Date
June 24, 2025, 11:37 a.m.
| Environment | |
|---|---|
| dragonboard-845c | |
| qemu-arm64 | |
| qemu-x86_64 |
[ 61.350118] ================================================================== [ 61.357428] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858 [ 61.364832] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 61.372320] [ 61.373846] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 61.373875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 61.373883] Hardware name: Thundercomm Dragonboard 845c (DT) [ 61.373894] Call trace: [ 61.373899] show_stack+0x20/0x38 (C) [ 61.373916] dump_stack_lvl+0x8c/0xd0 [ 61.373935] print_report+0x118/0x608 [ 61.373953] kasan_report+0xdc/0x128 [ 61.373972] kasan_check_range+0x100/0x1a8 [ 61.373992] __kasan_check_write+0x20/0x30 [ 61.374007] kasan_atomics_helper+0x6ec/0x4858 [ 61.374024] kasan_atomics+0x198/0x2e0 [ 61.374041] kunit_try_run_case+0x170/0x3f0 [ 61.374059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.374081] kthread+0x328/0x630 [ 61.374095] ret_from_fork+0x10/0x20 [ 61.374111] [ 61.447277] Allocated by task 363: [ 61.450732] kasan_save_stack+0x3c/0x68 [ 61.454630] kasan_save_track+0x20/0x40 [ 61.458526] kasan_save_alloc_info+0x40/0x58 [ 61.462864] __kasan_kmalloc+0xd4/0xd8 [ 61.466675] __kmalloc_cache_noprof+0x16c/0x3c0 [ 61.471277] kasan_atomics+0xb8/0x2e0 [ 61.474998] kunit_try_run_case+0x170/0x3f0 [ 61.479251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.484820] kthread+0x328/0x630 [ 61.488107] ret_from_fork+0x10/0x20 [ 61.491740] [ 61.493263] The buggy address belongs to the object at ffff000080acff00 [ 61.493263] which belongs to the cache kmalloc-64 of size 64 [ 61.505740] The buggy address is located 0 bytes to the right of [ 61.505740] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 61.518741] [ 61.520276] The buggy address belongs to the physical page: [ 61.525921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 61.534026] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 61.540633] page_type: f5(slab) [ 61.543832] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 61.551671] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 61.559503] page dumped because: kasan: bad access detected [ 61.565149] [ 61.566672] Memory state around the buggy address: [ 61.571529] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.578841] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.586154] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 61.593463] ^ [ 61.598318] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 61.605630] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 61.612940] ================================================================== [ 66.196670] ================================================================== [ 66.203980] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 66.211471] Read of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 66.218871] [ 66.220396] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 66.220427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 66.220435] Hardware name: Thundercomm Dragonboard 845c (DT) [ 66.220445] Call trace: [ 66.220451] show_stack+0x20/0x38 (C) [ 66.220468] dump_stack_lvl+0x8c/0xd0 [ 66.220486] print_report+0x118/0x608 [ 66.220504] kasan_report+0xdc/0x128 [ 66.220523] __asan_report_load4_noabort+0x20/0x30 [ 66.220540] kasan_atomics_helper+0x3e04/0x4858 [ 66.220558] kasan_atomics+0x198/0x2e0 [ 66.220574] kunit_try_run_case+0x170/0x3f0 [ 66.220591] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 66.220612] kthread+0x328/0x630 [ 66.220627] ret_from_fork+0x10/0x20 [ 66.220643] [ 66.290439] Allocated by task 363: [ 66.293895] kasan_save_stack+0x3c/0x68 [ 66.297794] kasan_save_track+0x20/0x40 [ 66.301692] kasan_save_alloc_info+0x40/0x58 [ 66.306030] __kasan_kmalloc+0xd4/0xd8 [ 66.309839] __kmalloc_cache_noprof+0x16c/0x3c0 [ 66.314440] kasan_atomics+0xb8/0x2e0 [ 66.318161] kunit_try_run_case+0x170/0x3f0 [ 66.322415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 66.327984] kthread+0x328/0x630 [ 66.331269] ret_from_fork+0x10/0x20 [ 66.334903] [ 66.336426] The buggy address belongs to the object at ffff000080acff00 [ 66.336426] which belongs to the cache kmalloc-64 of size 64 [ 66.348902] The buggy address is located 0 bytes to the right of [ 66.348902] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 66.361903] [ 66.363427] The buggy address belongs to the physical page: [ 66.369071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 66.377177] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 66.383783] page_type: f5(slab) [ 66.386981] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 66.394817] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 66.402648] page dumped because: kasan: bad access detected [ 66.408293] [ 66.409816] Memory state around the buggy address: [ 66.414670] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 66.421981] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 66.429293] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 66.436602] ^ [ 66.441458] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.448769] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.456078] ================================================================== [ 72.399561] ================================================================== [ 72.406873] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 72.414364] Read of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 72.421766] [ 72.423290] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 72.423320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 72.423329] Hardware name: Thundercomm Dragonboard 845c (DT) [ 72.423338] Call trace: [ 72.423345] show_stack+0x20/0x38 (C) [ 72.423362] dump_stack_lvl+0x8c/0xd0 [ 72.423380] print_report+0x118/0x608 [ 72.423399] kasan_report+0xdc/0x128 [ 72.423419] __asan_report_load8_noabort+0x20/0x30 [ 72.423436] kasan_atomics_helper+0x3db0/0x4858 [ 72.423454] kasan_atomics+0x198/0x2e0 [ 72.423472] kunit_try_run_case+0x170/0x3f0 [ 72.423491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 72.423511] kthread+0x328/0x630 [ 72.423527] ret_from_fork+0x10/0x20 [ 72.423544] [ 72.493342] Allocated by task 363: [ 72.496798] kasan_save_stack+0x3c/0x68 [ 72.500696] kasan_save_track+0x20/0x40 [ 72.504594] kasan_save_alloc_info+0x40/0x58 [ 72.508933] __kasan_kmalloc+0xd4/0xd8 [ 72.512741] __kmalloc_cache_noprof+0x16c/0x3c0 [ 72.517343] kasan_atomics+0xb8/0x2e0 [ 72.521064] kunit_try_run_case+0x170/0x3f0 [ 72.525317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 72.530887] kthread+0x328/0x630 [ 72.534173] ret_from_fork+0x10/0x20 [ 72.537808] [ 72.539331] The buggy address belongs to the object at ffff000080acff00 [ 72.539331] which belongs to the cache kmalloc-64 of size 64 [ 72.551809] The buggy address is located 0 bytes to the right of [ 72.551809] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 72.564810] [ 72.566333] The buggy address belongs to the physical page: [ 72.571979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 72.580086] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 72.586694] page_type: f5(slab) [ 72.589893] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 72.597730] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 72.605563] page dumped because: kasan: bad access detected [ 72.611210] [ 72.612733] Memory state around the buggy address: [ 72.617587] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 72.624900] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 72.632212] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 72.639522] ^ [ 72.644379] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.651690] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 72.659000] ================================================================== [ 58.384768] ================================================================== [ 58.392084] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858 [ 58.399580] Read of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 58.406978] [ 58.408510] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 58.408539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.408547] Hardware name: Thundercomm Dragonboard 845c (DT) [ 58.408557] Call trace: [ 58.408563] show_stack+0x20/0x38 (C) [ 58.408579] dump_stack_lvl+0x8c/0xd0 [ 58.408598] print_report+0x118/0x608 [ 58.408617] kasan_report+0xdc/0x128 [ 58.408636] __asan_report_load4_noabort+0x20/0x30 [ 58.408651] kasan_atomics_helper+0x40fc/0x4858 [ 58.408669] kasan_atomics+0x198/0x2e0 [ 58.408687] kunit_try_run_case+0x170/0x3f0 [ 58.408704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.408726] kthread+0x328/0x630 [ 58.408739] ret_from_fork+0x10/0x20 [ 58.408756] [ 58.478546] Allocated by task 363: [ 58.481997] kasan_save_stack+0x3c/0x68 [ 58.485894] kasan_save_track+0x20/0x40 [ 58.489799] kasan_save_alloc_info+0x40/0x58 [ 58.494137] __kasan_kmalloc+0xd4/0xd8 [ 58.497952] __kmalloc_cache_noprof+0x16c/0x3c0 [ 58.502552] kasan_atomics+0xb8/0x2e0 [ 58.506279] kunit_try_run_case+0x170/0x3f0 [ 58.510530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.516095] kthread+0x328/0x630 [ 58.519377] ret_from_fork+0x10/0x20 [ 58.523011] [ 58.524543] The buggy address belongs to the object at ffff000080acff00 [ 58.524543] which belongs to the cache kmalloc-64 of size 64 [ 58.537021] The buggy address is located 0 bytes to the right of [ 58.537021] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 58.550023] [ 58.551554] The buggy address belongs to the physical page: [ 58.557197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 58.565298] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 58.571907] page_type: f5(slab) [ 58.575105] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 58.582947] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 58.590784] page dumped because: kasan: bad access detected [ 58.596423] [ 58.597945] Memory state around the buggy address: [ 58.602806] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 58.610123] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 58.617440] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 58.624755] ^ [ 58.629610] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.636916] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 58.644230] ================================================================== [ 59.999242] ================================================================== [ 60.006552] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4e4/0x4858 [ 60.013956] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 60.021445] [ 60.022971] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 60.023001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.023008] Hardware name: Thundercomm Dragonboard 845c (DT) [ 60.023018] Call trace: [ 60.023024] show_stack+0x20/0x38 (C) [ 60.023041] dump_stack_lvl+0x8c/0xd0 [ 60.023058] print_report+0x118/0x608 [ 60.023077] kasan_report+0xdc/0x128 [ 60.023095] kasan_check_range+0x100/0x1a8 [ 60.023114] __kasan_check_write+0x20/0x30 [ 60.023129] kasan_atomics_helper+0x4e4/0x4858 [ 60.023147] kasan_atomics+0x198/0x2e0 [ 60.023164] kunit_try_run_case+0x170/0x3f0 [ 60.023182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.023202] kthread+0x328/0x630 [ 60.023217] ret_from_fork+0x10/0x20 [ 60.023233] [ 60.096395] Allocated by task 363: [ 60.099851] kasan_save_stack+0x3c/0x68 [ 60.103749] kasan_save_track+0x20/0x40 [ 60.107646] kasan_save_alloc_info+0x40/0x58 [ 60.111984] __kasan_kmalloc+0xd4/0xd8 [ 60.115792] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.120394] kasan_atomics+0xb8/0x2e0 [ 60.124116] kunit_try_run_case+0x170/0x3f0 [ 60.128368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.133937] kthread+0x328/0x630 [ 60.137223] ret_from_fork+0x10/0x20 [ 60.140859] [ 60.142383] The buggy address belongs to the object at ffff000080acff00 [ 60.142383] which belongs to the cache kmalloc-64 of size 64 [ 60.154861] The buggy address is located 0 bytes to the right of [ 60.154861] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 60.167862] [ 60.169385] The buggy address belongs to the physical page: [ 60.175031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 60.183137] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.189745] page_type: f5(slab) [ 60.192946] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 60.200782] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 60.208613] page dumped because: kasan: bad access detected [ 60.214260] [ 60.215783] Memory state around the buggy address: [ 60.220639] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.227951] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.235263] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 60.242571] ^ [ 60.247428] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.254738] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 60.262049] ================================================================== [ 64.315559] ================================================================== [ 64.322870] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 64.330275] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 64.337764] [ 64.339289] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 64.339318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 64.339328] Hardware name: Thundercomm Dragonboard 845c (DT) [ 64.339337] Call trace: [ 64.339343] show_stack+0x20/0x38 (C) [ 64.339360] dump_stack_lvl+0x8c/0xd0 [ 64.339378] print_report+0x118/0x608 [ 64.339398] kasan_report+0xdc/0x128 [ 64.339418] kasan_check_range+0x100/0x1a8 [ 64.339438] __kasan_check_write+0x20/0x30 [ 64.339454] kasan_atomics_helper+0xb70/0x4858 [ 64.339471] kasan_atomics+0x198/0x2e0 [ 64.339488] kunit_try_run_case+0x170/0x3f0 [ 64.339506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.339527] kthread+0x328/0x630 [ 64.339541] ret_from_fork+0x10/0x20 [ 64.339557] [ 64.412733] Allocated by task 363: [ 64.416190] kasan_save_stack+0x3c/0x68 [ 64.420089] kasan_save_track+0x20/0x40 [ 64.423987] kasan_save_alloc_info+0x40/0x58 [ 64.428324] __kasan_kmalloc+0xd4/0xd8 [ 64.432135] __kmalloc_cache_noprof+0x16c/0x3c0 [ 64.436736] kasan_atomics+0xb8/0x2e0 [ 64.440457] kunit_try_run_case+0x170/0x3f0 [ 64.444710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.450279] kthread+0x328/0x630 [ 64.453564] ret_from_fork+0x10/0x20 [ 64.457200] [ 64.458722] The buggy address belongs to the object at ffff000080acff00 [ 64.458722] which belongs to the cache kmalloc-64 of size 64 [ 64.471200] The buggy address is located 0 bytes to the right of [ 64.471200] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 64.484203] [ 64.485725] The buggy address belongs to the physical page: [ 64.491372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 64.499478] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 64.506084] page_type: f5(slab) [ 64.509283] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 64.517120] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 64.524952] page dumped because: kasan: bad access detected [ 64.530599] [ 64.532122] Memory state around the buggy address: [ 64.536978] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 64.544290] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 64.551603] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 64.558914] ^ [ 64.563770] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.571081] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.578391] ================================================================== [ 62.697717] ================================================================== [ 62.705027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x934/0x4858 [ 62.712431] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 62.719920] [ 62.721456] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 62.721484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.721491] Hardware name: Thundercomm Dragonboard 845c (DT) [ 62.721501] Call trace: [ 62.721507] show_stack+0x20/0x38 (C) [ 62.721525] dump_stack_lvl+0x8c/0xd0 [ 62.721542] print_report+0x118/0x608 [ 62.721560] kasan_report+0xdc/0x128 [ 62.721579] kasan_check_range+0x100/0x1a8 [ 62.721599] __kasan_check_write+0x20/0x30 [ 62.721616] kasan_atomics_helper+0x934/0x4858 [ 62.721634] kasan_atomics+0x198/0x2e0 [ 62.721652] kunit_try_run_case+0x170/0x3f0 [ 62.721669] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.721689] kthread+0x328/0x630 [ 62.721702] ret_from_fork+0x10/0x20 [ 62.721719] [ 62.794874] Allocated by task 363: [ 62.798331] kasan_save_stack+0x3c/0x68 [ 62.802229] kasan_save_track+0x20/0x40 [ 62.806126] kasan_save_alloc_info+0x40/0x58 [ 62.810465] __kasan_kmalloc+0xd4/0xd8 [ 62.814274] __kmalloc_cache_noprof+0x16c/0x3c0 [ 62.818876] kasan_atomics+0xb8/0x2e0 [ 62.822596] kunit_try_run_case+0x170/0x3f0 [ 62.826849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.832418] kthread+0x328/0x630 [ 62.835704] ret_from_fork+0x10/0x20 [ 62.839339] [ 62.840861] The buggy address belongs to the object at ffff000080acff00 [ 62.840861] which belongs to the cache kmalloc-64 of size 64 [ 62.853339] The buggy address is located 0 bytes to the right of [ 62.853339] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 62.866341] [ 62.867865] The buggy address belongs to the physical page: [ 62.873511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 62.881619] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 62.888227] page_type: f5(slab) [ 62.891426] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 62.899263] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 62.907096] page dumped because: kasan: bad access detected [ 62.912742] [ 62.914265] Memory state around the buggy address: [ 62.919119] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.926431] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.933742] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 62.941051] ^ [ 62.945907] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 62.953220] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 62.960528] ================================================================== [ 68.347895] ================================================================== [ 68.355204] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 68.362607] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 68.370095] [ 68.371620] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 68.371648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 68.371657] Hardware name: Thundercomm Dragonboard 845c (DT) [ 68.371666] Call trace: [ 68.371673] show_stack+0x20/0x38 (C) [ 68.371690] dump_stack_lvl+0x8c/0xd0 [ 68.371707] print_report+0x118/0x608 [ 68.371725] kasan_report+0xdc/0x128 [ 68.371745] kasan_check_range+0x100/0x1a8 [ 68.371766] __kasan_check_write+0x20/0x30 [ 68.371781] kasan_atomics_helper+0xff0/0x4858 [ 68.371800] kasan_atomics+0x198/0x2e0 [ 68.371817] kunit_try_run_case+0x170/0x3f0 [ 68.371836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 68.371857] kthread+0x328/0x630 [ 68.371871] ret_from_fork+0x10/0x20 [ 68.371887] [ 68.445051] Allocated by task 363: [ 68.448507] kasan_save_stack+0x3c/0x68 [ 68.452406] kasan_save_track+0x20/0x40 [ 68.456303] kasan_save_alloc_info+0x40/0x58 [ 68.460641] __kasan_kmalloc+0xd4/0xd8 [ 68.464450] __kmalloc_cache_noprof+0x16c/0x3c0 [ 68.469054] kasan_atomics+0xb8/0x2e0 [ 68.472775] kunit_try_run_case+0x170/0x3f0 [ 68.477028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 68.482597] kthread+0x328/0x630 [ 68.485884] ret_from_fork+0x10/0x20 [ 68.489518] [ 68.491041] The buggy address belongs to the object at ffff000080acff00 [ 68.491041] which belongs to the cache kmalloc-64 of size 64 [ 68.503519] The buggy address is located 0 bytes to the right of [ 68.503519] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 68.516519] [ 68.518043] The buggy address belongs to the physical page: [ 68.523689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 68.531796] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 68.538401] page_type: f5(slab) [ 68.541601] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 68.549436] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 68.557268] page dumped because: kasan: bad access detected [ 68.562914] [ 68.564437] Memory state around the buggy address: [ 68.569292] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 68.576604] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 68.583916] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 68.591227] ^ [ 68.596082] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 68.603395] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.610704] ================================================================== [ 61.620303] ================================================================== [ 61.627615] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858 [ 61.635020] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 61.642510] [ 61.644036] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 61.644066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 61.644076] Hardware name: Thundercomm Dragonboard 845c (DT) [ 61.644086] Call trace: [ 61.644093] show_stack+0x20/0x38 (C) [ 61.644110] dump_stack_lvl+0x8c/0xd0 [ 61.644128] print_report+0x118/0x608 [ 61.644148] kasan_report+0xdc/0x128 [ 61.644167] kasan_check_range+0x100/0x1a8 [ 61.644188] __kasan_check_write+0x20/0x30 [ 61.644204] kasan_atomics_helper+0x760/0x4858 [ 61.644223] kasan_atomics+0x198/0x2e0 [ 61.644240] kunit_try_run_case+0x170/0x3f0 [ 61.644259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.644281] kthread+0x328/0x630 [ 61.644295] ret_from_fork+0x10/0x20 [ 61.644311] [ 61.717477] Allocated by task 363: [ 61.720933] kasan_save_stack+0x3c/0x68 [ 61.724831] kasan_save_track+0x20/0x40 [ 61.728728] kasan_save_alloc_info+0x40/0x58 [ 61.733066] __kasan_kmalloc+0xd4/0xd8 [ 61.736874] __kmalloc_cache_noprof+0x16c/0x3c0 [ 61.741476] kasan_atomics+0xb8/0x2e0 [ 61.745199] kunit_try_run_case+0x170/0x3f0 [ 61.749452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.755020] kthread+0x328/0x630 [ 61.758306] ret_from_fork+0x10/0x20 [ 61.761940] [ 61.763463] The buggy address belongs to the object at ffff000080acff00 [ 61.763463] which belongs to the cache kmalloc-64 of size 64 [ 61.775940] The buggy address is located 0 bytes to the right of [ 61.775940] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 61.788943] [ 61.790467] The buggy address belongs to the physical page: [ 61.796112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 61.804219] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 61.810827] page_type: f5(slab) [ 61.814026] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 61.821863] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 61.829696] page dumped because: kasan: bad access detected [ 61.835343] [ 61.836866] Memory state around the buggy address: [ 61.841720] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.849034] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.856345] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 61.863656] ^ [ 61.868513] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 61.875824] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 61.883134] ================================================================== [ 72.129206] ================================================================== [ 72.136518] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 72.144012] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 72.151501] [ 72.153026] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 72.153055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 72.153063] Hardware name: Thundercomm Dragonboard 845c (DT) [ 72.153072] Call trace: [ 72.153078] show_stack+0x20/0x38 (C) [ 72.153094] dump_stack_lvl+0x8c/0xd0 [ 72.153112] print_report+0x118/0x608 [ 72.153130] kasan_report+0xdc/0x128 [ 72.153149] kasan_check_range+0x100/0x1a8 [ 72.153169] __kasan_check_write+0x20/0x30 [ 72.153185] kasan_atomics_helper+0x15b4/0x4858 [ 72.153203] kasan_atomics+0x198/0x2e0 [ 72.153219] kunit_try_run_case+0x170/0x3f0 [ 72.153236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 72.153258] kthread+0x328/0x630 [ 72.153271] ret_from_fork+0x10/0x20 [ 72.153287] [ 72.226542] Allocated by task 363: [ 72.229998] kasan_save_stack+0x3c/0x68 [ 72.233897] kasan_save_track+0x20/0x40 [ 72.237795] kasan_save_alloc_info+0x40/0x58 [ 72.242133] __kasan_kmalloc+0xd4/0xd8 [ 72.245942] __kmalloc_cache_noprof+0x16c/0x3c0 [ 72.250544] kasan_atomics+0xb8/0x2e0 [ 72.254266] kunit_try_run_case+0x170/0x3f0 [ 72.258520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 72.264088] kthread+0x328/0x630 [ 72.267373] ret_from_fork+0x10/0x20 [ 72.271008] [ 72.272530] The buggy address belongs to the object at ffff000080acff00 [ 72.272530] which belongs to the cache kmalloc-64 of size 64 [ 72.285010] The buggy address is located 0 bytes to the right of [ 72.285010] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 72.298011] [ 72.299534] The buggy address belongs to the physical page: [ 72.305179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 72.313287] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 72.319893] page_type: f5(slab) [ 72.323093] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 72.330930] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 72.338763] page dumped because: kasan: bad access detected [ 72.344409] [ 72.345932] Memory state around the buggy address: [ 72.350787] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 72.358100] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 72.365412] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 72.372722] ^ [ 72.377578] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.384889] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 72.392198] ================================================================== [ 73.203536] ================================================================== [ 73.210847] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 73.218337] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 73.225825] [ 73.227350] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 73.227379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 73.227388] Hardware name: Thundercomm Dragonboard 845c (DT) [ 73.227398] Call trace: [ 73.227404] show_stack+0x20/0x38 (C) [ 73.227421] dump_stack_lvl+0x8c/0xd0 [ 73.227440] print_report+0x118/0x608 [ 73.227458] kasan_report+0xdc/0x128 [ 73.227476] kasan_check_range+0x100/0x1a8 [ 73.227495] __kasan_check_write+0x20/0x30 [ 73.227510] kasan_atomics_helper+0x16d0/0x4858 [ 73.227529] kasan_atomics+0x198/0x2e0 [ 73.227546] kunit_try_run_case+0x170/0x3f0 [ 73.227564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 73.227583] kthread+0x328/0x630 [ 73.227597] ret_from_fork+0x10/0x20 [ 73.227613] [ 73.300865] Allocated by task 363: [ 73.304321] kasan_save_stack+0x3c/0x68 [ 73.308220] kasan_save_track+0x20/0x40 [ 73.312118] kasan_save_alloc_info+0x40/0x58 [ 73.316456] __kasan_kmalloc+0xd4/0xd8 [ 73.320265] __kmalloc_cache_noprof+0x16c/0x3c0 [ 73.324868] kasan_atomics+0xb8/0x2e0 [ 73.328589] kunit_try_run_case+0x170/0x3f0 [ 73.332842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 73.338410] kthread+0x328/0x630 [ 73.341695] ret_from_fork+0x10/0x20 [ 73.345330] [ 73.346853] The buggy address belongs to the object at ffff000080acff00 [ 73.346853] which belongs to the cache kmalloc-64 of size 64 [ 73.359330] The buggy address is located 0 bytes to the right of [ 73.359330] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 73.372331] [ 73.373854] The buggy address belongs to the physical page: [ 73.379499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 73.387605] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 73.394211] page_type: f5(slab) [ 73.397411] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 73.405245] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 73.413077] page dumped because: kasan: bad access detected [ 73.418723] [ 73.420246] Memory state around the buggy address: [ 73.425101] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 73.432412] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 73.439723] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 73.447032] ^ [ 73.451887] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.459199] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 73.466508] ================================================================== [ 60.809766] ================================================================== [ 60.817075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 60.824479] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 60.831966] [ 60.833492] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 60.833520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.833528] Hardware name: Thundercomm Dragonboard 845c (DT) [ 60.833538] Call trace: [ 60.833544] show_stack+0x20/0x38 (C) [ 60.833562] dump_stack_lvl+0x8c/0xd0 [ 60.833580] print_report+0x118/0x608 [ 60.833598] kasan_report+0xdc/0x128 [ 60.833616] kasan_check_range+0x100/0x1a8 [ 60.833637] __kasan_check_write+0x20/0x30 [ 60.833652] kasan_atomics_helper+0x61c/0x4858 [ 60.833670] kasan_atomics+0x198/0x2e0 [ 60.833687] kunit_try_run_case+0x170/0x3f0 [ 60.833705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.833727] kthread+0x328/0x630 [ 60.833740] ret_from_fork+0x10/0x20 [ 60.833756] [ 60.906920] Allocated by task 363: [ 60.910376] kasan_save_stack+0x3c/0x68 [ 60.914274] kasan_save_track+0x20/0x40 [ 60.918172] kasan_save_alloc_info+0x40/0x58 [ 60.922510] __kasan_kmalloc+0xd4/0xd8 [ 60.926319] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.930919] kasan_atomics+0xb8/0x2e0 [ 60.934641] kunit_try_run_case+0x170/0x3f0 [ 60.938895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.944464] kthread+0x328/0x630 [ 60.947749] ret_from_fork+0x10/0x20 [ 60.951383] [ 60.952906] The buggy address belongs to the object at ffff000080acff00 [ 60.952906] which belongs to the cache kmalloc-64 of size 64 [ 60.965385] The buggy address is located 0 bytes to the right of [ 60.965385] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 60.978387] [ 60.979909] The buggy address belongs to the physical page: [ 60.985555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 60.993660] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 61.000267] page_type: f5(slab) [ 61.003467] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 61.011303] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 61.019135] page dumped because: kasan: bad access detected [ 61.024781] [ 61.026303] Memory state around the buggy address: [ 61.031159] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.038472] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.045783] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 61.053092] ^ [ 61.057947] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 61.065258] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 61.072569] ================================================================== [ 73.473868] ================================================================== [ 73.481179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 73.488670] Read of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 73.496071] [ 73.497596] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 73.497624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 73.497632] Hardware name: Thundercomm Dragonboard 845c (DT) [ 73.497641] Call trace: [ 73.497647] show_stack+0x20/0x38 (C) [ 73.497665] dump_stack_lvl+0x8c/0xd0 [ 73.497684] print_report+0x118/0x608 [ 73.497703] kasan_report+0xdc/0x128 [ 73.497722] __asan_report_load8_noabort+0x20/0x30 [ 73.497739] kasan_atomics_helper+0x3e10/0x4858 [ 73.497757] kasan_atomics+0x198/0x2e0 [ 73.497774] kunit_try_run_case+0x170/0x3f0 [ 73.497792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 73.497812] kthread+0x328/0x630 [ 73.497825] ret_from_fork+0x10/0x20 [ 73.497842] [ 73.567640] Allocated by task 363: [ 73.571095] kasan_save_stack+0x3c/0x68 [ 73.574995] kasan_save_track+0x20/0x40 [ 73.578891] kasan_save_alloc_info+0x40/0x58 [ 73.583229] __kasan_kmalloc+0xd4/0xd8 [ 73.587037] __kmalloc_cache_noprof+0x16c/0x3c0 [ 73.591639] kasan_atomics+0xb8/0x2e0 [ 73.595361] kunit_try_run_case+0x170/0x3f0 [ 73.599613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 73.605181] kthread+0x328/0x630 [ 73.608467] ret_from_fork+0x10/0x20 [ 73.612101] [ 73.613623] The buggy address belongs to the object at ffff000080acff00 [ 73.613623] which belongs to the cache kmalloc-64 of size 64 [ 73.626100] The buggy address is located 0 bytes to the right of [ 73.626100] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 73.639099] [ 73.640622] The buggy address belongs to the physical page: [ 73.646267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 73.654372] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 73.660979] page_type: f5(slab) [ 73.664178] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 73.672013] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 73.679844] page dumped because: kasan: bad access detected [ 73.685489] [ 73.687011] Memory state around the buggy address: [ 73.691865] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 73.699175] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 73.706486] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 73.713794] ^ [ 73.718650] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.725960] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 73.733269] ================================================================== [ 74.010951] ================================================================== [ 74.018262] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 74.025751] Read of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 74.033153] [ 74.034688] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 74.034717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 74.034725] Hardware name: Thundercomm Dragonboard 845c (DT) [ 74.034735] Call trace: [ 74.034741] show_stack+0x20/0x38 (C) [ 74.034758] dump_stack_lvl+0x8c/0xd0 [ 74.034776] print_report+0x118/0x608 [ 74.034794] kasan_report+0xdc/0x128 [ 74.034812] __asan_report_load8_noabort+0x20/0x30 [ 74.034828] kasan_atomics_helper+0x3e20/0x4858 [ 74.034847] kasan_atomics+0x198/0x2e0 [ 74.034864] kunit_try_run_case+0x170/0x3f0 [ 74.034881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 74.034902] kthread+0x328/0x630 [ 74.034915] ret_from_fork+0x10/0x20 [ 74.034932] [ 74.104729] Allocated by task 363: [ 74.108184] kasan_save_stack+0x3c/0x68 [ 74.112083] kasan_save_track+0x20/0x40 [ 74.115980] kasan_save_alloc_info+0x40/0x58 [ 74.120318] __kasan_kmalloc+0xd4/0xd8 [ 74.124127] __kmalloc_cache_noprof+0x16c/0x3c0 [ 74.128728] kasan_atomics+0xb8/0x2e0 [ 74.132449] kunit_try_run_case+0x170/0x3f0 [ 74.136702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 74.142271] kthread+0x328/0x630 [ 74.145557] ret_from_fork+0x10/0x20 [ 74.149191] [ 74.150714] The buggy address belongs to the object at ffff000080acff00 [ 74.150714] which belongs to the cache kmalloc-64 of size 64 [ 74.163190] The buggy address is located 0 bytes to the right of [ 74.163190] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 74.176190] [ 74.177713] The buggy address belongs to the physical page: [ 74.183359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 74.191465] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 74.198072] page_type: f5(slab) [ 74.201271] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 74.209108] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 74.216939] page dumped because: kasan: bad access detected [ 74.222584] [ 74.224107] Memory state around the buggy address: [ 74.228962] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 74.236273] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 74.243585] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 74.250893] ^ [ 74.255749] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.263059] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 74.270368] ================================================================== [ 74.277740] ================================================================== [ 74.285051] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 74.292541] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 74.300028] [ 74.301553] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 74.301582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 74.301590] Hardware name: Thundercomm Dragonboard 845c (DT) [ 74.301600] Call trace: [ 74.301606] show_stack+0x20/0x38 (C) [ 74.301623] dump_stack_lvl+0x8c/0xd0 [ 74.301640] print_report+0x118/0x608 [ 74.301658] kasan_report+0xdc/0x128 [ 74.301677] kasan_check_range+0x100/0x1a8 [ 74.301698] __kasan_check_write+0x20/0x30 [ 74.301714] kasan_atomics_helper+0x17ec/0x4858 [ 74.301733] kasan_atomics+0x198/0x2e0 [ 74.301751] kunit_try_run_case+0x170/0x3f0 [ 74.301769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 74.301790] kthread+0x328/0x630 [ 74.301804] ret_from_fork+0x10/0x20 [ 74.301821] [ 74.375070] Allocated by task 363: [ 74.378526] kasan_save_stack+0x3c/0x68 [ 74.382424] kasan_save_track+0x20/0x40 [ 74.386321] kasan_save_alloc_info+0x40/0x58 [ 74.390659] __kasan_kmalloc+0xd4/0xd8 [ 74.394468] __kmalloc_cache_noprof+0x16c/0x3c0 [ 74.399069] kasan_atomics+0xb8/0x2e0 [ 74.402791] kunit_try_run_case+0x170/0x3f0 [ 74.407044] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 74.412613] kthread+0x328/0x630 [ 74.415898] ret_from_fork+0x10/0x20 [ 74.419533] [ 74.421055] The buggy address belongs to the object at ffff000080acff00 [ 74.421055] which belongs to the cache kmalloc-64 of size 64 [ 74.433531] The buggy address is located 0 bytes to the right of [ 74.433531] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 74.446532] [ 74.448056] The buggy address belongs to the physical page: [ 74.453700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 74.461806] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 74.468413] page_type: f5(slab) [ 74.471613] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 74.479448] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 74.487280] page dumped because: kasan: bad access detected [ 74.492926] [ 74.494448] Memory state around the buggy address: [ 74.499303] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 74.506613] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 74.513925] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 74.521234] ^ [ 74.526090] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.533401] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 74.540710] ================================================================== [ 69.699541] ================================================================== [ 69.706853] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 69.714347] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 69.721838] [ 69.723363] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 69.723393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 69.723401] Hardware name: Thundercomm Dragonboard 845c (DT) [ 69.723411] Call trace: [ 69.723418] show_stack+0x20/0x38 (C) [ 69.723435] dump_stack_lvl+0x8c/0xd0 [ 69.723454] print_report+0x118/0x608 [ 69.723473] kasan_report+0xdc/0x128 [ 69.723491] kasan_check_range+0x100/0x1a8 [ 69.723512] __kasan_check_write+0x20/0x30 [ 69.723528] kasan_atomics_helper+0x11f8/0x4858 [ 69.723546] kasan_atomics+0x198/0x2e0 [ 69.723562] kunit_try_run_case+0x170/0x3f0 [ 69.723580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 69.723601] kthread+0x328/0x630 [ 69.723614] ret_from_fork+0x10/0x20 [ 69.723630] [ 69.796882] Allocated by task 363: [ 69.800339] kasan_save_stack+0x3c/0x68 [ 69.804239] kasan_save_track+0x20/0x40 [ 69.808136] kasan_save_alloc_info+0x40/0x58 [ 69.812476] __kasan_kmalloc+0xd4/0xd8 [ 69.816285] __kmalloc_cache_noprof+0x16c/0x3c0 [ 69.820886] kasan_atomics+0xb8/0x2e0 [ 69.824607] kunit_try_run_case+0x170/0x3f0 [ 69.828859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 69.834429] kthread+0x328/0x630 [ 69.837715] ret_from_fork+0x10/0x20 [ 69.841349] [ 69.842872] The buggy address belongs to the object at ffff000080acff00 [ 69.842872] which belongs to the cache kmalloc-64 of size 64 [ 69.855349] The buggy address is located 0 bytes to the right of [ 69.855349] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 69.868350] [ 69.869874] The buggy address belongs to the physical page: [ 69.875519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 69.883628] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 69.890235] page_type: f5(slab) [ 69.893434] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 69.901271] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 69.909102] page dumped because: kasan: bad access detected [ 69.914748] [ 69.916270] Memory state around the buggy address: [ 69.921125] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 69.928438] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 69.935750] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 69.943059] ^ [ 69.947916] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 69.955227] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 69.962536] ================================================================== [ 58.114772] ================================================================== [ 58.122087] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 58.129494] Read of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 58.136897] [ 58.138422] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 58.138452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.138460] Hardware name: Thundercomm Dragonboard 845c (DT) [ 58.138470] Call trace: [ 58.138477] show_stack+0x20/0x38 (C) [ 58.138494] dump_stack_lvl+0x8c/0xd0 [ 58.138512] print_report+0x118/0x608 [ 58.138531] kasan_report+0xdc/0x128 [ 58.138549] kasan_check_range+0x100/0x1a8 [ 58.138569] __kasan_check_read+0x20/0x30 [ 58.138585] kasan_atomics_helper+0x2b0/0x4858 [ 58.138604] kasan_atomics+0x198/0x2e0 [ 58.138622] kunit_try_run_case+0x170/0x3f0 [ 58.138641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.138661] kthread+0x328/0x630 [ 58.138676] ret_from_fork+0x10/0x20 [ 58.138692] [ 58.211760] Allocated by task 363: [ 58.215215] kasan_save_stack+0x3c/0x68 [ 58.219121] kasan_save_track+0x20/0x40 [ 58.223018] kasan_save_alloc_info+0x40/0x58 [ 58.227352] __kasan_kmalloc+0xd4/0xd8 [ 58.231161] __kmalloc_cache_noprof+0x16c/0x3c0 [ 58.235759] kasan_atomics+0xb8/0x2e0 [ 58.239488] kunit_try_run_case+0x170/0x3f0 [ 58.243741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.249306] kthread+0x328/0x630 [ 58.252590] ret_from_fork+0x10/0x20 [ 58.256221] [ 58.257744] The buggy address belongs to the object at ffff000080acff00 [ 58.257744] which belongs to the cache kmalloc-64 of size 64 [ 58.270222] The buggy address is located 0 bytes to the right of [ 58.270222] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 58.283235] [ 58.284759] The buggy address belongs to the physical page: [ 58.290401] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 58.298500] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 58.305111] page_type: f5(slab) [ 58.308311] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 58.316151] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 58.323987] page dumped because: kasan: bad access detected [ 58.329630] [ 58.331162] Memory state around the buggy address: [ 58.336014] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 58.343321] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 58.350626] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 58.357941] ^ [ 58.362795] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.370108] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 58.377423] ================================================================== [ 68.888416] ================================================================== [ 68.895726] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 68.903217] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 68.910705] [ 68.912230] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 68.912259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 68.912268] Hardware name: Thundercomm Dragonboard 845c (DT) [ 68.912278] Call trace: [ 68.912285] show_stack+0x20/0x38 (C) [ 68.912302] dump_stack_lvl+0x8c/0xd0 [ 68.912320] print_report+0x118/0x608 [ 68.912338] kasan_report+0xdc/0x128 [ 68.912358] kasan_check_range+0x100/0x1a8 [ 68.912377] __kasan_check_write+0x20/0x30 [ 68.912394] kasan_atomics_helper+0x10c0/0x4858 [ 68.912413] kasan_atomics+0x198/0x2e0 [ 68.912429] kunit_try_run_case+0x170/0x3f0 [ 68.912447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 68.912469] kthread+0x328/0x630 [ 68.912483] ret_from_fork+0x10/0x20 [ 68.912500] [ 68.985750] Allocated by task 363: [ 68.989206] kasan_save_stack+0x3c/0x68 [ 68.993103] kasan_save_track+0x20/0x40 [ 68.997000] kasan_save_alloc_info+0x40/0x58 [ 69.001339] __kasan_kmalloc+0xd4/0xd8 [ 69.005148] __kmalloc_cache_noprof+0x16c/0x3c0 [ 69.009749] kasan_atomics+0xb8/0x2e0 [ 69.013471] kunit_try_run_case+0x170/0x3f0 [ 69.017725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 69.023294] kthread+0x328/0x630 [ 69.026580] ret_from_fork+0x10/0x20 [ 69.030214] [ 69.031737] The buggy address belongs to the object at ffff000080acff00 [ 69.031737] which belongs to the cache kmalloc-64 of size 64 [ 69.044215] The buggy address is located 0 bytes to the right of [ 69.044215] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 69.057216] [ 69.058740] The buggy address belongs to the physical page: [ 69.064385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 69.072490] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 69.079098] page_type: f5(slab) [ 69.082296] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 69.090133] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 69.097966] page dumped because: kasan: bad access detected [ 69.103611] [ 69.105134] Memory state around the buggy address: [ 69.109989] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 69.117301] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 69.124615] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 69.131924] ^ [ 69.136780] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 69.144092] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 69.151402] ================================================================== [ 70.780970] ================================================================== [ 70.788282] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 70.795773] Read of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 70.803175] [ 70.804700] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 70.804729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 70.804736] Hardware name: Thundercomm Dragonboard 845c (DT) [ 70.804746] Call trace: [ 70.804753] show_stack+0x20/0x38 (C) [ 70.804770] dump_stack_lvl+0x8c/0xd0 [ 70.804788] print_report+0x118/0x608 [ 70.804807] kasan_report+0xdc/0x128 [ 70.804826] __asan_report_load8_noabort+0x20/0x30 [ 70.804843] kasan_atomics_helper+0x3f04/0x4858 [ 70.804861] kasan_atomics+0x198/0x2e0 [ 70.804878] kunit_try_run_case+0x170/0x3f0 [ 70.804897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 70.804917] kthread+0x328/0x630 [ 70.804931] ret_from_fork+0x10/0x20 [ 70.804947] [ 70.874746] Allocated by task 363: [ 70.878203] kasan_save_stack+0x3c/0x68 [ 70.882102] kasan_save_track+0x20/0x40 [ 70.886000] kasan_save_alloc_info+0x40/0x58 [ 70.890339] __kasan_kmalloc+0xd4/0xd8 [ 70.894148] __kmalloc_cache_noprof+0x16c/0x3c0 [ 70.898750] kasan_atomics+0xb8/0x2e0 [ 70.902472] kunit_try_run_case+0x170/0x3f0 [ 70.906724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 70.912293] kthread+0x328/0x630 [ 70.915580] ret_from_fork+0x10/0x20 [ 70.919215] [ 70.920738] The buggy address belongs to the object at ffff000080acff00 [ 70.920738] which belongs to the cache kmalloc-64 of size 64 [ 70.933216] The buggy address is located 0 bytes to the right of [ 70.933216] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 70.946218] [ 70.947742] The buggy address belongs to the physical page: [ 70.953387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 70.961494] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 70.968102] page_type: f5(slab) [ 70.971301] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 70.979138] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 70.986970] page dumped because: kasan: bad access detected [ 70.992616] [ 70.994138] Memory state around the buggy address: [ 70.998993] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 71.006305] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 71.013616] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 71.020926] ^ [ 71.025782] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 71.033095] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 71.040406] ================================================================== [ 65.926483] ================================================================== [ 65.933795] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 65.941199] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 65.948688] [ 65.950214] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 65.950243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 65.950253] Hardware name: Thundercomm Dragonboard 845c (DT) [ 65.950262] Call trace: [ 65.950269] show_stack+0x20/0x38 (C) [ 65.950285] dump_stack_lvl+0x8c/0xd0 [ 65.950304] print_report+0x118/0x608 [ 65.950322] kasan_report+0xdc/0x128 [ 65.950340] kasan_check_range+0x100/0x1a8 [ 65.950360] __kasan_check_write+0x20/0x30 [ 65.950374] kasan_atomics_helper+0xd3c/0x4858 [ 65.950392] kasan_atomics+0x198/0x2e0 [ 65.950409] kunit_try_run_case+0x170/0x3f0 [ 65.950426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.950446] kthread+0x328/0x630 [ 65.950459] ret_from_fork+0x10/0x20 [ 65.950475] [ 66.023642] Allocated by task 363: [ 66.027099] kasan_save_stack+0x3c/0x68 [ 66.030998] kasan_save_track+0x20/0x40 [ 66.034895] kasan_save_alloc_info+0x40/0x58 [ 66.039234] __kasan_kmalloc+0xd4/0xd8 [ 66.043043] __kmalloc_cache_noprof+0x16c/0x3c0 [ 66.047644] kasan_atomics+0xb8/0x2e0 [ 66.051367] kunit_try_run_case+0x170/0x3f0 [ 66.055621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 66.061190] kthread+0x328/0x630 [ 66.064477] ret_from_fork+0x10/0x20 [ 66.068111] [ 66.069634] The buggy address belongs to the object at ffff000080acff00 [ 66.069634] which belongs to the cache kmalloc-64 of size 64 [ 66.082111] The buggy address is located 0 bytes to the right of [ 66.082111] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 66.095112] [ 66.096636] The buggy address belongs to the physical page: [ 66.102281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 66.110388] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 66.116995] page_type: f5(slab) [ 66.120195] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 66.128030] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 66.135862] page dumped because: kasan: bad access detected [ 66.141508] [ 66.143031] Memory state around the buggy address: [ 66.147886] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 66.155198] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 66.162510] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 66.169819] ^ [ 66.174676] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.181987] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.189297] ================================================================== [ 57.844583] ================================================================== [ 57.851902] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x24c/0x4858 [ 57.859312] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 57.866796] [ 57.868331] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 57.868360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 57.868369] Hardware name: Thundercomm Dragonboard 845c (DT) [ 57.868380] Call trace: [ 57.868386] show_stack+0x20/0x38 (C) [ 57.868403] dump_stack_lvl+0x8c/0xd0 [ 57.868422] print_report+0x118/0x608 [ 57.868441] kasan_report+0xdc/0x128 [ 57.868460] kasan_check_range+0x100/0x1a8 [ 57.868481] __kasan_check_write+0x20/0x30 [ 57.868496] kasan_atomics_helper+0x24c/0x4858 [ 57.868514] kasan_atomics+0x198/0x2e0 [ 57.868530] kunit_try_run_case+0x170/0x3f0 [ 57.868548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.868569] kthread+0x328/0x630 [ 57.868582] ret_from_fork+0x10/0x20 [ 57.868600] [ 57.941765] Allocated by task 363: [ 57.945217] kasan_save_stack+0x3c/0x68 [ 57.949121] kasan_save_track+0x20/0x40 [ 57.953025] kasan_save_alloc_info+0x40/0x58 [ 57.957360] __kasan_kmalloc+0xd4/0xd8 [ 57.961175] __kmalloc_cache_noprof+0x16c/0x3c0 [ 57.965773] kasan_atomics+0xb8/0x2e0 [ 57.969501] kunit_try_run_case+0x170/0x3f0 [ 57.973751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.979311] kthread+0x328/0x630 [ 57.982597] ret_from_fork+0x10/0x20 [ 57.986228] [ 57.987758] The buggy address belongs to the object at ffff000080acff00 [ 57.987758] which belongs to the cache kmalloc-64 of size 64 [ 58.000237] The buggy address is located 0 bytes to the right of [ 58.000237] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 58.013236] [ 58.014762] The buggy address belongs to the physical page: [ 58.020399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 58.028498] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 58.035111] page_type: f5(slab) [ 58.038308] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 58.046148] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 58.053980] page dumped because: kasan: bad access detected [ 58.059618] [ 58.061142] Memory state around the buggy address: [ 58.065993] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 58.073308] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 58.080623] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 58.087937] ^ [ 58.092789] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.100103] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 58.107416] ================================================================== [ 58.921754] ================================================================== [ 58.929064] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 58.936556] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 58.944044] [ 58.945569] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 58.945599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.945606] Hardware name: Thundercomm Dragonboard 845c (DT) [ 58.945617] Call trace: [ 58.945623] show_stack+0x20/0x38 (C) [ 58.945640] dump_stack_lvl+0x8c/0xd0 [ 58.945658] print_report+0x118/0x608 [ 58.945676] kasan_report+0xdc/0x128 [ 58.945693] __asan_report_store4_noabort+0x20/0x30 [ 58.945711] kasan_atomics_helper+0x3f94/0x4858 [ 58.945729] kasan_atomics+0x198/0x2e0 [ 58.945746] kunit_try_run_case+0x170/0x3f0 [ 58.945765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.945786] kthread+0x328/0x630 [ 58.945800] ret_from_fork+0x10/0x20 [ 58.945817] [ 59.015700] Allocated by task 363: [ 59.019156] kasan_save_stack+0x3c/0x68 [ 59.023054] kasan_save_track+0x20/0x40 [ 59.026951] kasan_save_alloc_info+0x40/0x58 [ 59.031290] __kasan_kmalloc+0xd4/0xd8 [ 59.035098] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.039699] kasan_atomics+0xb8/0x2e0 [ 59.043420] kunit_try_run_case+0x170/0x3f0 [ 59.047673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.053243] kthread+0x328/0x630 [ 59.056528] ret_from_fork+0x10/0x20 [ 59.060162] [ 59.061685] The buggy address belongs to the object at ffff000080acff00 [ 59.061685] which belongs to the cache kmalloc-64 of size 64 [ 59.074163] The buggy address is located 0 bytes to the right of [ 59.074163] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 59.087164] [ 59.088687] The buggy address belongs to the physical page: [ 59.094332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 59.102441] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.109048] page_type: f5(slab) [ 59.112246] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 59.120084] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 59.127916] page dumped because: kasan: bad access detected [ 59.133562] [ 59.135085] Memory state around the buggy address: [ 59.139940] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.147253] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.154565] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 59.161874] ^ [ 59.166730] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.174041] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 59.181350] ================================================================== [ 62.160697] ================================================================== [ 62.168008] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x894/0x4858 [ 62.175412] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 62.182900] [ 62.184427] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 62.184455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.184464] Hardware name: Thundercomm Dragonboard 845c (DT) [ 62.184474] Call trace: [ 62.184480] show_stack+0x20/0x38 (C) [ 62.184498] dump_stack_lvl+0x8c/0xd0 [ 62.184515] print_report+0x118/0x608 [ 62.184534] kasan_report+0xdc/0x128 [ 62.184552] kasan_check_range+0x100/0x1a8 [ 62.184572] __kasan_check_write+0x20/0x30 [ 62.184588] kasan_atomics_helper+0x894/0x4858 [ 62.184608] kasan_atomics+0x198/0x2e0 [ 62.184625] kunit_try_run_case+0x170/0x3f0 [ 62.184643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.184663] kthread+0x328/0x630 [ 62.184677] ret_from_fork+0x10/0x20 [ 62.184695] [ 62.257858] Allocated by task 363: [ 62.261314] kasan_save_stack+0x3c/0x68 [ 62.265212] kasan_save_track+0x20/0x40 [ 62.269111] kasan_save_alloc_info+0x40/0x58 [ 62.273449] __kasan_kmalloc+0xd4/0xd8 [ 62.277260] __kmalloc_cache_noprof+0x16c/0x3c0 [ 62.281861] kasan_atomics+0xb8/0x2e0 [ 62.285583] kunit_try_run_case+0x170/0x3f0 [ 62.289836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.295405] kthread+0x328/0x630 [ 62.298690] ret_from_fork+0x10/0x20 [ 62.302324] [ 62.303848] The buggy address belongs to the object at ffff000080acff00 [ 62.303848] which belongs to the cache kmalloc-64 of size 64 [ 62.316326] The buggy address is located 0 bytes to the right of [ 62.316326] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 62.329327] [ 62.330851] The buggy address belongs to the physical page: [ 62.336496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 62.344604] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 62.351210] page_type: f5(slab) [ 62.354408] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 62.362244] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 62.370074] page dumped because: kasan: bad access detected [ 62.375720] [ 62.377242] Memory state around the buggy address: [ 62.382097] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.389409] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.396720] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 62.404029] ^ [ 62.408884] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 62.416195] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 62.423505] ================================================================== [ 67.000232] ================================================================== [ 67.007542] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 67.014947] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 67.022436] [ 67.023961] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 67.023990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 67.023998] Hardware name: Thundercomm Dragonboard 845c (DT) [ 67.024008] Call trace: [ 67.024015] show_stack+0x20/0x38 (C) [ 67.024032] dump_stack_lvl+0x8c/0xd0 [ 67.024049] print_report+0x118/0x608 [ 67.024068] kasan_report+0xdc/0x128 [ 67.024087] kasan_check_range+0x100/0x1a8 [ 67.024107] __kasan_check_write+0x20/0x30 [ 67.024123] kasan_atomics_helper+0xe44/0x4858 [ 67.024142] kasan_atomics+0x198/0x2e0 [ 67.024158] kunit_try_run_case+0x170/0x3f0 [ 67.024177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 67.024197] kthread+0x328/0x630 [ 67.024210] ret_from_fork+0x10/0x20 [ 67.024228] [ 67.097396] Allocated by task 363: [ 67.100851] kasan_save_stack+0x3c/0x68 [ 67.104748] kasan_save_track+0x20/0x40 [ 67.108647] kasan_save_alloc_info+0x40/0x58 [ 67.112984] __kasan_kmalloc+0xd4/0xd8 [ 67.116794] __kmalloc_cache_noprof+0x16c/0x3c0 [ 67.121395] kasan_atomics+0xb8/0x2e0 [ 67.125116] kunit_try_run_case+0x170/0x3f0 [ 67.129368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 67.134938] kthread+0x328/0x630 [ 67.138223] ret_from_fork+0x10/0x20 [ 67.141858] [ 67.143381] The buggy address belongs to the object at ffff000080acff00 [ 67.143381] which belongs to the cache kmalloc-64 of size 64 [ 67.155860] The buggy address is located 0 bytes to the right of [ 67.155860] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 67.168861] [ 67.170386] The buggy address belongs to the physical page: [ 67.176031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 67.184138] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 67.190745] page_type: f5(slab) [ 67.193945] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 67.201781] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 67.209614] page dumped because: kasan: bad access detected [ 67.215259] [ 67.216782] Memory state around the buggy address: [ 67.221638] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 67.228950] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 67.236263] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 67.243572] ^ [ 67.248429] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 67.255743] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.263055] ================================================================== [ 66.463440] ================================================================== [ 66.470751] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 66.478154] Read of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 66.485555] [ 66.487082] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 66.487111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 66.487118] Hardware name: Thundercomm Dragonboard 845c (DT) [ 66.487129] Call trace: [ 66.487135] show_stack+0x20/0x38 (C) [ 66.487152] dump_stack_lvl+0x8c/0xd0 [ 66.487170] print_report+0x118/0x608 [ 66.487189] kasan_report+0xdc/0x128 [ 66.487207] kasan_check_range+0x100/0x1a8 [ 66.487227] __kasan_check_read+0x20/0x30 [ 66.487243] kasan_atomics_helper+0xdd4/0x4858 [ 66.487261] kasan_atomics+0x198/0x2e0 [ 66.487278] kunit_try_run_case+0x170/0x3f0 [ 66.487295] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 66.487316] kthread+0x328/0x630 [ 66.487330] ret_from_fork+0x10/0x20 [ 66.487346] [ 66.560416] Allocated by task 363: [ 66.563873] kasan_save_stack+0x3c/0x68 [ 66.567771] kasan_save_track+0x20/0x40 [ 66.571670] kasan_save_alloc_info+0x40/0x58 [ 66.576009] __kasan_kmalloc+0xd4/0xd8 [ 66.579817] __kmalloc_cache_noprof+0x16c/0x3c0 [ 66.584419] kasan_atomics+0xb8/0x2e0 [ 66.588140] kunit_try_run_case+0x170/0x3f0 [ 66.592392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 66.597961] kthread+0x328/0x630 [ 66.601246] ret_from_fork+0x10/0x20 [ 66.604881] [ 66.606403] The buggy address belongs to the object at ffff000080acff00 [ 66.606403] which belongs to the cache kmalloc-64 of size 64 [ 66.618880] The buggy address is located 0 bytes to the right of [ 66.618880] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 66.631879] [ 66.633402] The buggy address belongs to the physical page: [ 66.639047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 66.647153] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 66.653760] page_type: f5(slab) [ 66.656959] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 