Date
June 25, 2025, 8:08 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 29.503847] ================================================================== [ 29.503943] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 29.504673] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.504730] [ 29.505097] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.505650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.506507] Hardware name: linux,dummy-virt (DT) [ 29.506752] Call trace: [ 29.506781] show_stack+0x20/0x38 (C) [ 29.507223] dump_stack_lvl+0x8c/0xd0 [ 29.507356] print_report+0x118/0x608 [ 29.507529] kasan_report+0xdc/0x128 [ 29.508187] kasan_check_range+0x100/0x1a8 [ 29.508406] __kasan_check_write+0x20/0x30 [ 29.508453] kasan_atomics_helper+0x11f8/0x4858 [ 29.508503] kasan_atomics+0x198/0x2e0 [ 29.509721] kunit_try_run_case+0x170/0x3f0 [ 29.510029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.510511] kthread+0x328/0x630 [ 29.510964] ret_from_fork+0x10/0x20 [ 29.511261] [ 29.511289] Allocated by task 277: [ 29.511322] kasan_save_stack+0x3c/0x68 [ 29.512221] kasan_save_track+0x20/0x40 [ 29.512381] kasan_save_alloc_info+0x40/0x58 [ 29.512989] __kasan_kmalloc+0xd4/0xd8 [ 29.513045] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.513089] kasan_atomics+0xb8/0x2e0 [ 29.513967] kunit_try_run_case+0x170/0x3f0 [ 29.514174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.514568] kthread+0x328/0x630 [ 29.515138] ret_from_fork+0x10/0x20 [ 29.515191] [ 29.515214] The buggy address belongs to the object at fff00000c787d680 [ 29.515214] which belongs to the cache kmalloc-64 of size 64 [ 29.516358] The buggy address is located 0 bytes to the right of [ 29.516358] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.516590] [ 29.516633] The buggy address belongs to the physical page: [ 29.516671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.517250] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.517404] page_type: f5(slab) [ 29.517835] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.518708] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.518764] page dumped because: kasan: bad access detected [ 29.519515] [ 29.519566] Memory state around the buggy address: [ 29.520195] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.520404] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.520554] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.520886] ^ [ 29.520994] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.521041] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.521082] ================================================================== [ 29.314631] ================================================================== [ 29.314696] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 29.314814] Read of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.314866] [ 29.314937] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.315023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.315050] Hardware name: linux,dummy-virt (DT) [ 29.315120] Call trace: [ 29.315169] show_stack+0x20/0x38 (C) [ 29.315248] dump_stack_lvl+0x8c/0xd0 [ 29.315323] print_report+0x118/0x608 [ 29.315411] kasan_report+0xdc/0x128 [ 29.315460] __asan_report_load4_noabort+0x20/0x30 [ 29.315617] kasan_atomics_helper+0x3dd8/0x4858 [ 29.315672] kasan_atomics+0x198/0x2e0 [ 29.315719] kunit_try_run_case+0x170/0x3f0 [ 29.316175] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.316324] kthread+0x328/0x630 [ 29.316454] ret_from_fork+0x10/0x20 [ 29.316581] [ 29.316807] Allocated by task 277: [ 29.316843] kasan_save_stack+0x3c/0x68 [ 29.317044] kasan_save_track+0x20/0x40 [ 29.317175] kasan_save_alloc_info+0x40/0x58 [ 29.317279] __kasan_kmalloc+0xd4/0xd8 [ 29.317367] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.317591] kasan_atomics+0xb8/0x2e0 [ 29.317751] kunit_try_run_case+0x170/0x3f0 [ 29.317798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.318066] kthread+0x328/0x630 [ 29.318153] ret_from_fork+0x10/0x20 [ 29.318410] [ 29.318632] The buggy address belongs to the object at fff00000c787d680 [ 29.318632] which belongs to the cache kmalloc-64 of size 64 [ 29.318770] The buggy address is located 0 bytes to the right of [ 29.318770] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.318912] [ 29.319005] The buggy address belongs to the physical page: [ 29.319037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.319091] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.319290] page_type: f5(slab) [ 29.319458] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.319517] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.319585] page dumped because: kasan: bad access detected [ 29.319698] [ 29.319892] Memory state around the buggy address: [ 29.320038] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.320097] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.320152] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.320194] ^ [ 29.320238] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.320308] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.320348] ================================================================== [ 29.213777] ================================================================== [ 29.213909] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 29.213993] Read of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.214046] [ 29.214110] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.214933] kasan_report+0xdc/0x128 [ 29.217467] kunit_try_run_case+0x170/0x3f0 [ 29.219586] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.221241] ^ [ 29.223564] Write of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.227213] __kasan_kmalloc+0xd4/0xd8 [ 29.227426] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.227605] kasan_atomics+0xb8/0x2e0 [ 29.227881] kunit_try_run_case+0x170/0x3f0 [ 29.227944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.228329] kthread+0x328/0x630 [ 29.228372] ret_from_fork+0x10/0x20 [ 29.228423] [ 29.228486] The buggy address belongs to the object at fff00000c787d680 [ 29.228486] which belongs to the cache kmalloc-64 of size 64 [ 29.228582] The buggy address is located 0 bytes to the right of [ 29.228582] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.228647] [ 29.228669] The buggy address belongs to the physical page: [ 29.228719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.228787] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.228849] page_type: f5(slab) [ 29.228890] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.228941] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.228983] page dumped because: kasan: bad access detected [ 29.229026] [ 29.229062] Memory state around the buggy address: [ 29.229096] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.229141] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.229186] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.229234] ^ [ 29.229272] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.229322] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.229375] ================================================================== [ 29.594732] ================================================================== [ 29.594778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 29.594827] Read of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.594878] [ 29.594917] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.595000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.595027] Hardware name: linux,dummy-virt (DT) [ 29.595060] Call trace: [ 29.595083] show_stack+0x20/0x38 (C) [ 29.595141] dump_stack_lvl+0x8c/0xd0 [ 29.595197] print_report+0x118/0x608 [ 29.595253] kasan_report+0xdc/0x128 [ 29.595300] __asan_report_load8_noabort+0x20/0x30 [ 29.595359] kasan_atomics_helper+0x3e10/0x4858 [ 29.595420] kasan_atomics+0x198/0x2e0 [ 29.595465] kunit_try_run_case+0x170/0x3f0 [ 29.595514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.595568] kthread+0x328/0x630 [ 29.595611] ret_from_fork+0x10/0x20 [ 29.595660] [ 29.595680] Allocated by task 277: [ 29.596224] kasan_save_stack+0x3c/0x68 [ 29.596433] kasan_save_track+0x20/0x40 [ 29.596532] kasan_save_alloc_info+0x40/0x58 [ 29.596786] __kasan_kmalloc+0xd4/0xd8 [ 29.596944] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.597021] kasan_atomics+0xb8/0x2e0 [ 29.597060] kunit_try_run_case+0x170/0x3f0 [ 29.597099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.597145] kthread+0x328/0x630 [ 29.597179] ret_from_fork+0x10/0x20 [ 29.597217] [ 29.597239] The buggy address belongs to the object at fff00000c787d680 [ 29.597239] which belongs to the cache kmalloc-64 of size 64 [ 29.597299] The buggy address is located 0 bytes to the right of [ 29.597299] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.597365] [ 29.597388] The buggy address belongs to the physical page: [ 29.597430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.597483] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.597677] page_type: f5(slab) [ 29.597847] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.597960] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.598266] page dumped because: kasan: bad access detected [ 29.598632] [ 29.598721] Memory state around the buggy address: [ 29.598757] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.598801] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.599200] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.599324] ^ [ 29.599542] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.599767] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.600000] ================================================================== [ 29.336870] ================================================================== [ 29.336916] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 29.336966] Read of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.337328] [ 29.337373] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.337471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.337519] Hardware name: linux,dummy-virt (DT) [ 29.337609] Call trace: [ 29.337669] show_stack+0x20/0x38 (C) [ 29.337989] dump_stack_lvl+0x8c/0xd0 [ 29.338054] print_report+0x118/0x608 [ 29.338161] kasan_report+0xdc/0x128 [ 29.338237] __asan_report_load8_noabort+0x20/0x30 [ 29.338304] kasan_atomics_helper+0x3f58/0x4858 [ 29.338548] kasan_atomics+0x198/0x2e0 [ 29.338619] kunit_try_run_case+0x170/0x3f0 [ 29.338808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.338929] kthread+0x328/0x630 [ 29.339143] ret_from_fork+0x10/0x20 [ 29.339263] [ 29.339313] Allocated by task 277: [ 29.339385] kasan_save_stack+0x3c/0x68 [ 29.339488] kasan_save_track+0x20/0x40 [ 29.339537] kasan_save_alloc_info+0x40/0x58 [ 29.339603] __kasan_kmalloc+0xd4/0xd8 [ 29.339680] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.340075] kasan_atomics+0xb8/0x2e0 [ 29.340189] kunit_try_run_case+0x170/0x3f0 [ 29.340293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.340340] kthread+0x328/0x630 [ 29.340386] ret_from_fork+0x10/0x20 [ 29.340434] [ 29.340456] The buggy address belongs to the object at fff00000c787d680 [ 29.340456] which belongs to the cache kmalloc-64 of size 64 [ 29.341019] The buggy address is located 0 bytes to the right of [ 29.341019] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.341454] [ 29.341492] The buggy address belongs to the physical page: [ 29.341560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.341673] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.341743] page_type: f5(slab) [ 29.341798] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.342152] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.342239] page dumped because: kasan: bad access detected [ 29.342343] [ 29.342739] Memory state around the buggy address: [ 29.342828] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.342969] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.343031] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.343106] ^ [ 29.343150] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.343196] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.343236] ================================================================== [ 29.576318] ================================================================== [ 29.576717] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 29.576786] Read of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.576879] [ 29.576949] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.577033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.577061] Hardware name: linux,dummy-virt (DT) [ 29.577093] Call trace: [ 29.577116] show_stack+0x20/0x38 (C) [ 29.577174] dump_stack_lvl+0x8c/0xd0 [ 29.577223] print_report+0x118/0x608 [ 29.577272] kasan_report+0xdc/0x128 [ 29.577320] __asan_report_load8_noabort+0x20/0x30 [ 29.577377] kasan_atomics_helper+0x3db0/0x4858 [ 29.577438] kasan_atomics+0x198/0x2e0 [ 29.577484] kunit_try_run_case+0x170/0x3f0 [ 29.577533] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.577588] kthread+0x328/0x630 [ 29.577632] ret_from_fork+0x10/0x20 [ 29.577680] [ 29.577702] Allocated by task 277: [ 29.577731] kasan_save_stack+0x3c/0x68 [ 29.577771] kasan_save_track+0x20/0x40 [ 29.577811] kasan_save_alloc_info+0x40/0x58 [ 29.577858] __kasan_kmalloc+0xd4/0xd8 [ 29.577906] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.577948] kasan_atomics+0xb8/0x2e0 [ 29.577985] kunit_try_run_case+0x170/0x3f0 [ 29.578025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.578079] kthread+0x328/0x630 [ 29.578124] ret_from_fork+0x10/0x20 [ 29.578162] [ 29.578183] The buggy address belongs to the object at fff00000c787d680 [ 29.578183] which belongs to the cache kmalloc-64 of size 64 [ 29.578241] The buggy address is located 0 bytes to the right of [ 29.578241] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.578307] [ 29.578336] The buggy address belongs to the physical page: [ 29.578371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.578435] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.578483] page_type: f5(slab) [ 29.578520] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.578570] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.578616] page dumped because: kasan: bad access detected [ 29.578649] [ 29.578668] Memory state around the buggy address: [ 29.578967] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.579026] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.579072] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.579112] ^ [ 29.579148] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.579325] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.579453] ================================================================== [ 29.606945] ================================================================== [ 29.607114] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 29.607174] Read of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.607239] [ 29.607270] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.607353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.607662] Hardware name: linux,dummy-virt (DT) [ 29.607721] Call trace: [ 29.607747] show_stack+0x20/0x38 (C) [ 29.607835] dump_stack_lvl+0x8c/0xd0 [ 29.608139] print_report+0x118/0x608 [ 29.608450] kasan_report+0xdc/0x128 [ 29.608626] __asan_report_load8_noabort+0x20/0x30 [ 29.608734] kasan_atomics_helper+0x3e20/0x4858 [ 29.608949] kasan_atomics+0x198/0x2e0 [ 29.609033] kunit_try_run_case+0x170/0x3f0 [ 29.609103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.609162] kthread+0x328/0x630 [ 29.609226] ret_from_fork+0x10/0x20 [ 29.610219] [ 29.610317] Allocated by task 277: [ 29.610407] kasan_save_stack+0x3c/0x68 [ 29.610461] kasan_save_track+0x20/0x40 [ 29.610511] kasan_save_alloc_info+0x40/0x58 [ 29.610566] __kasan_kmalloc+0xd4/0xd8 [ 29.610633] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.610675] kasan_atomics+0xb8/0x2e0 [ 29.610711] kunit_try_run_case+0x170/0x3f0 [ 29.610753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.610815] kthread+0x328/0x630 [ 29.610853] ret_from_fork+0x10/0x20 [ 29.610891] [ 29.610913] The buggy address belongs to the object at fff00000c787d680 [ 29.610913] which belongs to the cache kmalloc-64 of size 64 [ 29.610972] The buggy address is located 0 bytes to the right of [ 29.610972] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.611037] [ 29.611061] The buggy address belongs to the physical page: [ 29.611108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.611173] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.611228] page_type: f5(slab) [ 29.611267] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.611317] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.611371] page dumped because: kasan: bad access detected [ 29.611412] [ 29.611432] Memory state around the buggy address: [ 29.611465] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.611509] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.611552] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.611593] ^ [ 29.611625] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.611668] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.612157] ================================================================== [ 29.587024] ================================================================== [ 29.587109] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 29.587164] Read of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.587216] [ 29.587281] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.587366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.587407] Hardware name: linux,dummy-virt (DT) [ 29.587439] Call trace: [ 29.587715] show_stack+0x20/0x38 (C) [ 29.588081] dump_stack_lvl+0x8c/0xd0 [ 29.588146] print_report+0x118/0x608 [ 29.588194] kasan_report+0xdc/0x128 [ 29.588241] __asan_report_load8_noabort+0x20/0x30 [ 29.588290] kasan_atomics_helper+0x3df4/0x4858 [ 29.588340] kasan_atomics+0x198/0x2e0 [ 29.588388] kunit_try_run_case+0x170/0x3f0 [ 29.588448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.588503] kthread+0x328/0x630 [ 29.588545] ret_from_fork+0x10/0x20 [ 29.588594] [ 29.588615] Allocated by task 277: [ 29.588645] kasan_save_stack+0x3c/0x68 [ 29.588688] kasan_save_track+0x20/0x40 [ 29.588726] kasan_save_alloc_info+0x40/0x58 [ 29.588764] __kasan_kmalloc+0xd4/0xd8 [ 29.588803] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.588844] kasan_atomics+0xb8/0x2e0 [ 29.588882] kunit_try_run_case+0x170/0x3f0 [ 29.588921] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.588966] kthread+0x328/0x630 [ 29.589000] ret_from_fork+0x10/0x20 [ 29.589038] [ 29.589058] The buggy address belongs to the object at fff00000c787d680 [ 29.589058] which belongs to the cache kmalloc-64 of size 64 [ 29.589116] The buggy address is located 0 bytes to the right of [ 29.589116] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.589181] [ 29.589203] The buggy address belongs to the physical page: [ 29.589235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.589286] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.589335] page_type: f5(slab) [ 29.589371] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.589433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.589473] page dumped because: kasan: bad access detected [ 29.589507] [ 29.589526] Memory state around the buggy address: [ 29.589559] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.589603] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.589648] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.589687] ^ [ 29.589720] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.589763] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.589803] ================================================================== [ 29.542316] ================================================================== [ 29.542368] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 29.542436] Read of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.542494] [ 29.542525] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.542614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.542641] Hardware name: linux,dummy-virt (DT) [ 29.542681] Call trace: [ 29.542704] show_stack+0x20/0x38 (C) [ 29.542753] dump_stack_lvl+0x8c/0xd0 [ 29.542801] print_report+0x118/0x608 [ 29.542855] kasan_report+0xdc/0x128 [ 29.542904] __asan_report_load8_noabort+0x20/0x30 [ 29.542952] kasan_atomics_helper+0x3f04/0x4858 [ 29.543003] kasan_atomics+0x198/0x2e0 [ 29.543048] kunit_try_run_case+0x170/0x3f0 [ 29.543106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.543171] kthread+0x328/0x630 [ 29.543224] ret_from_fork+0x10/0x20 [ 29.543283] [ 29.543305] Allocated by task 277: [ 29.543334] kasan_save_stack+0x3c/0x68 [ 29.543376] kasan_save_track+0x20/0x40 [ 29.543425] kasan_save_alloc_info+0x40/0x58 [ 29.543465] __kasan_kmalloc+0xd4/0xd8 [ 29.543504] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.543544] kasan_atomics+0xb8/0x2e0 [ 29.543582] kunit_try_run_case+0x170/0x3f0 [ 29.543622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.543677] kthread+0x328/0x630 [ 29.543713] ret_from_fork+0x10/0x20 [ 29.543751] [ 29.543771] The buggy address belongs to the object at fff00000c787d680 [ 29.543771] which belongs to the cache kmalloc-64 of size 64 [ 29.543830] The buggy address is located 0 bytes to the right of [ 29.543830] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.543895] [ 29.543915] The buggy address belongs to the physical page: [ 29.543948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.544002] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.544048] page_type: f5(slab) [ 29.544085] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.544135] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.544457] page dumped because: kasan: bad access detected [ 29.544510] [ 29.544532] Memory state around the buggy address: [ 29.544565] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.544611] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.544655] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.544695] ^ [ 29.544992] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.545058] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.545098] ================================================================== [ 29.418851] ================================================================== [ 29.419502] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 29.419676] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.419729] [ 29.419768] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.420857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.421206] Hardware name: linux,dummy-virt (DT) [ 29.421433] Call trace: [ 29.421489] show_stack+0x20/0x38 (C) [ 29.422126] dump_stack_lvl+0x8c/0xd0 [ 29.422795] print_report+0x118/0x608 [ 29.423131] kasan_report+0xdc/0x128 [ 29.423280] kasan_check_range+0x100/0x1a8 [ 29.423357] __kasan_check_write+0x20/0x30 [ 29.424166] kasan_atomics_helper+0xf88/0x4858 [ 29.424341] kasan_atomics+0x198/0x2e0 [ 29.424533] kunit_try_run_case+0x170/0x3f0 [ 29.425193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.425732] kthread+0x328/0x630 [ 29.426131] ret_from_fork+0x10/0x20 [ 29.426302] [ 29.426907] Allocated by task 277: [ 29.427287] kasan_save_stack+0x3c/0x68 [ 29.427339] kasan_save_track+0x20/0x40 [ 29.427702] kasan_save_alloc_info+0x40/0x58 [ 29.428276] __kasan_kmalloc+0xd4/0xd8 [ 29.428685] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.428743] kasan_atomics+0xb8/0x2e0 [ 29.429741] kunit_try_run_case+0x170/0x3f0 [ 29.429823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.430830] kthread+0x328/0x630 [ 29.430892] ret_from_fork+0x10/0x20 [ 29.431101] [ 29.431220] The buggy address belongs to the object at fff00000c787d680 [ 29.431220] which belongs to the cache kmalloc-64 of size 64 [ 29.431475] The buggy address is located 0 bytes to the right of [ 29.431475] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.432040] [ 29.432088] The buggy address belongs to the physical page: [ 29.432126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.432746] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.433843] page_type: f5(slab) [ 29.434132] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.434423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.434847] page dumped because: kasan: bad access detected [ 29.434891] [ 29.434939] Memory state around the buggy address: [ 29.434976] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.435912] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.436037] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.436078] ^ [ 29.436116] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.436569] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.436967] ================================================================== [ 29.545800] ================================================================== [ 29.545853] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 29.545950] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.546044] [ 29.546123] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.546292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.546340] Hardware name: linux,dummy-virt (DT) [ 29.546387] Call trace: [ 29.546458] show_stack+0x20/0x38 (C) [ 29.546524] dump_stack_lvl+0x8c/0xd0 [ 29.546572] print_report+0x118/0x608 [ 29.546624] kasan_report+0xdc/0x128 [ 29.546670] kasan_check_range+0x100/0x1a8 [ 29.546720] __kasan_check_write+0x20/0x30 [ 29.546764] kasan_atomics_helper+0x1414/0x4858 [ 29.546945] kasan_atomics+0x198/0x2e0 [ 29.547007] kunit_try_run_case+0x170/0x3f0 [ 29.547085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.547142] kthread+0x328/0x630 [ 29.547191] ret_from_fork+0x10/0x20 [ 29.547240] [ 29.547291] Allocated by task 277: [ 29.547322] kasan_save_stack+0x3c/0x68 [ 29.547363] kasan_save_track+0x20/0x40 [ 29.547414] kasan_save_alloc_info+0x40/0x58 [ 29.547630] __kasan_kmalloc+0xd4/0xd8 [ 29.547685] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.547728] kasan_atomics+0xb8/0x2e0 [ 29.547833] kunit_try_run_case+0x170/0x3f0 [ 29.547909] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.548053] kthread+0x328/0x630 [ 29.548105] ret_from_fork+0x10/0x20 [ 29.548145] [ 29.548166] The buggy address belongs to the object at fff00000c787d680 [ 29.548166] which belongs to the cache kmalloc-64 of size 64 [ 29.548225] The buggy address is located 0 bytes to the right of [ 29.548225] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.548289] [ 29.548310] The buggy address belongs to the physical page: [ 29.548833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.548967] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.549304] page_type: f5(slab) [ 29.549427] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.549542] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.549586] page dumped because: kasan: bad access detected [ 29.549619] [ 29.549721] Memory state around the buggy address: [ 29.550082] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.550608] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.550672] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.550785] ^ [ 29.550907] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.550960] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.551064] ================================================================== [ 29.551651] ================================================================== [ 29.551794] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 29.551891] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.552078] [ 29.552414] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.552677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.552785] Hardware name: linux,dummy-virt (DT) [ 29.552891] Call trace: [ 29.553035] show_stack+0x20/0x38 (C) [ 29.553148] dump_stack_lvl+0x8c/0xd0 [ 29.553269] print_report+0x118/0x608 [ 29.553318] kasan_report+0xdc/0x128 [ 29.553365] kasan_check_range+0x100/0x1a8 [ 29.553422] __kasan_check_write+0x20/0x30 [ 29.553467] kasan_atomics_helper+0x147c/0x4858 [ 29.553817] kasan_atomics+0x198/0x2e0 [ 29.554027] kunit_try_run_case+0x170/0x3f0 [ 29.554102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.554448] kthread+0x328/0x630 [ 29.554611] ret_from_fork+0x10/0x20 [ 29.554791] [ 29.554814] Allocated by task 277: [ 29.554844] kasan_save_stack+0x3c/0x68 [ 29.555139] kasan_save_track+0x20/0x40 [ 29.555329] kasan_save_alloc_info+0x40/0x58 [ 29.555706] __kasan_kmalloc+0xd4/0xd8 [ 29.555785] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.555968] kasan_atomics+0xb8/0x2e0 [ 29.556062] kunit_try_run_case+0x170/0x3f0 [ 29.556180] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.556229] kthread+0x328/0x630 [ 29.556288] ret_from_fork+0x10/0x20 [ 29.556327] [ 29.556348] The buggy address belongs to the object at fff00000c787d680 [ 29.556348] which belongs to the cache kmalloc-64 of size 64 [ 29.556567] The buggy address is located 0 bytes to the right of [ 29.556567] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.556810] [ 29.556892] The buggy address belongs to the physical page: [ 29.556977] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.557265] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.557475] page_type: f5(slab) [ 29.557639] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.557732] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.557775] page dumped because: kasan: bad access detected [ 29.557809] [ 29.558035] Memory state around the buggy address: [ 29.558279] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.558404] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.558479] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.558824] ^ [ 29.558995] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.559070] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.559195] ================================================================== [ 29.559732] ================================================================== [ 29.559895] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 29.560062] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.560151] [ 29.560604] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.560769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.560863] Hardware name: linux,dummy-virt (DT) [ 29.561077] Call trace: [ 29.561175] show_stack+0x20/0x38 (C) [ 29.561289] dump_stack_lvl+0x8c/0xd0 [ 29.561359] print_report+0x118/0x608 [ 29.561459] kasan_report+0xdc/0x128 [ 29.561509] kasan_check_range+0x100/0x1a8 [ 29.561581] __kasan_check_write+0x20/0x30 [ 29.561726] kasan_atomics_helper+0x14e4/0x4858 [ 29.561854] kasan_atomics+0x198/0x2e0 [ 29.562001] kunit_try_run_case+0x170/0x3f0 [ 29.562112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.562175] kthread+0x328/0x630 [ 29.562221] ret_from_fork+0x10/0x20 [ 29.562281] [ 29.562305] Allocated by task 277: [ 29.562334] kasan_save_stack+0x3c/0x68 [ 29.562377] kasan_save_track+0x20/0x40 [ 29.562429] kasan_save_alloc_info+0x40/0x58 [ 29.562469] __kasan_kmalloc+0xd4/0xd8 [ 29.562524] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.562566] kasan_atomics+0xb8/0x2e0 [ 29.562629] kunit_try_run_case+0x170/0x3f0 [ 29.562670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.562716] kthread+0x328/0x630 [ 29.562765] ret_from_fork+0x10/0x20 [ 29.562809] [ 29.562844] The buggy address belongs to the object at fff00000c787d680 [ 29.562844] which belongs to the cache kmalloc-64 of size 64 [ 29.562903] The buggy address is located 0 bytes to the right of [ 29.562903] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.562967] [ 29.562998] The buggy address belongs to the physical page: [ 29.563037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.563090] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.563136] page_type: f5(slab) [ 29.563186] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.563250] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.563295] page dumped because: kasan: bad access detected [ 29.563328] [ 29.563355] Memory state around the buggy address: [ 29.563388] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.563443] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.563487] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.563525] ^ [ 29.563559] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.563603] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.563642] ================================================================== [ 29.307211] ================================================================== [ 29.307255] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858 [ 29.307321] Write of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.307505] [ 29.307541] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.307626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.307653] Hardware name: linux,dummy-virt (DT) [ 29.307684] Call trace: [ 29.307709] show_stack+0x20/0x38 (C) [ 29.307757] dump_stack_lvl+0x8c/0xd0 [ 29.307971] print_report+0x118/0x608 [ 29.308059] kasan_report+0xdc/0x128 [ 29.308182] kasan_check_range+0x100/0x1a8 [ 29.308300] __kasan_check_write+0x20/0x30 [ 29.308629] kasan_atomics_helper+0xca0/0x4858 [ 29.308719] kasan_atomics+0x198/0x2e0 [ 29.308767] kunit_try_run_case+0x170/0x3f0 [ 29.308840] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.308895] kthread+0x328/0x630 [ 29.308939] ret_from_fork+0x10/0x20 [ 29.309132] [ 29.309255] Allocated by task 277: [ 29.309350] kasan_save_stack+0x3c/0x68 [ 29.309652] kasan_save_track+0x20/0x40 [ 29.309812] kasan_save_alloc_info+0x40/0x58 [ 29.309894] __kasan_kmalloc+0xd4/0xd8 [ 29.309956] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.309997] kasan_atomics+0xb8/0x2e0 [ 29.310370] kunit_try_run_case+0x170/0x3f0 [ 29.310505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.310786] kthread+0x328/0x630 [ 29.310890] ret_from_fork+0x10/0x20 [ 29.311058] [ 29.311125] The buggy address belongs to the object at fff00000c787d680 [ 29.311125] which belongs to the cache kmalloc-64 of size 64 [ 29.311257] The buggy address is located 0 bytes to the right of [ 29.311257] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.311321] [ 29.311342] The buggy address belongs to the physical page: [ 29.311600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.311819] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.312183] page_type: f5(slab) [ 29.312237] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.312316] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.312358] page dumped because: kasan: bad access detected [ 29.312438] [ 29.312459] Memory state around the buggy address: [ 29.312695] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.312813] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.313166] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.313277] ^ [ 29.313358] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.313474] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.313619] ================================================================== [ 29.231448] ================================================================== [ 29.231510] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 29.231563] Write of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.231915] [ 29.232064] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.232482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.232618] Hardware name: linux,dummy-virt (DT) [ 29.232697] Call trace: [ 29.232799] show_stack+0x20/0x38 (C) [ 29.232852] dump_stack_lvl+0x8c/0xd0 [ 29.233066] print_report+0x118/0x608 [ 29.233326] kasan_report+0xdc/0x128 [ 29.233579] kasan_check_range+0x100/0x1a8 [ 29.233702] __kasan_check_write+0x20/0x30 [ 29.233832] kasan_atomics_helper+0x99c/0x4858 [ 29.234038] kasan_atomics+0x198/0x2e0 [ 29.234233] kunit_try_run_case+0x170/0x3f0 [ 29.234321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.234456] kthread+0x328/0x630 [ 29.234579] ret_from_fork+0x10/0x20 [ 29.234687] [ 29.235085] Allocated by task 277: [ 29.235138] kasan_save_stack+0x3c/0x68 [ 29.235289] kasan_save_track+0x20/0x40 [ 29.235548] kasan_save_alloc_info+0x40/0x58 [ 29.235713] __kasan_kmalloc+0xd4/0xd8 [ 29.235925] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.236131] kasan_atomics+0xb8/0x2e0 [ 29.236170] kunit_try_run_case+0x170/0x3f0 [ 29.236418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.236476] kthread+0x328/0x630 [ 29.236628] ret_from_fork+0x10/0x20 [ 29.236853] [ 29.237033] The buggy address belongs to the object at fff00000c787d680 [ 29.237033] which belongs to the cache kmalloc-64 of size 64 [ 29.237137] The buggy address is located 0 bytes to the right of [ 29.237137] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.237232] [ 29.237462] The buggy address belongs to the physical page: [ 29.237671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.237784] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.237973] page_type: f5(slab) [ 29.238114] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.238204] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.238463] page dumped because: kasan: bad access detected [ 29.239040] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.242936] Write of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.243456] kasan_check_range+0x100/0x1a8 [ 29.244600] kasan_save_stack+0x3c/0x68 [ 29.246147] The buggy address is located 0 bytes to the right of [ 29.246147] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.246537] [ 29.246645] The buggy address belongs to the physical page: [ 29.246721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.246920] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.247027] page_type: f5(slab) [ 29.247169] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.247221] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.247269] page dumped because: kasan: bad access detected [ 29.247305] [ 29.247325] Memory state around the buggy address: [ 29.247357] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.247412] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.247624] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.248135] ^ [ 29.248213] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.248320] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.248506] ================================================================== [ 29.371231] ================================================================== [ 29.371296] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 29.372872] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.373138] [ 29.373277] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.373997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.374483] Hardware name: linux,dummy-virt (DT) [ 29.374904] Call trace: [ 29.375084] show_stack+0x20/0x38 (C) [ 29.375941] dump_stack_lvl+0x8c/0xd0 [ 29.376065] print_report+0x118/0x608 [ 29.376358] kasan_report+0xdc/0x128 [ 29.376506] kasan_check_range+0x100/0x1a8 [ 29.377477] __kasan_check_write+0x20/0x30 [ 29.377625] kasan_atomics_helper+0xeb8/0x4858 [ 29.377676] kasan_atomics+0x198/0x2e0 [ 29.378291] kunit_try_run_case+0x170/0x3f0 [ 29.378359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.378426] kthread+0x328/0x630 [ 29.378471] ret_from_fork+0x10/0x20 [ 29.378522] [ 29.380843] Allocated by task 277: [ 29.381090] kasan_save_stack+0x3c/0x68 [ 29.381359] kasan_save_track+0x20/0x40 [ 29.381471] kasan_save_alloc_info+0x40/0x58 [ 29.381622] __kasan_kmalloc+0xd4/0xd8 [ 29.382473] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.382580] kasan_atomics+0xb8/0x2e0 [ 29.382632] kunit_try_run_case+0x170/0x3f0 [ 29.382674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.382720] kthread+0x328/0x630 [ 29.383548] ret_from_fork+0x10/0x20 [ 29.384062] [ 29.384187] The buggy address belongs to the object at fff00000c787d680 [ 29.384187] which belongs to the cache kmalloc-64 of size 64 [ 29.384740] The buggy address is located 0 bytes to the right of [ 29.384740] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.385426] [ 29.386255] The buggy address belongs to the physical page: [ 29.386350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.386808] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.386978] page_type: f5(slab) [ 29.387324] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.388189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.388969] page dumped because: kasan: bad access detected [ 29.389443] [ 29.389575] Memory state around the buggy address: [ 29.389622] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.390387] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.390968] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.391049] ^ [ 29.391555] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.391699] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.391741] ================================================================== [ 29.064364] ================================================================== [ 29.064778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ec/0x4858 [ 29.064899] Read of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.065003] [ 29.065127] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.065264] Hardware name: linux,dummy-virt (DT) [ 29.065298] Call trace: [ 29.065339] show_stack+0x20/0x38 (C) [ 29.065515] dump_stack_lvl+0x8c/0xd0 [ 29.065754] print_report+0x118/0x608 [ 29.065829] kasan_report+0xdc/0x128 [ 29.065877] kasan_check_range+0x100/0x1a8 [ 29.065928] __kasan_check_read+0x20/0x30 [ 29.065975] kasan_atomics_helper+0x1ec/0x4858 [ 29.066023] kasan_atomics+0x198/0x2e0 [ 29.066070] kunit_try_run_case+0x170/0x3f0 [ 29.066121] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.066174] kthread+0x328/0x630 [ 29.066242] ret_from_fork+0x10/0x20 [ 29.066293] [ 29.066313] Allocated by task 277: [ 29.066341] kasan_save_stack+0x3c/0x68 [ 29.066406] kasan_save_track+0x20/0x40 [ 29.066448] kasan_save_alloc_info+0x40/0x58 [ 29.066544] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.066586] kasan_atomics+0xb8/0x2e0 [ 29.066762] ret_from_fork+0x10/0x20 [ 29.066897] The buggy address is located 0 bytes to the right of [ 29.066897] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.066974] [ 29.067030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.067082] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.067129] page_type: f5(slab) [ 29.067244] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.068377] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.068872] ^ [ 29.069472] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.070644] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x24c/0x4858 [ 29.070926] Write of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.075504] [ 29.076729] [ 29.077415] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.079754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.080677] __kasan_check_read+0x20/0x30 [ 29.082266] kasan_save_stack+0x3c/0x68 [ 29.083753] The buggy address is located 0 bytes to the right of [ 29.083753] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.087568] [ 29.087724] Hardware name: linux,dummy-virt (DT) [ 29.088694] kasan_atomics_helper+0x40fc/0x4858 [ 29.091219] kthread+0x328/0x630 [ 29.092705] page dumped because: kasan: bad access detected [ 29.093437] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.096083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.097514] kasan_atomics_helper+0x32c/0x4858 [ 29.099259] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.101207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.103603] kthread+0x328/0x630 [ 29.104717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.106015] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.108560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.109588] __kasan_check_write+0x20/0x30 [ 29.112289] kasan_save_alloc_info+0x40/0x58 [ 29.115367] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.115842] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.119037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.120743] kasan_atomics+0x198/0x2e0 [ 29.121729] kasan_atomics+0xb8/0x2e0 [ 29.122206] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.124691] kasan_atomics_helper+0x47c/0x4858 [ 29.125518] The buggy address is located 0 bytes to the right of [ 29.125518] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.127710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.129726] [ 29.131214] [ 29.131450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.131897] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.133198] Hardware name: linux,dummy-virt (DT) [ 29.134071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.136463] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.138615] Hardware name: linux,dummy-virt (DT) [ 29.139845] kunit_try_run_case+0x170/0x3f0 [ 29.145732] The buggy address is located 0 bytes to the right of [ 29.145732] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.153649] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 29.177973] __kasan_kmalloc+0xd4/0xd8 [ 29.179921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.181272] ^ [ 29.183738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.186765] kasan_atomics+0xb8/0x2e0 [ 29.187568] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.188488] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.190617] show_stack+0x20/0x38 (C) [ 29.191801] kasan_atomics+0x198/0x2e0 [ 29.194685] The buggy address is located 0 bytes to the right of [ 29.194685] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.196894] ================================================================== [ 29.439276] ================================================================== [ 29.439335] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 29.439391] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.442417] [ 29.443090] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.443432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.443516] Hardware name: linux,dummy-virt (DT) [ 29.443573] Call trace: [ 29.443637] show_stack+0x20/0x38 (C) [ 29.443693] dump_stack_lvl+0x8c/0xd0 [ 29.444018] print_report+0x118/0x608 [ 29.444077] kasan_report+0xdc/0x128 [ 29.444123] kasan_check_range+0x100/0x1a8 [ 29.444172] __kasan_check_write+0x20/0x30 [ 29.444218] kasan_atomics_helper+0xff0/0x4858 [ 29.444268] kasan_atomics+0x198/0x2e0 [ 29.446042] kunit_try_run_case+0x170/0x3f0 [ 29.446307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.447078] kthread+0x328/0x630 [ 29.447367] ret_from_fork+0x10/0x20 [ 29.447480] [ 29.447901] Allocated by task 277: [ 29.448249] kasan_save_stack+0x3c/0x68 [ 29.448519] kasan_save_track+0x20/0x40 [ 29.448994] kasan_save_alloc_info+0x40/0x58 [ 29.449432] __kasan_kmalloc+0xd4/0xd8 [ 29.450329] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.450495] kasan_atomics+0xb8/0x2e0 [ 29.450714] kunit_try_run_case+0x170/0x3f0 [ 29.450804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.450851] kthread+0x328/0x630 [ 29.451363] ret_from_fork+0x10/0x20 [ 29.451428] [ 29.451968] The buggy address belongs to the object at fff00000c787d680 [ 29.451968] which belongs to the cache kmalloc-64 of size 64 [ 29.452752] The buggy address is located 0 bytes to the right of [ 29.452752] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.453244] [ 29.453275] The buggy address belongs to the physical page: [ 29.453826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.454265] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.454483] page_type: f5(slab) [ 29.454890] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.455633] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.455949] page dumped because: kasan: bad access detected [ 29.455987] [ 29.456460] Memory state around the buggy address: [ 29.456504] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.457167] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.457553] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.457912] ^ [ 29.458171] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.458220] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.458853] ================================================================== [ 29.527921] ================================================================== [ 29.527972] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 29.528021] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.528275] [ 29.528337] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.528741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.528881] Hardware name: linux,dummy-virt (DT) [ 29.528990] Call trace: [ 29.529135] show_stack+0x20/0x38 (C) [ 29.529253] dump_stack_lvl+0x8c/0xd0 [ 29.529335] print_report+0x118/0x608 [ 29.529527] kasan_report+0xdc/0x128 [ 29.529577] kasan_check_range+0x100/0x1a8 [ 29.529632] __kasan_check_write+0x20/0x30 [ 29.529679] kasan_atomics_helper+0x12d8/0x4858 [ 29.530005] kasan_atomics+0x198/0x2e0 [ 29.530180] kunit_try_run_case+0x170/0x3f0 [ 29.530300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.530690] kthread+0x328/0x630 [ 29.530884] ret_from_fork+0x10/0x20 [ 29.530979] [ 29.531002] Allocated by task 277: [ 29.531032] kasan_save_stack+0x3c/0x68 [ 29.531373] kasan_save_track+0x20/0x40 [ 29.531496] kasan_save_alloc_info+0x40/0x58 [ 29.531610] __kasan_kmalloc+0xd4/0xd8 [ 29.531968] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.532020] kasan_atomics+0xb8/0x2e0 [ 29.532091] kunit_try_run_case+0x170/0x3f0 [ 29.532139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.532186] kthread+0x328/0x630 [ 29.532449] ret_from_fork+0x10/0x20 [ 29.532579] [ 29.532700] The buggy address belongs to the object at fff00000c787d680 [ 29.532700] which belongs to the cache kmalloc-64 of size 64 [ 29.532835] The buggy address is located 0 bytes to the right of [ 29.532835] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.533032] [ 29.533373] The buggy address belongs to the physical page: [ 29.533438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.533536] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.533611] page_type: f5(slab) [ 29.533647] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.533895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.534032] page dumped because: kasan: bad access detected [ 29.534159] [ 29.534237] Memory state around the buggy address: [ 29.534331] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.534698] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.534762] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.534814] ^ [ 29.534862] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.534922] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.534971] ================================================================== [ 29.461306] ================================================================== [ 29.461439] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 29.461917] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.461993] [ 29.462233] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.462851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.462889] Hardware name: linux,dummy-virt (DT) [ 29.462924] Call trace: [ 29.462950] show_stack+0x20/0x38 (C) [ 29.463413] dump_stack_lvl+0x8c/0xd0 [ 29.463483] print_report+0x118/0x608 [ 29.463532] kasan_report+0xdc/0x128 [ 29.463659] kasan_check_range+0x100/0x1a8 [ 29.463720] __kasan_check_write+0x20/0x30 [ 29.464092] kasan_atomics_helper+0x1058/0x4858 [ 29.464147] kasan_atomics+0x198/0x2e0 [ 29.464917] kunit_try_run_case+0x170/0x3f0 [ 29.464987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.465043] kthread+0x328/0x630 [ 29.465088] ret_from_fork+0x10/0x20 [ 29.465139] [ 29.465160] Allocated by task 277: [ 29.465190] kasan_save_stack+0x3c/0x68 [ 29.465734] kasan_save_track+0x20/0x40 [ 29.465786] kasan_save_alloc_info+0x40/0x58 [ 29.465826] __kasan_kmalloc+0xd4/0xd8 [ 29.465867] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.465910] kasan_atomics+0xb8/0x2e0 [ 29.465948] kunit_try_run_case+0x170/0x3f0 [ 29.465988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.466035] kthread+0x328/0x630 [ 29.466916] ret_from_fork+0x10/0x20 [ 29.466968] [ 29.466990] The buggy address belongs to the object at fff00000c787d680 [ 29.466990] which belongs to the cache kmalloc-64 of size 64 [ 29.467247] The buggy address is located 0 bytes to the right of [ 29.467247] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.467820] [ 29.467931] The buggy address belongs to the physical page: [ 29.467970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.468028] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.468079] page_type: f5(slab) [ 29.468119] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.468168] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.468212] page dumped because: kasan: bad access detected [ 29.469037] [ 29.469063] Memory state around the buggy address: [ 29.469108] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.469383] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.469443] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.469481] ^ [ 29.469517] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.469561] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.469601] ================================================================== [ 29.257249] ================================================================== [ 29.257697] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 29.257766] Write of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.257819] [ 29.258034] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.258133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.258566] Hardware name: linux,dummy-virt (DT) [ 29.258739] Call trace: [ 29.258774] show_stack+0x20/0x38 (C) [ 29.258828] dump_stack_lvl+0x8c/0xd0 [ 29.258879] print_report+0x118/0x608 [ 29.259183] kasan_report+0xdc/0x128 [ 29.259618] kasan_check_range+0x100/0x1a8 [ 29.259693] __kasan_check_write+0x20/0x30 [ 29.259741] kasan_atomics_helper+0xad4/0x4858 [ 29.259899] kasan_atomics+0x198/0x2e0 [ 29.260217] kunit_try_run_case+0x170/0x3f0 [ 29.260630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.260893] kthread+0x328/0x630 [ 29.261035] ret_from_fork+0x10/0x20 [ 29.261201] [ 29.261253] Allocated by task 277: [ 29.261285] kasan_save_stack+0x3c/0x68 [ 29.261762] kasan_save_track+0x20/0x40 [ 29.261829] kasan_save_alloc_info+0x40/0x58 [ 29.261894] __kasan_kmalloc+0xd4/0xd8 [ 29.262103] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.262481] kasan_atomics+0xb8/0x2e0 [ 29.262748] kunit_try_run_case+0x170/0x3f0 [ 29.263024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.263083] kthread+0x328/0x630 [ 29.263475] ret_from_fork+0x10/0x20 [ 29.263557] [ 29.263752] The buggy address belongs to the object at fff00000c787d680 [ 29.263752] which belongs to the cache kmalloc-64 of size 64 [ 29.263987] The buggy address is located 0 bytes to the right of [ 29.263987] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.264222] [ 29.264434] The buggy address belongs to the physical page: [ 29.264510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.264678] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.264783] page_type: f5(slab) [ 29.264929] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.265004] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.265055] page dumped because: kasan: bad access detected [ 29.265088] [ 29.265109] Memory state around the buggy address: [ 29.265143] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.265433] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.265964] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.266027] ^ [ 29.266189] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.266369] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.266420] ================================================================== [ 29.277622] ================================================================== [ 29.277991] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 29.278099] Write of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.278367] [ 29.278420] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.278686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.278730] Hardware name: linux,dummy-virt (DT) [ 29.278766] Call trace: [ 29.278929] show_stack+0x20/0x38 (C) [ 29.279073] dump_stack_lvl+0x8c/0xd0 [ 29.279126] print_report+0x118/0x608 [ 29.279211] kasan_report+0xdc/0x128 [ 29.279291] kasan_check_range+0x100/0x1a8 [ 29.279346] __kasan_check_write+0x20/0x30 [ 29.279467] kasan_atomics_helper+0xb70/0x4858 [ 29.279522] kasan_atomics+0x198/0x2e0 [ 29.279569] kunit_try_run_case+0x170/0x3f0 [ 29.279941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.280054] kthread+0x328/0x630 [ 29.280391] ret_from_fork+0x10/0x20 [ 29.280586] [ 29.280613] Allocated by task 277: [ 29.280645] kasan_save_stack+0x3c/0x68 [ 29.280717] kasan_save_track+0x20/0x40 [ 29.280903] kasan_save_alloc_info+0x40/0x58 [ 29.281068] __kasan_kmalloc+0xd4/0xd8 [ 29.281289] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.281523] kasan_atomics+0xb8/0x2e0 [ 29.281583] kunit_try_run_case+0x170/0x3f0 [ 29.281625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.281872] kthread+0x328/0x630 [ 29.282150] ret_from_fork+0x10/0x20 [ 29.282410] [ 29.282438] The buggy address belongs to the object at fff00000c787d680 [ 29.282438] which belongs to the cache kmalloc-64 of size 64 [ 29.282621] The buggy address is located 0 bytes to the right of [ 29.282621] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.282913] [ 29.282965] The buggy address belongs to the physical page: [ 29.283348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.283553] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.283631] page_type: f5(slab) [ 29.284014] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.284277] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.284512] page dumped because: kasan: bad access detected [ 29.284728] [ 29.284845] Memory state around the buggy address: [ 29.284922] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.285208] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.285433] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.285508] ^ [ 29.285864] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.285981] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.286182] ================================================================== [ 29.492408] ================================================================== [ 29.492608] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 29.492680] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.492746] [ 29.493094] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.493289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.493317] Hardware name: linux,dummy-virt (DT) [ 29.493651] Call trace: [ 29.493688] show_stack+0x20/0x38 (C) [ 29.493757] dump_stack_lvl+0x8c/0xd0 [ 29.493871] print_report+0x118/0x608 [ 29.494296] kasan_report+0xdc/0x128 [ 29.494863] kasan_check_range+0x100/0x1a8 [ 29.494939] __kasan_check_write+0x20/0x30 [ 29.494987] kasan_atomics_helper+0x1190/0x4858 [ 29.495525] kasan_atomics+0x198/0x2e0 [ 29.495716] kunit_try_run_case+0x170/0x3f0 [ 29.495770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.495825] kthread+0x328/0x630 [ 29.495876] ret_from_fork+0x10/0x20 [ 29.495927] [ 29.495949] Allocated by task 277: [ 29.495980] kasan_save_stack+0x3c/0x68 [ 29.496781] kasan_save_track+0x20/0x40 [ 29.496843] kasan_save_alloc_info+0x40/0x58 [ 29.496883] __kasan_kmalloc+0xd4/0xd8 [ 29.496923] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.496967] kasan_atomics+0xb8/0x2e0 [ 29.497190] kunit_try_run_case+0x170/0x3f0 [ 29.497450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.497506] kthread+0x328/0x630 [ 29.497719] ret_from_fork+0x10/0x20 [ 29.497797] [ 29.497819] The buggy address belongs to the object at fff00000c787d680 [ 29.497819] which belongs to the cache kmalloc-64 of size 64 [ 29.498034] The buggy address is located 0 bytes to the right of [ 29.498034] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.498470] [ 29.498594] The buggy address belongs to the physical page: [ 29.498769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.498832] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.499201] page_type: f5(slab) [ 29.499367] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.499543] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.499593] page dumped because: kasan: bad access detected [ 29.499931] [ 29.499962] Memory state around the buggy address: [ 29.500294] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.500940] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.501163] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.501206] ^ [ 29.501243] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.501289] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.501724] ================================================================== [ 29.600587] ================================================================== [ 29.600634] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 29.600965] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.601031] [ 29.601081] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.601173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.601218] Hardware name: linux,dummy-virt (DT) [ 29.601255] Call trace: [ 29.601281] show_stack+0x20/0x38 (C) [ 29.601329] dump_stack_lvl+0x8c/0xd0 [ 29.601719] print_report+0x118/0x608 [ 29.601783] kasan_report+0xdc/0x128 [ 29.601882] kasan_check_range+0x100/0x1a8 [ 29.602005] __kasan_check_write+0x20/0x30 [ 29.602053] kasan_atomics_helper+0x175c/0x4858 [ 29.602111] kasan_atomics+0x198/0x2e0 [ 29.602215] kunit_try_run_case+0x170/0x3f0 [ 29.602364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.602431] kthread+0x328/0x630 [ 29.602474] ret_from_fork+0x10/0x20 [ 29.602871] [ 29.602961] Allocated by task 277: [ 29.602998] kasan_save_stack+0x3c/0x68 [ 29.603295] kasan_save_track+0x20/0x40 [ 29.603351] kasan_save_alloc_info+0x40/0x58 [ 29.603564] __kasan_kmalloc+0xd4/0xd8 [ 29.603680] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.603723] kasan_atomics+0xb8/0x2e0 [ 29.603781] kunit_try_run_case+0x170/0x3f0 [ 29.603823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.604327] kthread+0x328/0x630 [ 29.604434] ret_from_fork+0x10/0x20 [ 29.604796] [ 29.604874] The buggy address belongs to the object at fff00000c787d680 [ 29.604874] which belongs to the cache kmalloc-64 of size 64 [ 29.604955] The buggy address is located 0 bytes to the right of [ 29.604955] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.605044] [ 29.605067] The buggy address belongs to the physical page: [ 29.605102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.605154] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.605203] page_type: f5(slab) [ 29.605242] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.605615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.605704] page dumped because: kasan: bad access detected [ 29.605778] [ 29.605801] Memory state around the buggy address: [ 29.605835] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.605894] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.605940] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.605989] ^ [ 29.606025] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.606078] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.606119] ================================================================== [ 29.330744] ================================================================== [ 29.331117] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 29.331178] Read of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.331229] [ 29.331259] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.331513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.331556] Hardware name: linux,dummy-virt (DT) [ 29.331589] Call trace: [ 29.331612] show_stack+0x20/0x38 (C) [ 29.331690] dump_stack_lvl+0x8c/0xd0 [ 29.331755] print_report+0x118/0x608 [ 29.331810] kasan_report+0xdc/0x128 [ 29.331950] kasan_check_range+0x100/0x1a8 [ 29.332104] __kasan_check_read+0x20/0x30 [ 29.332212] kasan_atomics_helper+0xdd4/0x4858 [ 29.332282] kasan_atomics+0x198/0x2e0 [ 29.332330] kunit_try_run_case+0x170/0x3f0 [ 29.332378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.332580] kthread+0x328/0x630 [ 29.332634] ret_from_fork+0x10/0x20 [ 29.332747] [ 29.332880] Allocated by task 277: [ 29.332988] kasan_save_stack+0x3c/0x68 [ 29.333106] kasan_save_track+0x20/0x40 [ 29.333203] kasan_save_alloc_info+0x40/0x58 [ 29.333545] __kasan_kmalloc+0xd4/0xd8 [ 29.333690] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.333797] kasan_atomics+0xb8/0x2e0 [ 29.333848] kunit_try_run_case+0x170/0x3f0 [ 29.333888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.333934] kthread+0x328/0x630 [ 29.333970] ret_from_fork+0x10/0x20 [ 29.334009] [ 29.334144] The buggy address belongs to the object at fff00000c787d680 [ 29.334144] which belongs to the cache kmalloc-64 of size 64 [ 29.334278] The buggy address is located 0 bytes to the right of [ 29.334278] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.334392] [ 29.334473] The buggy address belongs to the physical page: [ 29.334506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.334692] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.334821] page_type: f5(slab) [ 29.334920] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.335050] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.335169] page dumped because: kasan: bad access detected [ 29.335284] [ 29.335351] Memory state around the buggy address: [ 29.335385] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.335442] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.335803] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.335908] ^ [ 29.335975] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.336040] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.336360] ================================================================== [ 29.349785] ================================================================== [ 29.349845] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 29.349896] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.349946] [ 29.349979] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.350097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.350137] Hardware name: linux,dummy-virt (DT) [ 29.350181] Call trace: [ 29.350299] show_stack+0x20/0x38 (C) [ 29.350366] dump_stack_lvl+0x8c/0xd0 [ 29.350427] print_report+0x118/0x608 [ 29.350478] kasan_report+0xdc/0x128 [ 29.350526] __asan_report_store8_noabort+0x20/0x30 [ 29.350582] kasan_atomics_helper+0x3e5c/0x4858 [ 29.351981] kasan_atomics+0x198/0x2e0 [ 29.352311] kunit_try_run_case+0x170/0x3f0 [ 29.352984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.353093] kthread+0x328/0x630 [ 29.353138] ret_from_fork+0x10/0x20 [ 29.353189] [ 29.353536] Allocated by task 277: [ 29.353634] kasan_save_stack+0x3c/0x68 [ 29.354331] kasan_save_track+0x20/0x40 [ 29.355205] kasan_save_alloc_info+0x40/0x58 [ 29.355420] __kasan_kmalloc+0xd4/0xd8 [ 29.355852] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.355959] kasan_atomics+0xb8/0x2e0 [ 29.356773] kunit_try_run_case+0x170/0x3f0 [ 29.357167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.357842] kthread+0x328/0x630 [ 29.358117] ret_from_fork+0x10/0x20 [ 29.358159] [ 29.358182] The buggy address belongs to the object at fff00000c787d680 [ 29.358182] which belongs to the cache kmalloc-64 of size 64 [ 29.358949] The buggy address is located 0 bytes to the right of [ 29.358949] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.359782] [ 29.359955] The buggy address belongs to the physical page: [ 29.360221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.360760] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.361094] page_type: f5(slab) [ 29.361142] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.362163] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.362419] page dumped because: kasan: bad access detected [ 29.362990] [ 29.363050] Memory state around the buggy address: [ 29.363089] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.363365] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.363995] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.364422] ^ [ 29.364666] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.365098] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.365699] ================================================================== [ 29.320744] ================================================================== [ 29.320818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 29.321043] Write of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.321095] [ 29.321298] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.321508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.321567] Hardware name: linux,dummy-virt (DT) [ 29.321600] Call trace: [ 29.321682] show_stack+0x20/0x38 (C) [ 29.321734] dump_stack_lvl+0x8c/0xd0 [ 29.321800] print_report+0x118/0x608 [ 29.321885] kasan_report+0xdc/0x128 [ 29.321957] kasan_check_range+0x100/0x1a8 [ 29.322009] __kasan_check_write+0x20/0x30 [ 29.322056] kasan_atomics_helper+0xd3c/0x4858 [ 29.322115] kasan_atomics+0x198/0x2e0 [ 29.322162] kunit_try_run_case+0x170/0x3f0 [ 29.322347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.322626] kthread+0x328/0x630 [ 29.322689] ret_from_fork+0x10/0x20 [ 29.322739] [ 29.322844] Allocated by task 277: [ 29.323029] kasan_save_stack+0x3c/0x68 [ 29.323147] kasan_save_track+0x20/0x40 [ 29.323212] kasan_save_alloc_info+0x40/0x58 [ 29.323290] __kasan_kmalloc+0xd4/0xd8 [ 29.323357] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.323429] kasan_atomics+0xb8/0x2e0 [ 29.323506] kunit_try_run_case+0x170/0x3f0 [ 29.323548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.323593] kthread+0x328/0x630 [ 29.323737] ret_from_fork+0x10/0x20 [ 29.323989] [ 29.324106] The buggy address belongs to the object at fff00000c787d680 [ 29.324106] which belongs to the cache kmalloc-64 of size 64 [ 29.324339] The buggy address is located 0 bytes to the right of [ 29.324339] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.324520] [ 29.324590] The buggy address belongs to the physical page: [ 29.324668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.324731] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.324779] page_type: f5(slab) [ 29.324816] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.324868] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.324909] page dumped because: kasan: bad access detected [ 29.324942] [ 29.324984] Memory state around the buggy address: [ 29.325018] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.325063] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.325318] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.325477] ^ [ 29.325800] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.325940] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.326019] ================================================================== [ 29.589936] ================================================================== [ 29.589976] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 29.590020] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.590069] [ 29.590097] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.590180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.590207] Hardware name: linux,dummy-virt (DT) [ 29.590238] Call trace: [ 29.590261] show_stack+0x20/0x38 (C) [ 29.590307] dump_stack_lvl+0x8c/0xd0 [ 29.590354] print_report+0x118/0x608 [ 29.590452] kasan_report+0xdc/0x128 [ 29.590551] kasan_check_range+0x100/0x1a8 [ 29.590641] __kasan_check_write+0x20/0x30 [ 29.590688] kasan_atomics_helper+0x16d0/0x4858 [ 29.590775] kasan_atomics+0x198/0x2e0 [ 29.590948] kunit_try_run_case+0x170/0x3f0 [ 29.591118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.591240] kthread+0x328/0x630 [ 29.591316] ret_from_fork+0x10/0x20 [ 29.591551] [ 29.591594] Allocated by task 277: [ 29.591624] kasan_save_stack+0x3c/0x68 [ 29.591668] kasan_save_track+0x20/0x40 [ 29.591731] kasan_save_alloc_info+0x40/0x58 [ 29.591771] __kasan_kmalloc+0xd4/0xd8 [ 29.591810] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.591851] kasan_atomics+0xb8/0x2e0 [ 29.591907] kunit_try_run_case+0x170/0x3f0 [ 29.591960] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.592006] kthread+0x328/0x630 [ 29.592041] ret_from_fork+0x10/0x20 [ 29.592079] [ 29.592100] The buggy address belongs to the object at fff00000c787d680 [ 29.592100] which belongs to the cache kmalloc-64 of size 64 [ 29.592159] The buggy address is located 0 bytes to the right of [ 29.592159] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.592429] [ 29.592566] The buggy address belongs to the physical page: [ 29.592663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.592802] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.592939] page_type: f5(slab) [ 29.593055] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.593139] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.593592] page dumped because: kasan: bad access detected [ 29.593634] [ 29.593654] Memory state around the buggy address: [ 29.593699] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.593774] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.594161] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.594325] ^ [ 29.594418] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.594463] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.594504] ================================================================== [ 29.471440] ================================================================== [ 29.471494] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 29.471546] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.471597] [ 29.471628] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.471713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.472910] Hardware name: linux,dummy-virt (DT) [ 29.472987] Call trace: [ 29.473013] show_stack+0x20/0x38 (C) [ 29.473457] dump_stack_lvl+0x8c/0xd0 [ 29.473523] print_report+0x118/0x608 [ 29.473902] kasan_report+0xdc/0x128 [ 29.474175] kasan_check_range+0x100/0x1a8 [ 29.474226] __kasan_check_write+0x20/0x30 [ 29.474306] kasan_atomics_helper+0x10c0/0x4858 [ 29.474358] kasan_atomics+0x198/0x2e0 [ 29.474417] kunit_try_run_case+0x170/0x3f0 [ 29.474467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.474961] kthread+0x328/0x630 [ 29.475018] ret_from_fork+0x10/0x20 [ 29.475336] [ 29.475366] Allocated by task 277: [ 29.475501] kasan_save_stack+0x3c/0x68 [ 29.475954] kasan_save_track+0x20/0x40 [ 29.476003] kasan_save_alloc_info+0x40/0x58 [ 29.476044] __kasan_kmalloc+0xd4/0xd8 [ 29.476212] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.476304] kasan_atomics+0xb8/0x2e0 [ 29.476723] kunit_try_run_case+0x170/0x3f0 [ 29.476769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.476818] kthread+0x328/0x630 [ 29.476861] ret_from_fork+0x10/0x20 [ 29.476901] [ 29.477375] The buggy address belongs to the object at fff00000c787d680 [ 29.477375] which belongs to the cache kmalloc-64 of size 64 [ 29.477514] The buggy address is located 0 bytes to the right of [ 29.477514] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.477724] [ 29.477747] The buggy address belongs to the physical page: [ 29.477874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.477992] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.478314] page_type: f5(slab) [ 29.478359] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.478684] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.478961] page dumped because: kasan: bad access detected [ 29.479001] [ 29.479022] Memory state around the buggy address: [ 29.479058] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.479536] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.479670] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.479759] ^ [ 29.479796] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.480116] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.480164] ================================================================== [ 29.397948] ================================================================== [ 29.398011] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 29.398076] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.399046] [ 29.399263] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.399355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.399383] Hardware name: linux,dummy-virt (DT) [ 29.399430] Call trace: [ 29.400728] show_stack+0x20/0x38 (C) [ 29.400853] dump_stack_lvl+0x8c/0xd0 [ 29.400938] print_report+0x118/0x608 [ 29.401355] kasan_report+0xdc/0x128 [ 29.401795] kasan_check_range+0x100/0x1a8 [ 29.402761] __kasan_check_write+0x20/0x30 [ 29.403157] kasan_atomics_helper+0xf20/0x4858 [ 29.403494] kasan_atomics+0x198/0x2e0 [ 29.403544] kunit_try_run_case+0x170/0x3f0 [ 29.403603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.403659] kthread+0x328/0x630 [ 29.405744] ret_from_fork+0x10/0x20 [ 29.406130] [ 29.406211] Allocated by task 277: [ 29.406286] kasan_save_stack+0x3c/0x68 [ 29.406336] kasan_save_track+0x20/0x40 [ 29.406378] kasan_save_alloc_info+0x40/0x58 [ 29.406428] __kasan_kmalloc+0xd4/0xd8 [ 29.407105] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.407467] kasan_atomics+0xb8/0x2e0 [ 29.407721] kunit_try_run_case+0x170/0x3f0 [ 29.407764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.407810] kthread+0x328/0x630 [ 29.407846] ret_from_fork+0x10/0x20 [ 29.408493] [ 29.408518] The buggy address belongs to the object at fff00000c787d680 [ 29.408518] which belongs to the cache kmalloc-64 of size 64 [ 29.409377] The buggy address is located 0 bytes to the right of [ 29.409377] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.409918] [ 29.410359] The buggy address belongs to the physical page: [ 29.410836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.411013] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.412049] page_type: f5(slab) [ 29.412174] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.412242] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.412767] page dumped because: kasan: bad access detected [ 29.412942] [ 29.413300] Memory state around the buggy address: [ 29.413600] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.414127] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.414180] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.414220] ^ [ 29.414257] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.414303] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.415655] ================================================================== [ 29.535228] ================================================================== [ 29.535416] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 29.535568] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.535621] [ 29.535678] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.535793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.535840] Hardware name: linux,dummy-virt (DT) [ 29.536082] Call trace: [ 29.536133] show_stack+0x20/0x38 (C) [ 29.536191] dump_stack_lvl+0x8c/0xd0 [ 29.536241] print_report+0x118/0x608 [ 29.536288] kasan_report+0xdc/0x128 [ 29.536419] kasan_check_range+0x100/0x1a8 [ 29.536599] __kasan_check_write+0x20/0x30 [ 29.536942] kasan_atomics_helper+0x1384/0x4858 [ 29.537091] kasan_atomics+0x198/0x2e0 [ 29.537572] kunit_try_run_case+0x170/0x3f0 [ 29.537705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.538027] kthread+0x328/0x630 [ 29.538096] ret_from_fork+0x10/0x20 [ 29.538164] [ 29.538208] Allocated by task 277: [ 29.538238] kasan_save_stack+0x3c/0x68 [ 29.538280] kasan_save_track+0x20/0x40 [ 29.538320] kasan_save_alloc_info+0x40/0x58 [ 29.538374] __kasan_kmalloc+0xd4/0xd8 [ 29.538425] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.538466] kasan_atomics+0xb8/0x2e0 [ 29.538505] kunit_try_run_case+0x170/0x3f0 [ 29.538884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.538943] kthread+0x328/0x630 [ 29.539082] ret_from_fork+0x10/0x20 [ 29.539264] [ 29.539409] The buggy address belongs to the object at fff00000c787d680 [ 29.539409] which belongs to the cache kmalloc-64 of size 64 [ 29.539510] The buggy address is located 0 bytes to the right of [ 29.539510] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.539579] [ 29.539611] The buggy address belongs to the physical page: [ 29.539931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.540086] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.540198] page_type: f5(slab) [ 29.540298] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.540631] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.540696] page dumped because: kasan: bad access detected [ 29.540730] [ 29.540751] Memory state around the buggy address: [ 29.540942] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.540989] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.541033] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.541259] ^ [ 29.541337] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.541455] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.541842] ================================================================== [ 29.297232] ================================================================== [ 29.297302] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc08/0x4858 [ 29.297354] Write of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.297812] [ 29.297862] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.297958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.298500] Hardware name: linux,dummy-virt (DT) [ 29.298600] Call trace: [ 29.298628] show_stack+0x20/0x38 (C) [ 29.298692] dump_stack_lvl+0x8c/0xd0 [ 29.298950] print_report+0x118/0x608 [ 29.299031] kasan_report+0xdc/0x128 [ 29.299082] kasan_check_range+0x100/0x1a8 [ 29.299525] __kasan_check_write+0x20/0x30 [ 29.299687] kasan_atomics_helper+0xc08/0x4858 [ 29.299747] kasan_atomics+0x198/0x2e0 [ 29.299804] kunit_try_run_case+0x170/0x3f0 [ 29.300202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.300282] kthread+0x328/0x630 [ 29.300327] ret_from_fork+0x10/0x20 [ 29.300378] [ 29.300413] Allocated by task 277: [ 29.300668] kasan_save_stack+0x3c/0x68 [ 29.300947] kasan_save_track+0x20/0x40 [ 29.300993] kasan_save_alloc_info+0x40/0x58 [ 29.301407] __kasan_kmalloc+0xd4/0xd8 [ 29.301517] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.301631] kasan_atomics+0xb8/0x2e0 [ 29.301939] kunit_try_run_case+0x170/0x3f0 [ 29.302054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.302330] kthread+0x328/0x630 [ 29.302485] ret_from_fork+0x10/0x20 [ 29.302591] [ 29.302616] The buggy address belongs to the object at fff00000c787d680 [ 29.302616] which belongs to the cache kmalloc-64 of size 64 [ 29.302691] The buggy address is located 0 bytes to the right of [ 29.302691] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.302760] [ 29.302784] The buggy address belongs to the physical page: [ 29.302833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.302885] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.302933] page_type: f5(slab) [ 29.302972] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.303022] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.303063] page dumped because: kasan: bad access detected [ 29.303096] [ 29.303146] Memory state around the buggy address: [ 29.303195] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.303253] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.303297] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.303348] ^ [ 29.303384] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.303439] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.303493] ================================================================== [ 29.343765] ================================================================== [ 29.343815] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 29.343903] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.343956] [ 29.343988] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.344119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.344149] Hardware name: linux,dummy-virt (DT) [ 29.344183] Call trace: [ 29.344209] show_stack+0x20/0x38 (C) [ 29.344257] dump_stack_lvl+0x8c/0xd0 [ 29.344303] print_report+0x118/0x608 [ 29.344352] kasan_report+0xdc/0x128 [ 29.344686] kasan_check_range+0x100/0x1a8 [ 29.344819] __kasan_check_write+0x20/0x30 [ 29.344927] kasan_atomics_helper+0xe44/0x4858 [ 29.344980] kasan_atomics+0x198/0x2e0 [ 29.345185] kunit_try_run_case+0x170/0x3f0 [ 29.345290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.345456] kthread+0x328/0x630 [ 29.345530] ret_from_fork+0x10/0x20 [ 29.345581] [ 29.345731] Allocated by task 277: [ 29.345795] kasan_save_stack+0x3c/0x68 [ 29.345931] kasan_save_track+0x20/0x40 [ 29.346011] kasan_save_alloc_info+0x40/0x58 [ 29.346208] __kasan_kmalloc+0xd4/0xd8 [ 29.346448] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.346518] kasan_atomics+0xb8/0x2e0 [ 29.346607] kunit_try_run_case+0x170/0x3f0 [ 29.346709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.346827] kthread+0x328/0x630 [ 29.346865] ret_from_fork+0x10/0x20 [ 29.346902] [ 29.346925] The buggy address belongs to the object at fff00000c787d680 [ 29.346925] which belongs to the cache kmalloc-64 of size 64 [ 29.346984] The buggy address is located 0 bytes to the right of [ 29.346984] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.347231] [ 29.347281] The buggy address belongs to the physical page: [ 29.347350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.347446] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.347733] page_type: f5(slab) [ 29.347825] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.348017] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.348061] page dumped because: kasan: bad access detected [ 29.348116] [ 29.348137] Memory state around the buggy address: [ 29.348172] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.348215] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.348260] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.348301] ^ [ 29.348335] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.348380] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.348540] ================================================================== [ 29.287023] ================================================================== [ 29.287080] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dbc/0x4858 [ 29.287136] Read of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.287196] [ 29.287228] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.287318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.287355] Hardware name: linux,dummy-virt (DT) [ 29.287389] Call trace: [ 29.287426] show_stack+0x20/0x38 (C) [ 29.287476] dump_stack_lvl+0x8c/0xd0 [ 29.287534] print_report+0x118/0x608 [ 29.287584] kasan_report+0xdc/0x128 [ 29.287633] __asan_report_load4_noabort+0x20/0x30 [ 29.287682] kasan_atomics_helper+0x3dbc/0x4858 [ 29.287732] kasan_atomics+0x198/0x2e0 [ 29.287779] kunit_try_run_case+0x170/0x3f0 [ 29.287828] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.288559] kthread+0x328/0x630 [ 29.288643] ret_from_fork+0x10/0x20 [ 29.288748] [ 29.289203] Allocated by task 277: [ 29.289242] kasan_save_stack+0x3c/0x68 [ 29.289626] kasan_save_track+0x20/0x40 [ 29.290034] kasan_save_alloc_info+0x40/0x58 [ 29.290094] __kasan_kmalloc+0xd4/0xd8 [ 29.290453] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.290531] kasan_atomics+0xb8/0x2e0 [ 29.290744] kunit_try_run_case+0x170/0x3f0 [ 29.290900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.290962] kthread+0x328/0x630 [ 29.291332] ret_from_fork+0x10/0x20 [ 29.291427] [ 29.291616] The buggy address belongs to the object at fff00000c787d680 [ 29.291616] which belongs to the cache kmalloc-64 of size 64 [ 29.291836] The buggy address is located 0 bytes to the right of [ 29.291836] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.292281] [ 29.292433] The buggy address belongs to the physical page: [ 29.292635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.292793] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.292918] page_type: f5(slab) [ 29.293205] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.293320] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.293616] page dumped because: kasan: bad access detected [ 29.293671] [ 29.293691] Memory state around the buggy address: [ 29.293878] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.294118] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.294364] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.294607] ^ [ 29.294735] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.294896] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.295045] ================================================================== [ 29.249101] ================================================================== [ 29.249382] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 29.249608] Write of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.249683] [ 29.249717] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.249802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.250020] Hardware name: linux,dummy-virt (DT) [ 29.250353] Call trace: [ 29.250499] show_stack+0x20/0x38 (C) [ 29.250589] dump_stack_lvl+0x8c/0xd0 [ 29.250640] print_report+0x118/0x608 [ 29.251108] kasan_report+0xdc/0x128 [ 29.251281] kasan_check_range+0x100/0x1a8 [ 29.251507] __kasan_check_write+0x20/0x30 [ 29.251568] kasan_atomics_helper+0xa6c/0x4858 [ 29.251736] kasan_atomics+0x198/0x2e0 [ 29.251798] kunit_try_run_case+0x170/0x3f0 [ 29.252222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.252301] kthread+0x328/0x630 [ 29.252551] ret_from_fork+0x10/0x20 [ 29.252869] [ 29.252992] Allocated by task 277: [ 29.253092] kasan_save_stack+0x3c/0x68 [ 29.253417] kasan_save_track+0x20/0x40 [ 29.253623] kasan_save_alloc_info+0x40/0x58 [ 29.253693] __kasan_kmalloc+0xd4/0xd8 [ 29.254037] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.254146] kasan_atomics+0xb8/0x2e0 [ 29.254391] kunit_try_run_case+0x170/0x3f0 [ 29.254498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.254680] kthread+0x328/0x630 [ 29.254748] ret_from_fork+0x10/0x20 [ 29.254879] [ 29.254904] The buggy address belongs to the object at fff00000c787d680 [ 29.254904] which belongs to the cache kmalloc-64 of size 64 [ 29.254973] The buggy address is located 0 bytes to the right of [ 29.254973] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.255038] [ 29.255069] The buggy address belongs to the physical page: [ 29.255123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.255190] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.255239] page_type: f5(slab) [ 29.255291] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.255352] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.255410] page dumped because: kasan: bad access detected [ 29.255460] [ 29.255489] Memory state around the buggy address: [ 29.255523] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.255567] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.255611] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.255651] ^ [ 29.255694] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.255736] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.255784] ================================================================== [ 29.569927] ================================================================== [ 29.570003] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 29.570056] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.570152] [ 29.570262] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.570349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.570377] Hardware name: linux,dummy-virt (DT) [ 29.570422] Call trace: [ 29.570445] show_stack+0x20/0x38 (C) [ 29.570493] dump_stack_lvl+0x8c/0xd0 [ 29.570539] print_report+0x118/0x608 [ 29.570586] kasan_report+0xdc/0x128 [ 29.570637] kasan_check_range+0x100/0x1a8 [ 29.570684] __kasan_check_write+0x20/0x30 [ 29.570728] kasan_atomics_helper+0x15b4/0x4858 [ 29.570778] kasan_atomics+0x198/0x2e0 [ 29.570970] kunit_try_run_case+0x170/0x3f0 [ 29.571069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.571183] kthread+0x328/0x630 [ 29.571234] ret_from_fork+0x10/0x20 [ 29.571299] [ 29.571474] Allocated by task 277: [ 29.571586] kasan_save_stack+0x3c/0x68 [ 29.571692] kasan_save_track+0x20/0x40 [ 29.571845] kasan_save_alloc_info+0x40/0x58 [ 29.571945] __kasan_kmalloc+0xd4/0xd8 [ 