Hi Dave, On Fri, 18 Nov 2022 at 05:24, Dave Hansen <dave.hansen@xxxxxxxxx> wrote: > > On 11/17/22 15:23, Marco Elver wrote: > > Yes - it's the 'level != PG_LEVEL_4K'. > > That plus the bisect made it pretty easy to find, thanks for the effort! > > Could you double-check that the attached patch fixes it? It seemed to > for me. I have applied the attached patch on Linux next 20221118 and tested [1]. The reported issue has been fixed now. Reported-by: Linux Kernel Functional Testing <lkft@xxxxxxxxxx> Tested-by: Linux Kernel Functional Testing <lkft@xxxxxxxxxx> Tested-by: Naresh Kamboju <naresh.kamboju@xxxxxxxxxx> OTOH, I request you to walk through the boot and test log [1] (new see few failures). not ok 7 - test_double_free not ok 9 - test_invalid_addr_free not ok 11 - test_corruption not ok 18 - test_kmalloc_aligned_oob_write # kfence: pass:19 fail:4 skip:2 total:25 # Totals: pass:19 fail:4 skip:2 total:25 not ok 6 - kfence > The issue was that the new "No changes, easy!" check in the suspect > commit didn't check the cpa->force_split option. It didn't split down > to 4k and then all hell broke loose. > > Oh, and I totally misread the kfence ability to tolerate partial TLB > flushes. Sorry for the noise there! [1] https://lkft.validation.linaro.org/scheduler/job/5866612#L621 [2] https://tuxmake.org/ [3] https://qa-reports.linaro.org/lkft/ Steps to reproduce by tuxmake --- # To install tuxmake on your system globally: # sudo pip3 install -U tuxmake # # See https://docs.tuxmake.org/ for complete documentation. # Original tuxmake command with fragments listed below. # tuxmake --runtime podman --target-arch x86_64 --toolchain gcc-11 --kconfig defconfig --kconfig-add https://raw.githubusercontent.com/Linaro/meta-lkft/kirkstone/meta/recipes-kernel/linux/files/lkft.config --kconfig-add https://raw.githubusercontent.com/Linaro/meta-lkft/kirkstone/meta/recipes-kernel/linux/files/lkft-crypto.config --kconfig-add https://raw.githubusercontent.com/Linaro/meta-lkft/kirkstone/meta/recipes-kernel/linux/files/distro-overrides.config --kconfig-add https://raw.githubusercontent.com/Linaro/meta-lkft/kirkstone/meta/recipes-kernel/linux/files/systemd.config --kconfig-add https://raw.githubusercontent.com/Linaro/meta-lkft/kirkstone/meta/recipes-kernel/linux/files/virtio.config --kconfig-add CONFIG_IGB=y --kconfig-add CONFIG_UNWINDER_FRAME_POINTER=y --kconfig-add CONFIG_KASAN=y --kconfig-add CONFIG_KUNIT=y --kconfig-add CONFIG_KUNIT_ALL_TESTS=y echo 'Patch series used in this build is available from https://builds.tuxbuild.com/2HqQsi6ygbnwoCIENR9NB1zm80E/people.linaro.org/~naresh.kamboju-0001-kfence-fixing-kunit-testing.patch' echo '[WARNING] Build starting with assumption that the required patches are already applied.' echo 'Press any key to continue or Ctrl+C to abort.' read var_name tuxmake --runtime podman --target-arch x86_64 --toolchain gcc-11 --kconfig https://builds.tuxbuild.com/2HqQsi6ygbnwoCIENR9NB1zm80E/config - Naresh
diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c index 220361ceb997..9b4e2ad957f6 100644 --- a/arch/x86/mm/pat/set_memory.c +++ b/arch/x86/mm/pat/set_memory.c @@ -1727,7 +1727,8 @@ static int __change_page_attr_set_clr(struct cpa_data *cpa, int primary) /* * No changes, easy! */ - if (!(pgprot_val(cpa->mask_set) | pgprot_val(cpa->mask_clr))) + if (!(pgprot_val(cpa->mask_set) | pgprot_val(cpa->mask_clr)) + && !cpa->force_split) return ret; while (rempages) {
[ 0.000000] Linux version 6.1.0-rc5-next-20221117 (tuxmake@tuxmake) (x86_64-linux-gnu-gcc (Debian 11.3.0-8) 11.3.0, GNU ld (GNU Binutils for Debian) 2.39) #1 SMP PREEMPT_DYNAMIC @1669010619 [ 0.000000] Command line: root=/dev/sda rootwait console=ttyS0,115200 [ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers' [ 0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers' [ 0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers' [ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256 [ 0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'compacted' format. [ 0.000000] signal: max sigframe size: 1776 [ 0.000000] BIOS-provided physical RAM map: [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000bffddfff] usable [ 0.000000] BIOS-e820: [mem 0x00000000bffde000-0x00000000bfffffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved [ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000013fffffff] usable [ 0.000000] NX (Execute Disable) protection: active [ 0.000000] SMBIOS 2.8 present. [ 0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 0.000000] Hypervisor detected: KVM [ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00 [ 0.000003] kvm-clock: using sched offset of 1358436484 cycles [ 0.000010] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns [ 0.000019] tsc: Detected 2099.960 MHz processor [ 0.002804] last_pfn = 0x140000 max_arch_pfn = 0x400000000 [ 0.002846] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT [ 0.002896] last_pfn = 0xbffde max_arch_pfn = 0x400000000 [ 0.006673] found SMP MP-table at [mem 0x000f5a50-0x000f5a5f] [ 0.006712] Using GB pages for direct mapping [ 0.008738] ACPI: Early table checksum verification disabled [ 0.008749] ACPI: RSDP 0x00000000000F5A10 000014 (v00 BOCHS ) [ 0.008764] ACPI: RSDT 0x00000000BFFE13E7 000034 (v01 BOCHS BXPCRSDT 00000001 BXPC 00000001) [ 0.008781] ACPI: FACP 0x00000000BFFE1283 000074 (v01 BOCHS BXPCFACP 00000001 BXPC 00000001) [ 0.008801] ACPI: DSDT 0x00000000BFFDFDC0 0014C3 (v01 BOCHS BXPCDSDT 00000001 BXPC 00000001) [ 0.008814] ACPI: FACS 0x00000000BFFDFD80 000040 [ 0.008824] ACPI: APIC 0x00000000BFFE12F7 000090 (v01 BOCHS BXPCAPIC 00000001 BXPC 00000001) [ 0.008838] ACPI: HPET 0x00000000BFFE1387 000038 (v01 BOCHS BXPCHPET 00000001 BXPC 00000001) [ 0.008851] ACPI: WAET 0x00000000BFFE13BF 000028 (v01 BOCHS BXPCWAET 00000001 BXPC 00000001) [ 0.008863] ACPI: Reserving FACP table memory at [mem 0xbffe1283-0xbffe12f6] [ 0.008868] ACPI: Reserving DSDT table memory at [mem 0xbffdfdc0-0xbffe1282] [ 0.008873] ACPI: Reserving FACS table memory at [mem 0xbffdfd80-0xbffdfdbf] [ 0.008878] ACPI: Reserving APIC table memory at [mem 0xbffe12f7-0xbffe1386] [ 0.008882] ACPI: Reserving HPET table memory at [mem 0xbffe1387-0xbffe13be] [ 0.008886] ACPI: Reserving WAET table memory at [mem 0xbffe13bf-0xbffe13e6] [ 0.009882] No NUMA configuration found [ 0.009887] Faking a node at [mem 0x0000000000000000-0x000000013fffffff] [ 0.009900] NODE_DATA(0) allocated [mem 0x13fffa000-0x13fffdfff] [ 0.009948] Zone ranges: [ 0.009950] DMA [mem 0x0000000000001000-0x0000000000ffffff] [ 0.009957] DMA32 [mem 0x0000000001000000-0x00000000ffffffff] [ 0.009962] Normal [mem 0x0000000100000000-0x000000013fffffff] [ 0.009968] Movable zone start for each node [ 0.009971] Early memory node ranges [ 0.009973] node 0: [mem 0x0000000000001000-0x000000000009efff] [ 0.009977] node 0: [mem 0x0000000000100000-0x00000000bffddfff] [ 0.009982] node 0: [mem 0x0000000100000000-0x000000013fffffff] [ 0.009987] Initmem setup node 0 [mem 0x0000000000001000-0x000000013fffffff] [ 0.012770] On node 0, zone DMA: 1 pages in unavailable ranges [ 0.013157] On node 0, zone DMA: 97 pages in unavailable ranges [ 0.218910] On node 0, zone Normal: 34 pages in unavailable ranges [ 0.933744] kasan: KernelAddressSanitizer initialized [ 0.934215] ACPI: PM-Timer IO Port: 0x608 [ 0.934233] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1]) [ 0.934272] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23 [ 0.934280] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) [ 0.934286] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level) [ 0.934291] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) [ 0.934296] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level) [ 0.934300] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level) [ 0.934313] ACPI: Using ACPI (MADT) for SMP configuration information [ 0.934316] ACPI: HPET id: 0x8086a201 base: 0xfed00000 [ 0.934324] TSC deadline timer available [ 0.934330] smpboot: Allowing 4 CPUs, 0 hotplug CPUs [ 0.934356] kvm-guest: KVM setup pv remote TLB flush [ 0.934387] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff] [ 0.934394] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff] [ 0.934398] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff] [ 0.934402] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff] [ 0.934408] PM: hibernation: Registered nosave memory: [mem 0xbffde000-0xbfffffff] [ 0.934412] PM: hibernation: Registered nosave memory: [mem 0xc0000000-0xfeffbfff] [ 0.934415] PM: hibernation: Registered nosave memory: [mem 0xfeffc000-0xfeffffff] [ 0.934419] PM: hibernation: Registered nosave memory: [mem 0xff000000-0xfffbffff] [ 0.934422] PM: hibernation: Registered nosave memory: [mem 0xfffc0000-0xffffffff] [ 0.934429] [mem 0xc0000000-0xfeffbfff] available for PCI devices [ 0.934433] Booting paravirtualized kernel on KVM [ 0.934439] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns [ 0.934456] setup_percpu: NR_CPUS:64 nr_cpumask_bits:4 nr_cpu_ids:4 nr_node_ids:1 [ 0.936669] percpu: Embedded 66 pages/cpu s231848 r8192 d30296 u524288 [ 0.936848] Fallback order for Node 0: 0 [ 0.936862] Built 1 zonelists, mobility grouping on. Total pages: 1031902 [ 0.936869] Policy zone: Normal [ 0.936874] Kernel command line: root=/dev/sda rootwait console=ttyS0,115200 [ 0.937098] random: crng init done [ 0.940708] Dentry cache hash table entries: 524288 (order: 10, 4194304 bytes, linear) [ 0.942588] Inode-cache hash table entries: 262144 (order: 9, 2097152 bytes, linear) [ 0.944313] mem auto-init: stack:off, heap alloc:off, heap free:off [ 0.950421] stackdepot hash table entries: 1048576 (order: 11, 8388608 bytes, linear) [ 0.950444] software IO TLB: area num 4. [ 1.235711] Memory: 3442872K/4193776K available (32768K kernel code, 10290K rwdata, 13284K rodata, 6648K init, 3340K bss, 750648K reserved, 0K cma-reserved) [ 1.236288] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=4, Nodes=1 [ 1.236369] ftrace: allocating 57558 entries in 225 pages [ 1.260341] ftrace: allocated 225 pages with 4 groups [ 1.262927] Dynamic Preempt: voluntary [ 1.265228] rcu: Preemptible hierarchical RCU implementation. [ 1.265234] rcu: RCU event tracing is enabled. [ 1.265236] rcu: RCU restricting CPUs from NR_CPUS=64 to nr_cpu_ids=4. [ 1.265243] Trampoline variant of Tasks RCU enabled. [ 1.265246] Rude variant of Tasks RCU enabled. [ 1.265249] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies. [ 1.265253] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=4 [ 1.296965] NR_IRQS: 4352, nr_irqs: 456, preallocated irqs: 16 [ 1.297353] rcu: srcu_init: Setting srcu_struct sizes based on contention. [ 1.297552] kfence: initialized - using 2097152 bytes for 255 objects at 0x(____ptrval____)-0x(____ptrval____) [ 1.306389] Console: colour VGA+ 80x25 [ 1.417661] printk: console [ttyS0] enabled [ 1.418414] ACPI: Core revision 20221020 [ 1.419591] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns [ 1.421184] APIC: Switch to symmetric I/O mode setup [ 1.422031] kvm-guest: setup PV IPIs [ 1.424214] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1 [ 1.425238] tsc: Marking TSC unstable due to TSCs unsynchronized [ 1.426262] Calibrating delay loop (skipped) preset value.. 4199.92 BogoMIPS (lpj=2099960) [ 1.427255] pid_max: default: 32768 minimum: 301 [ 1.428429] LSM: initializing lsm=capability,integrity,selinux [ 1.429310] SELinux: Initializing. [ 1.430576] Mount-cache hash table entries: 8192 (order: 4, 65536 bytes, linear) [ 1.431270] Mountpoint-cache hash table entries: 8192 (order: 4, 65536 bytes, linear) [ 1.434030] Last level iTLB entries: 4KB 512, 2MB 255, 4MB 127 [ 1.434257] Last level dTLB entries: 4KB 512, 2MB 255, 4MB 127, 1GB 0 [ 1.435264] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization [ 1.436255] Spectre V2 : Mitigation: Retpolines [ 1.437253] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch [ 1.438253] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT [ 1.439253] Spectre V2 : Enabling Speculation Barrier for firmware calls [ 1.440253] RETBleed: Mitigation: untrained return thunk [ 1.441257] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier [ 1.442254] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl [ 1.504393] Freeing SMP alternatives memory: 48K [ 1.505575] smpboot: CPU0: AMD EPYC 7281 16-Core Processor (family: 0x17, model: 0x1, stepping: 0x2) [ 1.507089] cblist_init_generic: Setting adjustable number of callback queues. [ 1.507256] cblist_init_generic: Setting shift to 2 and lim to 1. [ 1.508290] cblist_init_generic: Setting shift to 2 and lim to 1. [ 1.509310] Performance Events: Fam17h+ core perfctr, AMD PMU driver. [ 1.510264] ... version: 0 [ 1.510835] ... bit width: 48 [ 1.511256] ... generic registers: 6 [ 1.511820] ... value mask: 0000ffffffffffff [ 1.512262] ... max period: 00007fffffffffff [ 1.513012] ... fixed-purpose events: 0 [ 1.513256] ... event mask: 000000000000003f [ 1.514349] rcu: Hierarchical SRCU implementation. [ 1.515028] rcu: Max phase no-delay instances is 400. [ 1.518675] smp: Bringing up secondary CPUs ... [ 1.520709] x86: Booting SMP configuration: [ 1.521259] .... node #0, CPUs: #1 #2 #3 [ 1.526402] smp: Brought up 1 node, 4 CPUs [ 1.527938] smpboot: Max logical packages: 4 [ 1.528257] smpboot: Total of 4 processors activated (16799.68 BogoMIPS) [ 1.531268] devtmpfs: initialized [ 1.539564] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns [ 1.540267] futex hash table entries: 1024 (order: 4, 65536 bytes, linear) [ 1.541744] PM: RTC time: 06:29:52, date: 2022-11-21 [ 1.542918] NET: Registered PF_NETLINK/PF_ROUTE protocol family [ 1.544332] audit: initializing netlink subsys (disabled) [ 1.545316] audit: type=2000 audit(1669012193.490:1): state=initialized audit_enabled=0 res=1 [ 1.546326] thermal_sys: Registered thermal governor 'step_wise' [ 1.547258] thermal_sys: Registered thermal governor 'user_space' [ 1.548380] cpuidle: using governor menu [ 1.551795] PCI: Using configuration type 1 for base access [ 1.552257] PCI: Using configuration type 1 for extended access [ 1.554350] kprobes: kprobe jump-optimization is enabled. All kprobes are optimized if possible. [ 1.586377] HugeTLB: registered 2.00 MiB page size, pre-allocated 0 pages [ 1.587259] HugeTLB: 28 KiB vmemmap can be freed for a 2.00 MiB page [ 1.590436] cryptd: max_cpu_qlen set to 1000 [ 1.592635] ACPI: Added _OSI(Module Device) [ 1.593258] ACPI: Added _OSI(Processor Device) [ 1.594270] ACPI: Added _OSI(3.0 _SCP Extensions) [ 1.595258] ACPI: Added _OSI(Processor Aggregator Device) [ 1.627677] ACPI: 1 ACPI AML tables successfully acquired and loaded [ 1.639023] ACPI: Interpreter enabled [ 1.639424] ACPI: PM: (supports S0 S3 S4 S5) [ 1.640140] ACPI: Using IOAPIC for interrupt routing [ 1.641379] PCI: Using host bridge windows from ACPI; if necessary, use \"pci=nocrs\" and report a bug [ 1.642257] PCI: Using E820 reservations for host bridge windows [ 1.646539] ACPI: Enabled 2 GPEs in block 00 to 0F [ 1.716284] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff]) [ 1.717294] acpi PNP0A03:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3] [ 1.719727] PCI host bridge to bus 0000:00 [ 1.720265] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window] [ 1.721263] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window] [ 1.722268] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window] [ 1.724266] pci_bus 0000:00: root bus resource [mem 0xc0000000-0xfebfffff window] [ 1.725263] pci_bus 0000:00: root bus resource [mem 0x140000000-0x1bfffffff window] [ 1.726264] pci_bus 0000:00: root bus resource [bus 00-ff] [ 1.727576] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000 [ 1.730680] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100 [ 1.734562] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180 [ 1.737805] pci 0000:00:01.1: reg 0x20: [io 0xc0a0-0xc0af] [ 1.740291] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7] [ 1.741257] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6] [ 1.742257] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177] [ 1.744257] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376] [ 1.745992] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000 [ 1.746856] pci 0000:00:01.3: quirk: [io 0x0600-0x063f] claimed by PIIX4 ACPI [ 1.748269] pci 0000:00:01.3: quirk: [io 0x0700-0x070f] claimed by PIIX4 SMB [ 1.749911] pci 0000:00:02.0: [1234:1111] type 00 class 0x030000 [ 1.752932] pci 0000:00:02.0: reg 0x10: [mem 0xfd000000-0xfdffffff pref] [ 1.758220] pci 0000:00:02.0: reg 0x18: [mem 0xfebd0000-0xfebd0fff] [ 1.768227] pci 0000:00:02.0: reg 0x30: [mem 0xfebc0000-0xfebcffff pref] [ 1.771524] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff] [ 1.776364] pci 0000:00:03.0: [1af4:1000] type 00 class 0x020000 [ 1.780183] pci 0000:00:03.0: reg 0x10: [io 0xc080-0xc09f] [ 1.783263] pci 0000:00:03.0: reg 0x14: [mem 0xfebd1000-0xfebd1fff] [ 1.789266] pci 0000:00:03.0: reg 0x20: [mem 0xfe000000-0xfe003fff 64bit pref] [ 1.793258] pci 0000:00:03.0: reg 0x30: [mem 0xfeb80000-0xfebbffff pref] [ 1.796850] pci 0000:00:04.0: [1af4:1001] type 00 class 0x010000 [ 1.799260] pci 0000:00:04.0: reg 0x10: [io 0xc000-0xc07f] [ 1.801963] pci 0000:00:04.0: reg 0x14: [mem 0xfebd2000-0xfebd2fff] [ 1.807263] pci 0000:00:04.0: reg 0x20: [mem 0xfe004000-0xfe007fff 64bit pref] [ 1.820789] ACPI: PCI: Interrupt link LNKA configured for IRQ 10 [ 1.824533] ACPI: PCI: Interrupt link LNKB configured for IRQ 10 [ 1.827451] ACPI: PCI: Interrupt link LNKC configured for IRQ 11 [ 1.830436] ACPI: PCI: Interrupt link LNKD configured for IRQ 11 [ 1.833137] ACPI: PCI: Interrupt link LNKS configured for IRQ 9 [ 1.839571] iommu: Default domain type: Translated [ 1.840258] iommu: DMA domain TLB invalidation policy: lazy mode [ 1.842192] SCSI subsystem initialized [ 1.857517] ACPI: bus type USB registered [ 1.858622] usbcore: registered new interface driver usbfs [ 1.861551] usbcore: registered new interface driver hub [ 1.863471] usbcore: registered new device driver usb [ 1.865573] mc: Linux media interface: v0.10 [ 1.866406] videodev: Linux video capture interface: v2.00 [ 1.868374] pps_core: LinuxPPS API ver. 1 registered [ 1.869260] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <giometti@xxxxxxxx> [ 1.871396] PTP clock support registered [ 1.874537] Advanced Linux Sound Architecture Driver Initialized. [ 1.877829] NetLabel: Initializing [ 1.878257] NetLabel: domain hash size = 128 [ 1.878960] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO [ 1.880506] NetLabel: unlabeled traffic allowed by default [ 1.881449] PCI: Using ACPI for IRQ routing [ 1.882613] pci 0000:00:02.0: vgaarb: setting as boot VGA device [ 1.883249] pci 0000:00:02.0: vgaarb: bridge control possible [ 1.883249] pci 0000:00:02.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none [ 1.885262] vgaarb: loaded [ 1.886082] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0 [ 1.887257] hpet0: 3 comparators, 64-bit 100.000000 MHz counter [ 2.080060] clocksource: Switched to clocksource kvm-clock [ 2.082589] VFS: Disk quotas dquot_6.6.0 [ 2.083365] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes) [ 2.084886] pnp: PnP ACPI init [ 2.091542] pnp: PnP ACPI: found 6 devices [ 2.125200] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns [ 2.127384] NET: Registered PF_INET protocol family [ 2.129009] IP idents hash table entries: 65536 (order: 7, 524288 bytes, linear) [ 2.137713] tcp_listen_portaddr_hash hash table entries: 2048 (order: 3, 32768 bytes, linear) [ 2.140800] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) [ 2.143510] TCP established hash table entries: 32768 (order: 6, 262144 bytes, linear) [ 2.146314] TCP bind hash table entries: 32768 (order: 8, 1048576 bytes, linear) [ 2.149938] TCP: Hash tables configured (established 32768 bind 32768) [ 2.151822] MPTCP token hash table entries: 4096 (order: 4, 98304 bytes, linear) [ 2.153185] UDP hash table entries: 2048 (order: 4, 65536 bytes, linear) [ 2.154387] UDP-Lite hash table entries: 2048 (order: 4, 65536 bytes, linear) [ 2.156015] NET: Registered PF_UNIX/PF_LOCAL protocol family [ 2.158238] RPC: Registered named UNIX socket transport module. [ 2.159198] RPC: Registered udp transport module. [ 2.159951] RPC: Registered tcp transport module. [ 2.160713] RPC: Registered tcp NFSv4.1 backchannel transport module. [ 2.164911] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window] [ 2.165958] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window] [ 2.166972] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window] [ 2.168086] pci_bus 0000:00: resource 7 [mem 0xc0000000-0xfebfffff window] [ 2.169210] pci_bus 0000:00: resource 8 [mem 0x140000000-0x1bfffffff window] [ 2.170900] pci 0000:00:01.0: PIIX3: Enabling Passive Release [ 2.171864] pci 0000:00:00.0: Limiting direct PCI/PCI transfers [ 2.172973] PCI: CLS 0 bytes, default 64 [ 2.174156] PCI-DMA: Using software bounce buffering for IO (SWIOTLB) [ 2.175206] software IO TLB: mapped [mem 0x00000000bbfde000-0x00000000bffde000] (64MB) [ 2.176584] kvm: no hardware support for 'kvm_intel' [ 2.177755] kvm: Nested Virtualization enabled [ 2.178480] SVM: kvm: Nested Paging enabled [ 2.209028] cryptomgr_test (58) used greatest stack depth: 30568 bytes left [ 2.212466] cryptomgr_test (64) used greatest stack depth: 30168 bytes left [ 2.439846] Initialise system trusted keyrings [ 2.442309] workingset: timestamp_bits=40 max_order=20 bucket_order=0 [ 2.552997] NFS: Registering the id_resolver key type [ 2.554577] Key type id_resolver registered [ 2.555277] Key type id_legacy registered [ 2.556399] 9p: Installing v9fs 9p2000 file system support [ 2.570771] NET: Registered PF_ALG protocol family [ 2.571611] Key type asymmetric registered [ 2.572308] Asymmetric key parser 'x509' registered [ 2.573210] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 250) [ 2.574462] io scheduler mq-deadline registered [ 2.575197] io scheduler kyber registered [ 2.577406] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0 [ 2.579319] ACPI: button: Power Button [PWRF] [ 4.709049] ACPI: \_SB_.LNKC: Enabled at IRQ 11 [ 6.876017] ACPI: \_SB_.LNKD: Enabled at IRQ 10 [ 6.879493] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled [ 6.880996] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A [ 6.886845] Non-volatile memory driver v1.3 [ 6.887578] Linux agpgart interface v0.103 [ 6.888714] ACPI: bus type drm_connector registered [ 6.913915] loop: module loaded [ 6.914795] virtio_blk virtio1: 4/0/0 default/read/poll queues [ 6.919006] virtio_blk virtio1: [vda] 1048576 512-byte logical blocks (537 MB/512 MiB) [ 6.930102] scsi host0: ata_piix [ 6.932932] scsi host1: ata_piix [ 6.934033] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc0a0 irq 14 [ 6.935132] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc0a8 irq 15 [ 6.944766] e100: Intel(R) PRO/100 Network Driver [ 6.946471] e100: Copyright(c) 1999-2006 Intel Corporation [ 6.948475] e1000: Intel(R) PRO/1000 Network Driver [ 6.949734] e1000: Copyright (c) 1999-2006 Intel Corporation. [ 6.951353] e1000e: Intel(R) PRO/1000 Network Driver [ 6.952664] e1000e: Copyright(c) 1999 - 2015 Intel Corporation. [ 6.953737] igb: Intel(R) Gigabit Ethernet Network Driver [ 6.954616] igb: Copyright (c) 2007-2014 Intel Corporation. [ 6.955615] sky2: driver version 1.30 [ 6.956373] QLogic FastLinQ 4xxxx Core Module qed [ 6.957125] qede init: QLogic FastLinQ 4xxxx Ethernet Driver qede [ 6.958409] usbcore: registered new interface driver asix [ 6.959376] usbcore: registered new interface driver ax88179_178a [ 6.960413] usbcore: registered new interface driver cdc_ether [ 6.961376] usbcore: registered new interface driver net1080 [ 6.962314] usbcore: registered new interface driver cdc_subset [ 6.963289] usbcore: registered new interface driver zaurus [ 6.964229] usbcore: registered new interface driver cdc_ncm [ 6.965182] usbcore: registered new interface driver r8153_ecm [ 6.967387] usbcore: registered new interface driver usblp [ 6.968354] usbcore: registered new interface driver usb-storage [ 6.969582] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12 [ 6.972044] serio: i8042 KBD port at 0x60,0x64 irq 1 [ 6.972905] serio: i8042 AUX port at 0x60,0x64 irq 12 [ 6.975436] rtc_cmos 00:05: RTC can wake from S4 [ 6.976946] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1 [ 6.981599] rtc_cmos 00:05: registered as rtc0 [ 6.984026] rtc_cmos 00:05: alarms up to one day, y3k, 242 bytes nvram, hpet irqs [ 6.987729] device-mapper: ioctl: 4.47.0-ioctl (2022-07-28) initialised: dm-devel@xxxxxxxxxx [ 6.992580] kworker/u8:3 (86) used greatest stack depth: 28968 bytes left [ 6.997180] hid: raw HID events driver (C) Jiri Kosina [ 7.000549] usbcore: registered new interface driver usbhid [ 7.001638] usbhid: USB HID core driver [ 7.006659] Initializing XFRM netlink socket [ 7.007815] NET: Registered PF_INET6 protocol family [ 7.011308] Segment Routing with IPv6 [ 7.012121] In-situ OAM (IOAM) with IPv6 [ 7.014147] sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver [ 7.019057] NET: Registered PF_PACKET protocol family [ 7.021943] 9pnet: Installing 9P2000 support [ 7.023359] Key type dns_resolver registered [ 7.028912] IPI shorthand broadcast: enabled [ 7.030131] AVX2 version of gcm_enc/dec engaged. [ 7.031599] AES CTR mode by8 optimization enabled [ 7.092202] sched_clock: Marking stable (6965373124, 125883994)->(7116733466, -25476348) [ 7.094473] ata2: found unknown device (class 0) [ 7.095443] registered taskstats version 1 [ 7.096207] Loading compiled-in X.509 certificates [ 7.096229] ata1: found unknown device (class 0) [ 7.100419] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100 [ 7.101692] ata1.00: ATA-7: QEMU HARDDISK, 2.5+, max UDMA/100 [ 7.102648] ata1.00: 8400294 sectors, multi 16: LBA48 [ 7.105877] scsi 0:0:0:0: Direct-Access ATA QEMU HARDDISK 2.5+ PQ: 0 ANSI: 5 [ 7.111485] sd 0:0:0:0: [sda] 8400294 512-byte logical blocks: (4.30 GB/4.00 GiB) [ 7.111534] sd 0:0:0:0: Attached scsi generic sg0 type 0 [ 7.112658] sd 0:0:0:0: [sda] Write Protect is off [ 7.114657] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA [ 7.115358] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5 [ 7.116331] sd 0:0:0:0: [sda] Preferred minimum I/O size 512 bytes [ 7.127666] sd 0:0:0:0: [sda] Attached SCSI disk [ 7.157855] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray [ 7.163315] cdrom: Uniform CD-ROM driver Revision: 3.20 [ 7.189823] sr 1:0:0:0: Attached scsi generic sg1 type 5 [ 7.194306] PM: Magic number: 14:170:469 [ 7.195164] leds input1::capslock: hash matches [ 7.196058] printk: console [netcon0] enabled [ 7.196826] netconsole: network logging started [ 7.199041] cfg80211: Loading compiled-in X.509 certificates for regulatory database [ 7.203309] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7' [ 7.204647] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 7.206045] cfg80211: failed to load regulatory.db [ 7.207294] ALSA device list: [ 7.208592] No soundcards found. [ 7.209891] TAP version 14 [ 7.210919] 1..52 [ 7.211844] # Subtest: time_test_cases [ 7.211858] 1..1 [ 10.230341] ok 1 - time64_to_tm_test_date_range [ 10.234099] ok 1 - time_test_cases [ 10.235841] # Subtest: hw_breakpoint [ 10.235849] 1..9 [ 10.237734] ok 1 - test_one_cpu [ 10.239755] ok 2 - test_many_cpus [ 10.241144] ok 3 - test_one_task_on_all_cpus [ 10.243719] ok 4 - test_two_tasks_on_all_cpus [ 10.245606] ok 5 - test_one_task_on_one_cpu [ 10.247863] ok 6 - test_one_task_mixed [ 10.250742] ok 7 - test_two_tasks_on_one_cpu [ 10.253281] ok 8 - test_two_tasks_on_one_all_cpus [ 10.255689] ok 9 - test_task_on_all_and_one_cpu [ 10.257089] # hw_breakpoint: pass:9 fail:0 skip:0 total:9 [ 10.258479] # Totals: pass:9 fail:0 skip:0 total:9 [ 10.259911] ok 2 - hw_breakpoint [ 10.261968] # Subtest: resource [ 10.261973] 1..2 [ 10.262906] ok 1 - resource_test_union [ 10.263583] ok 2 - resource_test_intersection [ 10.264470] # resource: pass:2 fail:0 skip:0 total:2 [ 10.265300] # Totals: pass:2 fail:0 skip:0 total:2 [ 10.266155] ok 3 - resource [ 10.267554] # Subtest: sysctl_test [ 10.267559] 1..10 [ 10.268524] ok 1 - sysctl_test_api_dointvec_null_tbl_data [ 10.269234] ok 2 - sysctl_test_api_dointvec_table_maxlen_unset [ 10.270638] ok 3 - sysctl_test_api_dointvec_table_len_is_zero [ 10.272000] ok 4 - sysctl_test_api_dointvec_table_read_but_position_set [ 10.273317] ok 5 - sysctl_test_dointvec_read_happy_single_positive [ 10.274804] ok 6 - sysctl_test_dointvec_read_happy_single_negative [ 10.276319] ok 7 - sysctl_test_dointvec_write_happy_single_positive [ 10.277899] ok 8 - sysctl_test_dointvec_write_happy_single_negative [ 10.279392] ok 9 - sysctl_test_api_dointvec_write_single_less_int_min [ 10.280830] ok 10 - sysctl_test_api_dointvec_write_single_greater_int_max [ 10.281975] # sysctl_test: pass:10 fail:0 skip:0 total:10 [ 10.283164] # Totals: pass:10 fail:0 skip:0 total:10 [ 10.284080] ok 4 - sysctl_test [ 10.286062] # Subtest: kasan [ 10.286070] 1..58 [ 10.286955] ================================================================== [ 10.288719] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xd0/0x330 [ 10.289761] Write of size 1 at addr ffff888105144473 by task kunit_try_catch/287 [ 10.290825] [ 10.291058] CPU: 3 PID: 287 Comm: kunit_try_catch Tainted: G N 6.1.0-rc5-next-20221117 #1 [ 10.292443] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.293637] Call Trace: [ 10.294003] <TASK> [ 10.294328] dump_stack_lvl+0x4d/0x66 [ 10.294871] print_report+0x17a/0x471 [ 10.295413] ? kasan_complete_mode_report_info+0x40/0x210 [ 10.296192] ? kmalloc_oob_right+0xd0/0x330 [ 10.297027] kasan_report+0xb4/0x140 [ 10.297740] ? kmalloc_oob_right+0xd0/0x330 [ 10.298580] __asan_store1+0x69/0x70 [ 10.299335] kmalloc_oob_right+0xd0/0x330 [ 10.300150] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.301072] ? __kasan_check_write+0x18/0x20 [ 10.301776] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.302455] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.303179] ? trace_preempt_on+0x2e/0xf0 [ 10.303794] ? __kthread_parkme+0x4f/0xd0 [ 10.304398] kunit_try_run_case+0x95/0xd0 [ 10.304988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.305671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.306547] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.307327] kthread+0x17d/0x1b0 [ 10.307803] ? __pfx_kthread+0x10/0x10 [ 10.308363] ret_from_fork+0x2c/0x50 [ 10.308893] </TASK> [ 10.309220] [ 10.309451] Allocated by task 287: [ 10.309949] kasan_save_stack+0x2a/0x60 [ 10.310513] kasan_set_track+0x29/0x40 [ 10.311064] kasan_save_alloc_info+0x22/0x30 [ 10.311689] __kasan_kmalloc+0xb8/0xc0 [ 10.312238] kmalloc_trace+0x4e/0xb0 [ 10.312780] kmalloc_oob_right+0x9f/0x330 [ 10.313368] kunit_try_run_case+0x95/0xd0 [ 10.313960] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.314748] kthread+0x17d/0x1b0 [ 10.315227] ret_from_fork+0x2c/0x50 [ 10.315758] [ 10.315990] The buggy address belongs to the object at ffff888105144400 [ 10.315990] which belongs to the cache kmalloc-128 of size 128 [ 10.317973] The buggy address is located 115 bytes inside of [ 10.317973] 128-byte region [ffff888105144400, ffff888105144480) [ 10.319844] [ 10.320094] The buggy address belongs to the physical page: [ 10.320985] page:00000000f40eef31 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105144 [ 10.322444] flags: 0x200000000000200(slab|node=0|zone=2) [ 10.323282] raw: 0200000000000200 ffff8881000428c0 dead000000000122 0000000000000000 [ 10.324493] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 10.325692] page dumped because: kasan: bad access detected [ 10.326556] [ 10.326804] Memory state around the buggy address: [ 10.327555] ffff888105144300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.328710] ffff888105144380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.329832] >ffff888105144400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.330952] ^ [ 10.332021] ffff888105144480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.333161] ffff888105144500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.334276] ================================================================== [ 10.335491] Disabling lock debugging due to kernel taint [ 10.336575] ================================================================== [ 10.337966] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x10c/0x330 [ 10.339299] Write of size 1 at addr ffff888105144478 by task kunit_try_catch/287 [ 10.340729] [ 10.341051] CPU: 3 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 10.342789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.344079] Call Trace: [ 10.344485] <TASK> [ 10.344826] dump_stack_lvl+0x4d/0x66 [ 10.345407] print_report+0x17a/0x471 [ 10.345990] ? kasan_complete_mode_report_info+0x40/0x210 [ 10.346834] ? kmalloc_oob_right+0x10c/0x330 [ 10.347506] kasan_report+0xb4/0x140 [ 10.348075] ? kmalloc_oob_right+0x10c/0x330 [ 10.348789] __asan_store1+0x69/0x70 [ 10.349361] kmalloc_oob_right+0x10c/0x330 [ 10.350011] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.350739] ? __kasan_check_write+0x18/0x20 [ 10.351413] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.352142] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.352974] ? trace_preempt_on+0x2e/0xf0 [ 10.353571] ? __kthread_parkme+0x4f/0xd0 [ 10.354161] kunit_try_run_case+0x95/0xd0 [ 10.354756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.355448] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.356349] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.357136] kthread+0x17d/0x1b0 [ 10.357616] ? __pfx_kthread+0x10/0x10 [ 10.358168] ret_from_fork+0x2c/0x50 [ 10.358701] </TASK> [ 10.359033] [ 10.359265] Allocated by task 287: [ 10.359767] kasan_save_stack+0x2a/0x60 [ 10.360380] kasan_set_track+0x29/0x40 [ 10.360933] kasan_save_alloc_info+0x22/0x30 [ 10.361768] __kasan_kmalloc+0xb8/0xc0 [ 10.362644] kmalloc_trace+0x4e/0xb0 [ 10.363468] kmalloc_oob_right+0x9f/0x330 [ 10.364408] kunit_try_run_case+0x95/0xd0 [ 10.365335] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.366559] kthread+0x17d/0x1b0 [ 10.367304] ret_from_fork+0x2c/0x50 [ 10.368129] [ 10.368635] The buggy address belongs to the object at ffff888105144400 [ 10.368635] which belongs to the cache kmalloc-128 of size 128 [ 10.370960] The buggy address is located 120 bytes inside of [ 10.370960] 128-byte region [ffff888105144400, ffff888105144480) [ 10.372856] [ 10.373111] The buggy address belongs to the physical page: [ 10.373998] page:00000000f40eef31 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105144 [ 10.375476] flags: 0x200000000000200(slab|node=0|zone=2) [ 10.376338] raw: 0200000000000200 ffff8881000428c0 dead000000000122 0000000000000000 [ 10.377556] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 10.378775] page dumped because: kasan: bad access detected [ 10.379657] [ 10.379909] Memory state around the buggy address: [ 10.380703] ffff888105144300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.381842] ffff888105144380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.382981] >ffff888105144400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.384115] ^ [ 10.385354] ffff888105144480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.386621] ffff888105144500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.387735] ================================================================== [ 10.388909] ================================================================== [ 10.390033] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x14b/0x330 [ 10.391113] Read of size 1 at addr ffff888105144480 by task kunit_try_catch/287 [ 10.392245] [ 10.392534] CPU: 3 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 10.394009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.395304] Call Trace: [ 10.395699] <TASK> [ 10.396042] dump_stack_lvl+0x4d/0x66 [ 10.396616] print_report+0x17a/0x471 [ 10.397163] ? kasan_complete_mode_report_info+0x40/0x210 [ 10.397953] ? kmalloc_oob_right+0x14b/0x330 [ 10.398581] kasan_report+0xb4/0x140 [ 10.399113] ? kmalloc_oob_right+0x14b/0x330 [ 10.399742] __asan_load1+0x66/0x70 [ 10.400260] kmalloc_oob_right+0x14b/0x330 [ 10.400914] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.401591] ? __kasan_check_write+0x18/0x20 [ 10.402217] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.402896] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.403623] ? trace_preempt_on+0x2e/0xf0 [ 10.404213] ? __kthread_parkme+0x4f/0xd0 [ 10.404823] kunit_try_run_case+0x95/0xd0 [ 10.405416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.406107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.406992] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.407779] kthread+0x17d/0x1b0 [ 10.408259] ? __pfx_kthread+0x10/0x10 [ 10.408829] ret_from_fork+0x2c/0x50 [ 10.409362] </TASK> [ 10.409691] [ 10.409922] Allocated by task 287: [ 10.410424] kasan_save_stack+0x2a/0x60 [ 10.410989] kasan_set_track+0x29/0x40 [ 10.411554] kasan_save_alloc_info+0x22/0x30 [ 10.412197] __kasan_kmalloc+0xb8/0xc0 [ 10.412914] kmalloc_trace+0x4e/0xb0 [ 10.413659] kmalloc_oob_right+0x9f/0x330 [ 10.414456] kunit_try_run_case+0x95/0xd0 [ 10.415252] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.416434] kthread+0x17d/0x1b0 [ 10.416962] ret_from_fork+0x2c/0x50 [ 10.417543] [ 10.417797] The buggy address belongs to the object at ffff888105144400 [ 10.417797] which belongs to the cache kmalloc-128 of size 128 [ 10.419750] The buggy address is located 0 bytes to the right of [ 10.419750] 128-byte region [ffff888105144400, ffff888105144480) [ 10.421649] [ 10.421902] The buggy address belongs to the physical page: [ 10.422789] page:00000000f40eef31 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105144 [ 10.424259] flags: 0x200000000000200(slab|node=0|zone=2) [ 10.425131] raw: 0200000000000200 ffff8881000428c0 dead000000000122 0000000000000000 [ 10.426375] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 10.427602] page dumped because: kasan: bad access detected [ 10.428505] [ 10.428759] Memory state around the buggy address: [ 10.429527] ffff888105144380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.430679] ffff888105144400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.431795] >ffff888105144480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.432920] ^ [ 10.433427] ffff888105144500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.434535] ffff888105144580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.435643] ================================================================== [ 10.436891] ok 1 - kmalloc_oob_right [ 10.436935] kunit_try_catch (287) used greatest stack depth: 28456 bytes left [ 10.437325] ================================================================== [ 10.442529] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0xd0/0x1f0 [ 10.444885] Read of size 1 at addr ffff8881042165bf by task kunit_try_catch/288 [ 10.446784] [ 10.447163] CPU: 2 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 10.449391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.451323] Call Trace: [ 10.451912] <TASK> [ 10.452479] dump_stack_lvl+0x4d/0x66 [ 10.453441] print_report+0x17a/0x471 [ 10.454070] ? kasan_complete_mode_report_info+0x80/0x210 [ 10.454887] ? kmalloc_oob_left+0xd0/0x1f0 [ 10.455519] kasan_report+0xb4/0x140 [ 10.456095] ? kmalloc_oob_left+0xd0/0x1f0 [ 10.456773] __asan_load1+0x66/0x70 [ 10.457337] kmalloc_oob_left+0xd0/0x1f0 [ 10.457922] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.458637] ? __kasan_check_write+0x18/0x20 [ 10.459320] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.460003] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.460819] ? trace_preempt_on+0x2e/0xf0 [ 10.461458] ? __kthread_parkme+0x4f/0xd0 [ 10.462056] kunit_try_run_case+0x95/0xd0 [ 10.462704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.463444] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.464399] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.465246] kthread+0x17d/0x1b0 [ 10.465739] ? __pfx_kthread+0x10/0x10 [ 10.466320] ret_from_fork+0x2c/0x50 [ 10.466900] </TASK> [ 10.467259] [ 10.467514] Allocated by task 33: [ 10.468062] kasan_save_stack+0x2a/0x60 [ 10.468720] kasan_set_track+0x29/0x40 [ 10.469322] kasan_save_alloc_info+0x22/0x30 [ 10.469955] __kasan_kmalloc+0xb8/0xc0 [ 10.470521] __kmalloc_node_track_caller+0x67/0x150 [ 10.471240] kstrdup+0x3b/0x70 [ 10.471751] devtmpfs_work_loop+0x2b9/0x420 [ 10.472481] devtmpfsd+0x32/0x46 [ 10.473002] kthread+0x17d/0x1b0 [ 10.473540] ret_from_fork+0x2c/0x50 [ 10.474116] [ 10.474367] Freed by task 33: [ 10.474811] kasan_save_stack+0x2a/0x60 [ 10.475391] kasan_set_track+0x29/0x40 [ 10.475948] kasan_save_free_info+0x32/0x50 [ 10.476644] ____kasan_slab_free+0x174/0x1e0 [ 10.477325] __kasan_slab_free+0x16/0x20 [ 10.477913] __kmem_cache_free+0x18e/0x300 [ 10.478553] kfree+0x7d/0x120 [ 10.479033] devtmpfs_work_loop+0x3c2/0x420 [ 10.479704] devtmpfsd+0x32/0x46 [ 10.480224] kthread+0x17d/0x1b0 [ 10.480808] ret_from_fork+0x2c/0x50 [ 10.481394] [ 10.481646] The buggy address belongs to the object at ffff8881042165a0 [ 10.481646] which belongs to the cache kmalloc-16 of size 16 [ 10.483562] The buggy address is located 15 bytes to the right of [ 10.483562] 16-byte region [ffff8881042165a0, ffff8881042165b0) [ 10.486607] [ 10.487122] The buggy address belongs to the physical page: [ 10.488909] page:0000000037be271b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104216 [ 10.491867] flags: 0x200000000000200(slab|node=0|zone=2) [ 10.494159] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 10.496951] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 10.498872] page dumped because: kasan: bad access detected [ 10.500247] [ 10.500653] Memory state around the buggy address: [ 10.501908] ffff888104216480: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 10.503715] ffff888104216500: fa fb fc fc fa fb fc fc 00 06 fc fc 00 06 fc fc [ 10.505551] >ffff888104216580: 00 06 fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 10.506592] ^ [ 10.507370] ffff888104216600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.508428] ffff888104216680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.509462] ================================================================== [ 10.510641] ok 2 - kmalloc_oob_left [ 10.511127] ================================================================== [ 10.512927] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input3 [ 10.513271] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0xd5/0x200 [ 10.513284] Read of size 1 at addr ffff888101157000 by task kunit_try_catch/289 [ 10.516965] [ 10.517200] CPU: 3 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 10.518570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.519769] Call Trace: [ 10.520136] <TASK> [ 10.520461] dump_stack_lvl+0x4d/0x66 [ 10.521004] print_report+0x17a/0x471 [ 10.521548] ? kasan_complete_mode_report_info+0x40/0x210 [ 10.522365] ? kmalloc_node_oob_right+0xd5/0x200 [ 10.523045] kasan_report+0xb4/0x140 [ 10.523628] ? kmalloc_node_oob_right+0xd5/0x200 [ 10.524387] __asan_load1+0x66/0x70 [ 10.525135] kmalloc_node_oob_right+0xd5/0x200 [ 10.525984] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.526754] ? __kasan_check_write+0x18/0x20 [ 10.527402] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.528130] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.528936] ? trace_preempt_on+0x2e/0xf0 [ 10.529596] ? __kthread_parkme+0x4f/0xd0 [ 10.530239] kunit_try_run_case+0x95/0xd0 [ 10.530898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.531654] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.532619] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.533466] kthread+0x17d/0x1b0 [ 10.534006] ? __pfx_kthread+0x10/0x10 [ 10.534633] ret_from_fork+0x2c/0x50 [ 10.535231] </TASK> [ 10.535636] [ 10.535891] Allocated by task 289: [ 10.536481] kasan_save_stack+0x2a/0x60 [ 10.537115] kasan_set_track+0x29/0x40 [ 10.537726] kasan_save_alloc_info+0x22/0x30 [ 10.538412] __kasan_kmalloc+0xb8/0xc0 [ 10.539025] kmalloc_node_trace+0x49/0xb0 [ 10.539678] kmalloc_node_oob_right+0xa1/0x200 [ 10.540399] kunit_try_run_case+0x95/0xd0 [ 10.541038] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.541893] kthread+0x17d/0x1b0 [ 10.542415] ret_from_fork+0x2c/0x50 [ 10.542987] [ 10.543236] The buggy address belongs to the object at ffff888101156000 [ 10.543236] which belongs to the cache kmalloc-4k of size 4096 [ 10.545191] The buggy address is located 0 bytes to the right of [ 10.545191] 4096-byte region [ffff888101156000, ffff888101157000) [ 10.547096] [ 10.547366] The buggy address belongs to the physical page: [ 10.548237] page:0000000096b548f4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101150 [ 10.549747] head:0000000096b548f4 order:3 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 10.551183] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 10.552092] raw: 0200000000010200 ffff888100043040 dead000000000122 0000000000000000 [ 10.553338] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000 [ 10.554546] page dumped because: kasan: bad access detected [ 10.555423] [ 10.555673] Memory state around the buggy address: [ 10.556477] ffff888101156f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.557627] ffff888101156f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.558731] >ffff888101157000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.559832] ^ [ 10.560395] ffff888101157080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.561510] ffff888101157100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.562595] ================================================================== [ 10.563885] ok 3 - kmalloc_node_oob_right [ 10.564351] ================================================================== [ 10.566199] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0xbe/0x1d0 [ 10.567417] Write of size 1 at addr ffff88810548e00a by task kunit_try_catch/290 [ 10.568540] [ 10.568794] CPU: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 10.570320] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.572188] Call Trace: [ 10.572856] <TASK> [ 10.573756] dump_stack_lvl+0x4d/0x66 [ 10.574995] print_report+0x17a/0x471 [ 10.576294] ? kasan_addr_to_slab+0x11/0xb0 [ 10.577729] ? kmalloc_pagealloc_oob_right+0xbe/0x1d0 [ 10.579475] kasan_report+0xb4/0x140 [ 10.580683] ? kmalloc_pagealloc_oob_right+0xbe/0x1d0 [ 10.582185] __asan_store1+0x69/0x70 [ 10.583096] kmalloc_pagealloc_oob_right+0xbe/0x1d0 [ 10.583863] ? __pfx_kmalloc_pagealloc_oob_right+0x10/0x10 [ 10.584675] ? __kasan_check_write+0x18/0x20 [ 10.585293] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.585959] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.586676] ? trace_preempt_on+0x2e/0xf0 [ 10.587259] ? __kthread_parkme+0x4f/0xd0 [ 10.587842] kunit_try_run_case+0x95/0xd0 [ 10.588436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.589117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.589989] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.590766] kthread+0x17d/0x1b0 [ 10.591239] ? __pfx_kthread+0x10/0x10 [ 10.591785] ret_from_fork+0x2c/0x50 [ 10.592320] </TASK> [ 10.592647] [ 10.592877] The buggy address belongs to the physical page: [ 10.593675] page:000000005fa0a0b2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10548c [ 10.595007] head:000000005fa0a0b2 order:2 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 10.596330] flags: 0x200000000010000(head|node=0|zone=2) [ 10.597101] raw: 0200000000010000 0000000000000000 dead000000000122 0000000000000000 [ 10.598209] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 10.599309] page dumped because: kasan: bad access detected [ 10.600103] [ 10.600343] Memory state around the buggy address: [ 10.601034] ffff88810548df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.602436] ffff88810548df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.605003] >ffff88810548e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.607548] ^ [ 10.608827] ffff88810548e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.611390] ffff88810548e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.614057] ================================================================== [ 10.615686] ok 4 - kmalloc_pagealloc_oob_right [ 10.616383] ================================================================== [ 10.620748] BUG: KASAN: use-after-free in kmalloc_pagealloc_uaf+0xbd/0x1b0 [ 10.622097] Read of size 1 at addr ffff8881054a4000 by task kunit_try_catch/291 [ 10.623957] [ 10.624380] CPU: 3 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 10.626764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.628861] Call Trace: [ 10.629502] <TASK> [ 10.630049] dump_stack_lvl+0x4d/0x66 [ 10.630992] print_report+0x17a/0x471 [ 10.631938] ? kasan_addr_to_slab+0x11/0xb0 [ 10.633066] ? kmalloc_pagealloc_uaf+0xbd/0x1b0 [ 10.633995] kasan_report+0xb4/0x140 [ 10.634607] ? kmalloc_pagealloc_uaf+0xbd/0x1b0 [ 10.635375] __asan_load1+0x66/0x70 [ 10.635957] kmalloc_pagealloc_uaf+0xbd/0x1b0 [ 10.636734] ? __pfx_kmalloc_pagealloc_uaf+0x10/0x10 [ 10.637570] ? __kasan_check_write+0x18/0x20 [ 10.638284] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.639055] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.639876] ? trace_preempt_on+0x2e/0xf0 [ 10.640588] ? __kthread_parkme+0x4f/0xd0 [ 10.641257] kunit_try_run_case+0x95/0xd0 [ 10.641933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.642719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.643729] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.644658] kthread+0x17d/0x1b0 [ 10.645199] ? __pfx_kthread+0x10/0x10 [ 10.645843] ret_from_fork+0x2c/0x50 [ 10.646462] </TASK> [ 10.646834] [ 10.647094] The buggy address belongs to the physical page: [ 10.648036] page:0000000040e361a3 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1054a4 [ 10.649580] flags: 0x200000000000000(node=0|zone=2) [ 10.650380] raw: 0200000000000000 ffffea0004152a08 ffff88811b5bc7b8 0000000000000000 [ 10.651630] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 10.653134] page dumped because: kasan: bad access detected [ 10.654369] [ 10.654722] Memory state around the buggy address: [ 10.655551] ffff8881054a3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.656663] ffff8881054a3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.657767] >ffff8881054a4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.658857] ^ [ 10.659357] ffff8881054a4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.660453] ffff8881054a4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.661541] ================================================================== [ 10.662791] ok 5 - kmalloc_pagealloc_uaf [ 10.663134] ================================================================== [ 10.667500] BUG: KASAN: invalid-free in kfree+0xff/0x120 [ 10.668376] Free of addr ffff88810548c001 by task kunit_try_catch/292 [ 10.670612] [ 10.671215] CPU: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 10.674802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.677733] Call Trace: [ 10.678140] <TASK> [ 10.678494] dump_stack_lvl+0x4d/0x66 [ 10.679091] print_report+0x17a/0x471 [ 10.679690] ? kfree+0xff/0x120 [ 10.680200] ? kasan_addr_to_slab+0x11/0xb0 [ 10.680889] ? kfree+0xff/0x120 [ 10.681404] kasan_report_invalid_free+0x85/0x100 [ 10.682164] ? kfree+0xff/0x120 [ 10.682678] ? kfree+0xff/0x120 [ 10.683192] __kasan_kfree_large+0x87/0xe0 [ 10.683862] free_large_kmalloc+0x4a/0xc0 [ 10.684526] kfree+0xff/0x120 [ 10.685011] kmalloc_pagealloc_invalid_free+0xb2/0x1b0 [ 10.685836] ? __pfx_kmalloc_pagealloc_invalid_free+0x10/0x10 [ 10.686779] ? __kasan_check_write+0x18/0x20 [ 10.687452] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.688178] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.689008] ? trace_preempt_on+0x2e/0xf0 [ 10.689642] ? __kthread_parkme+0x4f/0xd0 [ 10.690273] kunit_try_run_case+0x95/0xd0 [ 10.690909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.691684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.692764] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.693672] kthread+0x17d/0x1b0 [ 10.694204] ? __pfx_kthread+0x10/0x10 [ 10.694836] ret_from_fork+0x2c/0x50 [ 10.695443] </TASK> [ 10.695800] [ 10.696080] The buggy address belongs to the physical page: [ 10.696934] page:000000005fa0a0b2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10548c [ 10.698439] head:000000005fa0a0b2 order:2 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 10.700011] flags: 0x200000000010000(head|node=0|zone=2) [ 10.700862] raw: 0200000000010000 0000000000000000 dead000000000122 0000000000000000 [ 10.702098] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 10.703285] page dumped because: kasan: bad access detected [ 10.704148] [ 10.704423] Memory state around the buggy address: [ 10.705119] ffff88810548bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.706155] ffff88810548bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.707194] >ffff88810548c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.708232] ^ [ 10.708724] ffff88810548c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.709762] ffff88810548c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.710804] ================================================================== [ 10.711988] ok 6 - kmalloc_pagealloc_invalid_free [ 10.712116] kunit_try_catch (292) used greatest stack depth: 28400 bytes left [ 10.713315] ok 7 - pagealloc_oob_right # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 10.714527] ================================================================== [ 10.718803] BUG: KASAN: use-after-free in pagealloc_uaf+0xeb/0x1e0 [ 10.720243] Read of size 1 at addr ffff8881052e0000 by task kunit_try_catch/294 [ 10.721954] [ 10.722326] CPU: 2 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 10.724657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.726611] Call Trace: [ 10.727212] <TASK> [ 10.727782] dump_stack_lvl+0x4d/0x66 [ 10.729003] print_report+0x17a/0x471 [ 10.730263] ? kasan_addr_to_slab+0x11/0xb0 [ 10.731667] ? pagealloc_uaf+0xeb/0x1e0 [ 10.732841] kasan_report+0xb4/0x140 [ 10.733682] ? pagealloc_uaf+0xeb/0x1e0 [ 10.734314] __asan_load1+0x66/0x70 [ 10.734900] pagealloc_uaf+0xeb/0x1e0 [ 10.735509] ? __pfx_pagealloc_uaf+0x10/0x10 [ 10.736211] ? __kasan_check_write+0x18/0x20 [ 10.736928] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.737687] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.738496] ? trace_preempt_on+0x2e/0xf0 [ 10.739154] ? __kthread_parkme+0x4f/0xd0 [ 10.739814] kunit_try_run_case+0x95/0xd0 [ 10.740486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.741255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.742238] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.743111] kthread+0x17d/0x1b0 [ 10.743652] ? __pfx_kthread+0x10/0x10 [ 10.744289] ret_from_fork+0x2c/0x50 [ 10.744888] </TASK> [ 10.745255] [ 10.745513] The buggy address belongs to the physical page: [ 10.746424] page:00000000197e2211 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x1052e0 [ 10.747978] flags: 0x200000000000000(node=0|zone=2) [ 10.748786] raw: 0200000000000000 ffffea000414a808 ffff88813fffaba8 0000000000000000 [ 10.750022] raw: 0000000000000000 0000000000000005 00000000ffffff7f 0000000000000000 [ 10.751262] page dumped because: kasan: bad access detected [ 10.752155] [ 10.752423] Memory state around the buggy address: [ 10.753204] ffff8881052dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.754370] ffff8881052dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.755526] >ffff8881052e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.756701] ^ [ 10.757232] ffff8881052e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.758388] ffff8881052e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.759547] ================================================================== [ 10.760812] ok 8 - pagealloc_uaf [ 10.761205] ================================================================== [ 10.763980] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xd1/0x1e0 [ 10.766543] Write of size 1 at addr ffff888105461f00 by task kunit_try_catch/295 [ 10.768893] [ 10.769260] CPU: 3 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 10.771647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.773727] Call Trace: [ 10.774359] <TASK> [ 10.774894] dump_stack_lvl+0x4d/0x66 [ 10.775820] print_report+0x17a/0x471 [ 10.776773] ? kasan_complete_mode_report_info+0x40/0x210 [ 10.778111] ? kmalloc_large_oob_right+0xd1/0x1e0 [ 10.779435] kasan_report+0xb4/0x140 [ 10.780469] ? kmalloc_large_oob_right+0xd1/0x1e0 [ 10.781788] __asan_store1+0x69/0x70 [ 10.782955] kmalloc_large_oob_right+0xd1/0x1e0 [ 10.784228] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 10.785688] ? __kasan_check_write+0x18/0x20 [ 10.786969] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.787954] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.788771] ? trace_preempt_on+0x2e/0xf0 [ 10.789394] ? __kthread_parkme+0x4f/0xd0 [ 10.790016] kunit_try_run_case+0x95/0xd0 [ 10.790633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.791366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.792311] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.793134] kthread+0x17d/0x1b0 [ 10.793635] ? __pfx_kthread+0x10/0x10 [ 10.794210] ret_from_fork+0x2c/0x50 [ 10.794765] </TASK> [ 10.795107] [ 10.795347] Allocated by task 295: [ 10.795869] kasan_save_stack+0x2a/0x60 [ 10.796472] kasan_set_track+0x29/0x40 [ 10.797051] kasan_save_alloc_info+0x22/0x30 [ 10.797712] __kasan_kmalloc+0xb8/0xc0 [ 10.798323] kmalloc_trace+0x4e/0xb0 [ 10.798919] kmalloc_large_oob_right+0x9d/0x1e0 [ 10.799673] kunit_try_run_case+0x95/0xd0 [ 10.800373] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.801230] kthread+0x17d/0x1b0 [ 10.801799] ret_from_fork+0x2c/0x50 [ 10.802392] [ 10.802647] The buggy address belongs to the object at ffff888105460000 [ 10.802647] which belongs to the cache kmalloc-8k of size 8192 [ 10.804756] The buggy address is located 7936 bytes inside of [ 10.804756] 8192-byte region [ffff888105460000, ffff888105462000) [ 10.807191] [ 10.807453] The buggy address belongs to the physical page: [ 10.808372] page:00000000154b7ba3 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105460 [ 10.809913] head:00000000154b7ba3 order:3 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 10.811434] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 10.812417] raw: 0200000000010200 ffff888100043180 dead000000000122 0000000000000000 [ 10.813687] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 10.814921] page dumped because: kasan: bad access detected [ 10.815810] [ 10.816066] Memory state around the buggy address: [ 10.816868] ffff888105461e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.818016] ffff888105461e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.819164] >ffff888105461f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.820318] ^ [ 10.820845] ffff888105461f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.821987] ffff888105462000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.823130] ================================================================== [ 10.824363] ok 9 - kmalloc_large_oob_right [ 10.824772] ================================================================== [ 10.827680] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x180/0x3a0 [ 10.829570] Write of size 1 at addr ffff8881054560eb by task kunit_try_catch/296 [ 10.831391] [ 10.831788] CPU: 2 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 10.834956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.837378] Call Trace: [ 10.837871] <TASK> [ 10.838223] dump_stack_lvl+0x4d/0x66 [ 10.838858] print_report+0x17a/0x471 [ 10.839495] ? kasan_complete_mode_report_info+0x40/0x210 [ 10.840392] ? krealloc_more_oob_helper+0x180/0x3a0 [ 10.841190] kasan_report+0xb4/0x140 [ 10.841803] ? krealloc_more_oob_helper+0x180/0x3a0 [ 10.842613] __asan_store1+0x69/0x70 [ 10.843192] krealloc_more_oob_helper+0x180/0x3a0 [ 10.843949] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.844798] ? trace_preempt_off+0x2e/0xf0 [ 10.845464] ? __kthread_parkme+0x31/0xd0 [ 10.846107] ? __kasan_check_write+0x18/0x20 [ 10.846797] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.847544] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.848363] ? trace_preempt_on+0x2e/0xf0 [ 10.849002] krealloc_more_oob+0x1c/0x30 [ 10.849651] kunit_try_run_case+0x95/0xd0 [ 10.850312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.851062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.852040] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.852917] kthread+0x17d/0x1b0 [ 10.853447] ? __pfx_kthread+0x10/0x10 [ 10.854046] ret_from_fork+0x2c/0x50 [ 10.854632] </TASK> [ 10.854992] [ 10.855243] Allocated by task 296: [ 10.855791] kasan_save_stack+0x2a/0x60 [ 10.856455] kasan_set_track+0x29/0x40 [ 10.857053] kasan_save_alloc_info+0x22/0x30 [ 10.857750] __kasan_krealloc+0x147/0x180 [ 10.858412] krealloc+0x61/0x110 [ 10.858933] krealloc_more_oob_helper+0xec/0x3a0 [ 10.859684] krealloc_more_oob+0x1c/0x30 [ 10.860331] kunit_try_run_case+0x95/0xd0 [ 10.860970] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.861826] kthread+0x17d/0x1b0 [ 10.862352] ret_from_fork+0x2c/0x50 [ 10.862928] [ 10.863178] The buggy address belongs to the object at ffff888105456000 [ 10.863178] which belongs to the cache kmalloc-256 of size 256 [ 10.865146] The buggy address is located 235 bytes inside of [ 10.865146] 256-byte region [ffff888105456000, ffff888105456100) [ 10.867015] [ 10.867271] The buggy address belongs to the physical page: [ 10.868160] page:000000002a94ff7f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105456 [ 10.869655] head:000000002a94ff7f order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 10.871102] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 10.872017] raw: 0200000000010200 ffff888100042b40 dead000000000122 0000000000000000 [ 10.873486] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 10.874999] page dumped because: kasan: bad access detected [ 10.876149] [ 10.876461] Memory state around the buggy address: [ 10.877600] ffff888105455f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.879044] ffff888105456000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.880231] >ffff888105456080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.881430] ^ [ 10.882537] ffff888105456100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.883721] ffff888105456180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.884918] ================================================================== [ 10.886141] ================================================================== [ 10.887350] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x1c2/0x3a0 [ 10.888610] Write of size 1 at addr ffff8881054560f0 by task kunit_try_catch/296 [ 10.889836] [ 10.890104] CPU: 2 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 10.891676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.893090] Call Trace: [ 10.893512] <TASK> [ 10.893876] dump_stack_lvl+0x4d/0x66 [ 10.894499] print_report+0x17a/0x471 [ 10.895124] ? kasan_complete_mode_report_info+0x40/0x210 [ 10.896026] ? krealloc_more_oob_helper+0x1c2/0x3a0 [ 10.896867] kasan_report+0xb4/0x140 [ 10.897483] ? krealloc_more_oob_helper+0x1c2/0x3a0 [ 10.898292] __asan_store1+0x69/0x70 [ 10.898975] krealloc_more_oob_helper+0x1c2/0x3a0 [ 10.899762] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.900651] ? trace_preempt_off+0x2e/0xf0 [ 10.901330] ? __kthread_parkme+0x31/0xd0 [ 10.901996] ? __kasan_check_write+0x18/0x20 [ 10.902708] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.903477] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.904335] ? trace_preempt_on+0x2e/0xf0 [ 10.905020] krealloc_more_oob+0x1c/0x30 [ 10.905681] kunit_try_run_case+0x95/0xd0 [ 10.906369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.907170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.908198] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.909124] kthread+0x17d/0x1b0 [ 10.909674] ? __pfx_kthread+0x10/0x10 [ 10.910298] ret_from_fork+0x2c/0x50 [ 10.910896] </TASK> [ 10.911281] [ 10.911545] Allocated by task 296: [ 10.912131] kasan_save_stack+0x2a/0x60 [ 10.912993] kasan_set_track+0x29/0x40 [ 10.913624] kasan_save_alloc_info+0x22/0x30 [ 10.914341] __kasan_krealloc+0x147/0x180 [ 10.915006] krealloc+0x61/0x110 [ 10.915543] krealloc_more_oob_helper+0xec/0x3a0 [ 10.916330] krealloc_more_oob+0x1c/0x30 [ 10.917189] kunit_try_run_case+0x95/0xd0 [ 10.918060] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.919174] kthread+0x17d/0x1b0 [ 10.919739] ret_from_fork+0x2c/0x50 [ 10.920365] [ 10.920625] The buggy address belongs to the object at ffff888105456000 [ 10.920625] which belongs to the cache kmalloc-256 of size 256 [ 10.922791] The buggy address is located 240 bytes inside of [ 10.922791] 256-byte region [ffff888105456000, ffff888105456100) [ 10.924802] [ 10.925071] The buggy address belongs to the physical page: [ 10.926013] page:000000002a94ff7f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105456 [ 10.927594] head:000000002a94ff7f order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 10.929118] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 10.930075] raw: 0200000000010200 ffff888100042b40 dead000000000122 0000000000000000 [ 10.931345] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 10.932643] page dumped because: kasan: bad access detected [ 10.933561] [ 10.933821] Memory state around the buggy address: [ 10.934632] ffff888105455f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.935832] ffff888105456000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.937046] >ffff888105456080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.938263] ^ [ 10.939403] ffff888105456100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.940599] ffff888105456180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.941804] ================================================================== [ 10.943164] kunit_try_catch (296) used greatest stack depth: 28352 bytes left [ 10.943171] ok 10 - krealloc_more_oob [ 10.944913] ================================================================== [ 10.946872] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x145/0x620 [ 10.948125] Write of size 1 at addr ffff888100fa4cc9 by task kunit_try_catch/297 [ 10.949367] [ 10.949633] CPU: 3 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 10.951232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 10.952703] Call Trace: [ 10.953120] <TASK> [ 10.953507] dump_stack_lvl+0x4d/0x66 [ 10.954123] print_report+0x17a/0x471 [ 10.954743] ? kasan_complete_mode_report_info+0x40/0x210 [ 10.955655] ? krealloc_less_oob_helper+0x145/0x620 [ 10.956609] kasan_report+0xb4/0x140 [ 10.957422] ? krealloc_less_oob_helper+0x145/0x620 [ 10.958508] __asan_store1+0x69/0x70 [ 10.959177] krealloc_less_oob_helper+0x145/0x620 [ 10.959952] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.960901] ? trace_preempt_off+0x2e/0xf0 [ 10.961575] ? __kthread_parkme+0x31/0xd0 [ 10.962241] ? __kasan_check_write+0x18/0x20 [ 10.962959] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 10.963727] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 10.964574] ? trace_preempt_on+0x2e/0xf0 [ 10.965237] krealloc_less_oob+0x1c/0x30 [ 10.965886] kunit_try_run_case+0x95/0xd0 [ 10.966551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.967323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.968340] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.969228] kthread+0x17d/0x1b0 [ 10.969776] ? __pfx_kthread+0x10/0x10 [ 10.970398] ret_from_fork+0x2c/0x50 [ 10.970998] </TASK> [ 10.971370] [ 10.971628] Allocated by task 297: [ 10.972191] kasan_save_stack+0x2a/0x60 [ 10.975512] kasan_set_track+0x29/0x40 [ 10.976137] kasan_save_alloc_info+0x22/0x30 [ 10.976851] __kasan_krealloc+0x147/0x180 [ 10.977505] krealloc+0x61/0x110 [ 10.978044] krealloc_less_oob_helper+0xec/0x620 [ 10.978799] krealloc_less_oob+0x1c/0x30 [ 10.979440] kunit_try_run_case+0x95/0xd0 [ 10.980099] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 10.980995] kthread+0x17d/0x1b0 [ 10.981534] ret_from_fork+0x2c/0x50 [ 10.982120] [ 10.982376] The buggy address belongs to the object at ffff888100fa4c00 [ 10.982376] which belongs to the cache kmalloc-256 of size 256 [ 10.984371] The buggy address is located 201 bytes inside of [ 10.984371] 256-byte region [ffff888100fa4c00, ffff888100fa4d00) [ 10.986238] [ 10.986497] The buggy address belongs to the physical page: [ 10.987409] page:00000000adbefe05 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa4 [ 10.988950] head:00000000adbefe05 order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 10.990459] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 10.991406] raw: 0200000000010200 ffff888100042b40 dead000000000122 0000000000000000 [ 10.992677] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 10.993931] page dumped because: kasan: bad access detected [ 10.994824] [ 10.995081] Memory state around the buggy address: [ 10.995866] ffff888100fa4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.997039] ffff888100fa4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.998184] >ffff888100fa4c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.999326] ^ [ 11.000208] ffff888100fa4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.001409] ffff888100fa4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.002592] ================================================================== [ 11.003862] ================================================================== [ 11.005077] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x198/0x620 [ 11.006294] Write of size 1 at addr ffff888100fa4cd0 by task kunit_try_catch/297 [ 11.007504] [ 11.007762] CPU: 3 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.009326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.010660] Call Trace: [ 11.011068] <TASK> [ 11.011421] dump_stack_lvl+0x4d/0x66 [ 11.012031] print_report+0x17a/0x471 [ 11.012665] ? kasan_complete_mode_report_info+0x40/0x210 [ 11.013548] ? krealloc_less_oob_helper+0x198/0x620 [ 11.014345] kasan_report+0xb4/0x140 [ 11.014938] ? krealloc_less_oob_helper+0x198/0x620 [ 11.015739] __asan_store1+0x69/0x70 [ 11.016377] krealloc_less_oob_helper+0x198/0x620 [ 11.017169] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.018033] ? trace_preempt_off+0x2e/0xf0 [ 11.018725] ? __kthread_parkme+0x31/0xd0 [ 11.019387] ? __kasan_check_write+0x18/0x20 [ 11.020087] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.020874] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.021746] ? trace_preempt_on+0x2e/0xf0 [ 11.022426] krealloc_less_oob+0x1c/0x30 [ 11.023097] kunit_try_run_case+0x95/0xd0 [ 11.023776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.024575] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.025588] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.026468] kthread+0x17d/0x1b0 [ 11.027003] ? __pfx_kthread+0x10/0x10 [ 11.027619] ret_from_fork+0x2c/0x50 [ 11.028212] </TASK> [ 11.028608] [ 11.028867] Allocated by task 297: [ 11.029433] kasan_save_stack+0x2a/0x60 [ 11.030071] kasan_set_track+0x29/0x40 [ 11.030688] kasan_save_alloc_info+0x22/0x30 [ 11.031409] __kasan_krealloc+0x147/0x180 [ 11.032098] krealloc+0x61/0x110 [ 11.032677] krealloc_less_oob_helper+0xec/0x620 [ 11.033448] krealloc_less_oob+0x1c/0x30 [ 11.034115] kunit_try_run_case+0x95/0xd0 [ 11.034774] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.035659] kthread+0x17d/0x1b0 [ 11.036209] ret_from_fork+0x2c/0x50 [ 11.037009] [ 11.037370] The buggy address belongs to the object at ffff888100fa4c00 [ 11.037370] which belongs to the cache kmalloc-256 of size 256 [ 11.039801] The buggy address is located 208 bytes inside of [ 11.039801] 256-byte region [ffff888100fa4c00, ffff888100fa4d00) [ 11.041611] [ 11.041857] The buggy address belongs to the physical page: [ 11.042718] page:00000000adbefe05 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa4 [ 11.044172] head:00000000adbefe05 order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.045624] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 11.046522] raw: 0200000000010200 ffff888100042b40 dead000000000122 0000000000000000 [ 11.047739] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 11.048963] page dumped because: kasan: bad access detected [ 11.049832] [ 11.050076] Memory state around the buggy address: [ 11.050817] ffff888100fa4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.051916] ffff888100fa4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.053041] >ffff888100fa4c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.054158] ^ [ 11.055053] ffff888100fa4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.056169] ffff888100fa4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.057299] ================================================================== [ 11.058428] ================================================================== [ 11.059556] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x217/0x620 [ 11.060736] Write of size 1 at addr ffff888100fa4cda by task kunit_try_catch/297 [ 11.061894] [ 11.062142] CPU: 3 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.063615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.064944] Call Trace: [ 11.065359] <TASK> [ 11.065722] dump_stack_lvl+0x4d/0x66 [ 11.066295] print_report+0x17a/0x471 [ 11.066871] ? kasan_complete_mode_report_info+0x40/0x210 [ 11.067699] ? krealloc_less_oob_helper+0x217/0x620 [ 11.068552] kasan_report+0xb4/0x140 [ 11.069108] ? krealloc_less_oob_helper+0x217/0x620 [ 11.069870] __asan_store1+0x69/0x70 [ 11.070446] krealloc_less_oob_helper+0x217/0x620 [ 11.071188] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.072006] ? trace_preempt_off+0x2e/0xf0 [ 11.072627] ? __kthread_parkme+0x31/0xd0 [ 11.073213] ? __kasan_check_write+0x18/0x20 [ 11.073883] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.074610] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.075385] ? trace_preempt_on+0x2e/0xf0 [ 11.076018] krealloc_less_oob+0x1c/0x30 [ 11.076783] kunit_try_run_case+0x95/0xd0 [ 11.077658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.078698] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.079701] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.080548] kthread+0x17d/0x1b0 [ 11.081049] ? __pfx_kthread+0x10/0x10 [ 11.081635] ret_from_fork+0x2c/0x50 [ 11.082193] </TASK> [ 11.082539] [ 11.082782] Allocated by task 297: [ 11.083307] kasan_save_stack+0x2a/0x60 [ 11.083901] kasan_set_track+0x29/0x40 [ 11.084497] kasan_save_alloc_info+0x22/0x30 [ 11.085164] __kasan_krealloc+0x147/0x180 [ 11.085792] krealloc+0x61/0x110 [ 11.086300] krealloc_less_oob_helper+0xec/0x620 [ 11.087019] krealloc_less_oob+0x1c/0x30 [ 11.087633] kunit_try_run_case+0x95/0xd0 [ 11.088261] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.089107] kthread+0x17d/0x1b0 [ 11.089616] ret_from_fork+0x2c/0x50 [ 11.090179] [ 11.090426] The buggy address belongs to the object at ffff888100fa4c00 [ 11.090426] which belongs to the cache kmalloc-256 of size 256 [ 11.092375] The buggy address is located 218 bytes inside of [ 11.092375] 256-byte region [ffff888100fa4c00, ffff888100fa4d00) [ 11.094284] [ 11.094545] The buggy address belongs to the physical page: [ 11.095461] page:00000000adbefe05 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa4 [ 11.097006] head:00000000adbefe05 order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.098518] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 11.099471] raw: 0200000000010200 ffff888100042b40 dead000000000122 0000000000000000 [ 11.100809] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 11.101997] page dumped because: kasan: bad access detected [ 11.102858] [ 11.103104] Memory state around the buggy address: [ 11.103846] ffff888100fa4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.104962] ffff888100fa4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.106078] >ffff888100fa4c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.107203] ^ [ 11.108158] ffff888100fa4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.109330] ffff888100fa4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.110437] ================================================================== [ 11.111566] ================================================================== [ 11.112698] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x255/0x620 [ 11.114010] Write of size 1 at addr ffff888100fa4cea by task kunit_try_catch/297 [ 11.115136] [ 11.115381] CPU: 3 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.117060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.118830] Call Trace: [ 11.119222] <TASK> [ 11.119562] dump_stack_lvl+0x4d/0x66 [ 11.120138] print_report+0x17a/0x471 [ 11.120735] ? kasan_complete_mode_report_info+0x40/0x210 [ 11.121571] ? krealloc_less_oob_helper+0x255/0x620 [ 11.122328] kasan_report+0xb4/0x140 [ 11.122892] ? krealloc_less_oob_helper+0x255/0x620 [ 11.123646] __asan_store1+0x69/0x70 [ 11.124207] krealloc_less_oob_helper+0x255/0x620 [ 11.124947] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.125755] ? trace_preempt_off+0x2e/0xf0 [ 11.126393] ? __kthread_parkme+0x31/0xd0 [ 11.127021] ? __kasan_check_write+0x18/0x20 [ 11.127687] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.128416] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.129188] ? trace_preempt_on+0x2e/0xf0 [ 11.129817] krealloc_less_oob+0x1c/0x30 [ 11.130434] kunit_try_run_case+0x95/0xd0 [ 11.131064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.131796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.132760] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.133597] kthread+0x17d/0x1b0 [ 11.134104] ? __pfx_kthread+0x10/0x10 [ 11.134688] ret_from_fork+0x2c/0x50 [ 11.135249] </TASK> [ 11.135597] [ 11.135841] Allocated by task 297: [ 11.136379] kasan_save_stack+0x2a/0x60 [ 11.136976] kasan_set_track+0x29/0x40 [ 11.137559] kasan_save_alloc_info+0x22/0x30 [ 11.138220] __kasan_krealloc+0x147/0x180 [ 11.138843] krealloc+0x61/0x110 [ 11.139348] krealloc_less_oob_helper+0xec/0x620 [ 11.140062] krealloc_less_oob+0x1c/0x30 [ 11.140686] kunit_try_run_case+0x95/0xd0 [ 11.141315] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.142152] kthread+0x17d/0x1b0 [ 11.142661] ret_from_fork+0x2c/0x50 [ 11.143224] [ 11.143471] The buggy address belongs to the object at ffff888100fa4c00 [ 11.143471] which belongs to the cache kmalloc-256 of size 256 [ 11.145390] The buggy address is located 234 bytes inside of [ 11.145390] 256-byte region [ffff888100fa4c00, ffff888100fa4d00) [ 11.147178] [ 11.147422] The buggy address belongs to the physical page: [ 11.148272] page:00000000adbefe05 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa4 [ 11.149709] head:00000000adbefe05 order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.151107] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 11.151987] raw: 0200000000010200 ffff888100042b40 dead000000000122 0000000000000000 [ 11.153176] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 11.154355] page dumped because: kasan: bad access detected [ 11.155209] [ 11.155453] Memory state around the buggy address: [ 11.156191] ffff888100fa4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.157350] ffff888100fa4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.158580] >ffff888100fa4c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.159786] ^ [ 11.160928] ffff888100fa4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.162115] ffff888100fa4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.163317] ================================================================== [ 11.164550] ================================================================== [ 11.165753] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x291/0x620 [ 11.167003] Write of size 1 at addr ffff888100fa4ceb by task kunit_try_catch/297 [ 11.168239] [ 11.168525] CPU: 3 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.170113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.171485] Call Trace: [ 11.171902] <TASK> [ 11.172263] dump_stack_lvl+0x4d/0x66 [ 11.172893] print_report+0x17a/0x471 [ 11.173534] ? kasan_complete_mode_report_info+0x40/0x210 [ 11.174440] ? krealloc_less_oob_helper+0x291/0x620 [ 11.175271] kasan_report+0xb4/0x140 [ 11.175887] ? krealloc_less_oob_helper+0x291/0x620 [ 11.176737] __asan_store1+0x69/0x70 [ 11.177343] krealloc_less_oob_helper+0x291/0x620 [ 11.178121] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.178954] ? trace_preempt_off+0x2e/0xf0 [ 11.179620] ? __kthread_parkme+0x31/0xd0 [ 11.180299] ? __kasan_check_write+0x18/0x20 [ 11.181006] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.181792] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.182637] ? trace_preempt_on+0x2e/0xf0 [ 11.183312] krealloc_less_oob+0x1c/0x30 [ 11.183967] kunit_try_run_case+0x95/0xd0 [ 11.184678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.185480] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.186479] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.187330] kthread+0x17d/0x1b0 [ 11.187842] ? __pfx_kthread+0x10/0x10 [ 11.188457] ret_from_fork+0x2c/0x50 [ 11.189069] </TASK> [ 11.189464] [ 11.189729] Allocated by task 297: [ 11.190381] kasan_save_stack+0x2a/0x60 [ 11.191020] kasan_set_track+0x29/0x40 [ 11.191661] kasan_save_alloc_info+0x22/0x30 [ 11.192397] __kasan_krealloc+0x147/0x180 [ 11.193276] krealloc+0x61/0x110 [ 11.193998] krealloc_less_oob_helper+0xec/0x620 [ 11.194983] krealloc_less_oob+0x1c/0x30 [ 11.195594] kunit_try_run_case+0x95/0xd0 [ 11.196217] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.197099] kthread+0x17d/0x1b0 [ 11.197612] ret_from_fork+0x2c/0x50 [ 11.198172] [ 11.198418] The buggy address belongs to the object at ffff888100fa4c00 [ 11.198418] which belongs to the cache kmalloc-256 of size 256 [ 11.200365] The buggy address is located 235 bytes inside of [ 11.200365] 256-byte region [ffff888100fa4c00, ffff888100fa4d00) [ 11.202155] [ 11.202402] The buggy address belongs to the physical page: [ 11.203263] page:00000000adbefe05 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa4 [ 11.204710] head:00000000adbefe05 order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.206110] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 11.206996] raw: 0200000000010200 ffff888100042b40 dead000000000122 0000000000000000 [ 11.208175] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 11.209365] page dumped because: kasan: bad access detected [ 11.210234] [ 11.210483] Memory state around the buggy address: [ 11.211237] ffff888100fa4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.212378] ffff888100fa4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.213514] >ffff888100fa4c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.214648] ^ [ 11.215688] ffff888100fa4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.216831] ffff888100fa4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.217988] ================================================================== [ 11.219376] ok 11 - krealloc_less_oob [ 11.219417] kunit_try_catch (297) used greatest stack depth: 28344 bytes left [ 11.219886] ================================================================== [ 11.225341] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x180/0x3a0 [ 11.227969] Write of size 1 at addr ffff888104f420eb by task kunit_try_catch/298 [ 11.230138] [ 11.230557] CPU: 2 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.233054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.234629] Call Trace: [ 11.235052] <TASK> [ 11.235423] dump_stack_lvl+0x4d/0x66 [ 11.236045] print_report+0x17a/0x471 [ 11.236700] ? kasan_addr_to_slab+0x11/0xb0 [ 11.237425] ? krealloc_more_oob_helper+0x180/0x3a0 [ 11.238234] kasan_report+0xb4/0x140 [ 11.238845] ? krealloc_more_oob_helper+0x180/0x3a0 [ 11.239670] __asan_store1+0x69/0x70 [ 11.240272] krealloc_more_oob_helper+0x180/0x3a0 [ 11.241072] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.241927] ? trace_preempt_off+0x2e/0xf0 [ 11.242603] ? __kthread_parkme+0x31/0xd0 [ 11.243260] ? __kasan_check_write+0x18/0x20 [ 11.243966] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.244761] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.245591] ? trace_preempt_on+0x2e/0xf0 [ 11.246253] krealloc_pagealloc_more_oob+0x1c/0x30 [ 11.247056] kunit_try_run_case+0x95/0xd0 [ 11.247725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.248519] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.249535] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.250440] kthread+0x17d/0x1b0 [ 11.250979] ? __pfx_kthread+0x10/0x10 [ 11.251604] ret_from_fork+0x2c/0x50 [ 11.252196] </TASK> [ 11.252599] [ 11.252860] The buggy address belongs to the physical page: [ 11.253794] page:00000000bd97887b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104f40 [ 11.255326] head:00000000bd97887b order:2 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.256838] flags: 0x200000000010000(head|node=0|zone=2) [ 11.257723] raw: 0200000000010000 0000000000000000 dead000000000122 0000000000000000 [ 11.258978] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.260245] page dumped because: kasan: bad access detected [ 11.261193] [ 11.261465] Memory state around the buggy address: [ 11.262343] ffff888104f41f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.263532] ffff888104f42000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.264934] >ffff888104f42080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.266473] ^ [ 11.267707] ffff888104f42100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.268821] ffff888104f42180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.269910] ================================================================== [ 11.271038] ================================================================== [ 11.272132] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x1c2/0x3a0 [ 11.273285] Write of size 1 at addr ffff888104f420f0 by task kunit_try_catch/298 [ 11.274409] [ 11.274652] CPU: 2 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.276100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.277377] Call Trace: [ 11.277767] <TASK> [ 11.278103] dump_stack_lvl+0x4d/0x66 [ 11.278677] print_report+0x17a/0x471 [ 11.279253] ? kasan_addr_to_slab+0x11/0xb0 [ 11.279905] ? krealloc_more_oob_helper+0x1c2/0x3a0 [ 11.280684] kasan_report+0xb4/0x140 [ 11.281246] ? krealloc_more_oob_helper+0x1c2/0x3a0 [ 11.282003] __asan_store1+0x69/0x70 [ 11.282564] krealloc_more_oob_helper+0x1c2/0x3a0 [ 11.283296] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.284097] ? trace_preempt_off+0x2e/0xf0 [ 11.284741] ? __kthread_parkme+0x31/0xd0 [ 11.285361] ? __kasan_check_write+0x18/0x20 [ 11.286019] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.286731] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.287492] ? trace_preempt_on+0x2e/0xf0 [ 11.288114] krealloc_pagealloc_more_oob+0x1c/0x30 [ 11.288867] kunit_try_run_case+0x95/0xd0 [ 11.289490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.290214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.291150] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.291987] kthread+0x17d/0x1b0 [ 11.292503] ? __pfx_kthread+0x10/0x10 [ 11.293088] ret_from_fork+0x2c/0x50 [ 11.293651] </TASK> [ 11.293999] [ 11.294241] The buggy address belongs to the physical page: [ 11.295096] page:00000000bd97887b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104f40 [ 11.296599] head:00000000bd97887b order:2 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.298544] flags: 0x200000000010000(head|node=0|zone=2) [ 11.299515] raw: 0200000000010000 0000000000000000 dead000000000122 0000000000000000 [ 11.300726] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.301846] page dumped because: kasan: bad access detected [ 11.302655] [ 11.302887] Memory state around the buggy address: [ 11.303654] ffff888104f41f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.304822] ffff888104f42000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.305976] >ffff888104f42080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.307119] ^ [ 11.308221] ffff888104f42100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.309379] ffff888104f42180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.310518] ================================================================== [ 11.311766] ok 12 - krealloc_pagealloc_more_oob [ 11.312175] ================================================================== [ 11.314131] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x145/0x620 [ 11.315339] Write of size 1 at addr ffff888104f420c9 by task kunit_try_catch/299 [ 11.316528] [ 11.316784] CPU: 2 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.318285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.319593] Call Trace: [ 11.319995] <TASK> [ 11.320354] dump_stack_lvl+0x4d/0x66 [ 11.320948] print_report+0x17a/0x471 [ 11.321542] ? kasan_addr_to_slab+0x11/0xb0 [ 11.322217] ? krealloc_less_oob_helper+0x145/0x620 [ 11.322997] kasan_report+0xb4/0x140 [ 11.323575] ? krealloc_less_oob_helper+0x145/0x620 [ 11.324377] __asan_store1+0x69/0x70 [ 11.324958] krealloc_less_oob_helper+0x145/0x620 [ 11.325714] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.326594] ? trace_preempt_off+0x2e/0xf0 [ 11.327256] ? __kthread_parkme+0x31/0xd0 [ 11.327905] ? __kasan_check_write+0x18/0x20 [ 11.328606] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.329347] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.330144] ? trace_preempt_on+0x2e/0xf0 [ 11.330792] krealloc_pagealloc_less_oob+0x1c/0x30 [ 11.331562] kunit_try_run_case+0x95/0xd0 [ 11.332212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.333249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.334519] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.335412] kthread+0x17d/0x1b0 [ 11.335928] ? __pfx_kthread+0x10/0x10 [ 11.336536] ret_from_fork+0x2c/0x50 [ 11.337106] </TASK> [ 11.337457] [ 11.337702] The buggy address belongs to the physical page: [ 11.338566] page:00000000bd97887b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104f40 [ 11.340004] head:00000000bd97887b order:2 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.341434] flags: 0x200000000010000(head|node=0|zone=2) [ 11.342316] raw: 0200000000010000 0000000000000000 dead000000000122 0000000000000000 [ 11.343544] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.344760] page dumped because: kasan: bad access detected [ 11.345596] [ 11.345834] Memory state around the buggy address: [ 11.346552] ffff888104f41f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.347632] ffff888104f42000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.348729] >ffff888104f42080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.349830] ^ [ 11.350704] ffff888104f42100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.351827] ffff888104f42180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.352945] ================================================================== [ 11.354119] ================================================================== [ 11.355244] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x198/0x620 [ 11.356401] Write of size 1 at addr ffff888104f420d0 by task kunit_try_catch/299 [ 11.357519] [ 11.357763] CPU: 2 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.359200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.360473] Call Trace: [ 11.360857] <TASK> [ 11.361191] dump_stack_lvl+0x4d/0x66 [ 11.361763] print_report+0x17a/0x471 [ 11.362336] ? kasan_addr_to_slab+0x11/0xb0 [ 11.362984] ? krealloc_less_oob_helper+0x198/0x620 [ 11.363738] kasan_report+0xb4/0x140 [ 11.364304] ? krealloc_less_oob_helper+0x198/0x620 [ 11.365060] __asan_store1+0x69/0x70 [ 11.365619] krealloc_less_oob_helper+0x198/0x620 [ 11.366344] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.367148] ? trace_preempt_off+0x2e/0xf0 [ 11.367781] ? __kthread_parkme+0x31/0xd0 [ 11.368505] ? __kasan_check_write+0x18/0x20 [ 11.369435] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.370435] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.371346] ? trace_preempt_on+0x2e/0xf0 [ 11.371987] krealloc_pagealloc_less_oob+0x1c/0x30 [ 11.372769] kunit_try_run_case+0x95/0xd0 [ 11.373394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.374140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.375074] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.375904] kthread+0x17d/0x1b0 [ 11.376475] ? __pfx_kthread+0x10/0x10 [ 11.377324] ret_from_fork+0x2c/0x50 [ 11.378108] </TASK> [ 11.378596] [ 11.378946] The buggy address belongs to the physical page: [ 11.379861] page:00000000bd97887b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104f40 [ 11.381416] head:00000000bd97887b order:2 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.382930] flags: 0x200000000010000(head|node=0|zone=2) [ 11.383831] raw: 0200000000010000 0000000000000000 dead000000000122 0000000000000000 [ 11.385217] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.386494] page dumped because: kasan: bad access detected [ 11.387410] [ 11.387666] Memory state around the buggy address: [ 11.388453] ffff888104f41f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.389628] ffff888104f42000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.390802] >ffff888104f42080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.391971] ^ [ 11.392948] ffff888104f42100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.394134] ffff888104f42180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.395316] ================================================================== [ 11.396553] ================================================================== [ 11.397748] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x217/0x620 [ 11.398970] Write of size 1 at addr ffff888104f420da by task kunit_try_catch/299 [ 11.400160] [ 11.400438] CPU: 2 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.401974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.403322] Call Trace: [ 11.403732] <TASK> [ 11.404095] dump_stack_lvl+0x4d/0x66 [ 11.404721] print_report+0x17a/0x471 [ 11.405337] ? kasan_addr_to_slab+0x11/0xb0 [ 11.406023] ? krealloc_less_oob_helper+0x217/0x620 [ 11.406827] kasan_report+0xb4/0x140 [ 11.407427] ? krealloc_less_oob_helper+0x217/0x620 [ 11.408228] __asan_store1+0x69/0x70 [ 11.409019] krealloc_less_oob_helper+0x217/0x620 [ 11.410042] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.411109] ? trace_preempt_off+0x2e/0xf0 [ 11.411803] ? __kthread_parkme+0x31/0xd0 [ 11.412487] ? __kasan_check_write+0x18/0x20 [ 11.413191] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.413967] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.414792] ? trace_preempt_on+0x2e/0xf0 [ 11.415456] krealloc_pagealloc_less_oob+0x1c/0x30 [ 11.416237] kunit_try_run_case+0x95/0xd0 [ 11.417111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.418124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.419297] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.420179] kthread+0x17d/0x1b0 [ 11.420726] ? __pfx_kthread+0x10/0x10 [ 11.421348] ret_from_fork+0x2c/0x50 [ 11.421947] </TASK> [ 11.422312] [ 11.422569] The buggy address belongs to the physical page: [ 11.423488] page:00000000bd97887b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104f40 [ 11.425030] head:00000000bd97887b order:2 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.426545] flags: 0x200000000010000(head|node=0|zone=2) [ 11.427439] raw: 0200000000010000 0000000000000000 dead000000000122 0000000000000000 [ 11.428717] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.429982] page dumped because: kasan: bad access detected [ 11.430889] [ 11.431148] Memory state around the buggy address: [ 11.431947] ffff888104f41f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.433142] ffff888104f42000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.434333] >ffff888104f42080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.435517] ^ [ 11.436543] ffff888104f42100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.437724] ffff888104f42180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.438901] ================================================================== [ 11.440108] ================================================================== [ 11.441334] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x255/0x620 [ 11.442735] Write of size 1 at addr ffff888104f420ea by task kunit_try_catch/299 [ 11.443935] [ 11.444194] CPU: 2 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.445762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.447127] Call Trace: [ 11.447545] <TASK> [ 11.447901] dump_stack_lvl+0x4d/0x66 [ 11.448594] print_report+0x17a/0x471 [ 11.449403] ? kasan_addr_to_slab+0x11/0xb0 [ 11.450319] ? krealloc_less_oob_helper+0x255/0x620 [ 11.451282] kasan_report+0xb4/0x140 [ 11.451895] ? krealloc_less_oob_helper+0x255/0x620 [ 11.452728] __asan_store1+0x69/0x70 [ 11.453339] krealloc_less_oob_helper+0x255/0x620 [ 11.454128] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.455009] ? trace_preempt_off+0x2e/0xf0 [ 11.455699] ? __kthread_parkme+0x31/0xd0 [ 11.456413] ? __kasan_check_write+0x18/0x20 [ 11.457132] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.457927] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.458803] ? trace_preempt_on+0x2e/0xf0 [ 11.459474] krealloc_pagealloc_less_oob+0x1c/0x30 [ 11.460263] kunit_try_run_case+0x95/0xd0 [ 11.460945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.461740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.462760] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.463604] kthread+0x17d/0x1b0 [ 11.464119] ? __pfx_kthread+0x10/0x10 [ 11.464778] ret_from_fork+0x2c/0x50 [ 11.465394] </TASK> [ 11.465773] [ 11.466042] The buggy address belongs to the physical page: [ 11.466979] page:00000000bd97887b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104f40 [ 11.468570] head:00000000bd97887b order:2 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.470067] flags: 0x200000000010000(head|node=0|zone=2) [ 11.470945] raw: 0200000000010000 0000000000000000 dead000000000122 0000000000000000 [ 11.472221] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.473531] page dumped because: kasan: bad access detected [ 11.474440] [ 11.474697] Memory state around the buggy address: [ 11.475478] ffff888104f41f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.476831] ffff888104f42000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.478017] >ffff888104f42080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.479187] ^ [ 11.480270] ffff888104f42100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.481472] ffff888104f42180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.482666] ================================================================== [ 11.483888] ================================================================== [ 11.485090] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x291/0x620 [ 11.486341] Write of size 1 at addr ffff888104f420eb by task kunit_try_catch/299 [ 11.487571] [ 11.487831] CPU: 2 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.489689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.491425] Call Trace: [ 11.491859] <TASK> [ 11.492230] dump_stack_lvl+0x4d/0x66 [ 11.492947] print_report+0x17a/0x471 [ 11.493588] ? kasan_addr_to_slab+0x11/0xb0 [ 11.494304] ? krealloc_less_oob_helper+0x291/0x620 [ 11.495130] kasan_report+0xb4/0x140 [ 11.495777] ? krealloc_less_oob_helper+0x291/0x620 [ 11.496628] __asan_store1+0x69/0x70 [ 11.497238] krealloc_less_oob_helper+0x291/0x620 [ 11.498060] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.498987] ? trace_preempt_off+0x2e/0xf0 [ 11.499696] ? __kthread_parkme+0x31/0xd0 [ 11.500428] ? __kasan_check_write+0x18/0x20 [ 11.501128] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.501905] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.502746] ? trace_preempt_on+0x2e/0xf0 [ 11.503440] krealloc_pagealloc_less_oob+0x1c/0x30 [ 11.504227] kunit_try_run_case+0x95/0xd0 [ 11.504937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.505724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.506739] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.507628] kthread+0x17d/0x1b0 [ 11.508165] ? __pfx_kthread+0x10/0x10 [ 11.508814] ret_from_fork+0x2c/0x50 [ 11.509433] </TASK> [ 11.509805] [ 11.510065] The buggy address belongs to the physical page: [ 11.510980] page:00000000bd97887b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104f40 [ 11.512530] head:00000000bd97887b order:2 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.514052] flags: 0x200000000010000(head|node=0|zone=2) [ 11.515131] raw: 0200000000010000 0000000000000000 dead000000000122 0000000000000000 [ 11.516555] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.517830] page dumped because: kasan: bad access detected [ 11.518752] [ 11.519010] Memory state around the buggy address: [ 11.519804] ffff888104f41f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.520988] ffff888104f42000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.522171] >ffff888104f42080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.523354] ^ [ 11.524441] ffff888104f42100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.525618] ffff888104f42180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.526786] ================================================================== [ 11.528047] ok 13 - krealloc_pagealloc_less_oob [ 11.528523] ================================================================== [ 11.531106] BUG: KASAN: use-after-free in krealloc_uaf+0xf1/0x2e0 [ 11.532038] Read of size 1 at addr ffff888105456200 by task kunit_try_catch/300 [ 11.533364] [ 11.533670] CPU: 2 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.535621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.537210] Call Trace: [ 11.537643] <TASK> [ 11.538079] dump_stack_lvl+0x4d/0x66 [ 11.538812] print_report+0x17a/0x471 [ 11.539525] ? kasan_complete_mode_report_info+0x80/0x210 [ 11.540449] ? krealloc_uaf+0xf1/0x2e0 [ 11.541067] kasan_report+0xb4/0x140 [ 11.541689] ? krealloc_uaf+0xf1/0x2e0 [ 11.542314] ? krealloc_uaf+0xf1/0x2e0 [ 11.542930] __kasan_check_byte+0x41/0x50 [ 11.543594] krealloc+0x36/0x110 [ 11.544129] krealloc_uaf+0xf1/0x2e0 [ 11.544763] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.545474] ? trace_preempt_off+0x2e/0xf0 [ 11.546153] ? __kthread_parkme+0x31/0xd0 [ 11.546806] ? __kasan_check_write+0x18/0x20 [ 11.547497] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.548254] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.549094] ? trace_preempt_on+0x2e/0xf0 [ 11.549755] ? __kthread_parkme+0x4f/0xd0 [ 11.550414] kunit_try_run_case+0x95/0xd0 [ 11.551074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.551841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.552835] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.553712] kthread+0x17d/0x1b0 [ 11.554245] ? __pfx_kthread+0x10/0x10 [ 11.554863] ret_from_fork+0x2c/0x50 [ 11.555464] </TASK> [ 11.555850] [ 11.556114] Allocated by task 300: [ 11.556706] kasan_save_stack+0x2a/0x60 [ 11.557349] kasan_set_track+0x29/0x40 [ 11.557972] kasan_save_alloc_info+0x22/0x30 [ 11.558676] __kasan_kmalloc+0xb8/0xc0 [ 11.559304] kmalloc_trace+0x4e/0xb0 [ 11.559897] krealloc_uaf+0xb0/0x2e0 [ 11.560525] kunit_try_run_case+0x95/0xd0 [ 11.561192] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.562095] kthread+0x17d/0x1b0 [ 11.562673] ret_from_fork+0x2c/0x50 [ 11.563289] [ 11.563564] Freed by task 300: [ 11.564138] kasan_save_stack+0x2a/0x60 [ 11.564928] kasan_set_track+0x29/0x40 [ 11.565672] kasan_save_free_info+0x32/0x50 [ 11.566372] ____kasan_slab_free+0x174/0x1e0 [ 11.567073] __kasan_slab_free+0x16/0x20 [ 11.567755] __kmem_cache_free+0x18e/0x300 [ 11.568456] kfree+0x7d/0x120 [ 11.568952] krealloc_uaf+0xd0/0x2e0 [ 11.569574] kunit_try_run_case+0x95/0xd0 [ 11.570246] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.571152] kthread+0x17d/0x1b0 [ 11.571710] ret_from_fork+0x2c/0x50 [ 11.572328] [ 11.572658] The buggy address belongs to the object at ffff888105456200 [ 11.572658] which belongs to the cache kmalloc-256 of size 256 [ 11.575272] The buggy address is located 0 bytes inside of [ 11.575272] 256-byte region [ffff888105456200, ffff888105456300) [ 11.577381] [ 11.577721] The buggy address belongs to the physical page: [ 11.578963] page:000000002a94ff7f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105456 [ 11.580428] head:000000002a94ff7f order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.581883] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 11.582842] raw: 0200000000010200 ffff888100042b40 dead000000000122 0000000000000000 [ 11.584095] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 11.585371] page dumped because: kasan: bad access detected [ 11.586283] [ 11.586553] Memory state around the buggy address: [ 11.587474] ffff888105456100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.588682] ffff888105456180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.589879] >ffff888105456200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.591058] ^ [ 11.591613] ffff888105456280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.592813] ffff888105456300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.594005] ================================================================== [ 11.595277] ================================================================== [ 11.596502] BUG: KASAN: use-after-free in krealloc_uaf+0x131/0x2e0 [ 11.597523] Read of size 1 at addr ffff888105456200 by task kunit_try_catch/300 [ 11.598706] [ 11.598964] CPU: 2 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.600535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.601898] Call Trace: [ 11.602328] <TASK> [ 11.602690] dump_stack_lvl+0x4d/0x66 [ 11.603311] print_report+0x17a/0x471 [ 11.603936] ? kasan_complete_mode_report_info+0x80/0x210 [ 11.604866] ? krealloc_uaf+0x131/0x2e0 [ 11.605524] kasan_report+0xb4/0x140 [ 11.606121] ? krealloc_uaf+0x131/0x2e0 [ 11.606767] __asan_load1+0x66/0x70 [ 11.607372] krealloc_uaf+0x131/0x2e0 [ 11.607983] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.608822] ? trace_preempt_off+0x2e/0xf0 [ 11.609726] ? __kthread_parkme+0x31/0xd0 [ 11.610597] ? __kasan_check_write+0x18/0x20 [ 11.611400] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.612162] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.613012] ? trace_preempt_on+0x2e/0xf0 [ 11.613691] ? __kthread_parkme+0x4f/0xd0 [ 11.614378] kunit_try_run_case+0x95/0xd0 [ 11.615048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.615824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.617024] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.618178] kthread+0x17d/0x1b0 [ 11.618896] ? __pfx_kthread+0x10/0x10 [ 11.619532] ret_from_fork+0x2c/0x50 [ 11.620142] </TASK> [ 11.620529] [ 11.620793] Allocated by task 300: [ 11.621387] kasan_save_stack+0x2a/0x60 [ 11.622026] kasan_set_track+0x29/0x40 [ 11.622680] kasan_save_alloc_info+0x22/0x30 [ 11.623399] __kasan_kmalloc+0xb8/0xc0 [ 11.624018] kmalloc_trace+0x4e/0xb0 [ 11.624649] krealloc_uaf+0xb0/0x2e0 [ 11.625255] kunit_try_run_case+0x95/0xd0 [ 11.625921] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.626794] kthread+0x17d/0x1b0 [ 11.627326] ret_from_fork+0x2c/0x50 [ 11.627909] [ 11.628162] Freed by task 300: [ 11.628681] kasan_save_stack+0x2a/0x60 [ 11.629313] kasan_set_track+0x29/0x40 [ 11.629929] kasan_save_free_info+0x32/0x50 [ 11.630628] ____kasan_slab_free+0x174/0x1e0 [ 11.631324] __kasan_slab_free+0x16/0x20 [ 11.631967] __kmem_cache_free+0x18e/0x300 [ 11.632706] kfree+0x7d/0x120 [ 11.633207] krealloc_uaf+0xd0/0x2e0 [ 11.633801] kunit_try_run_case+0x95/0xd0 [ 11.634475] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.635358] kthread+0x17d/0x1b0 [ 11.635891] ret_from_fork+0x2c/0x50 [ 11.636525] [ 11.636783] The buggy address belongs to the object at ffff888105456200 [ 11.636783] which belongs to the cache kmalloc-256 of size 256 [ 11.638803] The buggy address is located 0 bytes inside of [ 11.638803] 256-byte region [ffff888105456200, ffff888105456300) [ 11.640699] [ 11.640986] The buggy address belongs to the physical page: [ 11.641886] page:000000002a94ff7f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105456 [ 11.643388] head:000000002a94ff7f order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 11.644875] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 11.645808] raw: 0200000000010200 ffff888100042b40 dead000000000122 0000000000000000 [ 11.647061] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 11.648332] page dumped because: kasan: bad access detected [ 11.649502] [ 11.649850] Memory state around the buggy address: [ 11.650848] ffff888105456100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.652029] ffff888105456180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.653224] >ffff888105456200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.654413] ^ [ 11.654971] ffff888105456280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.656137] ffff888105456300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.657358] ================================================================== [ 11.658640] ok 14 - krealloc_uaf [ 11.658664] kunit_try_catch (300) used greatest stack depth: 28320 bytes left [ 11.658948] ================================================================== [ 11.661660] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0xf8/0x260 [ 11.662733] Write of size 16 at addr ffff888100dacee0 by task kunit_try_catch/301 [ 11.663938] [ 11.664196] CPU: 3 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.665760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.667113] Call Trace: [ 11.667528] <TASK> [ 11.667881] dump_stack_lvl+0x4d/0x66 [ 11.668508] print_report+0x17a/0x471 [ 11.669124] ? kasan_complete_mode_report_info+0x40/0x210 [ 11.670053] ? kmalloc_oob_16+0xf8/0x260 [ 11.670753] kasan_report+0xb4/0x140 [ 11.671639] ? kmalloc_oob_16+0xf8/0x260 [ 11.672639] __asan_store16+0x6c/0xa0 [ 11.673537] kmalloc_oob_16+0xf8/0x260 [ 11.674165] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 11.674894] ? __kasan_check_write+0x18/0x20 [ 11.675579] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.676300] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.677108] ? trace_preempt_on+0x2e/0xf0 [ 11.677786] ? __kthread_parkme+0x4f/0xd0 [ 11.678456] kunit_try_run_case+0x95/0xd0 [ 11.679072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.679799] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.681356] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.683057] kthread+0x17d/0x1b0 [ 11.684134] ? __pfx_kthread+0x10/0x10 [ 11.685368] ret_from_fork+0x2c/0x50 [ 11.686527] </TASK> [ 11.687245] [ 11.687753] Allocated by task 301: [ 11.688851] kasan_save_stack+0x2a/0x60 [ 11.690051] kasan_set_track+0x29/0x40 [ 11.691259] kasan_save_alloc_info+0x22/0x30 [ 