Date
July 2, 2025, 11:10 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 33.677306] ================================================================== [ 33.677358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 33.677853] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.677921] [ 33.677981] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.678072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.678220] Hardware name: linux,dummy-virt (DT) [ 33.678257] Call trace: [ 33.678282] show_stack+0x20/0x38 (C) [ 33.678333] dump_stack_lvl+0x8c/0xd0 [ 33.678718] print_report+0x118/0x608 [ 33.678970] kasan_report+0xdc/0x128 [ 33.679036] kasan_check_range+0x100/0x1a8 [ 33.679189] __kasan_check_write+0x20/0x30 [ 33.679252] kasan_atomics_helper+0xf20/0x4858 [ 33.679554] kasan_atomics+0x198/0x2e0 [ 33.680025] kunit_try_run_case+0x170/0x3f0 [ 33.680112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.680171] kthread+0x328/0x630 [ 33.680215] ret_from_fork+0x10/0x20 [ 33.680543] [ 33.680754] Allocated by task 298: [ 33.680910] kasan_save_stack+0x3c/0x68 [ 33.681017] kasan_save_track+0x20/0x40 [ 33.681165] kasan_save_alloc_info+0x40/0x58 [ 33.681458] __kasan_kmalloc+0xd4/0xd8 [ 33.681632] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.681856] kasan_atomics+0xb8/0x2e0 [ 33.681941] kunit_try_run_case+0x170/0x3f0 [ 33.681999] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.682283] kthread+0x328/0x630 [ 33.682354] ret_from_fork+0x10/0x20 [ 33.682407] [ 33.682442] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.682442] which belongs to the cache kmalloc-64 of size 64 [ 33.682506] The buggy address is located 0 bytes to the right of [ 33.682506] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.682582] [ 33.682613] The buggy address belongs to the physical page: [ 33.682655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.682713] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.682781] page_type: f5(slab) [ 33.682834] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.682897] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.682951] page dumped because: kasan: bad access detected [ 33.682996] [ 33.683026] Memory state around the buggy address: [ 33.683060] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.683105] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.683161] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.683217] ^ [ 33.683251] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.683305] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.683345] ================================================================== [ 33.860466] ================================================================== [ 33.860541] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 33.860594] Read of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.860800] [ 33.860869] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.861094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.861220] Hardware name: linux,dummy-virt (DT) [ 33.861258] Call trace: [ 33.861284] show_stack+0x20/0x38 (C) [ 33.861340] dump_stack_lvl+0x8c/0xd0 [ 33.861399] print_report+0x118/0x608 [ 33.861606] kasan_report+0xdc/0x128 [ 33.861785] __asan_report_load8_noabort+0x20/0x30 [ 33.861981] kasan_atomics_helper+0x3e20/0x4858 [ 33.862184] kasan_atomics+0x198/0x2e0 [ 33.862247] kunit_try_run_case+0x170/0x3f0 [ 33.862368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.862458] kthread+0x328/0x630 [ 33.862523] ret_from_fork+0x10/0x20 [ 33.862577] [ 33.862767] Allocated by task 298: [ 33.862812] kasan_save_stack+0x3c/0x68 [ 33.863070] kasan_save_track+0x20/0x40 [ 33.863309] kasan_save_alloc_info+0x40/0x58 [ 33.863484] __kasan_kmalloc+0xd4/0xd8 [ 33.863538] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.863653] kasan_atomics+0xb8/0x2e0 [ 33.864035] kunit_try_run_case+0x170/0x3f0 [ 33.864116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.864303] kthread+0x328/0x630 [ 33.864414] ret_from_fork+0x10/0x20 [ 33.864555] [ 33.864579] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.864579] which belongs to the cache kmalloc-64 of size 64 [ 33.864642] The buggy address is located 0 bytes to the right of [ 33.864642] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.864711] [ 33.864956] The buggy address belongs to the physical page: [ 33.865278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.865406] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.865613] page_type: f5(slab) [ 33.865672] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.865727] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.866275] page dumped because: kasan: bad access detected [ 33.866362] [ 33.866535] Memory state around the buggy address: [ 33.866609] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.866714] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.866779] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.866836] ^ [ 33.867088] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.867168] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.867430] ================================================================== [ 33.795000] ================================================================== [ 33.795064] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 33.795255] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.795321] [ 33.795483] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.795614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.795733] Hardware name: linux,dummy-virt (DT) [ 33.795778] Call trace: [ 33.795820] show_stack+0x20/0x38 (C) [ 33.795895] dump_stack_lvl+0x8c/0xd0 [ 33.796136] print_report+0x118/0x608 [ 33.796356] kasan_report+0xdc/0x128 [ 33.796446] kasan_check_range+0x100/0x1a8 [ 33.796725] __kasan_check_write+0x20/0x30 [ 33.796851] kasan_atomics_helper+0x154c/0x4858 [ 33.797263] kasan_atomics+0x198/0x2e0 [ 33.797449] kunit_try_run_case+0x170/0x3f0 [ 33.797549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.797789] kthread+0x328/0x630 [ 33.798204] ret_from_fork+0x10/0x20 [ 33.798419] [ 33.798449] Allocated by task 298: [ 33.798490] kasan_save_stack+0x3c/0x68 [ 33.798694] kasan_save_track+0x20/0x40 [ 33.798818] kasan_save_alloc_info+0x40/0x58 [ 33.798979] __kasan_kmalloc+0xd4/0xd8 [ 33.799209] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.799312] kasan_atomics+0xb8/0x2e0 [ 33.799400] kunit_try_run_case+0x170/0x3f0 [ 33.799802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.800018] kthread+0x328/0x630 [ 33.800212] ret_from_fork+0x10/0x20 [ 33.800261] [ 33.800285] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.800285] which belongs to the cache kmalloc-64 of size 64 [ 33.800346] The buggy address is located 0 bytes to the right of [ 33.800346] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.800414] [ 33.800867] The buggy address belongs to the physical page: [ 33.801124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.801228] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.801351] page_type: f5(slab) [ 33.801404] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.801472] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.801525] page dumped because: kasan: bad access detected [ 33.801561] [ 33.801591] Memory state around the buggy address: [ 33.801626] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.801674] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.801720] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.801767] ^ [ 33.801806] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.801862] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.801909] ================================================================== [ 33.635019] ================================================================== [ 33.635088] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 33.635261] Read of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.635380] [ 33.635419] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.635658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.635862] Hardware name: linux,dummy-virt (DT) [ 33.635953] Call trace: [ 33.636098] show_stack+0x20/0x38 (C) [ 33.636158] dump_stack_lvl+0x8c/0xd0 [ 33.636319] print_report+0x118/0x608 [ 33.636428] kasan_report+0xdc/0x128 [ 33.636672] kasan_check_range+0x100/0x1a8 [ 33.636969] __kasan_check_read+0x20/0x30 [ 33.637321] kasan_atomics_helper+0xdd4/0x4858 [ 33.637644] kasan_atomics+0x198/0x2e0 [ 33.637821] kunit_try_run_case+0x170/0x3f0 [ 33.637920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.638139] kthread+0x328/0x630 [ 33.638520] ret_from_fork+0x10/0x20 [ 33.638688] [ 33.638856] Allocated by task 298: [ 33.638889] kasan_save_stack+0x3c/0x68 [ 33.639127] kasan_save_track+0x20/0x40 [ 33.639195] kasan_save_alloc_info+0x40/0x58 [ 33.639301] __kasan_kmalloc+0xd4/0xd8 [ 33.639345] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.639475] kasan_atomics+0xb8/0x2e0 [ 33.639534] kunit_try_run_case+0x170/0x3f0 [ 33.639719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.639892] kthread+0x328/0x630 [ 33.640097] ret_from_fork+0x10/0x20 [ 33.640359] [ 33.640491] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.640491] which belongs to the cache kmalloc-64 of size 64 [ 33.640556] The buggy address is located 0 bytes to the right of [ 33.640556] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.640624] [ 33.640647] The buggy address belongs to the physical page: [ 33.640885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.640972] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.641377] page_type: f5(slab) [ 33.641466] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.641554] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.641688] page dumped because: kasan: bad access detected [ 33.641782] [ 33.641827] Memory state around the buggy address: [ 33.641863] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.642230] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.642322] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.642531] ^ [ 33.642665] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.642917] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.643030] ================================================================== [ 33.709084] ================================================================== [ 33.709140] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 33.709195] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.709709] [ 33.709811] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.709969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.710042] Hardware name: linux,dummy-virt (DT) [ 33.710089] Call trace: [ 33.710114] show_stack+0x20/0x38 (C) [ 33.710309] dump_stack_lvl+0x8c/0xd0 [ 33.710486] print_report+0x118/0x608 [ 33.710681] kasan_report+0xdc/0x128 [ 33.710776] kasan_check_range+0x100/0x1a8 [ 33.710952] __kasan_check_write+0x20/0x30 [ 33.711015] kasan_atomics_helper+0x10c0/0x4858 [ 33.711071] kasan_atomics+0x198/0x2e0 [ 33.711176] kunit_try_run_case+0x170/0x3f0 [ 33.711234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.711311] kthread+0x328/0x630 [ 33.711502] ret_from_fork+0x10/0x20 [ 33.711709] [ 33.711942] Allocated by task 298: [ 33.711993] kasan_save_stack+0x3c/0x68 [ 33.712160] kasan_save_track+0x20/0x40 [ 33.712345] kasan_save_alloc_info+0x40/0x58 [ 33.712451] __kasan_kmalloc+0xd4/0xd8 [ 33.712646] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.712718] kasan_atomics+0xb8/0x2e0 [ 33.712912] kunit_try_run_case+0x170/0x3f0 [ 33.713018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.713169] kthread+0x328/0x630 [ 33.713234] ret_from_fork+0x10/0x20 [ 33.713587] [ 33.713682] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.713682] which belongs to the cache kmalloc-64 of size 64 [ 33.713750] The buggy address is located 0 bytes to the right of [ 33.713750] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.713837] [ 33.713878] The buggy address belongs to the physical page: [ 33.713914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.713985] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.714035] page_type: f5(slab) [ 33.714084] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.714137] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.714182] page dumped because: kasan: bad access detected [ 33.714215] [ 33.714238] Memory state around the buggy address: [ 33.714278] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.714324] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.714376] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.714417] ^ [ 33.714461] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.714507] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.714556] ================================================================== [ 33.509146] ================================================================== [ 33.509204] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 33.509642] Read of size 4 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.509726] [ 33.509763] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.509897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.509950] Hardware name: linux,dummy-virt (DT) [ 33.509987] Call trace: [ 33.510117] show_stack+0x20/0x38 (C) [ 33.510329] dump_stack_lvl+0x8c/0xd0 [ 33.510511] print_report+0x118/0x608 [ 33.510575] kasan_report+0xdc/0x128 [ 33.510761] __asan_report_load4_noabort+0x20/0x30 [ 33.511052] kasan_atomics_helper+0x42d8/0x4858 [ 33.511326] kasan_atomics+0x198/0x2e0 [ 33.511491] kunit_try_run_case+0x170/0x3f0 [ 33.511801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.511989] kthread+0x328/0x630 [ 33.512136] ret_from_fork+0x10/0x20 [ 33.512259] [ 33.512283] Allocated by task 298: [ 33.512457] kasan_save_stack+0x3c/0x68 [ 33.512638] kasan_save_track+0x20/0x40 [ 33.512717] kasan_save_alloc_info+0x40/0x58 [ 33.512848] __kasan_kmalloc+0xd4/0xd8 [ 33.512893] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.513087] kasan_atomics+0xb8/0x2e0 [ 33.513232] kunit_try_run_case+0x170/0x3f0 [ 33.513430] kthread+0x328/0x630 [ 33.514402] The buggy address belongs to the physical page: [ 33.514586] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.516321] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.518250] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x934/0x4858 [ 33.519794] __kasan_check_write+0x20/0x30 [ 33.521090] kasan_save_track+0x20/0x40 [ 33.521170] __kasan_kmalloc+0xd4/0xd8 [ 33.521210] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.521264] kasan_atomics+0xb8/0x2e0 [ 33.521313] kunit_try_run_case+0x170/0x3f0 [ 33.521356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.521404] kthread+0x328/0x630 [ 33.521458] ret_from_fork+0x10/0x20 [ 33.521501] [ 33.521538] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.521538] which belongs to the cache kmalloc-64 of size 64 [ 33.521600] The buggy address is located 0 bytes to the right of [ 33.521600] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.521689] [ 33.521713] The buggy address belongs to the physical page: [ 33.521755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.521813] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.521875] page_type: f5(slab) [ 33.521942] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.522006] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.522050] page dumped because: kasan: bad access detected [ 33.522086] [ 33.522113] Memory state around the buggy address: [ 33.522158] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.522204] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.522249] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.522291] ^ [ 33.522336] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.522390] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.522441] ================================================================== [ 33.826200] ================================================================== [ 33.826250] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 33.826569] Read of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.826885] [ 33.826953] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.827052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.827271] Hardware name: linux,dummy-virt (DT) [ 33.827340] Call trace: [ 33.827368] show_stack+0x20/0x38 (C) [ 33.827425] dump_stack_lvl+0x8c/0xd0 [ 33.827477] print_report+0x118/0x608 [ 33.827526] kasan_report+0xdc/0x128 [ 33.827896] __asan_report_load8_noabort+0x20/0x30 [ 33.828179] kasan_atomics_helper+0x3df4/0x4858 [ 33.828411] kasan_atomics+0x198/0x2e0 [ 33.828523] kunit_try_run_case+0x170/0x3f0 [ 33.828600] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.828916] kthread+0x328/0x630 [ 33.829129] ret_from_fork+0x10/0x20 [ 33.829392] [ 33.829533] Allocated by task 298: [ 33.829746] kasan_save_stack+0x3c/0x68 [ 33.830202] kasan_save_track+0x20/0x40 [ 33.830649] kasan_save_alloc_info+0x40/0x58 [ 33.830946] __kasan_kmalloc+0xd4/0xd8 [ 33.831147] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.831367] kasan_atomics+0xb8/0x2e0 [ 33.831625] kunit_try_run_case+0x170/0x3f0 [ 33.831806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.832012] kthread+0x328/0x630 [ 33.832155] ret_from_fork+0x10/0x20 [ 33.832305] [ 33.832438] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.832438] which belongs to the cache kmalloc-64 of size 64 [ 33.832551] The buggy address is located 0 bytes to the right of [ 33.832551] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.832908] [ 33.832949] The buggy address belongs to the physical page: [ 33.832984] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.833443] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.833663] page_type: f5(slab) [ 33.833710] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.833822] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.833898] page dumped because: kasan: bad access detected [ 33.833954] [ 33.833985] Memory state around the buggy address: [ 33.834019] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.834066] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.834121] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.834178] ^ [ 33.834229] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.834280] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.834343] ================================================================== [ 