[ 2506.637241] Running test [R:13211746 T:10 - KUNIT - Kernel: 5.14.0-232.1873_744855668.el9.x86_64+debug]
[ 2518.351907] # Subtest: bitfields
[ 2518.351918] 1..2
[ 2518.377993] ok 1 - test_bitfields_constants
[ 2518.380026] ok 2 - test_bitfields_variables
[ 2518.380639] ok 1 - bitfields
[ 2519.026863] # Subtest: cmdline
[ 2519.026876] 1..4
[ 2519.028455] ok 1 - cmdline_test_noint
[ 2519.029277] ok 2 - cmdline_test_lead_int
[ 2519.030297] ok 3 - cmdline_test_tail_int
[ 2519.031356] ok 4 - cmdline_test_range
[ 2519.032007] ok 2 - cmdline
[ 2519.670685] # Subtest: ext4_inode_test
[ 2519.670697] 1..1
[ 2519.671832] # inode_test_xtimestamp_decoding: ok 1 - 1901-12-13 Lower bound of 32bit < 0 timestamp, no extra bits
[ 2519.673552] # inode_test_xtimestamp_decoding: ok 2 - 1969-12-31 Upper bound of 32bit < 0 timestamp, no extra bits
[ 2519.675629] # inode_test_xtimestamp_decoding: ok 3 - 1970-01-01 Lower bound of 32bit >=0 timestamp, no extra bits
[ 2519.678040] # inode_test_xtimestamp_decoding: ok 4 - 2038-01-19 Upper bound of 32bit >=0 timestamp, no extra bits
[ 2519.679834] # inode_test_xtimestamp_decoding: ok 5 - 2038-01-19 Lower bound of 32bit <0 timestamp, lo extra sec bit on
[ 2519.682102] # inode_test_xtimestamp_decoding: ok 6 - 2106-02-07 Upper bound of 32bit <0 timestamp, lo extra sec bit on
[ 2519.683910] # inode_test_xtimestamp_decoding: ok 7 - 2106-02-07 Lower bound of 32bit >=0 timestamp, lo extra sec bit on
[ 2519.685953] # inode_test_xtimestamp_decoding: ok 8 - 2174-02-25 Upper bound of 32bit >=0 timestamp, lo extra sec bit on
[ 2519.687899] # inode_test_xtimestamp_decoding: ok 9 - 2174-02-25 Lower bound of 32bit <0 timestamp, hi extra sec bit on
[ 2519.689823] # inode_test_xtimestamp_decoding: ok 10 - 2242-03-16 Upper bound of 32bit <0 timestamp, hi extra sec bit on
[ 2519.691750] # inode_test_xtimestamp_decoding: ok 11 - 2242-03-16 Lower bound of 32bit >=0 timestamp, hi extra sec bit on
[ 2519.693964] # inode_test_xtimestamp_decoding: ok 12 - 2310-04-04 Upper bound of 32bit >=0 timestamp, hi extra sec bit on
[ 2519.695708] # inode_test_xtimestamp_decoding: ok 13 - 2310-04-04 Upper bound of 32bit>=0 timestamp, hi extra sec bit 1. 1 ns
[ 2519.697487] # inode_test_xtimestamp_decoding: ok 14 - 2378-04-22 Lower bound of 32bit>= timestamp. Extra sec bits 1. Max ns
[ 2519.699997] # inode_test_xtimestamp_decoding: ok 15 - 2378-04-22 Lower bound of 32bit >=0 timestamp. All extra sec bits on
[ 2519.701773] # inode_test_xtimestamp_decoding: ok 16 - 2446-05-10 Upper bound of 32bit >=0 timestamp. All extra sec bits on
[ 2519.703134] ok 1 - inode_test_xtimestamp_decoding
[ 2519.704513] ok 3 - ext4_inode_test
[ 2520.955729] # Subtest: kunit-try-catch-test
[ 2520.955740] 1..2
[ 2520.957135] ok 1 - kunit_test_try_catch_successful_try_no_catch
[ 2520.958409] ok 2 - kunit_test_try_catch_unsuccessful_try_does_catch
[ 2520.959123] ok 4 - kunit-try-catch-test
[ 2520.962098] # Subtest: kunit-resource-test
[ 2520.962105] 1..7
[ 2520.963227] ok 1 - kunit_resource_test_init_resources
[ 2520.964569] ok 2 - kunit_resource_test_alloc_resource
[ 2520.965816] ok 3 - kunit_resource_test_destroy_resource
[ 2520.966871] ok 4 - kunit_resource_test_cleanup_resources
[ 2520.968682] ok 5 - kunit_resource_test_proper_free_ordering
[ 2520.970016] ok 6 - kunit_resource_test_static
[ 2520.971585] ok 7 - kunit_resource_test_named
[ 2520.972134] ok 5 - kunit-resource-test
[ 2520.974477] # Subtest: kunit-log-test
[ 2520.974485] 1..1
[ 2520.975246] put this in log.
[ 2520.975679] this too.
[ 2520.976022] add to suite log.
[ 2520.976331] along with this.
[ 2520.977030] ok 1 - kunit_log_test
[ 2520.977612] ok 6 - kunit-log-test
[ 2520.979962] # Subtest: kunit_status
[ 2520.979971] 1..2
[ 2520.982029] ok 1 - kunit_status_set_failure_test
[ 2520.982694] ok 2 - kunit_status_mark_skipped_test
[ 2520.983356] ok 7 - kunit_status
[ 2521.138403] # Subtest: rtc_lib_test_cases
[ 2521.138414] 1..1
[ 2526.279360] ok 1 - rtc_time64_to_tm_test_date_range
[ 2526.279726] ok 8 - rtc_lib_test_cases
[ 2526.532350] # Subtest: list-kunit-test
[ 2526.532360] 1..36
[ 2526.533464] ok 1 - list_test_list_init
[ 2526.534451] ok 2 - list_test_list_add
[ 2526.535621] ok 3 - list_test_list_add_tail
[ 2526.537068] ok 4 - list_test_list_del
[ 2526.538199] ok 5 - list_test_list_replace
[ 2526.539297] ok 6 - list_test_list_replace_init
[ 2526.540472] ok 7 - list_test_list_swap
[ 2526.542253] ok 8 - list_test_list_del_init
[ 2526.543377] ok 9 - list_test_list_move
[ 2526.544424] ok 10 - list_test_list_move_tail
[ 2526.546433] ok 11 - list_test_list_bulk_move_tail
[ 2526.547441] ok 12 - list_test_list_is_first
[ 2526.548976] ok 13 - list_test_list_is_last
[ 2526.549800] ok 14 - list_test_list_empty
[ 2526.551153] ok 15 - list_test_list_empty_careful
[ 2526.552292] ok 16 - list_test_list_rotate_left
[ 2526.553349] ok 17 - list_test_list_rotate_to_front
[ 2526.554724] ok 18 - list_test_list_is_singular
[ 2526.556119] ok 19 - list_test_list_cut_position
[ 2526.559359] ok 20 - list_test_list_cut_before
[ 2526.560593] ok 21 - list_test_list_splice
[ 2526.561782] ok 22 - list_test_list_splice_tail
[ 2526.563257] ok 23 - list_test_list_splice_init
[ 2526.564298] ok 24 - list_test_list_splice_tail_init
[ 2526.565997] ok 25 - list_test_list_entry
[ 2526.567046] ok 26 - list_test_list_first_entry
[ 2526.568011] ok 27 - list_test_list_last_entry
[ 2526.569007] ok 28 - list_test_list_first_entry_or_null
[ 2526.570009] ok 29 - list_test_list_next_entry
[ 2526.571052] ok 30 - list_test_list_prev_entry
[ 2526.572010] ok 31 - list_test_list_for_each
[ 2526.572988] ok 32 - list_test_list_for_each_prev
[ 2526.573988] ok 33 - list_test_list_for_each_safe
[ 2526.575005] ok 34 - list_test_list_for_each_prev_safe
[ 2526.575989] ok 35 - list_test_list_for_each_entry
[ 2526.577028] ok 36 - list_test_list_for_each_entry_reverse
[ 2526.577606] ok 9 - list-kunit-test
[ 2526.728413] # Subtest: memcpy
[ 2526.728424] 1..4
[ 2526.729409] # memset_test: ok: memset() direct assignment
[ 2526.730386] # memset_test: ok: memset() complete overwrite
[ 2526.731065] # memset_test: ok: memset() middle overwrite
[ 2526.731700] # memset_test: ok: memset() argument side-effects
[ 2526.732409] # memset_test: ok: memset() memset_after()
[ 2526.733046] # memset_test: ok: memset() memset_startat()
[ 2526.734650] ok 1 - memset_test
[ 2526.734947] # memcpy_test: ok: memcpy() static initializers
[ 2526.736063] # memcpy_test: ok: memcpy() direct assignment
[ 2526.736704] # memcpy_test: ok: memcpy() complete overwrite
[ 2526.737390] # memcpy_test: ok: memcpy() middle overwrite
[ 2526.738048] # memcpy_test: ok: memcpy() argument side-effects
[ 2526.739581] ok 2 - memcpy_test
[ 2526.740663] # memmove_test: ok: memmove() static initializers
[ 2526.741812] # memmove_test: ok: memmove() direct assignment
[ 2526.742480] # memmove_test: ok: memmove() complete overwrite
[ 2526.743183] # memmove_test: ok: memmove() middle overwrite
[ 2526.743867] # memmove_test: ok: memmove() argument side-effects
[ 2526.744564] # memmove_test: ok: memmove() overlapping write
[ 2526.746287] ok 3 - memmove_test
[ 2526.746622] ok 4 - strtomem_test
[ 2526.747236] ok 10 - memcpy
[ 2526.913635] # Subtest: mptcp-crypto
[ 2526.913646] 1..1
[ 2526.920854] ok 1 - mptcp_crypto_test_basic
[ 2526.921149] ok 11 - mptcp-crypto
[ 2527.078119] # Subtest: mptcp-token
[ 2527.078130] 1..4
[ 2527.079290] ok 1 - mptcp_token_test_req_basic
[ 2527.080238] ok 2 - mptcp_token_test_msk_basic
[ 2527.081213] ok 3 - mptcp_token_test_accept
[ 2527.082472] ok 4 - mptcp_token_test_destroyed
[ 2527.083132] ok 12 - mptcp-token
[ 2527.473136] # Subtest: rational
[ 2527.473147] 1..1
[ 2527.474162] # rational_test: ok 1 - Exceeds bounds, semi-convergent term > 1/2 last term
[ 2527.474783] # rational_test: ok 2 - Exceeds bounds, semi-convergent term < 1/2 last term
[ 2527.476443] # rational_test: ok 3 - Closest to zero
[ 2527.478070] # rational_test: ok 4 - Closest to smallest non-zero
[ 2527.479319] # rational_test: ok 5 - Use convergent
[ 2527.480425] # rational_test: ok 6 - Exact answer
[ 2527.481956] # rational_test: ok 7 - Semiconvergent, numerator limit
[ 2527.483207] # rational_test: ok 8 - Semiconvergent, denominator limit
[ 2527.484093] ok 1 - rational_test
[ 2527.484876] ok 13 - rational
[ 2527.625551] # Subtest: resource
[ 2527.625562] 1..2
[ 2527.626564] ok 1 - resource_test_union
[ 2527.627404] ok 2 - resource_test_intersection
[ 2527.627949] ok 14 - resource
[ 2527.781841] # Subtest: slub_test
[ 2527.781853] 1..2
[ 2527.796766] ok 1 - test_clobber_zone
[ 2527.807196] ok 2 - test_clobber_redzone_free
[ 2527.807690] ok 15 - slub_test
[ 2528.440521] # Subtest: snd_soc_tplg_test
[ 2528.440532] 1..11
[ 2528.445459] ok 1 - snd_soc_tplg_test_load_with_null_comp
[ 2528.448264] ok 2 - snd_soc_tplg_test_load_with_null_ops
[ 2528.452351] ok 3 - snd_soc_tplg_test_load_with_null_fw
[ 2528.456366] ok 4 - snd_soc_tplg_test_load_empty_tplg
[ 2528.460361] ok 5 - snd_soc_tplg_test_load_empty_tplg_bad_magic
[ 2528.464379] ok 6 - snd_soc_tplg_test_load_empty_tplg_bad_abi
[ 2528.468362] ok 7 - snd_soc_tplg_test_load_empty_tplg_bad_size
[ 2528.472314] ok 8 - snd_soc_tplg_test_load_empty_tplg_bad_payload_size
[ 2528.475196] ok 9 - snd_soc_tplg_test_load_pcm_tplg
[ 2528.478404] ok 10 - snd_soc_tplg_test_load_pcm_tplg_reload_comp
[ 2528.482816] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2528.487033] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2528.540619] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2528.545838] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2528.575160] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2528.580549] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2528.614503] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2528.623565] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2528.656075] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2528.662983] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2528.712416] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2528.720863] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2528.756331] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2528.763144] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2528.798431] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2528.804044] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2528.837617] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2528.847735] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2528.881522] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2528.887383] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2528.925025] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2528.929275] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2528.957133] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2528.969378] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.003880] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.007425] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.040263] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.045501] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.076441] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.085100] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.111087] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.118519] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.152244] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.156437] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.182335] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.192058] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.228759] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.232511] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.261427] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.265485] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.306529] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.316380] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.347789] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.352424] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.387086] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.389450] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.418896] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.429802] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.457876] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.468622] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.499805] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.502066] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.531491] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.540474] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.576016] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.580406] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.608020] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.612467] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.658423] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.687505] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.717751] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.722415] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.751274] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.755453] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.794306] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.802521] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.835165] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.839410] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.876002] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.878296] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.911938] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.922754] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.959215] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.961419] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2529.994779] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2529.998416] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.026473] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.033482] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.067408] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.073507] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.106684] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.110392] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.152472] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.158446] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.192470] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.197449] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.225430] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.230918] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.267490] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.276904] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.301985] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.307285] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.331318] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.336332] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.364320] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.368392] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.401283] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.406352] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.444870] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.448447] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.475265] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.480442] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.509351] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.514418] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.552116] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.556391] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.585424] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.590592] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.620047] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.624350] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.653213] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.657361] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.687157] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.692467] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.735108] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.737306] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.767813] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.772339] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.809279] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.813330] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.846766] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.851366] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.882788] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.888706] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.917191] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.922345] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.949129] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.954389] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2530.983322] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2530.987354] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.021281] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.029743] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.057121] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.062370] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.094929] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.100326] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.139673] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.143301] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.173824] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.180337] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.215871] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.220848] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.249361] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.253294] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.281167] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.285282] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.320885] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.326267] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.360824] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.366132] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.395590] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.400319] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.429675] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.434314] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.464188] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.468282] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.501304] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.512669] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.540058] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.542261] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.572837] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.576269] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.606913] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.611300] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.641587] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.645355] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.678299] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.684333] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.723316] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.731325] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.761798] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.766367] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.795986] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.800310] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.830846] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.842227] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.874126] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.878285] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.908763] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.912280] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.942353] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.948660] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2531.976191] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2531.980354] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2532.010861] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2532.015248] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2532.051745] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2532.055215] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2532.084275] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2532.088251] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2532.118779] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2532.122220] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2532.149116] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2532.157316] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2532.187964] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2532.193173] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2532.220328] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2532.222309] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2532.249915] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2532.254172] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2532.285057] ok 11 - snd_soc_tplg_test_load_pcm_tplg_reload_card
[ 2532.285067] ok 16 - snd_soc_tplg_test
[ 2532.639125] # Subtest: soc-utils
[ 2532.639136] 1..1
[ 2532.643558] ok 1 - test_tdm_params_to_bclk
[ 2532.643879] ok 17 - soc-utils
[ 2533.523010] # Subtest: sysctl_test
[ 2533.523020] 1..10
[ 2533.526459] ok 1 - sysctl_test_api_dointvec_null_tbl_data
[ 2533.530214] ok 2 - sysctl_test_api_dointvec_table_maxlen_unset
[ 2533.532414] ok 3 - sysctl_test_api_dointvec_table_len_is_zero
[ 2533.535432] ok 4 - sysctl_test_api_dointvec_table_read_but_position_set
[ 2533.538454] ok 5 - sysctl_test_dointvec_read_happy_single_positive
[ 2533.541436] ok 6 - sysctl_test_dointvec_read_happy_single_negative
[ 2533.544465] ok 7 - sysctl_test_dointvec_write_happy_single_positive
[ 2533.547444] ok 8 - sysctl_test_dointvec_write_happy_single_negative
[ 2533.550487] ok 9 - sysctl_test_api_dointvec_write_single_less_int_min
[ 2533.554906] ok 10 - sysctl_test_api_dointvec_write_single_greater_int_max
[ 2533.555912] ok 18 - sysctl_test
[ 2533.915219] # Subtest: bits-test
[ 2533.915379] 1..3
[ 2533.917363] ok 1 - genmask_test
[ 2533.921904] ok 2 - genmask_ull_test
[ 2533.924376] ok 3 - genmask_input_check_test
[ 2533.924862] ok 19 - bits-test
[ 2535.359742] # Subtest: kasan
[ 2535.359755] 1..55
[ 2535.370320] ==================================================================
[ 2535.371314] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 2535.372110] Write of size 1 at addr ffff8880669b8573 by task kunit_try_catch/48230
[ 2535.372857]
[ 2535.373030] CPU: 0 PID: 48230 Comm: kunit_try_catch Kdump: loaded Not tainted 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.374109] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.374691] Call Trace:
[ 2535.374948]
[ 2535.375181] ? kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 2535.375720] dump_stack_lvl+0x57/0x81
[ 2535.376098] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.376679] ? kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 2535.377221] print_report.cold+0x5c/0x237
[ 2535.377631] kasan_report+0xc9/0x100
[ 2535.377998] ? kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 2535.378540] kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 2535.379065] ? kmalloc_oob_left+0x2e0/0x2e0 [test_kasan]
[ 2535.379600] ? lockdep_hardirqs_on_prepare.part.0+0x18c/0x370
[ 2535.380181] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.380738] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.381256] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.381751] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.382261] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.382896] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.383449] kthread+0x2a4/0x350
[ 2535.383838] ? kthread_complete_and_exit+0x20/0x20
[ 2535.384458] ret_from_fork+0x1f/0x30
[ 2535.384926]
[ 2535.385219]
[ 2535.385438] Allocated by task 48230:
[ 2535.385890] kasan_save_stack+0x1e/0x40
[ 2535.386364] __kasan_kmalloc+0x81/0xa0
[ 2535.386855] kmalloc_oob_right+0x98/0x510 [test_kasan]
[ 2535.387503] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.388185] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.388939] kthread+0x2a4/0x350
[ 2535.389351] ret_from_fork+0x1f/0x30
[ 2535.389760]
[ 2535.389943] The buggy address belongs to the object at ffff8880669b8500
[ 2535.389943] which belongs to the cache kmalloc-128 of size 128
[ 2535.391238] The buggy address is located 115 bytes inside of
[ 2535.391238] 128-byte region [ffff8880669b8500, ffff8880669b8580)
[ 2535.392463]
[ 2535.392646] The buggy address belongs to the physical page:
[ 2535.393233] page:00000000701d0cf4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x669b8
[ 2535.394204] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.394930] raw: 000fffffc0000200 ffffea0000090980 dead000000000007 ffff8880010418c0
[ 2535.395745] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2535.396560] page dumped because: kasan: bad access detected
[ 2535.397149]
[ 2535.397335] Memory state around the buggy address:
[ 2535.397849] ffff8880669b8400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2535.398611] ffff8880669b8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.399376] >ffff8880669b8500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[ 2535.400139] ^
[ 2535.400865] ffff8880669b8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.401631] ffff8880669b8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2535.402395] ==================================================================
[ 2535.403249] Disabling lock debugging due to kernel taint
[ 2535.403816] ==================================================================
[ 2535.404583] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 2535.405433] Write of size 1 at addr ffff8880669b8578 by task kunit_try_catch/48230
[ 2535.406233]
[ 2535.406416] CPU: 0 PID: 48230 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.407830] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.408453] Call Trace:
[ 2535.408729]
[ 2535.408971] ? kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 2535.409550] dump_stack_lvl+0x57/0x81
[ 2535.409951] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.410566] ? kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 2535.411146] print_report.cold+0x5c/0x237
[ 2535.411581] kasan_report+0xc9/0x100
[ 2535.411976] ? kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 2535.412563] kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 2535.413121] ? kmalloc_oob_left+0x2e0/0x2e0 [test_kasan]
[ 2535.413696] ? lockdep_hardirqs_on_prepare.part.0+0x18c/0x370
[ 2535.414321] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.414914] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.415463] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.415985] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.416532] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.417181] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.417731] kthread+0x2a4/0x350
[ 2535.418087] ? kthread_complete_and_exit+0x20/0x20
[ 2535.418614] ret_from_fork+0x1f/0x30
[ 2535.419013]
[ 2535.419267]
[ 2535.419451] Allocated by task 48230:
[ 2535.419839] kasan_save_stack+0x1e/0x40
[ 2535.420265] __kasan_kmalloc+0x81/0xa0
[ 2535.420670] kmalloc_oob_right+0x98/0x510 [test_kasan]
[ 2535.421222] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.421747] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.422394] kthread+0x2a4/0x350
[ 2535.422751] ret_from_fork+0x1f/0x30
[ 2535.423144]
[ 2535.423326] The buggy address belongs to the object at ffff8880669b8500
[ 2535.423326] which belongs to the cache kmalloc-128 of size 128
[ 2535.424626] The buggy address is located 120 bytes inside of
[ 2535.424626] 128-byte region [ffff8880669b8500, ffff8880669b8580)
[ 2535.425842]
[ 2535.426024] The buggy address belongs to the physical page:
[ 2535.426626] page:00000000701d0cf4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x669b8
[ 2535.427596] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.428328] raw: 000fffffc0000200 ffffea0000090980 dead000000000007 ffff8880010418c0
[ 2535.429144] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2535.429952] page dumped because: kasan: bad access detected
[ 2535.430551]
[ 2535.430733] Memory state around the buggy address:
[ 2535.431248] ffff8880669b8400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2535.432003] ffff8880669b8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.432765] >ffff8880669b8500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[ 2535.433526] ^
[ 2535.434289] ffff8880669b8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.435048] ffff8880669b8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2535.435808] ==================================================================
[ 2535.436654] ==================================================================
[ 2535.437383] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 2535.438188] Read of size 1 at addr ffff8880669b8580 by task kunit_try_catch/48230
[ 2535.438929]
[ 2535.439104] CPU: 0 PID: 48230 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.440456] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.441036] Call Trace:
[ 2535.441301]
[ 2535.441530] ? kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 2535.442076] dump_stack_lvl+0x57/0x81
[ 2535.442458] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.443040] ? kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 2535.443589] print_report.cold+0x5c/0x237
[ 2535.444003] kasan_report+0xc9/0x100
[ 2535.444378] ? kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 2535.444921] kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 2535.445448] ? kmalloc_oob_left+0x2e0/0x2e0 [test_kasan]
[ 2535.445983] ? lockdep_hardirqs_on_prepare.part.0+0x18c/0x370
[ 2535.446565] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.447122] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.447643] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.448136] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.448644] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.449258] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.449772] kthread+0x2a4/0x350
[ 2535.450109] ? kthread_complete_and_exit+0x20/0x20
[ 2535.450596] ret_from_fork+0x1f/0x30
[ 2535.450971]
[ 2535.451208]
[ 2535.451380] Allocated by task 48230:
[ 2535.451744] kasan_save_stack+0x1e/0x40
[ 2535.452135] __kasan_kmalloc+0x81/0xa0
[ 2535.452519] kmalloc_oob_right+0x98/0x510 [test_kasan]
[ 2535.453032] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.453527] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.454134] kthread+0x2a4/0x350
[ 2535.454469] ret_from_fork+0x1f/0x30
[ 2535.454836]
[ 2535.455009] The buggy address belongs to the object at ffff8880669b8500
[ 2535.455009] which belongs to the cache kmalloc-128 of size 128
[ 2535.456219] The buggy address is located 0 bytes to the right of
[ 2535.456219] 128-byte region [ffff8880669b8500, ffff8880669b8580)
[ 2535.457385]
[ 2535.457557] The buggy address belongs to the physical page:
[ 2535.458110] page:00000000701d0cf4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x669b8
[ 2535.459019] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.459697] raw: 000fffffc0000200 ffffea0000090980 dead000000000007 ffff8880010418c0
[ 2535.460457] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2535.461218] page dumped because: kasan: bad access detected
[ 2535.461767]
[ 2535.461939] Memory state around the buggy address:
[ 2535.462426] ffff8880669b8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.463140] ffff8880669b8500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[ 2535.463849] >ffff8880669b8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.464563] ^
[ 2535.464895] ffff8880669b8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2535.465614] ffff8880669b8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.466329] ==================================================================
[ 2535.467085] ok 1 - kmalloc_oob_right
[ 2535.470295] ==================================================================
[ 2535.471490] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 2535.472296] Read of size 1 at addr ffff88807dea6cdf by task kunit_try_catch/48231
[ 2535.473041]
[ 2535.473218] CPU: 0 PID: 48231 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.474555] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.475139] Call Trace:
[ 2535.475400]
[ 2535.475629] ? kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 2535.476167] dump_stack_lvl+0x57/0x81
[ 2535.476549] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.477136] ? kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 2535.477674] print_report.cold+0x5c/0x237
[ 2535.478086] kasan_report+0xc9/0x100
[ 2535.478462] ? kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 2535.479000] kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 2535.479521] ? kmalloc_pagealloc_oob_right+0x290/0x290 [test_kasan]
[ 2535.480152] ? do_raw_spin_trylock+0xb5/0x180
[ 2535.480604] ? do_raw_spin_lock+0x270/0x270
[ 2535.481033] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.481596] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.482108] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.482606] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.483115] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.483725] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.484243] kthread+0x2a4/0x350