11.692656] __kasan_kmalloc+0xb8/0xc0 [ 11.693753] kmalloc_trace+0x4e/0xb0 [ 11.694410] kmalloc_oob_16+0x8f/0x260 [ 11.695046] kunit_try_run_case+0x95/0xd0 [ 11.695746] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.696664] kthread+0x17d/0x1b0 [ 11.697195] ret_from_fork+0x2c/0x50 [ 11.698030] [ 11.698337] The buggy address belongs to the object at ffff888100dacee0 [ 11.698337] which belongs to the cache kmalloc-16 of size 16 [ 11.700484] The buggy address is located 0 bytes inside of [ 11.700484] 16-byte region [ffff888100dacee0, ffff888100dacef0) [ 11.702378] [ 11.702635] The buggy address belongs to the physical page: [ 11.703562] page:00000000cc13f8a1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100dac [ 11.705142] flags: 0x200000000000200(slab|node=0|zone=2) [ 11.706050] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 11.707359] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 11.708533] page dumped because: kasan: bad access detected [ 11.709443] [ 11.709697] Memory state around the buggy address: [ 11.710469] ffff888100dacd80: fa fb fc fc fa fb fc fc 00 04 fc fc 00 04 fc fc [ 11.711635] ffff888100dace00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.712813] >ffff888100dace80: 00 06 fc fc 00 06 fc fc 00 06 fc fc 00 05 fc fc [ 11.714000] ^ [ 11.715034] ffff888100dacf00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.716154] ffff888100dacf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.717299] ================================================================== [ 11.718590] ok 15 - kmalloc_oob_16 [ 11.718989] ================================================================== [ 11.720770] BUG: KASAN: use-after-free in kmalloc_uaf_16+0x108/0x250 [ 11.721763] Read of size 16 at addr ffff888104216640 by task kunit_try_catch/302 [ 11.722907] [ 11.723156] CPU: 2 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.724646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.725949] Call Trace: [ 11.726353] <TASK> [ 11.726786] dump_stack_lvl+0x4d/0x66 [ 11.727723] print_report+0x17a/0x471 [ 11.728728] ? kasan_complete_mode_report_info+0x80/0x210 [ 11.729827] ? kmalloc_uaf_16+0x108/0x250 [ 11.730459] kasan_report+0xb4/0x140 [ 11.731013] ? kmalloc_uaf_16+0x108/0x250 [ 11.731674] __asan_load16+0x69/0x90 [ 11.732273] kmalloc_uaf_16+0x108/0x250 [ 11.732941] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.733637] ? __kasan_check_write+0x18/0x20 [ 11.734310] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.735030] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.735889] ? trace_preempt_on+0x2e/0xf0 [ 11.736566] ? __kthread_parkme+0x4f/0xd0 [ 11.737280] kunit_try_run_case+0x95/0xd0 [ 11.737953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.738765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.739781] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.740919] kthread+0x17d/0x1b0 [ 11.741770] ? __pfx_kthread+0x10/0x10 [ 11.742900] ret_from_fork+0x2c/0x50 [ 11.744220] </TASK> [ 11.744879] [ 11.745306] Allocated by task 302: [ 11.745951] kasan_save_stack+0x2a/0x60 [ 11.746552] kasan_set_track+0x29/0x40 [ 11.747144] kasan_save_alloc_info+0x22/0x30 [ 11.747821] __kasan_kmalloc+0xb8/0xc0 [ 11.748419] kmalloc_trace+0x4e/0xb0 [ 11.748992] kmalloc_uaf_16+0xc9/0x250 [ 11.749577] kunit_try_run_case+0x95/0xd0 [ 11.750217] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.751092] kthread+0x17d/0x1b0 [ 11.751604] ret_from_fork+0x2c/0x50 [ 11.752173] [ 11.752430] Freed by task 302: [ 11.752921] kasan_save_stack+0x2a/0x60 [ 11.753523] kasan_set_track+0x29/0x40 [ 11.754117] kasan_save_free_info+0x32/0x50 [ 11.754785] ____kasan_slab_free+0x174/0x1e0 [ 11.755452] __kasan_slab_free+0x16/0x20 [ 11.756065] __kmem_cache_free+0x18e/0x300 [ 11.756722] kfree+0x7d/0x120 [ 11.757161] kmalloc_uaf_16+0xe9/0x250 [ 11.757710] kunit_try_run_case+0x95/0xd0 [ 11.758294] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.759069] kthread+0x17d/0x1b0 [ 11.759544] ret_from_fork+0x2c/0x50 [ 11.760066] [ 11.760308] The buggy address belongs to the object at ffff888104216640 [ 11.760308] which belongs to the cache kmalloc-16 of size 16 [ 11.762046] The buggy address is located 0 bytes inside of [ 11.762046] 16-byte region [ffff888104216640, ffff888104216650) [ 11.763663] [ 11.763892] The buggy address belongs to the physical page: [ 11.764709] page:0000000037be271b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104216 [ 11.766045] flags: 0x200000000000200(slab|node=0|zone=2) [ 11.766814] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 11.767929] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 11.769087] page dumped because: kasan: bad access detected [ 11.769884] [ 11.770114] Memory state around the buggy address: [ 11.770807] ffff888104216500: fa fb fc fc fa fb fc fc 00 06 fc fc 00 06 fc fc [ 11.771886] ffff888104216580: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.773044] >ffff888104216600: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 11.774233] ^ [ 11.775075] ffff888104216680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.776235] ffff888104216700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.777359] ================================================================== [ 11.778617] ok 16 - kmalloc_uaf_16 [ 11.778927] ================================================================== [ 11.782946] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0xda/0x1e0 [ 11.785381] Write of size 128 at addr ffff888105144500 by task kunit_try_catch/303 [ 11.787470] [ 11.787917] CPU: 3 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.790553] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.792857] Call Trace: [ 11.793560] <TASK> [ 11.794166] dump_stack_lvl+0x4d/0x66 [ 11.795210] print_report+0x17a/0x471 [ 11.796250] ? kasan_complete_mode_report_info+0x40/0x210 [ 11.797373] ? kmalloc_oob_in_memset+0xda/0x1e0 [ 11.798098] kasan_report+0xb4/0x140 [ 11.798679] ? kmalloc_oob_in_memset+0xda/0x1e0 [ 11.799406] kasan_check_range+0x3e/0x1d0 [ 11.800049] memset+0x28/0x50 [ 11.800552] kmalloc_oob_in_memset+0xda/0x1e0 [ 11.801252] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.802046] ? __kasan_check_write+0x18/0x20 [ 11.802737] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.803486] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.804275] ? trace_preempt_on+0x2e/0xf0 [ 11.804939] ? __kthread_parkme+0x4f/0xd0 [ 11.805590] kunit_try_run_case+0x95/0xd0 [ 11.806248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.807011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.807976] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.808861] kthread+0x17d/0x1b0 [ 11.809383] ? __pfx_kthread+0x10/0x10 [ 11.809984] ret_from_fork+0x2c/0x50 [ 11.810566] </TASK> [ 11.810926] [ 11.811177] Allocated by task 303: [ 11.811728] kasan_save_stack+0x2a/0x60 [ 11.812354] kasan_set_track+0x29/0x40 [ 11.812958] kasan_save_alloc_info+0x22/0x30 [ 11.813638] __kasan_kmalloc+0xb8/0xc0 [ 11.814237] kmalloc_trace+0x4e/0xb0 [ 11.814817] kmalloc_oob_in_memset+0x9f/0x1e0 [ 11.815528] kunit_try_run_case+0x95/0xd0 [ 11.816182] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.817052] kthread+0x17d/0x1b0 [ 11.817576] ret_from_fork+0x2c/0x50 [ 11.818148] [ 11.818403] The buggy address belongs to the object at ffff888105144500 [ 11.818403] which belongs to the cache kmalloc-128 of size 128 [ 11.820360] The buggy address is located 0 bytes inside of [ 11.820360] 128-byte region [ffff888105144500, ffff888105144580) [ 11.822161] [ 11.822413] The buggy address belongs to the physical page: [ 11.823290] page:00000000f40eef31 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105144 [ 11.824780] flags: 0x200000000000200(slab|node=0|zone=2) [ 11.825624] raw: 0200000000000200 ffff8881000428c0 dead000000000122 0000000000000000 [ 11.826836] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 11.828046] page dumped because: kasan: bad access detected [ 11.828944] [ 11.829194] Memory state around the buggy address: [ 11.829957] ffff888105144400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.831088] ffff888105144480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.832222] >ffff888105144500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.833367] ^ [ 11.834488] ffff888105144580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.835621] ffff888105144600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.836762] ================================================================== [ 11.838065] ok 17 - kmalloc_oob_in_memset [ 11.838513] ================================================================== [ 11.841459] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0xdd/0x1e0 [ 11.843220] Write of size 2 at addr ffff88810466e577 by task kunit_try_catch/304 [ 11.845067] [ 11.845469] CPU: 2 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.847815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.850093] Call Trace: [ 11.850832] <TASK> [ 11.851504] dump_stack_lvl+0x4d/0x66 [ 11.852645] print_report+0x17a/0x471 [ 11.853647] ? kasan_complete_mode_report_info+0x40/0x210 [ 11.854527] ? kmalloc_oob_memset_2+0xdd/0x1e0 [ 11.855219] kasan_report+0xb4/0x140 [ 11.855783] ? kmalloc_oob_memset_2+0xdd/0x1e0 [ 11.856500] kasan_check_range+0x3e/0x1d0 [ 11.857137] memset+0x28/0x50 [ 11.857612] kmalloc_oob_memset_2+0xdd/0x1e0 [ 11.858278] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.859042] ? __kasan_check_write+0x18/0x20 [ 11.859705] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.860474] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.861513] ? trace_preempt_on+0x2e/0xf0 [ 11.862361] ? __kthread_parkme+0x4f/0xd0 [ 11.863093] kunit_try_run_case+0x95/0xd0 [ 11.863680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.864381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.865256] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.866034] kthread+0x17d/0x1b0 [ 11.866508] ? __pfx_kthread+0x10/0x10 [ 11.867055] ret_from_fork+0x2c/0x50 [ 11.867582] </TASK> [ 11.867907] [ 11.868135] Allocated by task 304: [ 11.868641] kasan_save_stack+0x2a/0x60 [ 11.869282] kasan_set_track+0x29/0x40 [ 11.869890] kasan_save_alloc_info+0x22/0x30 [ 11.870579] __kasan_kmalloc+0xb8/0xc0 [ 11.871183] kmalloc_trace+0x4e/0xb0 [ 11.871765] kmalloc_oob_memset_2+0x9f/0x1e0 [ 11.872467] kunit_try_run_case+0x95/0xd0 [ 11.873115] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.873976] kthread+0x17d/0x1b0 [ 11.874505] ret_from_fork+0x2c/0x50 [ 11.875078] [ 11.875329] The buggy address belongs to the object at ffff88810466e500 [ 11.875329] which belongs to the cache kmalloc-128 of size 128 [ 11.877294] The buggy address is located 119 bytes inside of [ 11.877294] 128-byte region [ffff88810466e500, ffff88810466e580) [ 11.879120] [ 11.879372] The buggy address belongs to the physical page: [ 11.880251] page:000000000cf4b5c4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10466e [ 11.881731] flags: 0x200000000000200(slab|node=0|zone=2) [ 11.882579] raw: 0200000000000200 ffff8881000428c0 dead000000000122 0000000000000000 [ 11.883792] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 11.885015] page dumped because: kasan: bad access detected [ 11.885894] [ 11.886145] Memory state around the buggy address: [ 11.886903] ffff88810466e400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 11.888044] ffff88810466e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.889200] >ffff88810466e500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.890380] ^ [ 11.891509] ffff88810466e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.892647] ffff88810466e600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.893801] ================================================================== [ 11.895105] ok 18 - kmalloc_oob_memset_2 [ 11.895444] ================================================================== [ 11.899654] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0xdd/0x1e0 [ 11.901933] Write of size 4 at addr ffff888105144675 by task kunit_try_catch/305 [ 11.903970] [ 11.904432] CPU: 3 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.907052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.909141] Call Trace: [ 11.909551] <TASK> [ 11.909899] dump_stack_lvl+0x4d/0x66 [ 11.910501] print_report+0x17a/0x471 [ 11.911102] ? kasan_complete_mode_report_info+0x40/0x210 [ 11.911970] ? kmalloc_oob_memset_4+0xdd/0x1e0 [ 11.912708] kasan_report+0xb4/0x140 [ 11.913295] ? kmalloc_oob_memset_4+0xdd/0x1e0 [ 11.914015] kasan_check_range+0x3e/0x1d0 [ 11.914670] memset+0x28/0x50 [ 11.915157] kmalloc_oob_memset_4+0xdd/0x1e0 [ 11.915845] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.916655] ? __kasan_check_write+0x18/0x20 [ 11.917345] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.918089] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.918885] ? trace_preempt_on+0x2e/0xf0 [ 11.919534] ? __kthread_parkme+0x4f/0xd0 [ 11.920181] kunit_try_run_case+0x95/0xd0 [ 11.920864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.921622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.922596] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.923464] kthread+0x17d/0x1b0 [ 11.923993] ? __pfx_kthread+0x10/0x10 [ 11.924617] ret_from_fork+0x2c/0x50 [ 11.925204] </TASK> [ 11.925565] [ 11.925817] Allocated by task 305: [ 11.926363] kasan_save_stack+0x2a/0x60 [ 11.926985] kasan_set_track+0x29/0x40 [ 11.927593] kasan_save_alloc_info+0x22/0x30 [ 11.928286] __kasan_kmalloc+0xb8/0xc0 [ 11.928921] kmalloc_trace+0x4e/0xb0 [ 11.929499] kmalloc_oob_memset_4+0x9f/0x1e0 [ 11.930189] kunit_try_run_case+0x95/0xd0 [ 11.930839] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.931703] kthread+0x17d/0x1b0 [ 11.932231] ret_from_fork+0x2c/0x50 [ 11.932832] [ 11.933085] The buggy address belongs to the object at ffff888105144600 [ 11.933085] which belongs to the cache kmalloc-128 of size 128 [ 11.935051] The buggy address is located 117 bytes inside of [ 11.935051] 128-byte region [ffff888105144600, ffff888105144680) [ 11.936915] [ 11.937170] The buggy address belongs to the physical page: [ 11.938057] page:00000000f40eef31 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105144 [ 11.939545] flags: 0x200000000000200(slab|node=0|zone=2) [ 11.940717] raw: 0200000000000200 ffff8881000428c0 dead000000000122 0000000000000000 [ 11.943339] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 11.945949] page dumped because: kasan: bad access detected [ 11.947809] [ 11.948352] Memory state around the buggy address: [ 11.949956] ffff888105144500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.952369] ffff888105144580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.954765] >ffff888105144600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.956999] ^ [ 11.958128] ffff888105144680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.959264] ffff888105144700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.960411] ================================================================== [ 11.961754] ok 19 - kmalloc_oob_memset_4 [ 11.962148] ================================================================== [ 11.965429] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xdd/0x1e0 [ 11.968098] Write of size 8 at addr ffff88810466e671 by task kunit_try_catch/306 [ 11.970491] [ 11.970894] CPU: 2 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 11.973287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 11.975383] Call Trace: [ 11.976023] <TASK> [ 11.976592] dump_stack_lvl+0x4d/0x66 [ 11.977536] print_report+0x17a/0x471 [ 11.978494] ? kasan_complete_mode_report_info+0x40/0x210 [ 11.979854] ? kmalloc_oob_memset_8+0xdd/0x1e0 [ 11.981026] kasan_report+0xb4/0x140 [ 11.981831] ? kmalloc_oob_memset_8+0xdd/0x1e0 [ 11.982552] kasan_check_range+0x3e/0x1d0 [ 11.983202] memset+0x28/0x50 [ 11.983691] kmalloc_oob_memset_8+0xdd/0x1e0 [ 11.984393] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.985173] ? __kasan_check_write+0x18/0x20 [ 11.985860] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.986607] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 11.987398] ? trace_preempt_on+0x2e/0xf0 [ 11.988030] ? __kthread_parkme+0x4f/0xd0 [ 11.988676] kunit_try_run_case+0x95/0xd0 [ 11.989308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.990044] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.990985] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.991823] kthread+0x17d/0x1b0 [ 11.992356] ? __pfx_kthread+0x10/0x10 [ 11.992947] ret_from_fork+0x2c/0x50 [ 11.993513] </TASK> [ 11.993870] [ 11.994114] Allocated by task 306: [ 11.994652] kasan_save_stack+0x2a/0x60 [ 11.995253] kasan_set_track+0x29/0x40 [ 11.995842] kasan_save_alloc_info+0x22/0x30 [ 11.996523] __kasan_kmalloc+0xb8/0xc0 [ 11.997114] kmalloc_trace+0x4e/0xb0 [ 11.997676] kmalloc_oob_memset_8+0x9f/0x1e0 [ 11.998346] kunit_try_run_case+0x95/0xd0 [ 11.998973] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 11.999808] kthread+0x17d/0x1b0 [ 12.000327] ret_from_fork+0x2c/0x50 [ 12.000891] [ 12.001136] The buggy address belongs to the object at ffff88810466e600 [ 12.001136] which belongs to the cache kmalloc-128 of size 128 [ 12.003043] The buggy address is located 113 bytes inside of [ 12.003043] 128-byte region [ffff88810466e600, ffff88810466e680) [ 12.004863] [ 12.005110] The buggy address belongs to the physical page: [ 12.005968] page:000000000cf4b5c4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10466e [ 12.007411] flags: 0x200000000000200(slab|node=0|zone=2) [ 12.008186] raw: 0200000000000200 ffff8881000428c0 dead000000000122 0000000000000000 [ 12.009305] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 12.010412] page dumped because: kasan: bad access detected [ 12.011223] [ 12.011459] Memory state around the buggy address: [ 12.012168] ffff88810466e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.013325] ffff88810466e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.014473] >ffff88810466e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.015626] ^ [ 12.016772] ffff88810466e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.017913] ffff88810466e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.019056] ================================================================== [ 12.020443] ok 20 - kmalloc_oob_memset_8 [ 12.020792] ================================================================== [ 12.024702] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0xdd/0x1e0 [ 12.026470] Write of size 16 at addr ffff888105144769 by task kunit_try_catch/307 [ 12.028257] [ 12.028650] CPU: 3 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 12.030920] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 12.032882] Call Trace: [ 12.033284] <TASK> [ 12.033633] dump_stack_lvl+0x4d/0x66 [ 12.034229] print_report+0x17a/0x471 [ 12.034830] ? kasan_complete_mode_report_info+0x40/0x210 [ 12.035690] ? kmalloc_oob_memset_16+0xdd/0x1e0 [ 12.036424] kasan_report+0xb4/0x140 [ 12.037004] ? kmalloc_oob_memset_16+0xdd/0x1e0 [ 12.037732] kasan_check_range+0x3e/0x1d0 [ 12.038377] memset+0x28/0x50 [ 12.038861] kmalloc_oob_memset_16+0xdd/0x1e0 [ 12.039561] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.040362] ? __kasan_check_write+0x18/0x20 [ 12.041046] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.041787] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 12.042577] ? trace_preempt_on+0x2e/0xf0 [ 12.043222] ? __kthread_parkme+0x4f/0xd0 [ 12.043868] kunit_try_run_case+0x95/0xd0 [ 12.044534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.045290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.046258] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.047120] kthread+0x17d/0x1b0 [ 12.047646] ? __pfx_kthread+0x10/0x10 [ 12.048251] ret_from_fork+0x2c/0x50 [ 12.048847] </TASK> [ 12.049209] [ 12.049462] Allocated by task 307: [ 12.050014] kasan_save_stack+0x2a/0x60 [ 12.050633] kasan_set_track+0x29/0x40 [ 12.051236] kasan_save_alloc_info+0x22/0x30 [ 12.051920] __kasan_kmalloc+0xb8/0xc0 [ 12.052531] kmalloc_trace+0x4e/0xb0 [ 12.053110] kmalloc_oob_memset_16+0x9f/0x1e0 [ 12.053809] kunit_try_run_case+0x95/0xd0 [ 12.054454] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.055314] kthread+0x17d/0x1b0 [ 12.055836] ret_from_fork+0x2c/0x50 [ 12.056429] [ 12.056681] The buggy address belongs to the object at ffff888105144700 [ 12.056681] which belongs to the cache kmalloc-128 of size 128 [ 12.058644] The buggy address is located 105 bytes inside of [ 12.058644] 128-byte region [ffff888105144700, ffff888105144780) [ 12.060494] [ 12.060747] The buggy address belongs to the physical page: [ 12.061631] page:00000000f40eef31 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105144 [ 12.063109] flags: 0x200000000000200(slab|node=0|zone=2) [ 12.063964] raw: 0200000000000200 ffff8881000428c0 dead000000000122 0000000000000000 [ 12.065206] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 12.066434] page dumped because: kasan: bad access detected [ 12.067322] [ 12.067576] Memory state around the buggy address: [ 12.068357] ffff888105144600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.069504] ffff888105144680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.070647] >ffff888105144700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.071786] ^ [ 12.077131] ffff888105144780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.078252] ffff888105144800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.079295] ================================================================== [ 12.080579] ok 21 - kmalloc_oob_memset_16 [ 12.081006] ================================================================== [ 12.082800] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0xec/0x1f0 [ 12.083921] Read of size 18446744073709551614 at addr ffff8881044e6904 by task kunit_try_catch/308 [ 12.085264] [ 12.085507] CPU: 2 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 12.086940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 12.088286] Call Trace: [ 12.088810] <TASK> [ 12.089258] dump_stack_lvl+0x4d/0x66 [ 12.090008] print_report+0x17a/0x471 [ 12.090742] ? kasan_complete_mode_report_info+0x40/0x210 [ 12.091816] ? kmalloc_memmove_negative_size+0xec/0x1f0 [ 12.092876] kasan_report+0xb4/0x140 [ 12.093618] ? kmalloc_memmove_negative_size+0xec/0x1f0 [ 12.094488] kasan_check_range+0x3e/0x1d0 [ 12.095115] memmove+0x28/0x70 [ 12.095596] kmalloc_memmove_negative_size+0xec/0x1f0 [ 12.096394] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.097255] ? __kasan_check_write+0x18/0x20 [ 12.097889] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.098561] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 12.099323] ? trace_preempt_on+0x2e/0xf0 [ 12.099976] ? __kthread_parkme+0x4f/0xd0 [ 12.100644] kunit_try_run_case+0x95/0xd0 [ 12.101294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.102048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.103037] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.103913] kthread+0x17d/0x1b0 [ 12.104453] ? __pfx_kthread+0x10/0x10 [ 12.105057] ret_from_fork+0x2c/0x50 [ 12.105642] </TASK> [ 12.106002] [ 12.106253] Allocated by task 308: [ 12.106802] kasan_save_stack+0x2a/0x60 [ 12.107418] kasan_set_track+0x29/0x40 [ 12.108019] kasan_save_alloc_info+0x22/0x30 [ 12.108726] __kasan_kmalloc+0xb8/0xc0 [ 12.109329] kmalloc_trace+0x4e/0xb0 [ 12.109903] kmalloc_memmove_negative_size+0x9f/0x1f0 [ 12.110706] kunit_try_run_case+0x95/0xd0 [ 12.111350] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.112205] kthread+0x17d/0x1b0 [ 12.112738] ret_from_fork+0x2c/0x50 [ 12.113311] [ 12.113562] The buggy address belongs to the object at ffff8881044e6900 [ 12.113562] which belongs to the cache kmalloc-64 of size 64 [ 12.115493] The buggy address is located 4 bytes inside of [ 12.115493] 64-byte region [ffff8881044e6900, ffff8881044e6940) [ 12.117436] [ 12.117684] The buggy address belongs to the physical page: [ 12.118545] page:000000001d8cf55a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044e6 [ 12.119993] flags: 0x200000000000200(slab|node=0|zone=2) [ 12.120842] raw: 0200000000000200 ffff888100042640 dead000000000122 0000000000000000 [ 12.122032] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 12.123218] page dumped because: kasan: bad access detected [ 12.124095] [ 12.124360] Memory state around the buggy address: [ 12.125109] ffff8881044e6800: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 12.126217] ffff8881044e6880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.127329] >ffff8881044e6900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.128462] ^ [ 12.128973] ffff8881044e6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.130083] ffff8881044e6a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.131192] ================================================================== [ 12.132564] ok 22 - kmalloc_memmove_negative_size [ 12.133062] ================================================================== [ 12.137798] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0xeb/0x1f0 [ 12.140410] Read of size 64 at addr ffff888105141284 by task kunit_try_catch/309 [ 12.141972] [ 12.142253] CPU: 3 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 12.143836] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 12.145204] Call Trace: [ 12.145624] <TASK> [ 12.145984] dump_stack_lvl+0x4d/0x66 [ 12.146595] print_report+0x17a/0x471 [ 12.147198] ? kasan_complete_mode_report_info+0x40/0x210 [ 12.148071] ? kmalloc_memmove_invalid_size+0xeb/0x1f0 [ 12.148943] kasan_report+0xb4/0x140 [ 12.149540] ? kmalloc_memmove_invalid_size+0xeb/0x1f0 [ 12.150389] kasan_check_range+0x3e/0x1d0 [ 12.151054] memmove+0x28/0x70 [ 12.151563] kmalloc_memmove_invalid_size+0xeb/0x1f0 [ 12.152407] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.153327] ? __kasan_check_write+0x18/0x20 [ 12.154038] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.154805] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 12.155627] ? trace_preempt_on+0x2e/0xf0 [ 12.156305] ? __kthread_parkme+0x4f/0xd0 [ 12.157009] kunit_try_run_case+0x95/0xd0 [ 12.157693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.158472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.159465] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.160356] kthread+0x17d/0x1b0 [ 12.160902] ? __pfx_kthread+0x10/0x10 [ 12.161528] ret_from_fork+0x2c/0x50 [ 12.162133] </TASK> [ 12.162503] [ 12.162760] Allocated by task 309: [ 12.163321] kasan_save_stack+0x2a/0x60 [ 12.163954] kasan_set_track+0x29/0x40 [ 12.164600] kasan_save_alloc_info+0x22/0x30 [ 12.165317] __kasan_kmalloc+0xb8/0xc0 [ 12.165945] kmalloc_trace+0x4e/0xb0 [ 12.166547] kmalloc_memmove_invalid_size+0x9f/0x1f0 [ 12.167368] kunit_try_run_case+0x95/0xd0 [ 12.168038] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.169092] kthread+0x17d/0x1b0 [ 12.169900] ret_from_fork+0x2c/0x50 [ 12.170696] [ 12.171009] The buggy address belongs to the object at ffff888105141280 [ 12.171009] which belongs to the cache kmalloc-64 of size 64 [ 12.173194] The buggy address is located 4 bytes inside of [ 12.173194] 64-byte region [ffff888105141280, ffff8881051412c0) [ 12.175434] [ 12.175759] The buggy address belongs to the physical page: [ 12.176843] page:0000000046e20c1e refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105141 [ 12.178600] flags: 0x200000000000200(slab|node=0|zone=2) [ 12.179512] raw: 0200000000000200 ffff888100042640 dead000000000122 0000000000000000 [ 12.180818] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 12.182113] page dumped because: kasan: bad access detected [ 12.183045] [ 12.183324] Memory state around the buggy address: [ 12.184128] ffff888105141180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.185346] ffff888105141200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.186551] >ffff888105141280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.187745] ^ [ 12.188675] ffff888105141300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.189884] ffff888105141380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.191084] ================================================================== [ 12.192454] ok 23 - kmalloc_memmove_invalid_size [ 12.192763] ================================================================== [ 12.195906] BUG: KASAN: use-after-free in kmalloc_uaf+0xd1/0x1d0 [ 12.197473] Read of size 1 at addr ffff888104216668 by task kunit_try_catch/310 [ 12.199300] [ 12.199705] CPU: 2 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 12.202104] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 12.204184] Call Trace: [ 12.204852] <TASK> [ 12.205407] dump_stack_lvl+0x4d/0x66 [ 12.206074] print_report+0x17a/0x471 [ 12.206675] ? kasan_complete_mode_report_info+0x80/0x210 [ 12.207542] ? kmalloc_uaf+0xd1/0x1d0 [ 12.208137] kasan_report+0xb4/0x140 [ 12.208739] ? kmalloc_uaf+0xd1/0x1d0 [ 12.209338] __asan_load1+0x66/0x70 [ 12.209940] kmalloc_uaf+0xd1/0x1d0 [ 12.210495] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.211138] ? __kasan_check_write+0x18/0x20 [ 12.211808] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.212536] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 12.213272] ? trace_preempt_on+0x2e/0xf0 [ 12.213866] ? __kthread_parkme+0x4f/0xd0 [ 12.214462] kunit_try_run_case+0x95/0xd0 [ 12.215052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.215742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.216661] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.217476] kthread+0x17d/0x1b0 [ 12.217959] ? __pfx_kthread+0x10/0x10 [ 12.218514] ret_from_fork+0x2c/0x50 [ 12.219046] </TASK> [ 12.219376] [ 12.219606] Allocated by task 310: [ 12.220104] kasan_save_stack+0x2a/0x60 [ 12.220703] kasan_set_track+0x29/0x40 [ 12.221256] kasan_save_alloc_info+0x22/0x30 [ 12.221894] __kasan_kmalloc+0xb8/0xc0 [ 12.222498] kmalloc_trace+0x4e/0xb0 [ 12.223149] kmalloc_uaf+0x9d/0x1d0 [ 12.223683] kunit_try_run_case+0x95/0xd0 [ 12.224289] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.225145] kthread+0x17d/0x1b0 [ 12.225640] ret_from_fork+0x2c/0x50 [ 12.226185] [ 12.226424] Freed by task 310: [ 12.226890] kasan_save_stack+0x2a/0x60 [ 12.227474] kasan_set_track+0x29/0x40 [ 12.228045] kasan_save_free_info+0x32/0x50 [ 12.228694] ____kasan_slab_free+0x174/0x1e0 [ 12.229346] __kasan_slab_free+0x16/0x20 [ 12.229979] __kmem_cache_free+0x18e/0x300 [ 12.230665] kfree+0x7d/0x120 [ 12.231174] kmalloc_uaf+0xb9/0x1d0 [ 12.231755] kunit_try_run_case+0x95/0xd0 [ 12.232455] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.233291] kthread+0x17d/0x1b0 [ 12.233799] ret_from_fork+0x2c/0x50 [ 12.234359] [ 12.234603] The buggy address belongs to the object at ffff888104216660 [ 12.234603] which belongs to the cache kmalloc-16 of size 16 [ 12.236486] The buggy address is located 8 bytes inside of [ 12.236486] 16-byte region [ffff888104216660, ffff888104216670) [ 12.238194] [ 12.238425] The buggy address belongs to the physical page: [ 12.239229] page:0000000037be271b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104216 [ 12.240691] flags: 0x200000000000200(slab|node=0|zone=2) [ 12.241606] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 12.242821] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 12.244035] page dumped because: kasan: bad access detected [ 12.245151] [ 12.245516] Memory state around the buggy address: [ 12.246457] ffff888104216500: fa fb fc fc fa fb fc fc 00 06 fc fc 00 06 fc fc [ 12.247568] ffff888104216580: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.248706] >ffff888104216600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.249810] ^ [ 12.250833] ffff888104216680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.251949] ffff888104216700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.253089] ================================================================== [ 12.254391] ok 24 - kmalloc_uaf [ 12.255219] ================================================================== [ 12.260128] BUG: KASAN: use-after-free in kmalloc_uaf_memset+0xd7/0x1d0 [ 12.262317] Write of size 33 at addr ffff88810131fa00 by task kunit_try_catch/311 [ 12.264189] [ 12.264617] CPU: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 12.266989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 12.269033] Call Trace: [ 12.269616] <TASK> [ 12.269955] dump_stack_lvl+0x4d/0x66 [ 12.270529] print_report+0x17a/0x471 [ 12.271106] ? kasan_complete_mode_report_info+0x80/0x210 [ 12.271934] ? kmalloc_uaf_memset+0xd7/0x1d0 [ 12.272667] kasan_report+0xb4/0x140 [ 12.273267] ? kmalloc_uaf_memset+0xd7/0x1d0 [ 12.274002] kasan_check_range+0x3e/0x1d0 [ 12.274688] memset+0x28/0x50 [ 12.275188] kmalloc_uaf_memset+0xd7/0x1d0 [ 12.275872] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.276685] ? __kasan_check_write+0x18/0x20 [ 12.277407] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.278177] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 12.279002] ? trace_preempt_on+0x2e/0xf0 [ 12.279674] ? __kthread_parkme+0x4f/0xd0 [ 12.280383] kunit_try_run_case+0x95/0xd0 [ 12.281066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.281855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.282875] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.283791] kthread+0x17d/0x1b0 [ 12.284357] ? __pfx_kthread+0x10/0x10 [ 12.284978] ret_from_fork+0x2c/0x50 [ 12.285590] </TASK> [ 12.285965] [ 12.286226] Allocated by task 311: [ 12.286792] kasan_save_stack+0x2a/0x60 [ 12.287459] kasan_set_track+0x29/0x40 [ 12.288077] kasan_save_alloc_info+0x22/0x30 [ 12.288785] __kasan_kmalloc+0xb8/0xc0 [ 12.289417] kmalloc_trace+0x4e/0xb0 [ 12.290000] kmalloc_uaf_memset+0x9d/0x1d0 [ 12.290685] kunit_try_run_case+0x95/0xd0 [ 12.291345] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.292249] kthread+0x17d/0x1b0 [ 12.292840] ret_from_fork+0x2c/0x50 [ 12.293445] [ 12.293710] Freed by task 311: [ 12.294365] kasan_save_stack+0x2a/0x60 [ 12.295214] kasan_set_track+0x29/0x40 [ 12.295934] kasan_save_free_info+0x32/0x50 [ 12.296696] ____kasan_slab_free+0x174/0x1e0 [ 12.297412] __kasan_slab_free+0x16/0x20 [ 12.298073] __kmem_cache_free+0x18e/0x300 [ 12.298755] kfree+0x7d/0x120 [ 12.299250] kmalloc_uaf_memset+0xb9/0x1d0 [ 12.299916] kunit_try_run_case+0x95/0xd0 [ 12.300592] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.301459] kthread+0x17d/0x1b0 [ 12.301960] ret_from_fork+0x2c/0x50 [ 12.302513] [ 12.302808] The buggy address belongs to the object at ffff88810131fa00 [ 12.302808] which belongs to the cache kmalloc-64 of size 64 [ 12.304700] The buggy address is located 0 bytes inside of [ 12.304700] 64-byte region [ffff88810131fa00, ffff88810131fa40) [ 12.307010] [ 12.307564] The buggy address belongs to the physical page: [ 12.309484] page:000000001c3583aa refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10131f [ 12.312656] flags: 0x200000000000200(slab|node=0|zone=2) [ 12.314473] raw: 0200000000000200 ffff888100042640 dead000000000122 0000000000000000 [ 12.316948] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 12.318205] page dumped because: kasan: bad access detected [ 12.319115] [ 12.319375] Memory state around the buggy address: [ 12.320161] ffff88810131f900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.321348] ffff88810131f980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.322531] >ffff88810131fa00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.323713] ^ [ 12.324240] ffff88810131fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.325404] ffff88810131fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.326555] ================================================================== [ 12.327841] ok 25 - kmalloc_uaf_memset [ 12.328240] ================================================================== [ 12.333549] BUG: KASAN: use-after-free in kmalloc_uaf2+0x122/0x2b0 [ 12.336059] Read of size 1 at addr ffff8881044e69a8 by task kunit_try_catch/312 [ 12.338355] [ 12.338680] CPU: 2 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 12.340258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 12.341674] Call Trace: [ 12.342096] <TASK> [ 12.342456] dump_stack_lvl+0x4d/0x66 [ 12.343076] print_report+0x17a/0x471 [ 12.343696] ? kasan_complete_mode_report_info+0x80/0x210 [ 12.344600] ? kmalloc_uaf2+0x122/0x2b0 [ 12.345396] kasan_report+0xb4/0x140 [ 12.346133] ? kmalloc_uaf2+0x122/0x2b0 [ 12.346918] __asan_load1+0x66/0x70 [ 12.347645] kmalloc_uaf2+0x122/0x2b0 [ 12.349129] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.349984] ? trace_preempt_off+0x2e/0xf0 [ 12.350814] ? __kthread_parkme+0x31/0xd0 [ 12.351632] ? __kasan_check_write+0x18/0x20 [ 12.352518] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.353467] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 12.354479] ? trace_preempt_on+0x2e/0xf0 [ 12.355298] ? __kthread_parkme+0x4f/0xd0 [ 12.356123] kunit_try_run_case+0x95/0xd0 [ 12.356966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.357923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.359149] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.360254] kthread+0x17d/0x1b0 [ 12.360941] ? __pfx_kthread+0x10/0x10 [ 12.361709] ret_from_fork+0x2c/0x50 [ 12.362442] </TASK> [ 12.362896] [ 12.363211] Allocated by task 312: [ 12.363897] kasan_save_stack+0x2a/0x60 [ 12.364689] kasan_set_track+0x29/0x40 [ 12.365452] kasan_save_alloc_info+0x22/0x30 [ 12.366318] __kasan_kmalloc+0xb8/0xc0 [ 12.367115] kmalloc_trace+0x4e/0xb0 [ 12.367859] kmalloc_uaf2+0xb0/0x2b0 [ 12.368766] kunit_try_run_case+0x95/0xd0 [ 12.369596] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.370718] kthread+0x17d/0x1b0 [ 12.371383] ret_from_fork+0x2c/0x50 [ 12.372123] [ 12.372475] Freed by task 312: [ 12.373087] kasan_save_stack+0x2a/0x60 [ 12.373871] kasan_set_track+0x29/0x40 [ 12.374476] kasan_save_free_info+0x32/0x50 [ 12.375132] ____kasan_slab_free+0x174/0x1e0 [ 12.375792] __kasan_slab_free+0x16/0x20 [ 12.376461] __kmem_cache_free+0x18e/0x300 [ 12.377089] kfree+0x7d/0x120 [ 12.377553] kmalloc_uaf2+0xd0/0x2b0 [ 12.378261] kunit_try_run_case+0x95/0xd0 [ 12.379063] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.380137] kthread+0x17d/0x1b0 [ 12.380854] ret_from_fork+0x2c/0x50 [ 12.381595] [ 12.381917] The buggy address belongs to the object at ffff8881044e6980 [ 12.381917] which belongs to the cache kmalloc-64 of size 64 [ 12.384316] The buggy address is located 40 bytes inside of [ 12.384316] 64-byte region [ffff8881044e6980, ffff8881044e69c0) [ 12.386212] [ 12.386470] The buggy address belongs to the physical page: [ 12.387304] page:000000001d8cf55a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044e6 [ 12.388779] flags: 0x200000000000200(slab|node=0|zone=2) [ 12.389621] raw: 0200000000000200 ffff888100042640 dead000000000122 0000000000000000 [ 12.390784] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 12.391992] page dumped because: kasan: bad access detected [ 12.392895] [ 12.393145] Memory state around the buggy address: [ 12.393903] ffff8881044e6880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.394976] ffff8881044e6900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.396025] >ffff8881044e6980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.397081] ^ [ 12.397747] ffff8881044e6a00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.398793] ffff8881044e6a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.399840] ================================================================== [ 12.401107] ok 26 - kmalloc_uaf2 [ 12.401590] ok 27 - kmalloc_uaf3 # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 12.403604] ok 28 - kfree_via_page [ 12.406605] ok 29 - kfree_via_phys [ 12.408376] ================================================================== [ 12.409985] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xe5/0x220 [ 12.411016] Read of size 1 at addr ffff8881052f20c8 by task kunit_try_catch/316 [ 12.412374] [ 12.412738] CPU: 2 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 12.414875] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 12.416761] Call Trace: [ 12.417334] <TASK> [ 12.417899] dump_stack_lvl+0x4d/0x66 [ 12.418815] print_report+0x17a/0x471 [ 12.419667] ? kasan_complete_mode_report_info+0x40/0x210 [ 12.421003] ? kmem_cache_oob+0xe5/0x220 [ 12.421793] kasan_report+0xb4/0x140 [ 12.422336] ? kmem_cache_oob+0xe5/0x220 [ 12.422919] __asan_load1+0x66/0x70 [ 12.423447] kmem_cache_oob+0xe5/0x220 [ 12.424013] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.424697] ? __kasan_check_write+0x18/0x20 [ 12.425382] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.426113] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 12.426847] ? trace_preempt_on+0x2e/0xf0 [ 12.427445] ? __kthread_parkme+0x4f/0xd0 [ 12.428040] kunit_try_run_case+0x95/0xd0 [ 12.428695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.429397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.430287] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.431078] kthread+0x17d/0x1b0 [ 12.431565] ? __pfx_kthread+0x10/0x10 [ 12.432122] ret_from_fork+0x2c/0x50 [ 12.432678] </TASK> [ 12.433009] [ 12.433241] Allocated by task 316: [ 12.433746] kasan_save_stack+0x2a/0x60 [ 12.434315] kasan_set_track+0x29/0x40 [ 12.434874] kasan_save_alloc_info+0x22/0x30 [ 12.435506] __kasan_slab_alloc+0x94/0xa0 [ 12.436214] kmem_cache_alloc+0x171/0x350 [ 12.436840] kmem_cache_oob+0xbd/0x220 [ 12.437400] kunit_try_run_case+0x95/0xd0 [ 12.438029] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 12.438823] kthread+0x17d/0x1b0 [ 12.439307] ret_from_fork+0x2c/0x50 [ 12.439840] [ 12.440073] The buggy address belongs to the object at ffff8881052f2000 [ 12.440073] which belongs to the cache test_cache of size 200 [ 12.441882] The buggy address is located 0 bytes to the right of [ 12.441882] 200-byte region [ffff8881052f2000, ffff8881052f20c8) [ 12.443622] [ 12.443855] The buggy address belongs to the physical page: [ 12.444677] page:00000000ed9b1acd refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1052f2 [ 12.446034] head:00000000ed9b1acd order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 12.447364] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 12.448207] raw: 0200000000010200 ffff8881052f0000 dead000000000122 0000000000000000 [ 12.449338] raw: 0000000000000000 00000000801f001f 00000001ffffffff 0000000000000000 [ 12.450457] page dumped because: kasan: bad access detected [ 12.451266] [ 12.451500] Memory state around the buggy address: [ 12.452200] ffff8881052f1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.453269] ffff8881052f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.454315] >ffff8881052f2080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.455360] ^ [ 12.456171] ffff8881052f2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.457228] ffff8881052f2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.458280] ================================================================== [ 12.476876] ok 30 - kmem_cache_oob [ 13.014736] ok 31 - kmem_cache_accounted [ 13.032915] ok 32 - kmem_cache_bulk [ 13.033915] ================================================================== [ 13.035532] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0xa3/0x170 [ 13.036628] Read of size 1 at addr ffffffff945525ed by task kunit_try_catch/319 [ 13.037675] [ 13.037909] CPU: 2 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.039272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.040485] Call Trace: [ 13.040851] <TASK> [ 13.041171] dump_stack_lvl+0x4d/0x66 [ 13.041714] print_report+0x17a/0x471 [ 13.042259] ? kasan_addr_to_slab+0x11/0xb0 [ 13.042873] ? kasan_global_oob_right+0xa3/0x170 [ 13.043549] kasan_report+0xb4/0x140 [ 13.044078] ? kasan_global_oob_right+0xa3/0x170 [ 13.044762] __asan_load1+0x66/0x70 [ 13.045278] kasan_global_oob_right+0xa3/0x170 [ 13.045930] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.046669] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.047348] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.048073] ? trace_preempt_on+0x2e/0xf0 [ 13.048676] ? __kthread_parkme+0x4f/0xd0 [ 13.049267] kunit_try_run_case+0x95/0xd0 [ 13.049860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.050552] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.051438] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.052223] kthread+0x17d/0x1b0 [ 13.052724] ? __pfx_kthread+0x10/0x10 [ 13.053397] ret_from_fork+0x2c/0x50 [ 13.054032] </TASK> [ 13.054366] [ 13.054597] The buggy address belongs to the variable: [ 13.055458] global_array+0xd/0x40 [ 13.056005] [ 13.056279] The buggy address belongs to the physical page: [ 13.057437] page:000000009af26c2d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x62d52 [ 13.059231] flags: 0x100000000001000(reserved|node=0|zone=1) [ 13.060125] raw: 0100000000001000 ffffea00018b5488 ffffea00018b5488 0000000000000000 [ 13.061355] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.062559] page dumped because: kasan: bad access detected [ 13.063455] [ 13.063705] Memory state around the buggy address: [ 13.064470] ffffffff94552480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.065593] ffffffff94552500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.066755] >ffffffff94552580: 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 [ 13.067866] ^ [ 13.068904] ffffffff94552600: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 13.070012] ffffffff94552680: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 13.071108] ================================================================== [ 13.072211] ok 33 - kasan_global_oob_right [ 13.072601] ok 34 - kasan_global_oob_left # SKIP Test requires CONFIG_CC_IS_CLANG=y [ 13.073540] ================================================================== [ 13.075784] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0xb3/0x180 [ 13.076782] Read of size 1 at addr ffff8881055b7e62 by task kunit_try_catch/321 [ 13.077831] [ 13.078063] CPU: 2 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.079433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.080648] Call Trace: [ 13.081014] <TASK> [ 13.081332] dump_stack_lvl+0x4d/0x66 [ 13.081874] print_report+0x17a/0x471 [ 13.082420] ? kasan_addr_to_slab+0x11/0xb0 [ 13.083035] ? kasan_stack_oob+0xb3/0x180 [ 13.083627] kasan_report+0xb4/0x140 [ 13.084156] ? kasan_stack_oob+0xb3/0x180 [ 13.084760] __asan_load1+0x66/0x70 [ 13.085275] kasan_stack_oob+0xb3/0x180 [ 13.085840] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.086491] ? trace_preempt_off+0x2e/0xf0 [ 13.087096] ? __kthread_parkme+0x31/0xd0 [ 13.087688] ? __kasan_check_write+0x18/0x20 [ 13.088328] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.089169] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.090062] ? trace_preempt_on+0x2e/0xf0 [ 13.090820] ? __kthread_parkme+0x4f/0xd0 [ 13.091614] kunit_try_run_case+0x95/0xd0 [ 13.092357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.093250] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.094264] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.095153] kthread+0x17d/0x1b0 [ 13.095679] ? __pfx_kthread+0x10/0x10 [ 13.096353] ret_from_fork+0x2c/0x50 [ 13.096996] </TASK> [ 13.097413] [ 13.097672] The buggy address belongs to stack of task kunit_try_catch/321 [ 13.098745] and is located at offset 138 in frame: [ 13.099509] kasan_stack_oob+0x0/0x180 [ 13.100110] [ 13.100382] This frame has 4 objects: [ 13.101155] [48, 49) '__assertion' [ 13.101170] [64, 72) 'array' [ 13.101902] [96, 112) '__assertion' [ 13.102532] [128, 138) 'stack_array' [ 13.103116] [ 13.103882] The buggy address belongs to the physical page: [ 13.104728] page:000000004309e99d refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1055b7 [ 13.106082] flags: 0x200000000000000(node=0|zone=2) [ 13.106796] raw: 0200000000000000 ffffea0004156dc8 ffffea0004156dc8 0000000000000000 [ 13.107905] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.109039] page dumped because: kasan: bad access detected [ 13.109838] [ 13.110069] Memory state around the buggy address: [ 13.110761] ffff8881055b7d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.111796] ffff8881055b7d80: 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 f1 [ 13.112846] >ffff8881055b7e00: f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 f3 00 [ 13.113884] ^ [ 13.114798] ffff8881055b7e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.115832] ffff8881055b7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.116882] ================================================================== [ 13.118078] ok 35 - kasan_stack_oob [ 13.118377] ================================================================== [ 13.121032] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0xea/0x1d0 [ 13.122740] Read of size 1 at addr ffff8881055bfd9f by task kunit_try_catch/322 [ 13.124484] [ 13.124859] CPU: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.127052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.128997] Call Trace: [ 13.129589] <TASK> [ 13.129941] dump_stack_lvl+0x4d/0x66 [ 13.130480] print_report+0x17a/0x471 [ 13.131066] ? kasan_addr_to_slab+0x11/0xb0 [ 13.131702] ? kasan_alloca_oob_left+0xea/0x1d0 [ 13.132395] kasan_report+0xb4/0x140 [ 13.133088] ? kasan_alloca_oob_left+0xea/0x1d0 [ 13.133983] __asan_load1+0x66/0x70 [ 13.134689] kasan_alloca_oob_left+0xea/0x1d0 [ 13.135597] ? __switch_to+0x31d/0x710 [ 13.136374] ? __schedule+0x5f8/0x10f0 [ 13.137089] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.138048] ? __kthread_parkme+0x31/0xd0 [ 13.138841] ? __kasan_check_write+0x18/0x20 [ 13.139470] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.140172] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.140905] ? trace_preempt_on+0x2e/0xf0 [ 13.141533] ? __kthread_parkme+0x4f/0xd0 [ 13.142180] kunit_try_run_case+0x95/0xd0 [ 13.142830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.143581] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.144560] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.145420] kthread+0x17d/0x1b0 [ 13.145947] ? __pfx_kthread+0x10/0x10 [ 13.146554] ret_from_fork+0x2c/0x50 [ 13.147141] </TASK> [ 13.147504] [ 13.147758] The buggy address belongs to stack of task kunit_try_catch/322 [ 13.148872] [ 13.149123] The buggy address belongs to the physical page: [ 13.150003] page:00000000b454021a refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1055bf [ 13.151470] flags: 0x200000000000000(node=0|zone=2) [ 13.152244] raw: 0200000000000000 ffffea0004156fc8 ffffea0004156fc8 0000000000000000 [ 13.153469] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.154674] page dumped because: kasan: bad access detected [ 13.155568] [ 13.155832] Memory state around the buggy address: [ 13.156624] ffff8881055bfc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.157777] ffff8881055bfd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.158942] >ffff8881055bfd80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 f1 f1 f1 [ 13.160085] ^ [ 13.160740] ffff8881055bfe00: f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 f3 00 00 00 [ 13.161879] ffff8881055bfe80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.163012] ================================================================== [ 13.164345] kunit_try_catch (322) used greatest stack depth: 28304 bytes left [ 13.164344] ok 36 - kasan_alloca_oob_left [ 13.165936] ================================================================== [ 13.170317] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0xf3/0x1d0 [ 13.172799] Read of size 1 at addr ffff8881055c7daa by task kunit_try_catch/323 [ 13.174653] [ 13.175067] CPU: 2 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.177953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.180704] Call Trace: [ 13.181374] <TASK> [ 13.181830] dump_stack_lvl+0x4d/0x66 [ 13.182449] print_report+0x17a/0x471 [ 13.183070] ? kasan_addr_to_slab+0x11/0xb0 [ 13.183770] ? kasan_alloca_oob_right+0xf3/0x1d0 [ 13.184624] kasan_report+0xb4/0x140 [ 13.185236] ? kasan_alloca_oob_right+0xf3/0x1d0 [ 13.186006] __asan_load1+0x66/0x70 [ 13.186585] kasan_alloca_oob_right+0xf3/0x1d0 [ 13.187317] ? __switch_to+0x31d/0x710 [ 13.187946] ? __schedule+0x5f8/0x10f0 [ 13.188587] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.189423] ? __kthread_parkme+0x31/0xd0 [ 13.190089] ? __kasan_check_write+0x18/0x20 [ 13.190795] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.191557] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.192402] ? trace_preempt_on+0x2e/0xf0 [ 13.193080] ? __kthread_parkme+0x4f/0xd0 [ 13.193744] kunit_try_run_case+0x95/0xd0 [ 13.194406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.195186] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.196188] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.197108] kthread+0x17d/0x1b0 [ 13.197648] ? __pfx_kthread+0x10/0x10 [ 13.198277] ret_from_fork+0x2c/0x50 [ 13.198879] </TASK> [ 13.199249] [ 13.199511] The buggy address belongs to stack of task kunit_try_catch/323 [ 13.203740] [ 13.204012] The buggy address belongs to the physical page: [ 13.204952] page:00000000186349a0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1055c7 [ 13.206515] flags: 0x200000000000000(node=0|zone=2) [ 13.207341] raw: 0200000000000000 ffffea00041571c8 ffffea00041571c8 0000000000000000 [ 13.208644] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.209949] page dumped because: kasan: bad access detected [ 13.210898] [ 13.211166] Memory state around the buggy address: [ 13.211954] ffff8881055c7c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.213411] ffff8881055c7d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.214959] >ffff8881055c7d80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 f1 f1 f1 [ 13.216141] ^ [ 13.216907] ffff8881055c7e00: f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 f3 00 00 00 [ 13.218068] ffff8881055c7e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.219224] ================================================================== [ 13.220581] ok 37 - kasan_alloca_oob_right [ 13.221111] ================================================================== [ 13.222988] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0xec/0x1f0 [ 13.224105] Read of size 1 at addr ffff888101327580 by task kunit_try_catch/324 [ 13.225167] [ 13.225398] CPU: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.226751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.227932] Call Trace: [ 13.228293] <TASK> [ 13.228619] dump_stack_lvl+0x4d/0x66 [ 13.229155] print_report+0x17a/0x471 [ 13.229694] ? kasan_complete_mode_report_info+0x40/0x210 [ 13.230471] ? ksize_unpoisons_memory+0xec/0x1f0 [ 13.231138] kasan_report+0xb4/0x140 [ 13.231663] ? ksize_unpoisons_memory+0xec/0x1f0 [ 13.232356] __asan_load1+0x66/0x70 [ 13.232873] ksize_unpoisons_memory+0xec/0x1f0 [ 13.233519] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.234244] ? __kasan_check_write+0x18/0x20 [ 13.234984] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.235700] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.236487] ? trace_preempt_on+0x2e/0xf0 [ 13.237115] ? __kthread_parkme+0x4f/0xd0 [ 13.237816] kunit_try_run_case+0x95/0xd0 [ 13.238449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.239184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.240125] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.240985] kthread+0x17d/0x1b0 [ 13.241498] ? __pfx_kthread+0x10/0x10 [ 13.242087] ret_from_fork+0x2c/0x50 [ 13.242654] </TASK> [ 13.243005] [ 13.243249] Allocated by task 324: [ 13.243792] kasan_save_stack+0x2a/0x60 [ 13.244425] kasan_set_track+0x29/0x40 [ 13.245025] kasan_save_alloc_info+0x22/0x30 [ 13.245707] __kasan_kmalloc+0xb8/0xc0 [ 13.246366] kmalloc_trace+0x4e/0xb0 [ 13.246951] ksize_unpoisons_memory+0x9f/0x1f0 [ 13.247680] kunit_try_run_case+0x95/0xd0 [ 13.248365] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.249224] kthread+0x17d/0x1b0 [ 13.249746] ret_from_fork+0x2c/0x50 [ 13.250369] [ 13.250619] The buggy address belongs to the object at ffff888101327500 [ 13.250619] which belongs to the cache kmalloc-128 of size 128 [ 13.252639] The buggy address is located 0 bytes to the right of [ 13.252639] 128-byte region [ffff888101327500, ffff888101327580) [ 13.254899] [ 13.255204] The buggy address belongs to the physical page: [ 13.256276] page:0000000084dfb319 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101327 [ 13.258178] flags: 0x200000000000200(slab|node=0|zone=2) [ 13.259052] raw: 0200000000000200 ffff8881000428c0 dead000000000122 0000000000000000 [ 13.260240] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 13.261468] page dumped because: kasan: bad access detected [ 13.262346] [ 13.262596] Memory state around the buggy address: [ 13.263352] ffff888101327480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.264498] ffff888101327500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.265629] >ffff888101327580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.266754] ^ [ 13.267272] ffff888101327600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.268436] ffff888101327680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.269563] ================================================================== [ 13.270893] ok 38 - ksize_unpoisons_memory [ 13.271367] ================================================================== [ 13.275225] BUG: KASAN: use-after-free in ksize_uaf+0xd4/0x300 [ 13.277269] Read of size 1 at addr ffff88810466e700 by task kunit_try_catch/325 [ 13.279867] [ 13.280501] CPU: 2 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.282573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.283840] Call Trace: [ 13.284227] <TASK> [ 13.284574] dump_stack_lvl+0x4d/0x66 [ 13.285147] print_report+0x17a/0x471 [ 13.285722] ? kasan_complete_mode_report_info+0x80/0x210 [ 13.286558] ? ksize_uaf+0xd4/0x300 [ 13.287115] kasan_report+0xb4/0x140 [ 13.287684] ? ksize_uaf+0xd4/0x300 [ 13.288242] ? ksize_uaf+0xd4/0x300 [ 13.288805] __kasan_check_byte+0x41/0x50 [ 13.289492] ksize+0x23/0x70 [ 13.289943] ksize_uaf+0xd4/0x300 [ 13.290456] ? __pfx_ksize_uaf+0x10/0x10 [ 13.291061] ? __kasan_check_write+0x18/0x20 [ 13.291713] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.292440] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.293198] ? trace_preempt_on+0x2e/0xf0 [ 13.293814] ? __kthread_parkme+0x4f/0xd0 [ 13.294428] kunit_try_run_case+0x95/0xd0 [ 13.295045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.295767] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.296701] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.297529] kthread+0x17d/0x1b0 [ 13.298034] ? __pfx_kthread+0x10/0x10 [ 13.298617] ret_from_fork+0x2c/0x50 [ 13.299178] </TASK> [ 13.299525] [ 13.299768] Allocated by task 325: [ 13.300345] kasan_save_stack+0x2a/0x60 [ 13.300942] kasan_set_track+0x29/0x40 [ 13.301530] kasan_save_alloc_info+0x22/0x30 [ 13.302192] __kasan_kmalloc+0xb8/0xc0 [ 13.302770] kmalloc_trace+0x4e/0xb0 [ 13.303316] ksize_uaf+0x9d/0x300 [ 13.303824] kunit_try_run_case+0x95/0xd0 [ 13.304441] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.305250] kthread+0x17d/0x1b0 [ 13.305813] ret_from_fork+0x2c/0x50 [ 13.306355] [ 13.306592] Freed by task 325: [ 13.307056] kasan_save_stack+0x2a/0x60 [ 13.307640] kasan_set_track+0x29/0x40 [ 13.308208] kasan_save_free_info+0x32/0x50 [ 13.308849] ____kasan_slab_free+0x174/0x1e0 [ 13.309496] __kasan_slab_free+0x16/0x20 [ 13.310095] __kmem_cache_free+0x18e/0x300 [ 13.310721] kfree+0x7d/0x120 [ 13.311185] ksize_uaf+0xbd/0x300 [ 13.311717] kunit_try_run_case+0x95/0xd0 [ 13.312367] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.313215] kthread+0x17d/0x1b0 [ 13.313754] ret_from_fork+0x2c/0x50 [ 13.314319] [ 13.314566] The buggy address belongs to the object at ffff88810466e700 [ 13.314566] which belongs to the cache kmalloc-128 of size 128 [ 13.316487] The buggy address is located 0 bytes inside of [ 13.316487] 128-byte region [ffff88810466e700, ffff88810466e780) [ 13.318252] [ 13.318521] The buggy address belongs to the physical page: [ 13.319380] page:000000000cf4b5c4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10466e [ 13.320814] flags: 0x200000000000200(slab|node=0|zone=2) [ 13.321626] raw: 0200000000000200 ffff8881000428c0 dead000000000122 0000000000000000 [ 13.322791] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 13.323965] page dumped because: kasan: bad access detected [ 13.324818] [ 13.325061] Memory state around the buggy address: [ 13.325793] ffff88810466e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.326928] ffff88810466e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.328069] >ffff88810466e700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.329179] ^ [ 13.329675] ffff88810466e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.330743] ffff88810466e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.331818] ================================================================== [ 13.332966] ================================================================== [ 13.334056] BUG: KASAN: use-after-free in ksize_uaf+0x108/0x300 [ 13.334947] Read of size 1 at addr ffff88810466e700 by task kunit_try_catch/325 [ 13.336052] [ 13.336294] CPU: 2 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.337742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.338982] Call Trace: [ 13.339360] <TASK> [ 13.339689] dump_stack_lvl+0x4d/0x66 [ 13.340248] print_report+0x17a/0x471 [ 13.340824] ? kasan_complete_mode_report_info+0x80/0x210 [ 13.341639] ? ksize_uaf+0x108/0x300 [ 13.342187] kasan_report+0xb4/0x140 [ 13.342736] ? ksize_uaf+0x108/0x300 [ 13.343283] __asan_load1+0x66/0x70 [ 13.343826] ksize_uaf+0x108/0x300 [ 13.344372] ? __pfx_ksize_uaf+0x10/0x10 [ 13.344970] ? __kasan_check_write+0x18/0x20 [ 13.345615] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.346313] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.347061] ? trace_preempt_on+0x2e/0xf0 [ 13.347670] ? __kthread_parkme+0x4f/0xd0 [ 13.348277] kunit_try_run_case+0x95/0xd0 [ 13.348896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.349606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.350521] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.351337] kthread+0x17d/0x1b0 [ 13.351835] ? __pfx_kthread+0x10/0x10 [ 13.352423] ret_from_fork+0x2c/0x50 [ 13.352974] </TASK> [ 13.353316] [ 13.353555] Allocated by task 325: [ 13.354074] kasan_save_stack+0x2a/0x60 [ 13.354658] kasan_set_track+0x29/0x40 [ 13.355230] kasan_save_alloc_info+0x22/0x30 [ 13.355881] __kasan_kmalloc+0xb8/0xc0 [ 13.356460] kmalloc_trace+0x4e/0xb0 [ 13.357001] ksize_uaf+0x9d/0x300 [ 13.357507] kunit_try_run_case+0x95/0xd0 [ 13.358113] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.358918] kthread+0x17d/0x1b0 [ 13.359407] ret_from_fork+0x2c/0x50 [ 13.359950] [ 13.360187] Freed by task 325: [ 13.360658] kasan_save_stack+0x2a/0x60 [ 13.361238] kasan_set_track+0x29/0x40 [ 13.361807] kasan_save_free_info+0x32/0x50 [ 13.362440] ____kasan_slab_free+0x174/0x1e0 [ 13.363086] __kasan_slab_free+0x16/0x20 [ 13.363685] __kmem_cache_free+0x18e/0x300 [ 13.364309] kfree+0x7d/0x120 [ 13.364788] ksize_uaf+0xbd/0x300 [ 13.365299] kunit_try_run_case+0x95/0xd0 [ 13.365912] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.366734] kthread+0x17d/0x1b0 [ 13.367228] ret_from_fork+0x2c/0x50 [ 13.367814] [ 13.368056] The buggy address belongs to the object at ffff88810466e700 [ 13.368056] which belongs to the cache kmalloc-128 of size 128 [ 13.370025] The buggy address is located 0 bytes inside of [ 13.370025] 128-byte region [ffff88810466e700, ffff88810466e780) [ 13.371814] [ 13.372053] The buggy address belongs to the physical page: [ 13.372891] page:000000000cf4b5c4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10466e [ 13.374275] flags: 0x200000000000200(slab|node=0|zone=2) [ 13.375072] raw: 0200000000000200 ffff8881000428c0 dead000000000122 0000000000000000 [ 13.376218] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 13.377382] page dumped because: kasan: bad access detected [ 13.378215] [ 13.378451] Memory state around the buggy address: [ 13.379170] ffff88810466e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.380243] ffff88810466e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.381337] >ffff88810466e700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.382462] ^ [ 13.383005] ffff88810466e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.384166] ffff88810466e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.385367] ================================================================== [ 13.386568] ================================================================== [ 13.387748] BUG: KASAN: use-after-free in ksize_uaf+0x140/0x300 [ 13.388690] Read of size 1 at addr ffff88810466e778 by task kunit_try_catch/325 [ 13.389789] [ 13.390031] CPU: 2 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.391477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.392752] Call Trace: [ 13.393138] <TASK> [ 13.393472] dump_stack_lvl+0x4d/0x66 [ 13.394044] print_report+0x17a/0x471 [ 13.394616] ? kasan_complete_mode_report_info+0x80/0x210 [ 13.395444] ? ksize_uaf+0x140/0x300 [ 13.396002] kasan_report+0xb4/0x140 [ 13.396570] ? ksize_uaf+0x140/0x300 [ 13.397126] __asan_load1+0x66/0x70 [ 13.397667] ksize_uaf+0x140/0x300 [ 13.398193] ? __pfx_ksize_uaf+0x10/0x10 [ 13.398798] ? __kasan_check_write+0x18/0x20 [ 13.399452] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.400160] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.400924] ? trace_preempt_on+0x2e/0xf0 [ 13.401540] ? __kthread_parkme+0x4f/0xd0 [ 13.402157] kunit_try_run_case+0x95/0xd0 [ 13.402775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.403496] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.404444] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.405273] kthread+0x17d/0x1b0 [ 13.405784] ? __pfx_kthread+0x10/0x10 [ 13.406367] ret_from_fork+0x2c/0x50 [ 13.406927] </TASK> [ 13.407273] [ 13.407515] Allocated by task 325: [ 13.408045] kasan_save_stack+0x2a/0x60 [ 13.408647] kasan_set_track+0x29/0x40 [ 13.409230] kasan_save_alloc_info+0x22/0x30 [ 13.409892] __kasan_kmalloc+0xb8/0xc0 [ 13.410479] kmalloc_trace+0x4e/0xb0 [ 13.411029] ksize_uaf+0x9d/0x300 [ 13.411571] kunit_try_run_case+0x95/0xd0 [ 13.412190] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.413021] kthread+0x17d/0x1b0 [ 13.413519] ret_from_fork+0x2c/0x50 [ 13.414068] [ 13.414345] Freed by task 325: [ 13.414817] kasan_save_stack+0x2a/0x60 [ 13.415406] kasan_set_track+0x29/0x40 [ 13.415982] kasan_save_free_info+0x32/0x50 [ 13.416632] ____kasan_slab_free+0x174/0x1e0 [ 13.417286] __kasan_slab_free+0x16/0x20 [ 13.417893] __kmem_cache_free+0x18e/0x300 [ 13.418525] kfree+0x7d/0x120 [ 13.418989] ksize_uaf+0xbd/0x300 [ 13.419507] kunit_try_run_case+0x95/0xd0 [ 13.420126] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.420960] kthread+0x17d/0x1b0 [ 13.421465] ret_from_fork+0x2c/0x50 [ 13.422023] [ 13.422266] The buggy address belongs to the object at ffff88810466e700 [ 13.422266] which belongs to the cache kmalloc-128 of size 128 [ 13.424155] The buggy address is located 120 bytes inside of [ 13.424155] 128-byte region [ffff88810466e700, ffff88810466e780) [ 13.425904] [ 13.426143] The buggy address belongs to the physical page: [ 13.426975] page:000000000cf4b5c4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10466e [ 13.428373] flags: 0x200000000000200(slab|node=0|zone=2) [ 13.429172] raw: 0200000000000200 ffff8881000428c0 dead000000000122 0000000000000000 [ 13.430322] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 13.431480] page dumped because: kasan: bad access detected [ 13.432332] [ 13.432575] Memory state around the buggy address: [ 13.433301] ffff88810466e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.434378] ffff88810466e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.435456] >ffff88810466e700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.436543] ^ [ 13.437605] ffff88810466e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.438673] ffff88810466e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.439743] ================================================================== [ 13.440907] ok 39 - ksize_uaf [ 13.441831] ================================================================== [ 13.445525] BUG: KASAN: double-free in kmem_cache_double_free+0xeb/0x1f0 [ 13.447923] Free of addr ffff888100294000 by task kunit_try_catch/326 [ 13.449894] [ 13.450165] CPU: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.451764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.453127] Call Trace: [ 13.453530] <TASK> [ 13.453881] dump_stack_lvl+0x4d/0x66 [ 13.454488] print_report+0x17a/0x471 [ 13.455126] ? kmem_cache_double_free+0xeb/0x1f0 [ 13.455908] ? kasan_complete_mode_report_info+0x80/0x210 [ 13.456784] ? kmem_cache_double_free+0xeb/0x1f0 [ 13.457523] ? kmem_cache_double_free+0xeb/0x1f0 [ 13.458261] kasan_report_invalid_free+0x85/0x100 [ 13.459012] ? kmem_cache_double_free+0xeb/0x1f0 [ 13.459752] ____kasan_slab_free+0x19e/0x1e0 [ 13.460556] ? kmem_cache_double_free+0xeb/0x1f0 [ 13.461517] __kasan_slab_free+0x16/0x20 [ 13.462365] kmem_cache_free+0x1a2/0x4b0 [ 13.463118] kmem_cache_double_free+0xeb/0x1f0 [ 13.463817] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.464619] ? __kasan_check_write+0x18/0x20 [ 13.465285] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.466013] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.466799] ? trace_preempt_on+0x2e/0xf0 [ 13.467431] ? __kthread_parkme+0x4f/0xd0 [ 13.468062] kunit_try_run_case+0x95/0xd0 [ 13.468690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.469487] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.470457] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.471317] kthread+0x17d/0x1b0 [ 13.471842] ? __pfx_kthread+0x10/0x10 [ 13.472460] ret_from_fork+0x2c/0x50 [ 13.473042] </TASK> [ 13.473407] [ 13.473659] Allocated by task 326: [ 13.474207] kasan_save_stack+0x2a/0x60 [ 13.474823] kasan_set_track+0x29/0x40 [ 13.475426] kasan_save_alloc_info+0x22/0x30 [ 13.476111] __kasan_slab_alloc+0x94/0xa0 [ 13.476770] kmem_cache_alloc+0x171/0x350 [ 13.477416] kmem_cache_double_free+0xba/0x1f0 [ 13.478132] kunit_try_run_case+0x95/0xd0 [ 13.478777] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.479653] kthread+0x17d/0x1b0 [ 13.480178] ret_from_fork+0x2c/0x50 [ 13.480769] [ 13.481017] Freed by task 326: [ 13.481500] kasan_save_stack+0x2a/0x60 [ 13.482103] kasan_set_track+0x29/0x40 [ 13.482694] kasan_save_free_info+0x32/0x50 [ 13.483351] ____kasan_slab_free+0x174/0x1e0 [ 13.484023] __kasan_slab_free+0x16/0x20 [ 13.484653] kmem_cache_free+0x1a2/0x4b0 [ 13.485268] kmem_cache_double_free+0xd1/0x1f0 [ 13.485971] kunit_try_run_case+0x95/0xd0 [ 13.486604] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.487444] kthread+0x17d/0x1b0 [ 13.487954] ret_from_fork+0x2c/0x50 [ 13.488538] [ 13.488789] The buggy address belongs to the object at ffff888100294000 [ 13.488789] which belongs to the cache test_cache of size 200 [ 13.490738] The buggy address is located 0 bytes inside of [ 13.490738] 200-byte region [ffff888100294000, ffff8881002940c8) [ 13.492569] [ 13.492824] The buggy address belongs to the physical page: [ 13.493706] page:000000003bf02619 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100294 [ 13.495216] head:000000003bf02619 order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 13.496775] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 13.497695] raw: 0200000000010200 ffff888100292000 dead000000000122 0000000000000000 [ 13.499032] raw: 0000000000000000 00000000801f001f 00000001ffffffff 0000000000000000 [ 13.500258] page dumped because: kasan: bad access detected [ 13.501167] [ 13.501427] Memory state around the buggy address: [ 13.502191] ffff888100293f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.503335] ffff888100293f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.504486] >ffff888100294000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.505640] ^ [ 13.506171] ffff888100294080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.507310] ffff888100294100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.508434] ================================================================== [ 13.524025] ok 40 - kmem_cache_double_free [ 13.525646] ================================================================== [ 13.530849] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0xe4/0x1f0 [ 13.533142] Free of addr ffff8881052f2001 by task kunit_try_catch/327 [ 13.534395] [ 13.534643] CPU: 2 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.536107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.537392] Call Trace: [ 13.537782] <TASK> [ 13.538122] dump_stack_lvl+0x4d/0x66 [ 13.538707] print_report+0x17a/0x471 [ 13.539296] ? kmem_cache_invalid_free+0xe4/0x1f0 [ 13.540041] ? kasan_complete_mode_report_info+0x40/0x210 [ 13.540959] ? kmem_cache_invalid_free+0xe4/0x1f0 [ 13.541706] ? kmem_cache_invalid_free+0xe4/0x1f0 [ 13.542452] kasan_report_invalid_free+0x85/0x100 [ 13.543203] ? kmem_cache_invalid_free+0xe4/0x1f0 [ 13.543975] ____kasan_slab_free+0x1c2/0x1e0 [ 13.544668] ? kmem_cache_invalid_free+0xe4/0x1f0 [ 13.545404] __kasan_slab_free+0x16/0x20 [ 13.546020] kmem_cache_free+0x1a2/0x4b0 [ 13.546640] kmem_cache_invalid_free+0xe4/0x1f0 [ 13.547350] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.548151] ? __kasan_check_write+0x18/0x20 [ 13.548823] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.549544] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.550314] ? trace_preempt_on+0x2e/0xf0 [ 13.550945] ? __kthread_parkme+0x4f/0xd0 [ 13.551569] kunit_try_run_case+0x95/0xd0 [ 13.552194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.552938] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.553874] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.554705] kthread+0x17d/0x1b0 [ 13.555218] ? __pfx_kthread+0x10/0x10 [ 13.555808] ret_from_fork+0x2c/0x50 [ 13.556424] </TASK> [ 13.556857] [ 13.557104] Allocated by task 327: [ 13.557635] kasan_save_stack+0x2a/0x60 [ 13.558240] kasan_set_track+0x29/0x40 [ 13.558829] kasan_save_alloc_info+0x22/0x30 [ 13.559497] __kasan_slab_alloc+0x94/0xa0 [ 13.560125] kmem_cache_alloc+0x171/0x350 [ 13.560818] kmem_cache_invalid_free+0xbd/0x1f0 [ 13.561527] kunit_try_run_case+0x95/0xd0 [ 13.562152] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.562981] kthread+0x17d/0x1b0 [ 13.563487] ret_from_fork+0x2c/0x50 [ 13.564045] [ 13.564289] The buggy address belongs to the object at ffff8881052f2000 [ 13.564289] which belongs to the cache test_cache of size 200 [ 13.566861] The buggy address is located 1 bytes inside of [ 13.566861] 200-byte region [ffff8881052f2000, ffff8881052f20c8) [ 13.568739] [ 13.568985] The buggy address belongs to the physical page: [ 13.569841] page:00000000ed9b1acd refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1052f2 [ 13.571293] head:00000000ed9b1acd order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 13.572704] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 13.573592] raw: 0200000000010200 ffff8881052f0280 dead000000000122 0000000000000000 [ 13.574782] raw: 0000000000000000 00000000801f001f 00000001ffffffff 0000000000000000 [ 13.575979] page dumped because: kasan: bad access detected [ 13.576859] [ 13.577109] Memory state around the buggy address: [ 13.577865] ffff8881052f1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.578991] ffff8881052f1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.580114] >ffff8881052f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.581245] ^ [ 13.581751] ffff8881052f2080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.582853] ffff8881052f2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.583961] ================================================================== [ 13.597555] ok 41 - kmem_cache_invalid_free [ 13.599916] ================================================================== [ 13.603603] BUG: KASAN: use-after-free in kmem_cache_double_destroy+0xc6/0x1c0 [ 13.605427] Read of size 1 at addr ffff888100292140 by task kunit_try_catch/328 [ 13.607397] [ 13.607796] CPU: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.610134] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.612184] Call Trace: [ 13.612802] <TASK> [ 13.613304] dump_stack_lvl+0x4d/0x66 [ 13.613992] print_report+0x17a/0x471 [ 13.614567] ? kasan_complete_mode_report_info+0x80/0x210 [ 13.615347] ? kmem_cache_double_destroy+0xc6/0x1c0 [ 13.616052] kasan_report+0xb4/0x140 [ 13.616620] ? kmem_cache_double_destroy+0xc6/0x1c0 [ 13.617336] ? kmem_cache_double_destroy+0xc6/0x1c0 [ 13.618046] __kasan_check_byte+0x41/0x50 [ 13.618661] kmem_cache_destroy+0x25/0x170 [ 13.619264] kmem_cache_double_destroy+0xc6/0x1c0 [ 13.620101] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.620960] ? __kasan_check_write+0x18/0x20 [ 13.621641] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.622393] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.623172] ? trace_preempt_on+0x2e/0xf0 [ 13.623801] ? __kthread_parkme+0x4f/0xd0 [ 13.624445] kunit_try_run_case+0x95/0xd0 [ 13.625074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.625812] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.626807] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.627672] kthread+0x17d/0x1b0 [ 13.628203] ? __pfx_kthread+0x10/0x10 [ 13.628819] ret_from_fork+0x2c/0x50 [ 13.629388] </TASK> [ 13.629738] [ 13.629983] Allocated by task 328: [ 13.630534] kasan_save_stack+0x2a/0x60 [ 13.631097] kasan_set_track+0x29/0x40 [ 13.631645] kasan_save_alloc_info+0x22/0x30 [ 13.632271] __kasan_slab_alloc+0x94/0xa0 [ 13.632912] kmem_cache_alloc+0x171/0x350 [ 13.633543] kmem_cache_create_usercopy+0x12e/0x2b0 [ 13.634316] kmem_cache_create+0x1a/0x20 [ 13.634945] kmem_cache_double_destroy+0x97/0x1c0 [ 13.635634] kunit_try_run_case+0x95/0xd0 [ 13.636239] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.637141] kthread+0x17d/0x1b0 [ 13.637668] ret_from_fork+0x2c/0x50 [ 13.638247] [ 13.638512] Freed by task 328: [ 13.639010] kasan_save_stack+0x2a/0x60 [ 13.639631] kasan_set_track+0x29/0x40 [ 13.640237] kasan_save_free_info+0x32/0x50 [ 13.640949] ____kasan_slab_free+0x174/0x1e0 [ 13.641686] __kasan_slab_free+0x16/0x20 [ 13.642322] kmem_cache_free+0x1a2/0x4b0 [ 13.642953] slab_kmem_cache_release+0x30/0x40 [ 13.643669] kmem_cache_release+0x16/0x20 [ 13.644360] kobject_put+0x100/0x260 [ 13.644983] sysfs_slab_release+0x24/0x30 [ 13.645632] kmem_cache_destroy+0xda/0x170 [ 13.646297] kmem_cache_double_destroy+0xaf/0x1c0 [ 13.647052] kunit_try_run_case+0x95/0xd0 [ 13.647702] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.648592] kthread+0x17d/0x1b0 [ 13.649161] ret_from_fork+0x2c/0x50 [ 13.649749] [ 13.650001] The buggy address belongs to the object at ffff888100292140 [ 13.650001] which belongs to the cache kmem_cache of size 216 [ 13.651951] The buggy address is located 0 bytes inside of [ 13.651951] 216-byte region [ffff888100292140, ffff888100292218) [ 13.653771] [ 13.654021] The buggy address belongs to the physical page: [ 13.654905] page:0000000024794175 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100292 [ 13.656379] head:0000000024794175 order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 13.657841] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 13.658789] raw: 0200000000010200 ffff888100042000 dead000000000122 0000000000000000 [ 13.659989] raw: 0000000000000000 0000000080190019 00000001ffffffff 0000000000000000 [ 13.661202] page dumped because: kasan: bad access detected [ 13.662091] [ 13.662354] Memory state around the buggy address: [ 13.663049] ffff888100292000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.664087] ffff888100292080: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 13.665208] >ffff888100292100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.666418] ^ [ 13.667219] ffff888100292180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.668256] ffff888100292200: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.669387] ================================================================== [ 13.670666] ok 42 - kmem_cache_double_destroy [ 13.671022] ================================================================== [ 13.682951] BUG: KASAN: slab-out-of-bounds in memchr+0x27/0x60 [ 13.684052] Read of size 1 at addr ffff8881044e1558 by task kunit_try_catch/329 [ 13.685268] [ 13.685534] CPU: 2 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.687118] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.688517] Call Trace: [ 13.688941] <TASK> [ 13.689308] dump_stack_lvl+0x4d/0x66 [ 13.689946] print_report+0x17a/0x471 [ 13.690584] ? kasan_complete_mode_report_info+0x40/0x210 [ 13.691491] ? memchr+0x27/0x60 [ 13.692029] kasan_report+0xb4/0x140 [ 13.692679] ? memchr+0x27/0x60 [ 13.693219] __asan_load1+0x66/0x70 [ 13.693811] memchr+0x27/0x60 [ 13.694311] kasan_memchr+0xdd/0x1f0 [ 13.694908] ? __pfx_kasan_memchr+0x10/0x10 [ 13.695601] ? __kasan_check_write+0x18/0x20 [ 13.696307] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.697090] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.697917] ? trace_preempt_on+0x2e/0xf0 [ 13.698587] ? __kthread_parkme+0x4f/0xd0 [ 13.699257] kunit_try_run_case+0x95/0xd0 [ 13.699937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.700781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.701781] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.702670] kthread+0x17d/0x1b0 [ 13.703213] ? __pfx_kthread+0x10/0x10 [ 13.703836] ret_from_fork+0x2c/0x50 [ 13.704453] </TASK> [ 13.704834] [ 13.705101] Allocated by task 329: [ 13.705679] kasan_save_stack+0x2a/0x60 [ 13.706313] kasan_set_track+0x29/0x40 [ 13.706933] kasan_save_alloc_info+0x22/0x30 [ 13.707646] __kasan_kmalloc+0xb8/0xc0 [ 13.708277] kmalloc_trace+0x4e/0xb0 [ 13.708891] kasan_memchr+0x9f/0x1f0 [ 13.709484] kunit_try_run_case+0x95/0xd0 [ 13.710147] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.711027] kthread+0x17d/0x1b0 [ 13.711563] ret_from_fork+0x2c/0x50 [ 13.712161] [ 13.712456] The buggy address belongs to the object at ffff8881044e1540 [ 13.712456] which belongs to the cache kmalloc-32 of size 32 [ 13.715096] The buggy address is located 24 bytes inside of [ 13.715096] 32-byte region [ffff8881044e1540, ffff8881044e1560) [ 13.716997] [ 13.717257] The buggy address belongs to the physical page: [ 13.718172] page:00000000e0a1c7c6 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044e1 [ 13.719708] flags: 0x200000000000200(slab|node=0|zone=2) [ 13.720681] raw: 0200000000000200 ffff888100042500 dead000000000122 0000000000000000 [ 13.722361] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 13.723697] page dumped because: kasan: bad access detected [ 13.724568] [ 13.724812] Memory state around the buggy address: [ 13.725543] ffff8881044e1400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.726638] ffff8881044e1480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.727730] >ffff8881044e1500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.728835] ^ [ 13.729780] ffff8881044e1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.730874] ffff8881044e1600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.731966] ================================================================== [ 13.733327] ok 43 - kasan_memchr [ 13.746691] ================================================================== [ 13.750406] BUG: KASAN: slab-out-of-bounds in memcmp+0x3d/0xb0 [ 13.752295] Read of size 1 at addr ffff888101326558 by task kunit_try_catch/330 [ 13.754877] [ 13.755397] CPU: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.758101] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.759306] Call Trace: [ 13.759672] <TASK> [ 13.759993] dump_stack_lvl+0x4d/0x66 [ 13.760569] print_report+0x17a/0x471 [ 13.761155] ? kasan_complete_mode_report_info+0x40/0x210 [ 13.762010] ? memcmp+0x3d/0xb0 [ 13.762536] kasan_report+0xb4/0x140 [ 13.763125] ? memcmp+0x3d/0xb0 [ 13.763645] __asan_load1+0x66/0x70 [ 13.764219] memcmp+0x3d/0xb0 [ 13.764723] kasan_memcmp+0x10d/0x240 [ 13.765341] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.766023] ? trace_preempt_off+0x2e/0xf0 [ 13.766692] ? __kthread_parkme+0x31/0xd0 [ 13.767339] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.768078] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.768891] ? trace_preempt_on+0x2e/0xf0 [ 13.769554] ? __kthread_parkme+0x4f/0xd0 [ 13.770188] kunit_try_run_case+0x95/0xd0 [ 13.770819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.771571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.772548] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.773427] kthread+0x17d/0x1b0 [ 13.773945] ? __pfx_kthread+0x10/0x10 [ 13.774536] ret_from_fork+0x2c/0x50 [ 13.775107] </TASK> [ 13.775461] [ 13.775710] Allocated by task 330: [ 13.776245] kasan_save_stack+0x2a/0x60 [ 13.776868] kasan_set_track+0x29/0x40 [ 13.777476] kasan_save_alloc_info+0x22/0x30 [ 13.778151] __kasan_kmalloc+0xb8/0xc0 [ 13.778743] kmalloc_trace+0x4e/0xb0 [ 13.779306] kasan_memcmp+0xb0/0x240 [ 13.779870] kunit_try_run_case+0x95/0xd0 [ 13.780518] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.781376] kthread+0x17d/0x1b0 [ 13.781892] ret_from_fork+0x2c/0x50 [ 13.782459] [ 13.782706] The buggy address belongs to the object at ffff888101326540 [ 13.782706] which belongs to the cache kmalloc-32 of size 32 [ 13.784618] The buggy address is located 24 bytes inside of [ 13.784618] 32-byte region [ffff888101326540, ffff888101326560) [ 13.786336] [ 13.786569] The buggy address belongs to the physical page: [ 13.787377] page:0000000013396a53 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101326 [ 13.788808] flags: 0x200000000000200(slab|node=0|zone=2) [ 13.789636] raw: 0200000000000200 ffff888100042500 dead000000000122 0000000000000000 [ 13.790790] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 13.792055] page dumped because: kasan: bad access detected [ 13.792945] [ 13.793195] Memory state around the buggy address: [ 13.793963] ffff888101326400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.795082] ffff888101326480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.796194] >ffff888101326500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.797395] ^ [ 13.798347] ffff888101326580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.799477] ffff888101326600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.800641] ================================================================== [ 13.801860] ok 44 - kasan_memcmp [ 13.802327] ================================================================== [ 13.804904] BUG: KASAN: use-after-free in strchr+0x18/0x60 [ 13.806184] Read of size 1 at addr ffff8881044e1610 by task kunit_try_catch/331 [ 13.807863] [ 13.808234] CPU: 2 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.810177] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.811457] Call Trace: [ 13.811849] <TASK> [ 13.812191] dump_stack_lvl+0x4d/0x66 [ 13.812780] print_report+0x17a/0x471 [ 13.813358] ? kasan_complete_mode_report_info+0x80/0x210 [ 13.814192] ? strchr+0x18/0x60 [ 13.814689] kasan_report+0xb4/0x140 [ 13.815253] ? strchr+0x18/0x60 [ 13.815755] __asan_load1+0x66/0x70 [ 13.816315] strchr+0x18/0x60 [ 13.816815] kasan_strings+0xdd/0x500 [ 13.817400] ? __pfx_kasan_strings+0x10/0x10 [ 13.818081] ? __kasan_check_write+0x18/0x20 [ 13.818761] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.819497] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.820290] ? trace_preempt_on+0x2e/0xf0 [ 13.820945] ? __kthread_parkme+0x4f/0xd0 [ 13.821928] kunit_try_run_case+0x95/0xd0 [ 13.822616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.823418] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.824473] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.825387] kthread+0x17d/0x1b0 [ 13.825945] ? __pfx_kthread+0x10/0x10 [ 13.826599] ret_from_fork+0x2c/0x50 [ 13.827233] </TASK> [ 13.827614] [ 13.827874] Allocated by task 331: [ 13.828452] kasan_save_stack+0x2a/0x60 [ 13.829091] kasan_set_track+0x29/0x40 [ 13.829720] kasan_save_alloc_info+0x22/0x30 [ 13.830429] __kasan_kmalloc+0xb8/0xc0 [ 13.831058] kmalloc_trace+0x4e/0xb0 [ 13.831656] kasan_strings+0x9d/0x500 [ 13.832266] kunit_try_run_case+0x95/0xd0 [ 13.833132] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.834297] kthread+0x17d/0x1b0 [ 13.835035] ret_from_fork+0x2c/0x50 [ 13.835647] [ 13.835909] Freed by task 331: [ 13.836505] kasan_save_stack+0x2a/0x60 [ 13.837160] kasan_set_track+0x29/0x40 [ 13.837791] kasan_save_free_info+0x32/0x50 [ 13.838492] ____kasan_slab_free+0x174/0x1e0 [ 13.839210] __kasan_slab_free+0x16/0x20 [ 13.839870] __kmem_cache_free+0x18e/0x300 [ 13.840630] kfree+0x7d/0x120 [ 13.841292] kasan_strings+0xc1/0x500 [ 13.842113] kunit_try_run_case+0x95/0xd0 [ 13.842994] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.843828] kthread+0x17d/0x1b0 [ 13.844355] ret_from_fork+0x2c/0x50 [ 13.844976] [ 13.845220] The buggy address belongs to the object at ffff8881044e1600 [ 13.845220] which belongs to the cache kmalloc-32 of size 32 [ 13.847083] The buggy address is located 16 bytes inside of [ 13.847083] 32-byte region [ffff8881044e1600, ffff8881044e1620) [ 13.848915] [ 13.849159] The buggy address belongs to the physical page: [ 13.850014] page:00000000e0a1c7c6 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044e1 [ 13.851446] flags: 0x200000000000200(slab|node=0|zone=2) [ 13.852274] raw: 0200000000000200 ffff888100042500 dead000000000122 0000000000000000 [ 13.853611] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 13.854886] page dumped because: kasan: bad access detected [ 13.855807] [ 13.856069] Memory state around the buggy address: [ 13.856893] ffff8881044e1500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.858088] ffff8881044e1580: 00 00 07 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.859269] >ffff8881044e1600: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.860458] ^ [ 13.861082] ffff8881044e1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.862260] ffff8881044e1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.863439] ================================================================== [ 13.864820] ================================================================== [ 13.866026] BUG: KASAN: use-after-free in strrchr+0x1e/0x40 [ 13.866962] Read of size 1 at addr ffff8881044e1610 by task kunit_try_catch/331 [ 13.868199] [ 13.868483] CPU: 2 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.870056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.871439] Call Trace: [ 13.871866] <TASK> [ 13.872236] dump_stack_lvl+0x4d/0x66 [ 13.873026] print_report+0x17a/0x471 [ 13.873842] ? kasan_complete_mode_report_info+0x80/0x210 [ 13.874941] ? strrchr+0x1e/0x40 [ 13.875489] kasan_report+0xb4/0x140 [ 13.876088] ? strrchr+0x1e/0x40 [ 13.876644] __asan_load1+0x66/0x70 [ 13.877231] strrchr+0x1e/0x40 [ 13.877747] kasan_strings+0x11d/0x500 [ 13.878373] ? __pfx_kasan_strings+0x10/0x10 [ 13.879083] ? __kasan_check_write+0x18/0x20 [ 13.879797] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.880654] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.881736] ? trace_preempt_on+0x2e/0xf0 [ 13.882642] ? __kthread_parkme+0x4f/0xd0 [ 13.883361] kunit_try_run_case+0x95/0xd0 [ 13.883995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.884739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.885684] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.886522] kthread+0x17d/0x1b0 [ 13.887033] ? __pfx_kthread+0x10/0x10 [ 13.887624] ret_from_fork+0x2c/0x50 [ 13.888188] </TASK> [ 13.888543] [ 13.888787] Allocated by task 331: [ 13.889317] kasan_save_stack+0x2a/0x60 [ 13.889915] kasan_set_track+0x29/0x40 [ 13.890499] kasan_save_alloc_info+0x22/0x30 [ 13.891161] __kasan_kmalloc+0xb8/0xc0 [ 13.891745] kmalloc_trace+0x4e/0xb0 [ 13.892302] kasan_strings+0x9d/0x500 [ 13.892894] kunit_try_run_case+0x95/0xd0 [ 13.893519] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.894349] kthread+0x17d/0x1b0 [ 13.894857] ret_from_fork+0x2c/0x50 [ 13.895420] [ 13.895665] Freed by task 331: [ 13.896147] kasan_save_stack+0x2a/0x60 [ 13.896816] kasan_set_track+0x29/0x40 [ 13.897453] kasan_save_free_info+0x32/0x50 [ 13.898154] ____kasan_slab_free+0x174/0x1e0 [ 13.898864] __kasan_slab_free+0x16/0x20 [ 13.899518] __kmem_cache_free+0x18e/0x300 [ 13.900201] kfree+0x7d/0x120 [ 13.900726] kasan_strings+0xc1/0x500 [ 13.901353] kunit_try_run_case+0x95/0xd0 [ 13.902035] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.902922] kthread+0x17d/0x1b0 [ 13.903463] ret_from_fork+0x2c/0x50 [ 13.904060] [ 13.904321] The buggy address belongs to the object at ffff8881044e1600 [ 13.904321] which belongs to the cache kmalloc-32 of size 32 [ 13.906338] The buggy address is located 16 bytes inside of [ 13.906338] 32-byte region [ffff8881044e1600, ffff8881044e1620) [ 13.908213] [ 13.908486] The buggy address belongs to the physical page: [ 13.909402] page:00000000e0a1c7c6 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044e1 [ 13.910933] flags: 0x200000000000200(slab|node=0|zone=2) [ 13.911818] raw: 0200000000000200 ffff888100042500 dead000000000122 0000000000000000 [ 13.913335] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 13.914992] page dumped because: kasan: bad access detected [ 13.915915] [ 13.916181] Memory state around the buggy address: [ 13.917053] ffff8881044e1500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.918258] ffff8881044e1580: 00 00 07 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.919458] >ffff8881044e1600: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.920780] ^ [ 13.921598] ffff8881044e1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.923125] ffff8881044e1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.924319] ================================================================== [ 13.925671] ================================================================== [ 13.926878] BUG: KASAN: use-after-free in strcmp+0x26/0x60 [ 13.927788] Read of size 1 at addr ffff8881044e1610 by task kunit_try_catch/331 [ 13.929011] [ 13.929275] CPU: 2 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.930839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.932223] Call Trace: [ 13.932658] <TASK> [ 13.933022] dump_stack_lvl+0x4d/0x66 [ 13.933635] print_report+0x17a/0x471 [ 13.934249] ? kasan_complete_mode_report_info+0x80/0x210 [ 13.935140] ? strcmp+0x26/0x60 [ 13.935676] kasan_report+0xb4/0x140 [ 13.936279] ? strcmp+0x26/0x60 [ 13.936818] __asan_load1+0x66/0x70 [ 13.937401] strcmp+0x26/0x60 [ 13.937877] kasan_strings+0x15f/0x500 [ 13.938503] ? __pfx_kasan_strings+0x10/0x10 [ 13.939219] ? __kasan_check_write+0x18/0x20 [ 13.939932] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.940714] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.941537] ? trace_preempt_on+0x2e/0xf0 [ 13.942210] ? __kthread_parkme+0x4f/0xd0 [ 13.942879] kunit_try_run_case+0x95/0xd0 [ 13.943552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.944344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.945356] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.946259] kthread+0x17d/0x1b0 [ 13.946814] ? __pfx_kthread+0x10/0x10 [ 13.947447] ret_from_fork+0x2c/0x50 [ 13.948048] </TASK> [ 13.948437] [ 13.948696] Allocated by task 331: [ 13.949260] kasan_save_stack+0x2a/0x60 [ 13.949897] kasan_set_track+0x29/0x40 [ 13.950520] kasan_save_alloc_info+0x22/0x30 [ 13.951227] __kasan_kmalloc+0xb8/0xc0 [ 13.951850] kmalloc_trace+0x4e/0xb0 [ 13.952481] kasan_strings+0x9d/0x500 [ 13.953285] kunit_try_run_case+0x95/0xd0 [ 13.954169] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.955257] kthread+0x17d/0x1b0 [ 13.955803] ret_from_fork+0x2c/0x50 [ 13.956421] [ 13.956687] Freed by task 331: [ 13.957298] kasan_save_stack+0x2a/0x60 [ 13.957956] kasan_set_track+0x29/0x40 [ 13.958588] kasan_save_free_info+0x32/0x50 [ 13.959284] ____kasan_slab_free+0x174/0x1e0 [ 13.959999] __kasan_slab_free+0x16/0x20 [ 13.960771] __kmem_cache_free+0x18e/0x300 [ 13.961678] kfree+0x7d/0x120 [ 13.962336] kasan_strings+0xc1/0x500 [ 13.963141] kunit_try_run_case+0x95/0xd0 [ 13.963818] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 13.964705] kthread+0x17d/0x1b0 [ 13.965213] ret_from_fork+0x2c/0x50 [ 13.965769] [ 13.966014] The buggy address belongs to the object at ffff8881044e1600 [ 13.966014] which belongs to the cache kmalloc-32 of size 32 [ 13.967875] The buggy address is located 16 bytes inside of [ 13.967875] 32-byte region [ffff8881044e1600, ffff8881044e1620) [ 13.969564] [ 13.969800] The buggy address belongs to the physical page: [ 13.970617] page:00000000e0a1c7c6 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044e1 [ 13.971980] flags: 0x200000000000200(slab|node=0|zone=2) [ 13.972777] raw: 0200000000000200 ffff888100042500 dead000000000122 0000000000000000 [ 13.973902] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 13.975025] page dumped because: kasan: bad access detected [ 13.975841] [ 13.976074] Memory state around the buggy address: [ 13.976801] ffff8881044e1500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.977852] ffff8881044e1580: 00 00 07 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.978948] >ffff8881044e1600: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.979995] ^ [ 13.980559] ffff8881044e1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.981611] ffff8881044e1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.982660] ================================================================== [ 13.983744] ================================================================== [ 13.984810] BUG: KASAN: use-after-free in strncmp+0x36/0x80 [ 13.985629] Read of size 1 at addr ffff8881044e1610 by task kunit_try_catch/331 [ 13.986692] [ 13.986926] CPU: 2 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 13.988315] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 13.990068] Call Trace: [ 13.990596] <TASK> [ 13.991029] dump_stack_lvl+0x4d/0x66 [ 13.991622] print_report+0x17a/0x471 [ 13.992212] ? kasan_complete_mode_report_info+0x80/0x210 [ 13.993080] ? strncmp+0x36/0x80 [ 13.993601] kasan_report+0xb4/0x140 [ 13.994176] ? strncmp+0x36/0x80 [ 13.994699] __asan_load1+0x66/0x70 [ 13.995265] strncmp+0x36/0x80 [ 13.995761] kasan_strings+0x1a5/0x500 [ 13.996380] ? __pfx_kasan_strings+0x10/0x10 [ 13.997285] ? __kasan_check_write+0x18/0x20 [ 13.998214] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.999113] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 13.999846] ? trace_preempt_on+0x2e/0xf0 [ 14.000545] ? __kthread_parkme+0x4f/0xd0 [ 14.001153] kunit_try_run_case+0x95/0xd0 [ 14.001751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.002452] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.003342] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.004139] kthread+0x17d/0x1b0 [ 14.004635] ? __pfx_kthread+0x10/0x10 [ 14.005193] ret_from_fork+0x2c/0x50 [ 14.005728] </TASK> [ 14.006059] [ 14.006314] Allocated by task 331: [ 14.006843] kasan_save_stack+0x2a/0x60 [ 14.007412] kasan_set_track+0x29/0x40 [ 14.007968] kasan_save_alloc_info+0x22/0x30 [ 14.008613] __kasan_kmalloc+0xb8/0xc0 [ 14.009168] kmalloc_trace+0x4e/0xb0 [ 14.009699] kasan_strings+0x9d/0x500 [ 14.010241] kunit_try_run_case+0x95/0xd0 [ 14.010835] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.011623] kthread+0x17d/0x1b0 [ 14.012103] ret_from_fork+0x2c/0x50 [ 14.012652] [ 14.012884] Freed by task 331: [ 14.013338] kasan_save_stack+0x2a/0x60 [ 14.013908] kasan_set_track+0x29/0x40 [ 14.014464] kasan_save_free_info+0x32/0x50 [ 14.015083] ____kasan_slab_free+0x174/0x1e0 [ 14.015716] __kasan_slab_free+0x16/0x20 [ 14.016297] __kmem_cache_free+0x18e/0x300 [ 14.016910] kfree+0x7d/0x120 [ 14.017352] kasan_strings+0xc1/0x500 [ 14.017893] kunit_try_run_case+0x95/0xd0 [ 14.018482] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.019268] kthread+0x17d/0x1b0 [ 14.019749] ret_from_fork+0x2c/0x50 [ 14.020277] [ 14.020526] The buggy address belongs to the object at ffff8881044e1600 [ 14.020526] which belongs to the cache kmalloc-32 of size 32 [ 14.022308] The buggy address is located 16 bytes inside of [ 14.022308] 32-byte region [ffff8881044e1600, ffff8881044e1620) [ 14.023977] [ 14.024210] The buggy address belongs to the physical page: [ 14.025034] page:00000000e0a1c7c6 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044e1 [ 14.026394] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.027173] raw: 0200000000000200 ffff888100042500 dead000000000122 0000000000000000 [ 14.028294] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 14.029894] page dumped because: kasan: bad access detected [ 14.031023] [ 14.031277] Memory state around the buggy address: [ 14.032043] ffff8881044e1500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.033186] ffff8881044e1580: 00 00 07 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.034323] >ffff8881044e1600: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.035451] ^ [ 14.036049] ffff8881044e1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.037207] ffff8881044e1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.038339] ================================================================== [ 14.039503] ================================================================== [ 14.040805] BUG: KASAN: use-after-free in strlen+0x13/0x50 [ 14.041964] Read of size 1 at addr ffff8881044e1610 by task kunit_try_catch/331 [ 14.043307] [ 14.043551] CPU: 2 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.044958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.046172] Call Trace: [ 14.046546] <TASK> [ 14.046869] dump_stack_lvl+0x4d/0x66 [ 14.047417] print_report+0x17a/0x471 [ 14.047965] ? kasan_complete_mode_report_info+0x80/0x210 [ 14.048771] ? strlen+0x13/0x50 [ 14.049245] kasan_report+0xb4/0x140 [ 14.049780] ? strlen+0x13/0x50 [ 14.050254] __asan_load1+0x66/0x70 [ 14.050779] strlen+0x13/0x50 [ 14.051229] kasan_strings+0x1df/0x500 [ 14.051789] ? __pfx_kasan_strings+0x10/0x10 [ 14.052431] ? __kasan_check_write+0x18/0x20 [ 14.053062] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.053752] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.054491] ? trace_preempt_on+0x2e/0xf0 [ 14.055088] ? __kthread_parkme+0x4f/0xd0 [ 14.055683] kunit_try_run_case+0x95/0xd0 [ 14.056279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.056997] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.057895] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.058690] kthread+0x17d/0x1b0 [ 14.059175] ? __pfx_kthread+0x10/0x10 [ 14.059734] ret_from_fork+0x2c/0x50 [ 14.060272] </TASK> [ 14.060615] [ 14.060849] Allocated by task 331: [ 14.061354] kasan_save_stack+0x2a/0x60 [ 14.061926] kasan_set_track+0x29/0x40 [ 14.062490] kasan_save_alloc_info+0x22/0x30 [ 14.063126] __kasan_kmalloc+0xb8/0xc0 [ 14.063684] kmalloc_trace+0x4e/0xb0 [ 14.064217] kasan_strings+0x9d/0x500 [ 14.064977] kunit_try_run_case+0x95/0xd0 [ 14.065841] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.066952] kthread+0x17d/0x1b0 [ 14.067474] ret_from_fork+0x2c/0x50 [ 14.068049] [ 14.068298] Freed by task 331: [ 14.068802] kasan_save_stack+0x2a/0x60 [ 14.069414] kasan_set_track+0x29/0x40 [ 14.070013] kasan_save_free_info+0x32/0x50 [ 14.070684] ____kasan_slab_free+0x174/0x1e0 [ 14.071368] __kasan_slab_free+0x16/0x20 [ 14.071997] __kmem_cache_free+0x18e/0x300 [ 14.072780] kfree+0x7d/0x120 [ 14.073417] kasan_strings+0xc1/0x500 [ 14.074211] kunit_try_run_case+0x95/0xd0 [ 14.075012] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.075814] kthread+0x17d/0x1b0 [ 14.076298] ret_from_fork+0x2c/0x50 [ 14.076846] [ 14.077080] The buggy address belongs to the object at ffff8881044e1600 [ 14.077080] which belongs to the cache kmalloc-32 of size 32 [ 14.078902] The buggy address is located 16 bytes inside of [ 14.078902] 32-byte region [ffff8881044e1600, ffff8881044e1620) [ 14.080604] [ 14.080841] The buggy address belongs to the physical page: [ 14.081667] page:00000000e0a1c7c6 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044e1 [ 14.083038] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.083824] raw: 0200000000000200 ffff888100042500 dead000000000122 0000000000000000 [ 14.084967] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 14.086097] page dumped because: kasan: bad access detected [ 14.086916] [ 14.087151] Memory state around the buggy address: [ 14.087859] ffff8881044e1500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.088935] ffff8881044e1580: 00 00 07 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.089991] >ffff8881044e1600: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.091048] ^ [ 14.091607] ffff8881044e1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.092675] ffff8881044e1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.093731] ================================================================== [ 14.094831] ================================================================== [ 14.095900] BUG: KASAN: use-after-free in strnlen+0x31/0x50 [ 14.096735] Read of size 1 at addr ffff8881044e1610 by task kunit_try_catch/331 [ 14.097809] [ 14.098044] CPU: 2 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.099443] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.100827] Call Trace: [ 14.101361] <TASK> [ 14.101831] dump_stack_lvl+0x4d/0x66 [ 14.102614] print_report+0x17a/0x471 [ 14.103280] ? kasan_complete_mode_report_info+0x80/0x210 [ 14.104141] ? strnlen+0x31/0x50 [ 14.104679] kasan_report+0xb4/0x140 [ 14.105258] ? strnlen+0x31/0x50 [ 14.105811] __asan_load1+0x66/0x70 [ 14.106389] strnlen+0x31/0x50 [ 14.106881] kasan_strings+0x21e/0x500 [ 14.107478] ? __pfx_kasan_strings+0x10/0x10 [ 14.108151] ? __kasan_check_write+0x18/0x20 [ 14.109014] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.110005] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.111036] ? trace_preempt_on+0x2e/0xf0 [ 14.111648] ? __kthread_parkme+0x4f/0xd0 [ 14.112246] kunit_try_run_case+0x95/0xd0 [ 14.112858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.113557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.114453] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.115300] kthread+0x17d/0x1b0 [ 14.115788] ? __pfx_kthread+0x10/0x10 [ 14.116360] ret_from_fork+0x2c/0x50 [ 14.116907] </TASK> [ 14.117240] [ 14.117474] Allocated by task 331: [ 14.117982] kasan_save_stack+0x2a/0x60 [ 14.118553] kasan_set_track+0x29/0x40 [ 14.119113] kasan_save_alloc_info+0x22/0x30 [ 14.119750] __kasan_kmalloc+0xb8/0xc0 [ 14.120307] kmalloc_trace+0x4e/0xb0 [ 14.120862] kasan_strings+0x9d/0x500 [ 14.121411] kunit_try_run_case+0x95/0xd0 [ 14.122011] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.122810] kthread+0x17d/0x1b0 [ 14.123297] ret_from_fork+0x2c/0x50 [ 14.123840] [ 14.124074] Freed by task 331: [ 14.124544] kasan_save_stack+0x2a/0x60 [ 14.125118] kasan_set_track+0x29/0x40 [ 14.125682] kasan_save_free_info+0x32/0x50 [ 14.126309] ____kasan_slab_free+0x174/0x1e0 [ 14.126947] __kasan_slab_free+0x16/0x20 [ 14.127536] __kmem_cache_free+0x18e/0x300 [ 14.128149] kfree+0x7d/0x120 [ 14.128615] kasan_strings+0xc1/0x500 [ 14.129221] kunit_try_run_case+0x95/0xd0 [ 14.129882] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.130734] kthread+0x17d/0x1b0 [ 14.131252] ret_from_fork+0x2c/0x50 [ 14.131825] [ 14.132075] The buggy address belongs to the object at ffff8881044e1600 [ 14.132075] which belongs to the cache kmalloc-32 of size 32 [ 14.134011] The buggy address is located 16 bytes inside of [ 14.134011] 32-byte region [ffff8881044e1600, ffff8881044e1620) [ 14.135811] [ 14.136062] The buggy address belongs to the physical page: [ 14.136958] page:00000000e0a1c7c6 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044e1 [ 14.138424] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.139282] raw: 0200000000000200 ffff888100042500 dead000000000122 0000000000000000 [ 14.140565] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 14.142170] page dumped because: kasan: bad access detected [ 14.143243] [ 14.143496] Memory state around the buggy address: [ 14.144256] ffff8881044e1500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.145417] ffff8881044e1580: 00 00 07 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.146561] >ffff8881044e1600: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.147692] ^ [ 14.148289] ffff8881044e1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.149810] ffff8881044e1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.151196] ================================================================== [ 14.152339] ok 45 - kasan_strings [ 14.152761] ================================================================== [ 14.156653] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 14.159431] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.161924] [ 14.162370] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.165002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.167293] Call Trace: [ 14.167996] <TASK> [ 14.168618] dump_stack_lvl+0x4d/0x66 [ 14.169657] print_report+0x17a/0x471 [ 14.170698] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.172363] ? kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 14.173680] kasan_report+0xb4/0x140 [ 14.174259] ? kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 14.175107] kasan_check_range+0x3e/0x1d0 [ 14.175744] __kasan_check_write+0x18/0x20 [ 14.178215] kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 14.180117] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.182449] ? kasan_set_track+0x29/0x40 [ 14.183821] ? kasan_save_alloc_info+0x22/0x30 [ 14.185514] ? __kasan_kmalloc+0xb8/0xc0 [ 14.186479] kasan_bitops_generic+0xa5/0x120 [ 14.187491] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.188679] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.189864] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.191061] ? trace_preempt_on+0x2e/0xf0 [ 14.192012] ? __kthread_parkme+0x4f/0xd0 [ 14.193021] kunit_try_run_case+0x95/0xd0 [ 14.194016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.195120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.196577] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.197826] kthread+0x17d/0x1b0 [ 14.198328] ? __pfx_kthread+0x10/0x10 [ 14.198906] ret_from_fork+0x2c/0x50 [ 14.199490] </TASK> [ 14.199839] [ 14.200081] Allocated by task 332: [ 14.200630] kasan_save_stack+0x2a/0x60 [ 14.201226] kasan_set_track+0x29/0x40 [ 14.201820] kasan_save_alloc_info+0x22/0x30 [ 14.202474] __kasan_kmalloc+0xb8/0xc0 [ 14.203046] kmalloc_trace+0x4e/0xb0 [ 14.203595] kasan_bitops_generic+0x8a/0x120 [ 14.204245] kunit_try_run_case+0x95/0xd0 [ 14.204921] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.205785] kthread+0x17d/0x1b0 [ 14.206283] ret_from_fork+0x2c/0x50 [ 14.206831] [ 14.207071] The buggy address belongs to the object at ffff8881015fe900 [ 14.207071] which belongs to the cache kmalloc-16 of size 16 [ 14.208998] The buggy address is located 8 bytes inside of [ 14.208998] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.210836] [ 14.211075] The buggy address belongs to the physical page: [ 14.211995] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.213581] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.214409] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.215553] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.216734] page