Date
May 26, 2025, 9:10 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 20.792864] ================================================================== [ 20.792989] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 20.793106] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.793222] [ 20.793301] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.794698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.794998] Hardware name: linux,dummy-virt (DT) [ 20.795103] Call trace: [ 20.795315] show_stack+0x20/0x38 (C) [ 20.795441] dump_stack_lvl+0x8c/0xd0 [ 20.795537] print_report+0x118/0x608 [ 20.795636] kasan_report+0xdc/0x128 [ 20.796044] kasan_check_range+0x100/0x1a8 [ 20.796925] __kasan_check_write+0x20/0x30 [ 20.797046] kasan_atomics_helper+0x1384/0x4858 [ 20.797165] kasan_atomics+0x198/0x2e0 [ 20.797412] kunit_try_run_case+0x170/0x3f0 [ 20.797654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.797797] kthread+0x328/0x630 [ 20.797899] ret_from_fork+0x10/0x20 [ 20.798017] [ 20.798065] Allocated by task 265: [ 20.798150] kasan_save_stack+0x3c/0x68 [ 20.798253] kasan_save_track+0x20/0x40 [ 20.798623] kasan_save_alloc_info+0x40/0x58 [ 20.798751] __kasan_kmalloc+0xd4/0xd8 [ 20.798837] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.798925] kasan_atomics+0xb8/0x2e0 [ 20.798994] kunit_try_run_case+0x170/0x3f0 [ 20.799080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.799186] kthread+0x328/0x630 [ 20.799266] ret_from_fork+0x10/0x20 [ 20.800821] [ 20.800895] The buggy address belongs to the object at fff00000c7892700 [ 20.800895] which belongs to the cache kmalloc-64 of size 64 [ 20.801885] The buggy address is located 0 bytes to the right of [ 20.801885] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.802604] [ 20.802668] The buggy address belongs to the physical page: [ 20.803146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.803272] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.803944] page_type: f5(slab) [ 20.804133] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.804746] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.805176] page dumped because: kasan: bad access detected [ 20.805282] [ 20.805482] Memory state around the buggy address: [ 20.805687] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.805796] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.805889] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.806267] ^ [ 20.806519] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.806978] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.807228] ================================================================== [ 20.711516] ================================================================== [ 20.711589] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 20.711658] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.711715] [ 20.711755] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.711849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.711882] Hardware name: linux,dummy-virt (DT) [ 20.711917] Call trace: [ 20.711946] show_stack+0x20/0x38 (C) [ 20.712003] dump_stack_lvl+0x8c/0xd0 [ 20.712057] print_report+0x118/0x608 [ 20.712110] kasan_report+0xdc/0x128 [ 20.712163] kasan_check_range+0x100/0x1a8 [ 20.712218] __kasan_check_write+0x20/0x30 [ 20.712269] kasan_atomics_helper+0xff0/0x4858 [ 20.712337] kasan_atomics+0x198/0x2e0 [ 20.712398] kunit_try_run_case+0x170/0x3f0 [ 20.713333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.713856] kthread+0x328/0x630 [ 20.713952] ret_from_fork+0x10/0x20 [ 20.714011] [ 20.714035] Allocated by task 265: [ 20.714067] kasan_save_stack+0x3c/0x68 [ 20.714116] kasan_save_track+0x20/0x40 [ 20.714289] kasan_save_alloc_info+0x40/0x58 [ 20.714404] __kasan_kmalloc+0xd4/0xd8 [ 20.714546] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.714670] kasan_atomics+0xb8/0x2e0 [ 20.714750] kunit_try_run_case+0x170/0x3f0 [ 20.714860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.714922] kthread+0x328/0x630 [ 20.714963] ret_from_fork+0x10/0x20 [ 20.715005] [ 20.715030] The buggy address belongs to the object at fff00000c7892700 [ 20.715030] which belongs to the cache kmalloc-64 of size 64 [ 20.715093] The buggy address is located 0 bytes to the right of [ 20.715093] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.715158] [ 20.715181] The buggy address belongs to the physical page: [ 20.715216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.715505] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.715754] page_type: f5(slab) [ 20.715813] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.716025] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.716087] page dumped because: kasan: bad access detected [ 20.716259] [ 20.716287] Memory state around the buggy address: [ 20.716480] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.716543] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.716743] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.716861] ^ [ 20.716915] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.716965] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.717008] ================================================================== [ 20.954257] ================================================================== [ 20.954384] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 20.954548] Read of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.954789] [ 20.954874] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.955061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.955152] Hardware name: linux,dummy-virt (DT) [ 20.955227] Call trace: [ 20.955274] show_stack+0x20/0x38 (C) [ 20.955384] dump_stack_lvl+0x8c/0xd0 [ 20.955514] print_report+0x118/0x608 [ 20.955628] kasan_report+0xdc/0x128 [ 20.955731] __asan_report_load8_noabort+0x20/0x30 [ 20.955844] kasan_atomics_helper+0x3e10/0x4858 [ 20.955974] kasan_atomics+0x198/0x2e0 [ 20.956226] kunit_try_run_case+0x170/0x3f0 [ 20.956384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.956573] kthread+0x328/0x630 [ 20.956669] ret_from_fork+0x10/0x20 [ 20.956829] [ 20.956930] Allocated by task 265: [ 20.957173] kasan_save_stack+0x3c/0x68 [ 20.957400] kasan_save_track+0x20/0x40 [ 20.957529] kasan_save_alloc_info+0x40/0x58 [ 20.957661] __kasan_kmalloc+0xd4/0xd8 [ 20.957782] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.957910] kasan_atomics+0xb8/0x2e0 [ 20.958007] kunit_try_run_case+0x170/0x3f0 [ 20.958106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.958204] kthread+0x328/0x630 [ 20.958279] ret_from_fork+0x10/0x20 [ 20.958406] [ 20.958452] The buggy address belongs to the object at fff00000c7892700 [ 20.958452] which belongs to the cache kmalloc-64 of size 64 [ 20.958827] The buggy address is located 0 bytes to the right of [ 20.958827] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.959050] [ 20.959095] The buggy address belongs to the physical page: [ 20.959171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.959561] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.959861] page_type: f5(slab) [ 20.960144] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.960291] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.960417] page dumped because: kasan: bad access detected [ 20.960513] [ 20.960611] Memory state around the buggy address: [ 20.960863] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.961291] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.961758] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.962187] ^ [ 20.962291] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.962406] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.963247] ================================================================== [ 20.827907] ================================================================== [ 20.828168] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 20.828298] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.828534] [ 20.828636] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.828842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.828907] Hardware name: linux,dummy-virt (DT) [ 20.828978] Call trace: [ 20.829031] show_stack+0x20/0x38 (C) [ 20.829145] dump_stack_lvl+0x8c/0xd0 [ 20.829910] print_report+0x118/0x608 [ 20.830338] kasan_report+0xdc/0x128 [ 20.830450] kasan_check_range+0x100/0x1a8 [ 20.830861] __kasan_check_write+0x20/0x30 [ 20.831008] kasan_atomics_helper+0x1414/0x4858 [ 20.831103] kasan_atomics+0x198/0x2e0 [ 20.831194] kunit_try_run_case+0x170/0x3f0 [ 20.831291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.831394] kthread+0x328/0x630 [ 20.831481] ret_from_fork+0x10/0x20 [ 20.831590] [ 20.832852] Allocated by task 265: [ 20.832952] kasan_save_stack+0x3c/0x68 [ 20.833063] kasan_save_track+0x20/0x40 [ 20.833159] kasan_save_alloc_info+0x40/0x58 [ 20.833761] __kasan_kmalloc+0xd4/0xd8 [ 20.833871] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.834369] kasan_atomics+0xb8/0x2e0 [ 20.834462] kunit_try_run_case+0x170/0x3f0 [ 20.834557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.834671] kthread+0x328/0x630 [ 20.834759] ret_from_fork+0x10/0x20 [ 20.834842] [ 20.835225] The buggy address belongs to the object at fff00000c7892700 [ 20.835225] which belongs to the cache kmalloc-64 of size 64 [ 20.835388] The buggy address is located 0 bytes to the right of [ 20.835388] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.835518] [ 20.835560] The buggy address belongs to the physical page: [ 20.835634] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.835755] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.836876] page_type: f5(slab) [ 20.837337] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.837582] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.837703] page dumped because: kasan: bad access detected [ 20.837921] [ 20.837983] Memory state around the buggy address: [ 20.838078] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.838186] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.838738] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.838843] ^ [ 20.839184] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.839331] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.839434] ================================================================== [ 20.718098] ================================================================== [ 20.718330] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 20.718473] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.718539] [ 20.718578] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.718666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.718715] Hardware name: linux,dummy-virt (DT) [ 20.718796] Call trace: [ 20.718848] show_stack+0x20/0x38 (C) [ 20.718921] dump_stack_lvl+0x8c/0xd0 [ 20.718976] print_report+0x118/0x608 [ 20.719026] kasan_report+0xdc/0x128 [ 20.719073] kasan_check_range+0x100/0x1a8 [ 20.719121] __kasan_check_write+0x20/0x30 [ 20.719180] kasan_atomics_helper+0x1058/0x4858 [ 20.719230] kasan_atomics+0x198/0x2e0 [ 20.719279] kunit_try_run_case+0x170/0x3f0 [ 20.719419] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.719536] kthread+0x328/0x630 [ 20.719654] ret_from_fork+0x10/0x20 [ 20.719711] [ 20.719733] Allocated by task 265: [ 20.719773] kasan_save_stack+0x3c/0x68 [ 20.719823] kasan_save_track+0x20/0x40 [ 20.719863] kasan_save_alloc_info+0x40/0x58 [ 20.719908] __kasan_kmalloc+0xd4/0xd8 [ 20.720108] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.720173] kasan_atomics+0xb8/0x2e0 [ 20.720371] kunit_try_run_case+0x170/0x3f0 [ 20.720649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.720709] kthread+0x328/0x630 [ 20.720747] ret_from_fork+0x10/0x20 [ 20.720787] [ 20.721119] The buggy address belongs to the object at fff00000c7892700 [ 20.721119] which belongs to the cache kmalloc-64 of size 64 [ 20.721329] The buggy address is located 0 bytes to the right of [ 20.721329] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.721619] [ 20.721844] The buggy address belongs to the physical page: [ 20.721896] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.721963] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.722026] page_type: f5(slab) [ 20.722071] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.722505] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.722832] page dumped because: kasan: bad access detected [ 20.722885] [ 20.722907] Memory state around the buggy address: [ 20.722947] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.722992] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.723035] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.723076] ^ [ 20.723114] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.723176] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.723214] ================================================================== [ 20.841941] ================================================================== [ 20.842096] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 20.842224] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.842354] [ 20.842439] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.842654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.843667] Hardware name: linux,dummy-virt (DT) [ 20.843802] Call trace: [ 20.844519] show_stack+0x20/0x38 (C) [ 20.845112] dump_stack_lvl+0x8c/0xd0 [ 20.845267] print_report+0x118/0x608 [ 20.845396] kasan_report+0xdc/0x128 [ 20.845516] kasan_check_range+0x100/0x1a8 [ 20.845634] __kasan_check_write+0x20/0x30 [ 20.845744] kasan_atomics_helper+0x147c/0x4858 [ 20.845864] kasan_atomics+0x198/0x2e0 [ 20.845970] kunit_try_run_case+0x170/0x3f0 [ 20.846098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.846231] kthread+0x328/0x630 [ 20.847445] ret_from_fork+0x10/0x20 [ 20.847957] [ 20.848008] Allocated by task 265: [ 20.848074] kasan_save_stack+0x3c/0x68 [ 20.848169] kasan_save_track+0x20/0x40 [ 20.848260] kasan_save_alloc_info+0x40/0x58 [ 20.848373] __kasan_kmalloc+0xd4/0xd8 [ 20.848479] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.848585] kasan_atomics+0xb8/0x2e0 [ 20.848672] kunit_try_run_case+0x170/0x3f0 [ 20.849844] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.850021] kthread+0x328/0x630 [ 20.850104] ret_from_fork+0x10/0x20 [ 20.850193] [ 20.850247] The buggy address belongs to the object at fff00000c7892700 [ 20.850247] which belongs to the cache kmalloc-64 of size 64 [ 20.851076] The buggy address is located 0 bytes to the right of [ 20.851076] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.851263] [ 20.851315] The buggy address belongs to the physical page: [ 20.852278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.852447] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.852588] page_type: f5(slab) [ 20.852688] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.852808] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.852921] page dumped because: kasan: bad access detected [ 20.853006] [ 20.853054] Memory state around the buggy address: [ 20.854484] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.854621] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.855168] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.855283] ^ [ 20.855615] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.855728] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.855822] ================================================================== [ 20.605138] ================================================================== [ 20.605208] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x934/0x4858 [ 20.605270] Write of size 4 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.605337] [ 20.605374] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.605464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.605494] Hardware name: linux,dummy-virt (DT) [ 20.605526] Call trace: [ 20.605551] show_stack+0x20/0x38 (C) [ 20.605602] dump_stack_lvl+0x8c/0xd0 [ 20.605653] print_report+0x118/0x608 [ 20.605700] kasan_report+0xdc/0x128 [ 20.605746] kasan_check_range+0x100/0x1a8 [ 20.605795] __kasan_check_write+0x20/0x30 [ 20.605841] kasan_atomics_helper+0x934/0x4858 [ 20.605889] kasan_atomics+0x198/0x2e0 [ 20.606964] kunit_try_run_case+0x170/0x3f0 [ 20.607069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.607176] kthread+0x328/0x630 [ 20.607222] ret_from_fork+0x10/0x20 [ 20.607270] [ 20.607347] Allocated by task 265: [ 20.607419] kasan_save_stack+0x3c/0x68 [ 20.607524] kasan_save_track+0x20/0x40 [ 20.607574] kasan_save_alloc_info+0x40/0x58 [ 20.607616] __kasan_kmalloc+0xd4/0xd8 [ 20.607654] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.607696] kasan_atomics+0xb8/0x2e0 [ 20.607734] kunit_try_run_case+0x170/0x3f0 [ 20.607773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.608005] kthread+0x328/0x630 [ 20.608075] ret_from_fork+0x10/0x20 [ 20.608253] [ 20.608373] The buggy address belongs to the object at fff00000c7892700 [ 20.608373] which belongs to the cache kmalloc-64 of size 64 [ 20.608444] The buggy address is located 0 bytes to the right of [ 20.608444] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.608521] [ 20.608546] The buggy address belongs to the physical page: [ 20.608580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.608637] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.608691] page_type: f5(slab) [ 20.608736] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.608788] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.608831] page dumped because: kasan: bad access detected [ 20.609180] [ 20.609209] Memory state around the buggy address: [ 20.609252] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.609679] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.609801] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.609847] ^ [ 20.609902] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.610119] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.610177] ================================================================== [ 20.964503] ================================================================== [ 20.964637] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 20.964752] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.964867] [ 20.964940] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.965130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.965199] Hardware name: linux,dummy-virt (DT) [ 20.965271] Call trace: [ 20.965338] show_stack+0x20/0x38 (C) [ 20.965809] dump_stack_lvl+0x8c/0xd0 [ 20.966187] print_report+0x118/0x608 [ 20.966326] kasan_report+0xdc/0x128 [ 20.966514] kasan_check_range+0x100/0x1a8 [ 20.966622] __kasan_check_write+0x20/0x30 [ 20.966813] kasan_atomics_helper+0x175c/0x4858 [ 20.967131] kasan_atomics+0x198/0x2e0 [ 20.967397] kunit_try_run_case+0x170/0x3f0 [ 20.967825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.967947] kthread+0x328/0x630 [ 20.968048] ret_from_fork+0x10/0x20 [ 20.968205] [ 20.968276] Allocated by task 265: [ 20.968375] kasan_save_stack+0x3c/0x68 [ 20.968534] kasan_save_track+0x20/0x40 [ 20.968671] kasan_save_alloc_info+0x40/0x58 [ 20.968801] __kasan_kmalloc+0xd4/0xd8 [ 20.968922] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.969022] kasan_atomics+0xb8/0x2e0 [ 20.969121] kunit_try_run_case+0x170/0x3f0 [ 20.969225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.969357] kthread+0x328/0x630 [ 20.969426] ret_from_fork+0x10/0x20 [ 20.969501] [ 20.969548] The buggy address belongs to the object at fff00000c7892700 [ 20.969548] which belongs to the cache kmalloc-64 of size 64 [ 20.969677] The buggy address is located 0 bytes to the right of [ 20.969677] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.969818] [ 20.969866] The buggy address belongs to the physical page: [ 20.969946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.970182] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.970613] page_type: f5(slab) [ 20.970737] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.971101] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.971367] page dumped because: kasan: bad access detected [ 20.971449] [ 20.971494] Memory state around the buggy address: [ 20.971555] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.971660] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.971756] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.971851] ^ [ 20.971927] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.972042] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.972140] ================================================================== [ 20.905541] ================================================================== [ 20.905661] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 20.905769] Read of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.905878] [ 20.905955] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.907477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.907579] Hardware name: linux,dummy-virt (DT) [ 20.907677] Call trace: [ 20.907751] show_stack+0x20/0x38 (C) [ 20.908008] dump_stack_lvl+0x8c/0xd0 [ 20.909108] print_report+0x118/0x608 [ 20.909639] kasan_report+0xdc/0x128 [ 20.909773] __asan_report_load8_noabort+0x20/0x30 [ 20.909890] kasan_atomics_helper+0x3db0/0x4858 [ 20.910001] kasan_atomics+0x198/0x2e0 [ 20.911117] kunit_try_run_case+0x170/0x3f0 [ 20.911267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.911478] kthread+0x328/0x630 [ 20.911605] ret_from_fork+0x10/0x20 [ 20.911785] [ 20.911861] Allocated by task 265: [ 20.912350] kasan_save_stack+0x3c/0x68 [ 20.912832] kasan_save_track+0x20/0x40 [ 20.912953] kasan_save_alloc_info+0x40/0x58 [ 20.913052] __kasan_kmalloc+0xd4/0xd8 [ 20.913137] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.913637] kasan_atomics+0xb8/0x2e0 [ 20.913753] kunit_try_run_case+0x170/0x3f0 [ 20.913850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.913953] kthread+0x328/0x630 [ 20.914034] ret_from_fork+0x10/0x20 [ 20.914550] [ 20.914800] The buggy address belongs to the object at fff00000c7892700 [ 20.914800] which belongs to the cache kmalloc-64 of size 64 [ 20.915129] The buggy address is located 0 bytes to the right of [ 20.915129] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.915423] [ 20.915465] The buggy address belongs to the physical page: [ 20.915903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.916051] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.916568] page_type: f5(slab) [ 20.917001] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.917145] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.917254] page dumped because: kasan: bad access detected [ 20.917701] [ 20.917821] Memory state around the buggy address: [ 20.917951] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.918419] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.918586] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.918684] ^ [ 20.918802] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.918963] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.919047] ================================================================== [ 20.472076] ================================================================== [ 20.489587] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858 [ 20.490126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.490390] show_stack+0x20/0x38 (C) [ 20.490845] kasan_atomics_helper+0x40a8/0x4858 [ 20.491937] kasan_save_stack+0x3c/0x68 [ 20.492697] The buggy address is located 0 bytes to the right of [ 20.492697] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.493660] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.493720] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.494333] ================================================================== [ 20.859131] ================================================================== [ 20.859276] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 20.859397] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.859982] [ 20.860497] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.860734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.860916] Hardware name: linux,dummy-virt (DT) [ 20.860992] Call trace: [ 20.861044] show_stack+0x20/0x38 (C) [ 20.861161] dump_stack_lvl+0x8c/0xd0 [ 20.861951] print_report+0x118/0x608 [ 20.862086] kasan_report+0xdc/0x128 [ 20.862194] kasan_check_range+0x100/0x1a8 [ 20.862412] __kasan_check_write+0x20/0x30 [ 20.862506] kasan_atomics_helper+0x14e4/0x4858 [ 20.863038] kasan_atomics+0x198/0x2e0 [ 20.863408] kunit_try_run_case+0x170/0x3f0 [ 20.863651] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.863759] kthread+0x328/0x630 [ 20.863854] ret_from_fork+0x10/0x20 [ 20.864313] [ 20.864657] Allocated by task 265: [ 20.864754] kasan_save_stack+0x3c/0x68 [ 20.864851] kasan_save_track+0x20/0x40 [ 20.865199] kasan_save_alloc_info+0x40/0x58 [ 20.865473] __kasan_kmalloc+0xd4/0xd8 [ 20.865570] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.865961] kasan_atomics+0xb8/0x2e0 [ 20.866085] kunit_try_run_case+0x170/0x3f0 [ 20.866186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.866829] kthread+0x328/0x630 [ 20.866930] ret_from_fork+0x10/0x20 [ 20.866999] [ 20.867627] The buggy address belongs to the object at fff00000c7892700 [ 20.867627] which belongs to the cache kmalloc-64 of size 64 [ 20.867781] The buggy address is located 0 bytes to the right of [ 20.867781] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.868288] [ 20.868373] The buggy address belongs to the physical page: [ 20.868468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.868906] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.869494] page_type: f5(slab) [ 20.869620] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.869738] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.869851] page dumped because: kasan: bad access detected [ 20.869941] [ 20.869989] Memory state around the buggy address: [ 20.870079] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.870188] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.870285] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.870390] ^ [ 20.870490] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.870935] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.871037] ================================================================== [ 20.733910] ================================================================== [ 20.734311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 20.734441] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.734623] [ 20.735247] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.735438] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.735635] Hardware name: linux,dummy-virt (DT) [ 20.735824] Call trace: [ 20.735929] show_stack+0x20/0x38 (C) [ 20.735993] dump_stack_lvl+0x8c/0xd0 [ 20.736365] print_report+0x118/0x608 [ 20.736638] kasan_report+0xdc/0x128 [ 20.736701] kasan_check_range+0x100/0x1a8 [ 20.736777] __kasan_check_write+0x20/0x30 [ 20.737211] kasan_atomics_helper+0x1128/0x4858 [ 20.737336] kasan_atomics+0x198/0x2e0 [ 20.737389] kunit_try_run_case+0x170/0x3f0 [ 20.737444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.738070] kthread+0x328/0x630 [ 20.738139] ret_from_fork+0x10/0x20 [ 20.738198] [ 20.738221] Allocated by task 265: [ 20.738315] kasan_save_stack+0x3c/0x68 [ 20.738479] kasan_save_track+0x20/0x40 [ 20.738636] kasan_save_alloc_info+0x40/0x58 [ 20.738717] __kasan_kmalloc+0xd4/0xd8 [ 20.739079] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.739373] kasan_atomics+0xb8/0x2e0 [ 20.739448] kunit_try_run_case+0x170/0x3f0 [ 20.739527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.739574] kthread+0x328/0x630 [ 20.739610] ret_from_fork+0x10/0x20 [ 20.739650] [ 20.739675] The buggy address belongs to the object at fff00000c7892700 [ 20.739675] which belongs to the cache kmalloc-64 of size 64 [ 20.739971] The buggy address is located 0 bytes to the right of [ 20.739971] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.740045] [ 20.740071] The buggy address belongs to the physical page: [ 20.740109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.740528] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.740593] page_type: f5(slab) [ 20.740641] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.740964] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.741342] page dumped because: kasan: bad access detected [ 20.741550] [ 20.741578] Memory state around the buggy address: [ 20.741832] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.741930] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.741986] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.742029] ^ [ 20.742072] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.742120] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.742165] ================================================================== [ 20.701899] ================================================================== [ 20.701988] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 20.702065] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.702561] [ 20.702607] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.702713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.702746] Hardware name: linux,dummy-virt (DT) [ 20.703131] Call trace: [ 20.703176] show_stack+0x20/0x38 (C) [ 20.703236] dump_stack_lvl+0x8c/0xd0 [ 20.703692] print_report+0x118/0x608 [ 20.703795] kasan_report+0xdc/0x128 [ 20.703850] kasan_check_range+0x100/0x1a8 [ 20.703900] __kasan_check_write+0x20/0x30 [ 20.703963] kasan_atomics_helper+0xf88/0x4858 [ 20.704013] kasan_atomics+0x198/0x2e0 [ 20.704059] kunit_try_run_case+0x170/0x3f0 [ 20.704111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.704165] kthread+0x328/0x630 [ 20.704207] ret_from_fork+0x10/0x20 [ 20.704258] [ 20.704280] Allocated by task 265: [ 20.704314] kasan_save_stack+0x3c/0x68 [ 20.704540] kasan_save_track+0x20/0x40 [ 20.704914] kasan_save_alloc_info+0x40/0x58 [ 20.705212] __kasan_kmalloc+0xd4/0xd8 [ 20.705279] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.705343] kasan_atomics+0xb8/0x2e0 [ 20.705387] kunit_try_run_case+0x170/0x3f0 [ 20.706143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.706229] kthread+0x328/0x630 [ 20.706279] ret_from_fork+0x10/0x20 [ 20.706328] [ 20.706367] The buggy address belongs to the object at fff00000c7892700 [ 20.706367] which belongs to the cache kmalloc-64 of size 64 [ 20.706430] The buggy address is located 0 bytes to the right of [ 20.706430] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.706696] [ 20.706741] The buggy address belongs to the physical page: [ 20.706970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.707034] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.707409] page_type: f5(slab) [ 20.707629] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.707720] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.707942] page dumped because: kasan: bad access detected [ 20.708219] [ 20.708246] Memory state around the buggy address: [ 20.708289] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.708421] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.708489] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.708685] ^ [ 20.708730] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.708790] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.709241] ================================================================== [ 20.809692] ================================================================== [ 20.809819] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 20.809944] Read of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.810062] [ 20.810142] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.810350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.810422] Hardware name: linux,dummy-virt (DT) [ 20.810505] Call trace: [ 20.810560] show_stack+0x20/0x38 (C) [ 20.810678] dump_stack_lvl+0x8c/0xd0 [ 20.812015] print_report+0x118/0x608 [ 20.812298] kasan_report+0xdc/0x128 [ 20.812589] __asan_report_load8_noabort+0x20/0x30 [ 20.812747] kasan_atomics_helper+0x3f04/0x4858 [ 20.813009] kasan_atomics+0x198/0x2e0 [ 20.813332] kunit_try_run_case+0x170/0x3f0 [ 20.814027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.814176] kthread+0x328/0x630 [ 20.814277] ret_from_fork+0x10/0x20 [ 20.814803] [ 20.814910] Allocated by task 265: [ 20.815086] kasan_save_stack+0x3c/0x68 [ 20.815183] kasan_save_track+0x20/0x40 [ 20.815754] kasan_save_alloc_info+0x40/0x58 [ 20.815875] __kasan_kmalloc+0xd4/0xd8 [ 20.815963] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.816056] kasan_atomics+0xb8/0x2e0 [ 20.816221] kunit_try_run_case+0x170/0x3f0 [ 20.816334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.817030] kthread+0x328/0x630 [ 20.817135] ret_from_fork+0x10/0x20 [ 20.817473] [ 20.817769] The buggy address belongs to the object at fff00000c7892700 [ 20.817769] which belongs to the cache kmalloc-64 of size 64 [ 20.818565] The buggy address is located 0 bytes to the right of [ 20.818565] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.818786] [ 20.818868] The buggy address belongs to the physical page: [ 20.819495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.819698] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.820030] page_type: f5(slab) [ 20.820590] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.820845] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.821246] page dumped because: kasan: bad access detected [ 20.821365] [ 20.821658] Memory state around the buggy address: [ 20.821743] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.822146] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.822426] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.822527] ^ [ 20.822834] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.823849] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.824289] ================================================================== [ 20.686819] ================================================================== [ 20.686895] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 20.687097] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.687348] [ 20.687544] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.687773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.687847] Hardware name: linux,dummy-virt (DT) [ 20.687951] Call trace: [ 20.688097] show_stack+0x20/0x38 (C) [ 20.688158] dump_stack_lvl+0x8c/0xd0 [ 20.688217] print_report+0x118/0x608 [ 20.688308] kasan_report+0xdc/0x128 [ 20.688559] kasan_check_range+0x100/0x1a8 [ 20.688751] __kasan_check_write+0x20/0x30 [ 20.688801] kasan_atomics_helper+0xeb8/0x4858 [ 20.688987] kasan_atomics+0x198/0x2e0 [ 20.689077] kunit_try_run_case+0x170/0x3f0 [ 20.689334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.689442] kthread+0x328/0x630 [ 20.689512] ret_from_fork+0x10/0x20 [ 20.689701] [ 20.689743] Allocated by task 265: [ 20.689816] kasan_save_stack+0x3c/0x68 [ 20.689864] kasan_save_track+0x20/0x40 [ 20.689907] kasan_save_alloc_info+0x40/0x58 [ 20.689950] __kasan_kmalloc+0xd4/0xd8 [ 20.689988] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.690028] kasan_atomics+0xb8/0x2e0 [ 20.690065] kunit_try_run_case+0x170/0x3f0 [ 20.690104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.690654] kthread+0x328/0x630 [ 20.690700] ret_from_fork+0x10/0x20 [ 20.690791] [ 20.691010] The buggy address belongs to the object at fff00000c7892700 [ 20.691010] which belongs to the cache kmalloc-64 of size 64 [ 20.691658] The buggy address is located 0 bytes to the right of [ 20.691658] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.692118] [ 20.692176] The buggy address belongs to the physical page: [ 20.692213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.692272] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.692339] page_type: f5(slab) [ 20.692386] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.692442] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.693369] page dumped because: kasan: bad access detected [ 20.693430] [ 20.693453] Memory state around the buggy address: [ 20.693492] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.693541] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.693628] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.693670] ^ [ 20.693747] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.693826] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.693866] ================================================================== [ 20.618357] ================================================================== [ 20.618415] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 20.618474] Write of size 4 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.618526] [ 20.618560] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.618648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.618676] Hardware name: linux,dummy-virt (DT) [ 20.618707] Call trace: [ 20.618732] show_stack+0x20/0x38 (C) [ 20.619669] dump_stack_lvl+0x8c/0xd0 [ 20.619769] print_report+0x118/0x608 [ 20.619820] kasan_report+0xdc/0x128 [ 20.620014] kasan_check_range+0x100/0x1a8 [ 20.620074] __kasan_check_write+0x20/0x30 [ 20.620120] kasan_atomics_helper+0xa04/0x4858 [ 20.620264] kasan_atomics+0x198/0x2e0 [ 20.620422] kunit_try_run_case+0x170/0x3f0 [ 20.620548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.620754] kthread+0x328/0x630 [ 20.620862] ret_from_fork+0x10/0x20 [ 20.620993] [ 20.621015] Allocated by task 265: [ 20.621049] kasan_save_stack+0x3c/0x68 [ 20.621095] kasan_save_track+0x20/0x40 [ 20.621164] kasan_save_alloc_info+0x40/0x58 [ 20.621348] __kasan_kmalloc+0xd4/0xd8 [ 20.621569] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.621667] kasan_atomics+0xb8/0x2e0 [ 20.621717] kunit_try_run_case+0x170/0x3f0 [ 20.621758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.621802] kthread+0x328/0x630 [ 20.621834] ret_from_fork+0x10/0x20 [ 20.621870] [ 20.622176] The buggy address belongs to the object at fff00000c7892700 [ 20.622176] which belongs to the cache kmalloc-64 of size 64 [ 20.622246] The buggy address is located 0 bytes to the right of [ 20.622246] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.622453] [ 20.622481] The buggy address belongs to the physical page: [ 20.622525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.622856] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.622944] page_type: f5(slab) [ 20.622996] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.623140] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.623185] page dumped because: kasan: bad access detected [ 20.623220] [ 20.623241] Memory state around the buggy address: [ 20.623276] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.623352] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.623402] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.623448] ^ [ 20.623484] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.623526] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.623564] ================================================================== [ 20.873564] ================================================================== [ 20.873686] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 20.873797] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.873907] [ 20.874616] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.875426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.875512] Hardware name: linux,dummy-virt (DT) [ 20.875604] Call trace: [ 20.875672] show_stack+0x20/0x38 (C) [ 20.876071] dump_stack_lvl+0x8c/0xd0 [ 20.876205] print_report+0x118/0x608 [ 20.876314] kasan_report+0xdc/0x128 [ 20.876440] kasan_check_range+0x100/0x1a8 [ 20.876570] __kasan_check_write+0x20/0x30 [ 20.877363] kasan_atomics_helper+0x154c/0x4858 [ 20.877504] kasan_atomics+0x198/0x2e0 [ 20.877606] kunit_try_run_case+0x170/0x3f0 [ 20.877722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.877841] kthread+0x328/0x630 [ 20.878804] ret_from_fork+0x10/0x20 [ 20.879166] [ 20.879231] Allocated by task 265: [ 20.879330] kasan_save_stack+0x3c/0x68 [ 20.879553] kasan_save_track+0x20/0x40 [ 20.879640] kasan_save_alloc_info+0x40/0x58 [ 20.879730] __kasan_kmalloc+0xd4/0xd8 [ 20.880271] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.880841] kasan_atomics+0xb8/0x2e0 [ 20.880943] kunit_try_run_case+0x170/0x3f0 [ 20.881493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.881646] kthread+0x328/0x630 [ 20.881733] ret_from_fork+0x10/0x20 [ 20.882159] [ 20.882468] The buggy address belongs to the object at fff00000c7892700 [ 20.882468] which belongs to the cache kmalloc-64 of size 64 [ 20.882802] The buggy address is located 0 bytes to the right of [ 20.882802] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.882992] [ 20.883044] The buggy address belongs to the physical page: [ 20.883684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.884055] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.884594] page_type: f5(slab) [ 20.884859] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.884993] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.885096] page dumped because: kasan: bad access detected [ 20.885174] [ 20.885220] Memory state around the buggy address: [ 20.885764] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.885889] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.885989] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.886523] ^ [ 20.886937] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.887248] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.887606] ================================================================== [ 20.778432] ================================================================== [ 20.778551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 20.778716] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.779067] [ 20.779160] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.779368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.779449] Hardware name: linux,dummy-virt (DT) [ 20.779559] Call trace: [ 20.779622] show_stack+0x20/0x38 (C) [ 20.779796] dump_stack_lvl+0x8c/0xd0 [ 20.779933] print_report+0x118/0x608 [ 20.780070] kasan_report+0xdc/0x128 [ 20.780173] kasan_check_range+0x100/0x1a8 [ 20.780432] __kasan_check_write+0x20/0x30 [ 20.780557] kasan_atomics_helper+0x12d8/0x4858 [ 20.780822] kasan_atomics+0x198/0x2e0 [ 20.781018] kunit_try_run_case+0x170/0x3f0 [ 20.781249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.781386] kthread+0x328/0x630 [ 20.781488] ret_from_fork+0x10/0x20 [ 20.782074] [ 20.782229] Allocated by task 265: [ 20.782446] kasan_save_stack+0x3c/0x68 [ 20.782911] kasan_save_track+0x20/0x40 [ 20.783548] kasan_save_alloc_info+0x40/0x58 [ 20.784019] __kasan_kmalloc+0xd4/0xd8 [ 20.784123] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.784647] kasan_atomics+0xb8/0x2e0 [ 20.784749] kunit_try_run_case+0x170/0x3f0 [ 20.784905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.785387] kthread+0x328/0x630 [ 20.787067] ret_from_fork+0x10/0x20 [ 20.787204] [ 20.787257] The buggy address belongs to the object at fff00000c7892700 [ 20.787257] which belongs to the cache kmalloc-64 of size 64 [ 20.787570] The buggy address is located 0 bytes to the right of [ 20.787570] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.787710] [ 20.787758] The buggy address belongs to the physical page: [ 20.787835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.787963] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.788085] page_type: f5(slab) [ 20.788182] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.788303] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.788400] page dumped because: kasan: bad access detected [ 20.788477] [ 20.788523] Memory state around the buggy address: [ 20.788600] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.788702] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.788816] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.788896] ^ [ 20.789199] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.789694] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.789807] ================================================================== [ 20.743400] ================================================================== [ 20.743665] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 20.743881] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.743989] [ 20.744031] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.744121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.744152] Hardware name: linux,dummy-virt (DT) [ 20.744187] Call trace: [ 20.744213] show_stack+0x20/0x38 (C) [ 