[ 2535.484580] ? kthread_complete_and_exit+0x20/0x20
[ 2535.485067] ret_from_fork+0x1f/0x30
[ 2535.485448]
[ 2535.485683]
[ 2535.485855] Allocated by task 0:
[ 2535.486197] (stack is not available)
[ 2535.486563]
[ 2535.486736] The buggy address belongs to the object at ffff88807dea6cc0
[ 2535.486736] which belongs to the cache kmalloc-16 of size 16
[ 2535.487932] The buggy address is located 15 bytes to the right of
[ 2535.487932] 16-byte region [ffff88807dea6cc0, ffff88807dea6cd0)
[ 2535.489104]
[ 2535.491159] The buggy address belongs to the physical page:
[ 2535.491710] page:00000000ffb92960 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7dea6
[ 2535.492617] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.493298] raw: 000fffffc0000200 dead000000000100 dead000000000122 ffff8880010413c0
[ 2535.494057] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2535.494820] page dumped because: kasan: bad access detected
[ 2535.495374]
[ 2535.495545] Memory state around the buggy address:
[ 2535.496024] ffff88807dea6b80: 00 00 fc fc fb fb fc fc 00 00 fc fc fb fb fc fc
[ 2535.496737] ffff88807dea6c00: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 2535.497455] >ffff88807dea6c80: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 07 fc fc
[ 2535.498167] ^
[ 2535.498770] ffff88807dea6d00: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 2535.499483] ffff88807dea6d80: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 2535.500194] ==================================================================
[ 2535.501067] ok 2 - kmalloc_oob_left
[ 2535.503652] ==================================================================
[ 2535.504795] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 2535.505652] Read of size 1 at addr ffff88807b40d000 by task kunit_try_catch/48232
[ 2535.506405]
[ 2535.506578] CPU: 0 PID: 48232 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.507977] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.508566] Call Trace:
[ 2535.508826]
[ 2535.509053] ? kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 2535.509643] dump_stack_lvl+0x57/0x81
[ 2535.510020] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.510657] ? kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 2535.511286] print_report.cold+0x5c/0x237
[ 2535.511719] kasan_report+0xc9/0x100
[ 2535.512088] ? kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 2535.512686] kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 2535.513263] ? pagealloc_uaf+0x2f0/0x2f0 [test_kasan]
[ 2535.513773] ? do_raw_spin_trylock+0xb5/0x180
[ 2535.514223] ? do_raw_spin_lock+0x270/0x270
[ 2535.514653] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.515215] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.515729] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.516229] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.516740] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.517352] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.517869] kthread+0x2a4/0x350
[ 2535.518212] ? kthread_complete_and_exit+0x20/0x20
[ 2535.518698] ret_from_fork+0x1f/0x30
[ 2535.519075]
[ 2535.519315]
[ 2535.519488] Allocated by task 48232:
[ 2535.519855] kasan_save_stack+0x1e/0x40
[ 2535.520259] __kasan_kmalloc+0x81/0xa0
[ 2535.520641] kmalloc_node_oob_right+0x9a/0x2e0 [test_kasan]
[ 2535.521202] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.521695] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.522309] kthread+0x2a4/0x350
[ 2535.522646] ret_from_fork+0x1f/0x30
[ 2535.523015]
[ 2535.523189] The buggy address belongs to the object at ffff88807b40c000
[ 2535.523189] which belongs to the cache kmalloc-4k of size 4096
[ 2535.524406] The buggy address is located 0 bytes to the right of
[ 2535.524406] 4096-byte region [ffff88807b40c000, ffff88807b40d000)
[ 2535.525593]
[ 2535.525764] The buggy address belongs to the physical page:
[ 2535.526319] page:0000000027bfa70e refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b408
[ 2535.527232] head:0000000027bfa70e order:3 compound_mapcount:0 compound_pincount:0
[ 2535.527972] flags: 0xfffffc0010200(slab|head|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.528702] raw: 000fffffc0010200 0000000000000000 dead000000000001 ffff888001042140
[ 2535.529465] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000
[ 2535.530228] page dumped because: kasan: bad access detected
[ 2535.530781]
[ 2535.530954] Memory state around the buggy address:
[ 2535.531440] ffff88807b40cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.532156] ffff88807b40cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.532868] >ffff88807b40d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.533585] ^
[ 2535.533922] ffff88807b40d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.534641] ffff88807b40d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.535356] ==================================================================
[ 2535.536333] ok 3 - kmalloc_node_oob_right
[ 2535.538473] ==================================================================
[ 2535.539658] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 2535.540556] Write of size 1 at addr ffff88806761200a by task kunit_try_catch/48233
[ 2535.541302]
[ 2535.541474] CPU: 0 PID: 48233 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.542803] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.543379] Call Trace:
[ 2535.543636]
[ 2535.543864] ? kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 2535.544492] dump_stack_lvl+0x57/0x81
[ 2535.544868] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.545453] ? kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 2535.546074] print_report.cold+0x5c/0x237
[ 2535.546488] kasan_report+0xc9/0x100
[ 2535.546857] ? kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 2535.547486] kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 2535.548095] ? kmalloc_pagealloc_uaf+0x280/0x280 [test_kasan]
[ 2535.548676] ? do_raw_spin_trylock+0xb5/0x180
[ 2535.549125] ? do_raw_spin_lock+0x270/0x270
[ 2535.549558] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.550115] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.550635] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.551132] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.551644] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.552257] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.552774] kthread+0x2a4/0x350
[ 2535.553110] ? kthread_complete_and_exit+0x20/0x20
[ 2535.553602] ret_from_fork+0x1f/0x30
[ 2535.553980]
[ 2535.554219]
[ 2535.554392] The buggy address belongs to the physical page:
[ 2535.554942] page:000000003421bba9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x67610
[ 2535.555856] head:000000003421bba9 order:2 compound_mapcount:0 compound_pincount:0
[ 2535.556605] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.557285] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2535.558043] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2535.558803] page dumped because: kasan: bad access detected
[ 2535.559425]
[ 2535.559609] Memory state around the buggy address:
[ 2535.560127] ffff888067611f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.560867] ffff888067611f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.561582] >ffff888067612000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2535.562300] ^
[ 2535.562657] ffff888067612080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2535.563372] ffff888067612100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2535.564083] ==================================================================
[ 2535.564884] ok 4 - kmalloc_pagealloc_oob_right
[ 2535.566312] ==================================================================
[ 2535.567538] BUG: KASAN: use-after-free in kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 2535.568362] Read of size 1 at addr ffff888067610000 by task kunit_try_catch/48234
[ 2535.569108]
[ 2535.569285] CPU: 0 PID: 48234 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.570630] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.571212] Call Trace:
[ 2535.571473]
[ 2535.571704] ? kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 2535.572295] dump_stack_lvl+0x57/0x81
[ 2535.572675] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.573260] ? kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 2535.573921] print_report.cold+0x5c/0x237
[ 2535.574364] kasan_report+0xc9/0x100
[ 2535.574758] ? kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 2535.575378] kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 2535.575974] ? kmalloc_pagealloc_invalid_free+0x250/0x250 [test_kasan]
[ 2535.576672] ? do_raw_spin_trylock+0xb5/0x180
[ 2535.577152] ? do_raw_spin_lock+0x270/0x270
[ 2535.577610] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.578211] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.578760] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.579293] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.579836] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.580491] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.581042] kthread+0x2a4/0x350
[ 2535.581404] ? kthread_complete_and_exit+0x20/0x20
[ 2535.581924] ret_from_fork+0x1f/0x30
[ 2535.582333]
[ 2535.582583]
[ 2535.582768] The buggy address belongs to the physical page:
[ 2535.583361] page:000000003421bba9 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x67610
[ 2535.584338] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.585023] raw: 000fffffc0000000 ffffea0001a3c108 ffff88808a400270 0000000000000000
[ 2535.585839] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 2535.586657] page dumped because: kasan: bad access detected
[ 2535.587250]
[ 2535.587435] Memory state around the buggy address:
[ 2535.587948] ffff88806760ff00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[ 2535.588709] ffff88806760ff80: 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc
[ 2535.589475] >ffff888067610000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2535.590239] ^
[ 2535.590596] ffff888067610080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2535.591361] ffff888067610100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2535.592124] ==================================================================
[ 2535.592944] ok 5 - kmalloc_pagealloc_uaf
[ 2535.594146] ==================================================================
[ 2535.595395] BUG: KASAN: double-free or invalid-free in kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 2535.596457]
[ 2535.596643] CPU: 0 PID: 48235 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.598078] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.598704] Call Trace:
[ 2535.598983]
[ 2535.599231] dump_stack_lvl+0x57/0x81
[ 2535.599634] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.600255] print_report.cold+0x5c/0x237
[ 2535.600688] ? kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 2535.601384] ? kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 2535.602074] kasan_report_invalid_free+0x99/0xc0
[ 2535.602580] ? kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 2535.603271] kfree+0x2ab/0x3c0
[ 2535.603620] kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 2535.604295] ? kmalloc_large_oob_right+0x2b0/0x2b0 [test_kasan]
[ 2535.604926] ? do_raw_spin_trylock+0xb5/0x180
[ 2535.605406] ? do_raw_spin_lock+0x270/0x270
[ 2535.605860] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.606459] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.607005] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.607533] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.608076] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.608732] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.609286] kthread+0x2a4/0x350
[ 2535.609645] ? kthread_complete_and_exit+0x20/0x20
[ 2535.610163] ret_from_fork+0x1f/0x30
[ 2535.610565]
[ 2535.610815]
[ 2535.610999] The buggy address belongs to the physical page:
[ 2535.611589] page:000000003421bba9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x67610
[ 2535.612557] head:000000003421bba9 order:2 compound_mapcount:0 compound_pincount:0
[ 2535.613344] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.614067] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2535.614881] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2535.615693] page dumped because: kasan: bad access detected
[ 2535.616284]
[ 2535.616468] Memory state around the buggy address:
[ 2535.616983] ffff88806760ff00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[ 2535.617771] ffff88806760ff80: 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc
[ 2535.618644] >ffff888067610000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.619475] ^
[ 2535.619844] ffff888067610080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.622614] ffff888067610100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.623377] ==================================================================
[ 2535.624186] ok 6 - kmalloc_pagealloc_invalid_free
[ 2535.625579] ok 7 - pagealloc_oob_right # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 2535.627176] ==================================================================
[ 2535.628787] BUG: KASAN: use-after-free in pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 2535.629574] Read of size 1 at addr ffff888059870000 by task kunit_try_catch/48237
[ 2535.630367]
[ 2535.630552] CPU: 0 PID: 48237 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.631969] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.632586] Call Trace:
[ 2535.632860]
[ 2535.633104] ? pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 2535.633651] dump_stack_lvl+0x57/0x81
[ 2535.634053] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.634675] ? pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 2535.635220] print_report.cold+0x5c/0x237
[ 2535.635655] kasan_report+0xc9/0x100
[ 2535.636051] ? pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 2535.636598] pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 2535.637129] ? krealloc_more_oob+0x10/0x10 [test_kasan]
[ 2535.637687] ? do_raw_spin_trylock+0xb5/0x180
[ 2535.638163] ? do_raw_spin_lock+0x270/0x270
[ 2535.638618] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.639215] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.639762] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.640289] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.640832] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.641485] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.642035] kthread+0x2a4/0x350
[ 2535.642400] ? kthread_complete_and_exit+0x20/0x20
[ 2535.642917] ret_from_fork+0x1f/0x30
[ 2535.643321]
[ 2535.643572]
[ 2535.643756] The buggy address belongs to the physical page:
[ 2535.644347] page:0000000009ac110d refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x59870
[ 2535.645348] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.646030] raw: 000fffffc0000000 ffffea0001452c08 ffff8881342d5aa0 0000000000000000
[ 2535.646846] raw: 0000000000000000 0000000000000004 00000000ffffff7f 0000000000000000
[ 2535.647610] page dumped because: kasan: bad access detected
[ 2535.648164]
[ 2535.648338] Memory state around the buggy address:
[ 2535.648818] ffff88805986ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.649531] ffff88805986ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.650245] >ffff888059870000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2535.650955] ^
[ 2535.651294] ffff888059870080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2535.652004] ffff888059870100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2535.652717] ==================================================================
[ 2535.653668] ok 8 - pagealloc_uaf
[ 2535.655150] ==================================================================
[ 2535.656266] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 2535.657118] Write of size 1 at addr ffff8880054d9f00 by task kunit_try_catch/48238
[ 2535.657866]
[ 2535.658039] CPU: 0 PID: 48238 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.659373] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.659944] Call Trace:
[ 2535.660205]
[ 2535.660431] ? kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 2535.661022] dump_stack_lvl+0x57/0x81
[ 2535.661404] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.662027] ? kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 2535.662667] print_report.cold+0x5c/0x237
[ 2535.663095] kasan_report+0xc9/0x100
[ 2535.663467] ? kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 2535.664118] kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 2535.664739] ? kmalloc_oob_16+0x3b0/0x3b0 [test_kasan]
[ 2535.665296] ? do_raw_spin_trylock+0xb5/0x180
[ 2535.665773] ? do_raw_spin_lock+0x270/0x270
[ 2535.666232] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.666826] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.667377] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.667903] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.668416] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.669025] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.669543] kthread+0x2a4/0x350
[ 2535.669878] ? kthread_complete_and_exit+0x20/0x20
[ 2535.670364] ret_from_fork+0x1f/0x30
[ 2535.670742]
[ 2535.670976]
[ 2535.671151] Allocated by task 48238:
[ 2535.671518] kasan_save_stack+0x1e/0x40
[ 2535.671907] __kasan_kmalloc+0x81/0xa0
[ 2535.672291] kmalloc_large_oob_right+0x98/0x2b0 [test_kasan]
[ 2535.672859] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.673354] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.673964] kthread+0x2a4/0x350
[ 2535.674306] ret_from_fork+0x1f/0x30
[ 2535.674673]
[ 2535.674844] The buggy address belongs to the object at ffff8880054d8000
[ 2535.674844] which belongs to the cache kmalloc-8k of size 8192
[ 2535.676054] The buggy address is located 7936 bytes inside of
[ 2535.676054] 8192-byte region [ffff8880054d8000, ffff8880054da000)
[ 2535.677281]
[ 2535.677464] The buggy address belongs to the physical page:
[ 2535.678044] page:0000000054a89fb9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54d8
[ 2535.678949] head:0000000054a89fb9 order:3 compound_mapcount:0 compound_pincount:0
[ 2535.679684] flags: 0xfffffc0010200(slab|head|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.680409] raw: 000fffffc0010200 0000000000000000 dead000000000001 ffff888001042280
[ 2535.681171] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[ 2535.681935] page dumped because: kasan: bad access detected
[ 2535.682489]
[ 2535.682659] Memory state around the buggy address:
[ 2535.683144] ffff8880054d9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.683856] ffff8880054d9e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.684586] >ffff8880054d9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.685349] ^
[ 2535.685706] ffff8880054d9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.686435] ffff8880054da000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.687149] ==================================================================
[ 2535.687927] ok 9 - kmalloc_large_oob_right
[ 2535.689352] ==================================================================
[ 2535.690631] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2535.691545] Write of size 1 at addr ffff888068c606eb by task kunit_try_catch/48239
[ 2535.692344]
[ 2535.692528] CPU: 0 PID: 48239 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.693942] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.694555] Call Trace:
[ 2535.694831]
[ 2535.695074] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2535.695722] dump_stack_lvl+0x57/0x81
[ 2535.696129] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.696752] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2535.697356] print_report.cold+0x5c/0x237
[ 2535.697765] kasan_report+0xc9/0x100
[ 2535.698136] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2535.698733] krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2535.699321] ? krealloc_less_oob+0x10/0x10 [test_kasan]
[ 2535.699842] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.700320] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.700796] ? lock_acquire+0x4ea/0x620
[ 2535.701191] ? rcu_read_unlock+0x40/0x40
[ 2535.701589] ? rcu_read_unlock+0x40/0x40
[ 2535.701987] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.702462] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.703017] ? do_raw_spin_lock+0x270/0x270
[ 2535.703443] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2535.704051] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2535.704560] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.705069] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.705563] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.706073] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.706683] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.707199] kthread+0x2a4/0x350
[ 2535.707535] ? kthread_complete_and_exit+0x20/0x20
[ 2535.708018] ret_from_fork+0x1f/0x30
[ 2535.708397]
[ 2535.708632]
[ 2535.708803] Allocated by task 48239:
[ 2535.709170] kasan_save_stack+0x1e/0x40
[ 2535.709560] __kasan_krealloc+0xee/0x160
[ 2535.709954] krealloc+0x50/0xe0
[ 2535.710287] krealloc_more_oob_helper+0x1d5/0x610 [test_kasan]
[ 2535.710869] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.711361] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.711965] kthread+0x2a4/0x350
[ 2535.712301] ret_from_fork+0x1f/0x30
[ 2535.712691]
[ 2535.712873] The buggy address belongs to the object at ffff888068c60600
[ 2535.712873] which belongs to the cache kmalloc-256 of size 256
[ 2535.714146] The buggy address is located 235 bytes inside of
[ 2535.714146] 256-byte region [ffff888068c60600, ffff888068c60700)
[ 2535.715285]
[ 2535.715456] The buggy address belongs to the physical page:
[ 2535.716005] page:0000000082fc8ce2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x68c60
[ 2535.716915] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.717592] raw: 000fffffc0000200 ffffea0001fb9880 dead000000000007 ffff888001041b40
[ 2535.718353] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[ 2535.719113] page dumped because: kasan: bad access detected
[ 2535.719662]
[ 2535.719832] Memory state around the buggy address:
[ 2535.720316] ffff888068c60580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.721023] ffff888068c60600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.721732] >ffff888068c60680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[ 2535.722452] ^
[ 2535.723098] ffff888068c60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.723812] ffff888068c60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.724521] ==================================================================
[ 2535.725264] ==================================================================
[ 2535.725974] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2535.726908] Write of size 1 at addr ffff888068c606f0 by task kunit_try_catch/48239
[ 2535.727700]
[ 2535.727872] CPU: 0 PID: 48239 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.729204] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.729779] Call Trace:
[ 2535.730037]
[ 2535.730268] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2535.730870] dump_stack_lvl+0x57/0x81
[ 2535.731274] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.731890] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2535.732537] print_report.cold+0x5c/0x237
[ 2535.732948] kasan_report+0xc9/0x100
[ 2535.733321] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2535.733924] krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2535.734559] ? krealloc_less_oob+0x10/0x10 [test_kasan]
[ 2535.735122] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.735634] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.736145] ? lock_acquire+0x4ea/0x620
[ 2535.736559] ? rcu_read_unlock+0x40/0x40
[ 2535.736959] ? rcu_read_unlock+0x40/0x40
[ 2535.737362] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.737839] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.738403] ? do_raw_spin_lock+0x270/0x270
[ 2535.738829] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2535.739440] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2535.739939] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.740451] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.740946] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.741457] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.742064] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.742586] kthread+0x2a4/0x350
[ 2535.742921] ? kthread_complete_and_exit+0x20/0x20
[ 2535.743410] ret_from_fork+0x1f/0x30
[ 2535.743784]
[ 2535.744043]
[ 2535.744228] Allocated by task 48239:
[ 2535.744616] kasan_save_stack+0x1e/0x40
[ 2535.745031] __kasan_krealloc+0xee/0x160
[ 2535.745462] krealloc+0x50/0xe0
[ 2535.745811] krealloc_more_oob_helper+0x1d5/0x610 [test_kasan]
[ 2535.746439] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.746964] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.747614] kthread+0x2a4/0x350
[ 2535.747971] ret_from_fork+0x1f/0x30
[ 2535.748368]
[ 2535.748550] The buggy address belongs to the object at ffff888068c60600
[ 2535.748550] which belongs to the cache kmalloc-256 of size 256
[ 2535.749838] The buggy address is located 240 bytes inside of
[ 2535.749838] 256-byte region [ffff888068c60600, ffff888068c60700)
[ 2535.753102]
[ 2535.753296] The buggy address belongs to the physical page:
[ 2535.753885] page:0000000082fc8ce2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x68c60
[ 2535.754862] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.755588] raw: 000fffffc0000200 ffffea0001fb9880 dead000000000007 ffff888001041b40
[ 2535.756411] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[ 2535.757231] page dumped because: kasan: bad access detected
[ 2535.757816]
[ 2535.758001] Memory state around the buggy address:
[ 2535.758519] ffff888068c60580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.759283] ffff888068c60600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.760041] >ffff888068c60680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[ 2535.760806] ^
[ 2535.761530] ffff888068c60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.762295] ffff888068c60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.763057] ==================================================================
[ 2535.764431] ok 10 - krealloc_more_oob
[ 2535.767140] ==================================================================
[ 2535.768366] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2535.769283] Write of size 1 at addr ffff888068c604c9 by task kunit_try_catch/48240
[ 2535.770077]
[ 2535.770266] CPU: 0 PID: 48240 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.771680] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.772296] Call Trace:
[ 2535.772570]
[ 2535.772813] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2535.773455] dump_stack_lvl+0x57/0x81
[ 2535.773857] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.774478] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2535.775119] print_report.cold+0x5c/0x237
[ 2535.775556] kasan_report+0xc9/0x100
[ 2535.775950] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2535.776591] krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2535.777217] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2535.777750] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.778263] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.778768] ? lock_acquire+0x4ea/0x620
[ 2535.779191] ? rcu_read_unlock+0x40/0x40
[ 2535.779619] ? rcu_read_unlock+0x40/0x40
[ 2535.780044] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.780556] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.781154] ? do_raw_spin_lock+0x270/0x270
[ 2535.781609] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2535.782265] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2535.782802] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.783353] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.783880] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.784429] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.785075] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.785630] kthread+0x2a4/0x350
[ 2535.785988] ? kthread_complete_and_exit+0x20/0x20
[ 2535.786504] ret_from_fork+0x1f/0x30
[ 2535.786907]
[ 2535.787164]
[ 2535.787348] Allocated by task 48240:
[ 2535.787738] kasan_save_stack+0x1e/0x40
[ 2535.788157] __kasan_krealloc+0xee/0x160
[ 2535.788584] krealloc+0x50/0xe0
[ 2535.788935] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 2535.789565] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.790090] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.790743] kthread+0x2a4/0x350
[ 2535.791101] ret_from_fork+0x1f/0x30
[ 2535.791499]
[ 2535.791682] The buggy address belongs to the object at ffff888068c60400
[ 2535.791682] which belongs to the cache kmalloc-256 of size 256
[ 2535.792970] The buggy address is located 201 bytes inside of
[ 2535.792970] 256-byte region [ffff888068c60400, ffff888068c60500)
[ 2535.794195]
[ 2535.794378] The buggy address belongs to the physical page:
[ 2535.794966] page:0000000082fc8ce2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x68c60
[ 2535.795937] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.796665] raw: 000fffffc0000200 ffffea0001fb9880 dead000000000007 ffff888001041b40
[ 2535.797482] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[ 2535.798291] page dumped because: kasan: bad access detected
[ 2535.798881]
[ 2535.799065] Memory state around the buggy address:
[ 2535.799580] ffff888068c60380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.800345] ffff888068c60400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.801110] >ffff888068c60480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 2535.802023] ^
[ 2535.802673] ffff888068c60500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.803507] ffff888068c60580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.804333] ==================================================================
[ 2535.805208] ==================================================================
[ 2535.806046] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2535.807052] Write of size 1 at addr ffff888068c604d0 by task kunit_try_catch/48240
[ 2535.807911]
[ 2535.808114] CPU: 0 PID: 48240 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.809643] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.810312] Call Trace:
[ 2535.810610]
[ 2535.810874] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2535.811570] dump_stack_lvl+0x57/0x81
[ 2535.812004] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.812677] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2535.813376] print_report.cold+0x5c/0x237
[ 2535.813847] kasan_report+0xc9/0x100
[ 2535.814294] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2535.814987] krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2535.815662] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2535.816236] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.816788] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.817336] ? lock_acquire+0x4ea/0x620
[ 2535.817787] ? rcu_read_unlock+0x40/0x40
[ 2535.818259] ? rcu_read_unlock+0x40/0x40
[ 2535.818715] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.819267] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.819911] ? do_raw_spin_lock+0x270/0x270
[ 2535.820402] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2535.821291] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2535.821933] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.822590] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.823226] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.823882] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.824649] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.825251] kthread+0x2a4/0x350
[ 2535.825637] ? kthread_complete_and_exit+0x20/0x20
[ 2535.826204] ret_from_fork+0x1f/0x30
[ 2535.826635]
[ 2535.826901]
[ 2535.827095] Allocated by task 48240:
[ 2535.827528] kasan_save_stack+0x1e/0x40
[ 2535.827978] __kasan_krealloc+0xee/0x160
[ 2535.828441] krealloc+0x50/0xe0
[ 2535.828819] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 2535.829494] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.830059] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.830769] kthread+0x2a4/0x350
[ 2535.831157] ret_from_fork+0x1f/0x30
[ 2535.831575]
[ 2535.831772] The buggy address belongs to the object at ffff888068c60400
[ 2535.831772] which belongs to the cache kmalloc-256 of size 256
[ 2535.833174] The buggy address is located 208 bytes inside of
[ 2535.833174] 256-byte region [ffff888068c60400, ffff888068c60500)
[ 2535.834499]
[ 2535.834694] The buggy address belongs to the physical page:
[ 2535.835337] page:0000000082fc8ce2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x68c60
[ 2535.836384] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.837162] raw: 000fffffc0000200 ffffea0001fb9880 dead000000000007 ffff888001041b40
[ 2535.838037] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[ 2535.838918] page dumped because: kasan: bad access detected
[ 2535.839567]
[ 2535.839763] Memory state around the buggy address:
[ 2535.840323] ffff888068c60380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.841144] ffff888068c60400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.841958] >ffff888068c60480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 2535.842786] ^
[ 2535.843464] ffff888068c60500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.844298] ffff888068c60580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.845115] ==================================================================
[ 2535.845983] ==================================================================
[ 2535.846818] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2535.847779] Write of size 1 at addr ffff888068c604da by task kunit_try_catch/48240
