007359] page dumped because: kasan: bad access detected
[   12.007564] 
[   12.007711] Memory state around the buggy address:
[   12.007939]  ffff8881039ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.008759]  ffff8881039de000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.009206] >ffff8881039de080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   12.009532]                                                           ^
[   12.010347]  ffff8881039de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.010964]  ffff8881039de180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.011384] ==================================================================

[   11.622039] ==================================================================
[   11.622859] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   11.623536] Write of size 1 at addr ffff888100a282f0 by task kunit_try_catch/174
[   11.624662] 
[   11.624842] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.624885] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.624896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.624917] Call Trace:
[   11.624928]  <TASK>
[   11.624942]  dump_stack_lvl+0x73/0xb0
[   11.624973]  print_report+0xd1/0x610
[   11.624996]  ? __virt_addr_valid+0x1db/0x2d0
[   11.625019]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.625044]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.625068]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.625094]  kasan_report+0x141/0x180
[   11.625117]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.625154]  __asan_report_store1_noabort+0x1b/0x30
[   11.625180]  krealloc_more_oob_helper+0x7eb/0x930
[   11.625203]  ? __schedule+0x10cc/0x2b60
[   11.625227]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.625253]  ? finish_task_switch.isra.0+0x153/0x700
[   11.625277]  ? __switch_to+0x47/0xf50
[   11.625303]  ? __schedule+0x10cc/0x2b60
[   11.625325]  ? __pfx_read_tsc+0x10/0x10
[   11.625349]  krealloc_more_oob+0x1c/0x30
[   11.625372]  kunit_try_run_case+0x1a5/0x480
[   11.625397]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.625443]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.625469]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.625494]  ? __kthread_parkme+0x82/0x180
[   11.625515]  ? preempt_count_sub+0x50/0x80
[   11.625540]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.625565]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.625590]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.625616]  kthread+0x337/0x6f0
[   11.625635]  ? trace_preempt_on+0x20/0xc0
[   11.625659]  ? __pfx_kthread+0x10/0x10
[   11.625679]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.625702]  ? calculate_sigpending+0x7b/0xa0
[   11.625727]  ? __pfx_kthread+0x10/0x10
[   11.625749]  ret_from_fork+0x116/0x1d0
[   11.625768]  ? __pfx_kthread+0x10/0x10
[   11.625789]  ret_from_fork_asm+0x1a/0x30
[   11.625823]  </TASK>
[   11.625833] 
[   11.636097] Allocated by task 174:
[   11.636245]  kasan_save_stack+0x45/0x70
[   11.636394]  kasan_save_track+0x18/0x40
[   11.636541]  kasan_save_alloc_info+0x3b/0x50
[   11.636723]  __kasan_krealloc+0x190/0x1f0
[   11.636916]  krealloc_noprof+0xf3/0x340
[   11.637106]  krealloc_more_oob_helper+0x1a9/0x930
[   11.637557]  krealloc_more_oob+0x1c/0x30
[   11.637716]  kunit_try_run_case+0x1a5/0x480
[   11.637864]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.638089]  kthread+0x337/0x6f0
[   11.638259]  ret_from_fork+0x116/0x1d0
[   11.638515]  ret_from_fork_asm+0x1a/0x30
[   11.638727] 
[   11.638823] The buggy address belongs to the object at ffff888100a28200
[   11.638823]  which belongs to the cache kmalloc-256 of size 256
[   11.639289] The buggy address is located 5 bytes to the right of
[   11.639289]  allocated 235-byte region [ffff888100a28200, ffff888100a282eb)
[   11.639879] 
[   11.639973] The buggy address belongs to the physical page:
[   11.640197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28
[   11.640601] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.640900] flags: 0x200000000000040(head|node=0|zone=2)
[   11.641157] page_type: f5(slab)
[   11.641334] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.641865] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.642201] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.642754] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.643074] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff
[   11.643481] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.643804] page dumped because: kasan: bad access detected
[   11.643979] 
[   11.644048] Memory state around the buggy address:
[   11.644226]  ffff888100a28180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.644560]  ffff888100a28200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.644880] >ffff888100a28280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   11.645185]                                                              ^
[   11.645395]  ffff888100a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.645731]  ffff888100a28380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.646063] ==================================================================
[   11.785857] ==================================================================
[   11.786153] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   11.786553] Write of size 1 at addr ffff88810282a0f0 by task kunit_try_catch/178
[   11.786866] 
[   11.786974] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.787015] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.787025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.787044] Call Trace:
[   11.787054]  <TASK>
[   11.787068]  dump_stack_lvl+0x73/0xb0
[   11.787094]  print_report+0xd1/0x610
[   11.787115]  ? __virt_addr_valid+0x1db/0x2d0
[   11.787136]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.787159]  ? kasan_addr_to_slab+0x11/0xa0
[   11.787178]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.787201]  kasan_report+0x141/0x180
[   11.787222]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.787251]  __asan_report_store1_noabort+0x1b/0x30
[   11.787275]  krealloc_more_oob_helper+0x7eb/0x930
[   11.787296]  ? __schedule+0x10cc/0x2b60
[   11.787318]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.787341]  ? finish_task_switch.isra.0+0x153/0x700
[   11.787362]  ? __switch_to+0x47/0xf50
[   11.787491]  ? __schedule+0x10cc/0x2b60
[   11.787550]  ? __pfx_read_tsc+0x10/0x10
[   11.787574]  krealloc_large_more_oob+0x1c/0x30
[   11.787597]  kunit_try_run_case+0x1a5/0x480
[   11.787620]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.787642]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.787665]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.787688]  ? __kthread_parkme+0x82/0x180
[   11.787708]  ? preempt_count_sub+0x50/0x80
[   11.787731]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.787754]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.787777]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.787800]  kthread+0x337/0x6f0
[   11.787818]  ? trace_preempt_on+0x20/0xc0
[   11.787839]  ? __pfx_kthread+0x10/0x10
[   11.787859]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.787879]  ? calculate_sigpending+0x7b/0xa0
[   11.787902]  ? __pfx_kthread+0x10/0x10
[   11.787922]  ret_from_fork+0x116/0x1d0
[   11.787940]  ? __pfx_kthread+0x10/0x10
[   11.787959]  ret_from_fork_asm+0x1a/0x30
[   11.787990]  </TASK>
[   11.787999] 
[   11.802954] The buggy address belongs to the physical page:
[   11.803302] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828
[   11.803634] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.804580] flags: 0x200000000000040(head|node=0|zone=2)
[   11.805091] page_type: f8(unknown)
[   11.805430] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.806192] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.806857] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.807271] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.807782] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff
[   11.808554] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.809684] page dumped because: kasan: bad access detected
[   11.809943] 
[   11.810017] Memory state around the buggy address:
[   11.810169]  ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.810381]  ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.811538] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   11.812220]                                                              ^
[   11.812949]  ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.813774]  ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.814257] ==================================================================
[   11.766126] ==================================================================
[   11.766761] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   11.767123] Write of size 1 at addr ffff88810282a0eb by task kunit_try_catch/178
[   11.767429] 
[   11.767535] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.767580] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.767590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.767610] Call Trace:
[   11.767623]  <TASK>
[   11.767637]  dump_stack_lvl+0x73/0xb0
[   11.767664]  print_report+0xd1/0x610
[   11.767683]  ? __virt_addr_valid+0x1db/0x2d0
[   11.767704]  ? krealloc_more_oob_helper+0x821/0x930
[   11.767726]  ? kasan_addr_to_slab+0x11/0xa0