33.650481] ================================================================== [ 33.650536] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 33.650708] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.650789] [ 33.650865] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.651396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.651658] Hardware name: linux,dummy-virt (DT) [ 33.651696] Call trace: [ 33.651722] show_stack+0x20/0x38 (C) [ 33.651777] dump_stack_lvl+0x8c/0xd0 [ 33.652057] print_report+0x118/0x608 [ 33.652403] kasan_report+0xdc/0x128 [ 33.652493] kasan_check_range+0x100/0x1a8 [ 33.652825] __kasan_check_write+0x20/0x30 [ 33.652943] kasan_atomics_helper+0xe44/0x4858 [ 33.652996] kasan_atomics+0x198/0x2e0 [ 33.653290] kunit_try_run_case+0x170/0x3f0 [ 33.653721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.654031] kthread+0x328/0x630 [ 33.654268] ret_from_fork+0x10/0x20 [ 33.654354] [ 33.654697] Allocated by task 298: [ 33.654786] kasan_save_stack+0x3c/0x68 [ 33.655046] kasan_save_track+0x20/0x40 [ 33.655698] kasan_save_alloc_info+0x40/0x58 [ 33.656025] __kasan_kmalloc+0xd4/0xd8 [ 33.656163] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.656283] kasan_atomics+0xb8/0x2e0 [ 33.656327] kunit_try_run_case+0x170/0x3f0 [ 33.656379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.656434] kthread+0x328/0x630 [ 33.656657] ret_from_fork+0x10/0x20 [ 33.656860] [ 33.656997] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.656997] which belongs to the cache kmalloc-64 of size 64 [ 33.657184] The buggy address is located 0 bytes to the right of [ 33.657184] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.657261] [ 33.657503] The buggy address belongs to the physical page: [ 33.657725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.658333] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.658593] page_type: f5(slab) [ 33.658650] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.658832] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.659030] page dumped because: kasan: bad access detected [ 33.659077] [ 33.659125] Memory state around the buggy address: [ 33.659512] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.659620] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.659852] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.660053] ^ [ 33.660401] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.660485] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.660744] ================================================================== [ 33.732071] ================================================================== [ 33.732230] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 33.732287] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.732340] [ 33.732574] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.732783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.732828] Hardware name: linux,dummy-virt (DT) [ 33.732870] Call trace: [ 33.732897] show_stack+0x20/0x38 (C) [ 33.733139] dump_stack_lvl+0x8c/0xd0 [ 33.733330] print_report+0x118/0x608 [ 33.733515] kasan_report+0xdc/0x128 [ 33.733610] kasan_check_range+0x100/0x1a8 [ 33.733662] __kasan_check_write+0x20/0x30 [ 33.733710] kasan_atomics_helper+0x11f8/0x4858 [ 33.733941] kasan_atomics+0x198/0x2e0 [ 33.733996] kunit_try_run_case+0x170/0x3f0 [ 33.734326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.734569] kthread+0x328/0x630 [ 33.734625] ret_from_fork+0x10/0x20 [ 33.734686] [ 33.734877] Allocated by task 298: [ 33.734955] kasan_save_stack+0x3c/0x68 [ 33.735116] kasan_save_track+0x20/0x40 [ 33.735344] kasan_save_alloc_info+0x40/0x58 [ 33.735460] __kasan_kmalloc+0xd4/0xd8 [ 33.735519] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.735563] kasan_atomics+0xb8/0x2e0 [ 33.735889] kunit_try_run_case+0x170/0x3f0 [ 33.735987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.736323] kthread+0x328/0x630 [ 33.736470] ret_from_fork+0x10/0x20 [ 33.736515] [ 33.736540] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.736540] which belongs to the cache kmalloc-64 of size 64 [ 33.736602] The buggy address is located 0 bytes to the right of [ 33.736602] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.737054] [ 33.737212] The buggy address belongs to the physical page: [ 33.737384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.737570] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.737841] page_type: f5(slab) [ 33.738020] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.738381] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.738558] page dumped because: kasan: bad access detected [ 33.738630] [ 33.738680] Memory state around the buggy address: [ 33.739000] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.739209] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.739302] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.739383] ^ [ 33.739443] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.739697] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.739955] ================================================================== [ 33.834617] ================================================================== [ 33.835076] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 33.835483] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.835575] [ 33.835626] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.835875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.835915] Hardware name: linux,dummy-virt (DT) [ 33.836020] Call trace: [ 33.836105] show_stack+0x20/0x38 (C) [ 33.836332] dump_stack_lvl+0x8c/0xd0 [ 33.836526] print_report+0x118/0x608 [ 33.836717] kasan_report+0xdc/0x128 [ 33.836792] kasan_check_range+0x100/0x1a8 [ 33.836980] __kasan_check_write+0x20/0x30 [ 33.837154] kasan_atomics_helper+0x16d0/0x4858 [ 33.837233] kasan_atomics+0x198/0x2e0 [ 33.837481] kunit_try_run_case+0x170/0x3f0 [ 33.837560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.837674] kthread+0x328/0x630 [ 33.838013] ret_from_fork+0x10/0x20 [ 33.838442] [ 33.838689] Allocated by task 298: [ 33.838795] kasan_save_stack+0x3c/0x68 [ 33.839029] kasan_save_track+0x20/0x40 [ 33.839223] kasan_save_alloc_info+0x40/0x58 [ 33.839312] __kasan_kmalloc+0xd4/0xd8 [ 33.839651] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.839810] kasan_atomics+0xb8/0x2e0 [ 33.840032] kunit_try_run_case+0x170/0x3f0 [ 33.840090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.840138] kthread+0x328/0x630 [ 33.840307] ret_from_fork+0x10/0x20 [ 33.840473] [ 33.840543] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.840543] which belongs to the cache kmalloc-64 of size 64 [ 33.840623] The buggy address is located 0 bytes to the right of [ 33.840623] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.840887] [ 33.841035] The buggy address belongs to the physical page: [ 33.841083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.841312] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.841528] page_type: f5(slab) [ 33.841778] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.841856] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.841999] page dumped because: kasan: bad access detected [ 33.842115] [ 33.842138] Memory state around the buggy address: [ 33.842332] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.842591] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.842794] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.843010] ^ [ 33.843150] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.843255] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.843436] ================================================================== [ 33.616113] ================================================================== [ 33.616941] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 33.617006] Write of size 4 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.617087] [ 33.617125] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.617216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.617621] Hardware name: linux,dummy-virt (DT) [ 33.617706] Call trace: [ 33.617733] show_stack+0x20/0x38 (C) [ 33.617787] dump_stack_lvl+0x8c/0xd0 [ 33.618099] print_report+0x118/0x608 [ 33.618162] kasan_report+0xdc/0x128 [ 33.618217] kasan_check_range+0x100/0x1a8 [ 33.618579] __kasan_check_write+0x20/0x30 [ 33.618652] kasan_atomics_helper+0xd3c/0x4858 [ 33.618991] kasan_atomics+0x198/0x2e0 [ 33.619092] kunit_try_run_case+0x170/0x3f0 [ 33.619306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.619659] kthread+0x328/0x630 [ 33.619878] ret_from_fork+0x10/0x20 [ 33.620158] [ 33.620228] Allocated by task 298: [ 33.620500] kasan_save_stack+0x3c/0x68 [ 33.620650] kasan_save_track+0x20/0x40 [ 33.620736] kasan_save_alloc_info+0x40/0x58 [ 33.620779] __kasan_kmalloc+0xd4/0xd8 [ 33.620994] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.621173] kasan_atomics+0xb8/0x2e0 [ 33.621243] kunit_try_run_case+0x170/0x3f0 [ 33.621417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.621512] kthread+0x328/0x630 [ 33.621685] ret_from_fork+0x10/0x20 [ 33.621762] [ 33.621980] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.621980] which belongs to the cache kmalloc-64 of size 64 [ 33.622211] The buggy address is located 0 bytes to the right of [ 33.622211] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.622490] [ 33.622605] The buggy address belongs to the physical page: [ 33.622771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.622866] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.623166] page_type: f5(slab) [ 33.623269] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.623576] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.623743] page dumped because: kasan: bad access detected [ 33.623889] [ 33.624036] Memory state around the buggy address: [ 33.624260] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.624398] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.624447] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.624726] ^ [ 33.624938] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.625023] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.625095] ================================================================== [ 33.715358] ================================================================== [ 33.715923] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 33.716116] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.716203] [ 33.716257] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.716402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.716433] Hardware name: linux,dummy-virt (DT) [ 33.716465] Call trace: [ 33.716706] show_stack+0x20/0x38 (C) [ 33.716866] dump_stack_lvl+0x8c/0xd0 [ 33.717333] print_report+0x118/0x608 [ 33.717415] kasan_report+0xdc/0x128 [ 33.717565] kasan_check_range+0x100/0x1a8 [ 33.717633] __kasan_check_write+0x20/0x30 [ 33.717777] kasan_atomics_helper+0x1128/0x4858 [ 33.717867] kasan_atomics+0x198/0x2e0 [ 33.718103] kunit_try_run_case+0x170/0x3f0 [ 33.718318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.718576] kthread+0x328/0x630 [ 33.718759] ret_from_fork+0x10/0x20 [ 33.718817] [ 33.719131] Allocated by task 298: [ 33.719185] kasan_save_stack+0x3c/0x68 [ 33.719484] kasan_save_track+0x20/0x40 [ 33.719762] kasan_save_alloc_info+0x40/0x58 [ 33.719819] __kasan_kmalloc+0xd4/0xd8 [ 33.719861] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.719914] kasan_atomics+0xb8/0x2e0 [ 33.720153] kunit_try_run_case+0x170/0x3f0 [ 33.720243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.720313] kthread+0x328/0x630 [ 33.720574] ret_from_fork+0x10/0x20 [ 33.720715] [ 33.720770] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.720770] which belongs to the cache kmalloc-64 of size 64 [ 33.720836] The buggy address is located 0 bytes to the right of [ 33.720836] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.721306] [ 33.721541] The buggy address belongs to the physical page: [ 33.721831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.722190] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.722277] page_type: f5(slab) [ 33.722329] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.722559] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.722728] page dumped because: kasan: bad access detected [ 33.723044] [ 33.723102] Memory state around the buggy address: [ 33.723431] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.723491] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.723609] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.724011] ^ [ 33.724192] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.724332] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.724404] ================================================================== [ 33.661143] ================================================================== [ 33.661201] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 33.661254] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.661618] [ 33.661899] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.662155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.662209] Hardware name: linux,dummy-virt (DT) [ 33.662246] Call trace: [ 33.662272] show_stack+0x20/0x38 (C) [ 33.662328] dump_stack_lvl+0x8c/0xd0 [ 33.662497] print_report+0x118/0x608 [ 33.662555] kasan_report+0xdc/0x128 [ 33.662624] __asan_report_store8_noabort+0x20/0x30 [ 33.662992] kasan_atomics_helper+0x3e5c/0x4858 [ 33.663076] kasan_atomics+0x198/0x2e0 [ 33.663322] kunit_try_run_case+0x170/0x3f0 [ 33.663567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.663696] kthread+0x328/0x630 [ 33.663890] ret_from_fork+0x10/0x20 [ 33.664118] [ 33.664161] Allocated by task 298: [ 33.664214] kasan_save_stack+0x3c/0x68 [ 33.664427] kasan_save_track+0x20/0x40 [ 33.664482] kasan_save_alloc_info+0x40/0x58 [ 33.664766] __kasan_kmalloc+0xd4/0xd8 [ 33.664864] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.665089] kasan_atomics+0xb8/0x2e0 [ 33.665280] kunit_try_run_case+0x170/0x3f0 [ 33.665516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.665579] kthread+0x328/0x630 [ 33.665615] ret_from_fork+0x10/0x20 [ 33.665790] [ 33.665904] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.665904] which belongs to the cache kmalloc-64 of size 64 [ 33.665992] The buggy address is located 0 bytes to the right of [ 33.665992] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.666059] [ 33.666092] The buggy address belongs to the physical page: [ 33.666132] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.666201] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.666253] page_type: f5(slab) [ 33.666294] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.666354] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.666413] page dumped because: kasan: bad access detected [ 33.666448] [ 33.666469] Memory state around the buggy address: [ 33.666512] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.666558] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.666613] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.666654] ^ [ 33.666692] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.666751] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.666794] ================================================================== [ 33.684630] ================================================================== [ 33.684685] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 33.684735] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.684788] [ 33.684820] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.684909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.684951] Hardware name: linux,dummy-virt (DT) [ 33.685228] Call trace: [ 33.685290] show_stack+0x20/0x38 (C) [ 33.685354] dump_stack_lvl+0x8c/0xd0 [ 33.685764] print_report+0x118/0x608 [ 33.685839] kasan_report+0xdc/0x128 [ 33.685952] kasan_check_range+0x100/0x1a8 [ 33.686024] __kasan_check_write+0x20/0x30 [ 33.686077] kasan_atomics_helper+0xf88/0x4858 [ 33.686320] kasan_atomics+0x198/0x2e0 [ 33.686373] kunit_try_run_case+0x170/0x3f0 [ 33.686520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.686770] kthread+0x328/0x630 [ 33.687218] ret_from_fork+0x10/0x20 [ 33.687285] [ 33.687336] Allocated by task 298: [ 33.687535] kasan_save_stack+0x3c/0x68 [ 33.687874] kasan_save_track+0x20/0x40 [ 33.688068] kasan_save_alloc_info+0x40/0x58 [ 33.688143] __kasan_kmalloc+0xd4/0xd8 [ 33.688185] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.688239] kasan_atomics+0xb8/0x2e0 [ 33.688280] kunit_try_run_case+0x170/0x3f0 [ 33.688473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.688672] kthread+0x328/0x630 [ 33.689004] ret_from_fork+0x10/0x20 [ 33.689105] [ 33.689149] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.689149] which belongs to the cache kmalloc-64 of size 64 [ 33.689256] The buggy address is located 0 bytes to the right of [ 33.689256] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.689537] [ 33.689851] The buggy address belongs to the physical page: [ 33.690023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.690234] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.690367] page_type: f5(slab) [ 33.690475] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.690749] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.690911] page dumped because: kasan: bad access detected [ 33.691038] [ 33.691205] Memory state around the buggy address: [ 33.691330] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.691422] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.691627] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.691725] ^ [ 33.691861] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.691966] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.692016] ================================================================== [ 33.764053] ================================================================== [ 33.764311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 33.764396] Read of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.764467] [ 33.764502] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.764592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.764621] Hardware name: linux,dummy-virt (DT) [ 33.764655] Call trace: [ 33.764680] show_stack+0x20/0x38 (C) [ 33.764734] dump_stack_lvl+0x8c/0xd0 [ 33.764784] print_report+0x118/0x608 [ 33.765148] kasan_report+0xdc/0x128 [ 