From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-lf1-f42.google.com (mail-lf1-f42.google.com [209.85.167.42])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 135D336AB51
	for <linux-kernel@vger.kernel.org>; Tue, 13 Jan 2026 19:16:05 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.42
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1768331767; cv=none; b=Sl30+GeWWAJRvrvX/gUikZYW8FRkdoDQZ0I404/C+NZnkr3HKuoEbiN+/3bW4FDj8y+7iYFqGYgLjtN4tltSkqOt41RktK6RkRSlLjH52rDulr7EUpfOFYEdGQRFUEUZ9Q7kVwobd0KX1PCqdker6YNHAaMzfW6YUFKyYvQawNo=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1768331767; c=relaxed/simple;
	bh=+AvkGYCtDPLRnJwnWVtMl/eRCviwxGywnckPq216BWI=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version; b=PKU+ALE/uw0P+RdeBQiNOHL9CwS3R2oCshZ+I/v+97xc4vzAkNO+mbA81V8r9pwwsE3tGOKuPXgyB//R1731Gy1duyGkPOCh9LoCorVFc8Vi447t87W7DUOhMFqXs11waRBUJFHfqXdCtYEkjmHKAZke1GvkmkBswH9sp/7Q2VM=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=YBB1tSkT; arc=none smtp.client-ip=209.85.167.42
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="YBB1tSkT"
Received: by mail-lf1-f42.google.com with SMTP id 2adb3069b0e04-59b786b2a6aso395995e87.3
        for <linux-kernel@vger.kernel.org>; Tue, 13 Jan 2026 11:16:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1768331764; x=1768936564; darn=vger.kernel.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=ScbrhvmjweTqkN3+3yPcwAeK769lF/fHEHFkP4nsS9c=;
        b=YBB1tSkTrHsKVoWcN+jjmTeWZXy8IeOeRbMDbmo/kKBn8xyM41zpj4cHkAJZUaI9N+
         TpEcJ1qBqLIEWO+WPK7HOQuM93WuuWRanmZCCnqFjR/P6XXg561dr7z20B3kmnqgRXRw
         zv7qVSvaAbV88/PFRUUvnnt9dis8rqjt6+LDWDuP91M/i3s0lFLTtby0tTNnNPEVOURv
         A1tWRIyDATNwmoc3iQV1DDYpFzXYhDLq6icPBsulSGaIy6wVFhcB2dltet6zFQ7Lo0+f
         VaNvWVcrrkldI5WtcdEqsnHMt6bEHgZmuZ0lvUAUj5ggem7cFwrAKiTE5oyqWpyr5oqy
         Dm2g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1768331764; x=1768936564;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
         :to:cc:subject:date:message-id:reply-to;
        bh=ScbrhvmjweTqkN3+3yPcwAeK769lF/fHEHFkP4nsS9c=;
        b=siM6/gdy8dBdmLIzD+OTlrc/TpIQf8fmQCr2F8d6PHw0koZDSgMInO4zQWl4tM/c3o
         nIdXIVtcUMK34PVQ4WQCVI3clAu5EvVPlo9uPt51H9/OGt2BFEojeq9cUyV/WOP9GC5x
         qXsBbKUQv3icV71wt1/P7bmIl0axlkgqlg5O+3cgEicO3Ln7/sii2R8BXMYjw/eqmNMr
         Vf6bygZUtXw3If1AIq3IsnGEblMY9tiuTVPDsXs9i+m1b16DwHPC+XynJU9Tx76GAchY
         gJ8VEwJViPjo140s61UYgqocdV0GgF8r5/SI0k8NbZWaDA8kif/0oUF4hSl1o1nzNMDU
         U/7Q==
X-Forwarded-Encrypted: i=1; AJvYcCVJUu4rTyggQxIhvJeNAFyEutE+JVJ1W8FDe0djzupC0xIUhDDNjRnyt/fQEktXfAKUwFi6bJvAC172ycc=@vger.kernel.org
X-Gm-Message-State: AOJu0Yw83vCPet0Q9LUg+k4fewzW341eJilw+YnB8e0cs1NaLa9KlphY
	EReE8XFG0WNJIBixCdaycQ6FSNTv4Wk8jTCd+QFCnmqZx/2pWe7rj6k4
X-Gm-Gg: AY/fxX4cKECIqJYNH52IqY2j3uPPKlYRxlpkJmj98oq5Bw8TSx4hjCqH4dttXi2LBzu
	OaE6eFs6AC/sCqe7J/2nrptD1UWo/QeSfDsu1TalYlZaoQK8XW7IIN+u4haj7yLN6pcNfXRBl8A
	ihUkv6fk8O/Rwqv9ByFCZojUFpsiZDostXD1P4XM+E+y3vmfNP01+UBHhJFkMF58+qC1ODOLeR4
	Fl3NlVj8jp79dAW5xZQLiDD8ydktyucWaapRB90zgdkDA6enEld9j2tEVgeruy3rrEz4F1mXOxF
	3QGgs6F7TpVjHl+1NKf6/lqiTFoQM5fh1sLot3zUP7fHAg8eMQfyesK2tHTWPeNfPjR8S1c4PtB
	mBGLwHuo7IiRVUW0GK4Zv9t3WyvhpPOoVGGYWeywb1Kk8QoYk292YI4yZoIO3SYAQzYPsO6HVdM
	OcBGeTOonnXMqLrDfNWoLBR5ngmJoQxkIMTA==
X-Google-Smtp-Source: AGHT+IGGXqubwqWQvOxHpPijFjOtSWMATnTJiIx5uzDa1+KnveMhOStwFWx7plRcy0RaT4bsGUqVWw==
X-Received: by 2002:a05:6512:3b83:b0:59b:7869:b9d0 with SMTP id 2adb3069b0e04-59b7869bad0mr3414712e87.3.1768331763812;
        Tue, 13 Jan 2026 11:16:03 -0800 (PST)
Received: from dellarbn.yandex.net ([80.93.240.68])
        by smtp.gmail.com with ESMTPSA id 2adb3069b0e04-59b6a97e94csm5568773e87.91.2026.01.13.11.16.01
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 13 Jan 2026 11:16:02 -0800 (PST)
From: Andrey Ryabinin <ryabinin.a.a@gmail.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: =?UTF-8?q?Maciej=20=C5=BBenczykowski?= <maze@google.com>,
	Maciej Wieczor-Retman <m.wieczorretman@pm.me>,
	Alexander Potapenko <glider@google.com>,
	Andrey Konovalov <andreyknvl@gmail.com>,
	Dmitry Vyukov <dvyukov@google.com>,
	Vincenzo Frascino <vincenzo.frascino@arm.com>,
	kasan-dev@googlegroups.com,
	Uladzislau Rezki <urezki@gmail.com>,
	linux-kernel@vger.kernel.org,
	linux-mm@kvack.org,
	Andrey Ryabinin <ryabinin.a.a@gmail.com>
Subject: [PATCH 2/2] mm/kasan/kunit: extend vmalloc OOB tests to cover vrealloc()
Date: Tue, 13 Jan 2026 20:15:16 +0100
Message-ID: <20260113191516.31015-2-ryabinin.a.a@gmail.com>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20260113191516.31015-1-ryabinin.a.a@gmail.com>
References: <CANP3RGeuRW53vukDy7WDO3FiVgu34-xVJYkfpm08oLO3odYFrA@mail.gmail.com>
 <20260113191516.31015-1-ryabinin.a.a@gmail.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Extend the vmalloc_oob() test to validate OOB detection after
resizing vmalloc allocations with vrealloc().