[ 2535.848593]
[ 2535.848782] CPU: 0 PID: 48240 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.850235] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.850951] Call Trace:
[ 2535.851270]
[ 2535.851559] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2535.852191] dump_stack_lvl+0x57/0x81
[ 2535.852587] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.853196] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2535.853828] print_report.cold+0x5c/0x237
[ 2535.854260] kasan_report+0xc9/0x100
[ 2535.854650] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2535.855289] krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2535.855908] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2535.856461] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.856983] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.857504] ? lock_acquire+0x4ea/0x620
[ 2535.857931] ? rcu_read_unlock+0x40/0x40
[ 2535.858374] ? rcu_read_unlock+0x40/0x40
[ 2535.858794] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.859302] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.859885] ? do_raw_spin_lock+0x270/0x270
[ 2535.860337] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2535.860999] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2535.861547] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.862106] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.862642] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.863184] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.863823] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.864368] kthread+0x2a4/0x350
[ 2535.864722] ? kthread_complete_and_exit+0x20/0x20
[ 2535.865235] ret_from_fork+0x1f/0x30
[ 2535.865630]
[ 2535.865900]
[ 2535.866086] Allocated by task 48240:
[ 2535.866490] kasan_save_stack+0x1e/0x40
[ 2535.866916] __kasan_krealloc+0xee/0x160
[ 2535.867350] krealloc+0x50/0xe0
[ 2535.867693] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 2535.868312] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.868830] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.869477] kthread+0x2a4/0x350
[ 2535.869829] ret_from_fork+0x1f/0x30
[ 2535.870219]
[ 2535.870399] The buggy address belongs to the object at ffff888068c60400
[ 2535.870399] which belongs to the cache kmalloc-256 of size 256
[ 2535.871672] The buggy address is located 218 bytes inside of
[ 2535.871672] 256-byte region [ffff888068c60400, ffff888068c60500)
[ 2535.872871]
[ 2535.873053] The buggy address belongs to the physical page:
[ 2535.873635] page:0000000082fc8ce2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x68c60
[ 2535.874595] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.875311] raw: 000fffffc0000200 ffffea0001fb9880 dead000000000007 ffff888001041b40
[ 2535.876113] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[ 2535.876912] page dumped because: kasan: bad access detected
[ 2535.877492]
[ 2535.877672] Memory state around the buggy address:
[ 2535.878184] ffff888068c60380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.878935] ffff888068c60400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.879688] >ffff888068c60480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 2535.882460] ^
[ 2535.883104] ffff888068c60500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.883877] ffff888068c60580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.884661] ==================================================================
[ 2535.885457] ==================================================================
[ 2535.886214] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2535.887121] Write of size 1 at addr ffff888068c604ea by task kunit_try_catch/48240
[ 2535.887905]
[ 2535.888085] CPU: 0 PID: 48240 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.889487] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.890090] Call Trace:
[ 2535.890365]
[ 2535.890605] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2535.891245] dump_stack_lvl+0x57/0x81
[ 2535.891641] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.892253] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2535.892886] print_report.cold+0x5c/0x237
[ 2535.893320] kasan_report+0xc9/0x100
[ 2535.893709] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2535.894346] krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2535.894962] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2535.895492] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.895998] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.896503] ? lock_acquire+0x4ea/0x620
[ 2535.896915] ? rcu_read_unlock+0x40/0x40
[ 2535.897341] ? rcu_read_unlock+0x40/0x40
[ 2535.897761] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.898266] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.898854] ? do_raw_spin_lock+0x270/0x270
[ 2535.899304] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2535.899947] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2535.900472] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.901013] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.901537] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.902072] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.902719] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.903266] kthread+0x2a4/0x350
[ 2535.903623] ? kthread_complete_and_exit+0x20/0x20
[ 2535.904134] ret_from_fork+0x1f/0x30
[ 2535.904533]
[ 2535.904781]
[ 2535.904963] Allocated by task 48240:
[ 2535.905348] kasan_save_stack+0x1e/0x40
[ 2535.905759] __kasan_krealloc+0xee/0x160
[ 2535.906179] krealloc+0x50/0xe0
[ 2535.906524] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 2535.907146] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.907699] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.908364] kthread+0x2a4/0x350
[ 2535.908730] ret_from_fork+0x1f/0x30
[ 2535.909120]
[ 2535.909300] The buggy address belongs to the object at ffff888068c60400
[ 2535.909300] which belongs to the cache kmalloc-256 of size 256
[ 2535.910577] The buggy address is located 234 bytes inside of
[ 2535.910577] 256-byte region [ffff888068c60400, ffff888068c60500)
[ 2535.911818]
[ 2535.912005] The buggy address belongs to the physical page:
[ 2535.912613] page:0000000082fc8ce2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x68c60
[ 2535.913575] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.914292] raw: 000fffffc0000200 ffffea0001fb9880 dead000000000007 ffff888001041b40
[ 2535.915100] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[ 2535.915901] page dumped because: kasan: bad access detected
[ 2535.916524]
[ 2535.916710] Memory state around the buggy address:
[ 2535.917245] ffff888068c60380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.917995] ffff888068c60400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.918751] >ffff888068c60480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 2535.919597] ^
[ 2535.920396] ffff888068c60500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.921224] ffff888068c60580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.921976] ==================================================================
[ 2535.922743] ==================================================================
[ 2535.923500] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2535.924403] Write of size 1 at addr ffff888068c604eb by task kunit_try_catch/48240
[ 2535.925192]
[ 2535.925374] CPU: 0 PID: 48240 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.926770] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.927379] Call Trace:
[ 2535.927650]
[ 2535.927888] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2535.928564] dump_stack_lvl+0x57/0x81
[ 2535.928976] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.929610] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2535.930243] print_report.cold+0x5c/0x237
[ 2535.930676] kasan_report+0xc9/0x100
[ 2535.931065] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2535.931701] krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2535.932321] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2535.932849] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.933353] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.933852] ? lock_acquire+0x4ea/0x620
[ 2535.934293] ? rcu_read_unlock+0x40/0x40
[ 2535.934731] ? rcu_read_unlock+0x40/0x40
[ 2535.935169] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.935683] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.936275] ? do_raw_spin_lock+0x270/0x270
[ 2535.936723] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2535.937371] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2535.937896] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.938441] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.938959] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.939498] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.940144] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.940690] kthread+0x2a4/0x350
[ 2535.941045] ? kthread_complete_and_exit+0x20/0x20
[ 2535.941558] ret_from_fork+0x1f/0x30
[ 2535.941955]
[ 2535.942204]
[ 2535.942385] Allocated by task 48240:
[ 2535.942770] kasan_save_stack+0x1e/0x40
[ 2535.943182] __kasan_krealloc+0xee/0x160
[ 2535.943602] krealloc+0x50/0xe0
[ 2535.943947] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 2535.944563] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.945078] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.945720] kthread+0x2a4/0x350
[ 2535.946074] ret_from_fork+0x1f/0x30
[ 2535.946466]
[ 2535.946647] The buggy address belongs to the object at ffff888068c60400
[ 2535.946647] which belongs to the cache kmalloc-256 of size 256
[ 2535.947923] The buggy address is located 235 bytes inside of
[ 2535.947923] 256-byte region [ffff888068c60400, ffff888068c60500)
[ 2535.949130]
[ 2535.949311] The buggy address belongs to the physical page:
[ 2535.949890] page:0000000082fc8ce2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x68c60
[ 2535.950849] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.951564] raw: 000fffffc0000200 ffffea0001fb9880 dead000000000007 ffff888001041b40
[ 2535.952372] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[ 2535.953200] page dumped because: kasan: bad access detected
[ 2535.953799]
[ 2535.953987] Memory state around the buggy address:
[ 2535.954512] ffff888068c60380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.955265] ffff888068c60400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.956014] >ffff888068c60480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 2535.956765] ^
[ 2535.957477] ffff888068c60500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.958257] ffff888068c60580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2535.959034] ==================================================================
[ 2535.960266] ok 11 - krealloc_less_oob
[ 2535.962186] ==================================================================
[ 2535.963418] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2535.964326] Write of size 1 at addr ffff8880676120eb by task kunit_try_catch/48241
[ 2535.965116]
[ 2535.965303] CPU: 0 PID: 48241 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.966742] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.967369] Call Trace:
[ 2535.967651]
[ 2535.967898] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2535.968557] dump_stack_lvl+0x57/0x81
[ 2535.968973] print_address_description.constprop.0+0x1f/0x1e0
[ 2535.969583] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2535.970220] print_report.cold+0x5c/0x237
[ 2535.970652] kasan_report+0xc9/0x100
[ 2535.971040] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2535.971675] krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2535.972296] ? krealloc_less_oob+0x10/0x10 [test_kasan]
[ 2535.972846] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.973351] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.973851] ? lock_acquire+0x4ea/0x620
[ 2535.974265] ? rcu_read_unlock+0x40/0x40
[ 2535.974685] ? rcu_read_unlock+0x40/0x40
[ 2535.975106] ? rcu_read_lock_sched_held+0x12/0x80
[ 2535.975611] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2535.976200] ? do_raw_spin_lock+0x270/0x270
[ 2535.976649] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2535.977296] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2535.977822] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2535.978363] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2535.978883] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2535.979421] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2535.980061] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2535.980608] kthread+0x2a4/0x350
[ 2535.980962] ? kthread_complete_and_exit+0x20/0x20
[ 2535.981473] ret_from_fork+0x1f/0x30
[ 2535.981872]
[ 2535.982122]
[ 2535.982303] The buggy address belongs to the physical page:
[ 2535.982885] page:000000003421bba9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x67610
[ 2535.983872] head:000000003421bba9 order:2 compound_mapcount:0 compound_pincount:0
[ 2535.984682] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 2535.985427] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2535.986256] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2535.987083] page dumped because: kasan: bad access detected
[ 2535.987762]
[ 2535.987971] Memory state around the buggy address:
[ 2535.988565] ffff888067611f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.989431] ffff888067612000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2535.990211] >ffff888067612080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[ 2535.990985] ^
[ 2535.991708] ffff888067612100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2535.992491] ffff888067612180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2535.993267] ==================================================================
[ 2535.994075] ==================================================================
[ 2535.994857] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2535.995793] Write of size 1 at addr ffff8880676120f0 by task kunit_try_catch/48241
[ 2535.996604]
[ 2535.996793] CPU: 0 PID: 48241 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2535.998236] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2535.998862] Call Trace:
[ 2535.999138]
[ 2535.999376] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2536.000007] dump_stack_lvl+0x57/0x81
[ 2536.000408] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.001012] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2536.001669] print_report.cold+0x5c/0x237
[ 2536.002117] kasan_report+0xc9/0x100
[ 2536.002520] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2536.003176] krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2536.003794] ? krealloc_less_oob+0x10/0x10 [test_kasan]
[ 2536.004348] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.004850] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.005456] ? lock_acquire+0x4ea/0x620
[ 2536.005935] ? rcu_read_unlock+0x40/0x40
[ 2536.006427] ? rcu_read_unlock+0x40/0x40
[ 2536.006861] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.007386] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.007991] ? do_raw_spin_lock+0x270/0x270
[ 2536.008457] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2536.009122] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.009687] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.010326] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.010865] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.013514] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.014185] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.014749] kthread+0x2a4/0x350
[ 2536.015121] ? kthread_complete_and_exit+0x20/0x20
[ 2536.015644] ret_from_fork+0x1f/0x30
[ 2536.016041]
[ 2536.016289]
[ 2536.016492] The buggy address belongs to the physical page:
[ 2536.017094] page:000000003421bba9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x67610
[ 2536.018082] head:000000003421bba9 order:2 compound_mapcount:0 compound_pincount:0
[ 2536.018881] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.019630] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2536.020470] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2536.021270] page dumped because: kasan: bad access detected
[ 2536.021850]
[ 2536.022030] Memory state around the buggy address:
[ 2536.022542] ffff888067611f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.023296] ffff888067612000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.024046] >ffff888067612080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[ 2536.024799] ^
[ 2536.025511] ffff888067612100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2536.026296] ffff888067612180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2536.027088] ==================================================================
[ 2536.028030] ok 12 - krealloc_pagealloc_more_oob
[ 2536.030143] ==================================================================
[ 2536.031437] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2536.032351] Write of size 1 at addr ffff8880676120c9 by task kunit_try_catch/48242
[ 2536.033134]
[ 2536.033316] CPU: 0 PID: 48242 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.034744] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.035373] Call Trace:
[ 2536.035655]
[ 2536.035910] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2536.036546] dump_stack_lvl+0x57/0x81
[ 2536.036945] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.037558] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2536.038193] print_report.cold+0x5c/0x237
[ 2536.038622] kasan_report+0xc9/0x100
[ 2536.039012] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2536.039647] krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2536.040272] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2536.040798] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.041302] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.041804] ? lock_acquire+0x4ea/0x620
[ 2536.042222] ? rcu_read_unlock+0x40/0x40
[ 2536.042643] ? rcu_read_unlock+0x40/0x40
[ 2536.043061] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.043568] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.044156] ? do_raw_spin_lock+0x270/0x270
[ 2536.044603] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2536.045246] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.045772] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.046347] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.046884] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.047440] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.048085] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.048628] kthread+0x2a4/0x350
[ 2536.048982] ? kthread_complete_and_exit+0x20/0x20
[ 2536.049495] ret_from_fork+0x1f/0x30
[ 2536.049894]
[ 2536.050143]
[ 2536.050325] The buggy address belongs to the physical page:
[ 2536.050904] page:000000003421bba9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x67610
[ 2536.052037] head:000000003421bba9 order:2 compound_mapcount:0 compound_pincount:0
[ 2536.052910] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.053697] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2536.054573] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2536.055447] page dumped because: kasan: bad access detected
[ 2536.056084]
[ 2536.056283] Memory state around the buggy address:
[ 2536.056838] ffff888067611f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.057662] ffff888067612000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.058491] >ffff888067612080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 2536.059319] ^
[ 2536.059955] ffff888067612100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2536.060783] ffff888067612180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2536.061599] ==================================================================
[ 2536.062526] ==================================================================
[ 2536.063352] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2536.064333] Write of size 1 at addr ffff8880676120d0 by task kunit_try_catch/48242
[ 2536.065189]
[ 2536.065388] CPU: 0 PID: 48242 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.066917] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.067579] Call Trace:
[ 2536.067875]
[ 2536.068144] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2536.068834] dump_stack_lvl+0x57/0x81
[ 2536.069270] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.069929] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2536.070621] print_report.cold+0x5c/0x237
[ 2536.071097] kasan_report+0xc9/0x100
[ 2536.071520] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2536.072219] krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2536.072884] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2536.073455] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.073997] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.074545] ? lock_acquire+0x4ea/0x620
[ 2536.074999] ? rcu_read_unlock+0x40/0x40
[ 2536.075460] ? rcu_read_unlock+0x40/0x40
[ 2536.075916] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.076467] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.077107] ? do_raw_spin_lock+0x270/0x270
[ 2536.077592] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2536.078293] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.078861] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.079449] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.080012] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.080604] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.081311] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.081901] kthread+0x2a4/0x350
[ 2536.082288] ? kthread_complete_and_exit+0x20/0x20
[ 2536.082846] ret_from_fork+0x1f/0x30
[ 2536.083281]
[ 2536.083552]
[ 2536.083745] The buggy address belongs to the physical page:
[ 2536.084378] page:000000003421bba9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x67610
[ 2536.085427] head:000000003421bba9 order:2 compound_mapcount:0 compound_pincount:0
[ 2536.086272] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.087053] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2536.087932] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2536.088800] page dumped because: kasan: bad access detected
[ 2536.089393]
[ 2536.089575] Memory state around the buggy address:
[ 2536.090094] ffff888067611f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.090861] ffff888067612000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.091628] >ffff888067612080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 2536.092392] ^
[ 2536.093014] ffff888067612100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2536.093789] ffff888067612180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2536.094561] ==================================================================
[ 2536.095376] ==================================================================
[ 2536.096149] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2536.097061] Write of size 1 at addr ffff8880676120da by task kunit_try_catch/48242
[ 2536.097863]
[ 2536.098049] CPU: 0 PID: 48242 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.099463] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.100081] Call Trace:
[ 2536.100355]
[ 2536.100596] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2536.101242] dump_stack_lvl+0x57/0x81
[ 2536.101647] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.102271] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2536.102944] print_report.cold+0x5c/0x237
[ 2536.103384] kasan_report+0xc9/0x100
[ 2536.103780] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2536.104429] krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2536.105057] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2536.105597] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.106110] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.106619] ? lock_acquire+0x4ea/0x620
[ 2536.107037] ? rcu_read_unlock+0x40/0x40
[ 2536.107467] ? rcu_read_unlock+0x40/0x40
[ 2536.107893] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.108408] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.109001] ? do_raw_spin_lock+0x270/0x270
[ 2536.109462] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2536.110117] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.110650] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.111201] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.111730] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.112280] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.112930] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.113486] kthread+0x2a4/0x350
[ 2536.113846] ? kthread_complete_and_exit+0x20/0x20
[ 2536.114370] ret_from_fork+0x1f/0x30
[ 2536.114774]
[ 2536.115024]
[ 2536.115212] The buggy address belongs to the physical page:
[ 2536.115803] page:000000003421bba9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x67610
[ 2536.116777] head:000000003421bba9 order:2 compound_mapcount:0 compound_pincount:0
[ 2536.117566] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.118295] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2536.119112] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2536.119923] page dumped because: kasan: bad access detected
[ 2536.120517]
[ 2536.120701] Memory state around the buggy address:
[ 2536.121221] ffff888067611f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.121982] ffff888067612000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.122748] >ffff888067612080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 2536.123512] ^
[ 2536.124163] ffff888067612100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2536.124924] ffff888067612180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2536.125688] ==================================================================
[ 2536.126471] ==================================================================
[ 2536.127243] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2536.128160] Write of size 1 at addr ffff8880676120ea by task kunit_try_catch/48242
[ 2536.128954]
[ 2536.129141] CPU: 0 PID: 48242 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.130557] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.131173] Call Trace:
[ 2536.131449]
[ 2536.131692] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2536.132341] dump_stack_lvl+0x57/0x81
[ 2536.132745] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.133364] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2536.134006] print_report.cold+0x5c/0x237
[ 2536.134446] kasan_report+0xc9/0x100
[ 2536.134842] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2536.135490] krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2536.136124] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2536.136659] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.137172] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.137680] ? lock_acquire+0x4ea/0x620
[ 2536.138103] ? rcu_read_unlock+0x40/0x40
[ 2536.138530] ? rcu_read_unlock+0x40/0x40
[ 2536.138955] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.139468] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.140061] ? do_raw_spin_lock+0x270/0x270
[ 2536.140523] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2536.144915] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.146047] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.146620] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.147157] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.147702] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.148357] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.148909] kthread+0x2a4/0x350
[ 2536.149273] ? kthread_complete_and_exit+0x20/0x20
[ 2536.149789] ret_from_fork+0x1f/0x30
[ 2536.150198]
[ 2536.150452]
[ 2536.150636] The buggy address belongs to the physical page:
[ 2536.151231] page:000000003421bba9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x67610
[ 2536.152210] head:000000003421bba9 order:2 compound_mapcount:0 compound_pincount:0
[ 2536.152999] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.153730] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2536.154546] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2536.155361] page dumped because: kasan: bad access detected
[ 2536.155949]
[ 2536.156137] Memory state around the buggy address:
[ 2536.156652] ffff888067611f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.157421] ffff888067612000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.158186] >ffff888067612080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 2536.158948] ^
[ 2536.159647] ffff888067612100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2536.160416] ffff888067612180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2536.161182] ==================================================================
[ 2536.162555] ==================================================================
[ 2536.163347] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2536.164846] Write of size 1 at addr ffff8880676120eb by task kunit_try_catch/48242
[ 2536.165646]
[ 2536.165831] CPU: 0 PID: 48242 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.167253] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.167867] Call Trace:
[ 2536.168149]
[ 2536.168394] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2536.169037] dump_stack_lvl+0x57/0x81
[ 2536.169446] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.170065] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2536.170713] print_report.cold+0x5c/0x237
[ 2536.171155] kasan_report+0xc9/0x100
[ 2536.171553] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2536.172204] krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2536.173391] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2536.173937] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.174458] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.174969] ? lock_acquire+0x4ea/0x620
[ 2536.175395] ? rcu_read_unlock+0x40/0x40
[ 2536.175825] ? rcu_read_unlock+0x40/0x40
[ 2536.176253] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.176766] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.177363] ? do_raw_spin_lock+0x270/0x270
[ 2536.177820] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2536.178482] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.179016] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.179570] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.180101] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.180645] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.181299] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.181849] kthread+0x2a4/0x350
[ 2536.182211] ? kthread_complete_and_exit+0x20/0x20
[ 2536.182731] ret_from_fork+0x1f/0x30
[ 2536.183139]
[ 2536.183391]
[ 2536.183573] The buggy address belongs to the physical page:
[ 2536.184163] page:000000003421bba9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x67610
[ 2536.185142] head:000000003421bba9 order:2 compound_mapcount:0 compound_pincount:0
[ 2536.185931] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.186657] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2536.187472] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2536.188288] page dumped because: kasan: bad access detected
[ 2536.188878]
[ 2536.189062] Memory state around the buggy address:
[ 2536.189579] ffff888067611f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.190341] ffff888067612000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.191104] >ffff888067612080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 2536.191866] ^
[ 2536.192566] ffff888067612100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2536.193331] ffff888067612180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2536.194093] ==================================================================
[ 2536.199528] ok 13 - krealloc_pagealloc_less_oob
[ 2536.201646] ==================================================================
[ 2536.202976] BUG: KASAN: use-after-free in krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 2536.203766] Read of size 1 at addr ffff88807ee62800 by task kunit_try_catch/48243
[ 2536.204571]
[ 2536.204758] CPU: 0 PID: 48243 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.206199] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.206822] Call Trace:
[ 2536.207103]
[ 2536.207350] ? krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 2536.207894] dump_stack_lvl+0x57/0x81
[ 2536.208307] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.208935] ? krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 2536.209481] print_report.cold+0x5c/0x237
[ 2536.209922] kasan_report+0xc9/0x100
[ 2536.210329] ? krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 2536.210871] ? krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 2536.211418] __kasan_check_byte+0x36/0x50
[ 2536.211860] krealloc+0x2e/0xe0
[ 2536.212223] krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 2536.212749] ? kmalloc_memmove_negative_size+0x290/0x290 [test_kasan]
[ 2536.213441] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.213959] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.214476] ? lock_acquire+0x4ea/0x620
[ 2536.214901] ? rcu_read_unlock+0x40/0x40
[ 2536.215340] ? rcu_read_unlock+0x40/0x40
[ 2536.215773] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.216294] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.216896] ? do_raw_spin_lock+0x270/0x270
[ 2536.217360] ? trace_hardirqs_on+0x2d/0x160
[ 2536.217820] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.218363] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.218916] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.219454] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.220007] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.220671] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.221233] kthread+0x2a4/0x350
