[ 2235.600703] Running test [R:13330041 T:10 - KUNIT - Kernel: 5.14.0-256.2009_766119311.el9.x86_64+debug]
[ 2245.542577] # Subtest: bitfields
[ 2245.542594] 1..2
[ 2245.546934] ok 1 - test_bitfields_constants
[ 2245.547659] ok 2 - test_bitfields_variables
[ 2245.548240] ok 1 - bitfields
[ 2246.056323] # Subtest: cmdline
[ 2246.056335] 1..4
[ 2246.057137] ok 1 - cmdline_test_noint
[ 2246.057734] ok 2 - cmdline_test_lead_int
[ 2246.058546] ok 3 - cmdline_test_tail_int
[ 2246.059508] ok 4 - cmdline_test_range
[ 2246.060059] ok 2 - cmdline
[ 2246.552098] # Subtest: ext4_inode_test
[ 2246.552109] 1..1
[ 2246.552977] # inode_test_xtimestamp_decoding: ok 1 - 1901-12-13 Lower bound of 32bit < 0 timestamp, no extra bits
[ 2246.553636] # inode_test_xtimestamp_decoding: ok 2 - 1969-12-31 Upper bound of 32bit < 0 timestamp, no extra bits
[ 2246.555187] # inode_test_xtimestamp_decoding: ok 3 - 1970-01-01 Lower bound of 32bit >=0 timestamp, no extra bits
[ 2246.556750] # inode_test_xtimestamp_decoding: ok 4 - 2038-01-19 Upper bound of 32bit >=0 timestamp, no extra bits
[ 2246.558335] # inode_test_xtimestamp_decoding: ok 5 - 2038-01-19 Lower bound of 32bit <0 timestamp, lo extra sec bit on
[ 2246.560001] # inode_test_xtimestamp_decoding: ok 6 - 2106-02-07 Upper bound of 32bit <0 timestamp, lo extra sec bit on
[ 2246.561645] # inode_test_xtimestamp_decoding: ok 7 - 2106-02-07 Lower bound of 32bit >=0 timestamp, lo extra sec bit on
[ 2246.563330] # inode_test_xtimestamp_decoding: ok 8 - 2174-02-25 Upper bound of 32bit >=0 timestamp, lo extra sec bit on
[ 2246.565010] # inode_test_xtimestamp_decoding: ok 9 - 2174-02-25 Lower bound of 32bit <0 timestamp, hi extra sec bit on
[ 2246.566678] # inode_test_xtimestamp_decoding: ok 10 - 2242-03-16 Upper bound of 32bit <0 timestamp, hi extra sec bit on
[ 2246.568356] # inode_test_xtimestamp_decoding: ok 11 - 2242-03-16 Lower bound of 32bit >=0 timestamp, hi extra sec bit on
[ 2246.570007] # inode_test_xtimestamp_decoding: ok 12 - 2310-04-04 Upper bound of 32bit >=0 timestamp, hi extra sec bit on
[ 2246.571665] # inode_test_xtimestamp_decoding: ok 13 - 2310-04-04 Upper bound of 32bit>=0 timestamp, hi extra sec bit 1. 1 ns
[ 2246.573343] # inode_test_xtimestamp_decoding: ok 14 - 2378-04-22 Lower bound of 32bit>= timestamp. Extra sec bits 1. Max ns
[ 2246.575036] # inode_test_xtimestamp_decoding: ok 15 - 2378-04-22 Lower bound of 32bit >=0 timestamp. All extra sec bits on
[ 2246.576783] # inode_test_xtimestamp_decoding: ok 16 - 2446-05-10 Upper bound of 32bit >=0 timestamp. All extra sec bits on
[ 2246.578186] ok 1 - inode_test_xtimestamp_decoding
[ 2246.579570] ok 3 - ext4_inode_test
[ 2247.649141] # Subtest: kunit-try-catch-test
[ 2247.649153] 1..2
[ 2247.650773] ok 1 - kunit_test_try_catch_successful_try_no_catch
[ 2247.651759] ok 2 - kunit_test_try_catch_unsuccessful_try_does_catch
[ 2247.652571] ok 4 - kunit-try-catch-test
[ 2247.654158] # Subtest: kunit-resource-test
[ 2247.654164] 1..7
[ 2247.655108] ok 1 - kunit_resource_test_init_resources
[ 2247.655930] ok 2 - kunit_resource_test_alloc_resource
[ 2247.657039] ok 3 - kunit_resource_test_destroy_resource
[ 2247.658229] ok 4 - kunit_resource_test_cleanup_resources
[ 2247.659549] ok 5 - kunit_resource_test_proper_free_ordering
[ 2247.660598] ok 6 - kunit_resource_test_static
[ 2247.661999] ok 7 - kunit_resource_test_named
[ 2247.662747] ok 5 - kunit-resource-test
[ 2247.664496] # Subtest: kunit-log-test
[ 2247.664505] 1..1
[ 2247.669879] put this in log.
[ 2247.670269] this too.
[ 2247.670712] add to suite log.
[ 2247.671052] along with this.
[ 2247.671753] ok 1 - kunit_log_test
[ 2247.672311] ok 6 - kunit-log-test
[ 2247.673693] # Subtest: kunit_status
[ 2247.673700] 1..2
[ 2247.674522] ok 1 - kunit_status_set_failure_test
[ 2247.675160] ok 2 - kunit_status_mark_skipped_test
[ 2247.675935] ok 7 - kunit_status
[ 2247.796579] # Subtest: rtc_lib_test_cases
[ 2247.796590] 1..1
[ 2252.981835] ok 1 - rtc_time64_to_tm_test_date_range
[ 2252.982253] ok 8 - rtc_lib_test_cases
[ 2253.113315] # Subtest: list-kunit-test
[ 2253.113326] 1..36
[ 2253.118124] ok 1 - list_test_list_init
[ 2253.118826] ok 2 - list_test_list_add
[ 2253.120188] ok 3 - list_test_list_add_tail
[ 2253.121290] ok 4 - list_test_list_del
[ 2253.122311] ok 5 - list_test_list_replace
[ 2253.123307] ok 6 - list_test_list_replace_init
[ 2253.124333] ok 7 - list_test_list_swap
[ 2253.125478] ok 8 - list_test_list_del_init
[ 2253.126499] ok 9 - list_test_list_move
[ 2253.127510] ok 10 - list_test_list_move_tail
[ 2253.132140] ok 11 - list_test_list_bulk_move_tail
[ 2253.133612] ok 12 - list_test_list_is_first
[ 2253.134759] ok 13 - list_test_list_is_last
[ 2253.136240] ok 14 - list_test_list_empty
[ 2253.137534] ok 15 - list_test_list_empty_careful
[ 2253.138838] ok 16 - list_test_list_rotate_left
[ 2253.140437] ok 17 - list_test_list_rotate_to_front
[ 2253.142951] ok 18 - list_test_list_is_singular
[ 2253.145214] ok 19 - list_test_list_cut_position
[ 2253.147196] ok 20 - list_test_list_cut_before
[ 2253.149181] ok 21 - list_test_list_splice
[ 2253.151182] ok 22 - list_test_list_splice_tail
[ 2253.153180] ok 23 - list_test_list_splice_init
[ 2253.154172] ok 24 - list_test_list_splice_tail_init
[ 2253.155314] ok 25 - list_test_list_entry
[ 2253.156379] ok 26 - list_test_list_first_entry
[ 2253.157480] ok 27 - list_test_list_last_entry
[ 2253.158543] ok 28 - list_test_list_first_entry_or_null
[ 2253.159707] ok 29 - list_test_list_next_entry
[ 2253.160862] ok 30 - list_test_list_prev_entry
[ 2253.161937] ok 31 - list_test_list_for_each
[ 2253.163048] ok 32 - list_test_list_for_each_prev
[ 2253.164105] ok 33 - list_test_list_for_each_safe
[ 2253.165175] ok 34 - list_test_list_for_each_prev_safe
[ 2253.166271] ok 35 - list_test_list_for_each_entry
[ 2253.167390] ok 36 - list_test_list_for_each_entry_reverse
[ 2253.168172] ok 9 - list-kunit-test
[ 2253.288270] # Subtest: memcpy
[ 2253.288280] 1..4
[ 2253.289072] # memset_test: ok: memset() direct assignment
[ 2253.290103] # memset_test: ok: memset() complete overwrite
[ 2253.290817] # memset_test: ok: memset() middle overwrite
[ 2253.291541] # memset_test: ok: memset() argument side-effects
[ 2253.292310] # memset_test: ok: memset() memset_after()
[ 2253.293001] # memset_test: ok: memset() memset_startat()
[ 2253.293720] ok 1 - memset_test
[ 2253.294356] # memcpy_test: ok: memcpy() static initializers
[ 2253.295558] # memcpy_test: ok: memcpy() direct assignment
[ 2253.296291] # memcpy_test: ok: memcpy() complete overwrite
[ 2253.297025] # memcpy_test: ok: memcpy() middle overwrite
[ 2253.297720] # memcpy_test: ok: memcpy() argument side-effects
[ 2253.299383] ok 2 - memcpy_test
[ 2253.299697] # memmove_test: ok: memmove() static initializers
[ 2253.301039] # memmove_test: ok: memmove() direct assignment
[ 2253.301762] # memmove_test: ok: memmove() complete overwrite
[ 2253.302514] # memmove_test: ok: memmove() middle overwrite
[ 2253.303243] # memmove_test: ok: memmove() argument side-effects
[ 2253.304026] # memmove_test: ok: memmove() overlapping write
[ 2253.305802] ok 3 - memmove_test
[ 2253.306645] ok 4 - strtomem_test
[ 2253.307142] ok 10 - memcpy
[ 2253.423580] # Subtest: mptcp-crypto
[ 2253.423590] 1..1
[ 2253.424738] ok 1 - mptcp_crypto_test_basic
[ 2253.425100] ok 11 - mptcp-crypto
[ 2253.537763] # Subtest: mptcp-token
[ 2253.537773] 1..4
[ 2253.539075] ok 1 - mptcp_token_test_req_basic
[ 2253.539796] ok 2 - mptcp_token_test_msk_basic
[ 2253.540868] ok 3 - mptcp_token_test_accept
[ 2253.541921] ok 4 - mptcp_token_test_destroyed
[ 2253.542529] ok 12 - mptcp-token
[ 2253.833530] # Subtest: rational
[ 2253.833541] 1..1
[ 2253.834311] # rational_test: ok 1 - Exceeds bounds, semi-convergent term > 1/2 last term
[ 2253.834929] # rational_test: ok 2 - Exceeds bounds, semi-convergent term < 1/2 last term
[ 2253.836240] # rational_test: ok 3 - Closest to zero
[ 2253.837671] # rational_test: ok 4 - Closest to smallest non-zero
[ 2253.838591] # rational_test: ok 5 - Use convergent
[ 2253.839772] # rational_test: ok 6 - Exact answer
[ 2253.840796] # rational_test: ok 7 - Semiconvergent, numerator limit
[ 2253.841741] # rational_test: ok 8 - Semiconvergent, denominator limit
[ 2253.842670] ok 1 - rational_test
[ 2253.843522] ok 13 - rational
[ 2253.963797] # Subtest: resource
[ 2253.963807] 1..2
[ 2253.964611] ok 1 - resource_test_union
[ 2253.965265] ok 2 - resource_test_intersection
[ 2253.965789] ok 14 - resource
[ 2254.086847] # Subtest: slub_test
[ 2254.086857] 1..2
[ 2254.120117] ok 1 - test_clobber_zone
[ 2254.138522] ok 2 - test_clobber_redzone_free
[ 2254.139079] ok 15 - slub_test
[ 2254.587017] # Subtest: snd_soc_tplg_test
[ 2254.587028] 1..11
[ 2254.589309] ok 1 - snd_soc_tplg_test_load_with_null_comp
[ 2254.590522] ok 2 - snd_soc_tplg_test_load_with_null_ops
[ 2254.592200] ok 3 - snd_soc_tplg_test_load_with_null_fw
[ 2254.593870] ok 4 - snd_soc_tplg_test_load_empty_tplg
[ 2254.595397] ok 5 - snd_soc_tplg_test_load_empty_tplg_bad_magic
[ 2254.596920] ok 6 - snd_soc_tplg_test_load_empty_tplg_bad_abi
[ 2254.599681] ok 7 - snd_soc_tplg_test_load_empty_tplg_bad_size
[ 2254.601484] ok 8 - snd_soc_tplg_test_load_empty_tplg_bad_payload_size
[ 2254.603331] ok 9 - snd_soc_tplg_test_load_pcm_tplg
[ 2254.606474] ok 10 - snd_soc_tplg_test_load_pcm_tplg_reload_comp
[ 2254.610224] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.614625] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.644835] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.650782] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.675668] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.677923] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.694169] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.696436] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.734230] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.736538] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.766523] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.770818] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.799019] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.801530] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.817716] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.820480] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.852743] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.858455] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.877709] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.885358] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.904736] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.910739] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.932854] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.935748] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.960435] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.965783] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2254.989531] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2254.991820] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.017122] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.019418] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.042186] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.044474] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.077044] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.079666] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.097197] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.099556] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.121409] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.123721] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.146019] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.148470] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.166965] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.169649] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.191330] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.193616] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.212407] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.214986] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.235026] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.239773] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.260901] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.263795] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.282570] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.284853] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.317525] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.319815] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.335342] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.337730] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.369490] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.372073] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.394485] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.401525] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.436271] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.438555] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.468990] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.476598] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.494451] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.496795] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.527362] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.532408] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.548331] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.553685] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.569951] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.572280] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.598987] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.601269] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.629250] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.633602] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.658314] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.660626] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.680655] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.682943] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.721594] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.724022] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.744829] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.747533] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.770080] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.772743] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.795504] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.797773] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.823097] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.828877] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.847758] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.851999] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.876982] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.883405] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.903059] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.906093] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.925315] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.927940] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.953727] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.956425] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2255.978404] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2255.985755] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.007930] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.010229] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.026732] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.029045] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.048424] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.050766] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.074541] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.077011] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.100911] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.106357] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.130451] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.132733] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.162174] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.164863] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.186431] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.189357] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.215321] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.217755] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.258420] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.260785] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.278846] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.281485] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.330552] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.332860] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.362698] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.365472] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.384586] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.387179] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.423298] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.446668] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.479456] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.481731] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.506885] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.509208] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.525443] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.527698] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.548825] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.551145] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.575303] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.577594] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.601043] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.603378] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.623909] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.626814] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.675128] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.677470] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.700342] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.702844] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.755074] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.759514] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.776777] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.779089] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.807621] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.809924] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.834729] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.837478] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.868040] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.870345] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.904085] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.906429] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.932837] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.935193] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.950395] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.952656] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2256.976660] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2256.978978] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.003649] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.006354] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.030045] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.032334] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.064543] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.066791] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.090621] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.093359] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.113420] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.115694] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.163380] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.166252] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.182383] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.184659] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.206920] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.209356] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.233277] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.235596] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.266400] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.268658] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.288142] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.290602] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.316744] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.319123] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.340935] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.343238] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.385983] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.388296] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.415487] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.417768] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.439366] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: Parent card not yet available, widget card binding deferred
[ 2257.441666] sound-soc-topology-test-driver sound-soc-topology-test: ASoC: no DMI vendor name!
[ 2257.466071] ok 11 - snd_soc_tplg_test_load_pcm_tplg_reload_card
[ 2257.466083] ok 16 - snd_soc_tplg_test
[ 2257.678171] # Subtest: soc-utils
[ 2257.678183] 1..1
[ 2257.679080] ok 1 - test_tdm_params_to_bclk
[ 2257.679390] ok 17 - soc-utils
[ 2258.165175] # Subtest: sysctl_test
[ 2258.165187] 1..10
[ 2258.174652] ok 1 - sysctl_test_api_dointvec_null_tbl_data
[ 2258.178605] ok 2 - sysctl_test_api_dointvec_table_maxlen_unset
[ 2258.186074] ok 3 - sysctl_test_api_dointvec_table_len_is_zero
[ 2258.193441] ok 4 - sysctl_test_api_dointvec_table_read_but_position_set
[ 2258.200353] ok 5 - sysctl_test_dointvec_read_happy_single_positive
[ 2258.202913] ok 6 - sysctl_test_dointvec_read_happy_single_negative
[ 2258.204204] ok 7 - sysctl_test_dointvec_write_happy_single_positive
[ 2258.209287] ok 8 - sysctl_test_dointvec_write_happy_single_negative
[ 2258.211565] ok 9 - sysctl_test_api_dointvec_write_single_less_int_min
[ 2258.212941] ok 10 - sysctl_test_api_dointvec_write_single_greater_int_max
[ 2258.213785] ok 18 - sysctl_test
[ 2258.420541] # Subtest: bits-test
[ 2258.420552] 1..3
[ 2258.421581] ok 1 - genmask_test
[ 2258.427882] ok 2 - genmask_ull_test
[ 2258.428773] ok 3 - genmask_input_check_test
[ 2258.429330] ok 19 - bits-test
[ 2259.266360] # Subtest: kasan
[ 2259.266372] 1..55
[ 2259.276037] ==================================================================
[ 2259.277254] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 2259.278221] Write of size 1 at addr ffff888116c02f73 by task kunit_try_catch/48003
[ 2259.279200]
[ 2259.279442] CPU: 1 PID: 48003 Comm: kunit_try_catch Kdump: loaded Not tainted 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.280799] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.281497] Call Trace:
[ 2259.281814]
[ 2259.282091] ? kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 2259.282749] dump_stack_lvl+0x57/0x81
[ 2259.283213] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.283919] ? kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 2259.284577] print_report.cold+0x5c/0x237
[ 2259.285074] kasan_report+0xc9/0x100
[ 2259.285523] ? kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 2259.286177] kmalloc_oob_right+0x4ed/0x510 [test_kasan]
[ 2259.286814] ? kmalloc_oob_left+0x2e0/0x2e0 [test_kasan]
[ 2259.287466] ? lockdep_hardirqs_on_prepare.part.0+0x18c/0x370
[ 2259.288164] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.288842] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.289463] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.290060] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.290678] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.291416] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.292039] kthread+0x2a4/0x350
[ 2259.292450] ? kthread_complete_and_exit+0x20/0x20
[ 2259.293034] ret_from_fork+0x1f/0x30
[ 2259.293494]
[ 2259.293776]
[ 2259.293983] Allocated by task 48003:
[ 2259.294431] kasan_save_stack+0x1e/0x40
[ 2259.294903] __kasan_kmalloc+0x81/0xa0
[ 2259.295366] kmalloc_oob_right+0x98/0x510 [test_kasan]
[ 2259.295987] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.296587] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.297378] kthread+0x2a4/0x350
[ 2259.297829] ret_from_fork+0x1f/0x30
[ 2259.298322]
[ 2259.298528] The buggy address belongs to the object at ffff888116c02f00
[ 2259.298528] which belongs to the cache kmalloc-128 of size 128
[ 2259.299992] The buggy address is located 115 bytes inside of
[ 2259.299992] 128-byte region [ffff888116c02f00, ffff888116c02f80)
[ 2259.301370]
[ 2259.301577] The buggy address belongs to the physical page:
[ 2259.302245] page:00000000223a88bf refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x116c02
[ 2259.303354] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.304184] raw: 0017ffffc0000200 ffffea0004327d00 dead000000000005 ffff8881000418c0
[ 2259.305105] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2259.306023] page dumped because: kasan: bad access detected
[ 2259.306695]
[ 2259.306901] Memory state around the buggy address:
[ 2259.307484] ffff888116c02e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2259.308348] ffff888116c02e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.309205] >ffff888116c02f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[ 2259.310070] ^
[ 2259.310889] ffff888116c02f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.311750] ffff888116c03000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 2259.312612] ==================================================================
[ 2259.313567] Disabling lock debugging due to kernel taint
[ 2259.314221] ==================================================================
[ 2259.315089] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 2259.316054] Write of size 1 at addr ffff888116c02f78 by task kunit_try_catch/48003
[ 2259.316958]
[ 2259.317166] CPU: 1 PID: 48003 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.318776] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.319471] Call Trace:
[ 2259.319792]
[ 2259.320066] ? kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 2259.320722] dump_stack_lvl+0x57/0x81
[ 2259.321177] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.321880] ? kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 2259.322536] print_report.cold+0x5c/0x237
[ 2259.323031] kasan_report+0xc9/0x100
[ 2259.323480] ? kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 2259.324135] kmalloc_oob_right+0x4e3/0x510 [test_kasan]
[ 2259.324772] ? kmalloc_oob_left+0x2e0/0x2e0 [test_kasan]
[ 2259.325421] ? lockdep_hardirqs_on_prepare.part.0+0x18c/0x370
[ 2259.326119] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.326793] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.327417] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.328012] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.328634] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.329374] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.329998] kthread+0x2a4/0x350
[ 2259.330407] ? kthread_complete_and_exit+0x20/0x20
[ 2259.330992] ret_from_fork+0x1f/0x30
[ 2259.331448]
[ 2259.331730]
[ 2259.331937] Allocated by task 48003:
[ 2259.332381] kasan_save_stack+0x1e/0x40
[ 2259.332852] __kasan_kmalloc+0x81/0xa0
[ 2259.333317] kmalloc_oob_right+0x98/0x510 [test_kasan]
[ 2259.333940] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.334536] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.335274] kthread+0x2a4/0x350
[ 2259.335678] ret_from_fork+0x1f/0x30
[ 2259.336122]
[ 2259.336331] The buggy address belongs to the object at ffff888116c02f00
[ 2259.336331] which belongs to the cache kmalloc-128 of size 128
[ 2259.337794] The buggy address is located 120 bytes inside of
[ 2259.337794] 128-byte region [ffff888116c02f00, ffff888116c02f80)
[ 2259.339171]
[ 2259.339381] The buggy address belongs to the physical page:
[ 2259.340047] page:00000000223a88bf refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x116c02
[ 2259.341154] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.341986] raw: 0017ffffc0000200 ffffea0004327d00 dead000000000005 ffff8881000418c0
[ 2259.342908] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2259.343831] page dumped because: kasan: bad access detected
[ 2259.344504]
[ 2259.344710] Memory state around the buggy address:
[ 2259.345297] ffff888116c02e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2259.346156] ffff888116c02e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.347021] >ffff888116c02f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[ 2259.347882] ^
[ 2259.348735] ffff888116c02f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.349600] ffff888116c03000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 2259.350465] ==================================================================
[ 2259.351354] ==================================================================
[ 2259.352220] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 2259.353186] Read of size 1 at addr ffff888116c02f80 by task kunit_try_catch/48003
[ 2259.354081]
[ 2259.354291] CPU: 1 PID: 48003 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.355892] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.356586] Call Trace:
[ 2259.356904]
[ 2259.357179] ? kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 2259.357834] dump_stack_lvl+0x57/0x81
[ 2259.358293] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.358989] ? kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 2259.359642] print_report.cold+0x5c/0x237
[ 2259.360137] kasan_report+0xc9/0x100
[ 2259.360586] ? kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 2259.361245] kmalloc_oob_right+0x4d9/0x510 [test_kasan]
[ 2259.361879] ? kmalloc_oob_left+0x2e0/0x2e0 [test_kasan]
[ 2259.362532] ? lockdep_hardirqs_on_prepare.part.0+0x18c/0x370
[ 2259.363232] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.363905] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.364528] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.365124] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.365742] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.366481] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.367107] kthread+0x2a4/0x350
[ 2259.367514] ? kthread_complete_and_exit+0x20/0x20
[ 2259.368100] ret_from_fork+0x1f/0x30
[ 2259.368557]
[ 2259.368840]
[ 2259.369046] Allocated by task 48003:
[ 2259.369489] kasan_save_stack+0x1e/0x40
[ 2259.369962] __kasan_kmalloc+0x81/0xa0
[ 2259.370425] kmalloc_oob_right+0x98/0x510 [test_kasan]
[ 2259.371049] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.371648] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.372388] kthread+0x2a4/0x350
[ 2259.372793] ret_from_fork+0x1f/0x30
[ 2259.373239]
[ 2259.373445] The buggy address belongs to the object at ffff888116c02f00
[ 2259.373445] which belongs to the cache kmalloc-128 of size 128
[ 2259.374907] The buggy address is located 0 bytes to the right of
[ 2259.374907] 128-byte region [ffff888116c02f00, ffff888116c02f80)
[ 2259.376323]
[ 2259.376531] The buggy address belongs to the physical page:
[ 2259.377198] page:00000000223a88bf refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x116c02
[ 2259.378306] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.379133] raw: 0017ffffc0000200 ffffea0004327d00 dead000000000005 ffff8881000418c0
[ 2259.380058] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2259.380979] page dumped because: kasan: bad access detected
[ 2259.381646]
[ 2259.381852] Memory state around the buggy address:
[ 2259.382437] ffff888116c02e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.383302] ffff888116c02f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[ 2259.384164] >ffff888116c02f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.385027] ^
[ 2259.385434] ffff888116c03000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 2259.386298] ffff888116c03080: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 2259.387157] ==================================================================
[ 2259.388125] ok 1 - kmalloc_oob_right
[ 2259.388356] ==================================================================
[ 2259.389726] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 2259.390689] Read of size 1 at addr ffff88810cc7e9bf by task kunit_try_catch/48004
[ 2259.391584]
[ 2259.391794] CPU: 1 PID: 48004 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.393408] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.394103] Call Trace:
[ 2259.394423]
[ 2259.394699] ? kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 2259.395349] dump_stack_lvl+0x57/0x81
[ 2259.395809] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.396512] ? kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 2259.397159] print_report.cold+0x5c/0x237
[ 2259.397662] kasan_report+0xc9/0x100
[ 2259.398110] ? kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 2259.398827] kmalloc_oob_left+0x2bf/0x2e0 [test_kasan]
[ 2259.399538] ? kmalloc_pagealloc_oob_right+0x290/0x290 [test_kasan]
[ 2259.400302] ? do_raw_spin_trylock+0xb5/0x180
[ 2259.400842] ? do_raw_spin_lock+0x270/0x270
[ 2259.401363] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.402039] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.402665] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.403267] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.403885] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.404630] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.405260] kthread+0x2a4/0x350
[ 2259.405667] ? kthread_complete_and_exit+0x20/0x20
[ 2259.406259] ret_from_fork+0x1f/0x30
[ 2259.406715]
[ 2259.407000]
[ 2259.407207] Allocated by task 47776:
[ 2259.407655] kasan_save_stack+0x1e/0x40
[ 2259.408129] __kasan_kmalloc+0x81/0xa0
