Date
July 10, 2025, 6:10 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 19.058078] ================================================================== [ 19.058167] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 19.058224] Read of size 1 at addr ffff800080947c2a by task kunit_try_catch/249 [ 19.058270] [ 19.058533] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.058682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.058808] Hardware name: linux,dummy-virt (DT) [ 19.058859] Call trace: [ 19.058883] show_stack+0x20/0x38 (C) [ 19.058937] dump_stack_lvl+0x8c/0xd0 [ 19.059154] print_report+0x310/0x608 [ 19.059254] kasan_report+0xdc/0x128 [ 19.059353] __asan_report_load1_noabort+0x20/0x30 [ 19.059478] kasan_stack_oob+0x238/0x270 [ 19.059622] kunit_try_run_case+0x170/0x3f0 [ 19.059769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.059844] kthread+0x328/0x630 [ 19.059886] ret_from_fork+0x10/0x20 [ 19.059935] [ 19.060282] The buggy address belongs to stack of task kunit_try_catch/249 [ 19.060536] and is located at offset 138 in frame: [ 19.060622] kasan_stack_oob+0x0/0x270 [ 19.060832] [ 19.060865] This frame has 4 objects: [ 19.061376] [48, 49) '__assertion' [ 19.061425] [64, 72) 'array' [ 19.061457] [96, 112) '__assertion' [ 19.061952] [128, 138) 'stack_array' [ 19.062094] [ 19.062249] The buggy address belongs to the virtual mapping at [ 19.062249] [ffff800080940000, ffff800080949000) created by: [ 19.062249] kernel_clone+0x150/0x7a8 [ 19.062370] [ 19.062397] The buggy address belongs to the physical page: [ 19.062434] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107004 [ 19.062722] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.062854] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.062957] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.063100] page dumped because: kasan: bad access detected [ 19.063167] [ 19.063233] Memory state around the buggy address: [ 19.063268] ffff800080947b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.063660] ffff800080947b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 19.063734] >ffff800080947c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 19.063832] ^ [ 19.063908] ffff800080947c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 19.064121] ffff800080947d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.064408] ==================================================================
[ 14.281576] ================================================================== [ 14.282473] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.282788] Read of size 1 at addr ffff888103aafd02 by task kunit_try_catch/266 [ 14.283258] [ 14.283360] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.283404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.283415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.283435] Call Trace: [ 14.283447] <TASK> [ 14.283461] dump_stack_lvl+0x73/0xb0 [ 14.283491] print_report+0xd1/0x650 [ 14.283513] ? __virt_addr_valid+0x1db/0x2d0 [ 14.283538] ? kasan_stack_oob+0x2b5/0x300 [ 14.283558] ? kasan_addr_to_slab+0x11/0xa0 [ 14.283579] ? kasan_stack_oob+0x2b5/0x300 [ 14.283600] kasan_report+0x141/0x180 [ 14.283635] ? kasan_stack_oob+0x2b5/0x300 [ 14.283659] __asan_report_load1_noabort+0x18/0x20 [ 14.283696] kasan_stack_oob+0x2b5/0x300 [ 14.283716] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.283736] ? __schedule+0x207f/0x2b60 [ 14.283757] ? schedule+0x7c/0x2e0 [ 14.283777] ? trace_hardirqs_on+0x37/0xe0 [ 14.283801] ? __schedule+0x207f/0x2b60 [ 14.283822] ? __pfx_read_tsc+0x10/0x10 [ 14.283908] ? ktime_get_ts64+0x86/0x230 [ 14.283938] kunit_try_run_case+0x1a5/0x480 [ 14.283970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.283994] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.284018] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.284053] ? __kthread_parkme+0x82/0x180 [ 14.284074] ? preempt_count_sub+0x50/0x80 [ 14.284097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.284123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.284148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.284174] kthread+0x337/0x6f0 [ 14.284193] ? trace_preempt_on+0x20/0xc0 [ 14.284215] ? __pfx_kthread+0x10/0x10 [ 14.284236] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.284257] ? calculate_sigpending+0x7b/0xa0 [ 14.284281] ? __pfx_kthread+0x10/0x10 [ 14.284303] ret_from_fork+0x116/0x1d0 [ 14.284322] ? __pfx_kthread+0x10/0x10 [ 14.284343] ret_from_fork_asm+0x1a/0x30 [ 14.284373] </TASK> [ 14.284384] [ 14.295360] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.295710] and is located at offset 138 in frame: [ 14.296394] kasan_stack_oob+0x0/0x300 [ 14.296760] [ 14.296926] This frame has 4 objects: [ 14.297522] [48, 49) '__assertion' [ 14.297550] [64, 72) 'array' [ 14.297713] [96, 112) '__assertion' [ 14.297878] [128, 138) 'stack_array' [ 14.298250] [ 14.298520] The buggy address belongs to the physical page: [ 14.298747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103aaf [ 14.299602] flags: 0x200000000000000(node=0|zone=2) [ 14.299821] raw: 0200000000000000 ffffea00040eabc8 ffffea00040eabc8 0000000000000000 [ 14.300487] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.300902] page dumped because: kasan: bad access detected [ 14.301225] [ 14.301310] Memory state around the buggy address: [ 14.301514] ffff888103aafc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.302213] ffff888103aafc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.302512] >ffff888103aafd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.303064] ^ [ 14.303201] ffff888103aafd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.303524] ffff888103aafe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.303808] ==================================================================