[ 2536.221597] ? kthread_complete_and_exit+0x20/0x20
[ 2536.222126] ret_from_fork+0x1f/0x30
[ 2536.222535]
[ 2536.222790]
[ 2536.222976] Allocated by task 48243:
[ 2536.223379] kasan_save_stack+0x1e/0x40
[ 2536.223804] __kasan_kmalloc+0x81/0xa0
[ 2536.224223] krealloc_uaf+0xaa/0x450 [test_kasan]
[ 2536.224739] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.225274] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.225933] kthread+0x2a4/0x350
[ 2536.226297] ret_from_fork+0x1f/0x30
[ 2536.226690]
[ 2536.226874] Freed by task 48243:
[ 2536.227235] kasan_save_stack+0x1e/0x40
[ 2536.227654] kasan_set_track+0x21/0x30
[ 2536.228065] kasan_set_free_info+0x20/0x40
[ 2536.228516] __kasan_slab_free+0x108/0x170
[ 2536.228960] slab_free_freelist_hook+0x11d/0x1d0
[ 2536.229467] kfree+0xe2/0x3c0
[ 2536.229805] krealloc_uaf+0x147/0x450 [test_kasan]
[ 2536.230327] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.230855] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.231509] kthread+0x2a4/0x350
[ 2536.231871] ret_from_fork+0x1f/0x30
[ 2536.232270]
[ 2536.232454] The buggy address belongs to the object at ffff88807ee62800
[ 2536.232454] which belongs to the cache kmalloc-256 of size 256
[ 2536.233756] The buggy address is located 0 bytes inside of
[ 2536.233756] 256-byte region [ffff88807ee62800, ffff88807ee62900)
[ 2536.234963]
[ 2536.235159] The buggy address belongs to the physical page:
[ 2536.235751] page:0000000034d9d28e refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7ee62
[ 2536.236727] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.237460] raw: 000fffffc0000200 ffffea00019f0b40 dead000000000006 ffff888001041b40
[ 2536.238278] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[ 2536.239098] page dumped because: kasan: bad access detected
[ 2536.239688]
[ 2536.239873] Memory state around the buggy address:
[ 2536.240391] ffff88807ee62700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.241157] ffff88807ee62780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.241921] >ffff88807ee62800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2536.242690] ^
[ 2536.243050] ffff88807ee62880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2536.243820] ffff88807ee62900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.244587] ==================================================================
[ 2536.245542] ==================================================================
[ 2536.246319] BUG: KASAN: use-after-free in krealloc_uaf+0x42e/0x450 [test_kasan]
[ 2536.247103] Read of size 1 at addr ffff88807ee62800 by task kunit_try_catch/48243
[ 2536.247901]
[ 2536.248091] CPU: 0 PID: 48243 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.249524] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.250147] Call Trace:
[ 2536.250428]
[ 2536.250674] ? krealloc_uaf+0x42e/0x450 [test_kasan]
[ 2536.251221] dump_stack_lvl+0x57/0x81
[ 2536.251627] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.252255] ? krealloc_uaf+0x42e/0x450 [test_kasan]
[ 2536.252794] print_report.cold+0x5c/0x237
[ 2536.253239] kasan_report+0xc9/0x100
[ 2536.253638] ? krealloc_uaf+0x42e/0x450 [test_kasan]
[ 2536.254182] krealloc_uaf+0x42e/0x450 [test_kasan]
[ 2536.254708] ? kmalloc_memmove_negative_size+0x290/0x290 [test_kasan]
[ 2536.255402] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.255918] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.256438] ? lock_acquire+0x4ea/0x620
[ 2536.256861] ? rcu_read_unlock+0x40/0x40
[ 2536.257298] ? rcu_read_unlock+0x40/0x40
[ 2536.257727] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.258249] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.258852] ? do_raw_spin_lock+0x270/0x270
[ 2536.259316] ? kunit_ptr_not_err_assert_format+0x210/0x210 [kunit]
[ 2536.259985] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.260529] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.261085] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.261618] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.262173] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.262830] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.263394] kthread+0x2a4/0x350
[ 2536.263760] ? kthread_complete_and_exit+0x20/0x20
[ 2536.264287] ret_from_fork+0x1f/0x30
[ 2536.264694]
[ 2536.264948]
[ 2536.265139] Allocated by task 48243:
[ 2536.265531] kasan_save_stack+0x1e/0x40
[ 2536.265949] __kasan_kmalloc+0x81/0xa0
[ 2536.266364] krealloc_uaf+0xaa/0x450 [test_kasan]
[ 2536.266874] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.267406] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.268057] kthread+0x2a4/0x350
[ 2536.268420] ret_from_fork+0x1f/0x30
[ 2536.268815]
[ 2536.269000] Freed by task 48243:
[ 2536.269364] kasan_save_stack+0x1e/0x40
[ 2536.269784] kasan_set_track+0x21/0x30
[ 2536.270198] kasan_set_free_info+0x20/0x40
[ 2536.270643] __kasan_slab_free+0x108/0x170
[ 2536.273298] slab_free_freelist_hook+0x11d/0x1d0
[ 2536.273810] kfree+0xe2/0x3c0
[ 2536.274150] krealloc_uaf+0x147/0x450 [test_kasan]
[ 2536.274700] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.275235] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.275882] kthread+0x2a4/0x350
[ 2536.276247] ret_from_fork+0x1f/0x30
[ 2536.276639]
[ 2536.276850] The buggy address belongs to the object at ffff88807ee62800
[ 2536.276850] which belongs to the cache kmalloc-256 of size 256
[ 2536.278230] The buggy address is located 0 bytes inside of
[ 2536.278230] 256-byte region [ffff88807ee62800, ffff88807ee62900)
[ 2536.279487]
[ 2536.279670] The buggy address belongs to the physical page:
[ 2536.280265] page:0000000034d9d28e refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7ee62
[ 2536.281242] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.281963] raw: 000fffffc0000200 ffffea00019f0b40 dead000000000006 ffff888001041b40
[ 2536.282778] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[ 2536.283594] page dumped because: kasan: bad access detected
[ 2536.284189]
[ 2536.284372] Memory state around the buggy address:
[ 2536.284885] ffff88807ee62700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.285652] ffff88807ee62780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.286417] >ffff88807ee62800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2536.287181] ^
[ 2536.287539] ffff88807ee62880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2536.288304] ffff88807ee62900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.289069] ==================================================================
[ 2536.289959] ok 14 - krealloc_uaf
[ 2536.297478] ==================================================================
[ 2536.298677] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 2536.299513] Write of size 16 at addr ffff88807dea6440 by task kunit_try_catch/48244
[ 2536.300334]
[ 2536.300520] CPU: 0 PID: 48244 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.301936] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.302555] Call Trace:
[ 2536.302831]
[ 2536.303076] ? kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 2536.303628] dump_stack_lvl+0x57/0x81
[ 2536.304031] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.304658] ? kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 2536.305214] print_report.cold+0x5c/0x237
[ 2536.305653] kasan_report+0xc9/0x100
[ 2536.306049] ? kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 2536.306605] kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 2536.307148] ? kmalloc_uaf_16+0x3b0/0x3b0 [test_kasan]
[ 2536.307700] ? do_raw_spin_trylock+0xb5/0x180
[ 2536.308192] ? do_raw_spin_lock+0x270/0x270
[ 2536.308647] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.309242] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.309775] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.310331] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.310861] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.311410] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.312066] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.312618] kthread+0x2a4/0x350
[ 2536.312976] ? kthread_complete_and_exit+0x20/0x20
[ 2536.313495] ret_from_fork+0x1f/0x30
[ 2536.313897]
[ 2536.314153]
[ 2536.314337] Allocated by task 48244:
[ 2536.314728] kasan_save_stack+0x1e/0x40
[ 2536.315148] __kasan_kmalloc+0x81/0xa0
[ 2536.315557] kmalloc_oob_16+0xa4/0x3b0 [test_kasan]
[ 2536.316085] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.316609] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.317261] kthread+0x2a4/0x350
[ 2536.317619] ret_from_fork+0x1f/0x30
[ 2536.318013]
[ 2536.318198] The buggy address belongs to the object at ffff88807dea6440
[ 2536.318198] which belongs to the cache kmalloc-16 of size 16
[ 2536.319475] The buggy address is located 0 bytes inside of
[ 2536.319475] 16-byte region [ffff88807dea6440, ffff88807dea6450)
[ 2536.320663]
[ 2536.320847] The buggy address belongs to the physical page:
[ 2536.321439] page:00000000ffb92960 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7dea6
[ 2536.322415] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.323141] raw: 000fffffc0000200 dead000000000100 dead000000000122 ffff8880010413c0
[ 2536.323951] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2536.324762] page dumped because: kasan: bad access detected
[ 2536.325356]
[ 2536.325540] Memory state around the buggy address:
[ 2536.326054] ffff88807dea6300: 00 00 fc fc 00 00 fc fc 00 00 fc fc fb fb fc fc
[ 2536.326820] ffff88807dea6380: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 2536.327582] >ffff88807dea6400: 00 00 fc fc 00 00 fc fc 00 05 fc fc fb fb fc fc
[ 2536.328344] ^
[ 2536.328934] ffff88807dea6480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 2536.329698] ffff88807dea6500: 00 00 fc fc 00 00 fc fc 00 00 fc fc fb fb fc fc
[ 2536.330462] ==================================================================
[ 2536.331269] ok 15 - kmalloc_oob_16
[ 2536.334401] ==================================================================
[ 2536.336492] BUG: KASAN: use-after-free in kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 2536.337293] Read of size 16 at addr ffff88807dea6560 by task kunit_try_catch/48245
[ 2536.338104]
[ 2536.338292] CPU: 0 PID: 48245 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.339715] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.340335] Call Trace:
[ 2536.340613]
[ 2536.340856] ? kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 2536.341413] dump_stack_lvl+0x57/0x81
[ 2536.341815] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.342435] ? kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 2536.342990] print_report.cold+0x5c/0x237
[ 2536.343432] kasan_report+0xc9/0x100
[ 2536.343830] ? kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 2536.344392] kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 2536.344930] ? kmalloc_uaf+0x2b0/0x2b0 [test_kasan]
[ 2536.345466] ? do_raw_spin_trylock+0xb5/0x180
[ 2536.345944] ? do_raw_spin_lock+0x270/0x270
[ 2536.346406] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.347003] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.347543] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.348098] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.348627] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.349176] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.349828] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.350384] kthread+0x2a4/0x350
[ 2536.350745] ? kthread_complete_and_exit+0x20/0x20
[ 2536.351268] ret_from_fork+0x1f/0x30
[ 2536.351673]
[ 2536.351925]
[ 2536.352112] Allocated by task 48245:
[ 2536.352506] kasan_save_stack+0x1e/0x40
[ 2536.352924] __kasan_kmalloc+0x81/0xa0
[ 2536.353341] kmalloc_uaf_16+0x15d/0x3b0 [test_kasan]
[ 2536.353879] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.354436] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.355113] kthread+0x2a4/0x350
[ 2536.355484] ret_from_fork+0x1f/0x30
[ 2536.355891]
[ 2536.356079] Freed by task 48245:
[ 2536.356439] kasan_save_stack+0x1e/0x40
[ 2536.356859] kasan_set_track+0x21/0x30
[ 2536.357272] kasan_set_free_info+0x20/0x40
[ 2536.357716] __kasan_slab_free+0x108/0x170
[ 2536.358165] slab_free_freelist_hook+0x11d/0x1d0
[ 2536.358669] kfree+0xe2/0x3c0
[ 2536.359005] kmalloc_uaf_16+0x1e8/0x3b0 [test_kasan]
[ 2536.359551] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.360081] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.360733] kthread+0x2a4/0x350
[ 2536.361095] ret_from_fork+0x1f/0x30
[ 2536.361491]
[ 2536.361676] The buggy address belongs to the object at ffff88807dea6560
[ 2536.361676] which belongs to the cache kmalloc-16 of size 16
[ 2536.362965] The buggy address is located 0 bytes inside of
[ 2536.362965] 16-byte region [ffff88807dea6560, ffff88807dea6570)
[ 2536.364169]
[ 2536.364353] The buggy address belongs to the physical page:
[ 2536.364945] page:00000000ffb92960 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7dea6
[ 2536.365921] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.366657] raw: 000fffffc0000200 dead000000000100 dead000000000122 ffff8880010413c0
[ 2536.367477] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2536.368291] page dumped because: kasan: bad access detected
[ 2536.368883]
[ 2536.369069] Memory state around the buggy address:
[ 2536.369585] ffff88807dea6400: 00 00 fc fc 00 00 fc fc fa fb fc fc fb fb fc fc
[ 2536.370365] ffff88807dea6480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 2536.371132] >ffff88807dea6500: 00 00 fc fc 00 00 fc fc 00 00 fc fc fa fb fc fc
[ 2536.371896] ^
[ 2536.372573] ffff88807dea6580: fb fb fc fc fb fb fc fc 00 00 fc fc 00 00 fc fc
[ 2536.373338] ffff88807dea6600: fa fb fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 2536.374107] ==================================================================
[ 2536.375762] ok 16 - kmalloc_uaf_16
[ 2536.379218] ==================================================================
[ 2536.380577] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 2536.381549] Write of size 128 at addr ffff8880669b8900 by task kunit_try_catch/48246
[ 2536.382438]
[ 2536.382640] CPU: 0 PID: 48246 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.384187] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.384849] Call Trace:
[ 2536.385155]
[ 2536.385563] ? kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 2536.386962] dump_stack_lvl+0x57/0x81
[ 2536.387459] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.388246] ? kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 2536.388995] print_report.cold+0x5c/0x237
[ 2536.389475] kasan_report+0xc9/0x100
[ 2536.389904] ? kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 2536.390579] kasan_check_range+0xfd/0x1e0
[ 2536.391049] memset+0x20/0x50
[ 2536.391416] kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 2536.392066] ? kmalloc_oob_memset_2+0x290/0x290 [test_kasan]
[ 2536.392726] ? do_raw_spin_trylock+0xb5/0x180
[ 2536.393246] ? do_raw_spin_lock+0x270/0x270
[ 2536.393738] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.394388] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.394969] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.395569] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.396145] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.396732] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.397441] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.398034] kthread+0x2a4/0x350
[ 2536.398426] ? kthread_complete_and_exit+0x20/0x20
[ 2536.398985] ret_from_fork+0x1f/0x30
[ 2536.399924]
[ 2536.400269]
[ 2536.400491] Allocated by task 48246:
[ 2536.400961] kasan_save_stack+0x1e/0x40
[ 2536.403539] __kasan_kmalloc+0x81/0xa0
[ 2536.403981] kmalloc_oob_in_memset+0x9c/0x280 [test_kasan]
[ 2536.404640] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.405215] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.405918] kthread+0x2a4/0x350
[ 2536.406314] ret_from_fork+0x1f/0x30
[ 2536.406740]
[ 2536.406940] The buggy address belongs to the object at ffff8880669b8900
[ 2536.406940] which belongs to the cache kmalloc-128 of size 128
[ 2536.408356] The buggy address is located 0 bytes inside of
[ 2536.408356] 128-byte region [ffff8880669b8900, ffff8880669b8980)
[ 2536.409666]
[ 2536.409865] The buggy address belongs to the physical page:
[ 2536.410507] page:00000000701d0cf4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x669b8
[ 2536.411563] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.412359] raw: 000fffffc0000200 ffffea0000090980 dead000000000007 ffff8880010418c0
[ 2536.413240] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2536.414124] page dumped because: kasan: bad access detected
[ 2536.414759]
[ 2536.414957] Memory state around the buggy address:
[ 2536.415518] ffff8880669b8800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.416352] ffff8880669b8880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.417174] >ffff8880669b8900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2536.418004] ^
[ 2536.418828] ffff8880669b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.419660] ffff8880669b8a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2536.420493] ==================================================================
[ 2536.422945] ok 17 - kmalloc_oob_in_memset
[ 2536.425114] ==================================================================
[ 2536.426810] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 2536.427765] Write of size 2 at addr ffff8880669b8177 by task kunit_try_catch/48247
[ 2536.428642]
[ 2536.428837] CPU: 0 PID: 48247 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.430405] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.431079] Call Trace:
[ 2536.431380]
[ 2536.431643] ? kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 2536.432325] dump_stack_lvl+0x57/0x81
[ 2536.432749] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.433432] ? kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 2536.434099] print_report.cold+0x5c/0x237
[ 2536.434576] kasan_report+0xc9/0x100
[ 2536.435008] ? kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 2536.435679] kasan_check_range+0xfd/0x1e0
[ 2536.436153] memset+0x20/0x50
[ 2536.436521] kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 2536.437192] ? kmalloc_oob_memset_4+0x290/0x290 [test_kasan]
[ 2536.437854] ? do_raw_spin_trylock+0xb5/0x180
[ 2536.438376] ? do_raw_spin_lock+0x270/0x270
[ 2536.438874] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.439521] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.440109] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.440703] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.441282] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.441874] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.442589] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.443199] kthread+0x2a4/0x350
[ 2536.443594] ? kthread_complete_and_exit+0x20/0x20
[ 2536.444165] ret_from_fork+0x1f/0x30
[ 2536.444603]
[ 2536.444868]
[ 2536.445064] Allocated by task 48247:
[ 2536.445507] kasan_save_stack+0x1e/0x40
[ 2536.445962] __kasan_kmalloc+0x81/0xa0
[ 2536.446408] kmalloc_oob_memset_2+0x9c/0x290 [test_kasan]
[ 2536.447033] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.447609] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.448407] kthread+0x2a4/0x350
[ 2536.448838] ret_from_fork+0x1f/0x30
[ 2536.449270]
[ 2536.449471] The buggy address belongs to the object at ffff8880669b8100
[ 2536.449471] which belongs to the cache kmalloc-128 of size 128
[ 2536.450885] The buggy address is located 119 bytes inside of
[ 2536.450885] 128-byte region [ffff8880669b8100, ffff8880669b8180)
[ 2536.452226]
[ 2536.452427] The buggy address belongs to the physical page:
[ 2536.453069] page:00000000701d0cf4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x669b8
[ 2536.454135] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.454924] raw: 000fffffc0000200 ffffea0000090980 dead000000000007 ffff8880010418c0
[ 2536.455820] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2536.456701] page dumped because: kasan: bad access detected
[ 2536.457344]
[ 2536.457543] Memory state around the buggy address:
[ 2536.458102] ffff8880669b8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.458968] ffff8880669b8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.459902] >ffff8880669b8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2536.460786] ^
[ 2536.461608] ffff8880669b8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.462436] ffff8880669b8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2536.463263] ==================================================================
[ 2536.465219] ok 18 - kmalloc_oob_memset_2
[ 2536.467091] ==================================================================
[ 2536.468453] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 2536.469409] Write of size 4 at addr ffff8880669b8f75 by task kunit_try_catch/48248
[ 2536.470270]
[ 2536.470470] CPU: 0 PID: 48248 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.472007] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.472676] Call Trace:
[ 2536.472972]
[ 2536.473239] ? kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 2536.473897] dump_stack_lvl+0x57/0x81
[ 2536.474336] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.475002] ? kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 2536.475666] print_report.cold+0x5c/0x237
[ 2536.476138] kasan_report+0xc9/0x100
[ 2536.476573] ? kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 2536.477243] kasan_check_range+0xfd/0x1e0
[ 2536.477711] memset+0x20/0x50
[ 2536.478078] kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 2536.478714] ? kmalloc_oob_memset_8+0x290/0x290 [test_kasan]
[ 2536.479372] ? do_raw_spin_trylock+0xb5/0x180
[ 2536.479888] ? do_raw_spin_lock+0x270/0x270
[ 2536.480384] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.481033] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.481617] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.482215] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.482790] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.483385] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.484097] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.484690] kthread+0x2a4/0x350
[ 2536.485079] ? kthread_complete_and_exit+0x20/0x20
[ 2536.485639] ret_from_fork+0x1f/0x30
[ 2536.486076]
[ 2536.486348]
[ 2536.486544] Allocated by task 48248:
[ 2536.486966] kasan_save_stack+0x1e/0x40
[ 2536.487425] __kasan_kmalloc+0x81/0xa0
[ 2536.487871] kmalloc_oob_memset_4+0x9c/0x290 [test_kasan]
[ 2536.488501] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.489057] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.489786] kthread+0x2a4/0x350
[ 2536.490178] ret_from_fork+0x1f/0x30
[ 2536.490605]
[ 2536.490802] The buggy address belongs to the object at ffff8880669b8f00
[ 2536.490802] which belongs to the cache kmalloc-128 of size 128
[ 2536.492213] The buggy address is located 117 bytes inside of
[ 2536.492213] 128-byte region [ffff8880669b8f00, ffff8880669b8f80)
[ 2536.493538]
[ 2536.493734] The buggy address belongs to the physical page:
[ 2536.494377] page:00000000701d0cf4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x669b8
[ 2536.495436] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.496221] raw: 000fffffc0000200 ffffea0000090980 dead000000000007 ffff8880010418c0
[ 2536.497099] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2536.497975] page dumped because: kasan: bad access detected
[ 2536.498617]
[ 2536.498813] Memory state around the buggy address:
[ 2536.499376] ffff8880669b8e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.500206] ffff8880669b8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.501015] >ffff8880669b8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2536.512841] ^
[ 2536.513665] ffff8880669b8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.514495] ffff8880669b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.515329] ==================================================================
[ 2536.516368] ok 19 - kmalloc_oob_memset_4
[ 2536.518131] ==================================================================
[ 2536.519513] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 2536.520468] Write of size 8 at addr ffff8880669b8b71 by task kunit_try_catch/48249
[ 2536.521335]
[ 2536.521534] CPU: 0 PID: 48249 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.523079] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.523743] Call Trace:
[ 2536.524049]
[ 2536.524323] ? kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 2536.524991] dump_stack_lvl+0x57/0x81
[ 2536.525433] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.526110] ? kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 2536.526771] print_report.cold+0x5c/0x237
[ 2536.527249] kasan_report+0xc9/0x100
[ 2536.527679] ? kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 2536.528351] kasan_check_range+0xfd/0x1e0
[ 2536.528824] memset+0x20/0x50
[ 2536.529191] kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 2536.529826] ? kmalloc_oob_memset_16+0x290/0x290 [test_kasan]
[ 2536.530494] ? do_raw_spin_trylock+0xb5/0x180
[ 2536.531010] ? do_raw_spin_lock+0x270/0x270
[ 2536.531505] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.532154] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.532738] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.533332] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.533905] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.534507] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.535217] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.535814] kthread+0x2a4/0x350
[ 2536.536210] ? kthread_complete_and_exit+0x20/0x20
[ 2536.536770] ret_from_fork+0x1f/0x30
[ 2536.537210]
[ 2536.537483]
[ 2536.537682] Allocated by task 48249:
[ 2536.538112] kasan_save_stack+0x1e/0x40
[ 2536.538562] __kasan_kmalloc+0x81/0xa0
[ 2536.539004] kmalloc_oob_memset_8+0x9c/0x290 [test_kasan]
[ 2536.539637] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.540210] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.540914] kthread+0x2a4/0x350
[ 2536.541305] ret_from_fork+0x1f/0x30
[ 2536.541732]
[ 2536.541929] The buggy address belongs to the object at ffff8880669b8b00
[ 2536.541929] which belongs to the cache kmalloc-128 of size 128
[ 2536.543342] The buggy address is located 113 bytes inside of
[ 2536.543342] 128-byte region [ffff8880669b8b00, ffff8880669b8b80)
[ 2536.544671]
[ 2536.544867] The buggy address belongs to the physical page:
[ 2536.545507] page:00000000701d0cf4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x669b8
[ 2536.546563] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.547356] raw: 000fffffc0000200 ffffea0000090980 dead000000000007 ffff8880010418c0
[ 2536.548243] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2536.549128] page dumped because: kasan: bad access detected
[ 2536.549769]
[ 2536.549967] Memory state around the buggy address:
[ 2536.550528] ffff8880669b8a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
[ 2536.551354] ffff8880669b8a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.552182] >ffff8880669b8b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2536.552994] ^
[ 2536.553788] ffff8880669b8b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.554628] ffff8880669b8c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.555459] ==================================================================
[ 2536.556370] ok 20 - kmalloc_oob_memset_8
[ 2536.558096] ==================================================================
[ 2536.559455] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 2536.560426] Write of size 16 at addr ffff8880669b8d69 by task kunit_try_catch/48250
[ 2536.561307]
[ 2536.561499] CPU: 0 PID: 48250 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.563045] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.563712] Call Trace:
[ 2536.564010]
[ 2536.564288] ? kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 2536.564938] dump_stack_lvl+0x57/0x81
[ 2536.565400] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.566074] ? kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 2536.566743] print_report.cold+0x5c/0x237
[ 2536.567222] kasan_report+0xc9/0x100
[ 2536.567649] ? kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 2536.568328] kasan_check_range+0xfd/0x1e0
[ 2536.568784] memset+0x20/0x50
[ 2536.569158] kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 2536.569804] ? kmalloc_uaf_memset+0x280/0x280 [test_kasan]
[ 2536.570443] ? do_raw_spin_trylock+0xb5/0x180
[ 2536.570959] ? do_raw_spin_lock+0x270/0x270
[ 2536.571453] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.572102] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.572682] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.573285] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.573839] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.574441] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.575152] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.575754] kthread+0x2a4/0x350
[ 2536.576150] ? kthread_complete_and_exit+0x20/0x20
[ 2536.576703] ret_from_fork+0x1f/0x30
[ 2536.577128]
[ 2536.577388]
[ 2536.577582] Allocated by task 48250:
[ 2536.577993] kasan_save_stack+0x1e/0x40
[ 2536.578468] __kasan_kmalloc+0x81/0xa0
[ 2536.578912] kmalloc_oob_memset_16+0x9c/0x290 [test_kasan]
[ 2536.579547] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.580121] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.580818] kthread+0x2a4/0x350
[ 2536.581197] ret_from_fork+0x1f/0x30
[ 2536.581611]
[ 2536.581803] The buggy address belongs to the object at ffff8880669b8d00
[ 2536.581803] which belongs to the cache kmalloc-128 of size 128
[ 2536.583228] The buggy address is located 105 bytes inside of
[ 2536.583228] 128-byte region [ffff8880669b8d00, ffff8880669b8d80)
[ 2536.584564]
[ 2536.584756] The buggy address belongs to the physical page:
[ 2536.585379] page:00000000701d0cf4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x669b8
[ 2536.586429] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.587223] raw: 000fffffc0000200 ffffea0000090980 dead000000000007 ffff8880010418c0
[ 2536.588108] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2536.588990] page dumped because: kasan: bad access detected
[ 2536.589628]
[ 2536.589819] Memory state around the buggy address:
[ 2536.590392] ffff8880669b8c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.591223] ffff8880669b8c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.592048] >ffff8880669b8d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2536.592875] ^
[ 2536.593702] ffff8880669b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.594535] ffff8880669b8e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.595369] ==================================================================
[ 2536.596317] ok 21 - kmalloc_oob_memset_16
[ 2536.598113] ==================================================================
[ 2536.599485] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 2536.600502] Read of size 18446744073709551614 at addr ffff888131352384 by task kunit_try_catch/48251
[ 2536.601515]
[ 2536.601710] CPU: 0 PID: 48251 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.605349] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.605994] Call Trace:
[ 2536.606314]
[ 2536.606588] ? kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 2536.607340] dump_stack_lvl+0x57/0x81
[ 2536.607782] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.608459] ? kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 2536.609183] print_report.cold+0x5c/0x237
[ 2536.609674] kasan_report+0xc9/0x100
[ 2536.610109] ? kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 2536.610850] kasan_check_range+0xfd/0x1e0
[ 2536.611329] memmove+0x20/0x60
[ 2536.611706] kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 2536.612440] ? kmalloc_memmove_invalid_size+0x2a0/0x2a0 [test_kasan]
[ 2536.613191] ? do_raw_spin_trylock+0xb5/0x180
[ 2536.613726] ? do_raw_spin_lock+0x270/0x270
[ 2536.614225] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.614877] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.615460] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.616061] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.616642] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.617242] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.617945] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.618544] kthread+0x2a4/0x350
[ 2536.618933] ? kthread_complete_and_exit+0x20/0x20
[ 2536.619499] ret_from_fork+0x1f/0x30
[ 2536.619935]
[ 2536.620221]
[ 2536.620413] Allocated by task 48251:
[ 2536.620827] kasan_save_stack+0x1e/0x40
[ 2536.621289] __kasan_kmalloc+0x81/0xa0
[ 2536.621733] kmalloc_memmove_negative_size+0x9c/0x290 [test_kasan]
[ 2536.622450] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.623020] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.623729] kthread+0x2a4/0x350
[ 2536.624120] ret_from_fork+0x1f/0x30
[ 2536.624549]
[ 2536.624739] The buggy address belongs to the object at ffff888131352380
[ 2536.624739] which belongs to the cache kmalloc-64 of size 64
[ 2536.626102] The buggy address is located 4 bytes inside of
[ 2536.626102] 64-byte region [ffff888131352380, ffff8881313523c0)
[ 2536.627411]
[ 2536.627608] The buggy address belongs to the physical page:
[ 2536.628263] page:00000000601f7fe4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x131352
[ 2536.629320] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2536.630120] raw: 0017ffffc0000200 ffffea00001e75c0 dead000000000002 ffff888001041640
[ 2536.631010] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 2536.631894] page dumped because: kasan: bad access detected
[ 2536.632535]
[ 2536.632726] Memory state around the buggy address:
[ 2536.633267] ffff888131352280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 2536.634084] ffff888131352300: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2536.634915] >ffff888131352380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 2536.635739] ^
