On 8/15/24 00:26, Ivan Orlov wrote:
As you can see, the device name is defined as a local variable, which means that it doesn't exist out of the 'overflow_allocation_test' function scope. This patch:diff --git a/lib/overflow_kunit.c b/lib/overflow_kunit.c index f314a0c15a6d..fa7ca8c94eee 100644 --- a/lib/overflow_kunit.c +++ b/lib/overflow_kunit.c @@ -668,7 +668,7 @@ DEFINE_TEST_ALLOC(devm_kzalloc, devm_kfree, 1, 1, 0); static void overflow_allocation_test(struct kunit *test) { - const char device_name[] = "overflow-test"; + static const char device_name[] = "overflow-test"; struct device *dev; int count = 0; Seems to fix the problem and it is not reproducable anymore. I will send the proper patch tomorrow. Good night!
Forgot to mention that the problem is intermittently reproducible on QEMU x86_64, and this is the only architecture I tested the solution on.
However, it looks like the initial report points us to 'module_remove_driver' function, which presumably calls the following kasprintf as a part of 'make_driver_name' function which also operates on driver name. If driver name points to invalid memory range (because it is out of scope), it is going to cause a KASAN bug kernel panic.
-- Kind regards, Ivan Orlov
