Hay
Sign in
Date
June 26, 2025, 11:12 a.m.

Environment
e850-96
qemu-arm64
qemu-x86_64 

[   39.182549] ==================================================================
[   39.196920] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270
[   39.203776] Read of size 1 at addr ffff800089307c2a by task kunit_try_catch/298
[   39.211067] 
[   39.212554] CPU: 6 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   39.212615] Tainted: [B]=BAD_PAGE, [N]=TEST
[   39.212634] Hardware name: WinLink E850-96 board (DT)
[   39.212658] Call trace:
[   39.212673]  show_stack+0x20/0x38 (C)
[   39.212712]  dump_stack_lvl+0x8c/0xd0
[   39.212753]  print_report+0x310/0x608
[   39.212789]  kasan_report+0xdc/0x128
[   39.212818]  __asan_report_load1_noabort+0x20/0x30
[   39.212859]  kasan_stack_oob+0x238/0x270
[   39.212895]  kunit_try_run_case+0x170/0x3f0
[   39.212932]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   39.212973]  kthread+0x328/0x630
[   39.213009]  ret_from_fork+0x10/0x20
[   39.213045] 
[   39.275132] The buggy address belongs to stack of task kunit_try_catch/298
[   39.281988]  and is located at offset 138 in frame:
[   39.286847]  kasan_stack_oob+0x0/0x270
[   39.290584] 
[   39.292055] This frame has 4 objects:
[   39.295705]  [48, 49) '__assertion'
[   39.295728]  [64, 72) 'array'
[   39.299174]  [96, 112) '__assertion'
[   39.302127]  [128, 138) 'stack_array'
[   39.305683] 
[   39.310810] The buggy address belongs to the virtual mapping at
[   39.310810]  [ffff800089300000, ffff800089309000) created by:
[   39.310810]  kernel_clone+0x150/0x7a8
[   39.326082] 
[   39.327562] The buggy address belongs to the physical page:
[   39.333118] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8867fc
[   39.341103] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   39.347623] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   39.355342] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   39.363061] page dumped because: kasan: bad access detected
[   39.368618] 
[   39.370092] Memory state around the buggy address:
[   39.374875]  ffff800089307b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   39.382075]  ffff800089307b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2
[   39.389280] >ffff800089307c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00
[   39.396481]                                   ^
[   39.400998]  ffff800089307c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2
[   39.408203]  ffff800089307d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00
[   39.415405] ==================================================================
Metadata Full log Test run details 

[   20.246023] ==================================================================
[   20.246144] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270
[   20.246251] Read of size 1 at addr ffff800080ac7c2a by task kunit_try_catch/251
[   20.246303] 
[   20.246397] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   20.246510] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.246586] Hardware name: linux,dummy-virt (DT)
[   20.246639] Call trace:
[   20.246677]  show_stack+0x20/0x38 (C)
[   20.246731]  dump_stack_lvl+0x8c/0xd0
[   20.246797]  print_report+0x310/0x608
[   20.246843]  kasan_report+0xdc/0x128
[   20.247205]  __asan_report_load1_noabort+0x20/0x30
[   20.247317]  kasan_stack_oob+0x238/0x270
[   20.247402]  kunit_try_run_case+0x170/0x3f0
[   20.247456]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.247539]  kthread+0x328/0x630
[   20.247612]  ret_from_fork+0x10/0x20
[   20.247668] 
[   20.247751] The buggy address belongs to stack of task kunit_try_catch/251
[   20.248100]  and is located at offset 138 in frame:
[   20.248153]  kasan_stack_oob+0x0/0x270
[   20.248370] 
[   20.248402] This frame has 4 objects:
[   20.248629]  [48, 49) '__assertion'
[   20.248685]  [64, 72) 'array'
[   20.248720]  [96, 112) '__assertion'
[   20.248846]  [128, 138) 'stack_array'
[   20.249128] 
[   20.249216] The buggy address belongs to the virtual mapping at
[   20.249216]  [ffff800080ac0000, ffff800080ac9000) created by:
[   20.249216]  kernel_clone+0x150/0x7a8
[   20.249413] 
[   20.249475] The buggy address belongs to the physical page:
[   20.249505] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105be6
[   20.249557] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.249986] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   20.250181] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.250286] page dumped because: kasan: bad access detected
[   20.250407] 
[   20.250495] Memory state around the buggy address:
[   20.250618]  ffff800080ac7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.250743]  ffff800080ac7b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2
[   20.250828] >ffff800080ac7c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00
[   20.251204]                                   ^
[   20.251372]  ffff800080ac7c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2
[   20.251497]  ffff800080ac7d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00
[   20.251572] ==================================================================
Metadata Full log Test run details 