20.744268] dump_stack_lvl+0x8c/0xd0 [ 20.744333] print_report+0x118/0x608 [ 20.744386] kasan_report+0xdc/0x128 [ 20.744437] kasan_check_range+0x100/0x1a8 [ 20.744631] __kasan_check_write+0x20/0x30 [ 20.744754] kasan_atomics_helper+0x1190/0x4858 [ 20.744874] kasan_atomics+0x198/0x2e0 [ 20.744983] kunit_try_run_case+0x170/0x3f0 [ 20.745103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.745233] kthread+0x328/0x630 [ 20.745382] ret_from_fork+0x10/0x20 [ 20.745505] [ 20.745554] Allocated by task 265: [ 20.745626] kasan_save_stack+0x3c/0x68 [ 20.746209] kasan_save_track+0x20/0x40 [ 20.747155] kasan_save_alloc_info+0x40/0x58 [ 20.747294] __kasan_kmalloc+0xd4/0xd8 [ 20.747551] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.747675] kasan_atomics+0xb8/0x2e0 [ 20.747771] kunit_try_run_case+0x170/0x3f0 [ 20.747867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.747975] kthread+0x328/0x630 [ 20.748063] ret_from_fork+0x10/0x20 [ 20.748157] [ 20.748213] The buggy address belongs to the object at fff00000c7892700 [ 20.748213] which belongs to the cache kmalloc-64 of size 64 [ 20.748356] The buggy address is located 0 bytes to the right of [ 20.748356] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.748750] [ 20.748805] The buggy address belongs to the physical page: [ 20.748948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.749384] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.749684] page_type: f5(slab) [ 20.749840] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.749956] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.750056] page dumped because: kasan: bad access detected [ 20.750163] [ 20.750216] Memory state around the buggy address: [ 20.750316] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.750483] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.750797] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.750891] ^ [ 20.750976] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.751184] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.751361] ================================================================== [ 20.973037] ================================================================== [ 20.973330] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 20.973647] Read of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.973830] [ 20.973908] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.974109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.974178] Hardware name: linux,dummy-virt (DT) [ 20.974251] Call trace: [ 20.974302] show_stack+0x20/0x38 (C) [ 20.974433] dump_stack_lvl+0x8c/0xd0 [ 20.974533] print_report+0x118/0x608 [ 20.974642] kasan_report+0xdc/0x128 [ 20.974749] __asan_report_load8_noabort+0x20/0x30 [ 20.974907] kasan_atomics_helper+0x3e20/0x4858 [ 20.975029] kasan_atomics+0x198/0x2e0 [ 20.975459] kunit_try_run_case+0x170/0x3f0 [ 20.975646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.975977] kthread+0x328/0x630 [ 20.976092] ret_from_fork+0x10/0x20 [ 20.976358] [ 20.976546] Allocated by task 265: [ 20.976777] kasan_save_stack+0x3c/0x68 [ 20.976863] kasan_save_track+0x20/0x40 [ 20.976962] kasan_save_alloc_info+0x40/0x58 [ 20.977052] __kasan_kmalloc+0xd4/0xd8 [ 20.977150] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.977235] kasan_atomics+0xb8/0x2e0 [ 20.977329] kunit_try_run_case+0x170/0x3f0 [ 20.977422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.977530] kthread+0x328/0x630 [ 20.977604] ret_from_fork+0x10/0x20 [ 20.977683] [ 20.977976] The buggy address belongs to the object at fff00000c7892700 [ 20.977976] which belongs to the cache kmalloc-64 of size 64 [ 20.978741] The buggy address is located 0 bytes to the right of [ 20.978741] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.978942] [ 20.978991] The buggy address belongs to the physical page: [ 20.979066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.979200] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.979312] page_type: f5(slab) [ 20.979430] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.979724] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.979886] page dumped because: kasan: bad access detected [ 20.980024] [ 20.980072] Memory state around the buggy address: [ 20.980354] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.980489] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.980642] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.980754] ^ [ 20.980862] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.981028] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.981171] ================================================================== [ 20.921748] ================================================================== [ 20.922280] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 20.922436] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.922545] [ 20.923066] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.923395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.923534] Hardware name: linux,dummy-virt (DT) [ 20.923601] Call trace: [ 20.923820] show_stack+0x20/0x38 (C) [ 20.923944] dump_stack_lvl+0x8c/0xd0 [ 20.924332] print_report+0x118/0x608 [ 20.924463] kasan_report+0xdc/0x128 [ 20.924573] kasan_check_range+0x100/0x1a8 [ 20.924897] __kasan_check_write+0x20/0x30 [ 20.925407] kasan_atomics_helper+0x1644/0x4858 [ 20.925745] kasan_atomics+0x198/0x2e0 [ 20.925858] kunit_try_run_case+0x170/0x3f0 [ 20.925982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.926105] kthread+0x328/0x630 [ 20.926204] ret_from_fork+0x10/0x20 [ 20.926309] [ 20.926367] Allocated by task 265: [ 20.927119] kasan_save_stack+0x3c/0x68 [ 20.927619] kasan_save_track+0x20/0x40 [ 20.927866] kasan_save_alloc_info+0x40/0x58 [ 20.927971] __kasan_kmalloc+0xd4/0xd8 [ 20.928406] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.928521] kasan_atomics+0xb8/0x2e0 [ 20.928991] kunit_try_run_case+0x170/0x3f0 [ 20.929104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.929539] kthread+0x328/0x630 [ 20.929624] ret_from_fork+0x10/0x20 [ 20.929703] [ 20.929750] The buggy address belongs to the object at fff00000c7892700 [ 20.929750] which belongs to the cache kmalloc-64 of size 64 [ 20.930234] The buggy address is located 0 bytes to the right of [ 20.930234] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.930694] [ 20.930750] The buggy address belongs to the physical page: [ 20.930821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.931287] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.931596] page_type: f5(slab) [ 20.931902] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.932007] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.932228] page dumped because: kasan: bad access detected [ 20.932471] [ 20.932684] Memory state around the buggy address: [ 20.932953] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.933213] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.933329] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.933473] ^ [ 20.933557] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.933686] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.933788] ================================================================== [ 20.664069] ================================================================== [ 20.664118] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 20.664195] Write of size 4 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.664248] [ 20.664279] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.664379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.664410] Hardware name: linux,dummy-virt (DT) [ 20.664444] Call trace: [ 20.664484] show_stack+0x20/0x38 (C) [ 20.664541] dump_stack_lvl+0x8c/0xd0 [ 20.664593] print_report+0x118/0x608 [ 20.664667] kasan_report+0xdc/0x128 [ 20.664723] kasan_check_range+0x100/0x1a8 [ 20.664778] __kasan_check_write+0x20/0x30 [ 20.664829] kasan_atomics_helper+0xd3c/0x4858 [ 20.664894] kasan_atomics+0x198/0x2e0 [ 20.665000] kunit_try_run_case+0x170/0x3f0 [ 20.665055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.665115] kthread+0x328/0x630 [ 20.665162] ret_from_fork+0x10/0x20 [ 20.665216] [ 20.665241] Allocated by task 265: [ 20.665273] kasan_save_stack+0x3c/0x68 [ 20.665327] kasan_save_track+0x20/0x40 [ 20.665372] kasan_save_alloc_info+0x40/0x58 [ 20.665413] __kasan_kmalloc+0xd4/0xd8 [ 20.665451] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.665491] kasan_atomics+0xb8/0x2e0 [ 20.665527] kunit_try_run_case+0x170/0x3f0 [ 20.665563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.665608] kthread+0x328/0x630 [ 20.665640] ret_from_fork+0x10/0x20 [ 20.665675] [ 20.665698] The buggy address belongs to the object at fff00000c7892700 [ 20.665698] which belongs to the cache kmalloc-64 of size 64 [ 20.665753] The buggy address is located 0 bytes to the right of [ 20.665753] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.665814] [ 20.665838] The buggy address belongs to the physical page: [ 20.665869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.665919] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.665967] page_type: f5(slab) [ 20.666009] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.666060] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.666100] page dumped because: kasan: bad access detected [ 20.666132] [ 20.666159] Memory state around the buggy address: [ 20.666228] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.666311] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.666369] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.666408] ^ [ 20.666442] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.666483] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.666533] ================================================================== [ 20.630225] ================================================================== [ 20.630275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 20.630667] Write of size 4 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.630774] [ 20.630862] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.630969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.631000] Hardware name: linux,dummy-virt (DT) [ 20.631132] Call trace: [ 20.631162] show_stack+0x20/0x38 (C) [ 20.631254] dump_stack_lvl+0x8c/0xd0 [ 20.631451] print_report+0x118/0x608 [ 20.631640] kasan_report+0xdc/0x128 [ 20.631830] kasan_check_range+0x100/0x1a8 [ 20.631950] __kasan_check_write+0x20/0x30 [ 20.632084] kasan_atomics_helper+0xad4/0x4858 [ 20.632312] kasan_atomics+0x198/0x2e0 [ 20.632398] kunit_try_run_case+0x170/0x3f0 [ 20.632613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.632783] kthread+0x328/0x630 [ 20.632832] ret_from_fork+0x10/0x20 [ 20.632883] [ 20.632905] Allocated by task 265: [ 20.633131] kasan_save_stack+0x3c/0x68 [ 20.633393] kasan_save_track+0x20/0x40 [ 20.633471] kasan_save_alloc_info+0x40/0x58 [ 20.633716] __kasan_kmalloc+0xd4/0xd8 [ 20.633782] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.633826] kasan_atomics+0xb8/0x2e0 [ 20.633908] kunit_try_run_case+0x170/0x3f0 [ 20.633955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.634005] kthread+0x328/0x630 [ 20.634077] ret_from_fork+0x10/0x20 [ 20.634588] [ 20.634670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.634723] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.634773] page_type: f5(slab) [ 20.634856] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.634968] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.635030] page dumped because: kasan: bad access detected [ 20.635075] [ 20.635130] Memory state around the buggy address: [ 20.635189] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.635233] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.635389] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.636144] Read of size 4 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.636602] kasan_report+0xdc/0x128 [ 20.638157] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.639199] [ 20.639328] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.643813] [ 20.644124] kunit_try_run_case+0x170/0x3f0 [ 20.645046] [ 20.645505] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.645977] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.646421] ^ [ 20.647027] ================================================================== [ 20.598803] ================================================================== [ 20.598856] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 20.599071] Read of size 4 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.599144] [ 20.599181] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.599293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.599336] Hardware name: linux,dummy-virt (DT) [ 20.599372] Call trace: [ 20.599395] show_stack+0x20/0x38 (C) [ 20.599450] dump_stack_lvl+0x8c/0xd0 [ 20.599501] print_report+0x118/0x608 [ 20.599548] kasan_report+0xdc/0x128 [ 20.599769] __asan_report_load4_noabort+0x20/0x30 [ 20.599966] kasan_atomics_helper+0x42d8/0x4858 [ 20.600148] kasan_atomics+0x198/0x2e0 [ 20.600576] kunit_try_run_case+0x170/0x3f0 [ 20.600670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.600732] kthread+0x328/0x630 [ 20.600779] ret_from_fork+0x10/0x20 [ 20.600834] [ 20.600857] Allocated by task 265: [ 20.600890] kasan_save_stack+0x3c/0x68 [ 20.600940] kasan_save_track+0x20/0x40 [ 20.600983] kasan_save_alloc_info+0x40/0x58 [ 20.601948] __kasan_kmalloc+0xd4/0xd8 [ 20.602218] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.602269] kasan_atomics+0xb8/0x2e0 [ 20.602306] kunit_try_run_case+0x170/0x3f0 [ 20.602363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.602410] kthread+0x328/0x630 [ 20.602446] ret_from_fork+0x10/0x20 [ 20.602484] [ 20.602508] The buggy address belongs to the object at fff00000c7892700 [ 20.602508] which belongs to the cache kmalloc-64 of size 64 [ 20.602568] The buggy address is located 0 bytes to the right of [ 20.602568] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.602632] [ 20.602656] The buggy address belongs to the physical page: [ 20.602871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.603057] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.603127] page_type: f5(slab) [ 20.603218] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.603293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.603397] page dumped because: kasan: bad access detected [ 20.603446] [ 20.603467] Memory state around the buggy address: [ 20.603554] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.603620] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.603664] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.603712] ^ [ 20.603968] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.604035] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.604078] ================================================================== [ 20.944686] ================================================================== [ 20.944822] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 20.944990] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.945112] [ 20.945188] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.945385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.945440] Hardware name: linux,dummy-virt (DT) [ 20.945502] Call trace: [ 20.945548] show_stack+0x20/0x38 (C) [ 20.945649] dump_stack_lvl+0x8c/0xd0 [ 20.945750] print_report+0x118/0x608 [ 20.945853] kasan_report+0xdc/0x128 [ 20.945956] kasan_check_range+0x100/0x1a8 [ 20.946087] __kasan_check_write+0x20/0x30 [ 20.946357] kasan_atomics_helper+0x16d0/0x4858 [ 20.946799] kasan_atomics+0x198/0x2e0 [ 20.947067] kunit_try_run_case+0x170/0x3f0 [ 20.947477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.947635] kthread+0x328/0x630 [ 20.947726] ret_from_fork+0x10/0x20 [ 20.947812] [ 20.947849] Allocated by task 265: [ 20.947913] kasan_save_stack+0x3c/0x68 [ 20.948004] kasan_save_track+0x20/0x40 [ 20.948182] kasan_save_alloc_info+0x40/0x58 [ 20.948286] __kasan_kmalloc+0xd4/0xd8 [ 20.948482] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.949045] kasan_atomics+0xb8/0x2e0 [ 20.949139] kunit_try_run_case+0x170/0x3f0 [ 20.949300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.949432] kthread+0x328/0x630 [ 20.949514] ret_from_fork+0x10/0x20 [ 20.949604] [ 20.949653] The buggy address belongs to the object at fff00000c7892700 [ 20.949653] which belongs to the cache kmalloc-64 of size 64 [ 20.949795] The buggy address is located 0 bytes to the right of [ 20.949795] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.949982] [ 20.950033] The buggy address belongs to the physical page: [ 20.950114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.950264] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.950400] page_type: f5(slab) [ 20.950528] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.950651] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.950760] page dumped because: kasan: bad access detected [ 20.951013] [ 20.951080] Memory state around the buggy address: [ 20.951164] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.951439] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.952005] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.952214] ^ [ 20.952601] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.952858] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.952963] ================================================================== [ 20.612568] ================================================================== [ 20.612657] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 20.612759] Write of size 4 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.612814] [ 20.612848] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.612936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.612965] Hardware name: linux,dummy-virt (DT) [ 20.612999] Call trace: [ 20.613023] show_stack+0x20/0x38 (C) [ 20.613078] dump_stack_lvl+0x8c/0xd0 [ 20.613128] print_report+0x118/0x608 [ 20.613174] kasan_report+0xdc/0x128 [ 20.613221] kasan_check_range+0x100/0x1a8 [ 20.613268] __kasan_check_write+0x20/0x30 [ 20.613313] kasan_atomics_helper+0x99c/0x4858 [ 20.613377] kasan_atomics+0x198/0x2e0 [ 20.613424] kunit_try_run_case+0x170/0x3f0 [ 20.613496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.613679] kthread+0x328/0x630 [ 20.613883] ret_from_fork+0x10/0x20 [ 20.614247] [ 20.614279] Allocated by task 265: [ 20.614312] kasan_save_stack+0x3c/0x68 [ 20.614438] kasan_save_track+0x20/0x40 [ 20.614491] kasan_save_alloc_info+0x40/0x58 [ 20.614646] __kasan_kmalloc+0xd4/0xd8 [ 20.614905] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.614986] kasan_atomics+0xb8/0x2e0 [ 20.615099] kunit_try_run_case+0x170/0x3f0 [ 20.615377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.615433] kthread+0x328/0x630 [ 20.615470] ret_from_fork+0x10/0x20 [ 20.615555] [ 20.615581] The buggy address belongs to the object at fff00000c7892700 [ 20.615581] which belongs to the cache kmalloc-64 of size 64 [ 20.615807] The buggy address is located 0 bytes to the right of [ 20.615807] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.616148] [ 20.616178] The buggy address belongs to the physical page: [ 20.616213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.616268] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.616341] page_type: f5(slab) [ 20.616390] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.616444] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.616882] page dumped because: kasan: bad access detected [ 20.616931] [ 20.616958] Memory state around the buggy address: [ 20.617019] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.617314] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.617379] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.617480] ^ [ 20.617520] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.617566] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.618027] ================================================================== [ 20.680153] ================================================================== [ 20.680205] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 20.680259] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.680313] [ 20.680358] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.680449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.680492] Hardware name: linux,dummy-virt (DT) [ 20.680527] Call trace: [ 20.680554] show_stack+0x20/0x38 (C) [ 20.680607] dump_stack_lvl+0x8c/0xd0 [ 20.680657] print_report+0x118/0x608 [ 20.680706] kasan_report+0xdc/0x128 [ 20.680766] kasan_check_range+0x100/0x1a8 [ 20.680824] __kasan_check_write+0x20/0x30 [ 20.680869] kasan_atomics_helper+0xe44/0x4858 [ 20.680919] kasan_atomics+0x198/0x2e0 [ 20.680967] kunit_try_run_case+0x170/0x3f0 [ 20.681016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.681129] kthread+0x328/0x630 [ 20.681180] ret_from_fork+0x10/0x20 [ 20.681231] [ 20.681252] Allocated by task 265: [ 20.681283] kasan_save_stack+0x3c/0x68 [ 20.681338] kasan_save_track+0x20/0x40 [ 20.681382] kasan_save_alloc_info+0x40/0x58 [ 20.681426] __kasan_kmalloc+0xd4/0xd8 [ 20.681465] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.681505] kasan_atomics+0xb8/0x2e0 [ 20.681542] kunit_try_run_case+0x170/0x3f0 [ 20.681582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.681626] kthread+0x328/0x630 [ 20.681660] ret_from_fork+0x10/0x20 [ 20.681708] [ 20.681734] The buggy address belongs to the object at fff00000c7892700 [ 20.681734] which belongs to the cache kmalloc-64 of size 64 [ 20.681794] The buggy address is located 0 bytes to the right of [ 20.681794] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.681857] [ 20.681878] The buggy address belongs to the physical page: [ 20.681910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.681959] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.682007] page_type: f5(slab) [ 20.682048] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.682169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.682239] page dumped because: kasan: bad access detected [ 20.682274] [ 20.682294] Memory state around the buggy address: [ 20.682342] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.682388] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.682431] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.682469] ^ [ 20.682504] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.682545] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.682583] ================================================================== [ 20.671155] ================================================================== [ 20.671224] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 20.671287] Read of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.671349] [ 20.671385] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.671472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.671502] Hardware name: linux,dummy-virt (DT) [ 20.671536] Call trace: [ 20.671562] show_stack+0x20/0x38 (C) [ 20.672539] dump_stack_lvl+0x8c/0xd0 [ 20.672754] print_report+0x118/0x608 [ 20.672805] kasan_report+0xdc/0x128 [ 20.672853] kasan_check_range+0x100/0x1a8 [ 20.672902] __kasan_check_read+0x20/0x30 [ 20.672948] kasan_atomics_helper+0xdd4/0x4858 [ 20.672997] kasan_atomics+0x198/0x2e0 [ 20.673044] kunit_try_run_case+0x170/0x3f0 [ 20.673094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.673147] kthread+0x328/0x630 [ 20.673189] ret_from_fork+0x10/0x20 [ 20.673240] [ 20.673261] Allocated by task 265: [ 20.673294] kasan_save_stack+0x3c/0x68 [ 20.673699] kasan_save_track+0x20/0x40 [ 20.673753] kasan_save_alloc_info+0x40/0x58 [ 20.673798] __kasan_kmalloc+0xd4/0xd8 [ 20.673848] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.674100] kasan_atomics+0xb8/0x2e0 [ 20.674148] kunit_try_run_case+0x170/0x3f0 [ 20.674207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.674467] kthread+0x328/0x630 [ 20.674505] ret_from_fork+0x10/0x20 [ 20.674562] [ 20.674649] The buggy address belongs to the object at fff00000c7892700 [ 20.674649] which belongs to the cache kmalloc-64 of size 64 [ 20.675155] The buggy address is located 0 bytes to the right of [ 20.675155] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.675240] [ 20.675279] The buggy address belongs to the physical page: [ 20.675317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.675674] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.675804] page_type: f5(slab) [ 20.675912] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.676011] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.676054] page dumped because: kasan: bad access detected [ 20.676088] [ 20.676108] Memory state around the buggy address: [ 20.676164] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.676209] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.676252] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.676291] ^ [ 20.676336] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.676562] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.676630] ================================================================== [ 20.725675] ================================================================== [ 20.725746] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 20.725811] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.725865] [ 20.725899] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.725987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.726017] Hardware name: linux,dummy-virt (DT) [ 20.726050] Call trace: [ 20.726075] show_stack+0x20/0x38 (C) [ 20.726127] dump_stack_lvl+0x8c/0xd0 [ 20.726178] print_report+0x118/0x608 [ 20.726228] kasan_report+0xdc/0x128 [ 20.726273] kasan_check_range+0x100/0x1a8 [ 20.729098] __kasan_check_write+0x20/0x30 [ 20.729478] kasan_atomics_helper+0x10c0/0x4858 [ 20.729753] kasan_atomics+0x198/0x2e0 [ 20.729970] kunit_try_run_case+0x170/0x3f0 [ 20.730307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.730456] kthread+0x328/0x630 [ 20.730562] ret_from_fork+0x10/0x20 [ 20.730665] [ 20.730688] Allocated by task 265: [ 20.730721] kasan_save_stack+0x3c/0x68 [ 20.731087] kasan_save_track+0x20/0x40 [ 20.731162] kasan_save_alloc_info+0x40/0x58 [ 20.731214] __kasan_kmalloc+0xd4/0xd8 [ 20.731281] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.731333] kasan_atomics+0xb8/0x2e0 [ 20.731393] kunit_try_run_case+0x170/0x3f0 [ 20.731439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.731485] kthread+0x328/0x630 [ 20.731519] ret_from_fork+0x10/0x20 [ 20.731559] [ 20.731606] The buggy address belongs to the object at fff00000c7892700 [ 20.731606] which belongs to the cache kmalloc-64 of size 64 [ 20.731670] The buggy address is located 0 bytes to the right of [ 20.731670] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.731734] [ 20.731758] The buggy address belongs to the physical page: [ 20.731793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.731847] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.731929] page_type: f5(slab) [ 20.732270] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.732357] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.732414] page dumped because: kasan: bad access detected [ 20.732513] [ 20.732540] Memory state around the buggy address: [ 20.732578] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.732665] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.732727] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.732798] ^ [ 20.732838] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.732885] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.732926] ================================================================== [ 20.761864] ================================================================== [ 20.762022] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 20.762179] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.762345] [ 20.762434] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.762632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.762696] Hardware name: linux,dummy-virt (DT) [ 20.762799] Call trace: [ 20.762848] show_stack+0x20/0x38 (C) [ 20.762950] dump_stack_lvl+0x8c/0xd0 [ 20.763297] print_report+0x118/0x608 [ 20.763441] kasan_report+0xdc/0x128 [ 20.763532] kasan_check_range+0x100/0x1a8 [ 20.763636] __kasan_check_write+0x20/0x30 [ 20.763964] kasan_atomics_helper+0x126c/0x4858 [ 20.764120] kasan_atomics+0x198/0x2e0 [ 20.764296] kunit_try_run_case+0x170/0x3f0 [ 20.764655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.764849] kthread+0x328/0x630 [ 20.764950] ret_from_fork+0x10/0x20 [ 20.765271] [ 20.765436] Allocated by task 265: [ 20.765538] kasan_save_stack+0x3c/0x68 [ 20.765765] kasan_save_track+0x20/0x40 [ 20.766081] kasan_save_alloc_info+0x40/0x58 [ 20.766246] __kasan_kmalloc+0xd4/0xd8 [ 20.766552] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.766752] kasan_atomics+0xb8/0x2e0 [ 20.766872] kunit_try_run_case+0x170/0x3f0 [ 20.766971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.767079] kthread+0x328/0x630 [ 20.767163] ret_from_fork+0x10/0x20 [ 20.767251] [ 20.767302] The buggy address belongs to the object at fff00000c7892700 [ 20.767302] which belongs to the cache kmalloc-64 of size 64 [ 20.767451] The buggy address is located 0 bytes to the right of [ 20.767451] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.767606] [ 20.768441] The buggy address belongs to the physical page: [ 20.768570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.769099] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.769405] page_type: f5(slab) [ 20.769730] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.770466] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.770981] page dumped because: kasan: bad access detected [ 20.771862] [ 20.771972] Memory state around the buggy address: [ 20.772222] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.773009] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.773504] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.774217] ^ [ 20.774315] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.774438] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.774536] ================================================================== [ 20.661132] ================================================================== [ 20.661224] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 20.661283] Read of size 4 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.661351] [ 20.661386] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.661476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.661506] Hardware name: linux,dummy-virt (DT) [ 20.661541] Call trace: [ 20.661567] show_stack+0x20/0x38 (C) [ 20.661616] dump_stack_lvl+0x8c/0xd0 [ 20.661665] print_report+0x118/0x608 [ 20.661713] kasan_report+0xdc/0x128 [ 20.661760] __asan_report_load4_noabort+0x20/0x30 [ 20.661813] kasan_atomics_helper+0x3dd8/0x4858 [ 20.661861] kasan_atomics+0x198/0x2e0 [ 20.661907] kunit_try_run_case+0x170/0x3f0 [ 20.661956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.662011] kthread+0x328/0x630 [ 20.662052] ret_from_fork+0x10/0x20 [ 20.662101] [ 20.662122] Allocated by task 265: [ 20.662151] kasan_save_stack+0x3c/0x68 [ 20.662194] kasan_save_track+0x20/0x40 [ 20.662233] kasan_save_alloc_info+0x40/0x58 [ 20.662274] __kasan_kmalloc+0xd4/0xd8 [ 20.662313] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.662365] kasan_atomics+0xb8/0x2e0 [ 20.662402] kunit_try_run_case+0x170/0x3f0 [ 20.662442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.662484] kthread+0x328/0x630 [ 20.662517] ret_from_fork+0x10/0x20 [ 20.662734] [ 20.662811] The buggy address belongs to the object at fff00000c7892700 [ 20.662811] which belongs to the cache kmalloc-64 of size 64 [ 20.662872] The buggy address is located 0 bytes to the right of [ 20.662872] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.662936] [ 20.662958] The buggy address belongs to the physical page: [ 20.662990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.663041] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.663092] page_type: f5(slab) [ 20.663132] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.663184] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.663225] page dumped because: kasan: bad access detected [ 20.663255] [ 20.663276] Memory state around the buggy address: [ 20.663306] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.663362] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.663407] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.663446] ^ [ 20.663480] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.663522] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.663617] ================================================================== [ 20.695499] ================================================================== [ 20.695665] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 20.695778] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.695843] [ 20.695878] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.695963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.695994] Hardware name: linux,dummy-virt (DT) [ 20.696026] Call trace: [ 20.696050] show_stack+0x20/0x38 (C) [ 20.696102] dump_stack_lvl+0x8c/0xd0 [ 20.696151] print_report+0x118/0x608 [ 20.696199] kasan_report+0xdc/0x128 [ 20.696246] kasan_check_range+0x100/0x1a8 [ 20.696295] __kasan_check_write+0x20/0x30 [ 20.696354] kasan_atomics_helper+0xf20/0x4858 [ 20.696405] kasan_atomics+0x198/0x2e0 [ 20.696463] kunit_try_run_case+0x170/0x3f0 [ 20.697407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.697920] kthread+0x328/0x630 [ 20.697973] ret_from_fork+0x10/0x20 [ 20.698103] [ 20.698128] Allocated by task 265: [ 20.698160] kasan_save_stack+0x3c/0x68 [ 20.698205] kasan_save_track+0x20/0x40 [ 20.698244] kasan_save_alloc_info+0x40/0x58 [ 20.698337] __kasan_kmalloc+0xd4/0xd8 [ 20.698461] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.698507] kasan_atomics+0xb8/0x2e0 [ 20.698545] kunit_try_run_case+0x170/0x3f0 [ 20.698597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.698946] kthread+0x328/0x630 [ 20.699347] ret_from_fork+0x10/0x20 [ 20.699430] [ 20.699689] The buggy address belongs to the object at fff00000c7892700 [ 20.699689] which belongs to the cache kmalloc-64 of size 64 [ 20.699775] The buggy address is located 0 bytes to the right of [ 20.699775] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.699846] [ 20.699869] The buggy address belongs to the physical page: [ 20.699918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.699969] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.700031] page_type: f5(slab) [ 20.700090] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.700161] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.700219] page dumped because: kasan: bad access detected [ 20.700269] [ 20.700507] Memory state around the buggy address: [ 20.700563] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.700615] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.701002] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.701065] ^ [ 20.701108] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.701152] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.701192] ================================================================== [ 20.982922] ================================================================== [ 20.983200] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 20.983382] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.983526] [ 20.983600] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.983764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.983829] Hardware name: linux,dummy-virt (DT) [ 20.984471] Call trace: [ 20.984755] show_stack+0x20/0x38 (C) [ 20.984949] dump_stack_lvl+0x8c/0xd0 [ 20.985077] print_report+0x118/0x608 [ 20.985203] kasan_report+0xdc/0x128 [ 20.985311] kasan_check_range+0x100/0x1a8 [ 20.985645] __kasan_check_write+0x20/0x30 [ 20.986016] kasan_atomics_helper+0x17ec/0x4858 [ 20.986381] kasan_atomics+0x198/0x2e0 [ 20.986494] kunit_try_run_case+0x170/0x3f0 [ 20.986620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.986733] kthread+0x328/0x630 [ 20.986993] ret_from_fork+0x10/0x20 [ 20.987141] [ 20.987354] Allocated by task 265: [ 20.987440] kasan_save_stack+0x3c/0x68 [ 20.987545] kasan_save_track+0x20/0x40 [ 20.987634] kasan_save_alloc_info+0x40/0x58 [ 20.987768] __kasan_kmalloc+0xd4/0xd8 [ 20.987853] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.988005] kasan_atomics+0xb8/0x2e0 [ 20.988077] kunit_try_run_case+0x170/0x3f0 [ 20.988495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.988726] kthread+0x328/0x630 [ 20.988820] ret_from_fork+0x10/0x20 [ 20.989112] [ 20.989216] The buggy address belongs to the object at fff00000c7892700 [ 20.989216] which belongs to the cache kmalloc-64 of size 64 [ 20.989451] The buggy address is located 0 bytes to the right of [ 20.989451] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.989598] [ 20.989650] The buggy address belongs to the physical page: [ 20.989716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.989833] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.990259] page_type: f5(slab) [ 20.990655] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.990844] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.990937] page dumped because: kasan: bad access detected [ 20.990997] [ 20.991083] Memory state around the buggy address: [ 20.991159] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.991258] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.991374] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.991711] ^ [ 20.991827] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.992010] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.992213] ================================================================== [ 20.624573] ================================================================== [ 20.624646] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 20.625092] Write of size 4 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.625161] [ 20.625210] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.625346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.625386] Hardware name: linux,dummy-virt (DT) [ 20.625620] Call trace: [ 20.625673] show_stack+0x20/0x38 (C) [ 20.625823] dump_stack_lvl+0x8c/0xd0 [ 20.625878] print_report+0x118/0x608 [ 20.626031] kasan_report+0xdc/0x128 [ 20.626084] kasan_check_range+0x100/0x1a8 [ 20.626400] __kasan_check_write+0x20/0x30 [ 20.626484] kasan_atomics_helper+0xa6c/0x4858 [ 20.626538] kasan_atomics+0x198/0x2e0 [ 20.626585] kunit_try_run_case+0x170/0x3f0 [ 20.626637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.626692] kthread+0x328/0x630 [ 20.626736] ret_from_fork+0x10/0x20 [ 20.626823] [ 20.626846] Allocated by task 265: [ 20.626879] kasan_save_stack+0x3c/0x68 [ 20.626950] kasan_save_track+0x20/0x40 [ 20.627049] kasan_save_alloc_info+0x40/0x58 [ 20.627126] __kasan_kmalloc+0xd4/0xd8 [ 20.627192] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.627234] kasan_atomics+0xb8/0x2e0 [ 20.627270] kunit_try_run_case+0x170/0x3f0 [ 20.627310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.627367] kthread+0x328/0x630 [ 20.627403] ret_from_fork+0x10/0x20 [ 20.627440] [ 20.627979] The buggy address belongs to the object at fff00000c7892700 [ 20.627979] which belongs to the cache kmalloc-64 of size 64 [ 20.628050] The buggy address is located 0 bytes to the right of [ 20.628050] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.628126] [ 20.628151] The buggy address belongs to the physical page: [ 20.628437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.628582] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.628635] page_type: f5(slab) [ 20.628947] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.629003] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.629085] page dumped because: kasan: bad access detected [ 20.629291] [ 20.629437] Memory state around the buggy address: [ 20.629573] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.629746] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.629794] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.629834] ^ [ 20.629870] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.629925] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.629966] ================================================================== [ 20.890691] ================================================================== [ 20.890958] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 20.891103] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.891207] [ 20.891283] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.892235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.892625] Hardware name: linux,dummy-virt (DT) [ 20.892723] Call trace: [ 20.892795] show_stack+0x20/0x38 (C) [ 20.892920] dump_stack_lvl+0x8c/0xd0 [ 20.893043] print_report+0x118/0x608 [ 20.893582] kasan_report+0xdc/0x128 [ 20.893984] kasan_check_range+0x100/0x1a8 [ 20.894174] __kasan_check_write+0x20/0x30 [ 20.894445] kasan_atomics_helper+0x15b4/0x4858 [ 20.894827] kasan_atomics+0x198/0x2e0 [ 20.895142] kunit_try_run_case+0x170/0x3f0 [ 20.895698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.895834] kthread+0x328/0x630 [ 20.895918] ret_from_fork+0x10/0x20 [ 20.896720] [ 20.896804] Allocated by task 265: [ 20.897046] kasan_save_stack+0x3c/0x68 [ 20.897594] kasan_save_track+0x20/0x40 [ 20.897990] kasan_save_alloc_info+0x40/0x58 [ 20.898532] __kasan_kmalloc+0xd4/0xd8 [ 20.898684] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.898962] kasan_atomics+0xb8/0x2e0 [ 20.899053] kunit_try_run_case+0x170/0x3f0 [ 20.899470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.899674] kthread+0x328/0x630 [ 20.899751] ret_from_fork+0x10/0x20 [ 20.899832] [ 20.900651] The buggy address belongs to the object at fff00000c7892700 [ 20.900651] which belongs to the cache kmalloc-64 of size 64 [ 20.900807] The buggy address is located 0 bytes to the right of [ 20.900807] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.901329] [ 20.901546] The buggy address belongs to the physical page: [ 20.901635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.901758] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.901872] page_type: f5(slab) [ 20.902195] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.902341] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.902460] page dumped because: kasan: bad access detected [ 20.902542] [ 20.902593] Memory state around the buggy address: [ 20.902671] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.902772] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.902867] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.902969] ^ [ 20.903078] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.903209] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.903303] ================================================================== [ 20.677494] ================================================================== [ 20.677559] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 20.677622] Read of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.677672] [ 20.677707] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.677817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.677848] Hardware name: linux,dummy-virt (DT) [ 20.677883] Call trace: [ 20.677908] show_stack+0x20/0x38 (C) [ 20.677961] dump_stack_lvl+0x8c/0xd0 [ 20.678009] print_report+0x118/0x608 [ 20.678058] kasan_report+0xdc/0x128 [ 20.678107] __asan_report_load8_noabort+0x20/0x30 [ 20.678160] kasan_atomics_helper+0x3f58/0x4858 [ 20.678211] kasan_atomics+0x198/0x2e0 [ 20.678259] kunit_try_run_case+0x170/0x3f0 [ 20.678308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.678380] kthread+0x328/0x630 [ 20.678426] ret_from_fork+0x10/0x20 [ 20.678474] [ 20.678494] Allocated by task 265: [ 20.678525] kasan_save_stack+0x3c/0x68 [ 20.678568] kasan_save_track+0x20/0x40 [ 20.678608] kasan_save_alloc_info+0x40/0x58 [ 20.678649] __kasan_kmalloc+0xd4/0xd8 [ 20.678686] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.678732] kasan_atomics+0xb8/0x2e0 [ 20.678803] kunit_try_run_case+0x170/0x3f0 [ 20.678840] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.678884] kthread+0x328/0x630 [ 20.678918] ret_from_fork+0x10/0x20 [ 20.678962] [ 20.678999] The buggy address belongs to the object at fff00000c7892700 [ 20.678999] which belongs to the cache kmalloc-64 of size 64 [ 20.679093] The buggy address is located 0 bytes to the right of [ 20.679093] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.679159] [ 