[   11.767744]  ? krealloc_more_oob_helper+0x821/0x930
[   11.767767]  kasan_report+0x141/0x180
[   11.767787]  ? krealloc_more_oob_helper+0x821/0x930
[   11.767815]  __asan_report_store1_noabort+0x1b/0x30
[   11.767838]  krealloc_more_oob_helper+0x821/0x930
[   11.767858]  ? __schedule+0x10cc/0x2b60
[   11.767880]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.767902]  ? finish_task_switch.isra.0+0x153/0x700
[   11.767923]  ? __switch_to+0x47/0xf50
[   11.767948]  ? __schedule+0x10cc/0x2b60
[   11.767968]  ? __pfx_read_tsc+0x10/0x10
[   11.767992]  krealloc_large_more_oob+0x1c/0x30
[   11.768013]  kunit_try_run_case+0x1a5/0x480
[   11.768035]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.768056]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.768077]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.768099]  ? __kthread_parkme+0x82/0x180
[   11.768118]  ? preempt_count_sub+0x50/0x80
[   11.768141]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.768163]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.768185]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.768207]  kthread+0x337/0x6f0
[   11.768225]  ? trace_preempt_on+0x20/0xc0
[   11.768246]  ? __pfx_kthread+0x10/0x10
[   11.768265]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.768284]  ? calculate_sigpending+0x7b/0xa0
[   11.768307]  ? __pfx_kthread+0x10/0x10
[   11.768326]  ret_from_fork+0x116/0x1d0
[   11.768343]  ? __pfx_kthread+0x10/0x10
[   11.768362]  ret_from_fork_asm+0x1a/0x30
[   11.768393]  </TASK>
[   11.768401] 
[   11.777800] The buggy address belongs to the physical page:
[   11.778003] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828
[   11.778487] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.778843] flags: 0x200000000000040(head|node=0|zone=2)
[   11.779112] page_type: f8(unknown)
[   11.779290] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.779721] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.780045] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.780362] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.780939] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff
[   11.781269] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.781767] page dumped because: kasan: bad access detected
[   11.782041] 
[   11.782110] Memory state around the buggy address:
[   11.782327]  ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.782813]  ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.783099] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   11.783576]                                                           ^
[   11.783846]  ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.784185]  ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.784673] ==================================================================
[   11.585218] ==================================================================
[   11.585832] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   11.586199] Write of size 1 at addr ffff888100a282eb by task kunit_try_catch/174
[   11.586719] 
[   11.587013] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.587095] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.587107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.587128] Call Trace:
[   11.587140]  <TASK>
[   11.587156]  dump_stack_lvl+0x73/0xb0
[   11.587188]  print_report+0xd1/0x610
[   11.587212]  ? __virt_addr_valid+0x1db/0x2d0
[   11.587236]  ? krealloc_more_oob_helper+0x821/0x930
[   11.587261]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.587285]  ? krealloc_more_oob_helper+0x821/0x930
[   11.587310]  kasan_report+0x141/0x180
[   11.587333]  ? krealloc_more_oob_helper+0x821/0x930
[   11.587363]  __asan_report_store1_noabort+0x1b/0x30
[   11.587389]  krealloc_more_oob_helper+0x821/0x930
[   11.587424]  ? __schedule+0x10cc/0x2b60
[   11.587459]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.587484]  ? finish_task_switch.isra.0+0x153/0x700
[   11.587509]  ? __switch_to+0x47/0xf50
[   11.587537]  ? __schedule+0x10cc/0x2b60
[   11.587559]  ? __pfx_read_tsc+0x10/0x10
[   11.587585]  krealloc_more_oob+0x1c/0x30
[   11.587608]  kunit_try_run_case+0x1a5/0x480
[   11.587635]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.587658]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.587684]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.587709]  ? __kthread_parkme+0x82/0x180
[   11.587730]  ? preempt_count_sub+0x50/0x80
[   11.587755]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.587779]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.587804]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.587829]  kthread+0x337/0x6f0
[   11.587849]  ? trace_preempt_on+0x20/0xc0
[   11.587872]  ? __pfx_kthread+0x10/0x10
