[ 3358.401303] Running test [R:13324321 T:8 - KUNIT - Kernel: 5.14.0-254.1999_765258838.el9.x86_64+debug]
[ 3369.671040] # Subtest: bitfields
[ 3369.671054] 1..2
[ 3369.673215] ok 1 - test_bitfields_constants
[ 3369.674065] ok 2 - test_bitfields_variables
[ 3369.674799] ok 1 - bitfields
[ 3370.232236] # Subtest: cmdline
[ 3370.232248] 1..4
[ 3370.233488] ok 1 - cmdline_test_noint
[ 3370.234527] ok 2 - cmdline_test_lead_int
[ 3370.235497] ok 3 - cmdline_test_tail_int
[ 3370.236626] ok 4 - cmdline_test_range
[ 3370.237321] ok 2 - cmdline
[ 3370.764961] # Subtest: ext4_inode_test
[ 3370.764974] 1..1
[ 3370.766577] # inode_test_xtimestamp_decoding: ok 1 - 1901-12-13 Lower bound of 32bit < 0 timestamp, no extra bits
[ 3370.770228] # inode_test_xtimestamp_decoding: ok 2 - 1969-12-31 Upper bound of 32bit < 0 timestamp, no extra bits
[ 3370.772494] # inode_test_xtimestamp_decoding: ok 3 - 1970-01-01 Lower bound of 32bit >=0 timestamp, no extra bits
[ 3370.774516] # inode_test_xtimestamp_decoding: ok 4 - 2038-01-19 Upper bound of 32bit >=0 timestamp, no extra bits
[ 3370.776616] # inode_test_xtimestamp_decoding: ok 5 - 2038-01-19 Lower bound of 32bit <0 timestamp, lo extra sec bit on
[ 3370.778784] # inode_test_xtimestamp_decoding: ok 6 - 2106-02-07 Upper bound of 32bit <0 timestamp, lo extra sec bit on
[ 3370.780969] # inode_test_xtimestamp_decoding: ok 7 - 2106-02-07 Lower bound of 32bit >=0 timestamp, lo extra sec bit on
[ 3370.783293] # inode_test_xtimestamp_decoding: ok 8 - 2174-02-25 Upper bound of 32bit >=0 timestamp, lo extra sec bit on
[ 3370.785465] # inode_test_xtimestamp_decoding: ok 9 - 2174-02-25 Lower bound of 32bit <0 timestamp, hi extra sec bit on
[ 3370.787597] # inode_test_xtimestamp_decoding: ok 10 - 2242-03-16 Upper bound of 32bit <0 timestamp, hi extra sec bit on
[ 3370.789779] # inode_test_xtimestamp_decoding: ok 11 - 2242-03-16 Lower bound of 32bit >=0 timestamp, hi extra sec bit on
[ 3370.791980] # inode_test_xtimestamp_decoding: ok 12 - 2310-04-04 Upper bound of 32bit >=0 timestamp, hi extra sec bit on
[ 3370.794245] # inode_test_xtimestamp_decoding: ok 13 - 2310-04-04 Upper bound of 32bit>=0 timestamp, hi extra sec bit 1. 1 ns
[ 3370.796497] # inode_test_xtimestamp_decoding: ok 14 - 2378-04-22 Lower bound of 32bit>= timestamp. Extra sec bits 1. Max ns
[ 3370.798805] # inode_test_xtimestamp_decoding: ok 15 - 2378-04-22 Lower bound of 32bit >=0 timestamp. All extra sec bits on
[ 3370.800992] # inode_test_xtimestamp_decoding: ok 16 - 2446-05-10 Upper bound of 32bit >=0 timestamp. All extra sec bits on
[ 3370.802894] ok 1 - inode_test_xtimestamp_decoding
[ 3370.804730] ok 3 - ext4_inode_test
[ 3371.977835] # Subtest: kunit-try-catch-test
[ 3371.977847] 1..2
[ 3371.979383] ok 1 - kunit_test_try_catch_successful_try_no_catch
[ 3371.980533] ok 2 - kunit_test_try_catch_unsuccessful_try_does_catch
[ 3371.981468] ok 4 - kunit-try-catch-test
[ 3371.983266] # Subtest: kunit-resource-test
[ 3371.983273] 1..7
[ 3371.984308] ok 1 - kunit_resource_test_init_resources
[ 3371.985400] ok 2 - kunit_resource_test_alloc_resource
[ 3371.986763] ok 3 - kunit_resource_test_destroy_resource
[ 3371.988130] ok 4 - kunit_resource_test_cleanup_resources
[ 3371.989373] ok 5 - kunit_resource_test_proper_free_ordering
[ 3371.990767] ok 6 - kunit_resource_test_static
[ 3371.992046] ok 7 - kunit_resource_test_named
[ 3371.992723] ok 5 - kunit-resource-test
[ 3371.994293] # Subtest: kunit-log-test
[ 3371.994300] 1..1
[ 3371.995244] put this in log.
[ 3371.995582] this too.
[ 3371.996187] add to suite log.
[ 3371.996530] along with this.
[ 3371.997040] ok 1 - kunit_log_test
[ 3371.997474] ok 6 - kunit-log-test
[ 3371.998773] # Subtest: kunit_status
[ 3371.998781] 1..2
[ 3371.999744] ok 1 - kunit_status_set_failure_test
[ 3372.000452] ok 2 - kunit_status_mark_skipped_test
[ 3372.001238] ok 7 - kunit_status
[ 3372.142437] # Subtest: rtc_lib_test_cases
[ 3372.142447] 1..1
[ 3377.988908] ok 1 - rtc_time64_to_tm_test_date_range
[ 3377.989300] ok 8 - rtc_lib_test_cases
[ 3378.138155] # Subtest: list-kunit-test
[ 3378.138167] 1..36
[ 3378.139219] ok 1 - list_test_list_init
[ 3378.140002] ok 2 - list_test_list_add
[ 3378.140894] ok 3 - list_test_list_add_tail
[ 3378.141808] ok 4 - list_test_list_del
[ 3378.142822] ok 5 - list_test_list_replace
[ 3378.143697] ok 6 - list_test_list_replace_init
[ 3378.144691] ok 7 - list_test_list_swap
[ 3378.145672] ok 8 - list_test_list_del_init
[ 3378.146611] ok 9 - list_test_list_move
[ 3378.147805] ok 10 - list_test_list_move_tail
[ 3378.148703] ok 11 - list_test_list_bulk_move_tail
[ 3378.150092] ok 12 - list_test_list_is_first
[ 3378.151106] ok 13 - list_test_list_is_last
[ 3378.152600] ok 14 - list_test_list_empty
[ 3378.153919] ok 15 - list_test_list_empty_careful
[ 3378.154889] ok 16 - list_test_list_rotate_left
[ 3378.156378] ok 17 - list_test_list_rotate_to_front
[ 3378.157798] ok 18 - list_test_list_is_singular
[ 3378.158837] ok 19 - list_test_list_cut_position
[ 3378.159976] ok 20 - list_test_list_cut_before
[ 3378.161025] ok 21 - list_test_list_splice
[ 3378.162115] ok 22 - list_test_list_splice_tail
[ 3378.163147] ok 23 - list_test_list_splice_init
[ 3378.164318] ok 24 - list_test_list_splice_tail_init
[ 3378.165400] ok 25 - list_test_list_entry
[ 3378.166441] ok 26 - list_test_list_first_entry
[ 3378.167345] ok 27 - list_test_list_last_entry
[ 3378.168378] ok 28 - list_test_list_first_entry_or_null
[ 3378.169425] ok 29 - list_test_list_next_entry
[ 3378.170936] ok 30 - list_test_list_prev_entry
[ 3378.171939] ok 31 - list_test_list_for_each
[ 3378.172984] ok 32 - list_test_list_for_each_prev
[ 3378.174122] ok 33 - list_test_list_for_each_safe
[ 3378.175206] ok 34 - list_test_list_for_each_prev_safe
[ 3378.176243] ok 35 - list_test_list_for_each_entry
[ 3378.177247] ok 36 - list_test_list_for_each_entry_reverse
[ 3378.178019] ok 9 - list-kunit-test
[ 3378.310770] # Subtest: memcpy
[ 3378.310782] 1..4
[ 3378.311608] # memset_test: ok: memset() direct assignment
[ 3378.312643] # memset_test: ok: memset() complete overwrite
[ 3378.313362] # memset_test: ok: memset() middle overwrite
[ 3378.314104] # memset_test: ok: memset() argument side-effects
[ 3378.314882] # memset_test: ok: memset() memset_after()
[ 3378.315580] # memset_test: ok: memset() memset_startat()
[ 3378.316315] ok 1 - memset_test
[ 3378.317598] # memcpy_test: ok: memcpy() static initializers
[ 3378.318810] # memcpy_test: ok: memcpy() direct assignment
[ 3378.319623] # memcpy_test: ok: memcpy() complete overwrite
[ 3378.320424] # memcpy_test: ok: memcpy() middle overwrite
[ 3378.321215] # memcpy_test: ok: memcpy() argument side-effects
[ 3378.322861] ok 2 - memcpy_test
[ 3378.323216] # memmove_test: ok: memmove() static initializers
[ 3378.324639] # memmove_test: ok: memmove() direct assignment
[ 3378.325370] # memmove_test: ok: memmove() complete overwrite
[ 3378.326129] # memmove_test: ok: memmove() middle overwrite
[ 3378.326871] # memmove_test: ok: memmove() argument side-effects
[ 3378.327666] # memmove_test: ok: memmove() overlapping write
[ 3378.329428] ok 3 - memmove_test
[ 3378.329905] ok 4 - strtomem_test
[ 3378.330371] ok 10 - memcpy
[ 3378.459962] # Subtest: mptcp-crypto
[ 3378.459973] 1..1
[ 3378.461240] ok 1 - mptcp_crypto_test_basic
[ 3378.461619] ok 11 - mptcp-crypto
[ 3378.587765] # Subtest: mptcp-token
[ 3378.587775] 1..4
[ 3378.589045] ok 1 - mptcp_token_test_req_basic
[ 3378.589848] ok 2 - mptcp_token_test_msk_basic
[ 3378.590801] ok 3 - mptcp_token_test_accept
[ 3378.591949] ok 4 - mptcp_token_test_destroyed
[ 3378.592620] ok 12 - mptcp-token
[ 3378.914508] # Subtest: rational
[ 3378.914520] 1..1
[ 3378.916493] # rational_test: ok 1 - Exceeds bounds, semi-convergent term > 1/2 last term
[ 3378.917214] # rational_test: ok 2 - Exceeds bounds, semi-convergent term < 1/2 last term
[ 3378.919256] # rational_test: ok 3 - Closest to zero
[ 3378.920742] # rational_test: ok 4 - Closest to smallest non-zero
[ 3378.921986] # rational_test: ok 5 - Use convergent
[ 3378.923267] # rational_test: ok 6 - Exact answer
[ 3378.927097] # rational_test: ok 7 - Semiconvergent, numerator limit
[ 3378.928175] # rational_test: ok 8 - Semiconvergent, denominator limit
[ 3378.929134] ok 1 - rational_test
[ 3378.930158] ok 13 - rational
[ 3379.060344] # Subtest: resource
[ 3379.060356] 1..2
[ 3379.061589] ok 1 - resource_test_union
[ 3379.062154] ok 2 - resource_test_intersection
[ 3379.062773] ok 14 - resource
[ 3379.190259] # Subtest: slub_test
[ 3379.190271] 1..2
[ 3379.204570] ok 1 - test_clobber_zone
[ 3379.213762] ok 2 - test_clobber_redzone_free
[ 3379.214431] ok 15 - slub_test
[ 3379.714957] # Subtest: snd_soc_tplg_test
[ 3379.714969] 1..11
[ 3379.717118] ok 1 - snd_soc_tplg_test_load_with_null_comp
[ 3379.718751] ok 2 - snd_soc_tplg_test_load_with_null_ops
[ 3379.720443] ok 3 - snd_soc_tplg_test_load_with_null_fw
[ 3379.722245] ok 4 - snd_soc_tplg_test_load_empty_tplg
[ 3379.724261] ok 5 - snd_soc_tplg_test_load_empty_tplg_bad_magic
[ 3379.726256] ok 6 - snd_soc_tplg_test_load_empty_tplg_bad_abi
[ 3379.728306] ok 7 - snd_soc_tplg_test_load_empty_tplg_bad_size
[ 3379.730479] ok 8 - snd_soc_tplg_test_load_empty_tplg_bad_payload_size
[ 3379.732229] ok 9 - snd_soc_tplg_test_load_pcm_tplg
[ 3379.735703] ok 10 - snd_soc_tplg_test_load_pcm_tplg_reload_comp
[ 3379.743645] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3379.747830] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3379.788938] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3379.793296] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3379.820780] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3379.825413] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3379.859090] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3379.861680] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3379.907385] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3379.910186] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3379.932440] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3379.935303] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3379.979021] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3379.982874] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.007154] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.015542] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.035211] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.038873] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.080082] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.083793] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.106686] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.113291] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.143526] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.147819] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.166946] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.173277] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.205255] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.212001] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.234237] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.237017] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.273686] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.276676] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.297933] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.305149] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.335315] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.338260] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.367027] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.369589] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.408622] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.412820] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.430026] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.432727] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.457381] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.462146] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.487223] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.489678] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.531304] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.535818] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.562918] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.565851] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.588220] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.591348] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.629060] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.634900] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.662542] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.665213] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.700095] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.702664] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.718381] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.725432] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.744966] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.747700] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.777312] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.780036] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.813343] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.815895] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.837037] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.839802] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.881130] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.883665] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.908734] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.911359] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.941423] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.944036] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3380.970959] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3380.974112] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.007216] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.009562] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.029327] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.031696] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.050203] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.052531] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.101195] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.107328] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.126769] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.129928] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.176977] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.179824] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.206014] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.209740] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.232515] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.234903] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.267982] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.270694] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.300928] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.304776] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.332244] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.338131] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.356596] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.359521] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.393987] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.396899] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.418497] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.421487] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.451540] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.454881] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.473800] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.478506] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.509052] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.511658] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.530917] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.533518] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.567527] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.571143] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.600491] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.603043] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.629117] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.639991] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.659540] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.662888] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.695077] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.698090] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.728426] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.731854] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.751724] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.760958] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.785050] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.788052] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.820083] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.828018] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.866264] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.869358] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.893119] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.903330] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.923276] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.926102] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3381.977481] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3381.980781] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.015419] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.018547] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.045824] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.048803] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.096147] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.099359] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.131103] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.137035] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.160632] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.164403] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.190095] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.193066] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.236349] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.239650] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.265741] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.268907] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.301674] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.304688] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.322918] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.326097] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.373469] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.376513] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.408987] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.412609] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.431993] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.435337] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.459754] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.465459] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.506866] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.511577] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.554430] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.560302] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.587967] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.594746] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.636047] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.640448] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.684851] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.687263] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.709547] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.711904] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.734929] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.739560] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.770485] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.773592] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.803314] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.806088] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.836271] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.838891] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.855959] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.858667] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.901483] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.907662] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.926236] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.929312] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.952314] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.955004] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3382.979547] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3382.982168] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3383.002535] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3383.005154] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3383.035483] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 3383.038342] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 3383.063788] ok 11 - snd_soc_tplg_test_load_pcm_tplg_reload_card
[ 3383.063804] ok 16 - snd_soc_tplg_test
[ 3383.315100] # Subtest: soc-utils
[ 3383.315112] 1..1
[ 3383.316156] ok 1 - test_tdm_params_to_bclk
[ 3383.316503] ok 17 - soc-utils
[ 3383.896777] # Subtest: sysctl_test
[ 3383.896789] 1..10
[ 3383.903216] ok 1 - sysctl_test_api_dointvec_null_tbl_data
[ 3383.909610] ok 2 - sysctl_test_api_dointvec_table_maxlen_unset
[ 3383.915831] ok 3 - sysctl_test_api_dointvec_table_len_is_zero
[ 3383.923969] ok 4 - sysctl_test_api_dointvec_table_read_but_position_set
[ 3383.925562] ok 5 - sysctl_test_dointvec_read_happy_single_positive
[ 3383.927324] ok 6 - sysctl_test_dointvec_read_happy_single_negative
[ 3383.928706] ok 7 - sysctl_test_dointvec_write_happy_single_positive
[ 3383.930186] ok 8 - sysctl_test_dointvec_write_happy_single_negative
[ 3383.931667] ok 9 - sysctl_test_api_dointvec_write_single_less_int_min
[ 3383.941251] ok 10 - sysctl_test_api_dointvec_write_single_greater_int_max
[ 3383.942590] ok 18 - sysctl_test
[ 3384.150603] # Subtest: bits-test
[ 3384.150616] 1..3
[ 3384.152078] ok 1 - genmask_test
[ 3384.161789] ok 2 - genmask_ull_test
[ 3384.164606] ok 3 - genmask_input_check_test
[ 3384.165243] ok 19 - bits-test
[ 3385.074342] # Subtest: kasan
[ 3385.074354] 1..55
[ 3385.075271] ==================================================================
[ 3385.076597] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 3385.077697] Write of size 1 at addr ffff888045994773 by task kunit_try_catch/121574
[ 3385.078794]
[ 3385.079035] CPU: 1 PID: 121574 Comm: kunit_try_catch Kdump: loaded Not tainted 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.080547] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.081375] Call Trace:
[ 3385.081737]
[ 3385.082055] ? kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 3385.082810] dump_stack_lvl+0x57/0x81
[ 3385.083361] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.084169] ? kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 3385.084916] print_report.cold+0x5c/0x237
[ 3385.085486] kasan_report+0xc9/0x100
[ 3385.085992] ? kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 3385.086737] kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 3385.087456] ? kmalloc_oob_left+0x2e0/0x2e0 [test_kasan]
[ 3385.088191] ? lockdep_hardirqs_on_prepare.part.0+0x18c/0x370
[ 3385.088980] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.089754] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.090461] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.091139] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.091836] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.092671] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.093381] kthread+0x2a4/0x350
[ 3385.093839] ? kthread_complete_and_exit+0x20/0x20
[ 3385.094505] ret_from_fork+0x1f/0x30
[ 3385.095018]
[ 3385.095343]
[ 3385.095577] Allocated by task 121574:
[ 3385.096104] kasan_save_stack+0x1e/0x40
[ 3385.096640] __kasan_kmalloc+0x81/0xa0
[ 3385.097189] kmalloc_oob_right+0x98/0x510 [test_kasan]
[ 3385.097905] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.098581] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.099414] kthread+0x2a4/0x350
[ 3385.099872] ret_from_fork+0x1f/0x30
[ 3385.100376]
[ 3385.100610] The buggy address belongs to the object at ffff888045994700
[ 3385.100610] which belongs to the cache kmalloc-128 of size 128
[ 3385.102271] The buggy address is located 115 bytes inside of
[ 3385.102271] 128-byte region [ffff888045994700, ffff888045994780)
[ 3385.103832]
[ 3385.104070] The buggy address belongs to the physical page:
[ 3385.104834] page:00000000aca9c0ab refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45994
[ 3385.106084] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3385.107013] raw: 000fffffc0000200 ffffea000029d280 dead000000000004 ffff8881000418c0
[ 3385.108072] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3385.109114] page dumped because: kasan: bad access detected
[ 3385.109871]
[ 3385.110109] Memory state around the buggy address:
[ 3385.110767] ffff888045994600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3385.111748] ffff888045994680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.112722] >ffff888045994700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[ 3385.113697] ^
[ 3385.114623] ffff888045994780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.115598] ffff888045994800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[ 3385.116570] ==================================================================
[ 3385.117636] Disabling lock debugging due to kernel taint
[ 3385.118389] ==================================================================
[ 3385.119379] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 3385.120471] Write of size 1 at addr ffff888045994778 by task kunit_try_catch/121574
[ 3385.121512]
[ 3385.121749] CPU: 1 PID: 121574 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.123587] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.124375] Call Trace:
[ 3385.124730]
[ 3385.125051] ? kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 3385.125793] dump_stack_lvl+0x57/0x81
[ 3385.126311] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.127103] ? kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 3385.127842] print_report.cold+0x5c/0x237
[ 3385.128409] kasan_report+0xc9/0x100
[ 3385.128916] ? kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 3385.129663] kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 3385.130388] ? kmalloc_oob_left+0x2e0/0x2e0 [test_kasan]
[ 3385.131125] ? lockdep_hardirqs_on_prepare.part.0+0x18c/0x370
[ 3385.131913] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.132680] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.133388] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.134067] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.134762] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.135596] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.136303] kthread+0x2a4/0x350
[ 3385.136761] ? kthread_complete_and_exit+0x20/0x20
[ 3385.137425] ret_from_fork+0x1f/0x30
[ 3385.137936]
[ 3385.138262]
[ 3385.138495] Allocated by task 121574:
[ 3385.139003] kasan_save_stack+0x1e/0x40
[ 3385.139540] __kasan_kmalloc+0x81/0xa0
[ 3385.140065] kmalloc_oob_right+0x98/0x510 [test_kasan]
[ 3385.140767] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.141444] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.142280] kthread+0x2a4/0x350
[ 3385.142739] ret_from_fork+0x1f/0x30
[ 3385.143243]
[ 3385.143478] The buggy address belongs to the object at ffff888045994700
[ 3385.143478] which belongs to the cache kmalloc-128 of size 128
[ 3385.145149] The buggy address is located 120 bytes inside of
[ 3385.145149] 128-byte region [ffff888045994700, ffff888045994780)
[ 3385.146714]
[ 3385.146951] The buggy address belongs to the physical page:
[ 3385.147708] page:00000000aca9c0ab refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45994
[ 3385.148976] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3385.149916] raw: 000fffffc0000200 ffffea000029d280 dead000000000004 ffff8881000418c0
[ 3385.150956] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3385.151889] page dumped because: kasan: bad access detected
[ 3385.152587]
[ 3385.152821] Memory state around the buggy address:
[ 3385.153480] ffff888045994600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3385.154392] ffff888045994680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.155269] >ffff888045994700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[ 3385.156196] ^
[ 3385.157157] ffff888045994780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.158131] ffff888045994800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[ 3385.159111] ==================================================================
[ 3385.160146] ==================================================================
[ 3385.161132] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 3385.162227] Read of size 1 at addr ffff888045994780 by task kunit_try_catch/121574
[ 3385.163251]
[ 3385.163486] CPU: 1 PID: 121574 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.165301] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.166001] Call Trace:
[ 3385.166321]
[ 3385.166597] ? kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 3385.167321] dump_stack_lvl+0x57/0x81
[ 3385.167839] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.168592] ? kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 3385.169254] print_report.cold+0x5c/0x237
[ 3385.169759] kasan_report+0xc9/0x100
[ 3385.170219] ? kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 3385.170882] kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 3385.171617] ? kmalloc_oob_left+0x2e0/0x2e0 [test_kasan]
[ 3385.172345] ? lockdep_hardirqs_on_prepare.part.0+0x18c/0x370
[ 3385.173139] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.173904] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.174612] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.175274] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.175970] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.176802] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.177512] kthread+0x2a4/0x350
[ 3385.177969] ? kthread_complete_and_exit+0x20/0x20
[ 3385.178633] ret_from_fork+0x1f/0x30
[ 3385.179150]
[ 3385.179470]
[ 3385.179702] Allocated by task 121574:
[ 3385.180214] kasan_save_stack+0x1e/0x40
[ 3385.180747] __kasan_kmalloc+0x81/0xa0
[ 3385.181271] kmalloc_oob_right+0x98/0x510 [test_kasan]
[ 3385.181974] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.182648] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.183480] kthread+0x2a4/0x350
[ 3385.183939] ret_from_fork+0x1f/0x30
[ 3385.184443]
[ 3385.184675] The buggy address belongs to the object at ffff888045994700
[ 3385.184675] which belongs to the cache kmalloc-128 of size 128
[ 3385.186344] The buggy address is located 0 bytes to the right of
[ 3385.186344] 128-byte region [ffff888045994700, ffff888045994780)
[ 3385.187944]
[ 3385.188181] The buggy address belongs to the physical page:
[ 3385.188933] page:00000000aca9c0ab refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45994
[ 3385.190186] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3385.191117] raw: 000fffffc0000200 ffffea000029d280 dead000000000004 ffff8881000418c0
[ 3385.192162] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3385.193205] page dumped because: kasan: bad access detected
[ 3385.193957]
[ 3385.194196] Memory state around the buggy address:
[ 3385.194853] ffff888045994680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.195831] ffff888045994700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[ 3385.196805] >ffff888045994780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.197782] ^
[ 3385.198243] ffff888045994800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[ 3385.199226] ffff888045994880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.200202] ==================================================================
[ 3385.202944] ok 1 - kmalloc_oob_right
[ 3385.206942] ==================================================================
[ 3385.208518] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 3385.209603] Read of size 1 at addr ffff888106b3945f by task kunit_try_catch/121575
[ 3385.210625]
[ 3385.210859] CPU: 1 PID: 121575 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.212698] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.213491] Call Trace:
[ 3385.213844]
[ 3385.214159] ? kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 3385.214889] dump_stack_lvl+0x57/0x81
[ 3385.215411] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.216208] ? kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 3385.216938] print_report.cold+0x5c/0x237
[ 3385.217502] kasan_report+0xc9/0x100
[ 3385.218007] ? kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 3385.218738] kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 3385.219450] ? kmalloc_pagealloc_oob_right+0x290/0x290 [test_kasan]
[ 3385.220306] ? do_raw_spin_trylock+0xb5/0x180
[ 3385.220914] ? do_raw_spin_lock+0x270/0x270
[ 3385.221503] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.222272] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.222973] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.223650] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.224349] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.225184] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.225889] kthread+0x2a4/0x350
[ 3385.226350] ? kthread_complete_and_exit+0x20/0x20
[ 3385.227011] ret_from_fork+0x1f/0x30
[ 3385.227530]
[ 3385.227850]
[ 3385.228088] Allocated by task 826:
[ 3385.228566] kasan_save_stack+0x1e/0x40
[ 3385.229101] __kasan_kmalloc+0x81/0xa0
[ 3385.229622] kmem_alloc+0x91/0x120 [xfs]
[ 3385.230423] xfs_iext_insert+0x4e6/0x15f0 [xfs]
[ 3385.231221] xfs_bmap_add_extent_hole_delay.constprop.0+0x221/0xab0 [xfs]