20.679198] The buggy address belongs to the physical page: [ 20.679271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.679337] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.679392] page_type: f5(slab) [ 20.679432] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.679484] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.679525] page dumped because: kasan: bad access detected [ 20.679558] [ 20.679578] Memory state around the buggy address: [ 20.679609] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.679652] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.679695] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.679733] ^ [ 20.679780] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.679832] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.679873] ================================================================== [ 20.682685] ================================================================== [ 20.682730] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 20.682793] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.682845] [ 20.682879] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.682963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.682992] Hardware name: linux,dummy-virt (DT) [ 20.683026] Call trace: [ 20.683051] show_stack+0x20/0x38 (C) [ 20.683102] dump_stack_lvl+0x8c/0xd0 [ 20.683163] print_report+0x118/0x608 [ 20.683266] kasan_report+0xdc/0x128 [ 20.683314] __asan_report_store8_noabort+0x20/0x30 [ 20.683376] kasan_atomics_helper+0x3e5c/0x4858 [ 20.683426] kasan_atomics+0x198/0x2e0 [ 20.683473] kunit_try_run_case+0x170/0x3f0 [ 20.683521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.683575] kthread+0x328/0x630 [ 20.683620] ret_from_fork+0x10/0x20 [ 20.683669] [ 20.683694] Allocated by task 265: [ 20.683725] kasan_save_stack+0x3c/0x68 [ 20.683769] kasan_save_track+0x20/0x40 [ 20.683811] kasan_save_alloc_info+0x40/0x58 [ 20.683854] __kasan_kmalloc+0xd4/0xd8 [ 20.683893] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.683935] kasan_atomics+0xb8/0x2e0 [ 20.683985] kunit_try_run_case+0x170/0x3f0 [ 20.684028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.684073] kthread+0x328/0x630 [ 20.684105] ret_from_fork+0x10/0x20 [ 20.684143] [ 20.684164] The buggy address belongs to the object at fff00000c7892700 [ 20.684164] which belongs to the cache kmalloc-64 of size 64 [ 20.684224] The buggy address is located 0 bytes to the right of [ 20.684224] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.684289] [ 20.684310] The buggy address belongs to the physical page: [ 20.684351] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.684957] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.685032] page_type: f5(slab) [ 20.685081] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.685137] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.685180] page dumped because: kasan: bad access detected [ 20.685256] [ 20.685315] Memory state around the buggy address: [ 20.685425] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.685481] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.685526] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.685564] ^ [ 20.685600] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.685642] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.685680] ================================================================== [ 20.753135] ================================================================== [ 20.753291] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 20.753421] Write of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.753542] [ 20.753616] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.754288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.754391] Hardware name: linux,dummy-virt (DT) [ 20.754462] Call trace: [ 20.754513] show_stack+0x20/0x38 (C) [ 20.754632] dump_stack_lvl+0x8c/0xd0 [ 20.754737] print_report+0x118/0x608 [ 20.754882] kasan_report+0xdc/0x128 [ 20.755047] kasan_check_range+0x100/0x1a8 [ 20.755310] __kasan_check_write+0x20/0x30 [ 20.755405] kasan_atomics_helper+0x11f8/0x4858 [ 20.755532] kasan_atomics+0x198/0x2e0 [ 20.755633] kunit_try_run_case+0x170/0x3f0 [ 20.755779] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.755957] kthread+0x328/0x630 [ 20.756092] ret_from_fork+0x10/0x20 [ 20.756249] [ 20.756328] Allocated by task 265: [ 20.756436] kasan_save_stack+0x3c/0x68 [ 20.756587] kasan_save_track+0x20/0x40 [ 20.756717] kasan_save_alloc_info+0x40/0x58 [ 20.756834] __kasan_kmalloc+0xd4/0xd8 [ 20.756925] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.757049] kasan_atomics+0xb8/0x2e0 [ 20.757181] kunit_try_run_case+0x170/0x3f0 [ 20.757303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.757425] kthread+0x328/0x630 [ 20.757504] ret_from_fork+0x10/0x20 [ 20.757587] [ 20.757996] The buggy address belongs to the object at fff00000c7892700 [ 20.757996] which belongs to the cache kmalloc-64 of size 64 [ 20.758353] The buggy address is located 0 bytes to the right of [ 20.758353] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.758534] [ 20.758578] The buggy address belongs to the physical page: [ 20.758643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.758753] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.759047] page_type: f5(slab) [ 20.759173] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.759281] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.759386] page dumped because: kasan: bad access detected [ 20.759459] [ 20.759501] Memory state around the buggy address: [ 20.759569] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.759671] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.759774] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.759855] ^ [ 20.760139] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.760291] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.760428] ================================================================== [ 20.936259] ================================================================== [ 20.936386] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 20.936514] Read of size 8 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.936668] [ 20.936959] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.937165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.937233] Hardware name: linux,dummy-virt (DT) [ 20.937511] Call trace: [ 20.937723] show_stack+0x20/0x38 (C) [ 20.938810] dump_stack_lvl+0x8c/0xd0 [ 20.938938] print_report+0x118/0x608 [ 20.939045] kasan_report+0xdc/0x128 [ 20.939142] __asan_report_load8_noabort+0x20/0x30 [ 20.939376] kasan_atomics_helper+0x3df4/0x4858 [ 20.939473] kasan_atomics+0x198/0x2e0 [ 20.939588] kunit_try_run_case+0x170/0x3f0 [ 20.939703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.939828] kthread+0x328/0x630 [ 20.939923] ret_from_fork+0x10/0x20 [ 20.940031] [ 20.940074] Allocated by task 265: [ 20.940146] kasan_save_stack+0x3c/0x68 [ 20.940222] kasan_save_track+0x20/0x40 [ 20.940297] kasan_save_alloc_info+0x40/0x58 [ 20.940399] __kasan_kmalloc+0xd4/0xd8 [ 20.940503] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.940648] kasan_atomics+0xb8/0x2e0 [ 20.940737] kunit_try_run_case+0x170/0x3f0 [ 20.940827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.940930] kthread+0x328/0x630 [ 20.941018] ret_from_fork+0x10/0x20 [ 20.941131] [ 20.941176] The buggy address belongs to the object at fff00000c7892700 [ 20.941176] which belongs to the cache kmalloc-64 of size 64 [ 20.941309] The buggy address is located 0 bytes to the right of [ 20.941309] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.941447] [ 20.941492] The buggy address belongs to the physical page: [ 20.941608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.941766] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.942074] page_type: f5(slab) [ 20.942168] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.942279] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.942419] page dumped because: kasan: bad access detected [ 20.942536] [ 20.942596] Memory state around the buggy address: [ 20.942697] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.942811] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.942902] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.943035] ^ [ 20.943117] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.943220] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.943314] ================================================================== [ 20.666623] ================================================================== [ 20.666673] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 20.666736] Read of size 4 at addr fff00000c7892730 by task kunit_try_catch/265 [ 20.666817] [ 20.666849] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT [ 20.666933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.666963] Hardware name: linux,dummy-virt (DT) [ 20.666995] Call trace: [ 20.667019] show_stack+0x20/0x38 (C) [ 20.667069] dump_stack_lvl+0x8c/0xd0 [ 20.667116] print_report+0x118/0x608 [ 20.667162] kasan_report+0xdc/0x128 [ 20.667259] __asan_report_load4_noabort+0x20/0x30 [ 20.667668] kasan_atomics_helper+0x3e04/0x4858 [ 20.667801] kasan_atomics+0x198/0x2e0 [ 20.667851] kunit_try_run_case+0x170/0x3f0 [ 20.667902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.667956] kthread+0x328/0x630 [ 20.667998] ret_from_fork+0x10/0x20 [ 20.668048] [ 20.668070] Allocated by task 265: [ 20.668102] kasan_save_stack+0x3c/0x68 [ 20.668145] kasan_save_track+0x20/0x40 [ 20.668276] kasan_save_alloc_info+0x40/0x58 [ 20.668444] __kasan_kmalloc+0xd4/0xd8 [ 20.668604] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.668649] kasan_atomics+0xb8/0x2e0 [ 20.668687] kunit_try_run_case+0x170/0x3f0 [ 20.668777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.668841] kthread+0x328/0x630 [ 20.668873] ret_from_fork+0x10/0x20 [ 20.668911] [ 20.668945] The buggy address belongs to the object at fff00000c7892700 [ 20.668945] which belongs to the cache kmalloc-64 of size 64 [ 20.669005] The buggy address is located 0 bytes to the right of [ 20.669005] allocated 48-byte region [fff00000c7892700, fff00000c7892730) [ 20.669068] [ 20.669090] The buggy address belongs to the physical page: [ 20.669123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 20.669175] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.669248] page_type: f5(slab) [ 20.669315] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.669382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.669447] page dumped because: kasan: bad access detected [ 20.669517] [ 20.669566] Memory state around the buggy address: [ 20.669606] fff00000c7892600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.669704] fff00000c7892680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.669795] >fff00000c7892700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.669832] ^ [ 20.669864] fff00000c7892780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.669906] fff00000c7892800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.669944] ==================================================================
[ 14.192900] ================================================================== [ 14.193527] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.193819] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.194189] [ 14.194306] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.194351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.194364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.194398] Call Trace: [ 14.194415] <TASK> [ 14.194432] dump_stack_lvl+0x73/0xb0 [ 14.194460] print_report+0xd1/0x650 [ 14.194484] ? __virt_addr_valid+0x1db/0x2d0 [ 14.194507] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.194530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.194553] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.194576] kasan_report+0x141/0x180 [ 14.194599] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.194626] __asan_report_load4_noabort+0x18/0x20 [ 14.194648] kasan_atomics_helper+0x49ce/0x5450 [ 14.194672] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.194695] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.194716] ? ret_from_fork_asm+0x1a/0x30 [ 14.194738] ? kasan_atomics+0x152/0x310 [ 14.194762] kasan_atomics+0x1dc/0x310 [ 14.194798] ? __pfx_kasan_atomics+0x10/0x10 [ 14.194820] ? __pfx_read_tsc+0x10/0x10 [ 14.194841] ? ktime_get_ts64+0x86/0x230 [ 14.194868] kunit_try_run_case+0x1a5/0x480 [ 14.194891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.194911] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.194938] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.194963] ? __kthread_parkme+0x82/0x180 [ 14.194984] ? preempt_count_sub+0x50/0x80 [ 14.195049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.195076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.195103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.195128] kthread+0x337/0x6f0 [ 14.195148] ? trace_preempt_on+0x20/0xc0 [ 14.195174] ? __pfx_kthread+0x10/0x10 [ 14.195196] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.195220] ? calculate_sigpending+0x7b/0xa0 [ 14.195244] ? __pfx_kthread+0x10/0x10 [ 14.195266] ret_from_fork+0x116/0x1d0 [ 14.195285] ? __pfx_kthread+0x10/0x10 [ 14.195306] ret_from_fork_asm+0x1a/0x30 [ 14.195337] </TASK> [ 14.195349] [ 14.208433] Allocated by task 283: [ 14.208918] kasan_save_stack+0x45/0x70 [ 14.209307] kasan_save_track+0x18/0x40 [ 14.209467] kasan_save_alloc_info+0x3b/0x50 [ 14.209614] __kasan_kmalloc+0xb7/0xc0 [ 14.209763] __kmalloc_cache_noprof+0x189/0x420 [ 14.210192] kasan_atomics+0x95/0x310 [ 14.210573] kunit_try_run_case+0x1a5/0x480 [ 14.211050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.211643] kthread+0x337/0x6f0 [ 14.212037] ret_from_fork+0x116/0x1d0 [ 14.212413] ret_from_fork_asm+0x1a/0x30 [ 14.212679] [ 14.212819] The buggy address belongs to the object at ffff8881039bd780 [ 14.212819] which belongs to the cache kmalloc-64 of size 64 [ 14.213738] The buggy address is located 0 bytes to the right of [ 14.213738] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.214850] [ 14.214936] The buggy address belongs to the physical page: [ 14.215400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.216348] flags: 0x200000000000000(node=0|zone=2) [ 14.216532] page_type: f5(slab) [ 14.216654] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.217303] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.218103] page dumped because: kasan: bad access detected [ 14.218793] [ 14.218963] Memory state around the buggy address: [ 14.219454] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.219675] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.220323] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.221200] ^ [ 14.221654] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.221925] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.222445] ================================================================== [ 14.499547] ================================================================== [ 14.499911] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.500344] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.500616] [ 14.500703] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.500751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.500764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.500821] Call Trace: [ 14.500860] <TASK> [ 14.500898] dump_stack_lvl+0x73/0xb0 [ 14.500950] print_report+0xd1/0x650 [ 14.500974] ? __virt_addr_valid+0x1db/0x2d0 [ 14.500997] ? kasan_atomics_helper+0x194a/0x5450 [ 14.501021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.501044] ? kasan_atomics_helper+0x194a/0x5450 [ 14.501067] kasan_report+0x141/0x180 [ 14.501090] ? kasan_atomics_helper+0x194a/0x5450 [ 14.501118] kasan_check_range+0x10c/0x1c0 [ 14.501143] __kasan_check_write+0x18/0x20 [ 14.501164] kasan_atomics_helper+0x194a/0x5450 [ 14.501188] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.501211] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.501232] ? ret_from_fork_asm+0x1a/0x30 [ 14.501255] ? kasan_atomics+0x152/0x310 [ 14.501289] kasan_atomics+0x1dc/0x310 [ 14.501309] ? __pfx_kasan_atomics+0x10/0x10 [ 14.501330] ? __pfx_read_tsc+0x10/0x10 [ 14.501352] ? ktime_get_ts64+0x86/0x230 [ 14.501388] kunit_try_run_case+0x1a5/0x480 [ 14.501410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.501465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.501515] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.501541] ? __kthread_parkme+0x82/0x180 [ 14.501561] ? preempt_count_sub+0x50/0x80 [ 14.501585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.501607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.501631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.501687] kthread+0x337/0x6f0 [ 14.501707] ? trace_preempt_on+0x20/0xc0 [ 14.501741] ? __pfx_kthread+0x10/0x10 [ 14.501762] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.501786] ? calculate_sigpending+0x7b/0xa0 [ 14.501810] ? __pfx_kthread+0x10/0x10 [ 14.501863] ret_from_fork+0x116/0x1d0 [ 14.501882] ? __pfx_kthread+0x10/0x10 [ 14.501903] ret_from_fork_asm+0x1a/0x30 [ 14.501934] </TASK> [ 14.501945] [ 14.510397] Allocated by task 283: [ 14.510595] kasan_save_stack+0x45/0x70 [ 14.510822] kasan_save_track+0x18/0x40 [ 14.511033] kasan_save_alloc_info+0x3b/0x50 [ 14.511238] __kasan_kmalloc+0xb7/0xc0 [ 14.511442] __kmalloc_cache_noprof+0x189/0x420 [ 14.511603] kasan_atomics+0x95/0x310 [ 14.511802] kunit_try_run_case+0x1a5/0x480 [ 14.512018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.512292] kthread+0x337/0x6f0 [ 14.512431] ret_from_fork+0x116/0x1d0 [ 14.512568] ret_from_fork_asm+0x1a/0x30 [ 14.512873] [ 14.513002] The buggy address belongs to the object at ffff8881039bd780 [ 14.513002] which belongs to the cache kmalloc-64 of size 64 [ 14.513683] The buggy address is located 0 bytes to the right of [ 14.513683] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.514148] [ 14.514223] The buggy address belongs to the physical page: [ 14.514475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.514942] flags: 0x200000000000000(node=0|zone=2) [ 14.515140] page_type: f5(slab) [ 14.515316] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.515678] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.516083] page dumped because: kasan: bad access detected [ 14.516343] [ 14.516448] Memory state around the buggy address: [ 14.516679] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.517117] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.517448] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.517789] ^ [ 14.518040] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.518405] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.518726] ================================================================== [ 13.892845] ================================================================== [ 13.893206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 13.893534] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.893872] [ 13.894076] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.894127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.894141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.894164] Call Trace: [ 13.894179] <TASK> [ 13.894194] dump_stack_lvl+0x73/0xb0 [ 13.894221] print_report+0xd1/0x650 [ 13.894246] ? __virt_addr_valid+0x1db/0x2d0 [ 13.894269] ? kasan_atomics_helper+0xe78/0x5450 [ 13.894290] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.894315] ? kasan_atomics_helper+0xe78/0x5450 [ 13.894339] kasan_report+0x141/0x180 [ 13.894364] ? kasan_atomics_helper+0xe78/0x5450 [ 13.894404] kasan_check_range+0x10c/0x1c0 [ 13.894429] __kasan_check_write+0x18/0x20 [ 13.894449] kasan_atomics_helper+0xe78/0x5450 [ 13.894473] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.894496] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.894518] ? ret_from_fork_asm+0x1a/0x30 [ 13.894539] ? kasan_atomics+0x152/0x310 [ 13.894562] kasan_atomics+0x1dc/0x310 [ 13.894583] ? __pfx_kasan_atomics+0x10/0x10 [ 13.894603] ? __pfx_read_tsc+0x10/0x10 [ 13.894625] ? ktime_get_ts64+0x86/0x230 [ 13.894650] kunit_try_run_case+0x1a5/0x480 [ 13.894672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.894692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.894717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.894743] ? __kthread_parkme+0x82/0x180 [ 13.894784] ? preempt_count_sub+0x50/0x80 [ 13.894808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.894830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.894855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.894881] kthread+0x337/0x6f0 [ 13.894900] ? trace_preempt_on+0x20/0xc0 [ 13.894924] ? __pfx_kthread+0x10/0x10 [ 13.894945] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.894968] ? calculate_sigpending+0x7b/0xa0 [ 13.895174] ? __pfx_kthread+0x10/0x10 [ 13.895204] ret_from_fork+0x116/0x1d0 [ 13.895226] ? __pfx_kthread+0x10/0x10 [ 13.895247] ret_from_fork_asm+0x1a/0x30 [ 13.895278] </TASK> [ 13.895290] [ 13.903341] Allocated by task 283: [ 13.904769] kasan_save_stack+0x45/0x70 [ 13.905437] kasan_save_track+0x18/0x40 [ 13.906193] kasan_save_alloc_info+0x3b/0x50 [ 13.906426] __kasan_kmalloc+0xb7/0xc0 [ 13.906567] __kmalloc_cache_noprof+0x189/0x420 [ 13.906721] kasan_atomics+0x95/0x310 [ 13.907138] kunit_try_run_case+0x1a5/0x480 [ 13.907550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.908145] kthread+0x337/0x6f0 [ 13.908583] ret_from_fork+0x116/0x1d0 [ 13.909034] ret_from_fork_asm+0x1a/0x30 [ 13.909464] [ 13.909539] The buggy address belongs to the object at ffff8881039bd780 [ 13.909539] which belongs to the cache kmalloc-64 of size 64 [ 13.909919] The buggy address is located 0 bytes to the right of [ 13.909919] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.911248] [ 13.911328] The buggy address belongs to the physical page: [ 13.911518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.912322] flags: 0x200000000000000(node=0|zone=2) [ 13.912794] page_type: f5(slab) [ 13.913110] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.913940] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.914547] page dumped because: kasan: bad access detected [ 13.914731] [ 13.914904] Memory state around the buggy address: [ 13.915450] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.916366] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.917015] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.917264] ^ [ 13.917843] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.918582] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.919063] ================================================================== [ 13.539505] ================================================================== [ 13.539821] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 13.540191] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.540436] [ 13.540519] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.540564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.540577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.540599] Call Trace: [ 13.540615] <TASK> [ 13.540630] dump_stack_lvl+0x73/0xb0 [ 13.540657] print_report+0xd1/0x650 [ 13.540681] ? __virt_addr_valid+0x1db/0x2d0 [ 13.540706] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.540729] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.540753] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.540776] kasan_report+0x141/0x180 [ 13.540800] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.540828] __asan_report_load4_noabort+0x18/0x20 [ 13.540850] kasan_atomics_helper+0x4b54/0x5450 [ 13.540875] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.540899] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.540921] ? ret_from_fork_asm+0x1a/0x30 [ 13.540943] ? kasan_atomics+0x152/0x310 [ 13.540979] kasan_atomics+0x1dc/0x310 [ 13.540999] ? __pfx_kasan_atomics+0x10/0x10 [ 13.541031] ? __pfx_read_tsc+0x10/0x10 [ 13.541052] ? ktime_get_ts64+0x86/0x230 [ 13.541079] kunit_try_run_case+0x1a5/0x480 [ 13.541102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.541123] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.541148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.541174] ? __kthread_parkme+0x82/0x180 [ 13.541195] ? preempt_count_sub+0x50/0x80 [ 13.541220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.541242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.541267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.541293] kthread+0x337/0x6f0 [ 13.541313] ? trace_preempt_on+0x20/0xc0 [ 13.541339] ? __pfx_kthread+0x10/0x10 [ 13.541360] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.541395] ? calculate_sigpending+0x7b/0xa0 [ 13.541420] ? __pfx_kthread+0x10/0x10 [ 13.541443] ret_from_fork+0x116/0x1d0 [ 13.541463] ? __pfx_kthread+0x10/0x10 [ 13.541485] ret_from_fork_asm+0x1a/0x30 [ 13.541517] </TASK> [ 13.541528] [ 13.549795] Allocated by task 283: [ 13.549967] kasan_save_stack+0x45/0x70 [ 13.550200] kasan_save_track+0x18/0x40 [ 13.550413] kasan_save_alloc_info+0x3b/0x50 [ 13.550626] __kasan_kmalloc+0xb7/0xc0 [ 13.550983] __kmalloc_cache_noprof+0x189/0x420 [ 13.551356] kasan_atomics+0x95/0x310 [ 13.551551] kunit_try_run_case+0x1a5/0x480 [ 13.551774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.551998] kthread+0x337/0x6f0 [ 13.552209] ret_from_fork+0x116/0x1d0 [ 13.552410] ret_from_fork_asm+0x1a/0x30 [ 13.552553] [ 13.552626] The buggy address belongs to the object at ffff8881039bd780 [ 13.552626] which belongs to the cache kmalloc-64 of size 64 [ 13.553109] The buggy address is located 0 bytes to the right of [ 13.553109] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.553787] [ 13.553894] The buggy address belongs to the physical page: [ 13.554116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.554360] flags: 0x200000000000000(node=0|zone=2) [ 13.554534] page_type: f5(slab) [ 13.554658] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.555478] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.555837] page dumped because: kasan: bad access detected [ 13.556099] [ 13.556197] Memory state around the buggy address: [ 13.556368] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.556837] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.557221] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.557454] ^ [ 13.557682] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.558001] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.558411] ================================================================== [ 13.657404] ================================================================== [ 13.657708] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 13.658021] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.658360] [ 13.659269] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.659320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.659333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.659356] Call Trace: [ 13.659370] <TASK> [ 13.659396] dump_stack_lvl+0x73/0xb0 [ 13.659425] print_report+0xd1/0x650 [ 13.659448] ? __virt_addr_valid+0x1db/0x2d0 [ 13.659486] ? kasan_atomics_helper+0x72f/0x5450 [ 13.659510] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.659532] ? kasan_atomics_helper+0x72f/0x5450 [ 13.659555] kasan_report+0x141/0x180 [ 13.659578] ? kasan_atomics_helper+0x72f/0x5450 [ 13.659607] kasan_check_range+0x10c/0x1c0 [ 13.659635] __kasan_check_write+0x18/0x20 [ 13.659656] kasan_atomics_helper+0x72f/0x5450 [ 13.659679] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.659723] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.659745] ? ret_from_fork_asm+0x1a/0x30 [ 13.659766] ? kasan_atomics+0x152/0x310 [ 13.659791] kasan_atomics+0x1dc/0x310 [ 13.659810] ? __pfx_kasan_atomics+0x10/0x10 [ 13.659832] ? __pfx_read_tsc+0x10/0x10 [ 13.659853] ? ktime_get_ts64+0x86/0x230 [ 13.659878] kunit_try_run_case+0x1a5/0x480 [ 13.659900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.659920] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.659946] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.659972] ? __kthread_parkme+0x82/0x180 [ 13.660248] ? preempt_count_sub+0x50/0x80 [ 13.660278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.660302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.660328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.660354] kthread+0x337/0x6f0 [ 13.660386] ? trace_preempt_on+0x20/0xc0 [ 13.660412] ? __pfx_kthread+0x10/0x10 [ 13.660435] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.660459] ? calculate_sigpending+0x7b/0xa0 [ 13.660484] ? __pfx_kthread+0x10/0x10 [ 13.660507] ret_from_fork+0x116/0x1d0 [ 13.660527] ? __pfx_kthread+0x10/0x10 [ 13.660548] ret_from_fork_asm+0x1a/0x30 [ 13.660579] </TASK> [ 13.660591] [ 13.669279] Allocated by task 283: [ 13.669426] kasan_save_stack+0x45/0x70 [ 13.669610] kasan_save_track+0x18/0x40 [ 13.669827] kasan_save_alloc_info+0x3b/0x50 [ 13.670200] __kasan_kmalloc+0xb7/0xc0 [ 13.670421] __kmalloc_cache_noprof+0x189/0x420 [ 13.670648] kasan_atomics+0x95/0x310 [ 13.670860] kunit_try_run_case+0x1a5/0x480 [ 13.671158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.671442] kthread+0x337/0x6f0 [ 13.671615] ret_from_fork+0x116/0x1d0 [ 13.671816] ret_from_fork_asm+0x1a/0x30 [ 13.672082] [ 13.672171] The buggy address belongs to the object at ffff8881039bd780 [ 13.672171] which belongs to the cache kmalloc-64 of size 64 [ 13.672668] The buggy address is located 0 bytes to the right of [ 13.672668] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.673263] [ 13.673346] The buggy address belongs to the physical page: [ 13.673592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.673923] flags: 0x200000000000000(node=0|zone=2) [ 13.674369] page_type: f5(slab) [ 13.674565] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.674869] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.675271] page dumped because: kasan: bad access detected [ 13.675491] [ 13.675564] Memory state around the buggy address: [ 13.675744] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.676098] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.676431] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.676750] ^ [ 13.676930] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.677149] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.677475] ================================================================== [ 14.910948] ================================================================== [ 14.911354] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 14.911689] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.912054] [ 14.912140] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.912184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.912197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.912218] Call Trace: [ 14.912231] <TASK> [ 14.912245] dump_stack_lvl+0x73/0xb0 [ 14.912271] print_report+0xd1/0x650 [ 14.912296] ? __virt_addr_valid+0x1db/0x2d0 [ 14.912319] ? kasan_atomics_helper+0x5115/0x5450 [ 14.912341] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.912364] ? kasan_atomics_helper+0x5115/0x5450 [ 14.912398] kasan_report+0x141/0x180 [ 14.912421] ? kasan_atomics_helper+0x5115/0x5450 [ 14.912448] __asan_report_load8_noabort+0x18/0x20 [ 14.912469] kasan_atomics_helper+0x5115/0x5450 [ 14.912494] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.912517] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.912538] ? ret_from_fork_asm+0x1a/0x30 [ 14.912561] ? kasan_atomics+0x152/0x310 [ 14.912585] kasan_atomics+0x1dc/0x310 [ 14.912605] ? __pfx_kasan_atomics+0x10/0x10 [ 14.912626] ? __pfx_read_tsc+0x10/0x10 [ 14.912683] ? ktime_get_ts64+0x86/0x230 [ 14.912709] kunit_try_run_case+0x1a5/0x480 [ 14.912742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.912763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.912789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.912843] ? __kthread_parkme+0x82/0x180 [ 14.912864] ? preempt_count_sub+0x50/0x80 [ 14.912898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.912920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.912945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.912971] kthread+0x337/0x6f0 [ 14.912991] ? trace_preempt_on+0x20/0xc0 [ 14.913015] ? __pfx_kthread+0x10/0x10 [ 14.913065] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.913089] ? calculate_sigpending+0x7b/0xa0 [ 14.913113] ? __pfx_kthread+0x10/0x10 [ 14.913145] ret_from_fork+0x116/0x1d0 [ 14.913165] ? __pfx_kthread+0x10/0x10 [ 14.913186] ret_from_fork_asm+0x1a/0x30 [ 14.913219] </TASK> [ 14.913230] [ 14.921332] Allocated by task 283: [ 14.921475] kasan_save_stack+0x45/0x70 [ 14.921622] kasan_save_track+0x18/0x40 [ 14.921784] kasan_save_alloc_info+0x3b/0x50 [ 14.921994] __kasan_kmalloc+0xb7/0xc0 [ 14.922242] __kmalloc_cache_noprof+0x189/0x420 [ 14.922685] kasan_atomics+0x95/0x310 [ 14.922858] kunit_try_run_case+0x1a5/0x480 [ 14.923005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.923410] kthread+0x337/0x6f0 [ 14.923655] ret_from_fork+0x116/0x1d0 [ 14.923902] ret_from_fork_asm+0x1a/0x30 [ 14.924053] [ 14.924125] The buggy address belongs to the object at ffff8881039bd780 [ 14.924125] which belongs to the cache kmalloc-64 of size 64 [ 14.924490] The buggy address is located 0 bytes to the right of [ 14.924490] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.925430] [ 14.925528] The buggy address belongs to the physical page: [ 14.925831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.926196] flags: 0x200000000000000(node=0|zone=2) [ 14.926528] page_type: f5(slab) [ 14.926672] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.927085] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.927348] page dumped because: kasan: bad access detected [ 14.927532] [ 14.927603] Memory state around the buggy address: [ 14.927871] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.928196] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.928585] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.928918] ^ [ 14.929152] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.929454] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.929806] ================================================================== [ 14.832120] ================================================================== [ 14.832532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 14.833007] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.833410] [ 14.833554] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.833632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.833645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.833677] Call Trace: [ 14.833691] <TASK> [ 14.833707] dump_stack_lvl+0x73/0xb0 [ 14.833733] print_report+0xd1/0x650 [ 14.833756] ? __virt_addr_valid+0x1db/0x2d0 [ 14.833778] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.833800] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.833852] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.833875] kasan_report+0x141/0x180 [ 14.833909] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.833937] __asan_report_load8_noabort+0x18/0x20 [ 14.833959] kasan_atomics_helper+0x4fb2/0x5450 [ 14.833982] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.834005] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.834030] ? ret_from_fork_asm+0x1a/0x30 [ 14.834053] ? kasan_atomics+0x152/0x310 [ 14.834078] kasan_atomics+0x1dc/0x310 [ 14.834097] ? __pfx_kasan_atomics+0x10/0x10 [ 14.834119] ? __pfx_read_tsc+0x10/0x10 [ 14.834140] ? ktime_get_ts64+0x86/0x230 [ 14.834165] kunit_try_run_case+0x1a5/0x480 [ 14.834187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.834207] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.834264] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.834289] ? __kthread_parkme+0x82/0x180 [ 14.834342] ? preempt_count_sub+0x50/0x80 [ 14.834392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.834414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.834439] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.834464] kthread+0x337/0x6f0 [ 14.834484] ? trace_preempt_on+0x20/0xc0 [ 14.834508] ? __pfx_kthread+0x10/0x10 [ 14.834530] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.834554] ? calculate_sigpending+0x7b/0xa0 [ 14.834577] ? __pfx_kthread+0x10/0x10 [ 14.834613] ret_from_fork+0x116/0x1d0 [ 14.834633] ? __pfx_kthread+0x10/0x10 [ 14.834654] ret_from_fork_asm+0x1a/0x30 [ 14.834685] </TASK> [ 14.834697] [ 14.843074] Allocated by task 283: [ 14.843309] kasan_save_stack+0x45/0x70 [ 14.843553] kasan_save_track+0x18/0x40 [ 14.843778] kasan_save_alloc_info+0x3b/0x50 [ 14.843995] __kasan_kmalloc+0xb7/0xc0 [ 14.844160] __kmalloc_cache_noprof+0x189/0x420 [ 14.844354] kasan_atomics+0x95/0x310 [ 14.844518] kunit_try_run_case+0x1a5/0x480 [ 14.844707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.844943] kthread+0x337/0x6f0 [ 14.845121] ret_from_fork+0x116/0x1d0 [ 14.845330] ret_from_fork_asm+0x1a/0x30 [ 14.845592] [ 14.845760] The buggy address belongs to the object at ffff8881039bd780 [ 14.845760] which belongs to the cache kmalloc-64 of size 64 [ 14.846220] The buggy address is located 0 bytes to the right of [ 14.846220] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.846932] [ 14.847030] The buggy address belongs to the physical page: [ 14.847288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.847583] flags: 0x200000000000000(node=0|zone=2) [ 14.847871] page_type: f5(slab) [ 14.848051] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.848528] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.848902] page dumped because: kasan: bad access detected [ 14.849137] [ 14.849208] Memory state around the buggy address: [ 14.849364] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.849702] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.850032] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.850310] ^ [ 14.850577] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.850851] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.851228] ================================================================== [ 13.558839] ================================================================== [ 13.559159] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 13.559437] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.559662] [ 13.559747] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.559793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.559805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.559827] Call Trace: [ 13.559841] <TASK> [ 13.559856] dump_stack_lvl+0x73/0xb0 [ 13.559882] print_report+0xd1/0x650 [ 13.559906] ? __virt_addr_valid+0x1db/0x2d0 [ 13.559928] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.559950] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.559974] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.559997] kasan_report+0x141/0x180 [ 13.560019] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.560048] kasan_check_range+0x10c/0x1c0 [ 13.560074] __kasan_check_write+0x18/0x20 [ 13.560095] kasan_atomics_helper+0x4a0/0x5450 [ 13.560119] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.560142] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.560164] ? ret_from_fork_asm+0x1a/0x30 [ 13.560186] ? kasan_atomics+0x152/0x310 [ 13.560210] kasan_atomics+0x1dc/0x310 [ 13.560230] ? __pfx_kasan_atomics+0x10/0x10 [ 13.560252] ? __pfx_read_tsc+0x10/0x10 [ 13.560434] ? ktime_get_ts64+0x86/0x230 [ 13.560466] kunit_try_run_case+0x1a5/0x480 [ 13.560490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.560510] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.560536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.560563] ? __kthread_parkme+0x82/0x180 [ 13.560585] ? preempt_count_sub+0x50/0x80 [ 13.560609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.560631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.560656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.560682] kthread+0x337/0x6f0 [ 13.560702] ? trace_preempt_on+0x20/0xc0 [ 13.560737] ? __pfx_kthread+0x10/0x10 [ 13.560759] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.560783] ? calculate_sigpending+0x7b/0xa0 [ 13.560806] ? __pfx_kthread+0x10/0x10 [ 13.560829] ret_from_fork+0x116/0x1d0 [ 13.560849] ? __pfx_kthread+0x10/0x10 [ 13.560870] ret_from_fork_asm+0x1a/0x30 [ 13.560902] </TASK> [ 13.560913] [ 13.569921] Allocated by task 283: [ 13.570135] kasan_save_stack+0x45/0x70 [ 13.570286] kasan_save_track+0x18/0x40 [ 13.570461] kasan_save_alloc_info+0x3b/0x50 [ 13.570679] __kasan_kmalloc+0xb7/0xc0 [ 13.570879] __kmalloc_cache_noprof+0x189/0x420 [ 13.571242] kasan_atomics+0x95/0x310 [ 13.571392] kunit_try_run_case+0x1a5/0x480 [ 13.571608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.571916] kthread+0x337/0x6f0 [ 13.572264] ret_from_fork+0x116/0x1d0 [ 13.572434] ret_from_fork_asm+0x1a/0x30 [ 13.572637] [ 13.572739] The buggy address belongs to the object at ffff8881039bd780 [ 13.572739] which belongs to the cache kmalloc-64 of size 64 [ 13.573219] The buggy address is located 0 bytes to the right of [ 13.573219] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.573849] [ 13.573953] The buggy address belongs to the physical page: [ 13.574250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.574577] flags: 0x200000000000000(node=0|zone=2) [ 13.574816] page_type: f5(slab) [ 13.574974] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.575210] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.575484] page dumped because: kasan: bad access detected [ 13.575872] [ 13.575968] Memory state around the buggy address: [ 13.576195] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.576592] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.576810] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.577519] ^ [ 13.577771] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.578204] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.578505] ================================================================== [ 14.386425] ================================================================== [ 14.386955] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.387400] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.387687] [ 14.387815] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.387945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.388023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.388061] Call Trace: [ 14.388076] <TASK> [ 14.388093] dump_stack_lvl+0x73/0xb0 [ 14.388123] print_report+0xd1/0x650 [ 14.388148] ? __virt_addr_valid+0x1db/0x2d0 [ 14.388171] ? kasan_atomics_helper+0x164f/0x5450 [ 14.388193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.388216] ? kasan_atomics_helper+0x164f/0x5450 [ 14.388239] kasan_report+0x141/0x180 [ 14.388262] ? kasan_atomics_helper+0x164f/0x5450 [ 14.388290] kasan_check_range+0x10c/0x1c0 [ 14.388314] __kasan_check_write+0x18/0x20 [ 14.388334] kasan_atomics_helper+0x164f/0x5450 [ 14.388358] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.388391] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.388412] ? ret_from_fork_asm+0x1a/0x30 [ 14.388434] ? kasan_atomics+0x152/0x310 [ 14.388457] kasan_atomics+0x1dc/0x310 [ 14.388476] ? __pfx_kasan_atomics+0x10/0x10 [ 14.388498] ? __pfx_read_tsc+0x10/0x10 [ 14.388519] ? ktime_get_ts64+0x86/0x230 [ 14.388543] kunit_try_run_case+0x1a5/0x480 [ 14.388565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.388585] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.388610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.388635] ? __kthread_parkme+0x82/0x180 [ 14.388655] ? preempt_count_sub+0x50/0x80 [ 14.388680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.388701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.388883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.388909] kthread+0x337/0x6f0 [ 14.388929] ? trace_preempt_on+0x20/0xc0 [ 14.388954] ? __pfx_kthread+0x10/0x10 [ 14.388975] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.388999] ? calculate_sigpending+0x7b/0xa0 [ 14.389033] ? __pfx_kthread+0x10/0x10 [ 14.389057] ret_from_fork+0x116/0x1d0 [ 14.389076] ? __pfx_kthread+0x10/0x10 [ 14.389098] ret_from_fork_asm+0x1a/0x30 [ 14.389128] </TASK> [ 14.389139] [ 14.399836] Allocated by task 283: [ 14.400113] kasan_save_stack+0x45/0x70 [ 14.400300] kasan_save_track+0x18/0x40 [ 14.400525] kasan_save_alloc_info+0x3b/0x50 [ 14.401064] __kasan_kmalloc+0xb7/0xc0 [ 