[   11.587893]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.587916]  ? calculate_sigpending+0x7b/0xa0
[   11.587940]  ? __pfx_kthread+0x10/0x10
[   11.587962]  ret_from_fork+0x116/0x1d0
[   11.587981]  ? __pfx_kthread+0x10/0x10
[   11.588002]  ret_from_fork_asm+0x1a/0x30
[   11.588035]  </TASK>
[   11.588045] 
[   11.604581] Allocated by task 174:
[   11.604920]  kasan_save_stack+0x45/0x70
[   11.605081]  kasan_save_track+0x18/0x40
[   11.605225]  kasan_save_alloc_info+0x3b/0x50
[   11.605376]  __kasan_krealloc+0x190/0x1f0
[   11.605880]  krealloc_noprof+0xf3/0x340
[   11.606240]  krealloc_more_oob_helper+0x1a9/0x930
[   11.606775]  krealloc_more_oob+0x1c/0x30
[   11.607156]  kunit_try_run_case+0x1a5/0x480
[   11.607607]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.608095]  kthread+0x337/0x6f0
[   11.608402]  ret_from_fork+0x116/0x1d0
[   11.608669]  ret_from_fork_asm+0x1a/0x30
[   11.609036] 
[   11.609173] The buggy address belongs to the object at ffff888100a28200
[   11.609173]  which belongs to the cache kmalloc-256 of size 256
[   11.609973] The buggy address is located 0 bytes to the right of
[   11.609973]  allocated 235-byte region [ffff888100a28200, ffff888100a282eb)
[   11.610349] 
[   11.610508] The buggy address belongs to the physical page:
[   11.611002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28
[   11.611756] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.612382] flags: 0x200000000000040(head|node=0|zone=2)
[   11.612948] page_type: f5(slab)
[   11.613268] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.613961] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.614231] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.614665] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.615562] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff
[   11.616341] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.617064] page dumped because: kasan: bad access detected
[   11.617248] 
[   11.617319] Memory state around the buggy address:
[   11.617664]  ffff888100a28180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.618254]  ffff888100a28200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.618926] >ffff888100a28280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   11.619575]                                                           ^
[   11.619934]  ffff888100a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.620156]  ffff888100a28380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.620373] ==================================================================

[   11.921960] ==================================================================
[   11.922295] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   11.922619] Write of size 1 at addr ffff888102a060f0 by task kunit_try_catch/177
[   11.922842] 
[   11.922928] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.922971] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.922982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.923003] Call Trace:
[   11.923026]  <TASK>
[   11.923043]  dump_stack_lvl+0x73/0xb0
[   11.923071]  print_report+0xd1/0x610
[   11.923104]  ? __virt_addr_valid+0x1db/0x2d0
[   11.923126]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.923149]  ? kasan_addr_to_slab+0x11/0xa0
[   11.923169]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.923192]  kasan_report+0x141/0x180
[   11.923213]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.923241]  __asan_report_store1_noabort+0x1b/0x30
[   11.923266]  krealloc_more_oob_helper+0x7eb/0x930
[   11.923288]  ? __schedule+0x10cc/0x2b60
[   11.923309]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.923333]  ? finish_task_switch.isra.0+0x153/0x700
[   11.923355]  ? __switch_to+0x47/0xf50
[   11.923380]  ? __schedule+0x10cc/0x2b60
[   11.923400]  ? __pfx_read_tsc+0x10/0x10
[   11.923435]  krealloc_large_more_oob+0x1c/0x30
[   11.923464]  kunit_try_run_case+0x1a5/0x480
[   11.923488]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.923553]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.923576]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.923599]  ? __kthread_parkme+0x82/0x180
[   11.923619]  ? preempt_count_sub+0x50/0x80
[   11.923642]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.923664]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.923689]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.923713]  kthread+0x337/0x6f0
[   11.923731]  ? trace_preempt_on+0x20/0xc0
[   11.923754]  ? __pfx_kthread+0x10/0x10
[   11.923783]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.923804]  ? calculate_sigpending+0x7b/0xa0
[   11.923828]  ? __pfx_kthread+0x10/0x10
[   11.923854]  ret_from_fork+0x116/0x1d0