[ 2536.636133] ffff888131352400: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2536.636977] ffff888131352480: 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc
[ 2536.637815] ==================================================================
[ 2536.638763] ok 22 - kmalloc_memmove_negative_size
[ 2536.642541] ==================================================================
[ 2536.643993] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 2536.645009] Read of size 64 at addr ffff888131352704 by task kunit_try_catch/48252
[ 2536.645848]
[ 2536.646044] CPU: 0 PID: 48252 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.647599] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.648277] Call Trace:
[ 2536.648589]
[ 2536.648853] ? kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 2536.649589] dump_stack_lvl+0x57/0x81
[ 2536.650026] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.650720] ? kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 2536.651459] print_report.cold+0x5c/0x237
[ 2536.651934] kasan_report+0xc9/0x100
[ 2536.652373] ? kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 2536.653201] kasan_check_range+0xfd/0x1e0
[ 2536.653730] memmove+0x20/0x60
[ 2536.654135] kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 2536.654848] ? kmalloc_oob_in_memset+0x280/0x280 [test_kasan]
[ 2536.655525] ? do_raw_spin_trylock+0xb5/0x180
[ 2536.656046] ? do_raw_spin_lock+0x270/0x270
[ 2536.656541] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.657190] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.657784] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.658359] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.658950] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.659656] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.660259] kthread+0x2a4/0x350
[ 2536.660649] ? kthread_complete_and_exit+0x20/0x20
[ 2536.661216] ret_from_fork+0x1f/0x30
[ 2536.661655]
[ 2536.661927]
[ 2536.662136] Allocated by task 48252:
[ 2536.662559] kasan_save_stack+0x1e/0x40
[ 2536.663010] __kasan_kmalloc+0x81/0xa0
[ 2536.663457] kmalloc_memmove_invalid_size+0xac/0x2a0 [test_kasan]
[ 2536.664165] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.664740] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.665448] kthread+0x2a4/0x350
[ 2536.665837] ret_from_fork+0x1f/0x30
[ 2536.666265]
[ 2536.666464] The buggy address belongs to the object at ffff888131352700
[ 2536.666464] which belongs to the cache kmalloc-64 of size 64
[ 2536.667851] The buggy address is located 4 bytes inside of
[ 2536.667851] 64-byte region [ffff888131352700, ffff888131352740)
[ 2536.669150]
[ 2536.669354] The buggy address belongs to the physical page:
[ 2536.669972] page:00000000601f7fe4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x131352
[ 2536.671057] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2536.671849] raw: 0017ffffc0000200 ffffea00001e75c0 dead000000000002 ffff888001041640
[ 2536.672735] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 2536.673621] page dumped because: kasan: bad access detected
[ 2536.674268]
[ 2536.674466] Memory state around the buggy address:
[ 2536.675024] ffff888131352600: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2536.675854] ffff888131352680: 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc
[ 2536.676688] >ffff888131352700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 2536.677490] ^
[ 2536.678118] ffff888131352780: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2536.678942] ffff888131352800: 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc
[ 2536.679779] ==================================================================
[ 2536.680817] ok 23 - kmalloc_memmove_invalid_size
[ 2536.685298] ==================================================================
[ 2536.686728] BUG: KASAN: use-after-free in kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 2536.687575] Read of size 1 at addr ffff88807dea67a8 by task kunit_try_catch/48253
[ 2536.688444]
[ 2536.688641] CPU: 0 PID: 48253 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.690185] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.690852] Call Trace:
[ 2536.691155]
[ 2536.691419] ? kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 2536.691992] dump_stack_lvl+0x57/0x81
[ 2536.692435] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.693088] ? kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 2536.693640] print_report.cold+0x5c/0x237
[ 2536.694131] kasan_report+0xc9/0x100
[ 2536.694560] ? kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 2536.695133] kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 2536.695688] ? kmalloc_uaf2+0x430/0x430 [test_kasan]
[ 2536.696278] ? do_raw_spin_trylock+0xb5/0x180
[ 2536.696754] ? do_raw_spin_lock+0x270/0x270
[ 2536.697213] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.697806] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.698384] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.698930] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.699494] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.700172] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.700737] kthread+0x2a4/0x350
[ 2536.701099] ? kthread_complete_and_exit+0x20/0x20
[ 2536.701615] ret_from_fork+0x1f/0x30
[ 2536.702015]
[ 2536.702293]
[ 2536.702482] Allocated by task 48253:
[ 2536.702887] kasan_save_stack+0x1e/0x40
[ 2536.705408] __kasan_kmalloc+0x81/0xa0
[ 2536.705835] kmalloc_uaf+0x98/0x2b0 [test_kasan]
[ 2536.706373] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.706919] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.707592] kthread+0x2a4/0x350
[ 2536.707965] ret_from_fork+0x1f/0x30
[ 2536.708380]
[ 2536.708564] Freed by task 48253:
[ 2536.708920] kasan_save_stack+0x1e/0x40
[ 2536.709368] kasan_set_track+0x21/0x30
[ 2536.709790] kasan_set_free_info+0x20/0x40
[ 2536.710252] __kasan_slab_free+0x108/0x170
[ 2536.710710] slab_free_freelist_hook+0x11d/0x1d0
[ 2536.711233] kfree+0xe2/0x3c0
[ 2536.711581] kmalloc_uaf+0x12b/0x2b0 [test_kasan]
[ 2536.712111] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.712649] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.713336] kthread+0x2a4/0x350
[ 2536.713707] ret_from_fork+0x1f/0x30
[ 2536.714115]
[ 2536.714307] The buggy address belongs to the object at ffff88807dea67a0
[ 2536.714307] which belongs to the cache kmalloc-16 of size 16
[ 2536.715630] The buggy address is located 8 bytes inside of
[ 2536.715630] 16-byte region [ffff88807dea67a0, ffff88807dea67b0)
[ 2536.716919]
[ 2536.717137] The buggy address belongs to the physical page:
[ 2536.717842] page:00000000ffb92960 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7dea6
[ 2536.718858] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.719613] raw: 000fffffc0000200 dead000000000100 dead000000000122 ffff8880010413c0
[ 2536.720461] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2536.721304] page dumped because: kasan: bad access detected
[ 2536.721918]
[ 2536.722112] Memory state around the buggy address:
[ 2536.722649] ffff88807dea6680: 00 00 fc fc 00 00 fc fc 00 00 fc fc fb fb fc fc
[ 2536.723443] ffff88807dea6700: fa fb fc fc 00 00 fc fc 00 00 fc fc fb fb fc fc
[ 2536.724238] >ffff88807dea6780: 00 00 fc fc fa fb fc fc 00 00 fc fc 00 00 fc fc
[ 2536.725009] ^
[ 2536.725535] ffff88807dea6800: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 2536.726401] ffff88807dea6880: fa fb fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 2536.727293] ==================================================================
[ 2536.729051] ok 24 - kmalloc_uaf
[ 2536.731300] ==================================================================
[ 2536.732510] BUG: KASAN: use-after-free in kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 2536.733369] Write of size 33 at addr ffff888131352400 by task kunit_try_catch/48254
[ 2536.734204]
[ 2536.734396] CPU: 0 PID: 48254 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.735862] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.736496] Call Trace:
[ 2536.736782]
[ 2536.737034] ? kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 2536.737639] dump_stack_lvl+0x57/0x81
[ 2536.738060] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.738699] ? kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 2536.739308] print_report.cold+0x5c/0x237
[ 2536.739761] kasan_report+0xc9/0x100
[ 2536.740174] ? kmalloc_uaf_memset+0xc1/0x280 [test_kasan]
[ 2536.740767] ? kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 2536.741374] kasan_check_range+0xfd/0x1e0
[ 2536.741824] memset+0x20/0x50
[ 2536.742173] kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 2536.742762] ? kmem_cache_accounted+0x170/0x170 [test_kasan]
[ 2536.743396] ? do_raw_spin_trylock+0xb5/0x180
[ 2536.743886] ? do_raw_spin_lock+0x270/0x270
[ 2536.744362] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.744978] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.745544] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.746090] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.746654] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.747325] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.747896] kthread+0x2a4/0x350
[ 2536.748274] ? kthread_complete_and_exit+0x20/0x20
[ 2536.748810] ret_from_fork+0x1f/0x30
[ 2536.749237]
[ 2536.749496]
[ 2536.749686] Allocated by task 48254:
[ 2536.750098] kasan_save_stack+0x1e/0x40
[ 2536.750530] __kasan_kmalloc+0x81/0xa0
[ 2536.750951] kmalloc_uaf_memset+0x9a/0x280 [test_kasan]
[ 2536.751533] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.752079] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.752749] kthread+0x2a4/0x350
[ 2536.753125] ret_from_fork+0x1f/0x30
[ 2536.753531]
[ 2536.753720] Freed by task 48254:
[ 2536.754094] kasan_save_stack+0x1e/0x40
[ 2536.754525] kasan_set_track+0x21/0x30
[ 2536.754948] kasan_set_free_info+0x20/0x40
[ 2536.755406] __kasan_slab_free+0x108/0x170
[ 2536.755861] slab_free_freelist_hook+0x11d/0x1d0
[ 2536.756380] kfree+0xe2/0x3c0
[ 2536.756723] kmalloc_uaf_memset+0x137/0x280 [test_kasan]
[ 2536.757312] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.757856] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.758532] kthread+0x2a4/0x350
[ 2536.758902] ret_from_fork+0x1f/0x30
[ 2536.759312]
[ 2536.759502] The buggy address belongs to the object at ffff888131352400
[ 2536.759502] which belongs to the cache kmalloc-64 of size 64
[ 2536.760822] The buggy address is located 0 bytes inside of
[ 2536.760822] 64-byte region [ffff888131352400, ffff888131352440)
[ 2536.762063]
[ 2536.762254] The buggy address belongs to the physical page:
[ 2536.762861] page:00000000601f7fe4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x131352
[ 2536.763872] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2536.764631] raw: 0017ffffc0000200 ffffea00001e75c0 dead000000000002 ffff888001041640
[ 2536.765470] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 2536.766311] page dumped because: kasan: bad access detected
[ 2536.766917]
[ 2536.767108] Memory state around the buggy address:
[ 2536.767639] ffff888131352300: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2536.768430] ffff888131352380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2536.769222] >ffff888131352400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2536.770008] ^
[ 2536.770382] ffff888131352480: 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc
[ 2536.771171] ffff888131352500: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2536.771957] ==================================================================
[ 2536.772823] ok 25 - kmalloc_uaf_memset
[ 2536.774121] ==================================================================
[ 2536.775392] BUG: KASAN: use-after-free in kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 2536.776198] Read of size 1 at addr ffff888131352928 by task kunit_try_catch/48255
[ 2536.777014]
[ 2536.777210] CPU: 0 PID: 48255 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.778680] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.779317] Call Trace:
[ 2536.779603]
[ 2536.779856] ? kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 2536.780413] dump_stack_lvl+0x57/0x81
[ 2536.780893] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.781609] ? kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 2536.782192] print_report.cold+0x5c/0x237
[ 2536.782644] kasan_report+0xc9/0x100
[ 2536.783055] ? kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 2536.783612] kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 2536.784150] ? kfree_via_page+0x290/0x290 [test_kasan]
[ 2536.784720] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.785247] ? lock_acquire+0x4ea/0x620
[ 2536.785681] ? rcu_read_unlock+0x40/0x40
[ 2536.786124] ? rcu_read_unlock+0x40/0x40
[ 2536.786563] ? rcu_read_lock_sched_held+0x12/0x80
[ 2536.787090] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.787729] ? do_raw_spin_lock+0x270/0x270
[ 2536.788260] ? trace_hardirqs_on+0x2d/0x160
[ 2536.788786] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2536.789387] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.790018] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.790636] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.791202] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.791877] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.792451] kthread+0x2a4/0x350
[ 2536.792821] ? kthread_complete_and_exit+0x20/0x20
[ 2536.793363] ret_from_fork+0x1f/0x30
[ 2536.793778]
[ 2536.794042]
[ 2536.794234] Allocated by task 48255:
[ 2536.794640] kasan_save_stack+0x1e/0x40
[ 2536.795073] __kasan_kmalloc+0x81/0xa0
[ 2536.795497] kmalloc_uaf2+0xad/0x430 [test_kasan]
[ 2536.796030] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.796574] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.797250] kthread+0x2a4/0x350
[ 2536.797623] ret_from_fork+0x1f/0x30
[ 2536.798030]
[ 2536.798220] Freed by task 48255:
[ 2536.798589] kasan_save_stack+0x1e/0x40
[ 2536.799026] kasan_set_track+0x21/0x30
[ 2536.799448] kasan_set_free_info+0x20/0x40
[ 2536.799906] __kasan_slab_free+0x108/0x170
[ 2536.800375] slab_free_freelist_hook+0x11d/0x1d0
[ 2536.800874] kfree+0xe2/0x3c0
[ 2536.801212] kmalloc_uaf2+0x144/0x430 [test_kasan]
[ 2536.801729] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.802283] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.802954] kthread+0x2a4/0x350
[ 2536.804262] ret_from_fork+0x1f/0x30
[ 2536.804659]
[ 2536.804841] The buggy address belongs to the object at ffff888131352900
[ 2536.804841] which belongs to the cache kmalloc-64 of size 64
[ 2536.806173] The buggy address is located 40 bytes inside of
[ 2536.806173] 64-byte region [ffff888131352900, ffff888131352940)
[ 2536.807415]
[ 2536.807604] The buggy address belongs to the physical page:
[ 2536.808244] page:00000000601f7fe4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x131352
[ 2536.809246] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2536.810006] raw: 0017ffffc0000200 ffffea00001e75c0 dead000000000002 ffff888001041640
[ 2536.810859] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 2536.811698] page dumped because: kasan: bad access detected
[ 2536.812311]
[ 2536.812500] Memory state around the buggy address:
[ 2536.813034] ffff888131352800: 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc
[ 2536.813823] ffff888131352880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2536.814614] >ffff888131352900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2536.815405] ^
[ 2536.815911] ffff888131352980: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 2536.816698] ffff888131352a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2536.817486] ==================================================================
[ 2536.820046] ok 26 - kmalloc_uaf2
[ 2536.822333] ok 27 - kfree_via_page
[ 2536.824127] ok 28 - kfree_via_phys
[ 2536.826595] ==================================================================
[ 2536.827837] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 2536.828695] Read of size 1 at addr ffff8880670b1a10 by task kunit_try_catch/48259
[ 2536.829513]
[ 2536.829703] CPU: 0 PID: 48259 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2536.831174] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2536.831806] Call Trace:
[ 2536.832098]
[ 2536.832351] ? kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 2536.832923] dump_stack_lvl+0x57/0x81
[ 2536.833345] print_address_description.constprop.0+0x1f/0x1e0
[ 2536.833984] ? kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 2536.834560] print_report.cold+0x5c/0x237
[ 2536.835013] kasan_report+0xc9/0x100
[ 2536.835429] ? kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 2536.836001] kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 2536.836562] ? kmem_cache_double_free+0x280/0x280 [test_kasan]
[ 2536.837214] ? do_raw_spin_trylock+0xb5/0x180
[ 2536.837709] ? do_raw_spin_lock+0x270/0x270
[ 2536.838184] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2536.838800] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2536.839369] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.839917] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2536.840485] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.841157] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2536.841729] kthread+0x2a4/0x350
[ 2536.842102] ? kthread_complete_and_exit+0x20/0x20
[ 2536.842638] ret_from_fork+0x1f/0x30
[ 2536.843056]
[ 2536.843315]
[ 2536.843504] Allocated by task 48259:
[ 2536.843906] kasan_save_stack+0x1e/0x40
[ 2536.844338] __kasan_slab_alloc+0x66/0x80
[ 2536.844835] kmem_cache_alloc+0x161/0x310
[ 2536.845340] kmem_cache_oob+0x121/0x2e0 [test_kasan]
[ 2536.845948] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2536.846495] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2536.847167] kthread+0x2a4/0x350
[ 2536.847535] ret_from_fork+0x1f/0x30
[ 2536.847939]
[ 2536.848135] The buggy address belongs to the object at ffff8880670b1948
[ 2536.848135] which belongs to the cache test_cache of size 200
[ 2536.849457] The buggy address is located 0 bytes to the right of
[ 2536.849457] 200-byte region [ffff8880670b1948, ffff8880670b1a10)
[ 2536.850754]
[ 2536.850944] The buggy address belongs to the physical page:
[ 2536.851553] page:00000000f69ee0be refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x670b1
[ 2536.852556] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2536.853308] raw: 000fffffc0000200 0000000000000000 dead000000000122 ffff88807f8a78c0
[ 2536.854149] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000
[ 2536.854984] page dumped because: kasan: bad access detected
[ 2536.855595]
[ 2536.855785] Memory state around the buggy address:
[ 2536.856319] ffff8880670b1900: fc fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00
[ 2536.857108] ffff8880670b1980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2536.857895] >ffff8880670b1a00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.858685] ^
[ 2536.859111] ffff8880670b1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.859897] ffff8880670b1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2536.860692] ==================================================================
[ 2536.924702] ok 29 - kmem_cache_oob
[ 2537.458265] ok 30 - kmem_cache_accounted
[ 2537.473679] ok 31 - kmem_cache_bulk
[ 2537.477170] ==================================================================
[ 2537.478468] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 2537.479462] Read of size 1 at addr ffffffffc175b90d by task kunit_try_catch/48263
[ 2537.480306]
[ 2537.480503] CPU: 0 PID: 48263 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2537.482021] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2537.482681] Call Trace:
[ 2537.482990]
[ 2537.483251] ? kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 2537.483919] dump_stack_lvl+0x57/0x81
[ 2537.484360] print_address_description.constprop.0+0x1f/0x1e0
[ 2537.485027] ? kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 2537.485694] print_report.cold+0x5c/0x237
[ 2537.486170] kasan_report+0xc9/0x100
[ 2537.486595] ? kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 2537.487267] kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 2537.487915] ? kasan_stack_oob+0x200/0x200 [test_kasan]
[ 2537.488518] ? do_raw_spin_trylock+0xb5/0x180
[ 2537.489034] ? do_raw_spin_lock+0x270/0x270
[ 2537.489520] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2537.490170] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2537.490760] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.491329] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2537.491916] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.492613] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2537.493205] kthread+0x2a4/0x350
[ 2537.493589] ? kthread_complete_and_exit+0x20/0x20
[ 2537.494144] ret_from_fork+0x1f/0x30
[ 2537.494576]
[ 2537.494839]
[ 2537.495039] The buggy address belongs to the variable:
[ 2537.495622] global_array+0xd/0xfffffffffffe5700 [test_kasan]
[ 2537.496284]
[ 2537.496483] Memory state around the buggy address:
[ 2537.497037] ffffffffc175b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2537.497853] ffffffffc175b880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2537.498677] >ffffffffc175b900: 00 02 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9
[ 2537.499495] ^
[ 2537.499905] ffffffffc175b980: 02 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 f9 f9
[ 2537.500726] ffffffffc175ba00: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
[ 2537.501545] ==================================================================
[ 2537.502496] ok 32 - kasan_global_oob_right
[ 2537.505367] ok 33 - kasan_global_oob_left # SKIP Test requires CONFIG_CC_IS_CLANG=y
[ 2537.506992] ==================================================================
[ 2537.508737] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 2537.509646] Read of size 1 at addr ffffc90001147e7a by task kunit_try_catch/48265
[ 2537.510489]
[ 2537.510683] CPU: 0 PID: 48265 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2537.512205] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2537.512864] Call Trace:
[ 2537.513163]
[ 2537.513419] ? kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 2537.514018] dump_stack_lvl+0x57/0x81
[ 2537.514450] print_address_description.constprop.0+0x1f/0x1e0
[ 2537.515125] ? kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 2537.515722] print_report.cold+0x5c/0x237
[ 2537.516195] kasan_report+0xc9/0x100
[ 2537.516616] ? kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 2537.517218] kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 2537.517805] ? match_all_mem_tag+0x20/0x20 [test_kasan]
[ 2537.518402] ? rcu_read_unlock+0x40/0x40
[ 2537.518858] ? rcu_read_lock_sched_held+0x12/0x80
[ 2537.519414] ? do_raw_spin_trylock+0xb5/0x180
[ 2537.519926] ? do_raw_spin_lock+0x270/0x270
[ 2537.520415] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2537.521048] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2537.521623] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2537.522211] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.522776] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2537.523362] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.524058] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2537.524649] kthread+0x2a4/0x350
[ 2537.525034] ? kthread_complete_and_exit+0x20/0x20
[ 2537.525584] ret_from_fork+0x1f/0x30
[ 2537.526018]
[ 2537.526283]
[ 2537.526476] The buggy address belongs to stack of task kunit_try_catch/48265
[ 2537.527279] and is located at offset 266 in frame:
[ 2537.527833] kasan_stack_oob+0x0/0x200 [test_kasan]
[ 2537.528396]
[ 2537.528589] This frame has 4 objects:
[ 2537.529019] [48, 56) 'array'
[ 2537.529022] [80, 128) '__assertion'
[ 2537.529379] [160, 224) '__assertion'
[ 2537.529798] [256, 266) 'stack_array'
[ 2537.530234]
[ 2537.530857] The buggy address belongs to the virtual mapping at
[ 2537.530857] [ffffc90001140000, ffffc90001149000) created by:
[ 2537.530857] dup_task_struct+0x5e/0x5a0
[ 2537.532577]
[ 2537.532776] The buggy address belongs to the physical page:
[ 2537.533408] page:00000000cc62772a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x670bf
[ 2537.534446] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)
[ 2537.535176] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 2537.536049] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2537.536913] page dumped because: kasan: bad access detected
[ 2537.537543]
[ 2537.537739] Memory state around the buggy address:
[ 2537.538288] ffffc90001147d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1
[ 2537.539097] ffffc90001147d80: f1 f1 f1 f1 00 f2 f2 f2 00 00 00 00 00 00 f2 f2
[ 2537.539917] >ffffc90001147e00: f2 f2 00 00 00 00 00 00 00 00 f2 f2 f2 f2 00 02
[ 2537.540730] ^
[ 2537.541547] ffffc90001147e80: f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2537.542367] ffffc90001147f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2537.543178] ==================================================================
[ 2537.544036] ok 34 - kasan_stack_oob
[ 2537.545994] ==================================================================
[ 2537.547282] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 2537.548262] Read of size 1 at addr ffffc90000befd1f by task kunit_try_catch/48266
[ 2537.549107]
[ 2537.549306] CPU: 0 PID: 48266 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2537.550823] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2537.551483] Call Trace:
[ 2537.551777]
[ 2537.552040] ? kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 2537.552701] dump_stack_lvl+0x57/0x81
[ 2537.553139] print_address_description.constprop.0+0x1f/0x1e0
[ 2537.553807] ? kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 2537.554470] print_report.cold+0x5c/0x237
[ 2537.554935] kasan_report+0xc9/0x100
[ 2537.555362] ? kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 2537.556022] kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 2537.556653] ? rcu_read_lock_sched_held+0x12/0x80
[ 2537.557202] ? rcu_read_lock_sched_held+0x12/0x80
[ 2537.557749] ? lock_acquire+0x4ea/0x620
[ 2537.558204] ? kasan_alloca_oob_right+0x290/0x290 [test_kasan]
[ 2537.558881] ? rcu_read_lock_sched_held+0x12/0x80
[ 2537.559433] ? do_raw_spin_trylock+0xb5/0x180
[ 2537.559939] ? do_raw_spin_lock+0x270/0x270
[ 2537.560427] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2537.561065] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2537.561634] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2537.562228] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.562789] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2537.563367] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.564070] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2537.564654] kthread+0x2a4/0x350
[ 2537.565039] ? kthread_complete_and_exit+0x20/0x20
[ 2537.565607] ret_from_fork+0x1f/0x30
[ 2537.566043]
[ 2537.566310]
[ 2537.566509] The buggy address belongs to stack of task kunit_try_catch/48266
[ 2537.567308]
[ 2537.567510] The buggy address belongs to the virtual mapping at
[ 2537.567510] [ffffc90000be8000, ffffc90000bf1000) created by:
[ 2537.567510] dup_task_struct+0x5e/0x5a0
[ 2537.569224]
[ 2537.569421] The buggy address belongs to the physical page:
[ 2537.570052] page:00000000728f2252 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7f326
[ 2537.571092] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)
[ 2537.571823] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 2537.572693] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2537.573563] page dumped because: kasan: bad access detected
[ 2537.574193]
[ 2537.574391] Memory state around the buggy address:
[ 2537.574939] ffffc90000befc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2537.575761] ffffc90000befc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2537.576572] >ffffc90000befd00: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00
[ 2537.577393] ^
[ 2537.577855] ffffc90000befd80: f1 f1 f1 f1 04 f2 00 f2 f2 f2 00 00 00 00 00 00
[ 2537.578795] ffffc90000befe00: f2 f2 f2 f2 00 00 00 00 00 00 00 00 f3 f3 f3 f3
[ 2537.579615] ==================================================================
[ 2537.580571] ok 35 - kasan_alloca_oob_left
[ 2537.582005] ==================================================================
[ 2537.583533] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 2537.584542] Read of size 1 at addr ffffc90001457d2a by task kunit_try_catch/48267
[ 2537.585393]
[ 2537.585593] CPU: 0 PID: 48267 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2537.587138] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2537.587793] Call Trace:
[ 2537.588095]
[ 2537.588358] ? kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 2537.589039] dump_stack_lvl+0x57/0x81
[ 2537.589477] print_address_description.constprop.0+0x1f/0x1e0
[ 2537.590157] ? kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 2537.590833] print_report.cold+0x5c/0x237
[ 2537.591312] kasan_report+0xc9/0x100
[ 2537.591735] ? kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 2537.592413] kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 2537.593078] ? rcu_read_lock_sched_held+0x12/0x80
[ 2537.593625] ? rcu_read_lock_sched_held+0x12/0x80
[ 2537.594168] ? lock_acquire+0x4ea/0x620
[ 2537.594621] ? ksize_unpoisons_memory+0x300/0x300 [test_kasan]
[ 2537.595293] ? rcu_read_lock_sched_held+0x12/0x80
[ 2537.595836] ? do_raw_spin_trylock+0xb5/0x180
[ 2537.596350] ? do_raw_spin_lock+0x270/0x270
[ 2537.596838] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2537.597484] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2537.598055] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2537.598642] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.599208] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2537.599795] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.600499] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2537.601089] kthread+0x2a4/0x350
[ 2537.601471] ? kthread_complete_and_exit+0x20/0x20
[ 2537.602029] ret_from_fork+0x1f/0x30
[ 2537.602464]
[ 2537.602736]
[ 2537.602935] The buggy address belongs to stack of task kunit_try_catch/48267
[ 2537.603743]
[ 2537.603939] The buggy address belongs to the virtual mapping at
[ 2537.603939] [ffffc90001450000, ffffc90001459000) created by:
[ 2537.603939] dup_task_struct+0x5e/0x5a0
[ 2537.605647]
[ 2537.605841] The buggy address belongs to the physical page:
[ 2537.606478] page:00000000a5f8451f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b91f
[ 2537.607526] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)
[ 2537.608268] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 2537.609134] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2537.610004] page dumped because: kasan: bad access detected
[ 2537.610630]
[ 2537.610825] Memory state around the buggy address:
[ 2537.611384] ffffc90001457c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2537.612199] ffffc90001457c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2537.613010] >ffffc90001457d00: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00
[ 2537.613867] ^
[ 2537.614411] ffffc90001457d80: f1 f1 f1 f1 04 f2 00 f2 f2 f2 00 00 00 00 00 00
[ 2537.615245] ffffc90001457e00: f2 f2 f2 f2 00 00 00 00 00 00 00 00 f3 f3 f3 f3
[ 2537.616072] ==================================================================
[ 2537.617223] ok 36 - kasan_alloca_oob_right
[ 2537.618999] ==================================================================
[ 2537.620365] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 2537.621337] Read of size 1 at addr ffff88807dee0180 by task kunit_try_catch/48268
[ 2537.622178]
[ 2537.622374] CPU: 0 PID: 48268 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2537.623891] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2537.624555] Call Trace:
[ 2537.624849]
[ 2537.625107] ? ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 2537.625770] dump_stack_lvl+0x57/0x81
[ 2537.626207] print_address_description.constprop.0+0x1f/0x1e0
[ 2537.626873] ? ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 2537.627544] print_report.cold+0x5c/0x237
[ 2537.628013] kasan_report+0xc9/0x100
[ 2537.628433] ? ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 2537.629106] ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 2537.629761] ? ksize_uaf+0x4a0/0x4a0 [test_kasan]
[ 2537.630310] ? do_raw_spin_trylock+0xb5/0x180
[ 2537.630823] ? do_raw_spin_lock+0x270/0x270
[ 2537.631315] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2537.631953] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2537.632540] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.633106] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2537.633682] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.634379] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2537.634971] kthread+0x2a4/0x350
[ 2537.635349] ? kthread_complete_and_exit+0x20/0x20
[ 2537.635900] ret_from_fork+0x1f/0x30
[ 2537.636336]
[ 2537.636603]
[ 2537.636797] Allocated by task 48268:
[ 2537.637219] kasan_save_stack+0x1e/0x40
[ 2537.637664] __kasan_kmalloc+0x81/0xa0
[ 2537.638107] ksize_unpoisons_memory+0x9a/0x300 [test_kasan]
[ 2537.638742] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.639304] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.640000] kthread+0x2a4/0x350
[ 2537.640389] ret_from_fork+0x1f/0x30
[ 2537.640805]
[ 2537.641003] The buggy address belongs to the object at ffff88807dee0100
[ 2537.641003] which belongs to the cache kmalloc-128 of size 128
[ 2537.642395] The buggy address is located 0 bytes to the right of
[ 2537.642395] 128-byte region [ffff88807dee0100, ffff88807dee0180)
[ 2537.643730]
[ 2537.643925] The buggy address belongs to the physical page:
[ 2537.644558] page:000000000ece5a2c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7dee0
[ 2537.645607] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2537.646388] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8880010418c0