66.664794] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 66.672625] page dumped because: kasan: bad access detected [ 66.678270] [ 66.679793] Memory state around the buggy address: [ 66.684648] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 66.691959] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 66.699269] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 66.706579] ^ [ 66.711435] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.718746] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.726057] ================================================================== [ 63.238080] ================================================================== [ 63.245389] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 63.252794] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 63.260282] [ 63.261808] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 63.261837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.261845] Hardware name: Thundercomm Dragonboard 845c (DT) [ 63.261856] Call trace: [ 63.261861] show_stack+0x20/0x38 (C) [ 63.261879] dump_stack_lvl+0x8c/0xd0 [ 63.261897] print_report+0x118/0x608 [ 63.261916] kasan_report+0xdc/0x128 [ 63.261935] kasan_check_range+0x100/0x1a8 [ 63.261955] __kasan_check_write+0x20/0x30 [ 63.261970] kasan_atomics_helper+0xa04/0x4858 [ 63.261988] kasan_atomics+0x198/0x2e0 [ 63.262006] kunit_try_run_case+0x170/0x3f0 [ 63.262023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.262045] kthread+0x328/0x630 [ 63.262058] ret_from_fork+0x10/0x20 [ 63.262075] [ 63.335241] Allocated by task 363: [ 63.338697] kasan_save_stack+0x3c/0x68 [ 63.342594] kasan_save_track+0x20/0x40 [ 63.346490] kasan_save_alloc_info+0x40/0x58 [ 63.350829] __kasan_kmalloc+0xd4/0xd8 [ 63.354640] __kmalloc_cache_noprof+0x16c/0x3c0 [ 63.359241] kasan_atomics+0xb8/0x2e0 [ 63.362964] kunit_try_run_case+0x170/0x3f0 [ 63.367216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.372786] kthread+0x328/0x630 [ 63.376073] ret_from_fork+0x10/0x20 [ 63.379708] [ 63.381232] The buggy address belongs to the object at ffff000080acff00 [ 63.381232] which belongs to the cache kmalloc-64 of size 64 [ 63.393711] The buggy address is located 0 bytes to the right of [ 63.393711] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 63.406712] [ 63.408236] The buggy address belongs to the physical page: [ 63.413882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 63.421988] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 63.428596] page_type: f5(slab) [ 63.431794] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 63.439630] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 63.447463] page dumped because: kasan: bad access detected [ 63.453109] [ 63.454638] Memory state around the buggy address: [ 63.459498] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.466813] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.474129] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 63.481440] ^ [ 63.486297] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.493611] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 63.500921] ================================================================== [ 63.508310] ================================================================== [ 63.515621] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 63.523028] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 63.530520] [ 63.532048] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 63.532076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.532084] Hardware name: Thundercomm Dragonboard 845c (DT) [ 63.532095] Call trace: [ 63.532103] show_stack+0x20/0x38 (C) [ 63.532121] dump_stack_lvl+0x8c/0xd0 [ 63.532139] print_report+0x118/0x608 [ 63.532158] kasan_report+0xdc/0x128 [ 63.532177] kasan_check_range+0x100/0x1a8 [ 63.532197] __kasan_check_write+0x20/0x30 [ 63.532213] kasan_atomics_helper+0xa6c/0x4858 [ 63.532230] kasan_atomics+0x198/0x2e0 [ 63.532249] kunit_try_run_case+0x170/0x3f0 [ 63.532266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.532286] kthread+0x328/0x630 [ 63.532300] ret_from_fork+0x10/0x20 [ 63.532316] [ 63.605484] Allocated by task 363: [ 63.608941] kasan_save_stack+0x3c/0x68 [ 63.612841] kasan_save_track+0x20/0x40 [ 63.616739] kasan_save_alloc_info+0x40/0x58 [ 63.621077] __kasan_kmalloc+0xd4/0xd8 [ 63.624885] __kmalloc_cache_noprof+0x16c/0x3c0 [ 63.629489] kasan_atomics+0xb8/0x2e0 [ 63.633210] kunit_try_run_case+0x170/0x3f0 [ 63.637464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.643033] kthread+0x328/0x630 [ 63.646320] ret_from_fork+0x10/0x20 [ 63.649955] [ 63.651479] The buggy address belongs to the object at ffff000080acff00 [ 63.651479] which belongs to the cache kmalloc-64 of size 64 [ 63.663957] The buggy address is located 0 bytes to the right of [ 63.663957] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 63.676959] [ 63.678483] The buggy address belongs to the physical page: [ 63.684129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 63.692237] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 63.698845] page_type: f5(slab) [ 63.702047] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 63.709885] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 63.717717] page dumped because: kasan: bad access detected [ 63.723363] [ 63.724886] Memory state around the buggy address: [ 63.729742] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.737055] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.744367] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 63.751678] ^ [ 63.756535] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.763847] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 63.771157] ================================================================== [ 68.077722] ================================================================== [ 68.085033] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 68.092437] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 68.099925] [ 68.101450] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 68.101479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 68.101486] Hardware name: Thundercomm Dragonboard 845c (DT) [ 68.101497] Call trace: [ 68.101504] show_stack+0x20/0x38 (C) [ 68.101521] dump_stack_lvl+0x8c/0xd0 [ 68.101538] print_report+0x118/0x608 [ 68.101556] kasan_report+0xdc/0x128 [ 68.101574] kasan_check_range+0x100/0x1a8 [ 68.101594] __kasan_check_write+0x20/0x30 [ 68.101609] kasan_atomics_helper+0xf88/0x4858 [ 68.101627] kasan_atomics+0x198/0x2e0 [ 68.101643] kunit_try_run_case+0x170/0x3f0 [ 68.101661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 68.101682] kthread+0x328/0x630 [ 68.101695] ret_from_fork+0x10/0x20 [ 68.101713] [ 68.174880] Allocated by task 363: [ 68.178336] kasan_save_stack+0x3c/0x68 [ 68.182235] kasan_save_track+0x20/0x40 [ 68.186131] kasan_save_alloc_info+0x40/0x58 [ 68.190468] __kasan_kmalloc+0xd4/0xd8 [ 68.194278] __kmalloc_cache_noprof+0x16c/0x3c0 [ 68.198879] kasan_atomics+0xb8/0x2e0 [ 68.202601] kunit_try_run_case+0x170/0x3f0 [ 68.206855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 68.212423] kthread+0x328/0x630 [ 68.215708] ret_from_fork+0x10/0x20 [ 68.219343] [ 68.220866] The buggy address belongs to the object at ffff000080acff00 [ 68.220866] which belongs to the cache kmalloc-64 of size 64 [ 68.233343] The buggy address is located 0 bytes to the right of [ 68.233343] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 68.246345] [ 68.247868] The buggy address belongs to the physical page: [ 68.253512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 68.261618] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 68.268225] page_type: f5(slab) [ 68.271423] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 68.279259] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 68.287091] page dumped because: kasan: bad access detected [ 68.292738] [ 68.294260] Memory state around the buggy address: [ 68.299114] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 68.306426] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 68.313736] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 68.321045] ^ [ 68.325901] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 68.333212] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.340522] ================================================================== [ 64.048734] ================================================================== [ 64.056044] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 64.063536] Read of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 64.070938] [ 64.072463] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 64.072494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 64.072502] Hardware name: Thundercomm Dragonboard 845c (DT) [ 64.072513] Call trace: [ 64.072519] show_stack+0x20/0x38 (C) [ 64.072537] dump_stack_lvl+0x8c/0xd0 [ 64.072555] print_report+0x118/0x608 [ 64.072575] kasan_report+0xdc/0x128 [ 64.072593] __asan_report_load4_noabort+0x20/0x30 [ 64.072610] kasan_atomics_helper+0x3dcc/0x4858 [ 64.072629] kasan_atomics+0x198/0x2e0 [ 64.072645] kunit_try_run_case+0x170/0x3f0 [ 64.072663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.072685] kthread+0x328/0x630 [ 64.072698] ret_from_fork+0x10/0x20 [ 64.072715] [ 64.142513] Allocated by task 363: [ 64.145970] kasan_save_stack+0x3c/0x68 [ 64.149871] kasan_save_track+0x20/0x40 [ 64.153769] kasan_save_alloc_info+0x40/0x58 [ 64.158108] __kasan_kmalloc+0xd4/0xd8 [ 64.161917] __kmalloc_cache_noprof+0x16c/0x3c0 [ 64.166519] kasan_atomics+0xb8/0x2e0 [ 64.170241] kunit_try_run_case+0x170/0x3f0 [ 64.174495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.180065] kthread+0x328/0x630 [ 64.183352] ret_from_fork+0x10/0x20 [ 64.186987] [ 64.188511] The buggy address belongs to the object at ffff000080acff00 [ 64.188511] which belongs to the cache kmalloc-64 of size 64 [ 64.200989] The buggy address is located 0 bytes to the right of [ 64.200989] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 64.213991] [ 64.215515] The buggy address belongs to the physical page: [ 64.221161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 64.229268] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 64.235876] page_type: f5(slab) [ 64.239075] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 64.246913] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 64.254744] page dumped because: kasan: bad access detected [ 64.260391] [ 64.261925] Memory state around the buggy address: [ 64.266779] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 64.274093] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 64.281406] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 64.288716] ^ [ 64.293573] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.300884] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.308195] ================================================================== [ 71.858855] ================================================================== [ 71.866166] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 71.873657] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 71.881144] [ 71.882670] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 71.882699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 71.882707] Hardware name: Thundercomm Dragonboard 845c (DT) [ 71.882718] Call trace: [ 71.882724] show_stack+0x20/0x38 (C) [ 71.882740] dump_stack_lvl+0x8c/0xd0 [ 71.882758] print_report+0x118/0x608 [ 71.882776] kasan_report+0xdc/0x128 [ 71.882796] kasan_check_range+0x100/0x1a8 [ 71.882815] __kasan_check_write+0x20/0x30 [ 71.882832] kasan_atomics_helper+0x154c/0x4858 [ 71.882851] kasan_atomics+0x198/0x2e0 [ 71.882868] kunit_try_run_case+0x170/0x3f0 [ 71.882886] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 71.882906] kthread+0x328/0x630 [ 71.882920] ret_from_fork+0x10/0x20 [ 71.882936] [ 71.956187] Allocated by task 363: [ 71.959643] kasan_save_stack+0x3c/0x68 [ 71.963542] kasan_save_track+0x20/0x40 [ 71.967438] kasan_save_alloc_info+0x40/0x58 [ 71.971776] __kasan_kmalloc+0xd4/0xd8 [ 71.975586] __kmalloc_cache_noprof+0x16c/0x3c0 [ 71.980187] kasan_atomics+0xb8/0x2e0 [ 71.983908] kunit_try_run_case+0x170/0x3f0 [ 71.988161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 71.993730] kthread+0x328/0x630 [ 71.997016] ret_from_fork+0x10/0x20 [ 72.000650] [ 72.002173] The buggy address belongs to the object at ffff000080acff00 [ 72.002173] which belongs to the cache kmalloc-64 of size 64 [ 72.014653] The buggy address is located 0 bytes to the right of [ 72.014653] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 72.027654] [ 72.029177] The buggy address belongs to the physical page: [ 72.034822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 72.042928] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 72.049535] page_type: f5(slab) [ 72.052734] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 72.060570] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 72.068401] page dumped because: kasan: bad access detected [ 72.074047] [ 72.075569] Memory state around the buggy address: [ 72.080424] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 72.087735] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 72.095047] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 72.102357] ^ [ 72.107212] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.114524] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 72.121833] ================================================================== [ 57.574485] ================================================================== [ 57.581814] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ec/0x4858 [ 57.589227] Read of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 57.596635] [ 57.598164] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 57.598195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 57.598203] Hardware name: Thundercomm Dragonboard 845c (DT) [ 57.598216] Call trace: [ 57.598222] show_stack+0x20/0x38 (C) [ 57.598241] dump_stack_lvl+0x8c/0xd0 [ 57.598260] print_report+0x118/0x608 [ 57.598280] kasan_report+0xdc/0x128 [ 57.598299] kasan_check_range+0x100/0x1a8 [ 57.598319] __kasan_check_read+0x20/0x30 [ 57.598335] kasan_atomics_helper+0x1ec/0x4858 [ 57.598354] kasan_atomics+0x198/0x2e0 [ 57.598373] kunit_try_run_case+0x170/0x3f0 [ 57.598391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.598413] kthread+0x328/0x630 [ 57.598427] ret_from_fork+0x10/0x20 [ 57.598447] [ 57.671530] Allocated by task 363: [ 57.674988] kasan_save_stack+0x3c/0x68 [ 57.678894] kasan_save_track+0x20/0x40 [ 57.682799] kasan_save_alloc_info+0x40/0x58 [ 57.687134] __kasan_kmalloc+0xd4/0xd8 [ 57.690940] __kmalloc_cache_noprof+0x16c/0x3c0 [ 57.695545] kasan_atomics+0xb8/0x2e0 [ 57.699263] kunit_try_run_case+0x170/0x3f0 [ 57.703512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.709079] kthread+0x328/0x630 [ 57.712362] ret_from_fork+0x10/0x20 [ 57.715994] [ 57.717517] The buggy address belongs to the object at ffff000080acff00 [ 57.717517] which belongs to the cache kmalloc-64 of size 64 [ 57.729996] The buggy address is located 0 bytes to the right of [ 57.729996] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 57.743006] [ 57.744537] The buggy address belongs to the physical page: [ 57.750181] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 57.758282] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 57.764897] page_type: f5(slab) [ 57.768095] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 57.775937] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 57.783772] page dumped because: kasan: bad access detected [ 57.789418] [ 57.790940] Memory state around the buggy address: [ 57.795799] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 57.803107] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 57.810423] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 57.817736] ^ [ 57.822588] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 57.829903] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 57.837217] ================================================================== [ 64.852563] ================================================================== [ 64.859873] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc08/0x4858 [ 64.867278] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 64.874767] [ 64.876293] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 64.876321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 64.876330] Hardware name: Thundercomm Dragonboard 845c (DT) [ 64.876340] Call trace: [ 64.876346] show_stack+0x20/0x38 (C) [ 64.876363] dump_stack_lvl+0x8c/0xd0 [ 64.876380] print_report+0x118/0x608 [ 64.876398] kasan_report+0xdc/0x128 [ 64.876416] kasan_check_range+0x100/0x1a8 [ 64.876436] __kasan_check_write+0x20/0x30 [ 64.876451] kasan_atomics_helper+0xc08/0x4858 [ 64.876469] kasan_atomics+0x198/0x2e0 [ 64.876485] kunit_try_run_case+0x170/0x3f0 [ 64.876502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.876523] kthread+0x328/0x630 [ 64.876536] ret_from_fork+0x10/0x20 [ 64.876552] [ 64.949715] Allocated by task 363: [ 64.953171] kasan_save_stack+0x3c/0x68 [ 64.957069] kasan_save_track+0x20/0x40 [ 64.960966] kasan_save_alloc_info+0x40/0x58 [ 64.965303] __kasan_kmalloc+0xd4/0xd8 [ 64.969112] __kmalloc_cache_noprof+0x16c/0x3c0 [ 64.973713] kasan_atomics+0xb8/0x2e0 [ 64.977434] kunit_try_run_case+0x170/0x3f0 [ 64.981686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.987255] kthread+0x328/0x630 [ 64.990540] ret_from_fork+0x10/0x20 [ 64.994176] [ 64.995699] The buggy address belongs to the object at ffff000080acff00 [ 64.995699] which belongs to the cache kmalloc-64 of size 64 [ 65.008175] The buggy address is located 0 bytes to the right of [ 65.008175] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 65.021176] [ 65.022699] The buggy address belongs to the physical page: [ 65.028344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 65.036450] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 65.043056] page_type: f5(slab) [ 65.046255] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 65.054090] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 65.061921] page dumped because: kasan: bad access detected [ 65.067567] [ 65.069089] Memory state around the buggy address: [ 65.073942] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 65.081253] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 65.088564] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 65.095874] ^ [ 65.100729] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.108040] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.115349] ================================================================== [ 71.047781] ================================================================== [ 71.055093] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 71.062586] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 71.070075] [ 71.071601] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 71.071631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 71.071639] Hardware name: Thundercomm Dragonboard 845c (DT) [ 71.071649] Call trace: [ 71.071654] show_stack+0x20/0x38 (C) [ 71.071671] dump_stack_lvl+0x8c/0xd0 [ 71.071689] print_report+0x118/0x608 [ 71.071707] kasan_report+0xdc/0x128 [ 71.071726] kasan_check_range+0x100/0x1a8 [ 71.071746] __kasan_check_write+0x20/0x30 [ 71.071762] kasan_atomics_helper+0x1414/0x4858 [ 71.071780] kasan_atomics+0x198/0x2e0 [ 71.071798] kunit_try_run_case+0x170/0x3f0 [ 71.071816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 71.071837] kthread+0x328/0x630 [ 71.071852] ret_from_fork+0x10/0x20 [ 71.071868] [ 71.145122] Allocated by task 363: [ 71.148579] kasan_save_stack+0x3c/0x68 [ 71.152477] kasan_save_track+0x20/0x40 [ 71.156375] kasan_save_alloc_info+0x40/0x58 [ 71.160713] __kasan_kmalloc+0xd4/0xd8 [ 71.164522] __kmalloc_cache_noprof+0x16c/0x3c0 [ 71.169123] kasan_atomics+0xb8/0x2e0 [ 71.172845] kunit_try_run_case+0x170/0x3f0 [ 71.177099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 71.182668] kthread+0x328/0x630 [ 71.185953] ret_from_fork+0x10/0x20 [ 71.189587] [ 71.191111] The buggy address belongs to the object at ffff000080acff00 [ 71.191111] which belongs to the cache kmalloc-64 of size 64 [ 71.203589] The buggy address is located 0 bytes to the right of [ 71.203589] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 71.216590] [ 71.218112] The buggy address belongs to the physical page: [ 71.223757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 71.231865] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 71.238472] page_type: f5(slab) [ 71.241673] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 71.249509] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 71.257341] page dumped because: kasan: bad access detected [ 71.262987] [ 71.264510] Memory state around the buggy address: [ 71.269366] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 71.276678] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 71.283989] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 71.291299] ^ [ 71.296154] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 71.303466] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 71.310777] ================================================================== [ 60.539584] ================================================================== [ 60.546895] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 60.554299] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 60.561787] [ 60.563312] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 60.563341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.563349] Hardware name: Thundercomm Dragonboard 845c (DT) [ 60.563359] Call trace: [ 60.563365] show_stack+0x20/0x38 (C) [ 60.563382] dump_stack_lvl+0x8c/0xd0 [ 60.563399] print_report+0x118/0x608 [ 60.563417] kasan_report+0xdc/0x128 [ 60.563436] kasan_check_range+0x100/0x1a8 [ 60.563457] __kasan_check_write+0x20/0x30 [ 60.563472] kasan_atomics_helper+0x5b4/0x4858 [ 60.563491] kasan_atomics+0x198/0x2e0 [ 60.563507] kunit_try_run_case+0x170/0x3f0 [ 60.563525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.563545] kthread+0x328/0x630 [ 60.563558] ret_from_fork+0x10/0x20 [ 60.563574] [ 60.636738] Allocated by task 363: [ 60.640195] kasan_save_stack+0x3c/0x68 [ 60.644093] kasan_save_track+0x20/0x40 [ 60.647990] kasan_save_alloc_info+0x40/0x58 [ 60.652328] __kasan_kmalloc+0xd4/0xd8 [ 60.656138] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.660739] kasan_atomics+0xb8/0x2e0 [ 60.664460] kunit_try_run_case+0x170/0x3f0 [ 60.668714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.674282] kthread+0x328/0x630 [ 60.677567] ret_from_fork+0x10/0x20 [ 60.681201] [ 60.682725] The buggy address belongs to the object at ffff000080acff00 [ 60.682725] which belongs to the cache kmalloc-64 of size 64 [ 60.695204] The buggy address is located 0 bytes to the right of [ 60.695204] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 60.708204] [ 60.709727] The buggy address belongs to the physical page: [ 60.715373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 60.723480] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.730088] page_type: f5(slab) [ 60.733287] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 60.741124] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 60.748956] page dumped because: kasan: bad access detected [ 60.754603] [ 60.756125] Memory state around the buggy address: [ 60.760980] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.768291] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.775603] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 60.782914] ^ [ 60.787771] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.795083] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 60.802393] ================================================================== [ 59.458897] ================================================================== [ 59.466207] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 59.473611] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 59.481101] [ 59.482626] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 59.482655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.482663] Hardware name: Thundercomm Dragonboard 845c (DT) [ 59.482674] Call trace: [ 59.482681] show_stack+0x20/0x38 (C) [ 59.482698] dump_stack_lvl+0x8c/0xd0 [ 59.482715] print_report+0x118/0x608 [ 59.482734] kasan_report+0xdc/0x128 [ 59.482753] kasan_check_range+0x100/0x1a8 [ 59.482774] __kasan_check_write+0x20/0x30 [ 59.482791] kasan_atomics_helper+0x414/0x4858 [ 59.482810] kasan_atomics+0x198/0x2e0 [ 59.482826] kunit_try_run_case+0x170/0x3f0 [ 59.482844] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.482864] kthread+0x328/0x630 [ 59.482877] ret_from_fork+0x10/0x20 [ 59.482893] [ 59.556058] Allocated by task 363: [ 59.559514] kasan_save_stack+0x3c/0x68 [ 59.563411] kasan_save_track+0x20/0x40 [ 59.567308] kasan_save_alloc_info+0x40/0x58 [ 59.571647] __kasan_kmalloc+0xd4/0xd8 [ 59.575455] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.580057] kasan_atomics+0xb8/0x2e0 [ 59.583779] kunit_try_run_case+0x170/0x3f0 [ 59.588033] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.593601] kthread+0x328/0x630 [ 59.596886] ret_from_fork+0x10/0x20 [ 59.600521] [ 59.602044] The buggy address belongs to the object at ffff000080acff00 [ 59.602044] which belongs to the cache kmalloc-64 of size 64 [ 59.614523] The buggy address is located 0 bytes to the right of [ 59.614523] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 59.627525] [ 59.629048] The buggy address belongs to the physical page: [ 59.634694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 59.642801] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.649410] page_type: f5(slab) [ 59.652609] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 59.660447] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 59.668279] page dumped because: kasan: bad access detected [ 59.673926] [ 59.675448] Memory state around the buggy address: [ 59.680303] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.687617] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.694928] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 59.702238] ^ [ 59.707094] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.714405] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 59.721715] ================================================================== [ 68.618065] ================================================================== [ 68.625377] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 68.632869] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 68.640357] [ 68.641883] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 68.641912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 68.641921] Hardware name: Thundercomm Dragonboard 845c (DT) [ 68.641930] Call trace: [ 68.641937] show_stack+0x20/0x38 (C) [ 68.641955] dump_stack_lvl+0x8c/0xd0 [ 68.641973] print_report+0x118/0x608 [ 68.641991] kasan_report+0xdc/0x128 [ 68.642010] kasan_check_range+0x100/0x1a8 [ 68.642030] __kasan_check_write+0x20/0x30 [ 68.642045] kasan_atomics_helper+0x1058/0x4858 [ 68.642064] kasan_atomics+0x198/0x2e0 [ 68.642080] kunit_try_run_case+0x170/0x3f0 [ 68.642098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 68.642119] kthread+0x328/0x630 [ 68.642133] ret_from_fork+0x10/0x20 [ 68.642149] [ 68.715390] Allocated by task 363: [ 68.718847] kasan_save_stack+0x3c/0x68 [ 68.722745] kasan_save_track+0x20/0x40 [ 68.726642] kasan_save_alloc_info+0x40/0x58 [ 68.730980] __kasan_kmalloc+0xd4/0xd8 [ 68.734788] __kmalloc_cache_noprof+0x16c/0x3c0 [ 68.739390] kasan_atomics+0xb8/0x2e0 [ 68.743112] kunit_try_run_case+0x170/0x3f0 [ 68.747365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 68.752934] kthread+0x328/0x630 [ 68.756220] ret_from_fork+0x10/0x20 [ 68.759853] [ 68.761377] The buggy address belongs to the object at ffff000080acff00 [ 68.761377] which belongs to the cache kmalloc-64 of size 64 [ 68.773856] The buggy address is located 0 bytes to the right of [ 68.773856] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 68.786858] [ 68.788382] The buggy address belongs to the physical page: [ 68.794028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 68.802134] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 68.808741] page_type: f5(slab) [ 68.811940] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 68.819778] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 68.827609] page dumped because: kasan: bad access detected [ 68.833255] [ 68.834778] Memory state around the buggy address: [ 68.839633] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 68.846944] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 68.854255] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 68.861566] ^ [ 68.866423] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 68.873735] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.881044] ================================================================== [ 65.122723] ================================================================== [ 65.130032] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3de4/0x4858 [ 65.137524] Read of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 65.144924] [ 65.146449] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 65.146478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 65.146485] Hardware name: Thundercomm Dragonboard 845c (DT) [ 65.146495] Call trace: [ 65.146502] show_stack+0x20/0x38 (C) [ 65.146518] dump_stack_lvl+0x8c/0xd0 [ 65.146536] print_report+0x118/0x608 [ 65.146555] kasan_report+0xdc/0x128 [ 65.146573] __asan_report_load4_noabort+0x20/0x30 [ 65.146589] kasan_atomics_helper+0x3de4/0x4858 [ 65.146608] kasan_atomics+0x198/0x2e0 [ 65.146624] kunit_try_run_case+0x170/0x3f0 [ 65.146641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.146660] kthread+0x328/0x630 [ 65.146674] ret_from_fork+0x10/0x20 [ 65.146691] [ 65.216488] Allocated by task 363: [ 65.219944] kasan_save_stack+0x3c/0x68 [ 65.223843] kasan_save_track+0x20/0x40 [ 65.227740] kasan_save_alloc_info+0x40/0x58 [ 65.232078] __kasan_kmalloc+0xd4/0xd8 [ 65.235887] __kmalloc_cache_noprof+0x16c/0x3c0 [ 65.240489] kasan_atomics+0xb8/0x2e0 [ 65.244211] kunit_try_run_case+0x170/0x3f0 [ 65.248463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.254032] kthread+0x328/0x630 [ 65.257317] ret_from_fork+0x10/0x20 [ 65.260953] [ 65.262476] The buggy address belongs to the object at ffff000080acff00 [ 65.262476] which belongs to the cache kmalloc-64 of size 64 [ 65.274956] The buggy address is located 0 bytes to the right of [ 65.274956] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 65.287958] [ 65.289482] The buggy address belongs to the physical page: [ 65.295128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 65.303236] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 65.309844] page_type: f5(slab) [ 65.313042] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 65.320880] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 65.328711] page dumped because: kasan: bad access detected [ 65.334357] [ 65.335880] Memory state around the buggy address: [ 65.340736] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 65.348049] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 65.355361] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 65.362671] ^ [ 65.367528] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.374840] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.382150] ================================================================== [ 57.031457] ================================================================== [ 57.046538] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858 [ 57.054036] Read of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 57.061441] [ 57.062976] CPU: 3 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 57.063009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 57.063019] Hardware name: Thundercomm Dragonboard 845c (DT) [ 57.063032] Call trace: [ 57.063041] show_stack+0x20/0x38 (C) [ 57.063060] dump_stack_lvl+0x8c/0xd0 [ 57.063083] print_report+0x118/0x608 [ 57.063104] kasan_report+0xdc/0x128 [ 57.063125] __asan_report_load4_noabort+0x20/0x30 [ 57.063146] kasan_atomics_helper+0x40a8/0x4858 [ 57.063168] kasan_atomics+0x198/0x2e0 [ 57.063186] kunit_try_run_case+0x170/0x3f0 [ 57.063206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.063231] kthread+0x328/0x630 [ 57.063246] ret_from_fork+0x10/0x20 [ 57.063265] [ 57.133078] Allocated by task 363: [ 57.136540] kasan_save_stack+0x3c/0x68 [ 57.140454] kasan_save_track+0x20/0x40 [ 57.144368] kasan_save_alloc_info+0x40/0x58 [ 57.148708] __kasan_kmalloc+0xd4/0xd8 [ 57.152524] __kmalloc_cache_noprof+0x16c/0x3c0 [ 57.157127] kasan_atomics+0xb8/0x2e0 [ 57.160854] kunit_try_run_case+0x170/0x3f0 [ 57.165109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.170685] kthread+0x328/0x630 [ 57.173977] ret_from_fork+0x10/0x20 [ 57.177619] [ 57.179150] The buggy address belongs to the object at ffff000080acff00 [ 57.179150] which belongs to the cache kmalloc-64 of size 64 [ 57.191634] The buggy address is located 0 bytes to the right of [ 57.191634] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 57.204646] [ 57.206178] The buggy address belongs to the physical page: [ 57.211829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 57.219934] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 57.226553] page_type: f5(slab) [ 57.229759] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 57.237606] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 57.245451] page dumped because: kasan: bad access detected [ 57.251102] [ 57.252629] Memory state around the buggy address: [ 57.257495] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 57.264812] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 57.272129] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 57.279446] ^ [ 57.284310] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 57.291628] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 57.298945] ================================================================== [ 72.666372] ================================================================== [ 72.673684] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 72.681176] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 72.688665] [ 72.690190] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 72.690219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 72.690228] Hardware name: Thundercomm Dragonboard 845c (DT) [ 72.690238] Call trace: [ 72.690246] show_stack+0x20/0x38 (C) [ 72.690264] dump_stack_lvl+0x8c/0xd0 [ 72.690282] print_report+0x118/0x608 [ 72.690300] kasan_report+0xdc/0x128 [ 72.690320] kasan_check_range+0x100/0x1a8 [ 72.690339] __kasan_check_write+0x20/0x30 [ 72.690356] kasan_atomics_helper+0x1644/0x4858 [ 72.690375] kasan_atomics+0x198/0x2e0 [ 72.690391] kunit_try_run_case+0x170/0x3f0 [ 72.690410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 72.690430] kthread+0x328/0x630 [ 72.690444] ret_from_fork+0x10/0x20 [ 72.690463] [ 72.763713] Allocated by task 363: [ 72.767169] kasan_save_stack+0x3c/0x68 [ 72.771067] kasan_save_track+0x20/0x40 [ 72.774964] kasan_save_alloc_info+0x40/0x58 [ 72.779303] __kasan_kmalloc+0xd4/0xd8 [ 72.783113] __kmalloc_cache_noprof+0x16c/0x3c0 [ 72.787715] kasan_atomics+0xb8/0x2e0 [ 72.791437] kunit_try_run_case+0x170/0x3f0 [ 72.795689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 72.801259] kthread+0x328/0x630 [ 72.804546] ret_from_fork+0x10/0x20 [ 72.808181] [ 72.809703] The buggy address belongs to the object at ffff000080acff00 [ 72.809703] which belongs to the cache kmalloc-64 of size 64 [ 72.822181] The buggy address is located 0 bytes to the right of [ 72.822181] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 72.835183] [ 72.836706] The buggy address belongs to the physical page: [ 72.842352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 72.850460] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 72.857068] page_type: f5(slab) [ 72.860267] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 72.868104] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 72.875936] page dumped because: kasan: bad access detected [ 72.881583] [ 72.883105] Memory state around the buggy address: [ 72.887959] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 72.895271] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 72.902583] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 72.909892] ^ [ 72.914749] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.922060] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 72.929370] ================================================================== [ 72.936732] ================================================================== [ 72.944044] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 72.951536] Read of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 72.958939] [ 72.960464] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 72.960492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 72.960500] Hardware name: Thundercomm Dragonboard 845c (DT) [ 72.960512] Call trace: [ 72.960519] show_stack+0x20/0x38 (C) [ 72.960537] dump_stack_lvl+0x8c/0xd0 [ 72.960555] print_report+0x118/0x608 [ 72.960574] kasan_report+0xdc/0x128 [ 72.960592] __asan_report_load8_noabort+0x20/0x30 [ 72.960609] kasan_atomics_helper+0x3df4/0x4858 [ 72.960628] kasan_atomics+0x198/0x2e0 [ 72.960645] kunit_try_run_case+0x170/0x3f0 [ 72.960662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 72.960682] kthread+0x328/0x630 [ 72.960695] ret_from_fork+0x10/0x20 [ 72.960711] [ 73.030509] Allocated by task 363: [ 73.033965] kasan_save_stack+0x3c/0x68 [ 73.037863] kasan_save_track+0x20/0x40 [ 73.041761] kasan_save_alloc_info+0x40/0x58 [ 73.046099] __kasan_kmalloc+0xd4/0xd8 [ 73.049908] __kmalloc_cache_noprof+0x16c/0x3c0 [ 73.054510] kasan_atomics+0xb8/0x2e0 [ 73.058232] kunit_try_run_case+0x170/0x3f0 [ 73.062484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 73.068052] kthread+0x328/0x630 [ 73.071338] ret_from_fork+0x10/0x20 [ 73.074972] [ 73.076495] The buggy address belongs to the object at ffff000080acff00 [ 73.076495] which belongs to the cache kmalloc-64 of size 64 [ 73.088972] The buggy address is located 0 bytes to the right of [ 73.088972] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 73.101973] [ 73.103496] The buggy address belongs to the physical page: [ 73.109141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 73.117248] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 73.123855] page_type: f5(slab) [ 73.127054] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 73.134890] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 73.142722] page dumped because: kasan: bad access detected [ 73.148368] [ 73.149902] Memory state around the buggy address: [ 73.154756] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 73.162067] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 73.169378] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 73.176687] ^ [ 73.181542] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.188853] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 73.196162] ================================================================== [ 63.778525] ================================================================== [ 63.785838] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 63.793244] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 63.800734] [ 63.802272] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 63.802302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.802310] Hardware name: Thundercomm Dragonboard 845c (DT) [ 63.802322] Call trace: [ 63.802329] show_stack+0x20/0x38 (C) [ 63.802347] dump_stack_lvl+0x8c/0xd0 [ 63.802366] print_report+0x118/0x608 [ 63.802384] kasan_report+0xdc/0x128 [ 63.802401] kasan_check_range+0x100/0x1a8 [ 63.802420] __kasan_check_write+0x20/0x30 [ 63.802436] kasan_atomics_helper+0xad4/0x4858 [ 63.802454] kasan_atomics+0x198/0x2e0 [ 63.802472] kunit_try_run_case+0x170/0x3f0 [ 63.802490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.802510] kthread+0x328/0x630 [ 63.802524] ret_from_fork+0x10/0x20 [ 63.802540] [ 63.875706] Allocated by task 363: [ 63.879164] kasan_save_stack+0x3c/0x68 [ 63.883063] kasan_save_track+0x20/0x40 [ 63.886961] kasan_save_alloc_info+0x40/0x58 [ 63.891299] __kasan_kmalloc+0xd4/0xd8 [ 63.895108] __kmalloc_cache_noprof+0x16c/0x3c0 [ 63.899710] kasan_atomics+0xb8/0x2e0 [ 63.903433] kunit_try_run_case+0x170/0x3f0 [ 63.907687] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.913255] kthread+0x328/0x630 [ 63.916540] ret_from_fork+0x10/0x20 [ 63.920175] [ 63.921699] The buggy address belongs to the object at ffff000080acff00 [ 63.921699] which belongs to the cache kmalloc-64 of size 64 [ 63.934176] The buggy address is located 0 bytes to the right of [ 63.934176] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 63.947177] [ 63.948700] The buggy address belongs to the physical page: [ 63.954345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 63.962450] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 63.969058] page_type: f5(slab) [ 63.972257] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 63.980093] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 63.987925] page dumped because: kasan: bad access detected [ 63.993571] [ 63.995093] Memory state around the buggy address: [ 63.999948] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 64.007259] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 64.014570] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 64.021879] ^ [ 64.026736] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.034048] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.041358] ================================================================== [ 67.270428] ================================================================== [ 67.277738] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 67.285230] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 67.292718] [ 67.294243] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 67.294272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 67.294282] Hardware name: Thundercomm Dragonboard 845c (DT) [ 67.294293] Call trace: [ 67.294299] show_stack+0x20/0x38 (C) [ 67.294317] dump_stack_lvl+0x8c/0xd0 [ 67.294335] print_report+0x118/0x608 [ 67.294354] kasan_report+0xdc/0x128 [ 67.294374] __asan_report_store8_noabort+0x20/0x30 [ 67.294390] kasan_atomics_helper+0x3e5c/0x4858 [ 67.294409] kasan_atomics+0x198/0x2e0 [ 67.294426] kunit_try_run_case+0x170/0x3f0 [ 67.294444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 67.294465] kthread+0x328/0x630 [ 67.294479] ret_from_fork+0x10/0x20 [ 67.294496] [ 67.364377] Allocated by task 363: [ 67.367832] kasan_save_stack+0x3c/0x68 [ 67.371731] kasan_save_track+0x20/0x40 [ 67.375627] kasan_save_alloc_info+0x40/0x58 [ 67.379965] __kasan_kmalloc+0xd4/0xd8 [ 67.383776] __kmalloc_cache_noprof+0x16c/0x3c0 [ 67.388378] kasan_atomics+0xb8/0x2e0 [ 67.392101] kunit_try_run_case+0x170/0x3f0 [ 67.396355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 67.401922] kthread+0x328/0x630 [ 67.405208] ret_from_fork+0x10/0x20 [ 67.408842] [ 67.410365] The buggy address belongs to the object at ffff000080acff00 [ 67.410365] which belongs to the cache kmalloc-64 of size 64 [ 67.422843] The buggy address is located 0 bytes to the right of [ 67.422843] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 67.435844] [ 67.437367] The buggy address belongs to the physical page: [ 67.443014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 67.451121] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 67.457728] page_type: f5(slab) [ 67.460928] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 67.468763] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 67.476595] page dumped because: kasan: bad access detected [ 67.482240] [ 67.483763] Memory state around the buggy address: [ 67.488619] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 67.495930] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 67.503242] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 67.510552] ^ [ 67.515407] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 67.522718] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.530028] ================================================================== [ 58.651577] ================================================================== [ 58.658885] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 58.666285] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 58.673770] [ 58.675296] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 58.675324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.675333] Hardware name: Thundercomm Dragonboard 845c (DT) [ 58.675343] Call trace: [ 58.675349] show_stack+0x20/0x38 (C) [ 58.675368] dump_stack_lvl+0x8c/0xd0 [ 58.675385] print_report+0x118/0x608 [ 58.675403] kasan_report+0xdc/0x128 [ 58.675422] kasan_check_range+0x100/0x1a8 [ 58.675444] __kasan_check_write+0x20/0x30 [ 58.675460] kasan_atomics_helper+0x32c/0x4858 [ 58.675479] kasan_atomics+0x198/0x2e0 [ 58.675495] kunit_try_run_case+0x170/0x3f0 [ 58.675513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.675533] kthread+0x328/0x630 [ 58.675547] ret_from_fork+0x10/0x20 [ 58.675564] [ 58.748728] Allocated by task 363: [ 58.752184] kasan_save_stack+0x3c/0x68 [ 58.756082] kasan_save_track+0x20/0x40 [ 58.759979] kasan_save_alloc_info+0x40/0x58 [ 58.764319] __kasan_kmalloc+0xd4/0xd8 [ 58.768128] __kmalloc_cache_noprof+0x16c/0x3c0 [ 58.772729] kasan_atomics+0xb8/0x2e0 [ 58.776450] kunit_try_run_case+0x170/0x3f0 [ 58.780703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.786272] kthread+0x328/0x630 [ 58.789557] ret_from_fork+0x10/0x20 [ 58.793193] [ 58.794717] The buggy address belongs to the object at ffff000080acff00 [ 58.794717] which belongs to the cache kmalloc-64 of size 64 [ 58.807196] The buggy address is located 0 bytes to the right of [ 58.807196] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 58.820197] [ 58.821722] The buggy address belongs to the physical page: [ 58.827367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 58.835475] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 58.842081] page_type: f5(slab) [ 58.845280] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 58.853117] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 58.860948] page dumped because: kasan: bad access detected [ 58.866593] [ 58.868116] Memory state around the buggy address: [ 58.872971] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 58.880282] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 58.887595] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 58.894906] ^ [ 58.899763] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.907073] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 58.914383] ================================================================== [ 67.537390] ================================================================== [ 67.544700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 67.552103] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 67.559592] [ 67.561117] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 67.561145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 67.561153] Hardware name: Thundercomm Dragonboard 845c (DT) [ 67.561164] Call trace: [ 67.561170] show_stack+0x20/0x38 (C) [ 67.561187] dump_stack_lvl+0x8c/0xd0 [ 67.561204] print_report+0x118/0x608 [ 67.561223] kasan_report+0xdc/0x128 [ 67.561241] kasan_check_range+0x100/0x1a8 [ 67.561261] __kasan_check_write+0x20/0x30 [ 67.561277] kasan_atomics_helper+0xeb8/0x4858 [ 67.561295] kasan_atomics+0x198/0x2e0 [ 67.561311] kunit_try_run_case+0x170/0x3f0 [ 67.561328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 67.561348] kthread+0x328/0x630 [ 67.561363] ret_from_fork+0x10/0x20 [ 67.561379] [ 67.634542] Allocated by task 363: [ 67.637998] kasan_save_stack+0x3c/0x68 [ 67.641895] kasan_save_track+0x20/0x40 [ 67.645792] kasan_save_alloc_info+0x40/0x58 [ 67.650130] __kasan_kmalloc+0xd4/0xd8 [ 67.653938] __kmalloc_cache_noprof+0x16c/0x3c0 [ 67.658540] kasan_atomics+0xb8/0x2e0 [ 67.662261] kunit_try_run_case+0x170/0x3f0 [ 67.666514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 67.672083] kthread+0x328/0x630 [ 67.675369] ret_from_fork+0x10/0x20 [ 67.679003] [ 67.680526] The buggy address belongs to the object at ffff000080acff00 [ 67.680526] which belongs to the cache kmalloc-64 of size 64 [ 67.693003] The buggy address is located 0 bytes to the right of [ 67.693003] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 67.706003] [ 67.707526] The buggy address belongs to the physical page: [ 67.713171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 67.721280] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 67.727886] page_type: f5(slab) [ 67.731085] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 67.738921] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 67.746754] page dumped because: kasan: bad access detected [ 67.752400] [ 67.753933] Memory state around the buggy address: [ 67.758788] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 67.766099] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 67.773411] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 67.780721] ^ [ 67.785576] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 67.792887] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.800197] ================================================================== [ 65.389512] ================================================================== [ 65.396822] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858 [ 65.404226] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 65.411716] [ 65.413242] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 65.413271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 65.413278] Hardware name: Thundercomm Dragonboard 845c (DT) [ 65.413290] Call trace: [ 65.413296] show_stack+0x20/0x38 (C) [ 65.413313] dump_stack_lvl+0x8c/0xd0 [ 65.413330] print_report+0x118/0x608 [ 65.413348] kasan_report+0xdc/0x128 [ 65.413366] kasan_check_range+0x100/0x1a8 [ 65.413386] __kasan_check_write+0x20/0x30 [ 65.413401] kasan_atomics_helper+0xca0/0x4858 [ 65.413419] kasan_atomics+0x198/0x2e0 [ 65.413435] kunit_try_run_case+0x170/0x3f0 [ 65.413453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.413475] kthread+0x328/0x630 [ 65.413489] ret_from_fork+0x10/0x20 [ 65.413505] [ 65.486668] Allocated by task 363: [ 65.490123] kasan_save_stack+0x3c/0x68 [ 65.494021] kasan_save_track+0x20/0x40 [ 65.497918] kasan_save_alloc_info+0x40/0x58 [ 65.502256] __kasan_kmalloc+0xd4/0xd8 [ 65.506065] __kmalloc_cache_noprof+0x16c/0x3c0 [ 65.510667] kasan_atomics+0xb8/0x2e0 [ 65.514388] kunit_try_run_case+0x170/0x3f0 [ 65.518640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.524209] kthread+0x328/0x630 [ 65.527495] ret_from_fork+0x10/0x20 [ 65.531129] [ 65.532652] The buggy address belongs to the object at ffff000080acff00 [ 65.532652] which belongs to the cache kmalloc-64 of size 64 [ 65.545128] The buggy address is located 0 bytes to the right of [ 65.545128] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 65.558129] [ 65.559652] The buggy address belongs to the physical page: [ 65.565297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 65.573403] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 65.580013] page_type: f5(slab) [ 65.583211] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 65.591047] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 65.598878] page dumped because: kasan: bad access detected [ 65.604523] [ 65.606045] Memory state around the buggy address: [ 65.610901] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 65.618211] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 65.625522] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 65.632831] ^ [ 65.637687] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.644999] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.652308] ================================================================== [ 69.969911] ================================================================== [ 69.977222] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 69.984713] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 69.992200] [ 69.993725] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 69.993754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 69.993761] Hardware name: Thundercomm Dragonboard 845c (DT) [ 69.993772] Call trace: [ 69.993779] show_stack+0x20/0x38 (C) [ 69.993796] dump_stack_lvl+0x8c/0xd0 [ 69.993814] print_report+0x118/0x608 [ 69.993832] kasan_report+0xdc/0x128 [ 69.993850] kasan_check_range+0x100/0x1a8 [ 69.993870] __kasan_check_write+0x20/0x30 [ 69.993886] kasan_atomics_helper+0x126c/0x4858 [ 69.993904] kasan_atomics+0x198/0x2e0 [ 69.993920] kunit_try_run_case+0x170/0x3f0 [ 69.993938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 69.993958] kthread+0x328/0x630 [ 69.993971] ret_from_fork+0x10/0x20 [ 69.993988] [ 70.067238] Allocated by task 363: [ 70.070693] kasan_save_stack+0x3c/0x68 [ 70.074593] kasan_save_track+0x20/0x40 [ 70.078490] kasan_save_alloc_info+0x40/0x58 [ 70.082830] __kasan_kmalloc+0xd4/0xd8 [ 70.086641] __kmalloc_cache_noprof+0x16c/0x3c0 [ 70.091242] kasan_atomics+0xb8/0x2e0 [ 70.094964] kunit_try_run_case+0x170/0x3f0 [ 70.099218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 70.104787] kthread+0x328/0x630 [ 70.108074] ret_from_fork+0x10/0x20 [ 70.111709] [ 70.113232] The buggy address belongs to the object at ffff000080acff00 [ 70.113232] which belongs to the cache kmalloc-64 of size 64 [ 70.125708] The buggy address is located 0 bytes to the right of [ 70.125708] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 70.138708] [ 70.140231] The buggy address belongs to the physical page: [ 70.145877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 70.153984] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 70.160590] page_type: f5(slab) [ 70.163788] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 70.171623] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 70.179456] page dumped because: kasan: bad access detected [ 70.185103] [ 70.186626] Memory state around the buggy address: [ 70.191480] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 70.198791] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 70.206102] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 70.213411] ^ [ 70.218267] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 70.225577] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 70.232887] ================================================================== [ 70.510623] ================================================================== [ 70.517935] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 70.525432] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 70.532925] [ 70.534450] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 70.534479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 70.534488] Hardware name: Thundercomm Dragonboard 845c (DT) [ 70.534498] Call trace: [ 70.534504] show_stack+0x20/0x38 (C) [ 70.534521] dump_stack_lvl+0x8c/0xd0 [ 70.534539] print_report+0x118/0x608 [ 70.534557] kasan_report+0xdc/0x128 [ 70.534575] kasan_check_range+0x100/0x1a8 [ 70.534595] __kasan_check_write+0x20/0x30 [ 70.534610] kasan_atomics_helper+0x1384/0x4858 [ 70.534629] kasan_atomics+0x198/0x2e0 [ 70.534646] kunit_try_run_case+0x170/0x3f0 [ 70.534664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 70.534685] kthread+0x328/0x630 [ 70.534698] ret_from_fork+0x10/0x20 [ 70.534715] [ 70.607950] Allocated by task 363: [ 70.611406] kasan_save_stack+0x3c/0x68 [ 70.615306] kasan_save_track+0x20/0x40 [ 70.619203] kasan_save_alloc_info+0x40/0x58 [ 70.623541] __kasan_kmalloc+0xd4/0xd8 [ 70.627350] __kmalloc_cache_noprof+0x16c/0x3c0 [ 70.631953] kasan_atomics+0xb8/0x2e0 [ 70.635675] kunit_try_run_case+0x170/0x3f0 [ 70.639929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 70.645497] kthread+0x328/0x630 [ 70.648783] ret_from_fork+0x10/0x20 [ 70.652418] [ 70.653940] The buggy address belongs to the object at ffff000080acff00 [ 70.653940] which belongs to the cache kmalloc-64 of size 64 [ 70.666420] The buggy address is located 0 bytes to the right of [ 70.666420] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 70.679419] [ 70.680942] The buggy address belongs to the physical page: [ 70.686589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 70.694696] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 70.701305] page_type: f5(slab) [ 70.704504] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 70.712340] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 70.720171] page dumped because: kasan: bad access detected [ 70.725817] [ 70.727340] Memory state around the buggy address: [ 70.732196] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 70.739508] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 70.746820] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 70.754130] ^ [ 70.758986] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 70.766297] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 70.773607] ================================================================== [ 61.079930] ================================================================== [ 61.087240] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x684/0x4858 [ 61.094642] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 61.102131] [ 61.103657] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 61.103687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 61.103695] Hardware name: Thundercomm Dragonboard 845c (DT) [ 61.103705] Call trace: [ 61.103712] show_stack+0x20/0x38 (C) [ 61.103730] dump_stack_lvl+0x8c/0xd0 [ 61.103748] print_report+0x118/0x608 [ 61.103766] kasan_report+0xdc/0x128 [ 61.103784] kasan_check_range+0x100/0x1a8 [ 61.103803] __kasan_check_write+0x20/0x30 [ 61.103818] kasan_atomics_helper+0x684/0x4858 [ 61.103837] kasan_atomics+0x198/0x2e0 [ 61.103853] kunit_try_run_case+0x170/0x3f0 [ 61.103873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.103893] kthread+0x328/0x630 [ 61.103906] ret_from_fork+0x10/0x20 [ 61.103922] [ 61.177086] Allocated by task 363: [ 61.180543] kasan_save_stack+0x3c/0x68 [ 61.184443] kasan_save_track+0x20/0x40 [ 61.188341] kasan_save_alloc_info+0x40/0x58 [ 61.192680] __kasan_kmalloc+0xd4/0xd8 [ 61.196489] __kmalloc_cache_noprof+0x16c/0x3c0 [ 61.201092] kasan_atomics+0xb8/0x2e0 [ 61.204813] kunit_try_run_case+0x170/0x3f0 [ 61.209067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.214637] kthread+0x328/0x630 [ 61.217923] ret_from_fork+0x10/0x20 [ 61.221558] [ 61.223081] The buggy address belongs to the object at ffff000080acff00 [ 61.223081] which belongs to the cache kmalloc-64 of size 64 [ 61.235559] The buggy address is located 0 bytes to the right of [ 61.235559] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 61.248559] [ 61.250083] The buggy address belongs to the physical page: [ 61.255729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 61.263836] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 61.270444] page_type: f5(slab) [ 61.273643] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 61.281479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 61.289311] page dumped because: kasan: bad access detected [ 61.294957] [ 61.296479] Memory state around the buggy address: [ 61.301335] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.308647] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.315959] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 61.323268] ^ [ 61.328124] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 61.335434] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 61.342744] ================================================================== [ 62.430930] ================================================================== [ 62.438241] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 62.445733] Read of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 62.453133] [ 62.454659] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 62.454688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.454696] Hardware name: Thundercomm Dragonboard 845c (DT) [ 62.454707] Call trace: [ 62.454714] show_stack+0x20/0x38 (C) [ 62.454731] dump_stack_lvl+0x8c/0xd0 [ 62.454749] print_report+0x118/0x608 [ 62.454767] kasan_report+0xdc/0x128 [ 62.454786] __asan_report_load4_noabort+0x20/0x30 [ 62.454804] kasan_atomics_helper+0x42d8/0x4858 [ 62.454822] kasan_atomics+0x198/0x2e0 [ 62.454838] kunit_try_run_case+0x170/0x3f0 [ 62.454858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.454879] kthread+0x328/0x630 [ 62.454893] ret_from_fork+0x10/0x20 [ 62.454911] [ 62.524708] Allocated by task 363: [ 62.528165] kasan_save_stack+0x3c/0x68 [ 62.532063] kasan_save_track+0x20/0x40 [ 62.535960] kasan_save_alloc_info+0x40/0x58 [ 62.540297] __kasan_kmalloc+0xd4/0xd8 [ 62.544106] __kmalloc_cache_noprof+0x16c/0x3c0 [ 62.548708] kasan_atomics+0xb8/0x2e0 [ 62.552429] kunit_try_run_case+0x170/0x3f0 [ 62.556682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.562251] kthread+0x328/0x630 [ 62.565537] ret_from_fork+0x10/0x20 [ 62.569172] [ 62.570696] The buggy address belongs to the object at ffff000080acff00 [ 62.570696] which belongs to the cache kmalloc-64 of size 64 [ 62.583172] The buggy address is located 0 bytes to the right of [ 62.583172] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 62.596174] [ 62.597698] The buggy address belongs to the physical page: [ 62.603343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 62.611449] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 62.618056] page_type: f5(slab) [ 62.621254] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 62.629090] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 62.636921] page dumped because: kasan: bad access detected [ 62.642568] [ 62.644091] Memory state around the buggy address: [ 62.648945] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.656257] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.663568] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 62.670877] ^ [ 62.675732] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 62.683043] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 62.690351] ================================================================== [ 65.659681] ================================================================== [ 65.666990] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 65.674481] Read of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 65.681882] [ 65.683407] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 65.683436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 65.683444] Hardware name: Thundercomm Dragonboard 845c (DT) [ 65.683454] Call trace: [ 65.683461] show_stack+0x20/0x38 (C) [ 65.683479] dump_stack_lvl+0x8c/0xd0 [ 65.683497] print_report+0x118/0x608 [ 65.683515] kasan_report+0xdc/0x128 [ 65.683534] __asan_report_load4_noabort+0x20/0x30 [ 65.683552] kasan_atomics_helper+0x3dd8/0x4858 [ 65.683570] kasan_atomics+0x198/0x2e0 [ 65.683586] kunit_try_run_case+0x170/0x3f0 [ 65.683604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.683624] kthread+0x328/0x630 [ 65.683637] ret_from_fork+0x10/0x20 [ 65.683654] [ 65.753451] Allocated by task 363: [ 65.756907] kasan_save_stack+0x3c/0x68 [ 65.760807] kasan_save_track+0x20/0x40 [ 65.764703] kasan_save_alloc_info+0x40/0x58 [ 65.769042] __kasan_kmalloc+0xd4/0xd8 [ 65.772851] __kmalloc_cache_noprof+0x16c/0x3c0 [ 65.777453] kasan_atomics+0xb8/0x2e0 [ 65.781174] kunit_try_run_case+0x170/0x3f0 [ 65.785428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.790995] kthread+0x328/0x630 [ 65.794282] ret_from_fork+0x10/0x20 [ 65.797917] [ 65.799440] The buggy address belongs to the object at ffff000080acff00 [ 65.799440] which belongs to the cache kmalloc-64 of size 64 [ 65.811920] The buggy address is