[   11.923873]  ? __pfx_kthread+0x10/0x10
[   11.923892]  ret_from_fork_asm+0x1a/0x30
[   11.923922]  </TASK>
[   11.923931] 
[   11.932971] The buggy address belongs to the physical page:
[   11.933174] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04
[   11.933421] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.934067] flags: 0x200000000000040(head|node=0|zone=2)
[   11.934627] page_type: f8(unknown)
[   11.934808] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.935215] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.935767] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.937572] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.937819] head: 0200000000000002 ffffea00040a8101 00000000ffffffff 00000000ffffffff
[   11.938065] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.938301] page dumped because: kasan: bad access detected
[   11.938890] 
[   11.939164] Memory state around the buggy address:
[   11.939419]  ffff888102a05f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.939710]  ffff888102a06000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.940000] >ffff888102a06080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   11.940234]                                                              ^
[   11.940563]  ffff888102a06100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.940983]  ffff888102a06180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.941267] ==================================================================
[   11.703718] ==================================================================
[   11.704231] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   11.704606] Write of size 1 at addr ffff8881003488eb by task kunit_try_catch/173
[   11.705138] 
[   11.705242] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.705292] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.705303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.705325] Call Trace:
[   11.705336]  <TASK>
[   11.705354]  dump_stack_lvl+0x73/0xb0
[   11.705388]  print_report+0xd1/0x610
[   11.705411]  ? __virt_addr_valid+0x1db/0x2d0
[   11.705435]  ? krealloc_more_oob_helper+0x821/0x930
[   11.705577]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.705601]  ? krealloc_more_oob_helper+0x821/0x930
[   11.705624]  kasan_report+0x141/0x180
[   11.705646]  ? krealloc_more_oob_helper+0x821/0x930
[   11.705674]  __asan_report_store1_noabort+0x1b/0x30
[   11.705698]  krealloc_more_oob_helper+0x821/0x930
[   11.705720]  ? __schedule+0x10cc/0x2b60
[   11.705742]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.705766]  ? finish_task_switch.isra.0+0x153/0x700
[   11.705789]  ? __switch_to+0x47/0xf50
[   11.705815]  ? __schedule+0x10cc/0x2b60
[   11.705835]  ? __pfx_read_tsc+0x10/0x10
[   11.705859]  krealloc_more_oob+0x1c/0x30
[   11.705880]  kunit_try_run_case+0x1a5/0x480
[   11.705905]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.705926]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.705950]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.705973]  ? __kthread_parkme+0x82/0x180
[   11.705996]  ? preempt_count_sub+0x50/0x80
[   11.706043]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.706066]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.706091]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.706116]  kthread+0x337/0x6f0
[   11.706135]  ? trace_preempt_on+0x20/0xc0
[   11.706158]  ? __pfx_kthread+0x10/0x10
[   11.706177]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.706198]  ? calculate_sigpending+0x7b/0xa0
[   11.706223]  ? __pfx_kthread+0x10/0x10
[   11.706243]  ret_from_fork+0x116/0x1d0
[   11.706261]  ? __pfx_kthread+0x10/0x10
[   11.706281]  ret_from_fork_asm+0x1a/0x30
[   11.706312]  </TASK>
[   11.706322] 
[   11.713904] Allocated by task 173:
[   11.714110]  kasan_save_stack+0x45/0x70
[   11.714269]  kasan_save_track+0x18/0x40
[   11.714403]  kasan_save_alloc_info+0x3b/0x50
[   11.714625]  __kasan_krealloc+0x190/0x1f0
[   11.714827]  krealloc_noprof+0xf3/0x340
[   11.715030]  krealloc_more_oob_helper+0x1a9/0x930
[   11.715260]  krealloc_more_oob+0x1c/0x30
[   11.715463]  kunit_try_run_case+0x1a5/0x480
[   11.715630]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.715870]  kthread+0x337/0x6f0
[   11.715998]  ret_from_fork+0x116/0x1d0
[   11.716143]  ret_from_fork_asm+0x1a/0x30
[   11.716287] 
[   11.716387] The buggy address belongs to the object at ffff888100348800
[   11.716387]  which belongs to the cache kmalloc-256 of size 256
[   11.716948] The buggy address is located 0 bytes to the right of
[   11.716948]  allocated 235-byte region [ffff888100348800, ffff8881003488eb)
[   11.717344] 
[   11.717419] The buggy address belongs to the physical page:
[   11.717840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348
[   11.718198] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.718622] flags: 0x200000000000040(head|node=0|zone=2)
[   11.718803] page_type: f5(slab)
[   11.718929] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.719289] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.719694] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.719962] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.720313] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff
[   11.720625] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.720925] page dumped because: kasan: bad access detected
[   11.721145] 
[   11.721238] Memory state around the buggy address:
[   11.721444]  ffff888100348780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.721701]  ffff888100348800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.721916] >ffff888100348880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   11.722196]                                                           ^
[   11.722493]  ffff888100348900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.722805]  ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.723173] ==================================================================
[   11.905470] ==================================================================
[   11.905946] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930
[   11.906306] Write of size 1 at addr ffff888102a060eb by task kunit_try_catch/177
[   11.906677] 
[   11.906793] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.906840] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.906851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.906883] Call Trace:
[   11.906896]  <TASK>
[   11.906914]  dump_stack_lvl+0x73/0xb0
[   11.906957]  print_report+0xd1/0x610
[   11.906980]  ? __virt_addr_valid+0x1db/0x2d0
[   11.907004]  ? krealloc_more_oob_helper+0x821/0x930
[   11.907040]  ? kasan_addr_to_slab+0x11/0xa0
[   11.907060]  ? krealloc_more_oob_helper+0x821/0x930
[   11.907083]  kasan_report+0x141/0x180
[   11.907114]  ? krealloc_more_oob_helper+0x821/0x930
[   11.907141]  __asan_report_store1_noabort+0x1b/0x30
[   11.907166]  krealloc_more_oob_helper+0x821/0x930
[   11.907199]  ? __schedule+0x10cc/0x2b60
[   11.907221]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.907246]  ? finish_task_switch.isra.0+0x153/0x700
[   11.907268]  ? __switch_to+0x47/0xf50
[   11.907302]  ? __schedule+0x10cc/0x2b60
[   11.907322]  ? __pfx_read_tsc+0x10/0x10
[   11.907356]  krealloc_large_more_oob+0x1c/0x30
[   11.907379]  kunit_try_run_case+0x1a5/0x480
[   11.907403]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.907424]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.907461]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.907485]  ? __kthread_parkme+0x82/0x180
[   11.907505]  ? preempt_count_sub+0x50/0x80
[   11.907527]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.907550]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.907573]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.907596]  kthread+0x337/0x6f0
[   11.907614]  ? trace_preempt_on+0x20/0xc0
[   11.907646]  ? __pfx_kthread+0x10/0x10
[   11.907665]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.907686]  ? calculate_sigpending+0x7b/0xa0
[   11.907720]  ? __pfx_kthread+0x10/0x10
[   11.907740]  ret_from_fork+0x116/0x1d0
[   11.907759]  ? __pfx_kthread+0x10/0x10
[   11.907778]  ret_from_fork_asm+0x1a/0x30
[   11.907807]  </TASK>
[   11.907818] 
[   11.915336] The buggy address belongs to the physical page:
[   11.915606] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04
[   11.915944] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.916175] flags: 0x200000000000040(head|node=0|zone=2)
[   11.916383] page_type: f8(unknown)
[   11.916709] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.917067] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.917291] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   11.917745] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   11.918099] head: 0200000000000002 ffffea00040a8101 00000000ffffffff 00000000ffffffff
[   11.918400] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   11.918733] page dumped because: kasan: bad access detected
[   11.918910] 
[   11.918990] Memory state around the buggy address:
[   11.919225]  ffff888102a05f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.919684]  ffff888102a06000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.919983] >ffff888102a06080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[   11.920247]                                                           ^