[ 2259.408595] proc_self_get_link+0x165/0x1d0
[ 2259.409109] pick_link+0x86c/0xfb0
[ 2259.409537] step_into+0x507/0xd50
[ 2259.409962] walk_component+0x11f/0x5b0
[ 2259.410438] link_path_walk.part.0.constprop.0+0x567/0xb90
[ 2259.411100] path_lookupat+0x79/0x6b0
[ 2259.411557] filename_lookup+0x19b/0x520
[ 2259.412040] user_path_at_empty+0x3a/0x60
[ 2259.412536] do_utimes+0xe9/0x190
[ 2259.412953] __x64_sys_utimensat+0x150/0x200
[ 2259.413486] do_syscall_64+0x59/0x90
[ 2259.413933] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2259.414548]
[ 2259.414755] Freed by task 47776:
[ 2259.415160] kasan_save_stack+0x1e/0x40
[ 2259.415635] kasan_set_track+0x21/0x30
[ 2259.416099] kasan_set_free_info+0x20/0x40
[ 2259.416604] __kasan_slab_free+0x108/0x170
[ 2259.417106] slab_free_freelist_hook+0x11d/0x1d0
[ 2259.417677] kfree+0xe2/0x3c0
[ 2259.418054] walk_component+0x1ee/0x5b0
[ 2259.418533] link_path_walk.part.0.constprop.0+0x485/0xb90
[ 2259.419194] path_lookupat+0x79/0x6b0
[ 2259.419651] filename_lookup+0x19b/0x520
[ 2259.420133] user_path_at_empty+0x3a/0x60
[ 2259.420627] do_utimes+0xe9/0x190
[ 2259.421041] __x64_sys_utimensat+0x150/0x200
[ 2259.421573] do_syscall_64+0x59/0x90
[ 2259.422016] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2259.422630]
[ 2259.422838] The buggy address belongs to the object at ffff88810cc7e9a0
[ 2259.422838] which belongs to the cache kmalloc-16 of size 16
[ 2259.424289] The buggy address is located 15 bytes to the right of
[ 2259.424289] 16-byte region [ffff88810cc7e9a0, ffff88810cc7e9b0)
[ 2259.425712]
[ 2259.425919] The buggy address belongs to the physical page:
[ 2259.426587] page:00000000825ad571 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10cc7e
[ 2259.427701] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.428534] raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 2259.429460] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2259.430383] page dumped because: kasan: bad access detected
[ 2259.431051]
[ 2259.431262] Memory state around the buggy address:
[ 2259.431844] ffff88810cc7e880: fb fb fc fc fa fb fc fc 00 00 fc fc 00 00 fc fc
[ 2259.432712] ffff88810cc7e900: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc
[ 2259.433574] >ffff88810cc7e980: 00 00 fc fc fa fb fc fc 00 07 fc fc fa fb fc fc
[ 2259.434439] ^
[ 2259.435050] ffff88810cc7ea00: fb fb fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc
[ 2259.435917] ffff88810cc7ea80: 00 00 fc fc fb fb fc fc 00 00 fc fc fa fb fc fc
[ 2259.436784] ==================================================================
[ 2259.439841] ok 2 - kmalloc_oob_left
[ 2259.442174] ==================================================================
[ 2259.443542] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 2259.444557] Read of size 1 at addr ffff8881052af000 by task kunit_try_catch/48005
[ 2259.445448]
[ 2259.445655] CPU: 0 PID: 48005 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.447254] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.447946] Call Trace:
[ 2259.448260]
[ 2259.448533] ? kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 2259.449239] dump_stack_lvl+0x57/0x81
[ 2259.449695] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.450394] ? kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 2259.451095] print_report.cold+0x5c/0x237
[ 2259.451592] kasan_report+0xc9/0x100
[ 2259.452037] ? kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 2259.452743] kmalloc_node_oob_right+0x2bf/0x2e0 [test_kasan]
[ 2259.453432] ? pagealloc_uaf+0x2f0/0x2f0 [test_kasan]
[ 2259.454042] ? do_raw_spin_trylock+0xb5/0x180
[ 2259.454579] ? do_raw_spin_lock+0x270/0x270
[ 2259.455093] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.455765] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.456384] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.456976] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.457590] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.458325] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.458945] kthread+0x2a4/0x350
[ 2259.459351] ? kthread_complete_and_exit+0x20/0x20
[ 2259.459932] ret_from_fork+0x1f/0x30
[ 2259.460386]
[ 2259.460668]
[ 2259.460873] Allocated by task 48005:
[ 2259.461316] kasan_save_stack+0x1e/0x40
[ 2259.461784] __kasan_kmalloc+0x81/0xa0
[ 2259.462253] kmalloc_node_oob_right+0x9a/0x2e0 [test_kasan]
[ 2259.462919] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.463513] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.464246] kthread+0x2a4/0x350
[ 2259.464650] ret_from_fork+0x1f/0x30
[ 2259.465090]
[ 2259.465299] The buggy address belongs to the object at ffff8881052ae000
[ 2259.465299] which belongs to the cache kmalloc-4k of size 4096
[ 2259.466755] The buggy address is located 0 bytes to the right of
[ 2259.466755] 4096-byte region [ffff8881052ae000, ffff8881052af000)
[ 2259.468170]
[ 2259.468379] The buggy address belongs to the physical page:
[ 2259.469042] page:00000000ba0bc237 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1052a8
[ 2259.470145] head:00000000ba0bc237 order:3 compound_mapcount:0 compound_pincount:0
[ 2259.471032] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.471913] raw: 0017ffffc0010200 ffffea00043b1a00 dead000000000002 ffff888100042140
[ 2259.472833] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000
[ 2259.473748] page dumped because: kasan: bad access detected
[ 2259.474412]
[ 2259.474617] Memory state around the buggy address:
[ 2259.475196] ffff8881052aef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.476055] ffff8881052aef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.476913] >ffff8881052af000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.477768] ^
[ 2259.478169] ffff8881052af080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.479027] ffff8881052af100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.479888] ==================================================================
[ 2259.480830] ok 3 - kmalloc_node_oob_right
[ 2259.485286] ==================================================================
[ 2259.486712] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 2259.487781] Write of size 1 at addr ffff8881104a600a by task kunit_try_catch/48006
[ 2259.488682]
[ 2259.488890] CPU: 1 PID: 48006 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.490498] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.491191] Call Trace:
[ 2259.491506]
[ 2259.491780] ? kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 2259.492542] dump_stack_lvl+0x57/0x81
[ 2259.492997] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.493696] ? kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 2259.494453] print_report.cold+0x5c/0x237
[ 2259.494950] kasan_report+0xc9/0x100
[ 2259.495401] ? kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 2259.496156] kmalloc_pagealloc_oob_right+0x27b/0x290 [test_kasan]
[ 2259.496897] ? kmalloc_pagealloc_uaf+0x280/0x280 [test_kasan]
[ 2259.497599] ? do_raw_spin_trylock+0xb5/0x180
[ 2259.498136] ? do_raw_spin_lock+0x270/0x270
[ 2259.498656] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.499336] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.499954] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.500556] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.501172] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.501911] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.502537] kthread+0x2a4/0x350
[ 2259.502944] ? kthread_complete_and_exit+0x20/0x20
[ 2259.503535] ret_from_fork+0x1f/0x30
[ 2259.503987]
[ 2259.504274]
[ 2259.504480] The buggy address belongs to the physical page:
[ 2259.505147] page:00000000de2cc3de refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1104a4
[ 2259.506260] head:00000000de2cc3de order:2 compound_mapcount:0 compound_pincount:0
[ 2259.507151] flags: 0x17ffffc0010000(head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.507983] raw: 0017ffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2259.508905] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2259.509823] page dumped because: kasan: bad access detected
[ 2259.510492]
[ 2259.510699] Memory state around the buggy address:
[ 2259.511283] ffff8881104a5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.512143] ffff8881104a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.513004] >ffff8881104a6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2259.513870] ^
[ 2259.514306] ffff8881104a6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2259.515164] ffff8881104a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2259.516028] ==================================================================
[ 2259.517581] ok 4 - kmalloc_pagealloc_oob_right
[ 2259.517730] ==================================================================
[ 2259.519188] BUG: KASAN: use-after-free in kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 2259.520149] Read of size 1 at addr ffff888114b8c000 by task kunit_try_catch/48007
[ 2259.521037]
[ 2259.521246] CPU: 0 PID: 48007 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.522838] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.523532] Call Trace:
[ 2259.523842]
[ 2259.524114] ? kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 2259.524812] dump_stack_lvl+0x57/0x81
[ 2259.525268] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.525963] ? kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 2259.526657] print_report.cold+0x5c/0x237
[ 2259.527148] kasan_report+0xc9/0x100
[ 2259.527594] ? kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 2259.528291] kmalloc_pagealloc_uaf+0x26b/0x280 [test_kasan]
[ 2259.528960] ? kmalloc_pagealloc_invalid_free+0x250/0x250 [test_kasan]
[ 2259.529740] ? do_raw_spin_trylock+0xb5/0x180
[ 2259.530279] ? do_raw_spin_lock+0x270/0x270
[ 2259.530793] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.531464] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.532080] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.532675] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.533293] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.534024] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.534648] kthread+0x2a4/0x350
[ 2259.535051] ? kthread_complete_and_exit+0x20/0x20
[ 2259.535637] ret_from_fork+0x1f/0x30
[ 2259.536087]
[ 2259.536372]
[ 2259.536577] The buggy address belongs to the physical page:
[ 2259.537243] page:00000000d048526f refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x114b8c
[ 2259.538345] flags: 0x17ffffc0000000(node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.539121] raw: 0017ffffc0000000 ffffea00042be708 ffff8881e7dff370 0000000000000000
[ 2259.540035] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 2259.540956] page dumped because: kasan: bad access detected
[ 2259.541620]
[ 2259.541824] Memory state around the buggy address:
[ 2259.542405] ffff888114b8bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.543263] ffff888114b8bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.544118] >ffff888114b8c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2259.544976] ^
[ 2259.545380] ffff888114b8c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2259.546238] ffff888114b8c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2259.547093] ==================================================================
[ 2259.550560] ok 5 - kmalloc_pagealloc_uaf
[ 2259.556590] ==================================================================
[ 2259.558008] BUG: KASAN: double-free or invalid-free in kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 2259.559198]
[ 2259.559410] CPU: 1 PID: 48008 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.561017] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.561714] Call Trace:
[ 2259.562026]
[ 2259.562307] dump_stack_lvl+0x57/0x81
[ 2259.562764] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.563466] print_report.cold+0x5c/0x237
[ 2259.563958] ? kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 2259.564747] ? kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 2259.565538] kasan_report_invalid_free+0x99/0xc0
[ 2259.566103] ? kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 2259.566892] kfree+0x2ab/0x3c0
[ 2259.567287] kmalloc_pagealloc_invalid_free+0x191/0x250 [test_kasan]
[ 2259.568052] ? kmalloc_large_oob_right+0x2b0/0x2b0 [test_kasan]
[ 2259.568770] ? do_raw_spin_trylock+0xb5/0x180
[ 2259.569313] ? do_raw_spin_lock+0x270/0x270
[ 2259.569829] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.570505] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.571125] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.571723] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.572341] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.573075] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.573702] kthread+0x2a4/0x350
[ 2259.574107] ? kthread_complete_and_exit+0x20/0x20
[ 2259.574697] ret_from_fork+0x1f/0x30
[ 2259.575152]
[ 2259.575439]
[ 2259.575645] The buggy address belongs to the physical page:
[ 2259.576316] page:00000000a534d470 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ee10
[ 2259.577427] head:00000000a534d470 order:2 compound_mapcount:0 compound_pincount:0
[ 2259.578321] flags: 0x17ffffc0010000(head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.579148] raw: 0017ffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2259.580068] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2259.580985] page dumped because: kasan: bad access detected
[ 2259.581654]
[ 2259.581860] Memory state around the buggy address:
[ 2259.582444] ffff88810ee0ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.583306] ffff88810ee0ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.584167] >ffff88810ee10000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.585029] ^
[ 2259.585435] ffff88810ee10080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.586296] ffff88810ee10100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.587156] ==================================================================
[ 2259.588079] ok 6 - kmalloc_pagealloc_invalid_free
[ 2259.594017] ok 7 - pagealloc_oob_right # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 2259.599791] ==================================================================
[ 2259.601628] BUG: KASAN: use-after-free in pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 2259.602520] Read of size 1 at addr ffff888118f80000 by task kunit_try_catch/48010
[ 2259.603418]
[ 2259.603626] CPU: 1 PID: 48010 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.605229] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.605920] Call Trace:
[ 2259.606236]
[ 2259.606510] ? pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 2259.607126] dump_stack_lvl+0x57/0x81
[ 2259.607583] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.608282] ? pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 2259.608895] print_report.cold+0x5c/0x237
[ 2259.609392] kasan_report+0xc9/0x100
[ 2259.609838] ? pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 2259.610468] pagealloc_uaf+0x2b5/0x2f0 [test_kasan]
[ 2259.611064] ? krealloc_more_oob+0x10/0x10 [test_kasan]
[ 2259.611701] ? do_raw_spin_trylock+0xb5/0x180
[ 2259.612242] ? do_raw_spin_lock+0x270/0x270
[ 2259.612757] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.613434] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.614051] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.614649] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.615268] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.616001] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.616628] kthread+0x2a4/0x350
[ 2259.617033] ? kthread_complete_and_exit+0x20/0x20
[ 2259.617620] ret_from_fork+0x1f/0x30
[ 2259.618074]
[ 2259.618359]
[ 2259.618565] The buggy address belongs to the physical page:
[ 2259.619234] page:00000000d46410ae refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x118f80
[ 2259.620369] flags: 0x17ffffc0000000(node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.621150] raw: 0017ffffc0000000 ffffea0005185808 ffff88823ffd6220 0000000000000000
[ 2259.622069] raw: 0000000000000000 0000000000000004 00000000ffffff7f 0000000000000000
[ 2259.622988] page dumped because: kasan: bad access detected
[ 2259.623656]
[ 2259.623862] Memory state around the buggy address:
[ 2259.624445] ffff888118f7ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.625310] ffff888118f7ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.626168] >ffff888118f80000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2259.627031] ^
[ 2259.627436] ffff888118f80080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2259.628298] ffff888118f80100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2259.629156] ==================================================================
[ 2259.630119] ok 8 - pagealloc_uaf
[ 2259.639234] ==================================================================
[ 2259.640563] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 2259.641588] Write of size 1 at addr ffff8881057edf00 by task kunit_try_catch/48011
[ 2259.642485]
[ 2259.642693] CPU: 0 PID: 48011 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.644298] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.644989] Call Trace:
[ 2259.645303]
[ 2259.645576] ? kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 2259.646291] dump_stack_lvl+0x57/0x81
[ 2259.646744] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.647442] ? kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 2259.648154] print_report.cold+0x5c/0x237
[ 2259.648651] kasan_report+0xc9/0x100
[ 2259.649099] ? kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 2259.649815] kmalloc_large_oob_right+0x28c/0x2b0 [test_kasan]
[ 2259.650514] ? kmalloc_oob_16+0x3b0/0x3b0 [test_kasan]
[ 2259.651136] ? do_raw_spin_trylock+0xb5/0x180
[ 2259.651673] ? do_raw_spin_lock+0x270/0x270
[ 2259.652188] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.652862] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.653498] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.654092] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.654708] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.655444] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.656068] kthread+0x2a4/0x350
[ 2259.656474] ? kthread_complete_and_exit+0x20/0x20
[ 2259.657058] ret_from_fork+0x1f/0x30
[ 2259.657514]
[ 2259.657795]
[ 2259.658000] Allocated by task 48011:
[ 2259.658445] kasan_save_stack+0x1e/0x40
[ 2259.658914] __kasan_kmalloc+0x81/0xa0
[ 2259.659376] kmalloc_large_oob_right+0x98/0x2b0 [test_kasan]
[ 2259.660060] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.660655] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.661394] kthread+0x2a4/0x350
[ 2259.661797] ret_from_fork+0x1f/0x30
[ 2259.662242]
[ 2259.662448] The buggy address belongs to the object at ffff8881057ec000
[ 2259.662448] which belongs to the cache kmalloc-8k of size 8192
[ 2259.664059] The buggy address is located 7936 bytes inside of
[ 2259.664059] 8192-byte region [ffff8881057ec000, ffff8881057ee000)
[ 2259.665618]
[ 2259.665849] The buggy address belongs to the physical page:
[ 2259.666609] page:00000000f976aa7c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057e8
[ 2259.667758] head:00000000f976aa7c order:3 compound_mapcount:0 compound_pincount:0
[ 2259.668755] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.669743] raw: 0017ffffc0010200 0000000000000000 dead000000000001 ffff888100042280
[ 2259.670662] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[ 2259.671578] page dumped because: kasan: bad access detected
[ 2259.672244]
[ 2259.672450] Memory state around the buggy address:
[ 2259.673029] ffff8881057ede00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.673890] ffff8881057ede80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.674753] >ffff8881057edf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.675610] ^
[ 2259.676012] ffff8881057edf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.676879] ffff8881057ee000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.677743] ==================================================================
[ 2259.680537] ok 9 - kmalloc_large_oob_right
[ 2259.683425] ==================================================================
[ 2259.684859] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2259.685899] Write of size 1 at addr ffff8881053f44eb by task kunit_try_catch/48012
[ 2259.686796]
[ 2259.687003] CPU: 0 PID: 48012 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.688604] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.689297] Call Trace:
[ 2259.689607]
[ 2259.689880] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2259.690608] dump_stack_lvl+0x57/0x81
[ 2259.691063] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.691760] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2259.692487] print_report.cold+0x5c/0x237
[ 2259.692978] kasan_report+0xc9/0x100
[ 2259.693426] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2259.694149] krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2259.694857] ? krealloc_less_oob+0x10/0x10 [test_kasan]
[ 2259.695493] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.696066] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.696640] ? lock_acquire+0x4ea/0x620
[ 2259.697111] ? rcu_read_unlock+0x40/0x40
[ 2259.697597] ? rcu_read_unlock+0x40/0x40
[ 2259.698077] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.698652] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.699327] ? do_raw_spin_lock+0x270/0x270
[ 2259.699839] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2259.700575] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2259.701175] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.701793] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.702387] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.703001] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.703736] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.704359] kthread+0x2a4/0x350
[ 2259.704761] ? kthread_complete_and_exit+0x20/0x20
[ 2259.705347] ret_from_fork+0x1f/0x30
[ 2259.705798]
[ 2259.706079]
[ 2259.706288] Allocated by task 48012:
[ 2259.706727] kasan_save_stack+0x1e/0x40
[ 2259.707197] __kasan_krealloc+0xee/0x160
[ 2259.707679] krealloc+0x50/0xe0
[ 2259.708073] krealloc_more_oob_helper+0x1d5/0x610 [test_kasan]
[ 2259.708775] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.709371] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.710101] kthread+0x2a4/0x350
[ 2259.710505] ret_from_fork+0x1f/0x30
[ 2259.710946]
[ 2259.711152] The buggy address belongs to the object at ffff8881053f4400
[ 2259.711152] which belongs to the cache kmalloc-256 of size 256
[ 2259.712609] The buggy address is located 235 bytes inside of
[ 2259.712609] 256-byte region [ffff8881053f4400, ffff8881053f4500)
[ 2259.713979]
[ 2259.714185] The buggy address belongs to the physical page:
[ 2259.714851] page:000000004547b714 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8881053f4000 pfn:0x1053f4
[ 2259.716102] head:000000004547b714 order:1 compound_mapcount:0 compound_pincount:0
[ 2259.716991] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.717874] raw: 0017ffffc0010200 ffffea000453cb80 dead000000000002 ffff888100041b40
[ 2259.718791] raw: ffff8881053f4000 000000008010000b 00000001ffffffff 0000000000000000
[ 2259.719706] page dumped because: kasan: bad access detected
[ 2259.720373]
[ 2259.720578] Memory state around the buggy address:
[ 2259.721165] ffff8881053f4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.722023] ffff8881053f4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.722882] >ffff8881053f4480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[ 2259.723741] ^
[ 2259.724527] ffff8881053f4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.725388] ffff8881053f4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.726247] ==================================================================
[ 2259.727151] ==================================================================
[ 2259.728020] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2259.729053] Write of size 1 at addr ffff8881053f44f0 by task kunit_try_catch/48012
[ 2259.729949]
[ 2259.730157] CPU: 0 PID: 48012 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.731761] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.732451] Call Trace:
[ 2259.732762]
[ 2259.733035] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2259.733760] dump_stack_lvl+0x57/0x81
[ 2259.734216] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.734907] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2259.735633] print_report.cold+0x5c/0x237
[ 2259.736124] kasan_report+0xc9/0x100
[ 2259.736571] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2259.737297] krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2259.738002] ? krealloc_less_oob+0x10/0x10 [test_kasan]
[ 2259.738634] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.739207] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.739782] ? lock_acquire+0x4ea/0x620
[ 2259.740255] ? rcu_read_unlock+0x40/0x40
[ 2259.740734] ? rcu_read_unlock+0x40/0x40
[ 2259.741216] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.741790] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.742463] ? do_raw_spin_lock+0x270/0x270
[ 2259.742974] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2259.743711] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2259.744313] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.744928] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.745525] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.746138] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.746873] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.747500] kthread+0x2a4/0x350
[ 2259.747903] ? kthread_complete_and_exit+0x20/0x20
[ 2259.748487] ret_from_fork+0x1f/0x30
[ 2259.748938]
[ 2259.749224]
[ 2259.749430] Allocated by task 48012:
[ 2259.749870] kasan_save_stack+0x1e/0x40
[ 2259.750341] __kasan_krealloc+0xee/0x160
[ 2259.750820] krealloc+0x50/0xe0
[ 2259.751217] krealloc_more_oob_helper+0x1d5/0x610 [test_kasan]
[ 2259.751919] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.752513] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.753246] kthread+0x2a4/0x350
[ 2259.753648] ret_from_fork+0x1f/0x30
[ 2259.754088]
[ 2259.754296] The buggy address belongs to the object at ffff8881053f4400
[ 2259.754296] which belongs to the cache kmalloc-256 of size 256
[ 2259.755747] The buggy address is located 240 bytes inside of
[ 2259.755747] 256-byte region [ffff8881053f4400, ffff8881053f4500)
[ 2259.757112]
[ 2259.757322] The buggy address belongs to the physical page:
[ 2259.757985] page:000000004547b714 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8881053f4000 pfn:0x1053f4
[ 2259.759239] head:000000004547b714 order:1 compound_mapcount:0 compound_pincount:0
[ 2259.760122] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.761003] raw: 0017ffffc0010200 ffffea000453cb80 dead000000000002 ffff888100041b40
[ 2259.761921] raw: ffff8881053f4000 000000008010000b 00000001ffffffff 0000000000000000
[ 2259.762835] page dumped because: kasan: bad access detected
[ 2259.763503]
[ 2259.763708] Memory state around the buggy address:
[ 2259.764289] ffff8881053f4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.765143] ffff8881053f4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.766007] >ffff8881053f4480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[ 2259.766864] ^
[ 2259.767679] ffff8881053f4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.768539] ffff8881053f4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.769396] ==================================================================
[ 2259.770369] ok 10 - krealloc_more_oob
[ 2259.783796] ==================================================================
[ 2259.785187] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2259.786229] Write of size 1 at addr ffff8881206148c9 by task kunit_try_catch/48013
[ 2259.787128]
[ 2259.787339] CPU: 1 PID: 48013 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.788947] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.789645] Call Trace:
[ 2259.789964]
[ 2259.790242] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2259.790967] dump_stack_lvl+0x57/0x81
[ 2259.791426] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.792123] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2259.792856] print_report.cold+0x5c/0x237
[ 2259.793355] kasan_report+0xc9/0x100
[ 2259.793802] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2259.794530] krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2259.795241] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2259.795844] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.796423] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.796995] ? lock_acquire+0x4ea/0x620
[ 2259.797474] ? rcu_read_unlock+0x40/0x40
[ 2259.797955] ? rcu_read_unlock+0x40/0x40
[ 2259.798438] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.799014] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.799691] ? do_raw_spin_lock+0x270/0x270
[ 2259.800207] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2259.800951] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2259.801555] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.802175] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.802776] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.803394] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.804129] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.804756] kthread+0x2a4/0x350
[ 2259.805162] ? kthread_complete_and_exit+0x20/0x20
[ 2259.805749] ret_from_fork+0x1f/0x30
[ 2259.806202]
[ 2259.806490]
[ 2259.806696] Allocated by task 48013:
[ 2259.807138] kasan_save_stack+0x1e/0x40
[ 2259.807614] __kasan_krealloc+0xee/0x160
[ 2259.808093] krealloc+0x50/0xe0
[ 2259.808494] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 2259.809199] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.809799] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.810538] kthread+0x2a4/0x350
[ 2259.810945] ret_from_fork+0x1f/0x30
[ 2259.811392]
[ 2259.811598] The buggy address belongs to the object at ffff888120614800
[ 2259.811598] which belongs to the cache kmalloc-256 of size 256
[ 2259.813060] The buggy address is located 201 bytes inside of
[ 2259.813060] 256-byte region [ffff888120614800, ffff888120614900)
[ 2259.814440]
[ 2259.814646] The buggy address belongs to the physical page:
[ 2259.815314] page:00000000d0fa8efa refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888120614600 pfn:0x120614
[ 2259.816571] head:00000000d0fa8efa order:1 compound_mapcount:0 compound_pincount:0
[ 2259.817464] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.818350] raw: 0017ffffc0010200 ffffea00043f4c00 dead000000000006 ffff888100041b40
[ 2259.819271] raw: ffff888120614600 000000008010000e 00000001ffffffff 0000000000000000
[ 2259.820187] page dumped because: kasan: bad access detected
[ 2259.820856]
[ 2259.821063] Memory state around the buggy address:
[ 2259.821646] ffff888120614780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.822509] ffff888120614800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.823373] >ffff888120614880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 2259.824235] ^
[ 2259.824902] ffff888120614900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.825767] ffff888120614980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.826628] ==================================================================
[ 2259.827599] ==================================================================
[ 2259.828473] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2259.829516] Write of size 1 at addr ffff8881206148d0 by task kunit_try_catch/48013
[ 2259.830420]
[ 2259.830628] CPU: 1 PID: 48013 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.832243] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.832938] Call Trace:
[ 2259.833254]
[ 2259.833529] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2259.834259] dump_stack_lvl+0x57/0x81
[ 2259.834714] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.835417] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2259.836143] print_report.cold+0x5c/0x237
[ 2259.836643] kasan_report+0xc9/0x100
[ 2259.837090] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2259.837822] krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2259.838538] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2259.839141] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.839720] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.840299] ? lock_acquire+0x4ea/0x620
[ 2259.840773] ? rcu_read_unlock+0x40/0x40
[ 2259.841261] ? rcu_read_unlock+0x40/0x40
[ 2259.841742] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.842325] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.842999] ? do_raw_spin_lock+0x270/0x270
[ 2259.843518] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2259.844265] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2259.844869] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.845493] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.846089] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.846707] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.847447] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.848072] kthread+0x2a4/0x350
[ 2259.848482] ? kthread_complete_and_exit+0x20/0x20
[ 2259.849068] ret_from_fork+0x1f/0x30
[ 2259.849524]
[ 2259.849809]
[ 2259.850016] Allocated by task 48013:
[ 2259.850463] kasan_save_stack+0x1e/0x40
[ 2259.850936] __kasan_krealloc+0xee/0x160
[ 2259.851423] krealloc+0x50/0xe0
[ 2259.851818] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 2259.852532] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.853129] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.853866] kthread+0x2a4/0x350
[ 2259.854278] ret_from_fork+0x1f/0x30
[ 2259.854722]
[ 2259.854928] The buggy address belongs to the object at ffff888120614800
[ 2259.854928] which belongs to the cache kmalloc-256 of size 256
[ 2259.856393] The buggy address is located 208 bytes inside of
[ 2259.856393] 256-byte region [ffff888120614800, ffff888120614900)
[ 2259.857769]
[ 2259.857976] The buggy address belongs to the physical page:
[ 2259.858644] page:00000000d0fa8efa refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888120614600 pfn:0x120614
[ 2259.859902] head:00000000d0fa8efa order:1 compound_mapcount:0 compound_pincount:0
[ 2259.860797] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.861685] raw: 0017ffffc0010200 ffffea00043f4c00 dead000000000006 ffff888100041b40
[ 2259.862609] raw: ffff888120614600 000000008010000e 00000001ffffffff 0000000000000000
[ 2259.863528] page dumped because: kasan: bad access detected
[ 2259.864194]
[ 2259.864405] Memory state around the buggy address:
[ 2259.864986] ffff888120614780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.865850] ffff888120614800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.866714] >ffff888120614880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 2259.867578] ^
[ 2259.868284] ffff888120614900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.869143] ffff888120614980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.870005] ==================================================================
[ 2259.870888] ==================================================================
[ 2259.871757] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2259.872794] Write of size 1 at addr ffff8881206148da by task kunit_try_catch/48013
[ 2259.873697]
[ 2259.873905] CPU: 1 PID: 48013 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.875513] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.876204] Call Trace:
[ 2259.876521]
[ 2259.876795] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2259.877526] dump_stack_lvl+0x57/0x81
[ 2259.877980] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.878683] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2259.879413] print_report.cold+0x5c/0x237
[ 2259.879908] kasan_report+0xc9/0x100
[ 2259.880357] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2259.881085] krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2259.881801] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2259.882410] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.882986] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.883565] ? lock_acquire+0x4ea/0x620
[ 2259.884038] ? rcu_read_unlock+0x40/0x40
[ 2259.884527] ? rcu_read_unlock+0x40/0x40
[ 2259.885008] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.885589] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.886264] ? do_raw_spin_lock+0x270/0x270
[ 2259.886777] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2259.887519] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2259.888122] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.888745] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.889347] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.889963] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.890702] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.891333] kthread+0x2a4/0x350
[ 2259.891738] ? kthread_complete_and_exit+0x20/0x20
[ 2259.892326] ret_from_fork+0x1f/0x30
[ 2259.892781]
[ 2259.893064]
[ 2259.893274] Allocated by task 48013:
[ 2259.893715] kasan_save_stack+0x1e/0x40
[ 2259.894187] __kasan_krealloc+0xee/0x160
[ 2259.894672] krealloc+0x50/0xe0
[ 2259.895068] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 2259.895776] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.896383] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.897118] kthread+0x2a4/0x350
[ 2259.897526] ret_from_fork+0x1f/0x30
[ 2259.897969]
[ 2259.898175] The buggy address belongs to the object at ffff888120614800
[ 2259.898175] which belongs to the cache kmalloc-256 of size 256
[ 2259.899642] The buggy address is located 218 bytes inside of
[ 2259.899642] 256-byte region [ffff888120614800, ffff888120614900)
[ 2259.901021]
[ 2259.901231] The buggy address belongs to the physical page:
[ 2259.901896] page:00000000d0fa8efa refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888120614600 pfn:0x120614
[ 2259.903156] head:00000000d0fa8efa order:1 compound_mapcount:0 compound_pincount:0
[ 2259.904050] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.904937] raw: 0017ffffc0010200 ffffea00043f4c00 dead000000000006 ffff888100041b40
[ 2259.905861] raw: ffff888120614600 000000008010000e 00000001ffffffff 0000000000000000
[ 2259.906782] page dumped because: kasan: bad access detected
[ 2259.907451]
[ 2259.907658] Memory state around the buggy address:
[ 2259.908244] ffff888120614780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.909104] ffff888120614800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.909968] >ffff888120614880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 2259.910830] ^
[ 2259.911566] ffff888120614900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.912432] ffff888120614980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.913294] ==================================================================
[ 2259.914169] ==================================================================
[ 2259.915036] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2259.916074] Write of size 1 at addr ffff8881206148ea by task kunit_try_catch/48013
[ 2259.916976]
[ 2259.917183] CPU: 1 PID: 48013 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.918803] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.919500] Call Trace:
[ 2259.919812]
[ 2259.920087] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2259.920819] dump_stack_lvl+0x57/0x81
[ 2259.921277] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.921975] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2259.922703] print_report.cold+0x5c/0x237
[ 2259.923198] kasan_report+0xc9/0x100
[ 2259.923650] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2259.924379] krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2259.925087] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2259.925698] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.926276] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.926850] ? lock_acquire+0x4ea/0x620
[ 2259.927328] ? rcu_read_unlock+0x40/0x40
[ 2259.927812] ? rcu_read_unlock+0x40/0x40
[ 2259.928296] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.928872] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.929548] ? do_raw_spin_lock+0x270/0x270
[ 2259.930061] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2259.930805] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2259.931409] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.932029] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.932628] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.933247] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.933990] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.934616] kthread+0x2a4/0x350
[ 2259.935021] ? kthread_complete_and_exit+0x20/0x20
[ 2259.935609] ret_from_fork+0x1f/0x30
[ 2259.936062]
[ 2259.936347]
[ 2259.936554] Allocated by task 48013:
[ 2259.936994] kasan_save_stack+0x1e/0x40
[ 2259.937469] __kasan_krealloc+0xee/0x160
[ 2259.937956] krealloc+0x50/0xe0
[ 2259.938355] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 2259.939058] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.939656] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.940395] kthread+0x2a4/0x350
[ 2259.940799] ret_from_fork+0x1f/0x30
[ 2259.941245]
[ 2259.941453] The buggy address belongs to the object at ffff888120614800
[ 2259.941453] which belongs to the cache kmalloc-256 of size 256
[ 2259.942916] The buggy address is located 234 bytes inside of
[ 2259.942916] 256-byte region [ffff888120614800, ffff888120614900)
[ 2259.944302]
[ 2259.944509] The buggy address belongs to the physical page:
[ 2259.945176] page:00000000d0fa8efa refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888120614600 pfn:0x120614
[ 2259.946438] head:00000000d0fa8efa order:1 compound_mapcount:0 compound_pincount:0
[ 2259.947334] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.948221] raw: 0017ffffc0010200 ffffea00043f4c00 dead000000000006 ffff888100041b40
[ 2259.949138] raw: ffff888120614600 000000008010000e 00000001ffffffff 0000000000000000
[ 2259.950057] page dumped because: kasan: bad access detected
[ 2259.950725]
[ 2259.950931] Memory state around the buggy address:
[ 2259.951517] ffff888120614780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.952382] ffff888120614800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.953244] >ffff888120614880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 2259.954102] ^
[ 2259.954896] ffff888120614900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.955759] ffff888120614980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.956623] ==================================================================
[ 2259.957502] ==================================================================
[ 2259.958367] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2259.959405] Write of size 1 at addr ffff8881206148eb by task kunit_try_catch/48013
[ 2259.960309]
[ 2259.960515] CPU: 1 PID: 48013 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2259.962116] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2259.962812] Call Trace:
[ 2259.963122]
[ 2259.963403] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2259.964128] dump_stack_lvl+0x57/0x81
[ 2259.964584] print_address_description.constprop.0+0x1f/0x1e0
[ 2259.965283] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2259.966007] print_report.cold+0x5c/0x237
[ 2259.966504] kasan_report+0xc9/0x100
[ 2259.966952] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2259.967682] krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2259.968398] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2259.969002] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.969586] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.970159] ? lock_acquire+0x4ea/0x620
[ 2259.970638] ? rcu_read_unlock+0x40/0x40
[ 2259.971119] ? rcu_read_unlock+0x40/0x40
[ 2259.971605] ? rcu_read_lock_sched_held+0x12/0x80
[ 2259.972183] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2259.972860] ? do_raw_spin_lock+0x270/0x270
[ 2259.973380] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2259.974117] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2259.974722] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2259.975344] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.975940] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2259.976562] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.977302] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2259.977926] kthread+0x2a4/0x350
[ 2259.978336] ? kthread_complete_and_exit+0x20/0x20
[ 2259.978921] ret_from_fork+0x1f/0x30
[ 2259.979378]
[ 2259.979661]
[ 2259.979867] Allocated by task 48013:
[ 2259.980311] kasan_save_stack+0x1e/0x40
[ 2259.980784] __kasan_krealloc+0xee/0x160
[ 2259.981266] krealloc+0x50/0xe0
[ 2259.981662] krealloc_less_oob_helper+0x1d9/0xa20 [test_kasan]
[ 2259.982372] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2259.982969] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2259.983705] kthread+0x2a4/0x350
[ 2259.984109] ret_from_fork+0x1f/0x30
[ 2259.984560]
[ 2259.984766] The buggy address belongs to the object at ffff888120614800
[ 2259.984766] which belongs to the cache kmalloc-256 of size 256
[ 2259.986231] The buggy address is located 235 bytes inside of
[ 2259.986231] 256-byte region [ffff888120614800, ffff888120614900)
[ 2259.987607]
[ 2259.987814] The buggy address belongs to the physical page:
[ 2259.988481] page:00000000d0fa8efa refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888120614600 pfn:0x120614
[ 2259.989742] head:00000000d0fa8efa order:1 compound_mapcount:0 compound_pincount:0
[ 2259.990637] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2259.991521] raw: 0017ffffc0010200 ffffea00043f4c00 dead000000000006 ffff888100041b40
[ 2259.992446] raw: ffff888120614600 000000008010000e 00000001ffffffff 0000000000000000
[ 2259.993371] page dumped because: kasan: bad access detected
[ 2259.994036]
[ 2259.994246] Memory state around the buggy address:
[ 2259.994827] ffff888120614780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.995692] ffff888120614800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2259.996559] >ffff888120614880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc
[ 2259.997426] ^
[ 2259.998217] ffff888120614900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.999078] ffff888120614980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2259.999942] ==================================================================
[ 2260.000853] ok 11 - krealloc_less_oob
[ 2260.007430] ==================================================================
[ 2260.008804] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2260.009838] Write of size 1 at addr ffff88810d0260eb by task kunit_try_catch/48014
[ 2260.010737]
[ 2260.010944] CPU: 0 PID: 48014 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.012541] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.013232] Call Trace:
[ 2260.013542]
[ 2260.013815] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2260.014539] dump_stack_lvl+0x57/0x81
[ 2260.014992] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.015688] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2260.016412] print_report.cold+0x5c/0x237
[ 2260.016906] kasan_report+0xc9/0x100
[ 2260.017352] ? krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2260.018076] krealloc_more_oob_helper+0x5c3/0x610 [test_kasan]
[ 2260.018785] ? krealloc_less_oob+0x10/0x10 [test_kasan]
[ 2260.019419] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.019992] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.020568] ? lock_acquire+0x4ea/0x620
[ 2260.021041] ? rcu_read_unlock+0x40/0x40
[ 2260.021524] ? rcu_read_unlock+0x40/0x40
[ 2260.022003] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.022580] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.023253] ? do_raw_spin_lock+0x270/0x270
[ 2260.023765] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2260.024501] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.025099] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.025719] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.026316] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.026928] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.027664] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.028288] kthread+0x2a4/0x350
[ 2260.028694] ? kthread_complete_and_exit+0x20/0x20
[ 2260.029278] ret_from_fork+0x1f/0x30
[ 2260.029731]
[ 2260.030013]
[ 2260.030221] The buggy address belongs to the physical page:
[ 2260.030886] page:00000000399b44ae refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d024
[ 2260.031994] head:00000000399b44ae order:2 compound_mapcount:0 compound_pincount:0
[ 2260.032882] flags: 0x17ffffc0010000(head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.033711] raw: 0017ffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2260.034629] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2260.035543] page dumped because: kasan: bad access detected
[ 2260.036208]
[ 2260.036414] Memory state around the buggy address:
[ 2260.036993] ffff88810d025f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.037851] ffff88810d026000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.038711] >ffff88810d026080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[ 2260.039568] ^
[ 2260.040355] ffff88810d026100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.041213] ffff88810d026180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.042067] ==================================================================
[ 2260.042967] ==================================================================
[ 2260.043831] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2260.044860] Write of size 1 at addr ffff88810d0260f0 by task kunit_try_catch/48014
[ 2260.045757]
[ 2260.045964] CPU: 0 PID: 48014 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.047559] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.048251] Call Trace:
[ 2260.048562]
[ 2260.048835] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2260.049561] dump_stack_lvl+0x57/0x81
[ 2260.050013] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.050712] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2260.051434] print_report.cold+0x5c/0x237
[ 2260.051928] kasan_report+0xc9/0x100
[ 2260.052374] ? krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2260.053098] krealloc_more_oob_helper+0x5b6/0x610 [test_kasan]
[ 2260.053836] ? krealloc_less_oob+0x10/0x10 [test_kasan]
[ 2260.054543] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.055159] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.055733] ? lock_acquire+0x4ea/0x620
[ 2260.056206] ? rcu_read_unlock+0x40/0x40
[ 2260.056685] ? rcu_read_unlock+0x40/0x40
[ 2260.057162] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.057737] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.058408] ? do_raw_spin_lock+0x270/0x270
[ 2260.058920] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2260.059654] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.060255] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.060870] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.061464] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.062077] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.062812] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.063434] kthread+0x2a4/0x350
[ 2260.063837] ? kthread_complete_and_exit+0x20/0x20
[ 2260.064420] ret_from_fork+0x1f/0x30
[ 2260.064871]
[ 2260.065151]
[ 2260.065360] The buggy address belongs to the physical page:
[ 2260.066021] page:00000000399b44ae refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d024
[ 2260.067121] head:00000000399b44ae order:2 compound_mapcount:0 compound_pincount:0
[ 2260.068006] flags: 0x17ffffc0010000(head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.068834] raw: 0017ffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2260.069750] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2260.070663] page dumped because: kasan: bad access detected
[ 2260.071327]
[ 2260.071532] Memory state around the buggy address:
[ 2260.072108] ffff88810d025f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.072966] ffff88810d026000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.073821] >ffff88810d026080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe
[ 2260.074677] ^
[ 2260.075490] ffff88810d026100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.076351] ffff88810d026180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.077208] ==================================================================
[ 2260.078371] ok 12 - krealloc_pagealloc_more_oob
[ 2260.078608] ==================================================================
[ 2260.080081] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2260.081118] Write of size 1 at addr ffff88810d0260c9 by task kunit_try_catch/48015
[ 2260.082019]
[ 2260.082230] CPU: 0 PID: 48015 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.083825] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.084517] Call Trace:
[ 2260.084834]
[ 2260.085108] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2260.085834] dump_stack_lvl+0x57/0x81
[ 2260.086290] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.086983] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2260.087709] print_report.cold+0x5c/0x237
[ 2260.088209] kasan_report+0xc9/0x100
[ 2260.088654] ? krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2260.089382] krealloc_less_oob_helper+0x9f1/0xa20 [test_kasan]
[ 2260.090091] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2260.090696] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.091272] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.091846] ? lock_acquire+0x4ea/0x620
[ 2260.092319] ? rcu_read_unlock+0x40/0x40
[ 2260.092801] ? rcu_read_unlock+0x40/0x40
[ 2260.093284] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.093858] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.094532] ? do_raw_spin_lock+0x270/0x270
[ 2260.095043] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2260.095783] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.096389] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.097006] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.097603] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.098221] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.098956] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.099581] kthread+0x2a4/0x350
[ 2260.099985] ? kthread_complete_and_exit+0x20/0x20
[ 2260.100569] ret_from_fork+0x1f/0x30
[ 2260.101021]
[ 2260.101306]
[ 2260.101513] The buggy address belongs to the physical page:
[ 2260.102179] page:00000000399b44ae refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d024
[ 2260.103287] head:00000000399b44ae order:2 compound_mapcount:0 compound_pincount:0
[ 2260.104177] flags: 0x17ffffc0010000(head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.105005] raw: 0017ffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2260.105921] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2260.106836] page dumped because: kasan: bad access detected
[ 2260.107502]
[ 2260.107708] Memory state around the buggy address:
[ 2260.108289] ffff88810d025f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.109146] ffff88810d026000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.110006] >ffff88810d026080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 2260.110863] ^
[ 2260.111532] ffff88810d026100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.112391] ffff88810d026180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.113250] ==================================================================
[ 2260.114148] ==================================================================
[ 2260.115014] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2260.116053] Write of size 1 at addr ffff88810d0260d0 by task kunit_try_catch/48015
[ 2260.116954]
[ 2260.117161] CPU: 0 PID: 48015 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.118764] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.119464] Call Trace:
[ 2260.119774]
[ 2260.120048] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2260.120777] dump_stack_lvl+0x57/0x81
[ 2260.121235] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.121930] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2260.122658] print_report.cold+0x5c/0x237
[ 2260.123151] kasan_report+0xc9/0x100
[ 2260.123602] ? krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2260.124330] krealloc_less_oob_helper+0x9e0/0xa20 [test_kasan]
[ 2260.125038] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2260.125642] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.126219] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.126793] ? lock_acquire+0x4ea/0x620
[ 2260.127271] ? rcu_read_unlock+0x40/0x40
[ 2260.127753] ? rcu_read_unlock+0x40/0x40
[ 2260.128237] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.128813] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.129490] ? do_raw_spin_lock+0x270/0x270
[ 2260.130002] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2260.130741] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.131343] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.131960] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.132557] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.133170] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.133905] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.134528] kthread+0x2a4/0x350
[ 2260.134931] ? kthread_complete_and_exit+0x20/0x20
[ 2260.135517] ret_from_fork+0x1f/0x30
[ 2260.135971]
[ 2260.136255]
[ 2260.136461] The buggy address belongs to the physical page:
[ 2260.137124] page:00000000399b44ae refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d024
[ 2260.138228] head:00000000399b44ae order:2 compound_mapcount:0 compound_pincount:0
[ 2260.139114] flags: 0x17ffffc0010000(head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.139940] raw: 0017ffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2260.140862] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2260.141777] page dumped because: kasan: bad access detected
[ 2260.142442]
[ 2260.142648] Memory state around the buggy address:
[ 2260.143228] ffff88810d025f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.144086] ffff88810d026000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.144946] >ffff88810d026080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 2260.145805] ^
[ 2260.146506] ffff88810d026100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.147366] ffff88810d026180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.148225] ==================================================================
[ 2260.149137] ==================================================================
[ 2260.150002] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2260.151037] Write of size 1 at addr ffff88810d0260da by task kunit_try_catch/48015
[ 2260.151936]
[ 2260.152142] CPU: 0 PID: 48015 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.153746] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.154437] Call Trace:
[ 2260.154749]
[ 2260.155023] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2260.155750] dump_stack_lvl+0x57/0x81
[ 2260.156204] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.156897] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2260.157624] print_report.cold+0x5c/0x237
[ 2260.158118] kasan_report+0xc9/0x100
[ 2260.158565] ? krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2260.159294] krealloc_less_oob_helper+0x9cf/0xa20 [test_kasan]
[ 2260.160001] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2260.160604] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.161176] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.161754] ? lock_acquire+0x4ea/0x620
[ 2260.162227] ? rcu_read_unlock+0x40/0x40
[ 2260.162708] ? rcu_read_unlock+0x40/0x40
[ 2260.163187] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.163764] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.164437] ? do_raw_spin_lock+0x270/0x270
[ 2260.164950] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2260.165687] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.166292] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.166908] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.167503] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.168117] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.168852] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.169484] kthread+0x2a4/0x350
[ 2260.169888] ? kthread_complete_and_exit+0x20/0x20
[ 2260.170473] ret_from_fork+0x1f/0x30
[ 2260.170924]
[ 2260.171208]
[ 2260.171415] The buggy address belongs to the physical page:
[ 2260.172078] page:00000000399b44ae refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d024
[ 2260.173182] head:00000000399b44ae order:2 compound_mapcount:0 compound_pincount:0
[ 2260.174068] flags: 0x17ffffc0010000(head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.174894] raw: 0017ffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2260.175813] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2260.176725] page dumped because: kasan: bad access detected
[ 2260.177392]
[ 2260.177598] Memory state around the buggy address:
[ 2260.178174] ffff88810d025f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.179034] ffff88810d026000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.179894] >ffff88810d026080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 2260.180752] ^
[ 2260.181482] ffff88810d026100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.182341] ffff88810d026180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.183201] ==================================================================
[ 2260.184083] ==================================================================
[ 2260.184954] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2260.185987] Write of size 1 at addr ffff88810d0260ea by task kunit_try_catch/48015
[ 2260.186885]
[ 2260.187091] CPU: 0 PID: 48015 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.188690] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.189383] Call Trace:
[ 2260.189693]
[ 2260.189966] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2260.190692] dump_stack_lvl+0x57/0x81
[ 2260.191144] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.191840] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2260.192564] print_report.cold+0x5c/0x237
[ 2260.193058] kasan_report+0xc9/0x100
[ 2260.193507] ? krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2260.194235] krealloc_less_oob_helper+0x9c2/0xa20 [test_kasan]
[ 2260.194940] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2260.195547] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.196119] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.196695] ? lock_acquire+0x4ea/0x620
[ 2260.197166] ? rcu_read_unlock+0x40/0x40
[ 2260.197649] ? rcu_read_unlock+0x40/0x40
[ 2260.198127] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.198705] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.199379] ? do_raw_spin_lock+0x270/0x270
[ 2260.199890] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2260.200631] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.201234] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.201854] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.202453] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.203065] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.203801] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.204425] kthread+0x2a4/0x350
[ 2260.204829] ? kthread_complete_and_exit+0x20/0x20
[ 2260.205415] ret_from_fork+0x1f/0x30
[ 2260.205866]
[ 2260.206149]
[ 2260.206360] The buggy address belongs to the physical page:
[ 2260.207022] page:00000000399b44ae refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d024
[ 2260.208123] head:00000000399b44ae order:2 compound_mapcount:0 compound_pincount:0
[ 2260.209009] flags: 0x17ffffc0010000(head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.209836] raw: 0017ffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2260.210754] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2260.211669] page dumped because: kasan: bad access detected
[ 2260.212333]
[ 2260.212539] Memory state around the buggy address:
[ 2260.213116] ffff88810d025f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.213975] ffff88810d026000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.214836] >ffff88810d026080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 2260.215697] ^
[ 2260.216483] ffff88810d026100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.217340] ffff88810d026180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.218199] ==================================================================
[ 2260.219070] ==================================================================
[ 2260.219938] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2260.220972] Write of size 1 at addr ffff88810d0260eb by task kunit_try_catch/48015
[ 2260.221873]
[ 2260.222080] CPU: 0 PID: 48015 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.223676] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.224368] Call Trace:
[ 2260.224679]
[ 2260.224952] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2260.225680] dump_stack_lvl+0x57/0x81
[ 2260.226134] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.226830] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2260.227558] print_report.cold+0x5c/0x237
[ 2260.228050] kasan_report+0xc9/0x100
[ 2260.228498] ? krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2260.229226] krealloc_less_oob_helper+0x9b5/0xa20 [test_kasan]
[ 2260.229931] ? krealloc_uaf+0x450/0x450 [test_kasan]
[ 2260.230538] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.231110] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.231686] ? lock_acquire+0x4ea/0x620
[ 2260.232157] ? rcu_read_unlock+0x40/0x40
[ 2260.232644] ? rcu_read_unlock+0x40/0x40
[ 2260.233122] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.233701] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.234373] ? do_raw_spin_lock+0x270/0x270
[ 2260.234885] ? kunit_binary_str_assert_format+0x3e0/0x3e0 [kunit]
[ 2260.235623] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.236225] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.236843] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.237439] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.238056] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.238795] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.239420] kthread+0x2a4/0x350
[ 2260.239822] ? kthread_complete_and_exit+0x20/0x20
[ 2260.240411] ret_from_fork+0x1f/0x30
[ 2260.240863]
[ 2260.241144]
[ 2260.241353] The buggy address belongs to the physical page:
[ 2260.242017] page:00000000399b44ae refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d024
[ 2260.243271] head:00000000399b44ae order:2 compound_mapcount:0 compound_pincount:0
[ 2260.244158] flags: 0x17ffffc0010000(head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.244985] raw: 0017ffffc0010000 0000000000000000 dead000000000122 0000000000000000
[ 2260.245903] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2260.246822] page dumped because: kasan: bad access detected
[ 2260.247491]
[ 2260.247696] Memory state around the buggy address:
[ 2260.248277] ffff88810d025f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.249133] ffff88810d026000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.249994] >ffff88810d026080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe
[ 2260.250853] ^
[ 2260.251642] ffff88810d026100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.252501] ffff88810d026180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 2260.253360] ==================================================================
[ 2260.256909] ok 13 - krealloc_pagealloc_less_oob
[ 2260.257104] ==================================================================
[ 2260.258581] BUG: KASAN: use-after-free in krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 2260.259463] Read of size 1 at addr ffff888101559600 by task kunit_try_catch/48016
[ 2260.260354]