14.401370] __kmalloc_cache_noprof+0x189/0x420 [ 14.401603] kasan_atomics+0x95/0x310 [ 14.401894] kunit_try_run_case+0x1a5/0x480 [ 14.402161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.402623] kthread+0x337/0x6f0 [ 14.402808] ret_from_fork+0x116/0x1d0 [ 14.403155] ret_from_fork_asm+0x1a/0x30 [ 14.403331] [ 14.403444] The buggy address belongs to the object at ffff8881039bd780 [ 14.403444] which belongs to the cache kmalloc-64 of size 64 [ 14.403944] The buggy address is located 0 bytes to the right of [ 14.403944] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.404886] [ 14.405008] The buggy address belongs to the physical page: [ 14.405474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.405984] flags: 0x200000000000000(node=0|zone=2) [ 14.406352] page_type: f5(slab) [ 14.406520] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.407056] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.407543] page dumped because: kasan: bad access detected [ 14.407736] [ 14.407842] Memory state around the buggy address: [ 14.408050] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.408640] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.408947] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.409433] ^ [ 14.409703] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.409952] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.410546] ================================================================== [ 14.456309] ================================================================== [ 14.456602] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.456963] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.457338] [ 14.457437] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.457482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.457495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.457516] Call Trace: [ 14.457532] <TASK> [ 14.457547] dump_stack_lvl+0x73/0xb0 [ 14.457573] print_report+0xd1/0x650 [ 14.457597] ? __virt_addr_valid+0x1db/0x2d0 [ 14.457620] ? kasan_atomics_helper+0x1818/0x5450 [ 14.457643] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.457667] ? kasan_atomics_helper+0x1818/0x5450 [ 14.457689] kasan_report+0x141/0x180 [ 14.457713] ? kasan_atomics_helper+0x1818/0x5450 [ 14.457740] kasan_check_range+0x10c/0x1c0 [ 14.457766] __kasan_check_write+0x18/0x20 [ 14.457786] kasan_atomics_helper+0x1818/0x5450 [ 14.457810] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.457833] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.457855] ? ret_from_fork_asm+0x1a/0x30 [ 14.457877] ? kasan_atomics+0x152/0x310 [ 14.457901] kasan_atomics+0x1dc/0x310 [ 14.457920] ? __pfx_kasan_atomics+0x10/0x10 [ 14.457942] ? __pfx_read_tsc+0x10/0x10 [ 14.457963] ? ktime_get_ts64+0x86/0x230 [ 14.457988] kunit_try_run_case+0x1a5/0x480 [ 14.458023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.458048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.458073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.458098] ? __kthread_parkme+0x82/0x180 [ 14.458119] ? preempt_count_sub+0x50/0x80 [ 14.458143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.458165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.458224] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.458250] kthread+0x337/0x6f0 [ 14.458270] ? trace_preempt_on+0x20/0xc0 [ 14.458295] ? __pfx_kthread+0x10/0x10 [ 14.458316] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.458339] ? calculate_sigpending+0x7b/0xa0 [ 14.458363] ? __pfx_kthread+0x10/0x10 [ 14.458395] ret_from_fork+0x116/0x1d0 [ 14.458415] ? __pfx_kthread+0x10/0x10 [ 14.458435] ret_from_fork_asm+0x1a/0x30 [ 14.458499] </TASK> [ 14.458510] [ 14.467290] Allocated by task 283: [ 14.467488] kasan_save_stack+0x45/0x70 [ 14.467679] kasan_save_track+0x18/0x40 [ 14.467821] kasan_save_alloc_info+0x3b/0x50 [ 14.467970] __kasan_kmalloc+0xb7/0xc0 [ 14.468105] __kmalloc_cache_noprof+0x189/0x420 [ 14.468259] kasan_atomics+0x95/0x310 [ 14.468486] kunit_try_run_case+0x1a5/0x480 [ 14.468833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.469090] kthread+0x337/0x6f0 [ 14.469260] ret_from_fork+0x116/0x1d0 [ 14.469458] ret_from_fork_asm+0x1a/0x30 [ 14.469656] [ 14.469791] The buggy address belongs to the object at ffff8881039bd780 [ 14.469791] which belongs to the cache kmalloc-64 of size 64 [ 14.470506] The buggy address is located 0 bytes to the right of [ 14.470506] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.471163] [ 14.471280] The buggy address belongs to the physical page: [ 14.471543] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.471964] flags: 0x200000000000000(node=0|zone=2) [ 14.472132] page_type: f5(slab) [ 14.472255] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.473281] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.473639] page dumped because: kasan: bad access detected [ 14.474529] [ 14.474650] Memory state around the buggy address: [ 14.475335] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.475696] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.475999] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.476268] ^ [ 14.476488] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.477057] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.477698] ================================================================== [ 14.478601] ================================================================== [ 14.479140] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.479574] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.480409] [ 14.480762] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.480815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.480837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.480860] Call Trace: [ 14.480876] <TASK> [ 14.480893] dump_stack_lvl+0x73/0xb0 [ 14.480922] print_report+0xd1/0x650 [ 14.480946] ? __virt_addr_valid+0x1db/0x2d0 [ 14.480969] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.480992] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.481015] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.481038] kasan_report+0x141/0x180 [ 14.481062] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.481089] kasan_check_range+0x10c/0x1c0 [ 14.481114] __kasan_check_write+0x18/0x20 [ 14.481135] kasan_atomics_helper+0x18b1/0x5450 [ 14.481160] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.481183] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.481204] ? ret_from_fork_asm+0x1a/0x30 [ 14.481226] ? kasan_atomics+0x152/0x310 [ 14.481249] kasan_atomics+0x1dc/0x310 [ 14.481269] ? __pfx_kasan_atomics+0x10/0x10 [ 14.481290] ? __pfx_read_tsc+0x10/0x10 [ 14.481311] ? ktime_get_ts64+0x86/0x230 [ 14.481336] kunit_try_run_case+0x1a5/0x480 [ 14.481357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.481389] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.481415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.481440] ? __kthread_parkme+0x82/0x180 [ 14.481461] ? preempt_count_sub+0x50/0x80 [ 14.481485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.481506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.481532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.481559] kthread+0x337/0x6f0 [ 14.481581] ? trace_preempt_on+0x20/0xc0 [ 14.481605] ? __pfx_kthread+0x10/0x10 [ 14.481628] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.481652] ? calculate_sigpending+0x7b/0xa0 [ 14.481677] ? __pfx_kthread+0x10/0x10 [ 14.481698] ret_from_fork+0x116/0x1d0 [ 14.481728] ? __pfx_kthread+0x10/0x10 [ 14.481750] ret_from_fork_asm+0x1a/0x30 [ 14.481780] </TASK> [ 14.481792] [ 14.490279] Allocated by task 283: [ 14.490486] kasan_save_stack+0x45/0x70 [ 14.490744] kasan_save_track+0x18/0x40 [ 14.490916] kasan_save_alloc_info+0x3b/0x50 [ 14.491131] __kasan_kmalloc+0xb7/0xc0 [ 14.491317] __kmalloc_cache_noprof+0x189/0x420 [ 14.491517] kasan_atomics+0x95/0x310 [ 14.491848] kunit_try_run_case+0x1a5/0x480 [ 14.492016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.492211] kthread+0x337/0x6f0 [ 14.492425] ret_from_fork+0x116/0x1d0 [ 14.492673] ret_from_fork_asm+0x1a/0x30 [ 14.492967] [ 14.493058] The buggy address belongs to the object at ffff8881039bd780 [ 14.493058] which belongs to the cache kmalloc-64 of size 64 [ 14.493540] The buggy address is located 0 bytes to the right of [ 14.493540] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.494305] [ 14.494433] The buggy address belongs to the physical page: [ 14.494695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.494977] flags: 0x200000000000000(node=0|zone=2) [ 14.495254] page_type: f5(slab) [ 14.495430] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.495663] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.496312] page dumped because: kasan: bad access detected [ 14.496518] [ 14.496587] Memory state around the buggy address: [ 14.496911] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.497248] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.497597] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.497930] ^ [ 14.498176] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498509] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498821] ================================================================== [ 13.736264] ================================================================== [ 13.736625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 13.736950] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.737303] [ 13.737427] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.737472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.737485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.737507] Call Trace: [ 13.737520] <TASK> [ 13.737534] dump_stack_lvl+0x73/0xb0 [ 13.737560] print_report+0xd1/0x650 [ 13.737584] ? __virt_addr_valid+0x1db/0x2d0 [ 13.737607] ? kasan_atomics_helper+0x992/0x5450 [ 13.737629] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.737653] ? kasan_atomics_helper+0x992/0x5450 [ 13.737676] kasan_report+0x141/0x180 [ 13.737720] ? kasan_atomics_helper+0x992/0x5450 [ 13.737750] kasan_check_range+0x10c/0x1c0 [ 13.737775] __kasan_check_write+0x18/0x20 [ 13.737796] kasan_atomics_helper+0x992/0x5450 [ 13.737819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.737843] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.737864] ? ret_from_fork_asm+0x1a/0x30 [ 13.737886] ? kasan_atomics+0x152/0x310 [ 13.737911] kasan_atomics+0x1dc/0x310 [ 13.737931] ? __pfx_kasan_atomics+0x10/0x10 [ 13.737952] ? __pfx_read_tsc+0x10/0x10 [ 13.737974] ? ktime_get_ts64+0x86/0x230 [ 13.738069] kunit_try_run_case+0x1a5/0x480 [ 13.738094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.738115] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.738141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.738167] ? __kthread_parkme+0x82/0x180 [ 13.738188] ? preempt_count_sub+0x50/0x80 [ 13.738212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.738234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.738259] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.738284] kthread+0x337/0x6f0 [ 13.738304] ? trace_preempt_on+0x20/0xc0 [ 13.738328] ? __pfx_kthread+0x10/0x10 [ 13.738349] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.738383] ? calculate_sigpending+0x7b/0xa0 [ 13.738407] ? __pfx_kthread+0x10/0x10 [ 13.738428] ret_from_fork+0x116/0x1d0 [ 13.738448] ? __pfx_kthread+0x10/0x10 [ 13.738469] ret_from_fork_asm+0x1a/0x30 [ 13.738499] </TASK> [ 13.738511] [ 13.747288] Allocated by task 283: [ 13.747456] kasan_save_stack+0x45/0x70 [ 13.747661] kasan_save_track+0x18/0x40 [ 13.747861] kasan_save_alloc_info+0x3b/0x50 [ 13.748238] __kasan_kmalloc+0xb7/0xc0 [ 13.748451] __kmalloc_cache_noprof+0x189/0x420 [ 13.748657] kasan_atomics+0x95/0x310 [ 13.748795] kunit_try_run_case+0x1a5/0x480 [ 13.749110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.749351] kthread+0x337/0x6f0 [ 13.749529] ret_from_fork+0x116/0x1d0 [ 13.749709] ret_from_fork_asm+0x1a/0x30 [ 13.749935] [ 13.750101] The buggy address belongs to the object at ffff8881039bd780 [ 13.750101] which belongs to the cache kmalloc-64 of size 64 [ 13.750596] The buggy address is located 0 bytes to the right of [ 13.750596] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.751157] [ 13.751260] The buggy address belongs to the physical page: [ 13.751493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.751803] flags: 0x200000000000000(node=0|zone=2) [ 13.752251] page_type: f5(slab) [ 13.752420] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.752665] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.752921] page dumped because: kasan: bad access detected [ 13.753230] [ 13.753328] Memory state around the buggy address: [ 13.753573] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.753913] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.754309] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.754601] ^ [ 13.754801] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.755030] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.755334] ================================================================== [ 13.853701] ================================================================== [ 13.854132] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 13.854475] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.854819] [ 13.854917] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.854961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.854974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.855185] Call Trace: [ 13.855208] <TASK> [ 13.855225] dump_stack_lvl+0x73/0xb0 [ 13.855255] print_report+0xd1/0x650 [ 13.855279] ? __virt_addr_valid+0x1db/0x2d0 [ 13.855303] ? kasan_atomics_helper+0xd47/0x5450 [ 13.855325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.855349] ? kasan_atomics_helper+0xd47/0x5450 [ 13.855371] kasan_report+0x141/0x180 [ 13.855408] ? kasan_atomics_helper+0xd47/0x5450 [ 13.855436] kasan_check_range+0x10c/0x1c0 [ 13.855460] __kasan_check_write+0x18/0x20 [ 13.855481] kasan_atomics_helper+0xd47/0x5450 [ 13.855504] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.855527] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.855548] ? ret_from_fork_asm+0x1a/0x30 [ 13.855570] ? kasan_atomics+0x152/0x310 [ 13.855593] kasan_atomics+0x1dc/0x310 [ 13.855613] ? __pfx_kasan_atomics+0x10/0x10 [ 13.855635] ? __pfx_read_tsc+0x10/0x10 [ 13.855656] ? ktime_get_ts64+0x86/0x230 [ 13.855682] kunit_try_run_case+0x1a5/0x480 [ 13.855704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.855724] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.855750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.855776] ? __kthread_parkme+0x82/0x180 [ 13.855797] ? preempt_count_sub+0x50/0x80 [ 13.855821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.855843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.855889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.855914] kthread+0x337/0x6f0 [ 13.855934] ? trace_preempt_on+0x20/0xc0 [ 13.855960] ? __pfx_kthread+0x10/0x10 [ 13.855982] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.856070] ? calculate_sigpending+0x7b/0xa0 [ 13.856095] ? __pfx_kthread+0x10/0x10 [ 13.856118] ret_from_fork+0x116/0x1d0 [ 13.856137] ? __pfx_kthread+0x10/0x10 [ 13.856159] ret_from_fork_asm+0x1a/0x30 [ 13.856191] </TASK> [ 13.856202] [ 13.864528] Allocated by task 283: [ 13.864689] kasan_save_stack+0x45/0x70 [ 13.864894] kasan_save_track+0x18/0x40 [ 13.865134] kasan_save_alloc_info+0x3b/0x50 [ 13.865329] __kasan_kmalloc+0xb7/0xc0 [ 13.865509] __kmalloc_cache_noprof+0x189/0x420 [ 13.865717] kasan_atomics+0x95/0x310 [ 13.865847] kunit_try_run_case+0x1a5/0x480 [ 13.865990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.866228] kthread+0x337/0x6f0 [ 13.866429] ret_from_fork+0x116/0x1d0 [ 13.866620] ret_from_fork_asm+0x1a/0x30 [ 13.866822] [ 13.866917] The buggy address belongs to the object at ffff8881039bd780 [ 13.866917] which belongs to the cache kmalloc-64 of size 64 [ 13.867603] The buggy address is located 0 bytes to the right of [ 13.867603] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.868218] [ 13.868324] The buggy address belongs to the physical page: [ 13.868559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.868924] flags: 0x200000000000000(node=0|zone=2) [ 13.869240] page_type: f5(slab) [ 13.869404] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.869708] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.869952] page dumped because: kasan: bad access detected [ 13.870132] [ 13.870202] Memory state around the buggy address: [ 13.870364] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.870690] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.871005] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.871317] ^ [ 13.871775] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.872139] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.872363] ================================================================== [ 14.695138] ================================================================== [ 14.695857] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 14.696102] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.696329] [ 14.696680] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.696951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.696968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.696990] Call Trace: [ 14.697009] <TASK> [ 14.697027] dump_stack_lvl+0x73/0xb0 [ 14.697091] print_report+0xd1/0x650 [ 14.697119] ? __virt_addr_valid+0x1db/0x2d0 [ 14.697141] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.697164] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.697188] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.697211] kasan_report+0x141/0x180 [ 14.697234] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.697262] kasan_check_range+0x10c/0x1c0 [ 14.697287] __kasan_check_write+0x18/0x20 [ 14.697309] kasan_atomics_helper+0x1eaa/0x5450 [ 14.697333] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.697357] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.697388] ? ret_from_fork_asm+0x1a/0x30 [ 14.697411] ? kasan_atomics+0x152/0x310 [ 14.697435] kasan_atomics+0x1dc/0x310 [ 14.697455] ? __pfx_kasan_atomics+0x10/0x10 [ 14.697477] ? __pfx_read_tsc+0x10/0x10 [ 14.697498] ? ktime_get_ts64+0x86/0x230 [ 14.697524] kunit_try_run_case+0x1a5/0x480 [ 14.697546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.697567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.697593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.697619] ? __kthread_parkme+0x82/0x180 [ 14.697642] ? preempt_count_sub+0x50/0x80 [ 14.697666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.697688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.697736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.697761] kthread+0x337/0x6f0 [ 14.697781] ? trace_preempt_on+0x20/0xc0 [ 14.697806] ? __pfx_kthread+0x10/0x10 [ 14.697828] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.697852] ? calculate_sigpending+0x7b/0xa0 [ 14.697877] ? __pfx_kthread+0x10/0x10 [ 14.697899] ret_from_fork+0x116/0x1d0 [ 14.697918] ? __pfx_kthread+0x10/0x10 [ 14.697939] ret_from_fork_asm+0x1a/0x30 [ 14.697970] </TASK> [ 14.697981] [ 14.710942] Allocated by task 283: [ 14.711264] kasan_save_stack+0x45/0x70 [ 14.711635] kasan_save_track+0x18/0x40 [ 14.712009] kasan_save_alloc_info+0x3b/0x50 [ 14.712402] __kasan_kmalloc+0xb7/0xc0 [ 14.712563] __kmalloc_cache_noprof+0x189/0x420 [ 14.712767] kasan_atomics+0x95/0x310 [ 14.713101] kunit_try_run_case+0x1a5/0x480 [ 14.713476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.713955] kthread+0x337/0x6f0 [ 14.714154] ret_from_fork+0x116/0x1d0 [ 14.714290] ret_from_fork_asm+0x1a/0x30 [ 14.714444] [ 14.714516] The buggy address belongs to the object at ffff8881039bd780 [ 14.714516] which belongs to the cache kmalloc-64 of size 64 [ 14.715240] The buggy address is located 0 bytes to the right of [ 14.715240] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.716328] [ 14.716495] The buggy address belongs to the physical page: [ 14.716981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.717660] flags: 0x200000000000000(node=0|zone=2) [ 14.718070] page_type: f5(slab) [ 14.718199] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.718449] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.718676] page dumped because: kasan: bad access detected [ 14.719175] [ 14.719333] Memory state around the buggy address: [ 14.719783] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.720396] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.721020] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.721635] ^ [ 14.722087] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.722501] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.722750] ================================================================== [ 14.302121] ================================================================== [ 14.303031] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.303939] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.304856] [ 14.305142] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.305203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.305218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.305241] Call Trace: [ 14.305259] <TASK> [ 14.305351] dump_stack_lvl+0x73/0xb0 [ 14.305396] print_report+0xd1/0x650 [ 14.305421] ? __virt_addr_valid+0x1db/0x2d0 [ 14.305444] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.305466] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.305489] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.305512] kasan_report+0x141/0x180 [ 14.305535] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.305562] __asan_report_store8_noabort+0x1b/0x30 [ 14.305584] kasan_atomics_helper+0x50d4/0x5450 [ 14.305607] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.305631] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.305652] ? ret_from_fork_asm+0x1a/0x30 [ 14.305673] ? kasan_atomics+0x152/0x310 [ 14.305696] kasan_atomics+0x1dc/0x310 [ 14.305728] ? __pfx_kasan_atomics+0x10/0x10 [ 14.305750] ? __pfx_read_tsc+0x10/0x10 [ 14.305771] ? ktime_get_ts64+0x86/0x230 [ 14.305796] kunit_try_run_case+0x1a5/0x480 [ 14.305818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.305840] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.305866] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.305891] ? __kthread_parkme+0x82/0x180 [ 14.305911] ? preempt_count_sub+0x50/0x80 [ 14.305936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.305958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.305983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.306018] kthread+0x337/0x6f0 [ 14.306046] ? trace_preempt_on+0x20/0xc0 [ 14.306070] ? __pfx_kthread+0x10/0x10 [ 14.306091] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.306115] ? calculate_sigpending+0x7b/0xa0 [ 14.306140] ? __pfx_kthread+0x10/0x10 [ 14.306162] ret_from_fork+0x116/0x1d0 [ 14.306181] ? __pfx_kthread+0x10/0x10 [ 14.306202] ret_from_fork_asm+0x1a/0x30 [ 14.306232] </TASK> [ 14.306244] [ 14.320933] Allocated by task 283: [ 14.321586] kasan_save_stack+0x45/0x70 [ 14.321785] kasan_save_track+0x18/0x40 [ 14.321977] kasan_save_alloc_info+0x3b/0x50 [ 14.322395] __kasan_kmalloc+0xb7/0xc0 [ 14.322672] __kmalloc_cache_noprof+0x189/0x420 [ 14.322870] kasan_atomics+0x95/0x310 [ 14.323213] kunit_try_run_case+0x1a5/0x480 [ 14.323410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.323668] kthread+0x337/0x6f0 [ 14.323962] ret_from_fork+0x116/0x1d0 [ 14.324351] ret_from_fork_asm+0x1a/0x30 [ 14.324643] [ 14.324771] The buggy address belongs to the object at ffff8881039bd780 [ 14.324771] which belongs to the cache kmalloc-64 of size 64 [ 14.325585] The buggy address is located 0 bytes to the right of [ 14.325585] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.326325] [ 14.326441] The buggy address belongs to the physical page: [ 14.326811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.327344] flags: 0x200000000000000(node=0|zone=2) [ 14.327554] page_type: f5(slab) [ 14.327735] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.328399] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.328944] page dumped because: kasan: bad access detected [ 14.329147] [ 14.329413] Memory state around the buggy address: [ 14.329606] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.330175] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.330555] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.330999] ^ [ 14.331307] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.331697] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.332209] ================================================================== [ 14.812336] ================================================================== [ 14.812718] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 14.813117] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.813494] [ 14.813621] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.813667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.813681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.813703] Call Trace: [ 14.813719] <TASK> [ 14.813735] dump_stack_lvl+0x73/0xb0 [ 14.813795] print_report+0xd1/0x650 [ 14.813819] ? __virt_addr_valid+0x1db/0x2d0 [ 14.813853] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.813876] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.813899] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.813922] kasan_report+0x141/0x180 [ 14.813945] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.813986] kasan_check_range+0x10c/0x1c0 [ 14.814010] __kasan_check_write+0x18/0x20 [ 14.814034] kasan_atomics_helper+0x20c8/0x5450 [ 14.814089] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.814113] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.814145] ? ret_from_fork_asm+0x1a/0x30 [ 14.814167] ? kasan_atomics+0x152/0x310 [ 14.814190] kasan_atomics+0x1dc/0x310 [ 14.814210] ? __pfx_kasan_atomics+0x10/0x10 [ 14.814231] ? __pfx_read_tsc+0x10/0x10 [ 14.814253] ? ktime_get_ts64+0x86/0x230 [ 14.814278] kunit_try_run_case+0x1a5/0x480 [ 14.814299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.814319] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.814344] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.814410] ? __kthread_parkme+0x82/0x180 [ 14.814432] ? preempt_count_sub+0x50/0x80 [ 14.814467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.814489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.814513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.814539] kthread+0x337/0x6f0 [ 14.814558] ? trace_preempt_on+0x20/0xc0 [ 14.814582] ? __pfx_kthread+0x10/0x10 [ 14.814603] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.814627] ? calculate_sigpending+0x7b/0xa0 [ 14.814650] ? __pfx_kthread+0x10/0x10 [ 14.814673] ret_from_fork+0x116/0x1d0 [ 14.814692] ? __pfx_kthread+0x10/0x10 [ 14.814713] ret_from_fork_asm+0x1a/0x30 [ 14.814743] </TASK> [ 14.814755] [ 14.822984] Allocated by task 283: [ 14.823209] kasan_save_stack+0x45/0x70 [ 14.823356] kasan_save_track+0x18/0x40 [ 14.823538] kasan_save_alloc_info+0x3b/0x50 [ 14.823793] __kasan_kmalloc+0xb7/0xc0 [ 14.824088] __kmalloc_cache_noprof+0x189/0x420 [ 14.824401] kasan_atomics+0x95/0x310 [ 14.824593] kunit_try_run_case+0x1a5/0x480 [ 14.824846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.825100] kthread+0x337/0x6f0 [ 14.825229] ret_from_fork+0x116/0x1d0 [ 14.825403] ret_from_fork_asm+0x1a/0x30 [ 14.825654] [ 14.825752] The buggy address belongs to the object at ffff8881039bd780 [ 14.825752] which belongs to the cache kmalloc-64 of size 64 [ 14.826392] The buggy address is located 0 bytes to the right of [ 14.826392] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.827142] [ 14.827217] The buggy address belongs to the physical page: [ 14.827399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.827719] flags: 0x200000000000000(node=0|zone=2) [ 14.827990] page_type: f5(slab) [ 14.828174] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.828534] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.829008] page dumped because: kasan: bad access detected [ 14.829256] [ 14.829329] Memory state around the buggy address: [ 14.829496] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.829911] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.830283] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.830615] ^ [ 14.830899] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.831217] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.831524] ================================================================== [ 13.994548] ================================================================== [ 13.995162] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 13.995956] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.996686] [ 13.996973] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.997024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.997038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.997059] Call Trace: [ 13.997073] <TASK> [ 13.997088] dump_stack_lvl+0x73/0xb0 [ 13.997115] print_report+0xd1/0x650 [ 13.997140] ? __virt_addr_valid+0x1db/0x2d0 [ 13.997163] ? kasan_atomics_helper+0x1079/0x5450 [ 13.997185] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.997209] ? kasan_atomics_helper+0x1079/0x5450 [ 13.997245] kasan_report+0x141/0x180 [ 13.997270] ? kasan_atomics_helper+0x1079/0x5450 [ 13.997298] kasan_check_range+0x10c/0x1c0 [ 13.997323] __kasan_check_write+0x18/0x20 [ 13.997343] kasan_atomics_helper+0x1079/0x5450 [ 13.997367] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.997402] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.997423] ? ret_from_fork_asm+0x1a/0x30 [ 13.997445] ? kasan_atomics+0x152/0x310 [ 13.997468] kasan_atomics+0x1dc/0x310 [ 13.997488] ? __pfx_kasan_atomics+0x10/0x10 [ 13.997510] ? __pfx_read_tsc+0x10/0x10 [ 13.997531] ? ktime_get_ts64+0x86/0x230 [ 13.997556] kunit_try_run_case+0x1a5/0x480 [ 13.997578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.997599] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.997624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.997649] ? __kthread_parkme+0x82/0x180 [ 13.997670] ? preempt_count_sub+0x50/0x80 [ 13.997694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.997715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.997789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.997813] kthread+0x337/0x6f0 [ 13.997834] ? trace_preempt_on+0x20/0xc0 [ 13.997858] ? __pfx_kthread+0x10/0x10 [ 13.997879] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.997903] ? calculate_sigpending+0x7b/0xa0 [ 13.997927] ? __pfx_kthread+0x10/0x10 [ 13.997948] ret_from_fork+0x116/0x1d0 [ 13.997968] ? __pfx_kthread+0x10/0x10 [ 13.997988] ret_from_fork_asm+0x1a/0x30 [ 13.998186] </TASK> [ 13.998200] [ 14.009482] Allocated by task 283: [ 14.009665] kasan_save_stack+0x45/0x70 [ 14.009845] kasan_save_track+0x18/0x40 [ 14.009987] kasan_save_alloc_info+0x3b/0x50 [ 14.010388] __kasan_kmalloc+0xb7/0xc0 [ 14.010768] __kmalloc_cache_noprof+0x189/0x420 [ 14.011277] kasan_atomics+0x95/0x310 [ 14.011638] kunit_try_run_case+0x1a5/0x480 [ 14.012137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.012653] kthread+0x337/0x6f0 [ 14.012997] ret_from_fork+0x116/0x1d0 [ 14.013426] ret_from_fork_asm+0x1a/0x30 [ 14.013673] [ 14.013805] The buggy address belongs to the object at ffff8881039bd780 [ 14.013805] which belongs to the cache kmalloc-64 of size 64 [ 14.015047] The buggy address is located 0 bytes to the right of [ 14.015047] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.015684] [ 14.015785] The buggy address belongs to the physical page: [ 14.015964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.016592] flags: 0x200000000000000(node=0|zone=2) [ 14.017201] page_type: f5(slab) [ 14.017538] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.018413] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.019063] page dumped because: kasan: bad access detected [ 14.019632] [ 14.019803] Memory state around the buggy address: [ 14.020140] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.020758] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.021320] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.021557] ^ [ 14.021727] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.022642] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.023410] ================================================================== [ 13.755884] ================================================================== [ 13.756436] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 13.756694] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.757118] [ 13.757209] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.757255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.757269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.757291] Call Trace: [ 13.757305] <TASK> [ 13.757321] dump_stack_lvl+0x73/0xb0 [ 13.757348] print_report+0xd1/0x650 [ 13.757373] ? __virt_addr_valid+0x1db/0x2d0 [ 13.757409] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.757431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.757454] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.757477] kasan_report+0x141/0x180 [ 13.757500] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.757528] kasan_check_range+0x10c/0x1c0 [ 13.757553] __kasan_check_write+0x18/0x20 [ 13.757574] kasan_atomics_helper+0xa2b/0x5450 [ 13.757597] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.757621] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.757644] ? ret_from_fork_asm+0x1a/0x30 [ 13.757667] ? kasan_atomics+0x152/0x310 [ 13.757691] kasan_atomics+0x1dc/0x310 [ 13.757712] ? __pfx_kasan_atomics+0x10/0x10 [ 13.757733] ? __pfx_read_tsc+0x10/0x10 [ 13.757776] ? ktime_get_ts64+0x86/0x230 [ 13.757802] kunit_try_run_case+0x1a5/0x480 [ 13.757824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.757844] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.757870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.757896] ? __kthread_parkme+0x82/0x180 [ 13.757916] ? preempt_count_sub+0x50/0x80 [ 13.757941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.757963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.758065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.758096] kthread+0x337/0x6f0 [ 13.758117] ? trace_preempt_on+0x20/0xc0 [ 13.758141] ? __pfx_kthread+0x10/0x10 [ 13.758163] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.758188] ? calculate_sigpending+0x7b/0xa0 [ 13.758213] ? __pfx_kthread+0x10/0x10 [ 13.758235] ret_from_fork+0x116/0x1d0 [ 13.758254] ? __pfx_kthread+0x10/0x10 [ 13.758276] ret_from_fork_asm+0x1a/0x30 [ 13.758308] </TASK> [ 13.758319] [ 13.766608] Allocated by task 283: [ 13.766821] kasan_save_stack+0x45/0x70 [ 13.767100] kasan_save_track+0x18/0x40 [ 13.767278] kasan_save_alloc_info+0x3b/0x50 [ 13.767481] __kasan_kmalloc+0xb7/0xc0 [ 13.767672] __kmalloc_cache_noprof+0x189/0x420 [ 13.767894] kasan_atomics+0x95/0x310 [ 13.768148] kunit_try_run_case+0x1a5/0x480 [ 13.768354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.768607] kthread+0x337/0x6f0 [ 13.768758] ret_from_fork+0x116/0x1d0 [ 13.768927] ret_from_fork_asm+0x1a/0x30 [ 13.769331] [ 13.769433] The buggy address belongs to the object at ffff8881039bd780 [ 13.769433] which belongs to the cache kmalloc-64 of size 64 [ 13.770075] The buggy address is located 0 bytes to the right of [ 13.770075] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.770542] [ 13.770623] The buggy address belongs to the physical page: [ 13.770829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.771423] flags: 0x200000000000000(node=0|zone=2) [ 13.771668] page_type: f5(slab) [ 13.771836] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.772200] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.772553] page dumped because: kasan: bad access detected [ 13.772844] [ 13.772944] Memory state around the buggy address: [ 13.773334] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.773640] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.773947] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.774340] ^ [ 13.774575] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.774887] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.775253] ================================================================== [ 14.435662] ================================================================== [ 14.436458] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.436894] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.437407] [ 14.437523] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.437650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.437666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.437689] Call Trace: [ 14.437707] <TASK> [ 14.437725] dump_stack_lvl+0x73/0xb0 [ 14.437755] print_report+0xd1/0x650 [ 14.437780] ? __virt_addr_valid+0x1db/0x2d0 [ 14.437802] ? kasan_atomics_helper+0x177f/0x5450 [ 14.437825] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.437848] ? kasan_atomics_helper+0x177f/0x5450 [ 14.437872] kasan_report+0x141/0x180 [ 14.437896] ? kasan_atomics_helper+0x177f/0x5450 [ 14.437923] kasan_check_range+0x10c/0x1c0 [ 14.437948] __kasan_check_write+0x18/0x20 [ 14.437969] kasan_atomics_helper+0x177f/0x5450 [ 14.437993] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.438016] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.438050] ? ret_from_fork_asm+0x1a/0x30 [ 14.438073] ? kasan_atomics+0x152/0x310 [ 14.438097] kasan_atomics+0x1dc/0x310 [ 14.438117] ? __pfx_kasan_atomics+0x10/0x10 [ 14.438139] ? __pfx_read_tsc+0x10/0x10 [ 14.438160] ? ktime_get_ts64+0x86/0x230 [ 14.438186] kunit_try_run_case+0x1a5/0x480 [ 14.438208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.438228] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.438254] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.438281] ? __kthread_parkme+0x82/0x180 [ 14.438303] ? preempt_count_sub+0x50/0x80 [ 14.438329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.438352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.438390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.438415] kthread+0x337/0x6f0 [ 14.438434] ? trace_preempt_on+0x20/0xc0 [ 14.438458] ? __pfx_kthread+0x10/0x10 [ 14.438480] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.438505] ? calculate_sigpending+0x7b/0xa0 [ 14.438529] ? __pfx_kthread+0x10/0x10 [ 14.438551] ret_from_fork+0x116/0x1d0 [ 14.438570] ? __pfx_kthread+0x10/0x10 [ 14.438592] ret_from_fork_asm+0x1a/0x30 [ 14.438623] </TASK> [ 14.438635] [ 14.447233] Allocated by task 283: [ 14.447442] kasan_save_stack+0x45/0x70 [ 14.447592] kasan_save_track+0x18/0x40 [ 14.447739] kasan_save_alloc_info+0x3b/0x50 [ 14.448108] __kasan_kmalloc+0xb7/0xc0 [ 14.448299] __kmalloc_cache_noprof+0x189/0x420 [ 14.448478] kasan_atomics+0x95/0x310 [ 14.448611] kunit_try_run_case+0x1a5/0x480 [ 14.448801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.449123] kthread+0x337/0x6f0 [ 14.449297] ret_from_fork+0x116/0x1d0 [ 14.449500] ret_from_fork_asm+0x1a/0x30 [ 14.449747] [ 14.449876] The buggy address belongs to the object at ffff8881039bd780 [ 14.449876] which belongs to the cache kmalloc-64 of size 64 [ 14.450353] The buggy address is located 0 bytes to the right of [ 14.450353] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.451011] [ 14.451127] The buggy address belongs to the physical page: [ 14.451410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.451798] flags: 0x200000000000000(node=0|zone=2) [ 14.452035] page_type: f5(slab) [ 14.452226] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.452568] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.452973] page dumped because: kasan: bad access detected [ 14.453248] [ 14.453344] Memory state around the buggy address: [ 14.453585] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.453977] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.454312] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.454637] ^ [ 14.454889] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.455211] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.455564] ================================================================== [ 13.834332] ================================================================== [ 13.834605] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 13.834950] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.835452] [ 13.835572] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.835619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.835631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.835654] Call Trace: [ 13.835667] <TASK> [ 13.835682] dump_stack_lvl+0x73/0xb0 [ 13.835710] print_report+0xd1/0x650 [ 13.835734] ? __virt_addr_valid+0x1db/0x2d0 [ 13.835756] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.835779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.835803] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.835825] kasan_report+0x141/0x180 [ 13.835870] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.835898] __asan_report_load4_noabort+0x18/0x20 [ 13.835919] kasan_atomics_helper+0x4a84/0x5450 [ 13.835942] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.835966] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.836087] ? ret_from_fork_asm+0x1a/0x30 [ 13.836117] ? kasan_atomics+0x152/0x310 [ 13.836142] kasan_atomics+0x1dc/0x310 [ 13.836163] ? __pfx_kasan_atomics+0x10/0x10 [ 13.836184] ? __pfx_read_tsc+0x10/0x10 [ 13.836206] ? ktime_get_ts64+0x86/0x230 [ 13.836231] kunit_try_run_case+0x1a5/0x480 [ 13.836253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.836274] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.836299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.836325] ? __kthread_parkme+0x82/0x180 [ 13.836347] ? preempt_count_sub+0x50/0x80 [ 13.836371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.836404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.836429] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.836454] kthread+0x337/0x6f0 [ 13.836475] ? trace_preempt_on+0x20/0xc0 [ 13.836499] ? __pfx_kthread+0x10/0x10 [ 13.836520] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.836544] ? calculate_sigpending+0x7b/0xa0 [ 13.836568] ? __pfx_kthread+0x10/0x10 [ 13.836589] ret_from_fork+0x116/0x1d0 [ 13.836609] ? __pfx_kthread+0x10/0x10 [ 13.836630] ret_from_fork_asm+0x1a/0x30 [ 13.836660] </TASK> [ 13.836671] [ 13.844596] Allocated by task 283: [ 13.844812] kasan_save_stack+0x45/0x70 [ 13.845126] kasan_save_track+0x18/0x40 [ 13.845332] kasan_save_alloc_info+0x3b/0x50 [ 13.845539] __kasan_kmalloc+0xb7/0xc0 [ 13.845764] __kmalloc_cache_noprof+0x189/0x420 [ 13.845938] kasan_atomics+0x95/0x310 [ 13.846149] kunit_try_run_case+0x1a5/0x480 [ 13.846369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.846640] kthread+0x337/0x6f0 [ 13.846847] ret_from_fork+0x116/0x1d0 [ 13.847311] ret_from_fork_asm+0x1a/0x30 [ 13.847541] [ 13.847628] The buggy address belongs to the object at ffff8881039bd780 [ 13.847628] which belongs to the cache kmalloc-64 of size 64 [ 13.848240] The buggy address is located 0 bytes to the right of [ 13.848240] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.848710] [ 13.848810] The buggy address belongs to the physical page: [ 13.849071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.849450] flags: 0x200000000000000(node=0|zone=2) [ 13.849686] page_type: f5(slab) [ 13.849881] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.850274] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.850522] page dumped because: kasan: bad access detected [ 13.850777] [ 13.850874] Memory state around the buggy address: [ 13.851291] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.851645] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.851963] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.852326] ^ [ 13.852548] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.852859] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.853235] ================================================================== [ 14.223361] ================================================================== [ 14.224126] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.224448] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.224674] [ 14.224799] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.224847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.224860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.224883] Call