29.572066] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.572128] kasan_atomics+0xb8/0x2e0 [ 29.572201] kunit_try_run_case+0x170/0x3f0 [ 29.572242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.572463] kthread+0x328/0x630 [ 29.572712] ret_from_fork+0x10/0x20 [ 29.572855] [ 29.573004] The buggy address belongs to the object at fff00000c787d680 [ 29.573004] which belongs to the cache kmalloc-64 of size 64 [ 29.573114] The buggy address is located 0 bytes to the right of [ 29.573114] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.573190] [ 29.573211] The buggy address belongs to the physical page: [ 29.573245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.573631] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.573781] page_type: f5(slab) [ 29.573874] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.574117] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.574238] page dumped because: kasan: bad access detected [ 29.574369] [ 29.574738] Memory state around the buggy address: [ 29.574837] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.575289] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.575518] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.575586] ^ [ 29.575736] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.575879] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.576124] ================================================================== [ 29.267557] ================================================================== [ 29.267811] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 29.267965] Read of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.268019] [ 29.268115] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.268254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.268354] Hardware name: linux,dummy-virt (DT) [ 29.268389] Call trace: [ 29.268720] show_stack+0x20/0x38 (C) [ 29.268947] dump_stack_lvl+0x8c/0xd0 [ 29.269292] print_report+0x118/0x608 [ 29.269522] kasan_report+0xdc/0x128 [ 29.269780] __asan_report_load4_noabort+0x20/0x30 [ 29.269980] kasan_atomics_helper+0x3dcc/0x4858 [ 29.270087] kasan_atomics+0x198/0x2e0 [ 29.270354] kunit_try_run_case+0x170/0x3f0 [ 29.270611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.270699] kthread+0x328/0x630 [ 29.271089] ret_from_fork+0x10/0x20 [ 29.271157] [ 29.271180] Allocated by task 277: [ 29.271432] kasan_save_stack+0x3c/0x68 [ 29.271594] kasan_save_track+0x20/0x40 [ 29.271882] kasan_save_alloc_info+0x40/0x58 [ 29.272149] __kasan_kmalloc+0xd4/0xd8 [ 29.272322] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.272468] kasan_atomics+0xb8/0x2e0 [ 29.272851] kunit_try_run_case+0x170/0x3f0 [ 29.272924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.272987] kthread+0x328/0x630 [ 29.273180] ret_from_fork+0x10/0x20 [ 29.273415] [ 29.273453] The buggy address belongs to the object at fff00000c787d680 [ 29.273453] which belongs to the cache kmalloc-64 of size 64 [ 29.273514] The buggy address is located 0 bytes to the right of [ 29.273514] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.273657] [ 29.273691] The buggy address belongs to the physical page: [ 29.273726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.273799] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.273850] page_type: f5(slab) [ 29.273903] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.273964] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.274014] page dumped because: kasan: bad access detected [ 29.274048] [ 29.274070] Memory state around the buggy address: [ 29.274103] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.274157] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.274202] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.274251] ^ [ 29.274287] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.274330] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.274369] ================================================================== [ 29.612753] ================================================================== [ 29.612804] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 29.612853] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.612948] [ 29.613105] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.613247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.613315] Hardware name: linux,dummy-virt (DT) [ 29.613348] Call trace: [ 29.613429] show_stack+0x20/0x38 (C) [ 29.613482] dump_stack_lvl+0x8c/0xd0 [ 29.613557] print_report+0x118/0x608 [ 29.613611] kasan_report+0xdc/0x128 [ 29.613694] kasan_check_range+0x100/0x1a8 [ 29.613745] __kasan_check_write+0x20/0x30 [ 29.613789] kasan_atomics_helper+0x17ec/0x4858 [ 29.613892] kasan_atomics+0x198/0x2e0 [ 29.614078] kunit_try_run_case+0x170/0x3f0 [ 29.614152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.614227] kthread+0x328/0x630 [ 29.614272] ret_from_fork+0x10/0x20 [ 29.614337] [ 29.614366] Allocated by task 277: [ 29.614418] kasan_save_stack+0x3c/0x68 [ 29.614463] kasan_save_track+0x20/0x40 [ 29.614509] kasan_save_alloc_info+0x40/0x58 [ 29.614557] __kasan_kmalloc+0xd4/0xd8 [ 29.614603] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.614763] kasan_atomics+0xb8/0x2e0 [ 29.614812] kunit_try_run_case+0x170/0x3f0 [ 29.614909] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.614964] kthread+0x328/0x630 [ 29.614999] ret_from_fork+0x10/0x20 [ 29.615038] [ 29.615062] The buggy address belongs to the object at fff00000c787d680 [ 29.615062] which belongs to the cache kmalloc-64 of size 64 [ 29.615121] The buggy address is located 0 bytes to the right of [ 29.615121] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.615246] [ 29.615272] The buggy address belongs to the physical page: [ 29.615408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.615549] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.615608] page_type: f5(slab) [ 29.615848] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.616064] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.616129] page dumped because: kasan: bad access detected [ 29.616206] [ 29.616235] Memory state around the buggy address: [ 29.616272] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.616333] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.616377] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.616810] ^ [ 29.616884] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.617265] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.617413] ================================================================== [ 29.326574] ================================================================== [ 29.326716] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 29.326775] Read of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.326841] [ 29.326963] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.327198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.327233] Hardware name: linux,dummy-virt (DT) [ 29.327294] Call trace: [ 29.327320] show_stack+0x20/0x38 (C) [ 29.327455] dump_stack_lvl+0x8c/0xd0 [ 29.327508] print_report+0x118/0x608 [ 29.327605] kasan_report+0xdc/0x128 [ 29.327723] __asan_report_load4_noabort+0x20/0x30 [ 29.327839] kasan_atomics_helper+0x3e04/0x4858 [ 29.328014] kasan_atomics+0x198/0x2e0 [ 29.328066] kunit_try_run_case+0x170/0x3f0 [ 29.328131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.328186] kthread+0x328/0x630 [ 29.328520] ret_from_fork+0x10/0x20 [ 29.328637] [ 29.328658] Allocated by task 277: [ 29.328729] kasan_save_stack+0x3c/0x68 [ 29.328829] kasan_save_track+0x20/0x40 [ 29.328874] kasan_save_alloc_info+0x40/0x58 [ 29.329057] __kasan_kmalloc+0xd4/0xd8 [ 29.329104] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.329173] kasan_atomics+0xb8/0x2e0 [ 29.329212] kunit_try_run_case+0x170/0x3f0 [ 29.329252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.329298] kthread+0x328/0x630 [ 29.329342] ret_from_fork+0x10/0x20 [ 29.329379] [ 29.329431] The buggy address belongs to the object at fff00000c787d680 [ 29.329431] which belongs to the cache kmalloc-64 of size 64 [ 29.329499] The buggy address is located 0 bytes to the right of [ 29.329499] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.329564] [ 29.329594] The buggy address belongs to the physical page: [ 29.329635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.329684] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.329742] page_type: f5(slab) [ 29.329781] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.329847] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.329890] page dumped because: kasan: bad access detected [ 29.329921] [ 29.329940] Memory state around the buggy address: [ 29.329983] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.330034] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.330080] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.330129] ^ [ 29.330178] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.330237] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.330287] ================================================================== [ 29.304570] ================================================================== [ 29.304620] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3de4/0x4858 [ 29.304669] Read of size 4 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.304719] [ 29.304752] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.304834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.304863] Hardware name: linux,dummy-virt (DT) [ 29.304896] Call trace: [ 29.304919] show_stack+0x20/0x38 (C) [ 29.304970] dump_stack_lvl+0x8c/0xd0 [ 29.305019] print_report+0x118/0x608 [ 29.305068] kasan_report+0xdc/0x128 [ 29.305116] __asan_report_load4_noabort+0x20/0x30 [ 29.305166] kasan_atomics_helper+0x3de4/0x4858 [ 29.305216] kasan_atomics+0x198/0x2e0 [ 29.305263] kunit_try_run_case+0x170/0x3f0 [ 29.305313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.305367] kthread+0x328/0x630 [ 29.305423] ret_from_fork+0x10/0x20 [ 29.305472] [ 29.305493] Allocated by task 277: [ 29.305522] kasan_save_stack+0x3c/0x68 [ 29.305565] kasan_save_track+0x20/0x40 [ 29.305606] kasan_save_alloc_info+0x40/0x58 [ 29.305650] __kasan_kmalloc+0xd4/0xd8 [ 29.305691] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.305734] kasan_atomics+0xb8/0x2e0 [ 29.305773] kunit_try_run_case+0x170/0x3f0 [ 29.305812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.305859] kthread+0x328/0x630 [ 29.305893] ret_from_fork+0x10/0x20 [ 29.305928] [ 29.305950] The buggy address belongs to the object at fff00000c787d680 [ 29.305950] which belongs to the cache kmalloc-64 of size 64 [ 29.306009] The buggy address is located 0 bytes to the right of [ 29.306009] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.306072] [ 29.306092] The buggy address belongs to the physical page: [ 29.306124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.306176] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.306224] page_type: f5(slab) [ 29.306264] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.306314] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.306355] page dumped because: kasan: bad access detected [ 29.306386] [ 29.306441] Memory state around the buggy address: [ 29.306474] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.306618] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.306728] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.306844] ^ [ 29.306902] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.306978] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.307024] ================================================================== [ 29.522444] ================================================================== [ 29.522497] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 29.522549] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.522608] [ 29.522641] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.522725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.524429] Hardware name: linux,dummy-virt (DT) [ 29.524789] Call trace: [ 29.524819] show_stack+0x20/0x38 (C) [ 29.524870] dump_stack_lvl+0x8c/0xd0 [ 29.524953] print_report+0x118/0x608 [ 29.525000] kasan_report+0xdc/0x128 [ 29.525047] kasan_check_range+0x100/0x1a8 [ 29.525546] __kasan_check_write+0x20/0x30 [ 29.525592] kasan_atomics_helper+0x126c/0x4858 [ 29.525641] kasan_atomics+0x198/0x2e0 [ 29.525687] kunit_try_run_case+0x170/0x3f0 [ 29.525735] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.525789] kthread+0x328/0x630 [ 29.525832] ret_from_fork+0x10/0x20 [ 29.525881] [ 29.525903] Allocated by task 277: [ 29.525933] kasan_save_stack+0x3c/0x68 [ 29.525975] kasan_save_track+0x20/0x40 [ 29.526014] kasan_save_alloc_info+0x40/0x58 [ 29.526053] __kasan_kmalloc+0xd4/0xd8 [ 29.526092] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.526134] kasan_atomics+0xb8/0x2e0 [ 29.526172] kunit_try_run_case+0x170/0x3f0 [ 29.526212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.526258] kthread+0x328/0x630 [ 29.526293] ret_from_fork+0x10/0x20 [ 29.526331] [ 29.526352] The buggy address belongs to the object at fff00000c787d680 [ 29.526352] which belongs to the cache kmalloc-64 of size 64 [ 29.526424] The buggy address is located 0 bytes to the right of [ 29.526424] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.526510] [ 29.526532] The buggy address belongs to the physical page: [ 29.526566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.526625] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.526671] page_type: f5(slab) [ 29.526709] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.526759] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.526822] page dumped because: kasan: bad access detected [ 29.526861] [ 29.526890] Memory state around the buggy address: [ 29.526929] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.526991] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.527040] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.527079] ^ [ 29.527113] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.527157] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.527207] ================================================================== [ 29.579596] ================================================================== [ 29.579638] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 29.579686] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.579782] [ 29.579987] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.580358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.580388] Hardware name: linux,dummy-virt (DT) [ 29.580428] Call trace: [ 29.580529] show_stack+0x20/0x38 (C) [ 29.580601] dump_stack_lvl+0x8c/0xd0 [ 29.580649] print_report+0x118/0x608 [ 29.580752] kasan_report+0xdc/0x128 [ 29.580960] kasan_check_range+0x100/0x1a8 [ 29.581051] __kasan_check_write+0x20/0x30 [ 29.581304] kasan_atomics_helper+0x1644/0x4858 [ 29.581357] kasan_atomics+0x198/0x2e0 [ 29.581509] kunit_try_run_case+0x170/0x3f0 [ 29.581741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.581816] kthread+0x328/0x630 [ 29.581927] ret_from_fork+0x10/0x20 [ 29.582166] [ 29.582259] Allocated by task 277: [ 29.582571] kasan_save_stack+0x3c/0x68 [ 29.582689] kasan_save_track+0x20/0x40 [ 29.582768] kasan_save_alloc_info+0x40/0x58 [ 29.582809] __kasan_kmalloc+0xd4/0xd8 [ 29.582849] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.583166] kasan_atomics+0xb8/0x2e0 [ 29.583265] kunit_try_run_case+0x170/0x3f0 [ 29.583429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.583509] kthread+0x328/0x630 [ 29.583946] ret_from_fork+0x10/0x20 [ 29.584179] [ 29.584257] The buggy address belongs to the object at fff00000c787d680 [ 29.584257] which belongs to the cache kmalloc-64 of size 64 [ 29.584432] The buggy address is located 0 bytes to the right of [ 29.584432] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.584499] [ 29.584520] The buggy address belongs to the physical page: [ 29.584554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.584608] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.584676] page_type: f5(slab) [ 29.584716] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.584768] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.584809] page dumped because: kasan: bad access detected [ 29.585022] [ 29.585087] Memory state around the buggy address: [ 29.585265] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.585386] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.585676] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.585879] ^ [ 29.586002] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.586077] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.586199] ================================================================== [ 29.481836] ================================================================== [ 29.482309] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 29.482382] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.482445] [ 29.482481] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.482566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.483343] Hardware name: linux,dummy-virt (DT) [ 29.483389] Call trace: [ 29.483485] show_stack+0x20/0x38 (C) [ 29.483537] dump_stack_lvl+0x8c/0xd0 [ 29.483585] print_report+0x118/0x608 [ 29.483631] kasan_report+0xdc/0x128 [ 29.484126] kasan_check_range+0x100/0x1a8 [ 29.484196] __kasan_check_write+0x20/0x30 [ 29.484246] kasan_atomics_helper+0x1128/0x4858 [ 29.484598] kasan_atomics+0x198/0x2e0 [ 29.484648] kunit_try_run_case+0x170/0x3f0 [ 29.485073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.485588] kthread+0x328/0x630 [ 29.485644] ret_from_fork+0x10/0x20 [ 29.485833] [ 29.485857] Allocated by task 277: [ 29.486299] kasan_save_stack+0x3c/0x68 [ 29.486381] kasan_save_track+0x20/0x40 [ 29.486560] kasan_save_alloc_info+0x40/0x58 [ 29.487026] __kasan_kmalloc+0xd4/0xd8 [ 29.487161] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.487204] kasan_atomics+0xb8/0x2e0 [ 29.487242] kunit_try_run_case+0x170/0x3f0 [ 29.487282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.487328] kthread+0x328/0x630 [ 29.487848] ret_from_fork+0x10/0x20 [ 29.487930] [ 29.487952] The buggy address belongs to the object at fff00000c787d680 [ 29.487952] which belongs to the cache kmalloc-64 of size 64 [ 29.488367] The buggy address is located 0 bytes to the right of [ 29.488367] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.488586] [ 29.488610] The buggy address belongs to the physical page: [ 29.488758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.488830] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.488889] page_type: f5(slab) [ 29.489038] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.489614] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.489673] page dumped because: kasan: bad access detected [ 29.489958] [ 29.489982] Memory state around the buggy address: [ 29.490218] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.490383] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.490453] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.490675] ^ [ 29.490941] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.490990] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.491320] ================================================================== [ 29.564708] ================================================================== [ 29.564760] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 29.564812] Write of size 8 at addr fff00000c787d6b0 by task kunit_try_catch/277 [ 29.564900] [ 29.564937] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT [ 29.565035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.565063] Hardware name: linux,dummy-virt (DT) [ 29.565131] Call trace: [ 29.565156] show_stack+0x20/0x38 (C) [ 29.565205] dump_stack_lvl+0x8c/0xd0 [ 29.565279] print_report+0x118/0x608 [ 29.565335] kasan_report+0xdc/0x128 [ 29.565383] kasan_check_range+0x100/0x1a8 [ 29.565442] __kasan_check_write+0x20/0x30 [ 29.565487] kasan_atomics_helper+0x154c/0x4858 [ 29.565536] kasan_atomics+0x198/0x2e0 [ 29.565582] kunit_try_run_case+0x170/0x3f0 [ 29.565631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.565684] kthread+0x328/0x630 [ 29.565726] ret_from_fork+0x10/0x20 [ 29.565774] [ 29.565796] Allocated by task 277: [ 29.565824] kasan_save_stack+0x3c/0x68 [ 29.565866] kasan_save_track+0x20/0x40 [ 29.566097] kasan_save_alloc_info+0x40/0x58 [ 29.566216] __kasan_kmalloc+0xd4/0xd8 [ 29.566315] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.566412] kasan_atomics+0xb8/0x2e0 [ 29.566455] kunit_try_run_case+0x170/0x3f0 [ 29.566617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.566831] kthread+0x328/0x630 [ 29.566907] ret_from_fork+0x10/0x20 [ 29.566947] [ 29.567032] The buggy address belongs to the object at fff00000c787d680 [ 29.567032] which belongs to the cache kmalloc-64 of size 64 [ 29.567148] The buggy address is located 0 bytes to the right of [ 29.567148] allocated 48-byte region [fff00000c787d680, fff00000c787d6b0) [ 29.567215] [ 29.567339] The buggy address belongs to the physical page: [ 29.567374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10787d [ 29.567435] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.567481] page_type: f5(slab) [ 29.567549] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.567713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.567941] page dumped because: kasan: bad access detected [ 29.568005] [ 29.568130] Memory state around the buggy address: [ 29.568338] fff00000c787d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.568487] fff00000c787d600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.568721] >fff00000c787d680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.568838] ^ [ 29.568918] fff00000c787d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.569065] fff00000c787d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.569170] ==================================================================
[ 24.881342] ================================================================== [ 24.881616] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 24.882408] Read of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.882925] [ 24.883113] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.883222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.883240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.883263] Call Trace: [ 24.883285] <TASK> [ 24.883305] dump_stack_lvl+0x73/0xb0 [ 24.883333] print_report+0xd1/0x650 [ 24.883354] ? __virt_addr_valid+0x1db/0x2d0 [ 24.883379] ? kasan_atomics_helper+0x4a1c/0x5450 [ 24.883400] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.883425] ? kasan_atomics_helper+0x4a1c/0x5450 [ 24.883448] kasan_report+0x141/0x180 [ 24.883470] ? kasan_atomics_helper+0x4a1c/0x5450 [ 24.883497] __asan_report_load4_noabort+0x18/0x20 [ 24.883523] kasan_atomics_helper+0x4a1c/0x5450 [ 24.883545] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.883566] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.883593] ? kasan_atomics+0x152/0x310 [ 24.883619] kasan_atomics+0x1dc/0x310 [ 24.883641] ? __pfx_kasan_atomics+0x10/0x10 [ 24.883662] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.883685] ? __pfx_read_tsc+0x10/0x10 [ 24.883707] ? ktime_get_ts64+0x86/0x230 [ 24.883733] kunit_try_run_case+0x1a5/0x480 [ 24.883761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.883784] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.883805] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.883830] ? __kthread_parkme+0x82/0x180 [ 24.883851] ? preempt_count_sub+0x50/0x80 [ 24.883875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.883899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.883923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.883958] kthread+0x337/0x6f0 [ 24.883978] ? trace_preempt_on+0x20/0xc0 [ 24.884001] ? __pfx_kthread+0x10/0x10 [ 24.884021] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.884044] ? calculate_sigpending+0x7b/0xa0 [ 24.884068] ? __pfx_kthread+0x10/0x10 [ 24.884089] ret_from_fork+0x116/0x1d0 [ 24.884108] ? __pfx_kthread+0x10/0x10 [ 24.884140] ret_from_fork_asm+0x1a/0x30 [ 24.884171] </TASK> [ 24.884182] [ 24.893481] Allocated by task 294: [ 24.893642] kasan_save_stack+0x45/0x70 [ 24.893916] kasan_save_track+0x18/0x40 [ 24.894114] kasan_save_alloc_info+0x3b/0x50 [ 24.894403] __kasan_kmalloc+0xb7/0xc0 [ 24.894573] __kmalloc_cache_noprof+0x189/0x420 [ 24.894764] kasan_atomics+0x95/0x310 [ 24.894928] kunit_try_run_case+0x1a5/0x480 [ 24.895117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.895690] kthread+0x337/0x6f0 [ 24.895847] ret_from_fork+0x116/0x1d0 [ 24.896015] ret_from_fork_asm+0x1a/0x30 [ 24.896347] [ 24.896502] The buggy address belongs to the object at ffff8881039e9700 [ 24.896502] which belongs to the cache kmalloc-64 of size 64 [ 24.897170] The buggy address is located 0 bytes to the right of [ 24.897170] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.897681] [ 24.897843] The buggy address belongs to the physical page: [ 24.898121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.898606] flags: 0x200000000000000(node=0|zone=2) [ 24.898893] page_type: f5(slab) [ 24.899072] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.899508] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.899867] page dumped because: kasan: bad access detected [ 24.900089] [ 24.900210] Memory state around the buggy address: [ 24.900599] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.900962] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.901276] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.901686] ^ [ 24.901991] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.902294] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.902624] ================================================================== [ 25.059634] ================================================================== [ 25.060249] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 25.060908] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.061587] [ 25.061814] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.061863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.061877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.061899] Call Trace: [ 25.061919] <TASK> [ 25.061947] dump_stack_lvl+0x73/0xb0 [ 25.061976] print_report+0xd1/0x650 [ 25.061998] ? __virt_addr_valid+0x1db/0x2d0 [ 25.062021] ? kasan_atomics_helper+0x1467/0x5450 [ 25.062042] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.062067] ? kasan_atomics_helper+0x1467/0x5450 [ 25.062088] kasan_report+0x141/0x180 [ 25.062110] ? kasan_atomics_helper+0x1467/0x5450 [ 25.062135] kasan_check_range+0x10c/0x1c0 [ 25.062158] __kasan_check_write+0x18/0x20 [ 25.062180] kasan_atomics_helper+0x1467/0x5450 [ 25.062202] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.062223] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.062248] ? kasan_atomics+0x152/0x310 [ 25.062273] kasan_atomics+0x1dc/0x310 [ 25.062294] ? __pfx_kasan_atomics+0x10/0x10 [ 25.062315] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.062338] ? __pfx_read_tsc+0x10/0x10 [ 25.062361] ? ktime_get_ts64+0x86/0x230 [ 25.062386] kunit_try_run_case+0x1a5/0x480 [ 25.062411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.062446] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.062467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.062492] ? __kthread_parkme+0x82/0x180 [ 25.062523] ? preempt_count_sub+0x50/0x80 [ 25.062546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.062570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.062594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.062617] kthread+0x337/0x6f0 [ 25.062637] ? trace_preempt_on+0x20/0xc0 [ 25.062661] ? __pfx_kthread+0x10/0x10 [ 25.062682] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.062705] ? calculate_sigpending+0x7b/0xa0 [ 25.062730] ? __pfx_kthread+0x10/0x10 [ 25.062750] ret_from_fork+0x116/0x1d0 [ 25.062770] ? __pfx_kthread+0x10/0x10 [ 25.062789] ret_from_fork_asm+0x1a/0x30 [ 25.062819] </TASK> [ 25.062830] [ 25.074913] Allocated by task 294: [ 25.075115] kasan_save_stack+0x45/0x70 [ 25.075365] kasan_save_track+0x18/0x40 [ 25.075544] kasan_save_alloc_info+0x3b/0x50 [ 25.075768] __kasan_kmalloc+0xb7/0xc0 [ 25.075897] __kmalloc_cache_noprof+0x189/0x420 [ 25.076054] kasan_atomics+0x95/0x310 [ 25.076214] kunit_try_run_case+0x1a5/0x480 [ 25.076420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.076668] kthread+0x337/0x6f0 [ 25.076920] ret_from_fork+0x116/0x1d0 [ 25.077056] ret_from_fork_asm+0x1a/0x30 [ 25.077371] [ 25.077469] The buggy address belongs to the object at ffff8881039e9700 [ 25.077469] which belongs to the cache kmalloc-64 of size 64 [ 25.077831] The buggy address is located 0 bytes to the right of [ 25.077831] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.078474] [ 25.078541] The buggy address belongs to the physical page: [ 25.078767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.079066] flags: 0x200000000000000(node=0|zone=2) [ 25.079294] page_type: f5(slab) [ 25.079523] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.079750] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.079982] page dumped because: kasan: bad access detected [ 25.080274] [ 25.080342] Memory state around the buggy address: [ 25.080492] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.080699] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.080923] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.081393] ^ [ 25.081611] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.081923] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.082239] ================================================================== [ 24.538201] ================================================================== [ 24.538576] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 24.539228] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.539575] [ 24.539670] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.539721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.539735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.539759] Call Trace: [ 24.540088] <TASK> [ 24.540111] dump_stack_lvl+0x73/0xb0 [ 24.540142] print_report+0xd1/0x650 [ 24.540165] ? __virt_addr_valid+0x1db/0x2d0 [ 24.540189] ? kasan_atomics_helper+0x8f9/0x5450 [ 24.540210] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.540236] ? kasan_atomics_helper+0x8f9/0x5450 [ 24.540257] kasan_report+0x141/0x180 [ 24.540279] ? kasan_atomics_helper+0x8f9/0x5450 [ 24.540304] kasan_check_range+0x10c/0x1c0 [ 24.540326] __kasan_check_write+0x18/0x20 [ 24.540354] kasan_atomics_helper+0x8f9/0x5450 [ 24.540376] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.540398] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.540422] ? kasan_atomics+0x152/0x310 [ 24.540447] kasan_atomics+0x1dc/0x310 [ 24.540469] ? __pfx_kasan_atomics+0x10/0x10 [ 24.540490] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.540514] ? __pfx_read_tsc+0x10/0x10 [ 24.540537] ? ktime_get_ts64+0x86/0x230 [ 24.540563] kunit_try_run_case+0x1a5/0x480 [ 24.540591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.540614] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.540635] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.540660] ? __kthread_parkme+0x82/0x180 [ 24.540681] ? preempt_count_sub+0x50/0x80 [ 24.540705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.540729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.540752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.540777] kthread+0x337/0x6f0 [ 24.540796] ? trace_preempt_on+0x20/0xc0 [ 24.540839] ? __pfx_kthread+0x10/0x10 [ 24.540862] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.540885] ? calculate_sigpending+0x7b/0xa0 [ 24.540909] ? __pfx_kthread+0x10/0x10 [ 24.540931] ret_from_fork+0x116/0x1d0 [ 24.540961] ? __pfx_kthread+0x10/0x10 [ 24.540982] ret_from_fork_asm+0x1a/0x30 [ 24.541012] </TASK> [ 24.541024] [ 24.552457] Allocated by task 294: [ 24.552647] kasan_save_stack+0x45/0x70 [ 24.553140] kasan_save_track+0x18/0x40 [ 24.553400] kasan_save_alloc_info+0x3b/0x50 [ 24.553700] __kasan_kmalloc+0xb7/0xc0 [ 24.554017] __kmalloc_cache_noprof+0x189/0x420 [ 24.554258] kasan_atomics+0x95/0x310 [ 24.554398] kunit_try_run_case+0x1a5/0x480 [ 24.554925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.555368] kthread+0x337/0x6f0 [ 24.555531] ret_from_fork+0x116/0x1d0 [ 24.555703] ret_from_fork_asm+0x1a/0x30 [ 24.556209] [ 24.556335] The buggy address belongs to the object at ffff8881039e9700 [ 24.556335] which belongs to the cache kmalloc-64 of size 64 [ 24.557263] The buggy address is located 0 bytes to the right of [ 24.557263] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.558085] [ 24.558175] The buggy address belongs to the physical page: [ 24.558642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.559305] flags: 0x200000000000000(node=0|zone=2) [ 24.559590] page_type: f5(slab) [ 24.559903] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.560446] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.560757] page dumped because: kasan: bad access detected [ 24.561241] [ 24.561342] Memory state around the buggy address: [ 24.561793] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.562084] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.562399] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.563141] ^ [ 24.563542] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.564126] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.564441] ================================================================== [ 24.811326] ================================================================== [ 24.811693] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 24.811945] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.812170] [ 24.812279] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.812486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.812503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.812528] Call Trace: [ 24.812551] <TASK> [ 24.812573] dump_stack_lvl+0x73/0xb0 [ 24.812604] print_report+0xd1/0x650 [ 24.812626] ? __virt_addr_valid+0x1db/0x2d0 [ 24.812649] ? kasan_atomics_helper+0xfa9/0x5450 [ 24.812670] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.812696] ? kasan_atomics_helper+0xfa9/0x5450 [ 24.812716] kasan_report+0x141/0x180 [ 24.812739] ? kasan_atomics_helper+0xfa9/0x5450 [ 24.812764] kasan_check_range+0x10c/0x1c0 [ 24.812787] __kasan_check_write+0x18/0x20 [ 24.812809] kasan_atomics_helper+0xfa9/0x5450 [ 24.812831] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.812852] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.812877] ? kasan_atomics+0x152/0x310 [ 24.812902] kasan_atomics+0x1dc/0x310 [ 24.812923] ? __pfx_kasan_atomics+0x10/0x10 [ 24.812957] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.813479] ? __pfx_read_tsc+0x10/0x10 [ 24.813517] ? ktime_get_ts64+0x86/0x230 [ 24.813545] kunit_try_run_case+0x1a5/0x480 [ 24.813574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.813597] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.813619] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.813644] ? __kthread_parkme+0x82/0x180 [ 24.813666] ? preempt_count_sub+0x50/0x80 [ 24.813690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.813714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.813737] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.813761] kthread+0x337/0x6f0 [ 24.813780] ? trace_preempt_on+0x20/0xc0 [ 24.813804] ? __pfx_kthread+0x10/0x10 [ 24.813825] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.813849] ? calculate_sigpending+0x7b/0xa0 [ 24.813873] ? __pfx_kthread+0x10/0x10 [ 24.813896] ret_from_fork+0x116/0x1d0 [ 24.813916] ? __pfx_kthread+0x10/0x10 [ 24.813949] ret_from_fork_asm+0x1a/0x30 [ 24.813981] </TASK> [ 24.813993] [ 24.824579] Allocated by task 294: [ 24.825027] kasan_save_stack+0x45/0x70 [ 24.825343] kasan_save_track+0x18/0x40 [ 24.825533] kasan_save_alloc_info+0x3b/0x50 [ 24.825746] __kasan_kmalloc+0xb7/0xc0 [ 24.825918] __kmalloc_cache_noprof+0x189/0x420 [ 24.826155] kasan_atomics+0x95/0x310 [ 24.826360] kunit_try_run_case+0x1a5/0x480 [ 24.826732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.826981] kthread+0x337/0x6f0 [ 24.827159] ret_from_fork+0x116/0x1d0 [ 24.827556] ret_from_fork_asm+0x1a/0x30 [ 24.827741] [ 24.827819] The buggy address belongs to the object at ffff8881039e9700 [ 24.827819] which belongs to the cache kmalloc-64 of size 64 [ 24.828274] The buggy address is located 0 bytes to the right of [ 24.828274] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.828784] [ 24.828863] The buggy address belongs to the physical page: [ 24.829310] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.829624] flags: 0x200000000000000(node=0|zone=2) [ 24.829781] page_type: f5(slab) [ 24.829896] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.830641] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.830910] page dumped because: kasan: bad access detected [ 24.831357] [ 24.831458] Memory state around the buggy address: [ 24.831825] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.832281] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.832700] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.832977] ^ [ 24.833420] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.833703] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.834139] ================================================================== [ 24.290349] ================================================================== [ 24.290722] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 24.291460] Read of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.291767] [ 24.291972] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.292036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.292050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.292073] Call Trace: [ 24.292095] <TASK> [ 24.292115] dump_stack_lvl+0x73/0xb0 [ 24.292143] print_report+0xd1/0x650 [ 24.292174] ? __virt_addr_valid+0x1db/0x2d0 [ 24.292198] ? kasan_atomics_helper+0x3df/0x5450 [ 24.292229] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.292255] ? kasan_atomics_helper+0x3df/0x5450 [ 24.292276] kasan_report+0x141/0x180 [ 24.292297] ? kasan_atomics_helper+0x3df/0x5450 [ 24.292337] kasan_check_range+0x10c/0x1c0 [ 24.292361] __kasan_check_read+0x15/0x20 [ 24.292383] kasan_atomics_helper+0x3df/0x5450 [ 24.292415] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.292436] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.292461] ? kasan_atomics+0x152/0x310 [ 24.292495] kasan_atomics+0x1dc/0x310 [ 24.292517] ? __pfx_kasan_atomics+0x10/0x10 [ 24.292538] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.292571] ? __pfx_read_tsc+0x10/0x10 [ 24.292594] ? ktime_get_ts64+0x86/0x230 [ 24.292619] kunit_try_run_case+0x1a5/0x480 [ 24.292647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.292678] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.292698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.292724] ? __kthread_parkme+0x82/0x180 [ 24.292755] ? preempt_count_sub+0x50/0x80 [ 24.292778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.292804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.292907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.292932] kthread+0x337/0x6f0 [ 24.293140] ? trace_preempt_on+0x20/0xc0 [ 24.293176] ? __pfx_kthread+0x10/0x10 [ 24.293198] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.293222] ? calculate_sigpending+0x7b/0xa0 [ 24.293257] ? __pfx_kthread+0x10/0x10 [ 24.293278] ret_from_fork+0x116/0x1d0 [ 24.293297] ? __pfx_kthread+0x10/0x10 [ 24.293318] ret_from_fork_asm+0x1a/0x30 [ 24.293357] </TASK> [ 24.293368] [ 24.302516] Allocated by task 294: [ 24.302750] kasan_save_stack+0x45/0x70 [ 24.303066] kasan_save_track+0x18/0x40 [ 24.303305] kasan_save_alloc_info+0x3b/0x50 [ 24.303508] __kasan_kmalloc+0xb7/0xc0 [ 24.303697] __kmalloc_cache_noprof+0x189/0x420 [ 24.304011] kasan_atomics+0x95/0x310 [ 24.304146] kunit_try_run_case+0x1a5/0x480 [ 24.304287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.304461] kthread+0x337/0x6f0 [ 24.304576] ret_from_fork+0x116/0x1d0 [ 24.304702] ret_from_fork_asm+0x1a/0x30 [ 24.305060] [ 24.305430] The buggy address belongs to the object at ffff8881039e9700 [ 24.305430] which belongs to the cache kmalloc-64 of size 64 [ 24.306044] The buggy address is located 0 bytes to the right of [ 24.306044] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.306706] [ 24.306796] The buggy address belongs to the physical page: [ 24.307111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.307481] flags: 0x200000000000000(node=0|zone=2) [ 24.307699] page_type: f5(slab) [ 24.307818] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.308225] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.308541] page dumped because: kasan: bad access detected [ 24.308706] [ 24.308768] Memory state around the buggy address: [ 24.308917] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.309133] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.309339] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.309670] ^ [ 24.309890] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.310583] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.311242] ================================================================== [ 25.041625] ================================================================== [ 25.042134] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 25.042653] Read of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.042995] [ 25.043104] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.043160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.043174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.043196] Call Trace: [ 25.043215] <TASK> [ 25.043233] dump_stack_lvl+0x73/0xb0 [ 25.043260] print_report+0xd1/0x650 [ 25.043281] ? __virt_addr_valid+0x1db/0x2d0 [ 25.043304] ? kasan_atomics_helper+0x4eae/0x5450 [ 25.043325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.043353] ? kasan_atomics_helper+0x4eae/0x5450 [ 25.043375] kasan_report+0x141/0x180 [ 25.043399] ? kasan_atomics_helper+0x4eae/0x5450 [ 25.043424] __asan_report_load8_noabort+0x18/0x20 [ 25.043448] kasan_atomics_helper+0x4eae/0x5450 [ 25.043470] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.043491] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.043515] ? kasan_atomics+0x152/0x310 [ 25.043540] kasan_atomics+0x1dc/0x310 [ 25.043562] ? __pfx_kasan_atomics+0x10/0x10 [ 25.043583] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.043607] ? __pfx_read_tsc+0x10/0x10 [ 25.043629] ? ktime_get_ts64+0x86/0x230 [ 25.043654] kunit_try_run_case+0x1a5/0x480 [ 25.043680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.043703] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.043724] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.043750] ? __kthread_parkme+0x82/0x180 [ 25.043770] ? preempt_count_sub+0x50/0x80 [ 25.043793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.043817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.043841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.043864] kthread+0x337/0x6f0 [ 25.043884] ? trace_preempt_on+0x20/0xc0 [ 25.043918] ? __pfx_kthread+0x10/0x10 [ 25.043954] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.043977] ? calculate_sigpending+0x7b/0xa0 [ 25.044001] ? __pfx_kthread+0x10/0x10 [ 25.044022] ret_from_fork+0x116/0x1d0 [ 25.044043] ? __pfx_kthread+0x10/0x10 [ 25.044065] ret_from_fork_asm+0x1a/0x30 [ 25.044095] </TASK> [ 25.044106] [ 25.051516] Allocated by task 294: [ 25.051698] kasan_save_stack+0x45/0x70 [ 25.051894] kasan_save_track+0x18/0x40 [ 25.052083] kasan_save_alloc_info+0x3b/0x50 [ 25.052311] __kasan_kmalloc+0xb7/0xc0 [ 25.052520] __kmalloc_cache_noprof+0x189/0x420 [ 25.052707] kasan_atomics+0x95/0x310 [ 25.052890] kunit_try_run_case+0x1a5/0x480 [ 25.053090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.053391] kthread+0x337/0x6f0 [ 25.053569] ret_from_fork+0x116/0x1d0 [ 25.053730] ret_from_fork_asm+0x1a/0x30 [ 25.053930] [ 25.054017] The buggy address belongs to the object at ffff8881039e9700 [ 25.054017] which belongs to the cache kmalloc-64 of size 64 [ 25.054543] The buggy address is located 0 bytes to the right of [ 25.054543] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.055002] [ 25.055072] The buggy address belongs to the physical page: [ 25.055590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.055848] flags: 0x200000000000000(node=0|zone=2) [ 25.056016] page_type: f5(slab) [ 25.056274] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.056615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.056948] page dumped because: kasan: bad access detected [ 25.057205] [ 25.057281] Memory state around the buggy address: [ 25.057470] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.057777] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.058207] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.058542] ^ [ 25.058689] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.058895] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.059108] ================================================================== [ 25.117576] ================================================================== [ 25.117922] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 25.118281] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.118801] [ 25.118913] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.118970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.118984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.119006] Call Trace: [ 25.119026] <TASK> [ 25.119063] dump_stack_lvl+0x73/0xb0 [ 25.119090] print_report+0xd1/0x650 [ 25.119112] ? __virt_addr_valid+0x1db/0x2d0 [ 25.119135] ? kasan_atomics_helper+0x15b6/0x5450 [ 25.119156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.119181] ? kasan_atomics_helper+0x15b6/0x5450 [ 25.119203] kasan_report+0x141/0x180 [ 25.119223] ? kasan_atomics_helper+0x15b6/0x5450 [ 25.119249] kasan_check_range+0x10c/0x1c0 [ 25.119272] __kasan_check_write+0x18/0x20 [ 25.119294] kasan_atomics_helper+0x15b6/0x5450 [ 25.119316] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.119337] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.119362] ? kasan_atomics+0x152/0x310 [ 25.119387] kasan_atomics+0x1dc/0x310 [ 25.119409] ? __pfx_kasan_atomics+0x10/0x10 [ 25.119431] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.119454] ? __pfx_read_tsc+0x10/0x10 [ 25.119478] ? ktime_get_ts64+0x86/0x230 [ 25.119502] kunit_try_run_case+0x1a5/0x480 [ 25.119529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.119552] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.119572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.119598] ? __kthread_parkme+0x82/0x180 [ 25.119618] ? preempt_count_sub+0x50/0x80 [ 25.119642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.119666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.119690] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.119713] kthread+0x337/0x6f0 [ 25.119733] ? trace_preempt_on+0x20/0xc0 [ 25.119756] ? __pfx_kthread+0x10/0x10 [ 25.119776] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.119799] ? calculate_sigpending+0x7b/0xa0 [ 25.119822] ? __pfx_kthread+0x10/0x10 [ 25.119844] ret_from_fork+0x116/0x1d0 [ 25.119862] ? __pfx_kthread+0x10/0x10 [ 25.119883] ret_from_fork_asm+0x1a/0x30 [ 25.119913] </TASK> [ 25.119924] [ 25.127563] Allocated by task 294: [ 25.127733] kasan_save_stack+0x45/0x70 [ 25.127872] kasan_save_track+0x18/0x40 [ 25.128009] kasan_save_alloc_info+0x3b/0x50 [ 25.128247] __kasan_kmalloc+0xb7/0xc0 [ 25.128443] __kmalloc_cache_noprof+0x189/0x420 [ 25.128650] kasan_atomics+0x95/0x310 [ 25.128774] kunit_try_run_case+0x1a5/0x480 [ 25.128915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.129226] kthread+0x337/0x6f0 [ 25.129388] ret_from_fork+0x116/0x1d0 [ 25.129569] ret_from_fork_asm+0x1a/0x30 [ 25.129732] [ 25.129797] The buggy address belongs to the object at ffff8881039e9700 [ 25.129797] which belongs to the cache kmalloc-64 of size 64 [ 25.130148] The buggy address is located 0 bytes to the right of [ 25.130148] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.130502] [ 25.130567] The buggy address belongs to the physical page: [ 25.130862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.131213] flags: 0x200000000000000(node=0|zone=2) [ 25.131447] page_type: f5(slab) [ 25.131614] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.131970] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.132302] page dumped because: kasan: bad access detected [ 25.132559] [ 25.132648] Memory state around the buggy address: [ 25.132868] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.133137] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.133344] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.133547] ^ [ 25.133806] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.134125] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.134429] ================================================================== [ 24.381534] ================================================================== [ 24.382519] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 24.383471] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.383783] [ 24.383891] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.383958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.383975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.384000] Call Trace: [ 24.384016] <TASK> [ 24.384038] dump_stack_lvl+0x73/0xb0 [ 24.384069] print_report+0xd1/0x650 [ 24.384092] ? __virt_addr_valid+0x1db/0x2d0 [ 24.384117] ? kasan_atomics_helper+0x565/0x5450 [ 24.384138] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.384164] ? kasan_atomics_helper+0x565/0x5450 [ 24.384185] kasan_report+0x141/0x180 [ 24.384208] ? kasan_atomics_helper+0x565/0x5450 [ 24.384257] kasan_check_range+0x10c/0x1c0 [ 24.384282] __kasan_check_write+0x18/0x20 [ 24.384304] kasan_atomics_helper+0x565/0x5450 [ 24.384326] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.384357] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.384611] ? kasan_atomics+0x152/0x310 [ 24.384639] kasan_atomics+0x1dc/0x310 [ 24.384854] ? __pfx_kasan_atomics+0x10/0x10 [ 24.384879] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.384907] ? __pfx_read_tsc+0x10/0x10 [ 24.384930] ? ktime_get_ts64+0x86/0x230 [ 24.384968] kunit_try_run_case+0x1a5/0x480 [ 24.384997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.385020] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.385042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.385067] ? __kthread_parkme+0x82/0x180 [ 24.385088] ? preempt_count_sub+0x50/0x80 [ 24.385111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.385147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.385171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.385195] kthread+0x337/0x6f0 [ 24.385215] ? trace_preempt_on+0x20/0xc0 [ 24.385238] ? __pfx_kthread+0x10/0x10 [ 24.385259] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.385282] ? calculate_sigpending+0x7b/0xa0 [ 24.385305] ? __pfx_kthread+0x10/0x10 [ 24.385327] ret_from_fork+0x116/0x1d0 [ 24.385345] ? __pfx_kthread+0x10/0x10 [ 24.385366] ret_from_fork_asm+0x1a/0x30 [ 24.385397] </TASK> [ 24.385409] [ 24.398023] Allocated by task 294: [ 24.398599] kasan_save_stack+0x45/0x70 [ 24.398773] kasan_save_track+0x18/0x40 [ 24.399309] kasan_save_alloc_info+0x3b/0x50 [ 24.399550] __kasan_kmalloc+0xb7/0xc0 [ 24.399909] __kmalloc_cache_noprof+0x189/0x420 [ 24.400215] kasan_atomics+0x95/0x310 [ 24.400386] kunit_try_run_case+0x1a5/0x480 [ 24.400622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.401146] kthread+0x337/0x6f0 [ 24.401375] ret_from_fork+0x116/0x1d0 [ 24.401551] ret_from_fork_asm+0x1a/0x30 [ 24.401734] [ 24.402111] The buggy address belongs to the object at ffff8881039e9700 [ 24.402111] which belongs to the cache kmalloc-64 of size 64 [ 24.402614] The buggy address is located 0 bytes to the right of [ 24.402614] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.403420] [ 24.403563] The buggy address belongs to the physical page: [ 24.403789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.404322] flags: 0x200000000000000(node=0|zone=2) [ 24.404727] page_type: f5(slab) [ 24.404987] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.405319] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.405781] page dumped because: kasan: bad access detected [ 24.406180] [ 24.406251] Memory state around the buggy address: [ 24.406416] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.406728] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.406959] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.407404] ^ [ 24.408027] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.408353] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.408787] ================================================================== [ 25.408567] ================================================================== [ 25.409212] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 25.409483] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.409836] [ 25.409932] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.409992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.410006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.410028] Call Trace: [ 25.410048] <TASK> [ 25.410068] dump_stack_lvl+0x73/0xb0 [ 25.410096] print_report+0xd1/0x650 [ 25.410117] ? __virt_addr_valid+0x1db/0x2d0 [ 25.410148] ? kasan_atomics_helper+0x1e12/0x5450 [ 25.410169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.410204] ? kasan_atomics_helper+0x1e12/0x5450 [ 25.410225] kasan_report+0x141/0x180 [ 25.410247] ? kasan_atomics_helper+0x1e12/0x5450 [ 25.410283] kasan_check_range+0x10c/0x1c0 [ 25.410306] __kasan_check_write+0x18/0x20 [ 25.410328] kasan_atomics_helper+0x1e12/0x5450 [ 25.410349] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.410370] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.410395] ? kasan_atomics+0x152/0x310 [ 25.410420] kasan_atomics+0x1dc/0x310 [ 25.410441] ? __pfx_kasan_atomics+0x10/0x10 [ 25.410462] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.410485] ? __pfx_read_tsc+0x10/0x10 [ 25.410508] ? ktime_get_ts64+0x86/0x230 [ 25.410543] kunit_try_run_case+0x1a5/0x480 [ 25.410569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.410592] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.410624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.410650] ? __kthread_parkme+0x82/0x180 [ 25.410672] ? preempt_count_sub+0x50/0x80 [ 25.410695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.410719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.410743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.410767] kthread+0x337/0x6f0 [ 25.410786] ? trace_preempt_on+0x20/0xc0 [ 25.410810] ? __pfx_kthread+0x10/0x10 [ 25.410830] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.410854] ? calculate_sigpending+0x7b/0xa0 [ 25.410877] ? __pfx_kthread+0x10/0x10 [ 25.410898] ret_from_fork+0x116/0x1d0 [ 25.410917] ? __pfx_kthread+0x10/0x10 [ 25.410945] ret_from_fork_asm+0x1a/0x30 [ 25.410976] </TASK> [ 25.410988] [ 25.418614] Allocated by task 294: [ 25.418772] kasan_save_stack+0x45/0x70 [ 25.419006] kasan_save_track+0x18/0x40 [ 25.419214] kasan_save_alloc_info+0x3b/0x50 [ 25.419405] __kasan_kmalloc+0xb7/0xc0 [ 25.419580] __kmalloc_cache_noprof+0x189/0x420 [ 25.419800] kasan_atomics+0x95/0x310 [ 25.419962] kunit_try_run_case+0x1a5/0x480 [ 25.420180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.420447] kthread+0x337/0x6f0 [ 25.420617] ret_from_fork+0x116/0x1d0 [ 25.420794] ret_from_fork_asm+0x1a/0x30 [ 25.420978] [ 25.421068] The buggy address belongs to the object at ffff8881039e9700 [ 25.421068] which belongs to the cache kmalloc-64 of size 64 [ 25.421593] The buggy address is located 0 bytes to the right of [ 25.421593] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.422081] [ 25.422192] The buggy address belongs to the physical page: [ 25.422433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.422697] flags: 0x200000000000000(node=0|zone=2) [ 25.422855] page_type: f5(slab) [ 25.422990] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.423531] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.423890] page dumped because: kasan: bad access detected [ 25.424153] [ 25.424222] Memory state around the buggy address: [ 25.424380] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.424586] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.424883] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.425360] ^ [ 25.425562] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.425811] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.426137] ================================================================== [ 24.748050] ================================================================== [ 24.748715] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 24.749134] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.749418] [ 24.749531] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.749582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.749595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.749618] Call Trace: [ 24.749639] <TASK> [ 24.749660] dump_stack_lvl+0x73/0xb0 [ 24.749687] print_report+0xd1/0x650 [ 24.749710] ? __virt_addr_valid+0x1db/0x2d0 [ 24.749733] ? kasan_atomics_helper+0xde0/0x5450 [ 24.749754] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.749779] ? kasan_atomics_helper+0xde0/0x5450 [ 24.749800] kasan_report+0x141/0x180 [ 24.749822] ? kasan_atomics_helper+0xde0/0x5450 [ 24.749847] kasan_check_range+0x10c/0x1c0 [ 24.749870] __kasan_check_write+0x18/0x20 [ 24.749892] kasan_atomics_helper+0xde0/0x5450 [ 24.749914] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.749948] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.749973] ? kasan_atomics+0x152/0x310 [ 24.749998] kasan_atomics+0x1dc/0x310 [ 24.750020] ? __pfx_kasan_atomics+0x10/0x10 [ 24.750041] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.750065] ? __pfx_read_tsc+0x10/0x10 [ 24.750088] ? ktime_get_ts64+0x86/0x230 [ 24.750114] kunit_try_run_case+0x1a5/0x480 [ 24.750151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.750175] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.750195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.750220] ? __kthread_parkme+0x82/0x180 [ 24.750241] ? preempt_count_sub+0x50/0x80 [ 24.750265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.750289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.750313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.750337] kthread+0x337/0x6f0 [ 24.750356] ? trace_preempt_on+0x20/0xc0 [ 24.750380] ? __pfx_kthread+0x10/0x10 [ 24.750400] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.750424] ? calculate_sigpending+0x7b/0xa0 [ 24.750447] ? __pfx_kthread+0x10/0x10 [ 24.750469] ret_from_fork+0x116/0x1d0 [ 24.750488] ? __pfx_kthread+0x10/0x10 [ 24.750508] ret_from_fork_asm+0x1a/0x30 [ 24.750539] </TASK> [ 24.750551] [ 24.757879] Allocated by task 294: [ 24.758032] kasan_save_stack+0x45/0x70 [ 24.758273] kasan_save_track+0x18/0x40 [ 24.758431] kasan_save_alloc_info+0x3b/0x50 [ 24.758619] __kasan_kmalloc+0xb7/0xc0 [ 24.758770] __kmalloc_cache_noprof+0x189/0x420 [ 24.758978] kasan_atomics+0x95/0x310 [ 24.759135] kunit_try_run_case+0x1a5/0x480 [ 24.759314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.759516] kthread+0x337/0x6f0 [ 24.759643] ret_from_fork+0x116/0x1d0 [ 24.759820] ret_from_fork_asm+0x1a/0x30 [ 24.759979] [ 24.760046] The buggy address belongs to the object at ffff8881039e9700 [ 24.760046] which belongs to the cache kmalloc-64 of size 64 [ 24.760625] The buggy address is located 0 bytes to the right of [ 24.760625] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.760996] [ 24.761068] The buggy address belongs to the physical page: [ 24.761306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.761649] flags: 0x200000000000000(node=0|zone=2) [ 24.761876] page_type: f5(slab) [ 24.762048] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.762557] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.762850] page dumped because: kasan: bad access detected [ 24.763033] [ 24.763096] Memory state around the buggy address: [ 24.763246] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.763555] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.763867] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.764182] ^ [ 24.764380] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.764654] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.764928] ================================================================== [ 24.312953] ================================================================== [ 24.313497] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 24.313980] Read of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.314651] [ 24.314790] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.314953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.314971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.314995] Call Trace: [ 24.315017] <TASK> [ 24.315039] dump_stack_lvl+0x73/0xb0 [ 24.315070] print_report+0xd1/0x650 [ 24.315093] ? __virt_addr_valid+0x1db/0x2d0 [ 24.315117] ? kasan_atomics_helper+0x4b54/0x5450 [ 24.315156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.315182] ? kasan_atomics_helper+0x4b54/0x5450 [ 24.315203] kasan_report+0x141/0x180 [ 24.315235] ? kasan_atomics_helper+0x4b54/0x5450 [ 24.315260] __asan_report_load4_noabort+0x18/0x20 [ 24.315284] kasan_atomics_helper+0x4b54/0x5450 [ 24.315317] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.315338] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.315362] ? kasan_atomics+0x152/0x310 [ 24.315388] kasan_atomics+0x1dc/0x310 [ 24.315410] ? __pfx_kasan_atomics+0x10/0x10 [ 24.315431] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.315455] ? __pfx_read_tsc+0x10/0x10 [ 24.315478] ? ktime_get_ts64+0x86/0x230 [ 24.315503] kunit_try_run_case+0x1a5/0x480 [ 24.315530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.315554] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.315574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.315608] ? __kthread_parkme+0x82/0x180 [ 24.315629] ? preempt_count_sub+0x50/0x80 [ 24.315653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.315686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.315710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.315734] kthread+0x337/0x6f0 [ 24.315762] ? trace_preempt_on+0x20/0xc0 [ 24.315785] ? __pfx_kthread+0x10/0x10 [ 24.315805] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.315839] ? calculate_sigpending+0x7b/0xa0 [ 24.315911] ? __pfx_kthread+0x10/0x10 [ 24.315932] ret_from_fork+0x116/0x1d0 [ 24.315961] ? __pfx_kthread+0x10/0x10 [ 24.315982] ret_from_fork_asm+0x1a/0x30 [ 24.316014] </TASK> [ 24.316025] [ 24.324744] Allocated by task 294: [ 24.325003] kasan_save_stack+0x45/0x70 [ 24.325332] kasan_save_track+0x18/0x40 [ 24.325522] kasan_save_alloc_info+0x3b/0x50 [ 24.325744] __kasan_kmalloc+0xb7/0xc0 [ 24.326220] __kmalloc_cache_noprof+0x189/0x420 [ 24.326455] kasan_atomics+0x95/0x310 [ 24.326606] kunit_try_run_case+0x1a5/0x480 [ 24.326747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.326913] kthread+0x337/0x6f0 [ 24.327058] ret_from_fork+0x116/0x1d0 [ 24.327277] ret_from_fork_asm+0x1a/0x30 [ 24.327468] [ 24.327596] The buggy address belongs to the object at ffff8881039e9700 [ 24.327596] which belongs to the cache kmalloc-64 of size 64 [ 24.328089] The buggy address is located 0 bytes to the right of [ 24.328089] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.328654] [ 24.328728] The buggy address belongs to the physical page: [ 24.328958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.329353] flags: 0x200000000000000(node=0|zone=2) [ 24.329682] page_type: f5(slab) [ 24.329801] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.330070] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.330703] page dumped because: kasan: bad access detected [ 24.331215] [ 24.331317] Memory state around the buggy address: [ 24.331485] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.331694] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.332276] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.332722] ^ [ 24.333032] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.333326] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.333656] ================================================================== [ 24.986316] ================================================================== [ 24.986960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 24.987611] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.988032] [ 24.988127] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.988176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.988189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.988212] Call Trace: [ 24.988244] <TASK> [ 24.988264] dump_stack_lvl+0x73/0xb0 [ 24.988292] print_report+0xd1/0x650 [ 24.988325] ? __virt_addr_valid+0x1db/0x2d0 [ 24.988355] ? kasan_atomics_helper+0x12e6/0x5450 [ 24.988376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.988412] ? kasan_atomics_helper+0x12e6/0x5450 [ 24.988433] kasan_report+0x141/0x180 [ 24.988454] ? kasan_atomics_helper+0x12e6/0x5450 [ 24.988478] kasan_check_range+0x10c/0x1c0 [ 24.988500] __kasan_check_write+0x18/0x20 [ 24.988523] kasan_atomics_helper+0x12e6/0x5450 [ 24.988545] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.988575] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.988599] ? kasan_atomics+0x152/0x310 [ 24.988624] kasan_atomics+0x1dc/0x310 [ 24.988656] ? __pfx_kasan_atomics+0x10/0x10 [ 24.988677] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.988701] ? __pfx_read_tsc+0x10/0x10 [ 24.988724] ? ktime_get_ts64+0x86/0x230 [ 24.988758] kunit_try_run_case+0x1a5/0x480 [ 24.988785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.988808] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.988838] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.988863] ? __kthread_parkme+0x82/0x180 [ 24.988884] ? preempt_count_sub+0x50/0x80 [ 24.988908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.988932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.988963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.988987] kthread+0x337/0x6f0 [ 24.989007] ? trace_preempt_on+0x20/0xc0 [ 24.989030] ? __pfx_kthread+0x10/0x10 [ 24.989050] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.989073] ? calculate_sigpending+0x7b/0xa0 [ 24.989097] ? __pfx_kthread+0x10/0x10 [ 24.989118] ret_from_fork+0x116/0x1d0 [ 24.989147] ? __pfx_kthread+0x10/0x10 [ 24.989169] ret_from_fork_asm+0x1a/0x30 [ 24.989200] </TASK> [ 24.989211] [ 24.997462] Allocated by task 294: [ 24.997642] kasan_save_stack+0x45/0x70 [ 24.997846] kasan_save_track+0x18/0x40 [ 24.998023] kasan_save_alloc_info+0x3b/0x50 [ 24.998274] __kasan_kmalloc+0xb7/0xc0 [ 24.998451] __kmalloc_cache_noprof+0x189/0x420 [ 24.998667] kasan_atomics+0x95/0x310 [ 24.998838] kunit_try_run_case+0x1a5/0x480 [ 24.999048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.999217] kthread+0x337/0x6f0 [ 24.999329] ret_from_fork+0x116/0x1d0 [ 24.999455] ret_from_fork_asm+0x1a/0x30 [ 24.999587] [ 24.999667] The buggy address belongs to the object at ffff8881039e9700 [ 24.999667] which belongs to the cache kmalloc-64 of size 64 [ 25.000206] The buggy address is located 0 bytes to the right of [ 25.000206] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.000712] [ 25.000779] The buggy address belongs to the physical page: [ 25.000953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.001185] flags: 0x200000000000000(node=0|zone=2) [ 25.001588] page_type: f5(slab) [ 25.001753] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.002104] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.002646] page dumped because: kasan: bad access detected [ 25.002899] [ 25.002998] Memory state around the buggy address: [ 25.003176] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.003496] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.003772] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.004082] ^ [ 25.004381] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.004673] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.004977] ================================================================== [ 25.266199] ================================================================== [ 25.266600] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 25.266975] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.267346] [ 25.267446] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.267493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.267507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.267529] Call Trace: [ 25.267548] <TASK> [ 25.267565] dump_stack_lvl+0x73/0xb0 [ 25.267591] print_report+0xd1/0x650 [ 25.267612] ? __virt_addr_valid+0x1db/0x2d0 [ 25.267635] ? kasan_atomics_helper+0x19e3/0x5450 [ 25.267656] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.267682] ? kasan_atomics_helper+0x19e3/0x5450 [ 25.267703] kasan_report+0x141/0x180 [ 25.267724] ? kasan_atomics_helper+0x19e3/0x5450 [ 25.267749] kasan_check_range+0x10c/0x1c0 [ 25.267772] __kasan_check_write+0x18/0x20 [ 25.267795] kasan_atomics_helper+0x19e3/0x5450 [ 25.267816] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.267837] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.267861] ? kasan_atomics+0x152/0x310 [ 25.267886] kasan_atomics+0x1dc/0x310 [ 25.267908] ? __pfx_kasan_atomics+0x10/0x10 [ 25.267929] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.267975] ? __pfx_read_tsc+0x10/0x10 [ 25.267997] ? ktime_get_ts64+0x86/0x230 [ 25.268021] kunit_try_run_case+0x1a5/0x480 [ 25.268060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.268083] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.268103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.268139] ? __kthread_parkme+0x82/0x180 [ 25.268159] ? preempt_count_sub+0x50/0x80 [ 25.268182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.268217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.268240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.268265] kthread+0x337/0x6f0 [ 25.268295] ? trace_preempt_on+0x20/0xc0 [ 25.268318] ? __pfx_kthread+0x10/0x10 [ 25.268344] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.268379] ? calculate_sigpending+0x7b/0xa0 [ 25.268402] ? __pfx_kthread+0x10/0x10 [ 25.268423] ret_from_fork+0x116/0x1d0 [ 25.268453] ? __pfx_kthread+0x10/0x10 [ 25.268473] ret_from_fork_asm+0x1a/0x30 [ 25.268503] </TASK> [ 25.268525] [ 25.275866] Allocated by task 294: [ 25.276036] kasan_save_stack+0x45/0x70 [ 25.276250] kasan_save_track+0x18/0x40 [ 25.276416] kasan_save_alloc_info+0x3b/0x50 [ 25.276617] __kasan_kmalloc+0xb7/0xc0 [ 25.276781] __kmalloc_cache_noprof+0x189/0x420 [ 25.277007] kasan_atomics+0x95/0x310 [ 25.277211] kunit_try_run_case+0x1a5/0x480 [ 25.277410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.277646] kthread+0x337/0x6f0 [ 25.277804] ret_from_fork+0x116/0x1d0 [ 25.277975] ret_from_fork_asm+0x1a/0x30 [ 25.278197] [ 25.278268] The buggy address belongs to the object at ffff8881039e9700 [ 25.278268] which belongs to the cache kmalloc-64 of size 64 [ 25.278694] The buggy address is located 0 bytes to the right of [ 25.278694] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.279177] [ 25.279267] The buggy address belongs to the physical page: [ 25.279495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.279810] flags: 0x200000000000000(node=0|zone=2) [ 25.279970] page_type: f5(slab) [ 25.280080] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.280731] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.280973] page dumped because: kasan: bad access detected [ 25.281131] [ 25.281193] Memory state around the buggy address: [ 25.281424] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.281736] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.282062] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.282406] ^ [ 25.282619] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.282831] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.283162] ================================================================== [ 25.301057] ================================================================== [ 25.301524] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 25.301899] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.302248] [ 25.302358] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.302406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.302420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.302442] Call Trace: [ 25.302462] <TASK> [ 25.302490] dump_stack_lvl+0x73/0xb0 [ 25.302517] print_report+0xd1/0x650 [ 25.302538] ? __virt_addr_valid+0x1db/0x2d0 [ 25.302572] ? kasan_atomics_helper+0x1b22/0x5450 [ 25.302593] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.302618] ? kasan_atomics_helper+0x1b22/0x5450 [ 25.302639] kasan_report+0x141/0x180 [ 25.302661] ? kasan_atomics_helper+0x1b22/0x5450 [ 25.302686] kasan_check_range+0x10c/0x1c0 [ 25.302709] __kasan_check_write+0x18/0x20 [ 25.302732] kasan_atomics_helper+0x1b22/0x5450 [ 25.302754] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.302776] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.302800] ? kasan_atomics+0x152/0x310 [ 25.302825] kasan_atomics+0x1dc/0x310 [ 25.302847] ? __pfx_kasan_atomics+0x10/0x10 [ 25.302868] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.302892] ? __pfx_read_tsc+0x10/0x10 [ 25.302916] ? ktime_get_ts64+0x86/0x230 [ 25.302953] kunit_try_run_case+0x1a5/0x480 [ 25.302980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.303003] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.303025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.303050] ? __kthread_parkme+0x82/0x180 [ 25.303071] ? preempt_count_sub+0x50/0x80 [ 25.303094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.303129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.303162] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.303185] kthread+0x337/0x6f0 [ 25.303206] ? trace_preempt_on+0x20/0xc0 [ 25.303240] ? __pfx_kthread+0x10/0x10 [ 25.303260] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.303284] ? calculate_sigpending+0x7b/0xa0 [ 25.303308] ? __pfx_kthread+0x10/0x10 [ 25.303328] ret_from_fork+0x116/0x1d0 [ 25.303347] ? __pfx_kthread+0x10/0x10 [ 25.303367] ret_from_fork_asm+0x1a/0x30 [ 25.303398] </TASK> [ 25.303409] [ 25.312635] Allocated by task 294: [ 25.312815] kasan_save_stack+0x45/0x70 [ 25.313006] kasan_save_track+0x18/0x40 [ 25.313753] kasan_save_alloc_info+0x3b/0x50 [ 25.314343] __kasan_kmalloc+0xb7/0xc0 [ 25.314492] __kmalloc_cache_noprof+0x189/0x420 [ 25.314643] kasan_atomics+0x95/0x310 [ 25.314774] kunit_try_run_case+0x1a5/0x480 [ 25.314917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.315095] kthread+0x337/0x6f0 [ 25.315217] ret_from_fork+0x116/0x1d0 [ 25.315342] ret_from_fork_asm+0x1a/0x30 [ 25.315472] [ 25.315540] The buggy address belongs to the object at ffff8881039e9700 [ 25.315540] which belongs to the cache kmalloc-64 of size 64 [ 25.315883] The buggy address is located 0 bytes to the right of [ 25.315883] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.317116] [ 25.317368] The buggy address belongs to the physical page: [ 25.317903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.318641] flags: 0x200000000000000(node=0|zone=2) [ 25.319106] page_type: f5(slab) [ 25.319413] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.320059] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.320717] page dumped because: kasan: bad access detected [ 25.321209] [ 25.321360] Memory state around the buggy address: [ 25.321796] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.322479] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.323195] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.323800] ^ [ 25.324237] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.324483] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.324681] ================================================================== [ 24.356477] ================================================================== [ 24.356815] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 24.357249] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.357576] [ 24.357690] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.357743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.357757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.357790] Call Trace: [ 24.357814] <TASK> [ 24.357837] dump_stack_lvl+0x73/0xb0 [ 24.358118] print_report+0xd1/0x650 [ 24.358159] ? __virt_addr_valid+0x1db/0x2d0 [ 24.358198] ? kasan_atomics_helper+0x4b3a/0x5450 [ 24.358221] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.358247] ? kasan_atomics_helper+0x4b3a/0x5450 [ 24.358268] kasan_report+0x141/0x180 [ 24.358290] ? kasan_atomics_helper+0x4b3a/0x5450 [ 24.358316] __asan_report_store4_noabort+0x1b/0x30 [ 24.358340] kasan_atomics_helper+0x4b3a/0x5450 [ 24.358364] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.358385] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.358410] ? kasan_atomics+0x152/0x310 [ 24.358436] kasan_atomics+0x1dc/0x310 [ 24.358458] ? __pfx_kasan_atomics+0x10/0x10 [ 24.358480] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.358504] ? __pfx_read_tsc+0x10/0x10 [ 24.358542] ? ktime_get_ts64+0x86/0x230 [ 24.358568] kunit_try_run_case+0x1a5/0x480 [ 24.358596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.358631] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.358653] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.358678] ? __kthread_parkme+0x82/0x180 [ 24.358699] ? preempt_count_sub+0x50/0x80 [ 24.358722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.358746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.358770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.358794] kthread+0x337/0x6f0 [ 24.358858] ? trace_preempt_on+0x20/0xc0 [ 24.358885] ? __pfx_kthread+0x10/0x10 [ 24.358906] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.359011] ? calculate_sigpending+0x7b/0xa0 [ 24.359038] ? __pfx_kthread+0x10/0x10 [ 24.359059] ret_from_fork+0x116/0x1d0 [ 24.359080] ? __pfx_kthread+0x10/0x10 [ 24.359100] ret_from_fork_asm+0x1a/0x30 [ 24.359131] </TASK> [ 24.359143] [ 24.368138] Allocated by task 294: [ 24.368721] kasan_save_stack+0x45/0x70 [ 24.369134] kasan_save_track+0x18/0x40 [ 24.369317] kasan_save_alloc_info+0x3b/0x50 [ 24.369514] __kasan_kmalloc+0xb7/0xc0 [ 24.369679] __kmalloc_cache_noprof+0x189/0x420 [ 24.370172] kasan_atomics+0x95/0x310 [ 24.370364] kunit_try_run_case+0x1a5/0x480 [ 24.370545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.370715] kthread+0x337/0x6f0 [ 24.370844] ret_from_fork+0x116/0x1d0 [ 24.371134] ret_from_fork_asm+0x1a/0x30 [ 24.371333] [ 24.371428] The buggy address belongs to the object at ffff8881039e9700 [ 24.371428] which belongs to the cache kmalloc-64 of size 64 [ 24.372104] The buggy address is located 0 bytes to the right of [ 24.372104] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.372547] [ 24.372644] The buggy address belongs to the physical page: [ 24.372925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.373486] flags: 0x200000000000000(node=0|zone=2) [ 24.373659] page_type: f5(slab) [ 24.373777] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.374117] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.374477] page dumped because: kasan: bad access detected [ 24.375029] [ 24.375497] Memory state around the buggy address: [ 24.376167] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.376591] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.377077] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.377646] ^ [ 24.378369] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.379147] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.379784] ================================================================== [ 24.460737] ================================================================== [ 24.461340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 24.461623] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.461924] [ 24.462086] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.462138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.462152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.462175] Call Trace: [ 24.462189] <TASK> [ 24.462209] dump_stack_lvl+0x73/0xb0 [ 24.462236] print_report+0xd1/0x650 [ 24.462258] ? __virt_addr_valid+0x1db/0x2d0 [ 24.462282] ? kasan_atomics_helper+0x72f/0x5450 [ 24.462302] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.462348] ? kasan_atomics_helper+0x72f/0x5450 [ 24.462391] kasan_report+0x141/0x180 [ 24.462414] ? kasan_atomics_helper+0x72f/0x5450 [ 24.462468] kasan_check_range+0x10c/0x1c0 [ 24.462503] __kasan_check_write+0x18/0x20 [ 24.462544] kasan_atomics_helper+0x72f/0x5450 [ 24.462571] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.462593] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.462618] ? kasan_atomics+0x152/0x310 [ 24.462644] kasan_atomics+0x1dc/0x310 [ 24.462666] ? __pfx_kasan_atomics+0x10/0x10 [ 24.462687] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.462711] ? __pfx_read_tsc+0x10/0x10 [ 24.462734] ? ktime_get_ts64+0x86/0x230 [ 24.462759] kunit_try_run_case+0x1a5/0x480 [ 24.462805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.462842] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.462863] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.462888] ? __kthread_parkme+0x82/0x180 [ 24.462909] ? preempt_count_sub+0x50/0x80 [ 24.462932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.462966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.462990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.463014] kthread+0x337/0x6f0 [ 24.463033] ? trace_preempt_on+0x20/0xc0 [ 24.463074] ? __pfx_kthread+0x10/0x10 [ 24.463096] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.463119] ? calculate_sigpending+0x7b/0xa0 [ 24.463143] ? __pfx_kthread+0x10/0x10 [ 24.463163] ret_from_fork+0x116/0x1d0 [ 24.463182] ? __pfx_kthread+0x10/0x10 [ 24.463203] ret_from_fork_asm+0x1a/0x30 [ 24.463233] </TASK> [ 24.463244] [ 24.475706] Allocated by task 294: [ 24.476169] kasan_save_stack+0x45/0x70 [ 24.476510] kasan_save_track+0x18/0x40 [ 24.476694] kasan_save_alloc_info+0x3b/0x50 [ 24.477338] __kasan_kmalloc+0xb7/0xc0 [ 24.477545] __kmalloc_cache_noprof+0x189/0x420 [ 24.477740] kasan_atomics+0x95/0x310 [ 24.478275] kunit_try_run_case+0x1a5/0x480 [ 24.478631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.479255] kthread+0x337/0x6f0 [ 24.479453] ret_from_fork+0x116/0x1d0 [ 24.479623] ret_from_fork_asm+0x1a/0x30 [ 24.479793] [ 24.480158] The buggy address belongs to the object at ffff8881039e9700 [ 24.480158] which belongs to the cache kmalloc-64 of size 64 [ 24.480637] The buggy address is located 0 bytes to the right of [ 24.480637] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.481547] [ 24.481643] The buggy address belongs to the physical page: [ 24.482186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.482516] flags: 0x200000000000000(node=0|zone=2) [ 24.482725] page_type: f5(slab) [ 24.483269] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.483582] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.484036] page dumped because: kasan: bad access detected [ 24.484434] [ 24.484539] Memory state around the buggy address: [ 24.484740] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.485378] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.485609] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.485955] ^ [ 24.486264] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.486539] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.486828] ================================================================== [ 25.207425] ================================================================== [ 25.207827] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 25.208288] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.208606] [ 25.208722] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.208805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.208846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.208869] Call Trace: [ 25.208891] <TASK> [ 25.208916] dump_stack_lvl+0x73/0xb0 [ 25.208959] print_report+0xd1/0x650 [ 25.208983] ? __virt_addr_valid+0x1db/0x2d0 [ 25.209007] ? kasan_atomics_helper+0x1818/0x5450 [ 25.209047] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.209081] ? kasan_atomics_helper+0x1818/0x5450 [ 25.209103] kasan_report+0x141/0x180 [ 25.209136] ? kasan_atomics_helper+0x1818/0x5450 [ 25.209162] kasan_check_range+0x10c/0x1c0 [ 25.209185] __kasan_check_write+0x18/0x20 [ 25.209207] kasan_atomics_helper+0x1818/0x5450 [ 25.209229] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.209251] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.209276] ? kasan_atomics+0x152/0x310 [ 25.209329] kasan_atomics+0x1dc/0x310 [ 25.209351] ? __pfx_kasan_atomics+0x10/0x10 [ 25.209372] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.209406] ? __pfx_read_tsc+0x10/0x10 [ 25.209430] ? ktime_get_ts64+0x86/0x230 [ 25.209481] kunit_try_run_case+0x1a5/0x480 [ 25.209509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.209532] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.209563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.209588] ? __kthread_parkme+0x82/0x180 [ 25.209609] ? preempt_count_sub+0x50/0x80 [ 25.209632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.209656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.209679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.209703] kthread+0x337/0x6f0 [ 25.209723] ? trace_preempt_on+0x20/0xc0 [ 25.209746] ? __pfx_kthread+0x10/0x10 [ 25.209768] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.209790] ? calculate_sigpending+0x7b/0xa0 [ 25.209814] ? __pfx_kthread+0x10/0x10 [ 25.209835] ret_from_fork+0x116/0x1d0 [ 25.209854] ? __pfx_kthread+0x10/0x10 [ 25.209874] ret_from_fork_asm+0x1a/0x30 [ 25.209904] </TASK> [ 25.209916] [ 25.217797] Allocated by task 294: [ 25.217992] kasan_save_stack+0x45/0x70 [ 25.218233] kasan_save_track+0x18/0x40 [ 25.218533] kasan_save_alloc_info+0x3b/0x50 [ 25.218763] __kasan_kmalloc+0xb7/0xc0 [ 25.218934] __kmalloc_cache_noprof+0x189/0x420 [ 25.219155] kasan_atomics+0x95/0x310 [ 25.219406] kunit_try_run_case+0x1a5/0x480 [ 25.219606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.219912] kthread+0x337/0x6f0 [ 25.220088] ret_from_fork+0x116/0x1d0 [ 25.220287] ret_from_fork_asm+0x1a/0x30 [ 25.220463] [ 25.220585] The buggy address belongs to the object at ffff8881039e9700 [ 25.220585] which belongs to the cache kmalloc-64 of size 64 [ 25.221053] The buggy address is located 0 bytes to the right of [ 25.221053] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.221401] [ 25.221469] The buggy address belongs to the physical page: [ 25.221632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.221907] flags: 0x200000000000000(node=0|zone=2) [ 25.222224] page_type: f5(slab) [ 25.222409] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.222790] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.223139] page dumped because: kasan: bad access detected [ 25.223382] [ 25.223509] Memory state around the buggy address: [ 25.223726] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.223969] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.224292] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.224658] ^ [ 25.224950] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.225337] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.225538] ================================================================== [ 24.228012] ================================================================== [ 24.228399] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 24.228735] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.229221] [ 24.229309] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.229358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.229370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.229391] Call Trace: [ 24.229406] <TASK> [ 24.229501] dump_stack_lvl+0x73/0xb0 [ 24.229529] print_report+0xd1/0x650 [ 24.229549] ? __virt_addr_valid+0x1db/0x2d0 [ 24.229571] ? kasan_atomics_helper+0x4ba2/0x5450 [ 24.229592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.229617] ? kasan_atomics_helper+0x4ba2/0x5450 [ 24.229636] kasan_report+0x141/0x180 [ 24.229656] ? kasan_atomics_helper+0x4ba2/0x5450 [ 24.229679] __asan_report_store4_noabort+0x1b/0x30 [ 24.229711] kasan_atomics_helper+0x4ba2/0x5450 [ 24.229732] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.229752] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.229786] ? kasan_atomics+0x152/0x310 [ 24.229810] kasan_atomics+0x1dc/0x310 [ 24.229897] ? __pfx_kasan_atomics+0x10/0x10 [ 24.229917] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.229952] ? __pfx_read_tsc+0x10/0x10 [ 24.229973] ? ktime_get_ts64+0x86/0x230 [ 24.229998] kunit_try_run_case+0x1a5/0x480 [ 24.230023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.230054] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.230073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.230097] ? __kthread_parkme+0x82/0x180 [ 24.230128] ? preempt_count_sub+0x50/0x80 [ 24.230151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.230173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.230195] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.230217] kthread+0x337/0x6f0 [ 24.230235] ? trace_preempt_on+0x20/0xc0 [ 24.230258] ? __pfx_kthread+0x10/0x10 [ 24.230277] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.230308] ? calculate_sigpending+0x7b/0xa0 [ 24.230331] ? __pfx_kthread+0x10/0x10 [ 24.230351] ret_from_fork+0x116/0x1d0 [ 24.230379] ? __pfx_kthread+0x10/0x10 [ 24.230398] ret_from_fork_asm+0x1a/0x30 [ 24.230427] </TASK> [ 24.230438] [ 24.238778] Allocated by task 294: [ 24.239203] kasan_save_stack+0x45/0x70 [ 24.239549] kasan_save_track+0x18/0x40 [ 24.239737] kasan_save_alloc_info+0x3b/0x50 [ 24.240116] __kasan_kmalloc+0xb7/0xc0 [ 24.240252] __kmalloc_cache_noprof+0x189/0x420 [ 24.240405] kasan_atomics+0x95/0x310 [ 24.240549] kunit_try_run_case+0x1a5/0x480 [ 24.240747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.240997] kthread+0x337/0x6f0 [ 24.241143] ret_from_fork+0x116/0x1d0 [ 24.241269] ret_from_fork_asm+0x1a/0x30 [ 24.241403] [ 24.241468] The buggy address belongs to the object at ffff8881039e9700 [ 24.241468] which belongs to the cache kmalloc-64 of size 64 [ 24.242021] The buggy address is located 0 bytes to the right of [ 24.242021] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.243071] [ 24.243302] The buggy address belongs to the physical page: [ 24.243539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.243847] flags: 0x200000000000000(node=0|zone=2) [ 24.244021] page_type: f5(slab) [ 24.244274] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.244737] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.245165] page dumped because: kasan: bad access detected [ 24.245401] [ 24.245490] Memory state around the buggy address: [ 24.245654] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.245966] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.246362] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.246604] ^ [ 24.246838] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.247570] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.248003] ================================================================== [ 25.391052] ================================================================== [ 25.391579] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 25.391809] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.392198] [ 25.392310] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.392366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.392379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.392401] Call Trace: [ 25.392422] <TASK> [ 25.392442] dump_stack_lvl+0x73/0xb0 [ 25.392469] print_report+0xd1/0x650 [ 25.392492] ? __virt_addr_valid+0x1db/0x2d0 [ 25.392515] ? kasan_atomics_helper+0x1d7a/0x5450 [ 25.392535] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.392561] ? kasan_atomics_helper+0x1d7a/0x5450 [ 25.392581] kasan_report+0x141/0x180 [ 25.392602] ? kasan_atomics_helper+0x1d7a/0x5450 [ 25.392628] kasan_check_range+0x10c/0x1c0 [ 25.392651] __kasan_check_write+0x18/0x20 [ 25.392674] kasan_atomics_helper+0x1d7a/0x5450 [ 