The test now verifies that KASAN correctly poisons and unpoisons vmalloc
memory when allocations are shrunk and expanded, ensuring OOB accesses
are reliably detected after each resize.

Signed-off-by: Andrey Ryabinin <ryabinin.a.a@gmail.com>
---
 mm/kasan/kasan_test_c.c | 50 ++++++++++++++++++++++++++++-------------
 1 file changed, 35 insertions(+), 15 deletions(-)

diff --git a/mm/kasan/kasan_test_c.c b/mm/kasan/kasan_test_c.c
index 2cafca31b092..cc8fc479e13a 100644
--- a/mm/kasan/kasan_test_c.c
+++ b/mm/kasan/kasan_test_c.c
@@ -1840,6 +1840,29 @@ static void vmalloc_helpers_tags(struct kunit *test)
 	vfree(ptr);
 }
 
+static void vmalloc_oob_helper(struct kunit *test, char *v_ptr, size_t size)
+{
+	/*
+	 * We have to be careful not to hit the guard page in vmalloc tests.
+	 * The MMU will catch that and crash us.
+	 */
+
+	/* Make sure in-bounds accesses are valid. */
+	v_ptr[0] = 0;
+	v_ptr[size - 1] = 0;
+
+	/*
+	 * An unaligned access past the requested vmalloc size.
+	 * Only generic KASAN can precisely detect these.
+	 */
+	if (IS_ENABLED(CONFIG_KASAN_GENERIC))
+		KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)v_ptr)[size]);
+
+	/* An aligned access into the first out-of-bounds granule. */
+	size = round_up(size, KASAN_GRANULE_SIZE);
+	KUNIT_EXPECT_KASAN_FAIL_READ(test, ((volatile char *)v_ptr)[size]);
+}
+
 static void vmalloc_oob(struct kunit *test)
 {
 	char *v_ptr, *p_ptr;
@@ -1856,24 +1879,21 @@ static void vmalloc_oob(struct kunit *test)
 
 	OPTIMIZER_HIDE_VAR(v_ptr);
 
-	/*
-	 * We have to be careful not to hit the guard page in vmalloc tests.
-	 * The MMU will catch that and crash us.
-	 */
+	vmalloc_oob_helper(test, v_ptr, size);
 
-	/* Make sure in-bounds accesses are valid. */
-	v_ptr[0] = 0;
-	v_ptr[size - 1] = 0;
+	size--;
+	v_ptr = vrealloc(v_ptr, size, GFP_KERNEL);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, v_ptr);
 
-	/*
-	 * An unaligned access past the requested vmalloc size.
-	 * Only generic KASAN can precisely detect these.
-	 */
-	if (IS_ENABLED(CONFIG_KASAN_GENERIC))
-		KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)v_ptr)[size]);
+	OPTIMIZER_HIDE_VAR(v_ptr);
 
-	/* An aligned access into the first out-of-bounds granule. */
-	KUNIT_EXPECT_KASAN_FAIL_READ(test, ((volatile char *)v_ptr)[size + 5]);
+	vmalloc_oob_helper(test, v_ptr, size);
+
+	size += 2;
+	v_ptr = vrealloc(v_ptr, size, GFP_KERNEL);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, v_ptr);
+
+	vmalloc_oob_helper(test, v_ptr, size);
 
 	/* Check that in-bounds accesses to the physical page are valid. */
 	page = vmalloc_to_page(v_ptr);
-- 
2.52.0