Trace: [ 14.224899] <TASK> [ 14.224915] dump_stack_lvl+0x73/0xb0 [ 14.224942] print_report+0xd1/0x650 [ 14.224965] ? __virt_addr_valid+0x1db/0x2d0 [ 14.224988] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.225011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.225034] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.225228] kasan_report+0x141/0x180 [ 14.225260] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.225289] kasan_check_range+0x10c/0x1c0 [ 14.225314] __kasan_check_read+0x15/0x20 [ 14.225336] kasan_atomics_helper+0x13b5/0x5450 [ 14.225360] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.225399] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.225420] ? ret_from_fork_asm+0x1a/0x30 [ 14.225442] ? kasan_atomics+0x152/0x310 [ 14.225466] kasan_atomics+0x1dc/0x310 [ 14.225486] ? __pfx_kasan_atomics+0x10/0x10 [ 14.225508] ? __pfx_read_tsc+0x10/0x10 [ 14.225529] ? ktime_get_ts64+0x86/0x230 [ 14.225555] kunit_try_run_case+0x1a5/0x480 [ 14.225577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.225597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.225622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.225649] ? __kthread_parkme+0x82/0x180 [ 14.225670] ? preempt_count_sub+0x50/0x80 [ 14.225694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.225716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.225740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.225765] kthread+0x337/0x6f0 [ 14.225785] ? trace_preempt_on+0x20/0xc0 [ 14.225808] ? __pfx_kthread+0x10/0x10 [ 14.225829] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.225853] ? calculate_sigpending+0x7b/0xa0 [ 14.225877] ? __pfx_kthread+0x10/0x10 [ 14.225899] ret_from_fork+0x116/0x1d0 [ 14.225918] ? __pfx_kthread+0x10/0x10 [ 14.225939] ret_from_fork_asm+0x1a/0x30 [ 14.225969] </TASK> [ 14.225981] [ 14.239574] Allocated by task 283: [ 14.239807] kasan_save_stack+0x45/0x70 [ 14.240026] kasan_save_track+0x18/0x40 [ 14.240230] kasan_save_alloc_info+0x3b/0x50 [ 14.240392] __kasan_kmalloc+0xb7/0xc0 [ 14.240528] __kmalloc_cache_noprof+0x189/0x420 [ 14.240734] kasan_atomics+0x95/0x310 [ 14.240917] kunit_try_run_case+0x1a5/0x480 [ 14.241403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.241648] kthread+0x337/0x6f0 [ 14.241830] ret_from_fork+0x116/0x1d0 [ 14.242000] ret_from_fork_asm+0x1a/0x30 [ 14.242146] [ 14.242218] The buggy address belongs to the object at ffff8881039bd780 [ 14.242218] which belongs to the cache kmalloc-64 of size 64 [ 14.242933] The buggy address is located 0 bytes to the right of [ 14.242933] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.243439] [ 14.243557] The buggy address belongs to the physical page: [ 14.243816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.244143] flags: 0x200000000000000(node=0|zone=2) [ 14.244371] page_type: f5(slab) [ 14.244533] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.244872] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.245187] page dumped because: kasan: bad access detected [ 14.245371] [ 14.245453] Memory state around the buggy address: [ 14.245688] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.246041] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.246302] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.246625] ^ [ 14.246834] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.247243] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.247560] ================================================================== [ 14.273556] ================================================================== [ 14.273905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.274334] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.274602] [ 14.274689] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.274733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.274746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.274767] Call Trace: [ 14.274784] <TASK> [ 14.274801] dump_stack_lvl+0x73/0xb0 [ 14.274828] print_report+0xd1/0x650 [ 14.274852] ? __virt_addr_valid+0x1db/0x2d0 [ 14.274874] ? kasan_atomics_helper+0x1467/0x5450 [ 14.274897] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.274920] ? kasan_atomics_helper+0x1467/0x5450 [ 14.274943] kasan_report+0x141/0x180 [ 14.274967] ? kasan_atomics_helper+0x1467/0x5450 [ 14.274996] kasan_check_range+0x10c/0x1c0 [ 14.275022] __kasan_check_write+0x18/0x20 [ 14.275042] kasan_atomics_helper+0x1467/0x5450 [ 14.275066] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.275089] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.275110] ? ret_from_fork_asm+0x1a/0x30 [ 14.275131] ? kasan_atomics+0x152/0x310 [ 14.275157] kasan_atomics+0x1dc/0x310 [ 14.275176] ? __pfx_kasan_atomics+0x10/0x10 [ 14.275198] ? __pfx_read_tsc+0x10/0x10 [ 14.275219] ? ktime_get_ts64+0x86/0x230 [ 14.275245] kunit_try_run_case+0x1a5/0x480 [ 14.275267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.275287] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.275313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.275340] ? __kthread_parkme+0x82/0x180 [ 14.275360] ? preempt_count_sub+0x50/0x80 [ 14.275393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.275415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.275439] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.275464] kthread+0x337/0x6f0 [ 14.275484] ? trace_preempt_on+0x20/0xc0 [ 14.275509] ? __pfx_kthread+0x10/0x10 [ 14.275530] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.275554] ? calculate_sigpending+0x7b/0xa0 [ 14.275579] ? __pfx_kthread+0x10/0x10 [ 14.275601] ret_from_fork+0x116/0x1d0 [ 14.275620] ? __pfx_kthread+0x10/0x10 [ 14.275641] ret_from_fork_asm+0x1a/0x30 [ 14.275673] </TASK> [ 14.275683] [ 14.288285] Allocated by task 283: [ 14.289019] kasan_save_stack+0x45/0x70 [ 14.289186] kasan_save_track+0x18/0x40 [ 14.289330] kasan_save_alloc_info+0x3b/0x50 [ 14.289495] __kasan_kmalloc+0xb7/0xc0 [ 14.289632] __kmalloc_cache_noprof+0x189/0x420 [ 14.290220] kasan_atomics+0x95/0x310 [ 14.290369] kunit_try_run_case+0x1a5/0x480 [ 14.290650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.290946] kthread+0x337/0x6f0 [ 14.291146] ret_from_fork+0x116/0x1d0 [ 14.291423] ret_from_fork_asm+0x1a/0x30 [ 14.291626] [ 14.291746] The buggy address belongs to the object at ffff8881039bd780 [ 14.291746] which belongs to the cache kmalloc-64 of size 64 [ 14.293070] The buggy address is located 0 bytes to the right of [ 14.293070] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.294033] [ 14.294156] The buggy address belongs to the physical page: [ 14.294501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.295105] flags: 0x200000000000000(node=0|zone=2) [ 14.295279] page_type: f5(slab) [ 14.295617] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.296427] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.296668] page dumped because: kasan: bad access detected [ 14.297386] [ 14.297649] Memory state around the buggy address: [ 14.298265] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.298884] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.299528] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.300240] ^ [ 14.300754] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.301270] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.301505] ================================================================== [ 14.587853] ================================================================== [ 14.588464] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 14.588838] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.589321] [ 14.589641] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.589691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.589705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.589728] Call Trace: [ 14.589762] <TASK> [ 14.589778] dump_stack_lvl+0x73/0xb0 [ 14.589807] print_report+0xd1/0x650 [ 14.589833] ? __virt_addr_valid+0x1db/0x2d0 [ 14.589856] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.589880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.589904] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.589927] kasan_report+0x141/0x180 [ 14.589951] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.589978] kasan_check_range+0x10c/0x1c0 [ 14.590003] __kasan_check_write+0x18/0x20 [ 14.590023] kasan_atomics_helper+0x1c18/0x5450 [ 14.590053] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.590077] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.590098] ? ret_from_fork_asm+0x1a/0x30 [ 14.590120] ? kasan_atomics+0x152/0x310 [ 14.590144] kasan_atomics+0x1dc/0x310 [ 14.590164] ? __pfx_kasan_atomics+0x10/0x10 [ 14.590185] ? __pfx_read_tsc+0x10/0x10 [ 14.590206] ? ktime_get_ts64+0x86/0x230 [ 14.590231] kunit_try_run_case+0x1a5/0x480 [ 14.590255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.590276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.590302] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.590328] ? __kthread_parkme+0x82/0x180 [ 14.590349] ? preempt_count_sub+0x50/0x80 [ 14.590373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.590409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.590433] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.590459] kthread+0x337/0x6f0 [ 14.590479] ? trace_preempt_on+0x20/0xc0 [ 14.590502] ? __pfx_kthread+0x10/0x10 [ 14.590523] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.590547] ? calculate_sigpending+0x7b/0xa0 [ 14.590571] ? __pfx_kthread+0x10/0x10 [ 14.590593] ret_from_fork+0x116/0x1d0 [ 14.590612] ? __pfx_kthread+0x10/0x10 [ 14.590635] ret_from_fork_asm+0x1a/0x30 [ 14.590666] </TASK> [ 14.590678] [ 14.599977] Allocated by task 283: [ 14.600158] kasan_save_stack+0x45/0x70 [ 14.600358] kasan_save_track+0x18/0x40 [ 14.600556] kasan_save_alloc_info+0x3b/0x50 [ 14.600788] __kasan_kmalloc+0xb7/0xc0 [ 14.600968] __kmalloc_cache_noprof+0x189/0x420 [ 14.601176] kasan_atomics+0x95/0x310 [ 14.601352] kunit_try_run_case+0x1a5/0x480 [ 14.601558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.601883] kthread+0x337/0x6f0 [ 14.602044] ret_from_fork+0x116/0x1d0 [ 14.602221] ret_from_fork_asm+0x1a/0x30 [ 14.602907] [ 14.603146] The buggy address belongs to the object at ffff8881039bd780 [ 14.603146] which belongs to the cache kmalloc-64 of size 64 [ 14.604090] The buggy address is located 0 bytes to the right of [ 14.604090] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.604884] [ 14.605111] The buggy address belongs to the physical page: [ 14.605535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.606241] flags: 0x200000000000000(node=0|zone=2) [ 14.606660] page_type: f5(slab) [ 14.606963] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.607597] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.608063] page dumped because: kasan: bad access detected [ 14.608309] [ 14.608421] Memory state around the buggy address: [ 14.608631] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.609332] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.610032] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.610535] ^ [ 14.610986] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.611493] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.611953] ================================================================== [ 13.814782] ================================================================== [ 13.815106] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 13.815369] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.815923] [ 13.816113] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.816162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.816175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.816198] Call Trace: [ 13.816213] <TASK> [ 13.816227] dump_stack_lvl+0x73/0xb0 [ 13.816255] print_report+0xd1/0x650 [ 13.816279] ? __virt_addr_valid+0x1db/0x2d0 [ 13.816302] ? kasan_atomics_helper+0xc70/0x5450 [ 13.816324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.816347] ? kasan_atomics_helper+0xc70/0x5450 [ 13.816369] kasan_report+0x141/0x180 [ 13.816405] ? kasan_atomics_helper+0xc70/0x5450 [ 13.816433] kasan_check_range+0x10c/0x1c0 [ 13.816458] __kasan_check_write+0x18/0x20 [ 13.816478] kasan_atomics_helper+0xc70/0x5450 [ 13.816503] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.816526] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.816547] ? ret_from_fork_asm+0x1a/0x30 [ 13.816569] ? kasan_atomics+0x152/0x310 [ 13.816593] kasan_atomics+0x1dc/0x310 [ 13.816614] ? __pfx_kasan_atomics+0x10/0x10 [ 13.816635] ? __pfx_read_tsc+0x10/0x10 [ 13.816657] ? ktime_get_ts64+0x86/0x230 [ 13.816683] kunit_try_run_case+0x1a5/0x480 [ 13.816705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.816725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.816771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.816796] ? __kthread_parkme+0x82/0x180 [ 13.816818] ? preempt_count_sub+0x50/0x80 [ 13.816843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.816865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.816890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.816915] kthread+0x337/0x6f0 [ 13.816935] ? trace_preempt_on+0x20/0xc0 [ 13.816959] ? __pfx_kthread+0x10/0x10 [ 13.816981] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.817094] ? calculate_sigpending+0x7b/0xa0 [ 13.817119] ? __pfx_kthread+0x10/0x10 [ 13.817142] ret_from_fork+0x116/0x1d0 [ 13.817162] ? __pfx_kthread+0x10/0x10 [ 13.817184] ret_from_fork_asm+0x1a/0x30 [ 13.817215] </TASK> [ 13.817226] [ 13.825519] Allocated by task 283: [ 13.825685] kasan_save_stack+0x45/0x70 [ 13.825860] kasan_save_track+0x18/0x40 [ 13.826050] kasan_save_alloc_info+0x3b/0x50 [ 13.826249] __kasan_kmalloc+0xb7/0xc0 [ 13.826542] __kmalloc_cache_noprof+0x189/0x420 [ 13.826774] kasan_atomics+0x95/0x310 [ 13.826944] kunit_try_run_case+0x1a5/0x480 [ 13.827262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.827499] kthread+0x337/0x6f0 [ 13.827672] ret_from_fork+0x116/0x1d0 [ 13.827882] ret_from_fork_asm+0x1a/0x30 [ 13.828184] [ 13.828285] The buggy address belongs to the object at ffff8881039bd780 [ 13.828285] which belongs to the cache kmalloc-64 of size 64 [ 13.828730] The buggy address is located 0 bytes to the right of [ 13.828730] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.829305] [ 13.829421] The buggy address belongs to the physical page: [ 13.829684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.830167] flags: 0x200000000000000(node=0|zone=2) [ 13.830385] page_type: f5(slab) [ 13.830536] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.830876] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.831325] page dumped because: kasan: bad access detected [ 13.831521] [ 13.831594] Memory state around the buggy address: [ 13.831846] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.832270] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.832614] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.832887] ^ [ 13.833182] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.833525] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.833828] ================================================================== [ 13.618060] ================================================================== [ 13.618440] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 13.618791] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.619155] [ 13.619242] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.619285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.619297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.619320] Call Trace: [ 13.619335] <TASK> [ 13.619349] dump_stack_lvl+0x73/0xb0 [ 13.619387] print_report+0xd1/0x650 [ 13.619411] ? __virt_addr_valid+0x1db/0x2d0 [ 13.619434] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.619458] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.619482] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.619505] kasan_report+0x141/0x180 [ 13.619529] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.619556] kasan_check_range+0x10c/0x1c0 [ 13.619581] __kasan_check_write+0x18/0x20 [ 13.619601] kasan_atomics_helper+0x5fe/0x5450 [ 13.619625] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.619649] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.619669] ? ret_from_fork_asm+0x1a/0x30 [ 13.619691] ? kasan_atomics+0x152/0x310 [ 13.619715] kasan_atomics+0x1dc/0x310 [ 13.619735] ? __pfx_kasan_atomics+0x10/0x10 [ 13.619757] ? __pfx_read_tsc+0x10/0x10 [ 13.619778] ? ktime_get_ts64+0x86/0x230 [ 13.619803] kunit_try_run_case+0x1a5/0x480 [ 13.619825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.619845] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.619871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.619896] ? __kthread_parkme+0x82/0x180 [ 13.619918] ? preempt_count_sub+0x50/0x80 [ 13.619943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.619965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.619990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.620016] kthread+0x337/0x6f0 [ 13.620036] ? trace_preempt_on+0x20/0xc0 [ 13.620060] ? __pfx_kthread+0x10/0x10 [ 13.620082] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.620117] ? calculate_sigpending+0x7b/0xa0 [ 13.620142] ? __pfx_kthread+0x10/0x10 [ 13.620164] ret_from_fork+0x116/0x1d0 [ 13.620184] ? __pfx_kthread+0x10/0x10 [ 13.620205] ret_from_fork_asm+0x1a/0x30 [ 13.620237] </TASK> [ 13.620249] [ 13.628659] Allocated by task 283: [ 13.628799] kasan_save_stack+0x45/0x70 [ 13.628947] kasan_save_track+0x18/0x40 [ 13.629213] kasan_save_alloc_info+0x3b/0x50 [ 13.629617] __kasan_kmalloc+0xb7/0xc0 [ 13.629866] __kmalloc_cache_noprof+0x189/0x420 [ 13.630022] kasan_atomics+0x95/0x310 [ 13.630159] kunit_try_run_case+0x1a5/0x480 [ 13.630305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.630567] kthread+0x337/0x6f0 [ 13.630732] ret_from_fork+0x116/0x1d0 [ 13.630923] ret_from_fork_asm+0x1a/0x30 [ 13.631126] [ 13.631243] The buggy address belongs to the object at ffff8881039bd780 [ 13.631243] which belongs to the cache kmalloc-64 of size 64 [ 13.631984] The buggy address is located 0 bytes to the right of [ 13.631984] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.632553] [ 13.632633] The buggy address belongs to the physical page: [ 13.632836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.633258] flags: 0x200000000000000(node=0|zone=2) [ 13.633486] page_type: f5(slab) [ 13.633609] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.633849] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.634360] page dumped because: kasan: bad access detected [ 13.634627] [ 13.634724] Memory state around the buggy address: [ 13.635265] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.635560] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.635880] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.636247] ^ [ 13.636485] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.636837] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.637131] ================================================================== [ 13.460372] ================================================================== [ 13.460763] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 13.461296] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.461655] [ 13.461776] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.461822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.461834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.461856] Call Trace: [ 13.461867] <TASK> [ 13.461883] dump_stack_lvl+0x73/0xb0 [ 13.461909] print_report+0xd1/0x650 [ 13.461932] ? __virt_addr_valid+0x1db/0x2d0 [ 13.461954] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.461975] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.461998] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.462043] kasan_report+0x141/0x180 [ 13.462065] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.462092] __asan_report_store4_noabort+0x1b/0x30 [ 13.462113] kasan_atomics_helper+0x4ba2/0x5450 [ 13.462136] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.462159] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.462180] ? ret_from_fork_asm+0x1a/0x30 [ 13.462202] ? kasan_atomics+0x152/0x310 [ 13.462225] kasan_atomics+0x1dc/0x310 [ 13.462244] ? __pfx_kasan_atomics+0x10/0x10 [ 13.462265] ? __pfx_read_tsc+0x10/0x10 [ 13.462285] ? ktime_get_ts64+0x86/0x230 [ 13.462310] kunit_try_run_case+0x1a5/0x480 [ 13.462331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.462350] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.462384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.462409] ? __kthread_parkme+0x82/0x180 [ 13.462430] ? preempt_count_sub+0x50/0x80 [ 13.462453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.462474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.462498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.462523] kthread+0x337/0x6f0 [ 13.462542] ? trace_preempt_on+0x20/0xc0 [ 13.462565] ? __pfx_kthread+0x10/0x10 [ 13.462586] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.462608] ? calculate_sigpending+0x7b/0xa0 [ 13.462632] ? __pfx_kthread+0x10/0x10 [ 13.462653] ret_from_fork+0x116/0x1d0 [ 13.462672] ? __pfx_kthread+0x10/0x10 [ 13.462693] ret_from_fork_asm+0x1a/0x30 [ 13.462722] </TASK> [ 13.462732] [ 13.470262] Allocated by task 283: [ 13.470404] kasan_save_stack+0x45/0x70 [ 13.470548] kasan_save_track+0x18/0x40 [ 13.470873] kasan_save_alloc_info+0x3b/0x50 [ 13.471211] __kasan_kmalloc+0xb7/0xc0 [ 13.471411] __kmalloc_cache_noprof+0x189/0x420 [ 13.471626] kasan_atomics+0x95/0x310 [ 13.471967] kunit_try_run_case+0x1a5/0x480 [ 13.472211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.472414] kthread+0x337/0x6f0 [ 13.472588] ret_from_fork+0x116/0x1d0 [ 13.472827] ret_from_fork_asm+0x1a/0x30 [ 13.473071] [ 13.473156] The buggy address belongs to the object at ffff8881039bd780 [ 13.473156] which belongs to the cache kmalloc-64 of size 64 [ 13.473598] The buggy address is located 0 bytes to the right of [ 13.473598] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.473966] [ 13.474066] The buggy address belongs to the physical page: [ 13.474318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.474794] flags: 0x200000000000000(node=0|zone=2) [ 13.475211] page_type: f5(slab) [ 13.475349] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.475596] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.476013] page dumped because: kasan: bad access detected [ 13.476273] [ 13.476368] Memory state around the buggy address: [ 13.476780] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.477090] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.477461] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.477693] ^ [ 13.477923] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.478301] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.478583] ================================================================== [ 14.165223] ================================================================== [ 14.165781] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.166084] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.166735] [ 14.166911] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.166958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.166972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.166994] Call Trace: [ 14.167007] <TASK> [ 14.167038] dump_stack_lvl+0x73/0xb0 [ 14.167065] print_report+0xd1/0x650 [ 14.167089] ? __virt_addr_valid+0x1db/0x2d0 [ 14.167111] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.167134] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.167157] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.167180] kasan_report+0x141/0x180 [ 14.167203] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.167230] kasan_check_range+0x10c/0x1c0 [ 14.167255] __kasan_check_write+0x18/0x20 [ 14.167275] kasan_atomics_helper+0x12e6/0x5450 [ 14.167299] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.167322] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.167343] ? ret_from_fork_asm+0x1a/0x30 [ 14.167365] ? kasan_atomics+0x152/0x310 [ 14.167398] kasan_atomics+0x1dc/0x310 [ 14.167418] ? __pfx_kasan_atomics+0x10/0x10 [ 14.167441] ? __pfx_read_tsc+0x10/0x10 [ 14.167462] ? ktime_get_ts64+0x86/0x230 [ 14.167488] kunit_try_run_case+0x1a5/0x480 [ 14.167510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.167530] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.167555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.167581] ? __kthread_parkme+0x82/0x180 [ 14.167602] ? preempt_count_sub+0x50/0x80 [ 14.167627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.167648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.167673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.167699] kthread+0x337/0x6f0 [ 14.167735] ? trace_preempt_on+0x20/0xc0 [ 14.167760] ? __pfx_kthread+0x10/0x10 [ 14.167783] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.167807] ? calculate_sigpending+0x7b/0xa0 [ 14.167830] ? __pfx_kthread+0x10/0x10 [ 14.167852] ret_from_fork+0x116/0x1d0 [ 14.167872] ? __pfx_kthread+0x10/0x10 [ 14.167893] ret_from_fork_asm+0x1a/0x30 [ 14.167924] </TASK> [ 14.167936] [ 14.181904] Allocated by task 283: [ 14.182396] kasan_save_stack+0x45/0x70 [ 14.182706] kasan_save_track+0x18/0x40 [ 14.182923] kasan_save_alloc_info+0x3b/0x50 [ 14.183330] __kasan_kmalloc+0xb7/0xc0 [ 14.183535] __kmalloc_cache_noprof+0x189/0x420 [ 14.183923] kasan_atomics+0x95/0x310 [ 14.184550] kunit_try_run_case+0x1a5/0x480 [ 14.184934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.185352] kthread+0x337/0x6f0 [ 14.185530] ret_from_fork+0x116/0x1d0 [ 14.185705] ret_from_fork_asm+0x1a/0x30 [ 14.186242] [ 14.186495] The buggy address belongs to the object at ffff8881039bd780 [ 14.186495] which belongs to the cache kmalloc-64 of size 64 [ 14.187353] The buggy address is located 0 bytes to the right of [ 14.187353] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.187864] [ 14.188282] The buggy address belongs to the physical page: [ 14.188510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.188890] flags: 0x200000000000000(node=0|zone=2) [ 14.189229] page_type: f5(slab) [ 14.189413] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.189663] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.190054] page dumped because: kasan: bad access detected [ 14.190254] [ 14.190356] Memory state around the buggy address: [ 14.190653] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.191165] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.191479] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.191743] ^ [ 14.191978] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.192226] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.192548] ================================================================== [ 14.539232] ================================================================== [ 14.539630] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 14.540002] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.540356] [ 14.540509] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.540553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.540567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.540588] Call Trace: [ 14.540603] <TASK> [ 14.540651] dump_stack_lvl+0x73/0xb0 [ 14.540679] print_report+0xd1/0x650 [ 14.540703] ? __virt_addr_valid+0x1db/0x2d0 [ 14.540738] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.540761] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.540816] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.540842] kasan_report+0x141/0x180 [ 14.540866] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.540893] kasan_check_range+0x10c/0x1c0 [ 14.540918] __kasan_check_write+0x18/0x20 [ 14.540938] kasan_atomics_helper+0x1a7f/0x5450 [ 14.540992] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.541016] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.541037] ? ret_from_fork_asm+0x1a/0x30 [ 14.541059] ? kasan_atomics+0x152/0x310 [ 14.541084] kasan_atomics+0x1dc/0x310 [ 14.541134] ? __pfx_kasan_atomics+0x10/0x10 [ 14.541156] ? __pfx_read_tsc+0x10/0x10 [ 14.541177] ? ktime_get_ts64+0x86/0x230 [ 14.541203] kunit_try_run_case+0x1a5/0x480 [ 14.541225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.541275] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.541301] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.541326] ? __kthread_parkme+0x82/0x180 [ 14.541348] ? preempt_count_sub+0x50/0x80 [ 14.541413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.541436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.541461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.541485] kthread+0x337/0x6f0 [ 14.541505] ? trace_preempt_on+0x20/0xc0 [ 14.541559] ? __pfx_kthread+0x10/0x10 [ 14.541580] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.541604] ? calculate_sigpending+0x7b/0xa0 [ 14.541629] ? __pfx_kthread+0x10/0x10 [ 14.541679] ret_from_fork+0x116/0x1d0 [ 14.541699] ? __pfx_kthread+0x10/0x10 [ 14.541729] ret_from_fork_asm+0x1a/0x30 [ 14.541760] </TASK> [ 14.541800] [ 14.549814] Allocated by task 283: [ 14.550018] kasan_save_stack+0x45/0x70 [ 14.550223] kasan_save_track+0x18/0x40 [ 14.550451] kasan_save_alloc_info+0x3b/0x50 [ 14.550687] __kasan_kmalloc+0xb7/0xc0 [ 14.550872] __kmalloc_cache_noprof+0x189/0x420 [ 14.551028] kasan_atomics+0x95/0x310 [ 14.551169] kunit_try_run_case+0x1a5/0x480 [ 14.551424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.551721] kthread+0x337/0x6f0 [ 14.551981] ret_from_fork+0x116/0x1d0 [ 14.552194] ret_from_fork_asm+0x1a/0x30 [ 14.552405] [ 14.552538] The buggy address belongs to the object at ffff8881039bd780 [ 14.552538] which belongs to the cache kmalloc-64 of size 64 [ 14.553115] The buggy address is located 0 bytes to the right of [ 14.553115] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.553646] [ 14.554755] The buggy address belongs to the physical page: [ 14.555575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.555836] flags: 0x200000000000000(node=0|zone=2) [ 14.556008] page_type: f5(slab) [ 14.556133] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.557002] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.557676] page dumped because: kasan: bad access detected [ 14.558077] [ 14.558350] Memory state around the buggy address: [ 14.558793] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.559243] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.559546] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.560126] ^ [ 14.560598] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.561246] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.561845] ================================================================== [ 13.499089] ================================================================== [ 13.499411] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 13.499670] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.499916] [ 13.500041] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.500085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.500098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.500120] Call Trace: [ 13.500133] <TASK> [ 13.500148] dump_stack_lvl+0x73/0xb0 [ 13.500174] print_report+0xd1/0x650 [ 13.500197] ? __virt_addr_valid+0x1db/0x2d0 [ 13.500220] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.500242] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.500266] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.500289] kasan_report+0x141/0x180 [ 13.500311] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.500339] __asan_report_store4_noabort+0x1b/0x30 [ 13.500361] kasan_atomics_helper+0x4b6e/0x5450 [ 13.500582] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.500614] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.500636] ? ret_from_fork_asm+0x1a/0x30 [ 13.500659] ? kasan_atomics+0x152/0x310 [ 13.500684] kasan_atomics+0x1dc/0x310 [ 13.500705] ? __pfx_kasan_atomics+0x10/0x10 [ 13.500726] ? __pfx_read_tsc+0x10/0x10 [ 13.500749] ? ktime_get_ts64+0x86/0x230 [ 13.500774] kunit_try_run_case+0x1a5/0x480 [ 13.500797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.500817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.500843] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.500869] ? __kthread_parkme+0x82/0x180 [ 13.500890] ? preempt_count_sub+0x50/0x80 [ 13.500914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.500936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.500962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.500987] kthread+0x337/0x6f0 [ 13.501008] ? trace_preempt_on+0x20/0xc0 [ 13.501033] ? __pfx_kthread+0x10/0x10 [ 13.501397] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.501427] ? calculate_sigpending+0x7b/0xa0 [ 13.501451] ? __pfx_kthread+0x10/0x10 [ 13.501474] ret_from_fork+0x116/0x1d0 [ 13.501496] ? __pfx_kthread+0x10/0x10 [ 13.501518] ret_from_fork_asm+0x1a/0x30 [ 13.501549] </TASK> [ 13.501561] [ 13.510163] Allocated by task 283: [ 13.510363] kasan_save_stack+0x45/0x70 [ 13.510704] kasan_save_track+0x18/0x40 [ 13.510911] kasan_save_alloc_info+0x3b/0x50 [ 13.511246] __kasan_kmalloc+0xb7/0xc0 [ 13.511437] __kmalloc_cache_noprof+0x189/0x420 [ 13.511601] kasan_atomics+0x95/0x310 [ 13.511734] kunit_try_run_case+0x1a5/0x480 [ 13.511925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.512185] kthread+0x337/0x6f0 [ 13.512433] ret_from_fork+0x116/0x1d0 [ 13.512835] ret_from_fork_asm+0x1a/0x30 [ 13.513020] [ 13.513156] The buggy address belongs to the object at ffff8881039bd780 [ 13.513156] which belongs to the cache kmalloc-64 of size 64 [ 13.513673] The buggy address is located 0 bytes to the right of [ 13.513673] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.514107] [ 13.514349] The buggy address belongs to the physical page: [ 13.514577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.514820] flags: 0x200000000000000(node=0|zone=2) [ 13.514984] page_type: f5(slab) [ 13.515122] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.515473] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.515816] page dumped because: kasan: bad access detected [ 13.516508] [ 13.516602] Memory state around the buggy address: [ 13.516896] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.517242] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.517485] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.517757] ^ [ 13.518003] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.518478] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.518893] ================================================================== [ 14.111831] ================================================================== [ 14.112269] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.112536] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.112888] [ 14.112992] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.113080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.113094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.113115] Call Trace: [ 14.113132] <TASK> [ 14.113147] dump_stack_lvl+0x73/0xb0 [ 14.113174] print_report+0xd1/0x650 [ 14.113198] ? __virt_addr_valid+0x1db/0x2d0 [ 14.113221] ? kasan_atomics_helper+0x1217/0x5450 [ 14.113244] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.113267] ? kasan_atomics_helper+0x1217/0x5450 [ 14.113290] kasan_report+0x141/0x180 [ 14.113313] ? kasan_atomics_helper+0x1217/0x5450 [ 14.113341] kasan_check_range+0x10c/0x1c0 [ 14.113366] __kasan_check_write+0x18/0x20 [ 14.113398] kasan_atomics_helper+0x1217/0x5450 [ 14.113422] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.113445] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.113466] ? ret_from_fork_asm+0x1a/0x30 [ 14.113488] ? kasan_atomics+0x152/0x310 [ 14.113512] kasan_atomics+0x1dc/0x310 [ 14.113532] ? __pfx_kasan_atomics+0x10/0x10 [ 14.113553] ? __pfx_read_tsc+0x10/0x10 [ 14.113575] ? ktime_get_ts64+0x86/0x230 [ 14.113601] kunit_try_run_case+0x1a5/0x480 [ 14.113623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.113643] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.113668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.113694] ? __kthread_parkme+0x82/0x180 [ 14.113726] ? preempt_count_sub+0x50/0x80 [ 14.113750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.113772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.113796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.113822] kthread+0x337/0x6f0 [ 14.113842] ? trace_preempt_on+0x20/0xc0 [ 14.113867] ? __pfx_kthread+0x10/0x10 [ 14.113889] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.113913] ? calculate_sigpending+0x7b/0xa0 [ 14.113938] ? __pfx_kthread+0x10/0x10 [ 14.113962] ret_from_fork+0x116/0x1d0 [ 14.113981] ? __pfx_kthread+0x10/0x10 [ 14.114191] ret_from_fork_asm+0x1a/0x30 [ 14.114232] </TASK> [ 14.114246] [ 14.122753] Allocated by task 283: [ 14.122941] kasan_save_stack+0x45/0x70 [ 14.123228] kasan_save_track+0x18/0x40 [ 14.123443] kasan_save_alloc_info+0x3b/0x50 [ 14.123656] __kasan_kmalloc+0xb7/0xc0 [ 14.123969] __kmalloc_cache_noprof+0x189/0x420 [ 14.124297] kasan_atomics+0x95/0x310 [ 14.124447] kunit_try_run_case+0x1a5/0x480 [ 14.124657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.124920] kthread+0x337/0x6f0 [ 14.125165] ret_from_fork+0x116/0x1d0 [ 14.125365] ret_from_fork_asm+0x1a/0x30 [ 14.127365] [ 14.127478] The buggy address belongs to the object at ffff8881039bd780 [ 14.127478] which belongs to the cache kmalloc-64 of size 64 [ 14.129153] The buggy address is located 0 bytes to the right of [ 14.129153] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.130589] [ 14.131334] The buggy address belongs to the physical page: [ 14.132002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.132583] flags: 0x200000000000000(node=0|zone=2) [ 14.132955] page_type: f5(slab) [ 14.133317] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.133678] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.134143] page dumped because: kasan: bad access detected [ 14.134724] [ 14.134816] Memory state around the buggy address: [ 14.135033] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.135458] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.135858] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.136200] ^ [ 14.136839] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.137124] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.137614] ================================================================== [ 14.332822] ================================================================== [ 14.333473] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.333715] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.333945] [ 14.334038] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.334084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.334097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.334119] Call Trace: [ 14.334133] <TASK> [ 14.334148] dump_stack_lvl+0x73/0xb0 [ 14.334174] print_report+0xd1/0x650 [ 14.334198] ? __virt_addr_valid+0x1db/0x2d0 [ 14.334220] ? kasan_atomics_helper+0x151d/0x5450 [ 14.334242] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.334265] ? kasan_atomics_helper+0x151d/0x5450 [ 14.334288] kasan_report+0x141/0x180 [ 14.334310] ? kasan_atomics_helper+0x151d/0x5450 [ 14.334338] kasan_check_range+0x10c/0x1c0 [ 14.334362] __kasan_check_write+0x18/0x20 [ 14.334393] kasan_atomics_helper+0x151d/0x5450 [ 14.334416] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.334438] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.334459] ? ret_from_fork_asm+0x1a/0x30 [ 14.334480] ? kasan_atomics+0x152/0x310 [ 14.334503] kasan_atomics+0x1dc/0x310 [ 14.334522] ? __pfx_kasan_atomics+0x10/0x10 [ 14.334544] ? __pfx_read_tsc+0x10/0x10 [ 14.334565] ? ktime_get_ts64+0x86/0x230 [ 14.334590] kunit_try_run_case+0x1a5/0x480 [ 14.334612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.334631] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.334656] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.334681] ? __kthread_parkme+0x82/0x180 [ 14.334701] ? preempt_count_sub+0x50/0x80 [ 14.334725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.334747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.334771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.334797] kthread+0x337/0x6f0 [ 14.334816] ? trace_preempt_on+0x20/0xc0 [ 14.334840] ? __pfx_kthread+0x10/0x10 [ 14.334861] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.334885] ? calculate_sigpending+0x7b/0xa0 [ 14.334909] ? __pfx_kthread+0x10/0x10 [ 14.334931] ret_from_fork+0x116/0x1d0 [ 14.335071] ? __pfx_kthread+0x10/0x10 [ 14.335094] ret_from_fork_asm+0x1a/0x30 [ 14.335126] </TASK> [ 14.335138] [ 14.346862] Allocated by task 283: [ 14.347003] kasan_save_stack+0x45/0x70 [ 14.347602] kasan_save_track+0x18/0x40 [ 14.347763] kasan_save_alloc_info+0x3b/0x50 [ 14.347997] __kasan_kmalloc+0xb7/0xc0 [ 14.348237] __kmalloc_cache_noprof+0x189/0x420 [ 14.348613] kasan_atomics+0x95/0x310 [ 14.349018] kunit_try_run_case+0x1a5/0x480 [ 14.349281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.349630] kthread+0x337/0x6f0 [ 14.349774] ret_from_fork+0x116/0x1d0 [ 14.350119] ret_from_fork_asm+0x1a/0x30 [ 14.350290] [ 14.350421] The buggy address belongs to the object at ffff8881039bd780 [ 14.350421] which belongs to the cache kmalloc-64 of size 64 [ 14.351413] The buggy address is located 0 bytes to the right of [ 14.351413] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.352152] [ 14.352277] The buggy address belongs to the physical page: [ 14.352639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.353232] flags: 0x200000000000000(node=0|zone=2) [ 14.353733] page_type: f5(slab) [ 14.354154] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.354528] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.354971] page dumped because: kasan: bad access detected [ 14.355369] [ 14.355561] Memory state around the buggy address: [ 14.355976] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.356514] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.356828] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.357345] ^ [ 14.357566] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.358103] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.358406] ================================================================== [ 14.674636] ================================================================== [ 14.675185] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 14.675543] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.675887] [ 14.676039] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.676084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.676097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.676119] Call Trace: [ 14.676133] <TASK> [ 14.676148] dump_stack_lvl+0x73/0xb0 [ 14.676174] print_report+0xd1/0x650 [ 14.676198] ? __virt_addr_valid+0x1db/0x2d0 [ 14.676221] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.676243] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.676267] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.676289] kasan_report+0x141/0x180 [ 14.676312] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.676340] kasan_check_range+0x10c/0x1c0 [ 14.676365] __kasan_check_write+0x18/0x20 [ 14.676397] kasan_atomics_helper+0x1e12/0x5450 [ 14.676421] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.676445] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.676466] ? ret_from_fork_asm+0x1a/0x30 [ 14.676488] ? kasan_atomics+0x152/0x310 [ 14.676512] kasan_atomics+0x1dc/0x310 [ 14.676532] ? __pfx_kasan_atomics+0x10/0x10 [ 14.676553] ? __pfx_read_tsc+0x10/0x10 [ 14.676574] ? ktime_get_ts64+0x86/0x230 [ 14.676599] kunit_try_run_case+0x1a5/0x480 [ 14.676621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.676641] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.676666] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.676691] ? __kthread_parkme+0x82/0x180 [ 14.676712] ? preempt_count_sub+0x50/0x80 [ 14.676745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.676766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.676792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.676818] kthread+0x337/0x6f0 [ 14.676839] ? trace_preempt_on+0x20/0xc0 [ 14.676864] ? __pfx_kthread+0x10/0x10 [ 14.676886] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.676911] ? calculate_sigpending+0x7b/0xa0 [ 14.676935] ? __pfx_kthread+0x10/0x10 [ 14.676958] ret_from_fork+0x116/0x1d0 [ 14.676978] ? __pfx_kthread+0x10/0x10 [ 14.676999] ret_from_fork_asm+0x1a/0x30 [ 14.677030] </TASK> [ 14.677042] [ 14.684811] Allocated by task 283: [ 14.684978] kasan_save_stack+0x45/0x70 [ 14.685152] kasan_save_track+0x18/0x40 [ 14.685345] kasan_save_alloc_info+0x3b/0x50 [ 14.685535] __kasan_kmalloc+0xb7/0xc0 [ 14.685721] __kmalloc_cache_noprof+0x189/0x420 [ 14.685882] kasan_atomics+0x95/0x310 [ 14.686013] kunit_try_run_case+0x1a5/0x480 [ 14.686162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.686338] kthread+0x337/0x6f0 [ 14.686512] ret_from_fork+0x116/0x1d0 [ 14.686720] ret_from_fork_asm+0x1a/0x30 [ 14.686916] [ 14.687010] The buggy address belongs to the object at ffff8881039bd780 [ 14.687010] which belongs to the cache kmalloc-64 of size 64 [ 14.687546] The buggy address is located 0 bytes to the right of [ 14.687546] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.688068] [ 14.688142] The buggy address belongs to the physical page: [ 14.688328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.688694] flags: 0x200000000000000(node=0|zone=2) [ 14.688936] page_type: f5(slab) [ 14.689105] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.689449] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.690077] page dumped because: kasan: bad access detected [ 14.690280] [ 14.690353] Memory state around the buggy address: [ 14.690524] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.691039] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.691527] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.692056] ^ [ 14.692272] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.692571] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.693609] ================================================================== [ 13.795297] ================================================================== [ 13.795671] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 13.796060] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.796394] [ 13.796501] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.796547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.796560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.796583] Call Trace: [ 13.796599] <TASK> [ 13.796614] dump_stack_lvl+0x73/0xb0 [ 13.796641] print_report+0xd1/0x650 [ 13.796665] ? __virt_addr_valid+0x1db/0x2d0 [ 13.796688] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.796711] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.796735] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.796779] kasan_report+0x141/0x180 [ 13.796802] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.796830] kasan_check_range+0x10c/0x1c0 [ 13.796855] __kasan_check_write+0x18/0x20 [ 13.796876] kasan_atomics_helper+0xb6a/0x5450 [ 13.796900] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.796924] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.796945] ? ret_from_fork_asm+0x1a/0x30 [ 13.796967] ? kasan_atomics+0x152/0x310 [ 13.797078] kasan_atomics+0x1dc/0x310 [ 13.797106] ? __pfx_kasan_atomics+0x10/0x10 [ 13.797128] ? __pfx_read_tsc+0x10/0x10 [ 13.797150] ? ktime_get_ts64+0x86/0x230 [ 13.797176] kunit_try_run_case+0x1a5/0x480 [ 13.797198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.797218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.797244] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.797269] ? __kthread_parkme+0x82/0x180 [ 13.797290] ? preempt_count_sub+0x50/0x80 [ 13.797315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.797336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.797361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.797397] kthread+0x337/0x6f0 [ 13.797418] ? trace_preempt_on+0x20/0xc0 [ 13.797441] ? __pfx_kthread+0x10/0x10 [ 13.797463] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.797487] ? calculate_sigpending+0x7b/0xa0 [ 13.797511] ? __pfx_kthread+0x10/0x10 [ 13.797533] ret_from_fork+0x116/0x1d0 [ 13.797553] ? __pfx_kthread+0x10/0x10 [ 13.797575] ret_from_fork_asm+0x1a/0x30 [ 13.797605] </TASK> [ 13.797618] [ 13.805776] Allocated by task 283: [ 13.805967] kasan_save_stack+0x45/0x70 [ 13.806252] kasan_save_track+0x18/0x40 [ 13.806467] kasan_save_alloc_info+0x3b/0x50 [ 13.806659] __kasan_kmalloc+0xb7/0xc0 [ 13.806865] __kmalloc_cache_noprof+0x189/0x420 [ 13.807248] kasan_atomics+0x95/0x310 [ 13.807464] kunit_try_run_case+0x1a5/0x480 [ 13.807636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.807896] kthread+0x337/0x6f0 [ 13.808159] ret_from_fork+0x116/0x1d0 [ 13.808344] ret_from_fork_asm+0x1a/0x30 [ 13.808526] [ 13.808601] The buggy address belongs to the object at ffff8881039bd780 [ 13.808601] which belongs to the cache kmalloc-64 of size 64 [ 13.809213] The buggy address is located 0 bytes to the right of [ 13.809213] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.809772] [ 13.809875] The buggy address belongs to the physical page: [ 13.810168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.810532] flags: 0x200000000000000(node=0|zone=2) [ 13.810758] page_type: f5(slab) [ 13.810920] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.811356] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.811608] page dumped because: kasan: bad access detected [ 13.811884] [ 13.811979] Memory state around the buggy address: [ 13.812281] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.812610] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.812953] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.813260] ^ [ 13.813469] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.813823] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.814214] ================================================================== [ 14.753193] ================================================================== [ 14.753612] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 14.753868] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.754296] [ 14.754498] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.754545] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.754568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.754590] Call Trace: [ 14.754604] <TASK> [ 14.754619] dump_stack_lvl+0x73/0xb0 [ 14.754659] print_report+0xd1/0x650 [ 14.754683] ? __virt_addr_valid+0x1db/0x2d0 [ 14.754706] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.754729] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.754752] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.754775] kasan_report+0x141/0x180 [ 14.754799] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.754827] __asan_report_load8_noabort+0x18/0x20 [ 14.754850] kasan_atomics_helper+0x4f71/0x5450 [ 14.754880] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.754913] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.754934] ? ret_from_fork_asm+0x1a/0x30 [ 14.754955] ? kasan_atomics+0x152/0x310 [ 14.754991] kasan_atomics+0x1dc/0x310 [ 14.755013] ? __pfx_kasan_atomics+0x10/0x10 [ 14.755035] ? __pfx_read_tsc+0x10/0x10 [ 14.755056] ? ktime_get_ts64+0x86/0x230 [ 14.755081] kunit_try_run_case+0x1a5/0x480 [ 14.755103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.755124] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.755150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.755175] ? __kthread_parkme+0x82/0x180 [ 14.755196] ? preempt_count_sub+0x50/0x80 [ 14.755220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.755242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.755267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.755293] kthread+0x337/0x6f0 [ 14.755313] ? trace_preempt_on+0x20/0xc0 [ 14.755337] ? __pfx_kthread+0x10/0x10 [ 14.755358] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.755390] ? calculate_sigpending+0x7b/0xa0 [ 14.755414] ? __pfx_kthread+0x10/0x10 [ 14.755436] ret_from_fork+0x116/0x1d0 [ 14.755456] ? __pfx_kthread+0x10/0x10 [ 14.755478] ret_from_fork_asm+0x1a/0x30 [ 14.755509] </TASK> [ 14.755521] [ 14.764585] Allocated by task 283: [ 14.764777] kasan_save_stack+0x45/0x70 [ 14.764988] kasan_save_track+0x18/0x40 [ 14.765187] kasan_save_alloc_info+0x3b/0x50 [ 14.765409] __kasan_kmalloc+0xb7/0xc0 [ 14.765598] __kmalloc_cache_noprof+0x189/0x420 [ 14.765850] kasan_atomics+0x95/0x310 [ 14.766004] kunit_try_run_case+0x1a5/0x480 [ 14.766246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.766511] kthread+0x337/0x6f0 [ 14.766690] ret_from_fork+0x116/0x1d0 [ 14.766889] ret_from_fork_asm+0x1a/0x30 [ 14.767075] [ 14.767149] The buggy address belongs to the object at ffff8881039bd780 [ 14.767149] which belongs to the cache kmalloc-64 of size 64 [ 14.767651] The buggy address is located 0 bytes to the right of [ 14.767651] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.768276] [ 14.768350] The buggy address belongs to the physical page: [ 14.768641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.768994] flags: 0x200000000000000(node=0|zone=2) [ 14.769220] page_type: f5(slab) [ 14.769425] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.769742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.770083] page dumped because: kasan: bad access detected [ 14.770310] [ 14.770420] Memory state around the buggy address: [ 14.770620] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.770950] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.771260] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.771508] ^ [ 14.771664] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.771880] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.772217] ================================================================== [ 13.578946] ================================================================== [ 13.579265] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 13.579587] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.579889] [ 13.579975] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.580018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.580031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.580053] Call Trace: [ 13.580066] <TASK> [ 13.580081] dump_stack_lvl+0x73/0xb0 [ 13.580106] print_report+0xd1/0x650 [ 13.580130] ? __virt_addr_valid+0x1db/0x2d0 [ 13.580152] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.580175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.580198] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.580221] kasan_report+0x141/0x180 [ 13.580245] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.580273] __asan_report_store4_noabort+0x1b/0x30 [ 13.580295] kasan_atomics_helper+0x4b3a/0x5450 [ 13.580319] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.580342] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.580364] ? ret_from_fork_asm+0x1a/0x30 [ 13.580407] ? kasan_atomics+0x152/0x310 [ 13.580431] kasan_atomics+0x1dc/0x310 [ 13.580452] ? __pfx_kasan_atomics+0x10/0x10 [ 13.580474] ? __pfx_read_tsc+0x10/0x10 [ 13.580495] ? ktime_get_ts64+0x86/0x230 [ 13.580521] kunit_try_run_case+0x1a5/0x480 [ 13.580542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.580563] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.580588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.580614] ? __kthread_parkme+0x82/0x180 [ 13.580635] ? preempt_count_sub+0x50/0x80 [ 13.580659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.580681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.580706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.580732] kthread+0x337/0x6f0 [ 13.580752] ? trace_preempt_on+0x20/0xc0 [ 13.580776] ? __pfx_kthread+0x10/0x10 [ 13.580797] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.580821] ? calculate_sigpending+0x7b/0xa0 [ 13.580846] ? __pfx_kthread+0x10/0x10 [ 13.580869] ret_from_fork+0x116/0x1d0 [ 13.580888] ? __pfx_kthread+0x10/0x10 [ 13.580959] ret_from_fork_asm+0x1a/0x30 [ 13.580990] </TASK> [ 13.581128] [ 13.589940] Allocated by task 283: [ 13.590104] kasan_save_stack+0x45/0x70 [ 13.590315] kasan_save_track+0x18/0x40 [ 13.590532] kasan_save_alloc_info+0x3b/0x50 [ 13.590715] __kasan_kmalloc+0xb7/0xc0 [ 13.590933] __kmalloc_cache_noprof+0x189/0x420 [ 13.591136] kasan_atomics+0x95/0x310 [ 13.591304] kunit_try_run_case+0x1a5/0x480 [ 13.591511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.591691] kthread+0x337/0x6f0 [ 13.591865] ret_from_fork+0x116/0x1d0 [ 13.592138] ret_from_fork_asm+0x1a/0x30 [ 13.592309] [ 13.592406] The buggy address belongs to the object at ffff8881039bd780 [ 13.592406] which belongs to the cache kmalloc-64 of size 64 [ 13.592901] The buggy address is located 0 bytes to the right of [ 13.592901] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.593665] [ 13.593811] The buggy address belongs to the physical page: [ 13.594023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.594464] flags: 0x200000000000000(node=0|zone=2) [ 13.594701] page_type: f5(slab) [ 13.594867] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.595142] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.595372] page dumped because: kasan: bad access detected [ 13.595634] [ 13.595778] Memory state around the buggy address: [ 13.596038] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.596279] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.596516] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.597141] ^ [ 13.597393] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.597710] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.598056] ================================================================== [ 14.612515] ================================================================== [ 14.612866] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 14.613798] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.614406] [ 14.614657] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.614706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.614720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.614742] Call Trace: [ 14.614760] <TASK> [ 14.614815] dump_stack_lvl+0x73/0xb0 [ 14.614845] print_report+0xd1/0x650 [ 14.614871] ? __virt_addr_valid+0x1db/0x2d0 [ 14.614895] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.614917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.614941] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.614964] kasan_report+0x141/0x180 [ 14.614990] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.615018] __asan_report_load8_noabort+0x18/0x20 [ 14.615040] kasan_atomics_helper+0x4f30/0x5450 [ 14.615063] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.615087] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.615108] ? ret_from_fork_asm+0x1a/0x30 [ 14.615130] ? kasan_atomics+0x152/0x310 [ 14.615154] kasan_atomics+0x1dc/0x310 [ 14.615173] ? __pfx_kasan_atomics+0x10/0x10 [ 14.615195] ? __pfx_read_tsc+0x10/0x10 [ 14.615217] ? ktime_get_ts64+0x86/0x230 [ 14.615243] kunit_try_run_case+0x1a5/0x480 [ 14.615265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.615285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.615312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.615338] ? __kthread_parkme+0x82/0x180 [ 14.615359] ? preempt_count_sub+0x50/0x80 [ 14.615395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.615417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.615442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.615467] kthread+0x337/0x6f0 [ 14.615487] ? trace_preempt_on+0x20/0xc0 [ 14.615512] ? __pfx_kthread+0x10/0x10 [ 14.615534] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.615558] ? calculate_sigpending+0x7b/0xa0 [ 14.615583] ? __pfx_kthread+0x10/0x10 [ 14.615605] ret_from_fork+0x116/0x1d0 [ 14.615623] ? __pfx_kthread+0x10/0x10 [ 14.615644] ret_from_fork_asm+0x1a/0x30 [ 14.615675] </TASK> [ 14.615686] [ 14.627019] Allocated by task 283: [ 14.627448] kasan_save_stack+0x45/0x70 [ 14.627721] kasan_save_track+0x18/0x40 [ 14.628011] kasan_save_alloc_info+0x3b/0x50 [ 14.628221] __kasan_kmalloc+0xb7/0xc0 [ 14.628413] __kmalloc_cache_noprof+0x189/0x420 [ 14.628630] kasan_atomics+0x95/0x310 [ 14.629191] kunit_try_run_case+0x1a5/0x480 [ 14.629460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.629906] kthread+0x337/0x6f0 [ 14.630198] ret_from_fork+0x116/0x1d0 [ 14.630615] ret_from_fork_asm+0x1a/0x30 [ 14.631039] [ 14.631133] The buggy address belongs to the object at ffff8881039bd780 [ 14.631133] which belongs to the cache kmalloc-64 of size 64 [ 14.631635] The buggy address is located 0 bytes to the right of [ 14.631635] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.632525] [ 14.632760] The buggy address belongs to the physical page: [ 14.633128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.633477] flags: 0x200000000000000(node=0|zone=2) [ 14.633692] page_type: f5(slab) [ 14.634166] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.634636] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.635139] page dumped because: kasan: bad access detected [ 14.635512] [ 14.635607] Memory state around the buggy address: [ 14.636149] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.636602] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.637126] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.637442] ^ [ 14.637649] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.638207] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.638727] ================================================================== [ 14.871832] ================================================================== [ 14.872178] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 14.872536] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.872882] [ 14.873002] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.873046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.873059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.873079] Call Trace: [ 14.873094] <TASK> [ 14.873109] dump_stack_lvl+0x73/0xb0 [ 14.873135] print_report+0xd1/0x650 [ 14.873158] ? __virt_addr_valid+0x1db/0x2d0 [ 14.873181] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.873203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.873226] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.873249] kasan_report+0x141/0x180 [ 14.873272] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.873316] __asan_report_load8_noabort+0x18/0x20 [ 14.873337] kasan_atomics_helper+0x4fa5/0x5450 [ 14.873361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.873395] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.873415] ? ret_from_fork_asm+0x1a/0x30 [ 14.873437] ? kasan_atomics+0x152/0x310 [ 14.873461] kasan_atomics+0x1dc/0x310 [ 14.873481] ? __pfx_kasan_atomics+0x10/0x10 [ 14.873503] ? __pfx_read_tsc+0x10/0x10 [ 14.873524] ? ktime_get_ts64+0x86/0x230 [ 14.873549] kunit_try_run_case+0x1a5/0x480 [ 14.873571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.873591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.873617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.873642] ? __kthread_parkme+0x82/0x180 [ 14.873663] ? preempt_count_sub+0x50/0x80 [ 14.873687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.873709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.873768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.873793] kthread+0x337/0x6f0 [ 14.873826] ? trace_preempt_on+0x20/0xc0 [ 14.873852] ? __pfx_kthread+0x10/0x10 [ 14.873892] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.873917] ? calculate_sigpending+0x7b/0xa0 [ 14.873941] ? __pfx_kthread+0x10/0x10 [ 14.873973] ret_from_fork+0x116/0x1d0 [ 14.873993] ? __pfx_kthread+0x10/0x10 [ 14.874014] ret_from_fork_asm+0x1a/0x30 [ 14.874048] </TASK> [ 14.874059] [ 14.882630] Allocated by task 283: [ 14.882766] kasan_save_stack+0x45/0x70 [ 14.882915] kasan_save_track+0x18/0x40 [ 14.883222] kasan_save_alloc_info+0x3b/0x50 [ 14.883454] __kasan_kmalloc+0xb7/0xc0 [ 14.883649] __kmalloc_cache_noprof+0x189/0x420 [ 14.883869] kasan_atomics+0x95/0x310 [ 14.884107] kunit_try_run_case+0x1a5/0x480 [ 14.884354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.884621] kthread+0x337/0x6f0 [ 14.884876] ret_from_fork+0x116/0x1d0 [ 14.885014] ret_from_fork_asm+0x1a/0x30 [ 14.885155] [ 14.885253] The buggy address belongs to the object at ffff8881039bd780 [ 14.885253] which belongs to the cache kmalloc-64 of size 64 [ 14.885966] The buggy address is located 0 bytes to the right of [ 14.885966] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.886562] [ 14.886639] The buggy address belongs to the physical page: [ 14.886981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.887404] flags: 0x200000000000000(node=0|zone=2) [ 14.887611] page_type: f5(slab) [ 14.887735] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.888169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.888493] page dumped because: kasan: bad access detected [ 14.888683] [ 14.888753] Memory state around the buggy address: [ 14.888910] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.889296] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.889632] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.890098] ^ [ 14.890309] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.890539] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.891005] ================================================================== [ 14.090714] ================================================================== [ 14.091337] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 14.092000] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.092495] [ 14.092676] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.092722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.092735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.092759] Call Trace: [ 14.092773] <TASK> [ 14.092789] dump_stack_lvl+0x73/0xb0 [ 14.092816] print_report+0xd1/0x650 [ 14.092841] ? __virt_addr_valid+0x1db/0x2d0 [ 14.092865] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.092887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.092911] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.092934] kasan_report+0x141/0x180 [ 14.092957] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.092985] __asan_report_load4_noabort+0x18/0x20 [ 14.093006] kasan_atomics_helper+0x4a02/0x5450 [ 14.093030] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.093053] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.093161] ? ret_from_fork_asm+0x1a/0x30 [ 14.093187] ? kasan_atomics+0x152/0x310 [ 14.093213] kasan_atomics+0x1dc/0x310 [ 14.093233] ? __pfx_kasan_atomics+0x10/0x10 [ 14.093256] ? __pfx_read_tsc+0x10/0x10 [ 14.093277] ? ktime_get_ts64+0x86/0x230 [ 14.093304] kunit_try_run_case+0x1a5/0x480 [ 14.093326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.093346] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.093372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.093410] ? __kthread_parkme+0x82/0x180 [ 14.093432] ? preempt_count_sub+0x50/0x80 [ 14.093456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.093478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.093503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.093528] kthread+0x337/0x6f0 [ 14.093548] ? trace_preempt_on+0x20/0xc0 [ 14.093572] ? __pfx_kthread+0x10/0x10 [ 14.093593] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.093618] ? calculate_sigpending+0x7b/0xa0 [ 14.093642] ? __pfx_kthread+0x10/0x10 [ 14.093664] ret_from_fork+0x116/0x1d0 [ 14.093683] ? __pfx_kthread+0x10/0x10 [ 14.093705] ret_from_fork_asm+0x1a/0x30 [ 14.093738] </TASK> [ 14.093750] [ 14.102349] Allocated by task 283: [ 14.102536] kasan_save_stack+0x45/0x70 [ 14.102688] kasan_save_track+0x18/0x40 [ 14.103103] kasan_save_alloc_info+0x3b/0x50 [ 14.103333] __kasan_kmalloc+0xb7/0xc0 [ 14.103538] __kmalloc_cache_noprof+0x189/0x420 [ 14.103762] kasan_atomics+0x95/0x310 [ 14.103924] kunit_try_run_case+0x1a5/0x480 [ 14.104091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.104267] kthread+0x337/0x6f0 [ 14.104397] ret_from_fork+0x116/0x1d0 [ 14.104550] ret_from_fork_asm+0x1a/0x30 [ 14.104751] [ 14.104850] The buggy address belongs to the object at ffff8881039bd780 [ 14.104850] which belongs to the cache kmalloc-64 of size 64 [ 14.105806] The buggy address is located 0 bytes to the right of [ 14.105806] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.106194] [ 14.106524] The buggy address belongs to the physical page: [ 14.106872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.107328] flags: 0x200000000000000(node=0|zone=2) [ 14.107664] page_type: f5(slab) [ 14.107915] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.108280] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.108550] page dumped because: kasan: bad access detected [ 14.108883] [ 14.109022] Memory state around the buggy address: [ 14.109181] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.109412] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.109787] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.110088] ^ [ 14.110246] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.110987] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.111261] ================================================================== [ 13.677989] ================================================================== [ 13.678340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 13.678942] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.679335] [ 13.679462] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.679511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.679524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.679546] Call Trace: [ 13.679564] <TASK> [ 13.679581] dump_stack_lvl+0x73/0xb0 [ 13.679609] print_report+0xd1/0x650 [ 13.679634] ? __virt_addr_valid+0x1db/0x2d0 [ 13.679657] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.679680] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.679725] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.679749] kasan_report+0x141/0x180 [ 13.679772] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.679799] kasan_check_range+0x10c/0x1c0 [ 13.679824] __kasan_check_write+0x18/0x20 [ 13.679845] kasan_atomics_helper+0x7c7/0x5450 [ 13.679868] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.679891] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.679912] ? ret_from_fork_asm+0x1a/0x30 [ 13.679934] ? kasan_atomics+0x152/0x310 [ 13.679958] kasan_atomics+0x1dc/0x310 [ 13.679978] ? __pfx_kasan_atomics+0x10/0x10 [ 13.680058] ? __pfx_read_tsc+0x10/0x10 [ 13.680081] ? ktime_get_ts64+0x86/0x230 [ 13.680107] kunit_try_run_case+0x1a5/0x480 [ 13.680129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.680150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.680175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.680201] ? __kthread_parkme+0x82/0x180 [ 13.680222] ? preempt_count_sub+0x50/0x80 [ 13.680245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.680267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.680292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.680318] kthread+0x337/0x6f0 [ 13.680338] ? trace_preempt_on+0x20/0xc0 [ 13.680362] ? __pfx_kthread+0x10/0x10 [ 13.680393] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.680418] ? calculate_sigpending+0x7b/0xa0 [ 13.680443] ? __pfx_kthread+0x10/0x10 [ 13.680465] ret_from_fork+0x116/0x1d0 [ 13.680484] ? __pfx_kthread+0x10/0x10 [ 13.680505] ret_from_fork_asm+0x1a/0x30 [ 13.680536] </TASK> [ 13.680548] [ 13.689215] Allocated by task 283: [ 13.689388] kasan_save_stack+0x45/0x70 [ 13.689586] kasan_save_track+0x18/0x40 [ 13.689810] kasan_save_alloc_info+0x3b/0x50 [ 13.690216] __kasan_kmalloc+0xb7/0xc0 [ 13.690447] __kmalloc_cache_noprof+0x189/0x420 [ 13.690674] kasan_atomics+0x95/0x310 [ 13.690842] kunit_try_run_case+0x1a5/0x480 [ 13.691055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.691328] kthread+0x337/0x6f0 [ 13.691515] ret_from_fork+0x116/0x1d0 [ 13.691710] ret_from_fork_asm+0x1a/0x30 [ 13.691917] [ 13.692002] The buggy address belongs to the object at ffff8881039bd780 [ 13.692002] which belongs to the cache kmalloc-64 of size 64 [ 13.692361] The buggy address is located 0 bytes to the right of [ 13.692361] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.692822] [ 13.692918] The buggy address belongs to the physical page: [ 13.693167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.693596] flags: 0x200000000000000(node=0|zone=2) [ 13.693852] page_type: f5(slab) [ 13.693977] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.694452] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.694836] page dumped because: kasan: bad access detected [ 13.695171] [ 13.695272] Memory state around the buggy address: [ 13.695519] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.695861] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.696211] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.696527] ^ [ 13.696730] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.697079] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.697298] ================================================================== [ 13.440228] ================================================================== [ 13.440938] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 13.441265] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.441576] [ 13.441679] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.441724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.441737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.441760] Call Trace: [ 13.441772] <TASK> [ 13.441975] dump_stack_lvl+0x73/0xb0 [ 13.442013] print_report+0xd1/0x650 [ 13.442044] ? __virt_addr_valid+0x1db/0x2d0 [ 13.442160] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.442183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.442206] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.442229] kasan_report+0x141/0x180 [ 13.442252] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.442279] __asan_report_load4_noabort+0x18/0x20 [ 13.442300] kasan_atomics_helper+0x4bbc/0x5450 [ 13.442322] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.442345] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.442366] ? ret_from_fork_asm+0x1a/0x30 [ 13.442401] ? kasan_atomics+0x152/0x310 [ 13.442425] kasan_atomics+0x1dc/0x310 [ 13.442444] ? __pfx_kasan_atomics+0x10/0x10 [ 13.442465] ? __pfx_read_tsc+0x10/0x10 [ 13.442486] ? ktime_get_ts64+0x86/0x230 [ 13.442512] kunit_try_run_case+0x1a5/0x480 [ 13.442535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.442555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.442581] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.442607] ? __kthread_parkme+0x82/0x180 [ 13.442627] ? preempt_count_sub+0x50/0x80 [ 13.442652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.442673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.442697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.442730] kthread+0x337/0x6f0 [ 13.442750] ? trace_preempt_on+0x20/0xc0 [ 13.442774] ? __pfx_kthread+0x10/0x10 [ 13.442795] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.442818] ? calculate_sigpending+0x7b/0xa0 [ 13.442842] ? __pfx_kthread+0x10/0x10 [ 13.442864] ret_from_fork+0x116/0x1d0 [ 13.442883] ? __pfx_kthread+0x10/0x10 [ 13.442905] ret_from_fork_asm+0x1a/0x30 [ 13.442935] </TASK> [ 13.442946] [ 13.451313] Allocated by task 283: [ 13.451494] kasan_save_stack+0x45/0x70 [ 13.451692] kasan_save_track+0x18/0x40 [ 13.451860] kasan_save_alloc_info+0x3b/0x50 [ 13.452040] __kasan_kmalloc+0xb7/0xc0 [ 13.452175] __kmalloc_cache_noprof+0x189/0x420 [ 13.452327] kasan_atomics+0x95/0x310 [ 13.452503] kunit_try_run_case+0x1a5/0x480 [ 13.452716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.453132] kthread+0x337/0x6f0 [ 13.453316] ret_from_fork+0x116/0x1d0 [ 13.453518] ret_from_fork_asm+0x1a/0x30 [ 13.453676] [ 13.453832] The buggy address belongs to the object at ffff8881039bd780 [ 13.453832] which belongs to the cache kmalloc-64 of size 64 [ 13.454524] The buggy address is located 0 bytes to the right of [ 13.454524] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.454984] [ 13.455059] The buggy address belongs to the physical page: [ 13.455290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.455785] flags: 0x200000000000000(node=0|zone=2) [ 13.456033] page_type: f5(slab) [ 13.456239] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.456540] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.456992] page dumped because: kasan: bad access detected [ 13.457220] [ 13.457297] Memory state around the buggy address: [ 13.457482] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.457701] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.457944] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.458271] ^ [ 13.458516] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.459106] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.459397] ================================================================== [ 14.519390] ================================================================== [ 14.519768] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 14.520101] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.520460] [ 14.520547] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.520649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.520687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.520709] Call Trace: [ 14.520727] <TASK> [ 14.520743] dump_stack_lvl+0x73/0xb0 [ 14.520771] print_report+0xd1/0x650 [ 14.520795] ? __virt_addr_valid+0x1db/0x2d0 [ 14.520818] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.520841] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.520863] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.520887] kasan_report+0x141/0x180 [ 14.520910] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.520970] kasan_check_range+0x10c/0x1c0 [ 14.521020] __kasan_check_write+0x18/0x20 [ 14.521086] kasan_atomics_helper+0x19e3/0x5450 [ 14.521112] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.521135] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.521157] ? ret_from_fork_asm+0x1a/0x30 [ 14.521179] ? kasan_atomics+0x152/0x310 [ 14.521203] kasan_atomics+0x1dc/0x310 [ 14.521223] ? __pfx_kasan_atomics+0x10/0x10 [ 14.521244] ? __pfx_read_tsc+0x10/0x10 [ 14.521266] ? ktime_get_ts64+0x86/0x230 [ 14.521292] kunit_try_run_case+0x1a5/0x480 [ 14.521314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.521335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.521362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.521399] ? __kthread_parkme+0x82/0x180 [ 14.521420] ? preempt_count_sub+0x50/0x80 [ 14.521444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.521466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.521490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.521515] kthread+0x337/0x6f0 [ 14.521535] ? trace_preempt_on+0x20/0xc0 [ 14.521560] ? __pfx_kthread+0x10/0x10 [ 14.521581] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.521606] ? calculate_sigpending+0x7b/0xa0 [ 14.521631] ? __pfx_kthread+0x10/0x10 [ 14.521653] ret_from_fork+0x116/0x1d0 [ 14.521673] ? __pfx_kthread+0x10/0x10 [ 14.521694] ret_from_fork_asm+0x1a/0x30 [ 14.521724] </TASK> [ 14.521735] [ 14.530422] Allocated by task 283: [ 14.530605] kasan_save_stack+0x45/0x70 [ 14.530864] kasan_save_track+0x18/0x40 [ 14.531063] kasan_save_alloc_info+0x3b/0x50 [ 14.531278] __kasan_kmalloc+0xb7/0xc0 [ 14.531522] __kmalloc_cache_noprof+0x189/0x420 [ 14.531718] kasan_atomics+0x95/0x310 [ 14.531863] kunit_try_run_case+0x1a5/0x480 [ 14.532097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.532325] kthread+0x337/0x6f0 [ 14.532498] ret_from_fork+0x116/0x1d0 [ 14.532686] ret_from_fork_asm+0x1a/0x30 [ 14.532909] [ 14.532980] The buggy address belongs to the object at ffff8881039bd780 [ 14.532980] which belongs to the cache kmalloc-64 of size 64 [ 14.533705] The buggy address is located 0 bytes to the right of [ 14.533705] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.534149] [ 14.534224] The buggy address belongs to the physical page: [ 14.534444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.534894] flags: 0x200000000000000(node=0|zone=2) [ 14.535186] page_type: f5(slab) [ 14.535395] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.535765] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.536081] page dumped because: kasan: bad access detected [ 14.536254] [ 14.536348] Memory state around the buggy address: [ 14.536621] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.537047] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.537402] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.537733] ^ [ 14.537927] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.538347] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.538710] ================================================================== [ 13.598512] ================================================================== [ 13.598746] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 13.598981] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.599308] [ 13.599430] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.599492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.599506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.599528] Call Trace: [ 13.599545] <TASK> [ 13.599561] dump_stack_lvl+0x73/0xb0 [ 13.599590] print_report+0xd1/0x650 [ 13.599614] ? __virt_addr_valid+0x1db/0x2d0 [ 13.599638] ? kasan_atomics_helper+0x565/0x5450 [ 13.599661] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.599685] ? kasan_atomics_helper+0x565/0x5450 [ 13.599708] kasan_report+0x141/0x180 [ 13.599732] ? kasan_atomics_helper+0x565/0x5450 [ 13.599760] kasan_check_range+0x10c/0x1c0 [ 13.599785] __kasan_check_write+0x18/0x20 [ 13.599806] kasan_atomics_helper+0x565/0x5450 [ 13.599830] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.599853] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.599874] ? ret_from_fork_asm+0x1a/0x30 [ 13.599897] ? kasan_atomics+0x152/0x310 [ 13.599921] kasan_atomics+0x1dc/0x310 [ 13.599942] ? __pfx_kasan_atomics+0x10/0x10 [ 13.599966] ? __pfx_read_tsc+0x10/0x10 [ 13.599989] ? ktime_get_ts64+0x86/0x230 [ 13.600016] kunit_try_run_case+0x1a5/0x480 [ 13.600038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.600058] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.600137] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.600165] ? __kthread_parkme+0x82/0x180 [ 13.600186] ? preempt_count_sub+0x50/0x80 [ 13.600211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.600233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.600258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.600284] kthread+0x337/0x6f0 [ 13.600304] ? trace_preempt_on+0x20/0xc0 [ 13.600329] ? __pfx_kthread+0x10/0x10 [ 13.600351] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.600386] ? calculate_sigpending+0x7b/0xa0 [ 13.600412] ? __pfx_kthread+0x10/0x10 [ 13.600435] ret_from_fork+0x116/0x1d0 [ 13.600454] ? __pfx_kthread+0x10/0x10 [ 13.600477] ret_from_fork_asm+0x1a/0x30 [ 13.600512] </TASK> [ 13.600523] [ 13.608850] Allocated by task 283: [ 13.609251] kasan_save_stack+0x45/0x70 [ 13.609483] kasan_save_track+0x18/0x40 [ 13.609690] kasan_save_alloc_info+0x3b/0x50 [ 13.609918] __kasan_kmalloc+0xb7/0xc0 [ 13.610312] __kmalloc_cache_noprof+0x189/0x420 [ 13.610565] kasan_atomics+0x95/0x310 [ 13.610798] kunit_try_run_case+0x1a5/0x480 [ 13.611019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.611280] kthread+0x337/0x6f0 [ 13.611445] ret_from_fork+0x116/0x1d0 [ 13.611582] ret_from_fork_asm+0x1a/0x30 [ 13.611907] [ 13.612039] The buggy address belongs to the object at ffff8881039bd780 [ 13.612039] which belongs to the cache kmalloc-64 of size 64 [ 13.612517] The buggy address is located 0 bytes to the right of [ 13.612517] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.613349] [ 13.613473] The buggy address belongs to the physical page: [ 13.613651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.614163] flags: 0x200000000000000(node=0|zone=2) [ 13.614333] page_type: f5(slab) [ 13.614468] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.614703] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.615110] page dumped because: kasan: bad access detected [ 13.615366] [ 13.615472] Memory state around the buggy address: [ 13.615698] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.616020] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.616329] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.616552] ^ [ 13.616711] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.617264] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.617617] ================================================================== [ 14.657050] ================================================================== [ 14.657406] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 14.657752] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.658211] [ 14.658325] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.658369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.658392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.658414] Call Trace: [ 14.658427] <TASK> [ 14.658441] dump_stack_lvl+0x73/0xb0 [ 14.658468] print_report+0xd1/0x650 [ 14.658491] ? __virt_addr_valid+0x1db/0x2d0 [ 14.658513] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.658546] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.658569] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.658592] kasan_report+0x141/0x180 [ 14.658615] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.658643] kasan_check_range+0x10c/0x1c0 [ 14.658668] __kasan_check_write+0x18/0x20 [ 14.658688] kasan_atomics_helper+0x1d7a/0x5450 [ 14.658712] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.658735] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.658756] ? ret_from_fork_asm+0x1a/0x30 [ 14.658778] ? kasan_atomics+0x152/0x310 [ 14.658801] kasan_atomics+0x1dc/0x310 [ 14.658821] ? __pfx_kasan_atomics+0x10/0x10 [ 14.658842] ? __pfx_read_tsc+0x10/0x10 [ 14.658876] ? ktime_get_ts64+0x86/0x230 [ 14.658900] kunit_try_run_case+0x1a5/0x480 [ 14.658922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.658942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.658967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.658993] ? __kthread_parkme+0x82/0x180 [ 14.659014] ? preempt_count_sub+0x50/0x80 [ 14.659037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.659060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.659085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.659110] kthread+0x337/0x6f0 [ 14.659130] ? trace_preempt_on+0x20/0xc0 [ 14.659153] ? __pfx_kthread+0x10/0x10 [ 14.659175] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.659199] ? calculate_sigpending+0x7b/0xa0 [ 14.659223] ? __pfx_kthread+0x10/0x10 [ 14.659245] ret_from_fork+0x116/0x1d0 [ 14.659264] ? __pfx_kthread+0x10/0x10 [ 14.659285] ret_from_fork_asm+0x1a/0x30 [ 14.659316] </TASK> [ 14.659328] [ 14.667186] Allocated by task 283: [ 14.667341] kasan_save_stack+0x45/0x70 [ 14.667550] kasan_save_track+0x18/0x40 [ 14.667689] kasan_save_alloc_info+0x3b/0x50 [ 14.667908] __kasan_kmalloc+0xb7/0xc0 [ 14.668105] __kmalloc_cache_noprof+0x189/0x420 [ 14.668295] kasan_atomics+0x95/0x310 [ 14.668480] kunit_try_run_case+0x1a5/0x480 [ 14.668657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.668953] kthread+0x337/0x6f0 [ 14.669126] ret_from_fork+0x116/0x1d0 [ 14.669269] ret_from_fork_asm+0x1a/0x30 [ 14.669421] [ 14.669518] The buggy address belongs to the object at ffff8881039bd780 [ 14.669518] which belongs to the cache kmalloc-64 of size 64 [ 14.670198] The buggy address is located 0 bytes to the right of [ 14.670198] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.670623] [ 14.670696] The buggy address belongs to the physical page: [ 14.670872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.671115] flags: 0x200000000000000(node=0|zone=2) [ 14.671278] page_type: f5(slab) [ 14.671414] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.671753] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.672096] page dumped because: kasan: bad access detected [ 14.672347] [ 14.672450] Memory state around the buggy address: [ 14.672672] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.673030] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.673244] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.673467] ^ [ 14.673620] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.673836] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.674120] ================================================================== [ 14.792315] ================================================================== [ 14.792690] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 