Hay
Sign in
Date
June 23, 2025, 7:07 a.m.

Environment
qemu-arm64
qemu-x86_64 

[   35.852749] ==================================================================
[   35.852917] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270
[   35.853073] Read of size 1 at addr ffff800080b07c2a by task kunit_try_catch/261
[   35.853220] 
[   35.853389] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT 
[   35.853744] Tainted: [B]=BAD_PAGE, [N]=TEST
[   35.853816] Hardware name: linux,dummy-virt (DT)
[   35.853899] Call trace:
[   35.853958]  show_stack+0x20/0x38 (C)
[   35.854106]  dump_stack_lvl+0x8c/0xd0
[   35.854229]  print_report+0x310/0x608
[   35.854354]  kasan_report+0xdc/0x128
[   35.854468]  __asan_report_load1_noabort+0x20/0x30
[   35.854727]  kasan_stack_oob+0x238/0x270
[   35.854887]  kunit_try_run_case+0x170/0x3f0
[   35.855056]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.855323]  kthread+0x328/0x630
[   35.855519]  ret_from_fork+0x10/0x20
[   35.855660] 
[   35.855793] The buggy address belongs to stack of task kunit_try_catch/261
[   35.856161]  and is located at offset 138 in frame:
[   35.856267]  kasan_stack_oob+0x0/0x270
[   35.856669] 
[   35.856745] This frame has 4 objects:
[   35.857154]  [48, 49) '__assertion'
[   35.857272]  [64, 72) 'array'
[   35.857372]  [96, 112) '__assertion'
[   35.857499]  [128, 138) 'stack_array'
[   35.857631] 
[   35.857723] The buggy address belongs to the virtual mapping at
[   35.857723]  [ffff800080b00000, ffff800080b09000) created by:
[   35.857723]  kernel_clone+0x150/0x7a8
[   35.858140] 
[   35.858315] The buggy address belongs to the physical page:
[   35.858935] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   35.868222]     ok 57 kasan_stack_oob
[   35.873308] Read of size 1 at addr ffff800080b07b5f by task kunit_try_catch/263
[   35.875534]  kasan_alloca_oob_left+0x2b8/0x310
[   35.877259] 
[   35.878170] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   35.879780]  ffff800080b07c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00
[   35.903849] Tainted: [B]=BAD_PAGE, [N]=TEST
[   35.905273]  __asan_report_load1_noabort+0x20/0x30
[   35.907782] 
[   35.907850] The buggy address belongs to the physical page:
[   35.908104] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10643d
[   35.908489] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   35.908644] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   35.909459]  ffff800080b07a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.933428]     # kasan_memchr: EXPECTATION FAILED at mm/kasan/kasan_test_c.c:1535
[   35.933428]     KASAN failure expected in "kasan_ptr_result = memchr(ptr, '1', size + 1)", but none occurred
[   35.955501]  __kasan_kmalloc+0xd4/0xd8
[   35.962647] 
[   35.963719] page dumped because: kasan: bad access detected
[   35.993323]     # kasan_strings: EXPECTATION FAILED at mm/kasan/kasan_test_c.c:1610
[   35.993323]     KASAN failure expected in "kasan_ptr_result = strchr(ptr, '1')", but none occurred
[   36.000449] Read of size 1 at addr fff00000c77fd290 by task kunit_try_catch/271
[   36.002294] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.005303]  print_report+0x118/0x608
[   36.007487]  kasan_save_track+0x20/0x40
[   36.008152]  kasan_strings+0xc8/0xb00
[   36.010234]  kunit_try_run_case+0x170/0x3f0
[   36.011721] 
[   36.014653] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000
[   36.016039] >fff00000c77fd280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[   36.018002] ==================================================================
Metadata Full log Test run details 

[   23.706640] ==================================================================
[   23.707077] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300
[   23.707709] Read of size 1 at addr ffff888103a5fd02 by task kunit_try_catch/278
[   23.708406] 
[   23.708569] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) 
[   23.708651] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.708667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.708686] Call Trace:
[   23.708700]  <TASK>
[   23.708715]  dump_stack_lvl+0x73/0xb0
[   23.708745]  print_report+0xd1/0x650
[   23.708765]  ? __virt_addr_valid+0x1db/0x2d0
[   23.708787]  ? kasan_stack_oob+0x2b5/0x300
[   23.708815]  ? kasan_addr_to_slab+0x11/0xa0
[   23.709075]  ? kasan_stack_oob+0x2b5/0x300
[   23.709114]  kasan_report+0x141/0x180
[   23.709145]  ? kasan_stack_oob+0x2b5/0x300
[   23.709179]  __asan_report_load1_noabort+0x18/0x20
[   23.709200]  kasan_stack_oob+0x2b5/0x300
[   23.709217]  ? __pfx_kasan_stack_oob+0x10/0x10
[   23.709233]  ? finish_task_switch.isra.0+0x153/0x700
[   23.709251]  ? __switch_to+0x47/0xf50
[   23.709275]  ? __schedule+0x10cc/0x2b60
[   23.709294]  ? __pfx_read_tsc+0x10/0x10
[   23.709311]  ? ktime_get_ts64+0x86/0x230
[   23.709331]  kunit_try_run_case+0x1a5/0x480
[   23.709351]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.709369]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.709410]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.709430]  ? __kthread_parkme+0x82/0x180
[   23.709449]  ? preempt_count_sub+0x50/0x80
[   23.709469]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.709489]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.709509]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.709529]  kthread+0x337/0x6f0
[   23.709545]  ? trace_preempt_on+0x20/0xc0
[   23.709564]  ? __pfx_kthread+0x10/0x10
[   23.709582]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.709599]  ? calculate_sigpending+0x7b/0xa0
[   23.709618]  ? __pfx_kthread+0x10/0x10
[   23.709636]  ret_from_fork+0x116/0x1d0
[   23.709652]  ? __pfx_kthread+0x10/0x10
[   23.709668]  ret_from_fork_asm+0x1a/0x30
[   23.709694]  </TASK>
[   23.709706] 
[   23.721672] The buggy address belongs to stack of task kunit_try_catch/278
[   23.722797]  and is located at offset 138 in frame:
[   23.723108]  kasan_stack_oob+0x0/0x300
[   23.723557] 
[   23.723955] This frame has 4 objects:
[   23.724459]  [48, 49) '__assertion'
[   23.724529]  [64, 72) 'array'
[   23.724685]  [96, 112) '__assertion'
[   23.724864]  [128, 138) 'stack_array'
[   23.725156] 
[   23.725487] The buggy address belongs to the physical page:
[   23.725794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a5f
[   23.726720] flags: 0x200000000000000(node=0|zone=2)
[   23.727230] raw: 0200000000000000 ffffea00040e97c8 ffffea00040e97c8 0000000000000000
[   23.727562] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   23.728430] page dumped because: kasan: bad access detected
[   23.728731] 
[   23.728788] Memory state around the buggy address:
[   23.728921]  ffff888103a5fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1
[   23.729347]  ffff888103a5fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00
[   23.729655] >ffff888103a5fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1
[   23.730330]                    ^
[   23.730511]  ffff888103a5fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00
[   23.730984]  ffff888103a5fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.731496] ==================================================================
Metadata Full log Test run details