Date
March 19, 2025, 10:35 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 37.673267] ================================================================== [ 37.673436] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 37.673623] Read of size 1 at addr ffffaabf8001704d by task kunit_try_catch/247 [ 37.673789] [ 37.673900] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT [ 37.674186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.674276] Hardware name: linux,dummy-virt (DT) [ 37.674413] Call trace: [ 37.674489] show_stack+0x20/0x38 (C) [ 37.674642] dump_stack_lvl+0x8c/0xd0 [ 37.674832] print_report+0x2fc/0x5f0 [ 37.674985] kasan_report+0xc8/0x118 [ 37.675386] __asan_report_load1_noabort+0x20/0x30 [ 37.675905] kasan_global_oob_right+0x230/0x270 [ 37.676109] kunit_try_run_case+0x14c/0x3d0 [ 37.676662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.676867] kthread+0x318/0x618 [ 37.677018] ret_from_fork+0x10/0x20 [ 37.677245] [ 37.677458] The buggy address belongs to the variable: [ 37.677598] global_array+0xd/0x40 [ 37.677748] [ 37.678323] The buggy address belongs to the virtual mapping at [ 37.678323] [ffffaabf7e160000, ffffaabf800d1000) created by: [ 37.678323] paging_init+0x668/0x7c8 [ 37.678705] [ 37.679257] The buggy address belongs to the physical page: [ 37.679435] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47e17 [ 37.679627] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 37.679959] raw: 03fffe0000002000 ffffc1ffc01f85c8 ffffc1ffc01f85c8 0000000000000000 [ 37.680224] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 37.680412] page dumped because: kasan: bad access detected [ 37.680515] [ 37.680570] Memory state around the buggy address: [ 37.681162] ffffaabf80016f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 37.681457] ffffaabf80016f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 37.681609] >ffffaabf80017000: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 37.681732] ^ [ 37.681880] ffffaabf80017080: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 37.682394] ffffaabf80017100: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 37.682578] ==================================================================
[ 24.586629] ================================================================== [ 24.587530] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 24.588182] Read of size 1 at addr ffffffffb654fe8d by task kunit_try_catch/266 [ 24.588706] [ 24.589696] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.590197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.590222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.590253] Call Trace: [ 24.590271] <TASK> [ 24.590292] dump_stack_lvl+0x73/0xb0 [ 24.590335] print_report+0xd1/0x660 [ 24.590371] ? __virt_addr_valid+0x1db/0x2d0 [ 24.590436] ? kasan_addr_to_slab+0x11/0xa0 [ 24.590470] kasan_report+0x104/0x140 [ 24.590500] ? kasan_global_oob_right+0x286/0x2d0 [ 24.590536] ? kasan_global_oob_right+0x286/0x2d0 [ 24.590576] __asan_report_load1_noabort+0x18/0x20 [ 24.590606] kasan_global_oob_right+0x286/0x2d0 [ 24.590638] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 24.590674] ? __schedule+0xd46/0x29c0 [ 24.590749] ? __pfx_read_tsc+0x10/0x10 [ 24.590799] ? ktime_get_ts64+0x86/0x240 [ 24.590845] kunit_try_run_case+0x1b2/0x490 [ 24.590882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.590915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.590948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.590980] ? __kthread_parkme+0x82/0x160 [ 24.591011] ? preempt_count_sub+0x50/0x80 [ 24.591046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.591080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.591136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.591172] kthread+0x323/0x710 [ 24.591202] ? trace_preempt_on+0x20/0xc0 [ 24.591236] ? __pfx_kthread+0x10/0x10 [ 24.591268] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.591297] ? calculate_sigpending+0x7b/0xa0 [ 24.591328] ? __pfx_kthread+0x10/0x10 [ 24.591360] ret_from_fork+0x41/0x80 [ 24.591392] ? __pfx_kthread+0x10/0x10 [ 24.591423] ret_from_fork_asm+0x1a/0x30 [ 24.591470] </TASK> [ 24.591486] [ 24.604948] The buggy address belongs to the variable: [ 24.605480] global_array+0xd/0x40 [ 24.606492] [ 24.606992] The buggy address belongs to the physical page: [ 24.607545] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3b34f [ 24.608430] flags: 0x100000000002000(reserved|node=0|zone=1) [ 24.609180] raw: 0100000000002000 ffffea0000ecd3c8 ffffea0000ecd3c8 0000000000000000 [ 24.609986] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.610506] page dumped because: kasan: bad access detected [ 24.610905] [ 24.611330] Memory state around the buggy address: [ 24.611949] ffffffffb654fd80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.612793] ffffffffb654fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.613360] >ffffffffb654fe80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 24.613727] ^ [ 24.613962] ffffffffb654ff00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 24.614838] ffffffffb654ff80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 24.615954] ==================================================================