25.392696] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.392717] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.392741] ? kasan_atomics+0x152/0x310 [ 25.392766] kasan_atomics+0x1dc/0x310 [ 25.392788] ? __pfx_kasan_atomics+0x10/0x10 [ 25.392809] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.392832] ? __pfx_read_tsc+0x10/0x10 [ 25.392854] ? ktime_get_ts64+0x86/0x230 [ 25.392879] kunit_try_run_case+0x1a5/0x480 [ 25.392906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.392928] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.392958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.392984] ? __kthread_parkme+0x82/0x180 [ 25.393004] ? preempt_count_sub+0x50/0x80 [ 25.393028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.393052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.393076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.393099] kthread+0x337/0x6f0 [ 25.393130] ? trace_preempt_on+0x20/0xc0 [ 25.393153] ? __pfx_kthread+0x10/0x10 [ 25.393173] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.393197] ? calculate_sigpending+0x7b/0xa0 [ 25.393220] ? __pfx_kthread+0x10/0x10 [ 25.393242] ret_from_fork+0x116/0x1d0 [ 25.393260] ? __pfx_kthread+0x10/0x10 [ 25.393280] ret_from_fork_asm+0x1a/0x30 [ 25.393310] </TASK> [ 25.393322] [ 25.400858] Allocated by task 294: [ 25.401031] kasan_save_stack+0x45/0x70 [ 25.401246] kasan_save_track+0x18/0x40 [ 25.401411] kasan_save_alloc_info+0x3b/0x50 [ 25.401607] __kasan_kmalloc+0xb7/0xc0 [ 25.401781] __kmalloc_cache_noprof+0x189/0x420 [ 25.401982] kasan_atomics+0x95/0x310 [ 25.402141] kunit_try_run_case+0x1a5/0x480 [ 25.402302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.402539] kthread+0x337/0x6f0 [ 25.402693] ret_from_fork+0x116/0x1d0 [ 25.402870] ret_from_fork_asm+0x1a/0x30 [ 25.403038] [ 25.403104] The buggy address belongs to the object at ffff8881039e9700 [ 25.403104] which belongs to the cache kmalloc-64 of size 64 [ 25.403569] The buggy address is located 0 bytes to the right of [ 25.403569] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.404052] [ 25.404147] The buggy address belongs to the physical page: [ 25.404322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.404553] flags: 0x200000000000000(node=0|zone=2) [ 25.404710] page_type: f5(slab) [ 25.404824] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.405112] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.405629] page dumped because: kasan: bad access detected [ 25.405868] [ 25.405962] Memory state around the buggy address: [ 25.406171] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.406376] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.406580] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.406781] ^ [ 25.407081] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.407528] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.407863] ================================================================== [ 25.226071] ================================================================== [ 25.226590] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 25.227172] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.227556] [ 25.227728] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.227855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.227870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.228166] Call Trace: [ 25.228190] <TASK> [ 25.228211] dump_stack_lvl+0x73/0xb0 [ 25.228239] print_report+0xd1/0x650 [ 25.228261] ? __virt_addr_valid+0x1db/0x2d0 [ 25.228305] ? kasan_atomics_helper+0x18b1/0x5450 [ 25.228346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.228371] ? kasan_atomics_helper+0x18b1/0x5450 [ 25.228405] kasan_report+0x141/0x180 [ 25.228440] ? kasan_atomics_helper+0x18b1/0x5450 [ 25.228465] kasan_check_range+0x10c/0x1c0 [ 25.228502] __kasan_check_write+0x18/0x20 [ 25.228524] kasan_atomics_helper+0x18b1/0x5450 [ 25.228559] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.228591] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.228616] ? kasan_atomics+0x152/0x310 [ 25.228642] kasan_atomics+0x1dc/0x310 [ 25.228675] ? __pfx_kasan_atomics+0x10/0x10 [ 25.228698] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.228722] ? __pfx_read_tsc+0x10/0x10 [ 25.228745] ? ktime_get_ts64+0x86/0x230 [ 25.228770] kunit_try_run_case+0x1a5/0x480 [ 25.228797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.228819] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.228840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.228866] ? __kthread_parkme+0x82/0x180 [ 25.228885] ? preempt_count_sub+0x50/0x80 [ 25.228909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.228933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.228965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.228989] kthread+0x337/0x6f0 [ 25.229008] ? trace_preempt_on+0x20/0xc0 [ 25.229031] ? __pfx_kthread+0x10/0x10 [ 25.229051] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.229074] ? calculate_sigpending+0x7b/0xa0 [ 25.229098] ? __pfx_kthread+0x10/0x10 [ 25.229129] ret_from_fork+0x116/0x1d0 [ 25.229148] ? __pfx_kthread+0x10/0x10 [ 25.229168] ret_from_fork_asm+0x1a/0x30 [ 25.229199] </TASK> [ 25.229210] [ 25.237288] Allocated by task 294: [ 25.237423] kasan_save_stack+0x45/0x70 [ 25.237558] kasan_save_track+0x18/0x40 [ 25.237742] kasan_save_alloc_info+0x3b/0x50 [ 25.238030] __kasan_kmalloc+0xb7/0xc0 [ 25.238425] __kmalloc_cache_noprof+0x189/0x420 [ 25.238573] kasan_atomics+0x95/0x310 [ 25.238750] kunit_try_run_case+0x1a5/0x480 [ 25.238984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.239302] kthread+0x337/0x6f0 [ 25.239461] ret_from_fork+0x116/0x1d0 [ 25.239647] ret_from_fork_asm+0x1a/0x30 [ 25.239860] [ 25.239977] The buggy address belongs to the object at ffff8881039e9700 [ 25.239977] which belongs to the cache kmalloc-64 of size 64 [ 25.240565] The buggy address is located 0 bytes to the right of [ 25.240565] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.241168] [ 25.241273] The buggy address belongs to the physical page: [ 25.241517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.241904] flags: 0x200000000000000(node=0|zone=2) [ 25.242154] page_type: f5(slab) [ 25.242373] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.242692] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.242905] page dumped because: kasan: bad access detected [ 25.243124] [ 25.243209] Memory state around the buggy address: [ 25.243420] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.243730] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.244065] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.244269] ^ [ 25.244416] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.244792] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.245111] ================================================================== [ 25.246494] ================================================================== [ 25.247098] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 25.247518] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.247848] [ 25.247980] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.248042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.248056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.248118] Call Trace: [ 25.248163] <TASK> [ 25.248182] dump_stack_lvl+0x73/0xb0 [ 25.248209] print_report+0xd1/0x650 [ 25.248240] ? __virt_addr_valid+0x1db/0x2d0 [ 25.248263] ? kasan_atomics_helper+0x194a/0x5450 [ 25.248284] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.248310] ? kasan_atomics_helper+0x194a/0x5450 [ 25.248335] kasan_report+0x141/0x180 [ 25.248357] ? kasan_atomics_helper+0x194a/0x5450 [ 25.248382] kasan_check_range+0x10c/0x1c0 [ 25.248405] __kasan_check_write+0x18/0x20 [ 25.248438] kasan_atomics_helper+0x194a/0x5450 [ 25.248460] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.248481] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.248505] ? kasan_atomics+0x152/0x310 [ 25.248530] kasan_atomics+0x1dc/0x310 [ 25.248552] ? __pfx_kasan_atomics+0x10/0x10 [ 25.248573] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.248676] ? __pfx_read_tsc+0x10/0x10 [ 25.248700] ? ktime_get_ts64+0x86/0x230 [ 25.248726] kunit_try_run_case+0x1a5/0x480 [ 25.248764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.248787] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.248818] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.248858] ? __kthread_parkme+0x82/0x180 [ 25.248899] ? preempt_count_sub+0x50/0x80 [ 25.248924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.248964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.249003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.249053] kthread+0x337/0x6f0 [ 25.249072] ? trace_preempt_on+0x20/0xc0 [ 25.249095] ? __pfx_kthread+0x10/0x10 [ 25.249133] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.249156] ? calculate_sigpending+0x7b/0xa0 [ 25.249180] ? __pfx_kthread+0x10/0x10 [ 25.249201] ret_from_fork+0x116/0x1d0 [ 25.249220] ? __pfx_kthread+0x10/0x10 [ 25.249240] ret_from_fork_asm+0x1a/0x30 [ 25.249270] </TASK> [ 25.249282] [ 25.257338] Allocated by task 294: [ 25.257484] kasan_save_stack+0x45/0x70 [ 25.257723] kasan_save_track+0x18/0x40 [ 25.257881] kasan_save_alloc_info+0x3b/0x50 [ 25.258107] __kasan_kmalloc+0xb7/0xc0 [ 25.258318] __kmalloc_cache_noprof+0x189/0x420 [ 25.258539] kasan_atomics+0x95/0x310 [ 25.258725] kunit_try_run_case+0x1a5/0x480 [ 25.258920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.259277] kthread+0x337/0x6f0 [ 25.259459] ret_from_fork+0x116/0x1d0 [ 25.259660] ret_from_fork_asm+0x1a/0x30 [ 25.259841] [ 25.259905] The buggy address belongs to the object at ffff8881039e9700 [ 25.259905] which belongs to the cache kmalloc-64 of size 64 [ 25.260536] The buggy address is located 0 bytes to the right of [ 25.260536] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.260907] [ 25.261028] The buggy address belongs to the physical page: [ 25.261278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.261737] flags: 0x200000000000000(node=0|zone=2) [ 25.262008] page_type: f5(slab) [ 25.262207] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.262551] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.262869] page dumped because: kasan: bad access detected [ 25.263040] [ 25.263100] Memory state around the buggy address: [ 25.263242] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.263459] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.263820] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.264271] ^ [ 25.264726] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.265136] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.265428] ================================================================== [ 25.346720] ================================================================== [ 25.347721] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 25.348209] Read of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.348643] [ 25.348735] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.348787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.348801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.349071] Call Trace: [ 25.349102] <TASK> [ 25.349127] dump_stack_lvl+0x73/0xb0 [ 25.349160] print_report+0xd1/0x650 [ 25.349185] ? __virt_addr_valid+0x1db/0x2d0 [ 25.349209] ? kasan_atomics_helper+0x4f30/0x5450 [ 25.349230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.349257] ? kasan_atomics_helper+0x4f30/0x5450 [ 25.349278] kasan_report+0x141/0x180 [ 25.349299] ? kasan_atomics_helper+0x4f30/0x5450 [ 25.349325] __asan_report_load8_noabort+0x18/0x20 [ 25.349348] kasan_atomics_helper+0x4f30/0x5450 [ 25.349370] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.349392] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.349417] ? kasan_atomics+0x152/0x310 [ 25.349442] kasan_atomics+0x1dc/0x310 [ 25.349463] ? __pfx_kasan_atomics+0x10/0x10 [ 25.349485] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.349508] ? __pfx_read_tsc+0x10/0x10 [ 25.349530] ? ktime_get_ts64+0x86/0x230 [ 25.349556] kunit_try_run_case+0x1a5/0x480 [ 25.349583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.349605] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.349625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.349650] ? __kthread_parkme+0x82/0x180 [ 25.349671] ? preempt_count_sub+0x50/0x80 [ 25.349695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.349719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.349742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.349765] kthread+0x337/0x6f0 [ 25.349785] ? trace_preempt_on+0x20/0xc0 [ 25.349809] ? __pfx_kthread+0x10/0x10 [ 25.349830] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.349853] ? calculate_sigpending+0x7b/0xa0 [ 25.349877] ? __pfx_kthread+0x10/0x10 [ 25.349897] ret_from_fork+0x116/0x1d0 [ 25.349916] ? __pfx_kthread+0x10/0x10 [ 25.349947] ret_from_fork_asm+0x1a/0x30 [ 25.349978] </TASK> [ 25.349989] [ 25.362673] Allocated by task 294: [ 25.363157] kasan_save_stack+0x45/0x70 [ 25.363646] kasan_save_track+0x18/0x40 [ 25.364175] kasan_save_alloc_info+0x3b/0x50 [ 25.364691] __kasan_kmalloc+0xb7/0xc0 [ 25.365204] __kmalloc_cache_noprof+0x189/0x420 [ 25.365731] kasan_atomics+0x95/0x310 [ 25.366289] kunit_try_run_case+0x1a5/0x480 [ 25.366620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.366793] kthread+0x337/0x6f0 [ 25.366910] ret_from_fork+0x116/0x1d0 [ 25.367047] ret_from_fork_asm+0x1a/0x30 [ 25.367309] [ 25.367469] The buggy address belongs to the object at ffff8881039e9700 [ 25.367469] which belongs to the cache kmalloc-64 of size 64 [ 25.368601] The buggy address is located 0 bytes to the right of [ 25.368601] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.369783] [ 25.369960] The buggy address belongs to the physical page: [ 25.370239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.370475] flags: 0x200000000000000(node=0|zone=2) [ 25.370635] page_type: f5(slab) [ 25.370751] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.370990] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.371293] page dumped because: kasan: bad access detected [ 25.371531] [ 25.371618] Memory state around the buggy address: [ 25.371813] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.372045] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.372608] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.372891] ^ [ 25.373110] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.373378] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.373657] ================================================================== [ 24.704217] ================================================================== [ 24.704769] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 24.705256] Read of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.705578] [ 24.705696] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.705747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.705761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.705784] Call Trace: [ 24.705807] <TASK> [ 24.706031] dump_stack_lvl+0x73/0xb0 [ 24.706065] print_report+0xd1/0x650 [ 24.706088] ? __virt_addr_valid+0x1db/0x2d0 [ 24.706239] ? kasan_atomics_helper+0x4a84/0x5450 [ 24.706263] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.706289] ? kasan_atomics_helper+0x4a84/0x5450 [ 24.706310] kasan_report+0x141/0x180 [ 24.706332] ? kasan_atomics_helper+0x4a84/0x5450 [ 24.706357] __asan_report_load4_noabort+0x18/0x20 [ 24.706381] kasan_atomics_helper+0x4a84/0x5450 [ 24.706403] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.706425] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.706449] ? kasan_atomics+0x152/0x310 [ 24.706474] kasan_atomics+0x1dc/0x310 [ 24.706497] ? __pfx_kasan_atomics+0x10/0x10 [ 24.706518] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.706542] ? __pfx_read_tsc+0x10/0x10 [ 24.706564] ? ktime_get_ts64+0x86/0x230 [ 24.706589] kunit_try_run_case+0x1a5/0x480 [ 24.706616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.706639] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.706659] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.706684] ? __kthread_parkme+0x82/0x180 [ 24.706705] ? preempt_count_sub+0x50/0x80 [ 24.706728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.706752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.706775] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.706798] kthread+0x337/0x6f0 [ 24.706825] ? trace_preempt_on+0x20/0xc0 [ 24.706849] ? __pfx_kthread+0x10/0x10 [ 24.706869] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.706892] ? calculate_sigpending+0x7b/0xa0 [ 24.706915] ? __pfx_kthread+0x10/0x10 [ 24.706950] ret_from_fork+0x116/0x1d0 [ 24.706969] ? __pfx_kthread+0x10/0x10 [ 24.706989] ret_from_fork_asm+0x1a/0x30 [ 24.707019] </TASK> [ 24.707030] [ 24.718495] Allocated by task 294: [ 24.718805] kasan_save_stack+0x45/0x70 [ 24.719008] kasan_save_track+0x18/0x40 [ 24.719415] kasan_save_alloc_info+0x3b/0x50 [ 24.719842] __kasan_kmalloc+0xb7/0xc0 [ 24.720104] __kmalloc_cache_noprof+0x189/0x420 [ 24.720425] kasan_atomics+0x95/0x310 [ 24.720792] kunit_try_run_case+0x1a5/0x480 [ 24.721216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.721543] kthread+0x337/0x6f0 [ 24.721815] ret_from_fork+0x116/0x1d0 [ 24.722264] ret_from_fork_asm+0x1a/0x30 [ 24.722466] [ 24.722565] The buggy address belongs to the object at ffff8881039e9700 [ 24.722565] which belongs to the cache kmalloc-64 of size 64 [ 24.723264] The buggy address is located 0 bytes to the right of [ 24.723264] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.723904] [ 24.724015] The buggy address belongs to the physical page: [ 24.724694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.725211] flags: 0x200000000000000(node=0|zone=2) [ 24.725534] page_type: f5(slab) [ 24.725710] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.726294] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.726695] page dumped because: kasan: bad access detected [ 24.727316] [ 24.727405] Memory state around the buggy address: [ 24.727618] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.727902] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.728594] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.728837] ^ [ 24.729501] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.729741] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.730387] ================================================================== [ 25.283820] ================================================================== [ 25.284147] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 25.284380] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.284606] [ 25.284766] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.284811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.284825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.284846] Call Trace: [ 25.284862] <TASK> [ 25.284877] dump_stack_lvl+0x73/0xb0 [ 25.284903] print_report+0xd1/0x650 [ 25.284924] ? __virt_addr_valid+0x1db/0x2d0 [ 25.284957] ? kasan_atomics_helper+0x1a7f/0x5450 [ 25.284978] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.285003] ? kasan_atomics_helper+0x1a7f/0x5450 [ 25.285024] kasan_report+0x141/0x180 [ 25.285046] ? kasan_atomics_helper+0x1a7f/0x5450 [ 25.285072] kasan_check_range+0x10c/0x1c0 [ 25.285094] __kasan_check_write+0x18/0x20 [ 25.285117] kasan_atomics_helper+0x1a7f/0x5450 [ 25.285138] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.285159] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.285183] ? kasan_atomics+0x152/0x310 [ 25.285209] kasan_atomics+0x1dc/0x310 [ 25.285230] ? __pfx_kasan_atomics+0x10/0x10 [ 25.285251] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.285275] ? __pfx_read_tsc+0x10/0x10 [ 25.285296] ? ktime_get_ts64+0x86/0x230 [ 25.285320] kunit_try_run_case+0x1a5/0x480 [ 25.285346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.285368] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.285388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.285414] ? __kthread_parkme+0x82/0x180 [ 25.285434] ? preempt_count_sub+0x50/0x80 [ 25.285458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.285482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.285506] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.285530] kthread+0x337/0x6f0 [ 25.285549] ? trace_preempt_on+0x20/0xc0 [ 25.285572] ? __pfx_kthread+0x10/0x10 [ 25.285593] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.285616] ? calculate_sigpending+0x7b/0xa0 [ 25.285639] ? __pfx_kthread+0x10/0x10 [ 25.285660] ret_from_fork+0x116/0x1d0 [ 25.285678] ? __pfx_kthread+0x10/0x10 [ 25.285698] ret_from_fork_asm+0x1a/0x30 [ 25.285729] </TASK> [ 25.285739] [ 25.293377] Allocated by task 294: [ 25.293559] kasan_save_stack+0x45/0x70 [ 25.293778] kasan_save_track+0x18/0x40 [ 25.293933] kasan_save_alloc_info+0x3b/0x50 [ 25.294081] __kasan_kmalloc+0xb7/0xc0 [ 25.294204] __kmalloc_cache_noprof+0x189/0x420 [ 25.294349] kasan_atomics+0x95/0x310 [ 25.294473] kunit_try_run_case+0x1a5/0x480 [ 25.294613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.294778] kthread+0x337/0x6f0 [ 25.294891] ret_from_fork+0x116/0x1d0 [ 25.295024] ret_from_fork_asm+0x1a/0x30 [ 25.295193] [ 25.295283] The buggy address belongs to the object at ffff8881039e9700 [ 25.295283] which belongs to the cache kmalloc-64 of size 64 [ 25.295830] The buggy address is located 0 bytes to the right of [ 25.295830] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.296382] [ 25.296471] The buggy address belongs to the physical page: [ 25.296714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.297060] flags: 0x200000000000000(node=0|zone=2) [ 25.297283] page_type: f5(slab) [ 25.297454] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.297767] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.297994] page dumped because: kasan: bad access detected [ 25.298257] [ 25.298353] Memory state around the buggy address: [ 25.298566] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.298879] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.299233] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.299517] ^ [ 25.299668] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.299966] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.300302] ================================================================== [ 24.937560] ================================================================== [ 24.937983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 24.938332] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.938613] [ 24.938725] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.938773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.938787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.938811] Call Trace: [ 24.938833] <TASK> [ 24.938854] dump_stack_lvl+0x73/0xb0 [ 24.938881] print_report+0xd1/0x650 [ 24.938902] ? __virt_addr_valid+0x1db/0x2d0 [ 24.938926] ? kasan_atomics_helper+0x1217/0x5450 [ 24.938959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.938984] ? kasan_atomics_helper+0x1217/0x5450 [ 24.939005] kasan_report+0x141/0x180 [ 24.939027] ? kasan_atomics_helper+0x1217/0x5450 [ 24.939052] kasan_check_range+0x10c/0x1c0 [ 24.939076] __kasan_check_write+0x18/0x20 [ 24.939100] kasan_atomics_helper+0x1217/0x5450 [ 24.939123] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.939146] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.939171] ? kasan_atomics+0x152/0x310 [ 24.939196] kasan_atomics+0x1dc/0x310 [ 24.939218] ? __pfx_kasan_atomics+0x10/0x10 [ 24.939240] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.939265] ? __pfx_read_tsc+0x10/0x10 [ 24.939287] ? ktime_get_ts64+0x86/0x230 [ 24.939312] kunit_try_run_case+0x1a5/0x480 [ 24.939339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.939361] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.939381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.939407] ? __kthread_parkme+0x82/0x180 [ 24.939426] ? preempt_count_sub+0x50/0x80 [ 24.939451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.939474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.939497] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.939520] kthread+0x337/0x6f0 [ 24.939539] ? trace_preempt_on+0x20/0xc0 [ 24.939562] ? __pfx_kthread+0x10/0x10 [ 24.939583] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.939607] ? calculate_sigpending+0x7b/0xa0 [ 24.939631] ? __pfx_kthread+0x10/0x10 [ 24.939652] ret_from_fork+0x116/0x1d0 [ 24.939670] ? __pfx_kthread+0x10/0x10 [ 24.939691] ret_from_fork_asm+0x1a/0x30 [ 24.939721] </TASK> [ 24.939732] [ 24.951244] Allocated by task 294: [ 24.951562] kasan_save_stack+0x45/0x70 [ 24.951908] kasan_save_track+0x18/0x40 [ 24.952230] kasan_save_alloc_info+0x3b/0x50 [ 24.952458] __kasan_kmalloc+0xb7/0xc0 [ 24.952626] __kmalloc_cache_noprof+0x189/0x420 [ 24.952813] kasan_atomics+0x95/0x310 [ 24.952992] kunit_try_run_case+0x1a5/0x480 [ 24.953449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.953854] kthread+0x337/0x6f0 [ 24.954129] ret_from_fork+0x116/0x1d0 [ 24.954428] ret_from_fork_asm+0x1a/0x30 [ 24.954787] [ 24.954882] The buggy address belongs to the object at ffff8881039e9700 [ 24.954882] which belongs to the cache kmalloc-64 of size 64 [ 24.955583] The buggy address is located 0 bytes to the right of [ 24.955583] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.956086] [ 24.956229] The buggy address belongs to the physical page: [ 24.956465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.956782] flags: 0x200000000000000(node=0|zone=2) [ 24.957358] page_type: f5(slab) [ 24.957649] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.958276] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.958765] page dumped because: kasan: bad access detected [ 24.959220] [ 24.959478] Memory state around the buggy address: [ 24.959756] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.960237] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.960721] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.961279] ^ [ 24.961501] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.961782] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.962070] ================================================================== [ 24.512505] ================================================================== [ 24.512757] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 24.513119] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.513570] [ 24.514156] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.514404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.514419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.514443] Call Trace: [ 24.514465] <TASK> [ 24.514486] dump_stack_lvl+0x73/0xb0 [ 24.514513] print_report+0xd1/0x650 [ 24.514536] ? __virt_addr_valid+0x1db/0x2d0 [ 24.514559] ? kasan_atomics_helper+0x860/0x5450 [ 24.514580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.514606] ? kasan_atomics_helper+0x860/0x5450 [ 24.514627] kasan_report+0x141/0x180 [ 24.514649] ? kasan_atomics_helper+0x860/0x5450 [ 24.514674] kasan_check_range+0x10c/0x1c0 [ 24.514697] __kasan_check_write+0x18/0x20 [ 24.514719] kasan_atomics_helper+0x860/0x5450 [ 24.514741] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.514762] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.514787] ? kasan_atomics+0x152/0x310 [ 24.514813] kasan_atomics+0x1dc/0x310 [ 24.514931] ? __pfx_kasan_atomics+0x10/0x10 [ 24.514969] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.514993] ? __pfx_read_tsc+0x10/0x10 [ 24.515016] ? ktime_get_ts64+0x86/0x230 [ 24.515042] kunit_try_run_case+0x1a5/0x480 [ 24.515069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.515092] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.515113] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.515146] ? __kthread_parkme+0x82/0x180 [ 24.515168] ? preempt_count_sub+0x50/0x80 [ 24.515192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.515217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.515241] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.515265] kthread+0x337/0x6f0 [ 24.515285] ? trace_preempt_on+0x20/0xc0 [ 24.515308] ? __pfx_kthread+0x10/0x10 [ 24.515329] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.515353] ? calculate_sigpending+0x7b/0xa0 [ 24.515377] ? __pfx_kthread+0x10/0x10 [ 24.515399] ret_from_fork+0x116/0x1d0 [ 24.515418] ? __pfx_kthread+0x10/0x10 [ 24.515439] ret_from_fork_asm+0x1a/0x30 [ 24.515469] </TASK> [ 24.515480] [ 24.526720] Allocated by task 294: [ 24.527150] kasan_save_stack+0x45/0x70 [ 24.527437] kasan_save_track+0x18/0x40 [ 24.527614] kasan_save_alloc_info+0x3b/0x50 [ 24.528112] __kasan_kmalloc+0xb7/0xc0 [ 24.528363] __kmalloc_cache_noprof+0x189/0x420 [ 24.528608] kasan_atomics+0x95/0x310 [ 24.528773] kunit_try_run_case+0x1a5/0x480 [ 24.529225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.529419] kthread+0x337/0x6f0 [ 24.529717] ret_from_fork+0x116/0x1d0 [ 24.529892] ret_from_fork_asm+0x1a/0x30 [ 24.530312] [ 24.530413] The buggy address belongs to the object at ffff8881039e9700 [ 24.530413] which belongs to the cache kmalloc-64 of size 64 [ 24.530932] The buggy address is located 0 bytes to the right of [ 24.530932] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.531822] [ 24.531934] The buggy address belongs to the physical page: [ 24.532348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.532813] flags: 0x200000000000000(node=0|zone=2) [ 24.533133] page_type: f5(slab) [ 24.533323] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.533787] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.534217] page dumped because: kasan: bad access detected [ 24.534490] [ 24.534589] Memory state around the buggy address: [ 24.534771] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.535410] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.535709] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.536216] ^ [ 24.536661] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.537047] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.537347] ================================================================== [ 24.269744] ================================================================== [ 24.270196] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 24.270528] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.270846] [ 24.271235] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.271288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.271303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.271326] Call Trace: [ 24.271348] <TASK> [ 24.271369] dump_stack_lvl+0x73/0xb0 [ 24.271398] print_report+0xd1/0x650 [ 24.271420] ? __virt_addr_valid+0x1db/0x2d0 [ 24.271443] ? kasan_atomics_helper+0x4b6e/0x5450 [ 24.271464] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.271490] ? kasan_atomics_helper+0x4b6e/0x5450 [ 24.271511] kasan_report+0x141/0x180 [ 24.271533] ? kasan_atomics_helper+0x4b6e/0x5450 [ 24.271558] __asan_report_store4_noabort+0x1b/0x30 [ 24.271582] kasan_atomics_helper+0x4b6e/0x5450 [ 24.271603] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.271624] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.271649] ? kasan_atomics+0x152/0x310 [ 24.271675] kasan_atomics+0x1dc/0x310 [ 24.271697] ? __pfx_kasan_atomics+0x10/0x10 [ 24.271718] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.271741] ? __pfx_read_tsc+0x10/0x10 [ 24.271763] ? ktime_get_ts64+0x86/0x230 [ 24.271788] kunit_try_run_case+0x1a5/0x480 [ 24.271815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.271837] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.271857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.271883] ? __kthread_parkme+0x82/0x180 [ 24.272005] ? preempt_count_sub+0x50/0x80 [ 24.272037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.272062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.272098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.272133] kthread+0x337/0x6f0 [ 24.272153] ? trace_preempt_on+0x20/0xc0 [ 24.272188] ? __pfx_kthread+0x10/0x10 [ 24.272208] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.272241] ? calculate_sigpending+0x7b/0xa0 [ 24.272265] ? __pfx_kthread+0x10/0x10 [ 24.272286] ret_from_fork+0x116/0x1d0 [ 24.272316] ? __pfx_kthread+0x10/0x10 [ 24.272342] ret_from_fork_asm+0x1a/0x30 [ 24.272373] </TASK> [ 24.272385] [ 24.280827] Allocated by task 294: [ 24.281035] kasan_save_stack+0x45/0x70 [ 24.281189] kasan_save_track+0x18/0x40 [ 24.281403] kasan_save_alloc_info+0x3b/0x50 [ 24.281752] __kasan_kmalloc+0xb7/0xc0 [ 24.281953] __kmalloc_cache_noprof+0x189/0x420 [ 24.282423] kasan_atomics+0x95/0x310 [ 24.282598] kunit_try_run_case+0x1a5/0x480 [ 24.282787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.283290] kthread+0x337/0x6f0 [ 24.283461] ret_from_fork+0x116/0x1d0 [ 24.283647] ret_from_fork_asm+0x1a/0x30 [ 24.283935] [ 24.284048] The buggy address belongs to the object at ffff8881039e9700 [ 24.284048] which belongs to the cache kmalloc-64 of size 64 [ 24.284584] The buggy address is located 0 bytes to the right of [ 24.284584] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.285198] [ 24.285297] The buggy address belongs to the physical page: [ 24.285540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.285914] flags: 0x200000000000000(node=0|zone=2) [ 24.286150] page_type: f5(slab) [ 24.286413] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.286686] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.286909] page dumped because: kasan: bad access detected [ 24.287084] [ 24.287150] Memory state around the buggy address: [ 24.287413] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.287733] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.288048] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.289143] ^ [ 24.289416] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.289681] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.289890] ================================================================== [ 24.963478] ================================================================== [ 24.963883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 24.964523] Read of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.964827] [ 24.964934] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.964995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.965009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.965032] Call Trace: [ 24.965055] <TASK> [ 24.965076] dump_stack_lvl+0x73/0xb0 [ 24.965103] print_report+0xd1/0x650 [ 24.965125] ? __virt_addr_valid+0x1db/0x2d0 [ 24.965148] ? kasan_atomics_helper+0x49e8/0x5450 [ 24.965169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.965195] ? kasan_atomics_helper+0x49e8/0x5450 [ 24.965217] kasan_report+0x141/0x180 [ 24.965238] ? kasan_atomics_helper+0x49e8/0x5450 [ 24.965263] __asan_report_load4_noabort+0x18/0x20 [ 24.965286] kasan_atomics_helper+0x49e8/0x5450 [ 24.965307] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.965329] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.965353] ? kasan_atomics+0x152/0x310 [ 24.965378] kasan_atomics+0x1dc/0x310 [ 24.965399] ? __pfx_kasan_atomics+0x10/0x10 [ 24.965421] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.965445] ? __pfx_read_tsc+0x10/0x10 [ 24.965467] ? ktime_get_ts64+0x86/0x230 [ 24.965492] kunit_try_run_case+0x1a5/0x480 [ 24.965518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.965540] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.965562] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.965588] ? __kthread_parkme+0x82/0x180 [ 24.965609] ? preempt_count_sub+0x50/0x80 [ 24.965632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.965656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.965680] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.965703] kthread+0x337/0x6f0 [ 24.965723] ? trace_preempt_on+0x20/0xc0 [ 24.965748] ? __pfx_kthread+0x10/0x10 [ 24.965769] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.965792] ? calculate_sigpending+0x7b/0xa0 [ 24.965816] ? __pfx_kthread+0x10/0x10 [ 24.965837] ret_from_fork+0x116/0x1d0 [ 24.965856] ? __pfx_kthread+0x10/0x10 [ 24.965876] ret_from_fork_asm+0x1a/0x30 [ 24.965906] </TASK> [ 24.965917] [ 24.973179] Allocated by task 294: [ 24.973309] kasan_save_stack+0x45/0x70 [ 24.973499] kasan_save_track+0x18/0x40 [ 24.974699] kasan_save_alloc_info+0x3b/0x50 [ 24.975155] __kasan_kmalloc+0xb7/0xc0 [ 24.975294] __kmalloc_cache_noprof+0x189/0x420 [ 24.975440] kasan_atomics+0x95/0x310 [ 24.975562] kunit_try_run_case+0x1a5/0x480 [ 24.975699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.975862] kthread+0x337/0x6f0 [ 24.975983] ret_from_fork+0x116/0x1d0 [ 24.976107] ret_from_fork_asm+0x1a/0x30 [ 24.976235] [ 24.976300] The buggy address belongs to the object at ffff8881039e9700 [ 24.976300] which belongs to the cache kmalloc-64 of size 64 [ 24.976643] The buggy address is located 0 bytes to the right of [ 24.976643] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.977109] [ 24.977264] The buggy address belongs to the physical page: [ 24.977776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.978640] flags: 0x200000000000000(node=0|zone=2) [ 24.979259] page_type: f5(slab) [ 24.979618] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.980314] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.980987] page dumped because: kasan: bad access detected [ 24.981504] [ 24.981668] Memory state around the buggy address: [ 24.982132] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.982758] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.983436] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.984056] ^ [ 24.984543] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.985180] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.985777] ================================================================== [ 25.082807] ================================================================== [ 25.083209] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 25.083467] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.083717] [ 25.083823] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.083871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.083884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.083906] Call Trace: [ 25.083925] <TASK> [ 25.083955] dump_stack_lvl+0x73/0xb0 [ 25.083981] print_report+0xd1/0x650 [ 25.084003] ? __virt_addr_valid+0x1db/0x2d0 [ 25.084026] ? kasan_atomics_helper+0x50d4/0x5450 [ 25.084047] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.084073] ? kasan_atomics_helper+0x50d4/0x5450 [ 25.084094] kasan_report+0x141/0x180 [ 25.084115] ? kasan_atomics_helper+0x50d4/0x5450 [ 25.084155] __asan_report_store8_noabort+0x1b/0x30 [ 25.084179] kasan_atomics_helper+0x50d4/0x5450 [ 25.084201] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.084223] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.084247] ? kasan_atomics+0x152/0x310 [ 25.084272] kasan_atomics+0x1dc/0x310 [ 25.084295] ? __pfx_kasan_atomics+0x10/0x10 [ 25.084317] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.084349] ? __pfx_read_tsc+0x10/0x10 [ 25.084371] ? ktime_get_ts64+0x86/0x230 [ 25.084396] kunit_try_run_case+0x1a5/0x480 [ 25.084422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.084445] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.084465] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.084490] ? __kthread_parkme+0x82/0x180 [ 25.084510] ? preempt_count_sub+0x50/0x80 [ 25.084534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.084557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.084582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.084606] kthread+0x337/0x6f0 [ 25.084625] ? trace_preempt_on+0x20/0xc0 [ 25.084648] ? __pfx_kthread+0x10/0x10 [ 25.084668] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.084691] ? calculate_sigpending+0x7b/0xa0 [ 25.084714] ? __pfx_kthread+0x10/0x10 [ 25.084735] ret_from_fork+0x116/0x1d0 [ 25.084754] ? __pfx_kthread+0x10/0x10 [ 25.084774] ret_from_fork_asm+0x1a/0x30 [ 25.084804] </TASK> [ 25.084815] [ 25.092028] Allocated by task 294: [ 25.092154] kasan_save_stack+0x45/0x70 [ 25.092287] kasan_save_track+0x18/0x40 [ 25.092421] kasan_save_alloc_info+0x3b/0x50 [ 25.092562] __kasan_kmalloc+0xb7/0xc0 [ 25.092713] __kmalloc_cache_noprof+0x189/0x420 [ 25.093062] kasan_atomics+0x95/0x310 [ 25.093422] kunit_try_run_case+0x1a5/0x480 [ 25.093621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.093861] kthread+0x337/0x6f0 [ 25.094028] ret_from_fork+0x116/0x1d0 [ 25.094260] ret_from_fork_asm+0x1a/0x30 [ 25.094447] [ 25.094535] The buggy address belongs to the object at ffff8881039e9700 [ 25.094535] which belongs to the cache kmalloc-64 of size 64 [ 25.095006] The buggy address is located 0 bytes to the right of [ 25.095006] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.095639] [ 25.095705] The buggy address belongs to the physical page: [ 25.095870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.096319] flags: 0x200000000000000(node=0|zone=2) [ 25.096560] page_type: f5(slab) [ 25.096728] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.097032] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.097372] page dumped because: kasan: bad access detected [ 25.097595] [ 25.097658] Memory state around the buggy address: [ 25.097849] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.098148] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.098417] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.098679] ^ [ 25.098859] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.099162] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.099433] ================================================================== [ 25.426869] ================================================================== [ 25.427302] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 25.427561] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.427853] [ 25.427973] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.428025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.428038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.428060] Call Trace: [ 25.428081] <TASK> [ 25.428101] dump_stack_lvl+0x73/0xb0 [ 25.428127] print_report+0xd1/0x650 [ 25.428149] ? __virt_addr_valid+0x1db/0x2d0 [ 25.428173] ? kasan_atomics_helper+0x1eaa/0x5450 [ 25.428193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.428217] ? kasan_atomics_helper+0x1eaa/0x5450 [ 25.428239] kasan_report+0x141/0x180 [ 25.428272] ? kasan_atomics_helper+0x1eaa/0x5450 [ 25.428297] kasan_check_range+0x10c/0x1c0 [ 25.428320] __kasan_check_write+0x18/0x20 [ 25.428349] kasan_atomics_helper+0x1eaa/0x5450 [ 25.428371] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.428392] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.428417] ? kasan_atomics+0x152/0x310 [ 25.428452] kasan_atomics+0x1dc/0x310 [ 25.428474] ? __pfx_kasan_atomics+0x10/0x10 [ 25.428495] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.428529] ? __pfx_read_tsc+0x10/0x10 [ 25.428552] ? ktime_get_ts64+0x86/0x230 [ 25.428577] kunit_try_run_case+0x1a5/0x480 [ 25.428604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.428627] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.428647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.428672] ? __kthread_parkme+0x82/0x180 [ 25.428693] ? preempt_count_sub+0x50/0x80 [ 25.428716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.428740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.428763] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.428787] kthread+0x337/0x6f0 [ 25.428807] ? trace_preempt_on+0x20/0xc0 [ 25.428831] ? __pfx_kthread+0x10/0x10 [ 25.428852] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.428874] ? calculate_sigpending+0x7b/0xa0 [ 25.428898] ? __pfx_kthread+0x10/0x10 [ 25.428919] ret_from_fork+0x116/0x1d0 [ 25.428949] ? __pfx_kthread+0x10/0x10 [ 25.428970] ret_from_fork_asm+0x1a/0x30 [ 25.429003] </TASK> [ 25.429014] [ 25.436744] Allocated by task 294: [ 25.436877] kasan_save_stack+0x45/0x70 [ 25.437027] kasan_save_track+0x18/0x40 [ 25.437153] kasan_save_alloc_info+0x3b/0x50 [ 25.437294] __kasan_kmalloc+0xb7/0xc0 [ 25.437417] __kmalloc_cache_noprof+0x189/0x420 [ 25.437566] kasan_atomics+0x95/0x310 [ 25.437768] kunit_try_run_case+0x1a5/0x480 [ 25.438014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.438277] kthread+0x337/0x6f0 [ 25.438435] ret_from_fork+0x116/0x1d0 [ 25.438609] ret_from_fork_asm+0x1a/0x30 [ 25.438792] [ 25.438880] The buggy address belongs to the object at ffff8881039e9700 [ 25.438880] which belongs to the cache kmalloc-64 of size 64 [ 25.439413] The buggy address is located 0 bytes to the right of [ 25.439413] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.439914] [ 25.439990] The buggy address belongs to the physical page: [ 25.440176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.440405] flags: 0x200000000000000(node=0|zone=2) [ 25.440581] page_type: f5(slab) [ 25.440745] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.441090] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.441468] page dumped because: kasan: bad access detected [ 25.441716] [ 25.441782] Memory state around the buggy address: [ 25.441931] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.442177] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.442391] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.442599] ^ [ 25.442745] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.442961] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.443290] ================================================================== [ 24.920509] ================================================================== [ 24.920962] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 24.921293] Read of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.921568] [ 24.921672] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.921722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.921735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.921757] Call Trace: [ 24.921777] <TASK> [ 24.921797] dump_stack_lvl+0x73/0xb0 [ 24.921823] print_report+0xd1/0x650 [ 24.921844] ? __virt_addr_valid+0x1db/0x2d0 [ 24.921867] ? kasan_atomics_helper+0x4a02/0x5450 [ 24.921888] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.921914] ? kasan_atomics_helper+0x4a02/0x5450 [ 24.921934] kasan_report+0x141/0x180 [ 24.921966] ? kasan_atomics_helper+0x4a02/0x5450 [ 24.921991] __asan_report_load4_noabort+0x18/0x20 [ 24.922014] kasan_atomics_helper+0x4a02/0x5450 [ 24.922035] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.922057] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.922082] ? kasan_atomics+0x152/0x310 [ 24.922107] kasan_atomics+0x1dc/0x310 [ 24.922129] ? __pfx_kasan_atomics+0x10/0x10 [ 24.922151] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.922174] ? __pfx_read_tsc+0x10/0x10 [ 24.922196] ? ktime_get_ts64+0x86/0x230 [ 24.922221] kunit_try_run_case+0x1a5/0x480 [ 24.922247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.922270] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.922290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.922315] ? __kthread_parkme+0x82/0x180 [ 24.922335] ? preempt_count_sub+0x50/0x80 [ 24.922359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.922382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.922405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.922429] kthread+0x337/0x6f0 [ 24.922448] ? trace_preempt_on+0x20/0xc0 [ 24.922472] ? __pfx_kthread+0x10/0x10 [ 24.922492] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.922515] ? calculate_sigpending+0x7b/0xa0 [ 24.922539] ? __pfx_kthread+0x10/0x10 [ 24.922560] ret_from_fork+0x116/0x1d0 [ 24.922579] ? __pfx_kthread+0x10/0x10 [ 24.922599] ret_from_fork_asm+0x1a/0x30 [ 24.922628] </TASK> [ 24.922640] [ 24.929789] Allocated by task 294: [ 24.929981] kasan_save_stack+0x45/0x70 [ 24.930222] kasan_save_track+0x18/0x40 [ 24.930403] kasan_save_alloc_info+0x3b/0x50 [ 24.930609] __kasan_kmalloc+0xb7/0xc0 [ 24.930765] __kmalloc_cache_noprof+0x189/0x420 [ 24.930947] kasan_atomics+0x95/0x310 [ 24.931071] kunit_try_run_case+0x1a5/0x480 [ 24.931401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.931617] kthread+0x337/0x6f0 [ 24.931731] ret_from_fork+0x116/0x1d0 [ 24.931855] ret_from_fork_asm+0x1a/0x30 [ 24.932005] [ 24.932071] The buggy address belongs to the object at ffff8881039e9700 [ 24.932071] which belongs to the cache kmalloc-64 of size 64 [ 24.932821] The buggy address is located 0 bytes to the right of [ 24.932821] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.933327] [ 24.933396] The buggy address belongs to the physical page: [ 24.933561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.933883] flags: 0x200000000000000(node=0|zone=2) [ 24.934123] page_type: f5(slab) [ 24.934287] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.934627] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.934950] page dumped because: kasan: bad access detected [ 24.935182] [ 24.935246] Memory state around the buggy address: [ 24.935394] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.935601] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.935808] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.936060] ^ [ 24.936268] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.936585] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.936887] ================================================================== [ 24.903339] ================================================================== [ 24.903577] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 24.904032] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.904397] [ 24.904546] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.904597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.904611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.904633] Call Trace: [ 24.904656] <TASK> [ 24.904676] dump_stack_lvl+0x73/0xb0 [ 24.904702] print_report+0xd1/0x650 [ 24.904723] ? __virt_addr_valid+0x1db/0x2d0 [ 24.904748] ? kasan_atomics_helper+0x1148/0x5450 [ 24.904769] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.904794] ? kasan_atomics_helper+0x1148/0x5450 [ 24.904816] kasan_report+0x141/0x180 [ 24.904838] ? kasan_atomics_helper+0x1148/0x5450 [ 24.904863] kasan_check_range+0x10c/0x1c0 [ 24.904886] __kasan_check_write+0x18/0x20 [ 24.904909] kasan_atomics_helper+0x1148/0x5450 [ 24.904930] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.904963] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.904987] ? kasan_atomics+0x152/0x310 [ 24.905012] kasan_atomics+0x1dc/0x310 [ 24.905034] ? __pfx_kasan_atomics+0x10/0x10 [ 24.905055] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.905079] ? __pfx_read_tsc+0x10/0x10 [ 24.905101] ? ktime_get_ts64+0x86/0x230 [ 24.905126] kunit_try_run_case+0x1a5/0x480 [ 24.905152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.905175] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.905195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.905219] ? __kthread_parkme+0x82/0x180 [ 24.905240] ? preempt_count_sub+0x50/0x80 [ 24.905263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.905287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.905311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.905334] kthread+0x337/0x6f0 [ 24.905366] ? trace_preempt_on+0x20/0xc0 [ 24.905389] ? __pfx_kthread+0x10/0x10 [ 24.905409] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.905433] ? calculate_sigpending+0x7b/0xa0 [ 24.905457] ? __pfx_kthread+0x10/0x10 [ 24.905478] ret_from_fork+0x116/0x1d0 [ 24.905497] ? __pfx_kthread+0x10/0x10 [ 24.905517] ret_from_fork_asm+0x1a/0x30 [ 24.905546] </TASK> [ 24.905558] [ 24.912950] Allocated by task 294: [ 24.913092] kasan_save_stack+0x45/0x70 [ 24.913293] kasan_save_track+0x18/0x40 [ 24.913469] kasan_save_alloc_info+0x3b/0x50 [ 24.913621] __kasan_kmalloc+0xb7/0xc0 [ 24.913788] __kmalloc_cache_noprof+0x189/0x420 [ 24.913934] kasan_atomics+0x95/0x310 [ 24.914068] kunit_try_run_case+0x1a5/0x480 [ 24.914454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.914703] kthread+0x337/0x6f0 [ 24.914860] ret_from_fork+0x116/0x1d0 [ 24.915016] ret_from_fork_asm+0x1a/0x30 [ 24.915184] [ 24.915342] The buggy address belongs to the object at ffff8881039e9700 [ 24.915342] which belongs to the cache kmalloc-64 of size 64 [ 24.915713] The buggy address is located 0 bytes to the right of [ 24.915713] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.916299] [ 24.916387] The buggy address belongs to the physical page: [ 24.916597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.916893] flags: 0x200000000000000(node=0|zone=2) [ 24.917117] page_type: f5(slab) [ 24.917275] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.917515] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.917735] page dumped because: kasan: bad access detected [ 24.917900] [ 24.917973] Memory state around the buggy address: [ 24.918123] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.918433] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.918752] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.919063] ^ [ 24.919460] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.919743] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.919954] ================================================================== [ 25.325282] ================================================================== [ 25.326130] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 25.326475] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.326685] [ 25.326770] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.326821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.326834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.326857] Call Trace: [ 25.326878] <TASK> [ 25.326899] dump_stack_lvl+0x73/0xb0 [ 25.326928] print_report+0xd1/0x650 [ 25.326962] ? __virt_addr_valid+0x1db/0x2d0 [ 25.326985] ? kasan_atomics_helper+0x1c18/0x5450 [ 25.327006] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.327031] ? kasan_atomics_helper+0x1c18/0x5450 [ 25.327051] kasan_report+0x141/0x180 [ 25.327073] ? kasan_atomics_helper+0x1c18/0x5450 [ 25.327098] kasan_check_range+0x10c/0x1c0 [ 25.327121] __kasan_check_write+0x18/0x20 [ 25.327144] kasan_atomics_helper+0x1c18/0x5450 [ 25.327166] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.327207] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.327232] ? kasan_atomics+0x152/0x310 [ 25.327257] kasan_atomics+0x1dc/0x310 [ 25.327278] ? __pfx_kasan_atomics+0x10/0x10 [ 25.327299] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.327323] ? __pfx_read_tsc+0x10/0x10 [ 25.327346] ? ktime_get_ts64+0x86/0x230 [ 25.327371] kunit_try_run_case+0x1a5/0x480 [ 25.327398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.327420] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.327440] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.327466] ? __kthread_parkme+0x82/0x180 [ 25.327486] ? preempt_count_sub+0x50/0x80 [ 25.327510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.327534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.327558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.327582] kthread+0x337/0x6f0 [ 25.327602] ? trace_preempt_on+0x20/0xc0 [ 25.327626] ? __pfx_kthread+0x10/0x10 [ 25.327649] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.327672] ? calculate_sigpending+0x7b/0xa0 [ 25.327696] ? __pfx_kthread+0x10/0x10 [ 25.327718] ret_from_fork+0x116/0x1d0 [ 25.327737] ? __pfx_kthread+0x10/0x10 [ 25.327757] ret_from_fork_asm+0x1a/0x30 [ 25.327788] </TASK> [ 25.327800] [ 25.334863] Allocated by task 294: [ 25.335045] kasan_save_stack+0x45/0x70 [ 25.335980] kasan_save_track+0x18/0x40 [ 25.336516] kasan_save_alloc_info+0x3b/0x50 [ 25.336966] __kasan_kmalloc+0xb7/0xc0 [ 25.337147] __kmalloc_cache_noprof+0x189/0x420 [ 25.337614] kasan_atomics+0x95/0x310 [ 25.337859] kunit_try_run_case+0x1a5/0x480 [ 25.338202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.338527] kthread+0x337/0x6f0 [ 25.338662] ret_from_fork+0x116/0x1d0 [ 25.338975] ret_from_fork_asm+0x1a/0x30 [ 25.339167] [ 25.339413] The buggy address belongs to the object at ffff8881039e9700 [ 25.339413] which belongs to the cache kmalloc-64 of size 64 [ 25.339922] The buggy address is located 0 bytes to the right of [ 25.339922] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.340597] [ 25.340845] The buggy address belongs to the physical page: [ 25.341062] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.341640] flags: 0x200000000000000(node=0|zone=2) [ 25.341877] page_type: f5(slab) [ 25.342163] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.342513] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.342795] page dumped because: kasan: bad access detected [ 25.343108] [ 25.343309] Memory state around the buggy address: [ 25.343626] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.344000] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.344448] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.344727] ^ [ 25.344924] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.345388] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.345766] ================================================================== [ 24.248497] ================================================================== [ 24.248921] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 24.249276] Read of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.249572] [ 24.249684] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.249733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.249745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.249768] Call Trace: [ 24.249799] <TASK> [ 24.249821] dump_stack_lvl+0x73/0xb0 [ 24.249848] print_report+0xd1/0x650 [ 24.249880] ? __virt_addr_valid+0x1db/0x2d0 [ 24.249902] ? kasan_atomics_helper+0x4b88/0x5450 [ 24.249932] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.249973] ? kasan_atomics_helper+0x4b88/0x5450 [ 24.249993] kasan_report+0x141/0x180 [ 24.250013] ? kasan_atomics_helper+0x4b88/0x5450 [ 24.250037] __asan_report_load4_noabort+0x18/0x20 [ 24.250059] kasan_atomics_helper+0x4b88/0x5450 [ 24.250079] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.250099] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.250123] ? kasan_atomics+0x152/0x310 [ 24.250262] kasan_atomics+0x1dc/0x310 [ 24.250285] ? __pfx_kasan_atomics+0x10/0x10 [ 24.250305] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.250328] ? __pfx_read_tsc+0x10/0x10 [ 24.250350] ? ktime_get_ts64+0x86/0x230 [ 24.250374] kunit_try_run_case+0x1a5/0x480 [ 24.250400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.250422] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.250450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.250474] ? __kthread_parkme+0x82/0x180 [ 24.250493] ? preempt_count_sub+0x50/0x80 [ 24.250527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.250549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.250572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.250594] kthread+0x337/0x6f0 [ 24.250612] ? trace_preempt_on+0x20/0xc0 [ 24.250634] ? __pfx_kthread+0x10/0x10 [ 24.250653] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.250675] ? calculate_sigpending+0x7b/0xa0 [ 24.250697] ? __pfx_kthread+0x10/0x10 [ 24.250718] ret_from_fork+0x116/0x1d0 [ 24.250736] ? __pfx_kthread+0x10/0x10 [ 24.250756] ret_from_fork_asm+0x1a/0x30 [ 24.250785] </TASK> [ 24.250796] [ 24.259994] Allocated by task 294: [ 24.260417] kasan_save_stack+0x45/0x70 [ 24.260652] kasan_save_track+0x18/0x40 [ 24.260882] kasan_save_alloc_info+0x3b/0x50 [ 24.261095] __kasan_kmalloc+0xb7/0xc0 [ 24.261335] __kmalloc_cache_noprof+0x189/0x420 [ 24.261526] kasan_atomics+0x95/0x310 [ 24.261716] kunit_try_run_case+0x1a5/0x480 [ 24.261972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.262279] kthread+0x337/0x6f0 [ 24.262429] ret_from_fork+0x116/0x1d0 [ 24.262617] ret_from_fork_asm+0x1a/0x30 [ 24.262789] [ 24.262891] The buggy address belongs to the object at ffff8881039e9700 [ 24.262891] which belongs to the cache kmalloc-64 of size 64 [ 24.263548] The buggy address is located 0 bytes to the right of [ 24.263548] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.264090] [ 24.264181] The buggy address belongs to the physical page: [ 24.264607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.264963] flags: 0x200000000000000(node=0|zone=2) [ 24.265187] page_type: f5(slab) [ 24.265397] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.265622] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.266120] page dumped because: kasan: bad access detected [ 24.266424] [ 24.266524] Memory state around the buggy address: [ 24.266756] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.267342] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.267604] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.268035] ^ [ 24.268349] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.268670] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.268900] ================================================================== [ 24.858877] ================================================================== [ 24.859264] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 24.859862] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.860369] [ 24.860707] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.860775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.860790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.860812] Call Trace: [ 24.860833] <TASK> [ 24.860852] dump_stack_lvl+0x73/0xb0 [ 24.860881] print_report+0xd1/0x650 [ 24.860902] ? __virt_addr_valid+0x1db/0x2d0 [ 24.860926] ? kasan_atomics_helper+0x1079/0x5450 [ 24.860955] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.860981] ? kasan_atomics_helper+0x1079/0x5450 [ 24.861002] kasan_report+0x141/0x180 [ 24.861023] ? kasan_atomics_helper+0x1079/0x5450 [ 24.861048] kasan_check_range+0x10c/0x1c0 [ 24.861071] __kasan_check_write+0x18/0x20 [ 24.861093] kasan_atomics_helper+0x1079/0x5450 [ 24.861114] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.861145] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.861169] ? kasan_atomics+0x152/0x310 [ 24.861193] kasan_atomics+0x1dc/0x310 [ 24.861215] ? __pfx_kasan_atomics+0x10/0x10 [ 24.861236] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.861259] ? __pfx_read_tsc+0x10/0x10 [ 24.861282] ? ktime_get_ts64+0x86/0x230 [ 24.861307] kunit_try_run_case+0x1a5/0x480 [ 24.861333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.861356] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.861376] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.861402] ? __kthread_parkme+0x82/0x180 [ 24.861422] ? preempt_count_sub+0x50/0x80 [ 24.861446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.861470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.861494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.861518] kthread+0x337/0x6f0 [ 24.861538] ? trace_preempt_on+0x20/0xc0 [ 24.861561] ? __pfx_kthread+0x10/0x10 [ 24.861582] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.861605] ? calculate_sigpending+0x7b/0xa0 [ 24.861629] ? __pfx_kthread+0x10/0x10 [ 24.861650] ret_from_fork+0x116/0x1d0 [ 24.861670] ? __pfx_kthread+0x10/0x10 [ 24.861690] ret_from_fork_asm+0x1a/0x30 [ 24.861721] </TASK> [ 24.861732] [ 24.871618] Allocated by task 294: [ 24.871967] kasan_save_stack+0x45/0x70 [ 24.872144] kasan_save_track+0x18/0x40 [ 24.872466] kasan_save_alloc_info+0x3b/0x50 [ 24.872665] __kasan_kmalloc+0xb7/0xc0 [ 24.872857] __kmalloc_cache_noprof+0x189/0x420 [ 24.873052] kasan_atomics+0x95/0x310 [ 24.873221] kunit_try_run_case+0x1a5/0x480 [ 24.873414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.873626] kthread+0x337/0x6f0 [ 24.873787] ret_from_fork+0x116/0x1d0 [ 24.873934] ret_from_fork_asm+0x1a/0x30 [ 24.874490] [ 24.874580] The buggy address belongs to the object at ffff8881039e9700 [ 24.874580] which belongs to the cache kmalloc-64 of size 64 [ 24.875162] The buggy address is located 0 bytes to the right of [ 24.875162] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.875764] [ 24.876003] The buggy address belongs to the physical page: [ 24.876277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.876715] flags: 0x200000000000000(node=0|zone=2) [ 24.877013] page_type: f5(slab) [ 24.877207] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.877609] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.878001] page dumped because: kasan: bad access detected [ 24.878207] [ 24.878365] Memory state around the buggy address: [ 24.878697] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.879012] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.879328] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.879750] ^ [ 24.880041] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.880307] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.880731] ================================================================== [ 25.099955] ================================================================== [ 25.100416] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 25.100746] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.101036] [ 25.101122] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.101170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.101183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.101206] Call Trace: [ 25.101226] <TASK> [ 25.101244] dump_stack_lvl+0x73/0xb0 [ 25.101270] print_report+0xd1/0x650 [ 25.101291] ? __virt_addr_valid+0x1db/0x2d0 [ 25.101314] ? kasan_atomics_helper+0x151d/0x5450 [ 25.101335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.101361] ? kasan_atomics_helper+0x151d/0x5450 [ 25.101382] kasan_report+0x141/0x180 [ 25.101404] ? kasan_atomics_helper+0x151d/0x5450 [ 25.101429] kasan_check_range+0x10c/0x1c0 [ 25.101452] __kasan_check_write+0x18/0x20 [ 25.101474] kasan_atomics_helper+0x151d/0x5450 [ 25.101496] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.101518] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.101543] ? kasan_atomics+0x152/0x310 [ 25.101568] kasan_atomics+0x1dc/0x310 [ 25.101590] ? __pfx_kasan_atomics+0x10/0x10 [ 25.101611] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.101635] ? __pfx_read_tsc+0x10/0x10 [ 25.101656] ? ktime_get_ts64+0x86/0x230 [ 25.101680] kunit_try_run_case+0x1a5/0x480 [ 25.101706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.101728] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.101749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.101776] ? __kthread_parkme+0x82/0x180 [ 25.101795] ? preempt_count_sub+0x50/0x80 [ 25.101818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.101842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.101865] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.101889] kthread+0x337/0x6f0 [ 25.101908] ? trace_preempt_on+0x20/0xc0 [ 25.101931] ? __pfx_kthread+0x10/0x10 [ 25.101961] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.101985] ? calculate_sigpending+0x7b/0xa0 [ 25.102022] ? __pfx_kthread+0x10/0x10 [ 25.102042] ret_from_fork+0x116/0x1d0 [ 25.102062] ? __pfx_kthread+0x10/0x10 [ 25.102082] ret_from_fork_asm+0x1a/0x30 [ 25.102112] </TASK> [ 25.102123] [ 25.109741] Allocated by task 294: [ 25.109884] kasan_save_stack+0x45/0x70 [ 25.110063] kasan_save_track+0x18/0x40 [ 25.110336] kasan_save_alloc_info+0x3b/0x50 [ 25.110507] __kasan_kmalloc+0xb7/0xc0 [ 25.110656] __kmalloc_cache_noprof+0x189/0x420 [ 25.110839] kasan_atomics+0x95/0x310 [ 25.110972] kunit_try_run_case+0x1a5/0x480 [ 25.111184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.111442] kthread+0x337/0x6f0 [ 25.111603] ret_from_fork+0x116/0x1d0 [ 25.111782] ret_from_fork_asm+0x1a/0x30 [ 25.111930] [ 25.112004] The buggy address belongs to the object at ffff8881039e9700 [ 25.112004] which belongs to the cache kmalloc-64 of size 64 [ 25.112584] The buggy address is located 0 bytes to the right of [ 25.112584] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.112933] [ 25.113034] The buggy address belongs to the physical page: [ 25.113480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.113829] flags: 0x200000000000000(node=0|zone=2) [ 25.114029] page_type: f5(slab) [ 25.114200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.114484] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.114749] page dumped because: kasan: bad access detected [ 25.114911] [ 25.115004] Memory state around the buggy address: [ 25.115224] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.115802] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.116054] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.116403] ^ [ 25.116556] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.116765] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.116979] ================================================================== [ 25.560052] ================================================================== [ 25.560425] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 25.560760] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.561152] [ 25.561244] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.561296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.561309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.561332] Call Trace: [ 25.561354] <TASK> [ 25.561376] dump_stack_lvl+0x73/0xb0 [ 25.561405] print_report+0xd1/0x650 [ 25.561428] ? __virt_addr_valid+0x1db/0x2d0 [ 25.561451] ? kasan_atomics_helper+0x218a/0x5450 [ 25.561484] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.561510] ? kasan_atomics_helper+0x218a/0x5450 [ 25.561531] kasan_report+0x141/0x180 [ 25.561564] ? kasan_atomics_helper+0x218a/0x5450 [ 25.561591] kasan_check_range+0x10c/0x1c0 [ 25.561614] __kasan_check_write+0x18/0x20 [ 25.561637] kasan_atomics_helper+0x218a/0x5450 [ 25.561668] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.561690] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.561714] ? kasan_atomics+0x152/0x310 [ 25.561750] kasan_atomics+0x1dc/0x310 [ 25.561772] ? __pfx_kasan_atomics+0x10/0x10 [ 25.561793] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.561817] ? __pfx_read_tsc+0x10/0x10 [ 25.561840] ? ktime_get_ts64+0x86/0x230 [ 25.561865] kunit_try_run_case+0x1a5/0x480 [ 25.561893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.561916] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.561947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.561973] ? __kthread_parkme+0x82/0x180 [ 25.561994] ? preempt_count_sub+0x50/0x80 [ 25.562018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.562050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.562074] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.562126] kthread+0x337/0x6f0 [ 25.562146] ? trace_preempt_on+0x20/0xc0 [ 25.562170] ? __pfx_kthread+0x10/0x10 [ 25.562191] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.562214] ? calculate_sigpending+0x7b/0xa0 [ 25.562238] ? __pfx_kthread+0x10/0x10 [ 25.562259] ret_from_fork+0x116/0x1d0 [ 25.562278] ? __pfx_kthread+0x10/0x10 [ 25.562298] ret_from_fork_asm+0x1a/0x30 [ 25.562329] </TASK> [ 25.562341] [ 25.569737] Allocated by task 294: [ 25.569942] kasan_save_stack+0x45/0x70 [ 25.570181] kasan_save_track+0x18/0x40 [ 25.570362] kasan_save_alloc_info+0x3b/0x50 [ 25.570552] __kasan_kmalloc+0xb7/0xc0 [ 25.570719] __kmalloc_cache_noprof+0x189/0x420 [ 25.570943] kasan_atomics+0x95/0x310 [ 25.571161] kunit_try_run_case+0x1a5/0x480 [ 25.571304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.571571] kthread+0x337/0x6f0 [ 25.571716] ret_from_fork+0x116/0x1d0 [ 25.571870] ret_from_fork_asm+0x1a/0x30 [ 25.572069] [ 25.572156] The buggy address belongs to the object at ffff8881039e9700 [ 25.572156] which belongs to the cache kmalloc-64 of size 64 [ 25.572663] The buggy address is located 0 bytes to the right of [ 25.572663] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.573200] [ 25.573293] The buggy address belongs to the physical page: [ 25.573528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.573766] flags: 0x200000000000000(node=0|zone=2) [ 25.573925] page_type: f5(slab) [ 25.574097] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.574430] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.574751] page dumped because: kasan: bad access detected [ 25.574919] [ 25.575015] Memory state around the buggy address: [ 25.575286] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.575603] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.575893] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.576215] ^ [ 25.576432] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.576741] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.577041] ================================================================== [ 25.513980] ================================================================== [ 25.514389] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 25.514619] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.514859] [ 25.514972] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.515021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.515034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.515057] Call Trace: [ 25.515077] <TASK> [ 25.515096] dump_stack_lvl+0x73/0xb0 [ 25.515159] print_report+0xd1/0x650 [ 25.515181] ? __virt_addr_valid+0x1db/0x2d0 [ 25.515204] ? kasan_atomics_helper+0x20c8/0x5450 [ 25.515237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.515263] ? kasan_atomics_helper+0x20c8/0x5450 [ 25.515284] kasan_report+0x141/0x180 [ 25.515306] ? kasan_atomics_helper+0x20c8/0x5450 [ 25.515331] kasan_check_range+0x10c/0x1c0 [ 25.515353] __kasan_check_write+0x18/0x20 [ 25.515376] kasan_atomics_helper+0x20c8/0x5450 [ 25.515398] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.515421] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.515447] ? kasan_atomics+0x152/0x310 [ 25.515472] kasan_atomics+0x1dc/0x310 [ 25.515494] ? __pfx_kasan_atomics+0x10/0x10 [ 25.515516] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.515539] ? __pfx_read_tsc+0x10/0x10 [ 25.515561] ? ktime_get_ts64+0x86/0x230 [ 25.515587] kunit_try_run_case+0x1a5/0x480 [ 25.515613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.515636] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.515657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.515683] ? __kthread_parkme+0x82/0x180 [ 25.515704] ? preempt_count_sub+0x50/0x80 [ 25.515727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.515751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.515775] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.515799] kthread+0x337/0x6f0 [ 25.515819] ? trace_preempt_on+0x20/0xc0 [ 25.515842] ? __pfx_kthread+0x10/0x10 [ 25.515863] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.515886] ? calculate_sigpending+0x7b/0xa0 [ 25.515910] ? __pfx_kthread+0x10/0x10 [ 25.515932] ret_from_fork+0x116/0x1d0 [ 25.515959] ? __pfx_kthread+0x10/0x10 [ 25.515980] ret_from_fork_asm+0x1a/0x30 [ 25.516011] </TASK> [ 25.516023] [ 25.523675] Allocated by task 294: [ 25.523835] kasan_save_stack+0x45/0x70 [ 25.524037] kasan_save_track+0x18/0x40 [ 25.524237] kasan_save_alloc_info+0x3b/0x50 [ 25.524438] __kasan_kmalloc+0xb7/0xc0 [ 25.524613] __kmalloc_cache_noprof+0x189/0x420 [ 25.524814] kasan_atomics+0x95/0x310 [ 25.524995] kunit_try_run_case+0x1a5/0x480 [ 25.525219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.525456] kthread+0x337/0x6f0 [ 25.525623] ret_from_fork+0x116/0x1d0 [ 25.525798] ret_from_fork_asm+0x1a/0x30 [ 25.525986] [ 25.526080] The buggy address belongs to the object at ffff8881039e9700 [ 25.526080] which belongs to the cache kmalloc-64 of size 64 [ 25.526518] The buggy address is located 0 bytes to the right of [ 25.526518] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.526874] [ 25.526948] The buggy address belongs to the physical page: [ 25.527214] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.527577] flags: 0x200000000000000(node=0|zone=2) [ 25.527801] page_type: f5(slab) [ 25.527970] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.528321] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.528636] page dumped because: kasan: bad access detected [ 25.528813] [ 25.528876] Memory state around the buggy address: [ 25.529033] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.529309] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.529649] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.529960] ^ [ 25.530197] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.530514] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.530807] ================================================================== [ 25.135160] ================================================================== [ 25.135489] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 25.135809] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.136149] [ 25.136265] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.136313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.137671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.137716] Call Trace: [ 25.137741] <TASK> [ 25.137763] dump_stack_lvl+0x73/0xb0 [ 25.137795] print_report+0xd1/0x650 [ 25.137828] ? __virt_addr_valid+0x1db/0x2d0 [ 25.137852] ? kasan_atomics_helper+0x164f/0x5450 [ 25.137874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.137900] ? kasan_atomics_helper+0x164f/0x5450 [ 25.137921] kasan_report+0x141/0x180 [ 25.137951] ? kasan_atomics_helper+0x164f/0x5450 [ 25.137976] kasan_check_range+0x10c/0x1c0 [ 25.138000] __kasan_check_write+0x18/0x20 [ 25.138022] kasan_atomics_helper+0x164f/0x5450 [ 25.138044] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.138065] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.138089] ? kasan_atomics+0x152/0x310 [ 25.138115] kasan_atomics+0x1dc/0x310 [ 25.138149] ? __pfx_kasan_atomics+0x10/0x10 [ 25.138170] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.138194] ? __pfx_read_tsc+0x10/0x10 [ 25.138217] ? ktime_get_ts64+0x86/0x230 [ 25.138243] kunit_try_run_case+0x1a5/0x480 [ 25.138272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.138295] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.138316] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.138341] ? __kthread_parkme+0x82/0x180 [ 25.138362] ? preempt_count_sub+0x50/0x80 [ 25.138386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.138410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.138434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.138457] kthread+0x337/0x6f0 [ 25.138477] ? trace_preempt_on+0x20/0xc0 [ 25.138500] ? __pfx_kthread+0x10/0x10 [ 25.138522] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.138545] ? calculate_sigpending+0x7b/0xa0 [ 25.138568] ? __pfx_kthread+0x10/0x10 [ 25.138590] ret_from_fork+0x116/0x1d0 [ 25.138608] ? __pfx_kthread+0x10/0x10 [ 25.138629] ret_from_fork_asm+0x1a/0x30 [ 25.138659] </TASK> [ 25.138671] [ 25.147455] Allocated by task 294: [ 25.147654] kasan_save_stack+0x45/0x70 [ 25.147845] kasan_save_track+0x18/0x40 [ 25.148026] kasan_save_alloc_info+0x3b/0x50 [ 25.148527] __kasan_kmalloc+0xb7/0xc0 [ 25.148827] __kmalloc_cache_noprof+0x189/0x420 [ 25.149114] kasan_atomics+0x95/0x310 [ 25.149394] kunit_try_run_case+0x1a5/0x480 [ 25.149769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.150121] kthread+0x337/0x6f0 [ 25.150289] ret_from_fork+0x116/0x1d0 [ 25.150463] ret_from_fork_asm+0x1a/0x30 [ 25.150647] [ 25.150740] The buggy address belongs to the object at ffff8881039e9700 [ 25.150740] which belongs to the cache kmalloc-64 of size 64 [ 25.151688] The buggy address is located 0 bytes to the right of [ 25.151688] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.152570] [ 25.152676] The buggy address belongs to the physical page: [ 25.153063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.153597] flags: 0x200000000000000(node=0|zone=2) [ 25.153935] page_type: f5(slab) [ 25.154115] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.154568] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.154867] page dumped because: kasan: bad access detected [ 25.155096] [ 25.155377] Memory state around the buggy address: [ 25.155710] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.156266] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.156747] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.157058] ^ [ 25.157528] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.158030] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.158551] ================================================================== [ 24.487829] ================================================================== [ 24.488161] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 24.488510] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.489725] [ 24.489961] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.490077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.490093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.490134] Call Trace: [ 24.490155] <TASK> [ 24.490174] dump_stack_lvl+0x73/0xb0 [ 24.490202] print_report+0xd1/0x650 [ 24.490224] ? __virt_addr_valid+0x1db/0x2d0 [ 24.490247] ? kasan_atomics_helper+0x7c7/0x5450 [ 24.490268] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.490294] ? kasan_atomics_helper+0x7c7/0x5450 [ 24.490315] kasan_report+0x141/0x180 [ 24.490336] ? kasan_atomics_helper+0x7c7/0x5450 [ 24.490361] kasan_check_range+0x10c/0x1c0 [ 24.490384] __kasan_check_write+0x18/0x20 [ 24.490407] kasan_atomics_helper+0x7c7/0x5450 [ 24.490429] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.490451] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.490476] ? kasan_atomics+0x152/0x310 [ 24.490501] kasan_atomics+0x1dc/0x310 [ 24.490523] ? __pfx_kasan_atomics+0x10/0x10 [ 24.490545] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.490568] ? __pfx_read_tsc+0x10/0x10 [ 24.490590] ? ktime_get_ts64+0x86/0x230 [ 24.490616] kunit_try_run_case+0x1a5/0x480 [ 24.490644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.490666] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.490688] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.490714] ? __kthread_parkme+0x82/0x180 [ 24.490735] ? preempt_count_sub+0x50/0x80 [ 24.490758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.490783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.490889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.490921] kthread+0x337/0x6f0 [ 24.490954] ? trace_preempt_on+0x20/0xc0 [ 24.490979] ? __pfx_kthread+0x10/0x10 [ 24.491000] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.491024] ? calculate_sigpending+0x7b/0xa0 [ 24.491047] ? __pfx_kthread+0x10/0x10 [ 24.491068] ret_from_fork+0x116/0x1d0 [ 24.491087] ? __pfx_kthread+0x10/0x10 [ 24.491108] ret_from_fork_asm+0x1a/0x30 [ 24.491138] </TASK> [ 24.491149] [ 24.501807] Allocated by task 294: [ 24.501961] kasan_save_stack+0x45/0x70 [ 24.502471] kasan_save_track+0x18/0x40 [ 24.502645] kasan_save_alloc_info+0x3b/0x50 [ 24.503003] __kasan_kmalloc+0xb7/0xc0 [ 24.503209] __kmalloc_cache_noprof+0x189/0x420 [ 24.503521] kasan_atomics+0x95/0x310 [ 24.503664] kunit_try_run_case+0x1a5/0x480 [ 24.504025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.504391] kthread+0x337/0x6f0 [ 24.504636] ret_from_fork+0x116/0x1d0 [ 24.504809] ret_from_fork_asm+0x1a/0x30 [ 24.505110] [ 24.505186] The buggy address belongs to the object at ffff8881039e9700 [ 24.505186] which belongs to the cache kmalloc-64 of size 64 [ 24.505873] The buggy address is located 0 bytes to the right of [ 24.505873] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.506786] [ 24.506973] The buggy address belongs to the physical page: [ 24.507242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.507630] flags: 0x200000000000000(node=0|zone=2) [ 24.508024] page_type: f5(slab) [ 24.508351] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.508736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.509095] page dumped because: kasan: bad access detected [ 24.509301] [ 24.509379] Memory state around the buggy address: [ 24.509691] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.510012] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.510569] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.510904] ^ [ 24.511132] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.511529] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.511947] ================================================================== [ 25.023000] ================================================================== [ 25.023696] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 25.024032] Read of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.024379] [ 25.024486] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.024534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.024547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.024569] Call Trace: [ 25.024589] <TASK> [ 25.024608] dump_stack_lvl+0x73/0xb0 [ 25.024635] print_report+0xd1/0x650 [ 25.024656] ? __virt_addr_valid+0x1db/0x2d0 [ 25.024679] ? kasan_atomics_helper+0x13b5/0x5450 [ 25.024699] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.024724] ? kasan_atomics_helper+0x13b5/0x5450 [ 25.024745] kasan_report+0x141/0x180 [ 25.024767] ? kasan_atomics_helper+0x13b5/0x5450 [ 25.024792] kasan_check_range+0x10c/0x1c0 [ 25.024815] __kasan_check_read+0x15/0x20 [ 25.024837] kasan_atomics_helper+0x13b5/0x5450 [ 25.024860] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.024882] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.024906] ? kasan_atomics+0x152/0x310 [ 25.024931] kasan_atomics+0x1dc/0x310 [ 25.024963] ? __pfx_kasan_atomics+0x10/0x10 [ 25.024985] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.025008] ? __pfx_read_tsc+0x10/0x10 [ 25.025031] ? ktime_get_ts64+0x86/0x230 [ 25.025055] kunit_try_run_case+0x1a5/0x480 [ 25.025081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.025104] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.025124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.025149] ? __kthread_parkme+0x82/0x180 [ 25.025170] ? preempt_count_sub+0x50/0x80 [ 25.025193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.025217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.025241] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.025264] kthread+0x337/0x6f0 [ 25.025298] ? trace_preempt_on+0x20/0xc0 [ 25.025321] ? __pfx_kthread+0x10/0x10 [ 25.025342] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.025364] ? calculate_sigpending+0x7b/0xa0 [ 25.025388] ? __pfx_kthread+0x10/0x10 [ 25.025409] ret_from_fork+0x116/0x1d0 [ 25.025428] ? __pfx_kthread+0x10/0x10 [ 25.025448] ret_from_fork_asm+0x1a/0x30 [ 25.025478] </TASK> [ 25.025489] [ 25.033623] Allocated by task 294: [ 25.033746] kasan_save_stack+0x45/0x70 [ 25.033882] kasan_save_track+0x18/0x40 [ 25.034018] kasan_save_alloc_info+0x3b/0x50 [ 25.034159] __kasan_kmalloc+0xb7/0xc0 [ 25.034345] __kmalloc_cache_noprof+0x189/0x420 [ 25.034787] kasan_atomics+0x95/0x310 [ 25.034974] kunit_try_run_case+0x1a5/0x480 [ 25.035171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.035478] kthread+0x337/0x6f0 [ 25.035637] ret_from_fork+0x116/0x1d0 [ 25.035812] ret_from_fork_asm+0x1a/0x30 [ 25.036008] [ 25.036097] The buggy address belongs to the object at ffff8881039e9700 [ 25.036097] which belongs to the cache kmalloc-64 of size 64 [ 25.036601] The buggy address is located 0 bytes to the right of [ 25.036601] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.036965] [ 25.037032] The buggy address belongs to the physical page: [ 25.037392] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.037739] flags: 0x200000000000000(node=0|zone=2) [ 25.038003] page_type: f5(slab) [ 25.038195] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.038540] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.038841] page dumped because: kasan: bad access detected [ 25.039016] [ 25.039080] Memory state around the buggy address: [ 25.039518] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.039827] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.040072] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.040579] ^ [ 25.040751] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.040968] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.041173] ================================================================== [ 25.184088] ================================================================== [ 25.184442] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 25.184789] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.185638] [ 25.185740] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.185795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.185811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.185835] Call Trace: [ 25.185858] <TASK> [ 25.185881] dump_stack_lvl+0x73/0xb0 [ 25.185911] print_report+0xd1/0x650 [ 25.185934] ? __virt_addr_valid+0x1db/0x2d0 [ 25.185972] ? kasan_atomics_helper+0x177f/0x5450 [ 25.185994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.186022] ? kasan_atomics_helper+0x177f/0x5450 [ 25.186043] kasan_report+0x141/0x180 [ 25.186064] ? kasan_atomics_helper+0x177f/0x5450 [ 25.186090] kasan_check_range+0x10c/0x1c0 [ 25.186119] __kasan_check_write+0x18/0x20 [ 25.186142] kasan_atomics_helper+0x177f/0x5450 [ 25.186163] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.186185] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.186210] ? kasan_atomics+0x152/0x310 [ 25.186235] kasan_atomics+0x1dc/0x310 [ 25.186257] ? __pfx_kasan_atomics+0x10/0x10 [ 25.186278] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.186302] ? __pfx_read_tsc+0x10/0x10 [ 25.186324] ? ktime_get_ts64+0x86/0x230 [ 25.186349] kunit_try_run_case+0x1a5/0x480 [ 25.186388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.186411] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.186432] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.186467] ? __kthread_parkme+0x82/0x180 [ 25.186488] ? preempt_count_sub+0x50/0x80 [ 25.186512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.186536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.186559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.186583] kthread+0x337/0x6f0 [ 25.186602] ? trace_preempt_on+0x20/0xc0 [ 25.186626] ? __pfx_kthread+0x10/0x10 [ 25.186646] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.186670] ? calculate_sigpending+0x7b/0xa0 [ 25.186694] ? __pfx_kthread+0x10/0x10 [ 25.186715] ret_from_fork+0x116/0x1d0 [ 25.186734] ? __pfx_kthread+0x10/0x10 [ 25.186754] ret_from_fork_asm+0x1a/0x30 [ 25.186785] </TASK> [ 25.186797] [ 25.194800] Allocated by task 294: [ 25.194986] kasan_save_stack+0x45/0x70 [ 25.195213] kasan_save_track+0x18/0x40 [ 25.195420] kasan_save_alloc_info+0x3b/0x50 [ 25.195625] __kasan_kmalloc+0xb7/0xc0 [ 25.195788] __kmalloc_cache_noprof+0x189/0x420 [ 25.196031] kasan_atomics+0x95/0x310 [ 25.196252] kunit_try_run_case+0x1a5/0x480 [ 25.196509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.196773] kthread+0x337/0x6f0 [ 25.196931] ret_from_fork+0x116/0x1d0 [ 25.197143] ret_from_fork_asm+0x1a/0x30 [ 25.197329] [ 25.197418] The buggy address belongs to the object at ffff8881039e9700 [ 25.197418] which belongs to the cache kmalloc-64 of size 64 [ 25.197848] The buggy address is located 0 bytes to the right of [ 25.197848] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.198801] [ 25.198916] The buggy address belongs to the physical page: [ 25.199673] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.200493] flags: 0x200000000000000(node=0|zone=2) [ 25.200873] page_type: f5(slab) [ 25.201052] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.201914] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.202590] page dumped because: kasan: bad access detected [ 25.203064] [ 25.203341] Memory state around the buggy address: [ 25.203694] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.204427] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.204823] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.205112] ^ [ 25.205621] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.206230] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.206534] ================================================================== [ 25.478957] ================================================================== [ 25.479351] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 25.479630] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.479943] [ 25.480062] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.480155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.480169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.480191] Call Trace: [ 25.480212] <TASK> [ 25.480232] dump_stack_lvl+0x73/0xb0 [ 25.480260] print_report+0xd1/0x650 [ 