[ 2260.260561] CPU: 0 PID: 48016 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.262157] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.262848] Call Trace:
[ 2260.263157]
[ 2260.263433] ? krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 2260.264038] dump_stack_lvl+0x57/0x81
[ 2260.264493] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.265189] ? krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 2260.265794] print_report.cold+0x5c/0x237
[ 2260.266290] kasan_report+0xc9/0x100
[ 2260.266741] ? krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 2260.267346] ? krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 2260.267947] __kasan_check_byte+0x36/0x50
[ 2260.268442] krealloc+0x2e/0xe0
[ 2260.268839] krealloc_uaf+0x1c7/0x450 [test_kasan]
[ 2260.269425] ? kmalloc_memmove_negative_size+0x290/0x290 [test_kasan]
[ 2260.270197] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.270770] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.271347] ? lock_acquire+0x4ea/0x620
[ 2260.271819] ? rcu_read_unlock+0x40/0x40
[ 2260.272303] ? rcu_read_unlock+0x40/0x40
[ 2260.272781] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.273358] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.274026] ? do_raw_spin_lock+0x270/0x270
[ 2260.274543] ? trace_hardirqs_on+0x2d/0x160
[ 2260.275053] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.275656] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.276276] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.276869] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.277487] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.278222] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.278841] kthread+0x2a4/0x350
[ 2260.279248] ? kthread_complete_and_exit+0x20/0x20
[ 2260.279832] ret_from_fork+0x1f/0x30
[ 2260.280286]
[ 2260.280568]
[ 2260.280774] Allocated by task 48016:
[ 2260.281217] kasan_save_stack+0x1e/0x40
[ 2260.281686] __kasan_kmalloc+0x81/0xa0
[ 2260.282145] krealloc_uaf+0xaa/0x450 [test_kasan]
[ 2260.282720] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.283315] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.284046] kthread+0x2a4/0x350
[ 2260.284452] ret_from_fork+0x1f/0x30
[ 2260.284893]
[ 2260.285099] Freed by task 48016:
[ 2260.285504] kasan_save_stack+0x1e/0x40
[ 2260.285973] kasan_set_track+0x21/0x30
[ 2260.286435] kasan_set_free_info+0x20/0x40
[ 2260.286932] __kasan_slab_free+0x108/0x170
[ 2260.287434] slab_free_freelist_hook+0x11d/0x1d0
[ 2260.287997] kfree+0xe2/0x3c0
[ 2260.288374] krealloc_uaf+0x147/0x450 [test_kasan]
[ 2260.288956] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.289551] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.290288] kthread+0x2a4/0x350
[ 2260.290689] ret_from_fork+0x1f/0x30
[ 2260.291129]
[ 2260.291337] The buggy address belongs to the object at ffff888101559600
[ 2260.291337] which belongs to the cache kmalloc-256 of size 256
[ 2260.292806] The buggy address is located 0 bytes inside of
[ 2260.292806] 256-byte region [ffff888101559600, ffff888101559700)
[ 2260.294156]
[ 2260.294364] The buggy address belongs to the physical page:
[ 2260.295025] page:000000007f4612ec refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101558
[ 2260.296129] head:000000007f4612ec order:1 compound_mapcount:0 compound_pincount:0
[ 2260.297015] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.297898] raw: 0017ffffc0010200 ffffea00061d9980 dead000000000003 ffff888100041b40
[ 2260.298817] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2260.299732] page dumped because: kasan: bad access detected
[ 2260.300397]
[ 2260.300603] Memory state around the buggy address:
[ 2260.301180] ffff888101559500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.302042] ffff888101559580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.302901] >ffff888101559600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2260.303760] ^
[ 2260.304161] ffff888101559680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2260.305023] ffff888101559700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.305881] ==================================================================
[ 2260.306772] ==================================================================
[ 2260.307639] BUG: KASAN: use-after-free in krealloc_uaf+0x42e/0x450 [test_kasan]
[ 2260.308515] Read of size 1 at addr ffff888101559600 by task kunit_try_catch/48016
[ 2260.309407]
[ 2260.309613] CPU: 0 PID: 48016 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.311211] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.311906] Call Trace:
[ 2260.312219]
[ 2260.312492] ? krealloc_uaf+0x42e/0x450 [test_kasan]
[ 2260.313093] dump_stack_lvl+0x57/0x81
[ 2260.313550] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.314247] ? krealloc_uaf+0x42e/0x450 [test_kasan]
[ 2260.314850] print_report.cold+0x5c/0x237
[ 2260.315348] kasan_report+0xc9/0x100
[ 2260.315793] ? krealloc_uaf+0x42e/0x450 [test_kasan]
[ 2260.316401] krealloc_uaf+0x42e/0x450 [test_kasan]
[ 2260.316984] ? kmalloc_memmove_negative_size+0x290/0x290 [test_kasan]
[ 2260.317754] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.318331] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.318903] ? lock_acquire+0x4ea/0x620
[ 2260.319376] ? rcu_read_unlock+0x40/0x40
[ 2260.319859] ? rcu_read_unlock+0x40/0x40
[ 2260.320348] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.320922] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.321596] ? do_raw_spin_lock+0x270/0x270
[ 2260.322108] ? kunit_ptr_not_err_assert_format+0x210/0x210 [kunit]
[ 2260.322856] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.323458] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.324074] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.324669] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.325287] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.326019] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.326643] kthread+0x2a4/0x350
[ 2260.327046] ? kthread_complete_and_exit+0x20/0x20
[ 2260.327630] ret_from_fork+0x1f/0x30
[ 2260.328082]
[ 2260.328366]
[ 2260.328572] Allocated by task 48016:
[ 2260.329009] kasan_save_stack+0x1e/0x40
[ 2260.329482] __kasan_kmalloc+0x81/0xa0
[ 2260.329941] krealloc_uaf+0xaa/0x450 [test_kasan]
[ 2260.330518] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.331110] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.331842] kthread+0x2a4/0x350
[ 2260.332250] ret_from_fork+0x1f/0x30
[ 2260.332691]
[ 2260.332897] Freed by task 48016:
[ 2260.333301] kasan_save_stack+0x1e/0x40
[ 2260.333770] kasan_set_track+0x21/0x30
[ 2260.334232] kasan_set_free_info+0x20/0x40
[ 2260.334731] __kasan_slab_free+0x108/0x170
[ 2260.335231] slab_free_freelist_hook+0x11d/0x1d0
[ 2260.335793] kfree+0xe2/0x3c0
[ 2260.336167] krealloc_uaf+0x147/0x450 [test_kasan]
[ 2260.336750] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.337347] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.338077] kthread+0x2a4/0x350
[ 2260.338482] ret_from_fork+0x1f/0x30
[ 2260.338926]
[ 2260.339131] The buggy address belongs to the object at ffff888101559600
[ 2260.339131] which belongs to the cache kmalloc-256 of size 256
[ 2260.340591] The buggy address is located 0 bytes inside of
[ 2260.340591] 256-byte region [ffff888101559600, ffff888101559700)
[ 2260.341942]
[ 2260.342148] The buggy address belongs to the physical page:
[ 2260.342811] page:000000007f4612ec refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101558
[ 2260.343917] head:000000007f4612ec order:1 compound_mapcount:0 compound_pincount:0
[ 2260.344806] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.345685] raw: 0017ffffc0010200 ffffea00061d9980 dead000000000003 ffff888100041b40
[ 2260.346605] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2260.347521] page dumped because: kasan: bad access detected
[ 2260.348182]
[ 2260.348391] Memory state around the buggy address:
[ 2260.348969] ffff888101559500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.349830] ffff888101559580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.350693] >ffff888101559600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2260.351554] ^
[ 2260.351957] ffff888101559680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2260.352818] ffff888101559700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.353679] ==================================================================
[ 2260.354595] ok 14 - krealloc_uaf
[ 2260.354802] ==================================================================
[ 2260.356121] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 2260.357054] Write of size 16 at addr ffff888106f990a0 by task kunit_try_catch/48017
[ 2260.357964]
[ 2260.358171] CPU: 0 PID: 48017 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.359775] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.360470] Call Trace:
[ 2260.360781]
[ 2260.361053] ? kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 2260.361679] dump_stack_lvl+0x57/0x81
[ 2260.362140] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.362837] ? kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 2260.363462] print_report.cold+0x5c/0x237
[ 2260.363956] kasan_report+0xc9/0x100
[ 2260.364407] ? kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 2260.365029] kmalloc_oob_16+0x399/0x3b0 [test_kasan]
[ 2260.365636] ? kmalloc_uaf_16+0x3b0/0x3b0 [test_kasan]
[ 2260.366262] ? do_raw_spin_trylock+0xb5/0x180
[ 2260.366798] ? do_raw_spin_lock+0x270/0x270
[ 2260.367318] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.367988] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.368592] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.369212] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.369805] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.370420] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.371153] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.371779] kthread+0x2a4/0x350
[ 2260.372183] ? kthread_complete_and_exit+0x20/0x20
[ 2260.372769] ret_from_fork+0x1f/0x30
[ 2260.373224]
[ 2260.373507]
[ 2260.373713] Allocated by task 48017:
[ 2260.374153] kasan_save_stack+0x1e/0x40
[ 2260.374625] __kasan_kmalloc+0x81/0xa0
[ 2260.375084] kmalloc_oob_16+0xa4/0x3b0 [test_kasan]
[ 2260.375684] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.376279] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.377012] kthread+0x2a4/0x350
[ 2260.377419] ret_from_fork+0x1f/0x30
[ 2260.377859]
[ 2260.378064] The buggy address belongs to the object at ffff888106f990a0
[ 2260.378064] which belongs to the cache kmalloc-16 of size 16
[ 2260.379504] The buggy address is located 0 bytes inside of
[ 2260.379504] 16-byte region [ffff888106f990a0, ffff888106f990b0)
[ 2260.380845]
[ 2260.381051] The buggy address belongs to the physical page:
[ 2260.381717] page:000000000eca2656 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888106f99d80 pfn:0x106f99
[ 2260.382967] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.383797] raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 2260.384717] raw: ffff888106f99d80 000000008080007f 00000001ffffffff 0000000000000000
[ 2260.385633] page dumped because: kasan: bad access detected
[ 2260.386300]
[ 2260.386506] Memory state around the buggy address:
[ 2260.387081] ffff888106f98f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.387937] ffff888106f99000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2260.388800] >ffff888106f99080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc
[ 2260.389660] ^
[ 2260.390213] ffff888106f99100: fa fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2260.391080] ffff888106f99180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2260.391941] ==================================================================
[ 2260.392882] ok 15 - kmalloc_oob_16
[ 2260.393057] ==================================================================
[ 2260.394392] BUG: KASAN: use-after-free in kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 2260.395289] Read of size 16 at addr ffff888106f99d20 by task kunit_try_catch/48018
[ 2260.396183]
[ 2260.396393] CPU: 0 PID: 48018 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.397990] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.398684] Call Trace:
[ 2260.398994]
[ 2260.399270] ? kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 2260.399892] dump_stack_lvl+0x57/0x81
[ 2260.400348] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.401041] ? kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 2260.401664] print_report.cold+0x5c/0x237
[ 2260.402157] kasan_report+0xc9/0x100
[ 2260.402604] ? kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 2260.403227] kmalloc_uaf_16+0x38a/0x3b0 [test_kasan]
[ 2260.403830] ? kmalloc_uaf+0x2b0/0x2b0 [test_kasan]
[ 2260.404425] ? do_raw_spin_trylock+0xb5/0x180
[ 2260.404962] ? do_raw_spin_lock+0x270/0x270
[ 2260.405480] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.406151] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.406756] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.407375] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.407970] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.408586] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.409323] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.409945] kthread+0x2a4/0x350
[ 2260.410351] ? kthread_complete_and_exit+0x20/0x20
[ 2260.410935] ret_from_fork+0x1f/0x30
[ 2260.411389]
[ 2260.411672]
[ 2260.411877] Allocated by task 48018:
[ 2260.412319] kasan_save_stack+0x1e/0x40
[ 2260.412789] __kasan_kmalloc+0x81/0xa0
[ 2260.413253] kmalloc_uaf_16+0x15d/0x3b0 [test_kasan]
[ 2260.413855] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.414453] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.415186] kthread+0x2a4/0x350
[ 2260.415594] ret_from_fork+0x1f/0x30
[ 2260.416035]
[ 2260.416243] Freed by task 48018:
[ 2260.416643] kasan_save_stack+0x1e/0x40
[ 2260.417112] kasan_set_track+0x21/0x30
[ 2260.417575] kasan_set_free_info+0x20/0x40
[ 2260.418072] __kasan_slab_free+0x108/0x170
[ 2260.418571] slab_free_freelist_hook+0x11d/0x1d0
[ 2260.419134] kfree+0xe2/0x3c0
[ 2260.419511] kmalloc_uaf_16+0x1e8/0x3b0 [test_kasan]
[ 2260.420112] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.420705] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.421439] kthread+0x2a4/0x350
[ 2260.421841] ret_from_fork+0x1f/0x30
[ 2260.422287]
[ 2260.422492] The buggy address belongs to the object at ffff888106f99d20
[ 2260.422492] which belongs to the cache kmalloc-16 of size 16
[ 2260.423930] The buggy address is located 0 bytes inside of
[ 2260.423930] 16-byte region [ffff888106f99d20, ffff888106f99d30)
[ 2260.425277]
[ 2260.425483] The buggy address belongs to the physical page:
[ 2260.426145] page:000000000eca2656 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888106f99d80 pfn:0x106f99
[ 2260.427405] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.428233] raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 2260.429149] raw: ffff888106f99d80 000000008080007f 00000001ffffffff 0000000000000000
[ 2260.430063] page dumped because: kasan: bad access detected
[ 2260.430732]
[ 2260.430938] Memory state around the buggy address:
[ 2260.431522] ffff888106f99c00: fa fb fc fc fb fb fc fc fa fb fc fc fa fb fc fc
[ 2260.432383] ffff888106f99c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2260.433246] >ffff888106f99d00: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc
[ 2260.434101] ^
[ 2260.434625] ffff888106f99d80: fb fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2260.435488] ffff888106f99e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2260.436347] ==================================================================
[ 2260.437250] ok 16 - kmalloc_uaf_16
[ 2260.437439] ==================================================================
[ 2260.438773] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 2260.439780] Write of size 128 at addr ffff8881087be600 by task kunit_try_catch/48019
[ 2260.440697]
[ 2260.440903] CPU: 0 PID: 48019 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.442504] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.443196] Call Trace:
[ 2260.443507]
[ 2260.443780] ? kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 2260.444480] dump_stack_lvl+0x57/0x81
[ 2260.444933] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.445629] ? kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 2260.446325] print_report.cold+0x5c/0x237
[ 2260.446817] kasan_report+0xc9/0x100
[ 2260.447266] ? kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 2260.447960] kasan_check_range+0xfd/0x1e0
[ 2260.448454] memset+0x20/0x50
[ 2260.448835] kmalloc_oob_in_memset+0x1b3/0x280 [test_kasan]
[ 2260.449506] ? kmalloc_oob_memset_2+0x290/0x290 [test_kasan]
[ 2260.450194] ? do_raw_spin_trylock+0xb5/0x180
[ 2260.450729] ? do_raw_spin_lock+0x270/0x270
[ 2260.451245] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.451916] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.452520] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.453138] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.453733] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.454351] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.455082] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.455705] kthread+0x2a4/0x350
[ 2260.456108] ? kthread_complete_and_exit+0x20/0x20
[ 2260.456692] ret_from_fork+0x1f/0x30
[ 2260.457143]
[ 2260.457428]
[ 2260.457634] Allocated by task 48019:
[ 2260.458075] kasan_save_stack+0x1e/0x40
[ 2260.458547] __kasan_kmalloc+0x81/0xa0
[ 2260.459006] kmalloc_oob_in_memset+0x9c/0x280 [test_kasan]
[ 2260.459667] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.460270] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.461000] kthread+0x2a4/0x350
[ 2260.461405] ret_from_fork+0x1f/0x30
[ 2260.461846]
[ 2260.462051] The buggy address belongs to the object at ffff8881087be600
[ 2260.462051] which belongs to the cache kmalloc-128 of size 128
[ 2260.463511] The buggy address is located 0 bytes inside of
[ 2260.463511] 128-byte region [ffff8881087be600, ffff8881087be680)
[ 2260.464862]
[ 2260.465069] The buggy address belongs to the physical page:
[ 2260.465735] page:0000000012934fcb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1087be
[ 2260.466843] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.467670] raw: 0017ffffc0000200 ffffea0004439e00 dead000000000005 ffff8881000418c0
[ 2260.468587] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2260.469507] page dumped because: kasan: bad access detected
[ 2260.470169]
[ 2260.470378] Memory state around the buggy address:
[ 2260.470955] ffff8881087be500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2260.471815] ffff8881087be580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.472675] >ffff8881087be600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2260.473533] ^
[ 2260.474383] ffff8881087be680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.475248] ffff8881087be700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.476104] ==================================================================
[ 2260.477081] ok 17 - kmalloc_oob_in_memset
[ 2260.477260] ==================================================================
[ 2260.478665] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 2260.479654] Write of size 2 at addr ffff8881087be377 by task kunit_try_catch/48020
[ 2260.480554]
[ 2260.480762] CPU: 0 PID: 48020 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.482366] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.483056] Call Trace:
[ 2260.483369]
[ 2260.483643] ? kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 2260.484334] dump_stack_lvl+0x57/0x81
[ 2260.484787] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.485483] ? kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 2260.486168] print_report.cold+0x5c/0x237
[ 2260.486662] kasan_report+0xc9/0x100
[ 2260.487109] ? kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 2260.487797] kasan_check_range+0xfd/0x1e0
[ 2260.488293] memset+0x20/0x50
[ 2260.488670] kmalloc_oob_memset_2+0x1b6/0x290 [test_kasan]
[ 2260.489333] ? kmalloc_oob_memset_4+0x290/0x290 [test_kasan]
[ 2260.490021] ? do_raw_spin_trylock+0xb5/0x180
[ 2260.490560] ? do_raw_spin_lock+0x270/0x270
[ 2260.491075] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.491751] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.492356] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.492973] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.493572] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.494189] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.494922] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.495546] kthread+0x2a4/0x350
[ 2260.495949] ? kthread_complete_and_exit+0x20/0x20
[ 2260.496534] ret_from_fork+0x1f/0x30
[ 2260.496984]
[ 2260.497270]
[ 2260.497475] Allocated by task 48020:
[ 2260.497916] kasan_save_stack+0x1e/0x40
[ 2260.498388] __kasan_kmalloc+0x81/0xa0
[ 2260.498849] kmalloc_oob_memset_2+0x9c/0x290 [test_kasan]
[ 2260.499504] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.500097] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.500831] kthread+0x2a4/0x350
[ 2260.501238] ret_from_fork+0x1f/0x30
[ 2260.501679]
[ 2260.501885] The buggy address belongs to the object at ffff8881087be300
[ 2260.501885] which belongs to the cache kmalloc-128 of size 128
[ 2260.503345] The buggy address is located 119 bytes inside of
[ 2260.503345] 128-byte region [ffff8881087be300, ffff8881087be380)
[ 2260.504718]
[ 2260.504923] The buggy address belongs to the physical page:
[ 2260.505591] page:0000000012934fcb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1087be
[ 2260.506694] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.507521] raw: 0017ffffc0000200 ffffea0004439e00 dead000000000005 ffff8881000418c0
[ 2260.508438] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2260.509353] page dumped because: kasan: bad access detected
[ 2260.510017]
[ 2260.510225] Memory state around the buggy address:
[ 2260.510804] ffff8881087be200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.511670] ffff8881087be280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.512528] >ffff8881087be300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2260.513385] ^
[ 2260.514234] ffff8881087be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.515092] ffff8881087be400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2260.515951] ==================================================================
[ 2260.516875] ok 18 - kmalloc_oob_memset_2
[ 2260.517028] ==================================================================
[ 2260.518426] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 2260.519418] Write of size 4 at addr ffff8881087bee75 by task kunit_try_catch/48021
[ 2260.520318]
[ 2260.520525] CPU: 0 PID: 48021 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.522122] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.522816] Call Trace:
[ 2260.523127]
[ 2260.523405] ? kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 2260.524092] dump_stack_lvl+0x57/0x81
[ 2260.524549] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.525248] ? kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 2260.525934] print_report.cold+0x5c/0x237
[ 2260.526431] kasan_report+0xc9/0x100
[ 2260.526877] ? kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 2260.527569] kasan_check_range+0xfd/0x1e0
[ 2260.528060] memset+0x20/0x50
[ 2260.528440] kmalloc_oob_memset_4+0x1b6/0x290 [test_kasan]
[ 2260.529100] ? kmalloc_oob_memset_8+0x290/0x290 [test_kasan]
[ 2260.529788] ? do_raw_spin_trylock+0xb5/0x180
[ 2260.530327] ? do_raw_spin_lock+0x270/0x270
[ 2260.530841] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.531514] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.532114] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.532736] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.533333] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.533945] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.534681] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.535308] kthread+0x2a4/0x350
[ 2260.535713] ? kthread_complete_and_exit+0x20/0x20
[ 2260.536300] ret_from_fork+0x1f/0x30
[ 2260.536752]
[ 2260.537034]
[ 2260.537242] Allocated by task 48021:
[ 2260.537682] kasan_save_stack+0x1e/0x40
[ 2260.538150] __kasan_kmalloc+0x81/0xa0
[ 2260.538615] kmalloc_oob_memset_4+0x9c/0x290 [test_kasan]
[ 2260.539267] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.539859] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.540596] kthread+0x2a4/0x350
[ 2260.540999] ret_from_fork+0x1f/0x30
[ 2260.541443]
[ 2260.541648] The buggy address belongs to the object at ffff8881087bee00
[ 2260.541648] which belongs to the cache kmalloc-128 of size 128
[ 2260.543105] The buggy address is located 117 bytes inside of
[ 2260.543105] 128-byte region [ffff8881087bee00, ffff8881087bee80)
[ 2260.544486]
[ 2260.544691] The buggy address belongs to the physical page:
[ 2260.545358] page:0000000012934fcb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1087be
[ 2260.546465] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.547294] raw: 0017ffffc0000200 ffffea0004439e00 dead000000000005 ffff8881000418c0
[ 2260.548211] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2260.549123] page dumped because: kasan: bad access detected
[ 2260.549796]
[ 2260.550001] Memory state around the buggy address:
[ 2260.550583] ffff8881087bed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2260.551442] ffff8881087bed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.552301] >ffff8881087bee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2260.553158] ^
[ 2260.554013] ffff8881087bee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.554874] ffff8881087bef00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2260.555732] ==================================================================
[ 2260.556737] ok 19 - kmalloc_oob_memset_4
[ 2260.556891] ==================================================================
[ 2260.558292] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 2260.559282] Write of size 8 at addr ffff8881087be871 by task kunit_try_catch/48022
[ 2260.560186]
[ 2260.560393] CPU: 0 PID: 48022 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.561991] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.562687] Call Trace:
[ 2260.562997]
[ 2260.563273] ? kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 2260.563959] dump_stack_lvl+0x57/0x81
[ 2260.564416] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.565110] ? kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 2260.565795] print_report.cold+0x5c/0x237
[ 2260.566293] kasan_report+0xc9/0x100
[ 2260.566738] ? kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 2260.567427] kasan_check_range+0xfd/0x1e0
[ 2260.567917] memset+0x20/0x50
[ 2260.568298] kmalloc_oob_memset_8+0x1b6/0x290 [test_kasan]
[ 2260.568958] ? kmalloc_oob_memset_16+0x290/0x290 [test_kasan]
[ 2260.569656] ? do_raw_spin_trylock+0xb5/0x180
[ 2260.570194] ? do_raw_spin_lock+0x270/0x270
[ 2260.570707] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.571380] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.571981] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.572601] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.573198] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.573810] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.574545] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.575166] kthread+0x2a4/0x350
[ 2260.575573] ? kthread_complete_and_exit+0x20/0x20
[ 2260.576154] ret_from_fork+0x1f/0x30
[ 2260.576610]
[ 2260.576893]
[ 2260.577098] Allocated by task 48022:
[ 2260.577541] kasan_save_stack+0x1e/0x40
[ 2260.578010] __kasan_kmalloc+0x81/0xa0
[ 2260.578472] kmalloc_oob_memset_8+0x9c/0x290 [test_kasan]
[ 2260.579121] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.579716] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.580452] kthread+0x2a4/0x350
[ 2260.580856] ret_from_fork+0x1f/0x30
[ 2260.581301]
[ 2260.581506] The buggy address belongs to the object at ffff8881087be800
[ 2260.581506] which belongs to the cache kmalloc-128 of size 128
[ 2260.582961] The buggy address is located 113 bytes inside of
[ 2260.582961] 128-byte region [ffff8881087be800, ffff8881087be880)
[ 2260.584334]
[ 2260.584540] The buggy address belongs to the physical page:
[ 2260.585206] page:0000000012934fcb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1087be
[ 2260.586309] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.587132] raw: 0017ffffc0000200 ffffea0004439e00 dead000000000005 ffff8881000418c0
[ 2260.588047] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2260.588971] page dumped because: kasan: bad access detected
[ 2260.589637]
[ 2260.589844] Memory state around the buggy address:
[ 2260.590424] ffff8881087be700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.591281] ffff8881087be780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.592139] >ffff8881087be800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2260.593003] ^
[ 2260.593854] ffff8881087be880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.594713] ffff8881087be900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.595570] ==================================================================
[ 2260.596478] ok 20 - kmalloc_oob_memset_8
[ 2260.596627] ==================================================================
[ 2260.598022] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 2260.599034] Write of size 16 at addr ffff8881087beb69 by task kunit_try_catch/48023
[ 2260.599943]
[ 2260.600151] CPU: 0 PID: 48023 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.601748] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.602441] Call Trace:
[ 2260.602752]
[ 2260.603026] ? kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 2260.603725] dump_stack_lvl+0x57/0x81
[ 2260.604179] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.604879] ? kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 2260.605575] print_report.cold+0x5c/0x237
[ 2260.606117] kasan_report+0xc9/0x100
[ 2260.606568] ? kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 2260.607268] kasan_check_range+0xfd/0x1e0
[ 2260.607759] memset+0x20/0x50
[ 2260.608138] kmalloc_oob_memset_16+0x1b6/0x290 [test_kasan]
[ 2260.608810] ? kmalloc_uaf_memset+0x280/0x280 [test_kasan]
[ 2260.609473] ? do_raw_spin_trylock+0xb5/0x180
[ 2260.610008] ? do_raw_spin_lock+0x270/0x270
[ 2260.610525] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.611200] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.611799] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.612421] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.613098] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.613790] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.614527] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.615151] kthread+0x2a4/0x350
[ 2260.615558] ? kthread_complete_and_exit+0x20/0x20
[ 2260.616141] ret_from_fork+0x1f/0x30
[ 2260.616598]
[ 2260.616879]
[ 2260.617085] Allocated by task 48023:
[ 2260.617527] kasan_save_stack+0x1e/0x40
[ 2260.617997] __kasan_kmalloc+0x81/0xa0
[ 2260.618459] kmalloc_oob_memset_16+0x9c/0x290 [test_kasan]
[ 2260.619118] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.619714] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.620447] kthread+0x2a4/0x350
[ 2260.620851] ret_from_fork+0x1f/0x30
[ 2260.621295]
[ 2260.621501] The buggy address belongs to the object at ffff8881087beb00
[ 2260.621501] which belongs to the cache kmalloc-128 of size 128
[ 2260.622956] The buggy address is located 105 bytes inside of
[ 2260.622956] 128-byte region [ffff8881087beb00, ffff8881087beb80)
[ 2260.624336]
[ 2260.624542] The buggy address belongs to the physical page:
[ 2260.625207] page:0000000012934fcb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1087be
[ 2260.626312] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.627136] raw: 0017ffffc0000200 ffffea0004439e00 dead000000000005 ffff8881000418c0
[ 2260.628054] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2260.628973] page dumped because: kasan: bad access detected
[ 2260.629641]
[ 2260.629846] Memory state around the buggy address:
[ 2260.630428] ffff8881087bea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.631289] ffff8881087bea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.632146] >ffff8881087beb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2260.633003] ^
[ 2260.633851] ffff8881087beb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.634710] ffff8881087bec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2260.635567] ==================================================================
[ 2260.636588] ok 21 - kmalloc_oob_memset_16
[ 2260.636761] ==================================================================
[ 2260.638170] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 2260.639209] Read of size 18446744073709551614 at addr ffff88810afa1b84 by task kunit_try_catch/48024
[ 2260.640287]
[ 2260.640493] CPU: 0 PID: 48024 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.642091] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.642789] Call Trace:
[ 2260.643099]
[ 2260.643375] ? kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 2260.644145] dump_stack_lvl+0x57/0x81
[ 2260.644602] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.645300] ? kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 2260.646069] print_report.cold+0x5c/0x237
[ 2260.646566] kasan_report+0xc9/0x100
[ 2260.647010] ? kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 2260.647806] kasan_check_range+0xfd/0x1e0
[ 2260.648342] memmove+0x20/0x60
[ 2260.648729] kmalloc_memmove_negative_size+0x1c4/0x290 [test_kasan]
[ 2260.649482] ? kmalloc_memmove_invalid_size+0x2a0/0x2a0 [test_kasan]
[ 2260.650247] ? do_raw_spin_trylock+0xb5/0x180
[ 2260.650781] ? do_raw_spin_lock+0x270/0x270
[ 2260.651297] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.651966] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.652570] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.653189] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.653782] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.654399] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.655131] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.655755] kthread+0x2a4/0x350