[   11.920549]  ffff888102a06100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.920834]  ffff888102a06180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   11.921157] ==================================================================
[   11.725343] ==================================================================
[   11.725891] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930
[   11.726325] Write of size 1 at addr ffff8881003488f0 by task kunit_try_catch/173
[   11.726598] 
[   11.726715] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   11.726762] Tainted: [B]=BAD_PAGE, [N]=TEST
[   11.726773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   11.726796] Call Trace:
[   11.726812]  <TASK>
[   11.726832]  dump_stack_lvl+0x73/0xb0
[   11.726864]  print_report+0xd1/0x610
[   11.726888]  ? __virt_addr_valid+0x1db/0x2d0
[   11.726913]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.726936]  ? kasan_complete_mode_report_info+0x2a/0x200
[   11.726958]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.726981]  kasan_report+0x141/0x180
[   11.727002]  ? krealloc_more_oob_helper+0x7eb/0x930
[   11.727044]  __asan_report_store1_noabort+0x1b/0x30
[   11.727069]  krealloc_more_oob_helper+0x7eb/0x930
[   11.727091]  ? __schedule+0x10cc/0x2b60
[   11.727114]  ? __pfx_krealloc_more_oob_helper+0x10/0x10
[   11.727138]  ? finish_task_switch.isra.0+0x153/0x700
[   11.727163]  ? __switch_to+0x47/0xf50
[   11.727189]  ? __schedule+0x10cc/0x2b60
[   11.727209]  ? __pfx_read_tsc+0x10/0x10
[   11.727249]  krealloc_more_oob+0x1c/0x30
[   11.727270]  kunit_try_run_case+0x1a5/0x480
[   11.727297]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.727318]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   11.727343]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   11.727366]  ? __kthread_parkme+0x82/0x180
[   11.727387]  ? preempt_count_sub+0x50/0x80
[   11.727410]  ? __pfx_kunit_try_run_case+0x10/0x10
[   11.727433]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.727456]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   11.727479]  kthread+0x337/0x6f0
[   11.727498]  ? trace_preempt_on+0x20/0xc0
[   11.727522]  ? __pfx_kthread+0x10/0x10
[   11.727541]  ? _raw_spin_unlock_irq+0x47/0x80
[   11.727562]  ? calculate_sigpending+0x7b/0xa0
[   11.727586]  ? __pfx_kthread+0x10/0x10
[   11.727607]  ret_from_fork+0x116/0x1d0
[   11.727625]  ? __pfx_kthread+0x10/0x10
[   11.727644]  ret_from_fork_asm+0x1a/0x30
[   11.727675]  </TASK>
[   11.727685] 
[   11.735022] Allocated by task 173:
[   11.735207]  kasan_save_stack+0x45/0x70
[   11.735422]  kasan_save_track+0x18/0x40
[   11.735572]  kasan_save_alloc_info+0x3b/0x50
[   11.735720]  __kasan_krealloc+0x190/0x1f0
[   11.735859]  krealloc_noprof+0xf3/0x340
[   11.735994]  krealloc_more_oob_helper+0x1a9/0x930
[   11.736162]  krealloc_more_oob+0x1c/0x30
[   11.736362]  kunit_try_run_case+0x1a5/0x480
[   11.736564]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   11.736813]  kthread+0x337/0x6f0
[   11.736988]  ret_from_fork+0x116/0x1d0
[   11.737178]  ret_from_fork_asm+0x1a/0x30
[   11.737454] 
[   11.737644] The buggy address belongs to the object at ffff888100348800
[   11.737644]  which belongs to the cache kmalloc-256 of size 256
[   11.738068] The buggy address is located 5 bytes to the right of
[   11.738068]  allocated 235-byte region [ffff888100348800, ffff8881003488eb)
[   11.738665] 
[   11.738737] The buggy address belongs to the physical page:
[   11.738992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348
[   11.739325] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   11.739674] flags: 0x200000000000040(head|node=0|zone=2)
[   11.739901] page_type: f5(slab)
[   11.740063] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.740338] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.740696] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000
[   11.741027] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   11.741329] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff
[   11.741653] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   11.741959] page dumped because: kasan: bad access detected
[   11.742193] 
[   11.742290] Memory state around the buggy address:
[   11.742499]  ffff888100348780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.742795]  ffff888100348800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   11.743089] >ffff888100348880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   11.743302]                                                              ^
[   11.743716]  ffff888100348900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.744036]  ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   11.744318] ==================================================================