25.480282] ? __virt_addr_valid+0x1db/0x2d0 [ 25.480307] ? kasan_atomics_helper+0x2006/0x5450 [ 25.480334] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.480361] ? kasan_atomics_helper+0x2006/0x5450 [ 25.480382] kasan_report+0x141/0x180 [ 25.480404] ? kasan_atomics_helper+0x2006/0x5450 [ 25.480428] kasan_check_range+0x10c/0x1c0 [ 25.480462] __kasan_check_write+0x18/0x20 [ 25.480484] kasan_atomics_helper+0x2006/0x5450 [ 25.480506] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.480527] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.480563] ? kasan_atomics+0x152/0x310 [ 25.480588] kasan_atomics+0x1dc/0x310 [ 25.480610] ? __pfx_kasan_atomics+0x10/0x10 [ 25.480640] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.480664] ? __pfx_read_tsc+0x10/0x10 [ 25.480686] ? ktime_get_ts64+0x86/0x230 [ 25.480722] kunit_try_run_case+0x1a5/0x480 [ 25.480749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.480772] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.480801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.480826] ? __kthread_parkme+0x82/0x180 [ 25.480849] ? preempt_count_sub+0x50/0x80 [ 25.480882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.480907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.480930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.480963] kthread+0x337/0x6f0 [ 25.480992] ? trace_preempt_on+0x20/0xc0 [ 25.481015] ? __pfx_kthread+0x10/0x10 [ 25.481035] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.481069] ? calculate_sigpending+0x7b/0xa0 [ 25.481093] ? __pfx_kthread+0x10/0x10 [ 25.481131] ret_from_fork+0x116/0x1d0 [ 25.481160] ? __pfx_kthread+0x10/0x10 [ 25.481180] ret_from_fork_asm+0x1a/0x30 [ 25.481210] </TASK> [ 25.481233] [ 25.488734] Allocated by task 294: [ 25.488928] kasan_save_stack+0x45/0x70 [ 25.489153] kasan_save_track+0x18/0x40 [ 25.489315] kasan_save_alloc_info+0x3b/0x50 [ 25.489455] __kasan_kmalloc+0xb7/0xc0 [ 25.489578] __kmalloc_cache_noprof+0x189/0x420 [ 25.489724] kasan_atomics+0x95/0x310 [ 25.489848] kunit_try_run_case+0x1a5/0x480 [ 25.490048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.490325] kthread+0x337/0x6f0 [ 25.490485] ret_from_fork+0x116/0x1d0 [ 25.490660] ret_from_fork_asm+0x1a/0x30 [ 25.490847] [ 25.490944] The buggy address belongs to the object at ffff8881039e9700 [ 25.490944] which belongs to the cache kmalloc-64 of size 64 [ 25.491395] The buggy address is located 0 bytes to the right of [ 25.491395] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.491748] [ 25.491831] The buggy address belongs to the physical page: [ 25.492088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.492485] flags: 0x200000000000000(node=0|zone=2) [ 25.492738] page_type: f5(slab) [ 25.492932] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.493295] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.493575] page dumped because: kasan: bad access detected [ 25.493819] [ 25.493895] Memory state around the buggy address: [ 25.494104] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.494435] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.494725] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.495007] ^ [ 25.495222] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.495505] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.495820] ================================================================== [ 24.587514] ================================================================== [ 24.587739] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 24.588535] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.589250] [ 24.589433] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.589485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.589499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.589522] Call Trace: [ 24.589547] <TASK> [ 24.589570] dump_stack_lvl+0x73/0xb0 [ 24.589601] print_report+0xd1/0x650 [ 24.589623] ? __virt_addr_valid+0x1db/0x2d0 [ 24.589665] ? kasan_atomics_helper+0xa2b/0x5450 [ 24.589686] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.589711] ? kasan_atomics_helper+0xa2b/0x5450 [ 24.589732] kasan_report+0x141/0x180 [ 24.589753] ? kasan_atomics_helper+0xa2b/0x5450 [ 24.589815] kasan_check_range+0x10c/0x1c0 [ 24.589850] __kasan_check_write+0x18/0x20 [ 24.589884] kasan_atomics_helper+0xa2b/0x5450 [ 24.589906] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.589927] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.589962] ? kasan_atomics+0x152/0x310 [ 24.589987] kasan_atomics+0x1dc/0x310 [ 24.590009] ? __pfx_kasan_atomics+0x10/0x10 [ 24.590030] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.590053] ? __pfx_read_tsc+0x10/0x10 [ 24.590076] ? ktime_get_ts64+0x86/0x230 [ 24.590120] kunit_try_run_case+0x1a5/0x480 [ 24.590155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.590194] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.590214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.590239] ? __kthread_parkme+0x82/0x180 [ 24.590260] ? preempt_count_sub+0x50/0x80 [ 24.590284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.590308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.590332] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.590355] kthread+0x337/0x6f0 [ 24.590375] ? trace_preempt_on+0x20/0xc0 [ 24.590401] ? __pfx_kthread+0x10/0x10 [ 24.590422] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.590445] ? calculate_sigpending+0x7b/0xa0 [ 24.590469] ? __pfx_kthread+0x10/0x10 [ 24.590490] ret_from_fork+0x116/0x1d0 [ 24.590509] ? __pfx_kthread+0x10/0x10 [ 24.590530] ret_from_fork_asm+0x1a/0x30 [ 24.590560] </TASK> [ 24.590572] [ 24.604845] Allocated by task 294: [ 24.605824] kasan_save_stack+0x45/0x70 [ 24.606057] kasan_save_track+0x18/0x40 [ 24.606208] kasan_save_alloc_info+0x3b/0x50 [ 24.606352] __kasan_kmalloc+0xb7/0xc0 [ 24.606478] __kmalloc_cache_noprof+0x189/0x420 [ 24.606625] kasan_atomics+0x95/0x310 [ 24.606751] kunit_try_run_case+0x1a5/0x480 [ 24.606891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.607456] kthread+0x337/0x6f0 [ 24.607768] ret_from_fork+0x116/0x1d0 [ 24.608237] ret_from_fork_asm+0x1a/0x30 [ 24.608583] [ 24.608655] The buggy address belongs to the object at ffff8881039e9700 [ 24.608655] which belongs to the cache kmalloc-64 of size 64 [ 24.610163] The buggy address is located 0 bytes to the right of [ 24.610163] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.611624] [ 24.611734] The buggy address belongs to the physical page: [ 24.612237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.612770] flags: 0x200000000000000(node=0|zone=2) [ 24.613337] page_type: f5(slab) [ 24.613661] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.614251] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.614777] page dumped because: kasan: bad access detected [ 24.614975] [ 24.615044] Memory state around the buggy address: [ 24.615455] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.615717] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.616508] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.617044] ^ [ 24.617471] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.617969] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.618627] ================================================================== [ 25.531610] ================================================================== [ 25.532136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 25.532755] Read of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.533036] [ 25.533276] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.533327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.533340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.533363] Call Trace: [ 25.533384] <TASK> [ 25.533403] dump_stack_lvl+0x73/0xb0 [ 25.533430] print_report+0xd1/0x650 [ 25.533452] ? __virt_addr_valid+0x1db/0x2d0 [ 25.533475] ? kasan_atomics_helper+0x4fb2/0x5450 [ 25.533496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.533522] ? kasan_atomics_helper+0x4fb2/0x5450 [ 25.533543] kasan_report+0x141/0x180 [ 25.533564] ? kasan_atomics_helper+0x4fb2/0x5450 [ 25.533589] __asan_report_load8_noabort+0x18/0x20 [ 25.533613] kasan_atomics_helper+0x4fb2/0x5450 [ 25.533635] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.533657] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.533682] ? kasan_atomics+0x152/0x310 [ 25.533708] kasan_atomics+0x1dc/0x310 [ 25.533730] ? __pfx_kasan_atomics+0x10/0x10 [ 25.533751] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.533774] ? __pfx_read_tsc+0x10/0x10 [ 25.533796] ? ktime_get_ts64+0x86/0x230 [ 25.533820] kunit_try_run_case+0x1a5/0x480 [ 25.533848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.533870] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.533891] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.533916] ? __kthread_parkme+0x82/0x180 [ 25.533948] ? preempt_count_sub+0x50/0x80 [ 25.533972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.533996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.534019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.534044] kthread+0x337/0x6f0 [ 25.534062] ? trace_preempt_on+0x20/0xc0 [ 25.534085] ? __pfx_kthread+0x10/0x10 [ 25.534112] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.534135] ? calculate_sigpending+0x7b/0xa0 [ 25.534159] ? __pfx_kthread+0x10/0x10 [ 25.534180] ret_from_fork+0x116/0x1d0 [ 25.534199] ? __pfx_kthread+0x10/0x10 [ 25.534219] ret_from_fork_asm+0x1a/0x30 [ 25.534250] </TASK> [ 25.534262] [ 25.547455] Allocated by task 294: [ 25.547832] kasan_save_stack+0x45/0x70 [ 25.548236] kasan_save_track+0x18/0x40 [ 25.548599] kasan_save_alloc_info+0x3b/0x50 [ 25.548991] __kasan_kmalloc+0xb7/0xc0 [ 25.549353] __kmalloc_cache_noprof+0x189/0x420 [ 25.549763] kasan_atomics+0x95/0x310 [ 25.550138] kunit_try_run_case+0x1a5/0x480 [ 25.550520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.550947] kthread+0x337/0x6f0 [ 25.551063] ret_from_fork+0x116/0x1d0 [ 25.551414] ret_from_fork_asm+0x1a/0x30 [ 25.551783] [ 25.551952] The buggy address belongs to the object at ffff8881039e9700 [ 25.551952] which belongs to the cache kmalloc-64 of size 64 [ 25.552700] The buggy address is located 0 bytes to the right of [ 25.552700] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.553822] [ 25.553987] The buggy address belongs to the physical page: [ 25.554445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.555025] flags: 0x200000000000000(node=0|zone=2) [ 25.555430] page_type: f5(slab) [ 25.555554] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.556057] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.556724] page dumped because: kasan: bad access detected [ 25.557070] [ 25.557209] Memory state around the buggy address: [ 25.557662] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.558176] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.558390] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.558604] ^ [ 25.558754] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.558982] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.559245] ================================================================== [ 25.614920] ================================================================== [ 25.615287] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 25.615639] Read of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.615969] [ 25.616056] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.616126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.616140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.616162] Call Trace: [ 25.616183] <TASK> [ 25.616204] dump_stack_lvl+0x73/0xb0 [ 25.616230] print_report+0xd1/0x650 [ 25.616253] ? __virt_addr_valid+0x1db/0x2d0 [ 25.616277] ? kasan_atomics_helper+0x5115/0x5450 [ 25.616298] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.616324] ? kasan_atomics_helper+0x5115/0x5450 [ 25.616349] kasan_report+0x141/0x180 [ 25.616371] ? kasan_atomics_helper+0x5115/0x5450 [ 25.616396] __asan_report_load8_noabort+0x18/0x20 [ 25.616430] kasan_atomics_helper+0x5115/0x5450 [ 25.616452] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.616474] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.616518] ? kasan_atomics+0x152/0x310 [ 25.616543] kasan_atomics+0x1dc/0x310 [ 25.616566] ? __pfx_kasan_atomics+0x10/0x10 [ 25.616597] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.616621] ? __pfx_read_tsc+0x10/0x10 [ 25.616643] ? ktime_get_ts64+0x86/0x230 [ 25.616668] kunit_try_run_case+0x1a5/0x480 [ 25.616695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.616727] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.616747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.616773] ? __kthread_parkme+0x82/0x180 [ 25.616804] ? preempt_count_sub+0x50/0x80 [ 25.616827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.616851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.616875] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.616899] kthread+0x337/0x6f0 [ 25.616918] ? trace_preempt_on+0x20/0xc0 [ 25.616951] ? __pfx_kthread+0x10/0x10 [ 25.616971] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.616995] ? calculate_sigpending+0x7b/0xa0 [ 25.617019] ? __pfx_kthread+0x10/0x10 [ 25.617040] ret_from_fork+0x116/0x1d0 [ 25.617059] ? __pfx_kthread+0x10/0x10 [ 25.617079] ret_from_fork_asm+0x1a/0x30 [ 25.617135] </TASK> [ 25.617147] [ 25.624640] Allocated by task 294: [ 25.624777] kasan_save_stack+0x45/0x70 [ 25.624934] kasan_save_track+0x18/0x40 [ 25.625547] kasan_save_alloc_info+0x3b/0x50 [ 25.625740] __kasan_kmalloc+0xb7/0xc0 [ 25.625901] __kmalloc_cache_noprof+0x189/0x420 [ 25.626084] kasan_atomics+0x95/0x310 [ 25.626262] kunit_try_run_case+0x1a5/0x480 [ 25.626446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.626663] kthread+0x337/0x6f0 [ 25.626815] ret_from_fork+0x116/0x1d0 [ 25.627634] ret_from_fork_asm+0x1a/0x30 [ 25.627826] [ 25.627899] The buggy address belongs to the object at ffff8881039e9700 [ 25.627899] which belongs to the cache kmalloc-64 of size 64 [ 25.628839] The buggy address is located 0 bytes to the right of [ 25.628839] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.629585] [ 25.629682] The buggy address belongs to the physical page: [ 25.629910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.630187] flags: 0x200000000000000(node=0|zone=2) [ 25.630439] page_type: f5(slab) [ 25.630588] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.630918] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.631204] page dumped because: kasan: bad access detected [ 25.631471] [ 25.631577] Memory state around the buggy address: [ 25.631810] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.632089] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.632441] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.632716] ^ [ 25.632888] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.633225] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.633479] ================================================================== [ 24.619584] ================================================================== [ 24.620436] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 24.621182] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.621661] [ 24.621790] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.621951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.621967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.621991] Call Trace: [ 24.622012] <TASK> [ 24.622063] dump_stack_lvl+0x73/0xb0 [ 24.622095] print_report+0xd1/0x650 [ 24.622135] ? __virt_addr_valid+0x1db/0x2d0 [ 24.622158] ? kasan_atomics_helper+0xac7/0x5450 [ 24.622180] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.622205] ? kasan_atomics_helper+0xac7/0x5450 [ 24.622226] kasan_report+0x141/0x180 [ 24.622248] ? kasan_atomics_helper+0xac7/0x5450 [ 24.622273] kasan_check_range+0x10c/0x1c0 [ 24.622297] __kasan_check_write+0x18/0x20 [ 24.622319] kasan_atomics_helper+0xac7/0x5450 [ 24.622341] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.622362] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.622387] ? kasan_atomics+0x152/0x310 [ 24.622412] kasan_atomics+0x1dc/0x310 [ 24.622435] ? __pfx_kasan_atomics+0x10/0x10 [ 24.622457] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.622481] ? __pfx_read_tsc+0x10/0x10 [ 24.622502] ? ktime_get_ts64+0x86/0x230 [ 24.622528] kunit_try_run_case+0x1a5/0x480 [ 24.622556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.622579] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.622599] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.622624] ? __kthread_parkme+0x82/0x180 [ 24.622645] ? preempt_count_sub+0x50/0x80 [ 24.622669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.622692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.622717] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.622741] kthread+0x337/0x6f0 [ 24.622760] ? trace_preempt_on+0x20/0xc0 [ 24.622783] ? __pfx_kthread+0x10/0x10 [ 24.622803] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.622826] ? calculate_sigpending+0x7b/0xa0 [ 24.622850] ? __pfx_kthread+0x10/0x10 [ 24.622871] ret_from_fork+0x116/0x1d0 [ 24.622890] ? __pfx_kthread+0x10/0x10 [ 24.622910] ret_from_fork_asm+0x1a/0x30 [ 24.622949] </TASK> [ 24.622961] [ 24.635819] Allocated by task 294: [ 24.636088] kasan_save_stack+0x45/0x70 [ 24.636284] kasan_save_track+0x18/0x40 [ 24.636463] kasan_save_alloc_info+0x3b/0x50 [ 24.636654] __kasan_kmalloc+0xb7/0xc0 [ 24.637194] __kmalloc_cache_noprof+0x189/0x420 [ 24.637588] kasan_atomics+0x95/0x310 [ 24.637781] kunit_try_run_case+0x1a5/0x480 [ 24.638187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.638424] kthread+0x337/0x6f0 [ 24.638582] ret_from_fork+0x116/0x1d0 [ 24.638751] ret_from_fork_asm+0x1a/0x30 [ 24.639353] [ 24.639446] The buggy address belongs to the object at ffff8881039e9700 [ 24.639446] which belongs to the cache kmalloc-64 of size 64 [ 24.640378] The buggy address is located 0 bytes to the right of [ 24.640378] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.640998] [ 24.641097] The buggy address belongs to the physical page: [ 24.641328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.641648] flags: 0x200000000000000(node=0|zone=2) [ 24.642231] page_type: f5(slab) [ 24.642381] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.642689] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.643800] page dumped because: kasan: bad access detected [ 24.644267] [ 24.644502] Memory state around the buggy address: [ 24.644845] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.645373] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.645669] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.646221] ^ [ 24.646628] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.647347] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.647629] ================================================================== [ 24.564979] ================================================================== [ 24.565275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 24.565553] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.565900] [ 24.566018] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.566069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.566084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.566108] Call Trace: [ 24.566131] <TASK> [ 24.566153] dump_stack_lvl+0x73/0xb0 [ 24.566180] print_report+0xd1/0x650 [ 24.566202] ? __virt_addr_valid+0x1db/0x2d0 [ 24.566226] ? kasan_atomics_helper+0x992/0x5450 [ 24.566246] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.566272] ? kasan_atomics_helper+0x992/0x5450 [ 24.566293] kasan_report+0x141/0x180 [ 24.566314] ? kasan_atomics_helper+0x992/0x5450 [ 24.566339] kasan_check_range+0x10c/0x1c0 [ 24.566362] __kasan_check_write+0x18/0x20 [ 24.566384] kasan_atomics_helper+0x992/0x5450 [ 24.566407] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.566428] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.566452] ? kasan_atomics+0x152/0x310 [ 24.566485] kasan_atomics+0x1dc/0x310 [ 24.566507] ? __pfx_kasan_atomics+0x10/0x10 [ 24.566527] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.566550] ? __pfx_read_tsc+0x10/0x10 [ 24.566572] ? ktime_get_ts64+0x86/0x230 [ 24.566597] kunit_try_run_case+0x1a5/0x480 [ 24.566624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.566646] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.566666] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.566691] ? __kthread_parkme+0x82/0x180 [ 24.566712] ? preempt_count_sub+0x50/0x80 [ 24.566735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.566759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.566782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.566806] kthread+0x337/0x6f0 [ 24.566835] ? trace_preempt_on+0x20/0xc0 [ 24.566858] ? __pfx_kthread+0x10/0x10 [ 24.566879] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.566902] ? calculate_sigpending+0x7b/0xa0 [ 24.566927] ? __pfx_kthread+0x10/0x10 [ 24.566959] ret_from_fork+0x116/0x1d0 [ 24.566978] ? __pfx_kthread+0x10/0x10 [ 24.566998] ret_from_fork_asm+0x1a/0x30 [ 24.567028] </TASK> [ 24.567040] [ 24.575723] Allocated by task 294: [ 24.576082] kasan_save_stack+0x45/0x70 [ 24.576302] kasan_save_track+0x18/0x40 [ 24.576492] kasan_save_alloc_info+0x3b/0x50 [ 24.576676] __kasan_kmalloc+0xb7/0xc0 [ 24.576800] __kmalloc_cache_noprof+0x189/0x420 [ 24.576958] kasan_atomics+0x95/0x310 [ 24.577207] kunit_try_run_case+0x1a5/0x480 [ 24.577424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.577674] kthread+0x337/0x6f0 [ 24.578541] ret_from_fork+0x116/0x1d0 [ 24.579020] ret_from_fork_asm+0x1a/0x30 [ 24.579181] [ 24.579252] The buggy address belongs to the object at ffff8881039e9700 [ 24.579252] which belongs to the cache kmalloc-64 of size 64 [ 24.579595] The buggy address is located 0 bytes to the right of [ 24.579595] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.579962] [ 24.580076] The buggy address belongs to the physical page: [ 24.580649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.580883] flags: 0x200000000000000(node=0|zone=2) [ 24.581372] page_type: f5(slab) [ 24.581774] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.582369] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.583170] page dumped because: kasan: bad access detected [ 24.583637] [ 24.583709] Memory state around the buggy address: [ 24.583909] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.584418] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.585175] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.585886] ^ [ 24.586323] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.586877] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.587089] ================================================================== [ 24.765571] ================================================================== [ 24.765981] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 24.766314] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.766527] [ 24.766610] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.766658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.766671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.766694] Call Trace: [ 24.766716] <TASK> [ 24.766736] dump_stack_lvl+0x73/0xb0 [ 24.766762] print_report+0xd1/0x650 [ 24.766782] ? __virt_addr_valid+0x1db/0x2d0 [ 24.766808] ? kasan_atomics_helper+0xe78/0x5450 [ 24.766829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.766854] ? kasan_atomics_helper+0xe78/0x5450 [ 24.766875] kasan_report+0x141/0x180 [ 24.766896] ? kasan_atomics_helper+0xe78/0x5450 [ 24.766921] kasan_check_range+0x10c/0x1c0 [ 24.766956] __kasan_check_write+0x18/0x20 [ 24.766978] kasan_atomics_helper+0xe78/0x5450 [ 24.767000] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.767021] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.767046] ? kasan_atomics+0x152/0x310 [ 24.767071] kasan_atomics+0x1dc/0x310 [ 24.767094] ? __pfx_kasan_atomics+0x10/0x10 [ 24.767115] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.767139] ? __pfx_read_tsc+0x10/0x10 [ 24.767160] ? ktime_get_ts64+0x86/0x230 [ 24.767185] kunit_try_run_case+0x1a5/0x480 [ 24.767212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.767235] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.767255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.767280] ? __kthread_parkme+0x82/0x180 [ 24.767301] ? preempt_count_sub+0x50/0x80 [ 24.767324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.767348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.767371] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.767395] kthread+0x337/0x6f0 [ 24.767414] ? trace_preempt_on+0x20/0xc0 [ 24.767437] ? __pfx_kthread+0x10/0x10 [ 24.767458] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.767481] ? calculate_sigpending+0x7b/0xa0 [ 24.767506] ? __pfx_kthread+0x10/0x10 [ 24.767527] ret_from_fork+0x116/0x1d0 [ 24.767546] ? __pfx_kthread+0x10/0x10 [ 24.767567] ret_from_fork_asm+0x1a/0x30 [ 24.767597] </TASK> [ 24.767608] [ 24.775213] Allocated by task 294: [ 24.775364] kasan_save_stack+0x45/0x70 [ 24.775539] kasan_save_track+0x18/0x40 [ 24.775693] kasan_save_alloc_info+0x3b/0x50 [ 24.775866] __kasan_kmalloc+0xb7/0xc0 [ 24.776000] __kmalloc_cache_noprof+0x189/0x420 [ 24.776211] kasan_atomics+0x95/0x310 [ 24.776393] kunit_try_run_case+0x1a5/0x480 [ 24.776613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.776784] kthread+0x337/0x6f0 [ 24.776898] ret_from_fork+0x116/0x1d0 [ 24.777070] ret_from_fork_asm+0x1a/0x30 [ 24.777353] [ 24.777451] The buggy address belongs to the object at ffff8881039e9700 [ 24.777451] which belongs to the cache kmalloc-64 of size 64 [ 24.777899] The buggy address is located 0 bytes to the right of [ 24.777899] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.778413] [ 24.778496] The buggy address belongs to the physical page: [ 24.778716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.779007] flags: 0x200000000000000(node=0|zone=2) [ 24.779261] page_type: f5(slab) [ 24.779397] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.779684] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.779982] page dumped because: kasan: bad access detected [ 24.780218] [ 24.780296] Memory state around the buggy address: [ 24.780486] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.780694] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.780901] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.781202] ^ [ 24.781515] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.781818] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.782033] ================================================================== [ 24.676518] ================================================================== [ 24.676877] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 24.677129] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.677437] [ 24.677846] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.677903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.677918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.677955] Call Trace: [ 24.677978] <TASK> [ 24.677999] dump_stack_lvl+0x73/0xb0 [ 24.678029] print_report+0xd1/0x650 [ 24.678052] ? __virt_addr_valid+0x1db/0x2d0 [ 24.678076] ? kasan_atomics_helper+0xc70/0x5450 [ 24.678097] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.678151] ? kasan_atomics_helper+0xc70/0x5450 [ 24.678173] kasan_report+0x141/0x180 [ 24.678195] ? kasan_atomics_helper+0xc70/0x5450 [ 24.678220] kasan_check_range+0x10c/0x1c0 [ 24.678243] __kasan_check_write+0x18/0x20 [ 24.678541] kasan_atomics_helper+0xc70/0x5450 [ 24.678568] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.678590] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.678615] ? kasan_atomics+0x152/0x310 [ 24.678641] kasan_atomics+0x1dc/0x310 [ 24.678662] ? __pfx_kasan_atomics+0x10/0x10 [ 24.678684] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.678708] ? __pfx_read_tsc+0x10/0x10 [ 24.678731] ? ktime_get_ts64+0x86/0x230 [ 24.678759] kunit_try_run_case+0x1a5/0x480 [ 24.678785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.678808] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.678843] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.678869] ? __kthread_parkme+0x82/0x180 [ 24.678889] ? preempt_count_sub+0x50/0x80 [ 24.678913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.678950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.678974] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.678997] kthread+0x337/0x6f0 [ 24.679016] ? trace_preempt_on+0x20/0xc0 [ 24.679040] ? __pfx_kthread+0x10/0x10 [ 24.679060] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.679083] ? calculate_sigpending+0x7b/0xa0 [ 24.679107] ? __pfx_kthread+0x10/0x10 [ 24.679128] ret_from_fork+0x116/0x1d0 [ 24.679147] ? __pfx_kthread+0x10/0x10 [ 24.679167] ret_from_fork_asm+0x1a/0x30 [ 24.679197] </TASK> [ 24.679209] [ 24.691612] Allocated by task 294: [ 24.691958] kasan_save_stack+0x45/0x70 [ 24.692493] kasan_save_track+0x18/0x40 [ 24.692766] kasan_save_alloc_info+0x3b/0x50 [ 24.693103] __kasan_kmalloc+0xb7/0xc0 [ 24.693412] __kmalloc_cache_noprof+0x189/0x420 [ 24.693835] kasan_atomics+0x95/0x310 [ 24.694031] kunit_try_run_case+0x1a5/0x480 [ 24.694519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.694847] kthread+0x337/0x6f0 [ 24.695022] ret_from_fork+0x116/0x1d0 [ 24.695281] ret_from_fork_asm+0x1a/0x30 [ 24.695715] [ 24.695808] The buggy address belongs to the object at ffff8881039e9700 [ 24.695808] which belongs to the cache kmalloc-64 of size 64 [ 24.696640] The buggy address is located 0 bytes to the right of [ 24.696640] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.697386] [ 24.697643] The buggy address belongs to the physical page: [ 24.697954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.698581] flags: 0x200000000000000(node=0|zone=2) [ 24.698983] page_type: f5(slab) [ 24.699260] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.699695] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.700044] page dumped because: kasan: bad access detected [ 24.700503] [ 24.700783] Memory state around the buggy address: [ 24.701039] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.701517] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.701907] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.702518] ^ [ 24.702992] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.703294] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.703564] ================================================================== [ 24.409508] ================================================================== [ 24.409796] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 24.410333] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.410611] [ 24.410796] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.410849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.410864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.410886] Call Trace: [ 24.410908] <TASK> [ 24.410930] dump_stack_lvl+0x73/0xb0 [ 24.410972] print_report+0xd1/0x650 [ 24.410995] ? __virt_addr_valid+0x1db/0x2d0 [ 24.411019] ? kasan_atomics_helper+0x5fe/0x5450 [ 24.411040] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.411065] ? kasan_atomics_helper+0x5fe/0x5450 [ 24.411088] kasan_report+0x141/0x180 [ 24.411110] ? kasan_atomics_helper+0x5fe/0x5450 [ 24.411136] kasan_check_range+0x10c/0x1c0 [ 24.411158] __kasan_check_write+0x18/0x20 [ 24.411281] kasan_atomics_helper+0x5fe/0x5450 [ 24.411304] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.411326] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.411351] ? kasan_atomics+0x152/0x310 [ 24.411376] kasan_atomics+0x1dc/0x310 [ 24.411399] ? __pfx_kasan_atomics+0x10/0x10 [ 24.411420] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.411443] ? __pfx_read_tsc+0x10/0x10 [ 24.411468] ? ktime_get_ts64+0x86/0x230 [ 24.411493] kunit_try_run_case+0x1a5/0x480 [ 24.411521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.411544] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.411565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.411590] ? __kthread_parkme+0x82/0x180 [ 24.411611] ? preempt_count_sub+0x50/0x80 [ 24.411635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.411659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.411683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.411706] kthread+0x337/0x6f0 [ 24.411726] ? trace_preempt_on+0x20/0xc0 [ 24.411749] ? __pfx_kthread+0x10/0x10 [ 24.411769] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.411792] ? calculate_sigpending+0x7b/0xa0 [ 24.412023] ? __pfx_kthread+0x10/0x10 [ 24.412053] ret_from_fork+0x116/0x1d0 [ 24.412074] ? __pfx_kthread+0x10/0x10 [ 24.412095] ret_from_fork_asm+0x1a/0x30 [ 24.412125] </TASK> [ 24.412137] [ 24.422875] Allocated by task 294: [ 24.423177] kasan_save_stack+0x45/0x70 [ 24.423754] kasan_save_track+0x18/0x40 [ 24.424083] kasan_save_alloc_info+0x3b/0x50 [ 24.424257] __kasan_kmalloc+0xb7/0xc0 [ 24.424534] __kmalloc_cache_noprof+0x189/0x420 [ 24.424853] kasan_atomics+0x95/0x310 [ 24.425162] kunit_try_run_case+0x1a5/0x480 [ 24.425327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.425692] kthread+0x337/0x6f0 [ 24.425920] ret_from_fork+0x116/0x1d0 [ 24.426363] ret_from_fork_asm+0x1a/0x30 [ 24.426551] [ 24.426637] The buggy address belongs to the object at ffff8881039e9700 [ 24.426637] which belongs to the cache kmalloc-64 of size 64 [ 24.427186] The buggy address is located 0 bytes to the right of [ 24.427186] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.428108] [ 24.428218] The buggy address belongs to the physical page: [ 24.428617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.429157] flags: 0x200000000000000(node=0|zone=2) [ 24.429391] page_type: f5(slab) [ 24.429698] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.430188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.430470] page dumped because: kasan: bad access detected [ 24.430695] [ 24.430780] Memory state around the buggy address: [ 24.430975] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.431272] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.432137] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.432370] ^ [ 24.432526] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.432737] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.432952] ================================================================== [ 24.783036] ================================================================== [ 24.783342] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 24.783641] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.783994] [ 24.784099] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.784148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.784161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.784185] Call Trace: [ 24.784207] <TASK> [ 24.784226] dump_stack_lvl+0x73/0xb0 [ 24.784252] print_report+0xd1/0x650 [ 24.784274] ? __virt_addr_valid+0x1db/0x2d0 [ 24.784298] ? kasan_atomics_helper+0xf10/0x5450 [ 24.784318] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.784351] ? kasan_atomics_helper+0xf10/0x5450 [ 24.784372] kasan_report+0x141/0x180 [ 24.784393] ? kasan_atomics_helper+0xf10/0x5450 [ 24.784418] kasan_check_range+0x10c/0x1c0 [ 24.784440] __kasan_check_write+0x18/0x20 [ 24.784463] kasan_atomics_helper+0xf10/0x5450 [ 24.785076] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.785100] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.785125] ? kasan_atomics+0x152/0x310 [ 24.785151] kasan_atomics+0x1dc/0x310 [ 24.785173] ? __pfx_kasan_atomics+0x10/0x10 [ 24.785194] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.785874] ? __pfx_read_tsc+0x10/0x10 [ 24.785902] ? ktime_get_ts64+0x86/0x230 [ 24.785931] kunit_try_run_case+0x1a5/0x480 [ 24.785974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.785997] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.786018] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.786043] ? __kthread_parkme+0x82/0x180 [ 24.786065] ? preempt_count_sub+0x50/0x80 [ 24.786088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.786112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.786151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.786174] kthread+0x337/0x6f0 [ 24.786194] ? trace_preempt_on+0x20/0xc0 [ 24.786218] ? __pfx_kthread+0x10/0x10 [ 24.786238] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.786262] ? calculate_sigpending+0x7b/0xa0 [ 24.786325] ? __pfx_kthread+0x10/0x10 [ 24.786366] ret_from_fork+0x116/0x1d0 [ 24.786386] ? __pfx_kthread+0x10/0x10 [ 24.786407] ret_from_fork_asm+0x1a/0x30 [ 24.786437] </TASK> [ 24.786449] [ 24.799110] Allocated by task 294: [ 24.799475] kasan_save_stack+0x45/0x70 [ 24.799869] kasan_save_track+0x18/0x40 [ 24.800046] kasan_save_alloc_info+0x3b/0x50 [ 24.800549] __kasan_kmalloc+0xb7/0xc0 [ 24.800913] __kmalloc_cache_noprof+0x189/0x420 [ 24.801340] kasan_atomics+0x95/0x310 [ 24.801516] kunit_try_run_case+0x1a5/0x480 [ 24.801701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.801928] kthread+0x337/0x6f0 [ 24.802087] ret_from_fork+0x116/0x1d0 [ 24.802581] ret_from_fork_asm+0x1a/0x30 [ 24.802966] [ 24.803385] The buggy address belongs to the object at ffff8881039e9700 [ 24.803385] which belongs to the cache kmalloc-64 of size 64 [ 24.804307] The buggy address is located 0 bytes to the right of [ 24.804307] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.805245] [ 24.805346] The buggy address belongs to the physical page: [ 24.805579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.805893] flags: 0x200000000000000(node=0|zone=2) [ 24.806449] page_type: f5(slab) [ 24.806861] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.807382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.807686] page dumped because: kasan: bad access detected [ 24.807896] [ 24.807986] Memory state around the buggy address: [ 24.808478] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.808995] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.809442] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.809725] ^ [ 24.809924] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.810143] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.810526] ================================================================== [ 24.648820] ================================================================== [ 24.649436] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 24.649843] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.650400] [ 24.650718] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.650775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.650790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.650814] Call Trace: [ 24.650932] <TASK> [ 24.650969] dump_stack_lvl+0x73/0xb0 [ 24.651000] print_report+0xd1/0x650 [ 24.651022] ? __virt_addr_valid+0x1db/0x2d0 [ 24.651046] ? kasan_atomics_helper+0xb6a/0x5450 [ 24.651099] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.651125] ? kasan_atomics_helper+0xb6a/0x5450 [ 24.651146] kasan_report+0x141/0x180 [ 24.651167] ? kasan_atomics_helper+0xb6a/0x5450 [ 24.651192] kasan_check_range+0x10c/0x1c0 [ 24.651215] __kasan_check_write+0x18/0x20 [ 24.651249] kasan_atomics_helper+0xb6a/0x5450 [ 24.651271] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.651292] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.651316] ? kasan_atomics+0x152/0x310 [ 24.651341] kasan_atomics+0x1dc/0x310 [ 24.651363] ? __pfx_kasan_atomics+0x10/0x10 [ 24.651384] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.651408] ? __pfx_read_tsc+0x10/0x10 [ 24.651430] ? ktime_get_ts64+0x86/0x230 [ 24.651455] kunit_try_run_case+0x1a5/0x480 [ 24.651481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.651504] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.651524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.651551] ? __kthread_parkme+0x82/0x180 [ 24.651571] ? preempt_count_sub+0x50/0x80 [ 24.651596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.651620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.651643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.651667] kthread+0x337/0x6f0 [ 24.651686] ? trace_preempt_on+0x20/0xc0 [ 24.651709] ? __pfx_kthread+0x10/0x10 [ 24.651729] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.651752] ? calculate_sigpending+0x7b/0xa0 [ 24.651776] ? __pfx_kthread+0x10/0x10 [ 24.651796] ret_from_fork+0x116/0x1d0 [ 24.651815] ? __pfx_kthread+0x10/0x10 [ 24.651845] ret_from_fork_asm+0x1a/0x30 [ 24.651875] </TASK> [ 24.651886] [ 24.664448] Allocated by task 294: [ 24.664639] kasan_save_stack+0x45/0x70 [ 24.665005] kasan_save_track+0x18/0x40 [ 24.665330] kasan_save_alloc_info+0x3b/0x50 [ 24.665648] __kasan_kmalloc+0xb7/0xc0 [ 24.665992] __kmalloc_cache_noprof+0x189/0x420 [ 24.666381] kasan_atomics+0x95/0x310 [ 24.666557] kunit_try_run_case+0x1a5/0x480 [ 24.666750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.667320] kthread+0x337/0x6f0 [ 24.667796] ret_from_fork+0x116/0x1d0 [ 24.668100] ret_from_fork_asm+0x1a/0x30 [ 24.668488] [ 24.668584] The buggy address belongs to the object at ffff8881039e9700 [ 24.668584] which belongs to the cache kmalloc-64 of size 64 [ 24.669395] The buggy address is located 0 bytes to the right of [ 24.669395] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.670470] [ 24.670698] The buggy address belongs to the physical page: [ 24.671066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.671413] flags: 0x200000000000000(node=0|zone=2) [ 24.671638] page_type: f5(slab) [ 24.671755] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.672573] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.672922] page dumped because: kasan: bad access detected [ 24.673203] [ 24.673274] Memory state around the buggy address: [ 24.673468] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.673765] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.674378] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.674672] ^ [ 24.675065] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.675307] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.675669] ================================================================== [ 25.577744] ================================================================== [ 25.578089] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 25.578472] Read of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.578786] [ 25.578899] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.578975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.578989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.579011] Call Trace: [ 25.579032] <TASK> [ 25.579054] dump_stack_lvl+0x73/0xb0 [ 25.579091] print_report+0xd1/0x650 [ 25.579147] ? __virt_addr_valid+0x1db/0x2d0 [ 25.579183] ? kasan_atomics_helper+0x4fa5/0x5450 [ 25.579207] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.579234] ? kasan_atomics_helper+0x4fa5/0x5450 [ 25.579256] kasan_report+0x141/0x180 [ 25.579279] ? kasan_atomics_helper+0x4fa5/0x5450 [ 25.579308] __asan_report_load8_noabort+0x18/0x20 [ 25.579332] kasan_atomics_helper+0x4fa5/0x5450 [ 25.579354] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.579375] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.579400] ? kasan_atomics+0x152/0x310 [ 25.579437] kasan_atomics+0x1dc/0x310 [ 25.579459] ? __pfx_kasan_atomics+0x10/0x10 [ 25.579491] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.579515] ? __pfx_read_tsc+0x10/0x10 [ 25.579538] ? ktime_get_ts64+0x86/0x230 [ 25.579563] kunit_try_run_case+0x1a5/0x480 [ 25.579600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.579623] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.579655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.579681] ? __kthread_parkme+0x82/0x180 [ 25.579703] ? preempt_count_sub+0x50/0x80 [ 25.579734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.579758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.579782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.579824] kthread+0x337/0x6f0 [ 25.579844] ? trace_preempt_on+0x20/0xc0 [ 25.579867] ? __pfx_kthread+0x10/0x10 [ 25.579888] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.579910] ? calculate_sigpending+0x7b/0xa0 [ 25.579934] ? __pfx_kthread+0x10/0x10 [ 25.579964] ret_from_fork+0x116/0x1d0 [ 25.579983] ? __pfx_kthread+0x10/0x10 [ 25.580004] ret_from_fork_asm+0x1a/0x30 [ 25.580036] </TASK> [ 25.580049] [ 25.587143] Allocated by task 294: [ 25.587338] kasan_save_stack+0x45/0x70 [ 25.587512] kasan_save_track+0x18/0x40 [ 25.587702] kasan_save_alloc_info+0x3b/0x50 [ 25.587892] __kasan_kmalloc+0xb7/0xc0 [ 25.588080] __kmalloc_cache_noprof+0x189/0x420 [ 25.588301] kasan_atomics+0x95/0x310 [ 25.588487] kunit_try_run_case+0x1a5/0x480 [ 25.588697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.588906] kthread+0x337/0x6f0 [ 25.589069] ret_from_fork+0x116/0x1d0 [ 25.589269] ret_from_fork_asm+0x1a/0x30 [ 25.589454] [ 25.589542] The buggy address belongs to the object at ffff8881039e9700 [ 25.589542] which belongs to the cache kmalloc-64 of size 64 [ 25.590016] The buggy address is located 0 bytes to the right of [ 25.590016] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.590549] [ 25.590651] The buggy address belongs to the physical page: [ 25.590846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.591086] flags: 0x200000000000000(node=0|zone=2) [ 25.591264] page_type: f5(slab) [ 25.591379] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.591602] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.591820] page dumped because: kasan: bad access detected [ 25.592035] [ 25.592141] Memory state around the buggy address: [ 25.592384] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.592689] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.593012] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.593324] ^ [ 25.593537] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.593840] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.594984] ================================================================== [ 25.443958] ================================================================== [ 25.444322] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 25.444651] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.444996] [ 25.445126] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.445175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.445188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.445211] Call