[ 2260.656158] ? kthread_complete_and_exit+0x20/0x20
[ 2260.656742] ret_from_fork+0x1f/0x30
[ 2260.657197]
[ 2260.657478]
[ 2260.657684] Allocated by task 48024:
[ 2260.658123] kasan_save_stack+0x1e/0x40
[ 2260.658596] __kasan_kmalloc+0x81/0xa0
[ 2260.659113] kmalloc_memmove_negative_size+0x9c/0x290 [test_kasan]
[ 2260.659859] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.660454] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.661187] kthread+0x2a4/0x350
[ 2260.661599] ret_from_fork+0x1f/0x30
[ 2260.662041]
[ 2260.662251] The buggy address belongs to the object at ffff88810afa1b80
[ 2260.662251] which belongs to the cache kmalloc-64 of size 64
[ 2260.663687] The buggy address is located 4 bytes inside of
[ 2260.663687] 64-byte region [ffff88810afa1b80, ffff88810afa1bc0)
[ 2260.665027]
[ 2260.665236] The buggy address belongs to the physical page:
[ 2260.665898] page:00000000007df7b1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10afa1
[ 2260.667004] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.667832] raw: 0017ffffc0000200 dead000000000100 dead000000000122 ffff888100041640
[ 2260.668749] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 2260.669668] page dumped because: kasan: bad access detected
[ 2260.670334]
[ 2260.670539] Memory state around the buggy address:
[ 2260.671118] ffff88810afa1a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.671979] ffff88810afa1b00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.672837] >ffff88810afa1b80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 2260.673696] ^
[ 2260.674098] ffff88810afa1c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.674961] ffff88810afa1c80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.675819] ==================================================================
[ 2260.676834] ok 22 - kmalloc_memmove_negative_size
[ 2260.676994] ==================================================================
[ 2260.678483] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 2260.679553] Read of size 64 at addr ffff88810afa1b04 by task kunit_try_catch/48025
[ 2260.680451]
[ 2260.680658] CPU: 0 PID: 48025 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.682257] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.682947] Call Trace:
[ 2260.683261]
[ 2260.683534] ? kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 2260.684298] dump_stack_lvl+0x57/0x81
[ 2260.684750] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.685447] ? kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 2260.686210] print_report.cold+0x5c/0x237
[ 2260.686705] kasan_report+0xc9/0x100
[ 2260.687150] ? kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 2260.687915] kasan_check_range+0xfd/0x1e0
[ 2260.688408] memmove+0x20/0x60
[ 2260.688796] kmalloc_memmove_invalid_size+0x1cf/0x2a0 [test_kasan]
[ 2260.689550] ? kmalloc_oob_in_memset+0x280/0x280 [test_kasan]
[ 2260.690250] ? do_raw_spin_trylock+0xb5/0x180
[ 2260.690784] ? do_raw_spin_lock+0x270/0x270
[ 2260.691300] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.691970] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.692591] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.693187] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.693800] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.694537] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.695159] kthread+0x2a4/0x350
[ 2260.695567] ? kthread_complete_and_exit+0x20/0x20
[ 2260.696149] ret_from_fork+0x1f/0x30
[ 2260.696604]
[ 2260.696914]
[ 2260.697144] Allocated by task 48025:
[ 2260.697645] kasan_save_stack+0x1e/0x40
[ 2260.698153] __kasan_kmalloc+0x81/0xa0
[ 2260.698616] kmalloc_memmove_invalid_size+0xac/0x2a0 [test_kasan]
[ 2260.699350] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.699942] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.700676] kthread+0x2a4/0x350
[ 2260.701120] ret_from_fork+0x1f/0x30
[ 2260.701564]
[ 2260.701769] The buggy address belongs to the object at ffff88810afa1b00
[ 2260.701769] which belongs to the cache kmalloc-64 of size 64
[ 2260.703207] The buggy address is located 4 bytes inside of
[ 2260.703207] 64-byte region [ffff88810afa1b00, ffff88810afa1b40)
[ 2260.704546]
[ 2260.704752] The buggy address belongs to the physical page:
[ 2260.705419] page:00000000007df7b1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10afa1
[ 2260.706525] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.707352] raw: 0017ffffc0000200 dead000000000100 dead000000000122 ffff888100041640
[ 2260.708268] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 2260.709182] page dumped because: kasan: bad access detected
[ 2260.709846]
[ 2260.710052] Memory state around the buggy address:
[ 2260.710634] ffff88810afa1a00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.711534] ffff88810afa1a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.712394] >ffff88810afa1b00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 2260.713254] ^
[ 2260.713889] ffff88810afa1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.714753] ffff88810afa1c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.715729] ==================================================================
[ 2260.716754] ok 23 - kmalloc_memmove_invalid_size
[ 2260.716929] ==================================================================
[ 2260.718581] BUG: KASAN: use-after-free in kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 2260.719519] Read of size 1 at addr ffff888106f99fa8 by task kunit_try_catch/48026
[ 2260.720410]
[ 2260.720616] CPU: 0 PID: 48026 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.722277] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.723059] Call Trace:
[ 2260.723373]
[ 2260.723646] ? kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 2260.724244] dump_stack_lvl+0x57/0x81
[ 2260.724698] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.725398] ? kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 2260.725998] print_report.cold+0x5c/0x237
[ 2260.726496] kasan_report+0xc9/0x100
[ 2260.726941] ? kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 2260.727541] kmalloc_uaf+0x286/0x2b0 [test_kasan]
[ 2260.728118] ? kmalloc_uaf2+0x430/0x430 [test_kasan]
[ 2260.728722] ? do_raw_spin_trylock+0xb5/0x180
[ 2260.729261] ? do_raw_spin_lock+0x270/0x270
[ 2260.729777] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.730453] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.731078] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.731673] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.732289] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.733023] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.733651] kthread+0x2a4/0x350
[ 2260.734107] ? kthread_complete_and_exit+0x20/0x20
[ 2260.734717] ret_from_fork+0x1f/0x30
[ 2260.735169]
[ 2260.735454]
[ 2260.735659] Allocated by task 48026:
[ 2260.736099] kasan_save_stack+0x1e/0x40
[ 2260.736572] __kasan_kmalloc+0x81/0xa0
[ 2260.737032] kmalloc_uaf+0x98/0x2b0 [test_kasan]
[ 2260.737598] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.738196] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.738980] kthread+0x2a4/0x350
[ 2260.739435] ret_from_fork+0x1f/0x30
[ 2260.739940]
[ 2260.740146] Freed by task 48026:
[ 2260.740553] kasan_save_stack+0x1e/0x40
[ 2260.741024] kasan_set_track+0x21/0x30
[ 2260.741486] kasan_set_free_info+0x20/0x40
[ 2260.741985] __kasan_slab_free+0x108/0x170
[ 2260.742488] slab_free_freelist_hook+0x11d/0x1d0
[ 2260.743051] kfree+0xe2/0x3c0
[ 2260.743428] kmalloc_uaf+0x12b/0x2b0 [test_kasan]
[ 2260.744001] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.744598] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.745338] kthread+0x2a4/0x350
[ 2260.745743] ret_from_fork+0x1f/0x30
[ 2260.746187]
[ 2260.746393] The buggy address belongs to the object at ffff888106f99fa0
[ 2260.746393] which belongs to the cache kmalloc-16 of size 16
[ 2260.747867] The buggy address is located 8 bytes inside of
[ 2260.747867] 16-byte region [ffff888106f99fa0, ffff888106f99fb0)
[ 2260.749333]
[ 2260.749539] The buggy address belongs to the physical page:
[ 2260.750261] page:000000000eca2656 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888106f99d80 pfn:0x106f99
[ 2260.751611] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.752440] raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff8881000413c0
[ 2260.753364] raw: ffff888106f99d80 000000008080007f 00000001ffffffff 0000000000000000
[ 2260.754279] page dumped because: kasan: bad access detected
[ 2260.754941]
[ 2260.755147] Memory state around the buggy address:
[ 2260.755728] ffff888106f99e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2260.756585] ffff888106f99f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2260.757445] >ffff888106f99f80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2260.758304] ^
[ 2260.758854] ffff888106f9a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[ 2260.759712] ffff888106f9a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.760672] ==================================================================
[ 2260.761724] ok 24 - kmalloc_uaf
[ 2260.761880] ==================================================================
[ 2260.763193] BUG: KASAN: use-after-free in kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 2260.764124] Write of size 33 at addr ffff88810afa1480 by task kunit_try_catch/48027
[ 2260.765032]
[ 2260.765241] CPU: 0 PID: 48027 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.766839] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.767538] Call Trace:
[ 2260.767849]
[ 2260.768123] ? kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 2260.768786] dump_stack_lvl+0x57/0x81
[ 2260.769244] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.769939] ? kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 2260.770600] print_report.cold+0x5c/0x237
[ 2260.771094] kasan_report+0xc9/0x100
[ 2260.771541] ? kmalloc_uaf_memset+0xc1/0x280 [test_kasan]
[ 2260.772194] ? kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 2260.772858] kasan_check_range+0xfd/0x1e0
[ 2260.773352] memset+0x20/0x50
[ 2260.773730] kmalloc_uaf_memset+0x1b4/0x280 [test_kasan]
[ 2260.774375] ? kmem_cache_accounted+0x170/0x170 [test_kasan]
[ 2260.775060] ? do_raw_spin_trylock+0xb5/0x180
[ 2260.775621] ? do_raw_spin_lock+0x270/0x270
[ 2260.776202] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.776949] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.777640] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.778309] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.778996] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.779787] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.780446] kthread+0x2a4/0x350
[ 2260.780897] ? kthread_complete_and_exit+0x20/0x20
[ 2260.781551] ret_from_fork+0x1f/0x30
[ 2260.782039]
[ 2260.782325]
[ 2260.782531] Allocated by task 48027:
[ 2260.783012] kasan_save_stack+0x1e/0x40
[ 2260.783539] __kasan_kmalloc+0x81/0xa0
[ 2260.784053] kmalloc_uaf_memset+0x9a/0x280 [test_kasan]
[ 2260.784722] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.785318] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.786052] kthread+0x2a4/0x350
[ 2260.786457] ret_from_fork+0x1f/0x30
[ 2260.786900]
[ 2260.787107] Freed by task 48027:
[ 2260.787512] kasan_save_stack+0x1e/0x40
[ 2260.787989] kasan_set_track+0x21/0x30
[ 2260.788454] kasan_set_free_info+0x20/0x40
[ 2260.788952] __kasan_slab_free+0x108/0x170
[ 2260.789453] slab_free_freelist_hook+0x11d/0x1d0
[ 2260.790018] kfree+0xe2/0x3c0
[ 2260.790395] kmalloc_uaf_memset+0x137/0x280 [test_kasan]
[ 2260.791036] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.791630] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.792365] kthread+0x2a4/0x350
[ 2260.792770] ret_from_fork+0x1f/0x30
[ 2260.793214]
[ 2260.793419] The buggy address belongs to the object at ffff88810afa1480
[ 2260.793419] which belongs to the cache kmalloc-64 of size 64
[ 2260.794856] The buggy address is located 0 bytes inside of
[ 2260.794856] 64-byte region [ffff88810afa1480, ffff88810afa14c0)
[ 2260.796202]
[ 2260.796407] The buggy address belongs to the physical page:
[ 2260.797071] page:00000000007df7b1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10afa1
[ 2260.798312] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.799235] raw: 0017ffffc0000200 dead000000000100 dead000000000122 ffff888100041640
[ 2260.800256] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 2260.801281] page dumped because: kasan: bad access detected
[ 2260.801963]
[ 2260.802169] Memory state around the buggy address:
[ 2260.802750] ffff88810afa1380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.803609] ffff88810afa1400: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.804469] >ffff88810afa1480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.805327] ^
[ 2260.805728] ffff88810afa1500: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.806584] ffff88810afa1580: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.807444] ==================================================================
[ 2260.808452] ok 25 - kmalloc_uaf_memset
[ 2260.808622] ==================================================================
[ 2260.809992] BUG: KASAN: use-after-free in kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 2260.810987] Read of size 1 at addr ffff88810afa1a28 by task kunit_try_catch/48028
[ 2260.811914]
[ 2260.812121] CPU: 0 PID: 48028 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.813876] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.814574] Call Trace:
[ 2260.814886]
[ 2260.815159] ? kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 2260.815766] dump_stack_lvl+0x57/0x81
[ 2260.816225] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.816921] ? kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 2260.817526] print_report.cold+0x5c/0x237
[ 2260.818019] kasan_report+0xc9/0x100
[ 2260.818469] ? kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 2260.819073] kmalloc_uaf2+0x402/0x430 [test_kasan]
[ 2260.819660] ? kfree_via_page+0x290/0x290 [test_kasan]
[ 2260.820286] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.820860] ? lock_acquire+0x4ea/0x620
[ 2260.821335] ? rcu_read_unlock+0x40/0x40
[ 2260.821815] ? rcu_read_unlock+0x40/0x40
[ 2260.822296] ? rcu_read_lock_sched_held+0x12/0x80
[ 2260.822871] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.823546] ? do_raw_spin_lock+0x270/0x270
[ 2260.824059] ? trace_hardirqs_on+0x2d/0x160
[ 2260.824573] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2260.825182] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.825798] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.826394] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.827008] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.827749] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.828375] kthread+0x2a4/0x350
[ 2260.828779] ? kthread_complete_and_exit+0x20/0x20
[ 2260.829365] ret_from_fork+0x1f/0x30
[ 2260.829817]
[ 2260.830098]
[ 2260.830307] Allocated by task 48028:
[ 2260.830746] kasan_save_stack+0x1e/0x40
[ 2260.831218] __kasan_kmalloc+0x81/0xa0
[ 2260.831677] kmalloc_uaf2+0xad/0x430 [test_kasan]
[ 2260.832254] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.832847] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.833585] kthread+0x2a4/0x350
[ 2260.833987] ret_from_fork+0x1f/0x30
[ 2260.834432]
[ 2260.834637] Freed by task 48028:
[ 2260.835039] kasan_save_stack+0x1e/0x40
[ 2260.835511] kasan_set_track+0x21/0x30
[ 2260.835970] kasan_set_free_info+0x20/0x40
[ 2260.836470] __kasan_slab_free+0x108/0x170
[ 2260.836969] slab_free_freelist_hook+0x11d/0x1d0
[ 2260.837535] kfree+0xe2/0x3c0
[ 2260.837910] kmalloc_uaf2+0x144/0x430 [test_kasan]
[ 2260.838499] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.839092] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.839828] kthread+0x2a4/0x350
[ 2260.840234] ret_from_fork+0x1f/0x30
[ 2260.840675]
[ 2260.840881] The buggy address belongs to the object at ffff88810afa1a00
[ 2260.840881] which belongs to the cache kmalloc-64 of size 64
[ 2260.842321] The buggy address is located 40 bytes inside of
[ 2260.842321] 64-byte region [ffff88810afa1a00, ffff88810afa1a40)
[ 2260.843672]
[ 2260.843878] The buggy address belongs to the physical page:
[ 2260.844542] page:00000000007df7b1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10afa1
[ 2260.845770] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.846621] raw: 0017ffffc0000200 dead000000000100 dead000000000122 ffff888100041640
[ 2260.847539] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 2260.848460] page dumped because: kasan: bad access detected
[ 2260.849123]
[ 2260.849331] Memory state around the buggy address:
[ 2260.849963] ffff88810afa1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.850821] ffff88810afa1980: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.851679] >ffff88810afa1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.852538] ^
[ 2260.853089] ffff88810afa1a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.853949] ffff88810afa1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2260.854809] ==================================================================
[ 2260.855723] ok 26 - kmalloc_uaf2
[ 2260.855898] ok 27 - kfree_via_page
[ 2260.856502] ok 28 - kfree_via_phys
[ 2260.857483] ==================================================================
[ 2260.858817] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 2260.859794] Read of size 1 at addr ffff8881214606f8 by task kunit_try_catch/48031
[ 2260.860769]
[ 2260.861001] CPU: 0 PID: 48031 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2260.862656] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2260.863349] Call Trace:
[ 2260.863659]
[ 2260.863932] ? kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 2260.864556] dump_stack_lvl+0x57/0x81
[ 2260.865009] print_address_description.constprop.0+0x1f/0x1e0
[ 2260.865704] ? kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 2260.866330] print_report.cold+0x5c/0x237
[ 2260.866822] kasan_report+0xc9/0x100
[ 2260.867268] ? kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 2260.867890] kmem_cache_oob+0x2d4/0x2e0 [test_kasan]
[ 2260.868496] ? kmem_cache_double_free+0x280/0x280 [test_kasan]
[ 2260.869203] ? do_raw_spin_trylock+0xb5/0x180
[ 2260.869737] ? do_raw_spin_lock+0x270/0x270
[ 2260.870252] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2260.870923] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2260.871542] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.872136] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2260.872751] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.873486] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2260.874110] kthread+0x2a4/0x350
[ 2260.874518] ? kthread_complete_and_exit+0x20/0x20
[ 2260.875100] ret_from_fork+0x1f/0x30
[ 2260.875557]
[ 2260.875838]
[ 2260.876044] Allocated by task 48031:
[ 2260.876488] kasan_save_stack+0x1e/0x40
[ 2260.876957] __kasan_slab_alloc+0x66/0x80
[ 2260.877449] kmem_cache_alloc+0x161/0x310
[ 2260.877938] kmem_cache_oob+0x121/0x2e0 [test_kasan]
[ 2260.878543] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2260.879143] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2260.879877] kthread+0x2a4/0x350
[ 2260.880283] ret_from_fork+0x1f/0x30
[ 2260.880724]
[ 2260.880938] The buggy address belongs to the object at ffff888121460630
[ 2260.880938] which belongs to the cache test_cache of size 200
[ 2260.882384] The buggy address is located 0 bytes to the right of
[ 2260.882384] 200-byte region [ffff888121460630, ffff8881214606f8)
[ 2260.883793]
[ 2260.883999] The buggy address belongs to the physical page:
[ 2260.884666] page:000000009c5801af refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x121460
[ 2260.885767] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2260.886594] raw: 0017ffffc0000200 0000000000000000 dead000000000122 ffff888109ea9500
[ 2260.887509] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000
[ 2260.888432] page dumped because: kasan: bad access detected
[ 2260.889094]
[ 2260.889303] Memory state around the buggy address:
[ 2260.889880] ffff888121460580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.890852] ffff888121460600: fc fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00
[ 2260.891754] >ffff888121460680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 2260.892613] ^
[ 2260.893464] ffff888121460700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.894324] ffff888121460780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2260.895191] ==================================================================
[ 2260.911280] ok 29 - kmem_cache_oob
[ 2261.444889] ok 30 - kmem_cache_accounted
[ 2261.459905] ok 31 - kmem_cache_bulk
[ 2261.460718] ==================================================================
[ 2261.462248] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 2261.463354] Read of size 1 at addr ffffffffc192f90d by task kunit_try_catch/48034
[ 2261.464248]
[ 2261.464459] CPU: 1 PID: 48034 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2261.466062] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2261.466756] Call Trace:
[ 2261.467069]
[ 2261.467348] ? kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 2261.468057] dump_stack_lvl+0x57/0x81
[ 2261.468519] print_address_description.constprop.0+0x1f/0x1e0
[ 2261.469221] ? kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 2261.469929] print_report.cold+0x5c/0x237
[ 2261.470431] kasan_report+0xc9/0x100
[ 2261.470878] ? kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 2261.471592] kasan_global_oob_right+0x1df/0x1f0 [test_kasan]
[ 2261.472284] ? kasan_stack_oob+0x200/0x200 [test_kasan]
[ 2261.472920] ? do_raw_spin_trylock+0xb5/0x180
[ 2261.473463] ? do_raw_spin_lock+0x270/0x270
[ 2261.473979] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2261.474657] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2261.475282] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.475878] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2261.476496] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.477237] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2261.477860] kthread+0x2a4/0x350
[ 2261.478268] ? kthread_complete_and_exit+0x20/0x20
[ 2261.478852] ret_from_fork+0x1f/0x30
[ 2261.479312]
[ 2261.479595]
[ 2261.479802] The buggy address belongs to the variable:
[ 2261.480424] global_array+0xd/0xfffffffffffe5700 [test_kasan]
[ 2261.481123]
[ 2261.481332] Memory state around the buggy address:
[ 2261.481915] ffffffffc192f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.482780] ffffffffc192f880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.483644] >ffffffffc192f900: 00 02 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9
[ 2261.484508] ^
[ 2261.484940] ffffffffc192f980: 02 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 f9 f9
[ 2261.485806] ffffffffc192fa00: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
[ 2261.486669] ==================================================================
[ 2261.487577] ok 32 - kasan_global_oob_right
[ 2261.487773] ok 33 - kasan_global_oob_left # SKIP Test requires CONFIG_CC_IS_CLANG=y
[ 2261.488507] ==================================================================
[ 2261.490344] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 2261.491303] Read of size 1 at addr ffffc90001657e7a by task kunit_try_catch/48036
[ 2261.492199]
[ 2261.492407] CPU: 1 PID: 48036 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2261.494013] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2261.494711] Call Trace:
[ 2261.495023]
[ 2261.495300] ? kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 2261.495934] dump_stack_lvl+0x57/0x81
[ 2261.496395] print_address_description.constprop.0+0x1f/0x1e0
[ 2261.497093] ? kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 2261.497736] print_report.cold+0x5c/0x237
[ 2261.498235] kasan_report+0xc9/0x100
[ 2261.498681] ? kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 2261.499320] kasan_stack_oob+0x1eb/0x200 [test_kasan]
[ 2261.499935] ? match_all_mem_tag+0x20/0x20 [test_kasan]
[ 2261.500574] ? rcu_read_unlock+0x40/0x40
[ 2261.501058] ? rcu_read_lock_sched_held+0x12/0x80
[ 2261.501640] ? do_raw_spin_trylock+0xb5/0x180
[ 2261.502181] ? do_raw_spin_lock+0x270/0x270
[ 2261.502696] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2261.503376] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2261.503981] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2261.504603] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.505204] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2261.505820] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.506559] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2261.507189] kthread+0x2a4/0x350
[ 2261.507595] ? kthread_complete_and_exit+0x20/0x20
[ 2261.508187] ret_from_fork+0x1f/0x30
[ 2261.508641]
[ 2261.508924]
[ 2261.509131] The buggy address belongs to stack of task kunit_try_catch/48036
[ 2261.509973] and is located at offset 266 in frame:
[ 2261.510568] kasan_stack_oob+0x0/0x200 [test_kasan]
[ 2261.511165]
[ 2261.511372] This frame has 4 objects:
[ 2261.511822] [48, 56) 'array'
[ 2261.511825] [80, 128) '__assertion'
[ 2261.512212] [160, 224) '__assertion'
[ 2261.512653] [256, 266) 'stack_array'
[ 2261.513103]
[ 2261.513760] The buggy address belongs to the virtual mapping at
[ 2261.513760] [ffffc90001650000, ffffc90001659000) created by:
[ 2261.513760] dup_task_struct+0x5e/0x5a0
[ 2261.515570]
[ 2261.515776] The buggy address belongs to the physical page:
[ 2261.516446] page:00000000c14e1a99 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109619
[ 2261.517555] flags: 0x17ffffc0000000(node=0|zone=2|lastcpupid=0x1fffff)
[ 2261.518340] raw: 0017ffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 2261.519260] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2261.520179] page dumped because: kasan: bad access detected
[ 2261.520844]
[ 2261.521051] Memory state around the buggy address:
[ 2261.521634] ffffc90001657d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1
[ 2261.522497] ffffc90001657d80: f1 f1 f1 f1 00 f2 f2 f2 00 00 00 00 00 00 f2 f2
[ 2261.523361] >ffffc90001657e00: f2 f2 00 00 00 00 00 00 00 00 f2 f2 f2 f2 00 02
[ 2261.524222] ^
[ 2261.525073] ffffc90001657e80: f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.526034] ffffc90001657f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.526938] ==================================================================
[ 2261.527849] ok 34 - kasan_stack_oob
[ 2261.528031] ==================================================================
[ 2261.529382] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 2261.530415] Read of size 1 at addr ffffc900018d7d1f by task kunit_try_catch/48037
[ 2261.531312]
[ 2261.531519] CPU: 1 PID: 48037 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2261.533127] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2261.533825] Call Trace:
[ 2261.534139]
[ 2261.534419] ? kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 2261.535119] dump_stack_lvl+0x57/0x81
[ 2261.535580] print_address_description.constprop.0+0x1f/0x1e0
[ 2261.536282] ? kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 2261.536982] print_report.cold+0x5c/0x237
[ 2261.537479] kasan_report+0xc9/0x100
[ 2261.537926] ? kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 2261.538627] kasan_alloca_oob_left+0x27d/0x2a0 [test_kasan]
[ 2261.539304] ? put_prev_task_fair+0x37/0x70
[ 2261.539814] ? rcu_read_lock_sched_held+0x12/0x80
[ 2261.540396] ? rcu_read_lock_sched_held+0x12/0x80
[ 2261.540973] ? lock_acquire+0x4ea/0x620
[ 2261.541452] ? kasan_alloca_oob_right+0x290/0x290 [test_kasan]
[ 2261.542161] ? rcu_read_lock_sched_held+0x12/0x80
[ 2261.542738] ? do_raw_spin_trylock+0xb5/0x180
[ 2261.543279] ? do_raw_spin_lock+0x270/0x270
[ 2261.543795] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2261.544471] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2261.545077] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2261.545700] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.546299] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2261.546916] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.547658] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2261.548287] kthread+0x2a4/0x350
[ 2261.548692] ? kthread_complete_and_exit+0x20/0x20
[ 2261.549279] ret_from_fork+0x1f/0x30
[ 2261.549733]
[ 2261.550016]
[ 2261.550229] The buggy address belongs to stack of task kunit_try_catch/48037
[ 2261.551075]
[ 2261.551287] The buggy address belongs to the virtual mapping at
[ 2261.551287] [ffffc900018d0000, ffffc900018d9000) created by:
[ 2261.551287] dup_task_struct+0x5e/0x5a0
[ 2261.553098]
[ 2261.553308] The buggy address belongs to the physical page:
[ 2261.553976] page:00000000b0fe6173 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x110856
[ 2261.555087] flags: 0x17ffffc0000000(node=0|zone=2|lastcpupid=0x1fffff)
[ 2261.555872] raw: 0017ffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 2261.556795] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2261.557717] page dumped because: kasan: bad access detected
[ 2261.558385]
[ 2261.558591] Memory state around the buggy address:
[ 2261.559174] ffffc900018d7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.560033] ffffc900018d7c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.560905] >ffffc900018d7d00: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00
[ 2261.561769] ^
[ 2261.562261] ffffc900018d7d80: f1 f1 f1 f1 04 f2 00 f2 f2 f2 00 00 00 00 00 00
[ 2261.563121] ffffc900018d7e00: f2 f2 f2 f2 00 00 00 00 00 00 00 00 f3 f3 f3 f3
[ 2261.563987] ==================================================================
[ 2261.564961] ok 35 - kasan_alloca_oob_left
[ 2261.565132] ==================================================================
[ 2261.566547] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 2261.567590] Read of size 1 at addr ffffc900018f7d2a by task kunit_try_catch/48038
[ 2261.568487]
[ 2261.568695] CPU: 1 PID: 48038 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2261.570310] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2261.571006] Call Trace:
[ 2261.571325]
[ 2261.571600] ? kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 2261.572310] dump_stack_lvl+0x57/0x81
[ 2261.572788] print_address_description.constprop.0+0x1f/0x1e0
[ 2261.573571] ? kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 2261.574317] print_report.cold+0x5c/0x237
[ 2261.574813] kasan_report+0xc9/0x100
[ 2261.575262] ? kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 2261.575971] kasan_alloca_oob_right+0x275/0x290 [test_kasan]
[ 2261.576665] ? put_prev_task_fair+0x37/0x70
[ 2261.577178] ? rcu_read_lock_sched_held+0x12/0x80
[ 2261.577753] ? rcu_read_lock_sched_held+0x12/0x80
[ 2261.578333] ? lock_acquire+0x4ea/0x620
[ 2261.578808] ? ksize_unpoisons_memory+0x300/0x300 [test_kasan]
[ 2261.579516] ? rcu_read_lock_sched_held+0x12/0x80
[ 2261.580093] ? do_raw_spin_trylock+0xb5/0x180
[ 2261.580634] ? do_raw_spin_lock+0x270/0x270
[ 2261.581154] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2261.581828] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2261.582434] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2261.583053] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.583653] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2261.584275] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.585011] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2261.585641] kthread+0x2a4/0x350
[ 2261.586048] ? kthread_complete_and_exit+0x20/0x20
[ 2261.586638] ret_from_fork+0x1f/0x30
[ 2261.587092]
[ 2261.587379]
[ 2261.587585] The buggy address belongs to stack of task kunit_try_catch/48038
[ 2261.588435]
[ 2261.588643] The buggy address belongs to the virtual mapping at
[ 2261.588643] [ffffc900018f0000, ffffc900018f9000) created by:
[ 2261.588643] dup_task_struct+0x5e/0x5a0
[ 2261.590458]
[ 2261.590664] The buggy address belongs to the physical page:
[ 2261.591335] page:00000000de4c627a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10af9a
[ 2261.592445] flags: 0x17ffffc0000000(node=0|zone=2|lastcpupid=0x1fffff)
[ 2261.593231] raw: 0017ffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 2261.594153] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2261.595074] page dumped because: kasan: bad access detected
[ 2261.595745]
[ 2261.595952] Memory state around the buggy address:
[ 2261.596537] ffffc900018f7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.597400] ffffc900018f7c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.598266] >ffffc900018f7d00: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00
[ 2261.599131] ^
[ 2261.599689] ffffc900018f7d80: f1 f1 f1 f1 04 f2 00 f2 f2 f2 00 00 00 00 00 00
[ 2261.600579] ffffc900018f7e00: f2 f2 f2 f2 00 00 00 00 00 00 00 00 f3 f3 f3 f3
[ 2261.601551] ==================================================================
[ 2261.602564] ok 36 - kasan_alloca_oob_right
[ 2261.603151] ==================================================================
[ 2261.604582] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 2261.605605] Read of size 1 at addr ffff8881061c2180 by task kunit_try_catch/48039
[ 2261.606503]
[ 2261.606711] CPU: 1 PID: 48039 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2261.608325] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2261.609019] Call Trace:
[ 2261.609335]
[ 2261.609610] ? ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 2261.610323] dump_stack_lvl+0x57/0x81
[ 2261.610779] print_address_description.constprop.0+0x1f/0x1e0
[ 2261.611481] ? ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 2261.612192] print_report.cold+0x5c/0x237
[ 2261.612688] kasan_report+0xc9/0x100
[ 2261.613135] ? ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 2261.613850] ksize_unpoisons_memory+0x2cf/0x300 [test_kasan]
[ 2261.614546] ? ksize_uaf+0x4a0/0x4a0 [test_kasan]
[ 2261.615126] ? do_raw_spin_trylock+0xb5/0x180
[ 2261.615669] ? do_raw_spin_lock+0x270/0x270