[ 3385.232301] xfs_bmapi_reserve_delalloc+0x396/0x6f0 [xfs]
[ 3385.233195] xfs_buffered_write_iomap_begin+0xcc3/0x1cf0 [xfs]
[ 3385.234171] iomap_iter+0x3d7/0x1110
[ 3385.234676] iomap_file_buffered_write+0x1a9/0x540
[ 3385.235342] xfs_file_buffered_write+0x215/0x900 [xfs]
[ 3385.236220] new_sync_write+0x28e/0x4a0
[ 3385.236753] vfs_write+0x62a/0x920
[ 3385.237236] ksys_write+0xf9/0x1d0
[ 3385.237730] do_syscall_64+0x59/0x90
[ 3385.238237] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3385.238948]
[ 3385.239195] Freed by task 59545:
[ 3385.239650] kasan_save_stack+0x1e/0x40
[ 3385.240185] kasan_set_track+0x21/0x30
[ 3385.240706] kasan_set_free_info+0x20/0x40
[ 3385.241276] __kasan_slab_free+0x108/0x170
[ 3385.241839] slab_free_freelist_hook+0x11d/0x1d0
[ 3385.242480] kfree+0xe2/0x3c0
[ 3385.242905] xfs_iext_remove+0x83c/0xd20 [xfs]
[ 3385.243696] xfs_bmap_del_extent_delay+0x537/0x1140 [xfs]
[ 3385.244588] __xfs_bunmapi+0xb34/0x14c0 [xfs]
[ 3385.245350] xfs_itruncate_extents_flags+0x3ec/0xd60 [xfs]
[ 3385.246268] xfs_inactive_truncate+0x109/0x260 [xfs]
[ 3385.247124] xfs_inactive+0x538/0x6f0 [xfs]
[ 3385.247874] xfs_inodegc_worker+0x187/0x640 [xfs]
[ 3385.248700] process_one_work+0x8e2/0x1520
[ 3385.249269] worker_thread+0x59e/0xf90
[ 3385.249791] kthread+0x2a4/0x350
[ 3385.250253] ret_from_fork+0x1f/0x30
[ 3385.250705]
[ 3385.250914] The buggy address belongs to the object at ffff888106b39440
[ 3385.250914] which belongs to the cache kmalloc-16 of size 16
[ 3385.252552] The buggy address is located 15 bytes to the right of
[ 3385.252552] 16-byte region [ffff888106b39440, ffff888106b39450)
[ 3385.254120]
[ 3385.254330] The buggy address belongs to the physical page:
[ 3385.255005] page:00000000019d19ac refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888106b39ce0 pfn:0x106b39
[ 3385.256408] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 3385.257344] raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3385.258358] raw: ffff888106b39ce0 000000008080006c 00000001ffffffff 0000000000000000
[ 3385.259287] page dumped because: kasan: bad access detected
[ 3385.259961]
[ 3385.260171] Memory state around the buggy address:
[ 3385.260762] ffff888106b39300: fa fb fc fc fb fb fc fc fb fb fc fc 00 00 fc fc
[ 3385.261638] ffff888106b39380: fa fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 3385.262609] >ffff888106b39400: fb fb fc fc 00 00 fc fc fa fb fc fc 00 07 fc fc
[ 3385.263592] ^
[ 3385.264422] ffff888106b39480: fb fb fc fc 00 00 fc fc fb fb fc fc fb fb fc fc
[ 3385.265406] ffff888106b39500: 00 00 fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 3385.266301] ==================================================================
[ 3385.268145] ok 2 - kmalloc_oob_left
[ 3385.268404] ==================================================================
[ 3385.269858] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 3385.270891] Read of size 1 at addr ffff8880a6009000 by task kunit_try_catch/121576
[ 3385.271806]
[ 3385.272056] CPU: 1 PID: 121576 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.273796] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.274503] Call Trace:
[ 3385.274820]
[ 3385.275106] ? kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 3385.275822] dump_stack_lvl+0x57/0x81
[ 3385.276289] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.276996] ? kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 3385.277715] print_report.cold+0x5c/0x237
[ 3385.278257] kasan_report+0xc9/0x100
[ 3385.278760] ? kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 3385.279564] kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 3385.280345] ? pagealloc_uaf+0x2f0/0x2f0 [test_kasan]
[ 3385.281043] ? do_raw_spin_trylock+0xb5/0x180
[ 3385.281655] ? do_raw_spin_lock+0x270/0x270
[ 3385.282242] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.283008] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.283712] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.284394] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.285095] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.285927] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.286599] kthread+0x2a4/0x350
[ 3385.287012] ? kthread_complete_and_exit+0x20/0x20
[ 3385.287610] ret_from_fork+0x1f/0x30
[ 3385.288121]
[ 3385.288443]
[ 3385.288677] Allocated by task 121576:
[ 3385.289191] kasan_save_stack+0x1e/0x40
[ 3385.289728] __kasan_kmalloc+0x81/0xa0
[ 3385.290254] kmalloc_node_oob_right+0x9a/0x2e0 [test_kasan]
[ 3385.291016] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.291687] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.292513] kthread+0x2a4/0x350
[ 3385.292970] ret_from_fork+0x1f/0x30
[ 3385.293475]
[ 3385.293713] The buggy address belongs to the object at ffff8880a6008000
[ 3385.293713] which belongs to the cache kmalloc-4k of size 4096
[ 3385.295199] The buggy address is located 0 bytes to the right of
[ 3385.295199] 4096-byte region [ffff8880a6008000, ffff8880a6009000)
[ 3385.296642]
[ 3385.296895] The buggy address belongs to the physical page:
[ 3385.297651] page:00000000bb1598c1 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880a600e000 pfn:0xa6008
[ 3385.298946] head:00000000bb1598c1 order:3 compound_mapcount:0 compound_pincount:0
[ 3385.299848] flags: 0xfffffc0010200(slab|head|node=0|zone=1|lastcpupid=0x1fffff)
[ 3385.300797] raw: 000fffffc0010200 ffffea00010a4a00 dead000000000003 ffff888100042140
[ 3385.301827] raw: ffff8880a600e000 0000000080040003 00000001ffffffff 0000000000000000
[ 3385.302798] page dumped because: kasan: bad access detected
[ 3385.303554]
[ 3385.303795] Memory state around the buggy address:
[ 3385.304387] ffff8880a6008f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.305307] ffff8880a6008f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.306182] >ffff8880a6009000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.307056] ^
[ 3385.307527] ffff8880a6009080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.308482] ffff8880a6009100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.309355] ==================================================================
[ 3385.311143] ok 3 - kmalloc_node_oob_right
[ 3385.315984] ==================================================================
[ 3385.317623] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 3385.318705] Write of size 1 at addr ffff88803640600a by task kunit_try_catch/121577
[ 3385.319628]
[ 3385.319839] CPU: 1 PID: 121577 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.321566] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.322333] Call Trace:
[ 3385.322650]
[ 3385.322929] ? kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 3385.323713] dump_stack_lvl+0x57/0x81
[ 3385.324235] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.325005] ? kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 3385.325773] print_report.cold+0x5c/0x237
[ 3385.326277] kasan_report+0xc9/0x100
[ 3385.326730] ? kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 3385.327500] kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 3385.328254] ? kmalloc_pagealloc_uaf+0x280/0x280 [test_kasan]
[ 3385.328962] ? do_raw_spin_trylock+0xb5/0x180
[ 3385.329510] ? do_raw_spin_lock+0x270/0x270
[ 3385.330038] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.330724] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.331355] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.331961] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.332587] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.333334] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.333966] kthread+0x2a4/0x350
[ 3385.334380] ? kthread_complete_and_exit+0x20/0x20
[ 3385.334972] ret_from_fork+0x1f/0x30
[ 3385.335435]
[ 3385.335721]
[ 3385.335931] The buggy address belongs to the physical page:
[ 3385.336610] page:0000000073372ad9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x36404
[ 3385.337730] head:0000000073372ad9 order:2 compound_mapcount:0 compound_pincount:0
[ 3385.338708] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 3385.339542] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 3385.340473] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3385.341405] page dumped because: kasan: bad access detected
[ 3385.342082]
[ 3385.342330] Memory state around the buggy address:
[ 3385.342987] ffff888036405f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.343984] ffff888036405f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.344963] >ffff888036406000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3385.345923] ^
[ 3385.346365] ffff888036406080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3385.347235] ffff888036406100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3385.348105] ==================================================================
[ 3385.350995] ok 4 - kmalloc_pagealloc_oob_right
[ 3385.351196] ==================================================================
[ 3385.352817] BUG: KASAN: use-after-free in kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 3385.353907] Read of size 1 at addr ffff888036404000 by task kunit_try_catch/121578
[ 3385.354937]
[ 3385.355150] CPU: 1 PID: 121578 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.356775] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.357512] Call Trace:
[ 3385.357864]
[ 3385.358180] ? kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 3385.358976] dump_stack_lvl+0x57/0x81
[ 3385.359498] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.360287] ? kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 3385.361060] print_report.cold+0x5c/0x237
[ 3385.361622] kasan_report+0xc9/0x100
[ 3385.362105] ? kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 3385.362811] kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 3385.363530] ? kmalloc_pagealloc_invalid_free+0x250/0x250 [test_kasan]
[ 3385.364402] ? do_raw_spin_trylock+0xb5/0x180
[ 3385.364951] ? do_raw_spin_lock+0x270/0x270
[ 3385.365477] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.366162] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.366785] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.367392] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.368016] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.368764] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.369401] kthread+0x2a4/0x350
[ 3385.369815] ? kthread_complete_and_exit+0x20/0x20
[ 3385.370409] ret_from_fork+0x1f/0x30
[ 3385.370871]
[ 3385.371191]
[ 3385.371426] The buggy address belongs to the physical page:
[ 3385.372191] page:0000000073372ad9 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x36404
[ 3385.373451] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)
[ 3385.374333] raw: 000fffffc0000000 ffffea000293c808 ffff88810c1ff270 0000000000000000
[ 3385.375378] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 3385.376450] page dumped because: kasan: bad access detected
[ 3385.377213]
[ 3385.377446] Memory state around the buggy address:
[ 3385.378107] ffff888036403f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.379087] ffff888036403f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.380063] >ffff888036404000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 3385.381041] ^
[ 3385.381500] ffff888036404080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 3385.382466] ffff888036404100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 3385.383376] ==================================================================
[ 3385.385330] ok 5 - kmalloc_pagealloc_uaf
[ 3385.386868] ==================================================================
[ 3385.388484] BUG: KASAN: double-free or invalid-free in kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 3385.389803]
[ 3385.390041] CPU: 1 PID: 121579 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.391760] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.392610] Call Trace:
[ 3385.392972]
[ 3385.393292] dump_stack_lvl+0x57/0x81
[ 3385.393813] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.394607] print_report.cold+0x5c/0x237
[ 3385.395170] ? kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 3385.396065] ? kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 3385.396949] kasan_report_invalid_free+0x99/0xc0
[ 3385.397596] ? kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 3385.398487] kfree+0x2ab/0x3c0
[ 3385.398930] kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 3385.399801] ? kmalloc_large_oob_right+0x2b0/0x2b0 [test_kasan]
[ 3385.400615] ? do_raw_spin_trylock+0xb5/0x180
[ 3385.401227] ? do_raw_spin_lock+0x270/0x270
[ 3385.401812] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.402580] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.403285] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.403965] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.404673] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.405512] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.406223] kthread+0x2a4/0x350
[ 3385.406686] ? kthread_complete_and_exit+0x20/0x20
[ 3385.407354] ret_from_fork+0x1f/0x30
[ 3385.407870]
[ 3385.408194]
[ 3385.408430] The buggy address belongs to the physical page:
[ 3385.409192] page:0000000073372ad9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x36404
[ 3385.410444] head:0000000073372ad9 order:2 compound_mapcount:0 compound_pincount:0
[ 3385.411458] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 3385.412394] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 3385.413439] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3385.414483] page dumped because: kasan: bad access detected
[ 3385.415244]
[ 3385.415478] Memory state around the buggy address:
[ 3385.416136] ffff888036403f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.417114] ffff888036403f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.418093] >ffff888036404000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.419070] ^
[ 3385.419528] ffff888036404080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.420507] ffff888036404100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.421484] ==================================================================
[ 3385.424174] ok 6 - kmalloc_pagealloc_invalid_free
[ 3385.428656] ok 7 - pagealloc_oob_right # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 3385.432414] ==================================================================
[ 3385.434490] BUG: KASAN: use-after-free in pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 3385.435500] Read of size 1 at addr ffff8880a2c20000 by task kunit_try_catch/121581
[ 3385.436519]
[ 3385.436754] CPU: 1 PID: 121581 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.438579] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.439297] Call Trace:
[ 3385.439640]
[ 3385.439951] ? pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 3385.440649] dump_stack_lvl+0x57/0x81
[ 3385.441136] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.441921] ? pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 3385.442623] print_report.cold+0x5c/0x237
[ 3385.443184] kasan_report+0xc9/0x100
[ 3385.443636] ? pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 3385.444306] pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 3385.444983] ? krealloc_more_oob+0x10/0x10 [test_kasan]
[ 3385.445668] ? do_raw_spin_trylock+0xb5/0x180
[ 3385.446223] ? do_raw_spin_lock+0x270/0x270
[ 3385.446746] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.447437] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.448106] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.448808] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.449509] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.450257] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.450887] kthread+0x2a4/0x350
[ 3385.451302] ? kthread_complete_and_exit+0x20/0x20
[ 3385.451961] ret_from_fork+0x1f/0x30
[ 3385.452470]
[ 3385.452802]
[ 3385.453040] The buggy address belongs to the physical page:
[ 3385.453798] page:00000000898f6431 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0xa2c20
[ 3385.455082] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)
[ 3385.455865] raw: 000fffffc0000000 ffffea00029e4008 ffff88813ffd3aa0 0000000000000000
[ 3385.456797] raw: 0000000000000000 0000000000000004 00000000ffffff7f 0000000000000000
[ 3385.457765] page dumped because: kasan: bad access detected
[ 3385.458522]
[ 3385.458755] Memory state around the buggy address:
[ 3385.459368] ffff8880a2c1ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.460240] ffff8880a2c1ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.461110] >ffff8880a2c20000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 3385.461975] ^
[ 3385.462386] ffff8880a2c20080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 3385.463368] ffff8880a2c20100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 3385.464358] ==================================================================
[ 3385.467117] ok 8 - pagealloc_uaf
[ 3385.474110] ==================================================================
[ 3385.475624] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 3385.476785] Write of size 1 at addr ffff888108265f00 by task kunit_try_catch/121582
[ 3385.477817]
[ 3385.478055] CPU: 0 PID: 121582 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.479868] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.480649] Call Trace:
[ 3385.481005]
[ 3385.481317] ? kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 3385.482140] dump_stack_lvl+0x57/0x81
[ 3385.482655] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.483444] ? kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 3385.484252] print_report.cold+0x5c/0x237
[ 3385.484810] kasan_report+0xc9/0x100
[ 3385.485315] ? kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 3385.486127] kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 3385.486911] ? kmalloc_oob_16+0x3b0/0x3b0 [test_kasan]
[ 3385.487619] ? do_raw_spin_trylock+0xb5/0x180
[ 3385.488229] ? do_raw_spin_lock+0x270/0x270
[ 3385.488811] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.489573] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.490270] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.490937] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.491630] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.492455] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.493158] kthread+0x2a4/0x350
[ 3385.493613] ? kthread_complete_and_exit+0x20/0x20
[ 3385.494271] ret_from_fork+0x1f/0x30
[ 3385.494781]
[ 3385.495100]
[ 3385.495332] Allocated by task 121582:
[ 3385.495837] kasan_save_stack+0x1e/0x40
[ 3385.496373] __kasan_kmalloc+0x81/0xa0
[ 3385.496889] kmalloc_large_oob_right+0x98/0x2b0 [test_kasan]
[ 3385.497662] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.498332] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.499160] kthread+0x2a4/0x350
[ 3385.499613] ret_from_fork+0x1f/0x30
[ 3385.500114]
[ 3385.500344] The buggy address belongs to the object at ffff888108264000
[ 3385.500344] which belongs to the cache kmalloc-8k of size 8192
[ 3385.501982] The buggy address is located 7936 bytes inside of
[ 3385.501982] 8192-byte region [ffff888108264000, ffff888108266000)
[ 3385.503562]
[ 3385.503794] The buggy address belongs to the physical page:
[ 3385.504548] page:00000000622a80a0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108260
[ 3385.505792] head:00000000622a80a0 order:3 compound_mapcount:0 compound_pincount:0
[ 3385.506796] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 3385.507789] raw: 0017ffffc0010200 ffffea0000102000 dead000000000002 ffff888100042280
[ 3385.508823] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[ 3385.509856] page dumped because: kasan: bad access detected
[ 3385.510603]
[ 3385.510834] Memory state around the buggy address:
[ 3385.511497] ffff888108265e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.512471] ffff888108265e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.513440] >ffff888108265f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.514338] ^
[ 3385.514745] ffff888108265f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.515631] ffff888108266000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.516600] ==================================================================
[ 3385.517682] ok 9 - kmalloc_large_oob_right
[ 3385.522627] ==================================================================
[ 3385.524240] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 3385.525414] Write of size 1 at addr ffff8880063c14eb by task kunit_try_catch/121583
[ 3385.526409]
[ 3385.526621] CPU: 1 PID: 121583 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.528254] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.528990] Call Trace:
[ 3385.529350]
[ 3385.529661] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 3385.530486] dump_stack_lvl+0x57/0x81
[ 3385.531005] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.531768] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 3385.532599] print_report.cold+0x5c/0x237
[ 3385.533148] kasan_report+0xc9/0x100
[ 3385.533605] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 3385.534352] krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 3385.535075] ? krealloc_less_oob+0x10/0x10 [test_kasan]
[ 3385.535718] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.536303] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.536884] ? lock_acquire+0x4ea/0x620
[ 3385.537375] ? rcu_read_unlock+0x40/0x40
[ 3385.537864] ? rcu_read_unlock+0x40/0x40
[ 3385.538360] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.538945] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.539631] ? do_raw_spin_lock+0x270/0x270
[ 3385.540210] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3385.541059] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3385.541671] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.542300] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.542938] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.543636] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.544489] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.545203] kthread+0x2a4/0x350
[ 3385.545613] ? kthread_complete_and_exit+0x20/0x20
[ 3385.546207] ret_from_fork+0x1f/0x30
[ 3385.546667]
[ 3385.546957]
[ 3385.547174] Allocated by task 121583:
[ 3385.547635] kasan_save_stack+0x1e/0x40
[ 3385.548171] __kasan_krealloc+0xee/0x160
[ 3385.548715] krealloc+0x50/0xe0
[ 3385.549179] krealloc_more_oob_helper+0x1d5/0x610 [test_kasan]
[ 3385.549890] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.550492] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.551233] kthread+0x2a4/0x350
[ 3385.551641] ret_from_fork+0x1f/0x30
[ 3385.552140]
[ 3385.552375] Last potentially related work creation:
[ 3385.553043] kasan_save_stack+0x1e/0x40
[ 3385.553574] __kasan_record_aux_stack+0x96/0xb0
[ 3385.554183] kvfree_call_rcu+0x7d/0x840
[ 3385.554714] drop_sysctl_table+0x338/0x460
[ 3385.555279] unregister_sysctl_table+0x9c/0x180
[ 3385.555864] addrconf_sysctl_unregister+0xe9/0x1b0
[ 3385.556455] addrconf_ifdown.isra.0+0xda7/0x1150
[ 3385.557055] addrconf_notify+0xc8/0x1060
[ 3385.557598] notifier_call_chain+0x9b/0x180
[ 3385.558181] unregister_netdevice_many+0x579/0x1210
[ 3385.558853] default_device_exit_batch+0x2b0/0x370
[ 3385.559500] cleanup_net+0x42b/0x9a0
[ 3385.559950] process_one_work+0x8e2/0x1520
[ 3385.560459] worker_thread+0x59e/0xf90
[ 3385.560925] kthread+0x2a4/0x350
[ 3385.561336] ret_from_fork+0x1f/0x30
[ 3385.561783]
[ 3385.561992] The buggy address belongs to the object at ffff8880063c1400
[ 3385.561992] which belongs to the cache kmalloc-256 of size 256
[ 3385.563472] The buggy address is located 235 bytes inside of
[ 3385.563472] 256-byte region [ffff8880063c1400, ffff8880063c1500)
[ 3385.564859]
[ 3385.565071] The buggy address belongs to the physical page:
[ 3385.565745] page:00000000d4b41c48 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x63c0
[ 3385.566847] head:00000000d4b41c48 order:1 compound_mapcount:0 compound_pincount:0
[ 3385.567821] flags: 0xfffffc0010200(slab|head|node=0|zone=1|lastcpupid=0x1fffff)
[ 3385.568819] raw: 000fffffc0010200 ffffea00040ca180 dead000000000002 ffff888100041b40
[ 3385.569860] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3385.570787] page dumped because: kasan: bad access detected
[ 3385.571461]
[ 3385.571668] Memory state around the buggy address:
[ 3385.572298] ffff8880063c1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.573267] ffff8880063c1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.574141] >ffff8880063c1480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[ 3385.575086] ^
[ 3385.575922] ffff8880063c1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.576796] ffff8880063c1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.577668] ==================================================================
[ 3385.578635] ==================================================================
[ 3385.579520] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 3385.580651] Write of size 1 at addr ffff8880063c14f0 by task kunit_try_catch/121583
[ 3385.581661]
[ 3385.581871] CPU: 1 PID: 121583 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.583609] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.584399] Call Trace:
[ 3385.584751]
[ 3385.585076] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 3385.585813] dump_stack_lvl+0x57/0x81
[ 3385.586277] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.586980] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 3385.587718] print_report.cold+0x5c/0x237
[ 3385.588252] kasan_report+0xc9/0x100
[ 3385.588756] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 3385.589586] krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 3385.590393] ? krealloc_less_oob+0x10/0x10 [test_kasan]
[ 3385.591113] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.591761] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.592414] ? lock_acquire+0x4ea/0x620
[ 3385.592948] ? rcu_read_unlock+0x40/0x40
[ 3385.593498] ? rcu_read_unlock+0x40/0x40
[ 3385.594044] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.594695] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.595441] ? do_raw_spin_lock+0x270/0x270
[ 3385.595960] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3385.596710] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3385.597326] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.597951] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.598630] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.599338] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.600087] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.600719] kthread+0x2a4/0x350
[ 3385.601131] ? kthread_complete_and_exit+0x20/0x20
[ 3385.601728] ret_from_fork+0x1f/0x30
[ 3385.602189]
[ 3385.602475]
[ 3385.602716] Allocated by task 121583:
[ 3385.603240] kasan_save_stack+0x1e/0x40
[ 3385.603717] __kasan_krealloc+0xee/0x160
[ 3385.604205] krealloc+0x50/0xe0
[ 3385.604607] krealloc_more_oob_helper+0x1d5/0x610 [test_kasan]
[ 3385.605330] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.605934] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.606681] kthread+0x2a4/0x350
[ 3385.607092] ret_from_fork+0x1f/0x30
[ 3385.607540]
[ 3385.607749] Last potentially related work creation:
[ 3385.608379] kasan_save_stack+0x1e/0x40
[ 3385.608910] __kasan_record_aux_stack+0x96/0xb0
[ 3385.609543] kvfree_call_rcu+0x7d/0x840
[ 3385.610079] drop_sysctl_table+0x338/0x460
[ 3385.610643] unregister_sysctl_table+0x9c/0x180
[ 3385.611274] addrconf_sysctl_unregister+0xe9/0x1b0
[ 3385.611940] addrconf_ifdown.isra.0+0xda7/0x1150
[ 3385.612583] addrconf_notify+0xc8/0x1060
[ 3385.613132] notifier_call_chain+0x9b/0x180
[ 3385.613705] unregister_netdevice_many+0x579/0x1210
[ 3385.614375] default_device_exit_batch+0x2b0/0x370
[ 3385.615032] cleanup_net+0x42b/0x9a0
[ 3385.615531] process_one_work+0x8e2/0x1520
[ 3385.616096] worker_thread+0x59e/0xf90
[ 3385.616616] kthread+0x2a4/0x350
[ 3385.617073] ret_from_fork+0x1f/0x30
[ 3385.617574]
[ 3385.617807] The buggy address belongs to the object at ffff8880063c1400
[ 3385.617807] which belongs to the cache kmalloc-256 of size 256
[ 3385.619463] The buggy address is located 240 bytes inside of
[ 3385.619463] 256-byte region [ffff8880063c1400, ffff8880063c1500)
[ 3385.621022]
[ 3385.621255] The buggy address belongs to the physical page:
[ 3385.622011] page:00000000d4b41c48 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x63c0
[ 3385.623240] head:00000000d4b41c48 order:1 compound_mapcount:0 compound_pincount:0
[ 3385.624246] flags: 0xfffffc0010200(slab|head|node=0|zone=1|lastcpupid=0x1fffff)
[ 3385.625264] raw: 000fffffc0010200 ffffea00040ca180 dead000000000002 ffff888100041b40
[ 3385.626311] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3385.627349] page dumped because: kasan: bad access detected
[ 3385.628104]
[ 3385.628337] Memory state around the buggy address:
[ 3385.628991] ffff8880063c1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.629964] ffff8880063c1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.630936] >ffff8880063c1480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[ 3385.631910] ^
[ 3385.632832] ffff8880063c1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.633803] ffff8880063c1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.634772] ==================================================================
[ 3385.638171] ok 10 - krealloc_more_oob
[ 3385.641666] ==================================================================
[ 3385.643243] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 3385.644414] Write of size 1 at addr ffff8881032876c9 by task kunit_try_catch/121584
[ 3385.645441]
[ 3385.645677] CPU: 1 PID: 121584 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.647495] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.648280] Call Trace:
[ 3385.648634]
[ 3385.648944] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 3385.649767] dump_stack_lvl+0x57/0x81
[ 3385.650288] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.651079] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 3385.651897] print_report.cold+0x5c/0x237
[ 3385.652459] kasan_report+0xc9/0x100
[ 3385.652963] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 3385.653799] krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 3385.654634] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 3385.655325] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.655976] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.656627] ? lock_acquire+0x4ea/0x620
[ 3385.657165] ? rcu_read_unlock+0x40/0x40
[ 3385.657709] ? rcu_read_unlock+0x40/0x40
[ 3385.658254] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.658904] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.659672] ? do_raw_spin_lock+0x270/0x270
[ 3385.660260] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3385.661095] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3385.661774] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.662476] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.663151] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.663844] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.664676] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.665384] kthread+0x2a4/0x350
[ 3385.665842] ? kthread_complete_and_exit+0x20/0x20
[ 3385.666507] ret_from_fork+0x1f/0x30
[ 3385.667031]
[ 3385.667353]
[ 3385.667586] Allocated by task 121584:
[ 3385.668101] kasan_save_stack+0x1e/0x40
[ 3385.668632] __kasan_krealloc+0xee/0x160
[ 3385.669177] krealloc+0x50/0xe0
[ 3385.669624] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 3385.670422] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.671099] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.671928] kthread+0x2a4/0x350
[ 3385.672393] ret_from_fork+0x1f/0x30
[ 3385.672900]
[ 3385.673138] The buggy address belongs to the object at ffff888103287600
[ 3385.673138] which belongs to the cache kmalloc-256 of size 256
[ 3385.674783] The buggy address is located 201 bytes inside of
[ 3385.674783] 256-byte region [ffff888103287600, ffff888103287700)
[ 3385.676341]
[ 3385.676574] The buggy address belongs to the physical page:
[ 3385.677327] page:00000000f9de5952 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103286
[ 3385.678577] head:00000000f9de5952 order:1 compound_mapcount:0 compound_pincount:0
[ 3385.679599] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 3385.680623] raw: 0017ffffc0010200 0000000000000000 dead000000000001 ffff888100041b40
[ 3385.681677] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3385.682714] page dumped because: kasan: bad access detected
[ 3385.683470]
[ 3385.683702] Memory state around the buggy address:
[ 3385.684363] ffff888103287580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.685336] ffff888103287600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.686311] >ffff888103287680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 3385.687288] ^
[ 3385.688042] ffff888103287700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.689016] ffff888103287780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.689985] ==================================================================
[ 3385.691050] ==================================================================
[ 3385.692038] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 3385.693210] Write of size 1 at addr ffff8881032876d0 by task kunit_try_catch/121584
[ 3385.694243]
[ 3385.694478] CPU: 1 PID: 121584 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.696305] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.697093] Call Trace:
[ 3385.697446]
[ 3385.697756] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 3385.698583] dump_stack_lvl+0x57/0x81
[ 3385.699103] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.699891] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 3385.700716] print_report.cold+0x5c/0x237
[ 3385.701282] kasan_report+0xc9/0x100
[ 3385.701787] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 3385.702612] krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 3385.703415] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 3385.704101] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.704754] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.705405] ? lock_acquire+0x4ea/0x620
[ 3385.705944] ? rcu_read_unlock+0x40/0x40
[ 3385.706493] ? rcu_read_unlock+0x40/0x40
[ 3385.707039] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.707691] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.708452] ? do_raw_spin_lock+0x270/0x270
