Hay
Date
June 2, 2025, 2:10 p.m.

Environment
qemu-arm64
qemu-x86_64

[   21.943888] ==================================================================
[   21.944817] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2c0/0x318
[   21.945605] Read of size 1 at addr ffff800080bc7bdf by task kunit_try_catch/238
[   21.946067] 
[   21.946290] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   21.946483] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.946544] Hardware name: linux,dummy-virt (DT)
[   21.946614] Call trace:
[   21.946666]  dump_backtrace+0x9c/0x128
[   21.946772]  show_stack+0x20/0x38
[   21.946851]  dump_stack_lvl+0x8c/0xd0
[   21.946941]  print_report+0x310/0x5f0
[   21.947025]  kasan_report+0xdc/0x128
[   21.948517]  __asan_report_load1_noabort+0x20/0x30
[   21.948631]  kasan_alloca_oob_left+0x2c0/0x318
[   21.948730]  kunit_try_run_case+0x170/0x3f0
[   21.948823]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.948926]  kthread+0x24c/0x2d0
[   21.949009]  ret_from_fork+0x10/0x20
[   21.949101] 
[   21.958422] The buggy address belongs to stack of task kunit_try_catch/238
[   21.959684] 
[   21.960260] The buggy address belongs to the virtual mapping at
[   21.960260]  [ffff800080bc0000, ffff800080bc9000) created by:
[   21.960260]  kernel_clone+0x150/0x7a8
[   21.961663] 
[   21.962073] The buggy address belongs to the physical page:
[   21.962678] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106d9f
[   21.963428] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.964095] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   21.964813] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   21.965472] page dumped because: kasan: bad access detected
[   21.965911] 
[   21.966207] Memory state around the buggy address:
[   21.966809]  ffff800080bc7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.967481]  ffff800080bc7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.968336] >ffff800080bc7b80: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb
[   21.968948]                                                     ^
[   21.969590]  ffff800080bc7c00: cb cb cb cb 00 00 00 00 00 00 f1 f1 f1 f1 01 f2
[   21.970252]  ffff800080bc7c80: 04 f2 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00
[   21.970862] ==================================================================

[   13.953838] ==================================================================
[   13.954252] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x322/0x380
[   13.954632] Read of size 1 at addr ffff888102affc9f by task kunit_try_catch/256
[   13.955420] 
[   13.955583] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N 6.12.32-rc1 #1
[   13.955636] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.955648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.955681] Call Trace:
[   13.955760]  <TASK>
[   13.955809]  dump_stack_lvl+0x73/0xb0
[   13.955850]  print_report+0xd1/0x640
[   13.955874]  ? __virt_addr_valid+0x1db/0x2d0
[   13.955908]  ? kasan_alloca_oob_left+0x322/0x380
[   13.955933]  ? kasan_addr_to_slab+0x11/0xa0
[   13.955953]  ? kasan_alloca_oob_left+0x322/0x380
[   13.955976]  kasan_report+0x140/0x180
[   13.955999]  ? kasan_alloca_oob_left+0x322/0x380
[   13.956026]  __asan_report_load1_noabort+0x18/0x20
[   13.956047]  kasan_alloca_oob_left+0x322/0x380
[   13.956071]  ? dup_user_cpus_ptr+0x11e/0x260
[   13.956156]  ? __schedule+0xc49/0x27a0
[   13.956180]  ? trace_hardirqs_on+0x37/0xe0
[   13.956207]  ? __pfx_kasan_alloca_oob_left+0x10/0x10
[   13.956236]  ? __schedule+0xc49/0x27a0
[   13.956254]  ? __pfx_read_tsc+0x10/0x10
[   13.956273]  ? ktime_get_ts64+0x84/0x230
[   13.956300]  kunit_try_run_case+0x1a6/0x480
[   13.956324]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.956344]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   13.956363]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.956387]  ? __kthread_parkme+0x82/0x160
[   13.956405]  ? preempt_count_sub+0x50/0x80
[   13.956425]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.956444]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.956467]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.956492]  kthread+0x257/0x310
[   13.956509]  ? __pfx_kthread+0x10/0x10
[   13.956526]  ret_from_fork+0x41/0x80
[   13.956545]  ? __pfx_kthread+0x10/0x10
[   13.956562]  ret_from_fork_asm+0x1a/0x30
[   13.956591]  </TASK>
[   13.956602] 
[   13.962184] The buggy address belongs to stack of task kunit_try_catch/256
[   13.962502] 
[   13.962612] The buggy address belongs to the physical page:
[   13.962744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aff
[   13.962992] flags: 0x200000000000000(node=0|zone=2)
[   13.963245] raw: 0200000000000000 ffffea00040abfc8 ffffea00040abfc8 0000000000000000
[   13.963446] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   13.963667] page dumped because: kasan: bad access detected
[   13.963909] 
[   13.963961] Memory state around the buggy address:
[   13.964134]  ffff888102affb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.964258]  ffff888102affc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.964376] >ffff888102affc80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00
[   13.964558]                             ^
[   13.964744]  ffff888102affd00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3
[   13.965381]  ffff888102affd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1
[   13.965765] ==================================================================