[ 2261.616224] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2261.616900] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2261.617525] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.618123] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2261.618743] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.619487] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2261.620112] kthread+0x2a4/0x350
[ 2261.620521] ? kthread_complete_and_exit+0x20/0x20
[ 2261.621107] ret_from_fork+0x1f/0x30
[ 2261.621566]
[ 2261.621849]
[ 2261.622056] Allocated by task 48039:
[ 2261.622504] kasan_save_stack+0x1e/0x40
[ 2261.622977] __kasan_kmalloc+0x81/0xa0
[ 2261.623444] ksize_unpoisons_memory+0x9a/0x300 [test_kasan]
[ 2261.624114] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.624713] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.625450] kthread+0x2a4/0x350
[ 2261.625855] ret_from_fork+0x1f/0x30
[ 2261.626302]
[ 2261.626509] The buggy address belongs to the object at ffff8881061c2100
[ 2261.626509] which belongs to the cache kmalloc-128 of size 128
[ 2261.627984] The buggy address is located 0 bytes to the right of
[ 2261.627984] 128-byte region [ffff8881061c2100, ffff8881061c2180)
[ 2261.629404]
[ 2261.629612] The buggy address belongs to the physical page:
[ 2261.630281] page:00000000f7246a13 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1061c2
[ 2261.631391] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2261.632222] raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff8881000418c0
[ 2261.633146] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2261.634066] page dumped because: kasan: bad access detected
[ 2261.634737]
[ 2261.634943] Memory state around the buggy address:
[ 2261.635527] ffff8881061c2080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.636393] ffff8881061c2100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.637257] >ffff8881061c2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.638119] ^
[ 2261.638528] ffff8881061c2200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2261.639398] ffff8881061c2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.640273] ==================================================================
[ 2261.641197] ok 37 - ksize_unpoisons_memory
[ 2261.641387] ==================================================================
[ 2261.642813] BUG: KASAN: use-after-free in ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 2261.643671] Read of size 1 at addr ffff8881061c2400 by task kunit_try_catch/48040
[ 2261.644569]
[ 2261.644804] CPU: 1 PID: 48040 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2261.646611] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2261.647391] Call Trace:
[ 2261.647741]
[ 2261.648048] ? ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 2261.648676] dump_stack_lvl+0x57/0x81
[ 2261.649131] print_address_description.constprop.0+0x1f/0x1e0
[ 2261.649906] ? ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 2261.650565] print_report.cold+0x5c/0x237
[ 2261.651062] kasan_report+0xc9/0x100
[ 2261.651515] ? ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 2261.652093] ? ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 2261.652673] __kasan_check_byte+0x36/0x50
[ 2261.653169] ksize+0x1b/0x50
[ 2261.653539] ksize_uaf+0x1ad/0x4a0 [test_kasan]
[ 2261.654186] ? kmem_cache_oob+0x2e0/0x2e0 [test_kasan]
[ 2261.654885] ? do_raw_spin_trylock+0xb5/0x180
[ 2261.655442] ? do_raw_spin_lock+0x270/0x270
[ 2261.655958] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2261.656638] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2261.657260] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.657857] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2261.658475] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.659214] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2261.659839] kthread+0x2a4/0x350
[ 2261.660251] ? kthread_complete_and_exit+0x20/0x20
[ 2261.660836] ret_from_fork+0x1f/0x30
[ 2261.661294]
[ 2261.661578]
[ 2261.661785] Allocated by task 48040:
[ 2261.662298] kasan_save_stack+0x1e/0x40
[ 2261.662825] __kasan_kmalloc+0x81/0xa0
[ 2261.663305] ksize_uaf+0x9a/0x4a0 [test_kasan]
[ 2261.663854] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.664454] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.665194] kthread+0x2a4/0x350
[ 2261.665599] ret_from_fork+0x1f/0x30
[ 2261.666044]
[ 2261.666253] Freed by task 48040:
[ 2261.666657] kasan_save_stack+0x1e/0x40
[ 2261.667130] kasan_set_track+0x21/0x30
[ 2261.667595] kasan_set_free_info+0x20/0x40
[ 2261.668095] __kasan_slab_free+0x108/0x170
[ 2261.668599] slab_free_freelist_hook+0x11d/0x1d0
[ 2261.669172] kfree+0xe2/0x3c0
[ 2261.669548] ksize_uaf+0x137/0x4a0 [test_kasan]
[ 2261.670106] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.670703] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.671443] kthread+0x2a4/0x350
[ 2261.671848] ret_from_fork+0x1f/0x30
[ 2261.672296]
[ 2261.672503] The buggy address belongs to the object at ffff8881061c2400
[ 2261.672503] which belongs to the cache kmalloc-128 of size 128
[ 2261.673966] The buggy address is located 0 bytes inside of
[ 2261.673966] 128-byte region [ffff8881061c2400, ffff8881061c2480)
[ 2261.675336]
[ 2261.675543] The buggy address belongs to the physical page:
[ 2261.676214] page:00000000f7246a13 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1061c2
[ 2261.677324] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2261.678156] raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff8881000418c0
[ 2261.679078] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2261.680000] page dumped because: kasan: bad access detected
[ 2261.680670]
[ 2261.680877] Memory state around the buggy address:
[ 2261.681461] ffff8881061c2300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.682325] ffff8881061c2380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.683191] >ffff8881061c2400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2261.684051] ^
[ 2261.684459] ffff8881061c2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.685325] ffff8881061c2500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2261.686191] ==================================================================
[ 2261.687166] ==================================================================
[ 2261.688034] BUG: KASAN: use-after-free in ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 2261.688883] Read of size 1 at addr ffff8881061c2400 by task kunit_try_catch/48040
[ 2261.689777]
[ 2261.689985] CPU: 1 PID: 48040 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2261.691592] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2261.692289] Call Trace:
[ 2261.692602]
[ 2261.692876] ? ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 2261.693463] dump_stack_lvl+0x57/0x81
[ 2261.693918] print_address_description.constprop.0+0x1f/0x1e0
[ 2261.694618] ? ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 2261.695201] print_report.cold+0x5c/0x237
[ 2261.695696] kasan_report+0xc9/0x100
[ 2261.696149] ? ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 2261.696726] ksize_uaf+0x47d/0x4a0 [test_kasan]
[ 2261.697287] ? kmem_cache_oob+0x2e0/0x2e0 [test_kasan]
[ 2261.697912] ? do_raw_spin_trylock+0xb5/0x180
[ 2261.698454] ? do_raw_spin_lock+0x270/0x270
[ 2261.698971] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2261.699650] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2261.700275] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.700955] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2261.701656] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.702395] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2261.703020] kthread+0x2a4/0x350
[ 2261.703430] ? kthread_complete_and_exit+0x20/0x20
[ 2261.704047] ret_from_fork+0x1f/0x30
[ 2261.704559]
[ 2261.704876]
[ 2261.705103] Allocated by task 48040:
[ 2261.705547] kasan_save_stack+0x1e/0x40
[ 2261.706019] __kasan_kmalloc+0x81/0xa0
[ 2261.706486] ksize_uaf+0x9a/0x4a0 [test_kasan]
[ 2261.707033] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.707634] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.708371] kthread+0x2a4/0x350
[ 2261.708775] ret_from_fork+0x1f/0x30
[ 2261.709221]
[ 2261.709428] Freed by task 48040:
[ 2261.709833] kasan_save_stack+0x1e/0x40
[ 2261.710307] kasan_set_track+0x21/0x30
[ 2261.710770] kasan_set_free_info+0x20/0x40
[ 2261.711272] __kasan_slab_free+0x108/0x170
[ 2261.711774] slab_free_freelist_hook+0x11d/0x1d0
[ 2261.712342] kfree+0xe2/0x3c0
[ 2261.712719] ksize_uaf+0x137/0x4a0 [test_kasan]
[ 2261.713279] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.713876] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.714615] kthread+0x2a4/0x350
[ 2261.715019] ret_from_fork+0x1f/0x30
[ 2261.715468]
[ 2261.715674] The buggy address belongs to the object at ffff8881061c2400
[ 2261.715674] which belongs to the cache kmalloc-128 of size 128
[ 2261.717144] The buggy address is located 0 bytes inside of
[ 2261.717144] 128-byte region [ffff8881061c2400, ffff8881061c2480)
[ 2261.718505]
[ 2261.718712] The buggy address belongs to the physical page:
[ 2261.719384] page:00000000f7246a13 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1061c2
[ 2261.720493] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2261.721325] raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff8881000418c0
[ 2261.722246] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2261.723167] page dumped because: kasan: bad access detected
[ 2261.723832]
[ 2261.724038] Memory state around the buggy address:
[ 2261.724621] ffff8881061c2300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.725576] ffff8881061c2380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.726556] >ffff8881061c2400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2261.727488] ^
[ 2261.727891] ffff8881061c2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.728757] ffff8881061c2500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2261.729619] ==================================================================
[ 2261.730569] ==================================================================
[ 2261.731440] BUG: KASAN: use-after-free in ksize_uaf+0x470/0x4a0 [test_kasan]
[ 2261.732292] Read of size 1 at addr ffff8881061c2478 by task kunit_try_catch/48040
[ 2261.733185]
[ 2261.733393] CPU: 1 PID: 48040 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2261.735011] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2261.735710] Call Trace:
[ 2261.736022]
[ 2261.736300] ? ksize_uaf+0x470/0x4a0 [test_kasan]
[ 2261.736878] dump_stack_lvl+0x57/0x81
[ 2261.737340] print_address_description.constprop.0+0x1f/0x1e0
[ 2261.738037] ? ksize_uaf+0x470/0x4a0 [test_kasan]
[ 2261.740694] print_report.cold+0x5c/0x237
[ 2261.741195] kasan_report+0xc9/0x100
[ 2261.741644] ? ksize_uaf+0x470/0x4a0 [test_kasan]
[ 2261.742227] ksize_uaf+0x470/0x4a0 [test_kasan]
[ 2261.742786] ? kmem_cache_oob+0x2e0/0x2e0 [test_kasan]
[ 2261.743413] ? do_raw_spin_trylock+0xb5/0x180
[ 2261.743951] ? do_raw_spin_lock+0x270/0x270
[ 2261.744476] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2261.745153] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2261.745773] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.746375] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2261.746993] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.747734] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2261.748365] kthread+0x2a4/0x350
[ 2261.748779] ? kthread_complete_and_exit+0x20/0x20
[ 2261.749370] ret_from_fork+0x1f/0x30
[ 2261.749824]
[ 2261.750108]
[ 2261.750318] Allocated by task 48040:
[ 2261.750762] kasan_save_stack+0x1e/0x40
[ 2261.751238] __kasan_kmalloc+0x81/0xa0
[ 2261.751701] ksize_uaf+0x9a/0x4a0 [test_kasan]
[ 2261.752251] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.752847] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.753588] kthread+0x2a4/0x350
[ 2261.753993] ret_from_fork+0x1f/0x30
[ 2261.754440]
[ 2261.754647] Freed by task 48040:
[ 2261.755052] kasan_save_stack+0x1e/0x40
[ 2261.755527] kasan_set_track+0x21/0x30
[ 2261.755989] kasan_set_free_info+0x20/0x40
[ 2261.756492] __kasan_slab_free+0x108/0x170
[ 2261.756994] slab_free_freelist_hook+0x11d/0x1d0
[ 2261.757564] kfree+0xe2/0x3c0
[ 2261.757985] ksize_uaf+0x137/0x4a0 [test_kasan]
[ 2261.758576] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.759177] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.759916] kthread+0x2a4/0x350
[ 2261.760324] ret_from_fork+0x1f/0x30
[ 2261.760770]
[ 2261.760976] The buggy address belongs to the object at ffff8881061c2400
[ 2261.760976] which belongs to the cache kmalloc-128 of size 128
[ 2261.762445] The buggy address is located 120 bytes inside of
[ 2261.762445] 128-byte region [ffff8881061c2400, ffff8881061c2480)
[ 2261.763829]
[ 2261.764037] The buggy address belongs to the physical page:
[ 2261.764709] page:00000000f7246a13 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1061c2
[ 2261.765820] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2261.766652] raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff8881000418c0
[ 2261.767574] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2261.768607] page dumped because: kasan: bad access detected
[ 2261.769310]
[ 2261.769517] Memory state around the buggy address:
[ 2261.770100] ffff8881061c2300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.770962] ffff8881061c2380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.771827] >ffff8881061c2400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2261.772700] ^
[ 2261.773557] ffff8881061c2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.774419] ffff8881061c2500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2261.775283] ==================================================================
[ 2261.776189] ok 38 - ksize_uaf
[ 2261.782916] ==================================================================
[ 2261.784228] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0x152/0x400
[ 2261.785130]
[ 2261.785342] CPU: 1 PID: 48041 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2261.786946] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2261.787644] Call Trace:
[ 2261.787957]
[ 2261.788236] dump_stack_lvl+0x57/0x81
[ 2261.788690] print_address_description.constprop.0+0x1f/0x1e0
[ 2261.789392] print_report.cold+0x5c/0x237
[ 2261.789883] ? kmem_cache_free+0x152/0x400
[ 2261.790387] ? kmem_cache_free+0x152/0x400
[ 2261.790887] kasan_report_invalid_free+0x99/0xc0
[ 2261.791459] ? kmem_cache_free+0x152/0x400
[ 2261.791959] ? kmem_cache_free+0x152/0x400
[ 2261.792463] __kasan_slab_free+0x152/0x170
[ 2261.792964] slab_free_freelist_hook+0x11d/0x1d0
[ 2261.793535] ? kmem_cache_double_free+0x1bd/0x280 [test_kasan]
[ 2261.794244] kmem_cache_free+0x152/0x400
[ 2261.794729] kmem_cache_double_free+0x1bd/0x280 [test_kasan]
[ 2261.795421] ? kmem_cache_invalid_free+0x280/0x280 [test_kasan]
[ 2261.796134] ? do_raw_spin_trylock+0xb5/0x180
[ 2261.796675] ? do_raw_spin_lock+0x270/0x270
[ 2261.797193] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2261.797866] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2261.798472] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2261.799092] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.799692] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2261.800310] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.801147] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2261.801849] kthread+0x2a4/0x350
[ 2261.802306] ? kthread_complete_and_exit+0x20/0x20
[ 2261.802907] ret_from_fork+0x1f/0x30
[ 2261.803363]
[ 2261.803647]
[ 2261.803854] Allocated by task 48041:
[ 2261.804299] kasan_save_stack+0x1e/0x40
[ 2261.804771] __kasan_slab_alloc+0x66/0x80
[ 2261.805263] kmem_cache_alloc+0x161/0x310
[ 2261.805753] kmem_cache_double_free+0x123/0x280 [test_kasan]
[ 2261.806443] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.807037] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.807774] kthread+0x2a4/0x350
[ 2261.808182] ret_from_fork+0x1f/0x30
[ 2261.808624]
[ 2261.808829] Freed by task 48041:
[ 2261.809238] kasan_save_stack+0x1e/0x40
[ 2261.809708] kasan_set_track+0x21/0x30
[ 2261.810171] kasan_set_free_info+0x20/0x40
[ 2261.810670] __kasan_slab_free+0x108/0x170
[ 2261.811173] slab_free_freelist_hook+0x11d/0x1d0
[ 2261.811738] kmem_cache_free+0x152/0x400
[ 2261.812221] kmem_cache_double_free+0x144/0x280 [test_kasan]
[ 2261.812905] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.813502] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.814239] kthread+0x2a4/0x350
[ 2261.814642] ret_from_fork+0x1f/0x30
[ 2261.815085]
[ 2261.815294] The buggy address belongs to the object at ffff888105364630
[ 2261.815294] which belongs to the cache test_cache of size 200
[ 2261.816748] The buggy address is located 0 bytes inside of
[ 2261.816748] 200-byte region [ffff888105364630, ffff8881053646f8)
[ 2261.818109]
[ 2261.818319] The buggy address belongs to the physical page:
[ 2261.818987] page:00000000f5f54111 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105364
[ 2261.820098] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2261.820927] raw: 0017ffffc0000200 0000000000000000 dead000000000122 ffff88812172edc0
[ 2261.821850] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000
[ 2261.822770] page dumped because: kasan: bad access detected
[ 2261.823435]
[ 2261.823642] Memory state around the buggy address:
[ 2261.824224] ffff888105364500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.825085] ffff888105364580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.825945] >ffff888105364600: fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb
[ 2261.826805] ^
[ 2261.827389] ffff888105364680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc
[ 2261.828250] ffff888105364700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.829109] ==================================================================
[ 2261.844512] ok 39 - kmem_cache_double_free
[ 2261.844992] ==================================================================
[ 2261.846436] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0x152/0x400
[ 2261.847344]
[ 2261.847552] CPU: 1 PID: 48042 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2261.849167] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2261.849861] Call Trace:
[ 2261.850176]
[ 2261.850452] dump_stack_lvl+0x57/0x81
[ 2261.850908] print_address_description.constprop.0+0x1f/0x1e0
[ 2261.851610] print_report.cold+0x5c/0x237
[ 2261.852101] ? kmem_cache_free+0x152/0x400
[ 2261.852607] ? kmem_cache_free+0x152/0x400
[ 2261.853108] kasan_report_invalid_free+0x99/0xc0
[ 2261.853680] ? kmem_cache_free+0x152/0x400
[ 2261.854183] ? kmem_cache_free+0x152/0x400
[ 2261.854683] __kasan_slab_free+0x152/0x170
[ 2261.855188] slab_free_freelist_hook+0x11d/0x1d0
[ 2261.855757] ? kmem_cache_invalid_free+0x1b6/0x280 [test_kasan]
[ 2261.856481] kmem_cache_free+0x152/0x400
[ 2261.856974] kmem_cache_invalid_free+0x1b6/0x280 [test_kasan]
[ 2261.857677] ? kmem_cache_double_destroy+0x250/0x250 [test_kasan]
[ 2261.858415] ? do_raw_spin_trylock+0xb5/0x180
[ 2261.858953] ? do_raw_spin_lock+0x270/0x270
[ 2261.859472] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2261.860147] ? _raw_spin_unlock_irqrestore+0x42/0x70
[ 2261.860749] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2261.861371] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.861967] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2261.862616] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.863444] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2261.864091] kthread+0x2a4/0x350
[ 2261.864499] ? kthread_complete_and_exit+0x20/0x20
[ 2261.865084] ret_from_fork+0x1f/0x30
[ 2261.865541]
[ 2261.865825]
[ 2261.866033] Allocated by task 48042:
[ 2261.866478] kasan_save_stack+0x1e/0x40
[ 2261.866952] __kasan_slab_alloc+0x66/0x80
[ 2261.867445] kmem_cache_alloc+0x161/0x310
[ 2261.867935] kmem_cache_invalid_free+0x126/0x280 [test_kasan]
[ 2261.868635] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.869234] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.869971] kthread+0x2a4/0x350
[ 2261.870380] ret_from_fork+0x1f/0x30
[ 2261.870824]
[ 2261.871030] The buggy address belongs to the object at ffff888113892318
[ 2261.871030] which belongs to the cache test_cache of size 200
[ 2261.872488] The buggy address is located 1 bytes inside of
[ 2261.872488] 200-byte region [ffff888113892318, ffff8881138923e0)
[ 2261.873848]
[ 2261.874055] The buggy address belongs to the physical page:
[ 2261.874726] page:0000000031c9bb77 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x113892
[ 2261.875835] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2261.876666] raw: 0017ffffc0000200 0000000000000000 dead000000000122 ffff888105364000
[ 2261.877590] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000
[ 2261.878509] page dumped because: kasan: bad access detected
[ 2261.879177]
[ 2261.879385] Memory state around the buggy address:
[ 2261.879965] ffff888113892200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.880830] ffff888113892280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.881696] >ffff888113892300: fc fc fc 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2261.882562] ^
[ 2261.883052] ffff888113892380: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[ 2261.883916] ffff888113892400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.884778] ==================================================================
[ 2261.901394] ok 40 - kmem_cache_invalid_free
[ 2261.902266] ==================================================================
[ 2261.903709] BUG: KASAN: use-after-free in kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 2261.904726] Read of size 1 at addr ffff888105364640 by task kunit_try_catch/48043
[ 2261.905623]
[ 2261.905832] CPU: 1 PID: 48043 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2261.907445] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2261.908140] Call Trace:
[ 2261.908452]
[ 2261.908727] ? kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 2261.909469] dump_stack_lvl+0x57/0x81
[ 2261.909924] print_address_description.constprop.0+0x1f/0x1e0
[ 2261.910627] ? kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 2261.911456] print_report.cold+0x5c/0x237
[ 2261.911998] kasan_report+0xc9/0x100
[ 2261.912447] ? kmem_cache_free+0x110/0x400
[ 2261.912948] ? kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 2261.913686] ? kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 2261.914424] __kasan_check_byte+0x36/0x50
[ 2261.914919] kmem_cache_destroy+0x21/0x170
[ 2261.915425] kmem_cache_double_destroy+0x1a0/0x250 [test_kasan]
[ 2261.916144] ? kmalloc_oob_right+0x510/0x510 [test_kasan]
[ 2261.916800] ? do_raw_spin_trylock+0xb5/0x180
[ 2261.917340] ? do_raw_spin_lock+0x270/0x270
[ 2261.917856] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2261.918532] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2261.919156] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.919755] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2261.920376] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.921178] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2261.921886] kthread+0x2a4/0x350
[ 2261.922294] ? kthread_complete_and_exit+0x20/0x20
[ 2261.922880] ret_from_fork+0x1f/0x30
[ 2261.923336]
[ 2261.923620]
[ 2261.923826] Allocated by task 48043:
[ 2261.924271] kasan_save_stack+0x1e/0x40
[ 2261.924745] __kasan_slab_alloc+0x66/0x80
[ 2261.925238] kmem_cache_alloc+0x161/0x310
[ 2261.925766] kmem_cache_create_usercopy+0x1b9/0x310
[ 2261.926383] kmem_cache_create+0x12/0x20
[ 2261.926913] kmem_cache_double_destroy+0x8d/0x250 [test_kasan]
[ 2261.927707] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.928326] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.929061] kthread+0x2a4/0x350
[ 2261.929468] ret_from_fork+0x1f/0x30
[ 2261.929911]
[ 2261.930117] Freed by task 48043:
[ 2261.930523] kasan_save_stack+0x1e/0x40
[ 2261.930995] kasan_set_track+0x21/0x30
[ 2261.931459] kasan_set_free_info+0x20/0x40
[ 2261.931958] __kasan_slab_free+0x108/0x170
[ 2261.932462] slab_free_freelist_hook+0x11d/0x1d0
[ 2261.933028] kmem_cache_free+0x152/0x400
[ 2261.933509] kobject_cleanup+0x101/0x390
[ 2261.933991] kmem_cache_double_destroy+0x12a/0x250 [test_kasan]
[ 2261.934708] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.935310] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.936043] kthread+0x2a4/0x350
[ 2261.936451] ret_from_fork+0x1f/0x30
[ 2261.936893]
[ 2261.937099] The buggy address belongs to the object at ffff888105364640
[ 2261.937099] which belongs to the cache kmem_cache of size 240
[ 2261.938554] The buggy address is located 0 bytes inside of
[ 2261.938554] 240-byte region [ffff888105364640, ffff888105364730)
[ 2261.939911]
[ 2261.940118] The buggy address belongs to the physical page:
[ 2261.940785] page:00000000f5f54111 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105364
[ 2261.941893] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2261.942725] raw: 0017ffffc0000200 0000000000000000 dead000000000122 ffff888100041000
[ 2261.943647] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
[ 2261.944568] page dumped because: kasan: bad access detected
[ 2261.945236]
[ 2261.945443] Memory state around the buggy address:
[ 2261.946023] ffff888105364500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.946888] ffff888105364580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2261.947751] >ffff888105364600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 2261.948612] ^
[ 2261.949251] ffff888105364680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2261.950109] ffff888105364700: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[ 2261.950969] ==================================================================
[ 2261.951898] ok 41 - kmem_cache_double_destroy
[ 2261.952017] ok 42 - kasan_memchr # SKIP Test requires CONFIG_AMD_MEM_ENCRYPT=n
[ 2261.952847] ok 43 - kasan_memcmp # SKIP Test requires CONFIG_AMD_MEM_ENCRYPT=n
[ 2261.954051] ok 44 - kasan_strings # SKIP Test requires CONFIG_AMD_MEM_ENCRYPT=n
[ 2261.955146] ==================================================================
[ 2261.956922] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 2261.958013] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2261.958913]
[ 2261.959120] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2261.960721] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2261.961413] Call Trace:
[ 2261.961724]
[ 2261.961998] ? kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 2261.962781] dump_stack_lvl+0x57/0x81
[ 2261.963238] print_address_description.constprop.0+0x1f/0x1e0
[ 2261.963934] ? kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 2261.964718] print_report.cold+0x5c/0x237
[ 2261.965218] kasan_report+0xc9/0x100
[ 2261.965663] ? kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 2261.966449] kasan_check_range+0xfd/0x1e0
[ 2261.966942] kasan_bitops_modify.constprop.0+0xff/0x850 [test_kasan]
[ 2261.967706] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2261.968323] ? kunit_kfree+0x200/0x200 [kunit]
[ 2261.968872] ? rcu_read_lock_sched_held+0x12/0x80
[ 2261.969450] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2261.970122] ? rcu_read_lock_held+0x30/0x50
[ 2261.970636] ? trace_kmalloc+0x3c/0x100
[ 2261.971106] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2261.971684] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2261.972337] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2261.973224] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2261.973911] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2261.974530] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.975126] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2261.975744] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.976479] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2261.977101] kthread+0x2a4/0x350
[ 2261.977515] ? kthread_complete_and_exit+0x20/0x20
[ 2261.978099] ret_from_fork+0x1f/0x30
[ 2261.978556]
[ 2261.978839]
[ 2261.979046] Allocated by task 48047:
[ 2261.979487] kasan_save_stack+0x1e/0x40
[ 2261.979958] __kasan_kmalloc+0x81/0xa0
[ 2261.980421] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2261.981070] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2261.981667] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2261.982403] kthread+0x2a4/0x350
[ 2261.982806] ret_from_fork+0x1f/0x30
[ 2261.983251]
[ 2261.983457] The buggy address belongs to the object at ffff88810b9dc820
[ 2261.983457] which belongs to the cache kmalloc-16 of size 16
[ 2261.984894] The buggy address is located 8 bytes inside of
[ 2261.984894] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2261.986243]
[ 2261.986449] The buggy address belongs to the physical page:
[ 2261.987113] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2261.988222] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2261.989047] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2261.989974] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2261.990890] page dumped because: kasan: bad access detected
[ 2261.991557]
[ 2261.991762] Memory state around the buggy address:
[ 2261.992344] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2261.993203] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2261.994057] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2261.994917] ^
[ 2261.995472] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2261.996330] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2261.997188] ==================================================================
[ 2261.998083] ==================================================================
[ 2261.998951] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 2262.000051] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.000948]
[ 2262.001157] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.002872] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.003602] Call Trace:
[ 2262.003912]
[ 2262.004187] ? kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 2262.004978] dump_stack_lvl+0x57/0x81
[ 2262.005435] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.006133] ? kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 2262.006923] print_report.cold+0x5c/0x237
[ 2262.007422] kasan_report+0xc9/0x100
[ 2262.007867] ? kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 2262.008659] kasan_check_range+0xfd/0x1e0
[ 2262.009152] kasan_bitops_modify.constprop.0+0x1a4/0x850 [test_kasan]
[ 2262.009921] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2262.010539] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.011085] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.011663] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.012334] ? rcu_read_lock_held+0x30/0x50
[ 2262.012842] ? trace_kmalloc+0x3c/0x100
[ 2262.013315] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.013890] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2262.014545] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.015430] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.016117] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.016734] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.017334] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.017946] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.018679] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.019305] kthread+0x2a4/0x350
[ 2262.019710] ? kthread_complete_and_exit+0x20/0x20
[ 2262.020294] ret_from_fork+0x1f/0x30
[ 2262.020747]
[ 2262.021029]
[ 2262.021238] Allocated by task 48047:
[ 2262.021677] kasan_save_stack+0x1e/0x40
[ 2262.022150] __kasan_kmalloc+0x81/0xa0
[ 2262.022611] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.023262] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.023856] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.024592] kthread+0x2a4/0x350
[ 2262.024994] ret_from_fork+0x1f/0x30
[ 2262.025440]
[ 2262.025647] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.025647] which belongs to the cache kmalloc-16 of size 16
[ 2262.027086] The buggy address is located 8 bytes inside of
[ 2262.027086] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.028434]
[ 2262.028641] The buggy address belongs to the physical page:
[ 2262.029311] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.030413] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.031238] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.032159] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.033071] page dumped because: kasan: bad access detected
[ 2262.033738]
[ 2262.033944] Memory state around the buggy address:
[ 2262.034525] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.035386] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.036248] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.037105] ^
[ 2262.037656] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.038517] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.039376] ==================================================================
[ 2262.040373] ==================================================================
[ 2262.041238] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 2262.042336] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.043235]
[ 2262.043441] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.045036] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.045729] Call Trace:
[ 2262.046039]
[ 2262.046314] ? kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 2262.047103] dump_stack_lvl+0x57/0x81
[ 2262.047560] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.048257] ? kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 2262.049050] print_report.cold+0x5c/0x237
[ 2262.049546] kasan_report+0xc9/0x100
[ 2262.049991] ? kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 2262.050784] kasan_check_range+0xfd/0x1e0
[ 2262.051277] kasan_bitops_modify.constprop.0+0x24d/0x850 [test_kasan]
[ 2262.052052] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2262.052671] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.053220] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.053796] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.054466] ? rcu_read_lock_held+0x30/0x50
[ 2262.054974] ? trace_kmalloc+0x3c/0x100