14.793097] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.793481] [ 14.793604] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.793648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.793660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.793681] Call Trace: [ 14.793697] <TASK> [ 14.793712] dump_stack_lvl+0x73/0xb0 [ 14.793738] print_report+0xd1/0x650 [ 14.793761] ? __virt_addr_valid+0x1db/0x2d0 [ 14.793785] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.793824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.793847] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.793871] kasan_report+0x141/0x180 [ 14.793894] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.793923] __asan_report_load8_noabort+0x18/0x20 [ 14.793945] kasan_atomics_helper+0x4f98/0x5450 [ 14.793968] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.793991] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.794013] ? ret_from_fork_asm+0x1a/0x30 [ 14.794039] ? kasan_atomics+0x152/0x310 [ 14.794062] kasan_atomics+0x1dc/0x310 [ 14.794082] ? __pfx_kasan_atomics+0x10/0x10 [ 14.794103] ? __pfx_read_tsc+0x10/0x10 [ 14.794125] ? ktime_get_ts64+0x86/0x230 [ 14.794150] kunit_try_run_case+0x1a5/0x480 [ 14.794171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.794191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.794217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.794242] ? __kthread_parkme+0x82/0x180 [ 14.794263] ? preempt_count_sub+0x50/0x80 [ 14.794287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.794309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.794334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.794359] kthread+0x337/0x6f0 [ 14.794388] ? trace_preempt_on+0x20/0xc0 [ 14.794412] ? __pfx_kthread+0x10/0x10 [ 14.794433] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.794457] ? calculate_sigpending+0x7b/0xa0 [ 14.794481] ? __pfx_kthread+0x10/0x10 [ 14.794503] ret_from_fork+0x116/0x1d0 [ 14.794523] ? __pfx_kthread+0x10/0x10 [ 14.794544] ret_from_fork_asm+0x1a/0x30 [ 14.794574] </TASK> [ 14.794585] [ 14.802745] Allocated by task 283: [ 14.802935] kasan_save_stack+0x45/0x70 [ 14.803211] kasan_save_track+0x18/0x40 [ 14.803518] kasan_save_alloc_info+0x3b/0x50 [ 14.803791] __kasan_kmalloc+0xb7/0xc0 [ 14.803986] __kmalloc_cache_noprof+0x189/0x420 [ 14.804223] kasan_atomics+0x95/0x310 [ 14.804419] kunit_try_run_case+0x1a5/0x480 [ 14.804625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.804919] kthread+0x337/0x6f0 [ 14.805085] ret_from_fork+0x116/0x1d0 [ 14.805235] ret_from_fork_asm+0x1a/0x30 [ 14.805384] [ 14.805457] The buggy address belongs to the object at ffff8881039bd780 [ 14.805457] which belongs to the cache kmalloc-64 of size 64 [ 14.806362] The buggy address is located 0 bytes to the right of [ 14.806362] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.806970] [ 14.807046] The buggy address belongs to the physical page: [ 14.807221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.807824] flags: 0x200000000000000(node=0|zone=2) [ 14.808057] page_type: f5(slab) [ 14.808181] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.808435] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.808778] page dumped because: kasan: bad access detected [ 14.809230] [ 14.809355] Memory state around the buggy address: [ 14.809667] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.809984] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.810209] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.810433] ^ [ 14.810628] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.811260] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.811741] ================================================================== [ 14.639430] ================================================================== [ 14.639694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 14.640091] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.640432] [ 14.640546] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.640593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.640606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.640628] Call Trace: [ 14.640645] <TASK> [ 14.640663] dump_stack_lvl+0x73/0xb0 [ 14.640690] print_report+0xd1/0x650 [ 14.640713] ? __virt_addr_valid+0x1db/0x2d0 [ 14.640736] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.640759] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.640782] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.640805] kasan_report+0x141/0x180 [ 14.640828] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.640856] kasan_check_range+0x10c/0x1c0 [ 14.640895] __kasan_check_write+0x18/0x20 [ 14.640915] kasan_atomics_helper+0x1ce1/0x5450 [ 14.640938] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.640962] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.640983] ? ret_from_fork_asm+0x1a/0x30 [ 14.641004] ? kasan_atomics+0x152/0x310 [ 14.641027] kasan_atomics+0x1dc/0x310 [ 14.641047] ? __pfx_kasan_atomics+0x10/0x10 [ 14.641068] ? __pfx_read_tsc+0x10/0x10 [ 14.641089] ? ktime_get_ts64+0x86/0x230 [ 14.641114] kunit_try_run_case+0x1a5/0x480 [ 14.641136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.641156] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.641181] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.641206] ? __kthread_parkme+0x82/0x180 [ 14.641227] ? preempt_count_sub+0x50/0x80 [ 14.641252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.641274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.641298] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.641323] kthread+0x337/0x6f0 [ 14.641343] ? trace_preempt_on+0x20/0xc0 [ 14.641366] ? __pfx_kthread+0x10/0x10 [ 14.641399] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.641423] ? calculate_sigpending+0x7b/0xa0 [ 14.641447] ? __pfx_kthread+0x10/0x10 [ 14.641469] ret_from_fork+0x116/0x1d0 [ 14.641488] ? __pfx_kthread+0x10/0x10 [ 14.641509] ret_from_fork_asm+0x1a/0x30 [ 14.641541] </TASK> [ 14.641552] [ 14.649474] Allocated by task 283: [ 14.649635] kasan_save_stack+0x45/0x70 [ 14.649784] kasan_save_track+0x18/0x40 [ 14.649943] kasan_save_alloc_info+0x3b/0x50 [ 14.650164] __kasan_kmalloc+0xb7/0xc0 [ 14.650358] __kmalloc_cache_noprof+0x189/0x420 [ 14.650600] kasan_atomics+0x95/0x310 [ 14.650764] kunit_try_run_case+0x1a5/0x480 [ 14.650985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.651207] kthread+0x337/0x6f0 [ 14.651367] ret_from_fork+0x116/0x1d0 [ 14.651540] ret_from_fork_asm+0x1a/0x30 [ 14.651681] [ 14.651764] The buggy address belongs to the object at ffff8881039bd780 [ 14.651764] which belongs to the cache kmalloc-64 of size 64 [ 14.652298] The buggy address is located 0 bytes to the right of [ 14.652298] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.652846] [ 14.652924] The buggy address belongs to the physical page: [ 14.653142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.653460] flags: 0x200000000000000(node=0|zone=2) [ 14.653687] page_type: f5(slab) [ 14.653867] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.654153] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.654393] page dumped because: kasan: bad access detected [ 14.654568] [ 14.654639] Memory state around the buggy address: [ 14.654794] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.655200] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.655532] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.656017] ^ [ 14.656204] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.656431] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.656645] ================================================================== [ 14.891571] ================================================================== [ 14.892023] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 14.892397] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.892732] [ 14.892882] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.892969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.892993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.893016] Call Trace: [ 14.893058] <TASK> [ 14.893074] dump_stack_lvl+0x73/0xb0 [ 14.893100] print_report+0xd1/0x650 [ 14.893135] ? __virt_addr_valid+0x1db/0x2d0 [ 14.893158] ? kasan_atomics_helper+0x224c/0x5450 [ 14.893180] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.893204] ? kasan_atomics_helper+0x224c/0x5450 [ 14.893227] kasan_report+0x141/0x180 [ 14.893251] ? kasan_atomics_helper+0x224c/0x5450 [ 14.893278] kasan_check_range+0x10c/0x1c0 [ 14.893302] __kasan_check_write+0x18/0x20 [ 14.893322] kasan_atomics_helper+0x224c/0x5450 [ 14.893346] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.893368] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.893399] ? ret_from_fork_asm+0x1a/0x30 [ 14.893420] ? kasan_atomics+0x152/0x310 [ 14.893444] kasan_atomics+0x1dc/0x310 [ 14.893464] ? __pfx_kasan_atomics+0x10/0x10 [ 14.893485] ? __pfx_read_tsc+0x10/0x10 [ 14.893506] ? ktime_get_ts64+0x86/0x230 [ 14.893560] kunit_try_run_case+0x1a5/0x480 [ 14.893583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.893604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.893640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.893665] ? __kthread_parkme+0x82/0x180 [ 14.893686] ? preempt_count_sub+0x50/0x80 [ 14.893710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.893732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.893756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.893782] kthread+0x337/0x6f0 [ 14.893802] ? trace_preempt_on+0x20/0xc0 [ 14.893853] ? __pfx_kthread+0x10/0x10 [ 14.893875] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.893898] ? calculate_sigpending+0x7b/0xa0 [ 14.893933] ? __pfx_kthread+0x10/0x10 [ 14.893955] ret_from_fork+0x116/0x1d0 [ 14.893975] ? __pfx_kthread+0x10/0x10 [ 14.893995] ret_from_fork_asm+0x1a/0x30 [ 14.894031] </TASK> [ 14.894042] [ 14.902255] Allocated by task 283: [ 14.902444] kasan_save_stack+0x45/0x70 [ 14.902670] kasan_save_track+0x18/0x40 [ 14.902889] kasan_save_alloc_info+0x3b/0x50 [ 14.903126] __kasan_kmalloc+0xb7/0xc0 [ 14.903343] __kmalloc_cache_noprof+0x189/0x420 [ 14.903510] kasan_atomics+0x95/0x310 [ 14.903697] kunit_try_run_case+0x1a5/0x480 [ 14.903960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.904195] kthread+0x337/0x6f0 [ 14.904318] ret_from_fork+0x116/0x1d0 [ 14.904464] ret_from_fork_asm+0x1a/0x30 [ 14.904679] [ 14.904854] The buggy address belongs to the object at ffff8881039bd780 [ 14.904854] which belongs to the cache kmalloc-64 of size 64 [ 14.905363] The buggy address is located 0 bytes to the right of [ 14.905363] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.905739] [ 14.905837] The buggy address belongs to the physical page: [ 14.906141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.906585] flags: 0x200000000000000(node=0|zone=2) [ 14.906900] page_type: f5(slab) [ 14.907112] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.907347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.907642] page dumped because: kasan: bad access detected [ 14.908130] [ 14.908256] Memory state around the buggy address: [ 14.908546] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.908975] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.909327] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.909611] ^ [ 14.909840] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.910162] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.910490] ================================================================== [ 14.562711] ================================================================== [ 14.563022] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 14.563327] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.564301] [ 14.564438] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.564487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.564500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.564523] Call Trace: [ 14.564538] <TASK> [ 14.564555] dump_stack_lvl+0x73/0xb0 [ 14.564583] print_report+0xd1/0x650 [ 14.564607] ? __virt_addr_valid+0x1db/0x2d0 [ 14.564629] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.564651] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.564675] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.564698] kasan_report+0x141/0x180 [ 14.564722] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.564749] kasan_check_range+0x10c/0x1c0 [ 14.564774] __kasan_check_write+0x18/0x20 [ 14.564794] kasan_atomics_helper+0x1b22/0x5450 [ 14.564818] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.564866] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.564912] ? ret_from_fork_asm+0x1a/0x30 [ 14.564934] ? kasan_atomics+0x152/0x310 [ 14.564958] kasan_atomics+0x1dc/0x310 [ 14.564989] ? __pfx_kasan_atomics+0x10/0x10 [ 14.565012] ? __pfx_read_tsc+0x10/0x10 [ 14.565033] ? ktime_get_ts64+0x86/0x230 [ 14.565058] kunit_try_run_case+0x1a5/0x480 [ 14.565080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.565101] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.565127] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.565152] ? __kthread_parkme+0x82/0x180 [ 14.565173] ? preempt_count_sub+0x50/0x80 [ 14.565197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.565219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.565244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.565269] kthread+0x337/0x6f0 [ 14.565289] ? trace_preempt_on+0x20/0xc0 [ 14.565311] ? __pfx_kthread+0x10/0x10 [ 14.565333] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.565356] ? calculate_sigpending+0x7b/0xa0 [ 14.565389] ? __pfx_kthread+0x10/0x10 [ 14.565412] ret_from_fork+0x116/0x1d0 [ 14.565433] ? __pfx_kthread+0x10/0x10 [ 14.565457] ret_from_fork_asm+0x1a/0x30 [ 14.565489] </TASK> [ 14.565501] [ 14.576300] Allocated by task 283: [ 14.576568] kasan_save_stack+0x45/0x70 [ 14.576937] kasan_save_track+0x18/0x40 [ 14.577195] kasan_save_alloc_info+0x3b/0x50 [ 14.577538] __kasan_kmalloc+0xb7/0xc0 [ 14.577859] __kmalloc_cache_noprof+0x189/0x420 [ 14.578090] kasan_atomics+0x95/0x310 [ 14.578277] kunit_try_run_case+0x1a5/0x480 [ 14.578471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.578799] kthread+0x337/0x6f0 [ 14.579144] ret_from_fork+0x116/0x1d0 [ 14.579316] ret_from_fork_asm+0x1a/0x30 [ 14.579660] [ 14.579822] The buggy address belongs to the object at ffff8881039bd780 [ 14.579822] which belongs to the cache kmalloc-64 of size 64 [ 14.580498] The buggy address is located 0 bytes to the right of [ 14.580498] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.581330] [ 14.581530] The buggy address belongs to the physical page: [ 14.581865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.582367] flags: 0x200000000000000(node=0|zone=2) [ 14.582692] page_type: f5(slab) [ 14.582904] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.583356] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.583813] page dumped because: kasan: bad access detected [ 14.584143] [ 14.584265] Memory state around the buggy address: [ 14.584640] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.585059] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.585482] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.585961] ^ [ 14.586178] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.586603] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.587141] ================================================================== [ 13.952585] ================================================================== [ 13.953286] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 13.954008] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.954744] [ 13.954884] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.954930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.954944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.954966] Call Trace: [ 13.954984] <TASK> [ 13.955002] dump_stack_lvl+0x73/0xb0 [ 13.955030] print_report+0xd1/0x650 [ 13.955055] ? __virt_addr_valid+0x1db/0x2d0 [ 13.955078] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.955100] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.955124] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.955146] kasan_report+0x141/0x180 [ 13.955169] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.955197] kasan_check_range+0x10c/0x1c0 [ 13.955222] __kasan_check_write+0x18/0x20 [ 13.955242] kasan_atomics_helper+0xfa9/0x5450 [ 13.955266] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.955289] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.955310] ? ret_from_fork_asm+0x1a/0x30 [ 13.955332] ? kasan_atomics+0x152/0x310 [ 13.955356] kasan_atomics+0x1dc/0x310 [ 13.955387] ? __pfx_kasan_atomics+0x10/0x10 [ 13.955409] ? __pfx_read_tsc+0x10/0x10 [ 13.955430] ? ktime_get_ts64+0x86/0x230 [ 13.955456] kunit_try_run_case+0x1a5/0x480 [ 13.955477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.955498] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.955524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.955549] ? __kthread_parkme+0x82/0x180 [ 13.955570] ? preempt_count_sub+0x50/0x80 [ 13.955595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.955616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.955641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.955665] kthread+0x337/0x6f0 [ 13.955686] ? trace_preempt_on+0x20/0xc0 [ 13.955710] ? __pfx_kthread+0x10/0x10 [ 13.955732] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.955756] ? calculate_sigpending+0x7b/0xa0 [ 13.955780] ? __pfx_kthread+0x10/0x10 [ 13.955802] ret_from_fork+0x116/0x1d0 [ 13.955821] ? __pfx_kthread+0x10/0x10 [ 13.955843] ret_from_fork_asm+0x1a/0x30 [ 13.955874] </TASK> [ 13.955886] [ 13.963875] Allocated by task 283: [ 13.964180] kasan_save_stack+0x45/0x70 [ 13.964416] kasan_save_track+0x18/0x40 [ 13.964618] kasan_save_alloc_info+0x3b/0x50 [ 13.964971] __kasan_kmalloc+0xb7/0xc0 [ 13.965168] __kmalloc_cache_noprof+0x189/0x420 [ 13.965399] kasan_atomics+0x95/0x310 [ 13.965549] kunit_try_run_case+0x1a5/0x480 [ 13.965696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.965987] kthread+0x337/0x6f0 [ 13.966180] ret_from_fork+0x116/0x1d0 [ 13.966336] ret_from_fork_asm+0x1a/0x30 [ 13.966487] [ 13.966560] The buggy address belongs to the object at ffff8881039bd780 [ 13.966560] which belongs to the cache kmalloc-64 of size 64 [ 13.967253] The buggy address is located 0 bytes to the right of [ 13.967253] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.967993] [ 13.968097] The buggy address belongs to the physical page: [ 13.968306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.968622] flags: 0x200000000000000(node=0|zone=2) [ 13.968886] page_type: f5(slab) [ 13.969178] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.969484] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.969831] page dumped because: kasan: bad access detected [ 13.970007] [ 13.970085] Memory state around the buggy address: [ 13.970243] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.970568] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.970893] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.971401] ^ [ 13.971563] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.971781] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.972222] ================================================================== [ 14.057278] ================================================================== [ 14.057820] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 14.058257] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.058839] [ 14.059020] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.059114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.059127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.059150] Call Trace: [ 14.059167] <TASK> [ 14.059183] dump_stack_lvl+0x73/0xb0 [ 14.059210] print_report+0xd1/0x650 [ 14.059234] ? __virt_addr_valid+0x1db/0x2d0 [ 14.059257] ? kasan_atomics_helper+0x1148/0x5450 [ 14.059279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.059303] ? kasan_atomics_helper+0x1148/0x5450 [ 14.059326] kasan_report+0x141/0x180 [ 14.059349] ? kasan_atomics_helper+0x1148/0x5450 [ 14.059389] kasan_check_range+0x10c/0x1c0 [ 14.059414] __kasan_check_write+0x18/0x20 [ 14.059434] kasan_atomics_helper+0x1148/0x5450 [ 14.059458] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.059482] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.059502] ? ret_from_fork_asm+0x1a/0x30 [ 14.059524] ? kasan_atomics+0x152/0x310 [ 14.059547] kasan_atomics+0x1dc/0x310 [ 14.059567] ? __pfx_kasan_atomics+0x10/0x10 [ 14.059588] ? __pfx_read_tsc+0x10/0x10 [ 14.059609] ? ktime_get_ts64+0x86/0x230 [ 14.059635] kunit_try_run_case+0x1a5/0x480 [ 14.059656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.059676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.059701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.059737] ? __kthread_parkme+0x82/0x180 [ 14.059758] ? preempt_count_sub+0x50/0x80 [ 14.059783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.059804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.059829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.059854] kthread+0x337/0x6f0 [ 14.059874] ? trace_preempt_on+0x20/0xc0 [ 14.059898] ? __pfx_kthread+0x10/0x10 [ 14.059919] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.059942] ? calculate_sigpending+0x7b/0xa0 [ 14.059966] ? __pfx_kthread+0x10/0x10 [ 14.059989] ret_from_fork+0x116/0x1d0 [ 14.060074] ? __pfx_kthread+0x10/0x10 [ 14.060098] ret_from_fork_asm+0x1a/0x30 [ 14.060131] </TASK> [ 14.060143] [ 14.074965] Allocated by task 283: [ 14.075360] kasan_save_stack+0x45/0x70 [ 14.075745] kasan_save_track+0x18/0x40 [ 14.076216] kasan_save_alloc_info+0x3b/0x50 [ 14.076625] __kasan_kmalloc+0xb7/0xc0 [ 14.076916] __kmalloc_cache_noprof+0x189/0x420 [ 14.077268] kasan_atomics+0x95/0x310 [ 14.077626] kunit_try_run_case+0x1a5/0x480 [ 14.078016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.078407] kthread+0x337/0x6f0 [ 14.078546] ret_from_fork+0x116/0x1d0 [ 14.078686] ret_from_fork_asm+0x1a/0x30 [ 14.079077] [ 14.079313] The buggy address belongs to the object at ffff8881039bd780 [ 14.079313] which belongs to the cache kmalloc-64 of size 64 [ 14.080528] The buggy address is located 0 bytes to the right of [ 14.080528] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.081820] [ 14.082011] The buggy address belongs to the physical page: [ 14.082439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.082691] flags: 0x200000000000000(node=0|zone=2) [ 14.083168] page_type: f5(slab) [ 14.083712] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.084509] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.085370] page dumped because: kasan: bad access detected [ 14.086031] [ 14.086334] Memory state around the buggy address: [ 14.086514] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.086752] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.087416] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.088146] ^ [ 14.088663] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.089437] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.089956] ================================================================== [ 14.359204] ================================================================== [ 14.359865] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.360308] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.360855] [ 14.360952] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.360999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.361012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.361034] Call Trace: [ 14.361052] <TASK> [ 14.361069] dump_stack_lvl+0x73/0xb0 [ 14.361292] print_report+0xd1/0x650 [ 14.361319] ? __virt_addr_valid+0x1db/0x2d0 [ 14.361343] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.361365] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.361399] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.361422] kasan_report+0x141/0x180 [ 14.361445] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.361473] kasan_check_range+0x10c/0x1c0 [ 14.361497] __kasan_check_write+0x18/0x20 [ 14.361518] kasan_atomics_helper+0x15b6/0x5450 [ 14.361542] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.361565] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.361586] ? ret_from_fork_asm+0x1a/0x30 [ 14.361608] ? kasan_atomics+0x152/0x310 [ 14.361632] kasan_atomics+0x1dc/0x310 [ 14.361652] ? __pfx_kasan_atomics+0x10/0x10 [ 14.361673] ? __pfx_read_tsc+0x10/0x10 [ 14.361694] ? ktime_get_ts64+0x86/0x230 [ 14.361811] kunit_try_run_case+0x1a5/0x480 [ 14.361834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.361855] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.361881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.361906] ? __kthread_parkme+0x82/0x180 [ 14.361928] ? preempt_count_sub+0x50/0x80 [ 14.361951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.361973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.361998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.362038] kthread+0x337/0x6f0 [ 14.362058] ? trace_preempt_on+0x20/0xc0 [ 14.362082] ? __pfx_kthread+0x10/0x10 [ 14.362104] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.362128] ? calculate_sigpending+0x7b/0xa0 [ 14.362152] ? __pfx_kthread+0x10/0x10 [ 14.362174] ret_from_fork+0x116/0x1d0 [ 14.362194] ? __pfx_kthread+0x10/0x10 [ 14.362215] ret_from_fork_asm+0x1a/0x30 [ 14.362246] </TASK> [ 14.362258] [ 14.374123] Allocated by task 283: [ 14.374413] kasan_save_stack+0x45/0x70 [ 14.374580] kasan_save_track+0x18/0x40 [ 14.375027] kasan_save_alloc_info+0x3b/0x50 [ 14.375210] __kasan_kmalloc+0xb7/0xc0 [ 14.375422] __kmalloc_cache_noprof+0x189/0x420 [ 14.375749] kasan_atomics+0x95/0x310 [ 14.375938] kunit_try_run_case+0x1a5/0x480 [ 14.376397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.376782] kthread+0x337/0x6f0 [ 14.376927] ret_from_fork+0x116/0x1d0 [ 14.377357] ret_from_fork_asm+0x1a/0x30 [ 14.377563] [ 14.377841] The buggy address belongs to the object at ffff8881039bd780 [ 14.377841] which belongs to the cache kmalloc-64 of size 64 [ 14.378532] The buggy address is located 0 bytes to the right of [ 14.378532] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.379339] [ 14.379462] The buggy address belongs to the physical page: [ 14.379841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.380453] flags: 0x200000000000000(node=0|zone=2) [ 14.380675] page_type: f5(slab) [ 14.380885] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.381479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.381998] page dumped because: kasan: bad access detected [ 14.382244] [ 14.382445] Memory state around the buggy address: [ 14.382878] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.383281] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.383839] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.384204] ^ [ 14.384616] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.385092] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.385541] ================================================================== [ 13.637652] ================================================================== [ 13.638193] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 13.638521] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.638760] [ 13.638874] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.638920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.638933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.638957] Call Trace: [ 13.638971] <TASK> [ 13.638988] dump_stack_lvl+0x73/0xb0 [ 13.639013] print_report+0xd1/0x650 [ 13.639037] ? __virt_addr_valid+0x1db/0x2d0 [ 13.639060] ? kasan_atomics_helper+0x697/0x5450 [ 13.639083] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.639106] ? kasan_atomics_helper+0x697/0x5450 [ 13.639130] kasan_report+0x141/0x180 [ 13.639153] ? kasan_atomics_helper+0x697/0x5450 [ 13.639180] kasan_check_range+0x10c/0x1c0 [ 13.639206] __kasan_check_write+0x18/0x20 [ 13.639226] kasan_atomics_helper+0x697/0x5450 [ 13.639250] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.639274] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.639294] ? ret_from_fork_asm+0x1a/0x30 [ 13.639316] ? kasan_atomics+0x152/0x310 [ 13.639340] kasan_atomics+0x1dc/0x310 [ 13.639361] ? __pfx_kasan_atomics+0x10/0x10 [ 13.639393] ? __pfx_read_tsc+0x10/0x10 [ 13.639414] ? ktime_get_ts64+0x86/0x230 [ 13.639439] kunit_try_run_case+0x1a5/0x480 [ 13.639461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.639481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.639506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.639532] ? __kthread_parkme+0x82/0x180 [ 13.639704] ? preempt_count_sub+0x50/0x80 [ 13.639734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.639757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.639783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.639809] kthread+0x337/0x6f0 [ 13.639829] ? trace_preempt_on+0x20/0xc0 [ 13.639853] ? __pfx_kthread+0x10/0x10 [ 13.639875] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.639899] ? calculate_sigpending+0x7b/0xa0 [ 13.639924] ? __pfx_kthread+0x10/0x10 [ 13.639947] ret_from_fork+0x116/0x1d0 [ 13.639966] ? __pfx_kthread+0x10/0x10 [ 13.639988] ret_from_fork_asm+0x1a/0x30 [ 13.640019] </TASK> [ 13.640032] [ 13.648533] Allocated by task 283: [ 13.648667] kasan_save_stack+0x45/0x70 [ 13.648856] kasan_save_track+0x18/0x40 [ 13.649056] kasan_save_alloc_info+0x3b/0x50 [ 13.649273] __kasan_kmalloc+0xb7/0xc0 [ 13.649482] __kmalloc_cache_noprof+0x189/0x420 [ 13.649825] kasan_atomics+0x95/0x310 [ 13.650017] kunit_try_run_case+0x1a5/0x480 [ 13.650176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.650354] kthread+0x337/0x6f0 [ 13.650492] ret_from_fork+0x116/0x1d0 [ 13.650643] ret_from_fork_asm+0x1a/0x30 [ 13.651132] [ 13.651247] The buggy address belongs to the object at ffff8881039bd780 [ 13.651247] which belongs to the cache kmalloc-64 of size 64 [ 13.651910] The buggy address is located 0 bytes to the right of [ 13.651910] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.652386] [ 13.652491] The buggy address belongs to the physical page: [ 13.652751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.653131] flags: 0x200000000000000(node=0|zone=2) [ 13.653428] page_type: f5(slab) [ 13.653587] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.653932] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.654262] page dumped because: kasan: bad access detected [ 13.654452] [ 13.654524] Memory state around the buggy address: [ 13.654680] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.654961] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.655283] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.655636] ^ [ 13.655875] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.656206] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.656935] ================================================================== [ 13.519421] ================================================================== [ 13.519692] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 13.520151] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.520447] [ 13.520562] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.520609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.520622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.520645] Call Trace: [ 13.520663] <TASK> [ 13.520681] dump_stack_lvl+0x73/0xb0 [ 13.520708] print_report+0xd1/0x650 [ 13.520887] ? __virt_addr_valid+0x1db/0x2d0 [ 13.520917] ? kasan_atomics_helper+0x3df/0x5450 [ 13.520939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.520963] ? kasan_atomics_helper+0x3df/0x5450 [ 13.520986] kasan_report+0x141/0x180 [ 13.521010] ? kasan_atomics_helper+0x3df/0x5450 [ 13.521037] kasan_check_range+0x10c/0x1c0 [ 13.521062] __kasan_check_read+0x15/0x20 [ 13.521083] kasan_atomics_helper+0x3df/0x5450 [ 13.521106] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.521130] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.521152] ? ret_from_fork_asm+0x1a/0x30 [ 13.521174] ? kasan_atomics+0x152/0x310 [ 13.521246] kasan_atomics+0x1dc/0x310 [ 13.521268] ? __pfx_kasan_atomics+0x10/0x10 [ 13.521289] ? __pfx_read_tsc+0x10/0x10 [ 13.521312] ? ktime_get_ts64+0x86/0x230 [ 13.521338] kunit_try_run_case+0x1a5/0x480 [ 13.521361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.521394] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.521421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.521447] ? __kthread_parkme+0x82/0x180 [ 13.521469] ? preempt_count_sub+0x50/0x80 [ 13.521495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.521517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.521542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.521568] kthread+0x337/0x6f0 [ 13.521588] ? trace_preempt_on+0x20/0xc0 [ 13.521613] ? __pfx_kthread+0x10/0x10 [ 13.521634] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.521659] ? calculate_sigpending+0x7b/0xa0 [ 13.521683] ? __pfx_kthread+0x10/0x10 [ 13.521705] ret_from_fork+0x116/0x1d0 [ 13.521725] ? __pfx_kthread+0x10/0x10 [ 13.521746] ret_from_fork_asm+0x1a/0x30 [ 13.521778] </TASK> [ 13.521790] [ 13.530246] Allocated by task 283: [ 13.530674] kasan_save_stack+0x45/0x70 [ 13.530880] kasan_save_track+0x18/0x40 [ 13.531061] kasan_save_alloc_info+0x3b/0x50 [ 13.531275] __kasan_kmalloc+0xb7/0xc0 [ 13.531431] __kmalloc_cache_noprof+0x189/0x420 [ 13.531588] kasan_atomics+0x95/0x310 [ 13.531720] kunit_try_run_case+0x1a5/0x480 [ 13.531866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.532083] kthread+0x337/0x6f0 [ 13.532254] ret_from_fork+0x116/0x1d0 [ 13.532453] ret_from_fork_asm+0x1a/0x30 [ 13.532898] [ 13.533091] The buggy address belongs to the object at ffff8881039bd780 [ 13.533091] which belongs to the cache kmalloc-64 of size 64 [ 13.533472] The buggy address is located 0 bytes to the right of [ 13.533472] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.534350] [ 13.534478] The buggy address belongs to the physical page: [ 13.534775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.535304] flags: 0x200000000000000(node=0|zone=2) [ 13.535536] page_type: f5(slab) [ 13.535701] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.536022] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.536309] page dumped because: kasan: bad access detected [ 13.536565] [ 13.536652] Memory state around the buggy address: [ 13.536945] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.537169] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.537576] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.537901] ^ [ 13.538290] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.538629] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.539117] ================================================================== [ 14.024219] ================================================================== [ 14.024863] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 14.025603] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.026155] [ 14.026273] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.026319] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.026332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.026354] Call Trace: [ 14.026372] <TASK> [ 14.026565] dump_stack_lvl+0x73/0xb0 [ 14.026602] print_report+0xd1/0x650 [ 14.026627] ? __virt_addr_valid+0x1db/0x2d0 [ 14.026651] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.026674] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.026697] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.026730] kasan_report+0x141/0x180 [ 14.026754] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.026781] __asan_report_load4_noabort+0x18/0x20 [ 14.026803] kasan_atomics_helper+0x4a1c/0x5450 [ 14.026827] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.026850] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.026871] ? ret_from_fork_asm+0x1a/0x30 [ 14.026894] ? kasan_atomics+0x152/0x310 [ 14.026918] kasan_atomics+0x1dc/0x310 [ 14.026938] ? __pfx_kasan_atomics+0x10/0x10 [ 14.026960] ? __pfx_read_tsc+0x10/0x10 [ 14.026982] ? ktime_get_ts64+0x86/0x230 [ 14.027058] kunit_try_run_case+0x1a5/0x480 [ 14.027082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.027104] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.027130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.027155] ? __kthread_parkme+0x82/0x180 [ 14.027176] ? preempt_count_sub+0x50/0x80 [ 14.027201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.027223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.027248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.027273] kthread+0x337/0x6f0 [ 14.027293] ? trace_preempt_on+0x20/0xc0 [ 14.027318] ? __pfx_kthread+0x10/0x10 [ 14.027339] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.027363] ? calculate_sigpending+0x7b/0xa0 [ 14.027401] ? __pfx_kthread+0x10/0x10 [ 14.027424] ret_from_fork+0x116/0x1d0 [ 14.027444] ? __pfx_kthread+0x10/0x10 [ 14.027466] ret_from_fork_asm+0x1a/0x30 [ 14.027497] </TASK> [ 14.027508] [ 14.042198] Allocated by task 283: [ 14.042437] kasan_save_stack+0x45/0x70 [ 14.042592] kasan_save_track+0x18/0x40 [ 14.042746] kasan_save_alloc_info+0x3b/0x50 [ 14.043126] __kasan_kmalloc+0xb7/0xc0 [ 14.043545] __kmalloc_cache_noprof+0x189/0x420 [ 14.044070] kasan_atomics+0x95/0x310 [ 14.044532] kunit_try_run_case+0x1a5/0x480 [ 14.044949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.045534] kthread+0x337/0x6f0 [ 14.045671] ret_from_fork+0x116/0x1d0 [ 14.045871] ret_from_fork_asm+0x1a/0x30 [ 14.046428] [ 14.046602] The buggy address belongs to the object at ffff8881039bd780 [ 14.046602] which belongs to the cache kmalloc-64 of size 64 [ 14.047751] The buggy address is located 0 bytes to the right of [ 14.047751] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.048691] [ 14.048768] The buggy address belongs to the physical page: [ 14.049487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.050388] flags: 0x200000000000000(node=0|zone=2) [ 14.050737] page_type: f5(slab) [ 14.050874] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.051189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.051883] page dumped because: kasan: bad access detected [ 14.052484] [ 14.052650] Memory state around the buggy address: [ 14.053184] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.053594] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.053995] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.054876] ^ [ 14.055339] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.055905] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.056438] ================================================================== [ 14.723693] ================================================================== [ 14.724403] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 14.725043] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.725298] [ 14.725490] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.725537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.725550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.725573] Call Trace: [ 14.725590] <TASK> [ 14.725607] dump_stack_lvl+0x73/0xb0 [ 14.725634] print_report+0xd1/0x650 [ 14.725657] ? __virt_addr_valid+0x1db/0x2d0 [ 14.725680] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.725723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.725747] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.725771] kasan_report+0x141/0x180 [ 14.725795] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.725822] kasan_check_range+0x10c/0x1c0 [ 14.725847] __kasan_check_write+0x18/0x20 [ 14.725867] kasan_atomics_helper+0x1f43/0x5450 [ 14.725891] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.725914] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.725935] ? ret_from_fork_asm+0x1a/0x30 [ 14.725957] ? kasan_atomics+0x152/0x310 [ 14.725980] kasan_atomics+0x1dc/0x310 [ 14.726000] ? __pfx_kasan_atomics+0x10/0x10 [ 14.726022] ? __pfx_read_tsc+0x10/0x10 [ 14.726058] ? ktime_get_ts64+0x86/0x230 [ 14.726083] kunit_try_run_case+0x1a5/0x480 [ 14.726106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.726127] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.726153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.726179] ? __kthread_parkme+0x82/0x180 [ 14.726200] ? preempt_count_sub+0x50/0x80 [ 14.726224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.726246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.726270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.726296] kthread+0x337/0x6f0 [ 14.726316] ? trace_preempt_on+0x20/0xc0 [ 14.726341] ? __pfx_kthread+0x10/0x10 [ 14.726362] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.726397] ? calculate_sigpending+0x7b/0xa0 [ 14.726421] ? __pfx_kthread+0x10/0x10 [ 14.726444] ret_from_fork+0x116/0x1d0 [ 14.726463] ? __pfx_kthread+0x10/0x10 [ 14.726484] ret_from_fork_asm+0x1a/0x30 [ 14.726516] </TASK> [ 14.726527] [ 14.739647] Allocated by task 283: [ 14.740019] kasan_save_stack+0x45/0x70 [ 14.740404] kasan_save_track+0x18/0x40 [ 14.740768] kasan_save_alloc_info+0x3b/0x50 [ 14.741156] __kasan_kmalloc+0xb7/0xc0 [ 14.741524] __kmalloc_cache_noprof+0x189/0x420 [ 14.741780] kasan_atomics+0x95/0x310 [ 14.742119] kunit_try_run_case+0x1a5/0x480 [ 14.742421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.742600] kthread+0x337/0x6f0 [ 14.742748] ret_from_fork+0x116/0x1d0 [ 14.743085] ret_from_fork_asm+0x1a/0x30 [ 14.743447] [ 14.743606] The buggy address belongs to the object at ffff8881039bd780 [ 14.743606] which belongs to the cache kmalloc-64 of size 64 [ 14.744783] The buggy address is located 0 bytes to the right of [ 14.744783] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.745425] [ 14.745501] The buggy address belongs to the physical page: [ 14.745677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.746421] flags: 0x200000000000000(node=0|zone=2) [ 14.746895] page_type: f5(slab) [ 14.747228] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.747930] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.748600] page dumped because: kasan: bad access detected [ 14.749089] [ 14.749168] Memory state around the buggy address: [ 14.749328] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.749565] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.749869] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.750824] ^ [ 14.751319] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.752037] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.752671] ================================================================== [ 14.138249] ================================================================== [ 14.138652] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.139539] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.139976] [ 14.140164] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.140213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.140227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.140250] Call Trace: [ 14.140266] <TASK> [ 14.140282] dump_stack_lvl+0x73/0xb0 [ 14.140311] print_report+0xd1/0x650 [ 14.140335] ? __virt_addr_valid+0x1db/0x2d0 [ 14.140357] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.140394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.140419] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.140442] kasan_report+0x141/0x180 [ 14.140465] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.140493] __asan_report_load4_noabort+0x18/0x20 [ 14.140514] kasan_atomics_helper+0x49e8/0x5450 [ 14.140538] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.140561] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.140582] ? ret_from_fork_asm+0x1a/0x30 [ 14.140605] ? kasan_atomics+0x152/0x310 [ 14.140628] kasan_atomics+0x1dc/0x310 [ 14.140648] ? __pfx_kasan_atomics+0x10/0x10 [ 14.140669] ? __pfx_read_tsc+0x10/0x10 [ 14.140691] ? ktime_get_ts64+0x86/0x230 [ 14.140726] kunit_try_run_case+0x1a5/0x480 [ 14.140747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.140768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.140793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.140818] ? __kthread_parkme+0x82/0x180 [ 14.140839] ? preempt_count_sub+0x50/0x80 [ 14.140864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.140885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.140911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.140936] kthread+0x337/0x6f0 [ 14.140956] ? trace_preempt_on+0x20/0xc0 [ 14.140980] ? __pfx_kthread+0x10/0x10 [ 