[   12.732027] ==================================================================
[   12.732684] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300
[   12.733238] Read of size 1 at addr ffff888103a67d02 by task kunit_try_catch/268
[   12.733535] 
[   12.733649] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   12.733700] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.733712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.733736] Call Trace:
[   12.733927]  <TASK>
[   12.733954]  dump_stack_lvl+0x73/0xb0
[   12.733988]  print_report+0xd1/0x650
[   12.734014]  ? __virt_addr_valid+0x1db/0x2d0
[   12.734039]  ? kasan_stack_oob+0x2b5/0x300
[   12.734059]  ? kasan_addr_to_slab+0x11/0xa0
[   12.734080]  ? kasan_stack_oob+0x2b5/0x300
[   12.734101]  kasan_report+0x141/0x180
[   12.734124]  ? kasan_stack_oob+0x2b5/0x300
[   12.734149]  __asan_report_load1_noabort+0x18/0x20
[   12.734170]  kasan_stack_oob+0x2b5/0x300
[   12.734191]  ? __pfx_kasan_stack_oob+0x10/0x10
[   12.734215]  ? __kasan_check_write+0x18/0x20
[   12.734235]  ? queued_spin_lock_slowpath+0x116/0xb40
[   12.734260]  ? irqentry_exit+0x2a/0x60
[   12.734279]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.734306]  ? __pfx_read_tsc+0x10/0x10
[   12.734327]  ? ktime_get_ts64+0x86/0x230
[   12.734354]  kunit_try_run_case+0x1a5/0x480
[   12.734381]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.734405]  ? queued_spin_lock_slowpath+0x116/0xb40
[   12.734429]  ? __kthread_parkme+0x82/0x180
[   12.734452]  ? preempt_count_sub+0x50/0x80
[   12.734478]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.734501]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.734525]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.734548]  kthread+0x337/0x6f0
[   12.734577]  ? trace_preempt_on+0x20/0xc0
[   12.734602]  ? __pfx_kthread+0x10/0x10
[   12.734620]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.734642]  ? calculate_sigpending+0x7b/0xa0
[   12.734664]  ? __pfx_kthread+0x10/0x10
[   12.734683]  ret_from_fork+0x41/0x80
[   12.734703]  ? __pfx_kthread+0x10/0x10
[   12.734772]  ret_from_fork_asm+0x1a/0x30
[   12.734808]  </TASK>
[   12.734820] 
[   12.742483] The buggy address belongs to stack of task kunit_try_catch/268
[   12.742957]  and is located at offset 138 in frame:
[   12.743184]  kasan_stack_oob+0x0/0x300
[   12.743514] 
[   12.743626] This frame has 4 objects:
[   12.744072]  [48, 49) '__assertion'
[   12.744097]  [64, 72) 'array'
[   12.744238]  [96, 112) '__assertion'
[   12.744402]  [128, 138) 'stack_array'
[   12.744574] 
[   12.744849] The buggy address belongs to the physical page:
[   12.745080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67
[   12.745395] flags: 0x200000000000000(node=0|zone=2)
[   12.745654] raw: 0200000000000000 ffffea00040e99c8 ffffea00040e99c8 0000000000000000
[   12.745956] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   12.746206] page dumped because: kasan: bad access detected
[   12.746377] 
[   12.746444] Memory state around the buggy address:
[   12.746628]  ffff888103a67c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1
[   12.747216]  ffff888103a67c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00
[   12.747537] >ffff888103a67d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1
[   12.747778]                    ^
[   12.747893]  ffff888103a67d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00
[   12.748286]  ffff888103a67e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.748646] ==================================================================
Metadata Full log Test run details