33.765520] __asan_report_load8_noabort+0x20/0x30 [ 33.765573] kasan_atomics_helper+0x3f04/0x4858 [ 33.765627] kasan_atomics+0x198/0x2e0 [ 33.765675] kunit_try_run_case+0x170/0x3f0 [ 33.765727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.765785] kthread+0x328/0x630 [ 33.765832] ret_from_fork+0x10/0x20 [ 33.765885] [ 33.766017] Allocated by task 298: [ 33.766053] kasan_save_stack+0x3c/0x68 [ 33.766097] kasan_save_track+0x20/0x40 [ 33.766138] kasan_save_alloc_info+0x40/0x58 [ 33.766179] __kasan_kmalloc+0xd4/0xd8 [ 33.766220] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.766263] kasan_atomics+0xb8/0x2e0 [ 33.766302] kunit_try_run_case+0x170/0x3f0 [ 33.766344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.766390] kthread+0x328/0x630 [ 33.766427] ret_from_fork+0x10/0x20 [ 33.766465] [ 33.766486] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.766486] which belongs to the cache kmalloc-64 of size 64 [ 33.766546] The buggy address is located 0 bytes to the right of [ 33.766546] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.766613] [ 33.766635] The buggy address belongs to the physical page: [ 33.766669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.766728] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.766778] page_type: f5(slab) [ 33.766818] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.766883] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.767276] page dumped because: kasan: bad access detected [ 33.767658] [ 33.767717] Memory state around the buggy address: [ 33.767979] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.768062] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.768314] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.768440] ^ [ 33.768542] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.768591] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.768632] ================================================================== [ 33.625898] ================================================================== [ 33.625962] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 33.626015] Read of size 4 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.626673] [ 33.626727] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.627178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.627227] Hardware name: linux,dummy-virt (DT) [ 33.627281] Call trace: [ 33.627307] show_stack+0x20/0x38 (C) [ 33.627363] dump_stack_lvl+0x8c/0xd0 [ 33.627416] print_report+0x118/0x608 [ 33.627794] kasan_report+0xdc/0x128 [ 33.628026] __asan_report_load4_noabort+0x20/0x30 [ 33.628090] kasan_atomics_helper+0x3e04/0x4858 [ 33.628143] kasan_atomics+0x198/0x2e0 [ 33.628199] kunit_try_run_case+0x170/0x3f0 [ 33.628468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.628874] kthread+0x328/0x630 [ 33.629229] ret_from_fork+0x10/0x20 [ 33.629466] [ 33.629537] Allocated by task 298: [ 33.629739] kasan_save_stack+0x3c/0x68 [ 33.629912] kasan_save_track+0x20/0x40 [ 33.629977] kasan_save_alloc_info+0x40/0x58 [ 33.630179] __kasan_kmalloc+0xd4/0xd8 [ 33.630491] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.630581] kasan_atomics+0xb8/0x2e0 [ 33.630772] kunit_try_run_case+0x170/0x3f0 [ 33.630842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.630892] kthread+0x328/0x630 [ 33.631223] ret_from_fork+0x10/0x20 [ 33.631475] [ 33.631716] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.631716] which belongs to the cache kmalloc-64 of size 64 [ 33.631847] The buggy address is located 0 bytes to the right of [ 33.631847] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.631960] [ 33.632008] The buggy address belongs to the physical page: [ 33.632156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.632251] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.632624] page_type: f5(slab) [ 33.632717] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.632771] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.632914] page dumped because: kasan: bad access detected [ 33.633220] [ 33.633284] Memory state around the buggy address: [ 33.633493] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.633604] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.633676] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.633899] ^ [ 33.633976] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.634087] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.634168] ================================================================== [ 33.643806] ================================================================== [ 33.644167] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 33.644238] Read of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.644354] [ 33.644388] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.644477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.644507] Hardware name: linux,dummy-virt (DT) [ 33.644638] Call trace: [ 33.644709] show_stack+0x20/0x38 (C) [ 33.644912] dump_stack_lvl+0x8c/0xd0 [ 33.645154] print_report+0x118/0x608 [ 33.645209] kasan_report+0xdc/0x128 [ 33.645422] __asan_report_load8_noabort+0x20/0x30 [ 33.645583] kasan_atomics_helper+0x3f58/0x4858 [ 33.645776] kasan_atomics+0x198/0x2e0 [ 33.645838] kunit_try_run_case+0x170/0x3f0 [ 33.645893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.646193] kthread+0x328/0x630 [ 33.646475] ret_from_fork+0x10/0x20 [ 33.646548] [ 33.646730] Allocated by task 298: [ 33.646774] kasan_save_stack+0x3c/0x68 [ 33.646961] kasan_save_track+0x20/0x40 [ 33.647145] kasan_save_alloc_info+0x40/0x58 [ 33.647199] __kasan_kmalloc+0xd4/0xd8 [ 33.647374] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.647430] kasan_atomics+0xb8/0x2e0 [ 33.647604] kunit_try_run_case+0x170/0x3f0 [ 33.647934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.648112] kthread+0x328/0x630 [ 33.648150] ret_from_fork+0x10/0x20 [ 33.648190] [ 33.648369] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.648369] which belongs to the cache kmalloc-64 of size 64 [ 33.648464] The buggy address is located 0 bytes to the right of [ 33.648464] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.648691] [ 33.648739] The buggy address belongs to the physical page: [ 33.648773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.648841] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.648901] page_type: f5(slab) [ 33.648955] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.649008] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.649051] page dumped because: kasan: bad access detected [ 33.649085] [ 33.649107] Memory state around the buggy address: [ 33.649141] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.649187] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.649248] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.649291] ^ [ 33.649328] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.649391] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.649441] ================================================================== [ 33.812156] ================================================================== [ 33.812206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 33.812258] Read of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.812310] [ 33.812621] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.812886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.812945] Hardware name: linux,dummy-virt (DT) [ 33.813125] Call trace: [ 33.813161] show_stack+0x20/0x38 (C) [ 33.813217] dump_stack_lvl+0x8c/0xd0 [ 33.813383] print_report+0x118/0x608 [ 33.813450] kasan_report+0xdc/0x128 [ 33.813686] __asan_report_load8_noabort+0x20/0x30 [ 33.813763] kasan_atomics_helper+0x3db0/0x4858 [ 33.814022] kasan_atomics+0x198/0x2e0 [ 33.814077] kunit_try_run_case+0x170/0x3f0 [ 33.814246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.814318] kthread+0x328/0x630 [ 33.814365] ret_from_fork+0x10/0x20 [ 33.814725] [ 33.814768] Allocated by task 298: [ 33.814949] kasan_save_stack+0x3c/0x68 [ 33.815108] kasan_save_track+0x20/0x40 [ 33.815155] kasan_save_alloc_info+0x40/0x58 [ 33.815349] __kasan_kmalloc+0xd4/0xd8 [ 33.815405] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.815525] kasan_atomics+0xb8/0x2e0 [ 33.815713] kunit_try_run_case+0x170/0x3f0 [ 33.815972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.816191] kthread+0x328/0x630 [ 33.816239] ret_from_fork+0x10/0x20 [ 33.816291] [ 33.816314] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.816314] which belongs to the cache kmalloc-64 of size 64 [ 33.816419] The buggy address is located 0 bytes to the right of [ 33.816419] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.816488] [ 33.816510] The buggy address belongs to the physical page: [ 33.816564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.816643] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.816693] page_type: f5(slab) [ 33.816757] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.816810] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.816854] page dumped because: kasan: bad access detected [ 33.816898] [ 33.816940] Memory state around the buggy address: [ 33.816972] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.817019] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.817063] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.817127] ^ [ 33.817171] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.817232] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.817274] ================================================================== [ 33.802959] ================================================================== [ 33.803129] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 33.803370] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.803464] [ 33.803500] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.803815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.804025] Hardware name: linux,dummy-virt (DT) [ 33.804182] Call trace: [ 33.804278] show_stack+0x20/0x38 (C) [ 33.804363] dump_stack_lvl+0x8c/0xd0 [ 33.804585] print_report+0x118/0x608 [ 33.804790] kasan_report+0xdc/0x128 [ 33.804870] kasan_check_range+0x100/0x1a8 [ 33.805205] __kasan_check_write+0x20/0x30 [ 33.805433] kasan_atomics_helper+0x15b4/0x4858 [ 33.805663] kasan_atomics+0x198/0x2e0 [ 33.806027] kunit_try_run_case+0x170/0x3f0 [ 33.806783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.806891] kthread+0x328/0x630 [ 33.806998] ret_from_fork+0x10/0x20 [ 33.807066] [ 33.807090] Allocated by task 298: [ 33.807140] kasan_save_stack+0x3c/0x68 [ 33.807436] kasan_save_track+0x20/0x40 [ 33.807502] kasan_save_alloc_info+0x40/0x58 [ 33.807610] __kasan_kmalloc+0xd4/0xd8 [ 33.807980] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.808046] kasan_atomics+0xb8/0x2e0 [ 33.808087] kunit_try_run_case+0x170/0x3f0 [ 33.808131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.808181] kthread+0x328/0x630 [ 33.808550] ret_from_fork+0x10/0x20 [ 33.808763] [ 33.808848] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.808848] which belongs to the cache kmalloc-64 of size 64 [ 33.809032] The buggy address is located 0 bytes to the right of [ 33.809032] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.809333] [ 33.809407] The buggy address belongs to the physical page: [ 33.809573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.810052] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.810129] page_type: f5(slab) [ 33.810302] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.810518] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.810747] page dumped because: kasan: bad access detected [ 33.810803] [ 33.810906] Memory state around the buggy address: [ 33.810976] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.811066] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.811157] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.811216] ^ [ 33.811421] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.811638] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.811757] ================================================================== [ 33.851302] ================================================================== [ 33.851351] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 33.851400] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.851452] [ 33.851484] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.852324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.852379] Hardware name: linux,dummy-virt (DT) [ 33.852445] Call trace: [ 33.852564] show_stack+0x20/0x38 (C) [ 33.852766] dump_stack_lvl+0x8c/0xd0 [ 33.852830] print_report+0x118/0x608 [ 33.852954] kasan_report+0xdc/0x128 [ 33.853026] kasan_check_range+0x100/0x1a8 [ 33.853098] __kasan_check_write+0x20/0x30 [ 33.853207] kasan_atomics_helper+0x175c/0x4858 [ 33.853603] kasan_atomics+0x198/0x2e0 [ 33.853738] kunit_try_run_case+0x170/0x3f0 [ 33.853851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.854006] kthread+0x328/0x630 [ 33.854077] ret_from_fork+0x10/0x20 [ 33.854483] [ 33.854784] Allocated by task 298: [ 33.854884] kasan_save_stack+0x3c/0x68 [ 33.855019] kasan_save_track+0x20/0x40 [ 33.855065] kasan_save_alloc_info+0x40/0x58 [ 33.855107] __kasan_kmalloc+0xd4/0xd8 [ 33.855508] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.855681] kasan_atomics+0xb8/0x2e0 [ 33.855855] kunit_try_run_case+0x170/0x3f0 [ 33.856035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.856114] kthread+0x328/0x630 [ 33.856157] ret_from_fork+0x10/0x20 [ 33.856376] [ 33.856422] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.856422] which belongs to the cache kmalloc-64 of size 64 [ 33.856767] The buggy address is located 0 bytes to the right of [ 33.856767] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.857223] [ 33.857459] The buggy address belongs to the physical page: [ 33.857538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.857788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.857988] page_type: f5(slab) [ 33.858364] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.858445] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.858765] page dumped because: kasan: bad access detected [ 33.858886] [ 33.859014] Memory state around the buggy address: [ 33.859120] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.859196] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.859274] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.859589] ^ [ 33.859802] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.859866] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.860052] ================================================================== [ 33.780006] ================================================================== [ 33.780062] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 33.780132] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.780312] [ 33.780349] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.780586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.780721] Hardware name: linux,dummy-virt (DT) [ 33.780770] Call trace: [ 33.780796] show_stack+0x20/0x38 (C) [ 33.780984] dump_stack_lvl+0x8c/0xd0 [ 33.781050] print_report+0x118/0x608 [ 33.781126] kasan_report+0xdc/0x128 [ 33.781306] kasan_check_range+0x100/0x1a8 [ 33.781436] __kasan_check_write+0x20/0x30 [ 33.781505] kasan_atomics_helper+0x147c/0x4858 [ 33.781559] kasan_atomics+0x198/0x2e0 [ 33.781753] kunit_try_run_case+0x170/0x3f0 [ 33.781842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.782009] kthread+0x328/0x630 [ 33.782065] ret_from_fork+0x10/0x20 [ 33.782404] [ 33.782598] Allocated by task 298: [ 33.782642] kasan_save_stack+0x3c/0x68 [ 33.782692] kasan_save_track+0x20/0x40 [ 33.782883] kasan_save_alloc_info+0x40/0x58 [ 33.783154] __kasan_kmalloc+0xd4/0xd8 [ 33.783463] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.783522] kasan_atomics+0xb8/0x2e0 [ 33.783760] kunit_try_run_case+0x170/0x3f0 [ 33.783978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.784050] kthread+0x328/0x630 [ 33.784088] ret_from_fork+0x10/0x20 [ 33.784128] [ 33.784398] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.784398] which belongs to the cache kmalloc-64 of size 64 [ 33.784742] The buggy address is located 0 bytes to the right of [ 33.784742] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.784945] [ 33.785058] The buggy address belongs to the physical page: [ 33.785113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.785173] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.785407] page_type: f5(slab) [ 33.785462] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.785900] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.786025] page dumped because: kasan: bad access detected [ 33.786093] [ 33.786143] Memory state around the buggy address: [ 33.786269] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.786318] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.786370] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.786409] ^ [ 33.786446] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.786616] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.786670] ================================================================== [ 33.540612] ================================================================== [ 33.540672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 33.540726] Write of size 4 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.540780] [ 33.540816] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.540907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.541763] Hardware name: linux,dummy-virt (DT) [ 33.541820] Call trace: [ 33.541848] show_stack+0x20/0x38 (C) [ 33.542284] dump_stack_lvl+0x8c/0xd0 [ 33.542544] print_report+0x118/0x608 [ 33.542641] kasan_report+0xdc/0x128 [ 33.542732] kasan_check_range+0x100/0x1a8 [ 33.542831] __kasan_check_write+0x20/0x30 [ 33.542900] kasan_atomics_helper+0xa6c/0x4858 [ 33.542992] kasan_atomics+0x198/0x2e0 [ 33.543046] kunit_try_run_case+0x170/0x3f0 [ 33.543145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.543208] kthread+0x328/0x630 [ 33.543255] ret_from_fork+0x10/0x20 [ 33.543354] [ 33.543379] Allocated by task 298: [ 33.543413] kasan_save_stack+0x3c/0x68 [ 33.543460] kasan_save_track+0x20/0x40 [ 33.543756] kasan_save_alloc_info+0x40/0x58 [ 33.543876] __kasan_kmalloc+0xd4/0xd8 [ 33.544033] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.544097] kasan_atomics+0xb8/0x2e0 [ 