dumped because: kasan: bad access detected [ 14.217657] [ 14.217889] Memory state around the buggy address: [ 14.218588] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.219631] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.220722] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.221881] ^ [ 14.222445] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.223584] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.224769] ================================================================== [ 14.226051] ================================================================== [ 14.227216] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 14.228463] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.229657] [ 14.229916] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.231477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.232860] Call Trace: [ 14.233284] <TASK> [ 14.233652] dump_stack_lvl+0x4d/0x66 [ 14.234254] print_report+0x17a/0x471 [ 14.234877] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.235782] ? kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 14.236679] kasan_report+0xb4/0x140 [ 14.237274] ? kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 14.238156] kasan_check_range+0x3e/0x1d0 [ 14.238837] __kasan_check_write+0x18/0x20 [ 14.239513] kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 14.240396] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.241362] ? kasan_set_track+0x29/0x40 [ 14.242005] ? kasan_save_alloc_info+0x22/0x30 [ 14.242743] ? __kasan_kmalloc+0xb8/0xc0 [ 14.243417] kasan_bitops_generic+0xa5/0x120 [ 14.244133] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.244967] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.245740] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.246573] ? trace_preempt_on+0x2e/0xf0 [ 14.247247] ? __kthread_parkme+0x4f/0xd0 [ 14.247872] kunit_try_run_case+0x95/0xd0 [ 14.248528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.249294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.250276] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.251158] kthread+0x17d/0x1b0 [ 14.251696] ? __pfx_kthread+0x10/0x10 [ 14.252338] ret_from_fork+0x2c/0x50 [ 14.252936] </TASK> [ 14.253307] [ 14.253564] Allocated by task 332: [ 14.254128] kasan_save_stack+0x2a/0x60 [ 14.254768] kasan_set_track+0x29/0x40 [ 14.255387] kasan_save_alloc_info+0x22/0x30 [ 14.256043] __kasan_kmalloc+0xb8/0xc0 [ 14.256674] kmalloc_trace+0x4e/0xb0 [ 14.257314] kasan_bitops_generic+0x8a/0x120 [ 14.258042] kunit_try_run_case+0x95/0xd0 [ 14.258722] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.259618] kthread+0x17d/0x1b0 [ 14.260158] ret_from_fork+0x2c/0x50 [ 14.260777] [ 14.261037] The buggy address belongs to the object at ffff8881015fe900 [ 14.261037] which belongs to the cache kmalloc-16 of size 16 [ 14.263062] The buggy address is located 8 bytes inside of [ 14.263062] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.264932] [ 14.265189] The buggy address belongs to the physical page: [ 14.266088] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.267607] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.268533] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.269795] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.271075] page dumped because: kasan: bad access detected [ 14.271993] [ 14.272254] Memory state around the buggy address: [ 14.273064] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.274237] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.275444] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.276638] ^ [ 14.277217] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.278393] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.279563] ================================================================== [ 14.280764] ================================================================== [ 14.281971] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 14.283327] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.284556] [ 14.284818] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.286390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.287752] Call Trace: [ 14.288167] <TASK> [ 14.288542] dump_stack_lvl+0x4d/0x66 [ 14.289148] print_report+0x17a/0x471 [ 14.289774] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.290740] ? kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 14.291784] kasan_report+0xb4/0x140 [ 14.292465] ? kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 14.293359] kasan_check_range+0x3e/0x1d0 [ 14.294034] __kasan_check_write+0x18/0x20 [ 14.294763] kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 14.295640] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.296607] ? kasan_set_track+0x29/0x40 [ 14.297275] ? kasan_save_alloc_info+0x22/0x30 [ 14.298040] ? __kasan_kmalloc+0xb8/0xc0 [ 14.298753] kasan_bitops_generic+0xa5/0x120 [ 14.299506] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.300324] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.301099] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.301988] ? trace_preempt_on+0x2e/0xf0 [ 14.302670] ? __kthread_parkme+0x4f/0xd0 [ 14.303350] kunit_try_run_case+0x95/0xd0 [ 14.304022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.304826] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.305848] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.306732] kthread+0x17d/0x1b0 [ 14.307247] ? __pfx_kthread+0x10/0x10 [ 14.307869] ret_from_fork+0x2c/0x50 [ 14.308490] </TASK> [ 14.308842] [ 14.309108] Allocated by task 332: [ 14.309676] kasan_save_stack+0x2a/0x60 [ 14.310312] kasan_set_track+0x29/0x40 [ 14.310942] kasan_save_alloc_info+0x22/0x30 [ 14.311658] __kasan_kmalloc+0xb8/0xc0 [ 14.312284] kmalloc_trace+0x4e/0xb0 [ 14.312897] kasan_bitops_generic+0x8a/0x120 [ 14.313616] kunit_try_run_case+0x95/0xd0 [ 14.314299] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.315190] kthread+0x17d/0x1b0 [ 14.315741] ret_from_fork+0x2c/0x50 [ 14.316369] [ 14.316635] The buggy address belongs to the object at ffff8881015fe900 [ 14.316635] which belongs to the cache kmalloc-16 of size 16 [ 14.318665] The buggy address is located 8 bytes inside of [ 14.318665] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.320553] [ 14.320819] The buggy address belongs to the physical page: [ 14.321786] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.323299] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.324170] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.325456] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.326691] page dumped because: kasan: bad access detected [ 14.327538] [ 14.327779] Memory state around the buggy address: [ 14.328592] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.330120] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.331484] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.332692] ^ [ 14.333268] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.334874] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.336384] ================================================================== [ 14.338128] ================================================================== [ 14.339581] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 14.341255] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.342746] [ 14.343070] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.345131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.346731] Call Trace: [ 14.347236] <TASK> [ 14.347590] dump_stack_lvl+0x4d/0x66 [ 14.348172] print_report+0x17a/0x471 [ 14.348773] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.349930] ? kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 14.351229] kasan_report+0xb4/0x140 [ 14.351919] ? kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 14.352830] kasan_check_range+0x3e/0x1d0 [ 14.353463] __kasan_check_write+0x18/0x20 [ 14.354158] kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 14.355008] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.355940] ? kasan_set_track+0x29/0x40 [ 14.356584] ? kasan_save_alloc_info+0x22/0x30 [ 14.357302] ? __kasan_kmalloc+0xb8/0xc0 [ 14.357938] kasan_bitops_generic+0xa5/0x120 [ 14.358631] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.359411] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.360155] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.361051] ? trace_preempt_on+0x2e/0xf0 [ 14.361743] ? __kthread_parkme+0x4f/0xd0 [ 14.362384] kunit_try_run_case+0x95/0xd0 [ 14.363033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.363794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.364786] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.365649] kthread+0x17d/0x1b0 [ 14.366181] ? __pfx_kthread+0x10/0x10 [ 14.366809] ret_from_fork+0x2c/0x50 [ 14.367391] </TASK> [ 14.367755] [ 14.368009] Allocated by task 332: [ 14.368621] kasan_save_stack+0x2a/0x60 [ 14.369371] kasan_set_track+0x29/0x40 [ 14.370110] kasan_save_alloc_info+0x22/0x30 [ 14.371009] __kasan_kmalloc+0xb8/0xc0 [ 14.371766] kmalloc_trace+0x4e/0xb0 [ 14.372530] kasan_bitops_generic+0x8a/0x120 [ 14.373402] kunit_try_run_case+0x95/0xd0 [ 14.374211] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.375286] kthread+0x17d/0x1b0 [ 14.375880] ret_from_fork+0x2c/0x50 [ 14.376508] [ 14.376771] The buggy address belongs to the object at ffff8881015fe900 [ 14.376771] which belongs to the cache kmalloc-16 of size 16 [ 14.379120] The buggy address is located 8 bytes inside of [ 14.379120] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.381642] [ 14.381953] The buggy address belongs to the physical page: [ 14.383064] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.384946] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.386005] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.387650] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.389231] page dumped because: kasan: bad access detected [ 14.390394] [ 14.390727] Memory state around the buggy address: [ 14.391639] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.393140] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.394630] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.396128] ^ [ 14.396867] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.398347] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.399769] ================================================================== [ 14.401280] ================================================================== [ 14.402517] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 14.403965] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.405224] [ 14.405494] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.407075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.408506] Call Trace: [ 14.408932] <TASK> [ 14.409299] dump_stack_lvl+0x4d/0x66 [ 14.409921] print_report+0x17a/0x471 [ 14.410602] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.411526] ? kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 14.412496] kasan_report+0xb4/0x140 [ 14.413117] ? kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 14.414065] kasan_check_range+0x3e/0x1d0 [ 14.414789] __kasan_check_write+0x18/0x20 [ 14.415523] kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 14.416411] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.417351] ? kasan_set_track+0x29/0x40 [ 14.418009] ? kasan_save_alloc_info+0x22/0x30 [ 14.418780] ? __kasan_kmalloc+0xb8/0xc0 [ 14.419449] kasan_bitops_generic+0xa5/0x120 [ 14.420147] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.421063] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.421832] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.422695] ? trace_preempt_on+0x2e/0xf0 [ 14.423342] ? __kthread_parkme+0x4f/0xd0 [ 14.423990] kunit_try_run_case+0x95/0xd0 [ 14.424662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.425424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.426397] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.427296] kthread+0x17d/0x1b0 [ 14.427828] ? __pfx_kthread+0x10/0x10 [ 14.428445] ret_from_fork+0x2c/0x50 [ 14.428990] </TASK> [ 14.429324] [ 14.429557] Allocated by task 332: [ 14.430064] kasan_save_stack+0x2a/0x60 [ 14.430708] kasan_set_track+0x29/0x40 [ 14.431341] kasan_save_alloc_info+0x22/0x30 [ 14.432046] __kasan_kmalloc+0xb8/0xc0 [ 14.432712] kmalloc_trace+0x4e/0xb0 [ 14.433299] kasan_bitops_generic+0x8a/0x120 [ 14.434000] kunit_try_run_case+0x95/0xd0 [ 14.434658] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.435526] kthread+0x17d/0x1b0 [ 14.436075] ret_from_fork+0x2c/0x50 [ 14.436663] [ 14.436909] The buggy address belongs to the object at ffff8881015fe900 [ 14.436909] which belongs to the cache kmalloc-16 of size 16 [ 14.438832] The buggy address is located 8 bytes inside of [ 14.438832] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.440675] [ 14.440934] The buggy address belongs to the physical page: [ 14.441830] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.443325] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.444185] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.445473] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.446689] page dumped because: kasan: bad access detected [ 14.447587] [ 14.447847] Memory state around the buggy address: [ 14.448639] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.449797] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.450952] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.452112] ^ [ 14.452704] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.453888] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.455156] ================================================================== [ 14.456453] ================================================================== [ 14.457750] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 14.459137] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.460298] [ 14.460574] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.462060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.463424] Call Trace: [ 14.463836] <TASK> [ 14.464200] dump_stack_lvl+0x4d/0x66 [ 14.464842] print_report+0x17a/0x471 [ 14.465454] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.466330] ? kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 14.467251] kasan_report+0xb4/0x140 [ 14.467860] ? kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 14.468827] kasan_check_range+0x3e/0x1d0 [ 14.469526] __kasan_check_write+0x18/0x20 [ 14.470240] kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 14.471161] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.472131] ? kasan_set_track+0x29/0x40 [ 14.472813] ? kasan_save_alloc_info+0x22/0x30 [ 14.473548] ? __kasan_kmalloc+0xb8/0xc0 [ 14.474196] kasan_bitops_generic+0xa5/0x120 [ 14.474928] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.475719] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.476484] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.477273] ? trace_preempt_on+0x2e/0xf0 [ 14.477910] ? __kthread_parkme+0x4f/0xd0 [ 14.478567] kunit_try_run_case+0x95/0xd0 [ 14.479204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.479938] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.480894] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.481777] kthread+0x17d/0x1b0 [ 14.482383] ? __pfx_kthread+0x10/0x10 [ 14.482978] ret_from_fork+0x2c/0x50 [ 14.483547] </TASK> [ 14.483897] [ 14.484143] Allocated by task 332: [ 14.484691] kasan_save_stack+0x2a/0x60 [ 14.485298] kasan_set_track+0x29/0x40 [ 14.485914] kasan_save_alloc_info+0x22/0x30 [ 14.486638] __kasan_kmalloc+0xb8/0xc0 [ 14.487241] kmalloc_trace+0x4e/0xb0 [ 14.487815] kasan_bitops_generic+0x8a/0x120 [ 14.488516] kunit_try_run_case+0x95/0xd0 [ 14.489196] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.490113] kthread+0x17d/0x1b0 [ 14.490690] ret_from_fork+0x2c/0x50 [ 14.491285] [ 14.491546] The buggy address belongs to the object at ffff8881015fe900 [ 14.491546] which belongs to the cache kmalloc-16 of size 16 [ 14.493431] The buggy address is located 8 bytes inside of [ 14.493431] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.495476] [ 14.495759] The buggy address belongs to the physical page: [ 14.496753] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.498365] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.499319] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.500757] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.502089] page dumped because: kasan: bad access detected [ 14.503051] [ 14.503316] Memory state around the buggy address: [ 14.504116] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.505380] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.506615] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.507791] ^ [ 14.508395] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.509572] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.510744] ================================================================== [ 14.511979] ================================================================== [ 14.513201] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 14.514575] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.515787] [ 14.516050] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.517658] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.519060] Call Trace: [ 14.519500] <TASK> [ 14.519866] dump_stack_lvl+0x4d/0x66 [ 14.520526] print_report+0x17a/0x471 [ 14.521157] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.522066] ? kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 14.522983] kasan_report+0xb4/0x140 [ 14.523611] ? kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 14.524542] kasan_check_range+0x3e/0x1d0 [ 14.525222] __kasan_check_write+0x18/0x20 [ 14.525949] kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 14.526882] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.527855] ? kasan_set_track+0x29/0x40 [ 14.528766] ? kasan_save_alloc_info+0x22/0x30 [ 14.529911] ? __kasan_kmalloc+0xb8/0xc0 [ 14.530921] kasan_bitops_generic+0xa5/0x120 [ 14.532017] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.533276] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.534465] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.535715] ? trace_preempt_on+0x2e/0xf0 [ 14.536777] ? __kthread_parkme+0x4f/0xd0 [ 14.537744] kunit_try_run_case+0x95/0xd0 [ 14.538401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.539172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.540151] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.541030] kthread+0x17d/0x1b0 [ 14.541563] ? __pfx_kthread+0x10/0x10 [ 14.542173] ret_from_fork+0x2c/0x50 [ 14.542767] </TASK> [ 14.543131] [ 14.543389] Allocated by task 332: [ 14.543943] kasan_save_stack+0x2a/0x60 [ 14.544698] kasan_set_track+0x29/0x40 [ 14.545485] kasan_save_alloc_info+0x22/0x30 [ 14.546387] __kasan_kmalloc+0xb8/0xc0 [ 14.547079] kmalloc_trace+0x4e/0xb0 [ 14.547650] kasan_bitops_generic+0x8a/0x120 [ 14.548331] kunit_try_run_case+0x95/0xd0 [ 14.549007] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.549861] kthread+0x17d/0x1b0 [ 14.550384] ret_from_fork+0x2c/0x50 [ 14.550960] [ 14.551213] The buggy address belongs to the object at ffff8881015fe900 [ 14.551213] which belongs to the cache kmalloc-16 of size 16 [ 14.553088] The buggy address is located 8 bytes inside of [ 14.553088] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.554741] [ 14.554976] The buggy address belongs to the physical page: [ 14.555789] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.557158] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.557942] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.559064] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.560183] page dumped because: kasan: bad access detected [ 14.561015] [ 14.561247] Memory state around the buggy address: [ 14.561953] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.563002] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.564051] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.565111] ^ [ 14.565629] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.566676] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.567722] ================================================================== [ 14.568848] ================================================================== [ 14.569904] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 14.571094] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.572166] [ 14.572420] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.573804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.575012] Call Trace: [ 14.575381] <TASK> [ 14.575703] dump_stack_lvl+0x4d/0x66 [ 14.576250] print_report+0x17a/0x471 [ 14.576818] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.577612] ? kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 14.578417] kasan_report+0xb4/0x140 [ 14.578951] ? kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 14.579757] kasan_check_range+0x3e/0x1d0 [ 14.580368] __kasan_check_write+0x18/0x20 [ 14.581245] kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 14.582364] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.583398] ? kasan_set_track+0x29/0x40 [ 14.583980] ? kasan_save_alloc_info+0x22/0x30 [ 14.584652] ? __kasan_kmalloc+0xb8/0xc0 [ 14.585236] kasan_bitops_generic+0xa5/0x120 [ 14.585880] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.586595] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.587275] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.588002] ? trace_preempt_on+0x2e/0xf0 [ 14.588612] ? __kthread_parkme+0x4f/0xd0 [ 14.589208] kunit_try_run_case+0x95/0xd0 [ 14.589804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.590497] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.591388] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.592177] kthread+0x17d/0x1b0 [ 14.592668] ? __pfx_kthread+0x10/0x10 [ 14.593223] ret_from_fork+0x2c/0x50 [ 14.593759] </TASK> [ 14.594090] [ 14.594322] Allocated by task 332: [ 14.594824] kasan_save_stack+0x2a/0x60 [ 14.595422] kasan_set_track+0x29/0x40 [ 14.595978] kasan_save_alloc_info+0x22/0x30 [ 14.596631] __kasan_kmalloc+0xb8/0xc0 [ 14.597187] kmalloc_trace+0x4e/0xb0 [ 14.597719] kasan_bitops_generic+0x8a/0x120 [ 14.598352] kunit_try_run_case+0x95/0xd0 [ 14.598946] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.599735] kthread+0x17d/0x1b0 [ 14.600218] ret_from_fork+0x2c/0x50 [ 14.600759] [ 14.600992] The buggy address belongs to the object at ffff8881015fe900 [ 14.600992] which belongs to the cache kmalloc-16 of size 16 [ 14.602766] The buggy address is located 8 bytes inside of [ 14.602766] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.604428] [ 14.604663] The buggy address belongs to the physical page: [ 14.605474] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.606830] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.607611] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.608747] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.609867] page dumped because: kasan: bad access detected [ 14.610676] [ 14.610907] Memory state around the buggy address: [ 14.611611] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.612743] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.613907] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.615062] ^ [ 14.615634] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.617052] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.618551] ================================================================== [ 14.619834] ================================================================== [ 14.620985] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 14.622374] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.623530] [ 14.623785] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.625234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.626443] Call Trace: [ 14.626812] <TASK> [ 14.627133] dump_stack_lvl+0x4d/0x66 [ 14.627679] print_report+0x17a/0x471 [ 14.628227] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.629027] ? kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 14.629930] kasan_report+0xb4/0x140 [ 14.630462] ? kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 14.631362] kasan_check_range+0x3e/0x1d0 [ 14.631955] __kasan_check_write+0x18/0x20 [ 14.632567] kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 14.633442] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.634405] ? kasan_set_track+0x29/0x40 [ 14.634983] ? kasan_save_alloc_info+0x22/0x30 [ 14.635639] ? __kasan_kmalloc+0xb8/0xc0 [ 14.636219] kasan_bitops_generic+0xb0/0x120 [ 14.636868] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.637583] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.638259] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.638985] ? trace_preempt_on+0x2e/0xf0 [ 14.639582] ? __kthread_parkme+0x4f/0xd0 [ 14.640173] kunit_try_run_case+0x95/0xd0 [ 14.640872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.641641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.642626] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.643499] kthread+0x17d/0x1b0 [ 14.644028] ? __pfx_kthread+0x10/0x10 [ 14.644663] ret_from_fork+0x2c/0x50 [ 14.645253] </TASK> [ 14.645623] [ 14.645881] Allocated by task 332: [ 14.646441] kasan_save_stack+0x2a/0x60 [ 14.647071] kasan_set_track+0x29/0x40 [ 14.647686] kasan_save_alloc_info+0x22/0x30 [ 14.648395] __kasan_kmalloc+0xb8/0xc0 [ 14.649009] kmalloc_trace+0x4e/0xb0 [ 14.649599] kasan_bitops_generic+0x8a/0x120 [ 14.650294] kunit_try_run_case+0x95/0xd0 [ 14.650952] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.651821] kthread+0x17d/0x1b0 [ 14.652378] ret_from_fork+0x2c/0x50 [ 14.653162] [ 14.653489] The buggy address belongs to the object at ffff8881015fe900 [ 14.653489] which belongs to the cache kmalloc-16 of size 16 [ 14.655759] The buggy address is located 8 bytes inside of [ 14.655759] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.657568] [ 14.657819] The buggy address belongs to the physical page: [ 14.658693] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.660159] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.661016] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.662139] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.663261] page dumped because: kasan: bad access detected [ 14.664107] [ 14.664360] Memory state around the buggy address: [ 14.665064] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.666111] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.667159] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.668208] ^ [ 14.668736] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.669787] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.670835] ================================================================== [ 14.671917] ================================================================== [ 14.672978] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 14.674265] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.675338] [ 14.675573] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.676972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.678176] Call Trace: [ 14.678631] <TASK> [ 14.678937] dump_stack_lvl+0x4d/0x66 [ 14.679516] print_report+0x17a/0x471 [ 14.680080] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.680906] ? kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 14.681850] kasan_report+0xb4/0x140 [ 14.682409] ? kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 14.683357] kasan_check_range+0x3e/0x1d0 [ 14.683976] __kasan_check_write+0x18/0x20 [ 14.684623] kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 14.685540] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.686529] ? kasan_set_track+0x29/0x40 [ 14.687109] ? kasan_save_alloc_info+0x22/0x30 [ 14.687769] ? __kasan_kmalloc+0xb8/0xc0 [ 14.688361] kasan_bitops_generic+0xb0/0x120 [ 14.688994] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.689712] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.690396] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.691125] ? trace_preempt_on+0x2e/0xf0 [ 14.691722] ? __kthread_parkme+0x4f/0xd0 [ 14.692320] kunit_try_run_case+0x95/0xd0 [ 14.693186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.694178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.695309] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.696100] kthread+0x17d/0x1b0 [ 14.696596] ? __pfx_kthread+0x10/0x10 [ 14.697154] ret_from_fork+0x2c/0x50 [ 14.697690] </TASK> [ 14.698022] [ 14.698254] Allocated by task 332: [ 14.698759] kasan_save_stack+0x2a/0x60 [ 14.699332] kasan_set_track+0x29/0x40 [ 14.699889] kasan_save_alloc_info+0x22/0x30 [ 14.700531] __kasan_kmalloc+0xb8/0xc0 [ 14.701089] kmalloc_trace+0x4e/0xb0 [ 14.701621] kasan_bitops_generic+0x8a/0x120 [ 14.702253] kunit_try_run_case+0x95/0xd0 [ 14.702848] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.703638] kthread+0x17d/0x1b0 [ 14.704124] ret_from_fork+0x2c/0x50 [ 14.704674] [ 14.704908] The buggy address belongs to the object at ffff8881015fe900 [ 14.704908] which belongs to the cache kmalloc-16 of size 16 [ 14.706681] The buggy address is located 8 bytes inside of [ 14.706681] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.708332] [ 14.708576] The buggy address belongs to the physical page: [ 14.709387] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.710747] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.711529] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.712669] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.713792] page dumped because: kasan: bad access detected [ 14.714604] [ 14.714837] Memory state around the buggy address: [ 14.715542] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.716605] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.717654] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.718701] ^ [ 14.719217] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.720260] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.721316] ================================================================== [ 14.722393] ================================================================== [ 14.723518] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 14.724935] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.726097] [ 14.726350] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.727839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.729155] Call Trace: [ 14.729552] <TASK> [ 14.729900] dump_stack_lvl+0x4d/0x66 [ 14.730488] print_report+0x17a/0x471 [ 14.731077] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.731926] ? kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 14.733108] kasan_report+0xb4/0x140 [ 14.733889] ? kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 14.735125] kasan_check_range+0x3e/0x1d0 [ 14.735723] __kasan_check_write+0x18/0x20 [ 14.736329] kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 14.737262] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.738235] ? kasan_set_track+0x29/0x40 [ 14.738825] ? kasan_save_alloc_info+0x22/0x30 [ 14.739484] ? __kasan_kmalloc+0xb8/0xc0 [ 14.740068] kasan_bitops_generic+0xb0/0x120 [ 14.740717] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.741440] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.742121] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.742855] ? trace_preempt_on+0x2e/0xf0 [ 14.743458] ? __kthread_parkme+0x4f/0xd0 [ 14.744051] kunit_try_run_case+0x95/0xd0 [ 14.744662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.745356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.746248] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.747039] kthread+0x17d/0x1b0 [ 14.747522] ? __pfx_kthread+0x10/0x10 [ 14.748079] ret_from_fork+0x2c/0x50 [ 14.748623] </TASK> [ 14.748959] [ 14.749191] Allocated by task 332: [ 14.749695] kasan_save_stack+0x2a/0x60 [ 14.750264] kasan_set_track+0x29/0x40 [ 14.750821] kasan_save_alloc_info+0x22/0x30 [ 14.751453] __kasan_kmalloc+0xb8/0xc0 [ 14.752011] kmalloc_trace+0x4e/0xb0 [ 14.752553] kasan_bitops_generic+0x8a/0x120 [ 14.753183] kunit_try_run_case+0x95/0xd0 [ 14.753778] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.754567] kthread+0x17d/0x1b0 [ 14.755048] ret_from_fork+0x2c/0x50 [ 14.755581] [ 14.755814] The buggy address belongs to the object at ffff8881015fe900 [ 14.755814] which belongs to the cache kmalloc-16 of size 16 [ 14.757596] The buggy address is located 8 bytes inside of [ 14.757596] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.759239] [ 14.759471] The buggy address belongs to the physical page: [ 14.760279] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.761642] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.762425] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.763542] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.764674] page dumped because: kasan: bad access detected [ 14.765483] [ 14.765717] Memory state around the buggy address: [ 14.766420] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.767459] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.768510] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.769552] ^ [ 14.770065] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.771105] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.772143] ================================================================== [ 14.773633] ================================================================== [ 14.775080] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 14.776407] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.777486] [ 14.777721] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.779110] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.780316] Call Trace: [ 14.780695] <TASK> [ 14.781016] dump_stack_lvl+0x4d/0x66 [ 14.781562] print_report+0x17a/0x471 [ 14.782109] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.782901] ? kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 14.783820] kasan_report+0xb4/0x140 [ 14.784371] ? kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 14.785293] kasan_check_range+0x3e/0x1d0 [ 14.785891] __kasan_check_write+0x18/0x20 [ 14.786500] kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 14.787393] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.788371] ? kasan_set_track+0x29/0x40 [ 14.788955] ? kasan_save_alloc_info+0x22/0x30 [ 14.789613] ? __kasan_kmalloc+0xb8/0xc0 [ 14.790200] kasan_bitops_generic+0xb0/0x120 [ 14.790836] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.791556] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.792239] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.792986] ? trace_preempt_on+0x2e/0xf0 [ 14.793584] ? __kthread_parkme+0x4f/0xd0 [ 14.794182] kunit_try_run_case+0x95/0xd0 [ 14.794781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.795477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.796384] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.797174] kthread+0x17d/0x1b0 [ 14.797656] ? __pfx_kthread+0x10/0x10 [ 14.798212] ret_from_fork+0x2c/0x50 [ 14.798745] </TASK> [ 14.799080] [ 14.799312] Allocated by task 332: [ 14.799817] kasan_save_stack+0x2a/0x60 [ 14.800403] kasan_set_track+0x29/0x40 [ 14.800962] kasan_save_alloc_info+0x22/0x30 [ 14.801599] __kasan_kmalloc+0xb8/0xc0 [ 14.802157] kmalloc_trace+0x4e/0xb0 [ 14.802689] kasan_bitops_generic+0x8a/0x120 [ 14.803320] kunit_try_run_case+0x95/0xd0 [ 14.803916] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.804718] kthread+0x17d/0x1b0 [ 14.805200] ret_from_fork+0x2c/0x50 [ 14.805782] [ 14.806044] The buggy address belongs to the object at ffff8881015fe900 [ 14.806044] which belongs to the cache kmalloc-16 of size 16 [ 14.808012] The buggy address is located 8 bytes inside of [ 14.808012] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.809853] [ 14.810112] The buggy address belongs to the physical page: [ 14.811010] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.812520] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.813390] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.814621] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.815845] page dumped because: kasan: bad access detected [ 14.816899] [ 14.817222] Memory state around the buggy address: [ 14.818065] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.819151] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.820204] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.821290] ^ [ 14.821814] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.822864] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.823914] ================================================================== [ 14.825012] ================================================================== [ 14.826069] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 14.827409] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.828493] [ 14.828728] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.830111] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.831322] Call Trace: [ 14.831692] <TASK> [ 14.832013] dump_stack_lvl+0x4d/0x66 [ 14.832577] print_report+0x17a/0x471 [ 14.833126] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.833917] ? kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 14.834836] kasan_report+0xb4/0x140 [ 14.835372] ? kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 14.836293] kasan_check_range+0x3e/0x1d0 [ 14.837091] __kasan_check_write+0x18/0x20 [ 14.837942] kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 14.839148] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.840485] ? kasan_set_track+0x29/0x40 [ 14.841164] ? kasan_save_alloc_info+0x22/0x30 [ 14.841859] ? __kasan_kmalloc+0xb8/0xc0 [ 14.842476] kasan_bitops_generic+0xb0/0x120 [ 14.843139] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.843861] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.844557] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.845288] ? trace_preempt_on+0x2e/0xf0 [ 14.845885] ? __kthread_parkme+0x4f/0xd0 [ 14.846484] kunit_try_run_case+0x95/0xd0 [ 14.847083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.847780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.848685] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.849480] kthread+0x17d/0x1b0 [ 14.849965] ? __pfx_kthread+0x10/0x10 [ 14.850527] ret_from_fork+0x2c/0x50 [ 14.851063] </TASK> [ 14.851396] [ 14.851630] Allocated by task 332: [ 14.852137] kasan_save_stack+0x2a/0x60 [ 14.852857] kasan_set_track+0x29/0x40 [ 14.853480] kasan_save_alloc_info+0x22/0x30 [ 14.854186] __kasan_kmalloc+0xb8/0xc0 [ 14.854806] kmalloc_trace+0x4e/0xb0 [ 14.855392] kasan_bitops_generic+0x8a/0x120 [ 14.856091] kunit_try_run_case+0x95/0xd0 [ 14.856766] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.857646] kthread+0x17d/0x1b0 [ 14.858177] ret_from_fork+0x2c/0x50 [ 14.858764] [ 14.859021] The buggy address belongs to the object at ffff8881015fe900 [ 14.859021] which belongs to the cache kmalloc-16 of size 16 [ 14.860994] The buggy address is located 8 bytes inside of [ 14.860994] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.862812] [ 14.863069] The buggy address belongs to the physical page: [ 14.863965] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.865501] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.866341] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.867541] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.868756] page dumped because: kasan: bad access detected [ 14.869625] [ 14.869875] Memory state around the buggy address: [ 14.870625] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.871745] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.872878] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.873995] ^ [ 14.874547] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.875663] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.876789] ================================================================== [ 14.877941] ================================================================== [ 14.879074] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 14.880511] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.881940] [ 14.882264] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.884119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.885617] Call Trace: [ 14.885990] <TASK> [ 14.886313] dump_stack_lvl+0x4d/0x66 [ 14.886862] print_report+0x17a/0x471 [ 14.887411] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.888203] ? kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 14.889130] kasan_report+0xb4/0x140 [ 14.889666] ? kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 14.890586] kasan_check_range+0x3e/0x1d0 [ 14.891233] __kasan_check_write+0x18/0x20 [ 14.891890] kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 14.892837] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.893807] ? kasan_set_track+0x29/0x40 [ 14.894392] ? kasan_save_alloc_info+0x22/0x30 [ 14.895050] ? __kasan_kmalloc+0xb8/0xc0 [ 14.895635] kasan_bitops_generic+0xb0/0x120 [ 14.896270] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.896997] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.897684] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.898412] ? trace_preempt_on+0x2e/0xf0 [ 14.899007] ? __kthread_parkme+0x4f/0xd0 [ 14.899602] kunit_try_run_case+0x95/0xd0 [ 14.900197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.900907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.901796] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.902587] kthread+0x17d/0x1b0 [ 14.903070] ? __pfx_kthread+0x10/0x10 [ 14.903628] ret_from_fork+0x2c/0x50 [ 14.904166] </TASK> [ 14.904514] [ 14.904748] Allocated by task 332: [ 14.905255] kasan_save_stack+0x2a/0x60 [ 14.905825] kasan_set_track+0x29/0x40 [ 14.906382] kasan_save_alloc_info+0x22/0x30 [ 14.907012] __kasan_kmalloc+0xb8/0xc0 [ 14.907570] kmalloc_trace+0x4e/0xb0 [ 14.908100] kasan_bitops_generic+0x8a/0x120 [ 14.908742] kunit_try_run_case+0x95/0xd0 [ 14.909335] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.910124] kthread+0x17d/0x1b0 [ 14.910604] ret_from_fork+0x2c/0x50 [ 14.911135] [ 14.911372] The buggy address belongs to the object at ffff8881015fe900 [ 14.911372] which belongs to the cache kmalloc-16 of size 16 [ 14.913154] The buggy address is located 8 bytes inside of [ 14.913154] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.914805] [ 14.915038] The buggy address belongs to the physical page: [ 14.915849] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.917528] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.918593] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.920165] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.921303] page dumped because: kasan: bad access detected [ 14.922123] [ 14.922357] Memory state around the buggy address: [ 14.923062] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.924109] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.925165] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.926238] ^ [ 14.926759] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.927811] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.928876] ================================================================== [ 14.929971] ================================================================== [ 14.931032] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 14.932326] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.933413] [ 14.933647] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.935025] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.936232] Call Trace: [ 14.936670] <TASK> [ 14.937029] dump_stack_lvl+0x4d/0x66 [ 14.937642] print_report+0x17a/0x471 [ 14.938245] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.939125] ? kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 14.940136] kasan_report+0xb4/0x140 [ 14.940745] ? kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 14.941764] kasan_check_range+0x3e/0x1d0 [ 14.942437] __kasan_check_write+0x18/0x20 [ 14.943104] kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 14.944094] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.945186] ? kasan_set_track+0x29/0x40 [ 14.945834] ? kasan_save_alloc_info+0x22/0x30 [ 14.946564] ? __kasan_kmalloc+0xb8/0xc0 [ 14.947212] kasan_bitops_generic+0xb0/0x120 [ 14.947909] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.948729] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.949490] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 14.950298] ? trace_preempt_on+0x2e/0xf0 [ 14.950964] ? __kthread_parkme+0x4f/0xd0 [ 14.951625] kunit_try_run_case+0x95/0xd0 [ 14.952283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.953063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.954051] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.954929] kthread+0x17d/0x1b0 [ 14.955464] ? __pfx_kthread+0x10/0x10 [ 14.956077] ret_from_fork+0x2c/0x50 [ 14.956780] </TASK> [ 14.957192] [ 14.957481] Allocated by task 332: [ 14.958109] kasan_save_stack+0x2a/0x60 [ 14.958855] kasan_set_track+0x29/0x40 [ 14.959548] kasan_save_alloc_info+0x22/0x30 [ 14.960365] __kasan_kmalloc+0xb8/0xc0 [ 14.961119] kmalloc_trace+0x4e/0xb0 [ 14.961807] kasan_bitops_generic+0x8a/0x120 [ 14.962654] kunit_try_run_case+0x95/0xd0 [ 14.963464] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 14.964550] kthread+0x17d/0x1b0 [ 14.965092] ret_from_fork+0x2c/0x50 [ 14.965722] [ 14.966042] The buggy address belongs to the object at ffff8881015fe900 [ 14.966042] which belongs to the cache kmalloc-16 of size 16 [ 14.968075] The buggy address is located 8 bytes inside of [ 14.968075] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 14.970453] [ 14.970812] The buggy address belongs to the physical page: [ 14.971709] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 14.973205] flags: 0x200000000000200(slab|node=0|zone=2) [ 14.974052] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 14.975276] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 14.976517] page dumped because: kasan: bad access detected [ 14.977399] [ 14.977653] Memory state around the buggy address: [ 14.978412] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 14.979551] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.980706] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.981842] ^ [ 14.982402] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.983542] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.984710] ================================================================== [ 14.985889] ================================================================== [ 14.987032] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 14.988451] Read of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 14.989608] [ 14.989861] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 14.991365] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 14.992697] Call Trace: [ 14.993098] <TASK> [ 14.993445] dump_stack_lvl+0x4d/0x66 [ 14.994033] print_report+0x17a/0x471 [ 14.994718] ? kasan_complete_mode_report_info+0x40/0x210 [ 14.995628] ? kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 14.996733] kasan_report+0xb4/0x140 [ 14.997353] ? kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 14.998358] kasan_check_range+0x3e/0x1d0 [ 14.999008] __kasan_check_read+0x15/0x20 [ 14.999698] kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 15.000683] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.001728] ? kasan_set_track+0x29/0x40 [ 15.002357] ? kasan_save_alloc_info+0x22/0x30 [ 15.003064] ? __kasan_kmalloc+0xb8/0xc0 [ 15.003695] kasan_bitops_generic+0xb0/0x120 [ 15.004412] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.005192] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.005932] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 15.006720] ? trace_preempt_on+0x2e/0xf0 [ 15.007363] ? __kthread_parkme+0x4f/0xd0 [ 15.008006] kunit_try_run_case+0x95/0xd0 [ 15.008848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.009627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.010634] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.011515] kthread+0x17d/0x1b0 [ 15.012052] ? __pfx_kthread+0x10/0x10 [ 15.012688] ret_from_fork+0x2c/0x50 [ 15.013291] </TASK> [ 15.013661] [ 15.013919] Allocated by task 332: [ 15.014492] kasan_save_stack+0x2a/0x60 [ 15.015127] kasan_set_track+0x29/0x40 [ 15.015755] kasan_save_alloc_info+0x22/0x30 [ 15.016480] __kasan_kmalloc+0xb8/0xc0 [ 15.017100] kmalloc_trace+0x4e/0xb0 [ 15.017691] kasan_bitops_generic+0x8a/0x120 [ 15.018393] kunit_try_run_case+0x95/0xd0 [ 15.019049] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.019929] kthread+0x17d/0x1b0 [ 15.020479] ret_from_fork+0x2c/0x50 [ 15.021067] [ 15.021325] The buggy address belongs to the object at ffff8881015fe900 [ 15.021325] which belongs to the cache kmalloc-16 of size 16 [ 15.023278] The buggy address is located 8 bytes inside of [ 15.023278] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 15.025114] [ 15.025373] The buggy address belongs to the physical page: [ 15.026265] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 15.027758] flags: 0x200000000000200(slab|node=0|zone=2) [ 15.028639] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 15.029879] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 15.031117] page dumped because: kasan: bad access detected [ 15.032013] [ 15.032269] Memory state around the buggy address: [ 15.033053] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 15.034222] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.035379] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.036554] ^ [ 15.037126] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.038279] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.039434] ================================================================== [ 15.040645] ================================================================== [ 15.041817] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 15.043248] Read of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 15.044434] [ 15.044694] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 15.046219] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 15.047556] Call Trace: [ 15.047962] <TASK> [ 15.048315] dump_stack_lvl+0x4d/0x66 [ 15.048931] print_report+0x17a/0x471 [ 15.049536] ? kasan_complete_mode_report_info+0x40/0x210 [ 15.050407] ? kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 15.051428] kasan_report+0xb4/0x140 [ 15.052019] ? kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 15.053057] __asan_load8+0x82/0xb0 [ 15.053636] kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 15.054620] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.055686] ? kasan_set_track+0x29/0x40 [ 15.056330] ? kasan_save_alloc_info+0x22/0x30 [ 15.057070] ? __kasan_kmalloc+0xb8/0xc0 [ 15.057713] kasan_bitops_generic+0xb0/0x120 [ 15.058408] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.059197] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.059951] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 15.060779] ? trace_preempt_on+0x2e/0xf0 [ 15.061438] ? __kthread_parkme+0x4f/0xd0 [ 15.062093] kunit_try_run_case+0x95/0xd0 [ 15.062758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.063529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.064524] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.065399] kthread+0x17d/0x1b0 [ 15.065932] ? __pfx_kthread+0x10/0x10 [ 15.066555] ret_from_fork+0x2c/0x50 [ 15.067146] </TASK> [ 15.067511] [ 15.067766] Allocated by task 332: [ 15.068320] kasan_save_stack+0x2a/0x60 [ 15.068965] kasan_set_track+0x29/0x40 [ 15.069583] kasan_save_alloc_info+0x22/0x30 [ 15.070277] __kasan_kmalloc+0xb8/0xc0 [ 15.070897] kmalloc_trace+0x4e/0xb0 [ 15.071484] kasan_bitops_generic+0x8a/0x120 [ 15.072178] kunit_try_run_case+0x95/0xd0 [ 15.072855] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.073729] kthread+0x17d/0x1b0 [ 15.074259] ret_from_fork+0x2c/0x50 [ 15.074846] [ 15.075103] The buggy address belongs to the object at ffff8881015fe900 [ 15.075103] which belongs to the cache kmalloc-16 of size 16 [ 15.077064] The buggy address is located 8 bytes inside of [ 15.077064] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 15.078866] [ 15.079123] The buggy address belongs to the physical page: [ 15.080016] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 15.081535] flags: 0x200000000000200(slab|node=0|zone=2) [ 15.082402] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 15.083639] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 15.084897] page dumped because: kasan: bad access detected [ 15.085786] [ 15.086041] Memory state around the buggy address: [ 15.086811] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 15.087963] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.089128] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.090280] ^ [ 15.090851] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.092005] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.093179] ================================================================== [ 15.094381] ================================================================== [ 15.095541] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 15.096979] Write of size 8 at addr ffff8881015fe908 by task kunit_try_catch/332 [ 15.098156] [ 15.098413] CPU: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 15.099929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 15.101259] Call Trace: [ 15.101663] <TASK> [ 15.102012] dump_stack_lvl+0x4d/0x66 [ 15.102612] print_report+0x17a/0x471 [ 15.103212] ? kasan_complete_mode_report_info+0x40/0x210 [ 15.104084] ? kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 15.105117] kasan_report+0xb4/0x140 [ 15.105708] ? kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 15.106719] kasan_check_range+0x3e/0x1d0 [ 15.107379] __kasan_check_write+0x18/0x20 [ 15.108041] kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 15.109029] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.110089] ? kasan_set_track+0x29/0x40 [ 15.110726] ? kasan_save_alloc_info+0x22/0x30 [ 15.111451] ? __kasan_kmalloc+0xb8/0xc0 [ 15.112097] kasan_bitops_generic+0xb0/0x120 [ 15.112813] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.113610] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.114393] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 15.115204] ? trace_preempt_on+0x2e/0xf0 [ 15.115876] ? __kthread_parkme+0x4f/0xd0 [ 15.116548] kunit_try_run_case+0x95/0xd0 [ 15.117200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.117959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.118942] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.119818] kthread+0x17d/0x1b0 [ 15.120368] ? __pfx_kthread+0x10/0x10 [ 15.120991] ret_from_fork+0x2c/0x50 [ 15.121578] </TASK> [ 15.121946] [ 15.122200] Allocated by task 332: [ 15.122756] kasan_save_stack+0x2a/0x60 [ 15.123379] kasan_set_track+0x29/0x40 [ 15.123992] kasan_save_alloc_info+0x22/0x30 [ 15.124702] __kasan_kmalloc+0xb8/0xc0 [ 15.125314] kmalloc_trace+0x4e/0xb0 [ 15.125897] kasan_bitops_generic+0x8a/0x120 [ 15.126593] kunit_try_run_case+0x95/0xd0 [ 15.127248] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.128118] kthread+0x17d/0x1b0 [ 15.128662] ret_from_fork+0x2c/0x50 [ 15.129245] [ 15.129500] The buggy address belongs to the object at ffff8881015fe900 [ 15.129500] which belongs to the cache kmalloc-16 of size 16 [ 15.131454] The buggy address is located 8 bytes inside of [ 15.131454] 16-byte region [ffff8881015fe900, ffff8881015fe910) [ 15.133292] [ 15.133549] The buggy address belongs to the physical page: [ 15.134442] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 15.135935] flags: 0x200000000000200(slab|node=0|zone=2) [ 15.136817] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 15.138061] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 15.139302] page dumped because: kasan: bad access detected [ 15.140198] [ 15.140473] Memory state around the buggy address: [ 15.141248] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 15.142413] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.143571] >ffff8881015fe900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.144747] ^ [ 15.145322] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.146491] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.147639] ================================================================== [ 15.148890] ok 46 - kasan_bitops_generic [ 15.148976] kunit_try_catch (332) used greatest stack depth: 28272 bytes left [ 15.149493] ok 47 - kasan_bitops_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 15.153109] ================================================================== [ 15.155577] BUG: KASAN: use-after-free in kfree_sensitive+0x17/0x50 [ 15.156611] Read of size 1 at addr ffff8881015fe920 by task kunit_try_catch/334 [ 15.157784] [ 15.158041] CPU: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 15.159558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 15.160913] Call Trace: [ 15.161319] <TASK> [ 15.161687] dump_stack_lvl+0x4d/0x66 [ 15.162633] print_report+0x17a/0x471 [ 15.163586] ? kasan_complete_mode_report_info+0x80/0x210 [ 15.164964] ? kfree_sensitive+0x17/0x50 [ 15.165965] kasan_report+0xb4/0x140 [ 15.166883] ? kfree_sensitive+0x17/0x50 [ 15.167881] ? kfree_sensitive+0x17/0x50 [ 15.168909] __kasan_check_byte+0x41/0x50 [ 15.169828] ksize+0x23/0x70 [ 15.170304] kfree_sensitive+0x17/0x50 [ 15.170914] kmalloc_double_kzfree+0xcc/0x1c0 [ 15.171622] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 15.172438] ? __kasan_check_write+0x18/0x20 [ 15.173127] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.173868] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 15.174670] ? trace_preempt_on+0x2e/0xf0 [ 15.175324] ? __kthread_parkme+0x4f/0xd0 [ 15.175974] kunit_try_run_case+0x95/0xd0 [ 15.176639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.177398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.178372] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.179236] kthread+0x17d/0x1b0 [ 15.179768] ? __pfx_kthread+0x10/0x10 [ 15.180398] ret_from_fork+0x2c/0x50 [ 15.180988] </TASK> [ 15.181356] [ 15.181610] Allocated by task 334: [ 15.182160] kasan_save_stack+0x2a/0x60 [ 15.182780] kasan_set_track+0x29/0x40 [ 15.183388] kasan_save_alloc_info+0x22/0x30 [ 15.184078] __kasan_kmalloc+0xb8/0xc0 [ 15.184696] kmalloc_trace+0x4e/0xb0 [ 15.185278] kmalloc_double_kzfree+0x9d/0x1c0 [ 15.185985] kunit_try_run_case+0x95/0xd0 [ 15.186637] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.187502] kthread+0x17d/0x1b0 [ 15.188032] ret_from_fork+0x2c/0x50 [ 15.188640] [ 15.188895] Freed by task 334: [ 15.189400] kasan_save_stack+0x2a/0x60 [ 15.190026] kasan_set_track+0x29/0x40 [ 15.190636] kasan_save_free_info+0x32/0x50 [ 15.191316] ____kasan_slab_free+0x174/0x1e0 [ 15.192009] __kasan_slab_free+0x16/0x20 [ 15.192656] __kmem_cache_free+0x18e/0x300 [ 15.193323] kfree+0x7d/0x120 [ 15.193810] kfree_sensitive+0x43/0x50 [ 15.194413] kmalloc_double_kzfree+0xb5/0x1c0 [ 15.195118] kunit_try_run_case+0x95/0xd0 [ 15.195769] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.196656] kthread+0x17d/0x1b0 [ 15.197183] ret_from_fork+0x2c/0x50 [ 15.197763] [ 15.198017] The buggy address belongs to the object at ffff8881015fe920 [ 15.198017] which belongs to the cache kmalloc-16 of size 16 [ 15.199959] The buggy address is located 0 bytes inside of [ 15.199959] 16-byte region [ffff8881015fe920, ffff8881015fe930) [ 15.201772] [ 15.202024] The buggy address belongs to the physical page: [ 15.202913] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 15.204421] flags: 0x200000000000200(slab|node=0|zone=2) [ 15.205282] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 15.206509] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 15.207733] page dumped because: kasan: bad access detected [ 15.208637] [ 15.208890] Memory state around the buggy address: [ 15.209654] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 15.210800] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.211943] >ffff8881015fe900: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 15.213101] ^ [ 15.213793] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214939] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.216081] ================================================================== [ 15.217290] ================================================================== [ 15.218453] BUG: KASAN: double-free in kfree+0x7d/0x120 [ 15.219293] Free of addr ffff8881015fe920 by task kunit_try_catch/334 [ 15.220325] [ 15.220598] CPU: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 15.222108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 15.223433] Call Trace: [ 15.223837] <TASK> [ 15.224186] dump_stack_lvl+0x4d/0x66 [ 15.224793] print_report+0x17a/0x471 [ 15.225392] ? kfree+0x7d/0x120 [ 15.225905] ? kasan_complete_mode_report_info+0x80/0x210 [ 15.226771] ? kfree+0x7d/0x120 [ 15.227287] ? kfree+0x7d/0x120 [ 15.227802] kasan_report_invalid_free+0x85/0x100 [ 15.228589] ? kfree+0x7d/0x120 [ 15.229105] ____kasan_slab_free+0x19e/0x1e0 [ 15.229794] ? kfree_sensitive+0x24/0x50 [ 15.230432] __kasan_slab_free+0x16/0x20 [ 15.231075] __kmem_cache_free+0x18e/0x300 [ 15.231746] kfree+0x7d/0x120 [ 15.232237] kfree_sensitive+0x24/0x50 [ 15.232866] kmalloc_double_kzfree+0xcc/0x1c0 [ 15.233577] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 15.234379] ? __kasan_check_write+0x18/0x20 [ 15.235074] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.235827] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 15.236643] ? trace_preempt_on+0x2e/0xf0 [ 15.237300] ? __kthread_parkme+0x4f/0xd0 [ 15.237955] kunit_try_run_case+0x95/0xd0 [ 15.238614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.239381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.240384] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.241255] kthread+0x17d/0x1b0 [ 15.241785] ? __pfx_kthread+0x10/0x10 [ 15.242396] ret_from_fork+0x2c/0x50 [ 15.242982] </TASK> [ 15.243345] [ 15.243598] Allocated by task 334: [ 15.244151] kasan_save_stack+0x2a/0x60 [ 15.244790] kasan_set_track+0x29/0x40 [ 15.245399] kasan_save_alloc_info+0x22/0x30 [ 15.246097] __kasan_kmalloc+0xb8/0xc0 [ 15.246709] kmalloc_trace+0x4e/0xb0 [ 15.247292] kmalloc_double_kzfree+0x9d/0x1c0 [ 15.248000] kunit_try_run_case+0x95/0xd0 [ 15.248672] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.249541] kthread+0x17d/0x1b0 [ 15.250074] ret_from_fork+0x2c/0x50 [ 15.250658] [ 15.250912] Freed by task 334: [ 15.251413] kasan_save_stack+0x2a/0x60 [ 15.252041] kasan_set_track+0x29/0x40 [ 15.252670] kasan_save_free_info+0x32/0x50 [ 15.253355] ____kasan_slab_free+0x174/0x1e0 [ 15.254047] __kasan_slab_free+0x16/0x20 [ 15.254696] __kmem_cache_free+0x18e/0x300 [ 15.255362] kfree+0x7d/0x120 [ 15.255850] kfree_sensitive+0x43/0x50 [ 15.256470] kmalloc_double_kzfree+0xb5/0x1c0 [ 15.257176] kunit_try_run_case+0x95/0xd0 [ 15.257830] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.258694] kthread+0x17d/0x1b0 [ 15.259228] ret_from_fork+0x2c/0x50 [ 15.259818] [ 15.260074] The buggy address belongs to the object at ffff8881015fe920 [ 15.260074] which belongs to the cache kmalloc-16 of size 16 [ 15.262069] The buggy address is located 0 bytes inside of [ 15.262069] 16-byte region [ffff8881015fe920, ffff8881015fe930) [ 15.263892] [ 15.264152] The buggy address belongs to the physical page: [ 15.265062] page:000000002875cf57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015fe [ 15.266552] flags: 0x200000000000200(slab|node=0|zone=2) [ 15.267411] raw: 0200000000000200 ffff8881000423c0 dead000000000122 0000000000000000 [ 15.268661] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 15.269898] page dumped because: kasan: bad access detected [ 15.270791] [ 15.271045] Memory state around the buggy address: [ 15.271821] ffff8881015fe800: 00 04 fc fc 00 04 fc fc 00 00 fc fc 00 00 fc fc [ 15.273000] ffff8881015fe880: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.274163] >ffff8881015fe900: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 15.275326] ^ [ 15.276021] ffff8881015fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.277191] ffff8881015fea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.278345] ================================================================== [ 15.279635] ok 48 - kmalloc_double_kzfree [ 15.289409] ================================================================== [ 15.293861] BUG: KASAN: use-after-free in rcu_uaf_reclaim+0x27/0x40 [ 15.295847] Read of size 4 at addr ffff888101318100 by task swapper/3/0 [ 15.298009] [ 15.298579] CPU: 3 PID: 0 Comm: swapper/3 Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 15.301105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 15.303237] Call Trace: [ 15.303877] <IRQ> [ 15.304463] dump_stack_lvl+0x4d/0x66 [ 15.305350] print_report+0x17a/0x471 [ 15.306045] ? kasan_complete_mode_report_info+0x80/0x210 [ 15.306933] ? rcu_uaf_reclaim+0x27/0x40 [ 15.307572] kasan_report+0xb4/0x140 [ 15.308160] ? rcu_uaf_reclaim+0x27/0x40 [ 15.308823] __asan_load4+0x84/0xa0 [ 15.309399] rcu_uaf_reclaim+0x27/0x40 [ 15.310009] rcu_core+0x468/0xfb0 [ 15.310556] ? __pfx_rcu_core+0x10/0x10 [ 15.311179] ? __pfx_lapic_next_deadline+0x10/0x10 [ 15.311950] ? clockevents_program_event+0x103/0x170 [ 15.312760] ? __do_softirq+0xda/0x4f6 [ 15.313368] ? __irq_exit_rcu+0xf6/0x140 [ 15.314005] rcu_core_si+0x12/0x20 [ 15.314561] __do_softirq+0x152/0x4f6 [ 15.315159] __irq_exit_rcu+0xf6/0x140 [ 15.315770] irq_exit_rcu+0x12/0x30 [ 15.316337] sysvec_apic_timer_interrupt+0xa5/0xc0 [ 15.317136] </IRQ> [ 15.317482] <TASK> [ 15.317875] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 15.318686] RIP: 0010:default_idle+0x18/0x20 [ 15.319361] Code: cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 55 48 89 e5 eb 07 0f 00 2d aa 8e 2f 00 fb f4 <5d> e9 06 38 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 15.322258] RSP: 0018:ffff8881003dfdc8 EFLAGS: 00000216 [ 15.323088] RAX: ffffffff9235f7a0 RBX: ffff888100374400 RCX: ffffffff9234e84a [ 15.324230] RDX: ffffed10236b67e1 RSI: ffffffff9283fd20 RDI: 000000000190a40c [ 15.325416] RBP: ffff8881003dfdc8 R08: 0000000000000001 R09: ffff88811b5b3f03 [ 15.326565] R10: ffffed10236b67e0 R11: 0000000000000001 R12: 0000000000000003 [ 15.327728] R13: ffffffff93e00750 R14: 0000000000000000 R15: 0000000000000000 [ 15.328883] ? __pfx_default_idle+0x10/0x10 [ 15.329580] ? ct_kernel_exit.constprop.0+0xda/0x100 [ 15.330393] arch_cpu_idle+0x19/0x20 [ 15.330982] default_idle_call+0x77/0x1a0 [ 15.331632] do_idle+0x35b/0x410 [ 15.332168] ? trace_hardirqs_on+0x3c/0x130 [ 15.333005] ? __pfx_do_idle+0x10/0x10 [ 15.333780] ? _raw_spin_unlock_irqrestore+0x37/0x60 [ 15.334819] ? complete+0xb1/0xc0 [ 15.335527] cpu_startup_entry+0x24/0x30 [ 15.336334] start_secondary+0x1be/0x1e0 [ 15.337185] ? __pfx_start_secondary+0x10/0x10 [ 15.338032] secondary_startup_64_no_verify+0xe0/0xeb [ 15.338909] </TASK> [ 15.339299] [ 15.339585] Allocated by task 335: [ 15.340195] kasan_save_stack+0x2a/0x60 [ 15.340961] kasan_set_track+0x29/0x40 [ 15.341636] kasan_save_alloc_info+0x22/0x30 [ 15.342406] __kasan_kmalloc+0xb8/0xc0 [ 15.343079] kmalloc_trace+0x4e/0xb0 [ 15.343721] rcu_uaf+0x9d/0x1e0 [ 15.344284] kunit_try_run_case+0x95/0xd0 [ 15.345016] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.345967] kthread+0x17d/0x1b0 [ 15.346563] ret_from_fork+0x2c/0x50 [ 15.347200] [ 15.347479] Freed by task 0: [ 15.348004] kasan_save_stack+0x2a/0x60 [ 15.348692] kasan_set_track+0x29/0x40 [ 15.349313] kasan_save_free_info+0x32/0x50 [ 15.350010] ____kasan_slab_free+0x174/0x1e0 [ 15.350727] __kasan_slab_free+0x16/0x20 [ 15.351374] __kmem_cache_free+0x18e/0x300 [ 15.352071] kfree+0x7d/0x120 [ 15.352613] rcu_uaf_reclaim+0x1f/0x40 [ 15.353237] rcu_core+0x468/0xfb0 [ 15.353791] rcu_core_si+0x12/0x20 [ 15.354369] __do_softirq+0x152/0x4f6 [ 15.354993] [ 15.355260] Last potentially related work creation: [ 15.356085] kasan_save_stack+0x2a/0x60 [ 15.356756] __kasan_record_aux_stack+0xb6/0xd0 [ 15.357542] kasan_record_aux_stack_noalloc+0xf/0x20 [ 15.358406] __call_rcu_common.constprop.0+0x4e/0x5a0 [ 15.359268] call_rcu+0x12/0x20 [ 15.359808] rcu_uaf+0xe2/0x1e0 [ 15.360358] kunit_try_run_case+0x95/0xd0 [ 15.361041] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.361943] kthread+0x17d/0x1b0 [ 15.362494] ret_from_fork+0x2c/0x50 [ 15.363104] [ 15.363386] The buggy address belongs to the object at ffff888101318100 [ 15.363386] which belongs to the cache kmalloc-32 of size 32 [ 15.365496] The buggy address is located 0 bytes inside of [ 15.365496] 32-byte region [ffff888101318100, ffff888101318120) [ 15.367408] [ 15.367681] The buggy address belongs to the physical page: [ 15.368641] page:00000000ba03048f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101318 [ 15.370222] flags: 0x200000000000200(slab|node=0|zone=2) [ 15.371129] raw: 0200000000000200 ffff888100042500 dead000000000122 0000000000000000 [ 15.372488] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 15.373706] page dumped because: kasan: bad access detected [ 15.374604] [ 15.374855] Memory state around the buggy address: [ 15.375609] ffff888101318000: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc [ 15.376806] ffff888101318080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.378017] >ffff888101318100: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 15.379249] ^ [ 15.379812] ffff888101318180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381051] ffff888101318200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.382231] ================================================================== [ 15.383525] ok 49 - rcu_uaf [ 15.384395] ================================================================== [ 15.387386] BUG: KASAN: use-after-free in workqueue_uaf+0x165/0x2a0 [ 15.389464] Read of size 8 at addr ffff8881044e17c0 by task kunit_try_catch/336 [ 15.392240] [ 15.392908] CPU: 2 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 15.395564] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 15.397860] Call Trace: [ 15.398528] <TASK> [ 15.399106] dump_stack_lvl+0x4d/0x66 [ 15.400075] print_report+0x17a/0x471 [ 15.401068] ? kasan_complete_mode_report_info+0x80/0x210 [ 15.402134] ? workqueue_uaf+0x165/0x2a0 [ 15.402744] kasan_report+0xb4/0x140 [ 15.403303] ? workqueue_uaf+0x165/0x2a0 [ 15.403917] __asan_load8+0x82/0xb0 [ 15.404474] workqueue_uaf+0x165/0x2a0 [ 15.405110] ? __pfx_workqueue_uaf+0x10/0x10 [ 15.405781] ? __kasan_check_write+0x18/0x20 [ 15.406450] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.407171] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 15.407941] ? trace_preempt_on+0x2e/0xf0 [ 15.408579] ? __kthread_parkme+0x4f/0xd0 [ 15.409208] kunit_try_run_case+0x95/0xd0 [ 15.409839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.410572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.411511] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.412344] kthread+0x17d/0x1b0 [ 15.412873] ? __pfx_kthread+0x10/0x10 [ 15.413471] ret_from_fork+0x2c/0x50 [ 15.414059] </TASK> [ 15.414411] [ 15.414660] Allocated by task 336: [ 15.415190] kasan_save_stack+0x2a/0x60 [ 15.415790] kasan_set_track+0x29/0x40 [ 15.416389] kasan_save_alloc_info+0x22/0x30 [ 15.417052] __kasan_kmalloc+0xb8/0xc0 [ 15.417640] kmalloc_trace+0x4e/0xb0 [ 15.418204] workqueue_uaf+0xdb/0x2a0 [ 15.418793] kunit_try_run_case+0x95/0xd0 [ 15.419441] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.420292] kthread+0x17d/0x1b0 [ 15.420828] ret_from_fork+0x2c/0x50 [ 15.421399] [ 15.421648] Freed by task 56: [ 15.422120] kasan_save_stack+0x2a/0x60 [ 15.422726] kasan_set_track+0x29/0x40 [ 15.423321] kasan_save_free_info+0x32/0x50 [ 15.423982] ____kasan_slab_free+0x174/0x1e0 [ 15.424661] __kasan_slab_free+0x16/0x20 [ 15.425278] __kmem_cache_free+0x18e/0x300 [ 15.425922] kfree+0x7d/0x120 [ 15.426395] workqueue_uaf_work+0x12/0x20 [ 15.427022] process_one_work+0x434/0x720 [ 15.427655] worker_thread+0x2bf/0x6f0 [ 15.428249] kthread+0x17d/0x1b0 [ 15.428954] ret_from_fork+0x2c/0x50 [ 15.429749] [ 15.430106] Last potentially related work creation: [ 15.431117] kasan_save_stack+0x2a/0x60 [ 15.431767] __kasan_record_aux_stack+0xb6/0xd0 [ 15.432536] kasan_record_aux_stack_noalloc+0xf/0x20 [ 15.433364] insert_work+0x3b/0x160 [ 15.433951] __queue_work+0x329/0x6a0 [ 15.434622] queue_work_on+0x80/0x90 [ 15.435238] workqueue_uaf+0x146/0x2a0 [ 15.435871] kunit_try_run_case+0x95/0xd0 [ 15.436584] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.437428] kthread+0x17d/0x1b0 [ 15.437944] ret_from_fork+0x2c/0x50 [ 15.438513] [ 15.438760] The buggy address belongs to the object at ffff8881044e17c0 [ 15.438760] which belongs to the cache kmalloc-32 of size 32 [ 15.440651] The buggy address is located 0 bytes inside of [ 15.440651] 32-byte region [ffff8881044e17c0, ffff8881044e17e0) [ 15.442394] [ 15.442639] The buggy address belongs to the physical page: [ 15.443494] page:00000000e0a1c7c6 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044e1 [ 15.444934] flags: 0x200000000000200(slab|node=0|zone=2) [ 15.445758] raw: 0200000000000200 ffff888100042500 dead000000000122 0000000000000000 [ 15.446951] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 15.448142] page dumped because: kasan: bad access detected [ 15.449055] [ 15.449300] Memory state around the buggy address: [ 15.450047] ffff8881044e1680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.451153] ffff8881044e1700: 00 00 07 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.452260] >ffff8881044e1780: 00 00 05 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.453382] ^ [ 15.454275] ffff8881044e1800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.455440] ffff8881044e1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.456646] ================================================================== [ 15.457859] ok 50 - workqueue_uaf [ 15.458309] ok 51 - vmalloc_helpers_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 15.459288] ok 52 - vmalloc_oob # SKIP Test requires CONFIG_KASAN_VMALLOC=y [ 15.461002] ok 53 - vmap_tags # SKIP Test requires CONFIG_KASAN_SW_TAGS=y [ 15.462492] ok 54 - vm_map_ram_tags # SKIP Test requires CONFIG_KASAN_SW_TAGS=y [ 15.463969] ok 55 - vmalloc_percpu # SKIP Test requires CONFIG_KASAN_SW_TAGS=y [ 15.465887] ok 56 - match_all_not_assigned # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 15.467782] ok 57 - match_all_ptr_tag # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 15.469370] ok 58 - match_all_mem_tag # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 15.473407] # kasan: pass:46 fail:0 skip:12 total:58 [ 15.474637] # Totals: pass:46 fail:0 skip:12 total:58 [ 15.475478] ok 5 - kasan [ 15.477083] # Subtest: kfence [ 15.477091] 1..25 [ 15.477870] # test_out_of_bounds_read: test_alloc: size=32, gfp=cc0, policy=left, cache=0 [ 15.670516] ================================================================== [ 15.671730] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x111/0x23e [ 15.671730] [ 15.673078] Out-of-bounds read at 0x00000000f0a27cd6 (1B left of kfence-#92): [ 15.674101] test_out_of_bounds_read+0x111/0x23e [ 15.674773] kunit_try_run_case+0x95/0xd0 [ 15.675360] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.676141] kthread+0x17d/0x1b0 [ 15.676627] ret_from_fork+0x2c/0x50 [ 15.677174] [ 15.677405] kfence-#92: 0x000000000b354b59-0x000000007cfc48e2, size=32, cache=kmalloc-32 [ 15.677405] [ 15.678764] allocated by task 346 on cpu 0 at 15.670486s: [ 15.679552] test_alloc+0x1d7/0x750 [ 15.680066] test_out_of_bounds_read+0xfa/0x23e [ 15.680738] kunit_try_run_case+0x95/0xd0 [ 15.681322] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.682097] kthread+0x17d/0x1b0 [ 15.682570] ret_from_fork+0x2c/0x50 [ 15.683093] [ 15.683325] CPU: 0 PID: 346 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 15.684688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 15.685870] ================================================================== [ 15.686946] # test_out_of_bounds_read: test_alloc: size=32, gfp=cc0, policy=right, cache=0 [ 15.917909] ================================================================== [ 15.922497] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x19c/0x23e [ 15.922497] [ 15.923943] Out-of-bounds read at 0x00000000d1570259 (32B right of kfence-#94): [ 15.925129] test_out_of_bounds_read+0x19c/0x23e [ 15.925876] kunit_try_run_case+0x95/0xd0 [ 15.926535] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.927394] kthread+0x17d/0x1b0 [ 15.927924] ret_from_fork+0x2c/0x50 [ 15.928525] [ 15.928784] kfence-#94: 0x00000000c8c61aa9-0x00000000b8748e79, size=32, cache=kmalloc-32 [ 15.928784] [ 15.930285] allocated by task 346 on cpu 0 at 15.917878s: [ 15.931150] test_alloc+0x1d7/0x750 [ 15.931716] test_out_of_bounds_read+0x183/0x23e [ 15.932466] kunit_try_run_case+0x95/0xd0 [ 15.933110] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 15.933972] kthread+0x17d/0x1b0 [ 15.934494] ret_from_fork+0x2c/0x50 [ 15.935071] [ 15.935325] CPU: 0 PID: 346 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 15.936857] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 15.938160] ================================================================== [ 15.939468] kunit_try_catch (346) used greatest stack depth: 27280 bytes left [ 15.939490] ok 1 - test_out_of_bounds_read [ 15.941142] # test_out_of_bounds_read-memcache: setup_test_cache: size=32, ctor=0x0 [ 15.946412] # test_out_of_bounds_read-memcache: test_alloc: size=32, gfp=cc0, policy=left, cache=1 [ 16.086426] ================================================================== [ 16.087708] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x111/0x23e [ 16.087708] [ 16.089205] Out-of-bounds read at 0x00000000fa499030 (1B left of kfence-#96): [ 16.090400] test_out_of_bounds_read+0x111/0x23e [ 16.091185] kunit_try_run_case+0x95/0xd0 [ 16.091870] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.092816] kthread+0x17d/0x1b0 [ 16.093343] ret_from_fork+0x2c/0x50 [ 16.093907] [ 16.094153] kfence-#96: 0x000000000c9aeeb9-0x000000002cd7c8b2, size=32, cache=test [ 16.094153] [ 16.095539] allocated by task 347 on cpu 3 at 16.086396s: [ 16.096444] test_alloc+0x1ca/0x750 [ 16.096989] test_out_of_bounds_read+0xfa/0x23e [ 16.097682] kunit_try_run_case+0x95/0xd0 [ 16.098311] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.099167] kthread+0x17d/0x1b0 [ 16.099675] ret_from_fork+0x2c/0x50 [ 16.100230] [ 16.100479] CPU: 3 PID: 347 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 16.101902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 16.103149] ================================================================== [ 16.104293] # test_out_of_bounds_read-memcache: test_alloc: size=32, gfp=cc0, policy=right, cache=1 [ 16.191058] ================================================================== [ 16.192255] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x19c/0x23e [ 16.192255] [ 16.193616] Out-of-bounds read at 0x00000000375696c1 (32B right of kfence-#97): [ 16.194672] test_out_of_bounds_read+0x19c/0x23e [ 16.195345] kunit_try_run_case+0x95/0xd0 [ 16.195938] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.196735] kthread+0x17d/0x1b0 [ 16.197214] ret_from_fork+0x2c/0x50 [ 16.197748] [ 16.197982] kfence-#97: 0x00000000361fd389-0x00000000a510b88d, size=32, cache=test [ 16.197982] [ 16.199285] allocated by task 347 on cpu 3 at 16.191028s: [ 16.200079] test_alloc+0x1ca/0x750 [ 16.200609] test_out_of_bounds_read+0x183/0x23e [ 16.201285] kunit_try_run_case+0x95/0xd0 [ 16.201878] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.202667] kthread+0x17d/0x1b0 [ 16.203148] ret_from_fork+0x2c/0x50 [ 16.203678] [ 16.203912] CPU: 3 PID: 347 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 16.205297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 16.206501] ================================================================== [ 16.224757] ok 2 - test_out_of_bounds_read-memcache [ 16.225247] # test_out_of_bounds_write: test_alloc: size=32, gfp=cc0, policy=left, cache=0 [ 16.294451] ================================================================== [ 16.295947] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0xdb/0x17f [ 16.295947] [ 16.297424] Out-of-bounds write at 0x000000007d7d3507 (1B left of kfence-#98): [ 16.298547] test_out_of_bounds_write+0xdb/0x17f [ 16.299270] kunit_try_run_case+0x95/0xd0 [ 16.299914] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.300875] kthread+0x17d/0x1b0 [ 16.301401] ret_from_fork+0x2c/0x50 [ 16.301969] [ 16.302215] kfence-#98: 0x0000000022709c1e-0x0000000087ebc074, size=32, cache=kmalloc-32 [ 16.302215] [ 16.303702] allocated by task 348 on cpu 2 at 16.294413s: [ 16.304581] test_alloc+0x1d7/0x750 [ 16.305138] test_out_of_bounds_write+0xcb/0x17f [ 16.305864] kunit_try_run_case+0x95/0xd0 [ 16.306495] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.307333] kthread+0x17d/0x1b0 [ 16.307846] ret_from_fork+0x2c/0x50 [ 16.308430] [ 16.308761] CPU: 2 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 16.310720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 16.312081] ================================================================== [ 16.313291] ok 3 - test_out_of_bounds_write [ 16.313750] # test_out_of_bounds_write-memcache: setup_test_cache: size=32, ctor=0x0 [ 16.318859] # test_out_of_bounds_write-memcache: test_alloc: size=32, gfp=cc0, policy=left, cache=1 [ 16.398490] ================================================================== [ 16.399724] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0xdb/0x17f [ 16.399724] [ 16.401196] Out-of-bounds write at 0x00000000abc5d3e6 (1B left of kfence-#99): [ 16.402347] test_out_of_bounds_write+0xdb/0x17f [ 16.403089] kunit_try_run_case+0x95/0xd0 [ 16.403738] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.404627] kthread+0x17d/0x1b0 [ 16.405156] ret_from_fork+0x2c/0x50 [ 16.405734] [ 16.405986] kfence-#99: 0x00000000fe1613cb-0x00000000d16ee216, size=32, cache=test [ 16.405986] [ 16.407393] allocated by task 349 on cpu 3 at 16.398458s: [ 16.408254] test_alloc+0x1ca/0x750 [ 16.408831] test_out_of_bounds_write+0xcb/0x17f [ 16.409582] kunit_try_run_case+0x95/0xd0 [ 16.410231] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.411097] kthread+0x17d/0x1b0 [ 16.411630] ret_from_fork+0x2c/0x50 [ 16.412213] [ 16.412487] CPU: 3 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 16.414003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 16.415321] ================================================================== [ 16.430848] ok 4 - test_out_of_bounds_write-memcache [ 16.431205] # test_use_after_free_read: test_alloc: size=32, gfp=cc0, policy=any, cache=0 [ 16.502469] ================================================================== [ 16.503605] BUG: KFENCE: use-after-free read in test_use_after_free_read+0xfc/0x17d [ 16.503605] [ 16.504939] Use-after-free read at 0x000000008b1c35ba (in kfence-#100): [ 16.505903] test_use_after_free_read+0xfc/0x17d [ 16.506608] kunit_try_run_case+0x95/0xd0 [ 16.507210] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.508008] kthread+0x17d/0x1b0 [ 16.508515] ret_from_fork+0x2c/0x50 [ 16.509062] [ 16.509300] kfence-#100: 0x000000008b1c35ba-0x0000000067fc3d5e, size=32, cache=kmalloc-32 [ 16.509300] [ 16.510710] allocated by task 350 on cpu 2 at 16.502390s: [ 16.511519] test_alloc+0x1d7/0x750 [ 16.512047] test_use_after_free_read+0xcb/0x17d [ 16.512753] kunit_try_run_case+0x95/0xd0 [ 16.513352] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.514150] kthread+0x17d/0x1b0 [ 16.514642] ret_from_fork+0x2c/0x50 [ 16.515178] [ 16.515422] freed by task 350 on cpu 2 at 16.502423s: [ 16.516184] kfree+0x7d/0x120 [ 16.516659] test_use_after_free_read+0xf0/0x17d [ 16.517356] kunit_try_run_case+0x95/0xd0 [ 16.517962] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.518781] kthread+0x17d/0x1b0 [ 16.519289] ret_from_fork+0x2c/0x50 [ 16.519852] [ 16.520096] CPU: 2 PID: 350 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 16.521936] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 16.523604] ================================================================== [ 16.525051] ok 5 - test_use_after_free_read [ 16.525391] # test_use_after_free_read-memcache: setup_test_cache: size=32, ctor=0x0 [ 16.527824] # test_use_after_free_read-memcache: test_alloc: size=32, gfp=cc0, policy=any, cache=1 [ 16.606449] ================================================================== [ 16.607634] BUG: KFENCE: use-after-free read in test_use_after_free_read+0xfc/0x17d [ 16.607634] [ 16.609035] Use-after-free read at 0x00000000501e2c7f (in kfence-#101): [ 16.610100] test_use_after_free_read+0xfc/0x17d [ 16.610827] kunit_try_run_case+0x95/0xd0 [ 16.611463] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.612306] kthread+0x17d/0x1b0 [ 16.612838] ret_from_fork+0x2c/0x50 [ 16.613408] [ 16.613655] kfence-#101: 0x00000000501e2c7f-0x000000007a8e8f10, size=32, cache=test [ 16.613655] [ 16.615104] allocated by task 351 on cpu 3 at 16.606396s: [ 16.615954] test_alloc+0x1ca/0x750 [ 16.616529] test_use_after_free_read+0xcb/0x17d [ 16.617257] kunit_try_run_case+0x95/0xd0 [ 16.617893] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.618761] kthread+0x17d/0x1b0 [ 16.619249] ret_from_fork+0x2c/0x50 [ 16.619795] [ 16.620030] freed by task 351 on cpu 3 at 16.606417s: [ 16.620788] test_use_after_free_read+0xe6/0x17d [ 16.621471] kunit_try_run_case+0x95/0xd0 [ 16.622065] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.622852] kthread+0x17d/0x1b0 [ 16.623334] ret_from_fork+0x2c/0x50 [ 16.623864] [ 16.624097] CPU: 3 PID: 351 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 16.625688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 16.627003] ================================================================== [ 16.643947] ok 6 - test_use_after_free_read-memcache [ 16.644332] # test_double_free: test_alloc: size=32, gfp=cc0, policy=any, cache=0 [ 16.710456] ================================================================== [ 16.714774] BUG: KFENCE: invalid free in kfree+0x7d/0x120 [ 16.714774] [ 16.715874] Invalid free of 0x0000000034d077eb (in kfence-#102): [ 16.717061] kfree+0x7d/0x120 [ 16.717692] test_double_free+0x10e/0x18f [ 16.718532] kunit_try_run_case+0x95/0xd0 [ 16.719282] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.720139] kthread+0x17d/0x1b0 [ 16.720686] ret_from_fork+0x2c/0x50 [ 16.721265] [ 16.721519] kfence-#102: 0x0000000034d077eb-0x000000005cc46250, size=32, cache=kmalloc-32 [ 16.721519] [ 16.723031] allocated by task 352 on cpu 2 at 16.710390s: [ 16.723896] test_alloc+0x1d7/0x750 [ 16.724476] test_double_free+0xcb/0x18f [ 16.725106] kunit_try_run_case+0x95/0xd0 [ 16.725749] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.726603] kthread+0x17d/0x1b0 [ 16.727125] ret_from_fork+0x2c/0x50 [ 16.727701] [ 16.727951] freed by task 352 on cpu 2 at 16.710414s: [ 16.728781] kfree+0x7d/0x120 [ 16.729262] test_double_free+0xf0/0x18f [ 16.729892] kunit_try_run_case+0x95/0xd0 [ 16.730539] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.731397] kthread+0x17d/0x1b0 [ 16.731920] ret_from_fork+0x2c/0x50 [ 16.732509] [ 16.732766] CPU: 2 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 16.734284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 16.735599] ================================================================== [ 16.736848] # test_double_free: EXPECTATION FAILED at mm/kfence/kfence_test.c:396 [ 16.736848] Expected report_matches(&expect) to be true, but is false [ 16.739199] not ok 7 - test_double_free [ 16.739581] # test_double_free-memcache: setup_test_cache: size=32, ctor=0x0 [ 16.741726] # test_double_free-memcache: test_alloc: size=32, gfp=cc0, policy=any, cache=1 [ 16.814487] ================================================================== [ 16.815647] BUG: KFENCE: invalid free in test_double_free+0x104/0x18f [ 16.815647] [ 16.816869] Invalid free of 0x00000000807e1b83 (in kfence-#103): [ 16.817793] test_double_free+0x104/0x18f [ 16.818422] kunit_try_run_case+0x95/0xd0 [ 16.819052] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.819888] kthread+0x17d/0x1b0 [ 16.820396] ret_from_fork+0x2c/0x50 [ 16.820954] [ 16.821198] kfence-#103: 0x00000000807e1b83-0x00000000c12d5828, size=32, cache=test [ 16.821198] [ 16.822560] allocated by task 353 on cpu 3 at 16.814424s: [ 16.823376] test_alloc+0x1ca/0x750 [ 16.823910] test_double_free+0xcb/0x18f [ 16.824565] kunit_try_run_case+0x95/0xd0 [ 16.825367] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.826458] kthread+0x17d/0x1b0 [ 16.827108] ret_from_fork+0x2c/0x50 [ 16.827819] [ 16.828145] freed by task 353 on cpu 3 at 16.814447s: [ 16.829179] test_double_free+0xe6/0x18f [ 16.829982] kunit_try_run_case+0x95/0xd0 [ 16.830749] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.831647] kthread+0x17d/0x1b0 [ 16.832194] ret_from_fork+0x2c/0x50 [ 16.832813] [ 16.833077] CPU: 3 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 16.834609] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 16.835940] ================================================================== [ 16.853296] ok 8 - test_double_free-memcache [ 16.853642] # test_invalid_addr_free: test_alloc: size=32, gfp=cc0, policy=any, cache=0 [ 16.918516] ================================================================== [ 16.919855] BUG: KFENCE: invalid free in kfree+0x7d/0x120 [ 16.919855] [ 16.920962] Invalid free of 0x000000003722a694 (in kfence-#104): [ 16.921915] kfree+0x7d/0x120 [ 16.922403] test_invalid_addr_free+0xf5/0x197 [ 16.923118] kunit_try_run_case+0x95/0xd0 [ 16.923760] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.924652] kthread+0x17d/0x1b0 [ 16.925190] ret_from_fork+0x2c/0x50 [ 16.925770] [ 16.926024] kfence-#104: 0x00000000d1d8e521-0x00000000c0150b6f, size=32, cache=kmalloc-32 [ 16.926024] [ 16.927540] allocated by task 354 on cpu 2 at 16.918454s: [ 16.928435] test_alloc+0x1d7/0x750 [ 16.929004] test_invalid_addr_free+0xcb/0x197 [ 16.929722] kunit_try_run_case+0x95/0xd0 [ 16.930376] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 16.931240] kthread+0x17d/0x1b0 [ 16.931770] ret_from_fork+0x2c/0x50 [ 16.932350] [ 16.932622] CPU: 2 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 16.934136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 16.935477] ================================================================== [ 16.936755] # test_invalid_addr_free: EXPECTATION FAILED at mm/kfence/kfence_test.c:413 [ 16.936755] Expected report_matches(&expect) to be true, but is false [ 16.939212] not ok 9 - test_invalid_addr_free [ 16.939602] # test_invalid_addr_free-memcache: setup_test_cache: size=32, ctor=0x0 [ 16.941966] # test_invalid_addr_free-memcache: test_alloc: size=32, gfp=cc0, policy=any, cache=1 [ 17.022482] ================================================================== [ 17.023764] BUG: KFENCE: invalid free in test_invalid_addr_free+0xeb/0x197 [ 17.023764] [ 17.025096] Invalid free of 0x00000000ab6b9cce (in kfence-#105): [ 17.026084] test_invalid_addr_free+0xeb/0x197 [ 17.026840] kunit_try_run_case+0x95/0xd0 [ 17.027515] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.028361] kthread+0x17d/0x1b0 [ 17.028950] ret_from_fork+0x2c/0x50 [ 17.029555] [ 17.029818] kfence-#105: 0x000000003a47dd71-0x00000000eb9cc5c3, size=32, cache=test [ 17.029818] [ 17.031362] allocated by task 355 on cpu 3 at 17.022439s: [ 17.032297] test_alloc+0x1ca/0x750 [ 17.032925] test_invalid_addr_free+0xcb/0x197 [ 17.033659] kunit_try_run_case+0x95/0xd0 [ 17.034316] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.035205] kthread+0x17d/0x1b0 [ 17.035776] ret_from_fork+0x2c/0x50 [ 17.036414] [ 17.036670] CPU: 3 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 17.038203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 17.039521] ================================================================== [ 17.055777] ok 10 - test_invalid_addr_free-memcache [ 17.056167] # test_corruption: test_alloc: size=32, gfp=cc0, policy=left, cache=0 [ 17.126598] ================================================================== [ 17.127795] BUG: KFENCE: memory corruption in kfree+0x7d/0x120 [ 17.127795] [ 17.128997] Corrupted memory at 0x000000008227ef3d [ ! . . . . . . . . . . . . . . . ] (in kfence-#106): [ 17.130551] kfree+0x7d/0x120 [ 17.131043] test_corruption+0x101/0x20d [ 17.131690] kunit_try_run_case+0x95/0xd0 [ 17.132348] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.133245] kthread+0x17d/0x1b0 [ 17.133844] ret_from_fork+0x2c/0x50 [ 17.134434] [ 17.134696] kfence-#106: 0x00000000c6fdad2c-0x00000000c1959aa5, size=32, cache=kmalloc-32 [ 17.134696] [ 17.136579] allocated by task 356 on cpu 2 at 17.126552s: [ 17.137664] test_alloc+0x1d7/0x750 [ 17.138388] test_corruption+0xce/0x20d [ 17.139165] kunit_try_run_case+0x95/0xd0 [ 17.139968] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.141052] kthread+0x17d/0x1b0 [ 17.141714] ret_from_fork+0x2c/0x50 [ 17.142473] [ 17.142791] freed by task 356 on cpu 2 at 17.126577s: [ 17.143804] kfree+0x7d/0x120 [ 17.144409] test_corruption+0x101/0x20d [ 17.145070] kunit_try_run_case+0x95/0xd0 [ 17.145753] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.146656] kthread+0x17d/0x1b0 [ 17.147223] ret_from_fork+0x2c/0x50 [ 17.147827] [ 17.148087] CPU: 2 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 17.149691] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 17.151083] ================================================================== [ 17.152498] # test_corruption: EXPECTATION FAILED at mm/kfence/kfence_test.c:433 [ 17.152498] Expected report_matches(&expect) to be true, but is false [ 17.155024] # test_corruption: test_alloc: size=32, gfp=cc0, policy=right, cache=0 [ 17.438516] ================================================================== [ 17.439684] BUG: KFENCE: memory corruption in kfree+0x7d/0x120 [ 17.439684] [ 17.440807] Corrupted memory at 0x00000000d6d8d3f2 [ ! ] (in kfence-#109): [ 17.441868] kfree+0x7d/0x120 [ 17.442337] test_corruption+0x18a/0x20d [ 17.442950] kunit_try_run_case+0x95/0xd0 [ 17.443574] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.444414] kthread+0x17d/0x1b0 [ 17.444921] ret_from_fork+0x2c/0x50 [ 17.445480] [ 17.445725] kfence-#109: 0x00000000598b16ca-0x000000005339cecf, size=32, cache=kmalloc-32 [ 17.445725] [ 17.447199] allocated by task 356 on cpu 2 at 17.438460s: [ 17.448025] test_alloc+0x1d7/0x750 [ 17.448625] test_corruption+0x157/0x20d [ 17.449426] kunit_try_run_case+0x95/0xd0 [ 17.450208] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.451250] kthread+0x17d/0x1b0 [ 17.451891] ret_from_fork+0x2c/0x50 [ 17.452605] [ 17.452932] freed by task 356 on cpu 2 at 17.438482s: [ 17.453916] kfree+0x7d/0x120 [ 17.454533] test_corruption+0x18a/0x20d [ 17.455339] kunit_try_run_case+0x95/0xd0 [ 17.456070] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.456950] kthread+0x17d/0x1b0 [ 17.457467] ret_from_fork+0x2c/0x50 [ 17.458032] [ 17.458280] CPU: 2 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 17.459744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 17.461027] ================================================================== [ 17.462278] # test_corruption: EXPECTATION FAILED at mm/kfence/kfence_test.c:439 [ 17.462278] Expected report_matches(&expect) to be true, but is false [ 17.464571] not ok 11 - test_corruption [ 17.465030] # test_corruption-memcache: setup_test_cache: size=32, ctor=0x0 [ 17.468606] # test_corruption-memcache: test_alloc: size=32, gfp=cc0, policy=left, cache=1 [ 17.854394] ================================================================== [ 17.856971] BUG: KFENCE: memory corruption in test_corruption+0xf7/0x20d [ 17.856971] [ 17.858249] Corrupted memory at 0x000000006e7faa4e [ ! . . . . . . . . . . . . . . . ] (in kfence-#113): [ 17.859773] test_corruption+0xf7/0x20d [ 17.860381] kunit_try_run_case+0x95/0xd0 [ 17.861247] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.862357] kthread+0x17d/0x1b0 [ 17.863019] ret_from_fork+0x2c/0x50 [ 17.863582] [ 17.863834] kfence-#113: 0x00000000aa47e265-0x00000000ce908fe3, size=32, cache=test [ 17.863834] [ 17.865238] allocated by task 358 on cpu 3 at 17.854346s: [ 17.866074] test_alloc+0x1ca/0x750 [ 17.866625] test_corruption+0xce/0x20d [ 17.867224] kunit_try_run_case+0x95/0xd0 [ 17.867829] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.868700] kthread+0x17d/0x1b0 [ 17.869230] ret_from_fork+0x2c/0x50 [ 17.869813] [ 17.870067] freed by task 358 on cpu 3 at 17.854374s: [ 17.870881] test_corruption+0xf7/0x20d [ 17.871501] kunit_try_run_case+0x95/0xd0 [ 17.872150] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.873035] kthread+0x17d/0x1b0 [ 17.873561] ret_from_fork+0x2c/0x50 [ 17.874142] [ 17.874398] CPU: 3 PID: 358 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 17.875910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 17.877254] ================================================================== [ 17.878445] # test_corruption-memcache: test_alloc: size=32, gfp=cc0, policy=right, cache=1 [ 17.958446] ================================================================== [ 17.959687] BUG: KFENCE: memory corruption in test_corruption+0x180/0x20d [ 17.959687] [ 17.961012] Corrupted memory at 0x00000000dea0a0ee [ ! ] (in kfence-#114): [ 17.962103] test_corruption+0x180/0x20d [ 17.962734] kunit_try_run_case+0x95/0xd0 [ 17.963381] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.964237] kthread+0x17d/0x1b0 [ 17.964773] ret_from_fork+0x2c/0x50 [ 17.965351] [ 17.965603] kfence-#114: 0x00000000fb872493-0x00000000c28bf510, size=32, cache=test [ 17.965603] [ 17.967025] allocated by task 358 on cpu 3 at 17.958383s: [ 17.967883] test_alloc+0x1ca/0x750 [ 17.968454] test_corruption+0x157/0x20d [ 17.969080] kunit_try_run_case+0x95/0xd0 [ 17.969726] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.970583] kthread+0x17d/0x1b0 [ 17.971106] ret_from_fork+0x2c/0x50 [ 17.971682] [ 17.971934] freed by task 358 on cpu 3 at 17.958412s: [ 17.972763] test_corruption+0x180/0x20d [ 17.973394] kunit_try_run_case+0x95/0xd0 [ 17.974038] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 17.974895] kthread+0x17d/0x1b0 [ 17.975417] ret_from_fork+0x2c/0x50 [ 17.975994] [ 17.976249] CPU: 3 PID: 358 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 17.977763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 17.979069] ================================================================== [ 17.999856] ok 12 - test_corruption-memcache [ 18.000319] # test_free_bulk: test_alloc: size=231, gfp=cc0, policy=right, cache=0 [ 18.166475] # test_free_bulk: test_alloc: size=231, gfp=cc0, policy=none, cache=0 [ 18.167777] # test_free_bulk: test_alloc: size=231, gfp=cc0, policy=left, cache=0 [ 18.287822] # test_free_bulk: test_alloc: size=231, gfp=cc0, policy=none, cache=0 [ 18.289209] # test_free_bulk: test_alloc: size=231, gfp=cc0, policy=none, cache=0 [ 18.290644] # test_free_bulk: test_alloc: size=208, gfp=cc0, policy=right, cache=0 [ 18.478560] # test_free_bulk: test_alloc: size=208, gfp=cc0, policy=none, cache=0 [ 18.480383] # test_free_bulk: test_alloc: size=208, gfp=cc0, policy=left, cache=0 [ 18.582481] # test_free_bulk: test_alloc: size=208, gfp=cc0, policy=none, cache=0 [ 18.583787] # test_free_bulk: test_alloc: size=208, gfp=cc0, policy=none, cache=0 [ 18.589732] # test_free_bulk: test_alloc: size=37, gfp=cc0, policy=right, cache=0 [ 18.998570] # test_free_bulk: test_alloc: size=37, gfp=cc0, policy=none, cache=0 [ 18.999885] # test_free_bulk: test_alloc: size=37, gfp=cc0, policy=left, cache=0 [ 19.206527] # test_free_bulk: test_alloc: size=37, gfp=cc0, policy=none, cache=0 [ 19.207820] # test_free_bulk: test_alloc: size=37, gfp=cc0, policy=none, cache=0 [ 19.209121] # test_free_bulk: test_alloc: size=280, gfp=cc0, policy=right, cache=0 [ 19.518523] # test_free_bulk: test_alloc: size=280, gfp=cc0, policy=none, cache=0 [ 19.521202] # test_free_bulk: test_alloc: size=280, gfp=cc0, policy=left, cache=0 [ 19.934517] # test_free_bulk: test_alloc: size=280, gfp=cc0, policy=none, cache=0 [ 19.936394] # test_free_bulk: test_alloc: size=280, gfp=cc0, policy=none, cache=0 [ 19.938139] # test_free_bulk: test_alloc: size=99, gfp=cc0, policy=right, cache=0 [ 20.142437] # test_free_bulk: test_alloc: size=99, gfp=cc0, policy=none, cache=0 [ 20.143740] # test_free_bulk: test_alloc: size=99, gfp=cc0, policy=left, cache=0 [ 20.246439] # test_free_bulk: test_alloc: size=99, gfp=cc0, policy=none, cache=0 [ 20.250764] # test_free_bulk: test_alloc: size=99, gfp=cc0, policy=none, cache=0 [ 20.252157] ok 13 - test_free_bulk [ 20.252766] # test_free_bulk-memcache: setup_test_cache: size=27, ctor=0x0 [ 20.257874] # test_free_bulk-memcache: test_alloc: size=27, gfp=cc0, policy=right, cache=1 [ 20.350461] # test_free_bulk-memcache: test_alloc: size=27, gfp=cc0, policy=none, cache=1 [ 20.351813] # test_free_bulk-memcache: test_alloc: size=27, gfp=cc0, policy=left, cache=1 [ 20.454530] # test_free_bulk-memcache: test_alloc: size=27, gfp=cc0, policy=none, cache=1 [ 20.455898] # test_free_bulk-memcache: test_alloc: size=27, gfp=cc0, policy=none, cache=1 [ 20.463787] # test_free_bulk-memcache: setup_test_cache: size=27, ctor=ctor_set_x [ 20.465392] # test_free_bulk-memcache: test_alloc: size=27, gfp=cc0, policy=right, cache=1 [ 20.766526] # test_free_bulk-memcache: test_alloc: size=27, gfp=cc0, policy=none, cache=1 [ 20.768021] # test_free_bulk-memcache: test_alloc: size=27, gfp=cc0, policy=left, cache=1 [ 20.974489] # test_free_bulk-memcache: test_alloc: size=27, gfp=cc0, policy=none, cache=1 [ 20.979068] # test_free_bulk-memcache: test_alloc: size=27, gfp=cc0, policy=none, cache=1 [ 20.991180] # test_free_bulk-memcache: setup_test_cache: size=19, ctor=0x0 [ 20.992670] # test_free_bulk-memcache: test_alloc: size=19, gfp=cc0, policy=right, cache=1 [ 21.182463] # test_free_bulk-memcache: test_alloc: size=19, gfp=cc0, policy=none, cache=1 [ 21.183874] # test_free_bulk-memcache: test_alloc: size=19, gfp=cc0, policy=left, cache=1 [ 21.286489] # test_free_bulk-memcache: test_alloc: size=19, gfp=cc0, policy=none, cache=1 [ 21.288108] # test_free_bulk-memcache: test_alloc: size=19, gfp=cc0, policy=none, cache=1 [ 21.296880] # test_free_bulk-memcache: setup_test_cache: size=106, ctor=ctor_set_x [ 21.298522] # test_free_bulk-memcache: test_alloc: size=106, gfp=cc0, policy=right, cache=1 [ 21.702530] # test_free_bulk-memcache: test_alloc: size=106, gfp=cc0, policy=none, cache=1 [ 21.704063] # test_free_bulk-memcache: test_alloc: size=106, gfp=cc0, policy=left, cache=1 [ 21.806446] # test_free_bulk-memcache: test_alloc: size=106, gfp=cc0, policy=none, cache=1 [ 21.807815] # test_free_bulk-memcache: test_alloc: size=106, gfp=cc0, policy=none, cache=1 [ 21.828533] # test_free_bulk-memcache: setup_test_cache: size=279, ctor=0x0 [ 21.829995] # test_free_bulk-memcache: test_alloc: size=279, gfp=cc0, policy=right, cache=1 [ 21.910455] # test_free_bulk-memcache: test_alloc: size=279, gfp=cc0, policy=none, cache=1 [ 21.911930] # test_free_bulk-memcache: test_alloc: size=279, gfp=cc0, policy=left, cache=1 [ 22.014427] # test_free_bulk-memcache: test_alloc: size=279, gfp=cc0, policy=none, cache=1 [ 22.019536] # test_free_bulk-memcache: test_alloc: size=279, gfp=cc0, policy=none, cache=1 [ 22.033331] ok 14 - test_free_bulk-memcache [ 22.033667] ok 15 - test_init_on_free # SKIP Test requires: IS_ENABLED(CONFIG_INIT_ON_FREE_DEFAULT_ON) [ 22.034846] ok 16 - test_init_on_free-memcache # SKIP Test requires: IS_ENABLED(CONFIG_INIT_ON_FREE_DEFAULT_ON) [ 22.036660] # test_kmalloc_aligned_oob_read: test_alloc: size=73, gfp=cc0, policy=right, cache=0 [ 22.118450] ================================================================== [ 22.119687] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x188/0x22d [ 22.119687] [ 22.121265] Out-of-bounds read at 0x000000007b59e5bc (81B right of kfence-#154): [ 22.122448] test_kmalloc_aligned_oob_read+0x188/0x22d [ 22.123300] kunit_try_run_case+0x95/0xd0 [ 22.123956] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 22.124841] kthread+0x17d/0x1b0 [ 22.125371] ret_from_fork+0x2c/0x50 [ 22.125958] [ 22.126216] kfence-#154: 0x0000000055dee408-0x00000000bb8e3b76, size=73, cache=kmalloc-96 [ 22.126216] [ 22.127745] allocated by task 363 on cpu 2 at 22.118421s: [ 22.128637] test_alloc+0x1d7/0x750 [ 22.129210] test_kmalloc_aligned_oob_read+0xce/0x22d [ 22.130017] kunit_try_run_case+0x95/0xd0 [ 22.130666] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 22.131526] kthread+0x17d/0x1b0 [ 22.132049] ret_from_fork+0x2c/0x50 [ 22.132731] [ 22.132982] CPU: 2 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 22.134461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 22.135757] ================================================================== [ 22.137028] ok 17 - test_kmalloc_aligned_oob_read [ 22.137365] # test_kmalloc_aligned_oob_write: test_alloc: size=73, gfp=cc0, policy=right, cache=0 [ 22.222542] ================================================================== [ 22.223673] BUG: KFENCE: memory corruption in kfree+0x7d/0x120 [ 22.223673] [ 22.224750] Corrupted memory at 0x00000000454ab5aa [ ! . . . . . . ] (in kfence-#155): [ 22.225921] kfree+0x7d/0x120 [ 22.226367] test_kmalloc_aligned_oob_write+0x12e/0x1af [ 22.227137] kunit_try_run_case+0x95/0xd0 [ 22.227732] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 22.228540] kthread+0x17d/0x1b0 [ 22.229025] ret_from_fork+0x2c/0x50 [ 22.229558] [ 22.229792] kfence-#155: 0x000000008cc85289-0x00000000fdd3df4d, size=73, cache=kmalloc-96 [ 22.229792] [ 22.231188] allocated by task 364 on cpu 3 at 22.222490s: [ 22.231982] test_alloc+0x1d7/0x750 [ 22.232514] test_kmalloc_aligned_oob_write+0xae/0x1af [ 22.233276] kunit_try_run_case+0x95/0xd0 [ 22.233871] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 22.234660] kthread+0x17d/0x1b0 [ 22.235142] ret_from_fork+0x2c/0x50 [ 22.235673] [ 22.235907] freed by task 364 on cpu 3 at 22.222511s: [ 22.236663] kfree+0x7d/0x120 [ 22.237114] test_kmalloc_aligned_oob_write+0x12e/0x1af [ 22.238001] kunit_try_run_case+0x95/0xd0 [ 22.238663] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 22.239540] kthread+0x17d/0x1b0 [ 22.240072] ret_from_fork+0x2c/0x50 [ 22.240688] [ 22.240947] CPU: 3 PID: 364 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 22.242468] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 22.243797] ================================================================== [ 22.245053] # test_kmalloc_aligned_oob_write: EXPECTATION FAILED at mm/kfence/kfence_test.c:505 [ 22.245053] Expected report_matches(&expect) to be true, but is false [ 22.247690] not ok 18 - test_kmalloc_aligned_oob_write [ 22.248007] # test_shrink_memcache: setup_test_cache: size=32, ctor=0x0 [ 22.250346] # test_shrink_memcache: test_alloc: size=32, gfp=cc0, policy=any, cache=1 [ 22.331560] ok 19 - test_shrink_memcache [ 22.331901] # test_memcache_ctor: setup_test_cache: size=32, ctor=ctor_set_x [ 22.334145] # test_memcache_ctor: test_alloc: size=32, gfp=cc0, policy=any, cache=1 [ 22.435915] ok 20 - test_memcache_ctor [ 22.436237] ================================================================== [ 22.438171] BUG: KFENCE: invalid read in test_invalid_access+0xaf/0x140 [ 22.438171] [ 22.439450] Invalid read at 0x00000000ca287e6c: [ 22.440123] test_invalid_access+0xaf/0x140 [ 22.440833] kunit_try_run_case+0x95/0xd0 [ 22.441504] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 22.442673] kthread+0x17d/0x1b0 [ 22.443501] ret_from_fork+0x2c/0x50 [ 22.444426] [ 22.444929] CPU: 2 PID: 367 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 22.447337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 22.449414] ================================================================== [ 22.450777] ok 21 - test_invalid_access [ 22.451041] # test_gfpzero: test_alloc: size=4096, gfp=cc0, policy=any, cache=0 [ 22.534486] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 22.638592] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 22.742494] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 22.846468] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 22.950432] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 23.054591] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 23.158443] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 23.262556] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 23.366495] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 23.470478] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 23.574476] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 23.678502] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 23.782501] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 23.886458] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 23.990483] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 24.094494] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 24.198590] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 24.302503] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 24.406446] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 24.510436] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 24.614453] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 24.718477] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 24.822574] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 24.926579] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 25.030465] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 25.134513] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 25.238471] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 25.342560] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 25.446481] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 25.550447] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 25.654405] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 25.758596] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 25.862464] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 25.966475] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 26.070501] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 26.174532] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 26.278472] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 26.382506] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 26.486381] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 26.590418] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 26.694461] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 26.798500] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 26.902416] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 27.006440] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 27.110436] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 27.214428] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 27.318469] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 27.422451] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 27.526432] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 