Hay
Sign in
Date
Feb. 5, 2025, 2:09 p.m.

Environment
qemu-armv7
qemu-x86_64 

[  146.587384] ==================================================================
[  146.588468] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0xfc/0x1dc
[  146.589373] Read of size 1 at addr fa083d4a by task kunit_try_catch/183
[  146.590084] 
[  146.590362] CPU: 1 PID: 183 Comm: kunit_try_catch Tainted: G    B            N 6.6.76-rc1 #1
[  146.591436] Hardware name: Generic DT based system
[  146.592209]  unwind_backtrace from show_stack+0x18/0x1c
[  146.592961]  show_stack from dump_stack_lvl+0x58/0x70
[  146.593645]  dump_stack_lvl from print_report+0x164/0x51c
[  146.594409]  print_report from kasan_report+0xc8/0x104
[  146.595220]  kasan_report from kasan_alloca_oob_right+0xfc/0x1dc
[  146.596040]  kasan_alloca_oob_right from kunit_try_run_case+0x11c/0x2e4
[  146.596979]  kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48
[  146.597942]  kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8
[  146.599099]  kthread from ret_from_fork+0x14/0x30
[  146.599813] Exception stack(0xfa083fb0 to 0xfa083ff8)
[  146.600622] 3fa0:                                     00000000 00000000 00000000 00000000
[  146.601726] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[  146.602802] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000
[  146.603631] 
[  146.603886] The buggy address belongs to stack of task kunit_try_catch/183
[  146.604737] 
[  146.605232] The buggy address belongs to the virtual mapping at
[  146.605232]  [fa080000, fa085000) created by:
[  146.605232]  kernel_clone+0xcc/0x4b0
[  146.607324] 
[  146.607568] The buggy address belongs to the physical page:
[  146.608345] page:3c2f397c refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x13fc3e
[  146.609280] flags: 0x80000000(zone=2)
[  146.609824] page_type: 0xffffffff()
[  146.610341] raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001
[  146.611203] raw: 00000000
[  146.611527] page dumped because: kasan: bad access detected
[  146.612267] 
[  146.612495] Memory state around the buggy address:
[  146.613110]  fa083c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  146.614004]  fa083c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  146.614875] >fa083d00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb
[  146.615514]                                       ^
[  146.616680]  fa083d80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 04 f2 04 f2
[  146.617418]  fa083e00: 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
[  146.618003] ==================================================================
Metadata Full log Test run details 

[   49.487864] ==================================================================
[   49.488977] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x107/0x1f0
[   49.490029] Read of size 1 at addr ffff888102ab7cca by task kunit_try_catch/206
[   49.491536] 
[   49.491920] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G    B            N 6.6.76-rc1 #1
[   49.493028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   49.494328] Call Trace:
[   49.494702]  <TASK>
[   49.495448]  dump_stack_lvl+0x4e/0x90
[   49.496160]  print_report+0xd2/0x660
[   49.496832]  ? __virt_addr_valid+0x156/0x1e0
[   49.497503]  ? kasan_addr_to_slab+0x11/0xb0
[   49.498243]  kasan_report+0xff/0x140
[   49.498680]  ? kasan_alloca_oob_right+0x107/0x1f0
[   49.499637]  ? kasan_alloca_oob_right+0x107/0x1f0
[   49.500241]  __asan_load1+0x66/0x70
[   49.501089]  kasan_alloca_oob_right+0x107/0x1f0
[   49.501732]  ? __pfx_rcu_preempt_deferred_qs+0x1/0x10
[   49.502528]  ? trace_event_raw_event_ipi_handler+0xf0/0x130
[   49.503723]  ? __schedule+0x70b/0x1190
[   49.504335]  ? trace_hardirqs_on+0x37/0xd0
[   49.504901]  ? __pfx_kasan_alloca_oob_right+0x10/0x10
[   49.505547]  ? __schedule+0x70b/0x1190
[   49.506131]  ? ktime_get_ts64+0x118/0x140
[   49.506731]  kunit_try_run_case+0x126/0x290
[   49.507647]  ? __pfx_kunit_try_run_case+0x10/0x10
[   49.508431]  ? __kasan_check_write+0x18/0x20
[   49.509595]  ? trace_preempt_on+0x20/0xa0
[   49.510285]  ? __kthread_parkme+0x4f/0xd0
[   49.510785]  ? preempt_count_sub+0x50/0x80
[   49.511634]  ? __pfx_kunit_try_run_case+0x10/0x10
[   49.512233]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   49.513329]  kunit_generic_run_threadfn_adapter+0x33/0x50
[   49.514188]  kthread+0x19e/0x1e0
[   49.514568]  ? __pfx_kthread+0x10/0x10
[   49.515463]  ret_from_fork+0x41/0x70
[   49.516063]  ? __pfx_kthread+0x10/0x10
[   49.516724]  ret_from_fork_asm+0x1b/0x30
[   49.517389]  </TASK>
[   49.517823] 
[   49.518185] The buggy address belongs to stack of task kunit_try_catch/206
[   49.519024] 
[   49.519372] The buggy address belongs to the physical page:
[   49.520094] page:(____ptrval____) refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab7
[   49.521319] flags: 0x200000000000000(node=0|zone=2)
[   49.521947] page_type: 0xffffffff()
[   49.522404] raw: 0200000000000000 ffffea00040aadc8 ffffea00040aadc8 0000000000000000
[   49.523379] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   49.524227] page dumped because: kasan: bad access detected
[   49.524781] 
[   49.525122] Memory state around the buggy address:
[   49.525808]  ffff888102ab7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.526410]  ffff888102ab7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.527177] >ffff888102ab7c80: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb
[   49.528029]                                               ^
[   49.528729]  ffff888102ab7d00: 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2
[   49.529532]  ffff888102ab7d80: 00 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 f1
[   49.530239] ==================================================================
Metadata Full log Test run details