[ 2262.055447] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.056022] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2262.056677] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.057559] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.058248] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.058865] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.059461] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.060074] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.060812] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.061436] kthread+0x2a4/0x350
[ 2262.061839] ? kthread_complete_and_exit+0x20/0x20
[ 2262.062423] ret_from_fork+0x1f/0x30
[ 2262.062876]
[ 2262.063161]
[ 2262.063366] Allocated by task 48047:
[ 2262.063849] kasan_save_stack+0x1e/0x40
[ 2262.064369] __kasan_kmalloc+0x81/0xa0
[ 2262.064830] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.065480] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.066071] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.066805] kthread+0x2a4/0x350
[ 2262.067210] ret_from_fork+0x1f/0x30
[ 2262.067653]
[ 2262.067858] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.067858] which belongs to the cache kmalloc-16 of size 16
[ 2262.069301] The buggy address is located 8 bytes inside of
[ 2262.069301] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.070646]
[ 2262.070852] The buggy address belongs to the physical page:
[ 2262.071518] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.072619] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.073448] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.074376] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.075294] page dumped because: kasan: bad access detected
[ 2262.075956]
[ 2262.076164] Memory state around the buggy address:
[ 2262.076741] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.077601] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.078458] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.079319] ^
[ 2262.079871] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.080731] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.081588] ==================================================================
[ 2262.082489] ==================================================================
[ 2262.083586] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 2262.084743] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.085640]
[ 2262.085845] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.087450] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.088144] Call Trace:
[ 2262.088455]
[ 2262.088728] ? kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 2262.089517] dump_stack_lvl+0x57/0x81
[ 2262.089971] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.090667] ? kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 2262.091459] print_report.cold+0x5c/0x237
[ 2262.091951] kasan_report+0xc9/0x100
[ 2262.092399] ? kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 2262.093191] kasan_check_range+0xfd/0x1e0
[ 2262.093681] kasan_bitops_modify.constprop.0+0x2f2/0x850 [test_kasan]
[ 2262.094452] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2262.095066] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.095617] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.096195] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.096862] ? rcu_read_lock_held+0x30/0x50
[ 2262.097374] ? trace_kmalloc+0x3c/0x100
[ 2262.097845] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.098425] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2262.099075] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.099964] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.100654] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.101276] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.101868] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.102489] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.103225] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.103847] kthread+0x2a4/0x350
[ 2262.104256] ? kthread_complete_and_exit+0x20/0x20
[ 2262.104836] ret_from_fork+0x1f/0x30
[ 2262.105289]
[ 2262.105576]
[ 2262.105781] Allocated by task 48047:
[ 2262.106223] kasan_save_stack+0x1e/0x40
[ 2262.106691] __kasan_kmalloc+0x81/0xa0
[ 2262.107154] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.107802] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.108397] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.109133] kthread+0x2a4/0x350
[ 2262.109536] ret_from_fork+0x1f/0x30
[ 2262.109977]
[ 2262.110187] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.110187] which belongs to the cache kmalloc-16 of size 16
[ 2262.111632] The buggy address is located 8 bytes inside of
[ 2262.111632] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.112980]
[ 2262.113188] The buggy address belongs to the physical page:
[ 2262.113849] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.114950] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.115777] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.116694] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.117607] page dumped because: kasan: bad access detected
[ 2262.118272]
[ 2262.118477] Memory state around the buggy address:
[ 2262.119053] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.119911] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.120770] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.121627] ^
[ 2262.122178] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.123033] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.123893] ==================================================================
[ 2262.124784] ==================================================================
[ 2262.125647] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 2262.126745] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.127701]
[ 2262.127932] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.129583] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.130276] Call Trace:
[ 2262.130586]
[ 2262.130859] ? kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 2262.131651] dump_stack_lvl+0x57/0x81
[ 2262.132103] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.132798] ? kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 2262.133588] print_report.cold+0x5c/0x237
[ 2262.134079] kasan_report+0xc9/0x100
[ 2262.134526] ? kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 2262.135318] kasan_check_range+0xfd/0x1e0
[ 2262.135807] kasan_bitops_modify.constprop.0+0x39b/0x850 [test_kasan]
[ 2262.136579] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2262.137199] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.137744] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.138323] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.138990] ? rcu_read_lock_held+0x30/0x50
[ 2262.139501] ? trace_kmalloc+0x3c/0x100
[ 2262.139971] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.140551] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2262.141205] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.142086] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.142776] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.143396] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.143989] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.144604] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.145340] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.145963] kthread+0x2a4/0x350
[ 2262.146369] ? kthread_complete_and_exit+0x20/0x20
[ 2262.146951] ret_from_fork+0x1f/0x30
[ 2262.147406]
[ 2262.147687]
[ 2262.147893] Allocated by task 48047:
[ 2262.148336] kasan_save_stack+0x1e/0x40
[ 2262.148805] __kasan_kmalloc+0x81/0xa0
[ 2262.149266] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.149914] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.150510] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.151243] kthread+0x2a4/0x350
[ 2262.151645] ret_from_fork+0x1f/0x30
[ 2262.152094]
[ 2262.152303] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.152303] which belongs to the cache kmalloc-16 of size 16
[ 2262.153738] The buggy address is located 8 bytes inside of
[ 2262.153738] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.155076]
[ 2262.155284] The buggy address belongs to the physical page:
[ 2262.155946] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.157048] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.157877] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.158795] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.159710] page dumped because: kasan: bad access detected
[ 2262.160379]
[ 2262.160585] Memory state around the buggy address:
[ 2262.161167] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.162021] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.162880] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.163738] ^
[ 2262.164291] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.165193] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.166048] ==================================================================
[ 2262.166924] ==================================================================
[ 2262.167788] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 2262.168885] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.169782]
[ 2262.169988] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.171586] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.172277] Call Trace:
[ 2262.172587]
[ 2262.172859] ? kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 2262.173648] dump_stack_lvl+0x57/0x81
[ 2262.174100] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.174795] ? kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 2262.175587] print_report.cold+0x5c/0x237
[ 2262.176154] kasan_report+0xc9/0x100
[ 2262.176653] ? kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 2262.177521] kasan_check_range+0xfd/0x1e0
[ 2262.178011] kasan_bitops_modify.constprop.0+0x440/0x850 [test_kasan]
[ 2262.178883] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2262.179572] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.180161] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.180806] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.181584] ? rcu_read_lock_held+0x30/0x50
[ 2262.182156] ? trace_kmalloc+0x3c/0x100
[ 2262.182680] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.183327] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2262.184023] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.184979] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.185750] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.186442] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.187063] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.187679] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.188414] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.189034] kthread+0x2a4/0x350
[ 2262.189441] ? kthread_complete_and_exit+0x20/0x20
[ 2262.190023] ret_from_fork+0x1f/0x30
[ 2262.190478]
[ 2262.190760]
[ 2262.190966] Allocated by task 48047:
[ 2262.191408] kasan_save_stack+0x1e/0x40
[ 2262.191876] __kasan_kmalloc+0x81/0xa0
[ 2262.192338] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.192988] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.193583] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.194315] kthread+0x2a4/0x350
[ 2262.194754] ret_from_fork+0x1f/0x30
[ 2262.195252]
[ 2262.195481] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.195481] which belongs to the cache kmalloc-16 of size 16
[ 2262.196948] The buggy address is located 8 bytes inside of
[ 2262.196948] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.198291]
[ 2262.198496] The buggy address belongs to the physical page:
[ 2262.199162] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.200265] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.201089] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.202092] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.203116] page dumped because: kasan: bad access detected
[ 2262.203853]
[ 2262.204058] Memory state around the buggy address:
[ 2262.204638] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.205496] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.206355] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.207215] ^
[ 2262.207767] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.208626] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.209486] ==================================================================
[ 2262.210366] ==================================================================
[ 2262.211234] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 2262.212332] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.213227]
[ 2262.213434] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.215028] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.215721] Call Trace:
[ 2262.216030]
[ 2262.216307] ? kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 2262.217093] dump_stack_lvl+0x57/0x81
[ 2262.217547] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.218243] ? kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 2262.219031] print_report.cold+0x5c/0x237
[ 2262.219525] kasan_report+0xc9/0x100
[ 2262.219968] ? kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 2262.220758] kasan_check_range+0xfd/0x1e0
[ 2262.221252] kasan_bitops_modify.constprop.0+0x4e9/0x850 [test_kasan]
[ 2262.222019] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2262.222637] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.223185] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.223759] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.224432] ? rcu_read_lock_held+0x30/0x50
[ 2262.224938] ? trace_kmalloc+0x3c/0x100
[ 2262.225412] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.225984] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2262.226636] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.227530] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.228219] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.228835] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.229432] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.230044] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.230777] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.231402] kthread+0x2a4/0x350
[ 2262.231805] ? kthread_complete_and_exit+0x20/0x20
[ 2262.232390] ret_from_fork+0x1f/0x30
[ 2262.232842]
[ 2262.233124]
[ 2262.233331] Allocated by task 48047:
[ 2262.233768] kasan_save_stack+0x1e/0x40
[ 2262.234239] __kasan_kmalloc+0x81/0xa0
[ 2262.234699] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.235349] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.235940] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.236675] kthread+0x2a4/0x350
[ 2262.237077] ret_from_fork+0x1f/0x30
[ 2262.237521]
[ 2262.237727] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.237727] which belongs to the cache kmalloc-16 of size 16
[ 2262.239165] The buggy address is located 8 bytes inside of
[ 2262.239165] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.240511]
[ 2262.240717] The buggy address belongs to the physical page:
[ 2262.241382] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.242485] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.243312] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.244228] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.245145] page dumped because: kasan: bad access detected
[ 2262.245807]
[ 2262.246013] Memory state around the buggy address:
[ 2262.246593] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.247453] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.248317] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.249175] ^
[ 2262.249726] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.250585] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.251443] ==================================================================
[ 2262.252319] ==================================================================
[ 2262.253180] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 2262.254276] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.255178]
[ 2262.255384] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.256976] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.257668] Call Trace:
[ 2262.257977]
[ 2262.258253] ? kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 2262.259043] dump_stack_lvl+0x57/0x81
[ 2262.259500] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.260193] ? kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 2262.260983] print_report.cold+0x5c/0x237
[ 2262.261478] kasan_report+0xc9/0x100
[ 2262.261922] ? kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 2262.262710] kasan_check_range+0xfd/0x1e0
[ 2262.263203] kasan_bitops_modify.constprop.0+0x58e/0x850 [test_kasan]
[ 2262.264024] ? kasan_test_init+0x50/0x50 [test_kasan]
[ 2262.264714] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.265300] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.265874] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.266547] ? rcu_read_lock_held+0x30/0x50
[ 2262.267055] ? trace_kmalloc+0x3c/0x100
[ 2262.267528] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.268100] kasan_bitops_generic+0xfa/0x164 [test_kasan]
[ 2262.268751] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.269636] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.270327] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.270943] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.271539] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.272154] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.272885] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.273512] kthread+0x2a4/0x350
[ 2262.273914] ? kthread_complete_and_exit+0x20/0x20
[ 2262.274499] ret_from_fork+0x1f/0x30
[ 2262.274949]
[ 2262.275233]
[ 2262.275438] Allocated by task 48047:
[ 2262.275879] kasan_save_stack+0x1e/0x40
[ 2262.276350] __kasan_kmalloc+0x81/0xa0
[ 2262.276810] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.277461] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.278052] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.278784] kthread+0x2a4/0x350
[ 2262.279190] ret_from_fork+0x1f/0x30
[ 2262.279631]
[ 2262.279836] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.279836] which belongs to the cache kmalloc-16 of size 16
[ 2262.281277] The buggy address is located 8 bytes inside of
[ 2262.281277] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.282620]
[ 2262.282825] The buggy address belongs to the physical page:
[ 2262.283489] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.284595] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.285419] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.286337] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.287254] page dumped because: kasan: bad access detected
[ 2262.287915]
[ 2262.288125] Memory state around the buggy address:
[ 2262.288703] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.289563] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.290419] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.291277] ^
[ 2262.291825] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.292683] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.293541] ==================================================================
[ 2262.294418] ==================================================================
[ 2262.295282] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 2262.296461] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.297358]
[ 2262.297564] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.299161] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.299850] Call Trace:
[ 2262.300163]
[ 2262.300435] ? kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 2262.301310] dump_stack_lvl+0x57/0x81
[ 2262.301763] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.302460] ? kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 2262.303342] print_report.cold+0x5c/0x237
[ 2262.303836] kasan_report+0xc9/0x100
[ 2262.304286] ? kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 2262.305159] kasan_check_range+0xfd/0x1e0
[ 2262.305651] kasan_bitops_test_and_modify.constprop.0+0xff/0x990 [test_kasan]
[ 2262.306512] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2262.307306] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.307852] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.308428] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.309096] ? rcu_read_lock_held+0x30/0x50
[ 2262.309607] ? trace_kmalloc+0x3c/0x100
[ 2262.310075] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.310654] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2262.311314] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.312199] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.312883] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.313527] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.314195] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.314828] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.315561] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.316186] kthread+0x2a4/0x350
[ 2262.316590] ? kthread_complete_and_exit+0x20/0x20
[ 2262.317176] ret_from_fork+0x1f/0x30
[ 2262.317627]
[ 2262.317908]
[ 2262.318113] Allocated by task 48047:
[ 2262.318557] kasan_save_stack+0x1e/0x40
[ 2262.319026] __kasan_kmalloc+0x81/0xa0
[ 2262.319488] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.320138] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.320730] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.321463] kthread+0x2a4/0x350
[ 2262.321866] ret_from_fork+0x1f/0x30
[ 2262.322310]
[ 2262.322516] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.322516] which belongs to the cache kmalloc-16 of size 16
[ 2262.323953] The buggy address is located 8 bytes inside of
[ 2262.323953] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.325299]
[ 2262.325505] The buggy address belongs to the physical page:
[ 2262.326173] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.327334] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.328260] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.329286] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.330256] page dumped because: kasan: bad access detected
[ 2262.330918]
[ 2262.331125] Memory state around the buggy address:
[ 2262.331702] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.332561] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.333420] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.334280] ^
[ 2262.334829] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.335691] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.336549] ==================================================================
[ 2262.337425] ==================================================================
[ 2262.338288] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 2262.339473] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.340370]
[ 2262.340576] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.342320] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.343009] Call Trace:
[ 2262.343323]
[ 2262.343596] ? kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 2262.344480] dump_stack_lvl+0x57/0x81
[ 2262.344931] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.345630] ? kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 2262.346510] print_report.cold+0x5c/0x237
[ 2262.347003] kasan_report+0xc9/0x100
[ 2262.347449] ? kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 2262.348336] kasan_check_range+0xfd/0x1e0
[ 2262.348827] kasan_bitops_test_and_modify.constprop.0+0x1a9/0x990 [test_kasan]
[ 2262.349692] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2262.350483] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.351030] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.351607] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.352278] ? rcu_read_lock_held+0x30/0x50
[ 2262.352795] ? trace_kmalloc+0x3c/0x100
[ 2262.353272] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.353846] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2262.354508] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.355394] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.356079] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.356699] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.357296] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.357909] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.358644] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.359270] kthread+0x2a4/0x350
[ 2262.359673] ? kthread_complete_and_exit+0x20/0x20
[ 2262.360259] ret_from_fork+0x1f/0x30
[ 2262.360709]
[ 2262.360994]
[ 2262.361203] Allocated by task 48047:
[ 2262.361642] kasan_save_stack+0x1e/0x40
[ 2262.362110] __kasan_kmalloc+0x81/0xa0
[ 2262.362571] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.363223] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.363815] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.364549] kthread+0x2a4/0x350
[ 2262.364950] ret_from_fork+0x1f/0x30
[ 2262.365394]
[ 2262.365598] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.365598] which belongs to the cache kmalloc-16 of size 16
[ 2262.367033] The buggy address is located 8 bytes inside of
[ 2262.367033] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.368377]
[ 2262.368582] The buggy address belongs to the physical page:
[ 2262.369247] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.370351] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.371177] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.372090] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.373061] page dumped because: kasan: bad access detected
[ 2262.373820]
[ 2262.374026] Memory state around the buggy address:
[ 2262.374607] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.375466] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.376325] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.377183] ^
[ 2262.377734] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.378592] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.379449] ==================================================================
[ 2262.380343] ==================================================================
[ 2262.381241] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 2262.382434] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.383334]
[ 2262.383540] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.385142] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.385833] Call Trace:
[ 2262.386147]
[ 2262.386421] ? kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 2262.387302] dump_stack_lvl+0x57/0x81
[ 2262.387754] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.388450] ? kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 2262.389334] print_report.cold+0x5c/0x237
[ 2262.389827] kasan_report+0xc9/0x100
[ 2262.390274] ? kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 2262.391160] kasan_check_range+0xfd/0x1e0
[ 2262.391650] kasan_bitops_test_and_modify.constprop.0+0x252/0x990 [test_kasan]
[ 2262.392516] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2262.393309] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.393854] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.394431] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.395100] ? rcu_read_lock_held+0x30/0x50
[ 2262.395612] ? trace_kmalloc+0x3c/0x100
[ 2262.396082] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.396660] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2262.397323] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.398208] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.398895] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.399513] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.400110] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.400739] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.401476] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.402098] kthread+0x2a4/0x350
[ 2262.402504] ? kthread_complete_and_exit+0x20/0x20
[ 2262.403087] ret_from_fork+0x1f/0x30
[ 2262.403581]
[ 2262.403895]
[ 2262.404128] Allocated by task 48047:
[ 2262.404609] kasan_save_stack+0x1e/0x40
[ 2262.405078] __kasan_kmalloc+0x81/0xa0
[ 2262.405542] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.406192] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.406784] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.407522] kthread+0x2a4/0x350
[ 2262.407926] ret_from_fork+0x1f/0x30
[ 2262.408369]
[ 2262.408574] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.408574] which belongs to the cache kmalloc-16 of size 16
[ 2262.410011] The buggy address is located 8 bytes inside of
[ 2262.410011] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.411354]
[ 2262.411560] The buggy address belongs to the physical page:
[ 2262.412226] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.413331] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.414157] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.415072] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.415987] page dumped because: kasan: bad access detected
[ 2262.416651]
[ 2262.416856] Memory state around the buggy address:
[ 2262.417437] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.418296] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.419153] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.420007] ^
[ 2262.420560] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.421419] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.422275] ==================================================================
[ 2262.423148] ==================================================================
[ 2262.424006] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 2262.425197] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.426092]
[ 2262.426301] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.427894] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.428585] Call Trace:
[ 2262.428894]
[ 2262.429169] ? kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 2262.430049] dump_stack_lvl+0x57/0x81
[ 2262.430503] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.431276] ? kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 2262.432227] print_report.cold+0x5c/0x237
[ 2262.432719] kasan_report+0xc9/0x100
[ 2262.433166] ? kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 2262.434045] kasan_check_range+0xfd/0x1e0
[ 2262.434539] kasan_bitops_test_and_modify.constprop.0+0x2fc/0x990 [test_kasan]
[ 2262.435403] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2262.436196] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.436741] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.437320] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.437989] ? rcu_read_lock_held+0x30/0x50
[ 2262.438501] ? trace_kmalloc+0x3c/0x100
[ 2262.438972] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.439549] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2262.440211] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.441091] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.441780] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.442398] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.442989] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.443606] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.444341] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.444961] kthread+0x2a4/0x350
[ 2262.445367] ? kthread_complete_and_exit+0x20/0x20
[ 2262.445949] ret_from_fork+0x1f/0x30
[ 2262.446404]
[ 2262.446685]
[ 2262.446890] Allocated by task 48047:
[ 2262.447334] kasan_save_stack+0x1e/0x40
[ 2262.447801] __kasan_kmalloc+0x81/0xa0
[ 2262.448263] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.448911] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.449507] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.450240] kthread+0x2a4/0x350
[ 2262.450642] ret_from_fork+0x1f/0x30
[ 2262.451082]
[ 2262.451289] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.451289] which belongs to the cache kmalloc-16 of size 16
[ 2262.452727] The buggy address is located 8 bytes inside of
[ 2262.452727] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.454075]
[ 2262.454286] The buggy address belongs to the physical page:
[ 2262.454949] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.456051] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.456876] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.457791] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.458704] page dumped because: kasan: bad access detected
[ 2262.459371]
[ 2262.459576] Memory state around the buggy address:
[ 2262.460159] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.461014] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.461872] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.462730] ^
[ 2262.463285] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.464142] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.465054] ==================================================================
[ 2262.466011] ==================================================================
[ 2262.466879] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 2262.468072] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.468972]
[ 2262.469181] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.470774] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.471465] Call Trace:
[ 2262.471774]
[ 2262.472047] ? kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 2262.472932] dump_stack_lvl+0x57/0x81
[ 2262.473387] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.474082] ? kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 2262.474964] print_report.cold+0x5c/0x237
[ 2262.475459] kasan_report+0xc9/0x100
[ 2262.475904] ? kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 2262.476828] kasan_check_range+0xfd/0x1e0
[ 2262.477379] kasan_bitops_test_and_modify.constprop.0+0x3a6/0x990 [test_kasan]
[ 2262.478296] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2262.479088] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.479635] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.480212] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.480879] ? rcu_read_lock_held+0x30/0x50
[ 2262.481391] ? trace_kmalloc+0x3c/0x100