27.630456] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 27.734406] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 27.838447] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 27.942405] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 28.046404] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 28.150458] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 28.254418] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 28.358563] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 28.462492] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 28.566511] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 28.670486] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 28.774485] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 28.878601] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 28.982442] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 29.086414] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 29.190410] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 29.294425] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 29.398422] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 29.502505] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 29.606472] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 29.710443] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 29.814471] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 29.918537] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 30.022419] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 30.126471] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 30.230555] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 30.334613] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 30.438472] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 30.542488] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 30.646527] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 30.750453] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 30.854474] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 30.958440] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 31.062428] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 31.166607] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 31.270481] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 31.374441] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 31.478443] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 31.582585] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 31.686442] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 31.790505] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 31.894473] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 31.998501] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 32.102480] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 32.206481] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 32.310511] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 32.414475] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 32.518472] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 32.622480] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 32.726477] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 32.830619] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 32.934517] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 33.038452] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 33.142446] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 33.246468] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 33.350454] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 33.454504] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 33.558409] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 33.662453] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 33.766529] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 33.870484] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 33.974490] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 34.078444] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 34.182486] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 34.286564] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 34.390481] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 34.494486] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 34.598500] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 34.702548] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 34.806531] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 34.910578] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 35.014479] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 35.118544] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 35.222679] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 35.326511] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 35.430634] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 35.534632] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 35.638464] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 35.742510] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 35.846497] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 35.950682] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 36.054496] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 36.158430] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 36.262408] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 36.366440] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 36.470486] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 36.574484] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 36.678454] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 36.782518] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 36.886414] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 36.990418] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 37.094417] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 37.198418] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 37.302642] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 37.406601] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 37.510494] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 37.614475] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 37.718489] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 37.822441] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 37.926456] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 38.030469] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 38.134462] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 38.238501] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 38.342406] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 38.446634] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 38.550418] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 38.654489] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 38.758603] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 38.862472] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 38.966440] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 39.070404] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 39.174413] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 39.278458] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 39.382503] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 39.486469] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 39.590433] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 39.694410] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 39.798495] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 39.902461] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 40.006458] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 40.110441] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 40.214494] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 40.318479] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 40.422527] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 40.526552] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 40.630458] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 40.734455] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 40.838492] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 40.942424] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 41.046509] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 41.150479] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 41.254435] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 41.358486] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 41.462462] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 41.566449] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 41.670517] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 41.774457] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 41.878527] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 41.982444] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 42.086406] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 42.190535] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 42.294490] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 42.398396] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 42.502410] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 42.606470] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 42.710465] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 42.814517] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 42.918430] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 43.022470] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 43.126496] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 43.230424] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 43.334427] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 43.438433] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 43.542380] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 43.646490] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 43.750396] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 43.854449] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 43.958483] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 44.062464] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 44.166444] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 44.270515] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 44.374498] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 44.478478] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 44.582457] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 44.686603] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 44.790461] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 44.894513] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 44.998485] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 45.102439] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 45.207469] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 45.310454] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 45.414562] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 45.518609] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 45.622449] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 45.726445] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 45.830487] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 45.934612] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 46.038449] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 46.142446] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 46.246443] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 46.350440] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 46.454440] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 46.558458] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 46.662505] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 46.766457] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 46.870447] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 46.974422] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 47.078444] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 47.182439] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 47.286461] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 47.390444] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 47.494440] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 47.598449] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 47.702420] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 47.806399] # test_gfpzero: test_alloc: size=4096, gfp=dc0, policy=any, cache=0 [ 47.910539] ok 22 - test_gfpzero [ 47.910898] # test_memcache_typesafe_by_rcu: setup_test_cache: size=32, ctor=0x0 [ 47.913401] # test_memcache_typesafe_by_rcu: test_alloc: size=32, gfp=cc0, policy=any, cache=1 [ 48.020341] ================================================================== [ 48.022085] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu.cold+0xd0/0x208 [ 48.022085] [ 48.024404] Use-after-free read at 0x00000000f55b8dd7 (in kfence-#159): [ 48.025953] test_memcache_typesafe_by_rcu.cold+0xd0/0x208 [ 48.027236] kunit_try_run_case+0x95/0xd0 [ 48.028189] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.029475] kthread+0x17d/0x1b0 [ 48.030253] ret_from_fork+0x2c/0x50 [ 48.031108] [ 48.031482] kfence-#159: 0x00000000f55b8dd7-0x000000000f38ceb6, size=32, cache=test [ 48.031482] [ 48.033614] allocated by task 369 on cpu 2 at 48.014358s: [ 48.034895] test_alloc+0x1ca/0x750 [ 48.035734] test_memcache_typesafe_by_rcu.cold+0x2d/0x208 [ 48.037079] kunit_try_run_case+0x95/0xd0 [ 48.038001] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.039230] kthread+0x17d/0x1b0 [ 48.039982] ret_from_fork+0x2c/0x50 [ 48.040807] [ 48.041193] freed by task 0 on cpu 2 at 48.020286s: [ 48.042093] rcu_guarded_free+0x2e/0x40 [ 48.042663] rcu_core+0x468/0xfb0 [ 48.043159] rcu_core_si+0x12/0x20 [ 48.043665] __do_softirq+0x152/0x4f6 [ 48.044210] __irq_exit_rcu+0xf6/0x140 [ 48.044767] irq_exit_rcu+0x12/0x30 [ 48.045301] sysvec_apic_timer_interrupt+0xa5/0xc0 [ 48.046007] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 48.046761] default_idle+0x18/0x20 [ 48.047279] arch_cpu_idle+0x19/0x20 [ 48.047809] default_idle_call+0x77/0x1a0 [ 48.048403] do_idle+0x35b/0x410 [ 48.048884] cpu_startup_entry+0x24/0x30 [ 48.049476] start_secondary+0x1be/0x1e0 [ 48.050058] secondary_startup_64_no_verify+0xe0/0xeb [ 48.050795] [ 48.051031] CPU: 2 PID: 369 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 48.052407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 48.053637] ================================================================== [ 48.056878] ok 23 - test_memcache_typesafe_by_rcu [ 48.056991] kunit_try_catch (369) used greatest stack depth: 27232 bytes left [ 48.058013] # test_krealloc: test_alloc: size=32, gfp=cc0, policy=any, cache=0 [ 48.118408] ================================================================== [ 48.119696] BUG: KFENCE: use-after-free read in test_krealloc+0x412/0x4a7 [ 48.119696] [ 48.121062] Use-after-free read at 0x0000000031c2315d (in kfence-#160): [ 48.122141] test_krealloc+0x412/0x4a7 [ 48.122769] kunit_try_run_case+0x95/0xd0 [ 48.123434] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.124332] kthread+0x17d/0x1b0 [ 48.124880] ret_from_fork+0x2c/0x50 [ 48.125449] [ 48.125692] kfence-#160: 0x0000000031c2315d-0x00000000bb42af23, size=32, cache=kmalloc-32 [ 48.125692] [ 48.127155] allocated by task 370 on cpu 3 at 48.118336s: [ 48.127987] test_alloc+0x1d7/0x750 [ 48.128529] test_krealloc+0xbb/0x4a7 [ 48.129165] kunit_try_run_case+0x95/0xd0 [ 48.129791] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.130622] kthread+0x17d/0x1b0 [ 48.131129] ret_from_fork+0x2c/0x50 [ 48.131689] [ 48.131937] freed by task 370 on cpu 3 at 48.118370s: [ 48.132716] kfree+0x7d/0x120 [ 48.133193] krealloc+0x76/0x110 [ 48.133696] test_krealloc+0x18c/0x4a7 [ 48.134279] kunit_try_run_case+0x95/0xd0 [ 48.134901] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.135729] kthread+0x17d/0x1b0 [ 48.136234] ret_from_fork+0x2c/0x50 [ 48.136790] [ 48.137109] CPU: 3 PID: 370 Comm: kunit_try_catch Tainted: G B N 6.1.0-rc5-next-20221117 #1 [ 48.139164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 48.140519] ================================================================== [ 48.141701] ok 24 - test_krealloc [ 48.141745] kunit_try_catch (370) used greatest stack depth: 27184 bytes left [ 48.142046] # test_memcache_alloc_bulk: setup_test_cache: size=32, ctor=0x0 [ 48.226011] ok 25 - test_memcache_alloc_bulk [ 48.228376] # kfence: pass:19 fail:4 skip:2 total:25 [ 48.229690] # Totals: pass:19 fail:4 skip:2 total:25 [ 48.231068] not ok 6 - kfence [ 48.233335] # Subtest: binfmt_elf [ 48.233344] 1..1 [ 48.234644] ok 1 - total_mapping_size_test [ 48.235246] ok 7 - binfmt_elf [ 48.237282] # Subtest: compat_binfmt_elf [ 48.237294] 1..1 [ 48.238761] ok 1 - total_mapping_size_test [ 48.239403] ok 8 - compat_binfmt_elf [ 48.241613] # Subtest: ext4_inode_test [ 48.241622] 1..1 [ 48.242292] # Subtest: inode_test_xtimestamp_decoding [ 48.242987] ok 1 - 1901-12-13 Lower bound of 32bit < 0 timestamp, no extra bits [ 48.244242] ok 2 - 1969-12-31 Upper bound of 32bit < 0 timestamp, no extra bits [ 48.246089] ok 3 - 1970-01-01 Lower bound of 32bit >=0 timestamp, no extra bits [ 48.247749] ok 4 - 2038-01-19 Upper bound of 32bit >=0 timestamp, no extra bits [ 48.249331] ok 5 - 2038-01-19 Lower bound of 32bit <0 timestamp, lo extra sec bit on [ 48.250915] ok 6 - 2106-02-07 Upper bound of 32bit <0 timestamp, lo extra sec bit on [ 48.252502] ok 7 - 2106-02-07 Lower bound of 32bit >=0 timestamp, lo extra sec bit on [ 48.254211] ok 8 - 2174-02-25 Upper bound of 32bit >=0 timestamp, lo extra sec bit on [ 48.255942] ok 9 - 2174-02-25 Lower bound of 32bit <0 timestamp, hi extra sec bit on [ 48.257542] ok 10 - 2242-03-16 Upper bound of 32bit <0 timestamp, hi extra sec bit on [ 48.259106] ok 11 - 2242-03-16 Lower bound of 32bit >=0 timestamp, hi extra sec bit on [ 48.260658] ok 12 - 2310-04-04 Upper bound of 32bit >=0 timestamp, hi extra sec bit on [ 48.262276] ok 13 - 2310-04-04 Upper bound of 32bit>=0 timestamp, hi extra sec bit 1. 1 ns [ 48.263849] ok 14 - 2378-04-22 Lower bound of 32bit>= timestamp. Extra sec bits 1. Max ns [ 48.265464] ok 15 - 2378-04-22 Lower bound of 32bit >=0 timestamp. All extra sec bits on [ 48.267162] ok 16 - 2446-05-10 Upper bound of 32bit >=0 timestamp. All extra sec bits on [ 48.268556] # inode_test_xtimestamp_decoding: pass:16 fail:0 skip:0 total:16 [ 48.269959] ok 1 - inode_test_xtimestamp_decoding [ 48.271147] # Totals: pass:16 fail:0 skip:0 total:16 [ 48.271964] ok 9 - ext4_inode_test [ 48.273427] # Subtest: fat_test [ 48.273433] 1..3 [ 48.274241] ok 1 - fat_checksum_test [ 48.274644] # Subtest: fat_time_fat2unix_test [ 48.275513] ok 1 - Earliest possible UTC (1980-01-01 00:00:00) [ 48.276543] ok 2 - Latest possible UTC (2107-12-31 23:59:58) [ 48.277856] ok 3 - Earliest possible (UTC-11) (== 1979-12-31 13:00:00 UTC) [ 48.279049] ok 4 - Latest possible (UTC+11) (== 2108-01-01 10:59:58 UTC) [ 48.280495] ok 5 - Leap Day / Year (1996-02-29 00:00:00) [ 48.281873] ok 6 - Year 2000 is leap year (2000-02-29 00:00:00) [ 48.283021] ok 7 - Year 2100 not leap year (2100-03-01 00:00:00) [ 48.284359] ok 8 - Leap year + timezone UTC+1 (== 2004-02-29 00:30:00 UTC) [ 48.285866] ok 9 - Leap year + timezone UTC-1 (== 2004-02-29 23:30:00 UTC) [ 48.287346] ok 10 - VFAT odd-second resolution (1999-12-31 23:59:59) [ 48.288671] ok 11 - VFAT 10ms resolution (1980-01-01 00:00:00:0010) [ 48.289847] # fat_time_fat2unix_test: pass:11 fail:0 skip:0 total:11 [ 48.290975] ok 2 - fat_time_fat2unix_test [ 48.292057] # Subtest: fat_time_unix2fat_test [ 48.292984] ok 1 - Earliest possible UTC (1980-01-01 00:00:00) [ 48.294010] ok 2 - Latest possible UTC (2107-12-31 23:59:58) [ 48.295269] ok 3 - Earliest possible (UTC-11) (== 1979-12-31 13:00:00 UTC) [ 48.296526] ok 4 - Latest possible (UTC+11) (== 2108-01-01 10:59:58 UTC) [ 48.297976] ok 5 - Leap Day / Year (1996-02-29 00:00:00) [ 48.299428] ok 6 - Year 2000 is leap year (2000-02-29 00:00:00) [ 48.300599] ok 7 - Year 2100 not leap year (2100-03-01 00:00:00) [ 48.301911] ok 8 - Leap year + timezone UTC+1 (== 2004-02-29 00:30:00 UTC) [ 48.303217] ok 9 - Leap year + timezone UTC-1 (== 2004-02-29 23:30:00 UTC) [ 48.304654] ok 10 - VFAT odd-second resolution (1999-12-31 23:59:59) [ 48.306113] ok 11 - VFAT 10ms resolution (1980-01-01 00:00:00:0010) [ 48.307264] # fat_time_unix2fat_test: pass:11 fail:0 skip:0 total:11 [ 48.308394] ok 3 - fat_time_unix2fat_test [ 48.309501] # fat_test: pass:3 fail:0 skip:0 total:3 [ 48.310204] # Totals: pass:23 fail:0 skip:0 total:23 [ 48.311014] ok 10 - fat_test [ 48.312508] # Subtest: cpumask [ 48.312514] 1..6 [ 48.313336] ok 1 - test_cpumask_weight [ 48.314025] ok 2 - test_cpumask_first [ 48.314886] ok 3 - test_cpumask_last [ 48.315770] ok 4 - test_cpumask_next [ 48.316636] ok 5 - test_cpumask_iterators [ 48.317690] ok 6 - test_cpumask_iterators_builtin [ 48.318690] # cpumask: pass:6 fail:0 skip:0 total:6 [ 48.319729] # Totals: pass:6 fail:0 skip:0 total:6 [ 48.320529] ok 11 - cpumask [ 48.321861] # Subtest: hash [ 48.321867] 1..2 [ 48.323336] ok 1 - test_string_or [ 48.340643] ok 2 - test_hash_or [ 48.341386] # hash: pass:2 fail:0 skip:0 total:2 [ 48.341963] # Totals: pass:2 fail:0 skip:0 total:2 [ 48.342741] ok 12 - hash [ 48.344288] # Subtest: list_sort [ 48.344297] 1..1 [ 48.353499] ok 1 - list_sort_test [ 48.353926] ok 13 - list_sort [ 48.355070] # Subtest: lib_sort [ 48.355075] 1..1 [ 48.356393] ok 1 - test_sort [ 48.356773] ok 14 - lib_sort [ 48.357875] # Subtest: kprobes_test [ 48.357881] 1..6 [ 48.365541] ok 1 - test_kprobe [ 48.376118] ok 2 - test_kprobes [ 48.383336] ok 3 - test_kretprobe [ 48.396695] ok 4 - test_kretprobes [ 48.404313] ok 5 - test_stacktrace_on_kretprobe [ 48.419020] ok 6 - test_stacktrace_on_nested_kretprobe [ 48.420370] # kprobes_test: pass:6 fail:0 skip:0 total:6 [ 48.421802] # Totals: pass:6 fail:0 skip:0 total:6 [ 48.423210] ok 15 - kprobes_test [ 48.425407] # Subtest: kunit_executor_test [ 48.425418] 1..4 [ 48.427028] ok 1 - parse_filter_test [ 48.427994] ok 2 - filter_suites_test [ 48.429054] ok 3 - filter_suites_test_glob_test [ 48.430092] ok 4 - filter_suites_to_empty_test [ 48.430983] # kunit_executor_test: pass:4 fail:0 skip:0 total:4 [ 48.431965] # Totals: pass:4 fail:0 skip:0 total:4 [ 48.433110] ok 16 - kunit_executor_test [ 48.434700] # Subtest: kunit-try-catch-test [ 48.434706] 1..2 [ 48.436012] ok 1 - kunit_test_try_catch_successful_try_no_catch [ 48.436920] ok 2 - kunit_test_try_catch_unsuccessful_try_does_catch [ 48.438035] # kunit-try-catch-test: pass:2 fail:0 skip:0 total:2 [ 48.439128] # Totals: pass:2 fail:0 skip:0 total:2 [ 48.440144] ok 17 - kunit-try-catch-test [ 48.441739] # Subtest: kunit-resource-test [ 48.441746] 1..8 [ 48.442719] ok 1 - kunit_resource_test_init_resources [ 48.443407] ok 2 - kunit_resource_test_alloc_resource [ 48.444534] ok 3 - kunit_resource_test_destroy_resource [ 48.445770] ok 4 - kunit_resource_test_remove_resource [ 48.447123] ok 5 - kunit_resource_test_cleanup_resources [ 48.448454] ok 6 - kunit_resource_test_proper_free_ordering [ 48.449617] ok 7 - kunit_resource_test_static [ 48.450925] ok 8 - kunit_resource_test_named [ 48.451872] # kunit-resource-test: pass:8 fail:0 skip:0 total:8 [ 48.452794] # Totals: pass:8 fail:0 skip:0 total:8 [ 48.453833] ok 18 - kunit-resource-test [ 48.455411] # Subtest: kunit-log-test [ 48.455418] 1..1 [ 48.456352] put this in log. [ 48.457347] this too. [ 48.458423] add to suite log. [ 48.459234] along with this. [ 48.460436] ok 1 - kunit_log_test [ 48.460948] ok 19 - kunit-log-test [ 48.462181] # Subtest: kunit_status [ 48.462186] 1..2 [ 48.463107] ok 1 - kunit_status_set_failure_test [ 48.463758] ok 2 - kunit_status_mark_skipped_test [ 48.465082] # kunit_status: pass:2 fail:0 skip:0 total:2 [ 48.466395] # Totals: pass:2 fail:0 skip:0 total:2 [ 48.467862] ok 20 - kunit_status [ 48.470507] # Subtest: string-stream-test [ 48.470520] 1..3 [ 48.472027] ok 1 - string_stream_test_empty_on_creation [ 48.473043] ok 2 - string_stream_test_not_empty_after_add [ 48.474401] ok 3 - string_stream_test_get_string [ 48.475353] # string-stream-test: pass:3 fail:0 skip:0 total:3 [ 48.476158] # Totals: pass:3 fail:0 skip:0 total:3 [ 48.477139] ok 21 - string-stream-test [ 48.478616] # example: initializing suite [ 48.479336] # Subtest: example [ 48.479341] 1..4 [ 48.480101] # example_simple_test: initializing [ 48.481718] ok 1 - example_simple_test [ 48.481956] # example_skip_test: initializing [ 48.484643] # example_skip_test: You should not see a line below. [ 48.484713] ok 2 - example_skip_test # SKIP this test should be skipped [ 48.486075] # example_mark_skipped_test: initializing [ 48.489687] # example_mark_skipped_test: You should see a line below. [ 48.489701] # example_mark_skipped_test: You should see this line. [ 48.491685] ok 3 - example_mark_skipped_test # SKIP this test should be skipped [ 48.494310] # example_all_expect_macros_test: initializing [ 48.498330] ok 4 - example_all_expect_macros_test [ 48.498356] # example: pass:2 fail:0 skip:2 total:4 [ 48.499716] # Totals: pass:2 fail:0 skip:2 total:4 [ 48.500986] ok 22 - example [ 48.503071] # Subtest: rational [ 48.503080] 1..1 [ 48.504001] # Subtest: rational_test [ 48.504883] ok 1 - Exceeds bounds, semi-convergent term > 1/2 last term [ 48.506429] ok 2 - Exceeds bounds, semi-convergent term < 1/2 last term [ 48.508351] ok 3 - Closest to zero [ 48.509757] ok 4 - Closest to smallest non-zero [ 48.510694] ok 5 - Use convergent [ 48.511795] ok 6 - Exact answer [ 48.512711] ok 7 - Semiconvergent, numerator limit [ 48.513576] ok 8 - Semiconvergent, denominator limit [ 48.514466] # rational_test: pass:8 fail:0 skip:0 total:8 [ 48.515375] ok 1 - rational_test [ 48.516278] # Totals: pass:8 fail:0 skip:0 total:8 [ 48.516844] ok 23 - rational [ 48.519814] # Subtest: bitfields [ 48.519828] 1..2 [ 48.521591] ok 1 - test_bitfields_constants [ 48.522783] ok 2 - test_bitfields_variables [ 48.524482] # bitfields: pass:2 fail:0 skip:0 total:2 [ 48.525850] # Totals: pass:2 fail:0 skip:0 total:2 [ 48.526702] ok 24 - bitfields [ 48.528220] # Subtest: list-kunit-test [ 48.528226] 1..39 [ 48.529182] ok 1 - list_test_list_init [ 48.529770] ok 2 - list_test_list_add [ 48.530754] ok 3 - list_test_list_add_tail [ 48.531686] ok 4 - list_test_list_del [ 48.532646] ok 5 - list_test_list_replace [ 48.533526] ok 6 - list_test_list_replace_init [ 48.534500] ok 7 - list_test_list_swap [ 48.535515] ok 8 - list_test_list_del_init [ 48.536468] ok 9 - list_test_list_del_init_careful [ 48.537411] ok 10 - list_test_list_move [ 48.538563] ok 11 - list_test_list_move_tail [ 48.539527] ok 12 - list_test_list_bulk_move_tail [ 48.540521] ok 13 - list_test_list_is_head [ 48.541593] ok 14 - list_test_list_is_first [ 48.542610] ok 15 - list_test_list_is_last [ 48.543689] ok 16 - list_test_list_empty [ 48.544662] ok 17 - list_test_list_empty_careful [ 48.545632] ok 18 - list_test_list_rotate_left [ 48.546687] ok 19 - list_test_list_rotate_to_front [ 48.547677] ok 20 - list_test_list_is_singular [ 48.548782] ok 21 - list_test_list_cut_position [ 48.549795] ok 22 - list_test_list_cut_before [ 48.550810] ok 23 - list_test_list_splice [ 48.551800] ok 24 - list_test_list_splice_tail [ 48.552730] ok 25 - list_test_list_splice_init [ 48.553711] ok 26 - list_test_list_splice_tail_init [ 48.554673] ok 27 - list_test_list_entry [ 48.555749] ok 28 - list_test_list_entry_is_head [ 48.556673] ok 29 - list_test_list_first_entry [ 48.557744] ok 30 - list_test_list_last_entry [ 48.558704] ok 31 - list_test_list_first_entry_or_null [ 48.559683] ok 32 - list_test_list_next_entry [ 48.560747] ok 33 - list_test_list_prev_entry [ 48.561690] ok 34 - list_test_list_for_each [ 48.562648] ok 35 - list_test_list_for_each_prev [ 48.563578] ok 36 - list_test_list_for_each_safe [ 48.564572] ok 37 - list_test_list_for_each_prev_safe [ 48.565584] ok 38 - list_test_list_for_each_entry [ 48.566645] ok 39 - list_test_list_for_each_entry_reverse [ 48.567495] # list-kunit-test: pass:39 fail:0 skip:0 total:39 [ 48.568411] # Totals: pass:39 fail:0 skip:0 total:39 [ 48.569340] ok 25 - list-kunit-test [ 48.570794] # Subtest: hlist [ 48.570799] 1..18 [ 48.571538] ok 1 - hlist_test_init [ 48.572126] ok 2 - hlist_test_unhashed [ 48.572977] ok 3 - hlist_test_unhashed_lockless [ 48.573864] ok 4 - hlist_test_del [ 48.574856] ok 5 - hlist_test_del_init [ 48.575653] ok 6 - hlist_test_add [ 48.576500] ok 7 - hlist_test_fake [ 48.577298] ok 8 - hlist_test_is_singular_node [ 48.578058] ok 9 - hlist_test_empty [ 48.579002] ok 10 - hlist_test_move_list [ 48.579831] ok 11 - hlist_test_entry [ 48.580719] ok 12 - hlist_test_entry_safe [ 48.581563] ok 13 - hlist_test_for_each [ 48.582462] ok 14 - hlist_test_for_each_safe [ 48.583321] ok 15 - hlist_test_for_each_entry [ 48.584226] ok 16 - hlist_test_for_each_entry_continue [ 48.585186] ok 17 - hlist_test_for_each_entry_from [ 48.586309] ok 18 - hlist_test_for_each_entry_safe [ 48.587125] # hlist: pass:18 fail:0 skip:0 total:18 [ 48.587949] # Totals: pass:18 fail:0 skip:0 total:18 [ 48.588736] ok 26 - hlist [ 48.590180] # Subtest: bits-test [ 48.590186] 1..3 [ 48.590953] ok 1 - genmask_test [ 48.591673] ok 2 - genmask_ull_test [ 48.592494] ok 3 - genmask_input_check_test [ 48.593125] # bits-test: pass:3 fail:0 skip:0 total:3 [ 48.593859] # Totals: pass:3 fail:0 skip:0 total:3 [ 48.594674] ok 27 - bits-test [ 48.595988] # Subtest: cmdline [ 48.595993] 1..4 [ 48.596760] ok 1 - cmdline_test_noint [ 48.597413] ok 2 - cmdline_test_lead_int [ 48.598400] ok 3 - cmdline_test_tail_int [ 48.599422] ok 4 - cmdline_test_range [ 48.600107] # cmdline: pass:4 fail:0 skip:0 total:4 [ 48.600765] # Totals: pass:4 fail:0 skip:0 total:4 [ 48.601574] ok 28 - cmdline [ 48.602847] # Subtest: slub_test [ 48.602852] 1..2 [ 48.607157] ok 1 - test_clobber_zone [ 48.610276] ok 2 - test_clobber_redzone_free [ 48.610946] # slub_test: pass:2 fail:0 skip:0 total:2 [ 48.611709] # Totals: pass:2 fail:0 skip:0 total:2 [ 48.612535] ok 29 - slub_test [ 48.614056] # Subtest: memcpy [ 48.614064] 1..7 [ 48.615232] # memset_test: ok: memset() direct assignment [ 48.617243] # memset_test: ok: memset() complete overwrite [ 48.618610] # memset_test: ok: memset() middle overwrite [ 48.619914] # memset_test: ok: memset() argument side-effects [ 48.621346] # memset_test: ok: memset() memset_after() [ 48.622622] # memset_test: ok: memset() memset_startat() [ 48.623997] ok 1 - memset_test [ 48.624433] # memcpy_test: ok: memcpy() static initializers [ 48.627967] # memcpy_test: ok: memcpy() direct assignment [ 48.630301] # memcpy_test: ok: memcpy() complete overwrite [ 48.632416] # memcpy_test: ok: memcpy() middle overwrite [ 48.634379] # memcpy_test: ok: memcpy() argument side-effects [ 48.635349] ok 2 - memcpy_test [ 54.198508] ok 3 - memcpy_large_test [ 54.199653] # memmove_test: ok: memmove() static initializers [ 54.201367] # memmove_test: ok: memmove() direct assignment [ 54.202352] # memmove_test: ok: memmove() complete overwrite [ 54.203332] # memmove_test: ok: memmove() middle overwrite [ 54.204289] # memmove_test: ok: memmove() argument side-effects [ 54.205346] # memmove_test: ok: memmove() overlapping write [ 54.206383] ok 4 - memmove_test [ 59.681912] ok 5 - memmove_large_test [ 70.810445] ok 6 - memmove_overlap_test [ 70.811832] ok 7 - strtomem_test [ 70.812671] # memcpy: pass:7 fail:0 skip:0 total:7 [ 70.818416] # Totals: pass:7 fail:0 skip:0 total:7 [ 70.819373] ok 30 - memcpy [ 70.822473] # Subtest: is_signed_type [ 70.822487] 1..1 [ 70.824122] ok 1 - is_signed_type_test [ 70.824606] ok 31 - is_signed_type [ 70.826229] # Subtest: overflow [ 70.826240] 1..21 [ 70.827522] # u8_u8__u8_overflow_test: 18 u8_u8__u8 arithmetic tests finished [ 70.831527] ok 1 - u8_u8__u8_overflow_test [ 70.832088] # s8_s8__s8_overflow_test: 19 s8_s8__s8 arithmetic tests finished [ 70.835935] ok 2 - s8_s8__s8_overflow_test [ 70.836384] # u16_u16__u16_overflow_test: 17 u16_u16__u16 arithmetic tests finished [ 70.839786] ok 3 - u16_u16__u16_overflow_test [ 70.840134] # s16_s16__s16_overflow_test: 17 s16_s16__s16 arithmetic tests finished [ 70.843995] ok 4 - s16_s16__s16_overflow_test [ 70.844380] # u32_u32__u32_overflow_test: 17 u32_u32__u32 arithmetic tests finished [ 70.849022] ok 5 - u32_u32__u32_overflow_test [ 70.849595] # s32_s32__s32_overflow_test: 17 s32_s32__s32 arithmetic tests finished [ 70.853323] ok 6 - s32_s32__s32_overflow_test [ 70.853674] # u64_u64__u64_overflow_test: 17 u64_u64__u64 arithmetic tests finished [ 70.856983] ok 7 - u64_u64__u64_overflow_test [ 70.857342] # s64_s64__s64_overflow_test: 21 s64_s64__s64 arithmetic tests finished [ 70.860658] ok 8 - s64_s64__s64_overflow_test [ 70.860987] # u32_u32__int_overflow_test: 2 u32_u32__int arithmetic tests finished [ 70.864333] ok 9 - u32_u32__int_overflow_test [ 70.864673] # u32_u32__u8_overflow_test: 3 u32_u32__u8 arithmetic tests finished [ 70.867913] ok 10 - u32_u32__u8_overflow_test [ 70.868221] # u8_u8__int_overflow_test: 3 u8_u8__int arithmetic tests finished [ 70.871420] ok 11 - u8_u8__int_overflow_test [ 70.871749] # int_int__u8_overflow_test: 3 int_int__u8 arithmetic tests finished [ 70.875506] ok 12 - int_int__u8_overflow_test [ 70.875853] # shift_sane_test: 36 sane shift tests finished [ 70.878957] ok 13 - shift_sane_test [ 70.879277] # shift_overflow_test: 25 overflow shift tests finished [ 70.882052] ok 14 - shift_overflow_test [ 70.882417] # shift_truncate_test: 27 truncate shift tests finished [ 70.885356] ok 15 - shift_truncate_test [ 70.885682] # shift_nonsense_test: 25 nonsense shift tests finished [ 70.888889] ok 16 - shift_nonsense_test [ 70.889581] # overflow_allocation_test: 11 allocation overflow tests finished [ 70.891390] ok 17 - overflow_allocation_test [ 70.891599] # overflow_size_helpers_test: 43 overflow size helper tests finished [ 70.893650] ok 18 - overflow_size_helpers_test [ 70.893894] # overflows_type_test: 658 overflows_type() tests finished [ 70.897310] ok 19 - overflows_type_test [ 70.897708] # same_type_test: 0 __same_type() tests finished [ 70.900477] ok 20 - same_type_test [ 70.900720] # castable_to_type_test: 103 castable_to_type() tests finished [ 70.903721] ok 21 - castable_to_type_test [ 70.903736] # overflow: pass:21 fail:0 skip:0 total:21 [ 70.904912] # Totals: pass:21 fail:0 skip:0 total:21 [ 70.906273] ok 32 - overflow [ 70.908761] # Subtest: stackinit [ 70.908771] 1..65 [ 70.910061] ok 1 - test_u8_zero [ 70.911058] ok 2 - test_u16_zero [ 70.912339] ok 3 - test_u32_zero [ 70.913619] ok 4 - test_u64_zero [ 70.915133] ok 5 - test_char_array_zero [ 70.917043] ok 6 - test_small_hole_zero [ 70.918617] ok 7 - test_big_hole_zero [ 70.919892] ok 8 - test_trailing_hole_zero [ 70.920890] ok 9 - test_packed_zero [ 70.921909] ok 10 - test_small_hole_dynamic_partial [ 70.922833] ok 11 - test_big_hole_dynamic_partial [ 70.924066] ok 12 - test_trailing_hole_dynamic_partial [ 70.925162] ok 13 - test_packed_dynamic_partial [ 70.926392] ok 14 - test_small_hole_assigned_dynamic_partial [ 70.927466] ok 15 - test_big_hole_assigned_dynamic_partial [ 70.928779] ok 16 - test_trailing_hole_assigned_dynamic_partial [ 70.930020] ok 17 - test_packed_assigned_dynamic_partial [ 70.931290] ok 18 - test_small_hole_static_partial [ 70.932534] ok 19 - test_big_hole_static_partial [ 70.933614] ok 20 - test_trailing_hole_static_partial [ 70.934667] ok 21 - test_packed_static_partial [ 70.935866] ok 22 - test_small_hole_static_all # SKIP XFAIL uninit bytes: 3 [ 70.938120] ok 23 - test_big_hole_static_all # SKIP XFAIL uninit bytes: 124 [ 70.939579] ok 24 - test_trailing_hole_static_all # SKIP XFAIL uninit bytes: 7 [ 70.941123] ok 25 - test_packed_static_all [ 70.941402] ok 26 - test_small_hole_dynamic_all # SKIP XFAIL uninit bytes: 3 [ 70.943673] ok 27 - test_big_hole_dynamic_all # SKIP XFAIL uninit bytes: 124 [ 70.945360] ok 28 - test_trailing_hole_dynamic_all # SKIP XFAIL uninit bytes: 7 [ 70.946922] ok 29 - test_packed_dynamic_all [ 70.947211] ok 30 - test_small_hole_runtime_partial # SKIP XFAIL uninit bytes: 23 [ 70.949604] ok 31 - test_big_hole_runtime_partial # SKIP XFAIL uninit bytes: 127 [ 70.951171] ok 32 - test_trailing_hole_runtime_partial # SKIP XFAIL uninit bytes: 24 [ 70.952752] ok 33 - test_packed_runtime_partial # SKIP XFAIL uninit bytes: 24 [ 70.954222] ok 34 - test_small_hole_runtime_all # SKIP XFAIL uninit bytes: 3 [ 70.955651] ok 35 - test_big_hole_runtime_all # SKIP XFAIL uninit bytes: 124 [ 70.957114] ok 36 - test_trailing_hole_runtime_all # SKIP XFAIL uninit bytes: 7 [ 70.959041] ok 37 - test_packed_runtime_all [ 70.959426] ok 38 - test_small_hole_assigned_static_partial [ 70.960517] ok 39 - test_big_hole_assigned_static_partial [ 70.961740] ok 40 - test_trailing_hole_assigned_static_partial [ 70.962908] ok 41 - test_packed_assigned_static_partial [ 70.964139] ok 42 - test_small_hole_assigned_static_all # SKIP XFAIL uninit bytes: 3 [ 70.966638] ok 43 - test_big_hole_assigned_static_all # SKIP XFAIL uninit bytes: 124 [ 70.968199] ok 44 - test_trailing_hole_assigned_static_all # SKIP XFAIL uninit bytes: 7 [ 70.969855] ok 45 - test_packed_assigned_static_all [ 70.970172] ok 46 - test_small_hole_assigned_dynamic_all # SKIP XFAIL uninit bytes: 3 [ 70.972548] ok 47 - test_big_hole_assigned_dynamic_all # SKIP XFAIL uninit bytes: 124 [ 70.974160] ok 48 - test_trailing_hole_assigned_dynamic_all # SKIP XFAIL uninit bytes: 7 [ 70.975768] ok 49 - test_packed_assigned_dynamic_all [ 70.976002] ok 50 - test_small_hole_assigned_copy # SKIP XFAIL uninit bytes: 3 [ 70.978395] ok 51 - test_big_hole_assigned_copy # SKIP XFAIL uninit bytes: 124 [ 70.979855] ok 52 - test_trailing_hole_assigned_copy # SKIP XFAIL uninit bytes: 7 [ 70.981428] ok 53 - test_packed_assigned_copy [ 70.981700] ok 54 - test_u8_none # SKIP XFAIL uninit bytes: 1 [ 70.983682] ok 55 - test_u16_none # SKIP XFAIL uninit bytes: 2 [ 70.984931] ok 56 - test_u32_none # SKIP XFAIL uninit bytes: 4 [ 70.986185] ok 57 - test_u64_none # SKIP XFAIL uninit bytes: 8 [ 70.987449] ok 58 - test_char_array_none # SKIP XFAIL uninit bytes: 16 [ 70.988869] ok 59 - test_switch_1_none # SKIP XFAIL uninit bytes: 80 [ 70.990408] ok 60 - test_switch_2_none # SKIP XFAIL uninit bytes: 80 [ 70.991820] ok 61 - test_small_hole_none # SKIP XFAIL uninit bytes: 24 [ 70.993270] ok 62 - test_big_hole_none # SKIP XFAIL uninit bytes: 128 [ 70.994725] ok 63 - test_trailing_hole_none # SKIP XFAIL uninit bytes: 32 [ 70.996283] ok 64 - test_packed_none # SKIP XFAIL uninit bytes: 32 [ 70.997633] ok 65 - test_user # SKIP XFAIL uninit bytes: 32 [ 70.998621] # stackinit: pass:31 fail:0 skip:34 total:65 [ 70.998631] # Totals: pass:31 fail:0 skip:34 total:65 [ 70.999504] ok 33 - stackinit [ 71.000886] # Subtest: strscpy [ 71.000892] 1..1 [ 71.001986] ok 1 - strscpy_test [ 71.002544] ok 34 - strscpy [ 71.003948] # Subtest: siphash [ 71.003954] 1..1 [ 71.004925] ok 1 - siphash_test [ 71.005368] ok 35 - siphash [ 71.006491] # Subtest: drm_test_pick_cmdline [ 71.006497] 1..1 [ 71.010591] ok 1 - drm_test_pick_cmdline_res_1920_1080_60 [ 71.010996] ok 36 - drm_test_pick_cmdline [ 71.012674] # drm_buddy: Testing DRM buddy manager, with random_seed=0xb2ed9260 [ 71.013953] # Subtest: drm_buddy [ 71.013959] 1..6 [ 71.015628] ok 1 - drm_test_buddy_alloc_limit [ 71.017530] ok 2 - drm_test_buddy_alloc_range [ 71.019293] ok 3 - drm_test_buddy_alloc_optimistic [ 71.021188] ok 4 - drm_test_buddy_alloc_pessimistic [ 71.026381] ok 5 - drm_test_buddy_alloc_smoke [ 71.028354] ok 6 - drm_test_buddy_alloc_pathological [ 71.029647] # drm_buddy: pass:6 fail:0 skip:0 total:6 [ 71.031062] # Totals: pass:6 fail:0 skip:0 total:6 [ 71.032426] ok 37 - drm_buddy [ 71.034989] # Subtest: drm_cmdline_parser [ 71.035000] 1..39 [ 71.036650] ok 1 - drm_test_cmdline_force_d_only [ 71.037669] ok 2 - drm_test_cmdline_force_D_only_dvi [ 71.039421] ok 3 - drm_test_cmdline_force_D_only_hdmi [ 71.041212] ok 4 - drm_test_cmdline_force_D_only_not_digital [ 71.043012] ok 5 - drm_test_cmdline_force_e_only [ 71.044466] ok 6 - drm_test_cmdline_res [ 71.045640] ok 7 - drm_test_cmdline_res_vesa [ 71.046676] ok 8 - drm_test_cmdline_res_vesa_rblank [ 71.047766] ok 9 - drm_test_cmdline_res_rblank [ 71.048955] ok 10 - drm_test_cmdline_res_bpp [ 71.050243] ok 11 - drm_test_cmdline_res_refresh [ 71.051585] ok 12 - drm_test_cmdline_res_bpp_refresh [ 71.052676] ok 13 - drm_test_cmdline_res_bpp_refresh_interlaced [ 71.053966] ok 14 - drm_test_cmdline_res_bpp_refresh_margins [ 71.055423] ok 15 - drm_test_cmdline_res_bpp_refresh_force_off [ 71.056707] ok 16 - drm_test_cmdline_res_bpp_refresh_force_on [ 71.058033] ok 17 - drm_test_cmdline_res_bpp_refresh_force_on_analog [ 71.059471] ok 18 - drm_test_cmdline_res_bpp_refresh_force_on_digital [ 71.060917] ok 19 - drm_test_cmdline_res_bpp_refresh_interlaced_margins_force_on [ 71.062654] ok 20 - drm_test_cmdline_res_margins_force_on [ 71.064239] ok 21 - drm_test_cmdline_res_vesa_margins [ 71.065605] ok 22 - drm_test_cmdline_name [ 71.066852] ok 23 - drm_test_cmdline_name_bpp [ 71.067876] ok 24 - drm_test_cmdline_name_option [ 71.068936] ok 25 - drm_test_cmdline_name_bpp_option [ 71.070157] ok 26 - drm_test_cmdline_rotate_0 [ 71.071334] ok 27 - drm_test_cmdline_rotate_90 [ 71.072342] ok 28 - drm_test_cmdline_rotate_180 [ 71.073396] ok 29 - drm_test_cmdline_rotate_270 [ 71.074413] ok 30 - drm_test_cmdline_hmirror [ 71.075440] ok 31 - drm_test_cmdline_vmirror [ 71.076445] ok 32 - drm_test_cmdline_margin_options [ 71.077502] ok 33 - drm_test_cmdline_multiple_options [ 71.078631] ok 34 - drm_test_cmdline_bpp_extra_and_option [ 71.079759] ok 35 - drm_test_cmdline_extra_and_option [ 71.080925] ok 36 - drm_test_cmdline_freestanding_options [ 71.082071] ok 37 - drm_test_cmdline_freestanding_force_e_and_options [ 71.083339] ok 38 - drm_test_cmdline_panel_orientation [ 71.084497] # Subtest: drm_test_cmdline_invalid [ 71.085803] ok 1 - margin_only [ 71.087060] ok 2 - interlace_only [ 71.088053] ok 3 - res_missing_x [ 71.089118] ok 4 - res_missing_y [ 71.090193] ok 5 - res_bad_y [ 71.092005] ok 6 - res_missing_y_bpp [ 71.093032] ok 7 - res_bad_bpp [ 71.094606] ok 8 - res_bad_refresh [ 71.096736] ok 9 - res_bpp_refresh_force_on_off [ 71.098505] ok 10 - res_invalid_mode [ 71.100498] ok 11 - res_bpp_wrong_place_mode [ 71.102243] ok 12 - name_bpp_refresh [ 71.104161] ok 13 - name_refresh [ 71.105770] ok 14 - name_refresh_wrong_mode [ 71.106763] ok 15 - name_refresh_invalid_mode [ 71.107887] ok 16 - rotate_multiple [ 71.109019] ok 17 - rotate_invalid_val [ 71.110093] ok 18 - rotate_truncated [ 71.111116] ok 19 - invalid_option [ 71.111848] # drm_test_cmdline_invalid: pass:19 fail:0 skip:0 total:19 [ 71.112533] ok 39 - drm_test_cmdline_invalid [ 71.113672] # drm_cmdline_parser: pass:39 fail:0 skip:0 total:39 [ 71.114450] # Totals: pass:57 fail:0 skip:0 total:57 [ 71.115432] ok 38 - drm_cmdline_parser [ 71.117032] # Subtest: drm_damage_helper [ 71.117042] 1..21 [ 71.118146] ok 1 - drm_test_damage_iter_no_damage [ 71.118842] ok 2 - drm_test_damage_iter_no_damage_fractional_src [ 71.119968] ok 3 - drm_test_damage_iter_no_damage_src_moved [ 71.121276] ok 4 - drm_test_damage_iter_no_damage_fractional_src_moved [ 71.122534] ok 5 - drm_test_damage_iter_no_damage_not_visible [ 71.123932] ok 6 - drm_test_damage_iter_no_damage_no_crtc [ 71.125195] ok 7 - drm_test_damage_iter_no_damage_no_fb [ 71.126428] ok 8 - drm_test_damage_iter_simple_damage [ 71.127649] ok 9 - drm_test_damage_iter_single_damage [ 71.128784] ok 10 - drm_test_damage_iter_single_damage_intersect_src [ 71.129954] ok 11 - drm_test_damage_iter_single_damage_outside_src [ 71.131378] ok 12 - drm_test_damage_iter_single_damage_fractional_src [ 71.132895] ok 13 - drm_test_damage_iter_single_damage_intersect_fractional_src [ 71.134722] ok 14 - drm_test_damage_iter_single_damage_outside_fractional_src [ 71.136727] ok 15 - drm_test_damage_iter_single_damage_src_moved [ 71.138380] ok 16 - drm_test_damage_iter_single_damage_fractional_src_moved [ 71.139834] ok 17 - drm_test_damage_iter_damage [ 71.141458] ok 18 - drm_test_damage_iter_damage_one_intersect [ 71.142656] ok 19 - drm_test_damage_iter_damage_one_outside [ 71.143998] ok 20 - drm_test_damage_iter_damage_src_moved [ 71.145461] ok 21 - drm_test_damage_iter_damage_not_visible [ 71.146418] # drm_damage_helper: pass:21 fail:0 skip:0 total:21 [ 71.147367] # Totals: pass:21 fail:0 skip:0 total:21 [ 71.148326] ok 39 - drm_damage_helper [ 71.150417] # Subtest: drm_dp_mst_helper [ 71.150434] 1..2 [ 71.151970] # Subtest: drm_test_dp_mst_calc_pbn_mode [ 71.153144] ok 1 - Clock 154000 BPP 30 DSC disabled [ 71.155509] ok 2 - Clock 234000 BPP 30 DSC disabled [ 71.157852] ok 3 - Clock 297000 BPP 24 DSC disabled [ 71.159331] ok 4 - Clock 332880 BPP 24 DSC enabled [ 71.160673] ok 5 - Clock 324540 BPP 24 DSC enabled [ 71.161599] # drm_test_dp_mst_calc_pbn_mode: pass:5 fail:0 skip:0 total:5 [ 71.162494] ok 1 - drm_test_dp_mst_calc_pbn_mode [ 71.163634] # Subtest: drm_test_dp_mst_sideband_msg_req_decode [ 71.164879] ok 1 - DP_ENUM_PATH_RESOURCES with port number [ 71.166577] ok 2 - DP_POWER_UP_PHY with port number [ 71.167955] ok 3 - DP_POWER_DOWN_PHY with port number [ 71.169348] ok 4 - DP_ALLOCATE_PAYLOAD with SDP stream sinks [ 71.170685] ok 5 - DP_ALLOCATE_PAYLOAD with port number [ 71.172081] ok 6 - DP_ALLOCATE_PAYLOAD with VCPI [ 71.173468] ok 7 - DP_ALLOCATE_PAYLOAD with PBN [ 71.174669] ok 8 - DP_QUERY_PAYLOAD with port number [ 71.175952] ok 9 - DP_QUERY_PAYLOAD with VCPI [ 71.177272] ok 10 - DP_REMOTE_DPCD_READ with port number [ 71.178601] ok 11 - DP_REMOTE_DPCD_READ with DPCD address [ 71.179964] ok 12 - DP_REMOTE_DPCD_READ with max number of bytes [ 71.181448] ok 13 - DP_REMOTE_DPCD_WRITE with port number [ 71.182923] ok 14 - DP_REMOTE_DPCD_WRITE with DPCD address [ 71.184585] ok 15 - DP_REMOTE_DPCD_WRITE with data array [ 71.185973] ok 16 - DP_REMOTE_I2C_READ with port number [ 71.187348] ok 17 - DP_REMOTE_I2C_READ with I2C device ID [ 71.188741] ok 18 - DP_REMOTE_I2C_READ with transactions array [ 71.190167] ok 19 - DP_REMOTE_I2C_WRITE with port number [ 71.191648] ok 20 - DP_REMOTE_I2C_WRITE with I2C device ID [ 71.193303] ok 21 - DP_REMOTE_I2C_WRITE with data array [ 71.195238] ok 22 - DP_QUERY_STREAM_ENC_STATUS with stream ID [ 71.197152] ok 23 - DP_QUERY_STREAM_ENC_STATUS with client ID [ 71.199763] ok 24 - DP_QUERY_STREAM_ENC_STATUS with stream event [ 71.201719] ok 25 - DP_QUERY_STREAM_ENC_STATUS with valid stream event [ 71.203105] ok 26 - DP_QUERY_STREAM_ENC_STATUS with stream behavior [ 71.204723] ok 27 - DP_QUERY_STREAM_ENC_STATUS with a valid stream behavior [ 71.206284] # drm_test_dp_mst_sideband_msg_req_decode: pass:27 fail:0 skip:0 total:27 [ 71.207556] ok 2 - drm_test_dp_mst_sideband_msg_req_decode [ 71.208864] # drm_dp_mst_helper: pass:2 fail:0 skip:0 total:2 [ 71.209817] # Totals: pass:32 fail:0 skip:0 total:32 [ 71.210728] ok 40 - drm_dp_mst_helper [ 71.212237] # Subtest: drm_format_helper_test [ 71.212243] 1..5 [ 71.212999] # Subtest: drm_test_fb_xrgb8888_to_gray8 [ 71.213796] ok 1 - single_pixel_source_buffer [ 71.215181] ok 2 - single_pixel_clip_rectangle [ 71.216713] ok 3 - well_known_colors [ 71.218057] ok 4 - destination_pitch [ 71.218800] # drm_test_fb_xrgb8888_to_gray8: pass:4 fail:0 skip:0 total:4 [ 71.219546] ok 1 - drm_test_fb_xrgb8888_to_gray8 [ 71.220795] # Subtest: drm_test_fb_xrgb8888_to_rgb332 [ 71.222278] ok 1 - single_pixel_source_buffer [ 71.223918] ok 2 - single_pixel_clip_rectangle [ 71.225635] ok 3 - well_known_colors [ 71.227222] ok 4 - destination_pitch [ 71.228025] # drm_test_fb_xrgb8888_to_rgb332: pass:4 fail:0 skip:0 total:4 [ 71.228798] ok 2 - drm_test_fb_xrgb8888_to_rgb332 [ 71.230138] # Subtest: drm_test_fb_xrgb8888_to_rgb565 [ 71.231695] ok 1 - single_pixel_source_buffer [ 71.233695] ok 2 - single_pixel_clip_rectangle [ 71.235155] ok 3 - well_known_colors [ 71.236786] ok 4 - destination_pitch [ 71.237639] # drm_test_fb_xrgb8888_to_rgb565: pass:4 fail:0 skip:0 total:4 [ 71.238411] ok 3 - drm_test_fb_xrgb8888_to_rgb565 [ 71.239642] # Subtest: drm_test_fb_xrgb8888_to_rgb888 [ 71.241136] ok 1 - single_pixel_source_buffer [ 71.246297] ok 2 - single_pixel_clip_rectangle [ 71.247693] ok 3 - well_known_colors [ 71.248972] ok 4 - destination_pitch [ 71.249788] # drm_test_fb_xrgb8888_to_rgb888: pass:4 fail:0 skip:0 total:4 [ 71.250498] ok 4 - drm_test_fb_xrgb8888_to_rgb888 [ 71.251645] # Subtest: drm_test_fb_xrgb8888_to_xrgb2101010 [ 71.252880] ok 1 - single_pixel_source_buffer [ 71.254276] ok 2 - single_pixel_clip_rectangle [ 71.255546] ok 3 - well_known_colors [ 71.256870] ok 4 - destination_pitch [ 71.257627] # drm_test_fb_xrgb8888_to_xrgb2101010: pass:4 fail:0 skip:0 total:4 [ 71.258450] ok 5 - drm_test_fb_xrgb8888_to_xrgb2101010 [ 71.259804] # drm_format_helper_test: pass:5 fail:0 skip:0 total:5 [ 71.260777] # Totals: pass:20 fail:0 skip:0 total:20 [ 71.261995] ok 41 - drm_format_helper_test [ 71.263894] # Subtest: drm_format [ 71.263903] 1..18 [ 71.265185] ok 1 - drm_test_format_block_width_invalid [ 71.266047] ok 2 - drm_test_format_block_width_one_plane [ 71.267479] ok 3 - drm_test_format_block_width_two_plane [ 71.268935] ok 4 - drm_test_format_block_width_three_plane [ 71.270509] ok 5 - drm_test_format_block_width_tiled [ 71.271997] ok 6 - drm_test_format_block_height_invalid [ 71.273501] ok 7 - drm_test_format_block_height_one_plane [ 71.274879] ok 8 - drm_test_format_block_height_two_plane [ 71.276318] ok 9 - drm_test_format_block_height_three_plane [ 71.277811] ok 10 - drm_test_format_block_height_tiled [ 71.279351] ok 11 - drm_test_format_min_pitch_invalid [ 71.280774] ok 12 - drm_test_format_min_pitch_one_plane_8bpp [ 71.282299] ok 13 - drm_test_format_min_pitch_one_plane_16bpp [ 71.283961] ok 14 - drm_test_format_min_pitch_one_plane_24bpp [ 71.285592] ok 15 - drm_test_format_min_pitch_one_plane_32bpp [ 71.287188] ok 16 - drm_test_format_min_pitch_two_plane [ 71.288856] ok 17 - drm_test_format_min_pitch_three_plane_8bpp [ 71.290481] ok 18 - drm_test_format_min_pitch_tiled [ 71.291675] # drm_format: pass:18 fail:0 skip:0 total:18 [ 71.292624] # Totals: pass:18 fail:0 skip:0 total:18 [ 71.293650] ok 42 - drm_format [ 71.295246] # Subtest: drm_framebuffer [ 71.295291] 1..1 [ 71.296022] # Subtest: drm_test_framebuffer_create [ 71.296929] ok 1 - ABGR8888 normal sizes [ 71.298540] ok 2 - ABGR8888 max sizes [ 71.299681] ok 3 - ABGR8888 pitch greater than min required [ 71.300807] ok 4 - ABGR8888 pitch less than min required [ 71.302358] ok 5 - ABGR8888 Invalid width [ 71.303756] ok 6 - ABGR8888 Invalid buffer handle [ 71.304894] ok 7 - No pixel format [ 71.306227] ok 8 - ABGR8888 Width 0 [ 71.307409] ok 9 - ABGR8888 Height 0 [ 71.308644] ok 10 - ABGR8888 Out of bound height * pitch combination [ 71.309742] ok 11 - ABGR8888 Large buffer offset [ 71.311422] ok 12 - ABGR8888 Set DRM_MODE_FB_MODIFIERS without modifiers [ 71.312707] ok 13 - ABGR8888 Valid buffer modifier [ 71.314360] ok 14 - ABGR8888 Invalid buffer modifier(DRM_FORMAT_MOD_SAMSUNG_64_32_TILE) [ 71.315658] ok 15 - ABGR8888 Extra pitches without DRM_MODE_FB_MODIFIERS [ 71.317644] ok 16 - ABGR8888 Extra pitches with DRM_MODE_FB_MODIFIERS [ 71.319222] ok 17 - NV12 Normal sizes [ 71.320776] ok 18 - NV12 Max sizes [ 71.321869] ok 19 - NV12 Invalid pitch [ 71.322882] ok 20 - NV12 Invalid modifier/missing DRM_MODE_FB_MODIFIERS flag [ 71.323985] ok 21 - NV12 different modifier per-plane [ 71.325717] ok 22 - NV12 with DRM_FORMAT_MOD_SAMSUNG_64_32_TILE [ 71.327077] ok 23 - NV12 Valid modifiers without DRM_MODE_FB_MODIFIERS [ 71.328562] ok 24 - NV12 Modifier for inexistent plane [ 71.330281] ok 25 - NV12 Handle for inexistent plane [ 71.331729] ok 26 - NV12 Handle for inexistent plane without DRM_MODE_FB_MODIFIERS [ 71.333170] ok 27 - YVU420 Normal sizes [ 71.334890] ok 28 - YVU420 DRM_MODE_FB_MODIFIERS set without modifier [ 71.335975] ok 29 - YVU420 Max sizes [ 71.337541] ok 30 - YVU420 Invalid pitch [ 71.338586] ok 31 - YVU420 Different pitches [ 71.339717] ok 32 - YVU420 Different buffer offsets/pitches [ 71.340899] ok 33 - YVU420 Modifier set just for plane 0, without DRM_MODE_FB_MODIFIERS [ 71.342335] ok 34 - YVU420 Modifier set just for planes 0, 1, without DRM_MODE_FB_MODIFIERS [ 71.344137] ok 35 - YVU420 Modifier set just for plane 0, 1, with DRM_MODE_FB_MODIFIERS [ 71.346031] ok 36 - YVU420 Valid modifier [ 71.347929] ok 37 - YVU420 Different modifiers per plane [ 71.349190] ok 38 - YVU420 Modifier for inexistent plane [ 71.350623] ok 39 - X0L2 Normal sizes [ 71.352138] ok 40 - X0L2 Max sizes [ 71.353433] ok 41 - X0L2 Invalid pitch [ 71.354719] ok 42 - X0L2 Pitch greater than minimum required [ 71.356075] ok 43 - X0L2 Handle for inexistent plane [ 71.357769] ok 44 - X0L2 Offset for inexistent plane, without DRM_MODE_FB_MODIFIERS set [ 71.359348] ok 45 - X0L2 Modifier without DRM_MODE_FB_MODIFIERS set [ 71.361544] ok 46 - X0L2 Valid modifier [ 71.363383] ok 47 - X0L2 Modifier for inexistent plane [ 71.364205] # drm_test_framebuffer_create: pass:47 fail:0 skip:0 total:47 [ 71.365317] ok 1 - drm_test_framebuffer_create [ 71.366618] # Totals: pass:47 fail:0 skip:0 total:47 [ 71.367504] ok 43 - drm_framebuffer [ 71.369060] # drm_mm: Testing DRM range manager, with random_seed=0x26f2c3de max_iterations=8192 max_prime=128 [ 71.370831] # Subtest: drm_mm [ 71.370839] 1..19 [ 71.371838] ok 1 - drm_test_mm_init [ 71.372703] ok 2 - drm_test_mm_debug [ 72.242797] ok 3 - drm_test_mm_reserve [ 140.009204] ok 4 - drm_test_mm_insert [ 206.485547] ok 5 - drm_test_mm_replace [ 213.160469] ok 6 - drm_test_mm_insert_range [ 213.287247] # drm_test_mm_frag: bottom-up fragmented insert of 10000 and 20000 insertions took 34766286 and 70139403 nsecs [ 213.467892] # drm_test_mm_frag: top-down fragmented insert of 10000 and 20000 insertions took 45182770 and 82471761 nsecs [ 213.534216] ok 7 - drm_test_mm_frag [ 213.535443] ok 8 - drm_test_mm_align [ 213.537931] ok 9 - drm_test_mm_align32 [ 213.540573] ok 10 - drm_test_mm_align64 [ 215.361664] ok 11 - drm_test_mm_evict [ 216.676928] ok 12 - drm_test_mm_evict_range [ 216.846826] ok 13 - drm_test_mm_topdown [ 216.994637] ok 14 - drm_test_mm_bottomup [ 216.996919] ok 15 - drm_test_mm_lowest [ 216.998955] ok 16 - drm_test_mm_highest [ 217.455460] ok 17 - drm_test_mm_color [ 223.346040] ok 18 - drm_test_mm_color_evict [ 228.687936] ok 19 - drm_test_mm_color_evict_range [ 228.689013] # drm_mm: pass:19 fail:0 skip:0 total:19 [ 228.690028] # Totals: pass:19 fail:0 skip:0 total:19 [ 228.691077] ok 44 - drm_mm [ 228.692794] # Subtest: drm_plane_helper [ 228.692802] 1..2 [ 228.693676] # Subtest: drm_test_check_plane_state [ 228.694857] ok 1 - clipping_simple [ 228.696743] ok 2 - clipping_rotate_reflect [ 228.698216] ok 3 - positioning_simple [ 228.699818] ok 4 - upscaling [ 228.701484] ok 5 - downscaling [ 228.702727] ok 6 - rounding1 [ 228.704007] ok 7 - rounding2 [ 228.705302] ok 8 - rounding3 [ 228.706529] ok 9 - rounding4 [ 228.707314] # drm_test_check_plane_state: pass:9 fail:0 skip:0 total:9 [ 228.708084] ok 1 - drm_test_check_plane_state [ 228.709578] # Subtest: drm_test_check_invalid_plane_state [ 228.711033] ok 1 - positioning_invalid [ 228.712712] ok 2 - upscaling_invalid [ 228.714042] ok 3 - downscaling_invalid [ 228.714897] # drm_test_check_invalid_plane_state: pass:3 fail:0 skip:0 total:3 [ 228.715770] ok 2 - drm_test_check_invalid_plane_state [ 228.717355] # drm_plane_helper: pass:2 fail:0 skip:0 total:2 [ 228.718440] # Totals: pass:12 fail:0 skip:0 total:12 [ 228.719637] ok 45 - drm_plane_helper [ 228.722853] # Subtest: drm_rect [ 228.722869] 1..4 [ 228.724540] ok 1 - drm_test_rect_clip_scaled_div_by_zero [ 228.725712] ok 2 - drm_test_rect_clip_scaled_not_clipped [ 228.728167] ok 3 - drm_test_rect_clip_scaled_clipped [ 228.729658] ok 4 - drm_test_rect_clip_scaled_signed_vs_unsigned [ 228.730563] # drm_rect: pass:4 fail:0 skip:0 total:4 [ 228.731608] # Totals: pass:4 fail:0 skip:0 total:4 [ 228.732470] ok 46 - drm_rect [ 228.733828] # Subtest: qos-kunit-test [ 228.733834] 1..3 [ 228.734749] ok 1 - freq_qos_test_min [ 228.735405] ok 2 - freq_qos_test_maxdef [ 228.736444] ok 3 - freq_qos_test_readd [ 228.737137] # qos-kunit-test: pass:3 fail:0 skip:0 total:3 [ 228.737858] # Totals: pass:3 fail:0 skip:0 total:3 [ 228.738770] ok 47 - qos-kunit-test [ 228.740214] # Subtest: property-entry [ 228.740220] 1..7 [ 228.741615] ok 1 - pe_test_uints [ 228.742927] ok 2 - pe_test_uint_arrays [ 228.743999] ok 3 - pe_test_strings [ 228.745148] ok 4 - pe_test_bool [ 228.746091] ok 5 - pe_test_move_inline_u8 [ 228.747090] ok 6 - pe_test_move_inline_str [ 228.748427] ok 7 - pe_test_reference [ 228.749175] # property-entry: pass:7 fail:0 skip:0 total:7 [ 228.749877] # Totals: pass:7 fail:0 skip:0 total:7 [ 228.750808] ok 48 - property-entry [ 228.752234] # Subtest: rtc_lib_test_cases [ 228.752239] 1..1 [ 232.102123] ok 1 - rtc_time64_to_tm_test_date_range [ 232.103004] ok 49 - rtc_lib_test_cases [ 232.106427] # Subtest: dev-addr-list-test [ 232.106447] 1..6 [ 232.120544] ok 1 - dev_addr_test_basic [ 232.130549] ok 2 - dev_addr_test_sync_one [ 232.147543] ok 3 - dev_addr_test_add_del [ 232.162722] ok 4 - dev_addr_test_del_main [ 232.178642] ok 5 - dev_addr_test_add_set [ 232.189500] ok 6 - dev_addr_test_add_excl [ 232.191187] # dev-addr-list-test: pass:6 fail:0 skip:0 total:6 [ 232.192847] # Totals: pass:6 fail:0 skip:0 total:6 [ 232.194944] ok 50 - dev-addr-list-test [ 232.198316] # Subtest: mptcp-crypto [ 232.198330] 1..1 [ 232.199565] ok 1 - mptcp_crypto_test_basic [ 232.199949] ok 51 - mptcp-crypto [ 232.201361] # Subtest: mptcp-token [ 232.201367] 1..4 [ 232.202485] ok 1 - mptcp_token_test_req_basic [ 232.203230] ok 2 - mptcp_token_test_msk_basic [ 232.204472] ok 3 - mptcp_token_test_accept [ 232.205639] ok 4 - mptcp_token_test_destroyed [ 232.206405] # mptcp-token: pass:4 fail:0 skip:0 total:4 [ 232.207220] # Totals: pass:4 fail:0 skip:0 total:4 [ 232.208122] ok 52 - mptcp-token [ 232.211624] md: Waiting for all devices to be available before autodetect [ 232.212677] md: If you don't use raid, use raid=noautodetect [ 232.213380] md: Autodetecting RAID arrays. [ 232.213849] md: autorun ... [ 232.214174] md: ... autorun DONE. [ 232.374891] EXT4-fs (sda): mounted filesystem with ordered data mode. Quota mode: none. [ 232.375909] VFS: Mounted root (ext4 filesystem) readonly on device 8:0. [ 232.482364] devtmpfs: mounted [ 232.499473] Freeing unused kernel image (initmem) memory: 6648K [ 232.500309] Write protecting the kernel read-only data: 47104k [ 232.502283] Freeing unused kernel image (rodata/data gap) memory: 1052K [ 232.629801] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 232.633112] Run /sbin/init as init process [ 239.839106] systemd[1]: systemd 250.5+ running in system mode (-PAM -AUDIT -SELINUX -APPARMOR +IMA -SMACK +SECCOMP -GCRYPT -GNUTLS -OPENSSL +ACL +BLKID -CURL -ELFUTILS -FIDO2 -IDN2 -IDN -IPTC +KMOD -LIBCRYPTSETUP +LIBFDISK -PCRE2 -PWQUALITY -P11KIT -QRENCODE -BZIP2 -LZ4 -XZ -ZLIB +ZSTD -BPF_FRAMEWORK +XKBCOMMON +UTMP +SYSVINIT default-hierarchy=hybrid) [ 239.850136] systemd[1]: Detected virtualization kvm. [ 239.850907] systemd[1]: Detected architecture x86-64. Welcome to [1mLinux-Kernel-Functional-Testing nodistro.0[0m! [ 240.005746] systemd[1]: Hostname set to <intel-corei7-64>. [ 240.482033] systemd[1]: Initializing machine ID from random generator. [ 240.484181] systemd[1]: Installed transient /etc/machine-id file. [ 241.182058] systemd-sysv-ge (897) used greatest stack depth: 26400 bytes left [ 244.595483] systemd[1]: Queued start job for default target Multi-User System. [ 244.715232] systemd[1]: Created slice Slice /system/getty. [[0;32m OK [0m] Created slice [0;1;39mSlice /system/getty[0m. [ 244.732432] systemd[1]: Created slice Slice /system/modprobe. [[0;32m OK [0m] Created slice [0;1;39mSlice /system/modprobe[0m. [ 244.737449] systemd[1]: Created slice Slice /system/serial-getty. [[0;32m OK [0m] Created slice [0;1;39mSlice /system/serial-getty[0m. [ 244.742125] systemd[1]: Created slice User and Session Slice. [[0;32m OK [0m] Created slice [0;1;39mUser and Session Slice[0m. [ 244.744575] systemd[1]: Started Dispatch Password Requests to Console Directory Watch. [[0;32m OK [0m] Started [0;1;39mDispatch Password â?