33.544136] kunit_try_run_case+0x170/0x3f0 [ 33.544180] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.544464] kthread+0x328/0x630 [ 33.544583] ret_from_fork+0x10/0x20 [ 33.544723] [ 33.544765] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.544765] which belongs to the cache kmalloc-64 of size 64 [ 33.544826] The buggy address is located 0 bytes to the right of [ 33.544826] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.545176] [ 33.545205] The buggy address belongs to the physical page: [ 33.545275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.545522] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.545730] page_type: f5(slab) [ 33.546015] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.546189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.546407] page dumped because: kasan: bad access detected [ 33.546584] [ 33.546709] Memory state around the buggy address: [ 33.547009] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.547182] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.547281] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.547331] ^ [ 33.547370] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.547416] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.547457] ================================================================== [ 33.818649] ================================================================== [ 33.818719] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 33.819023] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.819101] [ 33.819298] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.819553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.819862] Hardware name: linux,dummy-virt (DT) [ 33.820034] Call trace: [ 33.820142] show_stack+0x20/0x38 (C) [ 33.820266] dump_stack_lvl+0x8c/0xd0 [ 33.820395] print_report+0x118/0x608 [ 33.820466] kasan_report+0xdc/0x128 [ 33.820527] kasan_check_range+0x100/0x1a8 [ 33.820764] __kasan_check_write+0x20/0x30 [ 33.820920] kasan_atomics_helper+0x1644/0x4858 [ 33.821176] kasan_atomics+0x198/0x2e0 [ 33.821422] kunit_try_run_case+0x170/0x3f0 [ 33.821501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.821649] kthread+0x328/0x630 [ 33.821728] ret_from_fork+0x10/0x20 [ 33.821866] [ 33.821916] Allocated by task 298: [ 33.822031] kasan_save_stack+0x3c/0x68 [ 33.822105] kasan_save_track+0x20/0x40 [ 33.822191] kasan_save_alloc_info+0x40/0x58 [ 33.822289] __kasan_kmalloc+0xd4/0xd8 [ 33.822344] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.822387] kasan_atomics+0xb8/0x2e0 [ 33.822575] kunit_try_run_case+0x170/0x3f0 [ 33.822818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.823059] kthread+0x328/0x630 [ 33.823135] ret_from_fork+0x10/0x20 [ 33.823304] [ 33.823413] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.823413] which belongs to the cache kmalloc-64 of size 64 [ 33.823478] The buggy address is located 0 bytes to the right of [ 33.823478] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.823742] [ 33.823971] The buggy address belongs to the physical page: [ 33.824156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.824402] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.824490] page_type: f5(slab) [ 33.824613] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.824668] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.824712] page dumped because: kasan: bad access detected [ 33.824771] [ 33.824816] Memory state around the buggy address: [ 33.825020] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.825111] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.825516] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.825590] ^ [ 33.825685] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.825766] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.825845] ================================================================== [ 33.522719] ================================================================== [ 33.522778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 33.522838] Write of size 4 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.522891] [ 33.523434] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.523550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.524094] Hardware name: linux,dummy-virt (DT) [ 33.524152] Call trace: [ 33.524196] show_stack+0x20/0x38 (C) [ 33.524504] dump_stack_lvl+0x8c/0xd0 [ 33.524652] print_report+0x118/0x608 [ 33.524766] kasan_report+0xdc/0x128 [ 33.524821] kasan_check_range+0x100/0x1a8 [ 33.524875] __kasan_check_write+0x20/0x30 [ 33.525263] kasan_atomics_helper+0x99c/0x4858 [ 33.525360] kasan_atomics+0x198/0x2e0 [ 33.525589] kunit_try_run_case+0x170/0x3f0 [ 33.525772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.525851] kthread+0x328/0x630 [ 33.526159] ret_from_fork+0x10/0x20 [ 33.526402] [ 33.526464] Allocated by task 298: [ 33.526604] kasan_save_stack+0x3c/0x68 [ 33.526693] kasan_save_track+0x20/0x40 [ 33.526810] kasan_save_alloc_info+0x40/0x58 [ 33.526881] __kasan_kmalloc+0xd4/0xd8 [ 33.527074] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.527294] kasan_atomics+0xb8/0x2e0 [ 33.527381] kunit_try_run_case+0x170/0x3f0 [ 33.527487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.527607] kthread+0x328/0x630 [ 33.527764] ret_from_fork+0x10/0x20 [ 33.527808] [ 33.527831] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.527831] which belongs to the cache kmalloc-64 of size 64 [ 33.527898] The buggy address is located 0 bytes to the right of [ 33.527898] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.528146] [ 33.528252] The buggy address belongs to the physical page: [ 33.528353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.528665] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.528914] page_type: f5(slab) [ 33.529035] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.529106] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.529233] page dumped because: kasan: bad access detected [ 33.529315] [ 33.529357] Memory state around the buggy address: [ 33.529392] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.529622] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.529851] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.529975] ^ [ 33.530024] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.530095] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.530234] ================================================================== [ 33.668146] ================================================================== [ 33.668203] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 33.668318] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.668374] [ 33.668492] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.668582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.668613] Hardware name: linux,dummy-virt (DT) [ 33.668645] Call trace: [ 33.668669] show_stack+0x20/0x38 (C) [ 33.668720] dump_stack_lvl+0x8c/0xd0 [ 33.668770] print_report+0x118/0x608 [ 33.669385] kasan_report+0xdc/0x128 [ 33.669468] kasan_check_range+0x100/0x1a8 [ 33.669521] __kasan_check_write+0x20/0x30 [ 33.669854] kasan_atomics_helper+0xeb8/0x4858 [ 33.670265] kasan_atomics+0x198/0x2e0 [ 33.670719] kunit_try_run_case+0x170/0x3f0 [ 33.670942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.671023] kthread+0x328/0x630 [ 33.671068] ret_from_fork+0x10/0x20 [ 33.671417] [ 33.671655] Allocated by task 298: [ 33.671705] kasan_save_stack+0x3c/0x68 [ 33.671778] kasan_save_track+0x20/0x40 [ 33.671936] kasan_save_alloc_info+0x40/0x58 [ 33.672016] __kasan_kmalloc+0xd4/0xd8 [ 33.672103] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.672404] kasan_atomics+0xb8/0x2e0 [ 33.672525] kunit_try_run_case+0x170/0x3f0 [ 33.672582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.673001] kthread+0x328/0x630 [ 33.673114] ret_from_fork+0x10/0x20 [ 33.673217] [ 33.673440] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.673440] which belongs to the cache kmalloc-64 of size 64 [ 33.673519] The buggy address is located 0 bytes to the right of [ 33.673519] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.673717] [ 33.673774] The buggy address belongs to the physical page: [ 33.674282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.675008] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.675218] page_type: f5(slab) [ 33.675294] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.675449] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.675496] page dumped because: kasan: bad access detected [ 33.675530] [ 33.675689] Memory state around the buggy address: [ 33.675752] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.676176] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.676296] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.676543] ^ [ 33.676675] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.676753] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.676978] ================================================================== [ 33.740665] ================================================================== [ 33.740741] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 33.740795] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.741045] [ 33.741260] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.741361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.741571] Hardware name: linux,dummy-virt (DT) [ 33.741750] Call trace: [ 33.741792] show_stack+0x20/0x38 (C) [ 33.741856] dump_stack_lvl+0x8c/0xd0 [ 33.741998] print_report+0x118/0x608 [ 33.742069] kasan_report+0xdc/0x128 [ 33.742127] kasan_check_range+0x100/0x1a8 [ 33.742259] __kasan_check_write+0x20/0x30 [ 33.742307] kasan_atomics_helper+0x126c/0x4858 [ 33.742373] kasan_atomics+0x198/0x2e0 [ 33.742434] kunit_try_run_case+0x170/0x3f0 [ 33.742488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.742546] kthread+0x328/0x630 [ 33.742591] ret_from_fork+0x10/0x20 [ 33.742951] [ 33.742999] Allocated by task 298: [ 33.743211] kasan_save_stack+0x3c/0x68 [ 33.743267] kasan_save_track+0x20/0x40 [ 33.743309] kasan_save_alloc_info+0x40/0x58 [ 33.743349] __kasan_kmalloc+0xd4/0xd8 [ 33.743390] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.743462] kasan_atomics+0xb8/0x2e0 [ 33.743510] kunit_try_run_case+0x170/0x3f0 [ 33.743762] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.743866] kthread+0x328/0x630 [ 33.744123] ret_from_fork+0x10/0x20 [ 33.744195] [ 33.744239] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.744239] which belongs to the cache kmalloc-64 of size 64 [ 33.744463] The buggy address is located 0 bytes to the right of [ 33.744463] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.744586] [ 33.744617] The buggy address belongs to the physical page: [ 33.744652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.744832] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.745342] page_type: f5(slab) [ 33.745397] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.745483] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.745529] page dumped because: kasan: bad access detected [ 33.745564] [ 33.745780] Memory state around the buggy address: [ 33.746160] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.746265] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.746337] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.746502] ^ [ 33.746659] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.746720] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.746761] ================================================================== [ 33.610807] ================================================================== [ 33.611264] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 33.611350] Read of size 4 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.611406] [ 33.611441] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.611622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.611709] Hardware name: linux,dummy-virt (DT) [ 33.611761] Call trace: [ 33.611914] show_stack+0x20/0x38 (C) [ 33.612098] dump_stack_lvl+0x8c/0xd0 [ 33.612194] print_report+0x118/0x608 [ 33.612247] kasan_report+0xdc/0x128 [ 33.612313] __asan_report_load4_noabort+0x20/0x30 [ 33.612365] kasan_atomics_helper+0x3dd8/0x4858 [ 33.612595] kasan_atomics+0x198/0x2e0 [ 33.612820] kunit_try_run_case+0x170/0x3f0 [ 33.613092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.613224] kthread+0x328/0x630 [ 33.613273] ret_from_fork+0x10/0x20 [ 33.613738] [ 33.613791] Allocated by task 298: [ 33.614073] kasan_save_stack+0x3c/0x68 [ 33.614289] kasan_save_track+0x20/0x40 [ 33.614450] kasan_save_alloc_info+0x40/0x58 [ 33.614507] __kasan_kmalloc+0xd4/0xd8 [ 33.614548] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.614591] kasan_atomics+0xb8/0x2e0 [ 33.614633] kunit_try_run_case+0x170/0x3f0 [ 33.614672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.614718] kthread+0x328/0x630 [ 33.614754] ret_from_fork+0x10/0x20 [ 33.614791] [ 33.614842] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.614842] which belongs to the cache kmalloc-64 of size 64 [ 33.614905] The buggy address is located 0 bytes to the right of [ 33.614905] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.614992] [ 33.615026] The buggy address belongs to the physical page: [ 33.615076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.615146] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.615207] page_type: f5(slab) [ 33.615263] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.615326] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.615370] page dumped because: kasan: bad access detected [ 33.615421] [ 33.615442] Memory state around the buggy address: [ 33.615476] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.615521] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.615566] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.615628] ^ [ 33.615664] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.615708] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.615749] ================================================================== [ 33.747406] ================================================================== [ 33.747461] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 33.747719] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.747811] [ 33.747893] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.748188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.748224] Hardware name: linux,dummy-virt (DT) [ 33.748631] Call trace: [ 33.748686] show_stack+0x20/0x38 (C) [ 33.748950] dump_stack_lvl+0x8c/0xd0 [ 33.749176] print_report+0x118/0x608 [ 33.749320] kasan_report+0xdc/0x128 [ 33.749420] kasan_check_range+0x100/0x1a8 [ 33.749500] __kasan_check_write+0x20/0x30 [ 33.749872] kasan_atomics_helper+0x12d8/0x4858 [ 33.750153] kasan_atomics+0x198/0x2e0 [ 33.750318] kunit_try_run_case+0x170/0x3f0 [ 33.750376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.750441] kthread+0x328/0x630 [ 33.750486] ret_from_fork+0x10/0x20 [ 33.750678] [ 33.750733] Allocated by task 298: [ 33.750778] kasan_save_stack+0x3c/0x68 [ 33.750846] kasan_save_track+0x20/0x40 [ 33.750888] kasan_save_alloc_info+0x40/0x58 [ 33.750940] __kasan_kmalloc+0xd4/0xd8 [ 33.750983] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.751026] kasan_atomics+0xb8/0x2e0 [ 33.751081] kunit_try_run_case+0x170/0x3f0 [ 33.751125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.751173] kthread+0x328/0x630 [ 33.751212] ret_from_fork+0x10/0x20 [ 33.751252] [ 33.751283] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.751283] which belongs to the cache kmalloc-64 of size 64 [ 33.751344] The buggy address is located 0 bytes to the right of [ 33.751344] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.751419] [ 33.751451] The buggy address belongs to the physical page: [ 33.751496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.751899] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.752333] page_type: f5(slab) [ 33.752392] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.752467] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.752512] page dumped because: kasan: bad access detected [ 33.752749] [ 33.752847] Memory state around the buggy address: [ 33.753190] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.753326] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.753451] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.753607] ^ [ 33.753678] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.753734] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.753799] ================================================================== [ 33.692664] ================================================================== [ 33.692836] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 33.692939] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.693010] [ 33.693045] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.693251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.693392] Hardware name: linux,dummy-virt (DT) [ 33.693439] Call trace: [ 33.693464] show_stack+0x20/0x38 (C) [ 33.693536] dump_stack_lvl+0x8c/0xd0 [ 33.693993] print_report+0x118/0x608 [ 33.694151] kasan_report+0xdc/0x128 [ 33.694413] kasan_check_range+0x100/0x1a8 [ 33.694679] __kasan_check_write+0x20/0x30 [ 33.694955] kasan_atomics_helper+0xff0/0x4858 [ 33.695028] kasan_atomics+0x198/0x2e0 [ 33.695184] kunit_try_run_case+0x170/0x3f0 [ 33.695252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.695517] kthread+0x328/0x630 [ 33.695812] ret_from_fork+0x10/0x20 [ 33.695870] [ 33.695894] Allocated by task 298: [ 33.695934] kasan_save_stack+0x3c/0x68 [ 33.695980] kasan_save_track+0x20/0x40 [ 33.696022] kasan_save_alloc_info+0x40/0x58 [ 33.696362] __kasan_kmalloc+0xd4/0xd8 [ 33.696468] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.696933] kasan_atomics+0xb8/0x2e0 [ 33.697008] kunit_try_run_case+0x170/0x3f0 [ 33.697052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.697101] kthread+0x328/0x630 [ 33.697180] ret_from_fork+0x10/0x20 [ 33.697223] [ 33.697253] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.697253] which belongs to the cache kmalloc-64 of size 64 [ 33.697323] The buggy address is located 0 bytes to the right of [ 33.697323] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.697389] [ 33.697415] The buggy address belongs to the physical page: [ 33.697461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.697516] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.697576] page_type: f5(slab) [ 33.697625] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.697685] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.697736] page dumped because: kasan: bad access detected [ 33.697780] [ 33.697810] Memory state around the buggy address: [ 33.697846] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.697900] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.697955] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.697997] ^ [ 33.698043] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.698087] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.698137] ================================================================== [ 33.755005] ================================================================== [ 33.755062] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 33.755132] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.755213] [ 33.755247] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.755337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.755540] Hardware name: linux,dummy-virt (DT) [ 33.756116] Call trace: [ 33.756183] show_stack+0x20/0x38 (C) [ 33.756360] dump_stack_lvl+0x8c/0xd0 [ 33.756439] print_report+0x118/0x608 [ 33.756676] kasan_report+0xdc/0x128 [ 33.756910] kasan_check_range+0x100/0x1a8 [ 33.757012] __kasan_check_write+0x20/0x30 [ 33.757233] kasan_atomics_helper+0x1384/0x4858 [ 33.757332] kasan_atomics+0x198/0x2e0 [ 33.757494] kunit_try_run_case+0x170/0x3f0 [ 33.757945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.758037] kthread+0x328/0x630 [ 33.758265] ret_from_fork+0x10/0x20 [ 33.758327] [ 33.758350] Allocated by task 298: [ 33.758449] kasan_save_stack+0x3c/0x68 [ 33.758607] kasan_save_track+0x20/0x40 [ 33.758904] kasan_save_alloc_info+0x40/0x58 [ 33.759205] __kasan_kmalloc+0xd4/0xd8 [ 33.759280] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.759325] kasan_atomics+0xb8/0x2e0 [ 33.759365] kunit_try_run_case+0x170/0x3f0 [ 33.759655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.759916] kthread+0x328/0x630 [ 33.760117] ret_from_fork+0x10/0x20 [ 33.760270] [ 33.760314] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.760314] which belongs to the cache kmalloc-64 of size 64 [ 33.760378] The buggy address is located 0 bytes to the right of [ 33.760378] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.760674] [ 33.761031] The buggy address belongs to the physical page: [ 33.761152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.761216] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.761267] page_type: f5(slab) [ 33.761528] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.761961] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.762126] page dumped because: kasan: bad access detected [ 33.762282] [ 33.762349] Memory state around the buggy address: [ 33.762546] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.762832] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.762909] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.762980] ^ [ 33.763028] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.763167] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.763210] ================================================================== [ 33.724836] ================================================================== [ 33.725029] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 33.725226] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.725325] [ 33.725395] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.725500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.725684] Hardware name: linux,dummy-virt (DT) [ 33.725730] Call trace: [ 33.725771] show_stack+0x20/0x38 (C) [ 33.725826] dump_stack_lvl+0x8c/0xd0 [ 33.726050] print_report+0x118/0x608 [ 33.726265] kasan_report+0xdc/0x128 [ 33.726344] kasan_check_range+0x100/0x1a8 [ 33.726396] __kasan_check_write+0x20/0x30 [ 33.726446] kasan_atomics_helper+0x1190/0x4858 [ 33.726498] kasan_atomics+0x198/0x2e0 [ 33.726551] kunit_try_run_case+0x170/0x3f0 [ 33.726606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.726664] kthread+0x328/0x630 [ 33.726709] ret_from_fork+0x10/0x20 [ 33.726817] [ 33.726842] Allocated by task 298: [ 33.726874] kasan_save_stack+0x3c/0x68 [ 33.726919] kasan_save_track+0x20/0x40 [ 33.726971] kasan_save_alloc_info+0x40/0x58 [ 33.727020] __kasan_kmalloc+0xd4/0xd8 [ 33.727067] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.727110] kasan_atomics+0xb8/0x2e0 [ 33.727149] kunit_try_run_case+0x170/0x3f0 [ 33.727200] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.727248] kthread+0x328/0x630 [ 33.727285] ret_from_fork+0x10/0x20 [ 33.727324] [ 33.727353] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.727353] which belongs to the cache kmalloc-64 of size 64 [ 33.727415] The buggy address is located 0 bytes to the right of [ 33.727415] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.727481] [ 33.727503] The buggy address belongs to the physical page: [ 33.727539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.728490] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.728598] page_type: f5(slab) [ 33.728719] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.728820] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.728957] page dumped because: kasan: bad access detected [ 33.729300] [ 33.729347] Memory state around the buggy address: [ 33.729489] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.729768] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.730088] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.730226] ^ [ 33.730267] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.730503] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.730663] ================================================================== [ 33.867831] ================================================================== [ 33.867883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 33.868126] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.868343] [ 33.868399] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.868492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.868521] Hardware name: linux,dummy-virt (DT) [ 33.868555] Call trace: [ 33.868580] show_stack+0x20/0x38 (C) [ 33.868640] dump_stack_lvl+0x8c/0xd0 [ 33.868690] print_report+0x118/0x608 [ 33.868742] kasan_report+0xdc/0x128 [ 33.868791] kasan_check_range+0x100/0x1a8 [ 33.868839] __kasan_check_write+0x20/0x30 [ 33.868886] kasan_atomics_helper+0x17ec/0x4858 [ 33.868951] kasan_atomics+0x198/0x2e0 [ 33.869007] kunit_try_run_case+0x170/0x3f0 [ 33.869057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.869113] kthread+0x328/0x630 [ 33.869159] ret_from_fork+0x10/0x20 [ 33.869219] [ 33.869242] Allocated by task 298: [ 33.869273] kasan_save_stack+0x3c/0x68 [ 33.869318] kasan_save_track+0x20/0x40 [ 33.869360] kasan_save_alloc_info+0x40/0x58 [ 33.869400] __kasan_kmalloc+0xd4/0xd8 [ 33.869449] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.869493] kasan_atomics+0xb8/0x2e0 [ 33.869536] kunit_try_run_case+0x170/0x3f0 [ 33.869580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.869636] kthread+0x328/0x630 [ 33.869671] ret_from_fork+0x10/0x20 [ 33.869710] [ 33.869733] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.869733] which belongs to the cache kmalloc-64 of size 64 [ 33.869794] The buggy address is located 0 bytes to the right of [ 33.869794] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.869861] [ 33.869886] The buggy address belongs to the physical page: [ 33.869919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.869986] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.870386] page_type: f5(slab) [ 33.870443] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.870496] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.870668] page dumped because: kasan: bad access detected [ 33.870731] [ 33.870753] Memory state around the buggy address: [ 33.870791] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.871160] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.871477] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.871536] ^ [ 33.871603] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.871887] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.872232] ================================================================== [ 33.769610] ================================================================== [ 33.769693] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 33.769747] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.769908] [ 33.769954] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.770045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.770076] Hardware name: linux,dummy-virt (DT) [ 33.770254] Call trace: [ 33.770293] show_stack+0x20/0x38 (C) [ 33.770448] dump_stack_lvl+0x8c/0xd0 [ 33.770635] print_report+0x118/0x608 [ 33.770700] kasan_report+0xdc/0x128 [ 33.770885] kasan_check_range+0x100/0x1a8 [ 33.771367] __kasan_check_write+0x20/0x30 [ 33.771640] kasan_atomics_helper+0x1414/0x4858 [ 33.771993] kasan_atomics+0x198/0x2e0 [ 33.772523] kunit_try_run_case+0x170/0x3f0 [ 33.772691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.772774] kthread+0x328/0x630 [ 33.772998] ret_from_fork+0x10/0x20 [ 33.773422] [ 33.773565] Allocated by task 298: [ 33.773838] kasan_save_stack+0x3c/0x68 [ 33.773903] kasan_save_track+0x20/0x40 [ 33.774113] kasan_save_alloc_info+0x40/0x58 [ 33.774249] __kasan_kmalloc+0xd4/0xd8 [ 33.774586] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.774673] kasan_atomics+0xb8/0x2e0 [ 33.774849] kunit_try_run_case+0x170/0x3f0 [ 33.774906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.775222] kthread+0x328/0x630 [ 33.775368] ret_from_fork+0x10/0x20 [ 33.775725] [ 33.775960] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.775960] which belongs to the cache kmalloc-64 of size 64 [ 33.776075] The buggy address is located 0 bytes to the right of [ 33.776075] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.776324] [ 33.776489] The buggy address belongs to the physical page: [ 33.776529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.776738] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.776984] page_type: f5(slab) [ 33.777323] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.777605] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.777683] page dumped because: kasan: bad access detected [ 33.777802] [ 33.777871] Memory state around the buggy address: [ 33.778048] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.778247] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.778460] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.778568] ^ [ 33.778616] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.778809] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.778949] ================================================================== [ 33.843647] ================================================================== [ 33.843695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 33.843946] Read of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.844201] [ 33.844407] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.844527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.844556] Hardware name: linux,dummy-virt (DT) [ 33.844591] Call trace: [ 33.844808] show_stack+0x20/0x38 (C) [ 33.845090] dump_stack_lvl+0x8c/0xd0 [ 33.845174] print_report+0x118/0x608 [ 33.845377] kasan_report+0xdc/0x128 [ 33.845568] __asan_report_load8_noabort+0x20/0x30 [ 33.845869] kasan_atomics_helper+0x3e10/0x4858 [ 33.846120] kasan_atomics+0x198/0x2e0 [ 33.846184] kunit_try_run_case+0x170/0x3f0 [ 33.846240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.846297] kthread+0x328/0x630 [ 33.846343] ret_from_fork+0x10/0x20 [ 33.846395] [ 33.846677] Allocated by task 298: [ 33.847250] kasan_save_stack+0x3c/0x68 [ 33.847341] kasan_save_track+0x20/0x40 [ 33.847535] kasan_save_alloc_info+0x40/0x58 [ 33.847655] __kasan_kmalloc+0xd4/0xd8 [ 33.848022] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.848100] kasan_atomics+0xb8/0x2e0 [ 33.848477] kunit_try_run_case+0x170/0x3f0 [ 33.848678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.848941] kthread+0x328/0x630 [ 33.849152] ret_from_fork+0x10/0x20 [ 33.849373] [ 33.849586] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.849586] which belongs to the cache kmalloc-64 of size 64 [ 33.849889] The buggy address is located 0 bytes to the right of [ 33.849889] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.850045] [ 33.850135] The buggy address belongs to the physical page: [ 33.850233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.850376] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.850437] page_type: f5(slab) [ 33.850481] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.850534] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.850577] page dumped because: kasan: bad access detected [ 33.850631] [ 33.850663] Memory state around the buggy address: [ 33.850697] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.850752] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.850799] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.850849] ^ [ 33.850894] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.850950] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.851003] ================================================================== [ 33.699198] ================================================================== [ 33.699259] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 33.699361] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.699429] [ 33.699599] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.699971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.700006] Hardware name: linux,dummy-virt (DT) [ 33.700045] Call trace: [ 33.700072] show_stack+0x20/0x38 (C) [ 33.700363] dump_stack_lvl+0x8c/0xd0 [ 33.700718] print_report+0x118/0x608 [ 33.700783] kasan_report+0xdc/0x128 [ 33.701297] kasan_check_range+0x100/0x1a8 [ 33.701497] __kasan_check_write+0x20/0x30 [ 33.701592] kasan_atomics_helper+0x1058/0x4858 [ 33.701765] kasan_atomics+0x198/0x2e0 [ 33.702031] kunit_try_run_case+0x170/0x3f0 [ 33.702403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.702599] kthread+0x328/0x630 [ 33.702823] ret_from_fork+0x10/0x20 [ 33.703216] [ 33.703280] Allocated by task 298: [ 33.703316] kasan_save_stack+0x3c/0x68 [ 33.703610] kasan_save_track+0x20/0x40 [ 33.703836] kasan_save_alloc_info+0x40/0x58 [ 33.703918] __kasan_kmalloc+0xd4/0xd8 [ 33.704159] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.704267] kasan_atomics+0xb8/0x2e0 [ 33.704311] kunit_try_run_case+0x170/0x3f0 [ 33.704356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.704680] kthread+0x328/0x630 [ 33.704802] ret_from_fork+0x10/0x20 [ 33.704872] [ 33.705050] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.705050] which belongs to the cache kmalloc-64 of size 64 [ 33.705206] The buggy address is located 0 bytes to the right of [ 33.705206] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.705497] [ 33.705660] The buggy address belongs to the physical page: [ 33.705897] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.706089] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.706370] page_type: f5(slab) [ 33.706505] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.706718] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.706773] page dumped because: kasan: bad access detected [ 33.706809] [ 33.706983] Memory state around the buggy address: [ 33.707164] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.707357] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.707417] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.707649] ^ [ 33.707727] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.707775] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.707977] ================================================================== [ 33.531754] ================================================================== [ 33.531966] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 33.532061] Write of size 4 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.532282] [ 33.532436] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.533351] print_report+0x118/0x608 [ 33.534073] kunit_try_run_case+0x170/0x3f0 [ 33.535680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.536558] [ 33.536629] The buggy address belongs to the physical page: [ 33.536679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.536996] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.537193] page_type: f5(slab) [ 33.537277] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.537426] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.537497] page dumped because: kasan: bad access detected [ 33.537546] [ 33.537640] Memory state around the buggy address: [ 33.537678] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.537750] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.537824] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.538042] ^ [ 33.538157] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.538293] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.538430] ================================================================== [ 33.786903] ================================================================== [ 33.786966] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 33.787018] Write of size 8 at addr fff00000c8dc1ab0 by task kunit_try_catch/298 [ 33.787087] [ 33.787120] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 33.787210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.787239] Hardware name: linux,dummy-virt (DT) [ 33.787273] Call trace: [ 33.787297] show_stack+0x20/0x38 (C) [ 33.787365] dump_stack_lvl+0x8c/0xd0 [ 33.787418] print_report+0x118/0x608 [ 33.787476] kasan_report+0xdc/0x128 [ 33.787526] kasan_check_range+0x100/0x1a8 [ 33.787740] __kasan_check_write+0x20/0x30 [ 33.788015] kasan_atomics_helper+0x14e4/0x4858 [ 33.788070] kasan_atomics+0x198/0x2e0 [ 33.788695] kunit_try_run_case+0x170/0x3f0 [ 33.788793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.789031] kthread+0x328/0x630 [ 33.789087] ret_from_fork+0x10/0x20 [ 33.789512] [ 33.789578] Allocated by task 298: [ 33.789632] kasan_save_stack+0x3c/0x68 [ 33.789802] kasan_save_track+0x20/0x40 [ 33.790022] kasan_save_alloc_info+0x40/0x58 [ 33.790228] __kasan_kmalloc+0xd4/0xd8 [ 33.790334] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.790496] kasan_atomics+0xb8/0x2e0 [ 33.790710] kunit_try_run_case+0x170/0x3f0 [ 33.790891] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.791191] kthread+0x328/0x630 [ 33.791542] ret_from_fork+0x10/0x20 [ 33.791795] [ 33.791840] The buggy address belongs to the object at fff00000c8dc1a80 [ 33.791840] which belongs to the cache kmalloc-64 of size 64 [ 33.791936] The buggy address is located 0 bytes to the right of [ 33.791936] allocated 48-byte region [fff00000c8dc1a80, fff00000c8dc1ab0) [ 33.792167] [ 33.792325] The buggy address belongs to the physical page: [ 33.792487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108dc1 [ 33.792728] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.792822] page_type: f5(slab) [ 33.792968] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.793047] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.793290] page dumped because: kasan: bad access detected [ 33.793479] [ 33.793543] Memory state around the buggy address: [ 33.793591] fff00000c8dc1980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.793816] fff00000c8dc1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.793960] >fff00000c8dc1a80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.794031] ^ [ 33.794250] fff00000c8dc1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.794318] fff00000c8dc1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.794434] ==================================================================