[ 3385.709036] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3385.709870] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3385.710556] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.711258] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.711934] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.712632] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.713467] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.714176] kthread+0x2a4/0x350
[ 3385.714634] ? kthread_complete_and_exit+0x20/0x20
[ 3385.715299] ret_from_fork+0x1f/0x30
[ 3385.715812]
[ 3385.716135]
[ 3385.716368] Allocated by task 121584:
[ 3385.716878] kasan_save_stack+0x1e/0x40
[ 3385.717415] __kasan_krealloc+0xee/0x160
[ 3385.717959] krealloc+0x50/0xe0
[ 3385.718411] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 3385.719211] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.719884] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.720717] kthread+0x2a4/0x350
[ 3385.721178] ret_from_fork+0x1f/0x30
[ 3385.721680]
[ 3385.721918] The buggy address belongs to the object at ffff888103287600
[ 3385.721918] which belongs to the cache kmalloc-256 of size 256
[ 3385.723575] The buggy address is located 208 bytes inside of
[ 3385.723575] 256-byte region [ffff888103287600, ffff888103287700)
[ 3385.725130]
[ 3385.725362] The buggy address belongs to the physical page:
[ 3385.726117] page:00000000f9de5952 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103286
[ 3385.727370] head:00000000f9de5952 order:1 compound_mapcount:0 compound_pincount:0
[ 3385.728376] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 3385.729375] raw: 0017ffffc0010200 0000000000000000 dead000000000001 ffff888100041b40
[ 3385.730417] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3385.731454] page dumped because: kasan: bad access detected
[ 3385.732209]
[ 3385.732441] Memory state around the buggy address:
[ 3385.733099] ffff888103287580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.734071] ffff888103287600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.735047] >ffff888103287680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 3385.736021] ^
[ 3385.736815] ffff888103287700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.737787] ffff888103287780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.738761] ==================================================================
[ 3385.739909] ==================================================================
[ 3385.740902] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 3385.742077] Write of size 1 at addr ffff8881032876da by task kunit_try_catch/121584
[ 3385.743105]
[ 3385.743340] CPU: 1 PID: 121584 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.745168] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.745948] Call Trace:
[ 3385.746304]
[ 3385.746613] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 3385.747435] dump_stack_lvl+0x57/0x81
[ 3385.747948] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.748737] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 3385.749552] print_report.cold+0x5c/0x237
[ 3385.750056] kasan_report+0xc9/0x100
[ 3385.750507] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 3385.751243] krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 3385.751959] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 3385.752573] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.753208] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.753854] ? lock_acquire+0x4ea/0x620
[ 3385.754390] ? rcu_read_unlock+0x40/0x40
[ 3385.754970] ? rcu_read_unlock+0x40/0x40
[ 3385.755516] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.756174] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.756936] ? do_raw_spin_lock+0x270/0x270
[ 3385.757518] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3385.758349] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3385.759036] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.759737] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.760412] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.761111] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.761939] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.762646] kthread+0x2a4/0x350
[ 3385.763108] ? kthread_complete_and_exit+0x20/0x20
[ 3385.763767] ret_from_fork+0x1f/0x30
[ 3385.764285]
[ 3385.764604]
[ 3385.764837] Allocated by task 121584:
[ 3385.765352] kasan_save_stack+0x1e/0x40
[ 3385.765883] __kasan_krealloc+0xee/0x160
[ 3385.766432] krealloc+0x50/0xe0
[ 3385.766878] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 3385.767675] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.768349] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.769182] kthread+0x2a4/0x350
[ 3385.769637] ret_from_fork+0x1f/0x30
[ 3385.770139]
[ 3385.770372] The buggy address belongs to the object at ffff888103287600
[ 3385.770372] which belongs to the cache kmalloc-256 of size 256
[ 3385.772029] The buggy address is located 218 bytes inside of
[ 3385.772029] 256-byte region [ffff888103287600, ffff888103287700)
[ 3385.773584]
[ 3385.773816] The buggy address belongs to the physical page:
[ 3385.774570] page:00000000f9de5952 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103286
[ 3385.775822] head:00000000f9de5952 order:1 compound_mapcount:0 compound_pincount:0
[ 3385.776833] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 3385.777829] raw: 0017ffffc0010200 0000000000000000 dead000000000001 ffff888100041b40
[ 3385.778868] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3385.779900] page dumped because: kasan: bad access detected
[ 3385.780654]
[ 3385.780886] Memory state around the buggy address:
[ 3385.781543] ffff888103287580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.782514] ffff888103287600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.783488] >ffff888103287680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 3385.784469] ^
[ 3385.785293] ffff888103287700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.786263] ffff888103287780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.787233] ==================================================================
[ 3385.788121] ==================================================================
[ 3385.789074] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 3385.790237] Write of size 1 at addr ffff8881032876ea by task kunit_try_catch/121584
[ 3385.791267]
[ 3385.791501] CPU: 1 PID: 121584 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.793286] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.794023] Call Trace:
[ 3385.794382]
[ 3385.794691] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 3385.795516] dump_stack_lvl+0x57/0x81
[ 3385.796031] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.796814] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 3385.797635] print_report.cold+0x5c/0x237
[ 3385.798197] kasan_report+0xc9/0x100
[ 3385.798705] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 3385.799529] krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 3385.800332] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 3385.801018] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.801668] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.802323] ? lock_acquire+0x4ea/0x620
[ 3385.802856] ? rcu_read_unlock+0x40/0x40
[ 3385.803404] ? rcu_read_unlock+0x40/0x40
[ 3385.803956] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.804632] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.805399] ? do_raw_spin_lock+0x270/0x270
[ 3385.806010] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3385.806845] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3385.807546] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.808248] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.808921] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.809640] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.810490] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.811201] kthread+0x2a4/0x350
[ 3385.811657] ? kthread_complete_and_exit+0x20/0x20
[ 3385.812321] ret_from_fork+0x1f/0x30
[ 3385.812832]
[ 3385.813153]
[ 3385.813385] Allocated by task 121584:
[ 3385.813892] kasan_save_stack+0x1e/0x40
[ 3385.814427] __kasan_krealloc+0xee/0x160
[ 3385.814968] krealloc+0x50/0xe0
[ 3385.815414] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 3385.816216] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.816885] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.817716] kthread+0x2a4/0x350
[ 3385.818173] ret_from_fork+0x1f/0x30
[ 3385.818671]
[ 3385.818903] The buggy address belongs to the object at ffff888103287600
[ 3385.818903] which belongs to the cache kmalloc-256 of size 256
[ 3385.820552] The buggy address is located 234 bytes inside of
[ 3385.820552] 256-byte region [ffff888103287600, ffff888103287700)
[ 3385.822108]
[ 3385.822340] The buggy address belongs to the physical page:
[ 3385.823096] page:00000000f9de5952 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103286
[ 3385.824372] head:00000000f9de5952 order:1 compound_mapcount:0 compound_pincount:0
[ 3385.825394] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 3385.826406] raw: 0017ffffc0010200 0000000000000000 dead000000000001 ffff888100041b40
[ 3385.827458] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3385.828497] page dumped because: kasan: bad access detected
[ 3385.829253]
[ 3385.829485] Memory state around the buggy address:
[ 3385.830142] ffff888103287580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.831119] ffff888103287600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.832096] >ffff888103287680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 3385.833076] ^
[ 3385.833966] ffff888103287700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.834944] ffff888103287780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.835917] ==================================================================
[ 3385.836927] ==================================================================
[ 3385.837907] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 3385.839084] Write of size 1 at addr ffff8881032876eb by task kunit_try_catch/121584
[ 3385.840115]
[ 3385.840350] CPU: 1 PID: 121584 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.842182] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.842964] Call Trace:
[ 3385.843319]
[ 3385.843631] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 3385.844459] dump_stack_lvl+0x57/0x81
[ 3385.844977] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.845767] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 3385.846590] print_report.cold+0x5c/0x237
[ 3385.847153] kasan_report+0xc9/0x100
[ 3385.847657] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 3385.848485] krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 3385.849293] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 3385.849973] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.850628] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.851279] ? lock_acquire+0x4ea/0x620
[ 3385.851814] ? rcu_read_unlock+0x40/0x40
[ 3385.852361] ? rcu_read_unlock+0x40/0x40
[ 3385.852903] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.853557] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.854320] ? do_raw_spin_lock+0x270/0x270
[ 3385.854900] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3385.855736] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3385.856426] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.857129] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.857803] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.858503] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.859333] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.860039] kthread+0x2a4/0x350
[ 3385.860496] ? kthread_complete_and_exit+0x20/0x20
[ 3385.861157] ret_from_fork+0x1f/0x30
[ 3385.861670]
[ 3385.861992]
[ 3385.862227] Allocated by task 121584:
[ 3385.862735] kasan_save_stack+0x1e/0x40
[ 3385.863271] __kasan_krealloc+0xee/0x160
[ 3385.863813] krealloc+0x50/0xe0
[ 3385.864262] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 3385.865060] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.865731] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.866565] kthread+0x2a4/0x350
[ 3385.867023] ret_from_fork+0x1f/0x30
[ 3385.867523]
[ 3385.867755] The buggy address belongs to the object at ffff888103287600
[ 3385.867755] which belongs to the cache kmalloc-256 of size 256
[ 3385.869405] The buggy address is located 235 bytes inside of
[ 3385.869405] 256-byte region [ffff888103287600, ffff888103287700)
[ 3385.870960]
[ 3385.871196] The buggy address belongs to the physical page:
[ 3385.871948] page:00000000f9de5952 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103286
[ 3385.873205] head:00000000f9de5952 order:1 compound_mapcount:0 compound_pincount:0
[ 3385.874215] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 3385.875245] raw: 0017ffffc0010200 0000000000000000 dead000000000001 ffff888100041b40
[ 3385.876315] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3385.877371] page dumped because: kasan: bad access detected
[ 3385.878139]
[ 3385.878371] Memory state around the buggy address:
[ 3385.879030] ffff888103287580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.880024] ffff888103287600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.880998] >ffff888103287680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 3385.881972] ^
[ 3385.882868] ffff888103287700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.883845] ffff888103287780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3385.884818] ==================================================================
[ 3385.886256] ok 11 - krealloc_less_oob
[ 3385.897017] ==================================================================
[ 3385.898584] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 3385.899752] Write of size 1 at addr ffff88801fe6e0eb by task kunit_try_catch/121585
[ 3385.900773]
[ 3385.901009] CPU: 0 PID: 121585 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.902819] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.903599] Call Trace:
[ 3385.903950]
[ 3385.904263] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 3385.905089] dump_stack_lvl+0x57/0x81
[ 3385.905600] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.906386] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 3385.907200] print_report.cold+0x5c/0x237
[ 3385.907760] kasan_report+0xc9/0x100
[ 3385.908266] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 3385.909086] krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 3385.909880] ? krealloc_less_oob+0x10/0x10 [test_kasan]
[ 3385.910592] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.911241] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.911886] ? lock_acquire+0x4ea/0x620
[ 3385.912420] ? rcu_read_unlock+0x40/0x40
[ 3385.912959] ? rcu_read_unlock+0x40/0x40
[ 3385.913506] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.914157] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.914915] ? do_raw_spin_lock+0x270/0x270
[ 3385.915493] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3385.916323] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3385.917004] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.917700] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.918372] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.919062] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.919885] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.920586] kthread+0x2a4/0x350
[ 3385.921105] ? kthread_complete_and_exit+0x20/0x20
[ 3385.921760] ret_from_fork+0x1f/0x30
[ 3385.922276]
[ 3385.922592]
[ 3385.922823] The buggy address belongs to the physical page:
[ 3385.923570] page:00000000d48699f2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1fe6c
[ 3385.924803] head:00000000d48699f2 order:2 compound_mapcount:0 compound_pincount:0
[ 3385.925804] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 3385.926728] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 3385.927758] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3385.928788] page dumped because: kasan: bad access detected
[ 3385.929542]
[ 3385.929769] Memory state around the buggy address:
[ 3385.930383] ffff88801fe6df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.931344] ffff88801fe6e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.932302] >ffff88801fe6e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[ 3385.933237] ^
[ 3385.934120] ffff88801fe6e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3385.935084] ffff88801fe6e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3385.936043] ==================================================================
[ 3385.937134] ==================================================================
[ 3385.938113] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 3385.939276] Write of size 1 at addr ffff88801fe6e0f0 by task kunit_try_catch/121585
[ 3385.940296]
[ 3385.940529] CPU: 0 PID: 121585 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.942270] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.943049] Call Trace:
[ 3385.943399]
[ 3385.943708] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 3385.944530] dump_stack_lvl+0x57/0x81
[ 3385.945048] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.945830] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 3385.946650] print_report.cold+0x5c/0x237
[ 3385.947211] kasan_report+0xc9/0x100
[ 3385.947712] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 3385.948533] krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 3385.949335] ? krealloc_less_oob+0x10/0x10 [test_kasan]
[ 3385.950055] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.950706] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.951357] ? lock_acquire+0x4ea/0x620
[ 3385.951890] ? rcu_read_unlock+0x40/0x40
[ 3385.952435] ? rcu_read_unlock+0x40/0x40
[ 3385.952975] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.953626] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.954383] ? do_raw_spin_lock+0x270/0x270
[ 3385.954961] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3385.955793] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3385.956475] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3385.957173] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3385.957842] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3385.958534] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3385.959367] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3385.960074] kthread+0x2a4/0x350
[ 3385.960529] ? kthread_complete_and_exit+0x20/0x20
[ 3385.961193] ret_from_fork+0x1f/0x30
[ 3385.961703]
[ 3385.962024]
[ 3385.962257] The buggy address belongs to the physical page:
[ 3385.963014] page:00000000d48699f2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1fe6c
[ 3385.964250] head:00000000d48699f2 order:2 compound_mapcount:0 compound_pincount:0
[ 3385.965254] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 3385.966176] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 3385.967204] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3385.968229] page dumped because: kasan: bad access detected
[ 3385.968994]
[ 3385.969225] Memory state around the buggy address:
[ 3385.969872] ffff88801fe6df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.970839] ffff88801fe6e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3385.971806] >ffff88801fe6e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[ 3385.972766] ^
[ 3385.973680] ffff88801fe6e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3385.974641] ffff88801fe6e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3385.975605] ==================================================================
[ 3385.976639] ok 12 - krealloc_pagealloc_more_oob
[ 3385.981999] ==================================================================
[ 3385.983682] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 3385.984869] Write of size 1 at addr ffff8880925020c9 by task kunit_try_catch/121586
[ 3385.985895]
[ 3385.986135] CPU: 1 PID: 121586 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3385.987920] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3385.988703] Call Trace:
[ 3385.989081]
[ 3385.989392] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 3385.990209] dump_stack_lvl+0x57/0x81
[ 3385.990670] print_address_description.constprop.0+0x1f/0x1e0
[ 3385.991382] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 3385.992119] print_report.cold+0x5c/0x237
[ 3385.992622] kasan_report+0xc9/0x100
[ 3385.993077] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 3385.993807] krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 3385.994571] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 3385.995256] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.995874] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.996529] ? lock_acquire+0x4ea/0x620
[ 3385.997068] ? rcu_read_unlock+0x40/0x40
[ 3385.997614] ? rcu_read_unlock+0x40/0x40
[ 3385.998161] ? rcu_read_lock_sched_held+0x12/0x80
[ 3385.998829] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3385.999592] ? do_raw_spin_lock+0x270/0x270
[ 3386.000175] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3386.001012] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.001694] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.002398] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.003078] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.003774] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.004607] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.005312] kthread+0x2a4/0x350
[ 3386.005767] ? kthread_complete_and_exit+0x20/0x20
[ 3386.006430] ret_from_fork+0x1f/0x30
[ 3386.006943]
[ 3386.007266]
[ 3386.007499] The buggy address belongs to the physical page:
[ 3386.008251] page:00000000d2f21b6a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x92500
[ 3386.009489] head:00000000d2f21b6a order:2 compound_mapcount:0 compound_pincount:0
[ 3386.010496] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 3386.011426] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 3386.012460] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3386.013493] page dumped because: kasan: bad access detected
[ 3386.014245]
[ 3386.014476] Memory state around the buggy address:
[ 3386.015133] ffff888092501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3386.016106] ffff888092502000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3386.017077] >ffff888092502080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 3386.018046] ^
[ 3386.018798] ffff888092502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3386.019767] ffff888092502180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3386.020736] ==================================================================
[ 3386.021768] ==================================================================
[ 3386.022742] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 3386.023909] Write of size 1 at addr ffff8880925020d0 by task kunit_try_catch/121586
[ 3386.024934]
[ 3386.025171] CPU: 1 PID: 121586 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.026995] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.027771] Call Trace:
[ 3386.028125]
[ 3386.028435] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 3386.029253] dump_stack_lvl+0x57/0x81
[ 3386.029764] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.030548] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 3386.031365] print_report.cold+0x5c/0x237
[ 3386.031920] kasan_report+0xc9/0x100
[ 3386.032424] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 3386.033246] krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 3386.034048] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 3386.034730] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.035387] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.036041] ? lock_acquire+0x4ea/0x620
[ 3386.036519] ? rcu_read_unlock+0x40/0x40
[ 3386.037012] ? rcu_read_unlock+0x40/0x40
[ 3386.037501] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.038097] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.038779] ? do_raw_spin_lock+0x270/0x270
[ 3386.039306] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3386.040062] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.040671] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.041300] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.041984] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.042688] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.043510] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.044216] kthread+0x2a4/0x350
[ 3386.044675] ? kthread_complete_and_exit+0x20/0x20
[ 3386.045338] ret_from_fork+0x1f/0x30
[ 3386.045849]
[ 3386.046171]
[ 3386.046405] The buggy address belongs to the physical page:
[ 3386.047160] page:00000000d2f21b6a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x92500
[ 3386.048404] head:00000000d2f21b6a order:2 compound_mapcount:0 compound_pincount:0
[ 3386.049411] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 3386.050344] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 3386.051391] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3386.052431] page dumped because: kasan: bad access detected
[ 3386.053191]
[ 3386.053425] Memory state around the buggy address:
[ 3386.054084] ffff888092501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3386.055060] ffff888092502000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3386.056037] >ffff888092502080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 3386.057014] ^
[ 3386.057808] ffff888092502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3386.058786] ffff888092502180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3386.059764] ==================================================================
[ 3386.060869] ==================================================================
[ 3386.061854] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 3386.063026] Write of size 1 at addr ffff8880925020da by task kunit_try_catch/121586
[ 3386.064058]
[ 3386.064291] CPU: 1 PID: 121586 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.066114] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.066899] Call Trace:
[ 3386.067259]
[ 3386.067570] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 3386.068395] dump_stack_lvl+0x57/0x81
[ 3386.068910] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.069700] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 3386.070523] print_report.cold+0x5c/0x237
[ 3386.071084] kasan_report+0xc9/0x100
[ 3386.071590] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 3386.072416] krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 3386.073222] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 3386.073907] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.074559] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.075214] ? lock_acquire+0x4ea/0x620
[ 3386.075748] ? rcu_read_unlock+0x40/0x40
[ 3386.076297] ? rcu_read_unlock+0x40/0x40
[ 3386.076839] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.077495] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.078261] ? do_raw_spin_lock+0x270/0x270
[ 3386.078843] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3386.079682] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.080367] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.081070] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.081744] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.082444] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.083281] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.083991] kthread+0x2a4/0x350
[ 3386.084449] ? kthread_complete_and_exit+0x20/0x20
[ 3386.085113] ret_from_fork+0x1f/0x30
[ 3386.085624]
[ 3386.085944]
[ 3386.086180] The buggy address belongs to the physical page:
[ 3386.086932] page:00000000d2f21b6a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x92500
[ 3386.088181] head:00000000d2f21b6a order:2 compound_mapcount:0 compound_pincount:0
[ 3386.089195] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 3386.090125] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 3386.091168] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3386.092217] page dumped because: kasan: bad access detected
[ 3386.092974]
[ 3386.093207] Memory state around the buggy address:
[ 3386.093863] ffff888092501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3386.094842] ffff888092502000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3386.095814] >ffff888092502080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 3386.096788] ^
[ 3386.097614] ffff888092502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3386.098590] ffff888092502180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3386.099565] ==================================================================
[ 3386.100562] ==================================================================
[ 3386.101542] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 3386.102716] Write of size 1 at addr ffff8880925020ea by task kunit_try_catch/121586
[ 3386.103745]
[ 3386.103981] CPU: 1 PID: 121586 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.105804] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.106596] Call Trace:
[ 3386.106949]
[ 3386.107264] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 3386.108086] dump_stack_lvl+0x57/0x81
[ 3386.108599] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.109390] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 3386.110213] print_report.cold+0x5c/0x237
[ 3386.110774] kasan_report+0xc9/0x100
[ 3386.111282] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 3386.112108] krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 3386.112910] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 3386.113597] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.114254] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.114905] ? lock_acquire+0x4ea/0x620
[ 3386.115444] ? rcu_read_unlock+0x40/0x40
[ 3386.115993] ? rcu_read_unlock+0x40/0x40
[ 3386.116535] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.117191] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.117953] ? do_raw_spin_lock+0x270/0x270
[ 3386.118539] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3386.119383] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.120069] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.120768] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.121417] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.122080] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.122910] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.123618] kthread+0x2a4/0x350
[ 3386.124083] ? kthread_complete_and_exit+0x20/0x20
[ 3386.124741] ret_from_fork+0x1f/0x30
[ 3386.125258]
[ 3386.125577]
[ 3386.125809] The buggy address belongs to the physical page:
[ 3386.126563] page:00000000d2f21b6a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x92500
[ 3386.127803] head:00000000d2f21b6a order:2 compound_mapcount:0 compound_pincount:0
[ 3386.128809] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 3386.129736] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 3386.130774] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3386.131812] page dumped because: kasan: bad access detected
[ 3386.132565]
[ 3386.132797] Memory state around the buggy address:
[ 3386.133464] ffff888092501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3386.134414] ffff888092502000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3386.135389] >ffff888092502080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 3386.136369] ^
[ 3386.137260] ffff888092502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3386.138237] ffff888092502180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3386.139215] ==================================================================
[ 3386.140212] ==================================================================
[ 3386.141193] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 3386.142366] Write of size 1 at addr ffff8880925020eb by task kunit_try_catch/121586
[ 3386.143396]
[ 3386.143642] CPU: 1 PID: 121586 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.145490] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.146284] Call Trace:
[ 3386.146642]
[ 3386.146954] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 3386.147783] dump_stack_lvl+0x57/0x81
[ 3386.148300] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.149093] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 3386.149912] print_report.cold+0x5c/0x237
[ 3386.150477] kasan_report+0xc9/0x100
[ 3386.150988] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 3386.151811] krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 3386.152620] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 3386.153309] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.153962] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.154617] ? lock_acquire+0x4ea/0x620
[ 3386.155156] ? rcu_read_unlock+0x40/0x40
[ 3386.155701] ? rcu_read_unlock+0x40/0x40
[ 3386.156249] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.156902] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.157668] ? do_raw_spin_lock+0x270/0x270
[ 3386.158253] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 3386.159093] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.159776] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.160481] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.161165] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.161867] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.162704] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.163414] kthread+0x2a4/0x350
[ 3386.163874] ? kthread_complete_and_exit+0x20/0x20
[ 3386.164540] ret_from_fork+0x1f/0x30
[ 3386.165057]
[ 3386.165377]
[ 3386.165611] The buggy address belongs to the physical page:
[ 3386.166371] page:00000000d2f21b6a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x92500
[ 3386.167617] head:00000000d2f21b6a order:2 compound_mapcount:0 compound_pincount:0
[ 3386.168623] flags: 0xfffffc0010000(head|node=0|zone=1|lastcpupid=0x1fffff)
[ 3386.169553] raw: 000fffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 3386.170594] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3386.171633] page dumped because: kasan: bad access detected
[ 3386.172391]
[ 3386.172623] Memory state around the buggy address:
[ 3386.173284] ffff888092501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3386.174260] ffff888092502000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3386.175236] >ffff888092502080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 3386.176213] ^
[ 3386.177106] ffff888092502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3386.178084] ffff888092502180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 3386.179060] ==================================================================
[ 3386.181098] ok 13 - krealloc_pagealloc_less_oob
[ 3386.181406] ==================================================================
[ 3386.183084] BUG: KASAN: use-after-free in krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 3386.184081] Read of size 1 at addr ffff888103286600 by task kunit_try_catch/121587
[ 3386.185102]
[ 3386.185338] CPU: 1 PID: 121587 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.187169] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.187953] Call Trace:
[ 3386.188310]
[ 3386.188623] ? krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 3386.189313] dump_stack_lvl+0x57/0x81
[ 3386.189829] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.190623] ? krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 3386.191318] print_report.cold+0x5c/0x237
[ 3386.191886] kasan_report+0xc9/0x100
[ 3386.192403] ? krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 3386.193096] ? krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 3386.193782] __kasan_check_byte+0x36/0x50
[ 3386.194343] krealloc+0x2e/0xe0
[ 3386.194795] krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 3386.195464] ? kmalloc_memmove_negative_size+0x290/0x290 [test_kasan]
[ 3386.196343] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.196998] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.197649] ? lock_acquire+0x4ea/0x620
[ 3386.198188] ? rcu_read_unlock+0x40/0x40
[ 3386.198735] ? rcu_read_unlock+0x40/0x40
[ 3386.199281] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.199932] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.200704] ? do_raw_spin_lock+0x270/0x270
[ 3386.201293] ? trace_hardirqs_on+0x2d/0x160
[ 3386.201873] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.202559] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.203262] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.203937] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.204637] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.205474] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.206190] kthread+0x2a4/0x350
[ 3386.206649] ? kthread_complete_and_exit+0x20/0x20
[ 3386.207318] ret_from_fork+0x1f/0x30
[ 3386.207833]
[ 3386.208157]
[ 3386.208390] Allocated by task 121587:
[ 3386.208900] kasan_save_stack+0x1e/0x40
[ 3386.209438] __kasan_kmalloc+0x81/0xa0
[ 3386.209964] krealloc_uaf+0xaa/0x450 [test_kasan]
[ 3386.210615] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.211262] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.212077] kthread+0x2a4/0x350
[ 3386.212534] ret_from_fork+0x1f/0x30
[ 3386.213037]
[ 3386.213271] Freed by task 121587:
[ 3386.213738] kasan_save_stack+0x1e/0x40
[ 3386.214272] kasan_set_track+0x21/0x30
[ 3386.214792] kasan_set_free_info+0x20/0x40
[ 3386.215358] __kasan_slab_free+0x108/0x170
[ 3386.215923] slab_free_freelist_hook+0x11d/0x1d0
[ 3386.216571] kfree+0xe2/0x3c0
[ 3386.216998] krealloc_uaf+0x147/0x450 [test_kasan]
[ 3386.217657] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.218333] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.219165] kthread+0x2a4/0x350
[ 3386.219621] ret_from_fork+0x1f/0x30
[ 3386.220125]
[ 3386.220380] The buggy address belongs to the object at ffff888103286600
[ 3386.220380] which belongs to the cache kmalloc-256 of size 256
[ 3386.222037] The buggy address is located 0 bytes inside of
[ 3386.222037] 256-byte region [ffff888103286600, ffff888103286700)
[ 3386.223574]
[ 3386.223807] The buggy address belongs to the physical page:
[ 3386.224567] page:00000000f9de5952 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103286
[ 3386.225823] head:00000000f9de5952 order:1 compound_mapcount:0 compound_pincount:0
[ 3386.226833] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 3386.227837] raw: 0017ffffc0010200 0000000000000000 dead000000000001 ffff888100041b40
[ 3386.228880] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3386.229922] page dumped because: kasan: bad access detected
[ 3386.230681]
[ 3386.230915] Memory state around the buggy address:
[ 3386.231577] ffff888103286500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.232554] ffff888103286580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.233532] >ffff888103286600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.234510] ^
[ 3386.234971] ffff888103286680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.235945] ffff888103286700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.236920] ==================================================================
[ 3386.237964] ==================================================================
[ 3386.238943] BUG: KASAN: use-after-free in krealloc_uaf+0x42e/0x450 [test_kasan]
[ 3386.239935] Read of size 1 at addr ffff888103286600 by task kunit_try_catch/121587
[ 3386.240954]
[ 3386.241194] CPU: 1 PID: 121587 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.243019] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.243801] Call Trace:
[ 3386.244160]
[ 3386.244470] ? krealloc_uaf+0x42e/0x450 [test_kasan]
[ 3386.245159] dump_stack_lvl+0x57/0x81
[ 3386.245675] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.246468] ? krealloc_uaf+0x42e/0x450 [test_kasan]
[ 3386.247157] print_report.cold+0x5c/0x237
[ 3386.247718] kasan_report+0xc9/0x100
[ 3386.248228] ? krealloc_uaf+0x42e/0x450 [test_kasan]
[ 3386.248915] krealloc_uaf+0x42e/0x450 [test_kasan]
[ 3386.249582] ? kmalloc_memmove_negative_size+0x290/0x290 [test_kasan]
[ 3386.250457] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.251115] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.251766] ? lock_acquire+0x4ea/0x620
[ 3386.252305] ? rcu_read_unlock+0x40/0x40
[ 3386.252850] ? rcu_read_unlock+0x40/0x40
[ 3386.253398] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.254053] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.254814] ? do_raw_spin_lock+0x270/0x270
[ 3386.255399] ? kunit_ptr_not_err_assert_format+0x210/0x210 [kunit]
[ 3386.256246] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.256927] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.257630] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.258306] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.259005] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.259833] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.260543] kthread+0x2a4/0x350
[ 3386.261004] ? kthread_complete_and_exit+0x20/0x20
[ 3386.261664] ret_from_fork+0x1f/0x30
[ 3386.262178]
[ 3386.262497]
[ 3386.262729] Allocated by task 121587:
[ 3386.263242] kasan_save_stack+0x1e/0x40
[ 3386.263774] __kasan_kmalloc+0x81/0xa0
[ 3386.264297] krealloc_uaf+0xaa/0x450 [test_kasan]
[ 3386.264946] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.265625] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.266460] kthread+0x2a4/0x350
[ 3386.266916] ret_from_fork+0x1f/0x30
[ 3386.267422]
[ 3386.267656] Freed by task 121587:
[ 3386.268128] kasan_save_stack+0x1e/0x40
[ 3386.268660] kasan_set_track+0x21/0x30
[ 3386.269183] kasan_set_free_info+0x20/0x40
[ 3386.269747] __kasan_slab_free+0x108/0x170
[ 3386.270315] slab_free_freelist_hook+0x11d/0x1d0
[ 3386.271008] kfree+0xe2/0x3c0
[ 3386.271435] krealloc_uaf+0x147/0x450 [test_kasan]
[ 3386.272101] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.272773] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.273610] kthread+0x2a4/0x350
[ 3386.274121] ret_from_fork+0x1f/0x30
[ 3386.274624]
[ 3386.274856] The buggy address belongs to the object at ffff888103286600
[ 3386.274856] which belongs to the cache kmalloc-256 of size 256
[ 3386.276514] The buggy address is located 0 bytes inside of
[ 3386.276514] 256-byte region [ffff888103286600, ffff888103286700)
[ 3386.278059]
[ 3386.278293] The buggy address belongs to the physical page:
[ 3386.279054] page:00000000f9de5952 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103286
[ 3386.280306] head:00000000f9de5952 order:1 compound_mapcount:0 compound_pincount:0
[ 3386.281313] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 3386.282316] raw: 0017ffffc0010200 0000000000000000 dead000000000001 ffff888100041b40
[ 3386.283356] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3386.284396] page dumped because: kasan: bad access detected
[ 3386.285151]
[ 3386.285386] Memory state around the buggy address:
[ 3386.286046] ffff888103286500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.287019] ffff888103286580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.287996] >ffff888103286600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.289009] ^
[ 3386.289466] ffff888103286680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.290441] ffff888103286700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.291417] ==================================================================
[ 3386.292481] ok 14 - krealloc_uaf
[ 3386.292751] ==================================================================
[ 3386.294247] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 3386.295327] Write of size 16 at addr ffff888106b39660 by task kunit_try_catch/121588
[ 3386.296366]
[ 3386.296600] CPU: 1 PID: 121588 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.298426] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.299215] Call Trace:
[ 3386.299567]
[ 3386.299878] ? kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 3386.300590] dump_stack_lvl+0x57/0x81
[ 3386.301110] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.301907] ? kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 3386.302626] print_report.cold+0x5c/0x237
[ 3386.303213] kasan_report+0xc9/0x100
[ 3386.303719] ? kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 3386.304430] kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 3386.305124] ? kmalloc_uaf_16+0x3b0/0x3b0 [test_kasan]
[ 3386.305832] ? do_raw_spin_trylock+0xb5/0x180
[ 3386.306449] ? do_raw_spin_lock+0x270/0x270
[ 3386.307035] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.307797] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.308470] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.309132] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.309805] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.310502] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.311338] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.312050] kthread+0x2a4/0x350
[ 3386.312478] ? kthread_complete_and_exit+0x20/0x20
[ 3386.313077] ret_from_fork+0x1f/0x30
[ 3386.313539]
[ 3386.313825]
[ 3386.314039] Allocated by task 121588:
[ 3386.314497] kasan_save_stack+0x1e/0x40
[ 3386.314978] __kasan_kmalloc+0x81/0xa0
[ 3386.315516] kmalloc_oob_16+0xa4/0x3b0 [test_kasan]
[ 3386.316193] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.316807] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.317571] kthread+0x2a4/0x350
[ 3386.318033] ret_from_fork+0x1f/0x30
[ 3386.318532]
[ 3386.318760] The buggy address belongs to the object at ffff888106b39660
[ 3386.318760] which belongs to the cache kmalloc-16 of size 16
[ 3386.320367] The buggy address is located 0 bytes inside of
[ 3386.320367] 16-byte region [ffff888106b39660, ffff888106b39670)
[ 3386.321845]
[ 3386.322083] The buggy address belongs to the physical page:
[ 3386.322776] page:00000000019d19ac refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106b39
[ 3386.323896] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 3386.324764] raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3386.325804] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 3386.326873] page dumped because: kasan: bad access detected
[ 3386.327630]
[ 3386.327862] Memory state around the buggy address:
[ 3386.328523] ffff888106b39500: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 3386.329496] ffff888106b39580: 00 00 fc fc fa fb fc fc 00 00 fc fc 00 00 fc fc
[ 3386.330472] >ffff888106b39600: fa fb fc fc 00 00 fc fc fa fb fc fc 00 05 fc fc
[ 3386.331445] ^
[ 3386.332341] ffff888106b39680: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc
[ 3386.333316] ffff888106b39700: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc
[ 3386.334291] ==================================================================
[ 3386.335411] ok 15 - kmalloc_oob_16
[ 3386.335637] ==================================================================
[ 3386.337182] BUG: KASAN: use-after-free in kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 3386.338224] Read of size 16 at addr ffff888106b39e40 by task kunit_try_catch/121589
[ 3386.339251]
[ 3386.339485] CPU: 1 PID: 121589 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.341295] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.342082] Call Trace:
[ 3386.342437]
[ 3386.342750] ? kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 3386.343462] dump_stack_lvl+0x57/0x81
[ 3386.343985] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.344775] ? kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 3386.345483] print_report.cold+0x5c/0x237
[ 3386.346046] kasan_report+0xc9/0x100
[ 3386.346551] ? kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 3386.347263] kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 3386.347955] ? kmalloc_uaf+0x2b0/0x2b0 [test_kasan]
[ 3386.348638] ? do_raw_spin_trylock+0xb5/0x180
[ 3386.349189] ? do_raw_spin_lock+0x270/0x270
[ 3386.349711] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.350406] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.351072] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.351770] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.352407] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.353032] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.353855] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.354563] kthread+0x2a4/0x350
[ 3386.354976] ? kthread_complete_and_exit+0x20/0x20
[ 3386.355566] ret_from_fork+0x1f/0x30
[ 3386.356029]
[ 3386.356314]
[ 3386.356522] Allocated by task 121589:
[ 3386.356980] kasan_save_stack+0x1e/0x40
[ 3386.357491] __kasan_kmalloc+0x81/0xa0
[ 3386.358017] kmalloc_uaf_16+0x15d/0x3b0 [test_kasan]
[ 3386.358682] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.359285] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.360112] kthread+0x2a4/0x350
[ 3386.360569] ret_from_fork+0x1f/0x30
[ 3386.361077]
[ 3386.361310] Freed by task 121589:
[ 3386.361749] kasan_save_stack+0x1e/0x40
[ 3386.362231] kasan_set_track+0x21/0x30
[ 3386.362700] kasan_set_free_info+0x20/0x40
[ 3386.363212] __kasan_slab_free+0x108/0x170
[ 3386.363718] slab_free_freelist_hook+0x11d/0x1d0
[ 3386.364296] kfree+0xe2/0x3c0
[ 3386.364720] kmalloc_uaf_16+0x1e8/0x3b0 [test_kasan]
[ 3386.365407] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.366049] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.366804] kthread+0x2a4/0x350
[ 3386.367217] ret_from_fork+0x1f/0x30
[ 3386.367666]
[ 3386.367874] The buggy address belongs to the object at ffff888106b39e40
[ 3386.367874] which belongs to the cache kmalloc-16 of size 16
[ 3386.369336] The buggy address is located 0 bytes inside of
[ 3386.369336] 16-byte region [ffff888106b39e40, ffff888106b39e50)
[ 3386.370702]
[ 3386.370912] The buggy address belongs to the physical page:
[ 3386.371590] page:00000000019d19ac refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106b39
[ 3386.372712] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 3386.373556] raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3386.374492] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 3386.375427] page dumped because: kasan: bad access detected
[ 3386.376103]
[ 3386.376311] Memory state around the buggy address:
[ 3386.376898] ffff888106b39d00: 00 00 fc fc fa fb fc fc fa fb fc fc 00 00 fc fc
[ 3386.377869] ffff888106b39d80: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 3386.378807] >ffff888106b39e00: fa fb fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc
[ 3386.379684] ^
[ 3386.380339] ffff888106b39e80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 3386.381285] ffff888106b39f00: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc
[ 3386.382262] ==================================================================
[ 3386.383418] ok 16 - kmalloc_uaf_16
[ 3386.383642] ==================================================================
[ 3386.385100] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 3386.386219] Write of size 128 at addr ffff888027b97000 by task kunit_try_catch/121590
[ 3386.387250]
[ 3386.387484] CPU: 1 PID: 121590 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.389147] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.389850] Call Trace:
[ 3386.390170]
[ 3386.390449] ? kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 3386.391159] dump_stack_lvl+0x57/0x81
[ 3386.391622] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.392333] ? kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 3386.393044] print_report.cold+0x5c/0x237
[ 3386.393545] kasan_report+0xc9/0x100
[ 3386.394048] ? kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 3386.394752] kasan_check_range+0xfd/0x1e0
[ 3386.395255] memset+0x20/0x50
[ 3386.395638] kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 3386.396321] ? kmalloc_oob_memset_2+0x290/0x290 [test_kasan]
[ 3386.397023] ? do_raw_spin_trylock+0xb5/0x180
[ 3386.397567] ? do_raw_spin_lock+0x270/0x270
[ 3386.398093] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.398771] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.399382] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.400015] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.400617] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.401244] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.402035] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.402737] kthread+0x2a4/0x350
[ 3386.403182] ? kthread_complete_and_exit+0x20/0x20
[ 3386.403793] ret_from_fork+0x1f/0x30
[ 3386.404310]
[ 3386.404641]
[ 3386.404852] Allocated by task 121590:
[ 3386.405310] kasan_save_stack+0x1e/0x40
[ 3386.405788] __kasan_kmalloc+0x81/0xa0
[ 3386.406259] kmalloc_oob_in_memset+0x9c/0x280 [test_kasan]
[ 3386.406930] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.407575] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.408408] kthread+0x2a4/0x350
[ 3386.408856] ret_from_fork+0x1f/0x30
[ 3386.409309]
[ 3386.409518] The buggy address belongs to the object at ffff888027b97000
[ 3386.409518] which belongs to the cache kmalloc-128 of size 128
[ 3386.411004] The buggy address is located 0 bytes inside of
[ 3386.411004] 128-byte region [ffff888027b97000, ffff888027b97080)
[ 3386.412441]
[ 3386.412674] The buggy address belongs to the physical page:
[ 3386.413488] page:000000009b2de5bc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27b97
[ 3386.414736] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3386.415602] raw: 000fffffc0000200 ffffea000411ff40 dead000000000002 ffff8881000418c0
[ 3386.416534] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3386.417464] page dumped because: kasan: bad access detected
[ 3386.418141]
[ 3386.418349] Memory state around the buggy address:
[ 3386.418936] ffff888027b96f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3386.419811] ffff888027b96f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3386.420685] >ffff888027b97000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 3386.421560] ^
[ 3386.422427] ffff888027b97080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.423307] ffff888027b97100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.424179] ==================================================================
[ 3386.425146] ok 17 - kmalloc_oob_in_memset
[ 3386.425359] ==================================================================
[ 3386.426785] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 3386.427816] Write of size 2 at addr ffff888027b97d77 by task kunit_try_catch/121591
[ 3386.428832]
[ 3386.429045] CPU: 1 PID: 121591 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.430680] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.431386] Call Trace:
[ 3386.431702]
[ 3386.431983] ? kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 3386.432678] dump_stack_lvl+0x57/0x81
[ 3386.433148] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.433904] ? kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 3386.434689] print_report.cold+0x5c/0x237
[ 3386.435277] kasan_report+0xc9/0x100
[ 3386.435787] ? kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 3386.436569] kasan_check_range+0xfd/0x1e0
[ 3386.437130] memset+0x20/0x50
[ 3386.437559] kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 3386.438275] ? kmalloc_oob_memset_4+0x290/0x290 [test_kasan]
[ 3386.438973] ? do_raw_spin_trylock+0xb5/0x180
[ 3386.439517] ? do_raw_spin_lock+0x270/0x270
[ 3386.440043] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.440723] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.441336] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.441993] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.442657] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.443339] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.444120] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.444771] kthread+0x2a4/0x350
[ 3386.445246] ? kthread_complete_and_exit+0x20/0x20
[ 3386.445914] ret_from_fork+0x1f/0x30
[ 3386.446378]
[ 3386.446664]
[ 3386.446873] Allocated by task 121591:
[ 3386.447333] kasan_save_stack+0x1e/0x40
[ 3386.447810] __kasan_kmalloc+0x81/0xa0
[ 3386.448280] kmalloc_oob_memset_2+0x9c/0x290 [test_kasan]
[ 3386.448984] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.449655] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.450437] kthread+0x2a4/0x350
[ 3386.450850] ret_from_fork+0x1f/0x30
[ 3386.451306]
[ 3386.451516] The buggy address belongs to the object at ffff888027b97d00
[ 3386.451516] which belongs to the cache kmalloc-128 of size 128
[ 3386.453011] The buggy address is located 119 bytes inside of
[ 3386.453011] 128-byte region [ffff888027b97d00, ffff888027b97d80)
[ 3386.454464]
[ 3386.454675] The buggy address belongs to the physical page:
[ 3386.455355] page:000000009b2de5bc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27b97
[ 3386.456468] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3386.457303] raw: 000fffffc0000200 ffffea000411ff40 dead000000000002 ffff8881000418c0
[ 3386.458290] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3386.459232] page dumped because: kasan: bad access detected
[ 3386.459904]
[ 3386.460117] Memory state around the buggy address:
[ 3386.460705] ffff888027b97c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.461692] ffff888027b97c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.462602] >ffff888027b97d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 3386.463473] ^
[ 3386.464336] ffff888027b97d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.465205] ffff888027b97e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.466076] ==================================================================
[ 3386.467069] ok 18 - kmalloc_oob_memset_2
[ 3386.467252] ==================================================================
[ 3386.468793] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 3386.469902] Write of size 4 at addr ffff888027b97475 by task kunit_try_catch/121594
[ 3386.470935]
[ 3386.471174] CPU: 1 PID: 121594 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.472848] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.473552] Call Trace:
[ 3386.473868]
[ 3386.474151] ? kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 3386.474849] dump_stack_lvl+0x57/0x81
[ 3386.475316] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.476078] ? kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 3386.476854] print_report.cold+0x5c/0x237
[ 3386.477381] kasan_report+0xc9/0x100
[ 3386.477879] ? kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 3386.478662] kasan_check_range+0xfd/0x1e0
[ 3386.479197] memset+0x20/0x50
[ 3386.479583] kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 3386.480337] ? kmalloc_oob_memset_8+0x290/0x290 [test_kasan]
[ 3386.481107] ? do_raw_spin_trylock+0xb5/0x180
[ 3386.481651] ? do_raw_spin_lock+0x270/0x270
[ 3386.482250] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.483029] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.483713] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.484422] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.485103] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.485799] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.486603] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.487260] kthread+0x2a4/0x350
[ 3386.487720] ? kthread_complete_and_exit+0x20/0x20
[ 3386.488386] ret_from_fork+0x1f/0x30
[ 3386.488900]
[ 3386.489225]
[ 3386.489434] Allocated by task 121594:
[ 3386.489893] kasan_save_stack+0x1e/0x40
[ 3386.490375] __kasan_kmalloc+0x81/0xa0
[ 3386.490847] kmalloc_oob_memset_4+0x9c/0x290 [test_kasan]
[ 3386.491544] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.492223] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.493075] kthread+0x2a4/0x350
[ 3386.493531] ret_from_fork+0x1f/0x30
[ 3386.494037]
[ 3386.494263] The buggy address belongs to the object at ffff888027b97400
[ 3386.494263] which belongs to the cache kmalloc-128 of size 128
[ 3386.495765] The buggy address is located 117 bytes inside of
[ 3386.495765] 128-byte region [ffff888027b97400, ffff888027b97480)
[ 3386.497297]
[ 3386.497506] The buggy address belongs to the physical page:
[ 3386.498186] page:000000009b2de5bc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27b97
[ 3386.499297] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3386.500216] raw: 000fffffc0000200 ffffea000411ff40 dead000000000002 ffff8881000418c0
[ 3386.501288] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3386.502292] page dumped because: kasan: bad access detected
[ 3386.502971]
[ 3386.503179] Memory state around the buggy address:
[ 3386.503766] ffff888027b97300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.504750] ffff888027b97380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.505732] >ffff888027b97400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 3386.506707] ^
[ 3386.507675] ffff888027b97480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.508651] ffff888027b97500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.509581] ==================================================================
[ 3386.510522] ok 19 - kmalloc_oob_memset_4
[ 3386.510739] ==================================================================
[ 3386.512221] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 3386.513310] Write of size 8 at addr ffff888027b97371 by task kunit_try_catch/121595
[ 3386.514232]
[ 3386.514442] CPU: 1 PID: 121595 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.516181] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.516968] Call Trace:
[ 3386.517320]
[ 3386.517630] ? kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 3386.518437] dump_stack_lvl+0x57/0x81
[ 3386.518956] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.519744] ? kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 3386.520489] print_report.cold+0x5c/0x237
[ 3386.521045] kasan_report+0xc9/0x100
[ 3386.521551] ? kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 3386.522324] kasan_check_range+0xfd/0x1e0
[ 3386.522824] memset+0x20/0x50
[ 3386.523211] kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 3386.523882] ? kmalloc_oob_memset_16+0x290/0x290 [test_kasan]
[ 3386.524591] ? do_raw_spin_trylock+0xb5/0x180
[ 3386.525209] ? do_raw_spin_lock+0x270/0x270
[ 3386.525794] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.526522] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.527188] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.527889] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.528569] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.529269] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.530087] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.530718] kthread+0x2a4/0x350
[ 3386.531132] ? kthread_complete_and_exit+0x20/0x20
[ 3386.531722] ret_from_fork+0x1f/0x30
[ 3386.532184]
[ 3386.532469]
[ 3386.532679] Allocated by task 121595:
[ 3386.533194] kasan_save_stack+0x1e/0x40
[ 3386.533725] __kasan_kmalloc+0x81/0xa0
[ 3386.534244] kmalloc_oob_memset_8+0x9c/0x290 [test_kasan]
[ 3386.534901] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.535510] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.536256] kthread+0x2a4/0x350
[ 3386.536665] ret_from_fork+0x1f/0x30
[ 3386.537115]
[ 3386.537323] The buggy address belongs to the object at ffff888027b97300
[ 3386.537323] which belongs to the cache kmalloc-128 of size 128
[ 3386.538863] The buggy address is located 113 bytes inside of
[ 3386.538863] 128-byte region [ffff888027b97300, ffff888027b97380)
[ 3386.540254]
[ 3386.540464] The buggy address belongs to the physical page:
[ 3386.541210] page:000000009b2de5bc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27b97
[ 3386.542413] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3386.543338] raw: 000fffffc0000200 ffffea000411ff40 dead000000000002 ffff8881000418c0
[ 3386.544411] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3386.545372] page dumped because: kasan: bad access detected
[ 3386.546054]
[ 3386.546263] Memory state around the buggy address:
[ 3386.546905] ffff888027b97200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.547883] ffff888027b97280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.548861] >ffff888027b97300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 3386.549775] ^
[ 3386.550738] ffff888027b97380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.551726] ffff888027b97400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.552720] ==================================================================
[ 3386.554023] ok 20 - kmalloc_oob_memset_8
[ 3386.554251] ==================================================================
[ 3386.555841] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 3386.556991] Write of size 16 at addr ffff888027b97969 by task kunit_try_catch/121596
[ 3386.558032]
[ 3386.558266] CPU: 1 PID: 121596 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.560105] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.560897] Call Trace:
[ 3386.561254]
[ 3386.561565] ? kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 3386.562360] dump_stack_lvl+0x57/0x81
[ 3386.562879] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.563671] ? kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 3386.564475] print_report.cold+0x5c/0x237
[ 3386.565047] kasan_report+0xc9/0x100
[ 3386.565552] ? kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 3386.566347] kasan_check_range+0xfd/0x1e0
[ 3386.566904] memset+0x20/0x50
[ 3386.567338] kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 3386.568106] ? kmalloc_uaf_memset+0x280/0x280 [test_kasan]
[ 3386.568854] ? do_raw_spin_trylock+0xb5/0x180
[ 3386.569468] ? do_raw_spin_lock+0x270/0x270
[ 3386.570057] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.570818] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.571508] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.572212] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.572887] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.573589] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.574425] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.575137] kthread+0x2a4/0x350
[ 3386.575597] ? kthread_complete_and_exit+0x20/0x20
[ 3386.576263] ret_from_fork+0x1f/0x30
[ 3386.576777]
[ 3386.577103]
[ 3386.577337] Allocated by task 121596:
[ 3386.577850] kasan_save_stack+0x1e/0x40
[ 3386.578389] __kasan_kmalloc+0x81/0xa0
[ 3386.578911] kmalloc_oob_memset_16+0x9c/0x290 [test_kasan]
[ 3386.579663] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.580322] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.581065] kthread+0x2a4/0x350
[ 3386.581475] ret_from_fork+0x1f/0x30
[ 3386.581971]
[ 3386.582205] The buggy address belongs to the object at ffff888027b97900
[ 3386.582205] which belongs to the cache kmalloc-128 of size 128
[ 3386.583856] The buggy address is located 105 bytes inside of
[ 3386.583856] 128-byte region [ffff888027b97900, ffff888027b97980)
[ 3386.585422]
[ 3386.585632] The buggy address belongs to the physical page:
[ 3386.586353] page:000000009b2de5bc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27b97
[ 3386.587597] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3386.588530] raw: 000fffffc0000200 ffffea000411ff40 dead000000000002 ffff8881000418c0
[ 3386.589507] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3386.590444] page dumped because: kasan: bad access detected
[ 3386.591167]
[ 3386.591400] Memory state around the buggy address:
[ 3386.592058] ffff888027b97800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.593034] ffff888027b97880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.594013] >ffff888027b97900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 3386.594985] ^
[ 3386.595948] ffff888027b97980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.596917] ffff888027b97a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3386.597890] ==================================================================
[ 3386.598934] ok 21 - kmalloc_oob_memset_16
[ 3386.599145] ==================================================================
[ 3386.600745] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 3386.601935] Read of size 18446744073709551614 at addr ffff888107413004 by task kunit_try_catch/121597
[ 3386.603168]
[ 3386.603402] CPU: 1 PID: 121597 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.605153] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.605938] Call Trace:
[ 3386.606291]
[ 3386.606601] ? kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 3386.607480] dump_stack_lvl+0x57/0x81
[ 3386.607998] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.608786] ? kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 3386.609660] print_report.cold+0x5c/0x237
[ 3386.610226] kasan_report+0xc9/0x100