¦ts to Console Directory Watch[0m. [ 244.747483] systemd[1]: Started Forward Password Requests to Wall Directory Watch. [[0;32m OK [0m] Started [0;1;39mForward Password Râ?¦uests to Wall Directory Watch[0m. [ 244.749782] systemd[1]: Reached target Path Units. [[0;32m OK [0m] Reached target [0;1;39mPath Units[0m. [ 244.751545] systemd[1]: Reached target Remote File Systems. [[0;32m OK [0m] Reached target [0;1;39mRemote File Systems[0m. [ 244.753305] systemd[1]: Reached target Slice Units. [[0;32m OK [0m] Reached target [0;1;39mSlice Units[0m. [ 244.754914] systemd[1]: Reached target Swaps. [[0;32m OK [0m] Reached target [0;1;39mSwaps[0m. [ 244.941530] systemd[1]: Listening on RPCbind Server Activation Socket. [[0;32m OK [0m] Listening on [0;1;39mRPCbind Server Activation Socket[0m. [ 244.946400] systemd[1]: Reached target RPC Port Mapper. [[0;32m OK [0m] Reached target [0;1;39mRPC Port Mapper[0m. [ 245.013306] systemd[1]: Listening on Syslog Socket. [[0;32m OK [0m] Listening on [0;1;39mSyslog Socket[0m. [ 245.015383] systemd[1]: Listening on initctl Compatibility Named Pipe. [[0;32m OK [0m] Listening on [0;1;39minitctl Compatibility Named Pipe[0m. [ 245.017998] systemd[1]: Listening on Journal Audit Socket. [[0;32m OK [0m] Listening on [0;1;39mJournal Audit Socket[0m. [ 245.020150] systemd[1]: Listening on Journal Socket (/dev/log). [[0;32m OK [0m] Listening on [0;1;39mJournal Socket (/dev/log)[0m. [ 245.022568] systemd[1]: Listening on Journal Socket. [[0;32m OK [0m] Listening on [0;1;39mJournal Socket[0m. [ 245.024725] systemd[1]: Listening on Network Service Netlink Socket. [[0;32m OK [0m] Listening on [0;1;39mNetwork Service Netlink Socket[0m. [ 245.028339] systemd[1]: Listening on udev Control Socket. [[0;32m OK [0m] Listening on [0;1;39mudev Control Socket[0m. [ 245.030775] systemd[1]: Listening on udev Kernel Socket. [[0;32m OK [0m] Listening on [0;1;39mudev Kernel Socket[0m. [ 245.033715] systemd[1]: Listening on User Database Manager Socket. [[0;32m OK [0m] Listening on [0;1;39mUser Database Manager Socket[0m. [ 245.051099] systemd[1]: Mounting Huge Pages File System... Mounting [0;1;39mHuge Pages File System[0m... [ 245.065481] systemd[1]: Mounting POSIX Message Queue File System... Mounting [0;1;39mPOSIX Message Queue File System[0m... [ 245.075125] systemd[1]: Mounting Kernel Debug File System... Mounting [0;1;39mKernel Debug File System[0m... [ 245.084656] systemd[1]: Mounting Kernel Trace File System... Mounting [0;1;39mKernel Trace File System[0m... [ 245.176929] systemd[1]: Mounting Temporary Directory /tmp... Mounting [0;1;39mTemporary Directory /tmp[0m... [ 245.239385] systemd[1]: Starting Create List of Static Device Nodes... Starting [0;1;39mCreate List of Static Device Nodes[0m... [ 245.250639] systemd[1]: Starting Load Kernel Module configfs... Starting [0;1;39mLoad Kernel Module configfs[0m... [ 245.261695] systemd[1]: Starting Load Kernel Module drm... Starting [0;1;39mLoad Kernel Module drm[0m... [ 245.271612] systemd[1]: Starting Load Kernel Module fuse... Starting [0;1;39mLoad Kernel Module fuse[0m... [ 245.281691] systemd[1]: Starting Start psplash boot splash screen... Starting [0;1;39mStart psplash boot splash screen[0m... [ 245.603933] systemd[1]: Starting RPC Bind... Starting [0;1;39mRPC Bind[0m... [ 245.639435] systemd[1]: Starting File System Check on Root Device... Starting [0;1;39mFile System Check on Root Device[0m... [ 245.642177] systemd[1]: systemd-journald.service: unit configures an IP firewall, but the local system does not support BPF/cgroup firewalling. [ 245.644385] systemd[1]: (This warning is only shown for the first unit using IP firewalling.) [ 245.671335] systemd[1]: Starting Journal Service... Starting [0;1;39mJournal Service[0m... [ 246.105533] kmod (903) used greatest stack depth: 26136 bytes left [ 246.178430] systemd[1]: Starting Load Kernel Modules... Starting [0;1;39mLoad Kernel Modules[0m... [ 246.191975] systemd[1]: Starting Generate network units from Kernel command line... Starting [0;1;39mGenerate network â?¦ts from Kernel command line[0m... [ 246.201581] systemd[1]: Starting Coldplug All udev Devices... Starting [0;1;39mColdplug All udev Devices[0m... [ 246.214971] systemd[1]: Mounted Huge Pages File System. [[0;32m OK [0m] Mounted [0;1;39mHuge Pages File System[0m. [ 246.217391] systemd[1]: Mounted POSIX Message Queue File System. [[0;32m OK [0m] Mounted [0;1;39mPOSIX Message Queue File System[0m. [ 246.219730] systemd[1]: Mounted Kernel Debug File System. [[0;32m OK [0m] Mounted [0;1;39mKernel Debug File System[0m. [ 246.221977] systemd[1]: Mounted Kernel Trace File System. [[0;32m OK [0m] Mounted [0;1;39mKernel Trace File System[0m. [ 246.224622] systemd[1]: Mounted Temporary Directory /tmp. [[0;32m OK [0m] Mounted [0;1;39mTemporary Directory /tmp[0m. [ 246.228744] systemd[1]: Finished Create List of Static Device Nodes. [[0;32m OK [0m] Finished [0;1;39mCreate List of Static Device Nodes[0m. [ 246.323482] systemd-network (913) used greatest stack depth: 25040 bytes left [ 246.330007] systemd[1]: Finished Generate network units from Kernel command line. [[0;32m OK [0m] Finished [0;1;39mGenerate network units from Kernel command line[0m. [ 246.900717] systemd[1]: modprobe@configfs.service: Deactivated successfully. [ 246.904290] systemd[1]: Finished Load Kernel Module configfs. [[0;32m OK [0m] Finished [0;1;39mLoad Kernel Module configfs[0m. [ 246.907982] systemd[1]: modprobe@drm.service: Deactivated successfully. [ 246.911116] systemd[1]: Finished Load Kernel Module drm. [[0;32m OK [0m] Finished [0;1;39mLoad Kernel Module drm[0m. [ 246.915882] systemd[1]: modprobe@fuse.service: Deactivated successfully. [ 246.919284] systemd[1]: Finished Load Kernel Module fuse. [[0;32m OK [0m] Finished [0;1;39mLoad Kernel Module fuse[0m. [ 246.922873] systemd[1]: FUSE Control File System was skipped because of a failed condition check (ConditionPathExists=/sys/fs/fuse/connections). [ 246.924952] systemd[1]: Kernel Configuration File System was skipped because of a failed condition check (ConditionPathExists=/sys/kernel/config). [ 247.058824] systemd[1]: Finished Load Kernel Modules. [[0;32m OK [0m] Finished [0;1;39mLoad Kernel Modules[0m. [ 247.080624] systemd[1]: Starting Apply Kernel Variables... Starting [0;1;39mApply Kernel Variables[0m... [ 247.411201] systemd[1]: psplash-start.service: Main process exited, code=exited, status=255/EXCEPTION [ 247.416112] systemd[1]: psplash-start.service: Failed with result 'exit-code'. [ 247.422123] systemd[1]: Failed to start Start psplash boot splash screen. [[0;1;31mFAILED[ 247.423219] systemd[1]: Dependency failed for Start psplash-systemd progress communication helper. [0m] Failed to start [0;1;39mStart psplash boot splash screen[ 247.425069] systemd[1]: psplash-systemd.service: Job psplash-systemd.service/start failed with result 'dependency'. [0m. See 'systemctl status psplash-start.service' for details. [[0;1;38;5;185mDEPEND[0m] Dependency failed for [0;1;39mStarâ?¦progress communication helper[0m. [ 247.975637] systemd[1]: Started Journal Service. [[0;32m OK [0m] Started [0;1;39mJournal Service[0m. [[0;32m OK [0m] Started [0;1;39mRPC Bind[0m. [[0;32m OK [0m] Finished [0;1;39mApply Kernel Variables[0m. [[0;32m OK [0m] Finished [0;1;39mColdplug All udev Devices[0m. Starting [0;1;39mWait for udev To â?¦plete Device Initialization[0m... [[0;32m OK [0m] Finished [0;1;39mFile System Check on Root Device[0m. Starting [0;1;39mRemount Root and Kernel File Systems[0m... [ 248.847302] EXT4-fs (sda): re-mounted. Quota mode: none. [[0;32m OK [0m] Finished [0;1;39mRemount Root and Kernel File Systems[0m. Starting [0;1;39mFlush Journal to Persistent Storage[0m... Starting [0;1;39mCreate System Users[0m... [ 249.174173] systemd-journald[910]: Received client request to flush runtime journal. [[0;32m OK [0m] Finished [0;1;39mFlush Journal to Persistent Storage[0m. [[0;32m OK [0m] Finished [0;1;39mCreate System Users[0m. Starting [0;1;39mCreate Static Device Nodes in /dev[0m... [[0;32m OK [0m] Finished [0;1;39mCreate Static Device Nodes in /dev[0m. [[0;32m OK [0m] Reached target [0;1;39mPreparation for Local File Systems[0m. Mounting [0;1;39m/var/volatile[0m... Starting [0;1;39mRule-based Manageâ?¦for Device Events and Files[0m... [[0;32m OK [0m] Mounted [0;1;39m/var/volatile[0m. Starting [0;1;39mLoad/Save Random Seed[0m... [[0;32m OK [0m] Reached target [0;1;39mLocal File Systems[0m. Starting [0;1;39mRebuild Dynamic Linker Cache[0m... Starting [0;1;39mCreate Volatile Files and Directories[0m... [[0;32m OK [0m] Finished [0;1;39mLoad/Save Random Seed[0m. Starting [0;1;39mCommit a transient machine-id on disk[0m... [[0;32m OK [0m] Finished [0;1;39mCreate Volatile Files and Directories[0m. Starting [0;1;39mRebuild Journal Catalog[0m... Starting [0;1;39mNetwork Time Synchronization[0m... Starting [0;1;39mRecord System Boot/Shutdown in UTMP[0m... [[0;32m OK [0m] Finished [0;1;39mRecord System Boot/Shutdown in UTMP[0m. [[0;32m OK [0m] Started [0;1;39mNetwork Time Synchronization[0m. [[0;32m OK [0m] Reached target [0;1;39mSystem Time Set[0m. [[0;32m OK [0m] Finished [0;1;39mRebuild Journal Catalog[0m. [[0;32m OK [0m] Started [0;1;39mRule-based Manager for Device Events and Files[0m. [[0;32m OK [0m] Listening on [0;1;39mLoad/Save RF â?¦itch Status /dev/rfkill Watch[0m. [ 256.024734] virtio_net virtio0 enp0s3: renamed from eth0 [ 256.081093] dmi_memory_id (969) used greatest stack depth: 25016 bytes left [[0;32m OK [0m] Finished [0;1;39mCommit a transient machine-id on disk[0m. [[0;32m OK [0m] Finished [0;1;39mWait for udev To Complete Device Initialization[0m. [[0;32m OK [0m] Started [0;1;39mHardware RNG Entropy Gatherer Daemon[0m. [[0m[0;31m* [0m] A start job is running for Rebuild â?¦amic Linker Cache (14s / no limit) M[K[[0;1;31m*[0m[0;31m* [0m] A start job is running for Rebuild â?¦amic Linker Cache (14s / no limit) M[K[[0;32m OK [0m] Finished [0;1;39mRebuild Dynamic Linker Cache[0m. [K Starting [0;1;39mUpdate is Completed[0m... [[0;32m OK [0m] Finished [0;1;39mUpdate is Completed[0m. [[0;32m OK [0m] Reached target [0;1;39mSystem Initialization[0m. [[0;32m OK [0m] Started [0;1;39mDaily rotation of log files[0m. [[0;32m OK [0m] Started [0;1;39mDaily Cleanup of Temporary Directories[0m. [[0;32m OK [0m] Reached target [0;1;39mTimer Units[0m. [[0;32m OK [0m] Listening on [0;1;39mAvahi mDNS/DNS-SD Stack Activation Socket[0m. [[0;32m OK [0m] Listening on [0;1;39mD-Bus System Message Bus Socket[0m. Starting [0;1;39msshd.socket[0m... [[0;32m OK [0m] Listening on [0;1;39msshd.socket[0m. [[0;32m OK [0m] Reached target [0;1;39mSocket Units[0m. [[0;32m OK [0m] Reached target [0;1;39mBasic System[0m. Starting [0;1;39mACPI Event Daemon[0m... [[0;32m OK [0m] Started [0;1;39mKernel Logging Service[0m. [[0;32m OK [0m] Started [0;1;39mSystem Logging Service[0m. [[0;32m OK [0m] Started [0;1;39mPeriodic Command Scheduler[0m. Starting [0;1;39mD-Bus System Message Bus[0m... [[0;32m OK [0m] Started [0;1;39mGetty on tty1[0m. Starting [0;1;39mIPv6 Packet Filtering Framework[0m... Starting [0;1;39mIPv4 Packet Filtering Framework[0m... Starting [0;1;39mTelephony service[0m... [[0;32m OK [0m] Started [0;1;39mSerial Getty on ttyS0[0m. [[0;32m OK [0m] Reached target [0;1;39mLogin Prompts[0m. Starting [0;1;39mResets System Activity Logs[0m... Starting [0;1;39mUser Login Management[0m... Starting [0;1;39mOpenSSH Key Generation[0m... [[0;32m OK [0m] Started [0;1;39mACPI Event Daemon[0m. [[0;32m OK [0m] Finished [0;1;39mIPv4 Packet Filtering Framework[0m. [[0;32m OK [0m] Finished [0;1;39mIPv6 Packet Filtering Framework[0m. [[0;32m OK [0m] Reached target [0;1;39mPreparation for Network[0m. Starting [0;1;39mNetwork Configuration[0m... [ 260.491986] sadc (992) used greatest stack depth: 24816 bytes left [[0;32m OK [0m] Finished [0;1;39mResets System Activity Logs[0m. [[0;32m OK [0m] Started [0;1;39mD-Bus System Message Bus[0m. [[0;32m OK [0m] Started [0;1;39mUser Login Management[0m. [[0;32m OK [0m] Started [0;1;39mTelephony service[0m. [ 260.862675] systemd-journald[910]: Data hash table of /run/log/journal/c9bfa6f1c7364b65b78e39d5cbbfab79/system.journal has a fill level at 75.0 (10923 of 14563 items, 8388608 file size, 767 bytes per hash table item), suggesting rotation. [ 260.866303] systemd-journald[910]: /run/log/journal/c9bfa6f1c7364b65b78e39d5cbbfab79/system.journal: Journal header limits reached or header out-of-date, rotating. [[0;32m OK [0m] Started [0;1;39mNetwork Configuration[0m. Starting [0;1;39mNetwork Name Resolution[0m... [ 261.860696] IPv4: martian source 255.255.255.255 from 10.66.16.15, on dev enp0s3 [ 261.862304] ll header: 00000000: ff ff ff ff ff ff 52 54 00 4f 94 5e 08 00 [ 261.863587] IPv4: martian source 255.255.255.255 from 10.66.16.201, on dev enp0s3 [ 261.864438] ll header: 00000000: ff ff ff ff ff ff 00 1e c0 93 f0 f7 08 00 [ 261.869373] IPv4: martian source 255.255.255.255 from 10.66.16.15, on dev enp0s3 [ 261.870240] ll header: 00000000: ff ff ff ff ff ff 52 54 00 4f 94 5e 08 00 [ 261.873347] IPv4: martian source 255.255.255.255 from 10.66.16.15, on dev enp0s3 [ 261.874313] ll header: 00000000: ff ff ff ff ff ff 52 54 00 4f 94 5e 08 00 [[0;32m OK [0m] Started [0;1;39mNetwork Name Resolution[0m. [[0;32m OK [0m] Reached target [0;1;39mNetwork[0m. [[0;32m OK [0m] Reached target [0;1;39mHost and Network Name Lookups[0m. Starting [0;1;39mAvahi mDNS/DNS-SD Stack[0m... [[0;32m OK [0m] Started [0;1;39mAvahi mDNS/DNS-SD Stack[0m. [[0;32m OK [0m] Reached target [0;1;39mMulti-User System[0m. Starting [0;1;39mRecord Runlevel Change in UTMP[0m... [[0;32m OK [0m] Finished [0;1;39mRecord Runlevel Change in UTMP[0m. [[0;32m OK [0m] Finished [0;1;39mOpenSSH Key Generation[0m. Linux-Kernel-Functional-Testing nodistro.0 intel-corei7-64 ttyS0 intel-corei7-64 login: root root 7[r[999;999H[6nroot@intel-corei7-64:~# root@intel-corei7-64:~# # # root@intel-corei7-64:~# mkdir /lava-5866612 mkdir /lava-5866612 root@intel-corei7-64:~# mount /dev/disk/by-uuid/726912c1-debc-4d0b-8cb6-c5a785e2618c -t ext2 /lava-5866612 mount /dev/disk/by-uuid/726912c1-debc-4d0b-8cb6-c5a785e26618c -t ext2 /lava-5866612 [ 270.023804] EXT4-fs (vda): mounting ext2 file system using the ext4 subsystem [ 270.120741] EXT4-fs (vda): mounted filesystem without journal. Quota mode: none. root@intel-corei7-64:~# ls -la /lava-5866612/bin/lava-test-runner ls -la /lava-5866612/bin/lava-test-runner -rwxr-xr-x 1 root root 1039 Nov 21 06:13 /lava-5866612/bin/lava-test-runner root@intel-corei7-64:~# export SHELL=/bin/sh export SHELL=/bin/sh root@intel-corei7-64:~# . /lava-5866612/environment . /lava-5866612/environment root@intel-corei7-64:~# /lava-5866612/bin/lava-test-runner /lava-5866612/0 /lava-5866612/bin/lava-test-runner /lava-5866612/0 + export TESTRUN_ID=0_prep-inline + TESTRUN_ID=0_prep-inline + cd /lava-5866612/0/tests/0_prep-inline ++ cat uuid + UUID=5866612_1.1.3.1 + set +x <LAVA_SIGNAL_STARTRUN 0_prep-inline 5866612_1.1.3.1> + ln -sf /lib /lib64 + set +x <LAVA_SIGNAL_ENDRUN 0_prep-inline 5866612_1.1.3.1> <LAVA_TEST_RUNNER EXIT># root@intel-corei7-64:~# #mkdir /lava-5866612 root@intel-corei7-64:~# mkdir /lava-5866612mount /dev/disk/by-uuid/726912c1-debc-4d0b-8cb6-c5a785e2618c -t ext2 /lava-5866612 mkdir: cannot create directory '/lava-5866612': File exists root@intel-corei7-64:~# mount /dev/disk/by-uuid/726912c1-debc-4d0b-8cb6-c5a785e26618c -t ext2 /lava-5866612ls -la /lava-5866612/bin/lava-test-runner mount: /lava-5866612: /dev/vda already mounted on /lava-5866612. root@intel-corei7-64:~# ls -la /lava-5866612/bin/lava-test-runnerexport SHELL=/bin/sh -rwxr-xr-x 1 root root 1039 Nov 21 06:13 /lava-5866612/bin/lava-test-runner root@intel-corei7-64:~# export SHELL=/bin/sh. /lava-5866612/environment root@intel-corei7-64:~# . /lava-5866612/environment/lava-5866612/bin/lava-test-runner /lava-5866612/1 root@intel-corei7-64:~# /lava-5866612/bin/lava-test-runner /lava-5866612/1 + export TESTRUN_ID=1_prep-tmp-disk + TESTRUN_ID=1_prep-tmp-disk + cd /lava-5866612/1/tests/1_prep-tmp-disk ++ cat uuid + UUID=5866612_1.1.3.5 + set +x <LAVA_SIGNAL_STARTRUN 1_prep-tmp-disk 5866612_1.1.3.5> + df -h Filesystem Size Used Avail Use% Mounted on /dev/root 3.7G 1.9G 1.6G 54% / devtmpfs 1.7G 0 1.7G 0% /dev tmpfs 1.7G 0 1.7G 0% /dev/shm tmpfs 674M 13M 662M 2% /run tmpfs 4.0M 0 4.0M 0% /sys/fs/cgroup tmpfs 1.7G 0 1.7G 0% /tmp tmpfs 1.7G 20K 1.7G 1% /var/volatile /dev/vda 504M 75M 404M 16% /lava-5866612 + ln -s /tmp /scratch + set +x <LAVA_SIGNAL_ENDRUN 1_prep-tmp-disk 5866612_1.1.3.5> + export TESTRUN_ID=2_kunit + TESTRUN_ID=2_kunit + cd /lava-5866612/1/tests/2_kunit ++ cat uuid + UUID=5866612_1.1.3.9 + set +x <LAVA_SIGNAL_STARTRUN 2_kunit 5866612_1.1.3.9> + cd ./automated/linux/kunit/ + ./kunit.sh -m test.ko /lib/modules/6.1.0-rc5-next-20221117/kernel/kernel/trace/preemptirq_delay_test.ko /lib/modules/6.1.0-rc5-next-20221117/kernel/drivers/usb/misc/usbtest.ko preemptirq_delay_test usbtest KUNIT_TEST_MODULE=preemptirq_delay_test.ko KUNIT_TEST_MODULE=usbtest.ko modprobe-preemptirq_delay_test pass Module Size Used by preemptirq_delay_test 16384 0 [ 279.696290] usbcore: registered new interface driver usbtest modprobe-usbtest pass Module Size Used by usbtest 81920 0 preemptirq_delay_test 16384 0 INFO: Kernel config CONFIG_KUNIT_TEST=y not enabled dmesg pass [ 13.164344] ok 36 - kasan_alloca_oob_left [ 13.220581] ok 37 - kasan_alloca_oob_right [ 13.270893] ok 38 - ksize_unpoisons_memory [ 13.440907] ok 39 - ksize_uaf [ 13.524025] ok 40 - kmem_cache_double_free [ 13.597555] ok 41 - kmem_cache_invalid_free [ 13.670666] ok 42 - kmem_cache_double_destroy [ 13.733327] ok 43 - kasan_memchr [ 13.801860] ok 44 - kasan_memcmp [ 14.152339] ok 45 - kasan_strings [ 15.148890] ok 46 - kasan_bitops_generic [ 15.149493] ok 47 - kasan_bitops_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 15.279635] ok 48 - kmalloc_double_kzfree [ 15.383525] ok 49 - rcu_uaf [ 15.457859] ok 50 - workqueue_uaf [ 15.458309] ok 51 - vmalloc_helpers_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 15.459288] ok 52 - vmalloc_oob # SKIP Test requires CONFIG_KASAN_VMALLOC=y [ 15.461002] ok 53 - vmap_tags # SKIP Test requires CONFIG_KASAN_SW_TAGS=y [ 15.462492] ok 54 - vm_map_ram_tags # SKIP Test requires CONFIG_KASAN_SW_TAGS=y [ 15.463969] ok 55 - vmalloc_percpu # SKIP Test requires CONFIG_KASAN_SW_TAGS=y [ 15.465887] ok 56 - match_all_not_assigned # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 15.467782] ok 57 - match_all_ptr_tag # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 15.469370] ok 58 - match_all_mem_tag # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 15.475478] ok 5 - kasan [ 15.939490] ok 1 - test_out_of_bounds_read [ 16.224757] ok 2 - test_out_of_bounds_read-memcache [ 16.313291] ok 3 - test_out_of_bounds_write [ 16.430848] ok 4 - test_out_of_bounds_write-memcache [ 16.525051] ok 5 - test_use_after_free_read [ 16.643947] ok 6 - test_use_after_free_read-memcache [ 16.739199] not ok 7 - test_double_free [ 16.853296] ok 8 - test_double_free-memcache [ 16.939212] not ok 9 - test_invalid_addr_free [ 17.055777] ok 10 - test_invalid_addr_free-memcache [ 17.464571] not ok 11 - test_corruption [ 17.999856] ok 12 - test_corruption-memcache [ 20.252157] ok 13 - test_free_bulk [ 22.033331] ok 14 - test_free_bulk-memcache [ 22.033667] ok 15 - test_init_on_free # SKIP Test requires: IS_ENABLED(CONFIG_INIT_ON_FREE_DEFAULT_ON) [ 22.034846] ok 16 - test_init_on_free-memcache # SKIP Test requires: IS_ENABLED(CONFIG_INIT_ON_FREE_DEFAULT_ON) [ 22.137028] ok 17 - test_kmalloc_aligned_oob_read [ 22.247690] not ok 18 - test_kmalloc_aligned_oob_write [ 22.331560] ok 19 - test_shrink_memcache [ 22.435915] ok 20 - test_memcache_ctor [ 22.450777] ok 21 - test_invalid_access [ 47.910539] ok 22 - test_gfpzero [ 48.056878] ok 23 - test_memcache_typesafe_by_rcu [ 48.141701] ok 24 - test_krealloc [ 48.226011] ok 25 - test_memcache_alloc_bulk [ 48.231068] not ok 6 - kfence [ 48.234644] ok 1 - total_mapping_size_test [ 48.235246] ok 7 - binfmt_elf [ 48.238761] ok 1 - total_mapping_size_test [ 48.239403] ok 8 - compat_binfmt_elf [ 48.242987] ok 1 - 1901-12-13 Lower bound of 32bit < 0 timestamp, no extra bits [ 48.244242] ok 2 - 1969-12-31 Upper bound of 32bit < 0 timestamp, no extra bits [ 48.246089] ok 3 - 1970-01-01 Lower bound of 32bit >=0 timestamp, no extra bits [ 48.247749] ok 4 - 2038-01-19 Upper bound of 32bit >=0 timestamp, no extra bits [ 48.249331] ok 5 - 2038-01-19 Lower bound of 32bit <0 timestamp, lo extra sec bit on [ 48.250915] ok 6 - 2106-02-07 Upper bound of 32bit <0 timestamp, lo extra sec bit on [ 48.252502] ok 7 - 2106-02-07 Lower bound of 32bit >=0 timestamp, lo extra sec bit on [ 48.254211] ok 8 - 2174-02-25 Upper bound of 32bit >=0 timestamp, lo extra sec bit on [ 48.255942] ok 9 - 2174-02-25 Lower bound of 32bit <0 timestamp, hi extra sec bit on [ 48.257542] ok 10 - 2242-03-16 Upper bound of 32bit <0 timestamp, hi extra sec bit on [ 48.259106] ok 11 - 2242-03-16 Lower bound of 32bit >=0 timestamp, hi extra sec bit on [ 48.260658] ok 12 - 2310-04-04 Upper bound of 32bit >=0 timestamp, hi extra sec bit on [ 48.262276] ok 13 - 2310-04-04 Upper bound of 32bit>=0 timestamp, hi extra sec bit 1. 1 ns [ 48.263849] ok 14 - 2378-04-22 Lower bound of 32bit>= timestamp. Extra sec bits 1. Max ns [ 48.265464] ok 15 - 2378-04-22 Lower bound of 32bit >=0 timestamp. All extra sec bits on [ 48.267162] ok 16 - 2446-05-10 Upper bound of 32bit >=0 timestamp. All extra sec bits on [ 48.269959] ok 1 - inode_test_xtimestamp_decoding [ 48.271964] ok 9 - ext4_inode_test [ 48.274241] ok 1 - fat_checksum_test [ 48.275513] ok 1 - Earliest possible UTC (1980-01-01 00:00:00) [ 48.276543] ok 2 - Latest possible UTC (2107-12-31 23:59:58) [ 48.277856] ok 3 - Earliest possible (UTC-11) (== 1979-12-31 13:00:00 UTC) [ 48.279049] ok 4 - Latest possible (UTC+11) (== 2108-01-01 10:59:58 UTC) [ 48.280495] ok 5 - Leap Day / Year (1996-02-29 00:00:00) [ 48.281873] ok 6 - Year 2000 is leap year (2000-02-29 00:00:00) [ 48.283021] ok 7 - Year 2100 not leap year (2100-03-01 00:00:00) [ 48.284359] ok 8 - Leap year + timezone UTC+1 (== 2004-02-29 00:30:00 UTC) [ 48.285866] ok 9 - Leap year + timezone UTC-1 (== 2004-02-29 23:30:00 UTC) [ 48.287346] ok 10 - VFAT odd-second resolution (1999-12-31 23:59:59) [ 48.288671] ok 11 - VFAT 10ms resolution (1980-01-01 00:00:00:0010) [ 48.290975] ok 2 - fat_time_fat2unix_test [ 48.292984] ok 1 - Earliest possible UTC (1980-01-01 00:00:00) [ 48.294010] ok 2 - Latest possible UTC (2107-12-31 23:59:58) [ 48.295269] ok 3 - Earliest possible (UTC-11) (== 1979-12-31 13:00:00 UTC) [ 48.296526] ok 4 - Latest possible (UTC+11) (== 2108-01-01 10:59:58 UTC) [ 48.297976] ok 5 - Leap Day / Year (1996-02-29 00:00:00) [ 48.299428] ok 6 - Year 2000 is leap year (2000-02-29 00:00:00) [ 48.300599] ok 7 - Year 2100 not leap year (2100-03-01 00:00:00) [ 48.301911] ok 8 - Leap year + timezone UTC+1 (== 2004-02-29 00:30:00 UTC) [ 48.303217] ok 9 - Leap year + timezone UTC-1 (== 2004-02-29 23:30:00 UTC) [ 48.304654] ok 10 - VFAT odd-second resolution (1999-12-31 23:59:59) [ 48.306113] ok 11 - VFAT 10ms resolution (1980-01-01 00:00:00:0010) [ 48.308394] ok 3 - fat_time_unix2fat_test [ 48.311014] ok 10 - fat_test [ 48.313336] ok 1 - test_cpumask_weight [ 48.314025] ok 2 - test_cpumask_first [ 48.314886] ok 3 - test_cpumask_last [ 48.315770] ok 4 - test_cpumask_next [ 48.316636] ok 5 - test_cpumask_iterators [ 48.317690] ok 6 - test_cpumask_iterators_builtin [ 48.320529] ok 11 - cpumask [ 48.323336] ok 1 - test_string_or [ 48.340643] ok 2 - test_hash_or [ 48.342741] ok 12 - hash [ 48.353499] ok 1 - list_sort_test [ 48.353926] ok 13 - list_sort [ 48.356393] ok 1 - test_sort [ 48.356773] ok 14 - lib_sort [ 48.365541] ok 1 - test_kprobe [ 48.376118] ok 2 - test_kprobes [ 48.383336] ok 3 - test_kretprobe [ 48.396695] ok 4 - test_kretprobes [ 48.404313] ok 5 - test_stacktrace_on_kretprobe [ 48.419020] ok 6 - test_stacktrace_on_nested_kretprobe [ 48.423210] ok 15 - kprobes_test [ 48.427028] ok 1 - parse_filter_test [ 48.427994] ok 2 - filter_suites_test [ 48.429054] ok 3 - filter_suites_test_glob_test [ 48.430092] ok 4 - filter_suites_to_empty_test [ 48.433110] ok 16 - kunit_executor_test [ 48.436012] ok 1 - kunit_test_try_catch_successful_try_no_catch [ 48.436920] ok 2 - kunit_test_try_catch_unsuccessful_try_does_catch [ 48.440144] ok 17 - kunit-try-catch-test [ 48.442719] ok 1 - kunit_resource_test_init_resources [ 48.443407] ok 2 - kunit_resource_test_alloc_resource [ 48.444534] ok 3 - kunit_resource_test_destroy_resource [ 48.445770] ok 4 - kunit_resource_test_remove_resource [ 48.447123] ok 5 - kunit_resource_test_cleanup_resources [ 48.448454] ok 6 - kunit_resource_test_proper_free_ordering [ 48.449617] ok 7 - kunit_resource_test_static [ 48.450925] ok 8 - kunit_resource_test_named [ 48.453833] ok 18 - kunit-resource-test [ 48.460436] ok 1 - kunit_log_test [ 48.460948] ok 19 - kunit-log-test [ 48.463107] ok 1 - kunit_status_set_failure_test [ 48.463758] ok 2 - kunit_status_mark_skipped_test [ 48.467862] ok 20 - kunit_status [ 48.472027] ok 1 - string_stream_test_empty_on_creation [ 48.473043] ok 2 - string_stream_test_not_empty_after_add [ 48.474401] ok 3 - string_stream_test_get_string [ 48.477139] ok 21 - string-stream-test [ 48.481718] ok 1 - example_simple_test [ 48.484713] ok 2 - example_skip_test # SKIP this test should be skipped [ 48.491685] ok 3 - example_mark_skipped_test # SKIP this test should be skipped [ 48.498330] ok 4 - example_all_expect_macros_test [ 48.500986] ok 22 - example [ 48.504883] ok 1 - Exceeds bounds, semi-convergent term > 1/2 last term [ 48.506429] ok 2 - Exceeds bounds, semi-convergent term < 1/2 last term [ 48.508351] ok 3 - Closest to zero [ 48.509757] ok 4 - Closest to smallest non-zero [ 48.510694] ok 5 - Use convergent [ 48.511795] ok 6 - Exact answer [ 48.512711] ok 7 - Semiconvergent, numerator limit [ 48.513576] ok 8 - Semiconvergent, denominator limit [ 48.515375] ok 1 - rational_test [ 48.516844] ok 23 - rational [ 48.521591] ok 1 - test_bitfields_constants [ 48.522783] ok 2 - test_bitfields_variables [ 48.526702] ok 24 - bitfields [ 48.529182] ok 1 - list_test_list_init [ 48.529770] ok 2 - list_test_list_add [ 48.530754] ok 3 - list_test_list_add_tail [ 48.531686] ok 4 - list_test_list_del [ 48.532646] ok 5 - list_test_list_replace [ 48.533526] ok 6 - list_test_list_replace_init [ 48.534500] ok 7 - list_test_list_swap [ 48.535515] ok 8 - list_test_list_del_init [ 48.536468] ok 9 - list_test_list_del_init_careful [ 48.537411] ok 10 - list_test_list_move [ 48.538563] ok 11 - list_test_list_move_tail [ 48.539527] ok 12 - list_test_list_bulk_move_tail [ 48.540521] ok 13 - list_test_list_is_head [ 48.541593] ok 14 - list_test_list_is_first [ 48.542610] ok 15 - list_test_list_is_last [ 48.543689] ok 16 - list_test_list_empty [ 48.544662] ok 17 - list_test_list_empty_careful [ 48.545632] ok 18 - list_test_list_rotate_left [ 48.546687] ok 19 - list_test_list_rotate_to_front [ 48.547677] ok 20 - list_test_list_is_singular [ 48.548782] ok 21 - list_test_list_cut_position [ 48.549795] ok 22 - list_test_list_cut_before [ 48.550810] ok 23 - list_test_list_splice [ 48.551800] ok 24 - list_test_list_splice_tail [ 48.552730] ok 25 - list_test_list_splice_init [ 48.553711] ok 26 - list_test_list_splice_tail_init [ 48.554673] ok 27 - list_test_list_entry [ 48.555749] ok 28 - list_test_list_entry_is_head [ 48.556673] ok 29 - list_test_list_first_entry [ 48.557744] ok 30 - list_test_list_last_entry [ 48.558704] ok 31 - list_test_list_first_entry_or_null [ 48.559683] ok 32 - list_test_list_next_entry [ 48.560747] ok 33 - list_test_list_prev_entry [ 48.561690] ok 34 - list_test_list_for_each [ 48.562648] ok 35 - list_test_list_for_each_prev [ 48.563578] ok 36 - list_test_list_for_each_safe [ 48.564572] ok 37 - list_test_list_for_each_prev_safe [ 48.565584] ok 38 - list_test_list_for_each_entry [ 48.566645] ok 39 - list_test_list_for_each_entry_reverse [ 48.569340] ok 25 - list-kunit-test [ 48.571538] ok 1 - hlist_test_init [ 48.572126] ok 2 - hlist_test_unhashed [ 48.572977] ok 3 - hlist_test_unhashed_lockless [ 48.573864] ok 4 - hlist_test_del [ 48.574856] ok 5 - hlist_test_del_init [ 48.575653] ok 6 - hlist_test_add [ 48.576500] ok 7 - hlist_test_fake [ 48.577298] ok 8 - hlist_test_is_singular_node [ 48.578058] ok 9 - hlist_test_empty [ 48.579002] ok 10 - hlist_test_move_list [ 48.579831] ok 11 - hlist_test_entry [ 48.580719] ok 12 - hlist_test_entry_safe [ 48.581563] ok 13 - hlist_test_for_each [ 48.582462] ok 14 - hlist_test_for_each_safe [ 48.583321] ok 15 - hlist_test_for_each_entry [ 48.584226] ok 16 - hlist_test_for_each_entry_continue [ 48.585186] ok 17 - hlist_test_for_each_entry_from [ 48.586309] ok 18 - hlist_test_for_each_entry_safe [ 48.588736] ok 26 - hlist [ 48.590953] ok 1 - genmask_test [ 48.591673] ok 2 - genmask_ull_test [ 48.592494] ok 3 - genmask_input_check_test [ 48.594674] ok 27 - bits-test [ 48.596760] ok 1 - cmdline_test_noint [ 48.597413] ok 2 - cmdline_test_lead_int [ 48.598400] ok 3 - cmdline_test_tail_int [ 48.599422] ok 4 - cmdline_test_range [ 48.601574] ok 28 - cmdline [ 48.607157] ok 1 - test_clobber_zone [ 48.610276] ok 2 - test_clobber_redzone_free [ 48.612535] ok 29 - slub_test [ 48.615232] # memset_test: ok: memset() direct assignment [ 48.617243] # memset_test: ok: memset() complete overwrite [ 48.618610] # memset_test: ok: memset() middle overwrite [ 48.619914] # memset_test: ok: memset() argument side-effects [ 48.621346] # memset_test: ok: memset() memset_after() [ 48.622622] # memset_test: ok: memset() memset_startat() [ 48.623997] ok 1 - memset_test [ 48.624433] # memcpy_test: ok: memcpy() static initializers [ 48.627967] # memcpy_test: ok: memcpy() direct assignment [ 48.630301] # memcpy_test: ok: memcpy() complete overwrite [ 48.632416] # memcpy_test: ok: memcpy() middle overwrite [ 48.634379] # memcpy_test: ok: memcpy() argument side-effects [ 48.635349] ok 2 - memcpy_test [ 54.198508] ok 3 - memcpy_large_test [ 54.199653] # memmove_test: ok: memmove() static initializers [ 54.201367] # memmove_test: ok: memmove() direct assignment [ 54.202352] # memmove_test: ok: memmove() complete overwrite [ 54.203332] # memmove_test: ok: memmove() middle overwrite [ 54.204289] # memmove_test: ok: memmove() argument side-effects [ 54.205346] # memmove_test: ok: memmove() overlapping write [ 54.206383] ok 4 - memmove_test [ 59.681912] ok 5 - memmove_large_test [ 70.810445] ok 6 - memmove_overlap_test [ 70.811832] ok 7 - strtomem_test [ 70.819373] ok 30 - memcpy [ 70.824122] ok 1 - is_signed_type_test [ 70.824606] ok 31 - is_signed_type [ 70.831527] ok 1 - u8_u8__u8_overflow_test [ 70.835935] ok 2 - s8_s8__s8_overflow_test [ 70.839786] ok 3 - u16_u16__u16_overflow_test [ 70.843995] ok 4 - s16_s16__s16_overflow_test [ 70.849022] ok 5 - u32_u32__u32_overflow_test [ 70.853323] ok 6 - s32_s32__s32_overflow_test [ 70.856983] ok 7 - u64_u64__u64_overflow_test [ 70.860658] ok 8 - s64_s64__s64_overflow_test [ 70.864333] ok 9 - u32_u32__int_overflow_test [ 70.867913] ok 10 - u32_u32__u8_overflow_test [ 70.871420] ok 11 - u8_u8__int_overflow_test [ 70.875506] ok 12 - int_int__u8_overflow_test [ 70.878957] ok 13 - shift_sane_test [ 70.882052] ok 14 - shift_overflow_test [ 70.885356] ok 15 - shift_truncate_test [ 70.888889] ok 16 - shift_nonsense_test [ 70.891390] ok 17 - overflow_allocation_test [ 70.893650] ok 18 - overflow_size_helpers_test [ 70.897310] ok 19 - overflows_type_test [ 70.900477] ok 20 - same_type_test [ 70.903721] ok 21 - castable_to_type_test [ 70.906273] ok 32 - overflow [ 70.910061] ok 1 - test_u8_zero [ 70.911058] ok 2 - test_u16_zero [ 70.912339] ok 3 - test_u32_zero [ 70.913619] ok 4 - test_u64_zero [ 70.915133] ok 5 - test_char_array_zero [ 70.917043] ok 6 - test_small_hole_zero [ 70.918617] ok 7 - test_big_hole_zero [ 70.919892] ok 8 - test_trailing_hole_zero [ 70.920890] ok 9 - test_packed_zero [ 70.921909] ok 10 - test_small_hole_dynamic_partial [ 70.922833] ok 11 - test_big_hole_dynamic_partial [ 70.924066] ok 12 - test_trailing_hole_dynamic_partial [ 70.925162] ok 13 - test_packed_dynamic_partial [ 70.926392] ok 14 - test_small_hole_assigned_dynamic_partial [ 70.927466] ok 15 - test_big_hole_assigned_dynamic_partial [ 70.928779] ok 16 - test_trailing_hole_assigned_dynamic_partial [ 70.930020] ok 17 - test_packed_assigned_dynamic_partial [ 70.931290] ok 18 - test_small_hole_static_partial [ 70.932534] ok 19 - test_big_hole_static_partial [ 70.933614] ok 20 - test_trailing_hole_static_partial [ 70.934667] ok 21 - test_packed_static_partial [ 70.935866] ok 22 - test_small_hole_static_all # SKIP XFAIL uninit bytes: 3 [ 70.938120] ok 23 - test_big_hole_static_all # SKIP XFAIL uninit bytes: 124 [ 70.939579] ok 24 - test_trailing_hole_static_all # SKIP XFAIL uninit bytes: 7 [ 70.941123] ok 25 - test_packed_static_all [ 70.941402] ok 26 - test_small_hole_dynamic_all # SKIP XFAIL uninit bytes: 3 [ 70.943673] ok 27 - test_big_hole_dynamic_all # SKIP XFAIL uninit bytes: 124 [ 70.945360] ok 28 - test_trailing_hole_dynamic_all # SKIP XFAIL uninit bytes: 7 [ 70.946922] ok 29 - test_packed_dynamic_all [ 70.947211] ok 30 - test_small_hole_runtime_partial # SKIP XFAIL uninit bytes: 23 [ 70.949604] ok 31 - test_big_hole_runtime_partial # SKIP XFAIL uninit bytes: 127 [ 70.951171] ok 32 - test_trailing_hole_runtime_partial # SKIP XFAIL uninit bytes: 24 [ 70.952752] ok 33 - test_packed_runtime_partial # SKIP XFAIL uninit bytes: 24 [ 70.954222] ok 34 - test_small_hole_runtime_all # SKIP XFAIL uninit bytes: 3 [ 70.955651] ok 35 - test_big_hole_runtime_all # SKIP XFAIL uninit bytes: 124 [ 70.957114] ok 36 - test_trailing_hole_runtime_all # SKIP XFAIL uninit bytes: 7 [ 70.959041] ok 37 - test_packed_runtime_all [ 70.959426] ok 38 - test_small_hole_assigned_static_partial [ 70.960517] ok 39 - test_big_hole_assigned_static_partial [ 70.961740] ok 40 - test_trailing_hole_assigned_static_partial [ 70.962908] ok 41 - test_packed_assigned_static_partial [ 70.964139] ok 42 - test_small_hole_assigned_static_all # SKIP XFAIL uninit bytes: 3 [ 70.966638] ok 43 - test_big_hole_assigned_static_all # SKIP XFAIL uninit bytes: 124 [ 70.968199] ok 44 - test_trailing_hole_assigned_static_all # SKIP XFAIL uninit bytes: 7 [ 70.969855] ok 45 - test_packed_assigned_static_all [ 70.970172] ok 46 - test_small_hole_assigned_dynamic_all # SKIP XFAIL uninit bytes: 3 [ 70.972548] ok 47 - test_big_hole_assigned_dynamic_all # SKIP XFAIL uninit bytes: 124 [ 70.974160] ok 48 - test_trailing_hole_assigned_dynamic_all # SKIP XFAIL uninit bytes: 7 [ 70.975768] ok 49 - test_packed_assigned_dynamic_all [ 70.976002] ok 50 - test_small_hole_assigned_copy # SKIP XFAIL uninit bytes: 3 [ 70.978395] ok 51 - test_big_hole_assigned_copy # SKIP XFAIL uninit bytes: 124 [ 70.979855] ok 52 - test_trailing_hole_assigned_copy # SKIP XFAIL uninit bytes: 7 [ 70.981428] ok 53 - test_packed_assigned_copy [ 70.981700] ok 54 - test_u8_none # SKIP XFAIL uninit bytes: 1 [ 70.983682] ok 55 - test_u16_none # SKIP XFAIL uninit bytes: 2 [ 70.984931] ok 56 - test_u32_none # SKIP XFAIL uninit bytes: 4 [ 70.986185] ok 57 - test_u64_none # SKIP XFAIL uninit bytes: 8 [ 70.987449] ok 58 - test_char_array_none # SKIP XFAIL uninit bytes: 16 [ 70.988869] ok 59 - test_switch_1_none # SKIP XFAIL uninit bytes: 80 [ 70.990408] ok 60 - test_switch_2_none # SKIP XFAIL uninit bytes: 80 [ 70.991820] ok 61 - test_small_hole_none # SKIP XFAIL uninit bytes: 24 [ 70.993270] ok 62 - test_big_hole_none # SKIP XFAIL uninit bytes: 128 [ 70.994725] ok 63 - test_trailing_hole_none # SKIP XFAIL uninit bytes: 32 [ 70.996283] ok 64 - test_packed_none # SKIP XFAIL uninit bytes: 32 [ 70.997633] ok 65 - test_user # SKIP XFAIL uninit bytes: 32 [ 70.999504] ok 33 - stackinit [ 71.001986] ok 1 - strscpy_test [ 71.002544] ok 34 - strscpy [ 71.004925] ok 1 - siphash_test [ 71.005368] ok 35 - siphash [ 71.010591] ok 1 - drm_test_pick_cmdline_res_1920_1080_60 [ 71.010996] ok 36 - drm_test_pick_cmdline [ 71.015628] ok 1 - drm_test_buddy_alloc_limit [ 71.017530] ok 2 - drm_test_buddy_alloc_range [ 71.019293] ok 3 - drm_test_buddy_alloc_optimistic [ 71.021188] ok 4 - drm_test_buddy_alloc_pessimistic [ 71.026381] ok 5 - drm_test_buddy_alloc_smoke [ 71.028354] ok 6 - drm_test_buddy_alloc_pathological [ 71.032426] ok 37 - drm_buddy [ 71.036650] ok 1 - drm_test_cmdline_force_d_only [ 71.037669] ok 2 - drm_test_cmdline_force_D_only_dvi [ 71.039421] ok 3 - drm_test_cmdline_force_D_only_hdmi [ 71.041212] ok 4 - drm_test_cmdline_force_D_only_not_digital [ 71.043012] ok 5 - drm_test_cmdline_force_e_only [ 71.044466] ok 6 - drm_test_cmdline_res [ 71.045640] ok 7 - drm_test_cmdline_res_vesa [ 71.046676] ok 8 - drm_test_cmdline_res_vesa_rblank [ 71.047766] ok 9 - drm_test_cmdline_res_rblank [ 71.048955] ok 10 - drm_test_cmdline_res_bpp [ 71.050243] ok 11 - drm_test_cmdline_res_refresh [ 71.051585] ok 12 - drm_test_cmdline_res_bpp_refresh [ 71.052676] ok 13 - drm_test_cmdline_res_bpp_refresh_interlaced [ 71.053966] ok 14 - drm_test_cmdline_res_bpp_refresh_margins [ 71.055423] ok 15 - drm_test_cmdline_res_bpp_refresh_force_off [ 71.056707] ok 16 - drm_test_cmdline_res_bpp_refresh_force_on [ 71.058033] ok 17 - drm_test_cmdline_res_bpp_refresh_force_on_analog [ 71.059471] ok 18 - drm_test_cmdline_res_bpp_refresh_force_on_digital [ 71.060917] ok 19 - drm_test_cmdline_res_bpp_refresh_interlaced_margins_force_on [ 71.062654] ok 20 - drm_test_cmdline_res_margins_force_on [ 71.064239] ok 21 - drm_test_cmdline_res_vesa_margins [ 71.065605] ok 22 - drm_test_cmdline_name [ 71.066852] ok 23 - drm_test_cmdline_name_bpp [ 71.067876] ok 24 - drm_test_cmdline_name_option [ 71.068936] ok 25 - drm_test_cmdline_name_bpp_option [ 71.070157] ok 26 - drm_test_cmdline_rotate_0 [ 71.071334] ok 27 - drm_test_cmdline_rotate_90 [ 71.072342] ok 28 - drm_test_cmdline_rotate_180 [ 71.073396] ok 29 - drm_test_cmdline_rotate_270 [ 71.074413] ok 30 - drm_test_cmdline_hmirror [ 71.075440] ok 31 - drm_test_cmdline_vmirror [ 71.076445] ok 32 - drm_test_cmdline_margin_options [ 71.077502] ok 33 - drm_test_cmdline_multiple_options [ 71.078631] ok 34 - drm_test_cmdline_bpp_extra_and_option [ 71.079759] ok 35 - drm_test_cmdline_extra_and_option [ 71.080925] ok 36 - drm_test_cmdline_freestanding_options [ 71.082071] ok 37 - drm_test_cmdline_freestanding_force_e_and_options [ 71.083339] ok 38 - drm_test_cmdline_panel_orientation [ 71.085803] ok 1 - margin_only [ 71.087060] ok 2 - interlace_only [ 71.088053] ok 3 - res_missing_x [ 71.089118] ok 4 - res_missing_y [ 71.090193] ok 5 - res_bad_y [ 71.092005] ok 6 - res_missing_y_bpp [ 71.093032] ok 7 - res_bad_bpp [ 71.094606] ok 8 - res_bad_refresh [ 71.096736] ok 9 - res_bpp_refresh_force_on_off [ 71.098505] ok 10 - res_invalid_mode [ 71.100498] ok 11 - res_bpp_wrong_place_mode [ 71.102243] ok 12 - name_bpp_refresh [ 71.104161] ok 13 - name_refresh [ 71.105770] ok 14 - name_refresh_wrong_mode [ 71.106763] ok 15 - name_refresh_invalid_mode [ 71.107887] ok 16 - rotate_multiple [ 71.109019] ok 17 - rotate_invalid_val [ 71.110093] ok 18 - rotate_truncated [ 71.111116] ok 19 - invalid_option [ 71.112533] ok 39 - drm_test_cmdline_invalid [ 71.115432] ok 38 - drm_cmdline_parser [ 71.118146] ok 1 - drm_test_damage_iter_no_damage [ 71.118842] ok 2 - drm_test_damage_iter_no_damage_fractional_src [ 71.119968] ok 3 - drm_test_damage_iter_no_damage_src_moved [ 71.121276] ok 4 - drm_test_damage_iter_no_damage_fractional_src_moved [ 71.122534] ok 5 - drm_test_damage_iter_no_damage_not_visible [ 71.123932] ok 6 - drm_test_damage_iter_no_damage_no_crtc [ 71.125195] ok 7 - drm_test_damage_iter_no_damage_no_fb [ 71.126428] ok 8 - drm_test_damage_iter_simple_damage [ 71.127649] ok 9 - drm_test_damage_iter_single_damage [ 71.128784] ok 10 - drm_test_damage_iter_single_damage_intersect_src [ 71.129954] ok 11 - drm_test_damage_iter_single_damage_outside_src [ 71.131378] ok 12 - drm_test_damage_iter_single_damage_fractional_src [ 71.132895] ok 13 - drm_test_damage_iter_single_damage_intersect_fractional_src [ 71.134722] ok 14 - drm_test_damage_iter_single_damage_outside_fractional_src [ 71.136727] ok 15 - drm_test_damage_iter_single_damage_src_moved [ 71.138380] ok 16 - drm_test_damage_iter_single_damage_fractional_src_moved [ 71.139834] ok 17 - drm_test_damage_iter_damage [ 71.141458] ok 18 - drm_test_damage_iter_damage_one_intersect [ 71.142656] ok 19 - drm_test_damage_iter_damage_one_outside [ 71.143998] ok 20 - drm_test_damage_iter_damage_src_moved [ 71.145461] ok 21 - drm_test_damage_iter_damage_not_visible [ 71.148326] ok 39 - drm_damage_helper [ 71.153144] ok 1 - Clock 154000 BPP 30 DSC disabled [ 71.155509] ok 2 - Clock 234000 BPP 30 DSC disabled [ 71.157852] ok 3 - Clock 297000 BPP 24 DSC disabled [ 71.159331] ok 4 - Clock 332880 BPP 24 DSC enabled [ 71.160673] ok 5 - Clock 324540 BPP 24 DSC enabled [ 71.162494] ok 1 - drm_test_dp_mst_calc_pbn_mode [ 71.164879] ok 1 - DP_ENUM_PATH_RESOURCES with port number [ 71.166577] ok 2 - DP_POWER_UP_PHY with port number [ 71.167955] ok 3 - DP_POWER_DOWN_PHY with port number [ 71.169348] ok 4 - DP_ALLOCATE_PAYLOAD with SDP stream sinks [ 71.170685] ok 5 - DP_ALLOCATE_PAYLOAD with port number [ 71.172081] ok 6 - DP_ALLOCATE_PAYLOAD with VCPI [ 71.173468] ok 7 - DP_ALLOCATE_PAYLOAD with PBN [ 71.174669] ok 8 - DP_QUERY_PAYLOAD with port number [ 71.175952] ok 9 - DP_QUERY_PAYLOAD with VCPI [ 71.177272] ok 10 - DP_REMOTE_DPCD_READ with port number [ 71.178601] ok 11 - DP_REMOTE_DPCD_READ with DPCD address [ 71.179964] ok 12 - DP_REMOTE_DPCD_READ with max number of bytes [ 71.181448] ok 13 - DP_REMOTE_DPCD_WRITE with port number [ 71.182923] ok 14 - DP_REMOTE_DPCD_WRITE with DPCD address [ 71.184585] ok 15 - DP_REMOTE_DPCD_WRITE with data array [ 71.185973] ok 16 - DP_REMOTE_I2C_READ with port number [ 71.187348] ok 17 - DP_REMOTE_I2C_READ with I2C device ID [ 71.188741] ok 18 - DP_REMOTE_I2C_READ with transactions array [ 71.190167] ok 19 - DP_REMOTE_I2C_WRITE with port number [ 71.191648] ok 20 - DP_REMOTE_I2C_WRITE with I2C device ID [ 71.193303] ok 21 - DP_REMOTE_I2C_WRITE with data array [ 71.195238] ok 22 - DP_QUERY_STREAM_ENC_STATUS with stream ID [ 71.197152] ok 23 - DP_QUERY_STREAM_ENC_STATUS with client ID [ 71.199763] ok 24 - DP_QUERY_STREAM_ENC_STATUS with stream event [ 71.201719] ok 25 - DP_QUERY_STREAM_ENC_STATUS with valid stream event [ 71.203105] ok 26 - DP_QUERY_STREAM_ENC_STATUS with stream behavior [ 71.204723] ok 27 - DP_QUERY_STREAM_ENC_STATUS with a valid stream behavior [ 71.207556] ok 2 - drm_test_dp_mst_sideband_msg_req_decode [ 71.210728] ok 40 - drm_dp_mst_helper [ 71.213796] ok 1 - single_pixel_source_buffer [ 71.215181] ok 2 - single_pixel_clip_rectangle [ 71.216713] ok 3 - well_known_colors [ 71.218057] ok 4 - destination_pitch [ 71.219546] ok 1 - drm_test_fb_xrgb8888_to_gray8 [ 71.222278] ok 1 - single_pixel_source_buffer [ 71.223918] ok 2 - single_pixel_clip_rectangle [ 71.225635] ok 3 - well_known_colors [ 71.227222] ok 4 - destination_pitch [ 71.228798] ok 2 - drm_test_fb_xrgb8888_to_rgb332 [ 71.231695] ok 1 - single_pixel_source_buffer [ 71.233695] ok 2 - single_pixel_clip_rectangle [ 71.235155] ok 3 - well_known_colors [ 71.236786] ok 4 - destination_pitch [ 71.238411] ok 3 - drm_test_fb_xrgb8888_to_rgb565 [ 71.241136] ok 1 - single_pixel_source_buffer [ 71.246297] ok 2 - single_pixel_clip_rectangle [ 71.247693] ok 3 - well_known_colors [ 71.248972] ok 4 - destination_pitch [ 71.250498] ok 4 - drm_test_fb_xrgb8888_to_rgb888 [ 71.252880] ok 1 - single_pixel_source_buffer [ 71.254276] ok 2 - single_pixel_clip_rectangle [ 71.255546] ok 3 - well_known_colors [ 71.256870] ok 4 - destination_pitch [ 71.258450] ok 5 - drm_test_fb_xrgb8888_to_xrgb2101010 [ 71.261995] ok 41 - drm_format_helper_test [ 71.265185] ok 1 - drm_test_format_block_width_invalid [ 71.266047] ok 2 - drm_test_format_block_width_one_plane [ 71.267479] ok 3 - drm_test_format_block_width_two_plane [ 71.268935] ok 4 - drm_test_format_block_width_three_plane [ 71.270509] ok 5 - drm_test_format_block_width_tiled [ 71.271997] ok 6 - drm_test_format_block_height_invalid [ 71.273501] ok 7 - drm_test_format_block_height_one_plane [ 71.274879] ok 8 - drm_test_format_block_height_two_plane [ 71.276318] ok 9 - drm_test_format_block_height_three_plane [ 71.277811] ok 10 - drm_test_format_block_height_tiled [ 71.279351] ok 11 - drm_test_format_min_pitch_invalid [ 71.280774] ok 12 - drm_test_format_min_pitch_one_plane_8bpp [ 71.282299] ok 13 - drm_test_format_min_pitch_one_plane_16bpp [ 71.283961] ok 14 - drm_test_format_min_pitch_one_plane_24bpp [ 71.285592] ok 15 - drm_test_format_min_pitch_one_plane_32bpp [ 71.287188] ok 16 - drm_test_format_min_pitch_two_plane [ 71.288856] ok 17 - drm_test_format_min_pitch_three_plane_8bpp [ 71.290481] ok 18 - drm_test_format_min_pitch_tiled [ 71.293650] ok 42 - drm_format [ 71.296929] ok 1 - ABGR8888 normal sizes [ 71.298540] ok 2 - ABGR8888 max sizes [ 71.299681] ok 3 - ABGR8888 pitch greater than min required [ 71.300807] ok 4 - ABGR8888 pitch less than min required [ 71.302358] ok 5 - ABGR8888 Invalid width [ 71.303756] ok 6 - ABGR8888 Invalid buffer handle [ 71.304894] ok 7 - No pixel format [ 71.306227] ok 8 - ABGR8888 Width 0 [ 71.307409] ok 9 - ABGR8888 Height 0 [ 71.308644] ok 10 - ABGR8888 Out of bound height * pitch combination [ 71.309742] ok 11 - ABGR8888 Large buffer offset [ 71.311422] ok 12 - ABGR8888 Set DRM_MODE_FB_MODIFIERS without modifiers [ 71.312707] ok 13 - ABGR8888 Valid buffer modifier [ 71.314360] ok 14 - ABGR8888 Invalid buffer modifier(DRM_FORMAT_MOD_SAMSUNG_64_32_TILE) [ 71.315658] ok 15 - ABGR8888 Extra pitches without DRM_MODE_FB_MODIFIERS [ 71.317644] ok 16 - ABGR8888 Extra pitches with DRM_MODE_FB_MODIFIERS [ 71.319222] ok 17 - NV12 Normal sizes [ 71.320776] ok 18 - NV12 Max sizes [ 71.321869] ok 19 - NV12 Invalid pitch [ 71.322882] ok 20 - NV12 Invalid modifier/missing DRM_MODE_FB_MODIFIERS flag [ 71.323985] ok 21 - NV12 different modifier per-plane [ 71.325717] ok 22 - NV12 with DRM_FORMAT_MOD_SAMSUNG_64_32_TILE [ 71.327077] ok 23 - NV12 Valid modifiers without DRM_MODE_FB_MODIFIERS [ 71.328562] ok 24 - NV12 Modifier for inexistent plane [ 71.330281] ok 25 - NV12 Handle for inexistent plane [ 71.331729] ok 26 - NV12 Handle for inexistent plane without DRM_MODE_FB_MODIFIERS [ 71.333170] ok 27 - YVU420 Normal sizes [ 71.334890] ok 28 - YVU420 DRM_MODE_FB_MODIFIERS set without modifier [ 71.335975] ok 29 - YVU420 Max sizes [ 71.337541] ok 30 - YVU420 Invalid pitch [ 71.338586] ok 31 - YVU420 Different pitches [ 71.339717] ok 32 - YVU420 Different buffer offsets/pitches [ 71.340899] ok 33 - YVU420 Modifier set just for plane 0, without DRM_MODE_FB_MODIFIERS [ 71.342335] ok 34 - YVU420 Modifier set just for planes 0, 1, without DRM_MODE_FB_MODIFIERS [ 71.344137] ok 35 - YVU420 Modifier set just for plane 0, 1, with DRM_MODE_FB_MODIFIERS [ 71.346031] ok 36 - YVU420 Valid modifier [ 71.347929] ok 37 - YVU420 Different modifiers per plane [ 71.349190] ok 38 - YVU420 Modifier for inexistent plane [ 71.350623] ok 39 - X0L2 Normal sizes [ 71.352138] ok 40 - X0L2 Max sizes [ 71.353433] ok 41 - X0L2 Invalid pitch [ 71.354719] ok 42 - X0L2 Pitch greater than minimum required [ 71.356075] ok 43 - X0L2 Handle for inexistent plane [ 71.357769] ok 44 - X0L2 Offset for inexistent plane, without DRM_MODE_FB_MODIFIERS set [ 71.359348] ok 45 - X0L2 Modifier without DRM_MODE_FB_MODIFIERS set [ 71.361544] ok 46 - X0L2 Valid modifier [ 71.363383] ok 47 - X0L2 Modifier for inexistent plane [ 71.365317] ok 1 - drm_test_framebuffer_create [ 71.367504] ok 43 - drm_framebuffer [ 71.371838] ok 1 - drm_test_mm_init [ 71.372703] ok 2 - drm_test_mm_debug [ 72.242797] ok 3 - drm_test_mm_reserve [ 140.009204] ok 4 - drm_test_mm_insert [ 206.485547] ok 5 - drm_test_mm_replace [ 213.160469] ok 6 - drm_test_mm_insert_range [ 213.287247] # drm_test_mm_frag: bottom-up fragmented insert of 10000 and 20000 insertions took 34766286 and 70139403 nsecs [ 213.467892] # drm_test_mm_frag: top-down fragmented insert of 10000 and 20000 insertions took 45182770 and 82471761 nsecs [ 213.534216] ok 7 - drm_test_mm_frag [ 213.535443] ok 8 - drm_test_mm_align [ 213.537931] ok 9 - drm_test_mm_align32 [ 213.540573] ok 10 - drm_test_mm_align64 [ 215.361664] ok 11 - drm_test_mm_evict [ 216.676928] ok 12 - drm_test_mm_evict_range [ 216.846826] ok 13 - drm_test_mm_topdown [ 216.994637] ok 14 - drm_test_mm_bottomup [ 216.996919] ok 15 - drm_test_mm_lowest [ 216.998955] ok 16 - drm_test_mm_highest [ 217.455460] ok 17 - drm_test_mm_color [ 223.346040] ok 18 - drm_test_mm_color_evict [ 228.687936] ok 19 - drm_test_mm_color_evict_range [ 228.691077] ok 44 - drm_mm [ 228.694857] ok 1 - clipping_simple [ 228.696743] ok 2 - clipping_rotate_reflect [ 228.698216] ok 3 - positioning_simple [ 228.699818] ok 4 - upscaling [ 228.701484] ok 5 - downscaling [ 228.702727] ok 6 - rounding1 [ 228.704007] ok 7 - rounding2 [ 228.705302] ok 8 - rounding3 [ 228.706529] ok 9 - rounding4 [ 228.708084] ok 1 - drm_test_check_plane_state [ 228.711033] ok 1 - positioning_invalid [ 228.712712] ok 2 - upscaling_invalid [ 228.714042] ok 3 - downscaling_invalid [ 228.715770] ok 2 - drm_test_check_invalid_plane_state [ 228.719637] ok 45 - drm_plane_helper [ 228.724540] ok 1 - drm_test_rect_clip_scaled_div_by_zero [ 228.725712] ok 2 - drm_test_rect_clip_scaled_not_clipped [ 228.728167] ok 3 - drm_test_rect_clip_scaled_clipped [ 228.729658] ok 4 - drm_test_rect_clip_scaled_signed_vs_unsigned [ 228.732470] ok 46 - drm_rect [ 228.734749] ok 1 - freq_qos_test_min [ 228.735405] ok 2 - freq_qos_test_maxdef [ 228.736444] ok 3 - freq_qos_test_readd [ 228.738770] ok 47 - qos-kunit-test [ 228.741615] ok 1 - pe_test_uints [ 228.742927] ok 2 - pe_test_uint_arrays [ 228.743999] ok 3 - pe_test_strings [ 228.745148] ok 4 - pe_test_bool [ 228.746091] ok 5 - pe_test_move_inline_u8 [ 228.747090] ok 6 - pe_test_move_inline_str [ 228.748427] ok 7 - pe_test_reference [ 228.750808] ok 48 - property-entry [ 232.102123] ok 1 - rtc_time64_to_tm_test_date_range [ 232.103004] ok 49 - rtc_lib_test_cases [ 232.120544] ok 1 - dev_addr_test_basic [ 232.130549] ok 2 - dev_addr_test_sync_one [ 232.147543] ok 3 - dev_addr_test_add_del [ 232.162722] ok 4 - dev_addr_test_del_main [ 232.178642] ok 5 - dev_addr_test_add_set [ 232.189500] ok 6 - dev_addr_test_add_excl [ 232.194944] ok 50 - dev-addr-list-test [ 232.199565] ok 1 - mptcp_crypto_test_basic [ 232.199949] ok 51 - mptcp-crypto [ 232.201361] # Subtest: mptcp-token [ 232.202485] ok 1 - mptcp_token_test_req_basic [ 232.203230] ok 2 - mptcp_token_test_msk_basic [ 232.204472] ok 3 - mptcp_token_test_accept [ 232.205639] ok 4 - mptcp_token_test_destroyed [ 232.206405] # mptcp-token: pass:4 fail:0 skip:0 total:4 [ 232.208122] ok 52 - mptcp-token