[ 35.261209] ================================================================== [ 35.261497] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 35.261682] Read of size 4 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.261860] [ 35.261897] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.261989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.262493] Hardware name: linux,dummy-virt (DT) [ 35.262577] Call trace: [ 35.262603] show_stack+0x20/0x38 (C) [ 35.262659] dump_stack_lvl+0x8c/0xd0 [ 35.262710] print_report+0x118/0x608 [ 35.262760] kasan_report+0xdc/0x128 [ 35.263291] __asan_report_load4_noabort+0x20/0x30 [ 35.263370] kasan_atomics_helper+0x3e04/0x4858 [ 35.263426] kasan_atomics+0x198/0x2e0 [ 35.263539] kunit_try_run_case+0x170/0x3f0 [ 35.263646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.263950] kthread+0x328/0x630 [ 35.264276] ret_from_fork+0x10/0x20 [ 35.264497] [ 35.264549] Allocated by task 296: [ 35.264619] kasan_save_stack+0x3c/0x68 [ 35.264668] kasan_save_track+0x20/0x40 [ 35.264884] kasan_save_alloc_info+0x40/0x58 [ 35.265215] __kasan_kmalloc+0xd4/0xd8 [ 35.265279] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.265461] kasan_atomics+0xb8/0x2e0 [ 35.265704] kunit_try_run_case+0x170/0x3f0 [ 35.265973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.266127] kthread+0x328/0x630 [ 35.266189] ret_from_fork+0x10/0x20 [ 35.266228] [ 35.266259] The buggy address belongs to the object at fff00000c997d800 [ 35.266259] which belongs to the cache kmalloc-64 of size 64 [ 35.266322] The buggy address is located 0 bytes to the right of [ 35.266322] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.266404] [ 35.266443] The buggy address belongs to the physical page: [ 35.266486] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.266541] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.266620] page_type: f5(slab) [ 35.266685] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.266769] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.266814] page dumped because: kasan: bad access detected [ 35.266846] [ 35.266868] Memory state around the buggy address: [ 35.266900] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.266956] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.267007] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.267065] ^ [ 35.267121] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.267187] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.267234] ================================================================== [ 35.428657] ================================================================== [ 35.428772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 35.428923] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.428999] [ 35.429120] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.429242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.429270] Hardware name: linux,dummy-virt (DT) [ 35.429305] Call trace: [ 35.429329] show_stack+0x20/0x38 (C) [ 35.429398] dump_stack_lvl+0x8c/0xd0 [ 35.429454] print_report+0x118/0x608 [ 35.429723] kasan_report+0xdc/0x128 [ 35.429831] kasan_check_range+0x100/0x1a8 [ 35.429885] __kasan_check_write+0x20/0x30 [ 35.429952] kasan_atomics_helper+0x175c/0x4858 [ 35.430024] kasan_atomics+0x198/0x2e0 [ 35.430090] kunit_try_run_case+0x170/0x3f0 [ 35.430144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.430224] kthread+0x328/0x630 [ 35.430268] ret_from_fork+0x10/0x20 [ 35.430319] [ 35.430359] Allocated by task 296: [ 35.430392] kasan_save_stack+0x3c/0x68 [ 35.430590] kasan_save_track+0x20/0x40 [ 35.430738] kasan_save_alloc_info+0x40/0x58 [ 35.430802] __kasan_kmalloc+0xd4/0xd8 [ 35.430859] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.431093] kasan_atomics+0xb8/0x2e0 [ 35.431144] kunit_try_run_case+0x170/0x3f0 [ 35.431222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.431289] kthread+0x328/0x630 [ 35.431350] ret_from_fork+0x10/0x20 [ 35.431397] [ 35.431420] The buggy address belongs to the object at fff00000c997d800 [ 35.431420] which belongs to the cache kmalloc-64 of size 64 [ 35.431489] The buggy address is located 0 bytes to the right of [ 35.431489] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.431557] [ 35.431581] The buggy address belongs to the physical page: [ 35.431614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.431946] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.432083] page_type: f5(slab) [ 35.432134] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.432375] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.432600] page dumped because: kasan: bad access detected [ 35.432722] [ 35.432778] Memory state around the buggy address: [ 35.432815] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.432861] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.433048] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.433212] ^ [ 35.433260] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.433314] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.433571] ================================================================== [ 35.183897] ================================================================== [ 35.183964] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 35.184032] Read of size 4 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.184086] [ 35.184136] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.184238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.184266] Hardware name: linux,dummy-virt (DT) [ 35.185052] kthread+0x328/0x630 [ 35.185983] The buggy address is located 0 bytes to the right of [ 35.185983] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.187408] [ 35.188708] kunit_try_run_case+0x170/0x3f0 [ 35.189640] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.189697] kasan_atomics+0xb8/0x2e0 [ 35.189746] kunit_try_run_case+0x170/0x3f0 [ 35.189803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.189858] kthread+0x328/0x630 [ 35.189909] ret_from_fork+0x10/0x20 [ 35.189949] [ 35.189970] The buggy address belongs to the object at fff00000c997d800 [ 35.189970] which belongs to the cache kmalloc-64 of size 64 [ 35.190048] The buggy address is located 0 bytes to the right of [ 35.190048] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.190116] [ 35.190144] The buggy address belongs to the physical page: [ 35.190218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.190273] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.190332] page_type: f5(slab) [ 35.190372] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.190426] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.190470] page dumped because: kasan: bad access detected [ 35.190515] [ 35.190545] Memory state around the buggy address: [ 35.190580] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.190647] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.190700] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.190751] ^ [ 35.190785] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.190829] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.190891] ================================================================== [ 35.433966] ================================================================== [ 35.434259] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 35.434334] Read of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.434388] [ 35.434454] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.434543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.434582] Hardware name: linux,dummy-virt (DT) [ 35.434626] Call trace: [ 35.434667] show_stack+0x20/0x38 (C) [ 35.434795] dump_stack_lvl+0x8c/0xd0 [ 35.434871] print_report+0x118/0x608 [ 35.434934] kasan_report+0xdc/0x128 [ 35.435181] __asan_report_load8_noabort+0x20/0x30 [ 35.435247] kasan_atomics_helper+0x3e20/0x4858 [ 35.435299] kasan_atomics+0x198/0x2e0 [ 35.435355] kunit_try_run_case+0x170/0x3f0 [ 35.435427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.435532] kthread+0x328/0x630 [ 35.435619] ret_from_fork+0x10/0x20 [ 35.435670] [ 35.435693] Allocated by task 296: [ 35.435868] kasan_save_stack+0x3c/0x68 [ 35.435916] kasan_save_track+0x20/0x40 [ 35.436084] kasan_save_alloc_info+0x40/0x58 [ 35.436194] __kasan_kmalloc+0xd4/0xd8 [ 35.436262] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.436328] kasan_atomics+0xb8/0x2e0 [ 35.436635] kunit_try_run_case+0x170/0x3f0 [ 35.436752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.436883] kthread+0x328/0x630 [ 35.436953] ret_from_fork+0x10/0x20 [ 35.437021] [ 35.437076] The buggy address belongs to the object at fff00000c997d800 [ 35.437076] which belongs to the cache kmalloc-64 of size 64 [ 35.437138] The buggy address is located 0 bytes to the right of [ 35.437138] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.437409] [ 35.437570] The buggy address belongs to the physical page: [ 35.437631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.437704] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.437777] page_type: f5(slab) [ 35.437970] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.438120] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.438265] page dumped because: kasan: bad access detected [ 35.438325] [ 35.438364] Memory state around the buggy address: [ 35.438398] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.438453] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.438664] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.438820] ^ [ 35.438906] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.439086] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.439251] ================================================================== [ 35.269195] ================================================================== [ 35.269280] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 35.269336] Read of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.269480] [ 35.269521] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.269619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.270018] Hardware name: linux,dummy-virt (DT) [ 35.270076] Call trace: [ 35.270103] show_stack+0x20/0x38 (C) [ 35.270479] dump_stack_lvl+0x8c/0xd0 [ 35.270594] print_report+0x118/0x608 [ 35.270657] kasan_report+0xdc/0x128 [ 35.270707] kasan_check_range+0x100/0x1a8 [ 35.271009] __kasan_check_read+0x20/0x30 [ 35.271268] kasan_atomics_helper+0xdd4/0x4858 [ 35.271341] kasan_atomics+0x198/0x2e0 [ 35.271619] kunit_try_run_case+0x170/0x3f0 [ 35.271761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.271846] kthread+0x328/0x630 [ 35.272181] ret_from_fork+0x10/0x20 [ 35.272476] [ 35.272613] Allocated by task 296: [ 35.272670] kasan_save_stack+0x3c/0x68 [ 35.272825] kasan_save_track+0x20/0x40 [ 35.273476] kasan_save_alloc_info+0x40/0x58 [ 35.273564] __kasan_kmalloc+0xd4/0xd8 [ 35.273608] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.273820] kasan_atomics+0xb8/0x2e0 [ 35.274054] kunit_try_run_case+0x170/0x3f0 [ 35.274114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.274379] kthread+0x328/0x630 [ 35.274435] ret_from_fork+0x10/0x20 [ 35.274807] [ 35.275295] The buggy address belongs to the object at fff00000c997d800 [ 35.275295] which belongs to the cache kmalloc-64 of size 64 [ 35.275398] The buggy address is located 0 bytes to the right of [ 35.275398] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.275565] [ 35.275616] The buggy address belongs to the physical page: [ 35.275797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.275974] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.276177] page_type: f5(slab) [ 35.276509] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.276722] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.276804] page dumped because: kasan: bad access detected [ 35.276954] [ 35.276996] Memory state around the buggy address: [ 35.277052] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.277104] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.277149] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.277398] ^ [ 35.277506] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.277881] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.278148] ================================================================== [ 35.361785] ================================================================== [ 35.361963] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 35.362185] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.362279] [ 35.362350] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.362441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.362469] Hardware name: linux,dummy-virt (DT) [ 35.362503] Call trace: [ 35.362552] show_stack+0x20/0x38 (C) [ 35.362605] dump_stack_lvl+0x8c/0xd0 [ 35.362654] print_report+0x118/0x608 [ 35.362711] kasan_report+0xdc/0x128 [ 35.362918] kasan_check_range+0x100/0x1a8 [ 35.363012] __kasan_check_write+0x20/0x30 [ 35.363065] kasan_atomics_helper+0x126c/0x4858 [ 35.363124] kasan_atomics+0x198/0x2e0 [ 35.363189] kunit_try_run_case+0x170/0x3f0 [ 35.363251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.363435] kthread+0x328/0x630 [ 35.363536] ret_from_fork+0x10/0x20 [ 35.363885] [ 35.364034] Allocated by task 296: [ 35.364238] kasan_save_stack+0x3c/0x68 [ 35.364311] kasan_save_track+0x20/0x40 [ 35.364388] kasan_save_alloc_info+0x40/0x58 [ 35.364502] __kasan_kmalloc+0xd4/0xd8 [ 35.364544] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.364603] kasan_atomics+0xb8/0x2e0 [ 35.364648] kunit_try_run_case+0x170/0x3f0 [ 35.364690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.364934] kthread+0x328/0x630 [ 35.365065] ret_from_fork+0x10/0x20 [ 35.365136] [ 35.365421] The buggy address belongs to the object at fff00000c997d800 [ 35.365421] which belongs to the cache kmalloc-64 of size 64 [ 35.365499] The buggy address is located 0 bytes to the right of [ 35.365499] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.365749] [ 35.365890] The buggy address belongs to the physical page: [ 35.365946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.366028] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.366302] page_type: f5(slab) [ 35.366369] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.366466] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.366545] page dumped because: kasan: bad access detected [ 35.366581] [ 35.366602] Memory state around the buggy address: [ 35.366723] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.366958] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.367014] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.367080] ^ [ 35.367115] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.367182] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.367223] ================================================================== [ 35.337119] ================================================================== [ 35.337186] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 35.337237] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.337390] [ 35.337561] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.337684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.337722] Hardware name: linux,dummy-virt (DT) [ 35.337765] Call trace: [ 35.337791] show_stack+0x20/0x38 (C) [ 35.337993] dump_stack_lvl+0x8c/0xd0 [ 35.338095] print_report+0x118/0x608 [ 35.338148] kasan_report+0xdc/0x128 [ 35.338225] kasan_check_range+0x100/0x1a8 [ 35.338282] __kasan_check_write+0x20/0x30 [ 35.338338] kasan_atomics_helper+0x1058/0x4858 [ 35.338391] kasan_atomics+0x198/0x2e0 [ 35.338481] kunit_try_run_case+0x170/0x3f0 [ 35.338536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.338601] kthread+0x328/0x630 [ 35.338654] ret_from_fork+0x10/0x20 [ 35.338706] [ 35.338735] Allocated by task 296: [ 35.338773] kasan_save_stack+0x3c/0x68 [ 35.338827] kasan_save_track+0x20/0x40 [ 35.338869] kasan_save_alloc_info+0x40/0x58 [ 35.338907] __kasan_kmalloc+0xd4/0xd8 [ 35.339110] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.339175] kasan_atomics+0xb8/0x2e0 [ 35.339291] kunit_try_run_case+0x170/0x3f0 [ 35.339358] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.339419] kthread+0x328/0x630 [ 35.339460] ret_from_fork+0x10/0x20 [ 35.339724] [ 35.339786] The buggy address belongs to the object at fff00000c997d800 [ 35.339786] which belongs to the cache kmalloc-64 of size 64 [ 35.339920] The buggy address is located 0 bytes to the right of [ 35.339920] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.340014] [ 35.340040] The buggy address belongs to the physical page: [ 35.340073] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.340297] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.340459] page_type: f5(slab) [ 35.340610] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.340709] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.340791] page