[ 3386.610732] ? kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 3386.611612] kasan_check_range+0xfd/0x1e0
[ 3386.612173] memmove+0x20/0x60
[ 3386.612613] kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 3386.613467] ? kmalloc_memmove_invalid_size+0x2a0/0x2a0 [test_kasan]
[ 3386.614335] ? do_raw_spin_trylock+0xb5/0x180
[ 3386.614947] ? do_raw_spin_lock+0x270/0x270
[ 3386.615527] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.616274] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.616884] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.617595] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.618273] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.618975] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.619810] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.620543] kthread+0x2a4/0x350
[ 3386.621008] ? kthread_complete_and_exit+0x20/0x20
[ 3386.621641] ret_from_fork+0x1f/0x30
[ 3386.622104]
[ 3386.622391]
[ 3386.622601] Allocated by task 121597:
[ 3386.623117] kasan_save_stack+0x1e/0x40
[ 3386.623651] __kasan_kmalloc+0x81/0xa0
[ 3386.624161] kmalloc_memmove_negative_size+0x9c/0x290 [test_kasan]
[ 3386.625025] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.625701] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.626535] kthread+0x2a4/0x350
[ 3386.626997] ret_from_fork+0x1f/0x30
[ 3386.627497]
[ 3386.627730] The buggy address belongs to the object at ffff888107413000
[ 3386.627730] which belongs to the cache kmalloc-64 of size 64
[ 3386.629364] The buggy address is located 4 bytes inside of
[ 3386.629364] 64-byte region [ffff888107413000, ffff888107413040)
[ 3386.630888]
[ 3386.631127] The buggy address belongs to the physical page:
[ 3386.631883] page:0000000048fc64f4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107413
[ 3386.633138] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 3386.634079] raw: 0017ffffc0000200 ffffea00041e0cc0 dead000000000007 ffff888100041640
[ 3386.635120] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 3386.636156] page dumped because: kasan: bad access detected
[ 3386.636911]
[ 3386.637147] Memory state around the buggy address:
[ 3386.637804] ffff888107412f00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 3386.638779] ffff888107412f80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 3386.639756] >ffff888107413000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 3386.640728] ^
[ 3386.641188] ffff888107413080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
[ 3386.642139] ffff888107413100: 00 00 00 00 00 00 00 06 fc fc fc fc fc fc fc fc
[ 3386.643063] ==================================================================
[ 3386.644218] ok 22 - kmalloc_memmove_negative_size
[ 3386.644402] ==================================================================
[ 3386.646058] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 3386.647216] Read of size 64 at addr ffff888107413404 by task kunit_try_catch/121598
[ 3386.648275]
[ 3386.648509] CPU: 1 PID: 121598 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.650337] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.651121] Call Trace:
[ 3386.651474]
[ 3386.651792] ? kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 3386.652588] dump_stack_lvl+0x57/0x81
[ 3386.653110] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.653873] ? kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 3386.654647] print_report.cold+0x5c/0x237
[ 3386.655153] kasan_report+0xc9/0x100
[ 3386.655609] ? kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 3386.656393] kasan_check_range+0xfd/0x1e0
[ 3386.656934] memmove+0x20/0x60
[ 3386.657374] kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 3386.658194] ? kmalloc_oob_in_memset+0x280/0x280 [test_kasan]
[ 3386.658950] ? do_raw_spin_trylock+0xb5/0x180
[ 3386.659574] ? do_raw_spin_lock+0x270/0x270
[ 3386.660100] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.660780] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.661411] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.662018] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.662640] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.663388] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.664024] kthread+0x2a4/0x350
[ 3386.664433] ? kthread_complete_and_exit+0x20/0x20
[ 3386.665109] ret_from_fork+0x1f/0x30
[ 3386.665624]
[ 3386.665947]
[ 3386.666180] Allocated by task 121598:
[ 3386.666689] kasan_save_stack+0x1e/0x40
[ 3386.667231] __kasan_kmalloc+0x81/0xa0
[ 3386.667753] kmalloc_memmove_invalid_size+0xac/0x2a0 [test_kasan]
[ 3386.668585] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.669260] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.670081] kthread+0x2a4/0x350
[ 3386.670490] ret_from_fork+0x1f/0x30
[ 3386.670987]
[ 3386.671220] The buggy address belongs to the object at ffff888107413400
[ 3386.671220] which belongs to the cache kmalloc-64 of size 64
[ 3386.672852] The buggy address is located 4 bytes inside of
[ 3386.672852] 64-byte region [ffff888107413400, ffff888107413440)
[ 3386.674333]
[ 3386.674542] The buggy address belongs to the physical page:
[ 3386.675268] page:0000000048fc64f4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107413
[ 3386.676471] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 3386.677317] raw: 0017ffffc0000200 ffffea00041e0cc0 dead000000000007 ffff888100041640
[ 3386.678252] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 3386.679257] page dumped because: kasan: bad access detected
[ 3386.679975]
[ 3386.680183] Memory state around the buggy address:
[ 3386.680769] ffff888107413300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 3386.681642] ffff888107413380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 3386.682517] >ffff888107413400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 3386.683484] ^
[ 3386.684214] ffff888107413480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 3386.685192] ffff888107413500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
[ 3386.686138] ==================================================================
[ 3386.687201] ok 23 - kmalloc_memmove_invalid_size
[ 3386.687714] ==================================================================
[ 3386.689336] BUG: KASAN: use-after-free in kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 3386.690281] Read of size 1 at addr ffff888106b39348 by task kunit_try_catch/121599
[ 3386.691263]
[ 3386.691497] CPU: 1 PID: 121599 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.693326] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.694111] Call Trace:
[ 3386.694463]
[ 3386.694786] ? kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 3386.695465] dump_stack_lvl+0x57/0x81
[ 3386.695994] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.696803] ? kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 3386.697491] print_report.cold+0x5c/0x237
[ 3386.698070] kasan_report+0xc9/0x100
[ 3386.698575] ? kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 3386.699251] kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 3386.699944] ? kmalloc_uaf2+0x430/0x430 [test_kasan]
[ 3386.700631] ? do_raw_spin_trylock+0xb5/0x180
[ 3386.701243] ? do_raw_spin_lock+0x270/0x270
[ 3386.701839] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.702614] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.703320] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.704002] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.704699] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.705533] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.706242] kthread+0x2a4/0x350
[ 3386.706700] ? kthread_complete_and_exit+0x20/0x20
[ 3386.707368] ret_from_fork+0x1f/0x30
[ 3386.707881]
[ 3386.708204]
[ 3386.708437] Allocated by task 121599:
[ 3386.708952] kasan_save_stack+0x1e/0x40
[ 3386.709485] __kasan_kmalloc+0x81/0xa0
[ 3386.710011] kmalloc_uaf+0x98/0x2b0 [test_kasan]
[ 3386.710656] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.711331] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.712162] kthread+0x2a4/0x350
[ 3386.712618] ret_from_fork+0x1f/0x30
[ 3386.713123]
[ 3386.713356] Freed by task 121599:
[ 3386.713822] kasan_save_stack+0x1e/0x40
[ 3386.714346] kasan_set_track+0x21/0x30
[ 3386.714854] kasan_set_free_info+0x20/0x40
[ 3386.715443] __kasan_slab_free+0x108/0x170
[ 3386.716024] slab_free_freelist_hook+0x11d/0x1d0
[ 3386.716661] kfree+0xe2/0x3c0
[ 3386.717089] kmalloc_uaf+0x12b/0x2b0 [test_kasan]
[ 3386.717758] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.718458] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.719292] kthread+0x2a4/0x350
[ 3386.719749] ret_from_fork+0x1f/0x30
[ 3386.720253]
[ 3386.720486] The buggy address belongs to the object at ffff888106b39340
[ 3386.720486] which belongs to the cache kmalloc-16 of size 16
[ 3386.722122] The buggy address is located 8 bytes inside of
[ 3386.722122] 16-byte region [ffff888106b39340, ffff888106b39350)
[ 3386.723647]
[ 3386.723880] The buggy address belongs to the physical page:
[ 3386.724638] page:00000000019d19ac refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888106b39ba0 pfn:0x106b39
[ 3386.726062] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 3386.727002] raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3386.728043] raw: ffff888106b39200 000000008080007a 00000001ffffffff 0000000000000000
[ 3386.729081] page dumped because: kasan: bad access detected
[ 3386.729832]
[ 3386.730070] Memory state around the buggy address:
[ 3386.730734] ffff888106b39200: fb fb fc fc 00 00 fc fc 00 00 fc fc fa fb fc fc
[ 3386.731708] ffff888106b39280: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 3386.732683] >ffff888106b39300: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc
[ 3386.733657] ^
[ 3386.734415] ffff888106b39380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 3386.735391] ffff888106b39400: fa fb fc fc 00 00 fc fc fa fb fc fc fb fb fc fc
[ 3386.736326] ==================================================================
[ 3386.737482] ok 24 - kmalloc_uaf
[ 3386.737722] ==================================================================
[ 3386.739138] BUG: KASAN: use-after-free in kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 3386.740200] Write of size 33 at addr ffff8881093a9400 by task kunit_try_catch/121600
[ 3386.741241]
[ 3386.741476] CPU: 1 PID: 121600 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.743223] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.744008] Call Trace:
[ 3386.744325]
[ 3386.744605] ? kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 3386.745364] dump_stack_lvl+0x57/0x81
[ 3386.745889] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.746597] ? kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 3386.747354] print_report.cold+0x5c/0x237
[ 3386.747925] kasan_report+0xc9/0x100
[ 3386.748405] ? kmalloc_uaf_memset+0xc1/0x280 [test_kasan]
[ 3386.749146] ? kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 3386.749895] kasan_check_range+0xfd/0x1e0
[ 3386.750455] memset+0x20/0x50
[ 3386.750882] kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 3386.751612] ? kmem_cache_accounted+0x170/0x170 [test_kasan]
[ 3386.752342] ? do_raw_spin_trylock+0xb5/0x180
[ 3386.752962] ? do_raw_spin_lock+0x270/0x270
[ 3386.753547] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.754274] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.754945] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.755621] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.756293] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.757096] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.757798] kthread+0x2a4/0x350
[ 3386.758231] ? kthread_complete_and_exit+0x20/0x20
[ 3386.758849] ret_from_fork+0x1f/0x30
[ 3386.759367]
[ 3386.759687]
[ 3386.759925] Allocated by task 121600:
[ 3386.760413] kasan_save_stack+0x1e/0x40
[ 3386.760943] __kasan_kmalloc+0x81/0xa0
[ 3386.761409] kmalloc_uaf_memset+0x9a/0x280 [test_kasan]
[ 3386.762086] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.762687] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.763532] kthread+0x2a4/0x350
[ 3386.763990] ret_from_fork+0x1f/0x30
[ 3386.764436]
[ 3386.764644] Freed by task 121600:
[ 3386.765075] kasan_save_stack+0x1e/0x40
[ 3386.765555] kasan_set_track+0x21/0x30
[ 3386.766026] kasan_set_free_info+0x20/0x40
[ 3386.766532] __kasan_slab_free+0x108/0x170
[ 3386.767098] slab_free_freelist_hook+0x11d/0x1d0
[ 3386.767735] kfree+0xe2/0x3c0
[ 3386.768144] kmalloc_uaf_memset+0x137/0x280 [test_kasan]
[ 3386.768791] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.769396] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.770141] kthread+0x2a4/0x350
[ 3386.770549] ret_from_fork+0x1f/0x30
[ 3386.771064]
[ 3386.771297] The buggy address belongs to the object at ffff8881093a9400
[ 3386.771297] which belongs to the cache kmalloc-64 of size 64
[ 3386.772963] The buggy address is located 0 bytes inside of
[ 3386.772963] 64-byte region [ffff8881093a9400, ffff8881093a9440)
[ 3386.774514]
[ 3386.774748] The buggy address belongs to the physical page:
[ 3386.775504] page:000000003871fbdc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1093a9
[ 3386.776798] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 3386.777739] raw: 0017ffffc0000200 ffffea0004263840 dead000000000006 ffff888100041640
[ 3386.778784] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 3386.779832] page dumped because: kasan: bad access detected
[ 3386.780547]
[ 3386.780778] Memory state around the buggy address:
[ 3386.781436] ffff8881093a9300: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc
[ 3386.782362] ffff8881093a9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 3386.783316] >ffff8881093a9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 3386.784276] ^
[ 3386.784684] ffff8881093a9480: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 3386.785675] ffff8881093a9500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 3386.786661] ==================================================================
[ 3386.787910] ok 25 - kmalloc_uaf_memset
[ 3386.788148] ==================================================================
[ 3386.789645] BUG: KASAN: use-after-free in kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 3386.790535] Read of size 1 at addr ffff8881093a9728 by task kunit_try_catch/121601
[ 3386.791541]
[ 3386.791776] CPU: 1 PID: 121601 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.793552] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.794289] Call Trace:
[ 3386.794605]
[ 3386.794910] ? kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 3386.795598] dump_stack_lvl+0x57/0x81
[ 3386.796100] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.796805] ? kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 3386.797421] print_report.cold+0x5c/0x237
[ 3386.797927] kasan_report+0xc9/0x100
[ 3386.798379] ? kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 3386.799037] kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 3386.799698] ? kfree_via_page+0x290/0x290 [test_kasan]
[ 3386.800384] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.800969] ? lock_acquire+0x4ea/0x620
[ 3386.801447] ? rcu_read_unlock+0x40/0x40
[ 3386.801937] ? rcu_read_unlock+0x40/0x40
[ 3386.802422] ? rcu_read_lock_sched_held+0x12/0x80
[ 3386.803078] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.803851] ? do_raw_spin_lock+0x270/0x270
[ 3386.804375] ? trace_hardirqs_on+0x2d/0x160
[ 3386.804935] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3386.805622] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.806318] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.806968] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.807651] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.808397] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.809086] kthread+0x2a4/0x350
[ 3386.809562] ? kthread_complete_and_exit+0x20/0x20
[ 3386.810243] ret_from_fork+0x1f/0x30
[ 3386.810756]
[ 3386.811085]
[ 3386.811319] Allocated by task 121601:
[ 3386.811837] kasan_save_stack+0x1e/0x40
[ 3386.812317] __kasan_kmalloc+0x81/0xa0
[ 3386.812807] kmalloc_uaf2+0xad/0x430 [test_kasan]
[ 3386.813453] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.814057] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.814794] kthread+0x2a4/0x350
[ 3386.815254] ret_from_fork+0x1f/0x30
[ 3386.815753]
[ 3386.815991] Freed by task 121601:
[ 3386.816430] kasan_save_stack+0x1e/0x40
[ 3386.816952] kasan_set_track+0x21/0x30
[ 3386.817471] kasan_set_free_info+0x20/0x40
[ 3386.818029] __kasan_slab_free+0x108/0x170
[ 3386.818534] slab_free_freelist_hook+0x11d/0x1d0
[ 3386.819173] kfree+0xe2/0x3c0
[ 3386.819596] kmalloc_uaf2+0x144/0x430 [test_kasan]
[ 3386.820232] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.820862] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.821694] kthread+0x2a4/0x350
[ 3386.822154] ret_from_fork+0x1f/0x30
[ 3386.822621]
[ 3386.822860] The buggy address belongs to the object at ffff8881093a9700
[ 3386.822860] which belongs to the cache kmalloc-64 of size 64
[ 3386.824436] The buggy address is located 40 bytes inside of
[ 3386.824436] 64-byte region [ffff8881093a9700, ffff8881093a9740)
[ 3386.825955]
[ 3386.826163] The buggy address belongs to the physical page:
[ 3386.826865] page:000000003871fbdc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1093a9
[ 3386.828043] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 3386.828995] raw: 0017ffffc0000200 ffffea0004263840 dead000000000006 ffff888100041640
[ 3386.830037] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 3386.831024] page dumped because: kasan: bad access detected
[ 3386.831775]
[ 3386.832006] Memory state around the buggy address:
[ 3386.832593] ffff8881093a9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 3386.833573] ffff8881093a9680: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 3386.834549] >ffff8881093a9700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 3386.835526] ^
[ 3386.836162] ffff8881093a9780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 3386.837090] ffff8881093a9800: 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc
[ 3386.838054] ==================================================================
[ 3386.839111] ok 26 - kmalloc_uaf2
[ 3386.839366] ok 27 - kfree_via_page
[ 3386.840212] ok 28 - kfree_via_phys
[ 3386.841174] ==================================================================
[ 3386.842604] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 3386.843728] Read of size 1 at addr ffff88801fe385f0 by task kunit_try_catch/121604
[ 3386.844752]
[ 3386.844991] CPU: 1 PID: 121604 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3386.846843] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3386.847637] Call Trace:
[ 3386.847993]
[ 3386.848315] ? kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 3386.849033] dump_stack_lvl+0x57/0x81
[ 3386.849551] print_address_description.constprop.0+0x1f/0x1e0
[ 3386.850342] ? kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 3386.851050] print_report.cold+0x5c/0x237
[ 3386.851609] kasan_report+0xc9/0x100
[ 3386.852117] ? kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 3386.852823] kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 3386.853515] ? kmem_cache_double_free+0x280/0x280 [test_kasan]
[ 3386.854332] ? do_raw_spin_trylock+0xb5/0x180
[ 3386.854944] ? do_raw_spin_lock+0x270/0x270
[ 3386.855541] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3386.856305] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3386.857007] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.857679] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3386.858378] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.859218] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3386.859926] kthread+0x2a4/0x350
[ 3386.860385] ? kthread_complete_and_exit+0x20/0x20
[ 3386.861049] ret_from_fork+0x1f/0x30
[ 3386.861561]
[ 3386.861880]
[ 3386.862117] Allocated by task 121604:
[ 3386.862626] kasan_save_stack+0x1e/0x40
[ 3386.863161] __kasan_slab_alloc+0x66/0x80
[ 3386.863712] kmem_cache_alloc+0x161/0x310
[ 3386.864270] kmem_cache_oob+0x121/0x2e0 [test_kasan]
[ 3386.864958] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3386.865629] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3386.866512] kthread+0x2a4/0x350
[ 3386.866973] ret_from_fork+0x1f/0x30
[ 3386.867474]
[ 3386.867707] The buggy address belongs to the object at ffff88801fe38528
[ 3386.867707] which belongs to the cache test_cache of size 200
[ 3386.869356] The buggy address is located 0 bytes to the right of
[ 3386.869356] 200-byte region [ffff88801fe38528, ffff88801fe385f0)
[ 3386.870898]
[ 3386.871112] The buggy address belongs to the physical page:
[ 3386.871786] page:000000005f30ae6e refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1fe38
[ 3386.872901] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3386.873735] raw: 000fffffc0000200 0000000000000000 dead000000000122 ffff88800294b280
[ 3386.874767] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000
[ 3386.875809] page dumped because: kasan: bad access detected
[ 3386.876566]
[ 3386.876800] Memory state around the buggy address:
[ 3386.877463] ffff88801fe38480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.878438] ffff88801fe38500: fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00
[ 3386.879413] >ffff88801fe38580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[ 3386.880386] ^
[ 3386.881310] ffff88801fe38600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.882282] ffff88801fe38680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3386.883258] ==================================================================
[ 3386.889622] ok 29 - kmem_cache_oob
[ 3387.414091] ok 30 - kmem_cache_accounted
[ 3387.420081] ok 31 - kmem_cache_bulk
[ 3387.420932] ==================================================================
[ 3387.422389] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 3387.423498] Read of size 1 at addr ffffffffc192d90d by task kunit_try_catch/121607
[ 3387.424450]
[ 3387.424685] CPU: 1 PID: 121607 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3387.426505] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3387.427291] Call Trace:
[ 3387.427645]
[ 3387.427958] ? kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 3387.428770] dump_stack_lvl+0x57/0x81
[ 3387.429296] print_address_description.constprop.0+0x1f/0x1e0
[ 3387.430088] ? kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 3387.430889] print_report.cold+0x5c/0x237
[ 3387.431450] kasan_report+0xc9/0x100
[ 3387.431958] ? kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 3387.432755] kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 3387.433533] ? kasan_stack_oob+0x200/0x200 [test_kasan]
[ 3387.434255] ? do_raw_spin_trylock+0xb5/0x180
[ 3387.434863] ? do_raw_spin_lock+0x270/0x270
[ 3387.435452] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3387.436214] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3387.436915] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.437591] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3387.438290] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.439125] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3387.439830] kthread+0x2a4/0x350
[ 3387.440293] ? kthread_complete_and_exit+0x20/0x20
[ 3387.440956] ret_from_fork+0x1f/0x30
[ 3387.441469]
[ 3387.441788]
[ 3387.442026] The buggy address belongs to the variable:
[ 3387.442722] global_array+0xd/0xfffffffffffe5700 [test_kasan]
[ 3387.443509]
[ 3387.443744] Memory state around the buggy address:
[ 3387.444403] ffffffffc192d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.445379] ffffffffc192d880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.446354] >ffffffffc192d900: 00 02 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9
[ 3387.447324] ^
[ 3387.447813] ffffffffc192d980: 02 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 f9 f9
[ 3387.448711] ffffffffc192da00: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
[ 3387.449659] ==================================================================
[ 3387.450809] ok 32 - kasan_global_oob_right
[ 3387.451053] ok 33 - kasan_global_oob_left # SKIP Test requires CONFIG_CC_IS_CLANG=y
[ 3387.451918] ==================================================================
[ 3387.453976] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 3387.455057] Read of size 1 at addr ffffc90001067e7a by task kunit_try_catch/121609
[ 3387.456074]
[ 3387.456309] CPU: 1 PID: 121609 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3387.458131] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3387.458919] Call Trace:
[ 3387.459285]
[ 3387.459598] ? kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 3387.460321] dump_stack_lvl+0x57/0x81
[ 3387.460837] print_address_description.constprop.0+0x1f/0x1e0
[ 3387.461630] ? kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 3387.462349] print_report.cold+0x5c/0x237
[ 3387.462913] kasan_report+0xc9/0x100
[ 3387.463416] ? kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 3387.464141] kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 3387.464835] ? match_all_mem_tag+0x20/0x20 [test_kasan]
[ 3387.465555] ? rcu_read_unlock+0x40/0x40
[ 3387.466102] ? rcu_read_lock_sched_held+0x12/0x80
[ 3387.466741] ? do_raw_spin_trylock+0xb5/0x180
[ 3387.467287] ? do_raw_spin_lock+0x270/0x270
[ 3387.467806] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3387.468609] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3387.469297] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3387.469989] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.470590] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3387.471238] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.472109] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3387.472818] kthread+0x2a4/0x350
[ 3387.473283] ? kthread_complete_and_exit+0x20/0x20
[ 3387.473948] ret_from_fork+0x1f/0x30
[ 3387.474461]
[ 3387.474779]
[ 3387.475017] The buggy address belongs to stack of task kunit_try_catch/121609
[ 3387.475990] and is located at offset 266 in frame:
[ 3387.476584] kasan_stack_oob+0x0/0x200 [test_kasan]
[ 3387.477248]
[ 3387.477481] This frame has 4 objects:
[ 3387.477995] [48, 56) 'array'
[ 3387.477999] [80, 128) '__assertion'
[ 3387.478424] [160, 224) '__assertion'
[ 3387.478928] [256, 266) 'stack_array'
[ 3387.479443]
[ 3387.480195] The buggy address belongs to the virtual mapping at
[ 3387.480195] [ffffc90001060000, ffffc90001069000) created by:
[ 3387.480195] dup_task_struct+0x5e/0x5a0
[ 3387.482246]
[ 3387.482480] The buggy address belongs to the physical page:
[ 3387.483239] page:000000009d4f8202 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2fcc
[ 3387.484476] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)
[ 3387.485354] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 3387.486401] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3387.487473] page dumped because: kasan: bad access detected
[ 3387.488233]
[ 3387.488467] Memory state around the buggy address:
[ 3387.489128] ffffc90001067d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1
[ 3387.490107] ffffc90001067d80: f1 f1 f1 f1 00 f2 f2 f2 00 00 00 00 00 00 f2 f2
[ 3387.491090] >ffffc90001067e00: f2 f2 00 00 00 00 00 00 00 00 f2 f2 f2 f2 00 02
[ 3387.492069] ^
[ 3387.493037] ffffc90001067e80: f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.494015] ffffc90001067f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.494997] ==================================================================
[ 3387.496155] ok 34 - kasan_stack_oob
[ 3387.496405] ==================================================================
[ 3387.497946] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 3387.499113] Read of size 1 at addr ffffc90001047d1f by task kunit_try_catch/121610
[ 3387.500087]
[ 3387.500321] CPU: 1 PID: 121610 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3387.502158] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3387.502947] Call Trace:
[ 3387.503301]
[ 3387.503613] ? kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 3387.504358] dump_stack_lvl+0x57/0x81
[ 3387.504823] print_address_description.constprop.0+0x1f/0x1e0
[ 3387.505582] ? kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 3387.506376] print_report.cold+0x5c/0x237
[ 3387.506944] kasan_report+0xc9/0x100
[ 3387.507451] ? kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 3387.508246] kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 3387.509015] ? rcu_read_lock_sched_held+0x12/0x80
[ 3387.509666] ? rcu_read_lock_sched_held+0x12/0x80
[ 3387.510323] ? lock_acquire+0x4ea/0x620
[ 3387.510867] ? kasan_alloca_oob_right+0x290/0x290 [test_kasan]
[ 3387.511668] ? rcu_read_lock_sched_held+0x12/0x80
[ 3387.512325] ? do_raw_spin_trylock+0xb5/0x180
[ 3387.512934] ? do_raw_spin_lock+0x270/0x270
[ 3387.513516] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3387.514284] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3387.514973] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3387.515711] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.516400] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3387.517099] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.517967] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3387.518675] kthread+0x2a4/0x350
[ 3387.519148] ? kthread_complete_and_exit+0x20/0x20
[ 3387.519821] ret_from_fork+0x1f/0x30
[ 3387.520338]
[ 3387.520657]
[ 3387.520898] The buggy address belongs to stack of task kunit_try_catch/121610
[ 3387.521906]
[ 3387.522144] The buggy address belongs to the virtual mapping at
[ 3387.522144] [ffffc90001040000, ffffc90001049000) created by:
[ 3387.522144] dup_task_struct+0x5e/0x5a0
[ 3387.524177]
[ 3387.524386] The buggy address belongs to the physical page:
[ 3387.525065] page:0000000031ade418 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x48a98
[ 3387.526176] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)
[ 3387.526961] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 3387.527893] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3387.528819] page dumped because: kasan: bad access detected
[ 3387.529497]
[ 3387.529705] Memory state around the buggy address:
[ 3387.530297] ffffc90001047c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.531172] ffffc90001047c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.532047] >ffffc90001047d00: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00
[ 3387.532919] ^
[ 3387.533412] ffffc90001047d80: f1 f1 f1 f1 04 f2 00 f2 f2 f2 00 00 00 00 00 00
[ 3387.534389] ffffc90001047e00: f2 f2 f2 f2 00 00 00 00 00 00 00 00 f3 f3 f3 f3
[ 3387.535378] ==================================================================
[ 3387.536538] ok 35 - kasan_alloca_oob_left
[ 3387.536790] ==================================================================
[ 3387.538396] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 3387.539585] Read of size 1 at addr ffffc90001067d2a by task kunit_try_catch/121611
[ 3387.540619]
[ 3387.540854] CPU: 1 PID: 121611 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3387.542595] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3387.543300] Call Trace:
[ 3387.543665]
[ 3387.543981] ? kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 3387.544784] dump_stack_lvl+0x57/0x81
[ 3387.545304] print_address_description.constprop.0+0x1f/0x1e0
[ 3387.546103] ? kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 3387.546816] print_report.cold+0x5c/0x237
[ 3387.547317] kasan_report+0xc9/0x100
[ 3387.547796] ? kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 3387.548597] kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 3387.549382] ? rcu_read_lock_sched_held+0x12/0x80
[ 3387.550064] ? rcu_read_lock_sched_held+0x12/0x80
[ 3387.550713] ? lock_acquire+0x4ea/0x620
[ 3387.551274] ? ksize_unpoisons_memory+0x300/0x300 [test_kasan]
[ 3387.552081] ? rcu_read_lock_sched_held+0x12/0x80
[ 3387.552733] ? do_raw_spin_trylock+0xb5/0x180
[ 3387.553345] ? do_raw_spin_lock+0x270/0x270
[ 3387.553901] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3387.554583] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3387.555270] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3387.555979] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.556583] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3387.557211] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.557959] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3387.558680] kthread+0x2a4/0x350
[ 3387.559142] ? kthread_complete_and_exit+0x20/0x20
[ 3387.559750] ret_from_fork+0x1f/0x30
[ 3387.560215]
[ 3387.560502]
[ 3387.560711] The buggy address belongs to stack of task kunit_try_catch/121611
[ 3387.561580]
[ 3387.561794] The buggy address belongs to the virtual mapping at
[ 3387.561794] [ffffc90001060000, ffffc90001069000) created by:
[ 3387.561794] dup_task_struct+0x5e/0x5a0
[ 3387.563720]
[ 3387.563960] The buggy address belongs to the physical page:
[ 3387.564717] page:000000009d4f8202 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2fcc
[ 3387.565931] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)
[ 3387.566715] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 3387.567649] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3387.568582] page dumped because: kasan: bad access detected
[ 3387.569260]
[ 3387.569469] Memory state around the buggy address:
[ 3387.570063] ffffc90001067c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.570941] ffffc90001067c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.571839] >ffffc90001067d00: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00
[ 3387.572823] ^
[ 3387.573389] ffffc90001067d80: f1 f1 f1 f1 04 f2 00 f2 f2 f2 00 00 00 00 00 00
[ 3387.574263] ffffc90001067e00: f2 f2 f2 f2 00 00 00 00 00 00 00 00 f3 f3 f3 f3
[ 3387.575136] ==================================================================
[ 3387.576205] ok 36 - kasan_alloca_oob_right
[ 3387.576429] ==================================================================
[ 3387.577878] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 3387.578914] Read of size 1 at addr ffff88804877f680 by task kunit_try_catch/121612
[ 3387.579826]
[ 3387.580040] CPU: 1 PID: 121612 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3387.581674] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3387.582381] Call Trace:
[ 3387.582697]
[ 3387.582980] ? ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 3387.583694] dump_stack_lvl+0x57/0x81
[ 3387.584161] print_address_description.constprop.0+0x1f/0x1e0