located 0 bytes to the right of [ 65.811920] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 65.824922] [ 65.826455] The buggy address belongs to the physical page: [ 65.832101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 65.840209] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 65.846816] page_type: f5(slab) [ 65.850016] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 65.857852] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 65.865684] page dumped because: kasan: bad access detected [ 65.871330] [ 65.872853] Memory state around the buggy address: [ 65.877708] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 65.885020] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 65.892332] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 65.899641] ^ [ 65.904497] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.911808] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.919119] ================================================================== [ 71.588496] ================================================================== [ 71.595807] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 71.603298] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 71.610787] [ 71.612312] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 71.612341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 71.612350] Hardware name: Thundercomm Dragonboard 845c (DT) [ 71.612361] Call trace: [ 71.612367] show_stack+0x20/0x38 (C) [ 71.612384] dump_stack_lvl+0x8c/0xd0 [ 71.612401] print_report+0x118/0x608 [ 71.612421] kasan_report+0xdc/0x128 [ 71.612439] kasan_check_range+0x100/0x1a8 [ 71.612459] __kasan_check_write+0x20/0x30 [ 71.612474] kasan_atomics_helper+0x14e4/0x4858 [ 71.612492] kasan_atomics+0x198/0x2e0 [ 71.612510] kunit_try_run_case+0x170/0x3f0 [ 71.612528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 71.612548] kthread+0x328/0x630 [ 71.612561] ret_from_fork+0x10/0x20 [ 71.612577] [ 71.685829] Allocated by task 363: [ 71.689285] kasan_save_stack+0x3c/0x68 [ 71.693184] kasan_save_track+0x20/0x40 [ 71.697082] kasan_save_alloc_info+0x40/0x58 [ 71.701419] __kasan_kmalloc+0xd4/0xd8 [ 71.705227] __kmalloc_cache_noprof+0x16c/0x3c0 [ 71.709829] kasan_atomics+0xb8/0x2e0 [ 71.713550] kunit_try_run_case+0x170/0x3f0 [ 71.717803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 71.723372] kthread+0x328/0x630 [ 71.726657] ret_from_fork+0x10/0x20 [ 71.730292] [ 71.731814] The buggy address belongs to the object at ffff000080acff00 [ 71.731814] which belongs to the cache kmalloc-64 of size 64 [ 71.744292] The buggy address is located 0 bytes to the right of [ 71.744292] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 71.757293] [ 71.758815] The buggy address belongs to the physical page: [ 71.764461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 71.772567] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 71.779173] page_type: f5(slab) [ 71.782375] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 71.790212] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 71.798043] page dumped because: kasan: bad access detected [ 71.803690] [ 71.805213] Memory state around the buggy address: [ 71.810068] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 71.817382] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 71.824693] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 71.832002] ^ [ 71.836859] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 71.844170] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 71.851479] ================================================================== [ 71.318140] ================================================================== [ 71.325452] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 71.332944] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 71.340432] [ 71.341957] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 71.341986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 71.341994] Hardware name: Thundercomm Dragonboard 845c (DT) [ 71.342005] Call trace: [ 71.342011] show_stack+0x20/0x38 (C) [ 71.342027] dump_stack_lvl+0x8c/0xd0 [ 71.342046] print_report+0x118/0x608 [ 71.342066] kasan_report+0xdc/0x128 [ 71.342085] kasan_check_range+0x100/0x1a8 [ 71.342104] __kasan_check_write+0x20/0x30 [ 71.342119] kasan_atomics_helper+0x147c/0x4858 [ 71.342138] kasan_atomics+0x198/0x2e0 [ 71.342154] kunit_try_run_case+0x170/0x3f0 [ 71.342172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 71.342192] kthread+0x328/0x630 [ 71.342207] ret_from_fork+0x10/0x20 [ 71.342223] [ 71.415474] Allocated by task 363: [ 71.418930] kasan_save_stack+0x3c/0x68 [ 71.422830] kasan_save_track+0x20/0x40 [ 71.426727] kasan_save_alloc_info+0x40/0x58 [ 71.431065] __kasan_kmalloc+0xd4/0xd8 [ 71.434873] __kmalloc_cache_noprof+0x16c/0x3c0 [ 71.439474] kasan_atomics+0xb8/0x2e0 [ 71.443196] kunit_try_run_case+0x170/0x3f0 [ 71.447449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 71.453018] kthread+0x328/0x630 [ 71.456305] ret_from_fork+0x10/0x20 [ 71.459939] [ 71.461462] The buggy address belongs to the object at ffff000080acff00 [ 71.461462] which belongs to the cache kmalloc-64 of size 64 [ 71.473942] The buggy address is located 0 bytes to the right of [ 71.473942] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 71.486941] [ 71.488464] The buggy address belongs to the physical page: [ 71.494109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 71.502214] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 71.508822] page_type: f5(slab) [ 71.512021] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 71.519858] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 71.527690] page dumped because: kasan: bad access detected [ 71.533335] [ 71.534857] Memory state around the buggy address: [ 71.539712] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 71.547024] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 71.554335] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 71.561644] ^ [ 71.566500] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 71.573811] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 71.581121] ================================================================== [ 69.158763] ================================================================== [ 69.166074] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 69.173566] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 69.181055] [ 69.182580] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 69.182609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 69.182616] Hardware name: Thundercomm Dragonboard 845c (DT) [ 69.182627] Call trace: [ 69.182633] show_stack+0x20/0x38 (C) [ 69.182650] dump_stack_lvl+0x8c/0xd0 [ 69.182667] print_report+0x118/0x608 [ 69.182685] kasan_report+0xdc/0x128 [ 69.182703] kasan_check_range+0x100/0x1a8 [ 69.182724] __kasan_check_write+0x20/0x30 [ 69.182739] kasan_atomics_helper+0x1128/0x4858 [ 69.182759] kasan_atomics+0x198/0x2e0 [ 69.182776] kunit_try_run_case+0x170/0x3f0 [ 69.182793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 69.182814] kthread+0x328/0x630 [ 69.182829] ret_from_fork+0x10/0x20 [ 69.182845] [ 69.256097] Allocated by task 363: [ 69.259553] kasan_save_stack+0x3c/0x68 [ 69.263451] kasan_save_track+0x20/0x40 [ 69.267350] kasan_save_alloc_info+0x40/0x58 [ 69.271689] __kasan_kmalloc+0xd4/0xd8 [ 69.275498] __kmalloc_cache_noprof+0x16c/0x3c0 [ 69.280098] kasan_atomics+0xb8/0x2e0 [ 69.283820] kunit_try_run_case+0x170/0x3f0 [ 69.288074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 69.293642] kthread+0x328/0x630 [ 69.296928] ret_from_fork+0x10/0x20 [ 69.300562] [ 69.302085] The buggy address belongs to the object at ffff000080acff00 [ 69.302085] which belongs to the cache kmalloc-64 of size 64 [ 69.314568] The buggy address is located 0 bytes to the right of [ 69.314568] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 69.327577] [ 69.329103] The buggy address belongs to the physical page: [ 69.334750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 69.342860] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 69.349469] page_type: f5(slab) [ 69.352669] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 69.360508] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 69.368341] page dumped because: kasan: bad access detected [ 69.373987] [ 69.375511] Memory state around the buggy address: [ 69.380367] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 69.387678] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 69.394989] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 69.402298] ^ [ 69.407155] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 69.414466] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 69.421776] ================================================================== [ 59.188727] ================================================================== [ 59.196037] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858 [ 59.203440] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 59.210929] [ 59.212454] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 59.212484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.212491] Hardware name: Thundercomm Dragonboard 845c (DT) [ 59.212501] Call trace: [ 59.212506] show_stack+0x20/0x38 (C) [ 59.212523] dump_stack_lvl+0x8c/0xd0 [ 59.212541] print_report+0x118/0x608 [ 59.212559] kasan_report+0xdc/0x128 [ 59.212577] kasan_check_range+0x100/0x1a8 [ 59.212596] __kasan_check_write+0x20/0x30 [ 59.212613] kasan_atomics_helper+0x3ac/0x4858 [ 59.212633] kasan_atomics+0x198/0x2e0 [ 59.212650] kunit_try_run_case+0x170/0x3f0 [ 59.212667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.212688] kthread+0x328/0x630 [ 59.212701] ret_from_fork+0x10/0x20 [ 59.212719] [ 59.285883] Allocated by task 363: [ 59.289338] kasan_save_stack+0x3c/0x68 [ 59.293237] kasan_save_track+0x20/0x40 [ 59.297135] kasan_save_alloc_info+0x40/0x58 [ 59.301473] __kasan_kmalloc+0xd4/0xd8 [ 59.305283] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.309884] kasan_atomics+0xb8/0x2e0 [ 59.313605] kunit_try_run_case+0x170/0x3f0 [ 59.317859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.323428] kthread+0x328/0x630 [ 59.326713] ret_from_fork+0x10/0x20 [ 59.330348] [ 59.331870] The buggy address belongs to the object at ffff000080acff00 [ 59.331870] which belongs to the cache kmalloc-64 of size 64 [ 59.344345] The buggy address is located 0 bytes to the right of [ 59.344345] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 59.357353] [ 59.358876] The buggy address belongs to the physical page: [ 59.364522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 59.372629] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.379236] page_type: f5(slab) [ 59.382434] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 59.390271] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 59.398103] page dumped because: kasan: bad access detected [ 59.403749] [ 59.405272] Memory state around the buggy address: [ 59.410127] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.417440] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.424751] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 59.432060] ^ [ 59.436916] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.444226] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 59.451535] ================================================================== [ 73.740641] ================================================================== [ 73.747952] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 73.755441] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 73.762929] [ 73.764453] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 73.764481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 73.764489] Hardware name: Thundercomm Dragonboard 845c (DT) [ 73.764498] Call trace: [ 73.764504] show_stack+0x20/0x38 (C) [ 73.764521] dump_stack_lvl+0x8c/0xd0 [ 73.764538] print_report+0x118/0x608 [ 73.764556] kasan_report+0xdc/0x128 [ 73.764574] kasan_check_range+0x100/0x1a8 [ 73.764593] __kasan_check_write+0x20/0x30 [ 73.764608] kasan_atomics_helper+0x175c/0x4858 [ 73.764626] kasan_atomics+0x198/0x2e0 [ 73.764643] kunit_try_run_case+0x170/0x3f0 [ 73.764661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 73.764681] kthread+0x328/0x630 [ 73.764694] ret_from_fork+0x10/0x20 [ 73.764710] [ 73.837961] Allocated by task 363: [ 73.841416] kasan_save_stack+0x3c/0x68 [ 73.845314] kasan_save_track+0x20/0x40 [ 73.849211] kasan_save_alloc_info+0x40/0x58 [ 73.853549] __kasan_kmalloc+0xd4/0xd8 [ 73.857358] __kmalloc_cache_noprof+0x16c/0x3c0 [ 73.861959] kasan_atomics+0xb8/0x2e0 [ 73.865680] kunit_try_run_case+0x170/0x3f0 [ 73.869932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 73.875499] kthread+0x328/0x630 [ 73.878785] ret_from_fork+0x10/0x20 [ 73.882419] [ 73.883941] The buggy address belongs to the object at ffff000080acff00 [ 73.883941] which belongs to the cache kmalloc-64 of size 64 [ 73.896418] The buggy address is located 0 bytes to the right of [ 73.896418] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 73.909417] [ 73.910941] The buggy address belongs to the physical page: [ 73.916587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 73.924692] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 73.931299] page_type: f5(slab) [ 73.934498] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 73.942333] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 73.950163] page dumped because: kasan: bad access detected [ 73.955808] [ 73.957331] Memory state around the buggy address: [ 73.962184] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 73.969495] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 73.976806] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 73.984115] ^ [ 73.988970] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.996280] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 74.003589] ================================================================== [ 59.729090] ================================================================== [ 59.736400] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858 [ 59.743805] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 59.751293] [ 59.752818] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 59.752847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.752854] Hardware name: Thundercomm Dragonboard 845c (DT) [ 59.752866] Call trace: [ 59.752872] show_stack+0x20/0x38 (C) [ 59.752889] dump_stack_lvl+0x8c/0xd0 [ 59.752908] print_report+0x118/0x608 [ 59.752925] kasan_report+0xdc/0x128 [ 59.752944] kasan_check_range+0x100/0x1a8 [ 59.752962] __kasan_check_write+0x20/0x30 [ 59.752977] kasan_atomics_helper+0x47c/0x4858 [ 59.752997] kasan_atomics+0x198/0x2e0 [ 59.753014] kunit_try_run_case+0x170/0x3f0 [ 59.753031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.753051] kthread+0x328/0x630 [ 59.753065] ret_from_fork+0x10/0x20 [ 59.753081] [ 59.826236] Allocated by task 363: [ 59.829692] kasan_save_stack+0x3c/0x68 [ 59.833589] kasan_save_track+0x20/0x40 [ 59.837486] kasan_save_alloc_info+0x40/0x58 [ 59.841823] __kasan_kmalloc+0xd4/0xd8 [ 59.845632] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.850235] kasan_atomics+0xb8/0x2e0 [ 59.853957] kunit_try_run_case+0x170/0x3f0 [ 59.858210] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.863778] kthread+0x328/0x630 [ 59.867064] ret_from_fork+0x10/0x20 [ 59.870699] [ 59.872222] The buggy address belongs to the object at ffff000080acff00 [ 59.872222] which belongs to the cache kmalloc-64 of size 64 [ 59.884698] The buggy address is located 0 bytes to the right of [ 59.884698] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 59.897699] [ 59.899223] The buggy address belongs to the physical page: [ 59.904869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 59.912975] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.919582] page_type: f5(slab) [ 59.922780] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 59.930616] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 59.938449] page dumped because: kasan: bad access detected [ 59.944094] [ 59.945618] Memory state around the buggy address: [ 59.950473] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.957784] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.965095] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 59.972404] ^ [ 59.977259] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.984572] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 59.991882] ================================================================== [ 57.306328] ================================================================== [ 57.313644] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 57.321138] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 57.328637] [ 57.330171] CPU: 3 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 57.330201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 57.330212] Hardware name: Thundercomm Dragonboard 845c (DT) [ 57.330224] Call trace: [ 57.330231] show_stack+0x20/0x38 (C) [ 57.330251] dump_stack_lvl+0x8c/0xd0 [ 57.330272] print_report+0x118/0x608 [ 57.330293] kasan_report+0xdc/0x128 [ 57.330313] __asan_report_store4_noabort+0x20/0x30 [ 57.330333] kasan_atomics_helper+0x3f7c/0x4858 [ 57.330355] kasan_atomics+0x198/0x2e0 [ 57.330375] kunit_try_run_case+0x170/0x3f0 [ 57.330396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.330419] kthread+0x328/0x630 [ 57.330435] ret_from_fork+0x10/0x20 [ 57.330454] [ 57.400377] Allocated by task 363: [ 57.403838] kasan_save_stack+0x3c/0x68 [ 57.407752] kasan_save_track+0x20/0x40 [ 57.411654] kasan_save_alloc_info+0x40/0x58 [ 57.415993] __kasan_kmalloc+0xd4/0xd8 [ 57.419807] __kmalloc_cache_noprof+0x16c/0x3c0 [ 57.424410] kasan_atomics+0xb8/0x2e0 [ 57.428145] kunit_try_run_case+0x170/0x3f0 [ 57.432400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.437976] kthread+0x328/0x630 [ 57.441269] ret_from_fork+0x10/0x20 [ 57.444910] [ 57.446441] The buggy address belongs to the object at ffff000080acff00 [ 57.446441] which belongs to the cache kmalloc-64 of size 64 [ 57.458926] The buggy address is located 0 bytes to the right of [ 57.458926] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 57.471938] [ 57.473470] The buggy address belongs to the physical page: [ 57.479120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 57.487227] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 57.493844] page_type: f5(slab) [ 57.497049] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 57.504899] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 57.512745] page dumped because: kasan: bad access detected [ 57.518396] [ 57.519933] Memory state around the buggy address: [ 57.524797] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 57.532122] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 57.539442] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 57.546757] ^ [ 57.551621] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 57.558938] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 57.566254] ================================================================== [ 70.240251] ================================================================== [ 70.247562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 70.255056] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 70.262545] [ 70.264071] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 70.264101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 70.264110] Hardware name: Thundercomm Dragonboard 845c (DT) [ 70.264121] Call trace: [ 70.264128] show_stack+0x20/0x38 (C) [ 70.264145] dump_stack_lvl+0x8c/0xd0 [ 70.264162] print_report+0x118/0x608 [ 70.264180] kasan_report+0xdc/0x128 [ 70.264198] kasan_check_range+0x100/0x1a8 [ 70.264217] __kasan_check_write+0x20/0x30 [ 70.264233] kasan_atomics_helper+0x12d8/0x4858 [ 70.264253] kasan_atomics+0x198/0x2e0 [ 70.264269] kunit_try_run_case+0x170/0x3f0 [ 70.264287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 70.264307] kthread+0x328/0x630 [ 70.264321] ret_from_fork+0x10/0x20 [ 70.264339] [ 70.337592] Allocated by task 363: [ 70.341048] kasan_save_stack+0x3c/0x68 [ 70.344946] kasan_save_track+0x20/0x40 [ 70.348845] kasan_save_alloc_info+0x40/0x58 [ 70.353182] __kasan_kmalloc+0xd4/0xd8 [ 70.356992] __kmalloc_cache_noprof+0x16c/0x3c0 [ 70.361594] kasan_atomics+0xb8/0x2e0 [ 70.365315] kunit_try_run_case+0x170/0x3f0 [ 70.369568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 70.375138] kthread+0x328/0x630 [ 70.378423] ret_from_fork+0x10/0x20 [ 70.382058] [ 70.383581] The buggy address belongs to the object at ffff000080acff00 [ 70.383581] which belongs to the cache kmalloc-64 of size 64 [ 70.396058] The buggy address is located 0 bytes to the right of [ 70.396058] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 70.409060] [ 70.410584] The buggy address belongs to the physical page: [ 70.416230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 70.424338] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 70.430944] page_type: f5(slab) [ 70.434144] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 70.441980] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 70.449812] page dumped because: kasan: bad access detected [ 70.455459] [ 70.456981] Memory state around the buggy address: [ 70.461836] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 70.469148] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 70.476462] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 70.483771] ^ [ 70.488628] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 70.495938] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 70.503249] ================================================================== [ 62.967904] ================================================================== [ 62.975214] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 62.982618] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 62.990106] [ 62.991631] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 62.991661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.991669] Hardware name: Thundercomm Dragonboard 845c (DT) [ 62.991678] Call trace: [ 62.991684] show_stack+0x20/0x38 (C) [ 62.991701] dump_stack_lvl+0x8c/0xd0 [ 62.991718] print_report+0x118/0x608 [ 62.991736] kasan_report+0xdc/0x128 [ 62.991754] kasan_check_range+0x100/0x1a8 [ 62.991774] __kasan_check_write+0x20/0x30 [ 62.991789] kasan_atomics_helper+0x99c/0x4858 [ 62.991808] kasan_atomics+0x198/0x2e0 [ 62.991824] kunit_try_run_case+0x170/0x3f0 [ 62.991842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.991863] kthread+0x328/0x630 [ 62.991876] ret_from_fork+0x10/0x20 [ 62.991892] [ 63.065055] Allocated by task 363: [ 63.068510] kasan_save_stack+0x3c/0x68 [ 63.072408] kasan_save_track+0x20/0x40 [ 63.076305] kasan_save_alloc_info+0x40/0x58 [ 63.080642] __kasan_kmalloc+0xd4/0xd8 [ 63.084453] __kmalloc_cache_noprof+0x16c/0x3c0 [ 63.089055] kasan_atomics+0xb8/0x2e0 [ 63.092776] kunit_try_run_case+0x170/0x3f0 [ 63.097029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.102600] kthread+0x328/0x630 [ 63.105885] ret_from_fork+0x10/0x20 [ 63.109522] [ 63.111045] The buggy address belongs to the object at ffff000080acff00 [ 63.111045] which belongs to the cache kmalloc-64 of size 64 [ 63.123524] The buggy address is located 0 bytes to the right of [ 63.123524] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 63.136527] [ 63.138050] The buggy address belongs to the physical page: [ 63.143697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 63.151804] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 63.158411] page_type: f5(slab) [ 63.161611] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 63.169446] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 63.177279] page dumped because: kasan: bad access detected [ 63.182926] [ 63.184450] Memory state around the buggy address: [ 63.189306] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.196617] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.203929] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 63.211239] ^ [ 63.216094] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.223407] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 63.230717] ================================================================== [ 67.807572] ================================================================== [ 67.814880] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 67.822284] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 67.829771] [ 67.831296] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 67.831324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 67.831332] Hardware name: Thundercomm Dragonboard 845c (DT) [ 67.831342] Call trace: [ 67.831349] show_stack+0x20/0x38 (C) [ 67.831366] dump_stack_lvl+0x8c/0xd0 [ 67.831383] print_report+0x118/0x608 [ 67.831402] kasan_report+0xdc/0x128 [ 67.831419] kasan_check_range+0x100/0x1a8 [ 67.831439] __kasan_check_write+0x20/0x30 [ 67.831454] kasan_atomics_helper+0xf20/0x4858 [ 67.831472] kasan_atomics+0x198/0x2e0 [ 67.831489] kunit_try_run_case+0x170/0x3f0 [ 67.831507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 67.831527] kthread+0x328/0x630 [ 67.831540] ret_from_fork+0x10/0x20 [ 67.831557] [ 67.904722] Allocated by task 363: [ 67.908177] kasan_save_stack+0x3c/0x68 [ 67.912076] kasan_save_track+0x20/0x40 [ 67.915974] kasan_save_alloc_info+0x40/0x58 [ 67.920311] __kasan_kmalloc+0xd4/0xd8 [ 67.924120] __kmalloc_cache_noprof+0x16c/0x3c0 [ 67.928722] kasan_atomics+0xb8/0x2e0 [ 67.932443] kunit_try_run_case+0x170/0x3f0 [ 67.936695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 67.942263] kthread+0x328/0x630 [ 67.945548] ret_from_fork+0x10/0x20 [ 67.949184] [ 67.950706] The buggy address belongs to the object at ffff000080acff00 [ 67.950706] which belongs to the cache kmalloc-64 of size 64 [ 67.963183] The buggy address is located 0 bytes to the right of [ 67.963183] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 67.976183] [ 67.977705] The buggy address belongs to the physical page: [ 67.983350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 67.991456] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 67.998063] page_type: f5(slab) [ 68.001263] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 68.009098] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 68.016930] page dumped because: kasan: bad access detected [ 68.022577] [ 68.024098] Memory state around the buggy address: [ 68.028953] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 68.036265] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 68.043575] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 68.050884] ^ [ 68.055740] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 68.063051] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.070361] ================================================================== [ 66.733431] ================================================================== [ 66.740740] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 66.748230] Read of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 66.755632] [ 66.757157] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 66.757186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 66.757194] Hardware name: Thundercomm Dragonboard 845c (DT) [ 66.757207] Call trace: [ 66.757214] show_stack+0x20/0x38 (C) [ 66.757231] dump_stack_lvl+0x8c/0xd0 [ 66.757249] print_report+0x118/0x608 [ 66.757268] kasan_report+0xdc/0x128 [ 66.757286] __asan_report_load8_noabort+0x20/0x30 [ 66.757304] kasan_atomics_helper+0x3f58/0x4858 [ 66.757323] kasan_atomics+0x198/0x2e0 [ 66.757339] kunit_try_run_case+0x170/0x3f0 [ 66.757357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 66.757377] kthread+0x328/0x630 [ 66.757390] ret_from_fork+0x10/0x20 [ 66.757408] [ 66.827207] Allocated by task 363: [ 66.830662] kasan_save_stack+0x3c/0x68 [ 66.834560] kasan_save_track+0x20/0x40 [ 66.838458] kasan_save_alloc_info+0x40/0x58 [ 66.842798] __kasan_kmalloc+0xd4/0xd8 [ 66.846608] __kmalloc_cache_noprof+0x16c/0x3c0 [ 66.851209] kasan_atomics+0xb8/0x2e0 [ 66.854931] kunit_try_run_case+0x170/0x3f0 [ 66.859184] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 66.864753] kthread+0x328/0x630 [ 66.868038] ret_from_fork+0x10/0x20 [ 66.871674] [ 66.873197] The buggy address belongs to the object at ffff000080acff00 [ 66.873197] which belongs to the cache kmalloc-64 of size 64 [ 66.885676] The buggy address is located 0 bytes to the right of [ 66.885676] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 66.898677] [ 66.900201] The buggy address belongs to the physical page: [ 66.905846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 66.913954] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 66.920562] page_type: f5(slab) [ 66.923762] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 66.931599] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 66.939432] page dumped because: kasan: bad access detected [ 66.945079] [ 66.946603] Memory state around the buggy address: [ 66.951458] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 66.958770] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 66.966083] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 66.973392] ^ [ 66.978249] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.985560] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.992870] ================================================================== [ 64.585765] ================================================================== [ 64.593075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dbc/0x4858 [ 64.600566] Read of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 64.607968] [ 64.609494] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 64.609523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 64.609532] Hardware name: Thundercomm Dragonboard 845c (DT) [ 64.609542] Call trace: [ 64.609548] show_stack+0x20/0x38 (C) [ 64.609565] dump_stack_lvl+0x8c/0xd0 [ 64.609583] print_report+0x118/0x608 [ 64.609602] kasan_report+0xdc/0x128 [ 64.609621] __asan_report_load4_noabort+0x20/0x30 [ 64.609637] kasan_atomics_helper+0x3dbc/0x4858 [ 64.609655] kasan_atomics+0x198/0x2e0 [ 64.609672] kunit_try_run_case+0x170/0x3f0 [ 64.609689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.609710] kthread+0x328/0x630 [ 64.609724] ret_from_fork+0x10/0x20 [ 64.609742] [ 64.679539] Allocated by task 363: [ 64.682995] kasan_save_stack+0x3c/0x68 [ 64.686894] kasan_save_track+0x20/0x40 [ 64.690792] kasan_save_alloc_info+0x40/0x58 [ 64.695130] __kasan_kmalloc+0xd4/0xd8 [ 64.698941] __kmalloc_cache_noprof+0x16c/0x3c0 [ 64.703542] kasan_atomics+0xb8/0x2e0 [ 64.707264] kunit_try_run_case+0x170/0x3f0 [ 64.711517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.717086] kthread+0x328/0x630 [ 64.720373] ret_from_fork+0x10/0x20 [ 64.724008] [ 64.725531] The buggy address belongs to the object at ffff000080acff00 [ 64.725531] which belongs to the cache kmalloc-64 of size 64 [ 64.738008] The buggy address is located 0 bytes to the right of [ 64.738008] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 64.751012] [ 64.752535] The buggy address belongs to the physical page: [ 64.758180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 64.766287] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 64.772894] page_type: f5(slab) [ 64.776093] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 64.783928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 64.791760] page dumped because: kasan: bad access detected [ 64.797406] [ 64.798929] Memory state around the buggy address: [ 64.803785] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 64.811097] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 64.818409] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 64.825720] ^ [ 64.830577] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.837890] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.845200] ================================================================== [ 61.890507] ================================================================== [ 61.897816] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7cc/0x4858 [ 61.905220] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 61.912708] [ 61.914233] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 61.914262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 61.914271] Hardware name: Thundercomm Dragonboard 845c (DT) [ 61.914283] Call trace: [ 61.914290] show_stack+0x20/0x38 (C) [ 61.914307] dump_stack_lvl+0x8c/0xd0 [ 61.914325] print_report+0x118/0x608 [ 61.914344] kasan_report+0xdc/0x128 [ 61.914363] kasan_check_range+0x100/0x1a8 [ 61.914383] __kasan_check_write+0x20/0x30 [ 61.914400] kasan_atomics_helper+0x7cc/0x4858 [ 61.914419] kasan_atomics+0x198/0x2e0 [ 61.914435] kunit_try_run_case+0x170/0x3f0 [ 61.914453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.914476] kthread+0x328/0x630 [ 61.914489] ret_from_fork+0x10/0x20 [ 61.914506] [ 61.987669] Allocated by task 363: [ 61.991125] kasan_save_stack+0x3c/0x68 [ 61.995024] kasan_save_track+0x20/0x40 [ 61.998922] kasan_save_alloc_info+0x40/0x58 [ 62.003261] __kasan_kmalloc+0xd4/0xd8 [ 62.007072] __kmalloc_cache_noprof+0x16c/0x3c0 [ 62.011673] kasan_atomics+0xb8/0x2e0 [ 62.015395] kunit_try_run_case+0x170/0x3f0 [ 62.019650] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.025219] kthread+0x328/0x630 [ 62.028505] ret_from_fork+0x10/0x20 [ 62.032139] [ 62.033662] The buggy address belongs to the object at ffff000080acff00 [ 62.033662] which belongs to the cache kmalloc-64 of size 64 [ 62.046142] The buggy address is located 0 bytes to the right of [ 62.046142] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 62.059144] [ 62.060668] The buggy address belongs to the physical page: [ 62.066315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 62.074421] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 62.081029] page_type: f5(slab) [ 62.084228] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 62.092065] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 62.099898] page dumped because: kasan: bad access detected [ 62.105544] [ 62.107066] Memory state around the buggy address: [ 62.111922] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.119234] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.126546] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 62.133857] ^ [ 62.138712] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 62.146024] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 62.153334] ================================================================== [ 60.269425] ================================================================== [ 60.276734] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x54c/0x4858 [ 60.284139] Write of size 4 at addr ffff000080acff30 by task kunit_try_catch/363 [ 60.291627] [ 60.293153] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 60.293180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.293188] Hardware name: Thundercomm Dragonboard 845c (DT) [ 60.293197] Call trace: [ 60.293203] show_stack+0x20/0x38 (C) [ 60.293220] dump_stack_lvl+0x8c/0xd0 [ 60.293237] print_report+0x118/0x608 [ 60.293256] kasan_report+0xdc/0x128 [ 60.293273] kasan_check_range+0x100/0x1a8 [ 60.293293] __kasan_check_write+0x20/0x30 [ 60.293308] kasan_atomics_helper+0x54c/0x4858 [ 60.293327] kasan_atomics+0x198/0x2e0 [ 60.293344] kunit_try_run_case+0x170/0x3f0 [ 60.293361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.293382] kthread+0x328/0x630 [ 60.293396] ret_from_fork+0x10/0x20 [ 60.293412] [ 60.366577] Allocated by task 363: [ 60.370033] kasan_save_stack+0x3c/0x68 [ 60.373931] kasan_save_track+0x20/0x40 [ 60.377829] kasan_save_alloc_info+0x40/0x58 [ 60.382166] __kasan_kmalloc+0xd4/0xd8 [ 60.385974] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.390575] kasan_atomics+0xb8/0x2e0 [ 60.394297] kunit_try_run_case+0x170/0x3f0 [ 60.398550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.404119] kthread+0x328/0x630 [ 60.407405] ret_from_fork+0x10/0x20 [ 60.411039] [ 60.412563] The buggy address belongs to the object at ffff000080acff00 [ 60.412563] which belongs to the cache kmalloc-64 of size 64 [ 60.425041] The buggy address is located 0 bytes to the right of [ 60.425041] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 60.438041] [ 60.439564] The buggy address belongs to the physical page: [ 60.445210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 60.453316] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.459923] page_type: f5(slab) [ 60.463122] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 60.470959] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 60.478792] page dumped because: kasan: bad access detected [ 60.484438] [ 60.485960] Memory state around the buggy address: [ 60.490816] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.498126] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.505436] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 60.512745] ^ [ 60.517601] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.524912] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 60.532222] ================================================================== [ 69.429164] ================================================================== [ 69.436475] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 69.443968] Write of size 8 at addr ffff000080acff30 by task kunit_try_catch/363 [ 69.451459] [ 69.452984] CPU: 5 UID: 0 PID: 363 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 69.453015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 69.453023] Hardware name: Thundercomm Dragonboard 845c (DT) [ 69.453036] Call trace: [ 69.453043] show_stack+0x20/0x38 (C) [ 69.453061] dump_stack_lvl+0x8c/0xd0 [ 69.453080] print_report+0x118/0x608 [ 69.453099] kasan_report+0xdc/0x128 [ 69.453118] kasan_check_range+0x100/0x1a8 [ 69.453139] __kasan_check_write+0x20/0x30 [ 69.453155] kasan_atomics_helper+0x1190/0x4858 [ 69.453173] kasan_atomics+0x198/0x2e0 [ 69.453190] kunit_try_run_case+0x170/0x3f0 [ 69.453209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 69.453232] kthread+0x328/0x630 [ 69.453245] ret_from_fork+0x10/0x20 [ 69.453263] [ 69.526506] Allocated by task 363: [ 69.529963] kasan_save_stack+0x3c/0x68 [ 69.533865] kasan_save_track+0x20/0x40 [ 69.537763] kasan_save_alloc_info+0x40/0x58 [ 69.542103] __kasan_kmalloc+0xd4/0xd8 [ 69.545913] __kmalloc_cache_noprof+0x16c/0x3c0 [ 69.550515] kasan_atomics+0xb8/0x2e0 [ 69.554237] kunit_try_run_case+0x170/0x3f0 [ 69.558490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 69.564059] kthread+0x328/0x630 [ 69.567345] ret_from_fork+0x10/0x20 [ 69.570980] [ 69.572504] The buggy address belongs to the object at ffff000080acff00 [ 69.572504] which belongs to the cache kmalloc-64 of size 64 [ 69.584983] The buggy address is located 0 bytes to the right of [ 69.584983] allocated 48-byte region [ffff000080acff00, ffff000080acff30) [ 69.597985] [ 69.599508] The buggy address belongs to the physical page: [ 69.605155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100acf [ 69.613263] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 69.619871] page_type: f5(slab) [ 69.623070] raw: 0bfffe0000000000 ffff0000800028c0 dead000000000122 0000000000000000 [ 69.630906] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 69.638739] page dumped because: kasan: bad access detected [ 69.644385] [ 69.645909] Memory state around the buggy address: [ 69.650764] ffff000080acfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 69.658076] ffff000080acfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 69.665389] >ffff000080acff00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 69.672698] ^ [ 69.677554] ffff000080acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 69.684865] ffff000080ad0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 69.692175] ==================================================================
[ 37.464455] ================================================================== [ 37.465100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 37.465229] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.465410] [ 37.465543] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.466062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.466391] Hardware name: linux,dummy-virt (DT) [ 37.467027] Call trace: [ 37.467139] show_stack+0x20/0x38 (C) [ 37.467359] dump_stack_lvl+0x8c/0xd0 [ 37.467650] print_report+0x118/0x608 [ 37.467783] kasan_report+0xdc/0x128 [ 37.467987] kasan_check_range+0x100/0x1a8 [ 37.468464] __kasan_check_write+0x20/0x30 [ 37.468979] kasan_atomics_helper+0x154c/0x4858 [ 37.469438] kasan_atomics+0x198/0x2e0 [ 37.469590] kunit_try_run_case+0x170/0x3f0 [ 37.469946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.470609] kthread+0x328/0x630 [ 37.470752] ret_from_fork+0x10/0x20 [ 37.470911] [ 37.470997] Allocated by task 276: [ 37.471080] kasan_save_stack+0x3c/0x68 [ 37.471306] kasan_save_track+0x20/0x40 [ 37.471610] kasan_save_alloc_info+0x40/0x58 [ 37.471720] __kasan_kmalloc+0xd4/0xd8 [ 37.471828] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.472017] kasan_atomics+0xb8/0x2e0 [ 37.472132] kunit_try_run_case+0x170/0x3f0 [ 37.472435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.472704] kthread+0x328/0x630 [ 37.472873] ret_from_fork+0x10/0x20 [ 37.472985] [ 37.473044] The buggy address belongs to the object at fff00000c77ec800 [ 37.473044] which belongs to the cache kmalloc-64 of size 64 [ 37.473266] The buggy address is located 0 bytes to the right of [ 37.473266] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.473860] [ 37.473929] The buggy address belongs to the physical page: [ 37.474232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.474607] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.474727] page_type: f5(slab) [ 37.475023] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.475232] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.475329] page dumped because: kasan: bad access detected [ 37.475376] [ 37.475827] Memory state around the buggy address: [ 37.476486] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.476606] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.477664] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.477767] ^ [ 37.477855] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.478879] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.479005] ================================================================== [ 37.496132] ================================================================== [ 37.496239] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 37.496373] Read of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.496785] [ 37.497040] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.497808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.497906] Hardware name: linux,dummy-virt (DT) [ 37.497987] Call trace: [ 37.498041] show_stack+0x20/0x38 (C) [ 37.498175] dump_stack_lvl+0x8c/0xd0 [ 37.498616] print_report+0x118/0x608 [ 37.498858] kasan_report+0xdc/0x128 [ 37.499013] __asan_report_load8_noabort+0x20/0x30 [ 37.499179] kasan_atomics_helper+0x3db0/0x4858 [ 37.499494] kasan_atomics+0x198/0x2e0 [ 37.499691] kunit_try_run_case+0x170/0x3f0 [ 37.500064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.500225] kthread+0x328/0x630 [ 37.500345] ret_from_fork+0x10/0x20 [ 37.500476] [ 37.500564] Allocated by task 276: [ 37.500640] kasan_save_stack+0x3c/0x68 [ 37.500902] kasan_save_track+0x20/0x40 [ 37.501023] kasan_save_alloc_info+0x40/0x58 [ 37.501145] __kasan_kmalloc+0xd4/0xd8 [ 37.501258] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.501357] kasan_atomics+0xb8/0x2e0 [ 37.501517] kunit_try_run_case+0x170/0x3f0 [ 37.501685] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.501807] kthread+0x328/0x630 [ 37.501906] ret_from_fork+0x10/0x20 [ 37.502031] [ 37.502093] The buggy address belongs to the object at fff00000c77ec800 [ 37.502093] which belongs to the cache kmalloc-64 of size 64 [ 37.502292] The buggy address is located 0 bytes to the right of [ 37.502292] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.502551] [ 37.502605] The buggy address belongs to the physical page: [ 37.502754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.503146] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.503852] page_type: f5(slab) [ 37.504142] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.504298] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.504412] page dumped because: kasan: bad access detected [ 37.505807] [ 37.506141] Memory state around the buggy address: [ 37.506232] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.506364] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.507099] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.507389] ^ [ 37.508256] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.509112] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.509707] ================================================================== [ 37.285533] ================================================================== [ 37.285655] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 37.285974] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.286110] [ 37.286338] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.286562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.286633] Hardware name: linux,dummy-virt (DT) [ 37.286709] Call trace: [ 37.286775] show_stack+0x20/0x38 (C) [ 37.286917] dump_stack_lvl+0x8c/0xd0 [ 37.287036] print_report+0x118/0x608 [ 37.287838] kasan_report+0xdc/0x128 [ 37.288010] kasan_check_range+0x100/0x1a8 [ 37.288145] __kasan_check_write+0x20/0x30 [ 37.288282] kasan_atomics_helper+0xf88/0x4858 [ 37.288414] kasan_atomics+0x198/0x2e0 [ 37.288535] kunit_try_run_case+0x170/0x3f0 [ 37.290051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.290378] kthread+0x328/0x630 [ 37.290710] ret_from_fork+0x10/0x20 [ 37.290835] [ 37.290937] Allocated by task 276: [ 37.291114] kasan_save_stack+0x3c/0x68 [ 37.291229] kasan_save_track+0x20/0x40 [ 37.291487] kasan_save_alloc_info+0x40/0x58 [ 37.291613] __kasan_kmalloc+0xd4/0xd8 [ 37.291726] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.291848] kasan_atomics+0xb8/0x2e0 [ 37.292002] kunit_try_run_case+0x170/0x3f0 [ 37.292120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.292301] kthread+0x328/0x630 [ 37.292523] ret_from_fork+0x10/0x20 [ 37.292633] [ 37.292685] The buggy address belongs to the object at fff00000c77ec800 [ 37.292685] which belongs to the cache kmalloc-64 of size 64 [ 37.292826] The buggy address is located 0 bytes to the right of [ 37.292826] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.293018] [ 37.293085] The buggy address belongs to the physical page: [ 37.293384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.293520] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.293645] page_type: f5(slab) [ 37.293744] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.293866] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.293989] page dumped because: kasan: bad access detected [ 37.294083] [ 37.294216] Memory state around the buggy address: [ 37.294406] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.294587] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.294694] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.294794] ^ [ 37.294877] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.295019] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.295132] ================================================================== [ 37.125414] ================================================================== [ 37.125520] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 37.125630] Read of size 4 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.125752] [ 37.125825] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.126054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.126260] Hardware name: linux,dummy-virt (DT) [ 37.126497] Call trace: [ 37.126564] show_stack+0x20/0x38 (C) [ 37.126687] dump_stack_lvl+0x8c/0xd0 [ 37.126816] print_report+0x118/0x608 [ 37.127667] kasan_report+0xdc/0x128 [ 37.128018] __asan_report_load4_noabort+0x20/0x30 [ 37.128434] kasan_atomics_helper+0x3dd8/0x4858 [ 37.128753] kasan_atomics+0x198/0x2e0 [ 37.128919] kunit_try_run_case+0x170/0x3f0 [ 37.129149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.129299] kthread+0x328/0x630 [ 37.129414] ret_from_fork+0x10/0x20 [ 37.129596] [ 37.129663] Allocated by task 276: [ 37.129751] kasan_save_stack+0x3c/0x68 [ 37.129846] kasan_save_track+0x20/0x40 [ 37.129970] kasan_save_alloc_info+0x40/0x58 [ 37.130072] __kasan_kmalloc+0xd4/0xd8 [ 37.130440] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.130702] kasan_atomics+0xb8/0x2e0 [ 37.130932] kunit_try_run_case+0x170/0x3f0 [ 37.131044] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.131218] kthread+0x328/0x630 [ 37.131787] ret_from_fork+0x10/0x20 [ 37.131947] [ 37.132011] The buggy address belongs to the object at fff00000c77ec800 [ 37.132011] which belongs to the cache kmalloc-64 of size 64 [ 37.132160] The buggy address is located 0 bytes to the right of [ 37.132160] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.132562] [ 37.132620] The buggy address belongs to the physical page: [ 37.132796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.132990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.133210] page_type: f5(slab) [ 37.133758] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.134027] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.134139] page dumped because: kasan: bad access detected [ 37.134248] [ 37.134345] Memory state around the buggy address: [ 37.134438] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.134769] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.135012] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.135218] ^ [ 37.135320] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.135454] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.135917] ================================================================== [ 37.390318] ================================================================== [ 37.390431] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 37.390582] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.390857] [ 37.391262] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.392017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.392096] Hardware name: linux,dummy-virt (DT) [ 37.392172] Call trace: [ 37.392238] show_stack+0x20/0x38 (C) [ 37.392490] dump_stack_lvl+0x8c/0xd0 [ 37.392813] print_report+0x118/0x608 [ 37.393403] kasan_report+0xdc/0x128 [ 37.393967] kasan_check_range+0x100/0x1a8 [ 37.394588] __kasan_check_write+0x20/0x30 [ 37.394714] kasan_atomics_helper+0x12d8/0x4858 [ 37.394854] kasan_atomics+0x198/0x2e0 [ 37.395225] kunit_try_run_case+0x170/0x3f0 [ 37.395376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.396084] kthread+0x328/0x630 [ 37.397012] ret_from_fork+0x10/0x20 [ 37.397380] [ 37.397451] Allocated by task 276: [ 37.397677] kasan_save_stack+0x3c/0x68 [ 37.398182] kasan_save_track+0x20/0x40 [ 37.398667] kasan_save_alloc_info+0x40/0x58 [ 37.398799] __kasan_kmalloc+0xd4/0xd8 [ 37.398921] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.399030] kasan_atomics+0xb8/0x2e0 [ 37.399176] kunit_try_run_case+0x170/0x3f0 [ 37.399305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.399786] kthread+0x328/0x630 [ 37.399900] ret_from_fork+0x10/0x20 [ 37.400021] [ 37.400477] The buggy address belongs to the object at fff00000c77ec800 [ 37.400477] which belongs to the cache kmalloc-64 of size 64 [ 37.400751] The buggy address is located 0 bytes to the right of [ 37.400751] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.400963] [ 37.401083] The buggy address belongs to the physical page: [ 37.401272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.401477] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.401621] page_type: f5(slab) [ 37.401907] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.402053] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.402172] page dumped because: kasan: bad access detected [ 37.402780] [ 37.402904] Memory state around the buggy address: [ 37.403002] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.403136] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.403248] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.403674] ^ [ 37.403790] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.404361] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.404506] ================================================================== [ 37.026279] ================================================================== [ 37.026413] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 37.026672] Write of size 4 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.026864] [ 37.026974] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.027212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.027298] Hardware name: linux,dummy-virt (DT) [ 37.027392] Call trace: [ 37.027466] show_stack+0x20/0x38 (C) [ 37.027665] dump_stack_lvl+0x8c/0xd0 [ 37.027795] print_report+0x118/0x608 [ 37.027942] kasan_report+0xdc/0x128 [ 37.028078] kasan_check_range+0x100/0x1a8 [ 37.028217] __kasan_check_write+0x20/0x30 [ 37.028349] kasan_atomics_helper+0xa6c/0x4858 [ 37.028488] kasan_atomics+0x198/0x2e0 [ 37.028738] kunit_try_run_case+0x170/0x3f0 [ 37.028855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.029090] kthread+0x328/0x630 [ 37.029243] ret_from_fork+0x10/0x20 [ 37.029371] [ 37.029417] Allocated by task 276: [ 37.029497] kasan_save_stack+0x3c/0x68 [ 37.029602] kasan_save_track+0x20/0x40 [ 37.029718] kasan_save_alloc_info+0x40/0x58 [ 37.029875] __kasan_kmalloc+0xd4/0xd8 [ 37.030013] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.030130] kasan_atomics+0xb8/0x2e0 [ 37.030256] kunit_try_run_case+0x170/0x3f0 [ 37.030381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.030497] kthread+0x328/0x630 [ 37.030577] ret_from_fork+0x10/0x20 [ 37.030684] [ 37.030757] The buggy address belongs to the object at fff00000c77ec800 [ 37.030757] which belongs to the cache kmalloc-64 of size 64 [ 37.030963] The buggy address is located 0 bytes to the right of [ 37.030963] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.031145] [ 37.031207] The buggy address belongs to the physical page: [ 37.031275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.031409] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.031530] page_type: f5(slab) [ 37.031623] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.031767] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.032119] page dumped because: kasan: bad access detected [ 37.032315] [ 37.032404] Memory state around the buggy address: [ 37.032591] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.032706] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.032973] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.033079] ^ [ 37.033243] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.033545] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.033773] ================================================================== [ 37.379922] ================================================================== [ 37.380759] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 37.381096] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.381217] [ 37.381696] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.382392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.383152] Hardware name: linux,dummy-virt (DT) [ 37.383285] Call trace: [ 37.383324] show_stack+0x20/0x38 (C) [ 37.383391] dump_stack_lvl+0x8c/0xd0 [ 37.383497] print_report+0x118/0x608 [ 37.383571] kasan_report+0xdc/0x128 [ 37.383631] kasan_check_range+0x100/0x1a8 [ 37.383693] __kasan_check_write+0x20/0x30 [ 37.383747] kasan_atomics_helper+0x126c/0x4858 [ 37.383808] kasan_atomics+0x198/0x2e0 [ 37.383865] kunit_try_run_case+0x170/0x3f0 [ 37.384063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.384260] kthread+0x328/0x630 [ 37.384650] ret_from_fork+0x10/0x20 [ 37.385386] [ 37.386299] Allocated by task 276: [ 37.386577] kasan_save_stack+0x3c/0x68 [ 37.387539] kasan_save_track+0x20/0x40 [ 37.387657] kasan_save_alloc_info+0x40/0x58 [ 37.387839] __kasan_kmalloc+0xd4/0xd8 [ 37.388494] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.388563] kasan_atomics+0xb8/0x2e0 [ 37.388661] kunit_try_run_case+0x170/0x3f0 [ 37.388717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.388775] kthread+0x328/0x630 [ 37.388818] ret_from_fork+0x10/0x20 [ 37.388865] [ 37.388920] The buggy address belongs to the object at fff00000c77ec800 [ 37.388920] which belongs to the cache kmalloc-64 of size 64 [ 37.389076] The buggy address is located 0 bytes to the right of [ 37.389076] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.389184] [ 37.389214] The buggy address belongs to the physical page: [ 37.389256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.389324] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.389384] page_type: f5(slab) [ 37.389434] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.389496] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.389547] page dumped because: kasan: bad access detected [ 37.389587] [ 37.389611] Memory state around the buggy address: [ 37.389653] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.389706] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.389759] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.389806] ^ [ 37.389853] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.389935] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.389989] ================================================================== [ 37.344562] ================================================================== [ 37.345080] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 37.346044] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.346171] [ 37.346255] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.346469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.346542] Hardware name: linux,dummy-virt (DT) [ 37.348054] Call trace: [ 37.348344] show_stack+0x20/0x38 (C) [ 37.348966] dump_stack_lvl+0x8c/0xd0 [ 37.349753] print_report+0x118/0x608 [ 37.350512] kasan_report+0xdc/0x128 [ 37.351037] kasan_check_range+0x100/0x1a8 [ 37.352181] __kasan_check_write+0x20/0x30 [ 37.352526] kasan_atomics_helper+0x1128/0x4858 [ 37.353271] kasan_atomics+0x198/0x2e0 [ 37.353442] kunit_try_run_case+0x170/0x3f0 [ 37.353674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.353941] kthread+0x328/0x630 [ 37.354128] ret_from_fork+0x10/0x20 [ 37.354393] [ 37.354526] Allocated by task 276: [ 37.354672] kasan_save_stack+0x3c/0x68 [ 37.354788] kasan_save_track+0x20/0x40 [ 37.355138] kasan_save_alloc_info+0x40/0x58 [ 37.355230] __kasan_kmalloc+0xd4/0xd8 [ 37.355336] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.355397] kasan_atomics+0xb8/0x2e0 [ 37.355444] kunit_try_run_case+0x170/0x3f0 [ 37.355496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.355555] kthread+0x328/0x630 [ 37.355595] ret_from_fork+0x10/0x20 [ 37.355644] [ 37.355670] The buggy address belongs to the object at fff00000c77ec800 [ 37.355670] which belongs to the cache kmalloc-64 of size 64 [ 37.355744] The buggy address is located 0 bytes to the right of [ 37.355744] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.355822] [ 37.355850] The buggy address belongs to the physical page: [ 37.355915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.355988] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.356053] page_type: f5(slab) [ 37.356102] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.356164] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.356213] page dumped because: kasan: bad access detected [ 37.356255] [ 37.356278] Memory state around the buggy address: [ 37.356319] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.356374] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.356429] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.356477] ^ [ 37.356523] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.356579] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.356629] ================================================================== [ 37.272575] ================================================================== [ 37.273138] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 37.273280] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.273867] [ 37.275025] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.275327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.275370] Hardware name: linux,dummy-virt (DT) [ 37.275413] Call trace: [ 37.275443] show_stack+0x20/0x38 (C) [ 37.275508] dump_stack_lvl+0x8c/0xd0 [ 37.275573] print_report+0x118/0x608 [ 37.275633] kasan_report+0xdc/0x128 [ 37.275691] kasan_check_range+0x100/0x1a8 [ 37.275751] __kasan_check_write+0x20/0x30 [ 37.275808] kasan_atomics_helper+0xf20/0x4858 [ 37.275869] kasan_atomics+0x198/0x2e0 [ 37.276002] kunit_try_run_case+0x170/0x3f0 [ 37.276135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.276370] kthread+0x328/0x630 [ 37.276592] ret_from_fork+0x10/0x20 [ 37.277375] [ 37.277613] Allocated by task 276: [ 37.277701] kasan_save_stack+0x3c/0x68 [ 37.277827] kasan_save_track+0x20/0x40 [ 37.278175] kasan_save_alloc_info+0x40/0x58 [ 37.278623] __kasan_kmalloc+0xd4/0xd8 [ 37.278729] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.278837] kasan_atomics+0xb8/0x2e0 [ 37.278956] kunit_try_run_case+0x170/0x3f0 [ 37.279096] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.279408] kthread+0x328/0x630 [ 37.279506] ret_from_fork+0x10/0x20 [ 37.279611] [ 37.279723] The buggy address belongs to the object at fff00000c77ec800 [ 37.279723] which belongs to the cache kmalloc-64 of size 64 [ 37.279875] The buggy address is located 0 bytes to the right of [ 37.279875] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.280320] [ 37.280385] The buggy address belongs to the physical page: [ 37.280470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.280720] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.281160] page_type: f5(slab) [ 37.281276] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.281879] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.282405] page dumped because: kasan: bad access detected [ 37.282522] [ 37.282576] Memory state around the buggy address: [ 37.282657] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.283528] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.283778] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.284044] ^ [ 37.284271] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.284484] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.284586] ================================================================== [ 37.159145] ================================================================== [ 37.159255] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 37.159611] Read of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.159743] [ 37.159848] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.160247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.160329] Hardware name: linux,dummy-virt (DT) [ 37.160524] Call trace: [ 37.160593] show_stack+0x20/0x38 (C) [ 37.161019] dump_stack_lvl+0x8c/0xd0 [ 37.161279] print_report+0x118/0x608 [ 37.161457] kasan_report+0xdc/0x128 [ 37.161748] kasan_check_range+0x100/0x1a8 [ 37.161962] __kasan_check_read+0x20/0x30 [ 37.162092] kasan_atomics_helper+0xdd4/0x4858 [ 37.162220] kasan_atomics+0x198/0x2e0 [ 37.162376] kunit_try_run_case+0x170/0x3f0 [ 37.163100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.163258] kthread+0x328/0x630 [ 37.163735] ret_from_fork+0x10/0x20 [ 37.163903] [ 37.163992] Allocated by task 276: [ 37.164072] kasan_save_stack+0x3c/0x68 [ 37.164184] kasan_save_track+0x20/0x40 [ 37.164483] kasan_save_alloc_info+0x40/0x58 [ 37.164599] __kasan_kmalloc+0xd4/0xd8 [ 37.164703] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.165019] kasan_atomics+0xb8/0x2e0 [ 37.165219] kunit_try_run_case+0x170/0x3f0 [ 37.165377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.165504] kthread+0x328/0x630 [ 37.165617] ret_from_fork+0x10/0x20 [ 37.166033] [ 37.166095] The buggy address belongs to the object at fff00000c77ec800 [ 37.166095] which belongs to the cache kmalloc-64 of size 64 [ 37.166236] The buggy address is located 0 bytes to the right of [ 37.166236] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.166411] [ 37.166485] The buggy address belongs to the physical page: [ 37.166759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.166917] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.167473] page_type: f5(slab) [ 37.167918] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.168182] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.168408] page dumped because: kasan: bad access detected [ 37.168660] [ 37.168850] Memory state around the buggy address: [ 37.168996] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.169154] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.169630] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.169936] ^ [ 37.170690] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.170840] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.170967] ================================================================== [ 37.357396] ================================================================== [ 37.357677] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 37.357797] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.357953] [ 37.358042] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.358254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.358325] Hardware name: linux,dummy-virt (DT) [ 37.358418] Call trace: [ 37.358547] show_stack+0x20/0x38 (C) [ 37.358696] dump_stack_lvl+0x8c/0xd0 [ 37.358824] print_report+0x118/0x608 [ 37.358964] kasan_report+0xdc/0x128 [ 37.359073] kasan_check_range+0x100/0x1a8 [ 37.359217] __kasan_check_write+0x20/0x30 [ 37.359329] kasan_atomics_helper+0x1190/0x4858 [ 37.359447] kasan_atomics+0x198/0x2e0 [ 37.360095] kunit_try_run_case+0x170/0x3f0 [ 37.360328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.360604] kthread+0x328/0x630 [ 37.360785] ret_from_fork+0x10/0x20 [ 37.361000] [ 37.361160] Allocated by task 276: [ 37.361356] kasan_save_stack+0x3c/0x68 [ 37.361495] kasan_save_track+0x20/0x40 [ 37.362155] kasan_save_alloc_info+0x40/0x58 [ 37.362273] __kasan_kmalloc+0xd4/0xd8 [ 37.363160] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.363288] kasan_atomics+0xb8/0x2e0 [ 37.363416] kunit_try_run_case+0x170/0x3f0 [ 37.363565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.363853] kthread+0x328/0x630 [ 37.363981] ret_from_fork+0x10/0x20 [ 37.364515] [ 37.365022] The buggy address belongs to the object at fff00000c77ec800 [ 37.365022] which belongs to the cache kmalloc-64 of size 64 [ 37.365339] The buggy address is located 0 bytes to the right of [ 37.365339] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.365572] [ 37.365693] The buggy address belongs to the physical page: [ 37.365860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.366216] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.366445] page_type: f5(slab) [ 37.366631] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.366780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.366902] page dumped because: kasan: bad access detected [ 37.366987] [ 37.367035] Memory state around the buggy address: [ 37.367443] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.367582] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.368167] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.368291] ^ [ 37.368401] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.368584] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.368715] ================================================================== [ 37.416966] ================================================================== [ 37.417129] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 37.417255] Read of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.417381] [ 37.417715] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.418109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.418228] Hardware name: linux,dummy-virt (DT) [ 37.418713] Call trace: [ 37.418930] show_stack+0x20/0x38 (C) [ 37.419205] dump_stack_lvl+0x8c/0xd0 [ 37.419356] print_report+0x118/0x608 [ 37.419547] kasan_report+0xdc/0x128 [ 37.419684] __asan_report_load8_noabort+0x20/0x30 [ 37.419810] kasan_atomics_helper+0x3f04/0x4858 [ 37.419996] kasan_atomics+0x198/0x2e0 [ 37.420122] kunit_try_run_case+0x170/0x3f0 [ 37.420244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.420438] kthread+0x328/0x630 [ 37.420555] ret_from_fork+0x10/0x20 [ 37.420713] [ 37.420771] Allocated by task 276: [ 37.421532] kasan_save_stack+0x3c/0x68 [ 37.421708] kasan_save_track+0x20/0x40 [ 37.421965] kasan_save_alloc_info+0x40/0x58 [ 37.422338] __kasan_kmalloc+0xd4/0xd8 [ 37.423147] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.423237] kasan_atomics+0xb8/0x2e0 [ 37.423328] kunit_try_run_case+0x170/0x3f0 [ 37.423383] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.423449] kthread+0x328/0x630 [ 37.423540] ret_from_fork+0x10/0x20 [ 37.423595] [ 37.423621] The buggy address belongs to the object at fff00000c77ec800 [ 37.423621] which belongs to the cache kmalloc-64 of size 64 [ 37.423694] The buggy address is located 0 bytes to the right of [ 37.423694] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.423773] [ 37.423801] The buggy address belongs to the physical page: [ 37.423840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.425275] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.425370] page_type: f5(slab) [ 37.425453] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.425519] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.425572] page dumped because: kasan: bad access detected [ 37.425612] [ 37.425635] Memory state around the buggy address: [ 37.425678] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.425735] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.425792] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.425842] ^ [ 37.425912] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.426042] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.426152] ================================================================== [ 37.437967] ================================================================== [ 37.438116] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 37.438279] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.438494] [ 37.438578] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.438807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.438877] Hardware name: linux,dummy-virt (DT) [ 37.439053] Call trace: [ 37.439190] show_stack+0x20/0x38 (C) [ 37.439479] dump_stack_lvl+0x8c/0xd0 [ 37.439604] print_report+0x118/0x608 [ 37.439759] kasan_report+0xdc/0x128 [ 37.439899] kasan_check_range+0x100/0x1a8 [ 37.440025] __kasan_check_write+0x20/0x30 [ 37.440147] kasan_atomics_helper+0x147c/0x4858 [ 37.440283] kasan_atomics+0x198/0x2e0 [ 37.440399] kunit_try_run_case+0x170/0x3f0 [ 37.441296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.441483] kthread+0x328/0x630 [ 37.441599] ret_from_fork+0x10/0x20 [ 37.442150] [ 37.442295] Allocated by task 276: [ 37.442424] kasan_save_stack+0x3c/0x68 [ 37.442527] kasan_save_track+0x20/0x40 [ 37.442718] kasan_save_alloc_info+0x40/0x58 [ 37.442822] __kasan_kmalloc+0xd4/0xd8 [ 37.442940] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.443175] kasan_atomics+0xb8/0x2e0 [ 37.444882] kunit_try_run_case+0x170/0x3f0 [ 37.445027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.445161] kthread+0x328/0x630 [ 37.445267] ret_from_fork+0x10/0x20 [ 37.445373] [ 37.445429] The buggy address belongs to the object at fff00000c77ec800 [ 37.445429] which belongs to the cache kmalloc-64 of size 64 [ 37.445506] The buggy address is located 0 bytes to the right of [ 37.445506] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.445584] [ 37.445611] The buggy address belongs to the physical page: [ 37.445651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.445715] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.445772] page_type: f5(slab) [ 37.445822] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.445880] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.445960] page dumped because: kasan: bad access detected [ 37.446001] [ 37.446024] Memory state around the buggy address: [ 37.446066] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.446120] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.446174] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.446222] ^ [ 37.446267] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.446327] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.446386] ================================================================== [ 37.405326] ================================================================== [ 37.405443] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 37.405555] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.405674] [ 37.405769] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.405993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.406066] Hardware name: linux,dummy-virt (DT) [ 37.406141] Call trace: [ 37.406202] show_stack+0x20/0x38 (C) [ 37.406318] dump_stack_lvl+0x8c/0xd0 [ 37.406451] print_report+0x118/0x608 [ 37.406578] kasan_report+0xdc/0x128 [ 37.407224] kasan_check_range+0x100/0x1a8 [ 37.407795] __kasan_check_write+0x20/0x30 [ 37.408324] kasan_atomics_helper+0x1384/0x4858 [ 37.408552] kasan_atomics+0x198/0x2e0 [ 37.408795] kunit_try_run_case+0x170/0x3f0 [ 37.409145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.409351] kthread+0x328/0x630 [ 37.409846] ret_from_fork+0x10/0x20 [ 37.410127] [ 37.410208] Allocated by task 276: [ 37.410386] kasan_save_stack+0x3c/0x68 [ 37.410535] kasan_save_track+0x20/0x40 [ 37.410647] kasan_save_alloc_info+0x40/0x58 [ 37.410824] __kasan_kmalloc+0xd4/0xd8 [ 37.410951] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.411397] kasan_atomics+0xb8/0x2e0 [ 37.411692] kunit_try_run_case+0x170/0x3f0 [ 37.411848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.412186] kthread+0x328/0x630 [ 37.412331] ret_from_fork+0x10/0x20 [ 37.412846] [ 37.412925] The buggy address belongs to the object at fff00000c77ec800 [ 37.412925] which belongs to the cache kmalloc-64 of size 64 [ 37.413370] The buggy address is located 0 bytes to the right of [ 37.413370] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.413606] [ 37.413662] The buggy address belongs to the physical page: [ 37.413748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.413879] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.414032] page_type: f5(slab) [ 37.414153] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.414644] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.414812] page dumped because: kasan: bad access detected [ 37.414912] [ 37.414967] Memory state around the buggy address: [ 37.415348] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.415593] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.415858] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.415975] ^ [ 37.416064] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.416173] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.416370] ================================================================== [ 37.510146] ================================================================== [ 37.510254] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 37.510376] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.510496] [ 37.510579] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.510776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.510845] Hardware name: linux,dummy-virt (DT) [ 37.514723] Call trace: [ 37.514794] show_stack+0x20/0x38 (C) [ 37.515996] dump_stack_lvl+0x8c/0xd0 [ 37.516487] print_report+0x118/0x608 [ 37.516977] kasan_report+0xdc/0x128 [ 37.517780] kasan_check_range+0x100/0x1a8 [ 37.518169] __kasan_check_write+0x20/0x30 [ 37.518290] kasan_atomics_helper+0x1644/0x4858 [ 37.518430] kasan_atomics+0x198/0x2e0 [ 37.518552] kunit_try_run_case+0x170/0x3f0 [ 37.519965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.521063] kthread+0x328/0x630 [ 37.521174] ret_from_fork+0x10/0x20 [ 37.522313] [ 37.522906] Allocated by task 276: [ 37.523146] kasan_save_stack+0x3c/0x68 [ 37.524100] kasan_save_track+0x20/0x40 [ 37.524275] kasan_save_alloc_info+0x40/0x58 [ 37.524376] __kasan_kmalloc+0xd4/0xd8 [ 37.525683] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.526689] kasan_atomics+0xb8/0x2e0 [ 37.527409] kunit_try_run_case+0x170/0x3f0 [ 37.527563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.528674] kthread+0x328/0x630 [ 37.528804] ret_from_fork+0x10/0x20 [ 37.530118] [ 37.530637] The buggy address belongs to the object at fff00000c77ec800 [ 37.530637] which belongs to the cache kmalloc-64 of size 64 [ 37.530798] The buggy address is located 0 bytes to the right of [ 37.530798] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.532461] [ 37.532531] The buggy address belongs to the physical page: [ 37.532620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.533821] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.533966] page_type: f5(slab) [ 37.534579] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.534656] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.534729] page dumped because: kasan: bad access detected [ 37.534801] [ 37.534828] Memory state around the buggy address: [ 37.534873] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.534957] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.535016] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.535066] ^ [ 37.535145] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.535207] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.535258] ================================================================== [ 37.427584] ================================================================== [ 37.428242] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 37.428419] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.428585] [ 37.428680] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.429158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.429236] Hardware name: linux,dummy-virt (DT) [ 37.429318] Call trace: [ 37.429382] show_stack+0x20/0x38 (C) [ 37.429501] dump_stack_lvl+0x8c/0xd0 [ 37.429625] print_report+0x118/0x608 [ 37.429740] kasan_report+0xdc/0x128 [ 37.429856] kasan_check_range+0x100/0x1a8 [ 37.429999] __kasan_check_write+0x20/0x30 [ 37.430122] kasan_atomics_helper+0x1414/0x4858 [ 37.430476] kasan_atomics+0x198/0x2e0 [ 37.430824] kunit_try_run_case+0x170/0x3f0 [ 37.431084] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.431406] kthread+0x328/0x630 [ 37.431539] ret_from_fork+0x10/0x20 [ 37.432073] [ 37.432136] Allocated by task 276: [ 37.432219] kasan_save_stack+0x3c/0x68 [ 37.432481] kasan_save_track+0x20/0x40 [ 37.432693] kasan_save_alloc_info+0x40/0x58 [ 37.432830] __kasan_kmalloc+0xd4/0xd8 [ 37.433138] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.433413] kasan_atomics+0xb8/0x2e0 [ 37.433516] kunit_try_run_case+0x170/0x3f0 [ 37.433619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.433770] kthread+0x328/0x630 [ 37.434342] ret_from_fork+0x10/0x20 [ 37.434671] [ 37.434735] The buggy address belongs to the object at fff00000c77ec800 [ 37.434735] which belongs to the cache kmalloc-64 of size 64 [ 37.434882] The buggy address is located 0 bytes to the right of [ 37.434882] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.435077] [ 37.435137] The buggy address belongs to the physical page: [ 37.435339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.435539] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.435664] page_type: f5(slab) [ 37.435778] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.435922] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.436077] page dumped because: kasan: bad access detected [ 37.436171] [ 37.436222] Memory state around the buggy address: [ 37.436301] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.436526] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.436732] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.436874] ^ [ 37.437057] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.437290] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.437391] ================================================================== [ 37.295730] ================================================================== [ 37.295877] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 37.296021] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.296180] [ 37.296329] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.296709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.296789] Hardware name: linux,dummy-virt (DT) [ 37.296865] Call trace: [ 37.296946] show_stack+0x20/0x38 (C) [ 37.297291] dump_stack_lvl+0x8c/0xd0 [ 37.297616] print_report+0x118/0x608 [ 37.297921] kasan_report+0xdc/0x128 [ 37.298059] kasan_check_range+0x100/0x1a8 [ 37.298390] __kasan_check_write+0x20/0x30 [ 37.298535] kasan_atomics_helper+0xff0/0x4858 [ 37.298664] kasan_atomics+0x198/0x2e0 [ 37.298798] kunit_try_run_case+0x170/0x3f0 [ 37.298946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.299171] kthread+0x328/0x630 [ 37.299370] ret_from_fork+0x10/0x20 [ 37.299502] [ 37.299574] Allocated by task 276: [ 37.299735] kasan_save_stack+0x3c/0x68 [ 37.299845] kasan_save_track+0x20/0x40 [ 37.299970] kasan_save_alloc_info+0x40/0x58 [ 37.300086] __kasan_kmalloc+0xd4/0xd8 [ 37.300496] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.300646] kasan_atomics+0xb8/0x2e0 [ 37.300750] kunit_try_run_case+0x170/0x3f0 [ 37.301379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.302000] kthread+0x328/0x630 [ 37.302327] ret_from_fork+0x10/0x20 [ 37.303411] [ 37.303587] The buggy address belongs to the object at fff00000c77ec800 [ 37.303587] which belongs to the cache kmalloc-64 of size 64 [ 37.304015] The buggy address is located 0 bytes to the right of [ 37.304015] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.304415] [ 37.304593] The buggy address belongs to the physical page: [ 37.304734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.305133] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.305391] page_type: f5(slab) [ 37.306331] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.306479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.306583] page dumped because: kasan: bad access detected [ 37.306668] [ 37.306731] Memory state around the buggy address: [ 37.306998] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.307376] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.307494] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.307607] ^ [ 37.308029] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.308236] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.308348] ================================================================== [ 37.479804] ================================================================== [ 37.479932] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 37.480290] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.480426] [ 37.481150] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.481390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.481460] Hardware name: linux,dummy-virt (DT) [ 37.481540] Call trace: [ 37.481598] show_stack+0x20/0x38 (C) [ 37.481720] dump_stack_lvl+0x8c/0xd0 [ 37.481836] print_report+0x118/0x608 [ 37.482107] kasan_report+0xdc/0x128 [ 37.482234] kasan_check_range+0x100/0x1a8 [ 37.482388] __kasan_check_write+0x20/0x30 [ 37.482511] kasan_atomics_helper+0x15b4/0x4858 [ 37.482634] kasan_atomics+0x198/0x2e0 [ 37.482744] kunit_try_run_case+0x170/0x3f0 [ 37.482898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.484289] kthread+0x328/0x630 [ 37.484754] ret_from_fork+0x10/0x20 [ 37.485247] [ 37.485310] Allocated by task 276: [ 37.485717] kasan_save_stack+0x3c/0x68 [ 37.485910] kasan_save_track+0x20/0x40 [ 37.486625] kasan_save_alloc_info+0x40/0x58 [ 37.486828] __kasan_kmalloc+0xd4/0xd8 [ 37.486958] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.487067] kasan_atomics+0xb8/0x2e0 [ 37.487863] kunit_try_run_case+0x170/0x3f0 [ 37.488221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.488972] kthread+0x328/0x630 [ 37.489076] ret_from_fork+0x10/0x20 [ 37.489375] [ 37.489507] The buggy address belongs to the object at fff00000c77ec800 [ 37.489507] which belongs to the cache kmalloc-64 of size 64 [ 37.490170] The buggy address is located 0 bytes to the right of [ 37.490170] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.490593] [ 37.490668] The buggy address belongs to the physical page: [ 37.490757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.491191] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.491321] page_type: f5(slab) [ 37.492173] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.492309] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.492759] page dumped because: kasan: bad access detected [ 37.493222] [ 37.493561] Memory state around the buggy address: [ 37.493683] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.493798] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.494279] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.494488] ^ [ 37.495026] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.495444] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.495551] ================================================================== [ 37.137035] ================================================================== [ 37.137153] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 37.137273] Write of size 4 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.137399] [ 37.137486] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.137689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.137762] Hardware name: linux,dummy-virt (DT) [ 37.137860] Call trace: [ 37.137951] show_stack+0x20/0x38 (C) [ 37.138539] dump_stack_lvl+0x8c/0xd0 [ 37.138669] print_report+0x118/0x608 [ 37.139480] kasan_report+0xdc/0x128 [ 37.140170] kasan_check_range+0x100/0x1a8 [ 37.140662] __kasan_check_write+0x20/0x30 [ 37.140803] kasan_atomics_helper+0xd3c/0x4858 [ 37.140875] kasan_atomics+0x198/0x2e0 [ 37.141010] kunit_try_run_case+0x170/0x3f0 [ 37.141081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.141151] kthread+0x328/0x630 [ 37.141205] ret_from_fork+0x10/0x20 [ 37.141266] [ 37.141294] Allocated by task 276: [ 37.141333] kasan_save_stack+0x3c/0x68 [ 37.141387] kasan_save_track+0x20/0x40 [ 37.141434] kasan_save_alloc_info+0x40/0x58 [ 37.141482] __kasan_kmalloc+0xd4/0xd8 [ 37.141530] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.141584] kasan_atomics+0xb8/0x2e0 [ 37.141631] kunit_try_run_case+0x170/0x3f0 [ 37.141680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.141734] kthread+0x328/0x630 [ 37.141774] ret_from_fork+0x10/0x20 [ 37.141820] [ 37.141846] The buggy address belongs to the object at fff00000c77ec800 [ 37.141846] which belongs to the cache kmalloc-64 of size 64 [ 37.141964] The buggy address is located 0 bytes to the right of [ 37.141964] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.142118] [ 37.142553] The buggy address belongs to the physical page: [ 37.142676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.143012] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.143178] page_type: f5(slab) [ 37.143309] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.143480] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.143685] page dumped because: kasan: bad access detected [ 37.143768] [ 37.143816] Memory state around the buggy address: [ 37.143915] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.144032] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.144950] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.145074] ^ [ 37.145372] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.146103] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.146239] ================================================================== [ 37.446703] ================================================================== [ 37.446804] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 37.447059] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.447363] [ 37.447451] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.449037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.449118] Hardware name: linux,dummy-virt (DT) [ 37.449206] Call trace: [ 37.449265] show_stack+0x20/0x38 (C) [ 37.450954] dump_stack_lvl+0x8c/0xd0 [ 37.451108] print_report+0x118/0x608 [ 37.451317] kasan_report+0xdc/0x128 [ 37.451572] kasan_check_range+0x100/0x1a8 [ 37.451709] __kasan_check_write+0x20/0x30 [ 37.452357] kasan_atomics_helper+0x14e4/0x4858 [ 37.452618] kasan_atomics+0x198/0x2e0 [ 37.453213] kunit_try_run_case+0x170/0x3f0 [ 37.453909] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.454198] kthread+0x328/0x630 [ 37.454399] ret_from_fork+0x10/0x20 [ 37.454821] [ 37.455074] Allocated by task 276: [ 37.455216] kasan_save_stack+0x3c/0x68 [ 37.455592] kasan_save_track+0x20/0x40 [ 37.455876] kasan_save_alloc_info+0x40/0x58 [ 37.456115] __kasan_kmalloc+0xd4/0xd8 [ 37.456479] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.456834] kasan_atomics+0xb8/0x2e0 [ 37.457093] kunit_try_run_case+0x170/0x3f0 [ 37.457258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.457382] kthread+0x328/0x630 [ 37.458001] ret_from_fork+0x10/0x20 [ 37.458125] [ 37.458180] The buggy address belongs to the object at fff00000c77ec800 [ 37.458180] which belongs to the cache kmalloc-64 of size 64 [ 37.458319] The buggy address is located 0 bytes to the right of [ 37.458319] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.458603] [ 37.458658] The buggy address belongs to the physical page: [ 37.458737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.458866] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.459041] page_type: f5(slab) [ 37.459524] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.459700] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.459836] page dumped because: kasan: bad access detected [ 37.460669] [ 37.461221] Memory state around the buggy address: [ 37.461320] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.461654] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.461933] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.462149] ^ [ 37.462623] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.462909] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.463020] ================================================================== [ 37.309242] ================================================================== [ 37.309358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 37.309479] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.309598] [ 37.309682] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.309904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.309980] Hardware name: linux,dummy-virt (DT) [ 37.310054] Call trace: [ 37.310114] show_stack+0x20/0x38 (C) [ 37.310230] dump_stack_lvl+0x8c/0xd0 [ 37.310349] print_report+0x118/0x608 [ 37.310478] kasan_report+0xdc/0x128 [ 37.310590] kasan_check_range+0x100/0x1a8 [ 37.310707] __kasan_check_write+0x20/0x30 [ 37.310824] kasan_atomics_helper+0x1058/0x4858 [ 37.310995] kasan_atomics+0x198/0x2e0 [ 37.311222] kunit_try_run_case+0x170/0x3f0 [ 37.311412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.311569] kthread+0x328/0x630 [ 37.311859] ret_from_fork+0x10/0x20 [ 37.312186] [ 37.312240] Allocated by task 276: [ 37.312315] kasan_save_stack+0x3c/0x68 [ 37.312420] kasan_save_track+0x20/0x40 [ 37.312525] kasan_save_alloc_info+0x40/0x58 [ 37.314254] __kasan_kmalloc+0xd4/0xd8 [ 37.314421] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.315193] kasan_atomics+0xb8/0x2e0 [ 37.315348] kunit_try_run_case+0x170/0x3f0 [ 37.315572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.315698] kthread+0x328/0x630 [ 37.315834] ret_from_fork+0x10/0x20 [ 37.316044] [ 37.316197] The buggy address belongs to the object at fff00000c77ec800 [ 37.316197] which belongs to the cache kmalloc-64 of size 64 [ 37.316550] The buggy address is located 0 bytes to the right of [ 37.316550] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.316776] [ 37.316896] The buggy address belongs to the physical page: [ 37.316987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.317110] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.317230] page_type: f5(slab) [ 37.317326] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.317451] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.317563] page dumped because: kasan: bad access detected [ 37.317771] [ 37.317823] Memory state around the buggy address: [ 37.318804] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.319030] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.319225] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.319337] ^ [ 37.321661] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.321728] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.321779] ================================================================== [ 37.597538] ================================================================== [ 37.597651] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 37.597973] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.598322] [ 37.598411] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.598620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.598687] Hardware name: linux,dummy-virt (DT) [ 37.598801] Call trace: [ 37.598874] show_stack+0x20/0x38 (C) [ 37.599634] dump_stack_lvl+0x8c/0xd0 [ 37.599760] print_report+0x118/0x608 [ 37.599905] kasan_report+0xdc/0x128 [ 37.600040] kasan_check_range+0x100/0x1a8 [ 37.600430] __kasan_check_write+0x20/0x30 [ 37.600640] kasan_atomics_helper+0x17ec/0x4858 [ 37.600864] kasan_atomics+0x198/0x2e0 [ 37.601053] kunit_try_run_case+0x170/0x3f0 [ 37.601246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.601386] kthread+0x328/0x630 [ 37.601500] ret_from_fork+0x10/0x20 [ 37.601673] [ 37.601730] Allocated by task 276: [ 37.601830] kasan_save_stack+0x3c/0x68 [ 37.601990] kasan_save_track+0x20/0x40 [ 37.602109] kasan_save_alloc_info+0x40/0x58 [ 37.603081] __kasan_kmalloc+0xd4/0xd8 [ 37.603651] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.604019] kasan_atomics+0xb8/0x2e0 [ 37.604129] kunit_try_run_case+0x170/0x3f0 [ 37.604233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.604593] kthread+0x328/0x630 [ 37.605302] ret_from_fork+0x10/0x20 [ 37.605609] [ 37.605745] The buggy address belongs to the object at fff00000c77ec800 [ 37.605745] which belongs to the cache kmalloc-64 of size 64 [ 37.605942] The buggy address is located 0 bytes to the right of [ 37.605942] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.606101] [ 37.606166] The buggy address belongs to the physical page: [ 37.606370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.606597] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.606904] page_type: f5(slab) [ 37.607021] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.607252] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.608011] page dumped because: kasan: bad access detected [ 37.608075] [ 37.608133] Memory state around the buggy address: [ 37.608180] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.608240] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.608295] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.608344] ^ [ 37.608389] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.608443] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.608490] ================================================================== [ 36.962069] ================================================================== [ 36.962171] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 36.962276] Read of size 4 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 36.962406] [ 36.962473] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 36.962669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.962790] Hardware name: linux,dummy-virt (DT) [ 36.962974] Call trace: [ 36.963633] show_stack+0x20/0x38 (C) [ 36.963950] dump_stack_lvl+0x8c/0xd0 [ 36.964850] print_report+0x118/0x608 [ 36.966854] kasan_atomics+0x198/0x2e0 [ 36.971075] kunit_try_run_case+0x170/0x3f0 [ 36.974734] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.978733] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.981555] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 36.984942] __kasan_kmalloc+0xd4/0xd8 [ 36.985043] __kmalloc_cache_noprof+0x16c/0x3c0 [ 36.985395] kasan_atomics+0xb8/0x2e0 [ 36.985517] kunit_try_run_case+0x170/0x3f0 [ 36.985619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.985737] kthread+0x328/0x630 [ 36.985846] ret_from_fork+0x10/0x20 [ 36.986142] [ 36.986212] The buggy address belongs to the object at fff00000c77ec800 [ 36.986212] which belongs to the cache kmalloc-64 of size 64 [ 36.986377] The buggy address is located 0 bytes to the right of [ 36.986377] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 36.986772] [ 36.986936] The buggy address belongs to the physical page: [ 36.987171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 36.987508] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.987743] page_type: f5(slab) [ 36.987853] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.988001] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 36.988197] page dumped because: kasan: bad access detected [ 36.988313] [ 36.988360] Memory state around the buggy address: [ 36.988443] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.988570] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.988681] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.988878] ^ [ 36.989098] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.989263] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.989499] ================================================================== [ 37.369748] ================================================================== [ 37.369856] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 37.369988] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.370109] [ 37.370196] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.370405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.370475] Hardware name: linux,dummy-virt (DT) [ 37.370549] Call trace: [ 37.370610] show_stack+0x20/0x38 (C) [ 37.370725] dump_stack_lvl+0x8c/0xd0 [ 37.370845] print_report+0x118/0x608 [ 37.370988] kasan_report+0xdc/0x128 [ 37.371121] kasan_check_range+0x100/0x1a8 [ 37.371247] __kasan_check_write+0x20/0x30 [ 37.371359] kasan_atomics_helper+0x11f8/0x4858 [ 37.371480] kasan_atomics+0x198/0x2e0 [ 37.371597] kunit_try_run_case+0x170/0x3f0 [ 37.371719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.371851] kthread+0x328/0x630 [ 37.372035] ret_from_fork+0x10/0x20 [ 37.372185] [ 37.372252] Allocated by task 276: [ 37.372342] kasan_save_stack+0x3c/0x68 [ 37.372464] kasan_save_track+0x20/0x40 [ 37.373231] kasan_save_alloc_info+0x40/0x58 [ 37.373482] __kasan_kmalloc+0xd4/0xd8 [ 37.374142] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.374292] kasan_atomics+0xb8/0x2e0 [ 37.374407] kunit_try_run_case+0x170/0x3f0 [ 37.375169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.375313] kthread+0x328/0x630 [ 37.375391] ret_from_fork+0x10/0x20 [ 37.375446] [ 37.375492] The buggy address belongs to the object at fff00000c77ec800 [ 37.375492] which belongs to the cache kmalloc-64 of size 64 [ 37.375594] The buggy address is located 0 bytes to the right of [ 37.375594] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.375676] [ 37.375705] The buggy address belongs to the physical page: [ 37.375746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.375812] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.375871] page_type: f5(slab) [ 37.376002] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.376239] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.376356] page dumped because: kasan: bad access detected [ 37.376609] [ 37.376855] Memory state around the buggy address: [ 37.376962] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.377318] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.377654] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.378116] ^ [ 37.378410] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.378523] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.378618] ================================================================== [ 37.171682] ================================================================== [ 37.171789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 37.171934] Read of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.172106] [ 37.172198] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.172570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.173658] Hardware name: linux,dummy-virt (DT) [ 37.173770] Call trace: [ 37.173923] show_stack+0x20/0x38 (C) [ 37.174493] dump_stack_lvl+0x8c/0xd0 [ 37.174710] print_report+0x118/0x608 [ 37.174832] kasan_report+0xdc/0x128 [ 37.175756] __asan_report_load8_noabort+0x20/0x30 [ 37.176052] kasan_atomics_helper+0x3f58/0x4858 [ 37.176209] kasan_atomics+0x198/0x2e0 [ 37.176403] kunit_try_run_case+0x170/0x3f0 [ 37.176572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.176730] kthread+0x328/0x630 [ 37.177068] ret_from_fork+0x10/0x20 [ 37.177531] [ 37.177744] Allocated by task 276: [ 37.178017] kasan_save_stack+0x3c/0x68 [ 37.178131] kasan_save_track+0x20/0x40 [ 37.178274] kasan_save_alloc_info+0x40/0x58 [ 37.178428] __kasan_kmalloc+0xd4/0xd8 [ 37.178858] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.179463] kasan_atomics+0xb8/0x2e0 [ 37.179991] kunit_try_run_case+0x170/0x3f0 [ 37.180393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.180544] kthread+0x328/0x630 [ 37.181766] ret_from_fork+0x10/0x20 [ 37.181925] [ 37.181985] The buggy address belongs to the object at fff00000c77ec800 [ 37.181985] which belongs to the cache kmalloc-64 of size 64 [ 37.182120] The buggy address is located 0 bytes to the right of [ 37.182120] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.182270] [ 37.182328] The buggy address belongs to the physical page: [ 37.182420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.182552] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.182675] page_type: f5(slab) [ 37.182774] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.182916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.183020] page dumped because: kasan: bad access detected [ 37.183100] [ 37.187206] Memory state around the buggy address: [ 37.187302] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.187413] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.187578] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.187692] ^ [ 37.187796] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.187937] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.188028] ================================================================== [ 37.584936] ================================================================== [ 37.585269] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 37.585404] Read of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.585754] [ 37.585859] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.586220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.586494] Hardware name: linux,dummy-virt (DT) [ 37.586572] Call trace: [ 37.586630] show_stack+0x20/0x38 (C) [ 37.586747] dump_stack_lvl+0x8c/0xd0 [ 37.586867] print_report+0x118/0x608 [ 37.587003] kasan_report+0xdc/0x128 [ 37.587359] __asan_report_load8_noabort+0x20/0x30 [ 37.588005] kasan_atomics_helper+0x3e20/0x4858 [ 37.588149] kasan_atomics+0x198/0x2e0 [ 37.588287] kunit_try_run_case+0x170/0x3f0 [ 37.588963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.589113] kthread+0x328/0x630 [ 37.589299] ret_from_fork+0x10/0x20 [ 37.589497] [ 37.589653] Allocated by task 276: [ 37.589786] kasan_save_stack+0x3c/0x68 [ 37.590077] kasan_save_track+0x20/0x40 [ 37.590513] kasan_save_alloc_info+0x40/0x58 [ 37.590628] __kasan_kmalloc+0xd4/0xd8 [ 37.590745] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.590956] kasan_atomics+0xb8/0x2e0 [ 37.591296] kunit_try_run_case+0x170/0x3f0 [ 37.591453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.591585] kthread+0x328/0x630 [ 37.592225] ret_from_fork+0x10/0x20 [ 37.592333] [ 37.592513] The buggy address belongs to the object at fff00000c77ec800 [ 37.592513] which belongs to the cache kmalloc-64 of size 64 [ 37.592672] The buggy address is located 0 bytes to the right of [ 37.592672] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.592829] [ 37.592877] The buggy address belongs to the physical page: [ 37.593449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.593588] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.593719] page_type: f5(slab) [ 37.594026] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.594158] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.594260] page dumped because: kasan: bad access detected [ 37.594346] [ 37.594491] Memory state around the buggy address: [ 37.594735] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.594850] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.594978] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.595640] ^ [ 37.595817] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.596418] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.596564] ================================================================== [ 37.241589] ================================================================== [ 37.242571] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 37.242735] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.242856] [ 37.242960] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.245068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.246278] Hardware name: linux,dummy-virt (DT) [ 37.246573] Call trace: [ 37.246637] show_stack+0x20/0x38 (C) [ 37.247442] dump_stack_lvl+0x8c/0xd0 [ 37.247563] print_report+0x118/0x608 [ 37.247692] kasan_report+0xdc/0x128 [ 37.250103] kasan_check_range+0x100/0x1a8 [ 37.250437] __kasan_check_write+0x20/0x30 [ 37.250979] kasan_atomics_helper+0xeb8/0x4858 [ 37.251830] kasan_atomics+0x198/0x2e0 [ 37.252006] kunit_try_run_case+0x170/0x3f0 [ 37.253296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.254523] kthread+0x328/0x630 [ 37.254926] ret_from_fork+0x10/0x20 [ 37.255934] [ 37.256112] Allocated by task 276: [ 37.256329] kasan_save_stack+0x3c/0x68 [ 37.256929] kasan_save_track+0x20/0x40 [ 37.258153] kasan_save_alloc_info+0x40/0x58 [ 37.258386] __kasan_kmalloc+0xd4/0xd8 [ 37.259328] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.260490] kasan_atomics+0xb8/0x2e0 [ 37.260632] kunit_try_run_case+0x170/0x3f0 [ 37.260776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.262078] kthread+0x328/0x630 [ 37.262513] ret_from_fork+0x10/0x20 [ 37.263441] [ 37.263731] The buggy address belongs to the object at fff00000c77ec800 [ 37.263731] which belongs to the cache kmalloc-64 of size 64 [ 37.263882] The buggy address is located 0 bytes to the right of [ 37.263882] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.264062] [ 37.264119] The buggy address belongs to the physical page: [ 37.265510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.267030] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.268126] page_type: f5(slab) [ 37.268619] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.268753] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.268865] page dumped because: kasan: bad access detected [ 37.268969] [ 37.270599] Memory state around the buggy address: [ 37.270929] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.271081] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.271369] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.271517] ^ [ 37.271743] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.271855] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.271973] ================================================================== [ 37.216147] ================================================================== [ 37.216266] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 37.216390] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.216511] [ 37.216595] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.216795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.216861] Hardware name: linux,dummy-virt (DT) [ 37.216964] Call trace: [ 37.217026] show_stack+0x20/0x38 (C) [ 37.217152] dump_stack_lvl+0x8c/0xd0 [ 37.217275] print_report+0x118/0x608 [ 37.217396] kasan_report+0xdc/0x128 [ 37.217514] __asan_report_store8_noabort+0x20/0x30 [ 37.221024] kasan_atomics_helper+0x3e5c/0x4858 [ 37.221787] kasan_atomics+0x198/0x2e0 [ 37.222659] kunit_try_run_case+0x170/0x3f0 [ 37.223936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.224636] kthread+0x328/0x630 [ 37.225870] ret_from_fork+0x10/0x20 [ 37.227065] [ 37.227337] Allocated by task 276: [ 37.227972] kasan_save_stack+0x3c/0x68 [ 37.228215] kasan_save_track+0x20/0x40 [ 37.228575] kasan_save_alloc_info+0x40/0x58 [ 37.228956] __kasan_kmalloc+0xd4/0xd8 [ 37.229832] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.230906] kasan_atomics+0xb8/0x2e0 [ 37.231035] kunit_try_run_case+0x170/0x3f0 [ 37.232095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.232308] kthread+0x328/0x630 [ 37.233320] ret_from_fork+0x10/0x20 [ 37.234034] [ 37.234122] The buggy address belongs to the object at fff00000c77ec800 [ 37.234122] which belongs to the cache kmalloc-64 of size 64 [ 37.234715] The buggy address is located 0 bytes to the right of [ 37.234715] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.235239] [ 37.235327] The buggy address belongs to the physical page: [ 37.235418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.236465] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.236618] page_type: f5(slab) [ 37.236718] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.236840] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.237470] page dumped because: kasan: bad access detected [ 37.238121] [ 37.238279] Memory state around the buggy address: [ 37.238370] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.238486] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.238593] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.239213] ^ [ 37.239659] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.239726] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.239842] ================================================================== [ 36.990812] ================================================================== [ 36.990974] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 36.991299] Write of size 4 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 36.992254] [ 36.992647] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 36.993772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.995170] Hardware name: linux,dummy-virt (DT) [ 36.995265] Call trace: [ 36.995341] show_stack+0x20/0x38 (C) [ 36.995468] dump_stack_lvl+0x8c/0xd0 [ 36.995700] print_report+0x118/0x608 [ 36.995836] kasan_report+0xdc/0x128 [ 36.995985] kasan_check_range+0x100/0x1a8 [ 36.996162] __kasan_check_write+0x20/0x30 [ 36.996559] kasan_atomics_helper+0x99c/0x4858 [ 36.996870] kasan_atomics+0x198/0x2e0 [ 36.997013] kunit_try_run_case+0x170/0x3f0 [ 36.997430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.997576] kthread+0x328/0x630 [ 36.997684] ret_from_fork+0x10/0x20 [ 36.997810] [ 36.997868] Allocated by task 276: [ 36.997958] kasan_save_stack+0x3c/0x68 [ 36.998095] kasan_save_track+0x20/0x40 [ 36.998194] kasan_save_alloc_info+0x40/0x58 [ 36.998291] __kasan_kmalloc+0xd4/0xd8 [ 36.998406] __kmalloc_cache_noprof+0x16c/0x3c0 [ 36.998514] kasan_atomics+0xb8/0x2e0 [ 36.998635] kunit_try_run_case+0x170/0x3f0 [ 36.998740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.998881] kthread+0x328/0x630 [ 36.998993] ret_from_fork+0x10/0x20 [ 36.999497] [ 37.000088] The buggy address belongs to the object at fff00000c77ec800 [ 37.000088] which belongs to the cache kmalloc-64 of size 64 [ 37.000248] The buggy address is located 0 bytes to the right of [ 37.000248] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.001382] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.003604] ^ [ 37.007436] Write of size 4 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.017427] The buggy address is located 0 bytes to the right of [ 37.017427] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.017983] [ 37.018505] The buggy address belongs to the physical page: [ 37.018908] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.019661] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.020396] page_type: f5(slab) [ 37.020507] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.020633] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.020735] page dumped because: kasan: bad access detected [ 37.020817] [ 37.021550] Memory state around the buggy address: [ 37.022350] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.022503] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.022626] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.023245] ^ [ 37.023555] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.023668] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.024014] ================================================================== [ 37.548299] ================================================================== [ 37.548493] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 37.548923] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.549153] [ 37.549277] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.549490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.549561] Hardware name: linux,dummy-virt (DT) [ 37.549639] Call trace: [ 37.549693] show_stack+0x20/0x38 (C) [ 37.549832] dump_stack_lvl+0x8c/0xd0 [ 37.550037] print_report+0x118/0x608 [ 37.550180] kasan_report+0xdc/0x128 [ 37.550530] kasan_check_range+0x100/0x1a8 [ 37.550645] __kasan_check_write+0x20/0x30 [ 37.550762] kasan_atomics_helper+0x16d0/0x4858 [ 37.551078] kasan_atomics+0x198/0x2e0 [ 37.551396] kunit_try_run_case+0x170/0x3f0 [ 37.551623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.551787] kthread+0x328/0x630 [ 37.552158] ret_from_fork+0x10/0x20 [ 37.552570] [ 37.552695] Allocated by task 276: [ 37.553131] kasan_save_stack+0x3c/0x68 [ 37.553541] kasan_save_track+0x20/0x40 [ 37.553607] kasan_save_alloc_info+0x40/0x58 [ 37.553657] __kasan_kmalloc+0xd4/0xd8 [ 37.553734] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.553814] kasan_atomics+0xb8/0x2e0 [ 37.553864] kunit_try_run_case+0x170/0x3f0 [ 37.554071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.554331] kthread+0x328/0x630 [ 37.554425] ret_from_fork+0x10/0x20 [ 37.554516] [ 37.554546] The buggy address belongs to the object at fff00000c77ec800 [ 37.554546] which belongs to the cache kmalloc-64 of size 64 [ 37.554619] The buggy address is located 0 bytes to the right of [ 37.554619] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.554755] [ 37.554788] The buggy address belongs to the physical page: [ 37.554828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.554919] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.554988] page_type: f5(slab) [ 37.555036] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.555322] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.555436] page dumped because: kasan: bad access detected [ 37.555693] [ 37.555767] Memory state around the buggy address: [ 37.555960] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.556071] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.556186] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.556280] ^ [ 37.556362] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.556620] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.556771] ================================================================== [ 37.189264] ================================================================== [ 37.189386] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 37.189520] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.189657] [ 37.189747] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.189994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.190257] Hardware name: linux,dummy-virt (DT) [ 37.190439] Call trace: [ 37.190502] show_stack+0x20/0x38 (C) [ 37.191844] dump_stack_lvl+0x8c/0xd0 [ 37.192247] print_report+0x118/0x608 [ 37.192923] kasan_report+0xdc/0x128 [ 37.193689] kasan_check_range+0x100/0x1a8 [ 37.193952] __kasan_check_write+0x20/0x30 [ 37.194669] kasan_atomics_helper+0xe44/0x4858 [ 37.195363] kasan_atomics+0x198/0x2e0 [ 37.195498] kunit_try_run_case+0x170/0x3f0 [ 37.195635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.197779] kthread+0x328/0x630 [ 37.198504] ret_from_fork+0x10/0x20 [ 37.198921] [ 37.198980] Allocated by task 276: [ 37.199378] kasan_save_stack+0x3c/0x68 [ 37.201073] kasan_save_track+0x20/0x40 [ 37.201516] kasan_save_alloc_info+0x40/0x58 [ 37.201785] __kasan_kmalloc+0xd4/0xd8 [ 37.202958] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.203308] kasan_atomics+0xb8/0x2e0 [ 37.203600] kunit_try_run_case+0x170/0x3f0 [ 37.203792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.204131] kthread+0x328/0x630 [ 37.204277] ret_from_fork+0x10/0x20 [ 37.204397] [ 37.204460] The buggy address belongs to the object at fff00000c77ec800 [ 37.204460] which belongs to the cache kmalloc-64 of size 64 [ 37.204618] The buggy address is located 0 bytes to the right of [ 37.204618] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.204785] [ 37.204847] The buggy address belongs to the physical page: [ 37.204952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.205539] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.205669] page_type: f5(slab) [ 37.205772] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.205951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.206157] page dumped because: kasan: bad access detected [ 37.206246] [ 37.206364] Memory state around the buggy address: [ 37.206541] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.206809] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.208536] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.208869] ^ [ 37.209495] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.209610] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.209706] ================================================================== [ 37.147919] ================================================================== [ 37.148028] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 37.148147] Read of size 4 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.148273] [ 37.148364] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.148925] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.149129] Hardware name: linux,dummy-virt (DT) [ 37.149355] Call trace: [ 37.149415] show_stack+0x20/0x38 (C) [ 37.149539] dump_stack_lvl+0x8c/0xd0 [ 37.149661] print_report+0x118/0x608 [ 37.149780] kasan_report+0xdc/0x128 [ 37.149917] __asan_report_load4_noabort+0x20/0x30 [ 37.150059] kasan_atomics_helper+0x3e04/0x4858 [ 37.151385] kasan_atomics+0x198/0x2e0 [ 37.151585] kunit_try_run_case+0x170/0x3f0 [ 37.151722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.151867] kthread+0x328/0x630 [ 37.152052] ret_from_fork+0x10/0x20 [ 37.152406] [ 37.152458] Allocated by task 276: [ 37.152648] kasan_save_stack+0x3c/0x68 [ 37.152856] kasan_save_track+0x20/0x40 [ 37.153029] kasan_save_alloc_info+0x40/0x58 [ 37.153379] __kasan_kmalloc+0xd4/0xd8 [ 37.153721] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.154024] kasan_atomics+0xb8/0x2e0 [ 37.154136] kunit_try_run_case+0x170/0x3f0 [ 37.154318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.154461] kthread+0x328/0x630 [ 37.154620] ret_from_fork+0x10/0x20 [ 37.154718] [ 37.154780] The buggy address belongs to the object at fff00000c77ec800 [ 37.154780] which belongs to the cache kmalloc-64 of size 64 [ 37.155147] The buggy address is located 0 bytes to the right of [ 37.155147] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.155546] [ 37.155688] The buggy address belongs to the physical page: [ 37.155796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.155943] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.156077] page_type: f5(slab) [ 37.156232] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.156379] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.156494] page dumped because: kasan: bad access detected [ 37.156578] [ 37.156628] Memory state around the buggy address: [ 37.156963] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.157175] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.157477] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.157920] ^ [ 37.158053] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.158168] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.158283] ================================================================== [ 37.536685] ================================================================== [ 37.536801] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 37.536939] Read of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.537061] [ 37.537161] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.537574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.537653] Hardware name: linux,dummy-virt (DT) [ 37.537736] Call trace: [ 37.537794] show_stack+0x20/0x38 (C) [ 37.537963] dump_stack_lvl+0x8c/0xd0 [ 37.538327] print_report+0x118/0x608 [ 37.538794] kasan_report+0xdc/0x128 [ 37.538955] __asan_report_load8_noabort+0x20/0x30 [ 37.539092] kasan_atomics_helper+0x3df4/0x4858 [ 37.540382] kasan_atomics+0x198/0x2e0 [ 37.540520] kunit_try_run_case+0x170/0x3f0 [ 37.540667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.541064] kthread+0x328/0x630 [ 37.541189] ret_from_fork+0x10/0x20 [ 37.541417] [ 37.541478] Allocated by task 276: [ 37.541580] kasan_save_stack+0x3c/0x68 [ 37.541779] kasan_save_track+0x20/0x40 [ 37.541979] kasan_save_alloc_info+0x40/0x58 [ 37.542095] __kasan_kmalloc+0xd4/0xd8 [ 37.542435] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.542552] kasan_atomics+0xb8/0x2e0 [ 37.542676] kunit_try_run_case+0x170/0x3f0 [ 37.542932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.543071] kthread+0x328/0x630 [ 37.543178] ret_from_fork+0x10/0x20 [ 37.543338] [ 37.543395] The buggy address belongs to the object at fff00000c77ec800 [ 37.543395] which belongs to the cache kmalloc-64 of size 64 [ 37.543790] The buggy address is located 0 bytes to the right of [ 37.543790] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.543972] [ 37.544050] The buggy address belongs to the physical page: [ 37.544331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.544522] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.544651] page_type: f5(slab) [ 37.544765] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.545203] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.545451] page dumped because: kasan: bad access detected [ 37.545573] [ 37.545669] Memory state around the buggy address: [ 37.545791] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.545917] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.546187] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.546295] ^ [ 37.546547] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.546661] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.546761] ================================================================== [ 37.323657] ================================================================== [ 37.323804] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 37.324309] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.324630] [ 37.324685] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.324796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.324834] Hardware name: linux,dummy-virt (DT) [ 37.324873] Call trace: [ 37.324946] show_stack+0x20/0x38 (C) [ 37.325163] dump_stack_lvl+0x8c/0xd0 [ 37.325432] print_report+0x118/0x608 [ 37.325584] kasan_report+0xdc/0x128 [ 37.325700] kasan_check_range+0x100/0x1a8 [ 37.325818] __kasan_check_write+0x20/0x30 [ 37.325954] kasan_atomics_helper+0x10c0/0x4858 [ 37.326137] kasan_atomics+0x198/0x2e0 [ 37.326290] kunit_try_run_case+0x170/0x3f0 [ 37.326439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.326578] kthread+0x328/0x630 [ 37.326692] ret_from_fork+0x10/0x20 [ 37.326815] [ 37.326866] Allocated by task 276: [ 37.327655] kasan_save_stack+0x3c/0x68 [ 37.327880] kasan_save_track+0x20/0x40 [ 37.328116] kasan_save_alloc_info+0x40/0x58 [ 37.328228] __kasan_kmalloc+0xd4/0xd8 [ 37.328348] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.328917] kasan_atomics+0xb8/0x2e0 [ 37.329626] kunit_try_run_case+0x170/0x3f0 [ 37.330318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.331553] kthread+0x328/0x630 [ 37.331951] ret_from_fork+0x10/0x20 [ 37.332517] [ 37.332575] The buggy address belongs to the object at fff00000c77ec800 [ 37.332575] which belongs to the cache kmalloc-64 of size 64 [ 37.333506] The buggy address is located 0 bytes to the right of [ 37.333506] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.335041] [ 37.335349] The buggy address belongs to the physical page: [ 37.335756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.336252] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.336384] page_type: f5(slab) [ 37.336481] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.336607] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.338309] page dumped because: kasan: bad access detected [ 37.338704] [ 37.339002] Memory state around the buggy address: [ 37.339114] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.339813] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.340118] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.340492] ^ [ 37.341399] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.341518] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.341616] ================================================================== [ 37.572702] ================================================================== [ 37.572999] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 37.573300] Write of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.573573] [ 37.573691] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.573956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.574029] Hardware name: linux,dummy-virt (DT) [ 37.574113] Call trace: [ 37.574294] show_stack+0x20/0x38 (C) [ 37.574643] dump_stack_lvl+0x8c/0xd0 [ 37.574822] print_report+0x118/0x608 [ 37.574968] kasan_report+0xdc/0x128 [ 37.575162] kasan_check_range+0x100/0x1a8 [ 37.575543] __kasan_check_write+0x20/0x30 [ 37.575924] kasan_atomics_helper+0x175c/0x4858 [ 37.576253] kasan_atomics+0x198/0x2e0 [ 37.576380] kunit_try_run_case+0x170/0x3f0 [ 37.577235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.577384] kthread+0x328/0x630 [ 37.577495] ret_from_fork+0x10/0x20 [ 37.577658] [ 37.577825] Allocated by task 276: [ 37.577959] kasan_save_stack+0x3c/0x68 [ 37.578081] kasan_save_track+0x20/0x40 [ 37.578232] kasan_save_alloc_info+0x40/0x58 [ 37.578346] __kasan_kmalloc+0xd4/0xd8 [ 37.578456] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.578562] kasan_atomics+0xb8/0x2e0 [ 37.579312] kunit_try_run_case+0x170/0x3f0 [ 37.579608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.579755] kthread+0x328/0x630 [ 37.579981] ret_from_fork+0x10/0x20 [ 37.580122] [ 37.580184] The buggy address belongs to the object at fff00000c77ec800 [ 37.580184] which belongs to the cache kmalloc-64 of size 64 [ 37.580440] The buggy address is located 0 bytes to the right of [ 37.580440] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.580597] [ 37.580681] The buggy address belongs to the physical page: [ 37.580855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.581008] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.581150] page_type: f5(slab) [ 37.581260] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.581785] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.581910] page dumped because: kasan: bad access detected [ 37.582009] [ 37.582065] Memory state around the buggy address: [ 37.582145] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.582255] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.583584] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.583922] ^ [ 37.584041] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.584247] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.584395] ================================================================== [ 37.034733] ================================================================== [ 37.034855] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 37.035005] Write of size 4 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.035130] [ 37.035231] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.035445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.035535] Hardware name: linux,dummy-virt (DT) [ 37.037622] ret_from_fork+0x10/0x20 [ 37.039622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.039755] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.039879] page_type: f5(slab) [ 37.039991] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.040189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.040322] page dumped because: kasan: bad access detected [ 37.040438] [ 37.041469] ================================================================== [ 37.557434] ================================================================== [ 37.557550] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 37.557675] Read of size 8 at addr fff00000c77ec830 by task kunit_try_catch/276 [ 37.557862] [ 37.557965] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT [ 37.558277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.558427] Hardware name: linux,dummy-virt (DT) [ 37.558585] Call trace: [ 37.558663] show_stack+0x20/0x38 (C) [ 37.558877] dump_stack_lvl+0x8c/0xd0 [ 37.559040] print_report+0x118/0x608 [ 37.560419] kasan_report+0xdc/0x128 [ 37.560588] __asan_report_load8_noabort+0x20/0x30 [ 37.560723] kasan_atomics_helper+0x3e10/0x4858 [ 37.560959] kasan_atomics+0x198/0x2e0 [ 37.561118] kunit_try_run_case+0x170/0x3f0 [ 37.561265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.561423] kthread+0x328/0x630 [ 37.561541] ret_from_fork+0x10/0x20 [ 37.561662] [ 37.561747] Allocated by task 276: [ 37.561823] kasan_save_stack+0x3c/0x68 [ 37.561976] kasan_save_track+0x20/0x40 [ 37.562080] kasan_save_alloc_info+0x40/0x58 [ 37.562176] __kasan_kmalloc+0xd4/0xd8 [ 37.562276] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.562386] kasan_atomics+0xb8/0x2e0 [ 37.562483] kunit_try_run_case+0x170/0x3f0 [ 37.562582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.562687] kthread+0x328/0x630 [ 37.562785] ret_from_fork+0x10/0x20 [ 37.563133] [ 37.563198] The buggy address belongs to the object at fff00000c77ec800 [ 37.563198] which belongs to the cache kmalloc-64 of size 64 [ 37.563844] The buggy address is located 0 bytes to the right of [ 37.563844] allocated 48-byte region [fff00000c77ec800, fff00000c77ec830) [ 37.564689] [ 37.565227] The buggy address belongs to the physical page: [ 37.565312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 37.565678] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.565940] page_type: f5(slab) [ 37.566350] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.566791] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.566933] page dumped because: kasan: bad access detected [ 37.567018] [ 37.567447] Memory state around the buggy address: [ 37.567551] fff00000c77ec700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.568241] fff00000c77ec780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.568476] >fff00000c77ec800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.568689] ^ [ 37.569039] fff00000c77ec880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.569375] fff00000c77ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.570451] ==================================================================
