Date
June 17, 2025, 3:39 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 93.854088] ================================================================== [ 93.855513] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0xc4/0x188 [ 93.856163] Read of size 1 at addr ffff800080837cea by task kunit_try_catch/185 [ 93.856804] [ 93.857020] CPU: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 93.857979] Hardware name: linux,dummy-virt (DT) [ 93.858538] Call trace: [ 93.859034] dump_backtrace+0x9c/0x128 [ 93.859444] show_stack+0x20/0x38 [ 93.859956] dump_stack_lvl+0x60/0xb0 [ 93.860588] print_report+0x328/0x5e8 [ 93.861161] kasan_report+0xdc/0x128 [ 93.861665] __asan_load1+0x60/0x70 [ 93.862102] kasan_stack_oob+0xc4/0x188 [ 93.862586] kunit_try_run_case+0x114/0x298 [ 93.863118] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.864058] kthread+0x18c/0x1a8 [ 93.864391] ret_from_fork+0x10/0x20 [ 93.864957] [ 93.865313] The buggy address belongs to stack of task kunit_try_catch/185 [ 93.866013] and is located at offset 138 in frame: [ 93.866422] kasan_stack_oob+0x0/0x188 [ 93.867301] [ 93.867568] This frame has 4 objects: [ 93.868043] [48, 49) '__assertion' [ 93.868178] [64, 72) 'array' [ 93.868502] [96, 112) '__assertion' [ 93.868947] [128, 138) 'stack_array' [ 93.869386] [ 93.869856] The buggy address belongs to the virtual mapping at [ 93.869856] [ffff800080830000, ffff800080839000) created by: [ 93.869856] kernel_clone+0x108/0x550 [ 93.871355] [ 93.871571] The buggy address belongs to the physical page: [ 93.871951] page:000000000e3c1875 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060d7 [ 93.872648] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 93.873166] page_type: 0xffffffff() [ 93.873996] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 93.874739] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 93.875498] page dumped because: kasan: bad access detected [ 93.876303] [ 93.876524] Memory state around the buggy address: [ 93.877060] ffff800080837b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 93.877697] ffff800080837c00: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 [ 93.878335] >ffff800080837c80: f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 f3 [ 93.878918] ^ [ 93.879507] ffff800080837d00: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 [ 93.880227] ffff800080837d80: f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 [ 93.881157] ==================================================================
[ 34.948531] ================================================================== [ 34.949823] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0xca/0x190 [ 34.950284] Read of size 1 at addr ffff888102aefd9a by task kunit_try_catch/200 [ 34.950906] [ 34.951165] CPU: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 34.951898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.952554] Call Trace: [ 34.952710] <TASK> [ 34.952853] dump_stack_lvl+0x4e/0x90 [ 34.953394] print_report+0xd2/0x650 [ 34.953885] ? __virt_addr_valid+0x156/0x1e0 [ 34.954210] ? kasan_stack_oob+0xca/0x190 [ 34.954653] ? kasan_addr_to_slab+0x11/0xb0 [ 34.955109] ? kasan_stack_oob+0xca/0x190 [ 34.955501] kasan_report+0x147/0x180 [ 34.955883] ? kasan_stack_oob+0xca/0x190 [ 34.956183] __asan_load1+0x66/0x70 [ 34.956953] kasan_stack_oob+0xca/0x190 [ 34.957353] ? __pfx_kasan_stack_oob+0x10/0x10 [ 34.957674] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 34.958261] ? kasan_record_aux_stack_noalloc+0xf/0x20 [ 34.958870] ? kmem_cache_bulk+0x18e/0x280 [ 34.959177] ? kunit_try_run_case+0x115/0x290 [ 34.959652] kunit_try_run_case+0x120/0x290 [ 34.959943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.960235] ? __kasan_check_write+0x18/0x20 [ 34.960493] ? trace_preempt_on+0x20/0xa0 [ 34.961578] ? __kthread_parkme+0x4f/0xd0 [ 34.961945] ? preempt_count_sub+0x50/0x80 [ 34.962559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.962930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.963537] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.964070] kthread+0x19e/0x1e0 [ 34.964528] ? __pfx_kthread+0x10/0x10 [ 34.965188] ret_from_fork+0x41/0x70 [ 34.965736] ? __pfx_kthread+0x10/0x10 [ 34.966033] ret_from_fork_asm+0x1b/0x30 [ 34.966702] </TASK> [ 34.966916] [ 34.967291] The buggy address belongs to stack of task kunit_try_catch/200 [ 34.967986] and is located at offset 138 in frame: [ 34.968283] kasan_stack_oob+0x0/0x190 [ 34.969361] [ 34.969536] This frame has 4 objects: [ 34.970061] [48, 49) '__assertion' [ 34.970110] [64, 72) 'array' [ 34.970577] [96, 112) '__assertion' [ 34.970949] [128, 138) 'stack_array' [ 34.971308] [ 34.971950] The buggy address belongs to the physical page: [ 34.972499] page:(____ptrval____) refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aef [ 34.973547] flags: 0x200000000000000(node=0|zone=2) [ 34.974171] page_type: 0xffffffff() [ 34.974703] raw: 0200000000000000 ffffea00040abbc8 ffffea00040abbc8 0000000000000000 [ 34.975240] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 34.975887] page dumped because: kasan: bad access detected [ 34.976215] [ 34.976335] Memory state around the buggy address: [ 34.977234] ffff888102aefc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.977953] ffff888102aefd00: 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 [ 34.978342] >ffff888102aefd80: f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 00 f1 [ 34.978919] ^ [ 34.979196] ffff888102aefe00: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 34.979836] ffff888102aefe80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.980324] ==================================================================