[ 2262.481904] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.482482] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2262.483145] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.484024] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.484713] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.485331] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.485924] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.486540] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.487278] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.487899] kthread+0x2a4/0x350
[ 2262.488304] ? kthread_complete_and_exit+0x20/0x20
[ 2262.488887] ret_from_fork+0x1f/0x30
[ 2262.489345]
[ 2262.489627]
[ 2262.489834] Allocated by task 48047:
[ 2262.490279] kasan_save_stack+0x1e/0x40
[ 2262.490746] __kasan_kmalloc+0x81/0xa0
[ 2262.491223] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.491871] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.492465] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.493198] kthread+0x2a4/0x350
[ 2262.493600] ret_from_fork+0x1f/0x30
[ 2262.494041]
[ 2262.494249] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.494249] which belongs to the cache kmalloc-16 of size 16
[ 2262.495684] The buggy address is located 8 bytes inside of
[ 2262.495684] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.497027]
[ 2262.497236] The buggy address belongs to the physical page:
[ 2262.497898] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.499001] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.499827] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.500747] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.501661] page dumped because: kasan: bad access detected
[ 2262.502326]
[ 2262.502531] Memory state around the buggy address:
[ 2262.503109] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.503971] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.504833] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.505693] ^
[ 2262.506247] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.507103] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.507959] ==================================================================
[ 2262.508836] ==================================================================
[ 2262.509700] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 2262.510890] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.511784]
[ 2262.511993] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.513595] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.514286] Call Trace:
[ 2262.514596]
[ 2262.514869] ? kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 2262.515750] dump_stack_lvl+0x57/0x81
[ 2262.516204] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.516895] ? kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 2262.517779] print_report.cold+0x5c/0x237
[ 2262.518274] kasan_report+0xc9/0x100
[ 2262.518717] ? kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 2262.519605] kasan_check_range+0xfd/0x1e0
[ 2262.520094] kasan_bitops_test_and_modify.constprop.0+0x44f/0x990 [test_kasan]
[ 2262.520961] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2262.521754] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.522305] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.522880] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.523553] ? rcu_read_lock_held+0x30/0x50
[ 2262.524060] ? trace_kmalloc+0x3c/0x100
[ 2262.524533] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.525114] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2262.525771] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.526655] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.527345] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.527994] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.528658] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.529346] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.530167] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.530788] kthread+0x2a4/0x350
[ 2262.531194] ? kthread_complete_and_exit+0x20/0x20
[ 2262.531775] ret_from_fork+0x1f/0x30
[ 2262.532229]
[ 2262.532512]
[ 2262.532763] Allocated by task 48047:
[ 2262.533204] kasan_save_stack+0x1e/0x40
[ 2262.533672] __kasan_kmalloc+0x81/0xa0
[ 2262.534133] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.534784] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.535377] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.536106] kthread+0x2a4/0x350
[ 2262.536514] ret_from_fork+0x1f/0x30
[ 2262.536956]
[ 2262.537164] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.537164] which belongs to the cache kmalloc-16 of size 16
[ 2262.538594] The buggy address is located 8 bytes inside of
[ 2262.538594] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.539934]
[ 2262.540145] The buggy address belongs to the physical page:
[ 2262.540806] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.541908] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.542739] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.543655] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.544572] page dumped because: kasan: bad access detected
[ 2262.545240]
[ 2262.545445] Memory state around the buggy address:
[ 2262.546021] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.546883] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.547741] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.548598] ^
[ 2262.549150] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.550006] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.550862] ==================================================================
[ 2262.551738] ==================================================================
[ 2262.552602] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 2262.553790] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.554685]
[ 2262.554891] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.556488] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.557182] Call Trace:
[ 2262.557492]
[ 2262.557763] ? kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 2262.558650] dump_stack_lvl+0x57/0x81
[ 2262.559102] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.559798] ? kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 2262.560681] print_report.cold+0x5c/0x237
[ 2262.561177] kasan_report+0xc9/0x100
[ 2262.561621] ? kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 2262.562502] kasan_check_range+0xfd/0x1e0
[ 2262.562992] kasan_bitops_test_and_modify.constprop.0+0x4f9/0x990 [test_kasan]
[ 2262.563857] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2262.564657] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.565206] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.565780] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.566450] ? rcu_read_lock_held+0x30/0x50
[ 2262.566956] ? trace_kmalloc+0x3c/0x100
[ 2262.567428] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.568002] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2262.568666] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.569553] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.570240] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.570857] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.571455] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.572067] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.572806] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.573432] kthread+0x2a4/0x350
[ 2262.573835] ? kthread_complete_and_exit+0x20/0x20
[ 2262.574421] ret_from_fork+0x1f/0x30
[ 2262.574872]
[ 2262.575156]
[ 2262.575362] Allocated by task 48047:
[ 2262.575800] kasan_save_stack+0x1e/0x40
[ 2262.576274] __kasan_kmalloc+0x81/0xa0
[ 2262.576733] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.577386] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.577978] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.578712] kthread+0x2a4/0x350
[ 2262.579118] ret_from_fork+0x1f/0x30
[ 2262.579559]
[ 2262.579766] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.579766] which belongs to the cache kmalloc-16 of size 16
[ 2262.581206] The buggy address is located 8 bytes inside of
[ 2262.581206] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.582546]
[ 2262.582753] The buggy address belongs to the physical page:
[ 2262.583420] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.584520] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.585349] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.586265] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.587177] page dumped because: kasan: bad access detected
[ 2262.587837]
[ 2262.588041] Memory state around the buggy address:
[ 2262.588621] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.589483] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.590342] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.591201] ^
[ 2262.591758] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.592619] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.593478] ==================================================================
[ 2262.594354] ==================================================================
[ 2262.595214] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 2262.596404] Read of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.597295]
[ 2262.597500] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.599092] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.599785] Call Trace:
[ 2262.600095]
[ 2262.600371] ? kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 2262.601256] dump_stack_lvl+0x57/0x81
[ 2262.601709] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.602405] ? kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 2262.603286] print_report.cold+0x5c/0x237
[ 2262.603785] kasan_report+0xc9/0x100
[ 2262.604232] ? kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 2262.605239] kasan_check_range+0xfd/0x1e0
[ 2262.605746] kasan_bitops_test_and_modify.constprop.0+0x5a2/0x990 [test_kasan]
[ 2262.606611] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2262.607406] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.607954] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.608532] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.609202] ? rcu_read_lock_held+0x30/0x50
[ 2262.609710] ? trace_kmalloc+0x3c/0x100
[ 2262.610183] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.610758] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2262.611420] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.612307] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.612993] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.613611] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.614207] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.614819] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.615554] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.616179] kthread+0x2a4/0x350
[ 2262.616584] ? kthread_complete_and_exit+0x20/0x20
[ 2262.617171] ret_from_fork+0x1f/0x30
[ 2262.617622]
[ 2262.617904]
[ 2262.618112] Allocated by task 48047:
[ 2262.618551] kasan_save_stack+0x1e/0x40
[ 2262.619019] __kasan_kmalloc+0x81/0xa0
[ 2262.619482] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.620133] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.620724] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.621459] kthread+0x2a4/0x350
[ 2262.621862] ret_from_fork+0x1f/0x30
[ 2262.622306]
[ 2262.622512] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.622512] which belongs to the cache kmalloc-16 of size 16
[ 2262.623950] The buggy address is located 8 bytes inside of
[ 2262.623950] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.625298]
[ 2262.625503] The buggy address belongs to the physical page:
[ 2262.626171] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.627279] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.628104] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.629022] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.629936] page dumped because: kasan: bad access detected
[ 2262.630602]
[ 2262.630807] Memory state around the buggy address:
[ 2262.631387] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.632248] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.633109] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.633963] ^
[ 2262.634517] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.635479] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.636386] ==================================================================
[ 2262.637266] ==================================================================
[ 2262.638129] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 2262.639316] Read of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.640204]
[ 2262.640410] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.642005] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.642698] Call Trace:
[ 2262.643008]
[ 2262.643283] ? kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 2262.644166] dump_stack_lvl+0x57/0x81
[ 2262.644619] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.645315] ? kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 2262.646196] print_report.cold+0x5c/0x237
[ 2262.646688] kasan_report+0xc9/0x100
[ 2262.647134] ? kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 2262.648017] kasan_bitops_test_and_modify.constprop.0+0x984/0x990 [test_kasan]
[ 2262.648881] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2262.649674] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.650222] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.650795] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.651468] ? rcu_read_lock_held+0x30/0x50
[ 2262.651975] ? trace_kmalloc+0x3c/0x100
[ 2262.652450] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.653024] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2262.653686] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.654572] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.655259] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.655877] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.656474] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.657087] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.657899] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.658598] kthread+0x2a4/0x350
[ 2262.659027] ? kthread_complete_and_exit+0x20/0x20
[ 2262.659613] ret_from_fork+0x1f/0x30
[ 2262.660065]
[ 2262.660352]
[ 2262.660557] Allocated by task 48047:
[ 2262.660996] kasan_save_stack+0x1e/0x40
[ 2262.661470] __kasan_kmalloc+0x81/0xa0
[ 2262.661929] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.662578] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.663175] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.663903] kthread+0x2a4/0x350
[ 2262.664307] ret_from_fork+0x1f/0x30
[ 2262.664817]
[ 2262.665046] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.665046] which belongs to the cache kmalloc-16 of size 16
[ 2262.666657] The buggy address is located 8 bytes inside of
[ 2262.666657] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.668001]
[ 2262.668208] The buggy address belongs to the physical page:
[ 2262.668870] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.669975] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.670801] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.671719] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.672632] page dumped because: kasan: bad access detected
[ 2262.673299]
[ 2262.673504] Memory state around the buggy address:
[ 2262.674081] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.674944] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.675804] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.676660] ^
[ 2262.677214] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.678070] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.678924] ==================================================================
[ 2262.679793] ==================================================================
[ 2262.680656] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 2262.681844] Write of size 8 at addr ffff88810b9dc828 by task kunit_try_catch/48047
[ 2262.682739]
[ 2262.682944] CPU: 0 PID: 48047 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.684539] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.685317] Call Trace:
[ 2262.685664]
[ 2262.685969] ? kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 2262.686936] dump_stack_lvl+0x57/0x81
[ 2262.687390] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.688084] ? kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 2262.688965] print_report.cold+0x5c/0x237
[ 2262.689460] kasan_report+0xc9/0x100
[ 2262.689905] ? kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 2262.690787] kasan_check_range+0xfd/0x1e0
[ 2262.691280] kasan_bitops_test_and_modify.constprop.0+0x66e/0x990 [test_kasan]
[ 2262.692145] ? kasan_bitops_modify.constprop.0+0x850/0x850 [test_kasan]
[ 2262.692935] ? kunit_kfree+0x200/0x200 [kunit]
[ 2262.693483] ? rcu_read_lock_sched_held+0x12/0x80
[ 2262.694057] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.694728] ? rcu_read_lock_held+0x30/0x50
[ 2262.695238] ? trace_kmalloc+0x3c/0x100
[ 2262.695708] ? kmem_cache_alloc_trace+0x1af/0x320
[ 2262.696286] kasan_bitops_generic+0x105/0x164 [test_kasan]
[ 2262.696946] ? kasan_bitops_test_and_modify.constprop.0+0x990/0x990 [test_kasan]
[ 2262.697831] ? kunit_unary_assert_format+0x1e0/0x1e0 [kunit]
[ 2262.698520] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.699140] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.699733] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.700348] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.701080] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.701703] kthread+0x2a4/0x350
[ 2262.702109] ? kthread_complete_and_exit+0x20/0x20
[ 2262.702691] ret_from_fork+0x1f/0x30
[ 2262.703146]
[ 2262.703428]
[ 2262.703633] Allocated by task 48047:
[ 2262.704082] kasan_save_stack+0x1e/0x40
[ 2262.704553] __kasan_kmalloc+0x81/0xa0
[ 2262.705012] kasan_bitops_generic+0x86/0x164 [test_kasan]
[ 2262.705663] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.706260] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.706991] kthread+0x2a4/0x350
[ 2262.707396] ret_from_fork+0x1f/0x30
[ 2262.707837]
[ 2262.708041] The buggy address belongs to the object at ffff88810b9dc820
[ 2262.708041] which belongs to the cache kmalloc-16 of size 16
[ 2262.709480] The buggy address is located 8 bytes inside of
[ 2262.709480] 16-byte region [ffff88810b9dc820, ffff88810b9dc830)
[ 2262.710821]
[ 2262.711026] The buggy address belongs to the physical page:
[ 2262.711690] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.712885] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.713774] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.714692] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.715607] page dumped because: kasan: bad access detected
[ 2262.716273]
[ 2262.716478] Memory state around the buggy address:
[ 2262.717055] ffff88810b9dc700: fb fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.717923] ffff88810b9dc780: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.718783] >ffff88810b9dc800: fa fb fc fc 00 01 fc fc fa fb fc fc fb fb fc fc
[ 2262.719644] ^
[ 2262.720197] ffff88810b9dc880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2262.721051] ffff88810b9dc900: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.721912] ==================================================================
[ 2262.722911] ok 45 - kasan_bitops_generic
[ 2262.723236] ok 46 - kasan_bitops_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 2262.723993] ==================================================================
[ 2262.725799] BUG: KASAN: use-after-free in kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2262.726763] Read of size 1 at addr ffff88810b9dcea0 by task kunit_try_catch/48049
[ 2262.727655]
[ 2262.727861] CPU: 0 PID: 48049 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.729593] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.730372] Call Trace:
[ 2262.730719]
[ 2262.731016] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2262.731714] dump_stack_lvl+0x57/0x81
[ 2262.732171] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.732868] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2262.733567] print_report.cold+0x5c/0x237
[ 2262.734059] kasan_report+0xc9/0x100
[ 2262.734507] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2262.735204] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2262.735898] __kasan_check_byte+0x36/0x50
[ 2262.736393] kfree_sensitive+0x1b/0x60
[ 2262.736905] kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2262.737658] ? vmalloc_oob+0x5e0/0x5e0 [test_kasan]
[ 2262.738276] ? do_raw_spin_trylock+0xb5/0x180
[ 2262.738813] ? do_raw_spin_lock+0x270/0x270
[ 2262.739329] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.740000] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.740618] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.741216] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.741828] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.742567] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.743190] kthread+0x2a4/0x350
[ 2262.743593] ? kthread_complete_and_exit+0x20/0x20
[ 2262.744176] ret_from_fork+0x1f/0x30
[ 2262.744629]
[ 2262.744910]
[ 2262.745119] Allocated by task 48049:
[ 2262.745559] kasan_save_stack+0x1e/0x40
[ 2262.746026] __kasan_kmalloc+0x81/0xa0
[ 2262.746486] kmalloc_double_kzfree+0x9a/0x270 [test_kasan]
[ 2262.747149] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.747741] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.748474] kthread+0x2a4/0x350
[ 2262.748876] ret_from_fork+0x1f/0x30
[ 2262.749321]
[ 2262.749526] Freed by task 48049:
[ 2262.749927] kasan_save_stack+0x1e/0x40
[ 2262.750402] kasan_set_track+0x21/0x30
[ 2262.750865] kasan_set_free_info+0x20/0x40
[ 2262.751367] __kasan_slab_free+0x108/0x170
[ 2262.751864] slab_free_freelist_hook+0x11d/0x1d0
[ 2262.752430] kfree+0xe2/0x3c0
[ 2262.752804] kmalloc_double_kzfree+0x137/0x270 [test_kasan]
[ 2262.753473] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.754065] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.754800] kthread+0x2a4/0x350
[ 2262.755206] ret_from_fork+0x1f/0x30
[ 2262.755651]
[ 2262.755856] The buggy address belongs to the object at ffff88810b9dcea0
[ 2262.755856] which belongs to the cache kmalloc-16 of size 16
[ 2262.757297] The buggy address is located 0 bytes inside of
[ 2262.757297] 16-byte region [ffff88810b9dcea0, ffff88810b9dceb0)
[ 2262.758645]
[ 2262.758850] The buggy address belongs to the physical page:
[ 2262.759515] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.760620] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.761448] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.762364] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.763277] page dumped because: kasan: bad access detected
[ 2262.763939]
[ 2262.764148] Memory state around the buggy address:
[ 2262.764726] ffff88810b9dcd80: fb fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 2262.765582] ffff88810b9dce00: fb fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 2262.766442] >ffff88810b9dce80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.767303] ^
[ 2262.767824] ffff88810b9dcf00: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.768681] ffff88810b9dcf80: fa fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.769540] ==================================================================
[ 2262.770481] ==================================================================
[ 2262.771347] BUG: KASAN: double-free or invalid-free in kfree+0xe2/0x3c0
[ 2262.772134]
[ 2262.772340] CPU: 0 PID: 48049 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.773937] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.774631] Call Trace:
[ 2262.774943]
[ 2262.775222] dump_stack_lvl+0x57/0x81
[ 2262.775675] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.776371] print_report.cold+0x5c/0x237
[ 2262.776859] ? kfree+0xe2/0x3c0
[ 2262.777257] ? kfree+0xe2/0x3c0
[ 2262.777653] kasan_report_invalid_free+0x99/0xc0
[ 2262.778222] ? kfree+0xe2/0x3c0
[ 2262.778616] ? kfree+0xe2/0x3c0
[ 2262.779010] __kasan_slab_free+0x152/0x170
[ 2262.779514] slab_free_freelist_hook+0x11d/0x1d0
[ 2262.780079] ? kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2262.780775] kfree+0xe2/0x3c0
[ 2262.781158] ? __kasan_check_byte+0x36/0x50
[ 2262.781668] kmalloc_double_kzfree+0x1ad/0x270 [test_kasan]
[ 2262.782340] ? vmalloc_oob+0x5e0/0x5e0 [test_kasan]
[ 2262.782936] ? do_raw_spin_trylock+0xb5/0x180
[ 2262.783474] ? do_raw_spin_lock+0x270/0x270
[ 2262.783986] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.784659] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.785279] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.785872] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.786488] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.787226] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.787847] kthread+0x2a4/0x350
[ 2262.788253] ? kthread_complete_and_exit+0x20/0x20
[ 2262.788836] ret_from_fork+0x1f/0x30
[ 2262.789290]
[ 2262.789571]
[ 2262.789777] Allocated by task 48049:
[ 2262.790219] kasan_save_stack+0x1e/0x40
[ 2262.790688] __kasan_kmalloc+0x81/0xa0
[ 2262.791151] kmalloc_double_kzfree+0x9a/0x270 [test_kasan]
[ 2262.791809] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.792403] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.793153] kthread+0x2a4/0x350
[ 2262.793555] ret_from_fork+0x1f/0x30
[ 2262.793996]
[ 2262.794204] Freed by task 48049:
[ 2262.794605] kasan_save_stack+0x1e/0x40
[ 2262.795075] kasan_set_track+0x21/0x30
[ 2262.795539] kasan_set_free_info+0x20/0x40
[ 2262.796039] __kasan_slab_free+0x108/0x170
[ 2262.796538] slab_free_freelist_hook+0x11d/0x1d0
[ 2262.797098] kfree+0xe2/0x3c0
[ 2262.797477] kmalloc_double_kzfree+0x137/0x270 [test_kasan]
[ 2262.798147] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.798738] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.799471] kthread+0x2a4/0x350
[ 2262.799873] ret_from_fork+0x1f/0x30
[ 2262.800319]
[ 2262.800524] The buggy address belongs to the object at ffff88810b9dcea0
[ 2262.800524] which belongs to the cache kmalloc-16 of size 16
[ 2262.801960] The buggy address is located 0 bytes inside of
[ 2262.801960] 16-byte region [ffff88810b9dcea0, ffff88810b9dceb0)
[ 2262.803305]
[ 2262.803511] The buggy address belongs to the physical page:
[ 2262.804183] page:00000000fb4e919d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b9dc
[ 2262.805343] flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.806253] raw: 0017ffffc0000200 ffffea00051b4ac0 dead000000000002 ffff8881000413c0
[ 2262.807171] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 2262.808083] page dumped because: kasan: bad access detected
[ 2262.808749]
[ 2262.808955] Memory state around the buggy address:
[ 2262.809537] ffff88810b9dcd80: fb fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 2262.810395] ffff88810b9dce00: fb fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 2262.811253] >ffff88810b9dce80: fb fb fc fc fa fb fc fc fb fb fc fc fa fb fc fc
[ 2262.812112] ^
[ 2262.812635] ffff88810b9dcf00: fa fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 2262.813496] ffff88810b9dcf80: fa fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[ 2262.814355] ==================================================================
[ 2262.815243] ok 47 - kmalloc_double_kzfree
[ 2262.815423] ok 48 - vmalloc_helpers_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 2262.816216] ==================================================================
[ 2262.818040] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 2262.818974] Read of size 1 at addr ffffc900000777f3 by task kunit_try_catch/48051
[ 2262.819861]
[ 2262.820068] CPU: 0 PID: 48051 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.821669] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.822363] Call Trace:
[ 2262.822673]
[ 2262.822946] ? vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 2262.823542] dump_stack_lvl+0x57/0x81
[ 2262.823995] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.824692] ? vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 2262.825288] print_report.cold+0x5c/0x237
[ 2262.825781] kasan_report+0xc9/0x100
[ 2262.826231] ? vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 2262.826825] vmalloc_oob+0x596/0x5e0 [test_kasan]
[ 2262.827402] ? kasan_global_oob_right+0x1f0/0x1f0 [test_kasan]
[ 2262.828111] ? do_raw_spin_trylock+0xb5/0x180
[ 2262.828649] ? do_raw_spin_lock+0x270/0x270
[ 2262.829166] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.829838] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.830460] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.831053] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.831670] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.832407] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.833030] kthread+0x2a4/0x350
[ 2262.833438] ? kthread_complete_and_exit+0x20/0x20
[ 2262.834021] ret_from_fork+0x1f/0x30
[ 2262.834476]
[ 2262.834759]
[ 2262.834965] The buggy address belongs to the virtual mapping at
[ 2262.834965] [ffffc90000077000, ffffc90000079000) created by:
[ 2262.834965] vmalloc_oob+0x78/0x5e0 [test_kasan]
[ 2262.836859]
[ 2262.837065] The buggy address belongs to the physical page:
[ 2262.837731] page:00000000adbf9395 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11f778
[ 2262.838839] flags: 0x17ffffc0000000(node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.839621] raw: 0017ffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 2262.840540] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2262.841457] page dumped because: kasan: bad access detected
[ 2262.842122]
[ 2262.842328] Memory state around the buggy address:
[ 2262.842914] ffffc90000077680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2262.843775] ffffc90000077700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2262.844633] >ffffc90000077780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[ 2262.845492] ^
[ 2262.846305] ffffc90000077800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 2262.847165] ffffc90000077880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 2262.848021] ==================================================================
[ 2262.848971] ==================================================================
[ 2262.849838] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 2262.850771] Read of size 1 at addr ffffc900000777f8 by task kunit_try_catch/48051
[ 2262.851661]
[ 2262.851867] CPU: 0 PID: 48051 Comm: kunit_try_catch Kdump: loaded Tainted: G B --------- --- 5.14.0-256.2009_766119311.el9.x86_64+debug #1
[ 2262.853464] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 2262.854157] Call Trace:
[ 2262.854466]
[ 2262.854738] ? vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 2262.855335] dump_stack_lvl+0x57/0x81
[ 2262.855788] print_address_description.constprop.0+0x1f/0x1e0
[ 2262.856484] ? vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 2262.857075] print_report.cold+0x5c/0x237
[ 2262.857571] kasan_report+0xc9/0x100
[ 2262.858015] ? vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 2262.858612] vmalloc_oob+0x58c/0x5e0 [test_kasan]
[ 2262.859189] ? kasan_global_oob_right+0x1f0/0x1f0 [test_kasan]
[ 2262.859894] ? do_raw_spin_trylock+0xb5/0x180
[ 2262.860432] ? do_raw_spin_lock+0x270/0x270
[ 2262.860945] ? kunit_fail_assert_format+0x100/0x100 [kunit]
[ 2262.861619] ? kunit_add_resource+0x197/0x280 [kunit]
[ 2262.862238] kunit_try_run_case+0x108/0x1a0 [kunit]
[ 2262.862832] ? kunit_catch_run_case+0xe0/0xe0 [kunit]
[ 2262.863448] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]
[ 2262.864184] ? kunit_try_catch_throw+0x80/0x80 [kunit]
[ 2262.864807] kthread+0x2a4/0x350
[ 2262.865221] ? kthread_complete_and_exit+0x20/0x20
[ 2262.865803] ret_from_fork+0x1f/0x30
[ 2262.866258]
[ 2262.866540]
[ 2262.866746] The buggy address belongs to the virtual mapping at
[ 2262.866746] [ffffc90000077000, ffffc90000079000) created by:
[ 2262.866746] vmalloc_oob+0x78/0x5e0 [test_kasan]
[ 2262.868635]
[ 2262.868843] The buggy address belongs to the physical page:
[ 2262.869510] page:00000000adbf9395 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11f778
[ 2262.870621] flags: 0x17ffffc0000000(node=0|zone=2|lastcpupid=0x1fffff)
[ 2262.871399] raw: 0017ffffc0000000 0000000000000000 dead000000000122 0000000000000000
[ 2262.872315] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 2262.873231] page dumped because: kasan: bad access detected
[ 2262.873894]
[ 2262.874103] Memory state around the buggy address:
[ 2262.874684] ffffc90000077680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2262.875550] ffffc90000077700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2262.876411] >ffffc90000077780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[ 2262.877270] ^
[ 2262.878120] ffffc90000077800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 2262.878977] ffffc90000077880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 2262.879836] ==================================================================
[ 2262.880748] ok 49 - vmalloc_oob
[ 2262.880910] ok 50 - vmap_tags # SKIP Test requires CONFIG_KASAN_SW_TAGS=y
[ 2262.881513] ok 51 - vm_map_ram_tags # SKIP Test requires CONFIG_KASAN_SW_TAGS=y
[ 2262.882550] ok 52 - vmalloc_percpu # SKIP Test requires CONFIG_KASAN_SW_TAGS=y
[ 2262.883762] ok 53 - match_all_not_assigned # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 2262.884953] ok 54 - match_all_ptr_tag # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 2262.886158] ok 55 - match_all_mem_tag # SKIP Test requires CONFIG_KASAN_GENERIC=n
[ 2262.887198] ok 20 - kasan
[ 2263.037971] # Subtest: linear-ranges-test
[ 2263.037980] 1..4
[ 2263.038909] ok 1 - range_test_get_value_amount
[ 2263.039363] ok 2 - range_test_get_selector_high
[ 2263.040230] ok 3 - range_test_get_selector_low
[ 2263.041014] ok 4 - range_test_get_value
[ 2263.041614] ok 21 - linear-ranges-test
[ 2263.092538] # Subtest: list_sort
[ 2263.092545] 1..1
[ 2263.102859] ok 1 - list_sort_test
[ 2263.103194] ok 22 - list_sort
[ 2263.230322] # Subtest: time_test_cases
[ 2263.230330] 1..1
[ 2268.001466] ok 1 - time64_to_tm_test_date_range
[ 2268.004060] ok 23 - time_test_cases