[ 2537.647263] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2537.648129] page dumped because: kasan: bad access detected
[ 2537.648762]
[ 2537.648965] Memory state around the buggy address:
[ 2537.649521] ffff88807dee0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.650337] ffff88807dee0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2537.651157] >ffff88807dee0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.651971] ^
[ 2537.652354] ffff88807dee0200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2537.653169] ffff88807dee0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.653984] ==================================================================
[ 2537.654904] ok 37 - ksize_unpoisons_memory
[ 2537.656992] ==================================================================
[ 2537.658347] BUG: KASAN: use-after-free in ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 2537.659150] Read of size 1 at addr ffff88807dee0400 by task kunit_try_catch/48269
[ 2537.659996]
[ 2537.660191] CPU: 0 PID: 48269 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2537.661696] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2537.662357] Call Trace:
[ 2537.662653]
[ 2537.662910] ? ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 2537.663465] dump_stack_lvl+0x57/0x81
[ 2537.663895] print_address_description.constprop.0+0x1f/0x1e0
[ 2537.664555] ? ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 2537.665104] print_report.cold+0x5c/0x237
[ 2537.665579] kasan_report+0xc9/0x100
[ 2537.666003] ? ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 2537.666548] ? ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 2537.667096] __kasan_check_byte+0x36/0x50
[ 2537.667564] ksize+0x1b/0x50
[ 2537.667915] ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 2537.668450] ? kmem_cache_oob+0x2e0/0x2e0 [test_kasan]
[ 2537.669046] ? do_raw_spin_trylock+0xb5/0x180
[ 2537.669610] ? do_raw_spin_lock+0x270/0x270
[ 2537.670116] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2537.670792] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2537.671379] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.671936] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2537.672518] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.673210] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2537.673799] kthread+0x2a4/0x350
[ 2537.674186] ? kthread_complete_and_exit+0x20/0x20
[ 2537.674738] ret_from_fork+0x1f/0x30
[ 2537.675171]
[ 2537.675455]
[ 2537.675647] Allocated by task 48269:
[ 2537.676068] kasan_save_stack+0x1e/0x40
[ 2537.676511] __kasan_kmalloc+0x81/0xa0
[ 2537.676946] ksize_uaf+0x9a/0x4a0 [test_kasan]
[ 2537.677463] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.678031] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.678720] kthread+0x2a4/0x350
[ 2537.679104] ret_from_fork+0x1f/0x30
[ 2537.679523]
[ 2537.679751] Freed by task 48269:
[ 2537.680147] kasan_save_stack+0x1e/0x40
[ 2537.680604] kasan_set_track+0x21/0x30
[ 2537.681059] kasan_set_free_info+0x20/0x40
[ 2537.681554] __kasan_slab_free+0x108/0x170
[ 2537.682027] slab_free_freelist_hook+0x11d/0x1d0
[ 2537.682563] kfree+0xe2/0x3c0
[ 2537.682920] ksize_uaf+0x137/0x4a0 [test_kasan]
[ 2537.683451] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.684016] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.684716] kthread+0x2a4/0x350
[ 2537.685105] ret_from_fork+0x1f/0x30
[ 2537.685522]
[ 2537.685716] The buggy address belongs to the object at ffff88807dee0400
[ 2537.685716] which belongs to the cache kmalloc-128 of size 128
[ 2537.687114] The buggy address is located 0 bytes inside of
[ 2537.687114] 128-byte region [ffff88807dee0400, ffff88807dee0480)
[ 2537.688409]
[ 2537.688606] The buggy address belongs to the physical page:
[ 2537.689239] page:000000000ece5a2c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7dee0
[ 2537.690283] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2537.691069] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8880010418c0
[ 2537.691942] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2537.692814] page dumped because: kasan: bad access detected
[ 2537.693453]
[ 2537.693648] Memory state around the buggy address:
[ 2537.694202] ffff88807dee0300: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
[ 2537.695029] ffff88807dee0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.695849] >ffff88807dee0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2537.696705] ^
[ 2537.697101] ffff88807dee0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.697946] ffff88807dee0500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2537.698764] ==================================================================
[ 2537.714708] ==================================================================
[ 2537.715570] BUG: KASAN: use-after-free in ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 2537.716425] Read of size 1 at addr ffff88807dee0400 by task kunit_try_catch/48269
[ 2537.717307]
[ 2537.717527] CPU: 0 PID: 48269 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2537.719052] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2537.719729] Call Trace:
[ 2537.720043]
[ 2537.720322] ? ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 2537.720895] dump_stack_lvl+0x57/0x81
[ 2537.721364] print_address_description.constprop.0+0x1f/0x1e0
[ 2537.722031] ? ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 2537.722610] print_report.cold+0x5c/0x237
[ 2537.723099] kasan_report+0xc9/0x100
[ 2537.723562] ? ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 2537.724131] ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 2537.725239] ? kmem_cache_oob+0x2e0/0x2e0 [test_kasan]
[ 2537.725848] ? do_raw_spin_trylock+0xb5/0x180
[ 2537.726424] ? do_raw_spin_lock+0x270/0x270
[ 2537.726931] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2537.727601] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2537.728228] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.728822] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2537.729427] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.730125] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2537.730748] kthread+0x2a4/0x350
[ 2537.731148] ? kthread_complete_and_exit+0x20/0x20
[ 2537.731725] ret_from_fork+0x1f/0x30
[ 2537.732179]
[ 2537.732449]
[ 2537.732648] Allocated by task 48269:
[ 2537.733070] kasan_save_stack+0x1e/0x40
[ 2537.733512] __kasan_kmalloc+0x81/0xa0
[ 2537.733952] ksize_uaf+0x9a/0x4a0 [test_kasan]
[ 2537.734477] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.735044] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.735739] kthread+0x2a4/0x350
[ 2537.736136] ret_from_fork+0x1f/0x30
[ 2537.736559]
[ 2537.736753] Freed by task 48269:
[ 2537.737141] kasan_save_stack+0x1e/0x40
[ 2537.737597] kasan_set_track+0x21/0x30
[ 2537.738040] kasan_set_free_info+0x20/0x40
[ 2537.738516] __kasan_slab_free+0x108/0x170
[ 2537.738997] slab_free_freelist_hook+0x11d/0x1d0
[ 2537.739576] kfree+0xe2/0x3c0
[ 2537.739943] ksize_uaf+0x137/0x4a0 [test_kasan]
[ 2537.740498] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.741086] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.741803] kthread+0x2a4/0x350
[ 2537.742203] ret_from_fork+0x1f/0x30
[ 2537.742642]
[ 2537.742843] The buggy address belongs to the object at ffff88807dee0400
[ 2537.742843] which belongs to the cache kmalloc-128 of size 128
[ 2537.744281] The buggy address is located 0 bytes inside of
[ 2537.744281] 128-byte region [ffff88807dee0400, ffff88807dee0480)
[ 2537.745590]
[ 2537.745790] The buggy address belongs to the physical page:
[ 2537.746431] page:000000000ece5a2c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7dee0
[ 2537.747531] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2537.748346] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8880010418c0
[ 2537.749251] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2537.750125] page dumped because: kasan: bad access detected
[ 2537.750758]
[ 2537.750958] Memory state around the buggy address:
[ 2537.751552] ffff88807dee0300: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
[ 2537.752409] ffff88807dee0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.753274] >ffff88807dee0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2537.754125] ^
[ 2537.754527] ffff88807dee0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.755351] ffff88807dee0500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2537.756174] ==================================================================
[ 2537.757064] ==================================================================
[ 2537.757919] BUG: KASAN: use-after-free in ksize_uaf+0x470/0x4a0 [test_kasan]
[ 2537.758740] Read of size 1 at addr ffff88807dee0478 by task kunit_try_catch/48269
[ 2537.759610]
[ 2537.759808] CPU: 0 PID: 48269 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2537.761406] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2537.762111] Call Trace:
[ 2537.762407]
[ 2537.762667] ? ksize_uaf+0x470/0x4a0 [test_kasan]
[ 2537.763220] dump_stack_lvl+0x57/0x81
[ 2537.763654] print_address_description.constprop.0+0x1f/0x1e0
[ 2537.764327] ? ksize_uaf+0x470/0x4a0 [test_kasan]
[ 2537.764916] print_report.cold+0x5c/0x237
[ 2537.765413] kasan_report+0xc9/0x100
[ 2537.765858] ? ksize_uaf+0x470/0x4a0 [test_kasan]
[ 2537.766436] ksize_uaf+0x470/0x4a0 [test_kasan]
[ 2537.766977] ? kmem_cache_oob+0x2e0/0x2e0 [test_kasan]
[ 2537.767580] ? do_raw_spin_trylock+0xb5/0x180
[ 2537.768102] ? do_raw_spin_lock+0x270/0x270
[ 2537.768593] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2537.769280] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2537.769899] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.770520] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2537.771134] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.771922] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2537.772560] kthread+0x2a4/0x350
[ 2537.772963] ? kthread_complete_and_exit+0x20/0x20
[ 2537.773541] ret_from_fork+0x1f/0x30
[ 2537.773992]
[ 2537.774267]
[ 2537.774465] Allocated by task 48269:
[ 2537.774888] kasan_save_stack+0x1e/0x40
[ 2537.775341] __kasan_kmalloc+0x81/0xa0
[ 2537.775810] ksize_uaf+0x9a/0x4a0 [test_kasan]
[ 2537.776356] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.776952] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.777686] kthread+0x2a4/0x350
[ 2537.778096] ret_from_fork+0x1f/0x30
[ 2537.778545]
[ 2537.778748] Freed by task 48269:
[ 2537.779152] kasan_save_stack+0x1e/0x40
[ 2537.779619] kasan_set_track+0x21/0x30
[ 2537.780082] kasan_set_free_info+0x20/0x40
[ 2537.780579] __kasan_slab_free+0x108/0x170
[ 2537.781084] slab_free_freelist_hook+0x11d/0x1d0
[ 2537.781671] kfree+0xe2/0x3c0
[ 2537.782052] ksize_uaf+0x137/0x4a0 [test_kasan]
[ 2537.782601] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.783190] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.783950] kthread+0x2a4/0x350
[ 2537.784349] ret_from_fork+0x1f/0x30
[ 2537.784843]
[ 2537.785064] The buggy address belongs to the object at ffff88807dee0400
[ 2537.785064] which belongs to the cache kmalloc-128 of size 128
[ 2537.786545] The buggy address is located 120 bytes inside of
[ 2537.786545] 128-byte region [ffff88807dee0400, ffff88807dee0480)
[ 2537.787871]
[ 2537.788075] The buggy address belongs to the physical page:
[ 2537.788739] page:000000000ece5a2c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7dee0
[ 2537.789841] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2537.790672] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8880010418c0
[ 2537.791567] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2537.792459] page dumped because: kasan: bad access detected
[ 2537.793144]
[ 2537.793345] Memory state around the buggy address:
[ 2537.793995] ffff88807dee0300: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
[ 2537.794868] ffff88807dee0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.795723] >ffff88807dee0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2537.796579] ^
[ 2537.797430] ffff88807dee0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.798268] ffff88807dee0500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2537.799126] ==================================================================
[ 2537.805338] ok 38 - ksize_uaf
[ 2537.810370] ==================================================================
[ 2537.811630] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0x152/0x400
[ 2537.812544]
[ 2537.812749] CPU: 0 PID: 48270 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2537.814315] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2537.814980] Call Trace:
[ 2537.815276]
[ 2537.815537] dump_stack_lvl+0x57/0x81
[ 2537.815977] print_address_description.constprop.0+0x1f/0x1e0
[ 2537.816639] print_report.cold+0x5c/0x237
[ 2537.817133] ? kmem_cache_free+0x152/0x400
[ 2537.817635] ? kmem_cache_free+0x152/0x400
[ 2537.818129] kasan_report_invalid_free+0x99/0xc0
[ 2537.818697] ? kmem_cache_free+0x152/0x400
[ 2537.821283] ? kmem_cache_free+0x152/0x400
[ 2537.821771] __kasan_slab_free+0x152/0x170
[ 2537.822267] slab_free_freelist_hook+0x11d/0x1d0
[ 2537.822821] ? kmem_cache_double_free+0x1bd/0x280 [test_kasan]
[ 2537.823518] kmem_cache_free+0x152/0x400
[ 2537.824000] kmem_cache_double_free+0x1bd/0x280 [test_kasan]
[ 2537.824674] ? kmem_cache_invalid_free+0x280/0x280 [test_kasan]
[ 2537.825379] ? do_raw_spin_trylock+0xb5/0x180
[ 2537.825915] ? do_raw_spin_lock+0x270/0x270
[ 2537.826421] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2537.827102] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2537.827692] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2537.828303] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.828872] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2537.829472] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.830176] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2537.830767] kthread+0x2a4/0x350
[ 2537.831210] ? kthread_complete_and_exit+0x20/0x20
[ 2537.831791] ret_from_fork+0x1f/0x30
[ 2537.832241]
[ 2537.832523]
[ 2537.832721] Allocated by task 48270:
[ 2537.833143] kasan_save_stack+0x1e/0x40
[ 2537.833589] __kasan_slab_alloc+0x66/0x80
[ 2537.834058] kmem_cache_alloc+0x161/0x310
[ 2537.834540] kmem_cache_double_free+0x123/0x280 [test_kasan]
[ 2537.835218] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.835860] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.836584] kthread+0x2a4/0x350
[ 2537.836986] ret_from_fork+0x1f/0x30
[ 2537.837422]
[ 2537.837624] Freed by task 48270:
[ 2537.838022] kasan_save_stack+0x1e/0x40
[ 2537.838480] kasan_set_track+0x21/0x30
[ 2537.838928] kasan_set_free_info+0x20/0x40
[ 2537.839429] __kasan_slab_free+0x108/0x170
[ 2537.839896] slab_free_freelist_hook+0x11d/0x1d0
[ 2537.840429] kmem_cache_free+0x152/0x400
[ 2537.840902] kmem_cache_double_free+0x144/0x280 [test_kasan]
[ 2537.841593] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.842171] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.842887] kthread+0x2a4/0x350
[ 2537.843285] ret_from_fork+0x1f/0x30
[ 2537.843701]
[ 2537.843899] The buggy address belongs to the object at ffff8880671aa210
[ 2537.843899] which belongs to the cache test_cache of size 200
[ 2537.845296] The buggy address is located 0 bytes inside of
[ 2537.845296] 200-byte region [ffff8880671aa210, ffff8880671aa2d8)
[ 2537.846629]
[ 2537.846833] The buggy address belongs to the physical page:
[ 2537.847492] page:00000000f9411620 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x671aa
[ 2537.848577] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2537.849396] raw: 000fffffc0000200 0000000000000000 dead000000000122 ffff88807f8a7500
[ 2537.850306] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000
[ 2537.851223] page dumped because: kasan: bad access detected
[ 2537.851877]
[ 2537.852088] Memory state around the buggy address:
[ 2537.852663] ffff8880671aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.853545] ffff8880671aa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.854399] >ffff8880671aa200: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2537.855252] ^
[ 2537.855707] ffff8880671aa280: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc
[ 2537.856521] ffff8880671aa300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.857342] ==================================================================
[ 2537.932839] ok 39 - kmem_cache_double_free
[ 2537.937288] ==================================================================
[ 2537.938736] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0x152/0x400
[ 2537.941632]
[ 2537.941847] CPU: 0 PID: 48271 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2537.943462] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2537.944151] Call Trace:
[ 2537.944458]
[ 2537.944738] dump_stack_lvl+0x57/0x81
[ 2537.945177] print_address_description.constprop.0+0x1f/0x1e0
[ 2537.945831] print_report.cold+0x5c/0x237
[ 2537.946316] ? kmem_cache_free+0x152/0x400
[ 2537.946790] ? kmem_cache_free+0x152/0x400
[ 2537.947269] kasan_report_invalid_free+0x99/0xc0
[ 2537.947843] ? kmem_cache_free+0x152/0x400
[ 2537.948341] ? kmem_cache_free+0x152/0x400
[ 2537.948828] __kasan_slab_free+0x152/0x170
[ 2537.949315] slab_free_freelist_hook+0x11d/0x1d0
[ 2537.949851] ? kmem_cache_invalid_free+0x1b6/0x280 [test_kasan]
[ 2537.950537] kmem_cache_free+0x152/0x400
[ 2537.950995] kmem_cache_invalid_free+0x1b6/0x280 [test_kasan]
[ 2537.951680] ? kmem_cache_double_destroy+0x250/0x250 [test_kasan]
[ 2537.952415] ? do_raw_spin_trylock+0xb5/0x180
[ 2537.952946] ? do_raw_spin_lock+0x270/0x270
[ 2537.953454] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2537.954090] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2537.954660] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2537.955252] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.955852] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2537.956460] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.957190] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2537.957776] kthread+0x2a4/0x350
[ 2537.958179] ? kthread_complete_and_exit+0x20/0x20
[ 2537.958782] ret_from_fork+0x1f/0x30
[ 2537.959230]
[ 2537.959506]
[ 2537.959710] Allocated by task 48271:
[ 2537.960153] kasan_save_stack+0x1e/0x40
[ 2537.960591] __kasan_slab_alloc+0x66/0x80
[ 2537.961078] kmem_cache_alloc+0x161/0x310
[ 2537.961556] kmem_cache_invalid_free+0x126/0x280 [test_kasan]
[ 2537.962239] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2537.962825] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2537.963522] kthread+0x2a4/0x350
[ 2537.963901] ret_from_fork+0x1f/0x30
[ 2537.964324]
[ 2537.964516] The buggy address belongs to the object at ffff8880671aa948
[ 2537.964516] which belongs to the cache test_cache of size 200
[ 2537.965938] The buggy address is located 1 bytes inside of
[ 2537.965938] 200-byte region [ffff8880671aa948, ffff8880671aaa10)
[ 2537.967265]
[ 2537.967458] The buggy address belongs to the physical page:
[ 2537.968116] page:00000000f9411620 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x671aa
[ 2537.969184] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2537.969976] raw: 000fffffc0000200 0000000000000000 dead000000000122 ffff88807f8a7c80
[ 2537.970888] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000
[ 2537.971798] page dumped because: kasan: bad access detected
[ 2537.972451]
[ 2537.972659] Memory state around the buggy address:
[ 2537.973230] ffff8880671aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.974070] ffff8880671aa880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.974883] >ffff8880671aa900: fc fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00
[ 2537.975709] ^
[ 2537.976381] ffff8880671aa980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2537.977222] ffff8880671aaa00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2537.978076] ==================================================================
[ 2538.046319] ok 40 - kmem_cache_invalid_free
[ 2538.048624] ==================================================================
[ 2538.050100] BUG: KASAN: use-after-free in kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 2538.051096] Read of size 1 at addr ffff88807f8a7280 by task kunit_try_catch/48272
[ 2538.051967]
[ 2538.052164] CPU: 0 PID: 48272 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.053683] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.054385] Call Trace:
[ 2538.054691]
[ 2538.054964] ? kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 2538.055681] dump_stack_lvl+0x57/0x81
[ 2538.056120] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.056778] ? kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 2538.057521] print_report.cold+0x5c/0x237
[ 2538.058023] kasan_report+0xc9/0x100
[ 2538.058472] ? kmem_cache_free+0xd0/0x400
[ 2538.061005] ? kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 2538.061743] ? kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 2538.062486] __kasan_check_byte+0x36/0x50
[ 2538.062955] kmem_cache_destroy+0x21/0x170
[ 2538.063429] kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 2538.064153] ? kmalloc_oob_right+0x510/0x510 [test_kasan]
[ 2538.064804] ? do_raw_spin_trylock+0xb5/0x180
[ 2538.065347] ? do_raw_spin_lock+0x270/0x270
[ 2538.065839] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.066490] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.067117] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.067700] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.068318] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.069019] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.069641] kthread+0x2a4/0x350
[ 2538.070045] ? kthread_complete_and_exit+0x20/0x20
[ 2538.070625] ret_from_fork+0x1f/0x30
[ 2538.071074]
[ 2538.071351]
[ 2538.071553] Allocated by task 48272:
[ 2538.071991] kasan_save_stack+0x1e/0x40
[ 2538.072450] __kasan_slab_alloc+0x66/0x80
[ 2538.072933] kmem_cache_alloc+0x161/0x310
[ 2538.073409] kmem_cache_create_usercopy+0x1b9/0x310
[ 2538.073998] kmem_cache_create+0x12/0x20
[ 2538.074467] kmem_cache_double_destroy+0x8d/0x250 [test_kasan]
[ 2538.075162] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.075744] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.076465] kthread+0x2a4/0x350
[ 2538.076861] ret_from_fork+0x1f/0x30
[ 2538.077298]
[ 2538.077499] Freed by task 48272:
[ 2538.077891] kasan_save_stack+0x1e/0x40
[ 2538.078367] kasan_set_track+0x21/0x30
[ 2538.078829] kasan_set_free_info+0x20/0x40
[ 2538.079317] __kasan_slab_free+0x108/0x170
[ 2538.079815] slab_free_freelist_hook+0x11d/0x1d0
[ 2538.080381] kmem_cache_free+0x152/0x400
[ 2538.080858] kobject_cleanup+0x101/0x390
[ 2538.081339] kmem_cache_double_destroy+0x12a/0x250 [test_kasan]
[ 2538.082046] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.082629] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.083352] kthread+0x2a4/0x350
[ 2538.083812] ret_from_fork+0x1f/0x30
[ 2538.084250]
[ 2538.084451] The buggy address belongs to the object at ffff88807f8a7280
[ 2538.084451] which belongs to the cache kmem_cache of size 240
[ 2538.085878] The buggy address is located 0 bytes inside of
[ 2538.085878] 240-byte region [ffff88807f8a7280, ffff88807f8a7370)
[ 2538.087202]
[ 2538.087397] The buggy address belongs to the physical page:
[ 2538.088043] page:000000000178ea82 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7f8a7
[ 2538.089095] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.089911] raw: 000fffffc0000200 0000000000000000 dead000000000122 ffff888001041000
[ 2538.090809] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
[ 2538.091683] page dumped because: kasan: bad access detected
[ 2538.092318]
[ 2538.092515] Memory state around the buggy address:
[ 2538.093066] ffff88807f8a7180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.093936] ffff88807f8a7200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
[ 2538.094776] >ffff88807f8a7280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2538.095627] ^
[ 2538.096029] ffff88807f8a7300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[ 2538.096854] ffff88807f8a7380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 2538.097677] ==================================================================
[ 2538.099245] ok 41 - kmem_cache_double_destroy
[ 2538.101188] ok 42 - kasan_memchr # SKIP Test requires CONFIG_AMD_MEM_ENCRYPT=n
[ 2538.103252] ok 43 - kasan_memcmp # SKIP Test requires CONFIG_AMD_MEM_ENCRYPT=n
[ 2538.105430] ok 44 - kasan_strings # SKIP Test requires CONFIG_AMD_MEM_ENCRYPT=n
[ 2538.108258] ==================================================================
[ 2538.109906] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 2538.110911] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.111740]
[ 2538.111935] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.113404] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.114039] Call Trace:
[ 2538.114324]
[ 2538.114577] ? kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 2538.115295] dump_stack_lvl+0x57/0x81
[ 2538.115714] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.116359] ? kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 2538.117078] print_report.cold+0x5c/0x237
[ 2538.117530] kasan_report+0xc9/0x100
[ 2538.117942] ? kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 2538.118657] kasan_check_range+0xfd/0x1e0
[ 2538.119111] kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 2538.119807] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2538.120375] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.120878] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.121409] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.122024] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.122523] ? trace_kmalloc+0x3c/0x100
[ 2538.122959] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.123489] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2538.124089] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.124895] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.125530] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.126099] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.126643] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.127271] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.128026] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.128667] kthread+0x2a4/0x350
[ 2538.129090] ? kthread_complete_and_exit+0x20/0x20
[ 2538.129689] ret_from_fork+0x1f/0x30
[ 2538.130160]
[ 2538.130450]
[ 2538.130664] Allocated by task 48276:
[ 2538.131130] kasan_save_stack+0x1e/0x40
[ 2538.131562] __kasan_kmalloc+0x81/0xa0
[ 2538.131986] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.132579] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.133125] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.133796] kthread+0x2a4/0x350
[ 2538.134169] ret_from_fork+0x1f/0x30
[ 2538.134574]
[ 2538.134762] The buggy address belongs to the object at ffff88807d695020
[ 2538.134762] which belongs to the cache kmalloc-16 of size 16
[ 2538.136095] The buggy address is located 8 bytes inside of
[ 2538.136095] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.137332]
[ 2538.137523] The buggy address belongs to the physical page:
[ 2538.138136] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.139141] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.139892] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.140734] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.141579] page dumped because: kasan: bad access detected
[ 2538.142191]
[ 2538.142380] Memory state around the buggy address:
[ 2538.142912] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.143707] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.144497] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.145286] ^
[ 2538.145791] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.146580] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.147370] ==================================================================
[ 2538.148298] ==================================================================
[ 2538.149096] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 2538.150121] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.150961]
[ 2538.151153] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.152643] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.153280] Call Trace:
[ 2538.153566]
[ 2538.153816] ? kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 2538.154546] dump_stack_lvl+0x57/0x81
[ 2538.154967] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.155603] ? kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 2538.156332] print_report.cold+0x5c/0x237
[ 2538.156785] kasan_report+0xc9/0x100
[ 2538.157198] ? kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 2538.157923] kasan_check_range+0xfd/0x1e0
[ 2538.158374] kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 2538.159085] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2538.159651] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.160158] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.160686] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.161303] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.161802] ? trace_kmalloc+0x3c/0x100
[ 2538.162239] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.162769] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2538.163368] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.164189] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.164821] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.165392] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.165939] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.166501] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.167177] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.167748] kthread+0x2a4/0x350
[ 2538.168126] ? kthread_complete_and_exit+0x20/0x20
[ 2538.168660] ret_from_fork+0x1f/0x30
[ 2538.169081]
[ 2538.169342]
[ 2538.169532] Allocated by task 48276:
[ 2538.169940] kasan_save_stack+0x1e/0x40
[ 2538.170371] __kasan_kmalloc+0x81/0xa0
[ 2538.170795] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.171392] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.171939] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.172607] kthread+0x2a4/0x350
[ 2538.172981] ret_from_fork+0x1f/0x30
[ 2538.173387]
[ 2538.173578] The buggy address belongs to the object at ffff88807d695020
[ 2538.173578] which belongs to the cache kmalloc-16 of size 16
[ 2538.174904] The buggy address is located 8 bytes inside of
[ 2538.174904] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.176143]
[ 2538.176332] The buggy address belongs to the physical page:
[ 2538.176947] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.177951] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.178700] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.181636] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.182479] page dumped because: kasan: bad access detected
[ 2538.183091]
[ 2538.183280] Memory state around the buggy address:
[ 2538.183814] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.184607] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.185395] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.186185] ^
[ 2538.186691] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.187485] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.188384] ==================================================================
[ 2538.189238] ==================================================================
[ 2538.190036] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 2538.191053] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.191887]
[ 2538.192084] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.193567] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.194205] Call Trace:
[ 2538.194491]
[ 2538.194742] ? kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 2538.195467] dump_stack_lvl+0x57/0x81
[ 2538.195883] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.196522] ? kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 2538.197248] print_report.cold+0x5c/0x237
[ 2538.197700] kasan_report+0xc9/0x100
[ 2538.198112] ? kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 2538.198866] kasan_check_range+0xfd/0x1e0
[ 2538.199373] kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 2538.200171] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2538.200775] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.201284] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.201816] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.202434] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.202940] ? trace_kmalloc+0x3c/0x100
[ 2538.203374] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.203906] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2538.204511] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.205325] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.205964] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.206533] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.207083] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.207646] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.208324] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.208896] kthread+0x2a4/0x350
[ 2538.209273] ? kthread_complete_and_exit+0x20/0x20
[ 2538.209812] ret_from_fork+0x1f/0x30
[ 2538.210235]
[ 2538.210495]
[ 2538.210685] Allocated by task 48276:
[ 2538.211094] kasan_save_stack+0x1e/0x40
[ 2538.211528] __kasan_kmalloc+0x81/0xa0
[ 2538.211955] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.212552] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.213103] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.213779] kthread+0x2a4/0x350
[ 2538.214157] ret_from_fork+0x1f/0x30
[ 2538.214563]
[ 2538.214754] The buggy address belongs to the object at ffff88807d695020
[ 2538.214754] which belongs to the cache kmalloc-16 of size 16
[ 2538.216080] The buggy address is located 8 bytes inside of