14.141049] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.141077] ? calculate_sigpending+0x7b/0xa0 [ 14.141101] ? __pfx_kthread+0x10/0x10 [ 14.141123] ret_from_fork+0x116/0x1d0 [ 14.141144] ? __pfx_kthread+0x10/0x10 [ 14.141165] ret_from_fork_asm+0x1a/0x30 [ 14.141196] </TASK> [ 14.141208] [ 14.152135] Allocated by task 283: [ 14.152336] kasan_save_stack+0x45/0x70 [ 14.152553] kasan_save_track+0x18/0x40 [ 14.152773] kasan_save_alloc_info+0x3b/0x50 [ 14.152938] __kasan_kmalloc+0xb7/0xc0 [ 14.153087] __kmalloc_cache_noprof+0x189/0x420 [ 14.153309] kasan_atomics+0x95/0x310 [ 14.153665] kunit_try_run_case+0x1a5/0x480 [ 14.153924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.154249] kthread+0x337/0x6f0 [ 14.154430] ret_from_fork+0x116/0x1d0 [ 14.154569] ret_from_fork_asm+0x1a/0x30 [ 14.154769] [ 14.155509] The buggy address belongs to the object at ffff8881039bd780 [ 14.155509] which belongs to the cache kmalloc-64 of size 64 [ 14.156161] The buggy address is located 0 bytes to the right of [ 14.156161] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.156941] [ 14.157189] The buggy address belongs to the physical page: [ 14.157734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.158298] flags: 0x200000000000000(node=0|zone=2) [ 14.158637] page_type: f5(slab) [ 14.158910] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.159725] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.159967] page dumped because: kasan: bad access detected [ 14.160577] [ 14.160772] Memory state around the buggy address: [ 14.161282] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.161916] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.162484] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.162869] ^ [ 14.163095] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.163753] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.164057] ================================================================== [ 13.717176] ================================================================== [ 13.717546] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 13.717922] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.718434] [ 13.718548] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.718597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.718610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.718633] Call Trace: [ 13.718650] <TASK> [ 13.718667] dump_stack_lvl+0x73/0xb0 [ 13.718695] print_report+0xd1/0x650 [ 13.718718] ? __virt_addr_valid+0x1db/0x2d0 [ 13.718741] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.718763] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.718786] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.718809] kasan_report+0x141/0x180 [ 13.718832] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.718881] kasan_check_range+0x10c/0x1c0 [ 13.718906] __kasan_check_write+0x18/0x20 [ 13.718928] kasan_atomics_helper+0x8f9/0x5450 [ 13.718952] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.718975] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.719068] ? ret_from_fork_asm+0x1a/0x30 [ 13.719092] ? kasan_atomics+0x152/0x310 [ 13.719115] kasan_atomics+0x1dc/0x310 [ 13.719135] ? __pfx_kasan_atomics+0x10/0x10 [ 13.719156] ? __pfx_read_tsc+0x10/0x10 [ 13.719177] ? ktime_get_ts64+0x86/0x230 [ 13.719202] kunit_try_run_case+0x1a5/0x480 [ 13.719224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.719244] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.719269] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.719294] ? __kthread_parkme+0x82/0x180 [ 13.719315] ? preempt_count_sub+0x50/0x80 [ 13.719339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.719360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.719395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.719421] kthread+0x337/0x6f0 [ 13.719440] ? trace_preempt_on+0x20/0xc0 [ 13.719463] ? __pfx_kthread+0x10/0x10 [ 13.719485] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.719509] ? calculate_sigpending+0x7b/0xa0 [ 13.719532] ? __pfx_kthread+0x10/0x10 [ 13.719554] ret_from_fork+0x116/0x1d0 [ 13.719574] ? __pfx_kthread+0x10/0x10 [ 13.719596] ret_from_fork_asm+0x1a/0x30 [ 13.719627] </TASK> [ 13.719638] [ 13.727938] Allocated by task 283: [ 13.728131] kasan_save_stack+0x45/0x70 [ 13.728341] kasan_save_track+0x18/0x40 [ 13.728548] kasan_save_alloc_info+0x3b/0x50 [ 13.728715] __kasan_kmalloc+0xb7/0xc0 [ 13.728849] __kmalloc_cache_noprof+0x189/0x420 [ 13.729001] kasan_atomics+0x95/0x310 [ 13.729170] kunit_try_run_case+0x1a5/0x480 [ 13.729434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.729727] kthread+0x337/0x6f0 [ 13.729889] ret_from_fork+0x116/0x1d0 [ 13.730201] ret_from_fork_asm+0x1a/0x30 [ 13.730354] [ 13.730471] The buggy address belongs to the object at ffff8881039bd780 [ 13.730471] which belongs to the cache kmalloc-64 of size 64 [ 13.731118] The buggy address is located 0 bytes to the right of [ 13.731118] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.731718] [ 13.731817] The buggy address belongs to the physical page: [ 13.732076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.732343] flags: 0x200000000000000(node=0|zone=2) [ 13.732589] page_type: f5(slab) [ 13.732780] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.733188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.733509] page dumped because: kasan: bad access detected [ 13.733753] [ 13.733822] Memory state around the buggy address: [ 13.733975] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.734248] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.734584] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.734910] ^ [ 13.735145] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.735440] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.735729] ================================================================== [ 13.775659] ================================================================== [ 13.776012] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 13.776288] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.776718] [ 13.776835] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.776879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.776892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.776914] Call Trace: [ 13.776930] <TASK> [ 13.776945] dump_stack_lvl+0x73/0xb0 [ 13.776974] print_report+0xd1/0x650 [ 13.777168] ? __virt_addr_valid+0x1db/0x2d0 [ 13.777195] ? kasan_atomics_helper+0xac7/0x5450 [ 13.777218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.777241] ? kasan_atomics_helper+0xac7/0x5450 [ 13.777265] kasan_report+0x141/0x180 [ 13.777288] ? kasan_atomics_helper+0xac7/0x5450 [ 13.777316] kasan_check_range+0x10c/0x1c0 [ 13.777341] __kasan_check_write+0x18/0x20 [ 13.777362] kasan_atomics_helper+0xac7/0x5450 [ 13.777400] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.777424] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.777445] ? ret_from_fork_asm+0x1a/0x30 [ 13.777467] ? kasan_atomics+0x152/0x310 [ 13.777491] kasan_atomics+0x1dc/0x310 [ 13.777511] ? __pfx_kasan_atomics+0x10/0x10 [ 13.777533] ? __pfx_read_tsc+0x10/0x10 [ 13.777554] ? ktime_get_ts64+0x86/0x230 [ 13.777581] kunit_try_run_case+0x1a5/0x480 [ 13.777602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.777623] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.777649] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.777675] ? __kthread_parkme+0x82/0x180 [ 13.777716] ? preempt_count_sub+0x50/0x80 [ 13.777742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.777764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.777789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.777814] kthread+0x337/0x6f0 [ 13.777836] ? trace_preempt_on+0x20/0xc0 [ 13.777860] ? __pfx_kthread+0x10/0x10 [ 13.777882] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.777906] ? calculate_sigpending+0x7b/0xa0 [ 13.777930] ? __pfx_kthread+0x10/0x10 [ 13.777953] ret_from_fork+0x116/0x1d0 [ 13.777973] ? __pfx_kthread+0x10/0x10 [ 13.778112] ret_from_fork_asm+0x1a/0x30 [ 13.778147] </TASK> [ 13.778159] [ 13.786265] Allocated by task 283: [ 13.786461] kasan_save_stack+0x45/0x70 [ 13.786633] kasan_save_track+0x18/0x40 [ 13.786860] kasan_save_alloc_info+0x3b/0x50 [ 13.787241] __kasan_kmalloc+0xb7/0xc0 [ 13.787445] __kmalloc_cache_noprof+0x189/0x420 [ 13.787602] kasan_atomics+0x95/0x310 [ 13.787784] kunit_try_run_case+0x1a5/0x480 [ 13.788102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.788370] kthread+0x337/0x6f0 [ 13.788550] ret_from_fork+0x116/0x1d0 [ 13.788684] ret_from_fork_asm+0x1a/0x30 [ 13.788907] [ 13.789105] The buggy address belongs to the object at ffff8881039bd780 [ 13.789105] which belongs to the cache kmalloc-64 of size 64 [ 13.789589] The buggy address is located 0 bytes to the right of [ 13.789589] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.790200] [ 13.790277] The buggy address belongs to the physical page: [ 13.790553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.790903] flags: 0x200000000000000(node=0|zone=2) [ 13.791288] page_type: f5(slab) [ 13.791477] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.791757] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.792183] page dumped because: kasan: bad access detected [ 13.792412] [ 13.792484] Memory state around the buggy address: [ 13.792716] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.793137] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.793360] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.793692] ^ [ 13.793944] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.794338] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.794585] ================================================================== [ 13.919749] ================================================================== [ 13.919981] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 13.920299] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.920997] [ 13.921180] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.921259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.921274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.921296] Call Trace: [ 13.921322] <TASK> [ 13.921338] dump_stack_lvl+0x73/0xb0 [ 13.921367] print_report+0xd1/0x650 [ 13.921401] ? __virt_addr_valid+0x1db/0x2d0 [ 13.921424] ? kasan_atomics_helper+0xf10/0x5450 [ 13.921446] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.921470] ? kasan_atomics_helper+0xf10/0x5450 [ 13.921493] kasan_report+0x141/0x180 [ 13.921517] ? kasan_atomics_helper+0xf10/0x5450 [ 13.921543] kasan_check_range+0x10c/0x1c0 [ 13.921569] __kasan_check_write+0x18/0x20 [ 13.921588] kasan_atomics_helper+0xf10/0x5450 [ 13.921612] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.921635] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.921673] ? ret_from_fork_asm+0x1a/0x30 [ 13.921695] ? kasan_atomics+0x152/0x310 [ 13.921719] kasan_atomics+0x1dc/0x310 [ 13.921738] ? __pfx_kasan_atomics+0x10/0x10 [ 13.921759] ? __pfx_read_tsc+0x10/0x10 [ 13.921780] ? ktime_get_ts64+0x86/0x230 [ 13.921805] kunit_try_run_case+0x1a5/0x480 [ 13.921827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.921847] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.921873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.921898] ? __kthread_parkme+0x82/0x180 [ 13.921919] ? preempt_count_sub+0x50/0x80 [ 13.921943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.921965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.921990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.922015] kthread+0x337/0x6f0 [ 13.922041] ? trace_preempt_on+0x20/0xc0 [ 13.922066] ? __pfx_kthread+0x10/0x10 [ 13.922087] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.922111] ? calculate_sigpending+0x7b/0xa0 [ 13.922135] ? __pfx_kthread+0x10/0x10 [ 13.922157] ret_from_fork+0x116/0x1d0 [ 13.922176] ? __pfx_kthread+0x10/0x10 [ 13.922197] ret_from_fork_asm+0x1a/0x30 [ 13.922227] </TASK> [ 13.922239] [ 13.938061] Allocated by task 283: [ 13.938328] kasan_save_stack+0x45/0x70 [ 13.938628] kasan_save_track+0x18/0x40 [ 13.938791] kasan_save_alloc_info+0x3b/0x50 [ 13.938941] __kasan_kmalloc+0xb7/0xc0 [ 13.939145] __kmalloc_cache_noprof+0x189/0x420 [ 13.939648] kasan_atomics+0x95/0x310 [ 13.940291] kunit_try_run_case+0x1a5/0x480 [ 13.940719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.941282] kthread+0x337/0x6f0 [ 13.941428] ret_from_fork+0x116/0x1d0 [ 13.941565] ret_from_fork_asm+0x1a/0x30 [ 13.941708] [ 13.941880] The buggy address belongs to the object at ffff8881039bd780 [ 13.941880] which belongs to the cache kmalloc-64 of size 64 [ 13.943059] The buggy address is located 0 bytes to the right of [ 13.943059] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.944353] [ 13.944684] The buggy address belongs to the physical page: [ 13.944975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.945473] flags: 0x200000000000000(node=0|zone=2) [ 13.945644] page_type: f5(slab) [ 13.945790] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.946577] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.947406] page dumped because: kasan: bad access detected [ 13.947997] [ 13.948358] Memory state around the buggy address: [ 13.948862] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.949477] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.949893] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.950342] ^ [ 13.950807] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.951434] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.951655] ================================================================== [ 13.972624] ================================================================== [ 13.972858] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 13.973150] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.973742] [ 13.973863] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.973910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.973923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.973945] Call Trace: [ 13.973960] <TASK> [ 13.973975] dump_stack_lvl+0x73/0xb0 [ 13.974002] print_report+0xd1/0x650 [ 13.974030] ? __virt_addr_valid+0x1db/0x2d0 [ 13.974053] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.974076] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.974100] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.974188] kasan_report+0x141/0x180 [ 13.974212] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.974241] __asan_report_load4_noabort+0x18/0x20 [ 13.974263] kasan_atomics_helper+0x4a36/0x5450 [ 13.974287] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.974310] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.974331] ? ret_from_fork_asm+0x1a/0x30 [ 13.974354] ? kasan_atomics+0x152/0x310 [ 13.974390] kasan_atomics+0x1dc/0x310 [ 13.974410] ? __pfx_kasan_atomics+0x10/0x10 [ 13.974432] ? __pfx_read_tsc+0x10/0x10 [ 13.974453] ? ktime_get_ts64+0x86/0x230 [ 13.974478] kunit_try_run_case+0x1a5/0x480 [ 13.974501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.974522] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.974547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.974572] ? __kthread_parkme+0x82/0x180 [ 13.974593] ? preempt_count_sub+0x50/0x80 [ 13.974618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.974640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.974665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.974690] kthread+0x337/0x6f0 [ 13.974710] ? trace_preempt_on+0x20/0xc0 [ 13.974743] ? __pfx_kthread+0x10/0x10 [ 13.974765] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.974789] ? calculate_sigpending+0x7b/0xa0 [ 13.974813] ? __pfx_kthread+0x10/0x10 [ 13.974835] ret_from_fork+0x116/0x1d0 [ 13.974854] ? __pfx_kthread+0x10/0x10 [ 13.974875] ret_from_fork_asm+0x1a/0x30 [ 13.974905] </TASK> [ 13.974916] [ 13.983662] Allocated by task 283: [ 13.983973] kasan_save_stack+0x45/0x70 [ 13.984254] kasan_save_track+0x18/0x40 [ 13.984431] kasan_save_alloc_info+0x3b/0x50 [ 13.984646] __kasan_kmalloc+0xb7/0xc0 [ 13.984855] __kmalloc_cache_noprof+0x189/0x420 [ 13.985225] kasan_atomics+0x95/0x310 [ 13.985370] kunit_try_run_case+0x1a5/0x480 [ 13.985529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.985821] kthread+0x337/0x6f0 [ 13.986111] ret_from_fork+0x116/0x1d0 [ 13.986279] ret_from_fork_asm+0x1a/0x30 [ 13.986438] [ 13.986511] The buggy address belongs to the object at ffff8881039bd780 [ 13.986511] which belongs to the cache kmalloc-64 of size 64 [ 13.987161] The buggy address is located 0 bytes to the right of [ 13.987161] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.987618] [ 13.987695] The buggy address belongs to the physical page: [ 13.987871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.988222] flags: 0x200000000000000(node=0|zone=2) [ 13.988481] page_type: f5(slab) [ 13.988786] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.989168] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.989407] page dumped because: kasan: bad access detected [ 13.989578] [ 13.989648] Memory state around the buggy address: [ 13.989803] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.990571] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.991220] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.991579] ^ [ 13.992563] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.992915] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.993806] ================================================================== [ 14.247979] ================================================================== [ 14.248473] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.248713] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.249040] [ 14.251085] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.251154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.251170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.251193] Call Trace: [ 14.251207] <TASK> [ 14.251224] dump_stack_lvl+0x73/0xb0 [ 14.251254] print_report+0xd1/0x650 [ 14.251277] ? __virt_addr_valid+0x1db/0x2d0 [ 14.251300] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.251323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.251348] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.251371] kasan_report+0x141/0x180 [ 14.251407] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.251436] __asan_report_load8_noabort+0x18/0x20 [ 14.251459] kasan_atomics_helper+0x4eae/0x5450 [ 14.251484] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.251508] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.251529] ? ret_from_fork_asm+0x1a/0x30 [ 14.251551] ? kasan_atomics+0x152/0x310 [ 14.251574] kasan_atomics+0x1dc/0x310 [ 14.251594] ? __pfx_kasan_atomics+0x10/0x10 [ 14.251615] ? __pfx_read_tsc+0x10/0x10 [ 14.251637] ? ktime_get_ts64+0x86/0x230 [ 14.251662] kunit_try_run_case+0x1a5/0x480 [ 14.251685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.251726] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.251752] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.251777] ? __kthread_parkme+0x82/0x180 [ 14.251798] ? preempt_count_sub+0x50/0x80 [ 14.251822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.251843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.251868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.251893] kthread+0x337/0x6f0 [ 14.251913] ? trace_preempt_on+0x20/0xc0 [ 14.251937] ? __pfx_kthread+0x10/0x10 [ 14.251958] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.251982] ? calculate_sigpending+0x7b/0xa0 [ 14.252023] ? __pfx_kthread+0x10/0x10 [ 14.252045] ret_from_fork+0x116/0x1d0 [ 14.252064] ? __pfx_kthread+0x10/0x10 [ 14.252086] ret_from_fork_asm+0x1a/0x30 [ 14.252117] </TASK> [ 14.252128] [ 14.263178] Allocated by task 283: [ 14.263399] kasan_save_stack+0x45/0x70 [ 14.263647] kasan_save_track+0x18/0x40 [ 14.263877] kasan_save_alloc_info+0x3b/0x50 [ 14.264035] __kasan_kmalloc+0xb7/0xc0 [ 14.264366] __kmalloc_cache_noprof+0x189/0x420 [ 14.264887] kasan_atomics+0x95/0x310 [ 14.265255] kunit_try_run_case+0x1a5/0x480 [ 14.265460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.265713] kthread+0x337/0x6f0 [ 14.265971] ret_from_fork+0x116/0x1d0 [ 14.266173] ret_from_fork_asm+0x1a/0x30 [ 14.266385] [ 14.266485] The buggy address belongs to the object at ffff8881039bd780 [ 14.266485] which belongs to the cache kmalloc-64 of size 64 [ 14.266996] The buggy address is located 0 bytes to the right of [ 14.266996] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.267624] [ 14.267721] The buggy address belongs to the physical page: [ 14.268003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.268404] flags: 0x200000000000000(node=0|zone=2) [ 14.268869] page_type: f5(slab) [ 14.269080] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.269487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.269899] page dumped because: kasan: bad access detected [ 14.270322] [ 14.270431] Memory state around the buggy address: [ 14.270727] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.271175] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.271523] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.271838] ^ [ 14.272101] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.272550] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.273122] ================================================================== [ 13.479072] ================================================================== [ 13.479507] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 13.479745] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.480166] [ 13.480273] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.480317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.480329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.480349] Call Trace: [ 13.480362] <TASK> [ 13.480386] dump_stack_lvl+0x73/0xb0 [ 13.480412] print_report+0xd1/0x650 [ 13.480435] ? __virt_addr_valid+0x1db/0x2d0 [ 13.480458] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.480480] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.480504] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.480526] kasan_report+0x141/0x180 [ 13.480549] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.480576] __asan_report_load4_noabort+0x18/0x20 [ 13.480597] kasan_atomics_helper+0x4b88/0x5450 [ 13.480620] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.480643] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.480662] ? ret_from_fork_asm+0x1a/0x30 [ 13.480747] ? kasan_atomics+0x152/0x310 [ 13.480770] kasan_atomics+0x1dc/0x310 [ 13.480790] ? __pfx_kasan_atomics+0x10/0x10 [ 13.480811] ? __pfx_read_tsc+0x10/0x10 [ 13.480831] ? ktime_get_ts64+0x86/0x230 [ 13.480855] kunit_try_run_case+0x1a5/0x480 [ 13.480877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.480897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.480921] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.480946] ? __kthread_parkme+0x82/0x180 [ 13.480967] ? preempt_count_sub+0x50/0x80 [ 13.480990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.481011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.481035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.481060] kthread+0x337/0x6f0 [ 13.481079] ? trace_preempt_on+0x20/0xc0 [ 13.481102] ? __pfx_kthread+0x10/0x10 [ 13.481124] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.481146] ? calculate_sigpending+0x7b/0xa0 [ 13.481183] ? __pfx_kthread+0x10/0x10 [ 13.481204] ret_from_fork+0x116/0x1d0 [ 13.481222] ? __pfx_kthread+0x10/0x10 [ 13.481242] ret_from_fork_asm+0x1a/0x30 [ 13.481272] </TASK> [ 13.481282] [ 13.489729] Allocated by task 283: [ 13.489882] kasan_save_stack+0x45/0x70 [ 13.490090] kasan_save_track+0x18/0x40 [ 13.490417] kasan_save_alloc_info+0x3b/0x50 [ 13.490629] __kasan_kmalloc+0xb7/0xc0 [ 13.491198] __kmalloc_cache_noprof+0x189/0x420 [ 13.491436] kasan_atomics+0x95/0x310 [ 13.491571] kunit_try_run_case+0x1a5/0x480 [ 13.491717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.491907] kthread+0x337/0x6f0 [ 13.492206] ret_from_fork+0x116/0x1d0 [ 13.492419] ret_from_fork_asm+0x1a/0x30 [ 13.492623] [ 13.492719] The buggy address belongs to the object at ffff8881039bd780 [ 13.492719] which belongs to the cache kmalloc-64 of size 64 [ 13.493367] The buggy address is located 0 bytes to the right of [ 13.493367] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.493949] [ 13.494111] The buggy address belongs to the physical page: [ 13.494290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.494601] flags: 0x200000000000000(node=0|zone=2) [ 13.494838] page_type: f5(slab) [ 13.495005] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.495533] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.495895] page dumped because: kasan: bad access detected [ 13.496234] [ 13.496318] Memory state around the buggy address: [ 13.496524] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.496792] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.497120] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.497596] ^ [ 13.497843] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.498160] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.498482] ================================================================== [ 14.411119] ================================================================== [ 14.411434] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.411709] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.412237] [ 14.412360] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.412422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.412435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.412458] Call Trace: [ 14.412471] <TASK> [ 14.412486] dump_stack_lvl+0x73/0xb0 [ 14.413058] print_report+0xd1/0x650 [ 14.413083] ? __virt_addr_valid+0x1db/0x2d0 [ 14.413107] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.413129] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.413153] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.413176] kasan_report+0x141/0x180 [ 14.413200] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.413227] kasan_check_range+0x10c/0x1c0 [ 14.413251] __kasan_check_write+0x18/0x20 [ 14.413273] kasan_atomics_helper+0x16e7/0x5450 [ 14.413297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.413321] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.413341] ? ret_from_fork_asm+0x1a/0x30 [ 14.413362] ? kasan_atomics+0x152/0x310 [ 14.413399] kasan_atomics+0x1dc/0x310 [ 14.413419] ? __pfx_kasan_atomics+0x10/0x10 [ 14.413441] ? __pfx_read_tsc+0x10/0x10 [ 14.413462] ? ktime_get_ts64+0x86/0x230 [ 14.413487] kunit_try_run_case+0x1a5/0x480 [ 14.413509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.413529] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.413555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.413579] ? __kthread_parkme+0x82/0x180 [ 14.413600] ? preempt_count_sub+0x50/0x80 [ 14.413624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.413646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.413670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.413695] kthread+0x337/0x6f0 [ 14.413723] ? trace_preempt_on+0x20/0xc0 [ 14.413747] ? __pfx_kthread+0x10/0x10 [ 14.413769] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.413792] ? calculate_sigpending+0x7b/0xa0 [ 14.413816] ? __pfx_kthread+0x10/0x10 [ 14.413838] ret_from_fork+0x116/0x1d0 [ 14.413857] ? __pfx_kthread+0x10/0x10 [ 14.413878] ret_from_fork_asm+0x1a/0x30 [ 14.413908] </TASK> [ 14.413920] [ 14.424722] Allocated by task 283: [ 14.424926] kasan_save_stack+0x45/0x70 [ 14.425125] kasan_save_track+0x18/0x40 [ 14.425309] kasan_save_alloc_info+0x3b/0x50 [ 14.425514] __kasan_kmalloc+0xb7/0xc0 [ 14.425692] __kmalloc_cache_noprof+0x189/0x420 [ 14.425880] kasan_atomics+0x95/0x310 [ 14.426076] kunit_try_run_case+0x1a5/0x480 [ 14.426264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.427023] kthread+0x337/0x6f0 [ 14.427180] ret_from_fork+0x116/0x1d0 [ 14.427523] ret_from_fork_asm+0x1a/0x30 [ 14.427815] [ 14.427921] The buggy address belongs to the object at ffff8881039bd780 [ 14.427921] which belongs to the cache kmalloc-64 of size 64 [ 14.428599] The buggy address is located 0 bytes to the right of [ 14.428599] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.429321] [ 14.429413] The buggy address belongs to the physical page: [ 14.429815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.430245] flags: 0x200000000000000(node=0|zone=2) [ 14.430483] page_type: f5(slab) [ 14.430859] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.431206] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.431609] page dumped because: kasan: bad access detected [ 14.432029] [ 14.432154] Memory state around the buggy address: [ 14.432482] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.432913] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.433311] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.433731] ^ [ 14.434136] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.434529] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.434993] ================================================================== [ 14.772749] ================================================================== [ 14.773168] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 14.773420] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.774110] [ 14.774219] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.774261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.774275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.774295] Call Trace: [ 14.774313] <TASK> [ 14.774330] dump_stack_lvl+0x73/0xb0 [ 14.774357] print_report+0xd1/0x650 [ 14.774404] ? __virt_addr_valid+0x1db/0x2d0 [ 14.774428] ? kasan_atomics_helper+0x2006/0x5450 [ 14.774462] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.774486] ? kasan_atomics_helper+0x2006/0x5450 [ 14.774509] kasan_report+0x141/0x180 [ 14.774541] ? kasan_atomics_helper+0x2006/0x5450 [ 14.774569] kasan_check_range+0x10c/0x1c0 [ 14.774605] __kasan_check_write+0x18/0x20 [ 14.774625] kasan_atomics_helper+0x2006/0x5450 [ 14.774649] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.774674] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.774695] ? ret_from_fork_asm+0x1a/0x30 [ 14.774724] ? kasan_atomics+0x152/0x310 [ 14.774749] kasan_atomics+0x1dc/0x310 [ 14.774768] ? __pfx_kasan_atomics+0x10/0x10 [ 14.774790] ? __pfx_read_tsc+0x10/0x10 [ 14.774812] ? ktime_get_ts64+0x86/0x230 [ 14.774838] kunit_try_run_case+0x1a5/0x480 [ 14.774860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.774891] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.774920] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.774947] ? __kthread_parkme+0x82/0x180 [ 14.774978] ? preempt_count_sub+0x50/0x80 [ 14.775003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.775024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.775057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.775083] kthread+0x337/0x6f0 [ 14.775102] ? trace_preempt_on+0x20/0xc0 [ 14.775137] ? __pfx_kthread+0x10/0x10 [ 14.775159] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.775182] ? calculate_sigpending+0x7b/0xa0 [ 14.775207] ? __pfx_kthread+0x10/0x10 [ 14.775238] ret_from_fork+0x116/0x1d0 [ 14.775257] ? __pfx_kthread+0x10/0x10 [ 14.775279] ret_from_fork_asm+0x1a/0x30 [ 14.775320] </TASK> [ 14.775331] [ 14.783669] Allocated by task 283: [ 14.783869] kasan_save_stack+0x45/0x70 [ 14.784092] kasan_save_track+0x18/0x40 [ 14.784303] kasan_save_alloc_info+0x3b/0x50 [ 14.784500] __kasan_kmalloc+0xb7/0xc0 [ 14.784709] __kmalloc_cache_noprof+0x189/0x420 [ 14.784920] kasan_atomics+0x95/0x310 [ 14.785136] kunit_try_run_case+0x1a5/0x480 [ 14.785341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.785548] kthread+0x337/0x6f0 [ 14.785674] ret_from_fork+0x116/0x1d0 [ 14.785807] ret_from_fork_asm+0x1a/0x30 [ 14.785946] [ 14.786017] The buggy address belongs to the object at ffff8881039bd780 [ 14.786017] which belongs to the cache kmalloc-64 of size 64 [ 14.786471] The buggy address is located 0 bytes to the right of [ 14.786471] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.787047] [ 14.787145] The buggy address belongs to the physical page: [ 14.787364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.787617] flags: 0x200000000000000(node=0|zone=2) [ 14.787779] page_type: f5(slab) [ 14.787898] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.788310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.788659] page dumped because: kasan: bad access detected [ 14.789209] [ 14.789305] Memory state around the buggy address: [ 14.789545] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.790059] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.790337] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.790564] ^ [ 14.790879] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.791283] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.791636] ================================================================== [ 14.851715] ================================================================== [ 14.852271] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 14.852635] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.852976] [ 14.853082] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.853125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.853139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.853191] Call Trace: [ 14.853210] <TASK> [ 14.853226] dump_stack_lvl+0x73/0xb0 [ 14.853265] print_report+0xd1/0x650 [ 14.853290] ? __virt_addr_valid+0x1db/0x2d0 [ 14.853313] ? kasan_atomics_helper+0x218a/0x5450 [ 14.853335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.853359] ? kasan_atomics_helper+0x218a/0x5450 [ 14.853389] kasan_report+0x141/0x180 [ 14.853412] ? kasan_atomics_helper+0x218a/0x5450 [ 14.853440] kasan_check_range+0x10c/0x1c0 [ 14.853493] __kasan_check_write+0x18/0x20 [ 14.853514] kasan_atomics_helper+0x218a/0x5450 [ 14.853559] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.853583] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.853631] ? ret_from_fork_asm+0x1a/0x30 [ 14.853653] ? kasan_atomics+0x152/0x310 [ 14.853688] kasan_atomics+0x1dc/0x310 [ 14.853709] ? __pfx_kasan_atomics+0x10/0x10 [ 14.853738] ? __pfx_read_tsc+0x10/0x10 [ 14.853760] ? ktime_get_ts64+0x86/0x230 [ 14.853787] kunit_try_run_case+0x1a5/0x480 [ 14.853836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.853857] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.853884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.853945] ? __kthread_parkme+0x82/0x180 [ 14.853966] ? preempt_count_sub+0x50/0x80 [ 14.854000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.854022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.854053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.854079] kthread+0x337/0x6f0 [ 14.854099] ? trace_preempt_on+0x20/0xc0 [ 14.854123] ? __pfx_kthread+0x10/0x10 [ 14.854145] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.854169] ? calculate_sigpending+0x7b/0xa0 [ 14.854193] ? __pfx_kthread+0x10/0x10 [ 14.854215] ret_from_fork+0x116/0x1d0 [ 14.854235] ? __pfx_kthread+0x10/0x10 [ 14.854256] ret_from_fork_asm+0x1a/0x30 [ 14.854287] </TASK> [ 14.854298] [ 14.862693] Allocated by task 283: [ 14.862840] kasan_save_stack+0x45/0x70 [ 14.863090] kasan_save_track+0x18/0x40 [ 14.863293] kasan_save_alloc_info+0x3b/0x50 [ 14.863688] __kasan_kmalloc+0xb7/0xc0 [ 14.864010] __kmalloc_cache_noprof+0x189/0x420 [ 14.864303] kasan_atomics+0x95/0x310 [ 14.864516] kunit_try_run_case+0x1a5/0x480 [ 14.864665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.864842] kthread+0x337/0x6f0 [ 14.865077] ret_from_fork+0x116/0x1d0 [ 14.865274] ret_from_fork_asm+0x1a/0x30 [ 14.865481] [ 14.865579] The buggy address belongs to the object at ffff8881039bd780 [ 14.865579] which belongs to the cache kmalloc-64 of size 64 [ 14.866286] The buggy address is located 0 bytes to the right of [ 14.866286] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.866801] [ 14.866875] The buggy address belongs to the physical page: [ 14.867049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.867552] flags: 0x200000000000000(node=0|zone=2) [ 14.867874] page_type: f5(slab) [ 14.868090] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.868454] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.868798] page dumped because: kasan: bad access detected [ 14.869023] [ 14.869214] Memory state around the buggy address: [ 14.869443] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.869838] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.870144] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.870360] ^ [ 14.870529] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.870884] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.871231] ================================================================== [ 13.697830] ================================================================== [ 13.698400] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 13.698744] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.699172] [ 13.699289] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.699333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.699346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.699368] Call Trace: [ 13.699394] <TASK> [ 13.699409] dump_stack_lvl+0x73/0xb0 [ 13.699438] print_report+0xd1/0x650 [ 13.699461] ? __virt_addr_valid+0x1db/0x2d0 [ 13.699485] ? kasan_atomics_helper+0x860/0x5450 [ 13.699507] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.699530] ? kasan_atomics_helper+0x860/0x5450 [ 13.699553] kasan_report+0x141/0x180 [ 13.699577] ? kasan_atomics_helper+0x860/0x5450 [ 13.699604] kasan_check_range+0x10c/0x1c0 [ 13.699628] __kasan_check_write+0x18/0x20 [ 13.699649] kasan_atomics_helper+0x860/0x5450 [ 13.699672] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.699694] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.699716] ? ret_from_fork_asm+0x1a/0x30 [ 13.699737] ? kasan_atomics+0x152/0x310 [ 13.699768] kasan_atomics+0x1dc/0x310 [ 13.699787] ? __pfx_kasan_atomics+0x10/0x10 [ 13.699809] ? __pfx_read_tsc+0x10/0x10 [ 13.699829] ? ktime_get_ts64+0x86/0x230 [ 13.699854] kunit_try_run_case+0x1a5/0x480 [ 13.699876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.699896] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.699922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.699949] ? __kthread_parkme+0x82/0x180 [ 13.699970] ? preempt_count_sub+0x50/0x80 [ 13.699993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.700015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.700039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.700064] kthread+0x337/0x6f0 [ 13.700084] ? trace_preempt_on+0x20/0xc0 [ 13.700108] ? __pfx_kthread+0x10/0x10 [ 13.700129] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.700153] ? calculate_sigpending+0x7b/0xa0 [ 13.700177] ? __pfx_kthread+0x10/0x10 [ 13.700199] ret_from_fork+0x116/0x1d0 [ 13.700218] ? __pfx_kthread+0x10/0x10 [ 13.700240] ret_from_fork_asm+0x1a/0x30 [ 13.700271] </TASK> [ 13.700282] [ 13.708617] Allocated by task 283: [ 13.708802] kasan_save_stack+0x45/0x70 [ 13.708954] kasan_save_track+0x18/0x40 [ 13.709163] kasan_save_alloc_info+0x3b/0x50 [ 13.709317] __kasan_kmalloc+0xb7/0xc0 [ 13.709508] __kmalloc_cache_noprof+0x189/0x420 [ 13.709730] kasan_atomics+0x95/0x310 [ 13.709935] kunit_try_run_case+0x1a5/0x480 [ 13.710342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.710625] kthread+0x337/0x6f0 [ 13.710777] ret_from_fork+0x116/0x1d0 [ 13.710937] ret_from_fork_asm+0x1a/0x30 [ 13.711211] [ 13.711309] The buggy address belongs to the object at ffff8881039bd780 [ 13.711309] which belongs to the cache kmalloc-64 of size 64 [ 13.711892] The buggy address is located 0 bytes to the right of [ 13.711892] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.712449] [ 13.712549] The buggy address belongs to the physical page: [ 13.712770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.713082] flags: 0x200000000000000(node=0|zone=2) [ 13.713305] page_type: f5(slab) [ 13.713452] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.713762] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.714090] page dumped because: kasan: bad access detected [ 13.714268] [ 13.714340] Memory state around the buggy address: [ 13.714727] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.715139] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.715480] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.715832] ^ [ 13.716132] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.716455] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.716686] ================================================================== [ 13.873452] ================================================================== [ 13.873793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 13.874123] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.874416] [ 13.874508] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.874553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.874566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.874589] Call Trace: [ 13.874604] <TASK> [ 13.874620] dump_stack_lvl+0x73/0xb0 [ 13.874645] print_report+0xd1/0x650 [ 13.874670] ? __virt_addr_valid+0x1db/0x2d0 [ 13.874692] ? kasan_atomics_helper+0xde0/0x5450 [ 13.874714] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.874737] ? kasan_atomics_helper+0xde0/0x5450 [ 13.874759] kasan_report+0x141/0x180 [ 13.874781] ? kasan_atomics_helper+0xde0/0x5450 [ 13.874808] kasan_check_range+0x10c/0x1c0 [ 13.874833] __kasan_check_write+0x18/0x20 [ 13.874852] kasan_atomics_helper+0xde0/0x5450 [ 13.874876] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.874899] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.874919] ? ret_from_fork_asm+0x1a/0x30 [ 13.874941] ? kasan_atomics+0x152/0x310 [ 13.874964] kasan_atomics+0x1dc/0x310 [ 13.874984] ? __pfx_kasan_atomics+0x10/0x10 [ 13.875005] ? __pfx_read_tsc+0x10/0x10 [ 13.875025] ? ktime_get_ts64+0x86/0x230 [ 13.875049] kunit_try_run_case+0x1a5/0x480 [ 13.875071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.875091] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.875116] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.875141] ? __kthread_parkme+0x82/0x180 [ 13.875162] ? preempt_count_sub+0x50/0x80 [ 13.875185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.875206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.875230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.875255] kthread+0x337/0x6f0 [ 13.875274] ? trace_preempt_on+0x20/0xc0 [ 13.875297] ? __pfx_kthread+0x10/0x10 [ 13.875318] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.875341] ? calculate_sigpending+0x7b/0xa0 [ 13.875365] ? __pfx_kthread+0x10/0x10 [ 13.875724] ret_from_fork+0x116/0x1d0 [ 13.875751] ? __pfx_kthread+0x10/0x10 [ 13.875774] ret_from_fork_asm+0x1a/0x30 [ 13.875805] </TASK> [ 13.875816] [ 13.884271] Allocated by task 283: [ 13.884475] kasan_save_stack+0x45/0x70 [ 13.884686] kasan_save_track+0x18/0x40 [ 13.884883] kasan_save_alloc_info+0x3b/0x50 [ 13.885040] __kasan_kmalloc+0xb7/0xc0 [ 13.885176] __kmalloc_cache_noprof+0x189/0x420 [ 13.885410] kasan_atomics+0x95/0x310 [ 13.885599] kunit_try_run_case+0x1a5/0x480 [ 13.885805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.886019] kthread+0x337/0x6f0 [ 13.886168] ret_from_fork+0x116/0x1d0 [ 13.886354] ret_from_fork_asm+0x1a/0x30 [ 13.886597] [ 13.886715] The buggy address belongs to the object at ffff8881039bd780 [ 13.886715] which belongs to the cache kmalloc-64 of size 64 [ 13.887298] The buggy address is located 0 bytes to the right of [ 13.887298] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.887933] [ 13.888117] The buggy address belongs to the physical page: [ 13.888342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.888624] flags: 0x200000000000000(node=0|zone=2) [ 13.888892] page_type: f5(slab) [ 13.889136] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.889489] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.889809] page dumped because: kasan: bad access detected [ 13.890048] [ 13.890127] Memory state around the buggy address: [ 13.890314] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.890649] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.890949] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.891387] ^ [ 13.891631] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.892062] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.892405] ==================================================================