Date
July 13, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 18.043858] ================================================================== [ 18.043931] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 18.043981] Read of size 1 at addr ffff800080a77c2a by task kunit_try_catch/250 [ 18.044041] [ 18.044086] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.044214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.044241] Hardware name: linux,dummy-virt (DT) [ 18.044631] Call trace: [ 18.044660] show_stack+0x20/0x38 (C) [ 18.044740] dump_stack_lvl+0x8c/0xd0 [ 18.044790] print_report+0x310/0x5d0 [ 18.044836] kasan_report+0xdc/0x128 [ 18.044925] __asan_report_load1_noabort+0x20/0x30 [ 18.045123] kasan_stack_oob+0x238/0x270 [ 18.045272] kunit_try_run_case+0x170/0x3f0 [ 18.045378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.045495] kthread+0x328/0x630 [ 18.045549] ret_from_fork+0x10/0x20 [ 18.045596] [ 18.045780] The buggy address belongs to stack of task kunit_try_catch/250 [ 18.046079] and is located at offset 138 in frame: [ 18.046156] kasan_stack_oob+0x0/0x270 [ 18.046469] [ 18.046499] This frame has 4 objects: [ 18.047166] [48, 49) '__assertion' [ 18.047295] [64, 72) 'array' [ 18.047430] [96, 112) '__assertion' [ 18.047925] [128, 138) 'stack_array' [ 18.048047] [ 18.048211] The buggy address ffff800080a77c2a belongs to a vmalloc virtual mapping [ 18.048265] The buggy address belongs to the physical page: [ 18.048706] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058af [ 18.048834] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.048920] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.048973] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.049034] page dumped because: kasan: bad access detected [ 18.049217] [ 18.049389] Memory state around the buggy address: [ 18.049478] ffff800080a77b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.049526] ffff800080a77b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 18.049799] >ffff800080a77c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 18.049959] ^ [ 18.050036] ffff800080a77c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 18.050102] ffff800080a77d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.050145] ==================================================================
[ 18.809047] ================================================================== [ 18.809259] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 18.809436] Read of size 1 at addr ffff800080a97c2a by task kunit_try_catch/250 [ 18.809564] [ 18.809717] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.809852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.809877] Hardware name: linux,dummy-virt (DT) [ 18.809910] Call trace: [ 18.809931] show_stack+0x20/0x38 (C) [ 18.809977] dump_stack_lvl+0x8c/0xd0 [ 18.810030] print_report+0x310/0x5d0 [ 18.810075] kasan_report+0xdc/0x128 [ 18.810128] __asan_report_load1_noabort+0x20/0x30 [ 18.810282] kasan_stack_oob+0x238/0x270 [ 18.810498] kunit_try_run_case+0x170/0x3f0 [ 18.810953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.811135] kthread+0x328/0x630 [ 18.811287] ret_from_fork+0x10/0x20 [ 18.811528] [ 18.811596] The buggy address belongs to stack of task kunit_try_catch/250 [ 18.812005] and is located at offset 138 in frame: [ 18.812049] kasan_stack_oob+0x0/0x270 [ 18.812292] [ 18.812325] This frame has 4 objects: [ 18.812873] [48, 49) '__assertion' [ 18.812942] [64, 72) 'array' [ 18.812975] [96, 112) '__assertion' [ 18.813058] [128, 138) 'stack_array' [ 18.813115] [ 18.813141] The buggy address ffff800080a97c2a belongs to a vmalloc virtual mapping [ 18.813291] The buggy address belongs to the physical page: [ 18.813491] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a9f [ 18.813589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.813665] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.813718] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.814001] page dumped because: kasan: bad access detected [ 18.814114] [ 18.814133] Memory state around the buggy address: [ 18.814202] ffff800080a97b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.814356] ffff800080a97b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 18.814785] >ffff800080a97c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 18.814973] ^ [ 18.815011] ffff800080a97c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 18.815118] ffff800080a97d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.815161] ==================================================================
[ 14.445190] ================================================================== [ 14.446217] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.446471] Read of size 1 at addr ffff8881039f7d02 by task kunit_try_catch/267 [ 14.447216] [ 14.447325] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.447373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.447385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.447408] Call Trace: [ 14.447422] <TASK> [ 14.447438] dump_stack_lvl+0x73/0xb0 [ 14.447484] print_report+0xd1/0x610 [ 14.447507] ? __virt_addr_valid+0x1db/0x2d0 [ 14.447532] ? kasan_stack_oob+0x2b5/0x300 [ 14.447552] ? kasan_addr_to_slab+0x11/0xa0 [ 14.447575] ? kasan_stack_oob+0x2b5/0x300 [ 14.447596] kasan_report+0x141/0x180 [ 14.447617] ? kasan_stack_oob+0x2b5/0x300 [ 14.447643] __asan_report_load1_noabort+0x18/0x20 [ 14.447669] kasan_stack_oob+0x2b5/0x300 [ 14.447690] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.447711] ? finish_task_switch.isra.0+0x153/0x700 [ 14.447736] ? __switch_to+0x47/0xf50 [ 14.447763] ? __schedule+0x10cc/0x2b60 [ 