[ 2538.216080] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.217319]
[ 2538.217508] The buggy address belongs to the physical page:
[ 2538.218119] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.219126] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.219877] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.220723] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.221568] page dumped because: kasan: bad access detected
[ 2538.222187]
[ 2538.222379] Memory state around the buggy address:
[ 2538.222921] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.223716] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.224518] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.225317] ^
[ 2538.225828] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.226627] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.227427] ==================================================================
[ 2538.228241] ==================================================================
[ 2538.229038] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 2538.230064] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.230905]
[ 2538.231102] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.232583] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.233226] Call Trace:
[ 2538.233514]
[ 2538.233767] ? kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 2538.234511] dump_stack_lvl+0x57/0x81
[ 2538.234934] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.235661] ? kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 2538.236472] print_report.cold+0x5c/0x237
[ 2538.236933] kasan_report+0xc9/0x100
[ 2538.237347] ? kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 2538.238082] kasan_check_range+0xfd/0x1e0
[ 2538.238539] kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 2538.239260] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2538.239831] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.240340] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.240875] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.241498] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.242006] ? trace_kmalloc+0x3c/0x100
[ 2538.242442] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.242982] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2538.243585] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.244414] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.245059] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.245635] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.246190] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.246758] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.247445] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.248028] kthread+0x2a4/0x350
[ 2538.248403] ? kthread_complete_and_exit+0x20/0x20
[ 2538.248944] ret_from_fork+0x1f/0x30
[ 2538.249365]
[ 2538.249626]
[ 2538.249820] Allocated by task 48276:
[ 2538.250232] kasan_save_stack+0x1e/0x40
[ 2538.250670] __kasan_kmalloc+0x81/0xa0
[ 2538.251102] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.251702] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.252257] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.252940] kthread+0x2a4/0x350
[ 2538.253312] ret_from_fork+0x1f/0x30
[ 2538.253723]
[ 2538.253916] The buggy address belongs to the object at ffff88807d695020
[ 2538.253916] which belongs to the cache kmalloc-16 of size 16
[ 2538.255265] The buggy address is located 8 bytes inside of
[ 2538.255265] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.256514]
[ 2538.256706] The buggy address belongs to the physical page:
[ 2538.257327] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.258345] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.259105] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.259955] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.260802] page dumped because: kasan: bad access detected
[ 2538.261420]
[ 2538.261614] Memory state around the buggy address:
[ 2538.262154] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.262950] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.263742] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.264541] ^
[ 2538.265094] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.265885] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.266723] ==================================================================
[ 2538.267530] ==================================================================
[ 2538.268329] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 2538.269347] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.270181]
[ 2538.270373] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.271859] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.272549] Call Trace:
[ 2538.272871]
[ 2538.273159] ? kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 2538.273943] dump_stack_lvl+0x57/0x81
[ 2538.274363] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.275009] ? kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 2538.275739] print_report.cold+0x5c/0x237
[ 2538.276200] kasan_report+0xc9/0x100
[ 2538.276613] ? kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 2538.277356] kasan_check_range+0xfd/0x1e0
[ 2538.277812] kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 2538.278533] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2538.279109] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.279615] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.280154] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.280774] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.281284] ? trace_kmalloc+0x3c/0x100
[ 2538.281719] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.282257] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2538.282858] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.283678] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.284333] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.284909] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.285461] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.286033] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.286713] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.287300] kthread+0x2a4/0x350
[ 2538.287675] ? kthread_complete_and_exit+0x20/0x20
[ 2538.288217] ret_from_fork+0x1f/0x30
[ 2538.288637]
[ 2538.288898]
[ 2538.289092] Allocated by task 48276:
[ 2538.289507] kasan_save_stack+0x1e/0x40
[ 2538.289947] __kasan_kmalloc+0x81/0xa0
[ 2538.290374] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.290982] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.291531] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.292212] kthread+0x2a4/0x350
[ 2538.292587] ret_from_fork+0x1f/0x30
[ 2538.293001]
[ 2538.293194] The buggy address belongs to the object at ffff88807d695020
[ 2538.293194] which belongs to the cache kmalloc-16 of size 16
[ 2538.294536] The buggy address is located 8 bytes inside of
[ 2538.294536] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.295781]
[ 2538.295975] The buggy address belongs to the physical page:
[ 2538.296591] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.297608] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.298371] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.301439] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.302294] page dumped because: kasan: bad access detected
[ 2538.302921]
[ 2538.303278] Memory state around the buggy address:
[ 2538.303881] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.304745] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.305547] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.306345] ^
[ 2538.306857] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.307657] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.308456] ==================================================================
[ 2538.309281] ==================================================================
[ 2538.310078] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 2538.311109] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.311937]
[ 2538.312129] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.313601] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.314244] Call Trace:
[ 2538.314533]
[ 2538.314788] ? kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 2538.315609] dump_stack_lvl+0x57/0x81
[ 2538.316084] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.316748] ? kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 2538.317485] print_report.cold+0x5c/0x237
[ 2538.317945] kasan_report+0xc9/0x100
[ 2538.318360] ? kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 2538.319095] kasan_check_range+0xfd/0x1e0
[ 2538.319552] kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 2538.320270] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2538.320846] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.321359] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.321895] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.322524] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.323036] ? trace_kmalloc+0x3c/0x100
[ 2538.323472] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.324013] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2538.324613] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.325438] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.326082] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.326654] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.327208] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.327780] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.328464] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.329044] kthread+0x2a4/0x350
[ 2538.329419] ? kthread_complete_and_exit+0x20/0x20
[ 2538.329963] ret_from_fork+0x1f/0x30
[ 2538.330384]
[ 2538.330647]
[ 2538.330839] Allocated by task 48276:
[ 2538.331257] kasan_save_stack+0x1e/0x40
[ 2538.331695] __kasan_kmalloc+0x81/0xa0
[ 2538.332124] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.332727] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.333282] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.333964] kthread+0x2a4/0x350
[ 2538.334340] ret_from_fork+0x1f/0x30
[ 2538.334749]
[ 2538.334944] The buggy address belongs to the object at ffff88807d695020
[ 2538.334944] which belongs to the cache kmalloc-16 of size 16
[ 2538.336278] The buggy address is located 8 bytes inside of
[ 2538.336278] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.337537]
[ 2538.337730] The buggy address belongs to the physical page:
[ 2538.338349] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.339373] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.340133] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.340986] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.341835] page dumped because: kasan: bad access detected
[ 2538.342456]
[ 2538.342648] Memory state around the buggy address:
[ 2538.343189] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.343988] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.344787] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.345597] ^
[ 2538.346113] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.346917] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.347712] ==================================================================
[ 2538.348526] ==================================================================
[ 2538.349325] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 2538.350349] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.351186]
[ 2538.351378] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.352865] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.353507] Call Trace:
[ 2538.353797]
[ 2538.354054] ? kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 2538.354786] dump_stack_lvl+0x57/0x81
[ 2538.355211] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.355859] ? kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 2538.356597] print_report.cold+0x5c/0x237
[ 2538.357065] kasan_report+0xc9/0x100
[ 2538.357478] ? kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 2538.358215] kasan_check_range+0xfd/0x1e0
[ 2538.358670] kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 2538.359390] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2538.359965] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.360474] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.361010] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.361627] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.362130] ? trace_kmalloc+0x3c/0x100
[ 2538.362560] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.363094] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2538.363689] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.364506] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.365137] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.365782] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.366398] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.366989] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.367660] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.368236] kthread+0x2a4/0x350
[ 2538.368607] ? kthread_complete_and_exit+0x20/0x20
[ 2538.369145] ret_from_fork+0x1f/0x30
[ 2538.369559]
[ 2538.369819]
[ 2538.370012] Allocated by task 48276:
[ 2538.370416] kasan_save_stack+0x1e/0x40
[ 2538.370848] __kasan_kmalloc+0x81/0xa0
[ 2538.371273] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.371873] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.372418] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.373094] kthread+0x2a4/0x350
[ 2538.373465] ret_from_fork+0x1f/0x30
[ 2538.373871]
[ 2538.374064] The buggy address belongs to the object at ffff88807d695020
[ 2538.374064] which belongs to the cache kmalloc-16 of size 16
[ 2538.375382] The buggy address is located 8 bytes inside of
[ 2538.375382] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.376618]
[ 2538.376807] The buggy address belongs to the physical page:
[ 2538.377419] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.378427] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.379174] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.380020] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.380855] page dumped because: kasan: bad access detected
[ 2538.381466]
[ 2538.381656] Memory state around the buggy address:
[ 2538.382190] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.382978] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.383764] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.384561] ^
[ 2538.385070] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.385855] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.386643] ==================================================================
[ 2538.387444] ==================================================================
[ 2538.388237] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 2538.389247] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.390071]
[ 2538.390261] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.391729] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.392365] Call Trace:
[ 2538.392649]
[ 2538.392903] ? kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 2538.393627] dump_stack_lvl+0x57/0x81
[ 2538.394047] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.394683] ? kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 2538.395411] print_report.cold+0x5c/0x237
[ 2538.395863] kasan_report+0xc9/0x100
[ 2538.396278] ? kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 2538.397004] kasan_check_range+0xfd/0x1e0
[ 2538.397455] kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 2538.398164] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2538.398732] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.399234] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.399771] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.400387] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.400887] ? trace_kmalloc+0x3c/0x100
[ 2538.401324] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.401855] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2538.402452] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.403265] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.403899] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.404467] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.405018] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.405579] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.406255] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.406824] kthread+0x2a4/0x350
[ 2538.407201] ? kthread_complete_and_exit+0x20/0x20
[ 2538.407736] ret_from_fork+0x1f/0x30
[ 2538.408156]
[ 2538.408423]
[ 2538.408612] Allocated by task 48276:
[ 2538.409019] kasan_save_stack+0x1e/0x40
[ 2538.409458] __kasan_kmalloc+0x81/0xa0
[ 2538.409866] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.410480] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.411027] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.411700] kthread+0x2a4/0x350
[ 2538.412073] ret_from_fork+0x1f/0x30
[ 2538.412480]
[ 2538.412669] The buggy address belongs to the object at ffff88807d695020
[ 2538.412669] which belongs to the cache kmalloc-16 of size 16
[ 2538.413996] The buggy address is located 8 bytes inside of
[ 2538.413996] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.415234]
[ 2538.415422] The buggy address belongs to the physical page:
[ 2538.416033] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.417038] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.417787] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.418633] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.421570] page dumped because: kasan: bad access detected
[ 2538.422182]
[ 2538.422371] Memory state around the buggy address:
[ 2538.422907] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.423695] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.424491] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.425288] ^
[ 2538.425778] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.426580] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.427370] ==================================================================
[ 2538.428182] ==================================================================
[ 2538.428977] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 2538.430088] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.430928]
[ 2538.431120] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.432605] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.433248] Call Trace:
[ 2538.433538]
[ 2538.433793] ? kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 2538.434609] dump_stack_lvl+0x57/0x81
[ 2538.435034] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.435679] ? kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 2538.436491] print_report.cold+0x5c/0x237
[ 2538.436952] kasan_report+0xc9/0x100
[ 2538.437364] ? kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 2538.438176] kasan_check_range+0xfd/0x1e0
[ 2538.438634] kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 2538.439445] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2538.440189] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.440700] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.441241] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.441864] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.442375] ? trace_kmalloc+0x3c/0x100
[ 2538.442813] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.443353] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2538.443967] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.444784] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.445425] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.446004] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.446562] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.447137] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.447820] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.448403] kthread+0x2a4/0x350
[ 2538.448776] ? kthread_complete_and_exit+0x20/0x20
[ 2538.449325] ret_from_fork+0x1f/0x30
[ 2538.449745]
[ 2538.450014]
[ 2538.450207] Allocated by task 48276:
[ 2538.450620] kasan_save_stack+0x1e/0x40
[ 2538.451058] __kasan_kmalloc+0x81/0xa0
[ 2538.451486] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.452091] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.452638] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.453324] kthread+0x2a4/0x350
[ 2538.453698] ret_from_fork+0x1f/0x30
[ 2538.454115]
[ 2538.454308] The buggy address belongs to the object at ffff88807d695020
[ 2538.454308] which belongs to the cache kmalloc-16 of size 16
[ 2538.455646] The buggy address is located 8 bytes inside of
[ 2538.455646] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.456898]
[ 2538.457090] The buggy address belongs to the physical page:
[ 2538.457703] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.458720] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.459490] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.460344] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.461197] page dumped because: kasan: bad access detected
[ 2538.461815]
[ 2538.462010] Memory state around the buggy address:
[ 2538.462548] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.463405] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.464301] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.465104] ^
[ 2538.465615] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.466493] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.467342] ==================================================================
[ 2538.468155] ==================================================================
[ 2538.468953] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 2538.470060] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.470892]
[ 2538.471086] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.472732] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.473408] Call Trace:
[ 2538.473710]
[ 2538.473980] ? kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 2538.474819] dump_stack_lvl+0x57/0x81
[ 2538.475254] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.475922] ? kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 2538.476762] print_report.cold+0x5c/0x237
[ 2538.477236] kasan_report+0xc9/0x100
[ 2538.477663] ? kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 2538.478510] kasan_check_range+0xfd/0x1e0
[ 2538.478979] kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 2538.479800] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2538.480562] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.481087] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.481636] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.482274] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.482795] ? trace_kmalloc+0x3c/0x100
[ 2538.483247] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.483796] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2538.484440] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.485286] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.485909] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.486460] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.487016] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.487559] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.488238] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.488823] kthread+0x2a4/0x350
[ 2538.489207] ? kthread_complete_and_exit+0x20/0x20
[ 2538.489764] ret_from_fork+0x1f/0x30
[ 2538.490197]
[ 2538.490466]
[ 2538.490660] Allocated by task 48276:
[ 2538.491084] kasan_save_stack+0x1e/0x40
[ 2538.491535] __kasan_kmalloc+0x81/0xa0
[ 2538.491996] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.492642] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.493209] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.493906] kthread+0x2a4/0x350
[ 2538.494291] ret_from_fork+0x1f/0x30
[ 2538.494714]
[ 2538.494912] The buggy address belongs to the object at ffff88807d695020
[ 2538.494912] which belongs to the cache kmalloc-16 of size 16
[ 2538.496309] The buggy address is located 8 bytes inside of
[ 2538.496309] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.497623]
[ 2538.497817] The buggy address belongs to the physical page:
[ 2538.498452] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.499493] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.500312] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.501220] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.502103] page dumped because: kasan: bad access detected
[ 2538.502733]
[ 2538.502932] Memory state around the buggy address:
[ 2538.503484] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.504347] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.505205] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.506067] ^
[ 2538.506559] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.507335] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.508152] ==================================================================
[ 2538.509003] ==================================================================
[ 2538.509869] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 2538.511065] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.511924]
[ 2538.512121] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.513683] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.514372] Call Trace:
[ 2538.514674]
[ 2538.514947] ? kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 2538.515839] dump_stack_lvl+0x57/0x81
[ 2538.516276] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.516942] ? kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 2538.517782] print_report.cold+0x5c/0x237
[ 2538.518264] kasan_report+0xc9/0x100
[ 2538.518683] ? kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 2538.519557] kasan_check_range+0xfd/0x1e0
[ 2538.520044] kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 2538.520896] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2538.521599] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.522088] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.522603] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.523197] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.523717] ? trace_kmalloc+0x3c/0x100
[ 2538.524173] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.524720] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2538.525362] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.526205] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.526847] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.527415] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.527950] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.528499] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.529184] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.529768] kthread+0x2a4/0x350
[ 2538.530156] ? kthread_complete_and_exit+0x20/0x20
[ 2538.530709] ret_from_fork+0x1f/0x30
[ 2538.531139]
[ 2538.531405]
[ 2538.531601] Allocated by task 48276:
[ 2538.532028] kasan_save_stack+0x1e/0x40
[ 2538.532473] __kasan_kmalloc+0x81/0xa0
[ 2538.532911] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.533558] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.534169] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.534860] kthread+0x2a4/0x350
[ 2538.535248] ret_from_fork+0x1f/0x30
[ 2538.535667]
[ 2538.535860] The buggy address belongs to the object at ffff88807d695020
[ 2538.535860] which belongs to the cache kmalloc-16 of size 16
[ 2538.537264] The buggy address is located 8 bytes inside of
[ 2538.537264] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.538597]
[ 2538.538782] The buggy address belongs to the physical page:
[ 2538.541587] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.542606] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.543333] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.544149] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.544985] page dumped because: kasan: bad access detected
[ 2538.545594]
[ 2538.545785] Memory state around the buggy address:
[ 2538.546334] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.547144] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.547938] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.548710] ^
[ 2538.549231] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.550021] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.550808] ==================================================================
[ 2538.551665] ==================================================================
[ 2538.552459] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 2538.553581] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.554412]
[ 2538.554602] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.556078] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.556713] Call Trace:
[ 2538.557012]
[ 2538.557281] ? kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 2538.558100] dump_stack_lvl+0x57/0x81
[ 2538.558518] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.559157] ? kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 2538.559945] print_report.cold+0x5c/0x237
[ 2538.560381] kasan_report+0xc9/0x100
[ 2538.560775] ? kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 2538.561565] kasan_check_range+0xfd/0x1e0
[ 2538.562006] kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 2538.562772] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2538.563478] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.563974] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.564514] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.565140] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.565636] ? trace_kmalloc+0x3c/0x100
[ 2538.566059] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.566574] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2538.567165] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.567955] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.568596] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.569179] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.569711] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.570263] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.570915] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.571466] kthread+0x2a4/0x350
[ 2538.571827] ? kthread_complete_and_exit+0x20/0x20
[ 2538.572372] ret_from_fork+0x1f/0x30
[ 2538.572788]
[ 2538.573063]
[ 2538.573246] Allocated by task 48276:
[ 2538.573640] kasan_save_stack+0x1e/0x40
[ 2538.574064] __kasan_kmalloc+0x81/0xa0
[ 2538.574472] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.575052] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.575577] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.576229] kthread+0x2a4/0x350
[ 2538.576588] ret_from_fork+0x1f/0x30
[ 2538.576985]
[ 2538.577169] The buggy address belongs to the object at ffff88807d695020
[ 2538.577169] which belongs to the cache kmalloc-16 of size 16
[ 2538.578382] The buggy address is located 8 bytes inside of
[ 2538.578382] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.579499]
[ 2538.579669] The buggy address belongs to the physical page:
[ 2538.580223] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.581216] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.581973] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.582812] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.583628] page dumped because: kasan: bad access detected
[ 2538.584248]
[ 2538.584437] Memory state around the buggy address:
[ 2538.584982] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.585766] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.586532] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.587301] ^
[ 2538.587793] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.588556] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.589322] ==================================================================
[ 2538.590097] ==================================================================
[ 2538.590811] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 2538.591817] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.592584]
[ 2538.592768] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.594194] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.594810] Call Trace:
[ 2538.595090]
[ 2538.595334] ? kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 2538.596113] dump_stack_lvl+0x57/0x81
[ 2538.596490] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.597140] ? kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 2538.597928] print_report.cold+0x5c/0x237
[ 2538.598365] kasan_report+0xc9/0x100
[ 2538.598760] ? kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 2538.599545] kasan_check_range+0xfd/0x1e0
[ 2538.599990] kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 2538.600756] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2538.601472] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.601967] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.602446] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.603038] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.603523] ? trace_kmalloc+0x3c/0x100
[ 2538.603945] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.604455] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2538.605046] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.605831] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.606446] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.607019] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.607564] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.608134] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.608782] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.609338] kthread+0x2a4/0x350
[ 2538.609698] ? kthread_complete_and_exit+0x20/0x20
[ 2538.610222] ret_from_fork+0x1f/0x30
[ 2538.610640]
[ 2538.610907]
[ 2538.611102] Allocated by task 48276:
[ 2538.611506] kasan_save_stack+0x1e/0x40
[ 2538.611967] __kasan_kmalloc+0x81/0xa0