[ 33.452668] ================================================================== [ 33.453044] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 33.453468] Read of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.454203] [ 33.454505] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.454695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.454734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.454808] Call Trace: [ 33.454854] <TASK> [ 33.454902] dump_stack_lvl+0x73/0xb0 [ 33.455009] print_report+0xd1/0x650 [ 33.455072] ? __virt_addr_valid+0x1db/0x2d0 [ 33.455139] ? kasan_atomics_helper+0x4a36/0x5450 [ 33.455203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.455278] ? kasan_atomics_helper+0x4a36/0x5450 [ 33.455343] kasan_report+0x141/0x180 [ 33.455407] ? kasan_atomics_helper+0x4a36/0x5450 [ 33.455484] __asan_report_load4_noabort+0x18/0x20 [ 33.455570] kasan_atomics_helper+0x4a36/0x5450 [ 33.455672] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.455744] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.455816] ? kasan_atomics+0x152/0x310 [ 33.455903] kasan_atomics+0x1dc/0x310 [ 33.455968] ? __pfx_kasan_atomics+0x10/0x10 [ 33.456034] ? __pfx_read_tsc+0x10/0x10 [ 33.456091] ? ktime_get_ts64+0x86/0x230 [ 33.456159] kunit_try_run_case+0x1a5/0x480 [ 33.456229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.456296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.456368] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.456441] ? __kthread_parkme+0x82/0x180 [ 33.456503] ? preempt_count_sub+0x50/0x80 [ 33.456589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.456694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.456749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.456786] kthread+0x337/0x6f0 [ 33.456817] ? trace_preempt_on+0x20/0xc0 [ 33.456852] ? __pfx_kthread+0x10/0x10 [ 33.456883] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.456915] ? calculate_sigpending+0x7b/0xa0 [ 33.456948] ? __pfx_kthread+0x10/0x10 [ 33.456977] ret_from_fork+0x116/0x1d0 [ 33.457004] ? __pfx_kthread+0x10/0x10 [ 33.457034] ret_from_fork_asm+0x1a/0x30 [ 33.457074] </TASK> [ 33.457090] [ 33.472379] Allocated by task 295: [ 33.472804] kasan_save_stack+0x45/0x70 [ 33.473192] kasan_save_track+0x18/0x40 [ 33.473596] kasan_save_alloc_info+0x3b/0x50 [ 33.473994] __kasan_kmalloc+0xb7/0xc0 [ 33.474356] __kmalloc_cache_noprof+0x189/0x420 [ 33.474794] kasan_atomics+0x95/0x310 [ 33.475048] kunit_try_run_case+0x1a5/0x480 [ 33.475290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.475855] kthread+0x337/0x6f0 [ 33.476242] ret_from_fork+0x116/0x1d0 [ 33.476674] ret_from_fork_asm+0x1a/0x30 [ 33.477101] [ 33.477275] The buggy address belongs to the object at ffff888102daa080 [ 33.477275] which belongs to the cache kmalloc-64 of size 64 [ 33.478088] The buggy address is located 0 bytes to the right of [ 33.478088] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.479044] [ 33.479195] The buggy address belongs to the physical page: [ 33.479672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.480427] flags: 0x200000000000000(node=0|zone=2) [ 33.480821] page_type: f5(slab) [ 33.481045] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.481767] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.482349] page dumped because: kasan: bad access detected [ 33.482813] [ 33.483071] Memory state around the buggy address: [ 33.483470] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.484101] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.484624] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.485512] ^ [ 33.485818] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.486165] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.486841] ================================================================== [ 34.091907] ================================================================== [ 34.092587] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 34.093334] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.094134] [ 34.094316] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.094423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.094454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.094505] Call Trace: [ 34.094567] <TASK> [ 34.094612] dump_stack_lvl+0x73/0xb0 [ 34.094689] print_report+0xd1/0x650 [ 34.094753] ? __virt_addr_valid+0x1db/0x2d0 [ 34.094818] ? kasan_atomics_helper+0x1818/0x5450 [ 34.094875] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.094946] ? kasan_atomics_helper+0x1818/0x5450 [ 34.095009] kasan_report+0x141/0x180 [ 34.095071] ? kasan_atomics_helper+0x1818/0x5450 [ 34.095145] kasan_check_range+0x10c/0x1c0 [ 34.095212] __kasan_check_write+0x18/0x20 [ 34.095277] kasan_atomics_helper+0x1818/0x5450 [ 34.095364] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.095436] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.095509] ? kasan_atomics+0x152/0x310 [ 34.095598] kasan_atomics+0x1dc/0x310 [ 34.095763] ? __pfx_kasan_atomics+0x10/0x10 [ 34.095847] ? __pfx_read_tsc+0x10/0x10 [ 34.095915] ? ktime_get_ts64+0x86/0x230 [ 34.095987] kunit_try_run_case+0x1a5/0x480 [ 34.096061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.096127] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.096201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.096264] ? __kthread_parkme+0x82/0x180 [ 34.096296] ? preempt_count_sub+0x50/0x80 [ 34.096332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.096365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.096400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.096433] kthread+0x337/0x6f0 [ 34.096461] ? trace_preempt_on+0x20/0xc0 [ 34.096494] ? __pfx_kthread+0x10/0x10 [ 34.096523] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.096578] ? calculate_sigpending+0x7b/0xa0 [ 34.096612] ? __pfx_kthread+0x10/0x10 [ 34.096683] ret_from_fork+0x116/0x1d0 [ 34.096715] ? __pfx_kthread+0x10/0x10 [ 34.096744] ret_from_fork_asm+0x1a/0x30 [ 34.096786] </TASK> [ 34.096803] [ 34.111470] Allocated by task 295: [ 34.111781] kasan_save_stack+0x45/0x70 [ 34.112077] kasan_save_track+0x18/0x40 [ 34.112316] kasan_save_alloc_info+0x3b/0x50 [ 34.112811] __kasan_kmalloc+0xb7/0xc0 [ 34.113229] __kmalloc_cache_noprof+0x189/0x420 [ 34.113743] kasan_atomics+0x95/0x310 [ 34.114208] kunit_try_run_case+0x1a5/0x480 [ 34.114735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.115307] kthread+0x337/0x6f0 [ 34.115794] ret_from_fork+0x116/0x1d0 [ 34.116269] ret_from_fork_asm+0x1a/0x30 [ 34.116777] [ 34.117056] The buggy address belongs to the object at ffff888102daa080 [ 34.117056] which belongs to the cache kmalloc-64 of size 64 [ 34.117986] The buggy address is located 0 bytes to the right of [ 34.117986] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.118831] [ 34.119105] The buggy address belongs to the physical page: [ 34.119589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.120033] flags: 0x200000000000000(node=0|zone=2) [ 34.120487] page_type: f5(slab) [ 34.120920] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.121611] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.122271] page dumped because: kasan: bad access detected [ 34.122864] [ 34.123032] Memory state around the buggy address: [ 34.123418] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.124043] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.124393] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.125164] ^ [ 34.125770] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.126467] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.126948] ================================================================== [ 32.698519] ================================================================== [ 32.699007] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 32.700442] Read of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.701107] [ 32.701446] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.701618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.701655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.701708] Call Trace: [ 32.701754] <TASK> [ 32.701800] dump_stack_lvl+0x73/0xb0 [ 32.701881] print_report+0xd1/0x650 [ 32.701948] ? __virt_addr_valid+0x1db/0x2d0 [ 32.702016] ? kasan_atomics_helper+0x4b54/0x5450 [ 32.702078] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.702190] ? kasan_atomics_helper+0x4b54/0x5450 [ 32.702224] kasan_report+0x141/0x180 [ 32.702257] ? kasan_atomics_helper+0x4b54/0x5450 [ 32.702294] __asan_report_load4_noabort+0x18/0x20 [ 32.702328] kasan_atomics_helper+0x4b54/0x5450 [ 32.702359] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.702389] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.702424] ? kasan_atomics+0x152/0x310 [ 32.702459] kasan_atomics+0x1dc/0x310 [ 32.702490] ? __pfx_kasan_atomics+0x10/0x10 [ 32.702523] ? __pfx_read_tsc+0x10/0x10 [ 32.702579] ? ktime_get_ts64+0x86/0x230 [ 32.702614] kunit_try_run_case+0x1a5/0x480 [ 32.702675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.702708] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.702744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.702778] ? __kthread_parkme+0x82/0x180 [ 32.702808] ? preempt_count_sub+0x50/0x80 [ 32.702841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.702874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.702907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.702940] kthread+0x337/0x6f0 [ 32.702969] ? trace_preempt_on+0x20/0xc0 [ 32.703002] ? __pfx_kthread+0x10/0x10 [ 32.703031] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.703063] ? calculate_sigpending+0x7b/0xa0 [ 32.703095] ? __pfx_kthread+0x10/0x10 [ 32.703125] ret_from_fork+0x116/0x1d0 [ 32.703152] ? __pfx_kthread+0x10/0x10 [ 32.703181] ret_from_fork_asm+0x1a/0x30 [ 32.703221] </TASK> [ 32.703236] [ 32.716673] Allocated by task 295: [ 32.717096] kasan_save_stack+0x45/0x70 [ 32.717518] kasan_save_track+0x18/0x40 [ 32.718000] kasan_save_alloc_info+0x3b/0x50 [ 32.718445] __kasan_kmalloc+0xb7/0xc0 [ 32.718854] __kmalloc_cache_noprof+0x189/0x420 [ 32.719321] kasan_atomics+0x95/0x310 [ 32.719746] kunit_try_run_case+0x1a5/0x480 [ 32.720159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.720815] kthread+0x337/0x6f0 [ 32.721236] ret_from_fork+0x116/0x1d0 [ 32.721662] ret_from_fork_asm+0x1a/0x30 [ 32.721996] [ 32.722213] The buggy address belongs to the object at ffff888102daa080 [ 32.722213] which belongs to the cache kmalloc-64 of size 64 [ 32.723063] The buggy address is located 0 bytes to the right of [ 32.723063] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.723997] [ 32.724313] The buggy address belongs to the physical page: [ 32.724899] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.725658] flags: 0x200000000000000(node=0|zone=2) [ 32.726102] page_type: f5(slab) [ 32.726503] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.727159] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.727950] page dumped because: kasan: bad access detected [ 32.728321] [ 32.728593] Memory state around the buggy address: [ 32.729130] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.729720] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.730278] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.730896] ^ [ 32.731340] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.731877] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.732367] ================================================================== [ 32.988352] ================================================================== [ 32.989068] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 32.990387] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.991389] [ 32.991601] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.991779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.991812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.991896] Call Trace: [ 32.991942] <TASK> [ 32.991991] dump_stack_lvl+0x73/0xb0 [ 32.992068] print_report+0xd1/0x650 [ 32.992115] ? __virt_addr_valid+0x1db/0x2d0 [ 32.992152] ? kasan_atomics_helper+0x860/0x5450 [ 32.992184] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.992220] ? kasan_atomics_helper+0x860/0x5450 [ 32.992251] kasan_report+0x141/0x180 [ 32.992281] ? kasan_atomics_helper+0x860/0x5450 [ 32.992316] kasan_check_range+0x10c/0x1c0 [ 32.992348] __kasan_check_write+0x18/0x20 [ 32.992379] kasan_atomics_helper+0x860/0x5450 [ 32.992410] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.992439] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.992473] ? kasan_atomics+0x152/0x310 [ 32.992508] kasan_atomics+0x1dc/0x310 [ 32.992558] ? __pfx_kasan_atomics+0x10/0x10 [ 32.992594] ? __pfx_read_tsc+0x10/0x10 [ 32.992641] ? ktime_get_ts64+0x86/0x230 [ 32.992698] kunit_try_run_case+0x1a5/0x480 [ 32.992734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.992766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.992801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.992835] ? __kthread_parkme+0x82/0x180 [ 32.992865] ? preempt_count_sub+0x50/0x80 [ 32.992899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.992932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.992966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.992999] kthread+0x337/0x6f0 [ 32.993027] ? trace_preempt_on+0x20/0xc0 [ 32.993060] ? __pfx_kthread+0x10/0x10 [ 32.993089] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.993121] ? calculate_sigpending+0x7b/0xa0 [ 32.993153] ? __pfx_kthread+0x10/0x10 [ 32.993183] ret_from_fork+0x116/0x1d0 [ 32.993210] ? __pfx_kthread+0x10/0x10 [ 32.993239] ret_from_fork_asm+0x1a/0x30 [ 32.993280] </TASK> [ 32.993296] [ 33.007586] Allocated by task 295: [ 33.008066] kasan_save_stack+0x45/0x70 [ 33.008510] kasan_save_track+0x18/0x40 [ 33.009006] kasan_save_alloc_info+0x3b/0x50 [ 33.009434] __kasan_kmalloc+0xb7/0xc0 [ 33.009911] __kmalloc_cache_noprof+0x189/0x420 [ 33.010329] kasan_atomics+0x95/0x310 [ 33.010812] kunit_try_run_case+0x1a5/0x480 [ 33.011093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.011389] kthread+0x337/0x6f0 [ 33.011618] ret_from_fork+0x116/0x1d0 [ 33.011914] ret_from_fork_asm+0x1a/0x30 [ 33.012362] [ 33.012584] The buggy address belongs to the object at ffff888102daa080 [ 33.012584] which belongs to the cache kmalloc-64 of size 64 [ 33.013772] The buggy address is located 0 bytes to the right of [ 33.013772] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.015115] [ 33.015335] The buggy address belongs to the physical page: [ 33.015888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.016600] flags: 0x200000000000000(node=0|zone=2) [ 33.017050] page_type: f5(slab) [ 33.017341] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.018067] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.018851] page dumped because: kasan: bad access detected [ 33.019398] [ 33.019653] Memory state around the buggy address: [ 33.019996] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.020704] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.021279] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.021953] ^ [ 33.022325] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.022961] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.023585] ================================================================== [ 33.630282] ================================================================== [ 33.631817] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 33.632224] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.632908] [ 33.633097] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.633210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.633244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.633299] Call Trace: [ 33.633344] <TASK> [ 33.633389] dump_stack_lvl+0x73/0xb0 [ 33.633469] print_report+0xd1/0x650 [ 33.633549] ? __virt_addr_valid+0x1db/0x2d0 [ 33.633619] ? kasan_atomics_helper+0x1217/0x5450 [ 33.633683] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.633756] ? kasan_atomics_helper+0x1217/0x5450 [ 33.633821] kasan_report+0x141/0x180 [ 33.633883] ? kasan_atomics_helper+0x1217/0x5450 [ 33.633953] kasan_check_range+0x10c/0x1c0 [ 33.634014] __kasan_check_write+0x18/0x20 [ 33.634077] kasan_atomics_helper+0x1217/0x5450 [ 33.634175] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.634270] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.634335] ? kasan_atomics+0x152/0x310 [ 33.634397] kasan_atomics+0x1dc/0x310 [ 33.634460] ? __pfx_kasan_atomics+0x10/0x10 [ 33.634787] ? __pfx_read_tsc+0x10/0x10 [ 33.634861] ? ktime_get_ts64+0x86/0x230 [ 33.634931] kunit_try_run_case+0x1a5/0x480 [ 33.635005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.635072] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.635143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.635184] ? __kthread_parkme+0x82/0x180 [ 33.635216] ? preempt_count_sub+0x50/0x80 [ 33.635250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.635285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.635321] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.635355] kthread+0x337/0x6f0 [ 33.635383] ? trace_preempt_on+0x20/0xc0 [ 33.635416] ? __pfx_kthread+0x10/0x10 [ 33.635446] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.635478] ? calculate_sigpending+0x7b/0xa0 [ 33.635511] ? __pfx_kthread+0x10/0x10 [ 33.635563] ret_from_fork+0x116/0x1d0 [ 33.635592] ? __pfx_kthread+0x10/0x10 [ 33.635623] ret_from_fork_asm+0x1a/0x30 [ 33.635681] </TASK> [ 33.635697] [ 33.648141] Allocated by task 295: [ 33.648479] kasan_save_stack+0x45/0x70 [ 33.648994] kasan_save_track+0x18/0x40 [ 33.649254] kasan_save_alloc_info+0x3b/0x50 [ 33.649516] __kasan_kmalloc+0xb7/0xc0 [ 33.649948] __kmalloc_cache_noprof+0x189/0x420 [ 33.650520] kasan_atomics+0x95/0x310 [ 33.651041] kunit_try_run_case+0x1a5/0x480 [ 33.651487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.652153] kthread+0x337/0x6f0 [ 33.652497] ret_from_fork+0x116/0x1d0 [ 33.652973] ret_from_fork_asm+0x1a/0x30 [ 33.653400] [ 33.653556] The buggy address belongs to the object at ffff888102daa080 [ 33.653556] which belongs to the cache kmalloc-64 of size 64 [ 33.654132] The buggy address is located 0 bytes to the right of [ 33.654132] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.654884] [ 33.655104] The buggy address belongs to the physical page: [ 33.655655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.656390] flags: 0x200000000000000(node=0|zone=2) [ 33.656979] page_type: f5(slab) [ 33.657331] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.658136] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.658716] page dumped because: kasan: bad access detected [ 33.659073] [ 33.659341] Memory state around the buggy address: [ 33.659857] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.660218] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.660579] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.661241] ^ [ 33.661812] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.662476] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.663144] ================================================================== [ 33.948748] ================================================================== [ 33.949402] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 33.950030] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.950552] [ 33.950952] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.951074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.951109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.951159] Call Trace: [ 33.951202] <TASK> [ 33.951248] dump_stack_lvl+0x73/0xb0 [ 33.951325] print_report+0xd1/0x650 [ 33.951387] ? __virt_addr_valid+0x1db/0x2d0 [ 33.951447] ? kasan_atomics_helper+0x15b6/0x5450 [ 33.951501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.951587] ? kasan_atomics_helper+0x15b6/0x5450 [ 33.951686] kasan_report+0x141/0x180 [ 33.951750] ? kasan_atomics_helper+0x15b6/0x5450 [ 33.951836] kasan_check_range+0x10c/0x1c0 [ 33.951905] __kasan_check_write+0x18/0x20 [ 33.951961] kasan_atomics_helper+0x15b6/0x5450 [ 33.951996] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.952028] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.952064] ? kasan_atomics+0x152/0x310 [ 33.952100] kasan_atomics+0x1dc/0x310 [ 33.952132] ? __pfx_kasan_atomics+0x10/0x10 [ 33.952164] ? __pfx_read_tsc+0x10/0x10 [ 33.952198] ? ktime_get_ts64+0x86/0x230 [ 33.952232] kunit_try_run_case+0x1a5/0x480 [ 33.952266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.952298] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.952334] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.952367] ? __kthread_parkme+0x82/0x180 [ 33.952396] ? preempt_count_sub+0x50/0x80 [ 33.952428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.952461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.952494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.952527] kthread+0x337/0x6f0 [ 33.952579] ? trace_preempt_on+0x20/0xc0 [ 33.952614] ? __pfx_kthread+0x10/0x10 [ 33.952669] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.952703] ? calculate_sigpending+0x7b/0xa0 [ 33.952737] ? __pfx_kthread+0x10/0x10 [ 33.952767] ret_from_fork+0x116/0x1d0 [ 33.952795] ? __pfx_kthread+0x10/0x10 [ 33.952824] ret_from_fork_asm+0x1a/0x30 [ 33.952865] </TASK> [ 33.952882] [ 33.967597] Allocated by task 295: [ 33.968337] kasan_save_stack+0x45/0x70 [ 33.968894] kasan_save_track+0x18/0x40 [ 33.969376] kasan_save_alloc_info+0x3b/0x50 [ 33.969816] __kasan_kmalloc+0xb7/0xc0 [ 33.970298] __kmalloc_cache_noprof+0x189/0x420 [ 33.970729] kasan_atomics+0x95/0x310 [ 33.971155] kunit_try_run_case+0x1a5/0x480 [ 33.971767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.972143] kthread+0x337/0x6f0 [ 33.972605] ret_from_fork+0x116/0x1d0 [ 33.973131] ret_from_fork_asm+0x1a/0x30 [ 33.973614] [ 33.973872] The buggy address belongs to the object at ffff888102daa080 [ 33.973872] which belongs to the cache kmalloc-64 of size 64 [ 33.974647] The buggy address is located 0 bytes to the right of [ 33.974647] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.975906] [ 33.976063] The buggy address belongs to the physical page: [ 33.976690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.977352] flags: 0x200000000000000(node=0|zone=2) [ 33.977821] page_type: f5(slab) [ 33.978300] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.978953] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.979667] page dumped because: kasan: bad access detected [ 33.980139] [ 33.980377] Memory state around the buggy address: [ 33.980908] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.981471] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.982121] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.982713] ^ [ 33.982983] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.983745] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.984226] ================================================================== [ 32.916130] ================================================================== [ 32.916602] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 32.917356] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.918049] [ 32.918271] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.918413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.918464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.918518] Call Trace: [ 32.918579] <TASK> [ 32.918638] dump_stack_lvl+0x73/0xb0 [ 32.918713] print_report+0xd1/0x650 [ 32.918776] ? __virt_addr_valid+0x1db/0x2d0 [ 32.918840] ? kasan_atomics_helper+0x72f/0x5450 [ 32.918899] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.918962] ? kasan_atomics_helper+0x72f/0x5450 [ 32.919049] kasan_report+0x141/0x180 [ 32.919113] ? kasan_atomics_helper+0x72f/0x5450 [ 32.919189] kasan_check_range+0x10c/0x1c0 [ 32.919256] __kasan_check_write+0x18/0x20 [ 32.919318] kasan_atomics_helper+0x72f/0x5450 [ 32.919352] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.919384] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.919419] ? kasan_atomics+0x152/0x310 [ 32.919454] kasan_atomics+0x1dc/0x310 [ 32.919485] ? __pfx_kasan_atomics+0x10/0x10 [ 32.919517] ? __pfx_read_tsc+0x10/0x10 [ 32.919571] ? ktime_get_ts64+0x86/0x230 [ 32.919606] kunit_try_run_case+0x1a5/0x480 [ 32.919654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.919690] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.919729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.919763] ? __kthread_parkme+0x82/0x180 [ 32.919792] ? preempt_count_sub+0x50/0x80 [ 32.919837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.919871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.919904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.919937] kthread+0x337/0x6f0 [ 32.919965] ? trace_preempt_on+0x20/0xc0 [ 32.919998] ? __pfx_kthread+0x10/0x10 [ 32.920027] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.920059] ? calculate_sigpending+0x7b/0xa0 [ 32.920092] ? __pfx_kthread+0x10/0x10 [ 32.920121] ret_from_fork+0x116/0x1d0 [ 32.920148] ? __pfx_kthread+0x10/0x10 [ 32.920176] ret_from_fork_asm+0x1a/0x30 [ 32.920217] </TASK> [ 32.920233] [ 32.936955] Allocated by task 295: [ 32.937231] kasan_save_stack+0x45/0x70 [ 32.937695] kasan_save_track+0x18/0x40 [ 32.937997] kasan_save_alloc_info+0x3b/0x50 [ 32.938382] __kasan_kmalloc+0xb7/0xc0 [ 32.938768] __kmalloc_cache_noprof+0x189/0x420 [ 32.939176] kasan_atomics+0x95/0x310 [ 32.939615] kunit_try_run_case+0x1a5/0x480 [ 32.939936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.940533] kthread+0x337/0x6f0 [ 32.941026] ret_from_fork+0x116/0x1d0 [ 32.941433] ret_from_fork_asm+0x1a/0x30 [ 32.941888] [ 32.942119] The buggy address belongs to the object at ffff888102daa080 [ 32.942119] which belongs to the cache kmalloc-64 of size 64 [ 32.943053] The buggy address is located 0 bytes to the right of [ 32.943053] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.943918] [ 32.944187] The buggy address belongs to the physical page: [ 32.944825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.945465] flags: 0x200000000000000(node=0|zone=2) [ 32.945900] page_type: f5(slab) [ 32.946278] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.946950] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.947595] page dumped because: kasan: bad access detected [ 32.948077] [ 32.948286] Memory state around the buggy address: [ 32.948725] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.949396] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.950058] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.950609] ^ [ 32.951150] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.951707] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.952288] ================================================================== [ 34.020306] ================================================================== [ 34.021144] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 34.021752] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.022203] [ 34.022444] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.022604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.022665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.022720] Call Trace: [ 34.022763] <TASK> [ 34.022808] dump_stack_lvl+0x73/0xb0 [ 34.022886] print_report+0xd1/0x650 [ 34.022949] ? __virt_addr_valid+0x1db/0x2d0 [ 34.023011] ? kasan_atomics_helper+0x16e7/0x5450 [ 34.023067] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.023134] ? kasan_atomics_helper+0x16e7/0x5450 [ 34.023194] kasan_report+0x141/0x180 [ 34.023259] ? kasan_atomics_helper+0x16e7/0x5450 [ 34.023327] kasan_check_range+0x10c/0x1c0 [ 34.023389] __kasan_check_write+0x18/0x20 [ 34.023449] kasan_atomics_helper+0x16e7/0x5450 [ 34.023507] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.023587] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.023692] ? kasan_atomics+0x152/0x310 [ 34.023761] kasan_atomics+0x1dc/0x310 [ 34.023830] ? __pfx_kasan_atomics+0x10/0x10 [ 34.023898] ? __pfx_read_tsc+0x10/0x10 [ 34.023956] ? ktime_get_ts64+0x86/0x230 [ 34.024018] kunit_try_run_case+0x1a5/0x480 [ 34.024059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.024094] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.024131] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.024165] ? __kthread_parkme+0x82/0x180 [ 34.024195] ? preempt_count_sub+0x50/0x80 [ 34.024227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.024299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.024334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.024368] kthread+0x337/0x6f0 [ 34.024396] ? trace_preempt_on+0x20/0xc0 [ 34.024429] ? __pfx_kthread+0x10/0x10 [ 34.024459] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.024491] ? calculate_sigpending+0x7b/0xa0 [ 34.024524] ? __pfx_kthread+0x10/0x10 [ 34.024579] ret_from_fork+0x116/0x1d0 [ 34.024608] ? __pfx_kthread+0x10/0x10 [ 34.024662] ret_from_fork_asm+0x1a/0x30 [ 34.024708] </TASK> [ 34.024726] [ 34.039267] Allocated by task 295: [ 34.039770] kasan_save_stack+0x45/0x70 [ 34.040256] kasan_save_track+0x18/0x40 [ 34.040748] kasan_save_alloc_info+0x3b/0x50 [ 34.041123] __kasan_kmalloc+0xb7/0xc0 [ 34.041586] __kmalloc_cache_noprof+0x189/0x420 [ 34.042117] kasan_atomics+0x95/0x310 [ 34.042411] kunit_try_run_case+0x1a5/0x480 [ 34.042874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.043275] kthread+0x337/0x6f0 [ 34.043700] ret_from_fork+0x116/0x1d0 [ 34.044044] ret_from_fork_asm+0x1a/0x30 [ 34.044355] [ 34.044606] The buggy address belongs to the object at ffff888102daa080 [ 34.044606] which belongs to the cache kmalloc-64 of size 64 [ 34.045460] The buggy address is located 0 bytes to the right of [ 34.045460] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.046397] [ 34.046671] The buggy address belongs to the physical page: [ 34.047089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.047795] flags: 0x200000000000000(node=0|zone=2) [ 34.048120] page_type: f5(slab) [ 34.048525] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.049232] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.049920] page dumped because: kasan: bad access detected [ 34.050245] [ 34.050393] Memory state around the buggy address: [ 34.050818] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.051398] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.051951] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.052482] ^ [ 34.052986] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.053497] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.054066] ================================================================== [ 34.305849] ================================================================== [ 34.306390] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 34.307095] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.307478] [ 34.307813] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.307951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.307988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.308038] Call Trace: [ 34.308079] <TASK> [ 34.308137] dump_stack_lvl+0x73/0xb0 [ 34.308234] print_report+0xd1/0x650 [ 34.308300] ? __virt_addr_valid+0x1db/0x2d0 [ 34.308363] ? kasan_atomics_helper+0x1c18/0x5450 [ 34.308424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.308502] ? kasan_atomics_helper+0x1c18/0x5450 [ 34.308589] kasan_report+0x141/0x180 [ 34.308691] ? kasan_atomics_helper+0x1c18/0x5450 [ 34.308765] kasan_check_range+0x10c/0x1c0 [ 34.308840] __kasan_check_write+0x18/0x20 [ 34.308925] kasan_atomics_helper+0x1c18/0x5450 [ 34.308985] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.309025] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.309063] ? kasan_atomics+0x152/0x310 [ 34.309100] kasan_atomics+0x1dc/0x310 [ 34.309135] ? __pfx_kasan_atomics+0x10/0x10 [ 34.309192] ? __pfx_read_tsc+0x10/0x10 [ 34.309253] ? ktime_get_ts64+0x86/0x230 [ 34.309330] kunit_try_run_case+0x1a5/0x480 [ 34.309418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.309478] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.309560] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.309660] ? __kthread_parkme+0x82/0x180 [ 34.309740] ? preempt_count_sub+0x50/0x80 [ 34.309825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.309867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.309902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.309936] kthread+0x337/0x6f0 [ 34.309965] ? trace_preempt_on+0x20/0xc0 [ 34.310000] ? __pfx_kthread+0x10/0x10 [ 34.310030] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.310064] ? calculate_sigpending+0x7b/0xa0 [ 34.310098] ? __pfx_kthread+0x10/0x10 [ 34.310128] ret_from_fork+0x116/0x1d0 [ 34.310155] ? __pfx_kthread+0x10/0x10 [ 34.310183] ret_from_fork_asm+0x1a/0x30 [ 34.310225] </TASK> [ 34.310241] [ 34.324123] Allocated by task 295: [ 34.324584] kasan_save_stack+0x45/0x70 [ 34.325037] kasan_save_track+0x18/0x40 [ 34.325291] kasan_save_alloc_info+0x3b/0x50 [ 34.325598] __kasan_kmalloc+0xb7/0xc0 [ 34.326107] __kmalloc_cache_noprof+0x189/0x420 [ 34.326591] kasan_atomics+0x95/0x310 [ 34.327003] kunit_try_run_case+0x1a5/0x480 [ 34.327414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.327948] kthread+0x337/0x6f0 [ 34.328346] ret_from_fork+0x116/0x1d0 [ 34.328866] ret_from_fork_asm+0x1a/0x30 [ 34.329221] [ 34.329362] The buggy address belongs to the object at ffff888102daa080 [ 34.329362] which belongs to the cache kmalloc-64 of size 64 [ 34.330407] The buggy address is located 0 bytes to the right of [ 34.330407] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.331514] [ 34.331815] The buggy address belongs to the physical page: [ 34.332237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.332893] flags: 0x200000000000000(node=0|zone=2) [ 34.333345] page_type: f5(slab) [ 34.333760] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.334433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.335030] page dumped because: kasan: bad access detected [ 34.335324] [ 34.335452] Memory state around the buggy address: [ 34.335917] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.336712] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.337444] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.337979] ^ [ 34.338434] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.338960] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.339331] ================================================================== [ 34.197923] ================================================================== [ 34.198564] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 34.199792] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.200434] [ 34.200710] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.200830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.200863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.200916] Call Trace: [ 34.200961] <TASK> [ 34.201003] dump_stack_lvl+0x73/0xb0 [ 34.201084] print_report+0xd1/0x650 [ 34.201147] ? __virt_addr_valid+0x1db/0x2d0 [ 34.201215] ? kasan_atomics_helper+0x19e3/0x5450 [ 34.201276] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.201399] ? kasan_atomics_helper+0x19e3/0x5450 [ 34.201467] kasan_report+0x141/0x180 [ 34.201533] ? kasan_atomics_helper+0x19e3/0x5450 [ 34.201654] kasan_check_range+0x10c/0x1c0 [ 34.201703] __kasan_check_write+0x18/0x20 [ 34.201739] kasan_atomics_helper+0x19e3/0x5450 [ 34.201771] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.201803] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.201837] ? kasan_atomics+0x152/0x310 [ 34.201872] kasan_atomics+0x1dc/0x310 [ 34.201904] ? __pfx_kasan_atomics+0x10/0x10 [ 34.201936] ? __pfx_read_tsc+0x10/0x10 [ 34.201969] ? ktime_get_ts64+0x86/0x230 [ 34.202002] kunit_try_run_case+0x1a5/0x480 [ 34.202036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.202068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.202103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.202135] ? __kthread_parkme+0x82/0x180 [ 34.202164] ? preempt_count_sub+0x50/0x80 [ 34.202197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.202230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.202262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.202295] kthread+0x337/0x6f0 [ 34.202323] ? trace_preempt_on+0x20/0xc0 [ 34.202355] ? __pfx_kthread+0x10/0x10 [ 34.202383] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.202415] ? calculate_sigpending+0x7b/0xa0 [ 34.202447] ? __pfx_kthread+0x10/0x10 [ 34.202476] ret_from_fork+0x116/0x1d0 [ 34.202503] ? __pfx_kthread+0x10/0x10 [ 34.202531] ret_from_fork_asm+0x1a/0x30 [ 34.202592] </TASK> [ 34.202609] [ 34.214665] Allocated by task 295: [ 34.215009] kasan_save_stack+0x45/0x70 [ 34.215462] kasan_save_track+0x18/0x40 [ 34.215967] kasan_save_alloc_info+0x3b/0x50 [ 34.216415] __kasan_kmalloc+0xb7/0xc0 [ 34.216823] __kmalloc_cache_noprof+0x189/0x420 [ 34.217341] kasan_atomics+0x95/0x310 [ 34.217760] kunit_try_run_case+0x1a5/0x480 [ 34.218176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.218491] kthread+0x337/0x6f0 [ 34.218735] ret_from_fork+0x116/0x1d0 [ 34.218977] ret_from_fork_asm+0x1a/0x30 [ 34.219297] [ 34.219524] The buggy address belongs to the object at ffff888102daa080 [ 34.219524] which belongs to the cache kmalloc-64 of size 64 [ 34.220659] The buggy address is located 0 bytes to the right of [ 34.220659] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.221793] [ 34.222017] The buggy address belongs to the physical page: [ 34.222517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.223145] flags: 0x200000000000000(node=0|zone=2) [ 34.223433] page_type: f5(slab) [ 34.223670] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.224224] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.224980] page dumped because: kasan: bad access detected [ 34.225510] [ 34.225772] Memory state around the buggy address: [ 34.226238] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.226862] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.227221] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.227696] ^ [ 34.228182] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.228884] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.229486] ================================================================== [ 33.664364] ================================================================== [ 33.665035] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 33.666071] Read of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.667124] [ 33.667387] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.667511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.667559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.667615] Call Trace: [ 33.667689] <TASK> [ 33.667733] dump_stack_lvl+0x73/0xb0 [ 33.667834] print_report+0xd1/0x650 [ 33.667919] ? __virt_addr_valid+0x1db/0x2d0 [ 33.667983] ? kasan_atomics_helper+0x49e8/0x5450 [ 33.668039] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.668106] ? kasan_atomics_helper+0x49e8/0x5450 [ 33.668178] kasan_report+0x141/0x180 [ 33.668262] ? kasan_atomics_helper+0x49e8/0x5450 [ 33.668327] __asan_report_load4_noabort+0x18/0x20 [ 33.668393] kasan_atomics_helper+0x49e8/0x5450 [ 33.668455] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.668519] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.668615] ? kasan_atomics+0x152/0x310 [ 33.668726] kasan_atomics+0x1dc/0x310 [ 33.668796] ? __pfx_kasan_atomics+0x10/0x10 [ 33.668867] ? __pfx_read_tsc+0x10/0x10 [ 33.668922] ? ktime_get_ts64+0x86/0x230 [ 33.668971] kunit_try_run_case+0x1a5/0x480 [ 33.669009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.669043] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.669078] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.669111] ? __kthread_parkme+0x82/0x180 [ 33.669140] ? preempt_count_sub+0x50/0x80 [ 33.669174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.669206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.669240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.669273] kthread+0x337/0x6f0 [ 33.669300] ? trace_preempt_on+0x20/0xc0 [ 33.669333] ? __pfx_kthread+0x10/0x10 [ 33.669363] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.669394] ? calculate_sigpending+0x7b/0xa0 [ 33.669427] ? __pfx_kthread+0x10/0x10 [ 33.669457] ret_from_fork+0x116/0x1d0 [ 33.669484] ? __pfx_kthread+0x10/0x10 [ 33.669512] ret_from_fork_asm+0x1a/0x30 [ 33.669576] </TASK> [ 33.669592] [ 33.685402] Allocated by task 295: [ 33.686059] kasan_save_stack+0x45/0x70 [ 33.686400] kasan_save_track+0x18/0x40 [ 33.686723] kasan_save_alloc_info+0x3b/0x50 [ 33.687144] __kasan_kmalloc+0xb7/0xc0 [ 33.687870] __kmalloc_cache_noprof+0x189/0x420 [ 33.688182] kasan_atomics+0x95/0x310 [ 33.688479] kunit_try_run_case+0x1a5/0x480 [ 33.688975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.689360] kthread+0x337/0x6f0 [ 33.689653] ret_from_fork+0x116/0x1d0 [ 33.689995] ret_from_fork_asm+0x1a/0x30 [ 33.690393] [ 33.690552] The buggy address belongs to the object at ffff888102daa080 [ 33.690552] which belongs to the cache kmalloc-64 of size 64 [ 33.691447] The buggy address is located 0 bytes to the right of [ 33.691447] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.692325] [ 33.692556] The buggy address belongs to the physical page: [ 33.692937] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.693431] flags: 0x200000000000000(node=0|zone=2) [ 33.693954] page_type: f5(slab) [ 33.694298] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.694831] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.695292] page dumped because: kasan: bad access detected [ 33.695831] [ 33.696038] Memory state around the buggy address: [ 33.696449] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.697077] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.697594] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.698096] ^ [ 33.698432] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.700099] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.700775] ================================================================== [ 34.340578] ================================================================== [ 34.341247] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 34.341833] Read of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.342360] [ 34.342626] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.342735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.342769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.342861] Call Trace: [ 34.342925] <TASK> [ 34.342972] dump_stack_lvl+0x73/0xb0 [ 34.343049] print_report+0xd1/0x650 [ 34.343108] ? __virt_addr_valid+0x1db/0x2d0 [ 34.343224] ? kasan_atomics_helper+0x4f30/0x5450 [ 34.343314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.343386] ? kasan_atomics_helper+0x4f30/0x5450 [ 34.343450] kasan_report+0x141/0x180 [ 34.343573] ? kasan_atomics_helper+0x4f30/0x5450 [ 34.343654] __asan_report_load8_noabort+0x18/0x20 [ 34.343724] kasan_atomics_helper+0x4f30/0x5450 [ 34.343783] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.343847] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.343904] ? kasan_atomics+0x152/0x310 [ 34.343972] kasan_atomics+0x1dc/0x310 [ 34.344077] ? __pfx_kasan_atomics+0x10/0x10 [ 34.344167] ? __pfx_read_tsc+0x10/0x10 [ 34.344322] ? ktime_get_ts64+0x86/0x230 [ 34.344465] kunit_try_run_case+0x1a5/0x480 [ 34.344584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.344701] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.344782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.344854] ? __kthread_parkme+0x82/0x180 [ 34.344918] ? preempt_count_sub+0x50/0x80 [ 34.344987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.345053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.345159] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.345256] kthread+0x337/0x6f0 [ 34.345315] ? trace_preempt_on+0x20/0xc0 [ 34.345380] ? __pfx_kthread+0x10/0x10 [ 34.345478] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.345581] ? calculate_sigpending+0x7b/0xa0 [ 34.345656] ? __pfx_kthread+0x10/0x10 [ 34.345704] ret_from_fork+0x116/0x1d0 [ 34.345736] ? __pfx_kthread+0x10/0x10 [ 34.345768] ret_from_fork_asm+0x1a/0x30 [ 34.345811] </TASK> [ 34.345827] [ 34.359198] Allocated by task 295: [ 34.359593] kasan_save_stack+0x45/0x70 [ 34.360080] kasan_save_track+0x18/0x40 [ 34.360529] kasan_save_alloc_info+0x3b/0x50 [ 34.361050] __kasan_kmalloc+0xb7/0xc0 [ 34.361363] __kmalloc_cache_noprof+0x189/0x420 [ 34.361783] kasan_atomics+0x95/0x310 [ 34.362176] kunit_try_run_case+0x1a5/0x480 [ 34.362748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.363344] kthread+0x337/0x6f0 [ 34.363772] ret_from_fork+0x116/0x1d0 [ 34.364089] ret_from_fork_asm+0x1a/0x30 [ 34.364630] [ 34.364847] The buggy address belongs to the object at ffff888102daa080 [ 34.364847] which belongs to the cache kmalloc-64 of size 64 [ 34.365767] The buggy address is located 0 bytes to the right of [ 34.365767] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.366759] [ 34.366979] The buggy address belongs to the physical page: [ 34.367511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.368120] flags: 0x200000000000000(node=0|zone=2) [ 34.368571] page_type: f5(slab) [ 34.368995] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.369401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.369969] page dumped because: kasan: bad access detected [ 34.370523] [ 34.370862] Memory state around the buggy address: [ 34.371223] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.371864] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.372226] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.372870] ^ [ 34.373480] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.374217] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.374884] ================================================================== [ 32.629641] ================================================================== [ 32.630178] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 32.630704] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.631239] [ 32.631601] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.631761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.631798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.631901] Call Trace: [ 32.631937] <TASK> [ 32.631998] dump_stack_lvl+0x73/0xb0 [ 32.632134] print_report+0xd1/0x650 [ 32.632200] ? __virt_addr_valid+0x1db/0x2d0 [ 32.632271] ? kasan_atomics_helper+0x4b6e/0x5450 [ 32.632332] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.632384] ? kasan_atomics_helper+0x4b6e/0x5450 [ 32.632416] kasan_report+0x141/0x180 [ 32.632449] ? kasan_atomics_helper+0x4b6e/0x5450 [ 32.632485] __asan_report_store4_noabort+0x1b/0x30 [ 32.632520] kasan_atomics_helper+0x4b6e/0x5450 [ 32.632572] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.632604] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.632667] ? kasan_atomics+0x152/0x310 [ 32.632705] kasan_atomics+0x1dc/0x310 [ 32.632737] ? __pfx_kasan_atomics+0x10/0x10 [ 32.632770] ? __pfx_read_tsc+0x10/0x10 [ 32.632803] ? ktime_get_ts64+0x86/0x230 [ 32.632837] kunit_try_run_case+0x1a5/0x480 [ 32.632871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.632903] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.632939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.632973] ? __kthread_parkme+0x82/0x180 [ 32.633003] ? preempt_count_sub+0x50/0x80 [ 32.633035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.633068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.633101] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.633134] kthread+0x337/0x6f0 [ 32.633161] ? trace_preempt_on+0x20/0xc0 [ 32.633192] ? __pfx_kthread+0x10/0x10 [ 32.633220] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.633252] ? calculate_sigpending+0x7b/0xa0 [ 32.633284] ? __pfx_kthread+0x10/0x10 [ 32.633313] ret_from_fork+0x116/0x1d0 [ 32.633340] ? __pfx_kthread+0x10/0x10 [ 32.633368] ret_from_fork_asm+0x1a/0x30 [ 32.633410] </TASK> [ 32.633426] [ 32.647917] Allocated by task 295: [ 32.648369] kasan_save_stack+0x45/0x70 [ 32.648915] kasan_save_track+0x18/0x40 [ 32.649614] kasan_save_alloc_info+0x3b/0x50 [ 32.650078] __kasan_kmalloc+0xb7/0xc0 [ 32.650445] __kmalloc_cache_noprof+0x189/0x420 [ 32.650984] kasan_atomics+0x95/0x310 [ 32.651263] kunit_try_run_case+0x1a5/0x480 [ 32.651806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.652257] kthread+0x337/0x6f0 [ 32.652733] ret_from_fork+0x116/0x1d0 [ 32.653320] ret_from_fork_asm+0x1a/0x30 [ 32.653699] [ 32.653863] The buggy address belongs to the object at ffff888102daa080 [ 32.653863] which belongs to the cache kmalloc-64 of size 64 [ 32.654774] The buggy address is located 0 bytes to the right of [ 32.654774] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.655604] [ 32.655850] The buggy address belongs to the physical page: [ 32.656273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.657171] flags: 0x200000000000000(node=0|zone=2) [ 32.657658] page_type: f5(slab) [ 32.658210] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.659064] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.659571] page dumped because: kasan: bad access detected [ 32.659995] [ 32.660162] Memory state around the buggy address: [ 32.660552] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.660965] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.661602] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.662058] ^ [ 32.662395] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.662931] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.663424] ================================================================== [ 32.664780] ================================================================== [ 32.665180] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 32.665557] Read of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.666115] [ 32.666344] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.666464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.666500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.666608] Call Trace: [ 32.666681] <TASK> [ 32.666728] dump_stack_lvl+0x73/0xb0 [ 32.666807] print_report+0xd1/0x650 [ 32.666864] ? __virt_addr_valid+0x1db/0x2d0 [ 32.666929] ? kasan_atomics_helper+0x3df/0x5450 [ 32.666989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.667062] ? kasan_atomics_helper+0x3df/0x5450 [ 32.667126] kasan_report+0x141/0x180 [ 32.667188] ? kasan_atomics_helper+0x3df/0x5450 [ 32.667250] kasan_check_range+0x10c/0x1c0 [ 32.667307] __kasan_check_read+0x15/0x20 [ 32.667360] kasan_atomics_helper+0x3df/0x5450 [ 32.667413] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.667473] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.667559] ? kasan_atomics+0x152/0x310 [ 32.667668] kasan_atomics+0x1dc/0x310 [ 32.667740] ? __pfx_kasan_atomics+0x10/0x10 [ 32.667810] ? __pfx_read_tsc+0x10/0x10 [ 32.667888] ? ktime_get_ts64+0x86/0x230 [ 32.667946] kunit_try_run_case+0x1a5/0x480 [ 32.668014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.668117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.668179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.668232] ? __kthread_parkme+0x82/0x180 [ 32.668276] ? preempt_count_sub+0x50/0x80 [ 32.668326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.668374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.668427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.668479] kthread+0x337/0x6f0 [ 32.668522] ? trace_preempt_on+0x20/0xc0 [ 32.668596] ? __pfx_kthread+0x10/0x10 [ 32.668679] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.668739] ? calculate_sigpending+0x7b/0xa0 [ 32.668800] ? __pfx_kthread+0x10/0x10 [ 32.668854] ret_from_fork+0x116/0x1d0 [ 32.668911] ? __pfx_kthread+0x10/0x10 [ 32.668970] ret_from_fork_asm+0x1a/0x30 [ 32.669074] </TASK> [ 32.669108] [ 32.681511] Allocated by task 295: [ 32.681798] kasan_save_stack+0x45/0x70 [ 32.682076] kasan_save_track+0x18/0x40 [ 32.682308] kasan_save_alloc_info+0x3b/0x50 [ 32.682791] __kasan_kmalloc+0xb7/0xc0 [ 32.683195] __kmalloc_cache_noprof+0x189/0x420 [ 32.683700] kasan_atomics+0x95/0x310 [ 32.684098] kunit_try_run_case+0x1a5/0x480 [ 32.684565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.685109] kthread+0x337/0x6f0 [ 32.685346] ret_from_fork+0x116/0x1d0 [ 32.685661] ret_from_fork_asm+0x1a/0x30 [ 32.686064] [ 32.686267] The buggy address belongs to the object at ffff888102daa080 [ 32.686267] which belongs to the cache kmalloc-64 of size 64 [ 32.687300] The buggy address is located 0 bytes to the right of [ 32.687300] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.688226] [ 32.688378] The buggy address belongs to the physical page: [ 32.688811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.689484] flags: 0x200000000000000(node=0|zone=2) [ 32.689898] page_type: f5(slab) [ 32.690129] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.690493] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.691195] page dumped because: kasan: bad access detected [ 32.691774] [ 32.692021] Memory state around the buggy address: [ 32.693901] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.694575] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.695048] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.695399] ^ [ 32.696047] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.696869] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.697429] ================================================================== [ 34.553008] ================================================================== [ 34.553865] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 34.554387] Read of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.555062] [ 34.555325] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.555438] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.555471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.555522] Call Trace: [ 34.555579] <TASK> [ 34.555624] dump_stack_lvl+0x73/0xb0 [ 34.555701] print_report+0xd1/0x650 [ 34.555764] ? __virt_addr_valid+0x1db/0x2d0 [ 34.555837] ? kasan_atomics_helper+0x4f71/0x5450 [ 34.555896] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.555968] ? kasan_atomics_helper+0x4f71/0x5450 [ 34.556032] kasan_report+0x141/0x180 [ 34.556098] ? kasan_atomics_helper+0x4f71/0x5450 [ 34.556173] __asan_report_load8_noabort+0x18/0x20 [ 34.556246] kasan_atomics_helper+0x4f71/0x5450 [ 34.556312] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.556370] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.556429] ? kasan_atomics+0x152/0x310 [ 34.556499] kasan_atomics+0x1dc/0x310 [ 34.556582] ? __pfx_kasan_atomics+0x10/0x10 [ 34.556629] ? __pfx_read_tsc+0x10/0x10 [ 34.556690] ? ktime_get_ts64+0x86/0x230 [ 34.556726] kunit_try_run_case+0x1a5/0x480 [ 34.556766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.556798] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.556832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.556867] ? __kthread_parkme+0x82/0x180 [ 34.556897] ? preempt_count_sub+0x50/0x80 [ 34.556929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.556962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.556995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.557028] kthread+0x337/0x6f0 [ 34.557056] ? trace_preempt_on+0x20/0xc0 [ 34.557088] ? __pfx_kthread+0x10/0x10 [ 34.557118] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.557149] ? calculate_sigpending+0x7b/0xa0 [ 34.557182] ? __pfx_kthread+0x10/0x10 [ 34.557211] ret_from_fork+0x116/0x1d0 [ 34.557237] ? __pfx_kthread+0x10/0x10 [ 34.557266] ret_from_fork_asm+0x1a/0x30 [ 34.557306] </TASK> [ 34.557322] [ 34.568987] Allocated by task 295: [ 34.569365] kasan_save_stack+0x45/0x70 [ 34.569836] kasan_save_track+0x18/0x40 [ 34.570246] kasan_save_alloc_info+0x3b/0x50 [ 34.570569] __kasan_kmalloc+0xb7/0xc0 [ 34.570962] __kmalloc_cache_noprof+0x189/0x420 [ 34.571326] kasan_atomics+0x95/0x310 [ 34.571757] kunit_try_run_case+0x1a5/0x480 [ 34.572191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.572574] kthread+0x337/0x6f0 [ 34.572877] ret_from_fork+0x116/0x1d0 [ 34.573259] ret_from_fork_asm+0x1a/0x30 [ 34.573520] [ 34.573675] The buggy address belongs to the object at ffff888102daa080 [ 34.573675] which belongs to the cache kmalloc-64 of size 64 [ 34.574598] The buggy address is located 0 bytes to the right of [ 34.574598] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.575623] [ 34.575843] The buggy address belongs to the physical page: [ 34.576241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.576794] flags: 0x200000000000000(node=0|zone=2) [ 34.577208] page_type: f5(slab) [ 34.577434] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.578233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.578909] page dumped because: kasan: bad access detected [ 34.579263] [ 34.579400] Memory state around the buggy address: [ 34.579676] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.580036] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.580620] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.581231] ^ [ 34.581719] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.582330] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.582875] ================================================================== [ 34.730888] ================================================================== [ 34.731396] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 34.731812] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.732421] [ 34.732829] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.732952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.732988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.733043] Call Trace: [ 34.733089] <TASK> [ 34.733136] dump_stack_lvl+0x73/0xb0 [ 34.733214] print_report+0xd1/0x650 [ 34.733279] ? __virt_addr_valid+0x1db/0x2d0 [ 34.733333] ? kasan_atomics_helper+0x218a/0x5450 [ 34.733380] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.733436] ? kasan_atomics_helper+0x218a/0x5450 [ 34.733486] kasan_report+0x141/0x180 [ 34.733562] ? kasan_atomics_helper+0x218a/0x5450 [ 34.733717] kasan_check_range+0x10c/0x1c0 [ 34.733834] __kasan_check_write+0x18/0x20 [ 34.733937] kasan_atomics_helper+0x218a/0x5450 [ 34.734008] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.734068] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.734130] ? kasan_atomics+0x152/0x310 [ 34.734243] kasan_atomics+0x1dc/0x310 [ 34.734315] ? __pfx_kasan_atomics+0x10/0x10 [ 34.734382] ? __pfx_read_tsc+0x10/0x10 [ 34.734494] ? ktime_get_ts64+0x86/0x230 [ 34.734578] kunit_try_run_case+0x1a5/0x480 [ 34.734691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.734760] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.734835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.734909] ? __kthread_parkme+0x82/0x180 [ 34.734968] ? preempt_count_sub+0x50/0x80 [ 34.735021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.735058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.735094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.735129] kthread+0x337/0x6f0 [ 34.735158] ? trace_preempt_on+0x20/0xc0 [ 34.735192] ? __pfx_kthread+0x10/0x10 [ 34.735221] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.735254] ? calculate_sigpending+0x7b/0xa0 [ 34.735288] ? __pfx_kthread+0x10/0x10 [ 34.735318] ret_from_fork+0x116/0x1d0 [ 34.735345] ? __pfx_kthread+0x10/0x10 [ 34.735373] ret_from_fork_asm+0x1a/0x30 [ 34.735415] </TASK> [ 34.735430] [ 34.751098] Allocated by task 295: [ 34.751499] kasan_save_stack+0x45/0x70 [ 34.751990] kasan_save_track+0x18/0x40 [ 34.752434] kasan_save_alloc_info+0x3b/0x50 [ 34.752869] __kasan_kmalloc+0xb7/0xc0 [ 34.753333] __kmalloc_cache_noprof+0x189/0x420 [ 34.753815] kasan_atomics+0x95/0x310 [ 34.754218] kunit_try_run_case+0x1a5/0x480 [ 34.754727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.755204] kthread+0x337/0x6f0 [ 34.755667] ret_from_fork+0x116/0x1d0 [ 34.756008] ret_from_fork_asm+0x1a/0x30 [ 34.756276] [ 34.756406] The buggy address belongs to the object at ffff888102daa080 [ 34.756406] which belongs to the cache kmalloc-64 of size 64 [ 34.757697] The buggy address is located 0 bytes to the right of [ 34.757697] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.758602] [ 34.758905] The buggy address belongs to the physical page: [ 34.759397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.759860] flags: 0x200000000000000(node=0|zone=2) [ 34.760435] page_type: f5(slab) [ 34.760918] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.761693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.762312] page dumped because: kasan: bad access detected [ 34.762695] [ 34.762951] Memory state around the buggy address: [ 34.763443] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.764029] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.764517] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.765105] ^ [ 34.765659] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.766242] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.766842] ================================================================== [ 34.768320] ================================================================== [ 34.769115] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 34.769807] Read of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.770330] [ 34.770678] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.770850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.770887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.770960] Call Trace: [ 34.771034] <TASK> [ 34.771100] dump_stack_lvl+0x73/0xb0 [ 34.771183] print_report+0xd1/0x650 [ 34.771247] ? __virt_addr_valid+0x1db/0x2d0 [ 34.771310] ? kasan_atomics_helper+0x4fa5/0x5450 [ 34.771394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.771499] ? kasan_atomics_helper+0x4fa5/0x5450 [ 34.771582] kasan_report+0x141/0x180 [ 34.771663] ? kasan_atomics_helper+0x4fa5/0x5450 [ 34.771704] __asan_report_load8_noabort+0x18/0x20 [ 34.771740] kasan_atomics_helper+0x4fa5/0x5450 [ 34.771772] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.771804] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.771853] ? kasan_atomics+0x152/0x310 [ 34.771890] kasan_atomics+0x1dc/0x310 [ 34.771922] ? __pfx_kasan_atomics+0x10/0x10 [ 34.771955] ? __pfx_read_tsc+0x10/0x10 [ 34.771987] ? ktime_get_ts64+0x86/0x230 [ 34.772020] kunit_try_run_case+0x1a5/0x480 [ 34.772054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.772085] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.772120] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.772154] ? __kthread_parkme+0x82/0x180 [ 34.772183] ? preempt_count_sub+0x50/0x80 [ 34.772215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.772248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.772281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.772313] kthread+0x337/0x6f0 [ 34.772341] ? trace_preempt_on+0x20/0xc0 [ 34.772373] ? __pfx_kthread+0x10/0x10 [ 34.772402] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.772433] ? calculate_sigpending+0x7b/0xa0 [ 34.772466] ? __pfx_kthread+0x10/0x10 [ 34.772496] ret_from_fork+0x116/0x1d0 [ 34.772522] ? __pfx_kthread+0x10/0x10 [ 34.772571] ret_from_fork_asm+0x1a/0x30 [ 34.772613] </TASK> [ 34.772647] [ 34.786511] Allocated by task 295: [ 34.787007] kasan_save_stack+0x45/0x70 [ 34.787339] kasan_save_track+0x18/0x40 [ 34.787610] kasan_save_alloc_info+0x3b/0x50 [ 34.788119] __kasan_kmalloc+0xb7/0xc0 [ 34.788526] __kmalloc_cache_noprof+0x189/0x420 [ 34.789041] kasan_atomics+0x95/0x310 [ 34.789294] kunit_try_run_case+0x1a5/0x480 [ 34.789702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.790238] kthread+0x337/0x6f0 [ 34.790654] ret_from_fork+0x116/0x1d0 [ 34.791076] ret_from_fork_asm+0x1a/0x30 [ 34.791436] [ 34.791717] The buggy address belongs to the object at ffff888102daa080 [ 34.791717] which belongs to the cache kmalloc-64 of size 64 [ 34.792316] The buggy address is located 0 bytes to the right of [ 34.792316] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.793457] [ 34.793684] The buggy address belongs to the physical page: [ 34.794175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.794757] flags: 0x200000000000000(node=0|zone=2) [ 34.795058] page_type: f5(slab) [ 34.795282] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.796033] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.796617] page dumped because: kasan: bad access detected [ 34.797010] [ 34.797228] Memory state around the buggy address: [ 34.797727] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.798310] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.798777] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.799406] ^ [ 34.799838] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.800376] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.800807] ================================================================== [ 33.313828] ================================================================== [ 33.314597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 33.315231] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.315876] [ 33.316165] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.316324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.316361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.316451] Call Trace: [ 33.316512] <TASK> [ 33.316570] dump_stack_lvl+0x73/0xb0 [ 33.316714] print_report+0xd1/0x650 [ 33.316785] ? __virt_addr_valid+0x1db/0x2d0 [ 33.316867] ? kasan_atomics_helper+0xde0/0x5450 [ 33.316949] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.317025] ? kasan_atomics_helper+0xde0/0x5450 [ 33.317090] kasan_report+0x141/0x180 [ 33.317146] ? kasan_atomics_helper+0xde0/0x5450 [ 33.317190] kasan_check_range+0x10c/0x1c0 [ 33.317225] __kasan_check_write+0x18/0x20 [ 33.317258] kasan_atomics_helper+0xde0/0x5450 [ 33.317292] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.317322] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.317357] ? kasan_atomics+0x152/0x310 [ 33.317391] kasan_atomics+0x1dc/0x310 [ 33.317423] ? __pfx_kasan_atomics+0x10/0x10 [ 33.317456] ? __pfx_read_tsc+0x10/0x10 [ 33.317488] ? ktime_get_ts64+0x86/0x230 [ 33.317521] kunit_try_run_case+0x1a5/0x480 [ 33.317579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.317611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.317674] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.317709] ? __kthread_parkme+0x82/0x180 [ 33.317739] ? preempt_count_sub+0x50/0x80 [ 33.317772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.317806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.317838] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.317872] kthread+0x337/0x6f0 [ 33.317900] ? trace_preempt_on+0x20/0xc0 [ 33.317934] ? __pfx_kthread+0x10/0x10 [ 33.317963] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.317995] ? calculate_sigpending+0x7b/0xa0 [ 33.318028] ? __pfx_kthread+0x10/0x10 [ 33.318058] ret_from_fork+0x116/0x1d0 [ 33.318086] ? __pfx_kthread+0x10/0x10 [ 33.318115] ret_from_fork_asm+0x1a/0x30 [ 33.318156] </TASK> [ 33.318172] [ 33.332754] Allocated by task 295: [ 33.333081] kasan_save_stack+0x45/0x70 [ 33.333512] kasan_save_track+0x18/0x40 [ 33.333976] kasan_save_alloc_info+0x3b/0x50 [ 33.334298] __kasan_kmalloc+0xb7/0xc0 [ 33.334575] __kmalloc_cache_noprof+0x189/0x420 [ 33.334895] kasan_atomics+0x95/0x310 [ 33.335313] kunit_try_run_case+0x1a5/0x480 [ 33.335802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.336338] kthread+0x337/0x6f0 [ 33.336784] ret_from_fork+0x116/0x1d0 [ 33.337107] ret_from_fork_asm+0x1a/0x30 [ 33.337459] [ 33.337717] The buggy address belongs to the object at ffff888102daa080 [ 33.337717] which belongs to the cache kmalloc-64 of size 64 [ 33.338343] The buggy address is located 0 bytes to the right of [ 33.338343] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.339480] [ 33.339729] The buggy address belongs to the physical page: [ 33.340029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.340777] flags: 0x200000000000000(node=0|zone=2) [ 33.341266] page_type: f5(slab) [ 33.341590] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.342083] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.342817] page dumped because: kasan: bad access detected [ 33.343349] [ 33.343573] Memory state around the buggy address: [ 33.343869] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.344286] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.344986] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.345656] ^ [ 33.346021] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.346410] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.347098] ================================================================== [ 33.382916] ================================================================== [ 33.383881] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 33.384693] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.385450] [ 33.385755] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.385874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.385909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.385964] Call Trace: [ 33.386007] <TASK> [ 33.386053] dump_stack_lvl+0x73/0xb0 [ 33.386171] print_report+0xd1/0x650 [ 33.386234] ? __virt_addr_valid+0x1db/0x2d0 [ 33.386302] ? kasan_atomics_helper+0xf10/0x5450 [ 33.386363] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.386458] ? kasan_atomics_helper+0xf10/0x5450 [ 33.386522] kasan_report+0x141/0x180 [ 33.386597] ? kasan_atomics_helper+0xf10/0x5450 [ 33.386703] kasan_check_range+0x10c/0x1c0 [ 33.386770] __kasan_check_write+0x18/0x20 [ 33.386867] kasan_atomics_helper+0xf10/0x5450 [ 33.386931] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.386991] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.387052] ? kasan_atomics+0x152/0x310 [ 33.387109] kasan_atomics+0x1dc/0x310 [ 33.387167] ? __pfx_kasan_atomics+0x10/0x10 [ 33.387256] ? __pfx_read_tsc+0x10/0x10 [ 33.387339] ? ktime_get_ts64+0x86/0x230 [ 33.387412] kunit_try_run_case+0x1a5/0x480 [ 33.387502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.387595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.387722] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.387812] ? __kthread_parkme+0x82/0x180 [ 33.387882] ? preempt_count_sub+0x50/0x80 [ 33.387946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.388011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.388079] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.388149] kthread+0x337/0x6f0 [ 33.388210] ? trace_preempt_on+0x20/0xc0 [ 33.388278] ? __pfx_kthread+0x10/0x10 [ 33.388342] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.388409] ? calculate_sigpending+0x7b/0xa0 [ 33.388479] ? __pfx_kthread+0x10/0x10 [ 33.388557] ret_from_fork+0x116/0x1d0 [ 33.388618] ? __pfx_kthread+0x10/0x10 [ 33.388700] ret_from_fork_asm+0x1a/0x30 [ 33.388746] </TASK> [ 33.388763] [ 33.401042] Allocated by task 295: [ 33.401338] kasan_save_stack+0x45/0x70 [ 33.401747] kasan_save_track+0x18/0x40 [ 33.402164] kasan_save_alloc_info+0x3b/0x50 [ 33.402607] __kasan_kmalloc+0xb7/0xc0 [ 33.403039] __kmalloc_cache_noprof+0x189/0x420 [ 33.403495] kasan_atomics+0x95/0x310 [ 33.403966] kunit_try_run_case+0x1a5/0x480 [ 33.404458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.404963] kthread+0x337/0x6f0 [ 33.405339] ret_from_fork+0x116/0x1d0 [ 33.405695] ret_from_fork_asm+0x1a/0x30 [ 33.406144] [ 33.406367] The buggy address belongs to the object at ffff888102daa080 [ 33.406367] which belongs to the cache kmalloc-64 of size 64 [ 33.407194] The buggy address is located 0 bytes to the right of [ 33.407194] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.408087] [ 33.408273] The buggy address belongs to the physical page: [ 33.408692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.409369] flags: 0x200000000000000(node=0|zone=2) [ 33.409895] page_type: f5(slab) [ 33.410261] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.410889] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.411313] page dumped because: kasan: bad access detected [ 33.411715] [ 33.411954] Memory state around the buggy address: [ 33.412410] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.413122] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.413741] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.414121] ^ [ 33.414435] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.415142] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.415906] ================================================================== [ 34.128437] ================================================================== [ 34.129235] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 34.130016] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.130776] [ 34.131093] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.131234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.131268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.131315] Call Trace: [ 34.131356] <TASK> [ 34.131399] dump_stack_lvl+0x73/0xb0 [ 34.131483] print_report+0xd1/0x650 [ 34.131565] ? __virt_addr_valid+0x1db/0x2d0 [ 34.131632] ? kasan_atomics_helper+0x18b1/0x5450 [ 34.131730] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.131806] ? kasan_atomics_helper+0x18b1/0x5450 [ 34.131872] kasan_report+0x141/0x180 [ 34.131909] ? kasan_atomics_helper+0x18b1/0x5450 [ 34.131946] kasan_check_range+0x10c/0x1c0 [ 34.131978] __kasan_check_write+0x18/0x20 [ 34.132011] kasan_atomics_helper+0x18b1/0x5450 [ 34.132041] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.132073] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.132106] ? kasan_atomics+0x152/0x310 [ 34.132140] kasan_atomics+0x1dc/0x310 [ 34.132171] ? __pfx_kasan_atomics+0x10/0x10 [ 34.132206] ? __pfx_read_tsc+0x10/0x10 [ 34.132236] ? ktime_get_ts64+0x86/0x230 [ 34.132269] kunit_try_run_case+0x1a5/0x480 [ 34.132303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.132335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.132372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.132405] ? __kthread_parkme+0x82/0x180 [ 34.132434] ? preempt_count_sub+0x50/0x80 [ 34.132465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.132498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.132531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.132590] kthread+0x337/0x6f0 [ 34.132618] ? trace_preempt_on+0x20/0xc0 [ 34.132678] ? __pfx_kthread+0x10/0x10 [ 34.132709] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.132741] ? calculate_sigpending+0x7b/0xa0 [ 34.132775] ? __pfx_kthread+0x10/0x10 [ 34.132804] ret_from_fork+0x116/0x1d0 [ 34.132831] ? __pfx_kthread+0x10/0x10 [ 34.132860] ret_from_fork_asm+0x1a/0x30 [ 34.132902] </TASK> [ 34.132917] [ 34.145712] Allocated by task 295: [ 34.146092] kasan_save_stack+0x45/0x70 [ 34.146464] kasan_save_track+0x18/0x40 [ 34.146950] kasan_save_alloc_info+0x3b/0x50 [ 34.147332] __kasan_kmalloc+0xb7/0xc0 [ 34.147602] __kmalloc_cache_noprof+0x189/0x420 [ 34.147972] kasan_atomics+0x95/0x310 [ 34.148385] kunit_try_run_case+0x1a5/0x480 [ 34.148907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.149431] kthread+0x337/0x6f0 [ 34.149865] ret_from_fork+0x116/0x1d0 [ 34.150252] ret_from_fork_asm+0x1a/0x30 [ 34.150746] [ 34.150958] The buggy address belongs to the object at ffff888102daa080 [ 34.150958] which belongs to the cache kmalloc-64 of size 64 [ 34.151562] The buggy address is located 0 bytes to the right of [ 34.151562] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.152603] [ 34.152868] The buggy address belongs to the physical page: [ 34.153405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.154169] flags: 0x200000000000000(node=0|zone=2) [ 34.154755] page_type: f5(slab) [ 34.155113] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.155736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.156122] page dumped because: kasan: bad access detected [ 34.156397] [ 34.156525] Memory state around the buggy address: [ 34.157056] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.157799] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.158460] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.159155] ^ [ 34.159469] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.160173] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.160757] ================================================================== [ 32.734393] ================================================================== [ 32.735651] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 32.736198] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.737530] [ 32.737828] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.738030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.738072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.738144] Call Trace: [ 32.738192] <TASK> [ 32.738238] dump_stack_lvl+0x73/0xb0 [ 32.738313] print_report+0xd1/0x650 [ 32.738375] ? __virt_addr_valid+0x1db/0x2d0 [ 32.738487] ? kasan_atomics_helper+0x4a0/0x5450 [ 32.738588] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.738653] ? kasan_atomics_helper+0x4a0/0x5450 [ 32.738710] kasan_report+0x141/0x180 [ 32.738808] ? kasan_atomics_helper+0x4a0/0x5450 [ 32.738901] kasan_check_range+0x10c/0x1c0 [ 32.738971] __kasan_check_write+0x18/0x20 [ 32.739035] kasan_atomics_helper+0x4a0/0x5450 [ 32.739137] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.739223] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.739288] ? kasan_atomics+0x152/0x310 [ 32.739342] kasan_atomics+0x1dc/0x310 [ 32.739376] ? __pfx_kasan_atomics+0x10/0x10 [ 32.739410] ? __pfx_read_tsc+0x10/0x10 [ 32.739443] ? ktime_get_ts64+0x86/0x230 [ 32.739476] kunit_try_run_case+0x1a5/0x480 [ 32.739511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.739563] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.739601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.739664] ? __kthread_parkme+0x82/0x180 [ 32.739698] ? preempt_count_sub+0x50/0x80 [ 32.739733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.739767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.739800] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.739844] kthread+0x337/0x6f0 [ 32.739873] ? trace_preempt_on+0x20/0xc0 [ 32.739906] ? __pfx_kthread+0x10/0x10 [ 32.739935] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.739967] ? calculate_sigpending+0x7b/0xa0 [ 32.740000] ? __pfx_kthread+0x10/0x10 [ 32.740030] ret_from_fork+0x116/0x1d0 [ 32.740057] ? __pfx_kthread+0x10/0x10 [ 32.740086] ret_from_fork_asm+0x1a/0x30 [ 32.740128] </TASK> [ 32.740144] [ 32.754427] Allocated by task 295: [ 32.754688] kasan_save_stack+0x45/0x70 [ 32.755192] kasan_save_track+0x18/0x40 [ 32.755774] kasan_save_alloc_info+0x3b/0x50 [ 32.756250] __kasan_kmalloc+0xb7/0xc0 [ 32.756711] __kmalloc_cache_noprof+0x189/0x420 [ 32.757224] kasan_atomics+0x95/0x310 [ 32.757473] kunit_try_run_case+0x1a5/0x480 [ 32.757985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.758622] kthread+0x337/0x6f0 [ 32.759024] ret_from_fork+0x116/0x1d0 [ 32.759279] ret_from_fork_asm+0x1a/0x30 [ 32.759525] [ 32.759697] The buggy address belongs to the object at ffff888102daa080 [ 32.759697] which belongs to the cache kmalloc-64 of size 64 [ 32.760944] The buggy address is located 0 bytes to the right of [ 32.760944] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.762409] [ 32.762577] The buggy address belongs to the physical page: [ 32.763208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.764094] flags: 0x200000000000000(node=0|zone=2) [ 32.764385] page_type: f5(slab) [ 32.764622] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.765350] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.766015] page dumped because: kasan: bad access detected [ 32.766307] [ 32.766433] Memory state around the buggy address: [ 32.766956] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.767749] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.768238] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.768626] ^ [ 32.769202] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.769893] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.770479] ================================================================== [ 33.488635] ================================================================== [ 33.489697] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 33.490220] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.490903] [ 33.491438] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.491577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.491615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.491667] Call Trace: [ 33.491714] <TASK> [ 33.491758] dump_stack_lvl+0x73/0xb0 [ 33.491855] print_report+0xd1/0x650 [ 33.491919] ? __virt_addr_valid+0x1db/0x2d0 [ 33.491986] ? kasan_atomics_helper+0x1079/0x5450 [ 33.492050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.492126] ? kasan_atomics_helper+0x1079/0x5450 [ 33.492192] kasan_report+0x141/0x180 [ 33.492253] ? kasan_atomics_helper+0x1079/0x5450 [ 33.492322] kasan_check_range+0x10c/0x1c0 [ 33.492386] __kasan_check_write+0x18/0x20 [ 33.492444] kasan_atomics_helper+0x1079/0x5450 [ 33.492506] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.492589] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.492652] ? kasan_atomics+0x152/0x310 [ 33.492721] kasan_atomics+0x1dc/0x310 [ 33.492782] ? __pfx_kasan_atomics+0x10/0x10 [ 33.492843] ? __pfx_read_tsc+0x10/0x10 [ 33.492908] ? ktime_get_ts64+0x86/0x230 [ 33.492971] kunit_try_run_case+0x1a5/0x480 [ 33.493039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.493097] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.493171] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.493237] ? __kthread_parkme+0x82/0x180 [ 33.493296] ? preempt_count_sub+0x50/0x80 [ 33.493358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.493426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.493497] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.493682] kthread+0x337/0x6f0 [ 33.493749] ? trace_preempt_on+0x20/0xc0 [ 33.493801] ? __pfx_kthread+0x10/0x10 [ 33.493833] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.493869] ? calculate_sigpending+0x7b/0xa0 [ 33.493902] ? __pfx_kthread+0x10/0x10 [ 33.493932] ret_from_fork+0x116/0x1d0 [ 33.493962] ? __pfx_kthread+0x10/0x10 [ 33.493990] ret_from_fork_asm+0x1a/0x30 [ 33.494032] </TASK> [ 33.494048] [ 33.508926] Allocated by task 295: [ 33.509263] kasan_save_stack+0x45/0x70 [ 33.509722] kasan_save_track+0x18/0x40 [ 33.510157] kasan_save_alloc_info+0x3b/0x50 [ 33.510485] __kasan_kmalloc+0xb7/0xc0 [ 33.510945] __kmalloc_cache_noprof+0x189/0x420 [ 33.511328] kasan_atomics+0x95/0x310 [ 33.511782] kunit_try_run_case+0x1a5/0x480 [ 33.512208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.512791] kthread+0x337/0x6f0 [ 33.513122] ret_from_fork+0x116/0x1d0 [ 33.513415] ret_from_fork_asm+0x1a/0x30 [ 33.513897] [ 33.514041] The buggy address belongs to the object at ffff888102daa080 [ 33.514041] which belongs to the cache kmalloc-64 of size 64 [ 33.514861] The buggy address is located 0 bytes to the right of [ 33.514861] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.515984] [ 33.516221] The buggy address belongs to the physical page: [ 33.516583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.517212] flags: 0x200000000000000(node=0|zone=2) [ 33.517662] page_type: f5(slab) [ 33.517894] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.518600] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.519267] page dumped because: kasan: bad access detected [ 33.519573] [ 33.519825] Memory state around the buggy address: [ 33.520285] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.520779] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.521390] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.521836] ^ [ 33.522152] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.522850] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.523471] ================================================================== [ 33.241521] ================================================================== [ 33.242452] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 33.243085] Read of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.243694] [ 33.243973] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.244091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.244127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.244183] Call Trace: [ 33.244216] <TASK> [ 33.244277] dump_stack_lvl+0x73/0xb0 [ 33.244321] print_report+0xd1/0x650 [ 33.244365] ? __virt_addr_valid+0x1db/0x2d0 [ 33.244424] ? kasan_atomics_helper+0x4a84/0x5450 [ 33.244484] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.244571] ? kasan_atomics_helper+0x4a84/0x5450 [ 33.244632] kasan_report+0x141/0x180 [ 33.244762] ? kasan_atomics_helper+0x4a84/0x5450 [ 33.244839] __asan_report_load4_noabort+0x18/0x20 [ 33.244911] kasan_atomics_helper+0x4a84/0x5450 [ 33.244979] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.245046] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.245114] ? kasan_atomics+0x152/0x310 [ 33.245184] kasan_atomics+0x1dc/0x310 [ 33.245232] ? __pfx_kasan_atomics+0x10/0x10 [ 33.245267] ? __pfx_read_tsc+0x10/0x10 [ 33.245302] ? ktime_get_ts64+0x86/0x230 [ 33.245337] kunit_try_run_case+0x1a5/0x480 [ 33.245371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.245402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.245437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.245471] ? __kthread_parkme+0x82/0x180 [ 33.245500] ? preempt_count_sub+0x50/0x80 [ 33.245532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.245589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.245624] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.245673] kthread+0x337/0x6f0 [ 33.245703] ? trace_preempt_on+0x20/0xc0 [ 33.245738] ? __pfx_kthread+0x10/0x10 [ 33.245768] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.245800] ? calculate_sigpending+0x7b/0xa0 [ 33.245834] ? __pfx_kthread+0x10/0x10 [ 33.245863] ret_from_fork+0x116/0x1d0 [ 33.245891] ? __pfx_kthread+0x10/0x10 [ 33.245919] ret_from_fork_asm+0x1a/0x30 [ 33.245959] </TASK> [ 33.245976] [ 33.259184] Allocated by task 295: [ 33.259660] kasan_save_stack+0x45/0x70 [ 33.260206] kasan_save_track+0x18/0x40 [ 33.260608] kasan_save_alloc_info+0x3b/0x50 [ 33.261031] __kasan_kmalloc+0xb7/0xc0 [ 33.261281] __kmalloc_cache_noprof+0x189/0x420 [ 33.261849] kasan_atomics+0x95/0x310 [ 33.262278] kunit_try_run_case+0x1a5/0x480 [ 33.262805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.263313] kthread+0x337/0x6f0 [ 33.263658] ret_from_fork+0x116/0x1d0 [ 33.264043] ret_from_fork_asm+0x1a/0x30 [ 33.264417] [ 33.264657] The buggy address belongs to the object at ffff888102daa080 [ 33.264657] which belongs to the cache kmalloc-64 of size 64 [ 33.265464] The buggy address is located 0 bytes to the right of [ 33.265464] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.266456] [ 33.267659] The buggy address belongs to the physical page: [ 33.268389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.269435] flags: 0x200000000000000(node=0|zone=2) [ 33.270004] page_type: f5(slab) [ 33.270359] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.270910] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.271522] page dumped because: kasan: bad access detected [ 33.272050] [ 33.272195] Memory state around the buggy address: [ 33.272526] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.272849] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.273716] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.274292] ^ [ 33.275017] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.275650] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.276365] ================================================================== [ 34.411384] ================================================================== [ 34.412049] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 34.413212] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.413989] [ 34.414274] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.414399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.414435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.414489] Call Trace: [ 34.414553] <TASK> [ 34.414600] dump_stack_lvl+0x73/0xb0 [ 34.414698] print_report+0xd1/0x650 [ 34.414760] ? __virt_addr_valid+0x1db/0x2d0 [ 34.414811] ? kasan_atomics_helper+0x1d7a/0x5450 [ 34.414858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.414910] ? kasan_atomics_helper+0x1d7a/0x5450 [ 34.414957] kasan_report+0x141/0x180 [ 34.415006] ? kasan_atomics_helper+0x1d7a/0x5450 [ 34.415075] kasan_check_range+0x10c/0x1c0 [ 34.415136] __kasan_check_write+0x18/0x20 [ 34.415196] kasan_atomics_helper+0x1d7a/0x5450 [ 34.415260] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.415323] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.415389] ? kasan_atomics+0x152/0x310 [ 34.415455] kasan_atomics+0x1dc/0x310 [ 34.415520] ? __pfx_kasan_atomics+0x10/0x10 [ 34.415691] ? __pfx_read_tsc+0x10/0x10 [ 34.415758] ? ktime_get_ts64+0x86/0x230 [ 34.415842] kunit_try_run_case+0x1a5/0x480 [ 34.415914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.415976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.416069] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.416137] ? __kthread_parkme+0x82/0x180 [ 34.416200] ? preempt_count_sub+0x50/0x80 [ 34.416269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.416342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.416413] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.416482] kthread+0x337/0x6f0 [ 34.416558] ? trace_preempt_on+0x20/0xc0 [ 34.416662] ? __pfx_kthread+0x10/0x10 [ 34.416731] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.416798] ? calculate_sigpending+0x7b/0xa0 [ 34.416856] ? __pfx_kthread+0x10/0x10 [ 34.416897] ret_from_fork+0x116/0x1d0 [ 34.416928] ? __pfx_kthread+0x10/0x10 [ 34.416958] ret_from_fork_asm+0x1a/0x30 [ 34.416999] </TASK> [ 34.417017] [ 34.429530] Allocated by task 295: [ 34.429990] kasan_save_stack+0x45/0x70 [ 34.430467] kasan_save_track+0x18/0x40 [ 34.430913] kasan_save_alloc_info+0x3b/0x50 [ 34.431350] __kasan_kmalloc+0xb7/0xc0 [ 34.431697] __kmalloc_cache_noprof+0x189/0x420 [ 34.432174] kasan_atomics+0x95/0x310 [ 34.432597] kunit_try_run_case+0x1a5/0x480 [ 34.432998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.433447] kthread+0x337/0x6f0 [ 34.433728] ret_from_fork+0x116/0x1d0 [ 34.433975] ret_from_fork_asm+0x1a/0x30 [ 34.434289] [ 34.434495] The buggy address belongs to the object at ffff888102daa080 [ 34.434495] which belongs to the cache kmalloc-64 of size 64 [ 34.435607] The buggy address is located 0 bytes to the right of [ 34.435607] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.436728] [ 34.436955] The buggy address belongs to the physical page: [ 34.437352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.438054] flags: 0x200000000000000(node=0|zone=2) [ 34.438413] page_type: f5(slab) [ 34.438817] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.439196] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.439563] page dumped because: kasan: bad access detected [ 34.440101] [ 34.440330] Memory state around the buggy address: [ 34.440859] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.441517] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.442144] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.442494] ^ [ 34.443020] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.444107] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.444488] ================================================================== [ 33.909009] ================================================================== [ 33.909762] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 33.910494] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.911177] [ 33.911366] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.911555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.911656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.911716] Call Trace: [ 33.911764] <TASK> [ 33.911812] dump_stack_lvl+0x73/0xb0 [ 33.911902] print_report+0xd1/0x650 [ 33.911991] ? __virt_addr_valid+0x1db/0x2d0 [ 33.912093] ? kasan_atomics_helper+0x151d/0x5450 [ 33.912164] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.912228] ? kasan_atomics_helper+0x151d/0x5450 [ 33.912291] kasan_report+0x141/0x180 [ 33.912395] ? kasan_atomics_helper+0x151d/0x5450 [ 33.912491] kasan_check_range+0x10c/0x1c0 [ 33.912573] __kasan_check_write+0x18/0x20 [ 33.912709] kasan_atomics_helper+0x151d/0x5450 [ 33.912805] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.912864] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.912904] ? kasan_atomics+0x152/0x310 [ 33.912941] kasan_atomics+0x1dc/0x310 [ 33.912973] ? __pfx_kasan_atomics+0x10/0x10 [ 33.913006] ? __pfx_read_tsc+0x10/0x10 [ 33.913040] ? ktime_get_ts64+0x86/0x230 [ 33.913073] kunit_try_run_case+0x1a5/0x480 [ 33.913108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.913139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.913173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.913206] ? __kthread_parkme+0x82/0x180 [ 33.913235] ? preempt_count_sub+0x50/0x80 [ 33.913268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.913302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.913334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.913367] kthread+0x337/0x6f0 [ 33.913394] ? trace_preempt_on+0x20/0xc0 [ 33.913427] ? __pfx_kthread+0x10/0x10 [ 33.913456] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.913487] ? calculate_sigpending+0x7b/0xa0 [ 33.913519] ? __pfx_kthread+0x10/0x10 [ 33.913570] ret_from_fork+0x116/0x1d0 [ 33.913598] ? __pfx_kthread+0x10/0x10 [ 33.913656] ret_from_fork_asm+0x1a/0x30 [ 33.913706] </TASK> [ 33.913722] [ 33.930096] Allocated by task 295: [ 33.930693] kasan_save_stack+0x45/0x70 [ 33.931430] kasan_save_track+0x18/0x40 [ 33.931803] kasan_save_alloc_info+0x3b/0x50 [ 33.932044] __kasan_kmalloc+0xb7/0xc0 [ 33.932439] __kmalloc_cache_noprof+0x189/0x420 [ 33.933075] kasan_atomics+0x95/0x310 [ 33.933418] kunit_try_run_case+0x1a5/0x480 [ 33.934195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.934767] kthread+0x337/0x6f0 [ 33.935224] ret_from_fork+0x116/0x1d0 [ 33.935744] ret_from_fork_asm+0x1a/0x30 [ 33.936165] [ 33.936333] The buggy address belongs to the object at ffff888102daa080 [ 33.936333] which belongs to the cache kmalloc-64 of size 64 [ 33.937123] The buggy address is located 0 bytes to the right of [ 33.937123] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.938167] [ 33.938451] The buggy address belongs to the physical page: [ 33.939049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.939868] flags: 0x200000000000000(node=0|zone=2) [ 33.940384] page_type: f5(slab) [ 33.940660] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.941141] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.941651] page dumped because: kasan: bad access detected [ 33.942006] [ 33.942134] Memory state around the buggy address: [ 33.942442] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.943482] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.944019] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.944598] ^ [ 33.945126] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.945858] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.946483] ================================================================== [ 34.837714] ================================================================== [ 34.838388] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 34.839316] Read of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.840021] [ 34.840811] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.840932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.840967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.841018] Call Trace: [ 34.841063] <TASK> [ 34.841108] dump_stack_lvl+0x73/0xb0 [ 34.841179] print_report+0xd1/0x650 [ 34.841231] ? __virt_addr_valid+0x1db/0x2d0 [ 34.841285] ? kasan_atomics_helper+0x5115/0x5450 [ 34.841331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.841390] ? kasan_atomics_helper+0x5115/0x5450 [ 34.841433] kasan_report+0x141/0x180 [ 34.841466] ? kasan_atomics_helper+0x5115/0x5450 [ 34.841502] __asan_report_load8_noabort+0x18/0x20 [ 34.841557] kasan_atomics_helper+0x5115/0x5450 [ 34.841651] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.841695] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.841732] ? kasan_atomics+0x152/0x310 [ 34.841769] kasan_atomics+0x1dc/0x310 [ 34.841800] ? __pfx_kasan_atomics+0x10/0x10 [ 34.841833] ? __pfx_read_tsc+0x10/0x10 [ 34.841864] ? ktime_get_ts64+0x86/0x230 [ 34.841898] kunit_try_run_case+0x1a5/0x480 [ 34.841932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.841963] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.841999] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.842032] ? __kthread_parkme+0x82/0x180 [ 34.842061] ? preempt_count_sub+0x50/0x80 [ 34.842093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.842127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.842160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.842193] kthread+0x337/0x6f0 [ 34.842220] ? trace_preempt_on+0x20/0xc0 [ 34.842253] ? __pfx_kthread+0x10/0x10 [ 34.842282] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.842314] ? calculate_sigpending+0x7b/0xa0 [ 34.842348] ? __pfx_kthread+0x10/0x10 [ 34.842377] ret_from_fork+0x116/0x1d0 [ 34.842403] ? __pfx_kthread+0x10/0x10 [ 34.842432] ret_from_fork_asm+0x1a/0x30 [ 34.842472] </TASK> [ 34.842487] [ 34.856974] Allocated by task 295: [ 34.857246] kasan_save_stack+0x45/0x70 [ 34.857520] kasan_save_track+0x18/0x40 [ 34.857960] kasan_save_alloc_info+0x3b/0x50 [ 34.858430] __kasan_kmalloc+0xb7/0xc0 [ 34.858875] __kmalloc_cache_noprof+0x189/0x420 [ 34.859346] kasan_atomics+0x95/0x310 [ 34.859786] kunit_try_run_case+0x1a5/0x480 [ 34.860218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.860551] kthread+0x337/0x6f0 [ 34.860809] ret_from_fork+0x116/0x1d0 [ 34.861181] ret_from_fork_asm+0x1a/0x30 [ 34.861666] [ 34.861875] The buggy address belongs to the object at ffff888102daa080 [ 34.861875] which belongs to the cache kmalloc-64 of size 64 [ 34.862868] The buggy address is located 0 bytes to the right of [ 34.862868] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.863985] [ 34.864140] The buggy address belongs to the physical page: [ 34.864470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.865223] flags: 0x200000000000000(node=0|zone=2) [ 34.865760] page_type: f5(slab) [ 34.866135] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.866595] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.867227] page dumped because: kasan: bad access detected [ 34.867773] [ 34.867993] Memory state around the buggy address: [ 34.868401] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.869074] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.869764] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.870268] ^ [ 34.870738] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.871266] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.871891] ================================================================== [ 33.799612] ================================================================== [ 33.800312] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 33.800975] Read of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.801512] [ 33.801846] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.801986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.802024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.802077] Call Trace: [ 33.802116] <TASK> [ 33.802159] dump_stack_lvl+0x73/0xb0 [ 33.802237] print_report+0xd1/0x650 [ 33.802328] ? __virt_addr_valid+0x1db/0x2d0 [ 33.802392] ? kasan_atomics_helper+0x4eae/0x5450 [ 33.802452] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.802521] ? kasan_atomics_helper+0x4eae/0x5450 [ 33.802619] kasan_report+0x141/0x180 [ 33.802724] ? kasan_atomics_helper+0x4eae/0x5450 [ 33.802799] __asan_report_load8_noabort+0x18/0x20 [ 33.802868] kasan_atomics_helper+0x4eae/0x5450 [ 33.802956] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.803025] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.803095] ? kasan_atomics+0x152/0x310 [ 33.803162] kasan_atomics+0x1dc/0x310 [ 33.803224] ? __pfx_kasan_atomics+0x10/0x10 [ 33.803318] ? __pfx_read_tsc+0x10/0x10 [ 33.803380] ? ktime_get_ts64+0x86/0x230 [ 33.803446] kunit_try_run_case+0x1a5/0x480 [ 33.803515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.803617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.803728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.803796] ? __kthread_parkme+0x82/0x180 [ 33.803866] ? preempt_count_sub+0x50/0x80 [ 33.803957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.804026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.804093] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.804161] kthread+0x337/0x6f0 [ 33.804245] ? trace_preempt_on+0x20/0xc0 [ 33.804309] ? __pfx_kthread+0x10/0x10 [ 33.804368] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.804433] ? calculate_sigpending+0x7b/0xa0 [ 33.804497] ? __pfx_kthread+0x10/0x10 [ 33.804572] ret_from_fork+0x116/0x1d0 [ 33.804689] ? __pfx_kthread+0x10/0x10 [ 33.804753] ret_from_fork_asm+0x1a/0x30 [ 33.804833] </TASK> [ 33.804864] [ 33.817277] Allocated by task 295: [ 33.817524] kasan_save_stack+0x45/0x70 [ 33.818024] kasan_save_track+0x18/0x40 [ 33.818429] kasan_save_alloc_info+0x3b/0x50 [ 33.818929] __kasan_kmalloc+0xb7/0xc0 [ 33.819336] __kmalloc_cache_noprof+0x189/0x420 [ 33.819840] kasan_atomics+0x95/0x310 [ 33.820097] kunit_try_run_case+0x1a5/0x480 [ 33.820356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.820920] kthread+0x337/0x6f0 [ 33.821319] ret_from_fork+0x116/0x1d0 [ 33.821782] ret_from_fork_asm+0x1a/0x30 [ 33.822236] [ 33.822430] The buggy address belongs to the object at ffff888102daa080 [ 33.822430] which belongs to the cache kmalloc-64 of size 64 [ 33.823482] The buggy address is located 0 bytes to the right of [ 33.823482] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.824344] [ 33.826452] The buggy address belongs to the physical page: [ 33.827798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.828203] flags: 0x200000000000000(node=0|zone=2) [ 33.828690] page_type: f5(slab) [ 33.828939] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.829511] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.830188] page dumped because: kasan: bad access detected [ 33.830747] [ 33.830951] Memory state around the buggy address: [ 33.831432] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.832105] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.832919] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.833504] ^ [ 33.833905] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.834509] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.835114] ================================================================== [ 33.061928] ================================================================== [ 33.062978] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 33.063602] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.064337] [ 33.064683] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.064819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.064853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.064907] Call Trace: [ 33.064949] <TASK> [ 33.065027] dump_stack_lvl+0x73/0xb0 [ 33.065184] print_report+0xd1/0x650 [ 33.065255] ? __virt_addr_valid+0x1db/0x2d0 [ 33.065327] ? kasan_atomics_helper+0x992/0x5450 [ 33.065382] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.065424] ? kasan_atomics_helper+0x992/0x5450 [ 33.065455] kasan_report+0x141/0x180 [ 33.065488] ? kasan_atomics_helper+0x992/0x5450 [ 33.065535] kasan_check_range+0x10c/0x1c0 [ 33.065601] __kasan_check_write+0x18/0x20 [ 33.065658] kasan_atomics_helper+0x992/0x5450 [ 33.065692] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.065723] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.065758] ? kasan_atomics+0x152/0x310 [ 33.065793] kasan_atomics+0x1dc/0x310 [ 33.065824] ? __pfx_kasan_atomics+0x10/0x10 [ 33.065857] ? __pfx_read_tsc+0x10/0x10 [ 33.065888] ? ktime_get_ts64+0x86/0x230 [ 33.065922] kunit_try_run_case+0x1a5/0x480 [ 33.065955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.065986] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.066021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.066054] ? __kthread_parkme+0x82/0x180 [ 33.066082] ? preempt_count_sub+0x50/0x80 [ 33.066115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.066148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.066182] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.066213] kthread+0x337/0x6f0 [ 33.066240] ? trace_preempt_on+0x20/0xc0 [ 33.066273] ? __pfx_kthread+0x10/0x10 [ 33.066302] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.066333] ? calculate_sigpending+0x7b/0xa0 [ 33.066365] ? __pfx_kthread+0x10/0x10 [ 33.066396] ret_from_fork+0x116/0x1d0 [ 33.066423] ? __pfx_kthread+0x10/0x10 [ 33.066452] ret_from_fork_asm+0x1a/0x30 [ 33.066491] </TASK> [ 33.066507] [ 33.079571] Allocated by task 295: [ 33.079977] kasan_save_stack+0x45/0x70 [ 33.080406] kasan_save_track+0x18/0x40 [ 33.080863] kasan_save_alloc_info+0x3b/0x50 [ 33.081304] __kasan_kmalloc+0xb7/0xc0 [ 33.081742] __kmalloc_cache_noprof+0x189/0x420 [ 33.082204] kasan_atomics+0x95/0x310 [ 33.082460] kunit_try_run_case+0x1a5/0x480 [ 33.082917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.083444] kthread+0x337/0x6f0 [ 33.083801] ret_from_fork+0x116/0x1d0 [ 33.084103] ret_from_fork_asm+0x1a/0x30 [ 33.084457] [ 33.084671] The buggy address belongs to the object at ffff888102daa080 [ 33.084671] which belongs to the cache kmalloc-64 of size 64 [ 33.085458] The buggy address is located 0 bytes to the right of [ 33.085458] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.086074] [ 33.086220] The buggy address belongs to the physical page: [ 33.086494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.087242] flags: 0x200000000000000(node=0|zone=2) [ 33.087780] page_type: f5(slab) [ 33.088147] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.088871] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.089446] page dumped because: kasan: bad access detected [ 33.089784] [ 33.089923] Memory state around the buggy address: [ 33.090178] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.090743] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.091367] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.092038] ^ [ 33.092485] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.093043] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.093533] ================================================================== [ 32.954645] ================================================================== [ 32.955320] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 32.956111] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.956705] [ 32.957203] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.957344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.957379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.957422] Call Trace: [ 32.957446] <TASK> [ 32.957471] dump_stack_lvl+0x73/0xb0 [ 32.957516] print_report+0xd1/0x650 [ 32.957572] ? __virt_addr_valid+0x1db/0x2d0 [ 32.957636] ? kasan_atomics_helper+0x7c7/0x5450 [ 32.957679] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.957717] ? kasan_atomics_helper+0x7c7/0x5450 [ 32.957747] kasan_report+0x141/0x180 [ 32.957779] ? kasan_atomics_helper+0x7c7/0x5450 [ 32.957813] kasan_check_range+0x10c/0x1c0 [ 32.957846] __kasan_check_write+0x18/0x20 [ 32.957879] kasan_atomics_helper+0x7c7/0x5450 [ 32.957910] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.957940] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.957974] ? kasan_atomics+0x152/0x310 [ 32.958008] kasan_atomics+0x1dc/0x310 [ 32.958038] ? __pfx_kasan_atomics+0x10/0x10 [ 32.958070] ? __pfx_read_tsc+0x10/0x10 [ 32.958100] ? ktime_get_ts64+0x86/0x230 [ 32.958134] kunit_try_run_case+0x1a5/0x480 [ 32.958168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.958200] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.958234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.958268] ? __kthread_parkme+0x82/0x180 [ 32.958297] ? preempt_count_sub+0x50/0x80 [ 32.958329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.958362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.958395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.958428] kthread+0x337/0x6f0 [ 32.958456] ? trace_preempt_on+0x20/0xc0 [ 32.958489] ? __pfx_kthread+0x10/0x10 [ 32.958518] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.958568] ? calculate_sigpending+0x7b/0xa0 [ 32.958603] ? __pfx_kthread+0x10/0x10 [ 32.958641] ret_from_fork+0x116/0x1d0 [ 32.958684] ? __pfx_kthread+0x10/0x10 [ 32.958714] ret_from_fork_asm+0x1a/0x30 [ 32.958757] </TASK> [ 32.958772] [ 32.971080] Allocated by task 295: [ 32.971475] kasan_save_stack+0x45/0x70 [ 32.971964] kasan_save_track+0x18/0x40 [ 32.972286] kasan_save_alloc_info+0x3b/0x50 [ 32.972895] __kasan_kmalloc+0xb7/0xc0 [ 32.973311] __kmalloc_cache_noprof+0x189/0x420 [ 32.973746] kasan_atomics+0x95/0x310 [ 32.974095] kunit_try_run_case+0x1a5/0x480 [ 32.974368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.974864] kthread+0x337/0x6f0 [ 32.975322] ret_from_fork+0x116/0x1d0 [ 32.975871] ret_from_fork_asm+0x1a/0x30 [ 32.976333] [ 32.976559] The buggy address belongs to the object at ffff888102daa080 [ 32.976559] which belongs to the cache kmalloc-64 of size 64 [ 32.977381] The buggy address is located 0 bytes to the right of [ 32.977381] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.977969] [ 32.978110] The buggy address belongs to the physical page: [ 32.978387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.979019] flags: 0x200000000000000(node=0|zone=2) [ 32.979529] page_type: f5(slab) [ 32.979946] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.980781] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.981481] page dumped because: kasan: bad access detected [ 32.982057] [ 32.982269] Memory state around the buggy address: [ 32.982805] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.983395] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.983992] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.984450] ^ [ 32.984965] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.985483] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.986190] ================================================================== [ 32.842258] ================================================================== [ 32.842936] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 32.843994] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.844616] [ 32.844844] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.844964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.844996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.845043] Call Trace: [ 32.845087] <TASK> [ 32.845130] dump_stack_lvl+0x73/0xb0 [ 32.845204] print_report+0xd1/0x650 [ 32.845260] ? __virt_addr_valid+0x1db/0x2d0 [ 32.845322] ? kasan_atomics_helper+0x5fe/0x5450 [ 32.845384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.845458] ? kasan_atomics_helper+0x5fe/0x5450 [ 32.845517] kasan_report+0x141/0x180 [ 32.845573] ? kasan_atomics_helper+0x5fe/0x5450 [ 32.845610] kasan_check_range+0x10c/0x1c0 [ 32.845716] __kasan_check_write+0x18/0x20 [ 32.845776] kasan_atomics_helper+0x5fe/0x5450 [ 32.845831] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.845893] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.846022] ? kasan_atomics+0x152/0x310 [ 32.846125] kasan_atomics+0x1dc/0x310 [ 32.846194] ? __pfx_kasan_atomics+0x10/0x10 [ 32.846255] ? __pfx_read_tsc+0x10/0x10 [ 32.846314] ? ktime_get_ts64+0x86/0x230 [ 32.846385] kunit_try_run_case+0x1a5/0x480 [ 32.846455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.846507] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.846575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.846619] ? __kthread_parkme+0x82/0x180 [ 32.846678] ? preempt_count_sub+0x50/0x80 [ 32.846738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.846807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.846890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.846981] kthread+0x337/0x6f0 [ 32.847042] ? trace_preempt_on+0x20/0xc0 [ 32.847111] ? __pfx_kthread+0x10/0x10 [ 32.847174] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.847243] ? calculate_sigpending+0x7b/0xa0 [ 32.847312] ? __pfx_kthread+0x10/0x10 [ 32.847377] ret_from_fork+0x116/0x1d0 [ 32.847414] ? __pfx_kthread+0x10/0x10 [ 32.847446] ret_from_fork_asm+0x1a/0x30 [ 32.847489] </TASK> [ 32.847505] [ 32.863916] Allocated by task 295: [ 32.864381] kasan_save_stack+0x45/0x70 [ 32.864823] kasan_save_track+0x18/0x40 [ 32.865288] kasan_save_alloc_info+0x3b/0x50 [ 32.865676] __kasan_kmalloc+0xb7/0xc0 [ 32.866133] __kmalloc_cache_noprof+0x189/0x420 [ 32.866580] kasan_atomics+0x95/0x310 [ 32.867001] kunit_try_run_case+0x1a5/0x480 [ 32.867414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.868047] kthread+0x337/0x6f0 [ 32.868395] ret_from_fork+0x116/0x1d0 [ 32.868801] ret_from_fork_asm+0x1a/0x30 [ 32.869281] [ 32.869513] The buggy address belongs to the object at ffff888102daa080 [ 32.869513] which belongs to the cache kmalloc-64 of size 64 [ 32.870481] The buggy address is located 0 bytes to the right of [ 32.870481] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.871469] [ 32.871716] The buggy address belongs to the physical page: [ 32.872048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.872478] flags: 0x200000000000000(node=0|zone=2) [ 32.873048] page_type: f5(slab) [ 32.873428] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.874136] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.874769] page dumped because: kasan: bad access detected [ 32.875225] [ 32.875444] Memory state around the buggy address: [ 32.875908] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.876345] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.877021] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.877483] ^ [ 32.878014] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.878459] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.879072] ================================================================== [ 33.525235] ================================================================== [ 33.525682] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 33.526339] Read of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.526900] [ 33.527174] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.527293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.527330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.527383] Call Trace: [ 33.527438] <TASK> [ 33.527499] dump_stack_lvl+0x73/0xb0 [ 33.527599] print_report+0xd1/0x650 [ 33.527690] ? __virt_addr_valid+0x1db/0x2d0 [ 33.527747] ? kasan_atomics_helper+0x4a1c/0x5450 [ 33.527806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.527897] ? kasan_atomics_helper+0x4a1c/0x5450 [ 33.527977] kasan_report+0x141/0x180 [ 33.528041] ? kasan_atomics_helper+0x4a1c/0x5450 [ 33.528108] __asan_report_load4_noabort+0x18/0x20 [ 33.528173] kasan_atomics_helper+0x4a1c/0x5450 [ 33.528230] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.528303] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.528390] ? kasan_atomics+0x152/0x310 [ 33.528442] kasan_atomics+0x1dc/0x310 [ 33.528478] ? __pfx_kasan_atomics+0x10/0x10 [ 33.528511] ? __pfx_read_tsc+0x10/0x10 [ 33.528564] ? ktime_get_ts64+0x86/0x230 [ 33.528600] kunit_try_run_case+0x1a5/0x480 [ 33.528660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.528695] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.528731] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.528765] ? __kthread_parkme+0x82/0x180 [ 33.528794] ? preempt_count_sub+0x50/0x80 [ 33.528827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.528861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.528893] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.528926] kthread+0x337/0x6f0 [ 33.528953] ? trace_preempt_on+0x20/0xc0 [ 33.528986] ? __pfx_kthread+0x10/0x10 [ 33.529015] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.529046] ? calculate_sigpending+0x7b/0xa0 [ 33.529079] ? __pfx_kthread+0x10/0x10 [ 33.529108] ret_from_fork+0x116/0x1d0 [ 33.529135] ? __pfx_kthread+0x10/0x10 [ 33.529162] ret_from_fork_asm+0x1a/0x30 [ 33.529203] </TASK> [ 33.529219] [ 33.545317] Allocated by task 295: [ 33.545781] kasan_save_stack+0x45/0x70 [ 33.546208] kasan_save_track+0x18/0x40 [ 33.546698] kasan_save_alloc_info+0x3b/0x50 [ 33.547111] __kasan_kmalloc+0xb7/0xc0 [ 33.547505] __kmalloc_cache_noprof+0x189/0x420 [ 33.547925] kasan_atomics+0x95/0x310 [ 33.548174] kunit_try_run_case+0x1a5/0x480 [ 33.548695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.549219] kthread+0x337/0x6f0 [ 33.549608] ret_from_fork+0x116/0x1d0 [ 33.549942] ret_from_fork_asm+0x1a/0x30 [ 33.550294] [ 33.550513] The buggy address belongs to the object at ffff888102daa080 [ 33.550513] which belongs to the cache kmalloc-64 of size 64 [ 33.551363] The buggy address is located 0 bytes to the right of [ 33.551363] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.552350] [ 33.552585] The buggy address belongs to the physical page: [ 33.552898] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.553669] flags: 0x200000000000000(node=0|zone=2) [ 33.554004] page_type: f5(slab) [ 33.554333] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.554896] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.555429] page dumped because: kasan: bad access detected [ 33.555984] [ 33.556195] Memory state around the buggy address: [ 33.556618] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.557188] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.557740] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.558400] ^ [ 33.558838] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.559332] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.559936] ================================================================== [ 34.376488] ================================================================== [ 34.378684] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 34.379496] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.380275] [ 34.380490] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.380629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.380665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.380947] Call Trace: [ 34.381006] <TASK> [ 34.381064] dump_stack_lvl+0x73/0xb0 [ 34.381148] print_report+0xd1/0x650 [ 34.381213] ? __virt_addr_valid+0x1db/0x2d0 [ 34.381279] ? kasan_atomics_helper+0x1ce1/0x5450 [ 34.381329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.381367] ? kasan_atomics_helper+0x1ce1/0x5450 [ 34.381398] kasan_report+0x141/0x180 [ 34.381430] ? kasan_atomics_helper+0x1ce1/0x5450 [ 34.381466] kasan_check_range+0x10c/0x1c0 [ 34.381499] __kasan_check_write+0x18/0x20 [ 34.381530] kasan_atomics_helper+0x1ce1/0x5450 [ 34.381586] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.381618] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.381678] ? kasan_atomics+0x152/0x310 [ 34.381714] kasan_atomics+0x1dc/0x310 [ 34.381745] ? __pfx_kasan_atomics+0x10/0x10 [ 34.381778] ? __pfx_read_tsc+0x10/0x10 [ 34.381811] ? ktime_get_ts64+0x86/0x230 [ 34.381846] kunit_try_run_case+0x1a5/0x480 [ 34.381881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.381913] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.381947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.381981] ? __kthread_parkme+0x82/0x180 [ 34.382011] ? preempt_count_sub+0x50/0x80 [ 34.382043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.382076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.382109] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.382140] kthread+0x337/0x6f0 [ 34.382168] ? trace_preempt_on+0x20/0xc0 [ 34.382199] ? __pfx_kthread+0x10/0x10 [ 34.382229] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.382260] ? calculate_sigpending+0x7b/0xa0 [ 34.382292] ? __pfx_kthread+0x10/0x10 [ 34.382321] ret_from_fork+0x116/0x1d0 [ 34.382348] ? __pfx_kthread+0x10/0x10 [ 34.382377] ret_from_fork_asm+0x1a/0x30 [ 34.382417] </TASK> [ 34.382432] [ 34.395415] Allocated by task 295: [ 34.395899] kasan_save_stack+0x45/0x70 [ 34.396307] kasan_save_track+0x18/0x40 [ 34.396802] kasan_save_alloc_info+0x3b/0x50 [ 34.397178] __kasan_kmalloc+0xb7/0xc0 [ 34.397518] __kmalloc_cache_noprof+0x189/0x420 [ 34.397975] kasan_atomics+0x95/0x310 [ 34.398429] kunit_try_run_case+0x1a5/0x480 [ 34.398940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.399339] kthread+0x337/0x6f0 [ 34.399743] ret_from_fork+0x116/0x1d0 [ 34.400128] ret_from_fork_asm+0x1a/0x30 [ 34.400595] [ 34.400817] The buggy address belongs to the object at ffff888102daa080 [ 34.400817] which belongs to the cache kmalloc-64 of size 64 [ 34.401790] The buggy address is located 0 bytes to the right of [ 34.401790] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.402481] [ 34.402679] The buggy address belongs to the physical page: [ 34.402965] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.403336] flags: 0x200000000000000(node=0|zone=2) [ 34.403879] page_type: f5(slab) [ 34.404244] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.405007] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.405712] page dumped because: kasan: bad access detected [ 34.406222] [ 34.406469] Memory state around the buggy address: [ 34.406969] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.407607] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.408211] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.408758] ^ [ 34.409200] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.409571] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.409982] ================================================================== [ 32.771764] ================================================================== [ 32.772670] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 32.773157] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.773855] [ 32.774148] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.774280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.774316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.774367] Call Trace: [ 32.774405] <TASK> [ 32.774483] dump_stack_lvl+0x73/0xb0 [ 32.774606] print_report+0xd1/0x650 [ 32.774686] ? __virt_addr_valid+0x1db/0x2d0 [ 32.774754] ? kasan_atomics_helper+0x4b3a/0x5450 [ 32.774814] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.774947] ? kasan_atomics_helper+0x4b3a/0x5450 [ 32.775017] kasan_report+0x141/0x180 [ 32.775080] ? kasan_atomics_helper+0x4b3a/0x5450 [ 32.775184] __asan_report_store4_noabort+0x1b/0x30 [ 32.775283] kasan_atomics_helper+0x4b3a/0x5450 [ 32.775349] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.775451] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.775558] ? kasan_atomics+0x152/0x310 [ 32.775634] kasan_atomics+0x1dc/0x310 [ 32.775717] ? __pfx_kasan_atomics+0x10/0x10 [ 32.775827] ? __pfx_read_tsc+0x10/0x10 [ 32.775907] ? ktime_get_ts64+0x86/0x230 [ 32.775975] kunit_try_run_case+0x1a5/0x480 [ 32.776041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.776103] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.776215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.776312] ? __kthread_parkme+0x82/0x180 [ 32.776372] ? preempt_count_sub+0x50/0x80 [ 32.776436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.776561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.776633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.776724] kthread+0x337/0x6f0 [ 32.776762] ? trace_preempt_on+0x20/0xc0 [ 32.776800] ? __pfx_kthread+0x10/0x10 [ 32.776830] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.776864] ? calculate_sigpending+0x7b/0xa0 [ 32.776899] ? __pfx_kthread+0x10/0x10 [ 32.776929] ret_from_fork+0x116/0x1d0 [ 32.776958] ? __pfx_kthread+0x10/0x10 [ 32.776987] ret_from_fork_asm+0x1a/0x30 [ 32.777028] </TASK> [ 32.777044] [ 32.790840] Allocated by task 295: [ 32.791092] kasan_save_stack+0x45/0x70 [ 32.791691] kasan_save_track+0x18/0x40 [ 32.792243] kasan_save_alloc_info+0x3b/0x50 [ 32.792877] __kasan_kmalloc+0xb7/0xc0 [ 32.793337] __kmalloc_cache_noprof+0x189/0x420 [ 32.793791] kasan_atomics+0x95/0x310 [ 32.794276] kunit_try_run_case+0x1a5/0x480 [ 32.794923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.795582] kthread+0x337/0x6f0 [ 32.796055] ret_from_fork+0x116/0x1d0 [ 32.796599] ret_from_fork_asm+0x1a/0x30 [ 32.796934] [ 32.797209] The buggy address belongs to the object at ffff888102daa080 [ 32.797209] which belongs to the cache kmalloc-64 of size 64 [ 32.798280] The buggy address is located 0 bytes to the right of [ 32.798280] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.799329] [ 32.799564] The buggy address belongs to the physical page: [ 32.799964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.800814] flags: 0x200000000000000(node=0|zone=2) [ 32.801258] page_type: f5(slab) [ 32.801658] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.802328] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.802955] page dumped because: kasan: bad access detected [ 32.803407] [ 32.803655] Memory state around the buggy address: [ 32.804082] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.804636] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.805064] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.805619] ^ [ 32.805989] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.806407] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.806933] ================================================================== [ 33.134224] ================================================================== [ 33.134796] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 33.135288] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.135954] [ 33.136141] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.136256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.136291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.136341] Call Trace: [ 33.136380] <TASK> [ 33.136422] dump_stack_lvl+0x73/0xb0 [ 33.136499] print_report+0xd1/0x650 [ 33.136578] ? __virt_addr_valid+0x1db/0x2d0 [ 33.136676] ? kasan_atomics_helper+0xac7/0x5450 [ 33.136736] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.136809] ? kasan_atomics_helper+0xac7/0x5450 [ 33.136852] kasan_report+0x141/0x180 [ 33.136906] ? kasan_atomics_helper+0xac7/0x5450 [ 33.136974] kasan_check_range+0x10c/0x1c0 [ 33.137037] __kasan_check_write+0x18/0x20 [ 33.137095] kasan_atomics_helper+0xac7/0x5450 [ 33.137155] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.137219] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.137281] ? kasan_atomics+0x152/0x310 [ 33.137350] kasan_atomics+0x1dc/0x310 [ 33.137411] ? __pfx_kasan_atomics+0x10/0x10 [ 33.137471] ? __pfx_read_tsc+0x10/0x10 [ 33.137526] ? ktime_get_ts64+0x86/0x230 [ 33.137610] kunit_try_run_case+0x1a5/0x480 [ 33.137710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.137745] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.137784] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.137820] ? __kthread_parkme+0x82/0x180 [ 33.137851] ? preempt_count_sub+0x50/0x80 [ 33.137884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.137917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.137952] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.137985] kthread+0x337/0x6f0 [ 33.138013] ? trace_preempt_on+0x20/0xc0 [ 33.138046] ? __pfx_kthread+0x10/0x10 [ 33.138075] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.138107] ? calculate_sigpending+0x7b/0xa0 [ 33.138140] ? __pfx_kthread+0x10/0x10 [ 33.138170] ret_from_fork+0x116/0x1d0 [ 33.138197] ? __pfx_kthread+0x10/0x10 [ 33.138226] ret_from_fork_asm+0x1a/0x30 [ 33.138267] </TASK> [ 33.138283] [ 33.152584] Allocated by task 295: [ 33.152872] kasan_save_stack+0x45/0x70 [ 33.153344] kasan_save_track+0x18/0x40 [ 33.153808] kasan_save_alloc_info+0x3b/0x50 [ 33.154278] __kasan_kmalloc+0xb7/0xc0 [ 33.154741] __kmalloc_cache_noprof+0x189/0x420 [ 33.155243] kasan_atomics+0x95/0x310 [ 33.155553] kunit_try_run_case+0x1a5/0x480 [ 33.155868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.156367] kthread+0x337/0x6f0 [ 33.156794] ret_from_fork+0x116/0x1d0 [ 33.157202] ret_from_fork_asm+0x1a/0x30 [ 33.157478] [ 33.157743] The buggy address belongs to the object at ffff888102daa080 [ 33.157743] which belongs to the cache kmalloc-64 of size 64 [ 33.158504] The buggy address is located 0 bytes to the right of [ 33.158504] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.159449] [ 33.159736] The buggy address belongs to the physical page: [ 33.160108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.160754] flags: 0x200000000000000(node=0|zone=2) [ 33.161204] page_type: f5(slab) [ 33.161578] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.162034] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.162670] page dumped because: kasan: bad access detected [ 33.163173] [ 33.163371] Memory state around the buggy address: [ 33.163888] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.164452] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.165090] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.165634] ^ [ 33.166009] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.166503] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.166931] ================================================================== [ 33.836488] ================================================================== [ 33.837079] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 33.837580] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.838254] [ 33.838449] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.838581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.838615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.838690] Call Trace: [ 33.838747] <TASK> [ 33.838783] dump_stack_lvl+0x73/0xb0 [ 33.838848] print_report+0xd1/0x650 [ 33.838895] ? __virt_addr_valid+0x1db/0x2d0 [ 33.838945] ? kasan_atomics_helper+0x1467/0x5450 [ 33.838989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.839043] ? kasan_atomics_helper+0x1467/0x5450 [ 33.839134] kasan_report+0x141/0x180 [ 33.839195] ? kasan_atomics_helper+0x1467/0x5450 [ 33.839277] kasan_check_range+0x10c/0x1c0 [ 33.839380] __kasan_check_write+0x18/0x20 [ 33.839467] kasan_atomics_helper+0x1467/0x5450 [ 33.839552] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.839615] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.839746] ? kasan_atomics+0x152/0x310 [ 33.839833] kasan_atomics+0x1dc/0x310 [ 33.839901] ? __pfx_kasan_atomics+0x10/0x10 [ 33.839971] ? __pfx_read_tsc+0x10/0x10 [ 33.840037] ? ktime_get_ts64+0x86/0x230 [ 33.840106] kunit_try_run_case+0x1a5/0x480 [ 33.840173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.840233] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.840301] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.840381] ? __kthread_parkme+0x82/0x180 [ 33.840460] ? preempt_count_sub+0x50/0x80 [ 33.840520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.840601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.840718] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.840809] kthread+0x337/0x6f0 [ 33.840866] ? trace_preempt_on+0x20/0xc0 [ 33.840905] ? __pfx_kthread+0x10/0x10 [ 33.840936] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.840970] ? calculate_sigpending+0x7b/0xa0 [ 33.841006] ? __pfx_kthread+0x10/0x10 [ 33.841036] ret_from_fork+0x116/0x1d0 [ 33.841063] ? __pfx_kthread+0x10/0x10 [ 33.841092] ret_from_fork_asm+0x1a/0x30 [ 33.841133] </TASK> [ 33.841149] [ 33.856606] Allocated by task 295: [ 33.857015] kasan_save_stack+0x45/0x70 [ 33.857525] kasan_save_track+0x18/0x40 [ 33.857836] kasan_save_alloc_info+0x3b/0x50 [ 33.858169] __kasan_kmalloc+0xb7/0xc0 [ 33.858754] __kmalloc_cache_noprof+0x189/0x420 [ 33.859281] kasan_atomics+0x95/0x310 [ 33.859726] kunit_try_run_case+0x1a5/0x480 [ 33.860290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.860871] kthread+0x337/0x6f0 [ 33.861233] ret_from_fork+0x116/0x1d0 [ 33.861555] ret_from_fork_asm+0x1a/0x30 [ 33.861934] [ 33.862134] The buggy address belongs to the object at ffff888102daa080 [ 33.862134] which belongs to the cache kmalloc-64 of size 64 [ 33.862860] The buggy address is located 0 bytes to the right of [ 33.862860] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.864025] [ 33.864302] The buggy address belongs to the physical page: [ 33.864892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.865597] flags: 0x200000000000000(node=0|zone=2) [ 33.865997] page_type: f5(slab) [ 33.866267] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.866825] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.867489] page dumped because: kasan: bad access detected [ 33.867977] [ 33.868174] Memory state around the buggy address: [ 33.868513] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.869339] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.869849] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.870459] ^ [ 33.870852] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.871555] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.872083] ================================================================== [ 33.702308] ================================================================== [ 33.702829] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 33.703308] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.703816] [ 33.704078] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.704190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.704229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.704275] Call Trace: [ 33.704317] <TASK> [ 33.704361] dump_stack_lvl+0x73/0xb0 [ 33.704434] print_report+0xd1/0x650 [ 33.704492] ? __virt_addr_valid+0x1db/0x2d0 [ 33.704568] ? kasan_atomics_helper+0x12e6/0x5450 [ 33.704663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.704737] ? kasan_atomics_helper+0x12e6/0x5450 [ 33.704795] kasan_report+0x141/0x180 [ 33.704855] ? kasan_atomics_helper+0x12e6/0x5450 [ 33.704923] kasan_check_range+0x10c/0x1c0 [ 33.704984] __kasan_check_write+0x18/0x20 [ 33.705048] kasan_atomics_helper+0x12e6/0x5450 [ 33.705107] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.705164] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.705224] ? kasan_atomics+0x152/0x310 [ 33.705297] kasan_atomics+0x1dc/0x310 [ 33.705366] ? __pfx_kasan_atomics+0x10/0x10 [ 33.705435] ? __pfx_read_tsc+0x10/0x10 [ 33.705477] ? ktime_get_ts64+0x86/0x230 [ 33.705514] kunit_try_run_case+0x1a5/0x480 [ 33.705573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.705607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.705684] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.705720] ? __kthread_parkme+0x82/0x180 [ 33.705751] ? preempt_count_sub+0x50/0x80 [ 33.705784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.705817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.705851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.705885] kthread+0x337/0x6f0 [ 33.705912] ? trace_preempt_on+0x20/0xc0 [ 33.705945] ? __pfx_kthread+0x10/0x10 [ 33.705974] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.706006] ? calculate_sigpending+0x7b/0xa0 [ 33.706040] ? __pfx_kthread+0x10/0x10 [ 33.706069] ret_from_fork+0x116/0x1d0 [ 33.706097] ? __pfx_kthread+0x10/0x10 [ 33.706125] ret_from_fork_asm+0x1a/0x30 [ 33.706166] </TASK> [ 33.706181] [ 33.719087] Allocated by task 295: [ 33.719469] kasan_save_stack+0x45/0x70 [ 33.719933] kasan_save_track+0x18/0x40 [ 33.720333] kasan_save_alloc_info+0x3b/0x50 [ 33.720677] __kasan_kmalloc+0xb7/0xc0 [ 33.721072] __kmalloc_cache_noprof+0x189/0x420 [ 33.721412] kasan_atomics+0x95/0x310 [ 33.721716] kunit_try_run_case+0x1a5/0x480 [ 33.721984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.722279] kthread+0x337/0x6f0 [ 33.722531] ret_from_fork+0x116/0x1d0 [ 33.722987] ret_from_fork_asm+0x1a/0x30 [ 33.723414] [ 33.723653] The buggy address belongs to the object at ffff888102daa080 [ 33.723653] which belongs to the cache kmalloc-64 of size 64 [ 33.724768] The buggy address is located 0 bytes to the right of [ 33.724768] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.725744] [ 33.725961] The buggy address belongs to the physical page: [ 33.726249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.726940] flags: 0x200000000000000(node=0|zone=2) [ 33.727200] page_type: f5(slab) [ 33.727482] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.728165] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.728674] page dumped because: kasan: bad access detected [ 33.729013] [ 33.729220] Memory state around the buggy address: [ 33.729682] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.730078] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.730428] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.730818] ^ [ 33.731217] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.731885] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.732475] ================================================================== [ 34.267178] ================================================================== [ 34.267838] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 34.268452] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.269390] [ 34.269926] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.270027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.270052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.270090] Call Trace: [ 34.270127] <TASK> [ 34.270163] dump_stack_lvl+0x73/0xb0 [ 34.270225] print_report+0xd1/0x650 [ 34.270277] ? __virt_addr_valid+0x1db/0x2d0 [ 34.270332] ? kasan_atomics_helper+0x1b22/0x5450 [ 34.270378] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.270433] ? kasan_atomics_helper+0x1b22/0x5450 [ 34.270482] kasan_report+0x141/0x180 [ 34.270529] ? kasan_atomics_helper+0x1b22/0x5450 [ 34.270609] kasan_check_range+0x10c/0x1c0 [ 34.270667] __kasan_check_write+0x18/0x20 [ 34.270732] kasan_atomics_helper+0x1b22/0x5450 [ 34.270792] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.270856] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.270925] ? kasan_atomics+0x152/0x310 [ 34.270993] kasan_atomics+0x1dc/0x310 [ 34.271056] ? __pfx_kasan_atomics+0x10/0x10 [ 34.271122] ? __pfx_read_tsc+0x10/0x10 [ 34.271187] ? ktime_get_ts64+0x86/0x230 [ 34.271255] kunit_try_run_case+0x1a5/0x480 [ 34.271326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.271390] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.271522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.271627] ? __kthread_parkme+0x82/0x180 [ 34.271688] ? preempt_count_sub+0x50/0x80 [ 34.271755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.271837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.271913] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.271984] kthread+0x337/0x6f0 [ 34.272045] ? trace_preempt_on+0x20/0xc0 [ 34.272114] ? __pfx_kthread+0x10/0x10 [ 34.272177] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.272244] ? calculate_sigpending+0x7b/0xa0 [ 34.272314] ? __pfx_kthread+0x10/0x10 [ 34.272378] ret_from_fork+0x116/0x1d0 [ 34.272464] ? __pfx_kthread+0x10/0x10 [ 34.272500] ret_from_fork_asm+0x1a/0x30 [ 34.272565] </TASK> [ 34.272583] [ 34.288054] Allocated by task 295: [ 34.288386] kasan_save_stack+0x45/0x70 [ 34.288923] kasan_save_track+0x18/0x40 [ 34.289219] kasan_save_alloc_info+0x3b/0x50 [ 34.289598] __kasan_kmalloc+0xb7/0xc0 [ 34.290032] __kmalloc_cache_noprof+0x189/0x420 [ 34.290507] kasan_atomics+0x95/0x310 [ 34.290890] kunit_try_run_case+0x1a5/0x480 [ 34.291200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.291740] kthread+0x337/0x6f0 [ 34.292046] ret_from_fork+0x116/0x1d0 [ 34.292449] ret_from_fork_asm+0x1a/0x30 [ 34.292814] [ 34.293053] The buggy address belongs to the object at ffff888102daa080 [ 34.293053] which belongs to the cache kmalloc-64 of size 64 [ 34.293989] The buggy address is located 0 bytes to the right of [ 34.293989] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.295489] [ 34.296057] The buggy address belongs to the physical page: [ 34.296330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.297347] flags: 0x200000000000000(node=0|zone=2) [ 34.297881] page_type: f5(slab) [ 34.298337] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.299159] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.299881] page dumped because: kasan: bad access detected [ 34.300141] [ 34.300597] Memory state around the buggy address: [ 34.301259] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.301901] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.302517] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.303124] ^ [ 34.303443] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.303862] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.304567] ================================================================== [ 34.232305] ================================================================== [ 34.232894] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 34.234184] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.235321] [ 34.235560] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.235631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.235659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.235686] Call Trace: [ 34.235710] <TASK> [ 34.235735] dump_stack_lvl+0x73/0xb0 [ 34.235783] print_report+0xd1/0x650 [ 34.235815] ? __virt_addr_valid+0x1db/0x2d0 [ 34.235862] ? kasan_atomics_helper+0x1a7f/0x5450 [ 34.235893] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.235929] ? kasan_atomics_helper+0x1a7f/0x5450 [ 34.235959] kasan_report+0x141/0x180 [ 34.235989] ? kasan_atomics_helper+0x1a7f/0x5450 [ 34.236025] kasan_check_range+0x10c/0x1c0 [ 34.236058] __kasan_check_write+0x18/0x20 [ 34.236089] kasan_atomics_helper+0x1a7f/0x5450 [ 34.236120] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.236151] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.236184] ? kasan_atomics+0x152/0x310 [ 34.236218] kasan_atomics+0x1dc/0x310 [ 34.236248] ? __pfx_kasan_atomics+0x10/0x10 [ 34.236280] ? __pfx_read_tsc+0x10/0x10 [ 34.236310] ? ktime_get_ts64+0x86/0x230 [ 34.236344] kunit_try_run_case+0x1a5/0x480 [ 34.236377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.236408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.236442] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.236474] ? __kthread_parkme+0x82/0x180 [ 34.236503] ? preempt_count_sub+0x50/0x80 [ 34.236553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.236587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.236623] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.236682] kthread+0x337/0x6f0 [ 34.236734] ? trace_preempt_on+0x20/0xc0 [ 34.236803] ? __pfx_kthread+0x10/0x10 [ 34.236861] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.236925] ? calculate_sigpending+0x7b/0xa0 [ 34.236993] ? __pfx_kthread+0x10/0x10 [ 34.237074] ret_from_fork+0x116/0x1d0 [ 34.237141] ? __pfx_kthread+0x10/0x10 [ 34.237213] ret_from_fork_asm+0x1a/0x30 [ 34.237301] </TASK> [ 34.237336] [ 34.251195] Allocated by task 295: [ 34.251597] kasan_save_stack+0x45/0x70 [ 34.252066] kasan_save_track+0x18/0x40 [ 34.252460] kasan_save_alloc_info+0x3b/0x50 [ 34.252850] __kasan_kmalloc+0xb7/0xc0 [ 34.253227] __kmalloc_cache_noprof+0x189/0x420 [ 34.253724] kasan_atomics+0x95/0x310 [ 34.253987] kunit_try_run_case+0x1a5/0x480 [ 34.254410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.254869] kthread+0x337/0x6f0 [ 34.255112] ret_from_fork+0x116/0x1d0 [ 34.255349] ret_from_fork_asm+0x1a/0x30 [ 34.255685] [ 34.255907] The buggy address belongs to the object at ffff888102daa080 [ 34.255907] which belongs to the cache kmalloc-64 of size 64 [ 34.256979] The buggy address is located 0 bytes to the right of [ 34.256979] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.257781] [ 34.257932] The buggy address belongs to the physical page: [ 34.258397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.259122] flags: 0x200000000000000(node=0|zone=2) [ 34.259577] page_type: f5(slab) [ 34.259957] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.260504] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.261004] page dumped because: kasan: bad access detected [ 34.261300] [ 34.261479] Memory state around the buggy address: [ 34.261982] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.262612] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.263073] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.263657] ^ [ 34.263987] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.264493] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.266247] ================================================================== [ 33.734770] ================================================================== [ 33.735415] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 33.736113] Read of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.737035] [ 33.737293] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.737408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.737442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.737496] Call Trace: [ 33.737558] <TASK> [ 33.737597] dump_stack_lvl+0x73/0xb0 [ 33.737714] print_report+0xd1/0x650 [ 33.737768] ? __virt_addr_valid+0x1db/0x2d0 [ 33.737829] ? kasan_atomics_helper+0x49ce/0x5450 [ 33.737883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.737937] ? kasan_atomics_helper+0x49ce/0x5450 [ 33.737994] kasan_report+0x141/0x180 [ 33.738053] ? kasan_atomics_helper+0x49ce/0x5450 [ 33.738117] __asan_report_load4_noabort+0x18/0x20 [ 33.738180] kasan_atomics_helper+0x49ce/0x5450 [ 33.738241] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.738302] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.738368] ? kasan_atomics+0x152/0x310 [ 33.738434] kasan_atomics+0x1dc/0x310 [ 33.738491] ? __pfx_kasan_atomics+0x10/0x10 [ 33.738563] ? __pfx_read_tsc+0x10/0x10 [ 33.738658] ? ktime_get_ts64+0x86/0x230 [ 33.738731] kunit_try_run_case+0x1a5/0x480 [ 33.738803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.738863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.738933] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.739004] ? __kthread_parkme+0x82/0x180 [ 33.739062] ? preempt_count_sub+0x50/0x80 [ 33.739128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.739194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.739265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.739329] kthread+0x337/0x6f0 [ 33.739385] ? trace_preempt_on+0x20/0xc0 [ 33.739453] ? __pfx_kthread+0x10/0x10 [ 33.739517] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.739603] ? calculate_sigpending+0x7b/0xa0 [ 33.739707] ? __pfx_kthread+0x10/0x10 [ 33.739773] ret_from_fork+0x116/0x1d0 [ 33.739844] ? __pfx_kthread+0x10/0x10 [ 33.739903] ret_from_fork_asm+0x1a/0x30 [ 33.739978] </TASK> [ 33.740002] [ 33.751464] Allocated by task 295: [ 33.751913] kasan_save_stack+0x45/0x70 [ 33.752329] kasan_save_track+0x18/0x40 [ 33.752762] kasan_save_alloc_info+0x3b/0x50 [ 33.753185] __kasan_kmalloc+0xb7/0xc0 [ 33.753582] __kmalloc_cache_noprof+0x189/0x420 [ 33.754080] kasan_atomics+0x95/0x310 [ 33.754431] kunit_try_run_case+0x1a5/0x480 [ 33.754858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.755228] kthread+0x337/0x6f0 [ 33.755463] ret_from_fork+0x116/0x1d0 [ 33.755918] ret_from_fork_asm+0x1a/0x30 [ 33.756325] [ 33.756530] The buggy address belongs to the object at ffff888102daa080 [ 33.756530] which belongs to the cache kmalloc-64 of size 64 [ 33.757476] The buggy address is located 0 bytes to the right of [ 33.757476] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.758317] [ 33.758468] The buggy address belongs to the physical page: [ 33.758806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.759196] flags: 0x200000000000000(node=0|zone=2) [ 33.759689] page_type: f5(slab) [ 33.760058] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.760755] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.761392] page dumped because: kasan: bad access detected [ 33.761930] [ 33.762138] Memory state around the buggy address: [ 33.762592] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.763241] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.763682] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.764041] ^ [ 33.764292] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.764932] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.765569] ================================================================== [ 33.168934] ================================================================== [ 33.170238] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 33.170894] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.171405] [ 33.171716] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.171847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.171882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.171933] Call Trace: [ 33.171980] <TASK> [ 33.172024] dump_stack_lvl+0x73/0xb0 [ 33.172133] print_report+0xd1/0x650 [ 33.172200] ? __virt_addr_valid+0x1db/0x2d0 [ 33.172270] ? kasan_atomics_helper+0xb6a/0x5450 [ 33.172329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.172396] ? kasan_atomics_helper+0xb6a/0x5450 [ 33.172455] kasan_report+0x141/0x180 [ 33.172521] ? kasan_atomics_helper+0xb6a/0x5450 [ 33.172748] kasan_check_range+0x10c/0x1c0 [ 33.172844] __kasan_check_write+0x18/0x20 [ 33.172934] kasan_atomics_helper+0xb6a/0x5450 [ 33.173012] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.173068] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.173120] ? kasan_atomics+0x152/0x310 [ 33.173175] kasan_atomics+0x1dc/0x310 [ 33.173228] ? __pfx_kasan_atomics+0x10/0x10 [ 33.173289] ? __pfx_read_tsc+0x10/0x10 [ 33.173342] ? ktime_get_ts64+0x86/0x230 [ 33.173400] kunit_try_run_case+0x1a5/0x480 [ 33.173458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.173512] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.173593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.173689] ? __kthread_parkme+0x82/0x180 [ 33.173741] ? preempt_count_sub+0x50/0x80 [ 33.173795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.173853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.173915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.173976] kthread+0x337/0x6f0 [ 33.174022] ? trace_preempt_on+0x20/0xc0 [ 33.174082] ? __pfx_kthread+0x10/0x10 [ 33.174136] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.174196] ? calculate_sigpending+0x7b/0xa0 [ 33.174292] ? __pfx_kthread+0x10/0x10 [ 33.174347] ret_from_fork+0x116/0x1d0 [ 33.174401] ? __pfx_kthread+0x10/0x10 [ 33.174454] ret_from_fork_asm+0x1a/0x30 [ 33.174522] </TASK> [ 33.174569] [ 33.187270] Allocated by task 295: [ 33.187518] kasan_save_stack+0x45/0x70 [ 33.188028] kasan_save_track+0x18/0x40 [ 33.188480] kasan_save_alloc_info+0x3b/0x50 [ 33.188977] __kasan_kmalloc+0xb7/0xc0 [ 33.189417] __kmalloc_cache_noprof+0x189/0x420 [ 33.189986] kasan_atomics+0x95/0x310 [ 33.190434] kunit_try_run_case+0x1a5/0x480 [ 33.190939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.191304] kthread+0x337/0x6f0 [ 33.191558] ret_from_fork+0x116/0x1d0 [ 33.191869] ret_from_fork_asm+0x1a/0x30 [ 33.192407] [ 33.192737] The buggy address belongs to the object at ffff888102daa080 [ 33.192737] which belongs to the cache kmalloc-64 of size 64 [ 33.193875] The buggy address is located 0 bytes to the right of [ 33.193875] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.194936] [ 33.195092] The buggy address belongs to the physical page: [ 33.195374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.196231] flags: 0x200000000000000(node=0|zone=2) [ 33.197060] page_type: f5(slab) [ 33.197495] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.198323] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.198745] page dumped because: kasan: bad access detected [ 33.199026] [ 33.199155] Memory state around the buggy address: [ 33.199615] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.200383] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.201262] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.201927] ^ [ 33.202385] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.203170] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.203875] ================================================================== [ 34.162109] ================================================================== [ 34.162713] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 34.163473] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.165620] [ 34.166157] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.166279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.166314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.166390] Call Trace: [ 34.166435] <TASK> [ 34.166480] dump_stack_lvl+0x73/0xb0 [ 34.166578] print_report+0xd1/0x650 [ 34.166674] ? __virt_addr_valid+0x1db/0x2d0 [ 34.166715] ? kasan_atomics_helper+0x194a/0x5450 [ 34.166747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.166785] ? kasan_atomics_helper+0x194a/0x5450 [ 34.166816] kasan_report+0x141/0x180 [ 34.166846] ? kasan_atomics_helper+0x194a/0x5450 [ 34.166882] kasan_check_range+0x10c/0x1c0 [ 34.166915] __kasan_check_write+0x18/0x20 [ 34.166946] kasan_atomics_helper+0x194a/0x5450 [ 34.166978] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.167008] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.167041] ? kasan_atomics+0x152/0x310 [ 34.167077] kasan_atomics+0x1dc/0x310 [ 34.167108] ? __pfx_kasan_atomics+0x10/0x10 [ 34.167139] ? __pfx_read_tsc+0x10/0x10 [ 34.167170] ? ktime_get_ts64+0x86/0x230 [ 34.167204] kunit_try_run_case+0x1a5/0x480 [ 34.167238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.167269] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.167304] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.167338] ? __kthread_parkme+0x82/0x180 [ 34.167367] ? preempt_count_sub+0x50/0x80 [ 34.167400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.167433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.167466] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.167498] kthread+0x337/0x6f0 [ 34.167527] ? trace_preempt_on+0x20/0xc0 [ 34.167581] ? __pfx_kthread+0x10/0x10 [ 34.167611] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.167657] ? calculate_sigpending+0x7b/0xa0 [ 34.167693] ? __pfx_kthread+0x10/0x10 [ 34.167723] ret_from_fork+0x116/0x1d0 [ 34.167751] ? __pfx_kthread+0x10/0x10 [ 34.167780] ret_from_fork_asm+0x1a/0x30 [ 34.167833] </TASK> [ 34.167851] [ 34.182054] Allocated by task 295: [ 34.182472] kasan_save_stack+0x45/0x70 [ 34.182988] kasan_save_track+0x18/0x40 [ 34.183403] kasan_save_alloc_info+0x3b/0x50 [ 34.183847] __kasan_kmalloc+0xb7/0xc0 [ 34.184104] __kmalloc_cache_noprof+0x189/0x420 [ 34.184532] kasan_atomics+0x95/0x310 [ 34.184989] kunit_try_run_case+0x1a5/0x480 [ 34.185449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.185970] kthread+0x337/0x6f0 [ 34.186211] ret_from_fork+0x116/0x1d0 [ 34.186473] ret_from_fork_asm+0x1a/0x30 [ 34.186963] [ 34.187184] The buggy address belongs to the object at ffff888102daa080 [ 34.187184] which belongs to the cache kmalloc-64 of size 64 [ 34.188235] The buggy address is located 0 bytes to the right of [ 34.188235] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.189194] [ 34.189430] The buggy address belongs to the physical page: [ 34.189917] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.190328] flags: 0x200000000000000(node=0|zone=2) [ 34.190887] page_type: f5(slab) [ 34.191258] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.191937] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.192565] page dumped because: kasan: bad access detected [ 34.192887] [ 34.193078] Memory state around the buggy address: [ 34.193522] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.194245] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.194808] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.195261] ^ [ 34.195680] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.196045] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.196717] ================================================================== [ 32.517729] ================================================================== [ 32.518766] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 32.519327] Read of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.520408] [ 32.520725] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.520848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.520883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.520936] Call Trace: [ 32.520971] <TASK> [ 32.521011] dump_stack_lvl+0x73/0xb0 [ 32.521090] print_report+0xd1/0x650 [ 32.521149] ? __virt_addr_valid+0x1db/0x2d0 [ 32.521209] ? kasan_atomics_helper+0x4bbc/0x5450 [ 32.521261] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.521326] ? kasan_atomics_helper+0x4bbc/0x5450 [ 32.521380] kasan_report+0x141/0x180 [ 32.521437] ? kasan_atomics_helper+0x4bbc/0x5450 [ 32.521477] __asan_report_load4_noabort+0x18/0x20 [ 32.521510] kasan_atomics_helper+0x4bbc/0x5450 [ 32.521561] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.521592] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.521667] ? kasan_atomics+0x152/0x310 [ 32.521706] kasan_atomics+0x1dc/0x310 [ 32.521737] ? __pfx_kasan_atomics+0x10/0x10 [ 32.521770] ? __pfx_read_tsc+0x10/0x10 [ 32.521802] ? ktime_get_ts64+0x86/0x230 [ 32.521837] kunit_try_run_case+0x1a5/0x480 [ 32.521873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.521903] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.521937] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.521970] ? __kthread_parkme+0x82/0x180 [ 32.522000] ? preempt_count_sub+0x50/0x80 [ 32.522032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.522064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.522095] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.522127] kthread+0x337/0x6f0 [ 32.522153] ? trace_preempt_on+0x20/0xc0 [ 32.522185] ? __pfx_kthread+0x10/0x10 [ 32.522212] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.522241] ? calculate_sigpending+0x7b/0xa0 [ 32.522272] ? __pfx_kthread+0x10/0x10 [ 32.522300] ret_from_fork+0x116/0x1d0 [ 32.522326] ? __pfx_kthread+0x10/0x10 [ 32.522352] ret_from_fork_asm+0x1a/0x30 [ 32.522392] </TASK> [ 32.522406] [ 32.536121] Allocated by task 295: [ 32.536494] kasan_save_stack+0x45/0x70 [ 32.536796] kasan_save_track+0x18/0x40 [ 32.537029] kasan_save_alloc_info+0x3b/0x50 [ 32.537330] __kasan_kmalloc+0xb7/0xc0 [ 32.537807] __kmalloc_cache_noprof+0x189/0x420 [ 32.538274] kasan_atomics+0x95/0x310 [ 32.538859] kunit_try_run_case+0x1a5/0x480 [ 32.539591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.540135] kthread+0x337/0x6f0 [ 32.540428] ret_from_fork+0x116/0x1d0 [ 32.540739] ret_from_fork_asm+0x1a/0x30 [ 32.541117] [ 32.541283] The buggy address belongs to the object at ffff888102daa080 [ 32.541283] which belongs to the cache kmalloc-64 of size 64 [ 32.542135] The buggy address is located 0 bytes to the right of [ 32.542135] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.542948] [ 32.543140] The buggy address belongs to the physical page: [ 32.543512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.544113] flags: 0x200000000000000(node=0|zone=2) [ 32.544557] page_type: f5(slab) [ 32.544856] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.545315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.545962] page dumped because: kasan: bad access detected [ 32.546323] [ 32.546452] Memory state around the buggy address: [ 32.546921] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.547460] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.547983] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.548632] ^ [ 32.549430] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.549815] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.550440] ================================================================== [ 33.767283] ================================================================== [ 33.767868] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 33.768293] Read of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.768762] [ 33.769004] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.769116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.769149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.769202] Call Trace: [ 33.769241] <TASK> [ 33.769281] dump_stack_lvl+0x73/0xb0 [ 33.769353] print_report+0xd1/0x650 [ 33.769413] ? __virt_addr_valid+0x1db/0x2d0 [ 33.769480] ? kasan_atomics_helper+0x13b5/0x5450 [ 33.769552] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.769661] ? kasan_atomics_helper+0x13b5/0x5450 [ 33.769731] kasan_report+0x141/0x180 [ 33.769796] ? kasan_atomics_helper+0x13b5/0x5450 [ 33.769871] kasan_check_range+0x10c/0x1c0 [ 33.769939] __kasan_check_read+0x15/0x20 [ 33.770005] kasan_atomics_helper+0x13b5/0x5450 [ 33.770067] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.770127] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.770189] ? kasan_atomics+0x152/0x310 [ 33.770255] kasan_atomics+0x1dc/0x310 [ 33.770306] ? __pfx_kasan_atomics+0x10/0x10 [ 33.770365] ? __pfx_read_tsc+0x10/0x10 [ 33.770423] ? ktime_get_ts64+0x86/0x230 [ 33.770488] kunit_try_run_case+0x1a5/0x480 [ 33.770571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.770673] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.770748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.770816] ? __kthread_parkme+0x82/0x180 [ 33.770878] ? preempt_count_sub+0x50/0x80 [ 33.770948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.771011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.771070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.771136] kthread+0x337/0x6f0 [ 33.771193] ? trace_preempt_on+0x20/0xc0 [ 33.771264] ? __pfx_kthread+0x10/0x10 [ 33.771327] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.771395] ? calculate_sigpending+0x7b/0xa0 [ 33.771465] ? __pfx_kthread+0x10/0x10 [ 33.771530] ret_from_fork+0x116/0x1d0 [ 33.771608] ? __pfx_kthread+0x10/0x10 [ 33.771709] ret_from_fork_asm+0x1a/0x30 [ 33.771798] </TASK> [ 33.771843] [ 33.784588] Allocated by task 295: [ 33.784965] kasan_save_stack+0x45/0x70 [ 33.785287] kasan_save_track+0x18/0x40 [ 33.785732] kasan_save_alloc_info+0x3b/0x50 [ 33.786081] __kasan_kmalloc+0xb7/0xc0 [ 33.786403] __kmalloc_cache_noprof+0x189/0x420 [ 33.786882] kasan_atomics+0x95/0x310 [ 33.787264] kunit_try_run_case+0x1a5/0x480 [ 33.787566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.788027] kthread+0x337/0x6f0 [ 33.788264] ret_from_fork+0x116/0x1d0 [ 33.788501] ret_from_fork_asm+0x1a/0x30 [ 33.788940] [ 33.789151] The buggy address belongs to the object at ffff888102daa080 [ 33.789151] which belongs to the cache kmalloc-64 of size 64 [ 33.790209] The buggy address is located 0 bytes to the right of [ 33.790209] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.791062] [ 33.791272] The buggy address belongs to the physical page: [ 33.791727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.792390] flags: 0x200000000000000(node=0|zone=2) [ 33.792889] page_type: f5(slab) [ 33.793154] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.793523] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.794229] page dumped because: kasan: bad access detected [ 33.794782] [ 33.794978] Memory state around the buggy address: [ 33.795331] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.795895] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.796369] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.796819] ^ [ 33.797088] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.797430] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.798011] ================================================================== [ 33.417535] ================================================================== [ 33.418271] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 33.418731] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.419379] [ 33.419693] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.419814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.419860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.419913] Call Trace: [ 33.419982] <TASK> [ 33.420026] dump_stack_lvl+0x73/0xb0 [ 33.420107] print_report+0xd1/0x650 [ 33.420170] ? __virt_addr_valid+0x1db/0x2d0 [ 33.420237] ? kasan_atomics_helper+0xfa9/0x5450 [ 33.420326] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.420399] ? kasan_atomics_helper+0xfa9/0x5450 [ 33.420461] kasan_report+0x141/0x180 [ 33.420528] ? kasan_atomics_helper+0xfa9/0x5450 [ 33.420670] kasan_check_range+0x10c/0x1c0 [ 33.420747] __kasan_check_write+0x18/0x20 [ 33.420815] kasan_atomics_helper+0xfa9/0x5450 [ 33.420881] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.420941] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.421011] ? kasan_atomics+0x152/0x310 [ 33.421082] kasan_atomics+0x1dc/0x310 [ 33.421146] ? __pfx_kasan_atomics+0x10/0x10 [ 33.421215] ? __pfx_read_tsc+0x10/0x10 [ 33.421277] ? ktime_get_ts64+0x86/0x230 [ 33.421347] kunit_try_run_case+0x1a5/0x480 [ 33.421406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.421442] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.421481] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.421515] ? __kthread_parkme+0x82/0x180 [ 33.421610] ? preempt_count_sub+0x50/0x80 [ 33.421708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.421769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.421824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.421890] kthread+0x337/0x6f0 [ 33.421970] ? trace_preempt_on+0x20/0xc0 [ 33.422056] ? __pfx_kthread+0x10/0x10 [ 33.422121] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.422206] ? calculate_sigpending+0x7b/0xa0 [ 33.422283] ? __pfx_kthread+0x10/0x10 [ 33.422345] ret_from_fork+0x116/0x1d0 [ 33.422419] ? __pfx_kthread+0x10/0x10 [ 33.422496] ret_from_fork_asm+0x1a/0x30 [ 33.422593] </TASK> [ 33.422654] [ 33.436331] Allocated by task 295: [ 33.436687] kasan_save_stack+0x45/0x70 [ 33.437144] kasan_save_track+0x18/0x40 [ 33.437565] kasan_save_alloc_info+0x3b/0x50 [ 33.438020] __kasan_kmalloc+0xb7/0xc0 [ 33.438414] __kmalloc_cache_noprof+0x189/0x420 [ 33.438946] kasan_atomics+0x95/0x310 [ 33.439289] kunit_try_run_case+0x1a5/0x480 [ 33.439584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.439931] kthread+0x337/0x6f0 [ 33.440156] ret_from_fork+0x116/0x1d0 [ 33.440389] ret_from_fork_asm+0x1a/0x30 [ 33.440691] [ 33.440829] The buggy address belongs to the object at ffff888102daa080 [ 33.440829] which belongs to the cache kmalloc-64 of size 64 [ 33.441922] The buggy address is located 0 bytes to the right of [ 33.441922] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.443084] [ 33.443297] The buggy address belongs to the physical page: [ 33.443914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.444703] flags: 0x200000000000000(node=0|zone=2) [ 33.445104] page_type: f5(slab) [ 33.445326] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.445742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.446096] page dumped because: kasan: bad access detected [ 33.446369] [ 33.446507] Memory state around the buggy address: [ 33.447012] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.447755] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.448427] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.449103] ^ [ 33.449581] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.450250] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.450923] ================================================================== [ 33.205833] ================================================================== [ 33.206566] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 33.207151] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.207790] [ 33.208066] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.208190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.208224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.208270] Call Trace: [ 33.208312] <TASK> [ 33.208355] dump_stack_lvl+0x73/0xb0 [ 33.208490] print_report+0xd1/0x650 [ 33.208572] ? __virt_addr_valid+0x1db/0x2d0 [ 33.208715] ? kasan_atomics_helper+0xc70/0x5450 [ 33.208793] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.208866] ? kasan_atomics_helper+0xc70/0x5450 [ 33.208914] kasan_report+0x141/0x180 [ 33.208948] ? kasan_atomics_helper+0xc70/0x5450 [ 33.208985] kasan_check_range+0x10c/0x1c0 [ 33.209018] __kasan_check_write+0x18/0x20 [ 33.209051] kasan_atomics_helper+0xc70/0x5450 [ 33.209084] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.209115] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.209149] ? kasan_atomics+0x152/0x310 [ 33.209185] kasan_atomics+0x1dc/0x310 [ 33.209216] ? __pfx_kasan_atomics+0x10/0x10 [ 33.209249] ? __pfx_read_tsc+0x10/0x10 [ 33.209279] ? ktime_get_ts64+0x86/0x230 [ 33.209312] kunit_try_run_case+0x1a5/0x480 [ 33.209346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.209377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.209411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.209445] ? __kthread_parkme+0x82/0x180 [ 33.209474] ? preempt_count_sub+0x50/0x80 [ 33.209506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.209558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.209594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.209658] kthread+0x337/0x6f0 [ 33.209693] ? trace_preempt_on+0x20/0xc0 [ 33.209727] ? __pfx_kthread+0x10/0x10 [ 33.209756] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.209789] ? calculate_sigpending+0x7b/0xa0 [ 33.209823] ? __pfx_kthread+0x10/0x10 [ 33.209853] ret_from_fork+0x116/0x1d0 [ 33.209880] ? __pfx_kthread+0x10/0x10 [ 33.209909] ret_from_fork_asm+0x1a/0x30 [ 33.209952] </TASK> [ 33.209968] [ 33.223800] Allocated by task 295: [ 33.224066] kasan_save_stack+0x45/0x70 [ 33.224620] kasan_save_track+0x18/0x40 [ 33.225078] kasan_save_alloc_info+0x3b/0x50 [ 33.225602] __kasan_kmalloc+0xb7/0xc0 [ 33.225940] __kmalloc_cache_noprof+0x189/0x420 [ 33.226307] kasan_atomics+0x95/0x310 [ 33.226761] kunit_try_run_case+0x1a5/0x480 [ 33.227192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.227651] kthread+0x337/0x6f0 [ 33.228036] ret_from_fork+0x116/0x1d0 [ 33.228313] ret_from_fork_asm+0x1a/0x30 [ 33.228656] [ 33.228870] The buggy address belongs to the object at ffff888102daa080 [ 33.228870] which belongs to the cache kmalloc-64 of size 64 [ 33.229929] The buggy address is located 0 bytes to the right of [ 33.229929] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.230935] [ 33.231182] The buggy address belongs to the physical page: [ 33.231672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.232346] flags: 0x200000000000000(node=0|zone=2) [ 33.232814] page_type: f5(slab) [ 33.233036] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.233401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.233769] page dumped because: kasan: bad access detected [ 33.234117] [ 33.234358] Memory state around the buggy address: [ 33.235375] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.236901] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.237577] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.238673] ^ [ 33.239173] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.239515] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.240194] ================================================================== [ 33.277809] ================================================================== [ 33.279268] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 33.279810] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.280577] [ 33.281011] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.281349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.281395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.281425] Call Trace: [ 33.281451] <TASK> [ 33.281475] dump_stack_lvl+0x73/0xb0 [ 33.281521] print_report+0xd1/0x650 [ 33.281587] ? __virt_addr_valid+0x1db/0x2d0 [ 33.281649] ? kasan_atomics_helper+0xd47/0x5450 [ 33.281702] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.281788] ? kasan_atomics_helper+0xd47/0x5450 [ 33.281884] kasan_report+0x141/0x180 [ 33.281949] ? kasan_atomics_helper+0xd47/0x5450 [ 33.282007] kasan_check_range+0x10c/0x1c0 [ 33.282044] __kasan_check_write+0x18/0x20 [ 33.282078] kasan_atomics_helper+0xd47/0x5450 [ 33.282109] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.282140] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.282175] ? kasan_atomics+0x152/0x310 [ 33.282211] kasan_atomics+0x1dc/0x310 [ 33.282242] ? __pfx_kasan_atomics+0x10/0x10 [ 33.282274] ? __pfx_read_tsc+0x10/0x10 [ 33.282306] ? ktime_get_ts64+0x86/0x230 [ 33.282340] kunit_try_run_case+0x1a5/0x480 [ 33.282373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.282404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.282439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.282473] ? __kthread_parkme+0x82/0x180 [ 33.282501] ? preempt_count_sub+0x50/0x80 [ 33.282533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.282588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.282622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.282672] kthread+0x337/0x6f0 [ 33.282701] ? trace_preempt_on+0x20/0xc0 [ 33.282734] ? __pfx_kthread+0x10/0x10 [ 33.282764] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.282795] ? calculate_sigpending+0x7b/0xa0 [ 33.282828] ? __pfx_kthread+0x10/0x10 [ 33.282857] ret_from_fork+0x116/0x1d0 [ 33.282884] ? __pfx_kthread+0x10/0x10 [ 33.282913] ret_from_fork_asm+0x1a/0x30 [ 33.282955] </TASK> [ 33.282972] [ 33.295985] Allocated by task 295: [ 33.296242] kasan_save_stack+0x45/0x70 [ 33.296659] kasan_save_track+0x18/0x40 [ 33.297076] kasan_save_alloc_info+0x3b/0x50 [ 33.297519] __kasan_kmalloc+0xb7/0xc0 [ 33.298034] __kmalloc_cache_noprof+0x189/0x420 [ 33.298522] kasan_atomics+0x95/0x310 [ 33.298979] kunit_try_run_case+0x1a5/0x480 [ 33.299520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.300135] kthread+0x337/0x6f0 [ 33.300492] ret_from_fork+0x116/0x1d0 [ 33.301022] ret_from_fork_asm+0x1a/0x30 [ 33.301392] [ 33.301704] The buggy address belongs to the object at ffff888102daa080 [ 33.301704] which belongs to the cache kmalloc-64 of size 64 [ 33.302689] The buggy address is located 0 bytes to the right of [ 33.302689] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.303614] [ 33.303890] The buggy address belongs to the physical page: [ 33.304434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.305141] flags: 0x200000000000000(node=0|zone=2) [ 33.305702] page_type: f5(slab) [ 33.306028] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.306558] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.307334] page dumped because: kasan: bad access detected [ 33.307698] [ 33.307851] Memory state around the buggy address: [ 33.308111] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.308456] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.309209] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.310007] ^ [ 33.310465] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.311176] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.311909] ================================================================== [ 34.446927] ================================================================== [ 34.447314] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 34.447944] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.449152] [ 34.449399] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.449555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.449596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.449685] Call Trace: [ 34.449731] <TASK> [ 34.449772] dump_stack_lvl+0x73/0xb0 [ 34.449847] print_report+0xd1/0x650 [ 34.449883] ? __virt_addr_valid+0x1db/0x2d0 [ 34.449917] ? kasan_atomics_helper+0x1e12/0x5450 [ 34.449949] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.449985] ? kasan_atomics_helper+0x1e12/0x5450 [ 34.450015] kasan_report+0x141/0x180 [ 34.450045] ? kasan_atomics_helper+0x1e12/0x5450 [ 34.450079] kasan_check_range+0x10c/0x1c0 [ 34.450111] __kasan_check_write+0x18/0x20 [ 34.450143] kasan_atomics_helper+0x1e12/0x5450 [ 34.450174] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.450203] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.450237] ? kasan_atomics+0x152/0x310 [ 34.450272] kasan_atomics+0x1dc/0x310 [ 34.450303] ? __pfx_kasan_atomics+0x10/0x10 [ 34.450334] ? __pfx_read_tsc+0x10/0x10 [ 34.450364] ? ktime_get_ts64+0x86/0x230 [ 34.450397] kunit_try_run_case+0x1a5/0x480 [ 34.450430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.450462] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.450496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.450529] ? __kthread_parkme+0x82/0x180 [ 34.450580] ? preempt_count_sub+0x50/0x80 [ 34.450612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.450675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.450711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.450744] kthread+0x337/0x6f0 [ 34.450772] ? trace_preempt_on+0x20/0xc0 [ 34.450805] ? __pfx_kthread+0x10/0x10 [ 34.450834] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.450865] ? calculate_sigpending+0x7b/0xa0 [ 34.450898] ? __pfx_kthread+0x10/0x10 [ 34.450927] ret_from_fork+0x116/0x1d0 [ 34.450954] ? __pfx_kthread+0x10/0x10 [ 34.450983] ret_from_fork_asm+0x1a/0x30 [ 34.451024] </TASK> [ 34.451040] [ 34.465218] Allocated by task 295: [ 34.465577] kasan_save_stack+0x45/0x70 [ 34.466065] kasan_save_track+0x18/0x40 [ 34.466418] kasan_save_alloc_info+0x3b/0x50 [ 34.466822] __kasan_kmalloc+0xb7/0xc0 [ 34.467242] __kmalloc_cache_noprof+0x189/0x420 [ 34.467742] kasan_atomics+0x95/0x310 [ 34.468057] kunit_try_run_case+0x1a5/0x480 [ 34.468438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.468942] kthread+0x337/0x6f0 [ 34.469184] ret_from_fork+0x116/0x1d0 [ 34.469610] ret_from_fork_asm+0x1a/0x30 [ 34.470071] [ 34.470286] The buggy address belongs to the object at ffff888102daa080 [ 34.470286] which belongs to the cache kmalloc-64 of size 64 [ 34.471166] The buggy address is located 0 bytes to the right of [ 34.471166] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.472176] [ 34.472353] The buggy address belongs to the physical page: [ 34.472682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.473394] flags: 0x200000000000000(node=0|zone=2) [ 34.473926] page_type: f5(slab) [ 34.474166] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.474862] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.475434] page dumped because: kasan: bad access detected [ 34.475975] [ 34.476150] Memory state around the buggy address: [ 34.476508] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.477121] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.477723] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.478238] ^ [ 34.478617] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.479227] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.479849] ================================================================== [ 34.481002] ================================================================== [ 34.481710] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 34.482397] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.482992] [ 34.483177] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.483299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.483338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.483392] Call Trace: [ 34.483484] <TASK> [ 34.483571] dump_stack_lvl+0x73/0xb0 [ 34.483676] print_report+0xd1/0x650 [ 34.483744] ? __virt_addr_valid+0x1db/0x2d0 [ 34.483814] ? kasan_atomics_helper+0x1eaa/0x5450 [ 34.483889] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.483964] ? kasan_atomics_helper+0x1eaa/0x5450 [ 34.484030] kasan_report+0x141/0x180 [ 34.484096] ? kasan_atomics_helper+0x1eaa/0x5450 [ 34.484173] kasan_check_range+0x10c/0x1c0 [ 34.484242] __kasan_check_write+0x18/0x20 [ 34.484360] kasan_atomics_helper+0x1eaa/0x5450 [ 34.484419] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.484479] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.484564] ? kasan_atomics+0x152/0x310 [ 34.484637] kasan_atomics+0x1dc/0x310 [ 34.484698] ? __pfx_kasan_atomics+0x10/0x10 [ 34.484754] ? __pfx_read_tsc+0x10/0x10 [ 34.484827] ? ktime_get_ts64+0x86/0x230 [ 34.484916] kunit_try_run_case+0x1a5/0x480 [ 34.484991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.485053] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.485098] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.485135] ? __kthread_parkme+0x82/0x180 [ 34.485165] ? preempt_count_sub+0x50/0x80 [ 34.485199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.485232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.485266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.485299] kthread+0x337/0x6f0 [ 34.485326] ? trace_preempt_on+0x20/0xc0 [ 34.485360] ? __pfx_kthread+0x10/0x10 [ 34.485388] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.485419] ? calculate_sigpending+0x7b/0xa0 [ 34.485452] ? __pfx_kthread+0x10/0x10 [ 34.485481] ret_from_fork+0x116/0x1d0 [ 34.485509] ? __pfx_kthread+0x10/0x10 [ 34.485555] ret_from_fork_asm+0x1a/0x30 [ 34.485605] </TASK> [ 34.485621] [ 34.498484] Allocated by task 295: [ 34.498954] kasan_save_stack+0x45/0x70 [ 34.499443] kasan_save_track+0x18/0x40 [ 34.499919] kasan_save_alloc_info+0x3b/0x50 [ 34.500295] __kasan_kmalloc+0xb7/0xc0 [ 34.500748] __kmalloc_cache_noprof+0x189/0x420 [ 34.501130] kasan_atomics+0x95/0x310 [ 34.501533] kunit_try_run_case+0x1a5/0x480 [ 34.501942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.502410] kthread+0x337/0x6f0 [ 34.502786] ret_from_fork+0x116/0x1d0 [ 34.503103] ret_from_fork_asm+0x1a/0x30 [ 34.503516] [ 34.503783] The buggy address belongs to the object at ffff888102daa080 [ 34.503783] which belongs to the cache kmalloc-64 of size 64 [ 34.504586] The buggy address is located 0 bytes to the right of [ 34.504586] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.505501] [ 34.505815] The buggy address belongs to the physical page: [ 34.506120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.506858] flags: 0x200000000000000(node=0|zone=2) [ 34.507304] page_type: f5(slab) [ 34.507531] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.507965] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.508320] page dumped because: kasan: bad access detected [ 34.508852] [ 34.509080] Memory state around the buggy address: [ 34.509530] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.510193] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.510872] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.511510] ^ [ 34.512040] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.512597] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.513119] ================================================================== [ 34.621581] ================================================================== [ 34.622073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 34.622447] Read of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.623230] [ 34.623487] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.623678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.623716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.623770] Call Trace: [ 34.623826] <TASK> [ 34.623875] dump_stack_lvl+0x73/0xb0 [ 34.623961] print_report+0xd1/0x650 [ 34.624025] ? __virt_addr_valid+0x1db/0x2d0 [ 34.624093] ? kasan_atomics_helper+0x4f98/0x5450 [ 34.624156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.624222] ? kasan_atomics_helper+0x4f98/0x5450 [ 34.624278] kasan_report+0x141/0x180 [ 34.624338] ? kasan_atomics_helper+0x4f98/0x5450 [ 34.624435] __asan_report_load8_noabort+0x18/0x20 [ 34.624514] kasan_atomics_helper+0x4f98/0x5450 [ 34.624579] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.624654] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.624712] ? kasan_atomics+0x152/0x310 [ 34.624765] kasan_atomics+0x1dc/0x310 [ 34.624817] ? __pfx_kasan_atomics+0x10/0x10 [ 34.624867] ? __pfx_read_tsc+0x10/0x10 [ 34.624918] ? ktime_get_ts64+0x86/0x230 [ 34.624976] kunit_try_run_case+0x1a5/0x480 [ 34.625047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.625150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.625264] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.625353] ? __kthread_parkme+0x82/0x180 [ 34.625409] ? preempt_count_sub+0x50/0x80 [ 34.625478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.625558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.625697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.625797] kthread+0x337/0x6f0 [ 34.625859] ? trace_preempt_on+0x20/0xc0 [ 34.625930] ? __pfx_kthread+0x10/0x10 [ 34.625984] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.626048] ? calculate_sigpending+0x7b/0xa0 [ 34.626150] ? __pfx_kthread+0x10/0x10 [ 34.626232] ret_from_fork+0x116/0x1d0 [ 34.626292] ? __pfx_kthread+0x10/0x10 [ 34.626331] ret_from_fork_asm+0x1a/0x30 [ 34.626375] </TASK> [ 34.626392] [ 34.640347] Allocated by task 295: [ 34.640763] kasan_save_stack+0x45/0x70 [ 34.641247] kasan_save_track+0x18/0x40 [ 34.641581] kasan_save_alloc_info+0x3b/0x50 [ 34.642013] __kasan_kmalloc+0xb7/0xc0 [ 34.642268] __kmalloc_cache_noprof+0x189/0x420 [ 34.642806] kasan_atomics+0x95/0x310 [ 34.643222] kunit_try_run_case+0x1a5/0x480 [ 34.643711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.644122] kthread+0x337/0x6f0 [ 34.644511] ret_from_fork+0x116/0x1d0 [ 34.644945] ret_from_fork_asm+0x1a/0x30 [ 34.645221] [ 34.645372] The buggy address belongs to the object at ffff888102daa080 [ 34.645372] which belongs to the cache kmalloc-64 of size 64 [ 34.646285] The buggy address is located 0 bytes to the right of [ 34.646285] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.647408] [ 34.647580] The buggy address belongs to the physical page: [ 34.648151] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.648888] flags: 0x200000000000000(node=0|zone=2) [ 34.649277] page_type: f5(slab) [ 34.649681] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.650282] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.650916] page dumped because: kasan: bad access detected [ 34.651355] [ 34.651578] Memory state around the buggy address: [ 34.652009] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.652439] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.652974] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.653655] ^ [ 34.654008] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.654562] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.655146] ================================================================== [ 33.348664] ================================================================== [ 33.349901] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 33.350428] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.351334] [ 33.351576] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.351687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.351720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.351775] Call Trace: [ 33.351833] <TASK> [ 33.351878] dump_stack_lvl+0x73/0xb0 [ 33.351983] print_report+0xd1/0x650 [ 33.352048] ? __virt_addr_valid+0x1db/0x2d0 [ 33.352116] ? kasan_atomics_helper+0xe78/0x5450 [ 33.352181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.352252] ? kasan_atomics_helper+0xe78/0x5450 [ 33.352317] kasan_report+0x141/0x180 [ 33.352379] ? kasan_atomics_helper+0xe78/0x5450 [ 33.352436] kasan_check_range+0x10c/0x1c0 [ 33.352473] __kasan_check_write+0x18/0x20 [ 33.352506] kasan_atomics_helper+0xe78/0x5450 [ 33.352559] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.352592] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.352635] ? kasan_atomics+0x152/0x310 [ 33.352694] kasan_atomics+0x1dc/0x310 [ 33.352726] ? __pfx_kasan_atomics+0x10/0x10 [ 33.352760] ? __pfx_read_tsc+0x10/0x10 [ 33.352793] ? ktime_get_ts64+0x86/0x230 [ 33.352828] kunit_try_run_case+0x1a5/0x480 [ 33.352861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.352893] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.352929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.352963] ? __kthread_parkme+0x82/0x180 [ 33.352991] ? preempt_count_sub+0x50/0x80 [ 33.353023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.353057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.353090] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.353123] kthread+0x337/0x6f0 [ 33.353150] ? trace_preempt_on+0x20/0xc0 [ 33.353183] ? __pfx_kthread+0x10/0x10 [ 33.353211] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.353243] ? calculate_sigpending+0x7b/0xa0 [ 33.353276] ? __pfx_kthread+0x10/0x10 [ 33.353306] ret_from_fork+0x116/0x1d0 [ 33.353333] ? __pfx_kthread+0x10/0x10 [ 33.353361] ret_from_fork_asm+0x1a/0x30 [ 33.353402] </TASK> [ 33.353418] [ 33.366791] Allocated by task 295: [ 33.367187] kasan_save_stack+0x45/0x70 [ 33.367687] kasan_save_track+0x18/0x40 [ 33.368105] kasan_save_alloc_info+0x3b/0x50 [ 33.368587] __kasan_kmalloc+0xb7/0xc0 [ 33.368871] __kmalloc_cache_noprof+0x189/0x420 [ 33.369146] kasan_atomics+0x95/0x310 [ 33.369381] kunit_try_run_case+0x1a5/0x480 [ 33.369818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.370340] kthread+0x337/0x6f0 [ 33.370769] ret_from_fork+0x116/0x1d0 [ 33.371146] ret_from_fork_asm+0x1a/0x30 [ 33.371512] [ 33.371735] The buggy address belongs to the object at ffff888102daa080 [ 33.371735] which belongs to the cache kmalloc-64 of size 64 [ 33.372663] The buggy address is located 0 bytes to the right of [ 33.372663] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.373570] [ 33.373789] The buggy address belongs to the physical page: [ 33.374291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.374887] flags: 0x200000000000000(node=0|zone=2) [ 33.375366] page_type: f5(slab) [ 33.375787] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.376271] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.376618] page dumped because: kasan: bad access detected [ 33.376903] [ 33.377020] Memory state around the buggy address: [ 33.377250] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.377576] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.378036] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.378438] ^ [ 33.378836] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.379474] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.380110] ================================================================== [ 33.873756] ================================================================== [ 33.874380] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 33.875107] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.875742] [ 33.876069] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.876210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.876260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.876314] Call Trace: [ 33.876378] <TASK> [ 33.876425] dump_stack_lvl+0x73/0xb0 [ 33.876508] print_report+0xd1/0x650 [ 33.876587] ? __virt_addr_valid+0x1db/0x2d0 [ 33.876726] ? kasan_atomics_helper+0x50d4/0x5450 [ 33.876815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.876885] ? kasan_atomics_helper+0x50d4/0x5450 [ 33.876928] kasan_report+0x141/0x180 [ 33.876962] ? kasan_atomics_helper+0x50d4/0x5450 [ 33.876999] __asan_report_store8_noabort+0x1b/0x30 [ 33.877034] kasan_atomics_helper+0x50d4/0x5450 [ 33.877066] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.877098] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.877132] ? kasan_atomics+0x152/0x310 [ 33.877168] kasan_atomics+0x1dc/0x310 [ 33.877199] ? __pfx_kasan_atomics+0x10/0x10 [ 33.877232] ? __pfx_read_tsc+0x10/0x10 [ 33.877263] ? ktime_get_ts64+0x86/0x230 [ 33.877296] kunit_try_run_case+0x1a5/0x480 [ 33.877329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.877361] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.877395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.877429] ? __kthread_parkme+0x82/0x180 [ 33.877457] ? preempt_count_sub+0x50/0x80 [ 33.877489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.877522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.877576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.877610] kthread+0x337/0x6f0 [ 33.877660] ? trace_preempt_on+0x20/0xc0 [ 33.877696] ? __pfx_kthread+0x10/0x10 [ 33.877726] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.877759] ? calculate_sigpending+0x7b/0xa0 [ 33.877792] ? __pfx_kthread+0x10/0x10 [ 33.877822] ret_from_fork+0x116/0x1d0 [ 33.877848] ? __pfx_kthread+0x10/0x10 [ 33.877877] ret_from_fork_asm+0x1a/0x30 [ 33.877918] </TASK> [ 33.877934] [ 33.891903] Allocated by task 295: [ 33.892361] kasan_save_stack+0x45/0x70 [ 33.892758] kasan_save_track+0x18/0x40 [ 33.893249] kasan_save_alloc_info+0x3b/0x50 [ 33.893730] __kasan_kmalloc+0xb7/0xc0 [ 33.894149] __kmalloc_cache_noprof+0x189/0x420 [ 33.894610] kasan_atomics+0x95/0x310 [ 33.895096] kunit_try_run_case+0x1a5/0x480 [ 33.895515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.896094] kthread+0x337/0x6f0 [ 33.896334] ret_from_fork+0x116/0x1d0 [ 33.896751] ret_from_fork_asm+0x1a/0x30 [ 33.897209] [ 33.897411] The buggy address belongs to the object at ffff888102daa080 [ 33.897411] which belongs to the cache kmalloc-64 of size 64 [ 33.898192] The buggy address is located 0 bytes to the right of [ 33.898192] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.899473] [ 33.899741] The buggy address belongs to the physical page: [ 33.900308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.900929] flags: 0x200000000000000(node=0|zone=2) [ 33.901395] page_type: f5(slab) [ 33.901691] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.902408] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.902879] page dumped because: kasan: bad access detected [ 33.903389] [ 33.903712] Memory state around the buggy address: [ 33.904115] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.904802] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.905515] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.906148] ^ [ 33.906574] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.907231] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.907805] ================================================================== [ 34.055513] ================================================================== [ 34.056929] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 34.057651] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.058240] [ 34.058522] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.058726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.058779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.058830] Call Trace: [ 34.058873] <TASK> [ 34.058917] dump_stack_lvl+0x73/0xb0 [ 34.058998] print_report+0xd1/0x650 [ 34.059061] ? __virt_addr_valid+0x1db/0x2d0 [ 34.059128] ? kasan_atomics_helper+0x177f/0x5450 [ 34.059193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.059266] ? kasan_atomics_helper+0x177f/0x5450 [ 34.059319] kasan_report+0x141/0x180 [ 34.059359] ? kasan_atomics_helper+0x177f/0x5450 [ 34.059396] kasan_check_range+0x10c/0x1c0 [ 34.059429] __kasan_check_write+0x18/0x20 [ 34.059461] kasan_atomics_helper+0x177f/0x5450 [ 34.059492] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.059523] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.059583] ? kasan_atomics+0x152/0x310 [ 34.059620] kasan_atomics+0x1dc/0x310 [ 34.059677] ? __pfx_kasan_atomics+0x10/0x10 [ 34.059711] ? __pfx_read_tsc+0x10/0x10 [ 34.059745] ? ktime_get_ts64+0x86/0x230 [ 34.059779] kunit_try_run_case+0x1a5/0x480 [ 34.059814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.059856] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.059892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.059926] ? __kthread_parkme+0x82/0x180 [ 34.059956] ? preempt_count_sub+0x50/0x80 [ 34.059988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.060022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.060055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.060087] kthread+0x337/0x6f0 [ 34.060115] ? trace_preempt_on+0x20/0xc0 [ 34.060148] ? __pfx_kthread+0x10/0x10 [ 34.060177] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.060208] ? calculate_sigpending+0x7b/0xa0 [ 34.060240] ? __pfx_kthread+0x10/0x10 [ 34.060269] ret_from_fork+0x116/0x1d0 [ 34.060297] ? __pfx_kthread+0x10/0x10 [ 34.060326] ret_from_fork_asm+0x1a/0x30 [ 34.060367] </TASK> [ 34.060383] [ 34.077457] Allocated by task 295: [ 34.077763] kasan_save_stack+0x45/0x70 [ 34.078034] kasan_save_track+0x18/0x40 [ 34.078291] kasan_save_alloc_info+0x3b/0x50 [ 34.078754] __kasan_kmalloc+0xb7/0xc0 [ 34.079117] __kmalloc_cache_noprof+0x189/0x420 [ 34.079480] kasan_atomics+0x95/0x310 [ 34.079957] kunit_try_run_case+0x1a5/0x480 [ 34.080350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.080843] kthread+0x337/0x6f0 [ 34.081214] ret_from_fork+0x116/0x1d0 [ 34.081480] ret_from_fork_asm+0x1a/0x30 [ 34.081868] [ 34.082071] The buggy address belongs to the object at ffff888102daa080 [ 34.082071] which belongs to the cache kmalloc-64 of size 64 [ 34.082870] The buggy address is located 0 bytes to the right of [ 34.082870] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.083518] [ 34.083778] The buggy address belongs to the physical page: [ 34.084323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.084899] flags: 0x200000000000000(node=0|zone=2) [ 34.085321] page_type: f5(slab) [ 34.085553] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.086179] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.086676] page dumped because: kasan: bad access detected [ 34.087066] [ 34.087266] Memory state around the buggy address: [ 34.087761] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.088320] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.088866] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.089315] ^ [ 34.089746] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.090364] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.090817] ================================================================== [ 34.656853] ================================================================== [ 34.657314] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 34.658053] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.658661] [ 34.658947] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.659060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.659095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.659150] Call Trace: [ 34.659208] <TASK> [ 34.659271] dump_stack_lvl+0x73/0xb0 [ 34.659348] print_report+0xd1/0x650 [ 34.659410] ? __virt_addr_valid+0x1db/0x2d0 [ 34.659475] ? kasan_atomics_helper+0x20c8/0x5450 [ 34.659555] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.659666] ? kasan_atomics_helper+0x20c8/0x5450 [ 34.659747] kasan_report+0x141/0x180 [ 34.659841] ? kasan_atomics_helper+0x20c8/0x5450 [ 34.659918] kasan_check_range+0x10c/0x1c0 [ 34.659987] __kasan_check_write+0x18/0x20 [ 34.660055] kasan_atomics_helper+0x20c8/0x5450 [ 34.660117] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.660174] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.660242] ? kasan_atomics+0x152/0x310 [ 34.660325] kasan_atomics+0x1dc/0x310 [ 34.660410] ? __pfx_kasan_atomics+0x10/0x10 [ 34.660486] ? __pfx_read_tsc+0x10/0x10 [ 34.660586] ? ktime_get_ts64+0x86/0x230 [ 34.660692] kunit_try_run_case+0x1a5/0x480 [ 34.660758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.660805] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.660848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.660883] ? __kthread_parkme+0x82/0x180 [ 34.660913] ? preempt_count_sub+0x50/0x80 [ 34.660947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.660980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.661015] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.661049] kthread+0x337/0x6f0 [ 34.661076] ? trace_preempt_on+0x20/0xc0 [ 34.661109] ? __pfx_kthread+0x10/0x10 [ 34.661139] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.661170] ? calculate_sigpending+0x7b/0xa0 [ 34.661202] ? __pfx_kthread+0x10/0x10 [ 34.661233] ret_from_fork+0x116/0x1d0 [ 34.661259] ? __pfx_kthread+0x10/0x10 [ 34.661288] ret_from_fork_asm+0x1a/0x30 [ 34.661328] </TASK> [ 34.661344] [ 34.676018] Allocated by task 295: [ 34.676482] kasan_save_stack+0x45/0x70 [ 34.677008] kasan_save_track+0x18/0x40 [ 34.677266] kasan_save_alloc_info+0x3b/0x50 [ 34.677806] __kasan_kmalloc+0xb7/0xc0 [ 34.678211] __kmalloc_cache_noprof+0x189/0x420 [ 34.678781] kasan_atomics+0x95/0x310 [ 34.679149] kunit_try_run_case+0x1a5/0x480 [ 34.679594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.680138] kthread+0x337/0x6f0 [ 34.680374] ret_from_fork+0x116/0x1d0 [ 34.680761] ret_from_fork_asm+0x1a/0x30 [ 34.681295] [ 34.681612] The buggy address belongs to the object at ffff888102daa080 [ 34.681612] which belongs to the cache kmalloc-64 of size 64 [ 34.682738] The buggy address is located 0 bytes to the right of [ 34.682738] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.683502] [ 34.683732] The buggy address belongs to the physical page: [ 34.684374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.685193] flags: 0x200000000000000(node=0|zone=2) [ 34.685694] page_type: f5(slab) [ 34.685923] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.686577] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.687330] page dumped because: kasan: bad access detected [ 34.687931] [ 34.688076] Memory state around the buggy address: [ 34.688602] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.689243] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.689758] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.690445] ^ [ 34.690935] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.691617] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.692125] ================================================================== [ 33.095146] ================================================================== [ 33.095663] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 33.096176] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.097414] [ 33.097694] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.097815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.097848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.097899] Call Trace: [ 33.097944] <TASK> [ 33.097988] dump_stack_lvl+0x73/0xb0 [ 33.098062] print_report+0xd1/0x650 [ 33.098122] ? __virt_addr_valid+0x1db/0x2d0 [ 33.098181] ? kasan_atomics_helper+0xa2b/0x5450 [ 33.098231] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.098294] ? kasan_atomics_helper+0xa2b/0x5450 [ 33.098353] kasan_report+0x141/0x180 [ 33.098411] ? kasan_atomics_helper+0xa2b/0x5450 [ 33.098477] kasan_check_range+0x10c/0x1c0 [ 33.098559] __kasan_check_write+0x18/0x20 [ 33.098659] kasan_atomics_helper+0xa2b/0x5450 [ 33.098730] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.098795] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.098858] ? kasan_atomics+0x152/0x310 [ 33.098925] kasan_atomics+0x1dc/0x310 [ 33.098984] ? __pfx_kasan_atomics+0x10/0x10 [ 33.099046] ? __pfx_read_tsc+0x10/0x10 [ 33.099109] ? ktime_get_ts64+0x86/0x230 [ 33.099170] kunit_try_run_case+0x1a5/0x480 [ 33.099237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.099298] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.099365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.099430] ? __kthread_parkme+0x82/0x180 [ 33.099490] ? preempt_count_sub+0x50/0x80 [ 33.099576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.099680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.099757] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.099838] kthread+0x337/0x6f0 [ 33.099893] ? trace_preempt_on+0x20/0xc0 [ 33.099958] ? __pfx_kthread+0x10/0x10 [ 33.100015] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.100082] ? calculate_sigpending+0x7b/0xa0 [ 33.100152] ? __pfx_kthread+0x10/0x10 [ 33.100217] ret_from_fork+0x116/0x1d0 [ 33.100272] ? __pfx_kthread+0x10/0x10 [ 33.100307] ret_from_fork_asm+0x1a/0x30 [ 33.100351] </TASK> [ 33.100368] [ 33.112850] Allocated by task 295: [ 33.113220] kasan_save_stack+0x45/0x70 [ 33.113554] kasan_save_track+0x18/0x40 [ 33.113895] kasan_save_alloc_info+0x3b/0x50 [ 33.114283] __kasan_kmalloc+0xb7/0xc0 [ 33.114523] __kmalloc_cache_noprof+0x189/0x420 [ 33.114856] kasan_atomics+0x95/0x310 [ 33.115098] kunit_try_run_case+0x1a5/0x480 [ 33.115505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.116075] kthread+0x337/0x6f0 [ 33.116433] ret_from_fork+0x116/0x1d0 [ 33.116857] ret_from_fork_asm+0x1a/0x30 [ 33.117280] [ 33.117477] The buggy address belongs to the object at ffff888102daa080 [ 33.117477] which belongs to the cache kmalloc-64 of size 64 [ 33.118173] The buggy address is located 0 bytes to the right of [ 33.118173] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.119209] [ 33.119415] The buggy address belongs to the physical page: [ 33.119970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.120439] flags: 0x200000000000000(node=0|zone=2) [ 33.120774] page_type: f5(slab) [ 33.121103] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.121785] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.122270] page dumped because: kasan: bad access detected [ 33.122594] [ 33.122765] Memory state around the buggy address: [ 33.123025] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.123366] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.123937] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.124509] ^ [ 33.125030] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.125726] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.126325] ================================================================== [ 32.552426] ================================================================== [ 32.553013] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 32.553794] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.554317] [ 32.554506] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.554691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.554725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.554771] Call Trace: [ 32.554812] <TASK> [ 32.554877] dump_stack_lvl+0x73/0xb0 [ 32.554972] print_report+0xd1/0x650 [ 32.555051] ? __virt_addr_valid+0x1db/0x2d0 [ 32.555114] ? kasan_atomics_helper+0x4ba2/0x5450 [ 32.555168] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.555235] ? kasan_atomics_helper+0x4ba2/0x5450 [ 32.555296] kasan_report+0x141/0x180 [ 32.555358] ? kasan_atomics_helper+0x4ba2/0x5450 [ 32.555432] __asan_report_store4_noabort+0x1b/0x30 [ 32.555501] kasan_atomics_helper+0x4ba2/0x5450 [ 32.555581] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.555658] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.555705] ? kasan_atomics+0x152/0x310 [ 32.555741] kasan_atomics+0x1dc/0x310 [ 32.555773] ? __pfx_kasan_atomics+0x10/0x10 [ 32.555805] ? __pfx_read_tsc+0x10/0x10 [ 32.555849] ? ktime_get_ts64+0x86/0x230 [ 32.555883] kunit_try_run_case+0x1a5/0x480 [ 32.555917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.555948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.555981] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.556014] ? __kthread_parkme+0x82/0x180 [ 32.556041] ? preempt_count_sub+0x50/0x80 [ 32.556072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.556104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.556136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.556168] kthread+0x337/0x6f0 [ 32.556195] ? trace_preempt_on+0x20/0xc0 [ 32.556226] ? __pfx_kthread+0x10/0x10 [ 32.556253] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.556283] ? calculate_sigpending+0x7b/0xa0 [ 32.556314] ? __pfx_kthread+0x10/0x10 [ 32.556342] ret_from_fork+0x116/0x1d0 [ 32.556366] ? __pfx_kthread+0x10/0x10 [ 32.556393] ret_from_fork_asm+0x1a/0x30 [ 32.556432] </TASK> [ 32.556448] [ 32.572019] Allocated by task 295: [ 32.572403] kasan_save_stack+0x45/0x70 [ 32.572751] kasan_save_track+0x18/0x40 [ 32.573150] kasan_save_alloc_info+0x3b/0x50 [ 32.573423] __kasan_kmalloc+0xb7/0xc0 [ 32.573745] __kmalloc_cache_noprof+0x189/0x420 [ 32.574497] kasan_atomics+0x95/0x310 [ 32.575021] kunit_try_run_case+0x1a5/0x480 [ 32.575409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.575797] kthread+0x337/0x6f0 [ 32.576175] ret_from_fork+0x116/0x1d0 [ 32.576519] ret_from_fork_asm+0x1a/0x30 [ 32.577004] [ 32.577203] The buggy address belongs to the object at ffff888102daa080 [ 32.577203] which belongs to the cache kmalloc-64 of size 64 [ 32.578014] The buggy address is located 0 bytes to the right of [ 32.578014] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.579032] [ 32.579183] The buggy address belongs to the physical page: [ 32.579692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.580433] flags: 0x200000000000000(node=0|zone=2) [ 32.580807] page_type: f5(slab) [ 32.581198] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.581891] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.582366] page dumped because: kasan: bad access detected [ 32.582938] [ 32.583167] Memory state around the buggy address: [ 32.583705] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.584208] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.584738] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.585204] ^ [ 32.585691] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.586166] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.586596] ================================================================== [ 34.583907] ================================================================== [ 34.585144] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 34.585891] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.586582] [ 34.586853] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.586978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.587014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.587069] Call Trace: [ 34.587113] <TASK> [ 34.587159] dump_stack_lvl+0x73/0xb0 [ 34.587238] print_report+0xd1/0x650 [ 34.587303] ? __virt_addr_valid+0x1db/0x2d0 [ 34.587372] ? kasan_atomics_helper+0x2006/0x5450 [ 34.587435] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.587510] ? kasan_atomics_helper+0x2006/0x5450 [ 34.587594] kasan_report+0x141/0x180 [ 34.587679] ? kasan_atomics_helper+0x2006/0x5450 [ 34.587773] kasan_check_range+0x10c/0x1c0 [ 34.587857] __kasan_check_write+0x18/0x20 [ 34.587946] kasan_atomics_helper+0x2006/0x5450 [ 34.588029] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.588111] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.588199] ? kasan_atomics+0x152/0x310 [ 34.588290] kasan_atomics+0x1dc/0x310 [ 34.588377] ? __pfx_kasan_atomics+0x10/0x10 [ 34.588442] ? __pfx_read_tsc+0x10/0x10 [ 34.588504] ? ktime_get_ts64+0x86/0x230 [ 34.588589] kunit_try_run_case+0x1a5/0x480 [ 34.588661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.588729] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.588801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.588864] ? __kthread_parkme+0x82/0x180 [ 34.588927] ? preempt_count_sub+0x50/0x80 [ 34.588995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.589068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.589142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.589211] kthread+0x337/0x6f0 [ 34.589271] ? trace_preempt_on+0x20/0xc0 [ 34.589339] ? __pfx_kthread+0x10/0x10 [ 34.589402] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.589468] ? calculate_sigpending+0x7b/0xa0 [ 34.589556] ? __pfx_kthread+0x10/0x10 [ 34.589621] ret_from_fork+0x116/0x1d0 [ 34.589671] ? __pfx_kthread+0x10/0x10 [ 34.589725] ret_from_fork_asm+0x1a/0x30 [ 34.589794] </TASK> [ 34.589820] [ 34.602727] Allocated by task 295: [ 34.603177] kasan_save_stack+0x45/0x70 [ 34.603672] kasan_save_track+0x18/0x40 [ 34.604131] kasan_save_alloc_info+0x3b/0x50 [ 34.604653] __kasan_kmalloc+0xb7/0xc0 [ 34.605082] __kmalloc_cache_noprof+0x189/0x420 [ 34.605551] kasan_atomics+0x95/0x310 [ 34.605986] kunit_try_run_case+0x1a5/0x480 [ 34.606317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.606710] kthread+0x337/0x6f0 [ 34.607001] ret_from_fork+0x116/0x1d0 [ 34.607298] ret_from_fork_asm+0x1a/0x30 [ 34.607755] [ 34.607984] The buggy address belongs to the object at ffff888102daa080 [ 34.607984] which belongs to the cache kmalloc-64 of size 64 [ 34.609201] The buggy address is located 0 bytes to the right of [ 34.609201] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.610717] [ 34.610937] The buggy address belongs to the physical page: [ 34.611429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.612062] flags: 0x200000000000000(node=0|zone=2) [ 34.612354] page_type: f5(slab) [ 34.612589] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.613332] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.614064] page dumped because: kasan: bad access detected [ 34.614645] [ 34.614838] Memory state around the buggy address: [ 34.615101] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.615440] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.617569] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.618660] ^ [ 34.619070] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.619628] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.620317] ================================================================== [ 33.985364] ================================================================== [ 33.985954] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 33.986781] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.987384] [ 33.987683] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.987889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.987961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.988043] Call Trace: [ 33.988091] <TASK> [ 33.988132] dump_stack_lvl+0x73/0xb0 [ 33.988217] print_report+0xd1/0x650 [ 33.988284] ? __virt_addr_valid+0x1db/0x2d0 [ 33.988351] ? kasan_atomics_helper+0x164f/0x5450 [ 33.988415] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.988492] ? kasan_atomics_helper+0x164f/0x5450 [ 33.988567] kasan_report+0x141/0x180 [ 33.988670] ? kasan_atomics_helper+0x164f/0x5450 [ 33.988747] kasan_check_range+0x10c/0x1c0 [ 33.988811] __kasan_check_write+0x18/0x20 [ 33.988875] kasan_atomics_helper+0x164f/0x5450 [ 33.989001] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.989067] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.989134] ? kasan_atomics+0x152/0x310 [ 33.989246] kasan_atomics+0x1dc/0x310 [ 33.989310] ? __pfx_kasan_atomics+0x10/0x10 [ 33.989377] ? __pfx_read_tsc+0x10/0x10 [ 33.989432] ? ktime_get_ts64+0x86/0x230 [ 33.989471] kunit_try_run_case+0x1a5/0x480 [ 33.989508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.989562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.989601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.989658] ? __kthread_parkme+0x82/0x180 [ 33.989694] ? preempt_count_sub+0x50/0x80 [ 33.989728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.989762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.989797] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.989831] kthread+0x337/0x6f0 [ 33.989859] ? trace_preempt_on+0x20/0xc0 [ 33.989894] ? __pfx_kthread+0x10/0x10 [ 33.989923] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.989955] ? calculate_sigpending+0x7b/0xa0 [ 33.989988] ? __pfx_kthread+0x10/0x10 [ 33.990017] ret_from_fork+0x116/0x1d0 [ 33.990045] ? __pfx_kthread+0x10/0x10 [ 33.990074] ret_from_fork_asm+0x1a/0x30 [ 33.990115] </TASK> [ 33.990131] [ 34.002442] Allocated by task 295: [ 34.002851] kasan_save_stack+0x45/0x70 [ 34.003317] kasan_save_track+0x18/0x40 [ 34.003600] kasan_save_alloc_info+0x3b/0x50 [ 34.004100] __kasan_kmalloc+0xb7/0xc0 [ 34.004533] __kmalloc_cache_noprof+0x189/0x420 [ 34.005080] kasan_atomics+0x95/0x310 [ 34.005489] kunit_try_run_case+0x1a5/0x480 [ 34.005931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.006414] kthread+0x337/0x6f0 [ 34.006687] ret_from_fork+0x116/0x1d0 [ 34.007187] ret_from_fork_asm+0x1a/0x30 [ 34.007628] [ 34.007838] The buggy address belongs to the object at ffff888102daa080 [ 34.007838] which belongs to the cache kmalloc-64 of size 64 [ 34.008385] The buggy address is located 0 bytes to the right of [ 34.008385] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.009400] [ 34.009635] The buggy address belongs to the physical page: [ 34.010419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.011137] flags: 0x200000000000000(node=0|zone=2) [ 34.011607] page_type: f5(slab) [ 34.011843] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.013056] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.013703] page dumped because: kasan: bad access detected [ 34.013990] [ 34.014118] Memory state around the buggy address: [ 34.015090] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.016125] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.017056] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.017451] ^ [ 34.017959] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.018330] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.018991] ================================================================== [ 34.515306] ================================================================== [ 34.516896] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 34.517484] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.517985] [ 34.518166] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.518281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.518332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.518403] Call Trace: [ 34.518450] <TASK> [ 34.518495] dump_stack_lvl+0x73/0xb0 [ 34.518595] print_report+0xd1/0x650 [ 34.518698] ? __virt_addr_valid+0x1db/0x2d0 [ 34.518767] ? kasan_atomics_helper+0x1f43/0x5450 [ 34.518824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.518895] ? kasan_atomics_helper+0x1f43/0x5450 [ 34.518966] kasan_report+0x141/0x180 [ 34.519045] ? kasan_atomics_helper+0x1f43/0x5450 [ 34.519117] kasan_check_range+0x10c/0x1c0 [ 34.519184] __kasan_check_write+0x18/0x20 [ 34.519258] kasan_atomics_helper+0x1f43/0x5450 [ 34.519338] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.519405] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.519460] ? kasan_atomics+0x152/0x310 [ 34.519500] kasan_atomics+0x1dc/0x310 [ 34.519533] ? __pfx_kasan_atomics+0x10/0x10 [ 34.519604] ? __pfx_read_tsc+0x10/0x10 [ 34.519703] ? ktime_get_ts64+0x86/0x230 [ 34.519781] kunit_try_run_case+0x1a5/0x480 [ 34.519883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.519939] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.520009] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.520089] ? __kthread_parkme+0x82/0x180 [ 34.520156] ? preempt_count_sub+0x50/0x80 [ 34.520222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.520288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.520329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.520364] kthread+0x337/0x6f0 [ 34.520394] ? trace_preempt_on+0x20/0xc0 [ 34.520428] ? __pfx_kthread+0x10/0x10 [ 34.520458] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.520490] ? calculate_sigpending+0x7b/0xa0 [ 34.520526] ? __pfx_kthread+0x10/0x10 [ 34.520580] ret_from_fork+0x116/0x1d0 [ 34.520608] ? __pfx_kthread+0x10/0x10 [ 34.520662] ret_from_fork_asm+0x1a/0x30 [ 34.520707] </TASK> [ 34.520723] [ 34.535705] Allocated by task 295: [ 34.536143] kasan_save_stack+0x45/0x70 [ 34.536741] kasan_save_track+0x18/0x40 [ 34.537066] kasan_save_alloc_info+0x3b/0x50 [ 34.537503] __kasan_kmalloc+0xb7/0xc0 [ 34.538047] __kmalloc_cache_noprof+0x189/0x420 [ 34.538606] kasan_atomics+0x95/0x310 [ 34.538846] kunit_try_run_case+0x1a5/0x480 [ 34.539370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.539951] kthread+0x337/0x6f0 [ 34.540372] ret_from_fork+0x116/0x1d0 [ 34.540815] ret_from_fork_asm+0x1a/0x30 [ 34.541238] [ 34.541376] The buggy address belongs to the object at ffff888102daa080 [ 34.541376] which belongs to the cache kmalloc-64 of size 64 [ 34.542232] The buggy address is located 0 bytes to the right of [ 34.542232] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.543831] [ 34.544107] The buggy address belongs to the physical page: [ 34.544731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.545110] flags: 0x200000000000000(node=0|zone=2) [ 34.545572] page_type: f5(slab) [ 34.546006] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.546762] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.547226] page dumped because: kasan: bad access detected [ 34.547691] [ 34.548092] Memory state around the buggy address: [ 34.548454] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.549261] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.549596] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.550563] ^ [ 34.551100] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.551594] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.552089] ================================================================== [ 33.561342] ================================================================== [ 33.561856] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 33.562433] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.563322] [ 33.563612] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.563765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.563801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.563867] Call Trace: [ 33.563923] <TASK> [ 33.563984] dump_stack_lvl+0x73/0xb0 [ 33.564068] print_report+0xd1/0x650 [ 33.564134] ? __virt_addr_valid+0x1db/0x2d0 [ 33.564204] ? kasan_atomics_helper+0x1148/0x5450 [ 33.564261] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.564329] ? kasan_atomics_helper+0x1148/0x5450 [ 33.564386] kasan_report+0x141/0x180 [ 33.564443] ? kasan_atomics_helper+0x1148/0x5450 [ 33.564512] kasan_check_range+0x10c/0x1c0 [ 33.564603] __kasan_check_write+0x18/0x20 [ 33.564712] kasan_atomics_helper+0x1148/0x5450 [ 33.564776] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.564838] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.564899] ? kasan_atomics+0x152/0x310 [ 33.564977] kasan_atomics+0x1dc/0x310 [ 33.565062] ? __pfx_kasan_atomics+0x10/0x10 [ 33.565115] ? __pfx_read_tsc+0x10/0x10 [ 33.565151] ? ktime_get_ts64+0x86/0x230 [ 33.565189] kunit_try_run_case+0x1a5/0x480 [ 33.565226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.565258] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.565294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.565328] ? __kthread_parkme+0x82/0x180 [ 33.565357] ? preempt_count_sub+0x50/0x80 [ 33.565389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.565422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.565455] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.565488] kthread+0x337/0x6f0 [ 33.565515] ? trace_preempt_on+0x20/0xc0 [ 33.565569] ? __pfx_kthread+0x10/0x10 [ 33.565600] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.565651] ? calculate_sigpending+0x7b/0xa0 [ 33.565706] ? __pfx_kthread+0x10/0x10 [ 33.565738] ret_from_fork+0x116/0x1d0 [ 33.565766] ? __pfx_kthread+0x10/0x10 [ 33.565795] ret_from_fork_asm+0x1a/0x30 [ 33.565838] </TASK> [ 33.565854] [ 33.578745] Allocated by task 295: [ 33.579166] kasan_save_stack+0x45/0x70 [ 33.579619] kasan_save_track+0x18/0x40 [ 33.579990] kasan_save_alloc_info+0x3b/0x50 [ 33.580428] __kasan_kmalloc+0xb7/0xc0 [ 33.580877] __kmalloc_cache_noprof+0x189/0x420 [ 33.581161] kasan_atomics+0x95/0x310 [ 33.581584] kunit_try_run_case+0x1a5/0x480 [ 33.582032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.582458] kthread+0x337/0x6f0 [ 33.582804] ret_from_fork+0x116/0x1d0 [ 33.583231] ret_from_fork_asm+0x1a/0x30 [ 33.583694] [ 33.583896] The buggy address belongs to the object at ffff888102daa080 [ 33.583896] which belongs to the cache kmalloc-64 of size 64 [ 33.584748] The buggy address is located 0 bytes to the right of [ 33.584748] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.585376] [ 33.585523] The buggy address belongs to the physical page: [ 33.585820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.586201] flags: 0x200000000000000(node=0|zone=2) [ 33.586554] page_type: f5(slab) [ 33.586990] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.587814] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.588893] page dumped because: kasan: bad access detected [ 33.589399] [ 33.589616] Memory state around the buggy address: [ 33.590066] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.590785] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.591335] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.591858] ^ [ 33.592291] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.592940] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.593444] ================================================================== [ 32.808463] ================================================================== [ 32.809248] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 32.809984] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.810562] [ 32.810873] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.811012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.811068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.811120] Call Trace: [ 32.811163] <TASK> [ 32.811206] dump_stack_lvl+0x73/0xb0 [ 32.811306] print_report+0xd1/0x650 [ 32.811374] ? __virt_addr_valid+0x1db/0x2d0 [ 32.811440] ? kasan_atomics_helper+0x565/0x5450 [ 32.811500] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.811592] ? kasan_atomics_helper+0x565/0x5450 [ 32.811688] kasan_report+0x141/0x180 [ 32.811750] ? kasan_atomics_helper+0x565/0x5450 [ 32.811861] kasan_check_range+0x10c/0x1c0 [ 32.811940] __kasan_check_write+0x18/0x20 [ 32.812007] kasan_atomics_helper+0x565/0x5450 [ 32.812074] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.812140] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.812204] ? kasan_atomics+0x152/0x310 [ 32.812301] kasan_atomics+0x1dc/0x310 [ 32.812366] ? __pfx_kasan_atomics+0x10/0x10 [ 32.812427] ? __pfx_read_tsc+0x10/0x10 [ 32.812488] ? ktime_get_ts64+0x86/0x230 [ 32.812567] kunit_try_run_case+0x1a5/0x480 [ 32.812608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.812679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.812720] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.812756] ? __kthread_parkme+0x82/0x180 [ 32.812786] ? preempt_count_sub+0x50/0x80 [ 32.812819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.812853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.812887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.812920] kthread+0x337/0x6f0 [ 32.812949] ? trace_preempt_on+0x20/0xc0 [ 32.812981] ? __pfx_kthread+0x10/0x10 [ 32.813011] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.813043] ? calculate_sigpending+0x7b/0xa0 [ 32.813076] ? __pfx_kthread+0x10/0x10 [ 32.813105] ret_from_fork+0x116/0x1d0 [ 32.813132] ? __pfx_kthread+0x10/0x10 [ 32.813161] ret_from_fork_asm+0x1a/0x30 [ 32.813202] </TASK> [ 32.813219] [ 32.827558] Allocated by task 295: [ 32.827851] kasan_save_stack+0x45/0x70 [ 32.828132] kasan_save_track+0x18/0x40 [ 32.828380] kasan_save_alloc_info+0x3b/0x50 [ 32.828864] __kasan_kmalloc+0xb7/0xc0 [ 32.829172] __kmalloc_cache_noprof+0x189/0x420 [ 32.829490] kasan_atomics+0x95/0x310 [ 32.829865] kunit_try_run_case+0x1a5/0x480 [ 32.830230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.830797] kthread+0x337/0x6f0 [ 32.831074] ret_from_fork+0x116/0x1d0 [ 32.831454] ret_from_fork_asm+0x1a/0x30 [ 32.831809] [ 32.832024] The buggy address belongs to the object at ffff888102daa080 [ 32.832024] which belongs to the cache kmalloc-64 of size 64 [ 32.832668] The buggy address is located 0 bytes to the right of [ 32.832668] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.833710] [ 32.833871] The buggy address belongs to the physical page: [ 32.834154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.834903] flags: 0x200000000000000(node=0|zone=2) [ 32.835358] page_type: f5(slab) [ 32.835599] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.836298] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.836897] page dumped because: kasan: bad access detected [ 32.837361] [ 32.837563] Memory state around the buggy address: [ 32.837977] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.838391] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.838982] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.839445] ^ [ 32.839854] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.840253] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.840911] ================================================================== [ 33.594988] ================================================================== [ 33.595695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 33.596332] Read of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.596841] [ 33.597174] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.597313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.597352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.597409] Call Trace: [ 33.597456] <TASK> [ 33.597502] dump_stack_lvl+0x73/0xb0 [ 33.597603] print_report+0xd1/0x650 [ 33.597662] ? __virt_addr_valid+0x1db/0x2d0 [ 33.597726] ? kasan_atomics_helper+0x4a02/0x5450 [ 33.597779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.597848] ? kasan_atomics_helper+0x4a02/0x5450 [ 33.597911] kasan_report+0x141/0x180 [ 33.597978] ? kasan_atomics_helper+0x4a02/0x5450 [ 33.598054] __asan_report_load4_noabort+0x18/0x20 [ 33.598137] kasan_atomics_helper+0x4a02/0x5450 [ 33.598221] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.598287] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.598358] ? kasan_atomics+0x152/0x310 [ 33.598433] kasan_atomics+0x1dc/0x310 [ 33.598499] ? __pfx_kasan_atomics+0x10/0x10 [ 33.598585] ? __pfx_read_tsc+0x10/0x10 [ 33.598650] ? ktime_get_ts64+0x86/0x230 [ 33.598721] kunit_try_run_case+0x1a5/0x480 [ 33.598793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.598858] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.598943] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.599009] ? __kthread_parkme+0x82/0x180 [ 33.599076] ? preempt_count_sub+0x50/0x80 [ 33.599157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.599228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.599293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.599352] kthread+0x337/0x6f0 [ 33.599397] ? trace_preempt_on+0x20/0xc0 [ 33.599462] ? __pfx_kthread+0x10/0x10 [ 33.599517] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.599605] ? calculate_sigpending+0x7b/0xa0 [ 33.599686] ? __pfx_kthread+0x10/0x10 [ 33.599748] ret_from_fork+0x116/0x1d0 [ 33.599800] ? __pfx_kthread+0x10/0x10 [ 33.599872] ret_from_fork_asm+0x1a/0x30 [ 33.599962] </TASK> [ 33.600009] [ 33.612592] Allocated by task 295: [ 33.612993] kasan_save_stack+0x45/0x70 [ 33.613438] kasan_save_track+0x18/0x40 [ 33.613806] kasan_save_alloc_info+0x3b/0x50 [ 33.614083] __kasan_kmalloc+0xb7/0xc0 [ 33.614305] __kmalloc_cache_noprof+0x189/0x420 [ 33.614604] kasan_atomics+0x95/0x310 [ 33.615255] kunit_try_run_case+0x1a5/0x480 [ 33.615754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.616286] kthread+0x337/0x6f0 [ 33.616690] ret_from_fork+0x116/0x1d0 [ 33.617103] ret_from_fork_asm+0x1a/0x30 [ 33.617568] [ 33.617758] The buggy address belongs to the object at ffff888102daa080 [ 33.617758] which belongs to the cache kmalloc-64 of size 64 [ 33.618408] The buggy address is located 0 bytes to the right of [ 33.618408] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.619294] [ 33.619567] The buggy address belongs to the physical page: [ 33.620209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.620973] flags: 0x200000000000000(node=0|zone=2) [ 33.621361] page_type: f5(slab) [ 33.621763] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.622157] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.622521] page dumped because: kasan: bad access detected [ 33.624420] [ 33.624641] Memory state around the buggy address: [ 33.625147] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.625899] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.626772] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.627326] ^ [ 33.627662] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.628459] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.629030] ================================================================== [ 32.588891] ================================================================== [ 32.589871] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 32.590671] Read of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.591222] [ 32.591710] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.591838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.591873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.591967] Call Trace: [ 32.592013] <TASK> [ 32.592057] dump_stack_lvl+0x73/0xb0 [ 32.592129] print_report+0xd1/0x650 [ 32.592188] ? __virt_addr_valid+0x1db/0x2d0 [ 32.592238] ? kasan_atomics_helper+0x4b88/0x5450 [ 32.592269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.592305] ? kasan_atomics_helper+0x4b88/0x5450 [ 32.592334] kasan_report+0x141/0x180 [ 32.592364] ? kasan_atomics_helper+0x4b88/0x5450 [ 32.592398] __asan_report_load4_noabort+0x18/0x20 [ 32.592430] kasan_atomics_helper+0x4b88/0x5450 [ 32.592459] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.592488] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.592520] ? kasan_atomics+0x152/0x310 [ 32.592577] kasan_atomics+0x1dc/0x310 [ 32.592608] ? __pfx_kasan_atomics+0x10/0x10 [ 32.592654] ? __pfx_read_tsc+0x10/0x10 [ 32.592689] ? ktime_get_ts64+0x86/0x230 [ 32.592731] kunit_try_run_case+0x1a5/0x480 [ 32.592766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.592806] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.592841] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.592882] ? __kthread_parkme+0x82/0x180 [ 32.592911] ? preempt_count_sub+0x50/0x80 [ 32.592948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.592985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.593043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.593088] kthread+0x337/0x6f0 [ 32.593118] ? trace_preempt_on+0x20/0xc0 [ 32.593155] ? __pfx_kthread+0x10/0x10 [ 32.593183] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.593214] ? calculate_sigpending+0x7b/0xa0 [ 32.593246] ? __pfx_kthread+0x10/0x10 [ 32.593274] ret_from_fork+0x116/0x1d0 [ 32.593300] ? __pfx_kthread+0x10/0x10 [ 32.593327] ret_from_fork_asm+0x1a/0x30 [ 32.593366] </TASK> [ 32.593380] [ 32.610251] Allocated by task 295: [ 32.610865] kasan_save_stack+0x45/0x70 [ 32.611316] kasan_save_track+0x18/0x40 [ 32.611904] kasan_save_alloc_info+0x3b/0x50 [ 32.612146] __kasan_kmalloc+0xb7/0xc0 [ 32.612618] __kmalloc_cache_noprof+0x189/0x420 [ 32.613342] kasan_atomics+0x95/0x310 [ 32.613933] kunit_try_run_case+0x1a5/0x480 [ 32.614478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.614839] kthread+0x337/0x6f0 [ 32.615212] ret_from_fork+0x116/0x1d0 [ 32.615634] ret_from_fork_asm+0x1a/0x30 [ 32.616263] [ 32.616410] The buggy address belongs to the object at ffff888102daa080 [ 32.616410] which belongs to the cache kmalloc-64 of size 64 [ 32.617488] The buggy address is located 0 bytes to the right of [ 32.617488] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.618753] [ 32.618968] The buggy address belongs to the physical page: [ 32.619465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.620274] flags: 0x200000000000000(node=0|zone=2) [ 32.620704] page_type: f5(slab) [ 32.621044] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.621653] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.622230] page dumped because: kasan: bad access detected [ 32.622513] [ 32.622801] Memory state around the buggy address: [ 32.623327] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.623990] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.624438] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.625115] ^ [ 32.625616] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.626221] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.626871] ================================================================== [ 34.802390] ================================================================== [ 34.802954] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 34.803654] Write of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.804397] [ 34.804765] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.804892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.804925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.805024] Call Trace: [ 34.805071] <TASK> [ 34.805118] dump_stack_lvl+0x73/0xb0 [ 34.805250] print_report+0xd1/0x650 [ 34.805319] ? __virt_addr_valid+0x1db/0x2d0 [ 34.805388] ? kasan_atomics_helper+0x224c/0x5450 [ 34.805449] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.805518] ? kasan_atomics_helper+0x224c/0x5450 [ 34.805686] kasan_report+0x141/0x180 [ 34.805755] ? kasan_atomics_helper+0x224c/0x5450 [ 34.805821] kasan_check_range+0x10c/0x1c0 [ 34.805864] __kasan_check_write+0x18/0x20 [ 34.805901] kasan_atomics_helper+0x224c/0x5450 [ 34.805933] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.805964] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.806000] ? kasan_atomics+0x152/0x310 [ 34.806036] kasan_atomics+0x1dc/0x310 [ 34.806067] ? __pfx_kasan_atomics+0x10/0x10 [ 34.806100] ? __pfx_read_tsc+0x10/0x10 [ 34.806131] ? ktime_get_ts64+0x86/0x230 [ 34.806164] kunit_try_run_case+0x1a5/0x480 [ 34.806199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.806230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.806265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.806300] ? __kthread_parkme+0x82/0x180 [ 34.806329] ? preempt_count_sub+0x50/0x80 [ 34.806361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.806394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.806427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.806460] kthread+0x337/0x6f0 [ 34.806488] ? trace_preempt_on+0x20/0xc0 [ 34.806521] ? __pfx_kthread+0x10/0x10 [ 34.806576] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.806609] ? calculate_sigpending+0x7b/0xa0 [ 34.806684] ? __pfx_kthread+0x10/0x10 [ 34.806716] ret_from_fork+0x116/0x1d0 [ 34.806744] ? __pfx_kthread+0x10/0x10 [ 34.806774] ret_from_fork_asm+0x1a/0x30 [ 34.806816] </TASK> [ 34.806833] [ 34.820318] Allocated by task 295: [ 34.820801] kasan_save_stack+0x45/0x70 [ 34.821105] kasan_save_track+0x18/0x40 [ 34.821343] kasan_save_alloc_info+0x3b/0x50 [ 34.821670] __kasan_kmalloc+0xb7/0xc0 [ 34.822140] __kmalloc_cache_noprof+0x189/0x420 [ 34.822653] kasan_atomics+0x95/0x310 [ 34.823095] kunit_try_run_case+0x1a5/0x480 [ 34.823582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.824148] kthread+0x337/0x6f0 [ 34.824573] ret_from_fork+0x116/0x1d0 [ 34.825023] ret_from_fork_asm+0x1a/0x30 [ 34.825488] [ 34.825774] The buggy address belongs to the object at ffff888102daa080 [ 34.825774] which belongs to the cache kmalloc-64 of size 64 [ 34.826672] The buggy address is located 0 bytes to the right of [ 34.826672] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.827470] [ 34.827717] The buggy address belongs to the physical page: [ 34.828333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.829056] flags: 0x200000000000000(node=0|zone=2) [ 34.829527] page_type: f5(slab) [ 34.829935] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.830419] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.830800] page dumped because: kasan: bad access detected [ 34.831257] [ 34.831470] Memory state around the buggy address: [ 34.831941] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.832704] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.833319] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.833912] ^ [ 34.834183] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.834513] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.836281] ================================================================== [ 32.880256] ================================================================== [ 32.880846] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 32.881413] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 32.882013] [ 32.882254] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 32.882374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.882411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.882465] Call Trace: [ 32.882508] <TASK> [ 32.882576] dump_stack_lvl+0x73/0xb0 [ 32.882710] print_report+0xd1/0x650 [ 32.882774] ? __virt_addr_valid+0x1db/0x2d0 [ 32.882840] ? kasan_atomics_helper+0x697/0x5450 [ 32.882903] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.882975] ? kasan_atomics_helper+0x697/0x5450 [ 32.883032] kasan_report+0x141/0x180 [ 32.883094] ? kasan_atomics_helper+0x697/0x5450 [ 32.883173] kasan_check_range+0x10c/0x1c0 [ 32.883255] __kasan_check_write+0x18/0x20 [ 32.883320] kasan_atomics_helper+0x697/0x5450 [ 32.883379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.883440] ? __kmalloc_cache_noprof+0x189/0x420 [ 32.883514] ? kasan_atomics+0x152/0x310 [ 32.883606] kasan_atomics+0x1dc/0x310 [ 32.883703] ? __pfx_kasan_atomics+0x10/0x10 [ 32.883767] ? __pfx_read_tsc+0x10/0x10 [ 32.883848] ? ktime_get_ts64+0x86/0x230 [ 32.883935] kunit_try_run_case+0x1a5/0x480 [ 32.884006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.884099] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 32.884166] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.884218] ? __kthread_parkme+0x82/0x180 [ 32.884264] ? preempt_count_sub+0x50/0x80 [ 32.884315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.884368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.884419] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.884468] kthread+0x337/0x6f0 [ 32.884511] ? trace_preempt_on+0x20/0xc0 [ 32.884582] ? __pfx_kthread+0x10/0x10 [ 32.884614] ? _raw_spin_unlock_irq+0x47/0x80 [ 32.884663] ? calculate_sigpending+0x7b/0xa0 [ 32.884700] ? __pfx_kthread+0x10/0x10 [ 32.884731] ret_from_fork+0x116/0x1d0 [ 32.884760] ? __pfx_kthread+0x10/0x10 [ 32.884789] ret_from_fork_asm+0x1a/0x30 [ 32.884830] </TASK> [ 32.884846] [ 32.900165] Allocated by task 295: [ 32.900616] kasan_save_stack+0x45/0x70 [ 32.901132] kasan_save_track+0x18/0x40 [ 32.901596] kasan_save_alloc_info+0x3b/0x50 [ 32.902128] __kasan_kmalloc+0xb7/0xc0 [ 32.902340] __kmalloc_cache_noprof+0x189/0x420 [ 32.902985] kasan_atomics+0x95/0x310 [ 32.903442] kunit_try_run_case+0x1a5/0x480 [ 32.903939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.904361] kthread+0x337/0x6f0 [ 32.904818] ret_from_fork+0x116/0x1d0 [ 32.905267] ret_from_fork_asm+0x1a/0x30 [ 32.905785] [ 32.906048] The buggy address belongs to the object at ffff888102daa080 [ 32.906048] which belongs to the cache kmalloc-64 of size 64 [ 32.906848] The buggy address is located 0 bytes to the right of [ 32.906848] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 32.907212] [ 32.907286] The buggy address belongs to the physical page: [ 32.907436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 32.908117] flags: 0x200000000000000(node=0|zone=2) [ 32.908618] page_type: f5(slab) [ 32.908981] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.909641] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.910009] page dumped because: kasan: bad access detected [ 32.910497] [ 32.910768] Memory state around the buggy address: [ 32.911194] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.911569] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.912239] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.912875] ^ [ 32.913406] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.913948] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.914654] ================================================================== [ 33.024765] ================================================================== [ 33.025374] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 33.025988] Write of size 4 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 33.026585] [ 33.026882] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 33.027000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.027033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.027125] Call Trace: [ 33.027204] <TASK> [ 33.027251] dump_stack_lvl+0x73/0xb0 [ 33.027342] print_report+0xd1/0x650 [ 33.027406] ? __virt_addr_valid+0x1db/0x2d0 [ 33.027493] ? kasan_atomics_helper+0x8f9/0x5450 [ 33.027587] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.027713] ? kasan_atomics_helper+0x8f9/0x5450 [ 33.027794] kasan_report+0x141/0x180 [ 33.027874] ? kasan_atomics_helper+0x8f9/0x5450 [ 33.027948] kasan_check_range+0x10c/0x1c0 [ 33.028025] __kasan_check_write+0x18/0x20 [ 33.028112] kasan_atomics_helper+0x8f9/0x5450 [ 33.028180] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.028246] ? __kmalloc_cache_noprof+0x189/0x420 [ 33.028316] ? kasan_atomics+0x152/0x310 [ 33.028392] kasan_atomics+0x1dc/0x310 [ 33.028456] ? __pfx_kasan_atomics+0x10/0x10 [ 33.028526] ? __pfx_read_tsc+0x10/0x10 [ 33.028607] ? ktime_get_ts64+0x86/0x230 [ 33.028701] kunit_try_run_case+0x1a5/0x480 [ 33.028741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.028774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.028811] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.028845] ? __kthread_parkme+0x82/0x180 [ 33.028874] ? preempt_count_sub+0x50/0x80 [ 33.028907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.028940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.028973] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.029007] kthread+0x337/0x6f0 [ 33.029035] ? trace_preempt_on+0x20/0xc0 [ 33.029068] ? __pfx_kthread+0x10/0x10 [ 33.029098] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.029129] ? calculate_sigpending+0x7b/0xa0 [ 33.029162] ? __pfx_kthread+0x10/0x10 [ 33.029192] ret_from_fork+0x116/0x1d0 [ 33.029219] ? __pfx_kthread+0x10/0x10 [ 33.029248] ret_from_fork_asm+0x1a/0x30 [ 33.029288] </TASK> [ 33.029305] [ 33.044065] Allocated by task 295: [ 33.044556] kasan_save_stack+0x45/0x70 [ 33.045049] kasan_save_track+0x18/0x40 [ 33.045449] kasan_save_alloc_info+0x3b/0x50 [ 33.045922] __kasan_kmalloc+0xb7/0xc0 [ 33.046176] __kmalloc_cache_noprof+0x189/0x420 [ 33.046446] kasan_atomics+0x95/0x310 [ 33.046913] kunit_try_run_case+0x1a5/0x480 [ 33.047462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.048072] kthread+0x337/0x6f0 [ 33.048439] ret_from_fork+0x116/0x1d0 [ 33.048931] ret_from_fork_asm+0x1a/0x30 [ 33.049379] [ 33.049614] The buggy address belongs to the object at ffff888102daa080 [ 33.049614] which belongs to the cache kmalloc-64 of size 64 [ 33.050195] The buggy address is located 0 bytes to the right of [ 33.050195] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 33.051415] [ 33.051730] The buggy address belongs to the physical page: [ 33.052300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 33.052922] flags: 0x200000000000000(node=0|zone=2) [ 33.053407] page_type: f5(slab) [ 33.053858] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.054512] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.055284] page dumped because: kasan: bad access detected [ 33.055790] [ 33.056045] Memory state around the buggy address: [ 33.056576] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.057210] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.057885] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.058456] ^ [ 33.058797] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.059431] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.059997] ================================================================== [ 34.693437] ================================================================== [ 34.693948] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 34.694498] Read of size 8 at addr ffff888102daa0b0 by task kunit_try_catch/295 [ 34.695213] [ 34.695472] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) [ 34.695609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.695670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.695713] Call Trace: [ 34.695774] <TASK> [ 34.695815] dump_stack_lvl+0x73/0xb0 [ 34.695893] print_report+0xd1/0x650 [ 34.695942] ? __virt_addr_valid+0x1db/0x2d0 [ 34.695994] ? kasan_atomics_helper+0x4fb2/0x5450 [ 34.696039] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.696136] ? kasan_atomics_helper+0x4fb2/0x5450 [ 34.696197] kasan_report+0x141/0x180 [ 34.696306] ? kasan_atomics_helper+0x4fb2/0x5450 [ 34.696436] __asan_report_load8_noabort+0x18/0x20 [ 34.696530] kasan_atomics_helper+0x4fb2/0x5450 [ 34.696614] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.696714] ? __kmalloc_cache_noprof+0x189/0x420 [ 34.696784] ? kasan_atomics+0x152/0x310 [ 34.696890] kasan_atomics+0x1dc/0x310 [ 34.696959] ? __pfx_kasan_atomics+0x10/0x10 [ 34.697035] ? __pfx_read_tsc+0x10/0x10 [ 34.697115] ? ktime_get_ts64+0x86/0x230 [ 34.697181] kunit_try_run_case+0x1a5/0x480 [ 34.697246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.697310] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 34.697378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.697435] ? __kthread_parkme+0x82/0x180 [ 34.697484] ? preempt_count_sub+0x50/0x80 [ 34.697587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.697680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.697753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.697820] kthread+0x337/0x6f0 [ 34.697937] ? trace_preempt_on+0x20/0xc0 [ 34.698033] ? __pfx_kthread+0x10/0x10 [ 34.698093] ? _raw_spin_unlock_irq+0x47/0x80 [ 34.698195] ? calculate_sigpending+0x7b/0xa0 [ 34.698279] ? __pfx_kthread+0x10/0x10 [ 34.698343] ret_from_fork+0x116/0x1d0 [ 34.698394] ? __pfx_kthread+0x10/0x10 [ 34.698438] ret_from_fork_asm+0x1a/0x30 [ 34.698482] </TASK> [ 34.698498] [ 34.713060] Allocated by task 295: [ 34.713328] kasan_save_stack+0x45/0x70 [ 34.713786] kasan_save_track+0x18/0x40 [ 34.714435] kasan_save_alloc_info+0x3b/0x50 [ 34.715021] __kasan_kmalloc+0xb7/0xc0 [ 34.715429] __kmalloc_cache_noprof+0x189/0x420 [ 34.716075] kasan_atomics+0x95/0x310 [ 34.716477] kunit_try_run_case+0x1a5/0x480 [ 34.717016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.717683] kthread+0x337/0x6f0 [ 34.718172] ret_from_fork+0x116/0x1d0 [ 34.718617] ret_from_fork_asm+0x1a/0x30 [ 34.718963] [ 34.719245] The buggy address belongs to the object at ffff888102daa080 [ 34.719245] which belongs to the cache kmalloc-64 of size 64 [ 34.720255] The buggy address is located 0 bytes to the right of [ 34.720255] allocated 48-byte region [ffff888102daa080, ffff888102daa0b0) [ 34.721278] [ 34.721502] The buggy address belongs to the physical page: [ 34.722084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102daa [ 34.722745] flags: 0x200000000000000(node=0|zone=2) [ 34.723079] page_type: f5(slab) [ 34.723457] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.724062] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.724810] page dumped because: kasan: bad access detected [ 34.725331] [ 34.725589] Memory state around the buggy address: [ 34.726001] ffff888102da9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.726748] ffff888102daa000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.727253] >ffff888102daa080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.727913] ^ [ 34.728343] ffff888102daa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.728944] ffff888102daa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.729519] ==================================================================