14.447786] ? __pfx_read_tsc+0x10/0x10 [ 14.447808] ? ktime_get_ts64+0x86/0x230 [ 14.447834] kunit_try_run_case+0x1a5/0x480 [ 14.447859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.447882] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.447908] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.447932] ? __kthread_parkme+0x82/0x180 [ 14.447954] ? preempt_count_sub+0x50/0x80 [ 14.447978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.448004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.448029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.448056] kthread+0x337/0x6f0 [ 14.448074] ? trace_preempt_on+0x20/0xc0 [ 14.448099] ? __pfx_kthread+0x10/0x10 [ 14.448120] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.448142] ? calculate_sigpending+0x7b/0xa0 [ 14.448168] ? __pfx_kthread+0x10/0x10 [ 14.448189] ret_from_fork+0x116/0x1d0 [ 14.448208] ? __pfx_kthread+0x10/0x10 [ 14.448229] ret_from_fork_asm+0x1a/0x30 [ 14.448261] </TASK> [ 14.448272] [ 14.456128] The buggy address belongs to stack of task kunit_try_catch/267 [ 14.456487] and is located at offset 138 in frame: [ 14.456872] kasan_stack_oob+0x0/0x300 [ 14.457156] [ 14.457269] This frame has 4 objects: [ 14.457558] [48, 49) '__assertion' [ 14.457581] [64, 72) 'array' [ 14.457795] [96, 112) '__assertion' [ 14.457953] [128, 138) 'stack_array' [ 14.458092] [ 14.458345] The buggy address belongs to the physical page: [ 14.458618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f7 [ 14.458960] flags: 0x200000000000000(node=0|zone=2) [ 14.459159] raw: 0200000000000000 ffffea00040e7dc8 ffffea00040e7dc8 0000000000000000 [ 14.459735] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.460094] page dumped because: kasan: bad access detected [ 14.460294] [ 14.460364] Memory state around the buggy address: [ 14.460534] ffff8881039f7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.460794] ffff8881039f7c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.461109] >ffff8881039f7d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.461536] ^ [ 14.461750] ffff8881039f7d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.461983] ffff8881039f7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.462197] ==================================================================
[ 14.672150] ================================================================== [ 14.672928] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.673750] Read of size 1 at addr ffff888103b67d02 by task kunit_try_catch/267 [ 14.674849] [ 14.675322] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.675375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.675387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.675408] Call Trace: [ 14.675422] <TASK> [ 14.675440] dump_stack_lvl+0x73/0xb0 [ 14.675473] print_report+0xd1/0x610 [ 14.675498] ? __virt_addr_valid+0x1db/0x2d0 [ 14.675523] ? kasan_stack_oob+0x2b5/0x300 [ 14.675543] ? kasan_addr_to_slab+0x11/0xa0 [ 14.675564] ? kasan_stack_oob+0x2b5/0x300 [ 14.675584] kasan_report+0x141/0x180 [ 14.675607] ? kasan_stack_oob+0x2b5/0x300 [ 14.675632] __asan_report_load1_noabort+0x18/0x20 [ 14.675948] kasan_stack_oob+0x2b5/0x300 [ 14.675973] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.675995] ? finish_task_switch.isra.0+0x153/0x700 [ 14.676024] ? __switch_to+0x47/0xf50 [ 14.676062] ? __schedule+0x10cc/0x2b60 [ 14.676085] ? __pfx_read_tsc+0x10/0x10 [ 14.676108] ? ktime_get_ts64+0x86/0x230 [ 14.676134] kunit_try_run_case+0x1a5/0x480 [ 14.676161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.676185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.676211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.676236] ? __kthread_parkme+0x82/0x180 [ 14.676258] ? preempt_count_sub+0x50/0x80 [ 14.676281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.676307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.676332] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.676358] kthread+0x337/0x6f0 [ 14.676378] ? trace_preempt_on+0x20/0xc0 [ 14.676404] ? __pfx_kthread+0x10/0x10 [ 14.676425] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.676448] ? calculate_sigpending+0x7b/0xa0 [ 14.676474] ? __pfx_kthread+0x10/0x10 [ 14.676496] ret_from_fork+0x116/0x1d0 [ 14.676515] ? __pfx_kthread+0x10/0x10 [ 14.676536] ret_from_fork_asm+0x1a/0x30 [ 14.676569] </TASK> [ 14.676579] [ 14.685371] The buggy address belongs to stack of task kunit_try_catch/267 [ 14.685843] and is located at offset 138 in frame: [ 14.686072] kasan_stack_oob+0x0/0x300 [ 14.686413] [ 14.686513] This frame has 4 objects: [ 14.686862] [48, 49) '__assertion' [ 14.686887] [64, 72) 'array' [ 14.687067] [96, 112) '__assertion' [ 14.687270] [128, 138) 'stack_array' [ 14.687428] [ 14.687712] The buggy address belongs to the physical page: [ 14.687890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b67 [ 14.688260] flags: 0x200000000000000(node=0|zone=2) [ 14.688475] raw: 0200000000000000 ffffea00040ed9c8 ffffea00040ed9c8 0000000000000000 [ 14.688709] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.688990] page dumped because: kasan: bad access detected [ 14.689339] [ 14.689439] Memory state around the buggy address: [ 14.689721] ffff888103b67c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.690042] ffff888103b67c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.690366] >ffff888103b67d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.690925] ^ [ 14.691115] ffff888103b67d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.691431] ffff888103b67e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.691795] ==================================================================