[ 2538.612387] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.613000] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.613525] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.614180] kthread+0x2a4/0x350
[ 2538.614538] ret_from_fork+0x1f/0x30
[ 2538.614937]
[ 2538.615122] The buggy address belongs to the object at ffff88807d695020
[ 2538.615122] which belongs to the cache kmalloc-16 of size 16
[ 2538.616398] The buggy address is located 8 bytes inside of
[ 2538.616398] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.617639]
[ 2538.617828] The buggy address belongs to the physical page:
[ 2538.618457] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.619432] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.620203] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.621058] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.621867] page dumped because: kasan: bad access detected
[ 2538.622460]
[ 2538.622645] Memory state around the buggy address:
[ 2538.623165] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.623930] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.624736] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.625517] ^
[ 2538.626011] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.626771] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.627538] ==================================================================
[ 2538.628315] ==================================================================
[ 2538.629085] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 2538.630147] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.630947]
[ 2538.631131] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.632550] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.633173] Call Trace:
[ 2538.633432]
[ 2538.633659] ? kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 2538.634392] dump_stack_lvl+0x57/0x81
[ 2538.634769] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.635351] ? kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 2538.636136] print_report.cold+0x5c/0x237
[ 2538.636572] kasan_report+0xc9/0x100
[ 2538.636974] ? kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 2538.637758] kasan_check_range+0xfd/0x1e0
[ 2538.638200] kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 2538.638972] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2538.639673] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.640165] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.640675] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.641298] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.641800] ? trace_kmalloc+0x3c/0x100
[ 2538.642242] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.642755] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2538.643342] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.644157] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.644788] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.645356] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.645886] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.646468] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.647146] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.647697] kthread+0x2a4/0x350
[ 2538.648064] ? kthread_complete_and_exit+0x20/0x20
[ 2538.648582] ret_from_fork+0x1f/0x30
[ 2538.648995]
[ 2538.649245]
[ 2538.649447] Allocated by task 48276:
[ 2538.649853] kasan_save_stack+0x1e/0x40
[ 2538.650289] __kasan_kmalloc+0x81/0xa0
[ 2538.650710] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.651314] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.651857] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.652532] kthread+0x2a4/0x350
[ 2538.652908] ret_from_fork+0x1f/0x30
[ 2538.653315]
[ 2538.653506] The buggy address belongs to the object at ffff88807d695020
[ 2538.653506] which belongs to the cache kmalloc-16 of size 16
[ 2538.654801] The buggy address is located 8 bytes inside of
[ 2538.654801] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.656041]
[ 2538.656230] The buggy address belongs to the physical page:
[ 2538.656849] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.657898] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.658628] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.661527] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.662383] page dumped because: kasan: bad access detected
[ 2538.663004]
[ 2538.663189] Memory state around the buggy address:
[ 2538.663703] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.664528] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.665321] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.666104] ^
[ 2538.666593] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.667363] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.668134] ==================================================================
[ 2538.668926] ==================================================================
[ 2538.669689] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 2538.670796] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.671646]
[ 2538.671833] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.673272] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.673946] Call Trace:
[ 2538.674235]
[ 2538.674498] ? kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 2538.675297] dump_stack_lvl+0x57/0x81
[ 2538.675706] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.676332] ? kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 2538.677154] print_report.cold+0x5c/0x237
[ 2538.677612] kasan_report+0xc9/0x100
[ 2538.678056] ? kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 2538.678882] kasan_check_range+0xfd/0x1e0
[ 2538.679338] kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 2538.680137] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2538.680848] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.681346] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.681866] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.682472] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.682974] ? trace_kmalloc+0x3c/0x100
[ 2538.683419] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.683963] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2538.684578] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.685441] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.686083] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.686660] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.687210] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.687753] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.688408] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.688966] kthread+0x2a4/0x350
[ 2538.689324] ? kthread_complete_and_exit+0x20/0x20
[ 2538.689859] ret_from_fork+0x1f/0x30
[ 2538.690298]
[ 2538.690556]
[ 2538.690746] Allocated by task 48276:
[ 2538.691159] kasan_save_stack+0x1e/0x40
[ 2538.691574] __kasan_kmalloc+0x81/0xa0
[ 2538.691991] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.692583] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.693133] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.693806] kthread+0x2a4/0x350
[ 2538.694199] ret_from_fork+0x1f/0x30
[ 2538.694606]
[ 2538.694795] The buggy address belongs to the object at ffff88807d695020
[ 2538.694795] which belongs to the cache kmalloc-16 of size 16
[ 2538.696137] The buggy address is located 8 bytes inside of
[ 2538.696137] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.697367]
[ 2538.697553] The buggy address belongs to the physical page:
[ 2538.698147] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.699121] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.699883] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.700724] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.701557] page dumped because: kasan: bad access detected
[ 2538.702149]
[ 2538.702334] Memory state around the buggy address:
[ 2538.702845] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.703608] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.704401] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.705204] ^
[ 2538.705712] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.706504] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.707294] ==================================================================
[ 2538.708077] ==================================================================
[ 2538.708900] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 2538.710006] Read of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.710828]
[ 2538.711031] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.712474] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.713098] Call Trace:
[ 2538.713377]
[ 2538.713622] ? kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 2538.714471] dump_stack_lvl+0x57/0x81
[ 2538.714897] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.715522] ? kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 2538.716319] print_report.cold+0x5c/0x237
[ 2538.716761] kasan_report+0xc9/0x100
[ 2538.717168] ? kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 2538.717994] kasan_check_range+0xfd/0x1e0
[ 2538.718450] kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 2538.719243] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2538.719957] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.720447] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.720968] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.721570] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.722106] ? trace_kmalloc+0x3c/0x100
[ 2538.722544] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.723095] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2538.723687] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.724488] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.725107] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.725661] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.726199] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.726779] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.727482] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.728078] kthread+0x2a4/0x350
[ 2538.728442] ? kthread_complete_and_exit+0x20/0x20
[ 2538.728975] ret_from_fork+0x1f/0x30
[ 2538.729383]
[ 2538.729661]
[ 2538.729854] Allocated by task 48276:
[ 2538.730270] kasan_save_stack+0x1e/0x40
[ 2538.730715] __kasan_kmalloc+0x81/0xa0
[ 2538.731136] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.731725] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.732265] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.732935] kthread+0x2a4/0x350
[ 2538.733303] ret_from_fork+0x1f/0x30
[ 2538.733699]
[ 2538.733891] The buggy address belongs to the object at ffff88807d695020
[ 2538.733891] which belongs to the cache kmalloc-16 of size 16
[ 2538.735160] The buggy address is located 8 bytes inside of
[ 2538.735160] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.736293]
[ 2538.736466] The buggy address belongs to the physical page:
[ 2538.737029] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.738029] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.738797] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.739649] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.740502] page dumped because: kasan: bad access detected
[ 2538.741117]
[ 2538.741302] Memory state around the buggy address:
[ 2538.741822] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.742625] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.743427] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.744257] ^
[ 2538.744770] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.745566] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.746382] ==================================================================
[ 2538.747230] ==================================================================
[ 2538.748027] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 2538.749141] Read of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.749999]
[ 2538.750192] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.751655] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.752280] Call Trace:
[ 2538.752584]
[ 2538.752837] ? kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 2538.753672] dump_stack_lvl+0x57/0x81
[ 2538.754084] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.754709] ? kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 2538.755508] print_report.cold+0x5c/0x237
[ 2538.755954] kasan_report+0xc9/0x100
[ 2538.756353] ? kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 2538.757153] kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 2538.757957] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2538.758695] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.759199] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.759711] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.760312] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.760828] ? trace_kmalloc+0x3c/0x100
[ 2538.761265] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.761797] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2538.762408] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.763220] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.763830] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.764382] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.764971] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.765533] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.766212] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.766780] kthread+0x2a4/0x350
[ 2538.767155] ? kthread_complete_and_exit+0x20/0x20
[ 2538.767691] ret_from_fork+0x1f/0x30
[ 2538.768113]
[ 2538.768372]
[ 2538.768561] Allocated by task 48276:
[ 2538.768969] kasan_save_stack+0x1e/0x40
[ 2538.769402] __kasan_kmalloc+0x81/0xa0
[ 2538.769826] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.770428] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.770979] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.771651] kthread+0x2a4/0x350
[ 2538.772030] ret_from_fork+0x1f/0x30
[ 2538.772441]
[ 2538.772634] The buggy address belongs to the object at ffff88807d695020
[ 2538.772634] which belongs to the cache kmalloc-16 of size 16
[ 2538.773963] The buggy address is located 8 bytes inside of
[ 2538.773963] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.775172]
[ 2538.775358] The buggy address belongs to the physical page:
[ 2538.775988] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.777018] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.777762] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.778593] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.789835] page dumped because: kasan: bad access detected
[ 2538.790470]
[ 2538.790671] Memory state around the buggy address:
[ 2538.791230] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.792041] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.792839] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.793642] ^
[ 2538.794160] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.794961] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.795760] ==================================================================
[ 2538.796590] ==================================================================
[ 2538.797393] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 2538.798504] Write of size 8 at addr ffff88807d695028 by task kunit_try_catch/48276
[ 2538.799313]
[ 2538.799519] CPU: 0 PID: 48276 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.801125] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.801790] Call Trace:
[ 2538.802115]
[ 2538.802379] ? kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 2538.803222] dump_stack_lvl+0x57/0x81
[ 2538.803655] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.804301] ? kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 2538.805155] print_report.cold+0x5c/0x237
[ 2538.805622] kasan_report+0xc9/0x100
[ 2538.806052] ? kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 2538.806899] kasan_check_range+0xfd/0x1e0
[ 2538.807375] kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 2538.808183] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2538.808921] ? kunit_kfree+0x200/0x200 [kunit]
[ 2538.809424] ? rcu_read_lock_sched_held+0x12/0x80
[ 2538.809989] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.810624] ? rcu_read_lock_bh_held+0x40/0x70
[ 2538.811153] ? trace_kmalloc+0x3c/0x100
[ 2538.811602] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2538.812173] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2538.812803] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2538.813658] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2538.814330] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.814939] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.815505] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.816108] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.816803] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.817474] kthread+0x2a4/0x350
[ 2538.818035] ? kthread_complete_and_exit+0x20/0x20
[ 2538.818655] ret_from_fork+0x1f/0x30
[ 2538.819145]
[ 2538.819460]
[ 2538.819681] Allocated by task 48276:
[ 2538.820168] kasan_save_stack+0x1e/0x40
[ 2538.820672] __kasan_kmalloc+0x81/0xa0
[ 2538.821165] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2538.821808] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.822393] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.823097] kthread+0x2a4/0x350
[ 2538.823479] ret_from_fork+0x1f/0x30
[ 2538.823901]
[ 2538.824098] The buggy address belongs to the object at ffff88807d695020
[ 2538.824098] which belongs to the cache kmalloc-16 of size 16
[ 2538.825485] The buggy address is located 8 bytes inside of
[ 2538.825485] 16-byte region [ffff88807d695020, ffff88807d695030)
[ 2538.826782]
[ 2538.826981] The buggy address belongs to the physical page:
[ 2538.827617] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.828762] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.829635] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.830618] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.831603] page dumped because: kasan: bad access detected
[ 2538.832281]
[ 2538.832481] Memory state around the buggy address:
[ 2538.833037] ffff88807d694f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.833857] ffff88807d694f80: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2538.834697] >ffff88807d695000: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc
[ 2538.835520] ^
[ 2538.836051] ffff88807d695080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.836883] ffff88807d695100: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.837698] ==================================================================
[ 2538.843177] ok 45 - kasan_bitops_generic
[ 2538.849465] ok 46 - kasan_bitops_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 2538.854278] ==================================================================
[ 2538.855959] BUG: KASAN: use-after-free in kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2538.856893] Read of size 1 at addr ffff88807d6955c0 by task kunit_try_catch/48278
[ 2538.857739]
[ 2538.857956] CPU: 0 PID: 48278 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.859436] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.860079] Call Trace:
[ 2538.860390]
[ 2538.860655] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2538.861323] dump_stack_lvl+0x57/0x81
[ 2538.861754] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.862437] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2538.863075] print_report.cold+0x5c/0x237
[ 2538.863554] kasan_report+0xc9/0x100
[ 2538.863989] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2538.864653] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2538.865334] __kasan_check_byte+0x36/0x50
[ 2538.865802] kfree_sensitive+0x1b/0x60
[ 2538.866268] kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2538.866914] ? vmalloc_oob+0x5e0/0x5e0 [test_kasan]
[ 2538.867477] ? do_raw_spin_trylock+0xb5/0x180
[ 2538.868063] ? do_raw_spin_lock+0x270/0x270
[ 2538.868567] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.869210] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.869797] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.870369] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.870962] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.871667] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.872245] kthread+0x2a4/0x350
[ 2538.872615] ? kthread_complete_and_exit+0x20/0x20
[ 2538.873189] ret_from_fork+0x1f/0x30
[ 2538.873627]
[ 2538.873900]
[ 2538.874103] Allocated by task 48278:
[ 2538.874524] kasan_save_stack+0x1e/0x40
[ 2538.874976] __kasan_kmalloc+0x81/0xa0
[ 2538.875414] kmalloc_double_kzfree+0x9a/0x270 [test_kasan]
[ 2538.876041] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.876606] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.877311] kthread+0x2a4/0x350
[ 2538.877694] ret_from_fork+0x1f/0x30
[ 2538.878120]
[ 2538.878316] Freed by task 48278:
[ 2538.878698] kasan_save_stack+0x1e/0x40
[ 2538.879150] kasan_set_track+0x21/0x30
[ 2538.879589] kasan_set_free_info+0x20/0x40
[ 2538.880075] __kasan_slab_free+0x108/0x170
[ 2538.880562] slab_free_freelist_hook+0x11d/0x1d0
[ 2538.881112] kfree+0xe2/0x3c0
[ 2538.881477] kmalloc_double_kzfree+0x137/0x270 [test_kasan]
[ 2538.882125] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.882689] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.883389] kthread+0x2a4/0x350
[ 2538.883774] ret_from_fork+0x1f/0x30
[ 2538.884198]
[ 2538.884395] The buggy address belongs to the object at ffff88807d6955c0
[ 2538.884395] which belongs to the cache kmalloc-16 of size 16
[ 2538.885805] The buggy address is located 0 bytes inside of
[ 2538.885805] 16-byte region [ffff88807d6955c0, ffff88807d6955d0)
[ 2538.887088]
[ 2538.887285] The buggy address belongs to the physical page:
[ 2538.887925] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.888985] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.889770] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.890658] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.891530] page dumped because: kasan: bad access detected
[ 2538.892173]
[ 2538.892369] Memory state around the buggy address:
[ 2538.892926] ffff88807d695480: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2538.893719] ffff88807d695500: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.894498] >ffff88807d695580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.895275] ^
[ 2538.895849] ffff88807d695600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.896734] ffff88807d695680: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.897613] ==================================================================
[ 2538.898474] ==================================================================
[ 2538.901349] BUG: KASAN: double-free or invalid-free in kfree+0xe2/0x3c0
[ 2538.902077]
[ 2538.902265] CPU: 0 PID: 48278 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.903716] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.904349] Call Trace:
[ 2538.904631]
[ 2538.904887] dump_stack_lvl+0x57/0x81
[ 2538.905301] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.905941] print_report.cold+0x5c/0x237
[ 2538.906383] ? kfree+0xe2/0x3c0
[ 2538.906741] ? kfree+0xe2/0x3c0
[ 2538.907104] kasan_report_invalid_free+0x99/0xc0
[ 2538.907617] ? kfree+0xe2/0x3c0
[ 2538.907978] ? kfree+0xe2/0x3c0
[ 2538.908335] __kasan_slab_free+0x152/0x170
[ 2538.908788] slab_free_freelist_hook+0x11d/0x1d0
[ 2538.909305] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2538.909938] kfree+0xe2/0x3c0
[ 2538.910281] ? __kasan_check_byte+0x36/0x50
[ 2538.910743] kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2538.911359] ? vmalloc_oob+0x5e0/0x5e0 [test_kasan]
[ 2538.911903] ? do_raw_spin_trylock+0xb5/0x180
[ 2538.912390] ? do_raw_spin_lock+0x270/0x270
[ 2538.912862] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.913467] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.914029] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.914568] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.915129] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.915791] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.916359] kthread+0x2a4/0x350
[ 2538.916727] ? kthread_complete_and_exit+0x20/0x20
[ 2538.917281] ret_from_fork+0x1f/0x30
[ 2538.917734]
[ 2538.917992]
[ 2538.918179] Allocated by task 48278:
[ 2538.918583] kasan_save_stack+0x1e/0x40
[ 2538.919013] __kasan_kmalloc+0x81/0xa0
[ 2538.919429] kmalloc_double_kzfree+0x9a/0x270 [test_kasan]
[ 2538.920025] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.920560] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.921222] kthread+0x2a4/0x350
[ 2538.921586] ret_from_fork+0x1f/0x30
[ 2538.921993]
[ 2538.922182] Freed by task 48278:
[ 2538.922545] kasan_save_stack+0x1e/0x40
[ 2538.922974] kasan_set_track+0x21/0x30
[ 2538.923438] kasan_set_free_info+0x20/0x40
[ 2538.923946] __kasan_slab_free+0x108/0x170
[ 2538.924451] slab_free_freelist_hook+0x11d/0x1d0
[ 2538.925009] kfree+0xe2/0x3c0
[ 2538.925348] kmalloc_double_kzfree+0x137/0x270 [test_kasan]
[ 2538.925959] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.926497] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.927161] kthread+0x2a4/0x350
[ 2538.927525] ret_from_fork+0x1f/0x30
[ 2538.927935]
[ 2538.928122] The buggy address belongs to the object at ffff88807d6955c0
[ 2538.928122] which belongs to the cache kmalloc-16 of size 16
[ 2538.929421] The buggy address is located 0 bytes inside of
[ 2538.929421] 16-byte region [ffff88807d6955c0, ffff88807d6955d0)
[ 2538.930640]
[ 2538.930827] The buggy address belongs to the physical page:
[ 2538.931431] page:000000004d6d56b7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d695
[ 2538.932421] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.933162] raw: 000fffffc0000200 ffffea0000160740 dead000000000002 ffff8880010413c0
[ 2538.933997] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2538.934824] page dumped because: kasan: bad access detected
[ 2538.935430]
[ 2538.935616] Memory state around the buggy address:
[ 2538.936145] ffff88807d695480: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2538.936928] ffff88807d695500: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.937703] >ffff88807d695580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.938480] ^
[ 2538.939059] ffff88807d695600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2538.939836] ffff88807d695680: fa fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[ 2538.940614] ==================================================================
[ 2538.941597] ok 47 - kmalloc_double_kzfree
[ 2538.944694] ok 48 - vmalloc_helpers_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 2538.946142] ==================================================================
[ 2538.947813] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 2538.948660] Read of size 1 at addr ffffc900000797f3 by task kunit_try_catch/48280
[ 2538.949467]
[ 2538.949654] CPU: 0 PID: 48280 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.951115] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.951740] Call Trace:
[ 2538.952028]
[ 2538.952277] ? vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 2538.952816] dump_stack_lvl+0x57/0x81
[ 2538.953232] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.953868] ? vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 2538.954408] print_report.cold+0x5c/0x237
[ 2538.954858] kasan_report+0xc9/0x100
[ 2538.955259] ? vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 2538.955798] vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 2538.956322] ? kasan_global_oob_right+0x1f0/0x1f0 [test_kasan]
[ 2538.956968] ? do_raw_spin_trylock+0xb5/0x180
[ 2538.957453] ? do_raw_spin_lock+0x270/0x270
[ 2538.957923] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.958529] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.959090] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.959630] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.960191] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.960855] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.961420] kthread+0x2a4/0x350
[ 2538.961787] ? kthread_complete_and_exit+0x20/0x20
[ 2538.962319] ret_from_fork+0x1f/0x30
[ 2538.962729]
[ 2538.962990]
[ 2538.963176] The buggy address belongs to the virtual mapping at
[ 2538.963176] [ffffc90000079000, ffffc9000007b000) created by:
[ 2538.963176] vmalloc_oob+0x78/0x5e0 [test_kasan]
[ 2538.964885]
[ 2538.965073] The buggy address belongs to the physical page:
[ 2538.965673] page:000000002fd334a9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7f221
[ 2538.966664] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.967372] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 2538.968204] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2538.969037] page dumped because: kasan: bad access detected
[ 2538.969639]
[ 2538.969825] Memory state around the buggy address:
[ 2538.970361] ffffc90000079680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.971117] ffffc90000079700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.971872] >ffffc90000079780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[ 2538.972619] ^
[ 2538.973334] ffffc90000079800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 2538.974088] ffffc90000079880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 2538.974837] ==================================================================
[ 2538.975641] ==================================================================
[ 2538.976429] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 2538.977271] Read of size 1 at addr ffffc900000797f8 by task kunit_try_catch/48280
[ 2538.978080]
[ 2538.978267] CPU: 0 PID: 48280 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-232.1873_744855668.el9.x86_64+debug #1
[ 2538.979712] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2538.980341] Call Trace:
[ 2538.980621]
[ 2538.980873] ? vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 2538.981411] dump_stack_lvl+0x57/0x81
[ 2538.981821] print_address_description.constprop.0+0x1f/0x1e0
[ 2538.982453] ? vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 2538.982994] print_report.cold+0x5c/0x237
[ 2538.983439] kasan_report+0xc9/0x100
[ 2538.983841] ? vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 2538.984385] vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 2538.984908] ? kasan_global_oob_right+0x1f0/0x1f0 [test_kasan]
[ 2538.985548] ? do_raw_spin_trylock+0xb5/0x180
[ 2538.986036] ? do_raw_spin_lock+0x270/0x270
[ 2538.986501] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2538.987136] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2538.987761] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2538.988368] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2538.988962] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2538.989627] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2538.990193] kthread+0x2a4/0x350
[ 2538.990557] ? kthread_complete_and_exit+0x20/0x20
[ 2538.991090] ret_from_fork+0x1f/0x30
[ 2538.991497]
[ 2538.991752]
[ 2538.991942] The buggy address belongs to the virtual mapping at
[ 2538.991942] [ffffc90000079000, ffffc9000007b000) created by:
[ 2538.991942] vmalloc_oob+0x78/0x5e0 [test_kasan]
[ 2538.993660]
[ 2538.993851] The buggy address belongs to the physical page:
[ 2538.994451] page:000000002fd334a9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7f221
[ 2538.995447] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)
[ 2538.996145] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 2538.996983] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2538.997806] page dumped because: kasan: bad access detected
[ 2538.998415]
[ 2538.998602] Memory state around the buggy address:
[ 2538.999134] ffffc90000079680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2538.999922] ffffc90000079700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2539.000697] >ffffc90000079780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[ 2539.001474] ^
[ 2539.002246] ffffc90000079800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 2539.003022] ffffc90000079880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 2539.003797] ==================================================================
[ 2539.067118] ok 49 - vmalloc_oob
[ 2539.069143] ok 50 - vmap_tags # SKIP Test requires CONFIG_KASAN_SW_TAGS=y
[ 2539.073909] ok 51 - vm_map_ram_tags # SKIP Test requires CONFIG_KASAN_SW_TAGS=y
[ 2539.076901] ok 52 - vmalloc_percpu # SKIP Test requires CONFIG_KASAN_SW_TAGS=y
[ 2539.079378] ok 53 - match_all_not_assigned # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 2539.082237] ok 54 - match_all_ptr_tag # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 2539.084964] ok 55 - match_all_mem_tag # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 2539.085851] ok 20 - kasan
[ 2539.471854] # Subtest: linear-ranges-test
[ 2539.471862] 1..4
[ 2539.475961] ok 1 - range_test_get_value_amount
[ 2539.477879] ok 2 - range_test_get_selector_high
[ 2539.479870] ok 3 - range_test_get_selector_low
[ 2539.481934] ok 4 - range_test_get_value
[ 2539.482487] ok 21 - linear-ranges-test
[ 2539.603535] # Subtest: list_sort
[ 2539.603542] 1..1
[ 2539.624744] ok 1 - list_sort_test
[ 2539.625081] ok 22 - list_sort
[ 2539.965717] # Subtest: time_test_cases
[-- MARK -- Thu Jan 12 09:35:00 2023]
[ 2539.965725] 1..1
[ 2544.560348] ok 1 - time64_to_tm_test_date_range
[ 2544.563013] ok 23 - time_test_cases
[ 2544.808777] systemd-journald[565]: Data hash table of /run/log/journal/a1c1fb002dca47abab9832fc6f21eadc/system.journal has a fill level at 75.0 (7323 of 9763 items, 5623808 file size, 767 bytes per hash table item), suggesting rotation.
[ 2544.883049] systemd-journald[565]: /run/log/journal/a1c1fb002dca47abab9832fc6f21eadc/system.journal: Journal header limits reached or header out-of-date, rotating.