Trace: [ 25.445231] <TASK> [ 25.445251] dump_stack_lvl+0x73/0xb0 [ 25.445278] print_report+0xd1/0x650 [ 25.445301] ? __virt_addr_valid+0x1db/0x2d0 [ 25.445325] ? kasan_atomics_helper+0x1f43/0x5450 [ 25.445345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.445371] ? kasan_atomics_helper+0x1f43/0x5450 [ 25.445392] kasan_report+0x141/0x180 [ 25.445414] ? kasan_atomics_helper+0x1f43/0x5450 [ 25.445439] kasan_check_range+0x10c/0x1c0 [ 25.445462] __kasan_check_write+0x18/0x20 [ 25.445485] kasan_atomics_helper+0x1f43/0x5450 [ 25.445507] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.445527] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.445552] ? kasan_atomics+0x152/0x310 [ 25.445577] kasan_atomics+0x1dc/0x310 [ 25.445599] ? __pfx_kasan_atomics+0x10/0x10 [ 25.445620] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.445644] ? __pfx_read_tsc+0x10/0x10 [ 25.445666] ? ktime_get_ts64+0x86/0x230 [ 25.445691] kunit_try_run_case+0x1a5/0x480 [ 25.445717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.445740] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.445761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.445786] ? __kthread_parkme+0x82/0x180 [ 25.445806] ? preempt_count_sub+0x50/0x80 [ 25.445829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.445853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.445876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.445918] kthread+0x337/0x6f0 [ 25.445947] ? trace_preempt_on+0x20/0xc0 [ 25.445971] ? __pfx_kthread+0x10/0x10 [ 25.445991] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.446015] ? calculate_sigpending+0x7b/0xa0 [ 25.446039] ? __pfx_kthread+0x10/0x10 [ 25.446061] ret_from_fork+0x116/0x1d0 [ 25.446079] ? __pfx_kthread+0x10/0x10 [ 25.446100] ret_from_fork_asm+0x1a/0x30 [ 25.446148] </TASK> [ 25.446160] [ 25.453916] Allocated by task 294: [ 25.454074] kasan_save_stack+0x45/0x70 [ 25.454299] kasan_save_track+0x18/0x40 [ 25.454495] kasan_save_alloc_info+0x3b/0x50 [ 25.454697] __kasan_kmalloc+0xb7/0xc0 [ 25.454872] __kmalloc_cache_noprof+0x189/0x420 [ 25.455089] kasan_atomics+0x95/0x310 [ 25.455283] kunit_try_run_case+0x1a5/0x480 [ 25.455436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.455619] kthread+0x337/0x6f0 [ 25.455778] ret_from_fork+0x116/0x1d0 [ 25.455965] ret_from_fork_asm+0x1a/0x30 [ 25.456204] [ 25.456286] The buggy address belongs to the object at ffff8881039e9700 [ 25.456286] which belongs to the cache kmalloc-64 of size 64 [ 25.456706] The buggy address is located 0 bytes to the right of [ 25.456706] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.457070] [ 25.457163] The buggy address belongs to the physical page: [ 25.457330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.457560] flags: 0x200000000000000(node=0|zone=2) [ 25.457715] page_type: f5(slab) [ 25.457829] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.458223] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.458547] page dumped because: kasan: bad access detected [ 25.458785] [ 25.458868] Memory state around the buggy address: [ 25.459087] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.459407] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.459714] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.460041] ^ [ 25.460286] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.460595] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.460858] ================================================================== [ 24.835048] ================================================================== [ 24.835740] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 24.836354] Read of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.836815] [ 24.836971] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.837024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.837037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.837059] Call Trace: [ 24.837082] <TASK> [ 24.837102] dump_stack_lvl+0x73/0xb0 [ 24.837129] print_report+0xd1/0x650 [ 24.837151] ? __virt_addr_valid+0x1db/0x2d0 [ 24.837175] ? kasan_atomics_helper+0x4a36/0x5450 [ 24.837196] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.837222] ? kasan_atomics_helper+0x4a36/0x5450 [ 24.837244] kasan_report+0x141/0x180 [ 24.837267] ? kasan_atomics_helper+0x4a36/0x5450 [ 24.837331] __asan_report_load4_noabort+0x18/0x20 [ 24.837356] kasan_atomics_helper+0x4a36/0x5450 [ 24.837389] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.837411] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.837435] ? kasan_atomics+0x152/0x310 [ 24.837460] kasan_atomics+0x1dc/0x310 [ 24.837482] ? __pfx_kasan_atomics+0x10/0x10 [ 24.837504] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.837527] ? __pfx_read_tsc+0x10/0x10 [ 24.837549] ? ktime_get_ts64+0x86/0x230 [ 24.837575] kunit_try_run_case+0x1a5/0x480 [ 24.837602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.837625] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.837645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.837671] ? __kthread_parkme+0x82/0x180 [ 24.837691] ? preempt_count_sub+0x50/0x80 [ 24.837716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.837740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.837763] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.837787] kthread+0x337/0x6f0 [ 24.837807] ? trace_preempt_on+0x20/0xc0 [ 24.837830] ? __pfx_kthread+0x10/0x10 [ 24.837850] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.837873] ? calculate_sigpending+0x7b/0xa0 [ 24.837896] ? __pfx_kthread+0x10/0x10 [ 24.837917] ret_from_fork+0x116/0x1d0 [ 24.837944] ? __pfx_kthread+0x10/0x10 [ 24.837965] ret_from_fork_asm+0x1a/0x30 [ 24.837995] </TASK> [ 24.838007] [ 24.848008] Allocated by task 294: [ 24.848209] kasan_save_stack+0x45/0x70 [ 24.848451] kasan_save_track+0x18/0x40 [ 24.848722] kasan_save_alloc_info+0x3b/0x50 [ 24.848954] __kasan_kmalloc+0xb7/0xc0 [ 24.849456] __kmalloc_cache_noprof+0x189/0x420 [ 24.849666] kasan_atomics+0x95/0x310 [ 24.849800] kunit_try_run_case+0x1a5/0x480 [ 24.850013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.850494] kthread+0x337/0x6f0 [ 24.850758] ret_from_fork+0x116/0x1d0 [ 24.850946] ret_from_fork_asm+0x1a/0x30 [ 24.851291] [ 24.851396] The buggy address belongs to the object at ffff8881039e9700 [ 24.851396] which belongs to the cache kmalloc-64 of size 64 [ 24.852195] The buggy address is located 0 bytes to the right of [ 24.852195] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.852947] [ 24.853057] The buggy address belongs to the physical page: [ 24.853288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.853785] flags: 0x200000000000000(node=0|zone=2) [ 24.854094] page_type: f5(slab) [ 24.854234] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.854671] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.855103] page dumped because: kasan: bad access detected [ 24.855522] [ 24.855673] Memory state around the buggy address: [ 24.855886] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.856371] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.856733] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.857142] ^ [ 24.857302] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.857724] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.858046] ================================================================== [ 24.203424] ================================================================== [ 24.204086] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 24.204602] Read of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.204879] [ 24.205003] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.205057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.205070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.205091] Call Trace: [ 24.205106] <TASK> [ 24.205491] dump_stack_lvl+0x73/0xb0 [ 24.205538] print_report+0xd1/0x650 [ 24.205560] ? __virt_addr_valid+0x1db/0x2d0 [ 24.205585] ? kasan_atomics_helper+0x4bbc/0x5450 [ 24.205605] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.205629] ? kasan_atomics_helper+0x4bbc/0x5450 [ 24.205649] kasan_report+0x141/0x180 [ 24.205671] ? kasan_atomics_helper+0x4bbc/0x5450 [ 24.205695] __asan_report_load4_noabort+0x18/0x20 [ 24.205718] kasan_atomics_helper+0x4bbc/0x5450 [ 24.205738] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.205758] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.205782] ? kasan_atomics+0x152/0x310 [ 24.205807] kasan_atomics+0x1dc/0x310 [ 24.205874] ? __pfx_kasan_atomics+0x10/0x10 [ 24.205898] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.205921] ? __pfx_read_tsc+0x10/0x10 [ 24.205956] ? ktime_get_ts64+0x86/0x230 [ 24.205980] kunit_try_run_case+0x1a5/0x480 [ 24.206007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.206029] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.206048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.206073] ? __kthread_parkme+0x82/0x180 [ 24.206093] ? preempt_count_sub+0x50/0x80 [ 24.206116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.206138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.206160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.206183] kthread+0x337/0x6f0 [ 24.206201] ? trace_preempt_on+0x20/0xc0 [ 24.206224] ? __pfx_kthread+0x10/0x10 [ 24.206243] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.206266] ? calculate_sigpending+0x7b/0xa0 [ 24.206289] ? __pfx_kthread+0x10/0x10 [ 24.206309] ret_from_fork+0x116/0x1d0 [ 24.206327] ? __pfx_kthread+0x10/0x10 [ 24.206345] ret_from_fork_asm+0x1a/0x30 [ 24.206375] </TASK> [ 24.206386] [ 24.218219] Allocated by task 294: [ 24.218372] kasan_save_stack+0x45/0x70 [ 24.218579] kasan_save_track+0x18/0x40 [ 24.218767] kasan_save_alloc_info+0x3b/0x50 [ 24.219154] __kasan_kmalloc+0xb7/0xc0 [ 24.219295] __kmalloc_cache_noprof+0x189/0x420 [ 24.219523] kasan_atomics+0x95/0x310 [ 24.219703] kunit_try_run_case+0x1a5/0x480 [ 24.219928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.220399] kthread+0x337/0x6f0 [ 24.220537] ret_from_fork+0x116/0x1d0 [ 24.220702] ret_from_fork_asm+0x1a/0x30 [ 24.220956] [ 24.221031] The buggy address belongs to the object at ffff8881039e9700 [ 24.221031] which belongs to the cache kmalloc-64 of size 64 [ 24.221667] The buggy address is located 0 bytes to the right of [ 24.221667] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.222383] [ 24.222494] The buggy address belongs to the physical page: [ 24.222746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.223305] flags: 0x200000000000000(node=0|zone=2) [ 24.223548] page_type: f5(slab) [ 24.223692] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.224045] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.224362] page dumped because: kasan: bad access detected [ 24.224589] [ 24.224659] Memory state around the buggy address: [ 24.224867] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.225180] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.225666] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.226072] ^ [ 24.226362] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.226573] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.227166] ================================================================== [ 25.461439] ================================================================== [ 25.461777] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 25.462169] Read of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.462492] [ 25.462587] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.462636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.462649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.462671] Call Trace: [ 25.462691] <TASK> [ 25.462709] dump_stack_lvl+0x73/0xb0 [ 25.462737] print_report+0xd1/0x650 [ 25.462758] ? __virt_addr_valid+0x1db/0x2d0 [ 25.462783] ? kasan_atomics_helper+0x4f71/0x5450 [ 25.462805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.462833] ? kasan_atomics_helper+0x4f71/0x5450 [ 25.462854] kasan_report+0x141/0x180 [ 25.462875] ? kasan_atomics_helper+0x4f71/0x5450 [ 25.462900] __asan_report_load8_noabort+0x18/0x20 [ 25.462924] kasan_atomics_helper+0x4f71/0x5450 [ 25.462957] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.462977] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.463002] ? kasan_atomics+0x152/0x310 [ 25.463040] kasan_atomics+0x1dc/0x310 [ 25.463062] ? __pfx_kasan_atomics+0x10/0x10 [ 25.463083] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.463129] ? __pfx_read_tsc+0x10/0x10 [ 25.463151] ? ktime_get_ts64+0x86/0x230 [ 25.463176] kunit_try_run_case+0x1a5/0x480 [ 25.463203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.463226] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.463266] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.463291] ? __kthread_parkme+0x82/0x180 [ 25.463312] ? preempt_count_sub+0x50/0x80 [ 25.463336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.463374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.463397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.463423] kthread+0x337/0x6f0 [ 25.463442] ? trace_preempt_on+0x20/0xc0 [ 25.463465] ? __pfx_kthread+0x10/0x10 [ 25.463485] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.463508] ? calculate_sigpending+0x7b/0xa0 [ 25.463532] ? __pfx_kthread+0x10/0x10 [ 25.463555] ret_from_fork+0x116/0x1d0 [ 25.463577] ? __pfx_kthread+0x10/0x10 [ 25.463599] ret_from_fork_asm+0x1a/0x30 [ 25.463633] </TASK> [ 25.463644] [ 25.471130] Allocated by task 294: [ 25.471323] kasan_save_stack+0x45/0x70 [ 25.471548] kasan_save_track+0x18/0x40 [ 25.471751] kasan_save_alloc_info+0x3b/0x50 [ 25.471893] __kasan_kmalloc+0xb7/0xc0 [ 25.472026] __kmalloc_cache_noprof+0x189/0x420 [ 25.472198] kasan_atomics+0x95/0x310 [ 25.472324] kunit_try_run_case+0x1a5/0x480 [ 25.472470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.472635] kthread+0x337/0x6f0 [ 25.472747] ret_from_fork+0x116/0x1d0 [ 25.472871] ret_from_fork_asm+0x1a/0x30 [ 25.473046] [ 25.473168] The buggy address belongs to the object at ffff8881039e9700 [ 25.473168] which belongs to the cache kmalloc-64 of size 64 [ 25.473690] The buggy address is located 0 bytes to the right of [ 25.473690] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.474250] [ 25.474342] The buggy address belongs to the physical page: [ 25.474592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.474949] flags: 0x200000000000000(node=0|zone=2) [ 25.475200] page_type: f5(slab) [ 25.475363] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.475693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.476033] page dumped because: kasan: bad access detected [ 25.476273] [ 25.476355] Memory state around the buggy address: [ 25.476505] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.476714] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.476923] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.477265] ^ [ 25.477512] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.477861] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.478232] ================================================================== [ 25.496517] ================================================================== [ 25.496848] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 25.497189] Read of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.497654] [ 25.497774] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.497823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.497836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.497858] Call Trace: [ 25.497879] <TASK> [ 25.497899] dump_stack_lvl+0x73/0xb0 [ 25.497926] print_report+0xd1/0x650 [ 25.497957] ? __virt_addr_valid+0x1db/0x2d0 [ 25.497980] ? kasan_atomics_helper+0x4f98/0x5450 [ 25.498001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.498027] ? kasan_atomics_helper+0x4f98/0x5450 [ 25.498048] kasan_report+0x141/0x180 [ 25.498069] ? kasan_atomics_helper+0x4f98/0x5450 [ 25.498094] __asan_report_load8_noabort+0x18/0x20 [ 25.498124] kasan_atomics_helper+0x4f98/0x5450 [ 25.498146] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.498167] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.498191] ? kasan_atomics+0x152/0x310 [ 25.498217] kasan_atomics+0x1dc/0x310 [ 25.498239] ? __pfx_kasan_atomics+0x10/0x10 [ 25.498261] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.498283] ? __pfx_read_tsc+0x10/0x10 [ 25.498305] ? ktime_get_ts64+0x86/0x230 [ 25.498330] kunit_try_run_case+0x1a5/0x480 [ 25.498356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.498381] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.498401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.498427] ? __kthread_parkme+0x82/0x180 [ 25.498448] ? preempt_count_sub+0x50/0x80 [ 25.498471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.498495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.498519] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.498542] kthread+0x337/0x6f0 [ 25.498562] ? trace_preempt_on+0x20/0xc0 [ 25.498584] ? __pfx_kthread+0x10/0x10 [ 25.498605] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.498628] ? calculate_sigpending+0x7b/0xa0 [ 25.498652] ? __pfx_kthread+0x10/0x10 [ 25.498673] ret_from_fork+0x116/0x1d0 [ 25.498692] ? __pfx_kthread+0x10/0x10 [ 25.498712] ret_from_fork_asm+0x1a/0x30 [ 25.498742] </TASK> [ 25.498754] [ 25.505771] Allocated by task 294: [ 25.505903] kasan_save_stack+0x45/0x70 [ 25.506055] kasan_save_track+0x18/0x40 [ 25.506207] kasan_save_alloc_info+0x3b/0x50 [ 25.506351] __kasan_kmalloc+0xb7/0xc0 [ 25.506488] __kmalloc_cache_noprof+0x189/0x420 [ 25.506700] kasan_atomics+0x95/0x310 [ 25.506878] kunit_try_run_case+0x1a5/0x480 [ 25.507135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.507389] kthread+0x337/0x6f0 [ 25.507553] ret_from_fork+0x116/0x1d0 [ 25.507748] ret_from_fork_asm+0x1a/0x30 [ 25.507983] [ 25.508079] The buggy address belongs to the object at ffff8881039e9700 [ 25.508079] which belongs to the cache kmalloc-64 of size 64 [ 25.508677] The buggy address is located 0 bytes to the right of [ 25.508677] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.509195] [ 25.509265] The buggy address belongs to the physical page: [ 25.509433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.509807] flags: 0x200000000000000(node=0|zone=2) [ 25.510047] page_type: f5(slab) [ 25.510241] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.510560] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.510861] page dumped because: kasan: bad access detected [ 25.511097] [ 25.511229] Memory state around the buggy address: [ 25.511408] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.511698] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.512004] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.512347] ^ [ 25.512568] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.512853] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.513177] ================================================================== [ 24.434004] ================================================================== [ 24.434768] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 24.435273] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.435858] [ 24.436192] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.436260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.436275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.436299] Call Trace: [ 24.436317] <TASK> [ 24.436357] dump_stack_lvl+0x73/0xb0 [ 24.436387] print_report+0xd1/0x650 [ 24.436410] ? __virt_addr_valid+0x1db/0x2d0 [ 24.436434] ? kasan_atomics_helper+0x697/0x5450 [ 24.436455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.436482] ? kasan_atomics_helper+0x697/0x5450 [ 24.436503] kasan_report+0x141/0x180 [ 24.436524] ? kasan_atomics_helper+0x697/0x5450 [ 24.436549] kasan_check_range+0x10c/0x1c0 [ 24.436572] __kasan_check_write+0x18/0x20 [ 24.436595] kasan_atomics_helper+0x697/0x5450 [ 24.436617] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.436639] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.436664] ? kasan_atomics+0x152/0x310 [ 24.436689] kasan_atomics+0x1dc/0x310 [ 24.436711] ? __pfx_kasan_atomics+0x10/0x10 [ 24.436733] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.436757] ? __pfx_read_tsc+0x10/0x10 [ 24.436780] ? ktime_get_ts64+0x86/0x230 [ 24.436847] kunit_try_run_case+0x1a5/0x480 [ 24.436877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.436900] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.436932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.436965] ? __kthread_parkme+0x82/0x180 [ 24.436986] ? preempt_count_sub+0x50/0x80 [ 24.437010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.437034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.437058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.437082] kthread+0x337/0x6f0 [ 24.437101] ? trace_preempt_on+0x20/0xc0 [ 24.437141] ? __pfx_kthread+0x10/0x10 [ 24.437161] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.437184] ? calculate_sigpending+0x7b/0xa0 [ 24.437208] ? __pfx_kthread+0x10/0x10 [ 24.437230] ret_from_fork+0x116/0x1d0 [ 24.437248] ? __pfx_kthread+0x10/0x10 [ 24.437269] ret_from_fork_asm+0x1a/0x30 [ 24.437299] </TASK> [ 24.437311] [ 24.450128] Allocated by task 294: [ 24.450596] kasan_save_stack+0x45/0x70 [ 24.451150] kasan_save_track+0x18/0x40 [ 24.451542] kasan_save_alloc_info+0x3b/0x50 [ 24.452016] __kasan_kmalloc+0xb7/0xc0 [ 24.452391] __kmalloc_cache_noprof+0x189/0x420 [ 24.452908] kasan_atomics+0x95/0x310 [ 24.453183] kunit_try_run_case+0x1a5/0x480 [ 24.453333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.453497] kthread+0x337/0x6f0 [ 24.453609] ret_from_fork+0x116/0x1d0 [ 24.453729] ret_from_fork_asm+0x1a/0x30 [ 24.453889] [ 24.453962] The buggy address belongs to the object at ffff8881039e9700 [ 24.453962] which belongs to the cache kmalloc-64 of size 64 [ 24.454785] The buggy address is located 0 bytes to the right of [ 24.454785] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.455194] [ 24.455303] The buggy address belongs to the physical page: [ 24.455672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.455993] flags: 0x200000000000000(node=0|zone=2) [ 24.456393] page_type: f5(slab) [ 24.456576] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.457035] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.457374] page dumped because: kasan: bad access detected [ 24.457649] [ 24.457713] Memory state around the buggy address: [ 24.457972] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.458473] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.458739] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.458962] ^ [ 24.459218] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.459654] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.459988] ================================================================== [ 25.159193] ================================================================== [ 25.160187] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 25.160714] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.161038] [ 25.161149] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.161203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.161217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.161241] Call Trace: [ 25.161264] <TASK> [ 25.161286] dump_stack_lvl+0x73/0xb0 [ 25.161315] print_report+0xd1/0x650 [ 25.161337] ? __virt_addr_valid+0x1db/0x2d0 [ 25.161360] ? kasan_atomics_helper+0x16e7/0x5450 [ 25.161382] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.161408] ? kasan_atomics_helper+0x16e7/0x5450 [ 25.161429] kasan_report+0x141/0x180 [ 25.161450] ? kasan_atomics_helper+0x16e7/0x5450 [ 25.161475] kasan_check_range+0x10c/0x1c0 [ 25.161499] __kasan_check_write+0x18/0x20 [ 25.161522] kasan_atomics_helper+0x16e7/0x5450 [ 25.161543] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.161565] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.161590] ? kasan_atomics+0x152/0x310 [ 25.161615] kasan_atomics+0x1dc/0x310 [ 25.161637] ? __pfx_kasan_atomics+0x10/0x10 [ 25.161658] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.161682] ? __pfx_read_tsc+0x10/0x10 [ 25.161704] ? ktime_get_ts64+0x86/0x230 [ 25.161730] kunit_try_run_case+0x1a5/0x480 [ 25.161758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.161781] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.161802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.161827] ? __kthread_parkme+0x82/0x180 [ 25.161848] ? preempt_count_sub+0x50/0x80 [ 25.161872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.161896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.161920] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.161957] kthread+0x337/0x6f0 [ 25.161977] ? trace_preempt_on+0x20/0xc0 [ 25.162000] ? __pfx_kthread+0x10/0x10 [ 25.162020] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.162044] ? calculate_sigpending+0x7b/0xa0 [ 25.162068] ? __pfx_kthread+0x10/0x10 [ 25.162089] ret_from_fork+0x116/0x1d0 [ 25.162108] ? __pfx_kthread+0x10/0x10 [ 25.162129] ret_from_fork_asm+0x1a/0x30 [ 25.162160] </TASK> [ 25.162171] [ 25.173345] Allocated by task 294: [ 25.173780] kasan_save_stack+0x45/0x70 [ 25.173985] kasan_save_track+0x18/0x40 [ 25.174511] kasan_save_alloc_info+0x3b/0x50 [ 25.174730] __kasan_kmalloc+0xb7/0xc0 [ 25.174901] __kmalloc_cache_noprof+0x189/0x420 [ 25.175141] kasan_atomics+0x95/0x310 [ 25.175545] kunit_try_run_case+0x1a5/0x480 [ 25.175845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.176150] kthread+0x337/0x6f0 [ 25.176285] ret_from_fork+0x116/0x1d0 [ 25.176609] ret_from_fork_asm+0x1a/0x30 [ 25.176763] [ 25.176955] The buggy address belongs to the object at ffff8881039e9700 [ 25.176955] which belongs to the cache kmalloc-64 of size 64 [ 25.177654] The buggy address is located 0 bytes to the right of [ 25.177654] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.178333] [ 25.178572] The buggy address belongs to the physical page: [ 25.178761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.179264] flags: 0x200000000000000(node=0|zone=2) [ 25.179571] page_type: f5(slab) [ 25.179748] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.180283] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.181025] page dumped because: kasan: bad access detected [ 25.181399] [ 25.181483] Memory state around the buggy address: [ 25.181830] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.182244] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.182450] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.182648] ^ [ 25.182794] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.183012] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.183350] ================================================================== [ 25.374254] ================================================================== [ 25.374573] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 25.374948] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.375309] [ 25.375417] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.375467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.375481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.375503] Call Trace: [ 25.375525] <TASK> [ 25.375545] dump_stack_lvl+0x73/0xb0 [ 25.375572] print_report+0xd1/0x650 [ 25.375593] ? __virt_addr_valid+0x1db/0x2d0 [ 25.375618] ? kasan_atomics_helper+0x1ce1/0x5450 [ 25.375638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.375663] ? kasan_atomics_helper+0x1ce1/0x5450 [ 25.375684] kasan_report+0x141/0x180 [ 25.375705] ? kasan_atomics_helper+0x1ce1/0x5450 [ 25.375730] kasan_check_range+0x10c/0x1c0 [ 25.375754] __kasan_check_write+0x18/0x20 [ 25.375776] kasan_atomics_helper+0x1ce1/0x5450 [ 25.375798] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.375820] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.375845] ? kasan_atomics+0x152/0x310 [ 25.375871] kasan_atomics+0x1dc/0x310 [ 25.375896] ? __pfx_kasan_atomics+0x10/0x10 [ 25.375918] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.375957] ? __pfx_read_tsc+0x10/0x10 [ 25.375980] ? ktime_get_ts64+0x86/0x230 [ 25.376006] kunit_try_run_case+0x1a5/0x480 [ 25.376035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.376058] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.376079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.376104] ? __kthread_parkme+0x82/0x180 [ 25.376137] ? preempt_count_sub+0x50/0x80 [ 25.376161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.376185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.376209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.376232] kthread+0x337/0x6f0 [ 25.376254] ? trace_preempt_on+0x20/0xc0 [ 25.376278] ? __pfx_kthread+0x10/0x10 [ 25.376298] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.376321] ? calculate_sigpending+0x7b/0xa0 [ 25.376351] ? __pfx_kthread+0x10/0x10 [ 25.376373] ret_from_fork+0x116/0x1d0 [ 25.376391] ? __pfx_kthread+0x10/0x10 [ 25.376411] ret_from_fork_asm+0x1a/0x30 [ 25.376442] </TASK> [ 25.376454] [ 25.383580] Allocated by task 294: [ 25.383718] kasan_save_stack+0x45/0x70 [ 25.383899] kasan_save_track+0x18/0x40 [ 25.384092] kasan_save_alloc_info+0x3b/0x50 [ 25.384290] __kasan_kmalloc+0xb7/0xc0 [ 25.384475] __kmalloc_cache_noprof+0x189/0x420 [ 25.384659] kasan_atomics+0x95/0x310 [ 25.384783] kunit_try_run_case+0x1a5/0x480 [ 25.384922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.385098] kthread+0x337/0x6f0 [ 25.385218] ret_from_fork+0x116/0x1d0 [ 25.385407] ret_from_fork_asm+0x1a/0x30 [ 25.385595] [ 25.385685] The buggy address belongs to the object at ffff8881039e9700 [ 25.385685] which belongs to the cache kmalloc-64 of size 64 [ 25.386324] The buggy address is located 0 bytes to the right of [ 25.386324] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.386872] [ 25.386972] The buggy address belongs to the physical page: [ 25.387209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.387491] flags: 0x200000000000000(node=0|zone=2) [ 25.387650] page_type: f5(slab) [ 25.387814] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.388185] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.388491] page dumped because: kasan: bad access detected [ 25.388692] [ 25.388779] Memory state around the buggy address: [ 25.388978] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.389187] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.389393] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.389596] ^ [ 25.389742] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.390045] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.390346] ================================================================== [ 24.335240] ================================================================== [ 24.335552] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 24.335889] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.336380] [ 24.336494] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.336559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.336578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.336602] Call Trace: [ 24.336624] <TASK> [ 24.336655] dump_stack_lvl+0x73/0xb0 [ 24.336687] print_report+0xd1/0x650 [ 24.336710] ? __virt_addr_valid+0x1db/0x2d0 [ 24.336745] ? kasan_atomics_helper+0x4a0/0x5450 [ 24.336766] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.336793] ? kasan_atomics_helper+0x4a0/0x5450 [ 24.336826] kasan_report+0x141/0x180 [ 24.336849] ? kasan_atomics_helper+0x4a0/0x5450 [ 24.336874] kasan_check_range+0x10c/0x1c0 [ 24.336897] __kasan_check_write+0x18/0x20 [ 24.336920] kasan_atomics_helper+0x4a0/0x5450 [ 24.336951] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.336973] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.336998] ? kasan_atomics+0x152/0x310 [ 24.337023] kasan_atomics+0x1dc/0x310 [ 24.337102] ? __pfx_kasan_atomics+0x10/0x10 [ 24.337137] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.337162] ? __pfx_read_tsc+0x10/0x10 [ 24.337185] ? ktime_get_ts64+0x86/0x230 [ 24.337211] kunit_try_run_case+0x1a5/0x480 [ 24.337237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.337260] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.337281] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.337315] ? __kthread_parkme+0x82/0x180 [ 24.337337] ? preempt_count_sub+0x50/0x80 [ 24.337362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.337386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.337410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.337442] kthread+0x337/0x6f0 [ 24.337462] ? trace_preempt_on+0x20/0xc0 [ 24.337485] ? __pfx_kthread+0x10/0x10 [ 24.337515] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.337539] ? calculate_sigpending+0x7b/0xa0 [ 24.337571] ? __pfx_kthread+0x10/0x10 [ 24.337592] ret_from_fork+0x116/0x1d0 [ 24.337611] ? __pfx_kthread+0x10/0x10 [ 24.337632] ret_from_fork_asm+0x1a/0x30 [ 24.337671] </TASK> [ 24.337683] [ 24.346831] Allocated by task 294: [ 24.347021] kasan_save_stack+0x45/0x70 [ 24.347369] kasan_save_track+0x18/0x40 [ 24.347620] kasan_save_alloc_info+0x3b/0x50 [ 24.347830] __kasan_kmalloc+0xb7/0xc0 [ 24.348116] __kmalloc_cache_noprof+0x189/0x420 [ 24.348412] kasan_atomics+0x95/0x310 [ 24.348548] kunit_try_run_case+0x1a5/0x480 [ 24.348770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.349021] kthread+0x337/0x6f0 [ 24.349173] ret_from_fork+0x116/0x1d0 [ 24.349436] ret_from_fork_asm+0x1a/0x30 [ 24.349655] [ 24.349747] The buggy address belongs to the object at ffff8881039e9700 [ 24.349747] which belongs to the cache kmalloc-64 of size 64 [ 24.350152] The buggy address is located 0 bytes to the right of [ 24.350152] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.351009] [ 24.351128] The buggy address belongs to the physical page: [ 24.351377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.351710] flags: 0x200000000000000(node=0|zone=2) [ 24.352090] page_type: f5(slab) [ 24.352281] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.352588] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.352810] page dumped because: kasan: bad access detected [ 24.353127] [ 24.353253] Memory state around the buggy address: [ 24.353480] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.353920] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.354506] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.354889] ^ [ 24.355137] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.355385] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.355707] ================================================================== [ 25.005574] ================================================================== [ 25.006170] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 25.006408] Read of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.006714] [ 25.006846] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.006894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.006908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.006930] Call Trace: [ 25.006961] <TASK> [ 25.006981] dump_stack_lvl+0x73/0xb0 [ 25.007008] print_report+0xd1/0x650 [ 25.007030] ? __virt_addr_valid+0x1db/0x2d0 [ 25.007053] ? kasan_atomics_helper+0x49ce/0x5450 [ 25.007074] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.007099] ? kasan_atomics_helper+0x49ce/0x5450 [ 25.007130] kasan_report+0x141/0x180 [ 25.007152] ? kasan_atomics_helper+0x49ce/0x5450 [ 25.007177] __asan_report_load4_noabort+0x18/0x20 [ 25.007201] kasan_atomics_helper+0x49ce/0x5450 [ 25.007222] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.007243] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.007267] ? kasan_atomics+0x152/0x310 [ 25.007292] kasan_atomics+0x1dc/0x310 [ 25.007314] ? __pfx_kasan_atomics+0x10/0x10 [ 25.007335] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.007369] ? __pfx_read_tsc+0x10/0x10 [ 25.007390] ? ktime_get_ts64+0x86/0x230 [ 25.007426] kunit_try_run_case+0x1a5/0x480 [ 25.007453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.007476] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.007496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.007521] ? __kthread_parkme+0x82/0x180 [ 25.007542] ? preempt_count_sub+0x50/0x80 [ 25.007566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.007598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.007622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.007647] kthread+0x337/0x6f0 [ 25.007681] ? trace_preempt_on+0x20/0xc0 [ 25.007705] ? __pfx_kthread+0x10/0x10 [ 25.007726] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.007749] ? calculate_sigpending+0x7b/0xa0 [ 25.007774] ? __pfx_kthread+0x10/0x10 [ 25.007796] ret_from_fork+0x116/0x1d0 [ 25.007815] ? __pfx_kthread+0x10/0x10 [ 25.007835] ret_from_fork_asm+0x1a/0x30 [ 25.007865] </TASK> [ 25.007876] [ 25.015458] Allocated by task 294: [ 25.015627] kasan_save_stack+0x45/0x70 [ 25.015803] kasan_save_track+0x18/0x40 [ 25.015992] kasan_save_alloc_info+0x3b/0x50 [ 25.016227] __kasan_kmalloc+0xb7/0xc0 [ 25.016394] __kmalloc_cache_noprof+0x189/0x420 [ 25.016611] kasan_atomics+0x95/0x310 [ 25.016767] kunit_try_run_case+0x1a5/0x480 [ 25.016908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.017081] kthread+0x337/0x6f0 [ 25.017238] ret_from_fork+0x116/0x1d0 [ 25.017415] ret_from_fork_asm+0x1a/0x30 [ 25.017626] [ 25.017714] The buggy address belongs to the object at ffff8881039e9700 [ 25.017714] which belongs to the cache kmalloc-64 of size 64 [ 25.018138] The buggy address is located 0 bytes to the right of [ 25.018138] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.018656] [ 25.018758] The buggy address belongs to the physical page: [ 25.018981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.019212] flags: 0x200000000000000(node=0|zone=2) [ 25.019367] page_type: f5(slab) [ 25.019481] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.019701] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.019918] page dumped because: kasan: bad access detected [ 25.020168] [ 25.020253] Memory state around the buggy address: [ 25.020475] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.020791] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.021111] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.021447] ^ [ 25.021660] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.021975] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.022307] ================================================================== [ 25.596036] ================================================================== [ 25.596981] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 25.597509] Write of size 8 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 25.598047] [ 25.598286] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 25.598457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.598478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.598502] Call Trace: [ 25.598535] <TASK> [ 25.598556] dump_stack_lvl+0x73/0xb0 [ 25.598586] print_report+0xd1/0x650 [ 25.598651] ? __virt_addr_valid+0x1db/0x2d0 [ 25.598675] ? kasan_atomics_helper+0x224c/0x5450 [ 25.598696] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.598722] ? kasan_atomics_helper+0x224c/0x5450 [ 25.598744] kasan_report+0x141/0x180 [ 25.598767] ? kasan_atomics_helper+0x224c/0x5450 [ 25.598792] kasan_check_range+0x10c/0x1c0 [ 25.598815] __kasan_check_write+0x18/0x20 [ 25.598838] kasan_atomics_helper+0x224c/0x5450 [ 25.598860] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.598881] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.598905] ? kasan_atomics+0x152/0x310 [ 25.598931] kasan_atomics+0x1dc/0x310 [ 25.598964] ? __pfx_kasan_atomics+0x10/0x10 [ 25.598986] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.599010] ? __pfx_read_tsc+0x10/0x10 [ 25.599032] ? ktime_get_ts64+0x86/0x230 [ 25.599058] kunit_try_run_case+0x1a5/0x480 [ 25.599085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.599129] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.599151] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.599176] ? __kthread_parkme+0x82/0x180 [ 25.599197] ? preempt_count_sub+0x50/0x80 [ 25.599220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.599246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.599269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.599295] kthread+0x337/0x6f0 [ 25.599317] ? trace_preempt_on+0x20/0xc0 [ 25.599341] ? __pfx_kthread+0x10/0x10 [ 25.599361] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.599385] ? calculate_sigpending+0x7b/0xa0 [ 25.599409] ? __pfx_kthread+0x10/0x10 [ 25.599430] ret_from_fork+0x116/0x1d0 [ 25.599450] ? __pfx_kthread+0x10/0x10 [ 25.599471] ret_from_fork_asm+0x1a/0x30 [ 25.599502] </TASK> [ 25.599514] [ 25.607073] Allocated by task 294: [ 25.607295] kasan_save_stack+0x45/0x70 [ 25.607485] kasan_save_track+0x18/0x40 [ 25.607681] kasan_save_alloc_info+0x3b/0x50 [ 25.607835] __kasan_kmalloc+0xb7/0xc0 [ 25.607976] __kmalloc_cache_noprof+0x189/0x420 [ 25.608233] kasan_atomics+0x95/0x310 [ 25.608418] kunit_try_run_case+0x1a5/0x480 [ 25.608616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.608803] kthread+0x337/0x6f0 [ 25.608949] ret_from_fork+0x116/0x1d0 [ 25.609156] ret_from_fork_asm+0x1a/0x30 [ 25.609360] [ 25.609449] The buggy address belongs to the object at ffff8881039e9700 [ 25.609449] which belongs to the cache kmalloc-64 of size 64 [ 25.609887] The buggy address is located 0 bytes to the right of [ 25.609887] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 25.610283] [ 25.610358] The buggy address belongs to the physical page: [ 25.610601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 25.610970] flags: 0x200000000000000(node=0|zone=2) [ 25.611220] page_type: f5(slab) [ 25.611383] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.611633] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.611852] page dumped because: kasan: bad access detected [ 25.612051] [ 25.612163] Memory state around the buggy address: [ 25.612411] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.612746] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.613067] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.613401] ^ [ 25.613608] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.613891] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.614227] ================================================================== [ 24.730996] ================================================================== [ 24.731586] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 24.731963] Write of size 4 at addr ffff8881039e9730 by task kunit_try_catch/294 [ 24.732420] [ 24.732552] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) [ 24.732604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.732619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.732642] Call Trace: [ 24.732665] <TASK> [ 24.732686] dump_stack_lvl+0x73/0xb0 [ 24.732713] print_report+0xd1/0x650 [ 24.732736] ? __virt_addr_valid+0x1db/0x2d0 [ 24.732760] ? kasan_atomics_helper+0xd47/0x5450 [ 24.732781] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.732807] ? kasan_atomics_helper+0xd47/0x5450 [ 24.732827] kasan_report+0x141/0x180 [ 24.732849] ? kasan_atomics_helper+0xd47/0x5450 [ 24.732874] kasan_check_range+0x10c/0x1c0 [ 24.732897] __kasan_check_write+0x18/0x20 [ 24.732919] kasan_atomics_helper+0xd47/0x5450 [ 24.732953] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.732974] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.732999] ? kasan_atomics+0x152/0x310 [ 24.733024] kasan_atomics+0x1dc/0x310 [ 24.733046] ? __pfx_kasan_atomics+0x10/0x10 [ 24.733067] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 24.733091] ? __pfx_read_tsc+0x10/0x10 [ 24.733113] ? ktime_get_ts64+0x86/0x230 [ 24.733139] kunit_try_run_case+0x1a5/0x480 [ 24.733166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.733189] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 24.733210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.733235] ? __kthread_parkme+0x82/0x180 [ 24.733255] ? preempt_count_sub+0x50/0x80 [ 24.733279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.733303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.733326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.733350] kthread+0x337/0x6f0 [ 24.733378] ? trace_preempt_on+0x20/0xc0 [ 24.733402] ? __pfx_kthread+0x10/0x10 [ 24.733422] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.733444] ? calculate_sigpending+0x7b/0xa0 [ 24.733468] ? __pfx_kthread+0x10/0x10 [ 24.733489] ret_from_fork+0x116/0x1d0 [ 24.733508] ? __pfx_kthread+0x10/0x10 [ 24.733529] ret_from_fork_asm+0x1a/0x30 [ 24.733559] </TASK> [ 24.733570] [ 24.740566] Allocated by task 294: [ 24.740762] kasan_save_stack+0x45/0x70 [ 24.740930] kasan_save_track+0x18/0x40 [ 24.741074] kasan_save_alloc_info+0x3b/0x50 [ 24.741468] __kasan_kmalloc+0xb7/0xc0 [ 24.741644] __kmalloc_cache_noprof+0x189/0x420 [ 24.741853] kasan_atomics+0x95/0x310 [ 24.741991] kunit_try_run_case+0x1a5/0x480 [ 24.742153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.742356] kthread+0x337/0x6f0 [ 24.742523] ret_from_fork+0x116/0x1d0 [ 24.742683] ret_from_fork_asm+0x1a/0x30 [ 24.742851] [ 24.742920] The buggy address belongs to the object at ffff8881039e9700 [ 24.742920] which belongs to the cache kmalloc-64 of size 64 [ 24.743517] The buggy address is located 0 bytes to the right of [ 24.743517] allocated 48-byte region [ffff8881039e9700, ffff8881039e9730) [ 24.743982] [ 24.744078] The buggy address belongs to the physical page: [ 24.744304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e9 [ 24.744617] flags: 0x200000000000000(node=0|zone=2) [ 24.744823] page_type: f5(slab) [ 24.744972] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.745279] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.745552] page dumped because: kasan: bad access detected [ 24.745758] [ 24.745840] Memory state around the buggy address: [ 24.746044] ffff8881039e9600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.746351] ffff8881039e9680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.746560] >ffff8881039e9700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.746763] ^ [ 24.746912] ffff8881039e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.747127] ffff8881039e9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.747387] ==================================================================