[ 3387.584872] ? ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 3387.585588] print_report.cold+0x5c/0x237
[ 3387.586092] kasan_report+0xc9/0x100
[ 3387.586545] ? ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 3387.587264] ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 3387.587965] ? ksize_uaf+0x4a0/0x4a0 [test_kasan]
[ 3387.588552] ? do_raw_spin_trylock+0xb5/0x180
[ 3387.589111] ? do_raw_spin_lock+0x270/0x270
[ 3387.589635] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3387.590368] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3387.591078] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.591717] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3387.592343] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.593092] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3387.593743] kthread+0x2a4/0x350
[ 3387.594208] ? kthread_complete_and_exit+0x20/0x20
[ 3387.594872] ret_from_fork+0x1f/0x30
[ 3387.595370]
[ 3387.595699]
[ 3387.595938] Allocated by task 121612:
[ 3387.596449] kasan_save_stack+0x1e/0x40
[ 3387.596990] __kasan_kmalloc+0x81/0xa0
[ 3387.597526] ksize_unpoisons_memory+0x9a/0x300 [test_kasan]
[ 3387.598296] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.598986] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.599848] kthread+0x2a4/0x350
[ 3387.600314] ret_from_fork+0x1f/0x30
[ 3387.600817]
[ 3387.601056] The buggy address belongs to the object at ffff88804877f600
[ 3387.601056] which belongs to the cache kmalloc-128 of size 128
[ 3387.602727] The buggy address is located 0 bytes to the right of
[ 3387.602727] 128-byte region [ffff88804877f600, ffff88804877f680)
[ 3387.604335]
[ 3387.604572] The buggy address belongs to the physical page:
[ 3387.605334] page:000000003158c83a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4877f
[ 3387.606600] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3387.607550] raw: 000fffffc0000200 dead000000000100 dead000000000122 ffff8881000418c0
[ 3387.608614] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3387.609656] page dumped because: kasan: bad access detected
[ 3387.610413]
[ 3387.610646] Memory state around the buggy address:
[ 3387.611307] ffff88804877f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.612320] ffff88804877f600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.613304] >ffff88804877f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.614294] ^
[ 3387.614774] ffff88804877f700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3387.615749] ffff88804877f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.616725] ==================================================================
[ 3387.617796] ok 37 - ksize_unpoisons_memory
[ 3387.618063] ==================================================================
[ 3387.619666] BUG: KASAN: use-after-free in ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 3387.620627] Read of size 1 at addr ffff88804877fc00 by task kunit_try_catch/121613
[ 3387.621649]
[ 3387.621892] CPU: 1 PID: 121613 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3387.623726] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3387.624515] Call Trace:
[ 3387.624875]
[ 3387.625186] ? ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 3387.625840] dump_stack_lvl+0x57/0x81
[ 3387.626363] print_address_description.constprop.0+0x1f/0x1e0
[ 3387.627158] ? ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 3387.627810] print_report.cold+0x5c/0x237
[ 3387.628374] kasan_report+0xc9/0x100
[ 3387.628884] ? ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 3387.629537] ? ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 3387.630193] __kasan_check_byte+0x36/0x50
[ 3387.630752] ksize+0x1b/0x50
[ 3387.631173] ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 3387.631809] ? kmem_cache_oob+0x2e0/0x2e0 [test_kasan]
[ 3387.632523] ? do_raw_spin_trylock+0xb5/0x180
[ 3387.633135] ? do_raw_spin_lock+0x270/0x270
[ 3387.633718] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3387.634482] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3387.635188] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.635866] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3387.636562] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.637399] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3387.638109] kthread+0x2a4/0x350
[ 3387.638568] ? kthread_complete_and_exit+0x20/0x20
[ 3387.639238] ret_from_fork+0x1f/0x30
[ 3387.639771]
[ 3387.640099]
[ 3387.640332] Allocated by task 121613:
[ 3387.640855] kasan_save_stack+0x1e/0x40
[ 3387.641388] __kasan_kmalloc+0x81/0xa0
[ 3387.641915] ksize_uaf+0x9a/0x4a0 [test_kasan]
[ 3387.642532] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.643207] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.644045] kthread+0x2a4/0x350
[ 3387.644501] ret_from_fork+0x1f/0x30
[ 3387.645004]
[ 3387.645236] Freed by task 121613:
[ 3387.645704] kasan_save_stack+0x1e/0x40
[ 3387.646237] kasan_set_track+0x21/0x30
[ 3387.646759] kasan_set_free_info+0x20/0x40
[ 3387.647327] __kasan_slab_free+0x108/0x170
[ 3387.647895] slab_free_freelist_hook+0x11d/0x1d0
[ 3387.648533] kfree+0xe2/0x3c0
[ 3387.648962] ksize_uaf+0x137/0x4a0 [test_kasan]
[ 3387.649588] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.650271] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.651017] kthread+0x2a4/0x350
[ 3387.651464] ret_from_fork+0x1f/0x30
[ 3387.651972]
[ 3387.652205] The buggy address belongs to the object at ffff88804877fc00
[ 3387.652205] which belongs to the cache kmalloc-128 of size 128
[ 3387.653858] The buggy address is located 0 bytes inside of
[ 3387.653858] 128-byte region [ffff88804877fc00, ffff88804877fc80)
[ 3387.655391]
[ 3387.655624] The buggy address belongs to the physical page:
[ 3387.656380] page:000000003158c83a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4877f
[ 3387.657623] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3387.658554] raw: 000fffffc0000200 dead000000000100 dead000000000122 ffff8881000418c0
[ 3387.659595] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3387.660617] page dumped because: kasan: bad access detected
[ 3387.661405]
[ 3387.661639] Memory state around the buggy address:
[ 3387.662312] ffff88804877fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.663289] ffff88804877fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.664279] >ffff88804877fc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3387.665290] ^
[ 3387.665748] ffff88804877fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.666722] ffff88804877fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3387.667715] ==================================================================
[ 3387.668840] ==================================================================
[ 3387.669826] BUG: KASAN: use-after-free in ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 3387.670787] Read of size 1 at addr ffff88804877fc00 by task kunit_try_catch/121613
[ 3387.671806]
[ 3387.672044] CPU: 1 PID: 121613 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3387.673908] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3387.674697] Call Trace:
[ 3387.675054]
[ 3387.675375] ? ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 3387.676032] dump_stack_lvl+0x57/0x81
[ 3387.676560] print_address_description.constprop.0+0x1f/0x1e0
[ 3387.677363] ? ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 3387.678021] print_report.cold+0x5c/0x237
[ 3387.678587] kasan_report+0xc9/0x100
[ 3387.679109] ? ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 3387.679770] ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 3387.680427] ? kmem_cache_oob+0x2e0/0x2e0 [test_kasan]
[ 3387.681137] ? do_raw_spin_trylock+0xb5/0x180
[ 3387.681745] ? do_raw_spin_lock+0x270/0x270
[ 3387.682349] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3387.683130] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3387.683833] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.684518] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3387.685236] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.686116] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3387.686859] kthread+0x2a4/0x350
[ 3387.687333] ? kthread_complete_and_exit+0x20/0x20
[ 3387.687999] ret_from_fork+0x1f/0x30
[ 3387.688511]
[ 3387.688831]
[ 3387.689069] Allocated by task 121613:
[ 3387.689579] kasan_save_stack+0x1e/0x40
[ 3387.690115] __kasan_kmalloc+0x81/0xa0
[ 3387.690639] ksize_uaf+0x9a/0x4a0 [test_kasan]
[ 3387.691263] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.691952] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.692801] kthread+0x2a4/0x350
[ 3387.693270] ret_from_fork+0x1f/0x30
[ 3387.693770]
[ 3387.694007] Freed by task 121613:
[ 3387.694472] kasan_save_stack+0x1e/0x40
[ 3387.695009] kasan_set_track+0x21/0x30
[ 3387.695530] kasan_set_free_info+0x20/0x40
[ 3387.696097] __kasan_slab_free+0x108/0x170
[ 3387.696661] slab_free_freelist_hook+0x11d/0x1d0
[ 3387.697304] kfree+0xe2/0x3c0
[ 3387.697727] ksize_uaf+0x137/0x4a0 [test_kasan]
[ 3387.698359] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.699056] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.699893] kthread+0x2a4/0x350
[ 3387.700349] ret_from_fork+0x1f/0x30
[ 3387.700857]
[ 3387.701091] The buggy address belongs to the object at ffff88804877fc00
[ 3387.701091] which belongs to the cache kmalloc-128 of size 128
[ 3387.702749] The buggy address is located 0 bytes inside of
[ 3387.702749] 128-byte region [ffff88804877fc00, ffff88804877fc80)
[ 3387.704285]
[ 3387.704521] The buggy address belongs to the physical page:
[ 3387.705281] page:000000003158c83a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4877f
[ 3387.706526] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3387.707459] raw: 000fffffc0000200 dead000000000100 dead000000000122 ffff8881000418c0
[ 3387.708505] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3387.709549] page dumped because: kasan: bad access detected
[ 3387.710307]
[ 3387.710540] Memory state around the buggy address:
[ 3387.711204] ffff88804877fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.712180] ffff88804877fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.713160] >ffff88804877fc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3387.714135] ^
[ 3387.714592] ffff88804877fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.715566] ffff88804877fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3387.716546] ==================================================================
[ 3387.717573] ==================================================================
[ 3387.718552] BUG: KASAN: use-after-free in ksize_uaf+0x470/0x4a0 [test_kasan]
[ 3387.719514] Read of size 1 at addr ffff88804877fc78 by task kunit_try_catch/121613
[ 3387.720532]
[ 3387.720767] CPU: 1 PID: 121613 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3387.722602] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3387.723395] Call Trace:
[ 3387.723750]
[ 3387.724069] ? ksize_uaf+0x470/0x4a0 [test_kasan]
[ 3387.724723] dump_stack_lvl+0x57/0x81
[ 3387.725246] print_address_description.constprop.0+0x1f/0x1e0
[ 3387.726048] ? ksize_uaf+0x470/0x4a0 [test_kasan]
[ 3387.726702] print_report.cold+0x5c/0x237
[ 3387.727268] kasan_report+0xc9/0x100
[ 3387.727773] ? ksize_uaf+0x470/0x4a0 [test_kasan]
[ 3387.728432] ksize_uaf+0x470/0x4a0 [test_kasan]
[ 3387.729072] ? kmem_cache_oob+0x2e0/0x2e0 [test_kasan]
[ 3387.729783] ? do_raw_spin_trylock+0xb5/0x180
[ 3387.730393] ? do_raw_spin_lock+0x270/0x270
[ 3387.730979] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3387.731747] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3387.732456] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.733142] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3387.733846] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.734683] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3387.735396] kthread+0x2a4/0x350
[ 3387.735863] ? kthread_complete_and_exit+0x20/0x20
[ 3387.736524] ret_from_fork+0x1f/0x30
[ 3387.737043]
[ 3387.737362]
[ 3387.737595] Allocated by task 121613:
[ 3387.738107] kasan_save_stack+0x1e/0x40
[ 3387.738638] __kasan_kmalloc+0x81/0xa0
[ 3387.739164] ksize_uaf+0x9a/0x4a0 [test_kasan]
[ 3387.739783] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.740457] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.741292] kthread+0x2a4/0x350
[ 3387.741748] ret_from_fork+0x1f/0x30
[ 3387.742253]
[ 3387.742485] Freed by task 121613:
[ 3387.742953] kasan_save_stack+0x1e/0x40
[ 3387.743484] kasan_set_track+0x21/0x30
[ 3387.744008] kasan_set_free_info+0x20/0x40
[ 3387.744574] __kasan_slab_free+0x108/0x170
[ 3387.745141] slab_free_freelist_hook+0x11d/0x1d0
[ 3387.745777] kfree+0xe2/0x3c0
[ 3387.746204] ksize_uaf+0x137/0x4a0 [test_kasan]
[ 3387.746835] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.747512] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.748345] kthread+0x2a4/0x350
[ 3387.748801] ret_from_fork+0x1f/0x30
[ 3387.749304]
[ 3387.749537] The buggy address belongs to the object at ffff88804877fc00
[ 3387.749537] which belongs to the cache kmalloc-128 of size 128
[ 3387.751192] The buggy address is located 120 bytes inside of
[ 3387.751192] 128-byte region [ffff88804877fc00, ffff88804877fc80)
[ 3387.752749]
[ 3387.752987] The buggy address belongs to the physical page:
[ 3387.753746] page:000000003158c83a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4877f
[ 3387.754993] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3387.755918] raw: 000fffffc0000200 dead000000000100 dead000000000122 ffff8881000418c0
[ 3387.756956] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 3387.757995] page dumped because: kasan: bad access detected
[ 3387.758751]
[ 3387.758989] Memory state around the buggy address:
[ 3387.759646] ffff88804877fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.760622] ffff88804877fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.761597] >ffff88804877fc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3387.762571] ^
[ 3387.763536] ffff88804877fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.764513] ffff88804877fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3387.765490] ==================================================================
[ 3387.767257] ok 38 - ksize_uaf
[ 3387.775252] ==================================================================
[ 3387.776782] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0x152/0x400
[ 3387.777819]
[ 3387.778057] CPU: 0 PID: 121614 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3387.780491] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3387.781539] Call Trace:
[ 3387.782014]
[ 3387.782429] dump_stack_lvl+0x57/0x81
[ 3387.783119] print_address_description.constprop.0+0x1f/0x1e0
[ 3387.784163] print_report.cold+0x5c/0x237
[ 3387.784899] ? kmem_cache_free+0x152/0x400
[ 3387.785643] ? kmem_cache_free+0x152/0x400
[ 3387.786394] kasan_report_invalid_free+0x99/0xc0
[ 3387.787247] ? kmem_cache_free+0x152/0x400
[ 3387.788001] ? kmem_cache_free+0x152/0x400
[ 3387.788747] __kasan_slab_free+0x152/0x170
[ 3387.789510] slab_free_freelist_hook+0x11d/0x1d0
[ 3387.790369] ? kmem_cache_double_free+0x1bd/0x280 [test_kasan]
[ 3387.791207] kmem_cache_free+0x152/0x400
[ 3387.791776] kmem_cache_double_free+0x1bd/0x280 [test_kasan]
[ 3387.792557] ? kmem_cache_invalid_free+0x280/0x280 [test_kasan]
[ 3387.793385] ? do_raw_spin_trylock+0xb5/0x180
[ 3387.794013] ? do_raw_spin_lock+0x270/0x270
[ 3387.794594] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3387.795402] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3387.796133] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3387.796888] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.797564] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3387.798299] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.799152] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3387.799901] kthread+0x2a4/0x350
[ 3387.800360] ? kthread_complete_and_exit+0x20/0x20
[ 3387.801072] ret_from_fork+0x1f/0x30
[ 3387.801585]
[ 3387.801920]
[ 3387.802153] Allocated by task 121614:
[ 3387.802661] kasan_save_stack+0x1e/0x40
[ 3387.803197] __kasan_slab_alloc+0x66/0x80
[ 3387.803746] kmem_cache_alloc+0x161/0x310
[ 3387.804299] kmem_cache_double_free+0x123/0x280 [test_kasan]
[ 3387.805130] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.805802] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.806629] kthread+0x2a4/0x350
[ 3387.807087] ret_from_fork+0x1f/0x30
[ 3387.807586]
[ 3387.807817] Freed by task 121614:
[ 3387.808285] kasan_save_stack+0x1e/0x40
[ 3387.808864] kasan_set_track+0x21/0x30
[ 3387.809393] kasan_set_free_info+0x20/0x40
[ 3387.809959] __kasan_slab_free+0x108/0x170
[ 3387.810520] slab_free_freelist_hook+0x11d/0x1d0
[ 3387.811158] kmem_cache_free+0x152/0x400
[ 3387.811698] kmem_cache_double_free+0x144/0x280 [test_kasan]
[ 3387.812472] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.813197] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.814025] kthread+0x2a4/0x350
[ 3387.814478] ret_from_fork+0x1f/0x30
[ 3387.814980]
[ 3387.815211] The buggy address belongs to the object at ffff8880a4553630
[ 3387.815211] which belongs to the cache test_cache of size 200
[ 3387.817156] The buggy address is located 0 bytes inside of
[ 3387.817156] 200-byte region [ffff8880a4553630, ffff8880a45536f8)
[ 3387.819210]
[ 3387.819523] The buggy address belongs to the physical page:
[ 3387.820528] page:000000006baf4556 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa4553
[ 3387.822191] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3387.823428] raw: 000fffffc0000200 0000000000000000 dead000000000122 ffff888034920140
[ 3387.824809] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000
[ 3387.826205] page dumped because: kasan: bad access detected
[ 3387.827207]
[ 3387.827514] Memory state around the buggy address:
[ 3387.828382] ffff8880a4553500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.829661] ffff8880a4553580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.830950] >ffff8880a4553600: fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb
[ 3387.832231] ^
[ 3387.833103] ffff8880a4553680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc
[ 3387.834395] ffff8880a4553700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.835679] ==================================================================
[ 3387.843028] ok 39 - kmem_cache_double_free
[ 3387.843757] ==================================================================
[ 3387.845928] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0x152/0x400
[ 3387.847284]
[ 3387.847597] CPU: 0 PID: 121615 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3387.849990] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3387.850962] Call Trace:
[ 3387.851376]
[ 3387.851774] dump_stack_lvl+0x57/0x81
[ 3387.852475] print_address_description.constprop.0+0x1f/0x1e0
[ 3387.853395] print_report.cold+0x5c/0x237
[ 3387.853968] ? kmem_cache_free+0x152/0x400
[ 3387.854476] ? kmem_cache_free+0x152/0x400
[ 3387.855017] kasan_report_invalid_free+0x99/0xc0
[ 3387.855799] ? kmem_cache_free+0x152/0x400
[ 3387.856569] ? kmem_cache_free+0x152/0x400
[ 3387.857255] __kasan_slab_free+0x152/0x170
[ 3387.857940] slab_free_freelist_hook+0x11d/0x1d0
[ 3387.858709] ? kmem_cache_invalid_free+0x1b6/0x280 [test_kasan]
[ 3387.859765] kmem_cache_free+0x152/0x400
[ 3387.860509] kmem_cache_invalid_free+0x1b6/0x280 [test_kasan]
[ 3387.861465] ? kmem_cache_double_destroy+0x250/0x250 [test_kasan]
[ 3387.862468] ? do_raw_spin_trylock+0xb5/0x180
[ 3387.863204] ? do_raw_spin_lock+0x270/0x270
[ 3387.863945] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3387.864975] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 3387.865891] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3387.866814] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.867614] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3387.868471] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.869571] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3387.870438] kthread+0x2a4/0x350
[ 3387.870986] ? kthread_complete_and_exit+0x20/0x20
[ 3387.871765] ret_from_fork+0x1f/0x30
[ 3387.872386]
[ 3387.872799]
[ 3387.873115] Allocated by task 121615:
[ 3387.873791] kasan_save_stack+0x1e/0x40
[ 3387.874427] __kasan_slab_alloc+0x66/0x80
[ 3387.875092] kmem_cache_alloc+0x161/0x310
[ 3387.875760] kmem_cache_invalid_free+0x126/0x280 [test_kasan]
[ 3387.876710] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.877523] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.878518] kthread+0x2a4/0x350
[ 3387.879071] ret_from_fork+0x1f/0x30
[ 3387.879666]
[ 3387.879952] The buggy address belongs to the object at ffff8880a4553d68
[ 3387.879952] which belongs to the cache test_cache of size 200
[ 3387.882016] The buggy address is located 1 bytes inside of
[ 3387.882016] 200-byte region [ffff8880a4553d68, ffff8880a4553e30)
[ 3387.883850]
[ 3387.884119] The buggy address belongs to the physical page:
[ 3387.885020] page:000000006baf4556 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa4553
[ 3387.886495] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3387.887602] raw: 000fffffc0000200 0000000000000000 dead000000000122 ffff888034920a00
[ 3387.888839] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000
[ 3387.890065] page dumped because: kasan: bad access detected
[ 3387.890979]
[ 3387.891249] Memory state around the buggy address:
[ 3387.892028] ffff8880a4553c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.893191] ffff8880a4553c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3387.894232] >ffff8880a4553d00: fc fc fc fc fc fc fc fc fc fc fc fc fc 00 00 00
[ 3387.895262] ^
[ 3387.896289] ffff8880a4553d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.897440] ffff8880a4553e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
[ 3387.898573] ==================================================================
[ 3387.905075] ok 40 - kmem_cache_invalid_free
[ 3387.906171] ==================================================================
[ 3387.908125] BUG: KASAN: use-after-free in kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 3387.909505] Read of size 1 at addr ffff888034920b40 by task kunit_try_catch/121616
[ 3387.910672]
[ 3387.910922] CPU: 0 PID: 121616 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3387.912885] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3387.913801] Call Trace:
[ 3387.914229]
[ 3387.914588] ? kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 3387.915569] dump_stack_lvl+0x57/0x81
[ 3387.916189] print_address_description.constprop.0+0x1f/0x1e0
[ 3387.917109] ? kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 3387.917974] print_report.cold+0x5c/0x237
[ 3387.918567] kasan_report+0xc9/0x100
[ 3387.919183] ? kmem_cache_free+0x110/0x400
[ 3387.919863] ? kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 3387.920836] ? kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 3387.921817] __kasan_check_byte+0x36/0x50
[ 3387.922476] kmem_cache_destroy+0x21/0x170
[ 3387.923133] kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 3387.924094] ? kmalloc_oob_right+0x510/0x510 [test_kasan]
[ 3387.924962] ? do_raw_spin_trylock+0xb5/0x180
[ 3387.925672] ? do_raw_spin_lock+0x270/0x270
[ 3387.926365] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3387.927275] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3387.928105] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.928903] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3387.929725] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.930719] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3387.931533] kthread+0x2a4/0x350
[ 3387.932007] ? kthread_complete_and_exit+0x20/0x20
[ 3387.932772] ret_from_fork+0x1f/0x30
[ 3387.933397]
[ 3387.933784]
[ 3387.934067] Allocated by task 121616:
[ 3387.934661] kasan_save_stack+0x1e/0x40
[ 3387.935292] __kasan_slab_alloc+0x66/0x80
[ 3387.935967] kmem_cache_alloc+0x161/0x310
[ 3387.936632] kmem_cache_create_usercopy+0x1b9/0x310
[ 3387.937426] kmem_cache_create+0x12/0x20
[ 3387.938060] kmem_cache_double_destroy+0x8d/0x250 [test_kasan]
[ 3387.938994] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.939815] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.940798] kthread+0x2a4/0x350
[ 3387.941343] ret_from_fork+0x1f/0x30
[ 3387.941930]
[ 3387.942195] Freed by task 121616:
[ 3387.942768] kasan_save_stack+0x1e/0x40
[ 3387.943326] kasan_set_track+0x21/0x30
[ 3387.943866] kasan_set_free_info+0x20/0x40
[ 3387.944458] __kasan_slab_free+0x108/0x170
[ 3387.945130] slab_free_freelist_hook+0x11d/0x1d0
[ 3387.945888] kmem_cache_free+0x152/0x400
[ 3387.946517] kobject_cleanup+0x101/0x390
[ 3387.947142] kmem_cache_double_destroy+0x12a/0x250 [test_kasan]
[ 3387.948022] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.948817] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.949853] kthread+0x2a4/0x350
[ 3387.950390] ret_from_fork+0x1f/0x30
[ 3387.950914]
[ 3387.951150] The buggy address belongs to the object at ffff888034920b40
[ 3387.951150] which belongs to the cache kmem_cache of size 240
[ 3387.952899] The buggy address is located 0 bytes inside of
[ 3387.952899] 240-byte region [ffff888034920b40, ffff888034920c30)
[ 3387.954729]
[ 3387.954988] The buggy address belongs to the physical page:
[ 3387.955771] page:00000000969757d2 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888034920500 pfn:0x34920
[ 3387.957330] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3387.958428] raw: 000fffffc0000200 0000000000000000 dead000000000122 ffff888100041000
[ 3387.959618] raw: ffff888034920500 00000000800c000b 00000001ffffffff 0000000000000000
[ 3387.960711] page dumped because: kasan: bad access detected
[ 3387.961497]
[ 3387.961760] Memory state around the buggy address:
[ 3387.962548] ffff888034920a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3387.963721] ffff888034920a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[ 3387.964844] >ffff888034920b00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 3387.965901] ^
[ 3387.966806] ffff888034920b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3387.967965] ffff888034920c00: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[ 3387.969103] ==================================================================
[ 3387.970437] ok 41 - kmem_cache_double_destroy
[ 3387.970729] ok 42 - kasan_memchr # SKIP Test requires CONFIG_AMD_MEM_ENCRYPT=n
[ 3387.971637] ok 43 - kasan_memcmp # SKIP Test requires CONFIG_AMD_MEM_ENCRYPT=n
[ 3387.973038] ok 44 - kasan_strings # SKIP Test requires CONFIG_AMD_MEM_ENCRYPT=n
[ 3387.974349] ==================================================================
[ 3387.976357] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 3387.977601] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3387.978626]
[ 3387.978863] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3387.980684] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3387.981470] Call Trace:
[ 3387.981851]
[ 3387.982169] ? kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 3387.983056] dump_stack_lvl+0x57/0x81
[ 3387.983537] print_address_description.constprop.0+0x1f/0x1e0
[ 3387.984240] ? kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 3387.985032] print_report.cold+0x5c/0x237
[ 3387.985531] kasan_report+0xc9/0x100
[ 3387.985984] ? kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 3387.986771] kasan_check_range+0xfd/0x1e0
[ 3387.987270] kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 3387.988151] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 3387.988879] ? kunit_kfree+0x200/0x200 [kunit]
[ 3387.989472] ? rcu_read_lock_sched_held+0x12/0x80
[ 3387.990061] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3387.990735] ? rcu_read_lock_held+0x30/0x50
[ 3387.991253] ? trace_kmalloc+0x3c/0x100
[ 3387.991731] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3387.992366] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 3387.993109] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3387.994017] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3387.994711] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3387.995396] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3387.996071] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3387.996720] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3387.997464] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3387.998094] kthread+0x2a4/0x350
[ 3387.998503] ? kthread_complete_and_exit+0x20/0x20
[ 3387.999097] ret_from_fork+0x1f/0x30
[ 3387.999580]
[ 3387.999903]
[ 3388.000136] Allocated by task 121620:
[ 3388.000645] kasan_save_stack+0x1e/0x40
[ 3388.001149] __kasan_kmalloc+0x81/0xa0
[ 3388.001611] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.002268] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.002868] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.003606] kthread+0x2a4/0x350
[ 3388.004018] ret_from_fork+0x1f/0x30
[ 3388.004465]
[ 3388.004673] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.004673] which belongs to the cache kmalloc-16 of size 16
[ 3388.006215] The buggy address is located 8 bytes inside of
[ 3388.006215] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.007664]
[ 3388.007875] The buggy address belongs to the physical page:
[ 3388.008546] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x922b8
[ 3388.009652] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.010478] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.011405] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 3388.012330] page dumped because: kasan: bad access detected
[ 3388.013003]
[ 3388.013210] Memory state around the buggy address:
[ 3388.013794] ffff8880922b8e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 3388.014665] ffff8880922b8f00: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 3388.015536] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.016401] ^
[ 3388.017199] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.018073] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.018940] ==================================================================
[ 3388.019867] ==================================================================
[ 3388.020739] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 3388.021853] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.022766]
[ 3388.022978] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.024600] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.025297] Call Trace:
[ 3388.025610]
[ 3388.025890] ? kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 3388.026682] dump_stack_lvl+0x57/0x81
[ 3388.027145] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.027850] ? kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 3388.028745] print_report.cold+0x5c/0x237
[ 3388.029310] kasan_report+0xc9/0x100
[ 3388.029814] ? kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 3388.030667] kasan_check_range+0xfd/0x1e0
[ 3388.031169] kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 3388.031960] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 3388.032584] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.033142] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.033727] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.034412] ? rcu_read_lock_held+0x30/0x50
[ 3388.034933] ? trace_kmalloc+0x3c/0x100
[ 3388.035410] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.035996] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 3388.036654] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.037551] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.038251] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.038881] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.039480] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.040103] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.040845] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.041473] kthread+0x2a4/0x350
[ 3388.041987] ? kthread_complete_and_exit+0x20/0x20
[ 3388.042658] ret_from_fork+0x1f/0x30
[ 3388.043173]
[ 3388.043491]
[ 3388.043698] Allocated by task 121620:
[ 3388.044158] kasan_save_stack+0x1e/0x40
[ 3388.044633] __kasan_kmalloc+0x81/0xa0
[ 3388.045101] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.045756] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.046359] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.047098] kthread+0x2a4/0x350
[ 3388.047503] ret_from_fork+0x1f/0x30
[ 3388.048008]
[ 3388.048239] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.048239] which belongs to the cache kmalloc-16 of size 16
[ 3388.049835] The buggy address is located 8 bytes inside of
[ 3388.049835] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.051320]
[ 3388.051527] The buggy address belongs to the physical page:
[ 3388.052200] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8a40 pfn:0x922b8
[ 3388.053476] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.054305] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.055321] raw: ffff8880922b8a40 0000000080800079 00000001ffffffff 0000000000000000
[ 3388.056387] page dumped because: kasan: bad access detected
[ 3388.057146]
[ 3388.057377] Memory state around the buggy address:
[ 3388.058036] ffff8880922b8e80: fa fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.059008] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.059982] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.060956] ^
[ 3388.061747] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.062616] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.063481] ==================================================================
[ 3388.064399] ==================================================================
[ 3388.065378] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 3388.066595] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.067620]
[ 3388.067860] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.069676] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.070375] Call Trace:
[ 3388.070689]
[ 3388.070971] ? kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 3388.071767] dump_stack_lvl+0x57/0x81
[ 3388.072229] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.072938] ? kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 3388.073800] print_report.cold+0x5c/0x237
[ 3388.074376] kasan_report+0xc9/0x100
[ 3388.074829] ? kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 3388.075626] kasan_check_range+0xfd/0x1e0
[ 3388.076125] kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 3388.076904] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 3388.077525] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.078081] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.078663] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.079345] ? rcu_read_lock_held+0x30/0x50
[ 3388.079862] ? trace_kmalloc+0x3c/0x100
[ 3388.080336] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.080921] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 3388.081576] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.082469] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.083166] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.083827] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.084498] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.085168] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.085912] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.086537] kthread+0x2a4/0x350
[ 3388.086949] ? kthread_complete_and_exit+0x20/0x20
[ 3388.087537] ret_from_fork+0x1f/0x30
[ 3388.087997]
[ 3388.088283]
[ 3388.088490] Allocated by task 121620:
[ 3388.088947] kasan_save_stack+0x1e/0x40
[ 3388.089421] __kasan_kmalloc+0x81/0xa0
[ 3388.089890] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.090543] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.091147] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.091890] kthread+0x2a4/0x350
[ 3388.092296] ret_from_fork+0x1f/0x30
[ 3388.092739]
[ 3388.092950] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.092950] which belongs to the cache kmalloc-16 of size 16
[ 3388.094398] The buggy address is located 8 bytes inside of
[ 3388.094398] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.095754]
[ 3388.095966] The buggy address belongs to the physical page:
[ 3388.096634] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8280 pfn:0x922b8
[ 3388.097904] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.098727] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.099654] raw: ffff8880922b8640 000000008080006a 00000001ffffffff 0000000000000000
[ 3388.100651] page dumped because: kasan: bad access detected
[ 3388.101356]
[ 3388.101565] Memory state around the buggy address:
[ 3388.102153] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.103022] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.103906] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.104770] ^
[ 3388.105566] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.106471] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.107341] ==================================================================
[ 3388.108231] ==================================================================
[ 3388.109104] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 3388.110212] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.111131]
[ 3388.111340] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.112965] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.113664] Call Trace:
[ 3388.113986]
[ 3388.114263] ? kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 3388.115064] dump_stack_lvl+0x57/0x81
[ 3388.115522] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.116228] ? kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 3388.117032] print_report.cold+0x5c/0x237
[ 3388.117528] kasan_report+0xc9/0x100
[ 3388.117982] ? kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 3388.118776] kasan_check_range+0xfd/0x1e0
[ 3388.119275] kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 3388.120058] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 3388.120678] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.121298] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.121986] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.122744] ? rcu_read_lock_held+0x30/0x50
[ 3388.123283] ? trace_kmalloc+0x3c/0x100
[ 3388.123759] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.124343] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 3388.125011] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.125905] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.126597] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.127222] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.127826] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.128445] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.129191] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.129923] kthread+0x2a4/0x350
[ 3388.130393] ? kthread_complete_and_exit+0x20/0x20
[ 3388.130988] ret_from_fork+0x1f/0x30
[ 3388.131443]
[ 3388.131727]
[ 3388.131939] Allocated by task 121620:
[ 3388.132395] kasan_save_stack+0x1e/0x40
[ 3388.132871] __kasan_kmalloc+0x81/0xa0
[ 3388.133335] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.133996] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.134595] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.135339] kthread+0x2a4/0x350
[ 3388.135745] ret_from_fork+0x1f/0x30
[ 3388.136197]
[ 3388.136405] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.136405] which belongs to the cache kmalloc-16 of size 16
[ 3388.137857] The buggy address is located 8 bytes inside of
[ 3388.137857] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.139219]
[ 3388.139428] The buggy address belongs to the physical page:
[ 3388.140100] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8640 pfn:0x922b8
[ 3388.141353] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.142257] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.143304] raw: ffff8880922b8640 000000008080006a 00000001ffffffff 0000000000000000
[ 3388.144356] page dumped because: kasan: bad access detected
[ 3388.145114]
[ 3388.145345] Memory state around the buggy address:
[ 3388.146029] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.147003] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.147973] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.148942] ^
[ 3388.149837] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.150803] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.151775] ==================================================================
[ 3388.152860] ==================================================================
[ 3388.153860] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 3388.155040] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.155986]
[ 3388.156198] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.157985] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.158735] Call Trace:
[ 3388.159054]
[ 3388.159332] ? kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 3388.160136] dump_stack_lvl+0x57/0x81
[ 3388.160595] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.161300] ? kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 3388.162146] print_report.cold+0x5c/0x237
[ 3388.162702] kasan_report+0xc9/0x100
[ 3388.163186] ? kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 3388.163989] kasan_check_range+0xfd/0x1e0
[ 3388.164487] kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 3388.165267] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 3388.165892] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.166445] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.167032] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.167708] ? rcu_read_lock_held+0x30/0x50
[ 3388.168225] ? trace_kmalloc+0x3c/0x100
[ 3388.168701] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.169285] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 3388.169947] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.170841] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.171534] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.172163] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.172763] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.173386] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.174132] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.174759] kthread+0x2a4/0x350
[ 3388.175171] ? kthread_complete_and_exit+0x20/0x20
[ 3388.175759] ret_from_fork+0x1f/0x30
[ 3388.176220]
[ 3388.176503]
[ 3388.176709] Allocated by task 121620:
[ 3388.177167] kasan_save_stack+0x1e/0x40
[ 3388.177641] __kasan_kmalloc+0x81/0xa0
[ 3388.178109] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.178762] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.179367] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.180113] kthread+0x2a4/0x350
[ 3388.180520] ret_from_fork+0x1f/0x30
[ 3388.180971]
[ 3388.181179] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.181179] which belongs to the cache kmalloc-16 of size 16
[ 3388.182634] The buggy address is located 8 bytes inside of
[ 3388.182634] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.183998]
[ 3388.184207] The buggy address belongs to the physical page:
[ 3388.184889] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8640 pfn:0x922b8
[ 3388.186145] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.186975] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.187900] raw: ffff8880922b8640 000000008080006a 00000001ffffffff 0000000000000000
[ 3388.188825] page dumped because: kasan: bad access detected
[ 3388.189496]
[ 3388.189703] Memory state around the buggy address:
[ 3388.190289] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.191159] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.192029] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.192960] ^
[ 3388.193861] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.194723] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.195588] ==================================================================
[ 3388.196491] ==================================================================
[ 3388.197362] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 3388.198473] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.199389]
[ 3388.199597] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.201234] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.201938] Call Trace:
[ 3388.202251]
[ 3388.202529] ? kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 3388.203332] dump_stack_lvl+0x57/0x81
[ 3388.203809] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.204514] ? kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 3388.205316] print_report.cold+0x5c/0x237
[ 3388.205822] kasan_report+0xc9/0x100
[ 3388.206297] ? kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 3388.207108] kasan_check_range+0xfd/0x1e0
[ 3388.207604] kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 3388.208389] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 3388.209023] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.209574] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.210164] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.210848] ? rcu_read_lock_held+0x30/0x50
[ 3388.211365] ? trace_kmalloc+0x3c/0x100
[ 3388.211848] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.212429] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 3388.213089] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.213985] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.214677] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.215304] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.215907] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.216527] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.217273] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.217906] kthread+0x2a4/0x350
[ 3388.218314] ? kthread_complete_and_exit+0x20/0x20
[ 3388.218906] ret_from_fork+0x1f/0x30
[ 3388.219363]
[ 3388.219647]
[ 3388.219859] Allocated by task 121620:
[ 3388.220313] kasan_save_stack+0x1e/0x40
[ 3388.220787] __kasan_kmalloc+0x81/0xa0
[ 3388.221256] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.221918] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.222516] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.223258] kthread+0x2a4/0x350
[ 3388.223665] ret_from_fork+0x1f/0x30
[ 3388.224117]
[ 3388.224324] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.224324] which belongs to the cache kmalloc-16 of size 16
[ 3388.225775] The buggy address is located 8 bytes inside of
[ 3388.225775] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.227145]
[ 3388.227352] The buggy address belongs to the physical page:
[ 3388.228024] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8640 pfn:0x922b8
[ 3388.229277] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.230108] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.231036] raw: ffff8880922b8640 000000008080006a 00000001ffffffff 0000000000000000
[ 3388.231958] page dumped because: kasan: bad access detected
[ 3388.232627]
[ 3388.232837] Memory state around the buggy address:
[ 3388.233420] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.234289] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.235159] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.236031] ^
[ 3388.236828] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.237691] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.238561] ==================================================================
[ 3388.239462] ==================================================================
[ 3388.240335] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 3388.241441] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.242356]
[ 3388.242563] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.244195] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.244894] Call Trace:
[ 3388.245208]
[ 3388.245484] ? kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 3388.246283] dump_stack_lvl+0x57/0x81
[ 3388.246739] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.247442] ? kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 3388.248242] print_report.cold+0x5c/0x237
[ 3388.248740] kasan_report+0xc9/0x100
[ 3388.249190] ? kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 3388.250009] kasan_check_range+0xfd/0x1e0
[ 3388.250502] kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 3388.251289] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 3388.251915] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.252466] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.253049] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.253737] ? rcu_read_lock_held+0x30/0x50
[ 3388.254256] ? trace_kmalloc+0x3c/0x100
[ 3388.254732] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.255316] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 3388.255974] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.256893] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.257588] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.258213] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.258818] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.259439] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.260183] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.260818] kthread+0x2a4/0x350
[ 3388.261229] ? kthread_complete_and_exit+0x20/0x20
[ 3388.261823] ret_from_fork+0x1f/0x30
[ 3388.262283]
[ 3388.262568]
[ 3388.262775] Allocated by task 121620:
[ 3388.263235] kasan_save_stack+0x1e/0x40
[ 3388.263709] __kasan_kmalloc+0x81/0xa0
[ 3388.264178] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.264838] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.265437] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.266178] kthread+0x2a4/0x350
[ 3388.266584] ret_from_fork+0x1f/0x30
[ 3388.267036]
[ 3388.267244] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.267244] which belongs to the cache kmalloc-16 of size 16
[ 3388.268701] The buggy address is located 8 bytes inside of
[ 3388.268701] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.270061]
[ 3388.270269] The buggy address belongs to the physical page:
[ 3388.270945] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8640 pfn:0x922b8
[ 3388.272202] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.273086] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.274103] raw: ffff8880922b8640 000000008080006a 00000001ffffffff 0000000000000000
[ 3388.275025] page dumped because: kasan: bad access detected
[ 3388.275693]
[ 3388.275908] Memory state around the buggy address:
[ 3388.276491] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.277357] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.278222] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.279088] ^
[ 3388.279880] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.280743] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.281612] ==================================================================
[ 3388.282508] ==================================================================
[ 3388.283378] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 3388.284487] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.285405]
[ 3388.285613] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.287237] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.287937] Call Trace:
[ 3388.288253]
[ 3388.288529] ? kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 3388.289329] dump_stack_lvl+0x57/0x81
[ 3388.289792] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.290558] ? kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 3388.291382] print_report.cold+0x5c/0x237
[ 3388.291889] kasan_report+0xc9/0x100
[ 3388.292337] ? kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 3388.293194] kasan_check_range+0xfd/0x1e0
[ 3388.293751] kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 3388.294603] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 3388.295231] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.295785] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.296370] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.297049] ? rcu_read_lock_held+0x30/0x50
[ 3388.297581] ? trace_kmalloc+0x3c/0x100
[ 3388.298064] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.298644] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 3388.299305] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.300206] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.300903] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.301524] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.302127] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.302744] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.303487] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.304151] kthread+0x2a4/0x350
[ 3388.304607] ? kthread_complete_and_exit+0x20/0x20
[ 3388.305270] ret_from_fork+0x1f/0x30
[ 3388.305745]
[ 3388.306035]
[ 3388.306243] Allocated by task 121620:
[ 3388.306698] kasan_save_stack+0x1e/0x40
[ 3388.307175] __kasan_kmalloc+0x81/0xa0
[ 3388.307638] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.308294] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.308896] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.309632] kthread+0x2a4/0x350
[ 3388.310043] ret_from_fork+0x1f/0x30
[ 3388.310488]
[ 3388.310695] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.310695] which belongs to the cache kmalloc-16 of size 16
[ 3388.312156] The buggy address is located 8 bytes inside of
[ 3388.312156] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.313513]
[ 3388.313720] The buggy address belongs to the physical page:
[ 3388.314395] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8640 pfn:0x922b8
[ 3388.315650] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.316478] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.317403] raw: ffff8880922b8640 000000008080006a 00000001ffffffff 0000000000000000
[ 3388.318475] page dumped because: kasan: bad access detected
[ 3388.319211]
[ 3388.319419] Memory state around the buggy address:
[ 3388.320006] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.320878] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.321981] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.322988] ^
[ 3388.323827] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.324815] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.325681] ==================================================================
[ 3388.326578] ==================================================================
[ 3388.327454] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 3388.328648] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.329565]
[ 3388.329774] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.331537] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.332244] Call Trace:
[ 3388.332559]
[ 3388.332846] ? kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 3388.333725] dump_stack_lvl+0x57/0x81
[ 3388.334189] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.334993] ? kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 3388.336016] print_report.cold+0x5c/0x237
[ 3388.336577] kasan_report+0xc9/0x100
[ 3388.337088] ? kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 3388.338057] kasan_check_range+0xfd/0x1e0
[ 3388.338613] kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 3388.339600] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 3388.340516] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.341152] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.341807] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.342574] ? rcu_read_lock_held+0x30/0x50
[ 3388.343166] ? trace_kmalloc+0x3c/0x100
[ 3388.343699] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.344371] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 3388.345127] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.346169] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.346968] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.347666] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.348342] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.349039] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.349871] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.350572] kthread+0x2a4/0x350
[ 3388.351033] ? kthread_complete_and_exit+0x20/0x20
[ 3388.351692] ret_from_fork+0x1f/0x30
[ 3388.352207]
[ 3388.352527]
[ 3388.352760] Allocated by task 121620:
[ 3388.353272] kasan_save_stack+0x1e/0x40
[ 3388.353850] __kasan_kmalloc+0x81/0xa0
[ 3388.354373] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.355116] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.355788] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.356622] kthread+0x2a4/0x350
[ 3388.357081] ret_from_fork+0x1f/0x30
[ 3388.357582]
[ 3388.357817] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.357817] which belongs to the cache kmalloc-16 of size 16
[ 3388.359455] The buggy address is located 8 bytes inside of
[ 3388.359455] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.360990]
[ 3388.361223] The buggy address belongs to the physical page:
[ 3388.361993] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8640 pfn:0x922b8
[ 3388.363400] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.364329] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.365372] raw: ffff8880922b8640 000000008080006a 00000001ffffffff 0000000000000000
[ 3388.366415] page dumped because: kasan: bad access detected
[ 3388.367170]
[ 3388.367403] Memory state around the buggy address:
[ 3388.368062] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.369036] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.370011] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.370986] ^
[ 3388.371893] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.372869] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.373848] ==================================================================
[ 3388.374849] ==================================================================
[ 3388.375831] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 3388.377133] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.378117]
[ 3388.378327] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.379960] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.380658] Call Trace:
[ 3388.380979]
[ 3388.381258] ? kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 3388.382155] dump_stack_lvl+0x57/0x81
[ 3388.382616] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.383322] ? kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 3388.384216] print_report.cold+0x5c/0x237
[ 3388.384717] kasan_report+0xc9/0x100
[ 3388.385172] ? kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 3388.386069] kasan_check_range+0xfd/0x1e0
[ 3388.386566] kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 3388.387444] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 3388.388250] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.388806] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.389388] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.390071] ? rcu_read_lock_held+0x30/0x50
[ 3388.390586] ? trace_kmalloc+0x3c/0x100
[ 3388.391065] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.391646] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 3388.392317] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.393332] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.394116] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.394803] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.395403] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.396093] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.396923] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.397553] kthread+0x2a4/0x350
[ 3388.397965] ? kthread_complete_and_exit+0x20/0x20
[ 3388.398551] ret_from_fork+0x1f/0x30
[ 3388.399010]
[ 3388.399293]
[ 3388.399500] Allocated by task 121620:
[ 3388.399958] kasan_save_stack+0x1e/0x40
[ 3388.400432] __kasan_kmalloc+0x81/0xa0
[ 3388.400902] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.401617] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.402289] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.403117] kthread+0x2a4/0x350
[ 3388.403572] ret_from_fork+0x1f/0x30
[ 3388.404133]
[ 3388.404368] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.404368] which belongs to the cache kmalloc-16 of size 16
[ 3388.405918] The buggy address is located 8 bytes inside of
[ 3388.405918] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.407280]
[ 3388.407487] The buggy address belongs to the physical page:
[ 3388.408161] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8520 pfn:0x922b8
[ 3388.409418] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.410244] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.411172] raw: ffff8880922b8520 0000000080800069 00000001ffffffff 0000000000000000
[ 3388.412145] page dumped because: kasan: bad access detected
[ 3388.412916]
[ 3388.413149] Memory state around the buggy address:
[ 3388.413782] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.414651] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.415559] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.416435] ^
[ 3388.417231] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.418103] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.418975] ==================================================================
[ 3388.419873] ==================================================================
[ 3388.420745] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 3388.421954] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.422874]
[ 3388.423083] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.424703] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.425402] Call Trace:
[ 3388.425716]
[ 3388.425996] ? kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 3388.426890] dump_stack_lvl+0x57/0x81
[ 3388.427349] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.428055] ? kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 3388.428946] print_report.cold+0x5c/0x237
[ 3388.429444] kasan_report+0xc9/0x100
[ 3388.429894] ? kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 3388.430786] kasan_check_range+0xfd/0x1e0
[ 3388.431290] kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 3388.432167] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 3388.432969] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.433523] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.434107] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.434791] ? rcu_read_lock_held+0x30/0x50
[ 3388.435371] ? trace_kmalloc+0x3c/0x100
[ 3388.435911] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.436492] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 3388.437166] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.438059] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.438750] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.439374] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.439978] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.440647] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.441477] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.442130] kthread+0x2a4/0x350
[ 3388.442539] ? kthread_complete_and_exit+0x20/0x20
[ 3388.443131] ret_from_fork+0x1f/0x30
[ 3388.443639]
[ 3388.443961]
[ 3388.444195] Allocated by task 121620:
[ 3388.444733] kasan_save_stack+0x1e/0x40
[ 3388.445249] __kasan_kmalloc+0x81/0xa0
[ 3388.445711] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.446369] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.446970] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.447707] kthread+0x2a4/0x350
[ 3388.448117] ret_from_fork+0x1f/0x30
[ 3388.448561]
[ 3388.448768] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.448768] which belongs to the cache kmalloc-16 of size 16
[ 3388.450219] The buggy address is located 8 bytes inside of
[ 3388.450219] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.451579]
[ 3388.451831] The buggy address belongs to the physical page:
[ 3388.452578] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8520 pfn:0x922b8
[ 3388.453997] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.454984] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.456047] raw: ffff8880922b8520 0000000080800069 00000001ffffffff 0000000000000000
[ 3388.457105] page dumped because: kasan: bad access detected
[ 3388.457838]
[ 3388.458081] Memory state around the buggy address:
[ 3388.458736] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.459646] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.460588] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.461560] ^
[ 3388.462389] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.463345] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.464318] ==================================================================
[ 3388.465342] ==================================================================
[ 3388.466324] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 3388.467675] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.468702]
[ 3388.468940] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.470681] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.471385] Call Trace:
[ 3388.471699]
[ 3388.471980] ? kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 3388.472930] dump_stack_lvl+0x57/0x81
[ 3388.473444] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.474240] ? kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 3388.475240] print_report.cold+0x5c/0x237
[ 3388.475813] kasan_report+0xc9/0x100
[ 3388.476262] ? kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 3388.477241] kasan_check_range+0xfd/0x1e0
[ 3388.477812] kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 3388.478831] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 3388.479737] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.480363] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.481049] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.481820] ? rcu_read_lock_held+0x30/0x50
[ 3388.482394] ? trace_kmalloc+0x3c/0x100
[ 3388.482928] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.483576] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 3388.484328] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.485330] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.486108] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.486811] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.487482] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.488178] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.489022] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.489726] kthread+0x2a4/0x350
[ 3388.490186] ? kthread_complete_and_exit+0x20/0x20
[ 3388.490850] ret_from_fork+0x1f/0x30
[ 3388.491363]
[ 3388.491683]
[ 3388.491920] Allocated by task 121620:
[ 3388.492428] kasan_save_stack+0x1e/0x40
[ 3388.492967] __kasan_kmalloc+0x81/0xa0
[ 3388.493486] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.494227] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.494901] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.495731] kthread+0x2a4/0x350
[ 3388.496191] ret_from_fork+0x1f/0x30
[ 3388.496690]
[ 3388.496931] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.496931] which belongs to the cache kmalloc-16 of size 16
[ 3388.498562] The buggy address is located 8 bytes inside of
[ 3388.498562] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.500092]
[ 3388.500326] The buggy address belongs to the physical page:
[ 3388.501082] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8520 pfn:0x922b8
[ 3388.502493] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.503422] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.504525] raw: ffff8880922b8520 0000000080800069 00000001ffffffff 0000000000000000
[ 3388.505561] page dumped because: kasan: bad access detected
[ 3388.506313]
[ 3388.506545] Memory state around the buggy address:
[ 3388.507200] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.508171] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.509142] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.510112] ^
[ 3388.511000] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.511972] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.512942] ==================================================================
[ 3388.513941] ==================================================================
[ 3388.514920] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 3388.515883] systemd-journald[692]: Data hash table of /run/log/journal/d96c033585da4d52b0a41cc49bb29492/system.journal has a fill level at 75.0 (6997 of 9329 items, 5373952 file size, 768 bytes per hash table item), suggesting rotation.
[ 3388.516262] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.519119] systemd-journald[692]: /run/log/journal/d96c033585da4d52b0a41cc49bb29492/system.journal: Journal header limits reached or header out-of-date, rotating.
[ 3388.520070]
[ 3388.520074] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.520080] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.520082] Call Trace:
[ 3388.520086]
[ 3388.525510] ? kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 3388.526516] dump_stack_lvl+0x57/0x81
[ 3388.527033] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.527823] ? kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 3388.528823] print_report.cold+0x5c/0x237
[ 3388.529371] kasan_report+0xc9/0x100
[ 3388.529826] ? kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 3388.530812] kasan_check_range+0xfd/0x1e0
[ 3388.531370] kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 3388.532371] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 3388.533288] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.533923] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.534589] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.535366] ? rcu_read_lock_held+0x30/0x50
[ 3388.535947] ? trace_kmalloc+0x3c/0x100
[ 3388.536482] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.537149] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 3388.537907] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.538913] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.539696] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.540399] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.541077] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.541772] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.542606] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.543314] kthread+0x2a4/0x350
[ 3388.543772] ? kthread_complete_and_exit+0x20/0x20
[ 3388.544438] ret_from_fork+0x1f/0x30
[ 3388.544955]
[ 3388.545275]
[ 3388.545508] Allocated by task 121620:
[ 3388.546021] kasan_save_stack+0x1e/0x40
[ 3388.546553] __kasan_kmalloc+0x81/0xa0
[ 3388.547078] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.547817] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.548490] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.549325] kthread+0x2a4/0x350
[ 3388.549786] ret_from_fork+0x1f/0x30
[ 3388.550287]
[ 3388.550520] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.550520] which belongs to the cache kmalloc-16 of size 16
[ 3388.552173] The buggy address is located 8 bytes inside of
[ 3388.552173] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.553697]
[ 3388.553934] The buggy address belongs to the physical page:
[ 3388.554736] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8520 pfn:0x922b8
[ 3388.556151] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.557078] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.558123] raw: ffff8880922b8520 0000000080800069 00000001ffffffff 0000000000000000
[ 3388.559162] page dumped because: kasan: bad access detected
[ 3388.559914]
[ 3388.560147] Memory state around the buggy address:
[ 3388.560806] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.561774] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.562747] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.563720] ^
[ 3388.564607] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.565576] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.566545] ==================================================================
[ 3388.567561] ==================================================================
[ 3388.568536] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 3388.569915] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.570990]
[ 3388.571224] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.573039] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.573820] Call Trace:
[ 3388.574173]
[ 3388.574483] ? kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 3388.575484] dump_stack_lvl+0x57/0x81
[ 3388.576002] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.576791] ? kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 3388.577790] print_report.cold+0x5c/0x237
[ 3388.578347] kasan_report+0xc9/0x100
[ 3388.578853] ? kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 3388.579852] kasan_check_range+0xfd/0x1e0
[ 3388.580405] kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 3388.581382] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 3388.582277] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.582896] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.583545] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.584303] ? rcu_read_lock_held+0x30/0x50
[ 3388.584883] ? trace_kmalloc+0x3c/0x100
[ 3388.585413] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.586067] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 3388.586815] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.587818] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.588592] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.589290] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.589968] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.590659] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.591488] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.592197] kthread+0x2a4/0x350
[ 3388.592653] ? kthread_complete_and_exit+0x20/0x20
[ 3388.593314] ret_from_fork+0x1f/0x30
[ 3388.593827]
[ 3388.594145]
[ 3388.594378] Allocated by task 121620:
[ 3388.594889] kasan_save_stack+0x1e/0x40
[ 3388.595418] __kasan_kmalloc+0x81/0xa0
[ 3388.595941] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.596674] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.597345] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.598172] kthread+0x2a4/0x350
[ 3388.598626] ret_from_fork+0x1f/0x30
[ 3388.599126]
[ 3388.599357] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.599357] which belongs to the cache kmalloc-16 of size 16
[ 3388.600983] The buggy address is located 8 bytes inside of
[ 3388.600983] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.602498]
[ 3388.602730] The buggy address belongs to the physical page:
[ 3388.603482] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b85a0 pfn:0x922b8
[ 3388.604963] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.605891] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.606948] raw: ffff8880922b85a0 0000000080800066 00000001ffffffff 0000000000000000
[ 3388.607991] page dumped because: kasan: bad access detected
[ 3388.608747]
[ 3388.608984] Memory state around the buggy address:
[ 3388.609660] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 3388.610632] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.611567] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.612438] ^
[ 3388.613234] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.614122] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.615103] ==================================================================
[ 3388.616136] ==================================================================
[ 3388.617121] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 3388.618464] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.619489]
[ 3388.619722] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.621546] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.622331] Call Trace:
[ 3388.622682]
[ 3388.622996] ? kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 3388.623997] dump_stack_lvl+0x57/0x81
[ 3388.624511] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.625301] ? kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 3388.626297] print_report.cold+0x5c/0x237
[ 3388.626858] kasan_report+0xc9/0x100
[ 3388.627360] ? kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 3388.628359] kasan_check_range+0xfd/0x1e0
[ 3388.628918] kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 3388.629917] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 3388.630815] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.631434] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.632089] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.632846] ? rcu_read_lock_held+0x30/0x50
[ 3388.633419] ? trace_kmalloc+0x3c/0x100
[ 3388.633953] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.634608] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 3388.635355] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.636353] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.637130] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.637831] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.638499] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.639193] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.640025] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.640724] kthread+0x2a4/0x350
[ 3388.641182] ? kthread_complete_and_exit+0x20/0x20
[ 3388.641844] ret_from_fork+0x1f/0x30
[ 3388.642354]
[ 3388.642671]
[ 3388.642905] Allocated by task 121620:
[ 3388.643436] kasan_save_stack+0x1e/0x40
[ 3388.643975] __kasan_kmalloc+0x81/0xa0
[ 3388.644497] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.645235] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.645909] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.646734] kthread+0x2a4/0x350
[ 3388.647195] ret_from_fork+0x1f/0x30
[ 3388.647694]
[ 3388.647931] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.647931] which belongs to the cache kmalloc-16 of size 16
[ 3388.649562] The buggy address is located 8 bytes inside of
[ 3388.649562] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.651082]
[ 3388.651315] The buggy address belongs to the physical page:
[ 3388.652066] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8660 pfn:0x922b8
[ 3388.653471] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.654398] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.655469] raw: ffff8880922b8260 0000000080800056 00000001ffffffff 0000000000000000
[ 3388.656459] page dumped because: kasan: bad access detected
[ 3388.657206]
[ 3388.657437] Memory state around the buggy address:
[ 3388.658092] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 3388.659063] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.660035] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.661013] ^
[ 3388.661904] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.662875] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.663843] ==================================================================
[ 3388.664838] ==================================================================
[ 3388.665814] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 3388.667164] Read of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.668180]
[ 3388.668414] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.670234] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.671015] Call Trace:
[ 3388.671366]
[ 3388.671675] ? kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 3388.672673] dump_stack_lvl+0x57/0x81
[ 3388.673190] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.673980] ? kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 3388.674978] print_report.cold+0x5c/0x237
[ 3388.675535] kasan_report+0xc9/0x100
[ 3388.676043] ? kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 3388.677044] kasan_check_range+0xfd/0x1e0
[ 3388.677600] kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 3388.678578] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 3388.679475] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.680097] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.680746] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.681504] ? rcu_read_lock_held+0x30/0x50
[ 3388.682081] ? trace_kmalloc+0x3c/0x100
[ 3388.682613] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.683268] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 3388.684019] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.685031] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.685812] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.686509] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.687187] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.687886] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.688712] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.689420] kthread+0x2a4/0x350
[ 3388.689881] ? kthread_complete_and_exit+0x20/0x20
[ 3388.690540] ret_from_fork+0x1f/0x30
[ 3388.691056]
[ 3388.691375]
[ 3388.691608] Allocated by task 121620:
[ 3388.692119] kasan_save_stack+0x1e/0x40
[ 3388.692651] __kasan_kmalloc+0x81/0xa0
[ 3388.693177] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.693915] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.694607] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.695439] kthread+0x2a4/0x350
[ 3388.695899] ret_from_fork+0x1f/0x30
[ 3388.696399]
[ 3388.696635] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.696635] which belongs to the cache kmalloc-16 of size 16
[ 3388.698266] The buggy address is located 8 bytes inside of
[ 3388.698266] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.699788]
[ 3388.700020] The buggy address belongs to the physical page:
[ 3388.700776] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8260 pfn:0x922b8
[ 3388.702182] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.703110] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.704146] raw: ffff8880922b8260 0000000080800056 00000001ffffffff 0000000000000000
[ 3388.705214] page dumped because: kasan: bad access detected
[ 3388.705969]
[ 3388.706201] Memory state around the buggy address:
[ 3388.706855] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 3388.707827] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.708797] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.709762] ^
[ 3388.710653] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.711622] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.712589] ==================================================================
[ 3388.713592] ==================================================================
[ 3388.714567] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 3388.715916] Read of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.716930]
[ 3388.717162] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.718981] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.719759] Call Trace:
[ 3388.720114]
[ 3388.720422] ? kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 3388.721420] dump_stack_lvl+0x57/0x81
[ 3388.721935] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.722717] ? kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 3388.723712] print_report.cold+0x5c/0x237
[ 3388.724273] kasan_report+0xc9/0x100
[ 3388.724779] ? kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 3388.725777] kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 3388.726748] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 3388.727646] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.728268] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.728922] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.729675] ? rcu_read_lock_held+0x30/0x50
[ 3388.730253] ? trace_kmalloc+0x3c/0x100
[ 3388.730787] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.731434] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 3388.732180] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.733180] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.733957] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.734652] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.735325] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.736020] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.736851] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.737551] kthread+0x2a4/0x350
[ 3388.738015] ? kthread_complete_and_exit+0x20/0x20
[ 3388.738672] ret_from_fork+0x1f/0x30
[ 3388.739189]
[ 3388.739511]
[ 3388.739745] Allocated by task 121620:
[ 3388.740258] kasan_save_stack+0x1e/0x40
[ 3388.740791] __kasan_kmalloc+0x81/0xa0
[ 3388.741310] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.742050] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.742761] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.743605] kthread+0x2a4/0x350
[ 3388.744085] ret_from_fork+0x1f/0x30
[ 3388.744591]
[ 3388.744828] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.744828] which belongs to the cache kmalloc-16 of size 16
[ 3388.746453] The buggy address is located 8 bytes inside of
[ 3388.746453] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.747973]
[ 3388.748204] The buggy address belongs to the physical page:
[ 3388.748959] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8260 pfn:0x922b8
[ 3388.750358] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.751283] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.752317] raw: ffff8880922b8260 0000000080800056 00000001ffffffff 0000000000000000
[ 3388.753352] page dumped because: kasan: bad access detected
[ 3388.754078]
[ 3388.754286] Memory state around the buggy address:
[ 3388.754874] ffff8880922b8e80: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 3388.755880] ffff8880922b8f00: fa fb fc fc fb fb fc fc fa fb fc fc fb fb fc fc
[ 3388.756816] >ffff8880922b8f80: fa fb fc fc fa fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.757683] ^
[ 3388.758508] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.759477] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.760364] ==================================================================
[ 3388.761266] ==================================================================
[ 3388.762143] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 3388.763346] Write of size 8 at addr ffff8880922b8fe8 by task kunit_try_catch/121620
[ 3388.764360]
[ 3388.764595] CPU: 1 PID: 121620 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.766377] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.767078] Call Trace:
[ 3388.767395]
[ 3388.767678] ? kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 3388.768580] dump_stack_lvl+0x57/0x81
[ 3388.769113] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.769905] ? kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 3388.770873] print_report.cold+0x5c/0x237
[ 3388.771373] kasan_report+0xc9/0x100
[ 3388.771827] ? kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 3388.772744] kasan_check_range+0xfd/0x1e0
[ 3388.773301] kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 3388.774249] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 3388.775059] ? kunit_kfree+0x200/0x200 [kunit]
[ 3388.775612] ? rcu_read_lock_sched_held+0x12/0x80
[ 3388.776201] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.776928] ? rcu_read_lock_held+0x30/0x50
[ 3388.777503] ? trace_kmalloc+0x3c/0x100
[ 3388.778034] ? kmem_cache_alloc_trace+0x1af/0x320
[ 3388.778615] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 3388.779285] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 3388.780179] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 3388.780875] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.781497] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.782101] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.782757] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.783588] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.784314] kthread+0x2a4/0x350
[ 3388.784778] ? kthread_complete_and_exit+0x20/0x20
[ 3388.785437] ret_from_fork+0x1f/0x30
[ 3388.785964]
[ 3388.786283]
[ 3388.786515] Allocated by task 121620:
[ 3388.787030] kasan_save_stack+0x1e/0x40
[ 3388.787559] __kasan_kmalloc+0x81/0xa0
[ 3388.788083] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 3388.788823] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.789494] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.790326] kthread+0x2a4/0x350
[ 3388.790791] ret_from_fork+0x1f/0x30
[ 3388.791293]
[ 3388.791525] The buggy address belongs to the object at ffff8880922b8fe0
[ 3388.791525] which belongs to the cache kmalloc-16 of size 16
[ 3388.793152] The buggy address is located 8 bytes inside of
[ 3388.793152] 16-byte region [ffff8880922b8fe0, ffff8880922b8ff0)
[ 3388.794675]
[ 3388.794913] The buggy address belongs to the physical page:
[ 3388.795660] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8d80 pfn:0x922b8
[ 3388.797069] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.797993] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.799028] raw: ffff8880922b86c0 000000008080003c 00000001ffffffff 0000000000000000
[ 3388.800064] page dumped because: kasan: bad access detected
[ 3388.800818]
[ 3388.801050] Memory state around the buggy address:
[ 3388.801703] ffff8880922b8e80: fb fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 3388.802673] ffff8880922b8f00: fa fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 3388.803643] >ffff8880922b8f80: fb fb fc fc fb fb fc fc fb fb fc fc 00 01 fc fc
[ 3388.804616] ^
[ 3388.805531] ffff8880922b9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.806506] ffff8880922b9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.807397] ==================================================================
[ 3388.808440] ok 45 - kasan_bitops_generic
[ 3388.809064] ok 46 - kasan_bitops_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 3388.809849] ==================================================================
[ 3388.811693] BUG: KASAN: use-after-free in kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 3388.812794] Read of size 1 at addr ffff8880922b88c0 by task kunit_try_catch/121623
[ 3388.813698]
[ 3388.813909] CPU: 1 PID: 121623 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.815529] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.816229] Call Trace:
[ 3388.816545]
[ 3388.816825] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 3388.817528] dump_stack_lvl+0x57/0x81
[ 3388.817993] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.818696] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 3388.819400] print_report.cold+0x5c/0x237
[ 3388.819964] kasan_report+0xc9/0x100
[ 3388.820472] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 3388.821218] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 3388.821923] __kasan_check_byte+0x36/0x50
[ 3388.822421] kfree_sensitive+0x1b/0x60
[ 3388.822894] kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 3388.823573] ? vmalloc_oob+0x5e0/0x5e0 [test_kasan]
[ 3388.824174] ? do_raw_spin_trylock+0xb5/0x180
[ 3388.824717] ? do_raw_spin_lock+0x270/0x270
[ 3388.825238] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.825922] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.826546] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.827150] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.827774] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.828515] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.829147] kthread+0x2a4/0x350
[ 3388.829556] ? kthread_complete_and_exit+0x20/0x20
[ 3388.830149] ret_from_fork+0x1f/0x30
[ 3388.830606]
[ 3388.830894]
[ 3388.831101] Allocated by task 121623:
[ 3388.831555] kasan_save_stack+0x1e/0x40
[ 3388.832037] __kasan_kmalloc+0x81/0xa0
[ 3388.832503] kmalloc_double_kzfree+0x9a/0x270 [test_kasan]
[ 3388.833171] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.833805] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.834632] kthread+0x2a4/0x350
[ 3388.835077] ret_from_fork+0x1f/0x30
[ 3388.835523]
[ 3388.835730] Freed by task 121623:
[ 3388.836150] kasan_save_stack+0x1e/0x40
[ 3388.836623] kasan_set_track+0x21/0x30
[ 3388.837093] kasan_set_free_info+0x20/0x40
[ 3388.837596] __kasan_slab_free+0x108/0x170
[ 3388.838108] slab_free_freelist_hook+0x11d/0x1d0
[ 3388.838678] kfree+0xe2/0x3c0
[ 3388.839061] kmalloc_double_kzfree+0x137/0x270 [test_kasan]
[ 3388.839735] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.840338] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.841085] kthread+0x2a4/0x350
[ 3388.841491] ret_from_fork+0x1f/0x30
[ 3388.841943]
[ 3388.842151] The buggy address belongs to the object at ffff8880922b88c0
[ 3388.842151] which belongs to the cache kmalloc-16 of size 16
[ 3388.843647] The buggy address is located 0 bytes inside of
[ 3388.843647] 16-byte region [ffff8880922b88c0, ffff8880922b88d0)
[ 3388.845172]
[ 3388.845405] The buggy address belongs to the physical page:
[ 3388.846159] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b86c0 pfn:0x922b8
[ 3388.847565] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.848493] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.849531] raw: ffff8880922b86c0 000000008080003c 00000001ffffffff 0000000000000000
[ 3388.850569] page dumped because: kasan: bad access detected
[ 3388.851341]
[ 3388.851575] Memory state around the buggy address:
[ 3388.852233] ffff8880922b8780: 00 00 fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 3388.853207] ffff8880922b8800: fb fb fc fc 00 00 fc fc fb fb fc fc fa fb fc fc
[ 3388.854180] >ffff8880922b8880: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc
[ 3388.855069] ^
[ 3388.855793] ffff8880922b8900: 00 00 fc fc fb fb fc fc 00 00 fc fc fa fb fc fc
[ 3388.856766] ffff8880922b8980: fb fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 3388.857634] ==================================================================
[ 3388.858568] ==================================================================
[ 3388.859542] BUG: KASAN: double-free or invalid-free in kfree+0xe2/0x3c0
[ 3388.860388]
[ 3388.860596] CPU: 1 PID: 121623 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.862214] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.862912] Call Trace:
[ 3388.863227]
[ 3388.863504] dump_stack_lvl+0x57/0x81
[ 3388.863965] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.864667] print_report.cold+0x5c/0x237
[ 3388.865169] ? kfree+0xe2/0x3c0
[ 3388.865570] ? kfree+0xe2/0x3c0
[ 3388.865976] kasan_report_invalid_free+0x99/0xc0
[ 3388.866545] ? kfree+0xe2/0x3c0
[ 3388.866947] ? kfree+0xe2/0x3c0
[ 3388.867362] __kasan_slab_free+0x152/0x170
[ 3388.867948] slab_free_freelist_hook+0x11d/0x1d0
[ 3388.868591] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 3388.869384] kfree+0xe2/0x3c0
[ 3388.869818] ? __kasan_check_byte+0x36/0x50
[ 3388.870394] kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 3388.871155] ? vmalloc_oob+0x5e0/0x5e0 [test_kasan]
[ 3388.871847] ? do_raw_spin_trylock+0xb5/0x180
[ 3388.872453] ? do_raw_spin_lock+0x270/0x270
[ 3388.873037] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.873799] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.874496] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.875176] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.875874] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.876746] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.877461] kthread+0x2a4/0x350
[ 3388.877921] ? kthread_complete_and_exit+0x20/0x20
[ 3388.878579] ret_from_fork+0x1f/0x30
[ 3388.879096]
[ 3388.879415]
[ 3388.879648] Allocated by task 121623:
[ 3388.880158] kasan_save_stack+0x1e/0x40
[ 3388.880687] __kasan_kmalloc+0x81/0xa0
[ 3388.881210] kmalloc_double_kzfree+0x9a/0x270 [test_kasan]
[ 3388.881958] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.882628] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.883456] kthread+0x2a4/0x350
[ 3388.883914] ret_from_fork+0x1f/0x30
[ 3388.884414]
[ 3388.884646] Freed by task 121623:
[ 3388.885114] kasan_save_stack+0x1e/0x40
[ 3388.885642] kasan_set_track+0x21/0x30
[ 3388.886196] kasan_set_free_info+0x20/0x40
[ 3388.886777] __kasan_slab_free+0x108/0x170
[ 3388.887339] slab_free_freelist_hook+0x11d/0x1d0
[ 3388.887979] kfree+0xe2/0x3c0
[ 3388.888402] kmalloc_double_kzfree+0x137/0x270 [test_kasan]
[ 3388.889161] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.889834] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.890661] kthread+0x2a4/0x350
[ 3388.891118] ret_from_fork+0x1f/0x30
[ 3388.891616]
[ 3388.891861] The buggy address belongs to the object at ffff8880922b88c0
[ 3388.891861] which belongs to the cache kmalloc-16 of size 16
[ 3388.893490] The buggy address is located 0 bytes inside of
[ 3388.893490] 16-byte region [ffff8880922b88c0, ffff8880922b88d0)
[ 3388.895013]
[ 3388.895245] The buggy address belongs to the physical page:
[ 3388.895997] page:000000007d97fc31 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880922b8e40 pfn:0x922b8
[ 3388.897405] flags: 0xfffffc0000200(slab|node=0|zone=1|lastcpupid=0x1fffff)
[ 3388.898332] raw: 000fffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 3388.899337] raw: ffff8880922b8e40 0000000080800035 00000001ffffffff 0000000000000000
[ 3388.900377] page dumped because: kasan: bad access detected
[ 3388.901133]
[ 3388.901362] Memory state around the buggy address:
[ 3388.902004] ffff8880922b8780: 00 00 fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 3388.902979] ffff8880922b8800: fb fb fc fc 00 00 fc fc fb fb fc fc fb fb fc fc
[ 3388.903950] >ffff8880922b8880: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc
[ 3388.904925] ^
[ 3388.905647] ffff8880922b8900: 00 00 fc fc fb fb fc fc 00 00 fc fc fb fb fc fc
[ 3388.906673] ffff8880922b8980: fb fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 3388.907650] ==================================================================
[ 3388.908916] ok 47 - kmalloc_double_kzfree
[ 3388.909309] ok 48 - vmalloc_helpers_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 3388.910243] ==================================================================
[ 3388.912309] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 3388.913361] Read of size 1 at addr ffffc900000737f3 by task kunit_try_catch/121625
[ 3388.914375]
[ 3388.914609] CPU: 1 PID: 121625 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.916426] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.917211] Call Trace:
[ 3388.917563]
[ 3388.917876] ? vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 3388.918545] dump_stack_lvl+0x57/0x81
[ 3388.919063] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.919850] ? vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 3388.920518] print_report.cold+0x5c/0x237
[ 3388.921159] kasan_report+0xc9/0x100
[ 3388.921663] ? vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 3388.922346] vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 3388.923000] ? kasan_global_oob_right+0x1f0/0x1f0 [test_kasan]
[ 3388.923800] ? do_raw_spin_trylock+0xb5/0x180
[ 3388.924405] ? do_raw_spin_lock+0x270/0x270
[ 3388.924990] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.925746] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.926445] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.927125] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.927825] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.928653] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.929362] kthread+0x2a4/0x350
[ 3388.929822] ? kthread_complete_and_exit+0x20/0x20
[ 3388.930506] ret_from_fork+0x1f/0x30
[ 3388.931021]
[ 3388.931340]
[ 3388.931573] The buggy address belongs to the virtual mapping at
[ 3388.931573] [ffffc90000073000, ffffc90000075000) created by:
[ 3388.931573] vmalloc_oob+0x78/0x5e0 [test_kasan]
[ 3388.933716]
[ 3388.933953] The buggy address belongs to the physical page:
[ 3388.934703] page:0000000022941577 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10555e
[ 3388.935960] flags: 0x17ffffc0000000(node=0|zone=2|lastcpupid=0x1fffff)
[ 3388.936845] raw: 0017ffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 3388.937883] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3388.938919] page dumped because: kasan: bad access detected
[ 3388.939674]
[ 3388.939910] Memory state around the buggy address:
[ 3388.940566] ffffc90000073680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.941539] ffffc90000073700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.942502] >ffffc90000073780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[ 3388.943398] ^
[ 3388.944321] ffffc90000073800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 3388.945210] ffffc90000073880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 3388.946164] ==================================================================
[ 3388.947326] ==================================================================
[ 3388.948290] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 3388.949380] Read of size 1 at addr ffffc900000737f8 by task kunit_try_catch/121625
[ 3388.950395]
[ 3388.950627] CPU: 1 PID: 121625 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-254.1999_765258838.el9.x86_64+debug #1
[ 3388.952299] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 3388.953082] Call Trace:
[ 3388.953446]
[ 3388.953722] ? vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 3388.954326] dump_stack_lvl+0x57/0x81
[ 3388.954788] print_address_description.constprop.0+0x1f/0x1e0
[ 3388.955575] ? vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 3388.956296] print_report.cold+0x5c/0x237
[ 3388.956861] kasan_report+0xc9/0x100
[ 3388.957368] ? vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 3388.958047] vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 3388.958697] ? kasan_global_oob_right+0x1f0/0x1f0 [test_kasan]
[ 3388.959497] ? do_raw_spin_trylock+0xb5/0x180
[ 3388.960129] ? do_raw_spin_lock+0x270/0x270
[ 3388.960720] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 3388.961489] ? kunit_add_resource+0x197/0x280 [kunit]
[ 3388.962224] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 3388.962903] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 3388.963595] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 3388.964430] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 3388.965137] kthread+0x2a4/0x350
[ 3388.965594] ? kthread_complete_and_exit+0x20/0x20
[ 3388.966256] ret_from_fork+0x1f/0x30
[ 3388.966770]
[ 3388.967089]
[ 3388.967324] The buggy address belongs to the virtual mapping at
[ 3388.967324] [ffffc90000073000, ffffc90000075000) created by:
[ 3388.967324] vmalloc_oob+0x78/0x5e0 [test_kasan]
[ 3388.969461]
[ 3388.969697] The buggy address belongs to the physical page:
[ 3388.970465] page:0000000022941577 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10555e
[ 3388.971716] flags: 0x17ffffc0000000(node=0|zone=2|lastcpupid=0x1fffff)
[ 3388.972604] raw: 0017ffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 3388.973646] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 3388.974683] page dumped because: kasan: bad access detected
[ 3388.975436]
[ 3388.975668] Memory state around the buggy address:
[ 3388.976328] ffffc90000073680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.977297] ffffc90000073700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3388.978271] >ffffc90000073780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[ 3388.979263] ^
[ 3388.980230] ffffc90000073800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 3388.981202] ffffc90000073880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 3388.982173] ==================================================================
[ 3388.983304] ok 49 - vmalloc_oob
[ 3388.983576] ok 50 - vmap_tags # SKIP Test requires CONFIG_KASAN_SW_TAGS=y
[ 3388.984303] ok 51 - vm_map_ram_tags # SKIP Test requires CONFIG_KASAN_SW_TAGS=y
[ 3388.985499] ok 52 - vmalloc_percpu # SKIP Test requires CONFIG_KASAN_SW_TAGS=y
[ 3388.986889] ok 53 - match_all_not_assigned # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 3388.988126] ok 54 - match_all_ptr_tag # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 3388.989569] ok 55 - match_all_mem_tag # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 3388.990659] ok 20 - kasan
[ 3389.147758] # Subtest: linear-ranges-test
[ 3389.147766] 1..4
[ 3389.148933] ok 1 - range_test_get_value_amount
[ 3389.149480] ok 2 - range_test_get_selector_high
[ 3389.150596] ok 3 - range_test_get_selector_low
[ 3389.151683] ok 4 - range_test_get_value
[ 3389.152338] ok 21 - linear-ranges-test
[ 3389.207306] # Subtest: list_sort
[ 3389.207314] 1..1
[ 3389.217650] ok 1 - list_sort_test
[ 3389.217981] ok 22 - list_sort
[ 3389.359198] # Subtest: time_test_cases
[ 3389.359206] 1..1
[ 3394.390579] ok 1 - time64_to_tm_test_date_range
[ 3394.390930] ok 23 - time_test_cases