dumped because: kasan: bad access detected [ 35.341057] [ 35.341122] Memory state around the buggy address: [ 35.341170] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.341329] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.341529] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.341647] ^ [ 35.341751] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.341813] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.342050] ================================================================== [ 35.424349] ================================================================== [ 35.424391] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 35.424448] Read of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.424500] [ 35.424540] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.424626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.424656] Hardware name: linux,dummy-virt (DT) [ 35.424689] Call trace: [ 35.424714] show_stack+0x20/0x38 (C) [ 35.424763] dump_stack_lvl+0x8c/0xd0 [ 35.424814] print_report+0x118/0x608 [ 35.424863] kasan_report+0xdc/0x128 [ 35.424912] __asan_report_load8_noabort+0x20/0x30 [ 35.424973] kasan_atomics_helper+0x3e10/0x4858 [ 35.425032] kasan_atomics+0x198/0x2e0 [ 35.425082] kunit_try_run_case+0x170/0x3f0 [ 35.425141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.425221] kthread+0x328/0x630 [ 35.425265] ret_from_fork+0x10/0x20 [ 35.425355] [ 35.425497] Allocated by task 296: [ 35.425844] kasan_save_stack+0x3c/0x68 [ 35.425909] kasan_save_track+0x20/0x40 [ 35.425976] kasan_save_alloc_info+0x40/0x58 [ 35.426018] __kasan_kmalloc+0xd4/0xd8 [ 35.426056] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.426099] kasan_atomics+0xb8/0x2e0 [ 35.426185] kunit_try_run_case+0x170/0x3f0 [ 35.426230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.426287] kthread+0x328/0x630 [ 35.426333] ret_from_fork+0x10/0x20 [ 35.426373] [ 35.426395] The buggy address belongs to the object at fff00000c997d800 [ 35.426395] which belongs to the cache kmalloc-64 of size 64 [ 35.426553] The buggy address is located 0 bytes to the right of [ 35.426553] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.426626] [ 35.426675] The buggy address belongs to the physical page: [ 35.426743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.426808] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.426887] page_type: f5(slab) [ 35.426944] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.427347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.427492] page dumped because: kasan: bad access detected [ 35.427574] [ 35.427620] Memory state around the buggy address: [ 35.427654] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.427699] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.427745] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.427787] ^ [ 35.427874] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.428026] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.428094] ================================================================== [ 35.401851] ================================================================== [ 35.401922] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 35.401990] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.402172] [ 35.402292] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.402389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.402436] Hardware name: linux,dummy-virt (DT) [ 35.402470] Call trace: [ 35.402512] show_stack+0x20/0x38 (C) [ 35.402565] dump_stack_lvl+0x8c/0xd0 [ 35.402616] print_report+0x118/0x608 [ 35.402666] kasan_report+0xdc/0x128 [ 35.402713] kasan_check_range+0x100/0x1a8 [ 35.402770] __kasan_check_write+0x20/0x30 [ 35.402819] kasan_atomics_helper+0x15b4/0x4858 [ 35.402880] kasan_atomics+0x198/0x2e0 [ 35.402931] kunit_try_run_case+0x170/0x3f0 [ 35.402982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.403047] kthread+0x328/0x630 [ 35.403091] ret_from_fork+0x10/0x20 [ 35.403142] [ 35.403184] Allocated by task 296: [ 35.403214] kasan_save_stack+0x3c/0x68 [ 35.403259] kasan_save_track+0x20/0x40 [ 35.403300] kasan_save_alloc_info+0x40/0x58 [ 35.403340] __kasan_kmalloc+0xd4/0xd8 [ 35.403389] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.403432] kasan_atomics+0xb8/0x2e0 [ 35.403471] kunit_try_run_case+0x170/0x3f0 [ 35.403513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.403560] kthread+0x328/0x630 [ 35.403729] ret_from_fork+0x10/0x20 [ 35.403773] [ 35.403795] The buggy address belongs to the object at fff00000c997d800 [ 35.403795] which belongs to the cache kmalloc-64 of size 64 [ 35.404087] The buggy address is located 0 bytes to the right of [ 35.404087] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.404212] [ 35.404263] The buggy address belongs to the physical page: [ 35.404333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.404424] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.404520] page_type: f5(slab) [ 35.404561] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.404743] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.404840] page dumped because: kasan: bad access detected [ 35.404909] [ 35.404992] Memory state around the buggy address: [ 35.405057] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.405126] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.405181] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.405259] ^ [ 35.405298] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.405472] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.405560] ================================================================== [ 35.202844] ================================================================== [ 35.202898] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 35.203044] Write of size 4 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.203111] [ 35.203150] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.203321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.203355] Hardware name: linux,dummy-virt (DT) [ 35.203912] kasan_report+0xdc/0x128 [ 35.206247] ret_from_fork+0x10/0x20 [ 35.206690] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.206750] page_type: f5(slab) [ 35.206799] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.206853] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.207214] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.211269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.211975] [ 35.212524] The buggy address is located 0 bytes to the right of [ 35.212524] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.212698] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.212747] page_type: f5(slab) [ 35.212786] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.212839] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.213100] ^ [ 35.213802] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.216189] [ 35.216433] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.218815] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 35.219564] __kasan_check_write+0x20/0x30 [ 35.220622] ret_from_fork+0x10/0x20 [ 35.220953] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.222461] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dbc/0x4858 [ 35.223677] kasan_save_track+0x20/0x40 [ 35.225533] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.227549] [ 35.228388] dump_stack_lvl+0x8c/0xd0 [ 35.229150] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.230343] page_type: f5(slab) [ 35.231232] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.232887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.233599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.234651] [ 35.234906] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.235719] Hardware name: linux,dummy-virt (DT) [ 35.237422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.237984] page dumped because: kasan: bad access detected [ 35.238018] [ 35.238038] Memory state around the buggy address: [ 35.238071] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.238116] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.238169] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.238209] ^ [ 35.238242] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.238286] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.238327] ================================================================== [ 35.357337] ================================================================== [ 35.357497] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 35.357585] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.357657] [ 35.357695] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.357785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.357812] Hardware name: linux,dummy-virt (DT) [ 35.357863] Call trace: [ 35.357888] show_stack+0x20/0x38 (C) [ 35.357938] dump_stack_lvl+0x8c/0xd0 [ 35.357988] print_report+0x118/0x608 [ 35.358075] kasan_report+0xdc/0x128 [ 35.358127] kasan_check_range+0x100/0x1a8 [ 35.358281] __kasan_check_write+0x20/0x30 [ 35.358406] kasan_atomics_helper+0x11f8/0x4858 [ 35.358466] kasan_atomics+0x198/0x2e0 [ 35.358516] kunit_try_run_case+0x170/0x3f0 [ 35.358569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.358785] kthread+0x328/0x630 [ 35.358842] ret_from_fork+0x10/0x20 [ 35.358909] [ 35.358943] Allocated by task 296: [ 35.358992] kasan_save_stack+0x3c/0x68 [ 35.359037] kasan_save_track+0x20/0x40 [ 35.359105] kasan_save_alloc_info+0x40/0x58 [ 35.359152] __kasan_kmalloc+0xd4/0xd8 [ 35.359204] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.359254] kasan_atomics+0xb8/0x2e0 [ 35.359294] kunit_try_run_case+0x170/0x3f0 [ 35.359341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.359397] kthread+0x328/0x630 [ 35.359462] ret_from_fork+0x10/0x20 [ 35.359538] [ 35.359596] The buggy address belongs to the object at fff00000c997d800 [ 35.359596] which belongs to the cache kmalloc-64 of size 64 [ 35.359686] The buggy address is located 0 bytes to the right of [ 35.359686] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.359805] [ 35.359855] The buggy address belongs to the physical page: [ 35.359924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.360015] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.360081] page_type: f5(slab) [ 35.360136] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.360197] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.360241] page dumped because: kasan: bad access detected [ 35.360275] [ 35.360295] Memory state around the buggy address: [ 35.360329] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.360627] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.360745] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.360838] ^ [ 35.360900] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.361246] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.361331] ================================================================== [ 35.331343] ================================================================== [ 35.331391] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 35.331469] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.331551] [ 35.331611] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.331725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.331786] Hardware name: linux,dummy-virt (DT) [ 35.331841] Call trace: [ 35.331883] show_stack+0x20/0x38 (C) [ 35.331944] dump_stack_lvl+0x8c/0xd0 [ 35.332021] print_report+0x118/0x608 [ 35.332072] kasan_report+0xdc/0x128 [ 35.332121] kasan_check_range+0x100/0x1a8 [ 35.332184] __kasan_check_write+0x20/0x30 [ 35.332233] kasan_atomics_helper+0xff0/0x4858 [ 35.332284] kasan_atomics+0x198/0x2e0 [ 35.332333] kunit_try_run_case+0x170/0x3f0 [ 35.332573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.332715] kthread+0x328/0x630 [ 35.332815] ret_from_fork+0x10/0x20 [ 35.332902] [ 35.333176] Allocated by task 296: [ 35.333237] kasan_save_stack+0x3c/0x68 [ 35.333338] kasan_save_track+0x20/0x40 [ 35.333414] kasan_save_alloc_info+0x40/0x58 [ 35.333455] __kasan_kmalloc+0xd4/0xd8 [ 35.333499] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.333777] kasan_atomics+0xb8/0x2e0 [ 35.333856] kunit_try_run_case+0x170/0x3f0 [ 35.333942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.334016] kthread+0x328/0x630 [ 35.334082] ret_from_fork+0x10/0x20 [ 35.334336] [ 35.334416] The buggy address belongs to the object at fff00000c997d800 [ 35.334416] which belongs to the cache kmalloc-64 of size 64 [ 35.334543] The buggy address is located 0 bytes to the right of [ 35.334543] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.334613] [ 35.334636] The buggy address belongs to the physical page: [ 35.334690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.334978] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.335065] page_type: f5(slab) [ 35.335369] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.335475] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.335556] page dumped because: kasan: bad access detected [ 35.335638] [ 35.335692] Memory state around the buggy address: [ 35.335772] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.335853] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.335926] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.336198] ^ [ 35.336256] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.336371] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.336475] ================================================================== [ 35.439847] ================================================================== [ 35.439971] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 35.440023] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.440075] [ 35.440118] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.440422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.440543] Hardware name: linux,dummy-virt (DT) [ 35.440603] Call trace: [ 35.440684] show_stack+0x20/0x38 (C) [ 35.440752] dump_stack_lvl+0x8c/0xd0 [ 35.440805] print_report+0x118/0x608 [ 35.440869] kasan_report+0xdc/0x128 [ 35.441074] kasan_check_range+0x100/0x1a8 [ 35.441268] __kasan_check_write+0x20/0x30 [ 35.441385] kasan_atomics_helper+0x17ec/0x4858 [ 35.441453] kasan_atomics+0x198/0x2e0 [ 35.441526] kunit_try_run_case+0x170/0x3f0 [ 35.441587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.441684] kthread+0x328/0x630 [ 35.441739] ret_from_fork+0x10/0x20 [ 35.441807] [ 35.441840] Allocated by task 296: [ 35.441873] kasan_save_stack+0x3c/0x68 [ 35.441918] kasan_save_track+0x20/0x40 [ 35.441959] kasan_save_alloc_info+0x40/0x58 [ 35.441998] __kasan_kmalloc+0xd4/0xd8 [ 35.442038] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.442081] kasan_atomics+0xb8/0x2e0 [ 35.442121] kunit_try_run_case+0x170/0x3f0 [ 35.442468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.442576] kthread+0x328/0x630 [ 35.442635] ret_from_fork+0x10/0x20 [ 35.442681] [ 35.442706] The buggy address belongs to the object at fff00000c997d800 [ 35.442706] which belongs to the cache kmalloc-64 of size 64 [ 35.442776] The buggy address is located 0 bytes to the right of [ 35.442776] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.442851] [ 35.442891] The buggy address belongs to the physical page: [ 35.442926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.442981] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.443252] page_type: f5(slab) [ 35.443308] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.443401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.443460] page dumped because: kasan: bad access detected [ 35.443524] [ 35.443588] Memory state around the buggy address: [ 35.443777] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.443976] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.444056] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.444192] ^ [ 35.444230] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.444275] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.444317] ================================================================== [ 35.353327] ================================================================== [ 35.353381] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 35.353449] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.353507] [ 35.353557] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.353710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.353742] Hardware name: linux,dummy-virt (DT) [ 35.353774] Call trace: [ 35.353800] show_stack+0x20/0x38 (C) [ 35.353859] dump_stack_lvl+0x8c/0xd0 [ 35.353919] print_report+0x118/0x608 [ 35.353967] kasan_report+0xdc/0x128 [ 35.354016] kasan_check_range+0x100/0x1a8 [ 35.354083] __kasan_check_write+0x20/0x30 [ 35.354131] kasan_atomics_helper+0x1190/0x4858 [ 35.354193] kasan_atomics+0x198/0x2e0 [ 35.354250] kunit_try_run_case+0x170/0x3f0 [ 35.354303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.354369] kthread+0x328/0x630 [ 35.354413] ret_from_fork+0x10/0x20 [ 35.354463] [ 35.354486] Allocated by task 296: [ 35.354522] kasan_save_stack+0x3c/0x68 [ 35.354565] kasan_save_track+0x20/0x40 [ 35.354607] kasan_save_alloc_info+0x40/0x58 [ 35.354647] __kasan_kmalloc+0xd4/0xd8 [ 35.354687] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.354734] kasan_atomics+0xb8/0x2e0 [ 35.354783] kunit_try_run_case+0x170/0x3f0 [ 35.354847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.354908] kthread+0x328/0x630 [ 35.354944] ret_from_fork+0x10/0x20 [ 35.354994] [ 35.355015] The buggy address belongs to the object at fff00000c997d800 [ 35.355015] which belongs to the cache kmalloc-64 of size 64 [ 35.355087] The buggy address is located 0 bytes to the right of [ 35.355087] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.355586] [ 35.355623] The buggy address belongs to the physical page: [ 35.355659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.355714] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.356025] page_type: f5(slab) [ 35.356179] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.356256] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.356338] page dumped because: kasan: bad access detected [ 35.356418] [ 35.356459] Memory state around the buggy address: [ 35.356499] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.356546] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.356605] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.356645] ^ [ 35.356679] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.356725] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.356766] ================================================================== [ 35.319841] ================================================================== [ 35.320039] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 35.320124] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.320241] [ 35.320299] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.320465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.320497] Hardware name: linux,dummy-virt (DT) [ 35.320847] Call trace: [ 35.321247] show_stack+0x20/0x38 (C) [ 35.321306] dump_stack_lvl+0x8c/0xd0 [ 35.321463] print_report+0x118/0x608 [ 35.321561] kasan_report+0xdc/0x128 [ 35.321824] kasan_check_range+0x100/0x1a8 [ 35.321908] __kasan_check_write+0x20/0x30 [ 35.321969] kasan_atomics_helper+0xf20/0x4858 [ 35.322029] kasan_atomics+0x198/0x2e0 [ 35.322078] kunit_try_run_case+0x170/0x3f0 [ 35.322131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.322208] kthread+0x328/0x630 [ 35.322253] ret_from_fork+0x10/0x20 [ 35.322304] [ 35.322351] Allocated by task 296: [ 35.322397] kasan_save_stack+0x3c/0x68 [ 35.322452] kasan_save_track+0x20/0x40 [ 35.322518] kasan_save_alloc_info+0x40/0x58 [ 35.322564] __kasan_kmalloc+0xd4/0xd8 [ 35.322619] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.322665] kasan_atomics+0xb8/0x2e0 [ 35.322712] kunit_try_run_case+0x170/0x3f0 [ 35.322764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.322819] kthread+0x328/0x630 [ 35.322864] ret_from_fork+0x10/0x20 [ 35.322903] [ 35.322936] The buggy address belongs to the object at fff00000c997d800 [ 35.322936] which belongs to the cache kmalloc-64 of size 64 [ 35.323002] The buggy address is located 0 bytes to the right of [ 35.323002] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.323076] [ 35.323100] The buggy address belongs to the physical page: [ 35.323132] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.323416] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.323755] page_type: f5(slab) [ 35.323803] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.324734] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.324852] page dumped because: kasan: bad access detected [ 35.325287] [ 35.325400] Memory state around the buggy address: [ 35.325793] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.325916] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.326014] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.326056] ^ [ 35.326288] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.326459] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.326688] ================================================================== [ 35.421001] ================================================================== [ 35.421074] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 35.421153] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.421282] [ 35.421330] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.421429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.421490] Hardware name: linux,dummy-virt (DT) [ 35.421523] Call trace: [ 35.421549] show_stack+0x20/0x38 (C) [ 35.421612] dump_stack_lvl+0x8c/0xd0 [ 35.421664] print_report+0x118/0x608 [ 35.421713] kasan_report+0xdc/0x128 [ 35.421762] kasan_check_range+0x100/0x1a8 [ 35.422023] __kasan_check_write+0x20/0x30 [ 35.422084] kasan_atomics_helper+0x16d0/0x4858 [ 35.422231] kasan_atomics+0x198/0x2e0 [ 35.422321] kunit_try_run_case+0x170/0x3f0 [ 35.422543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.422630] kthread+0x328/0x630 [ 35.422702] ret_from_fork+0x10/0x20 [ 35.422786] [ 35.422816] Allocated by task 296: [ 35.422865] kasan_save_stack+0x3c/0x68 [ 35.422922] kasan_save_track+0x20/0x40 [ 35.422963] kasan_save_alloc_info+0x40/0x58 [ 35.423045] __kasan_kmalloc+0xd4/0xd8 [ 35.423091] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.423134] kasan_atomics+0xb8/0x2e0 [ 35.423203] kunit_try_run_case+0x170/0x3f0 [ 35.423274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.423331] kthread+0x328/0x630 [ 35.423373] ret_from_fork+0x10/0x20 [ 35.423418] [ 35.423449] The buggy address belongs to the object at fff00000c997d800 [ 35.423449] which belongs to the cache kmalloc-64 of size 64 [ 35.423519] The buggy address is located 0 bytes to the right of [ 35.423519] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.423588] [ 35.423612] The buggy address belongs to the physical page: [ 35.423645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.423698] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.423747] page_type: f5(slab) [ 35.423787] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.423839] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.423882] page dumped because: kasan: bad access detected [ 35.423927] [ 35.423953] Memory state around the buggy address: [ 35.423997] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.424043] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.424096] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.424137] ^ [ 35.424181] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.424227] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.424267] ================================================================== [ 35.280099] ================================================================== [ 35.280261] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 35.280318] Read of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.280371] [ 35.280734] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.280835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.281110] Hardware name: linux,dummy-virt (DT) [ 35.281191] Call trace: [ 35.281220] show_stack+0x20/0x38 (C) [ 35.281405] dump_stack_lvl+0x8c/0xd0 [ 35.281459] print_report+0x118/0x608 [ 35.281516] kasan_report+0xdc/0x128 [ 35.281565] __asan_report_load8_noabort+0x20/0x30 [ 35.281618] kasan_atomics_helper+0x3f58/0x4858 [ 35.281670] kasan_atomics+0x198/0x2e0 [ 35.281720] kunit_try_run_case+0x170/0x3f0 [ 35.281772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.281830] kthread+0x328/0x630 [ 35.281876] ret_from_fork+0x10/0x20 [ 35.281927] [ 35.282632] Allocated by task 296: [ 35.283078] kasan_save_stack+0x3c/0x68 [ 35.283307] kasan_save_track+0x20/0x40 [ 35.283678] kasan_save_alloc_info+0x40/0x58 [ 35.283849] __kasan_kmalloc+0xd4/0xd8 [ 35.283920] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.284319] kasan_atomics+0xb8/0x2e0 [ 35.284460] kunit_try_run_case+0x170/0x3f0 [ 35.284535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.284797] kthread+0x328/0x630 [ 35.284942] ret_from_fork+0x10/0x20 [ 35.285109] [ 35.285279] The buggy address belongs to the object at fff00000c997d800 [ 35.285279] which belongs to the cache kmalloc-64 of size 64 [ 35.285712] The buggy address is located 0 bytes to the right of [ 35.285712] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.285888] [ 35.285962] The buggy address belongs to the physical page: [ 35.286030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.286372] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.286564] page_type: f5(slab) [ 35.286716] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.286775] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.286924] page dumped because: kasan: bad access detected [ 35.287333] [ 35.287444] Memory state around the buggy address: [ 35.287597] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.287669] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.288110] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.288250] ^ [ 35.288394] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.288473] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.288530] ================================================================== [ 35.342765] ================================================================== [ 35.342819] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 35.342870] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.343051] [ 35.343108] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.343315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.343364] Hardware name: linux,dummy-virt (DT) [ 35.343408] Call trace: [ 35.343444] show_stack+0x20/0x38 (C) [ 35.343742] dump_stack_lvl+0x8c/0xd0 [ 35.343840] print_report+0x118/0x608 [ 35.343954] kasan_report+0xdc/0x128 [ 35.344049] kasan_check_range+0x100/0x1a8 [ 35.344208] __kasan_check_write+0x20/0x30 [ 35.344305] kasan_atomics_helper+0x10c0/0x4858 [ 35.344417] kasan_atomics+0x198/0x2e0 [ 35.344502] kunit_try_run_case+0x170/0x3f0 [ 35.344558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.344755] kthread+0x328/0x630 [ 35.344810] ret_from_fork+0x10/0x20 [ 35.345094] [ 35.345154] Allocated by task 296: [ 35.345222] kasan_save_stack+0x3c/0x68 [ 35.345345] kasan_save_track+0x20/0x40 [ 35.345415] kasan_save_alloc_info+0x40/0x58 [ 35.345675] __kasan_kmalloc+0xd4/0xd8 [ 35.345772] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.345858] kasan_atomics+0xb8/0x2e0 [ 35.345949] kunit_try_run_case+0x170/0x3f0 [ 35.346025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.346109] kthread+0x328/0x630 [ 35.346195] ret_from_fork+0x10/0x20 [ 35.346255] [ 35.346278] The buggy address belongs to the object at fff00000c997d800 [ 35.346278] which belongs to the cache kmalloc-64 of size 64 [ 35.346374] The buggy address is located 0 bytes to the right of [ 35.346374] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.346751] [ 35.346924] The buggy address belongs to the physical page: [ 35.347090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.347250] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.347309] page_type: f5(slab) [ 35.347364] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.347418] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.347461] page dumped because: kasan: bad access detected [ 35.347517] [ 35.347539] Memory state around the buggy address: [ 35.347583] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.347633] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.347679] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.347731] ^ [ 35.347775] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.347820] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.347871] ================================================================== [ 35.385587] ================================================================== [ 35.385639] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 35.385707] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.385971] [ 35.386047] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.386148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.386206] Hardware name: linux,dummy-virt (DT) [ 35.386242] Call trace: [ 35.386273] show_stack+0x20/0x38 (C) [ 35.386332] dump_stack_lvl+0x8c/0xd0 [ 35.386383] print_report+0x118/0x608 [ 35.386433] kasan_report+0xdc/0x128 [ 35.386481] kasan_check_range+0x100/0x1a8 [ 35.386528] __kasan_check_write+0x20/0x30 [ 35.386709] kasan_atomics_helper+0x147c/0x4858 [ 35.386794] kasan_atomics+0x198/0x2e0 [ 35.386845] kunit_try_run_case+0x170/0x3f0 [ 35.386904] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.386980] kthread+0x328/0x630 [ 35.387193] ret_from_fork+0x10/0x20 [ 35.387313] [ 35.387340] Allocated by task 296: [ 35.387389] kasan_save_stack+0x3c/0x68 [ 35.387488] kasan_save_track+0x20/0x40 [ 35.387575] kasan_save_alloc_info+0x40/0x58 [ 35.387689] __kasan_kmalloc+0xd4/0xd8 [ 35.387755] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.387798] kasan_atomics+0xb8/0x2e0 [ 35.387838] kunit_try_run_case+0x170/0x3f0 [ 35.387880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.387928] kthread+0x328/0x630 [ 35.388096] ret_from_fork+0x10/0x20 [ 35.388143] [ 35.388176] The buggy address belongs to the object at fff00000c997d800 [ 35.388176] which belongs to the cache kmalloc-64 of size 64 [ 35.388290] The buggy address is located 0 bytes to the right of [ 35.388290] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.388434] [ 35.388493] The buggy address belongs to the physical page: [ 35.388596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.388691] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.388751] page_type: f5(slab) [ 35.388791] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.388844] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.389054] page dumped because: kasan: bad access detected [ 35.389193] [ 35.389241] Memory state around the buggy address: [ 35.389297] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.389343] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.389388] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.389701] ^ [ 35.389821] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.389900] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.389992] ================================================================== [ 35.367565] ================================================================== [ 35.367679] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 35.367810] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.367863] [ 35.367895] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.368132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.368270] Hardware name: linux,dummy-virt (DT) [ 35.368324] Call trace: [ 35.368366] show_stack+0x20/0x38 (C) [ 35.368472] dump_stack_lvl+0x8c/0xd0 [ 35.368558] print_report+0x118/0x608 [ 35.368817] kasan_report+0xdc/0x128 [ 35.368976] kasan_check_range+0x100/0x1a8 [ 35.369072] __kasan_check_write+0x20/0x30 [ 35.369180] kasan_atomics_helper+0x12d8/0x4858 [ 35.369283] kasan_atomics+0x198/0x2e0 [ 35.369360] kunit_try_run_case+0x170/0x3f0 [ 35.369449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.369541] kthread+0x328/0x630 [ 35.369585] ret_from_fork+0x10/0x20 [ 35.369636] [ 35.369668] Allocated by task 296: [ 35.369712] kasan_save_stack+0x3c/0x68 [ 35.369772] kasan_save_track+0x20/0x40 [ 35.369823] kasan_save_alloc_info+0x40/0x58 [ 35.369864] __kasan_kmalloc+0xd4/0xd8 [ 35.369904] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.369947] kasan_atomics+0xb8/0x2e0 [ 35.369986] kunit_try_run_case+0x170/0x3f0 [ 35.370028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.370077] kthread+0x328/0x630 [ 35.370113] ret_from_fork+0x10/0x20 [ 35.370153] [ 35.370184] The buggy address belongs to the object at fff00000c997d800 [ 35.370184] which belongs to the cache kmalloc-64 of size 64 [ 35.370245] The buggy address is located 0 bytes to the right of [ 35.370245] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.370335] [ 35.370558] The buggy address belongs to the physical page: [ 35.370672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.370755] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.370840] page_type: f5(slab) [ 35.370993] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.371142] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.371228] page dumped because: kasan: bad access detected [ 35.371315] [ 35.371352] Memory state around the buggy address: [ 35.371386] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.371433] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.371478] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.371519] ^ [ 35.371755] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.371828] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.371879] ================================================================== [ 35.192406] ================================================================== [ 35.192481] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 35.192617] Write of size 4 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.192704] [ 35.192738] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.192964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.193000] Hardware name: linux,dummy-virt (DT) [ 35.193034] Call trace: [ 35.193066] show_stack+0x20/0x38 (C) [ 35.193189] dump_stack_lvl+0x8c/0xd0 [ 35.193246] print_report+0x118/0x608 [ 35.193363] kasan_check_range+0x100/0x1a8 [ 35.194356] __kasan_kmalloc+0xd4/0xd8 [ 35.195228] [ 35.195720] page dumped because: kasan: bad access detected [ 35.196304] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.197657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.198677] kthread+0x328/0x630 [ 35.200443] [ 35.200503] The buggy address belongs to the physical page: [ 35.200562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.200618] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.200668] page_type: f5(slab) [ 35.200884] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.201046] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.201101] page dumped because: kasan: bad access detected [ 35.201152] [ 35.201361] Memory state around the buggy address: [ 35.201547] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.201639] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.201770] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.201829] ^ [ 35.201901] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.202134] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.202255] ================================================================== [ 35.396807] ================================================================== [ 35.396871] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 35.396940] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.397010] [ 35.397054] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.397142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.397186] Hardware name: linux,dummy-virt (DT) [ 35.397226] Call trace: [ 35.397310] show_stack+0x20/0x38 (C) [ 35.397361] dump_stack_lvl+0x8c/0xd0 [ 35.397423] print_report+0x118/0x608 [ 35.397474] kasan_report+0xdc/0x128 [ 35.397701] kasan_check_range+0x100/0x1a8 [ 35.397763] __kasan_check_write+0x20/0x30 [ 35.397945] kasan_atomics_helper+0x154c/0x4858 [ 35.398096] kasan_atomics+0x198/0x2e0 [ 35.398182] kunit_try_run_case+0x170/0x3f0 [ 35.398311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.398459] kthread+0x328/0x630 [ 35.398557] ret_from_fork+0x10/0x20 [ 35.398610] [ 35.398649] Allocated by task 296: [ 35.398688] kasan_save_stack+0x3c/0x68 [ 35.398874] kasan_save_track+0x20/0x40 [ 35.398930] kasan_save_alloc_info+0x40/0x58 [ 35.399006] __kasan_kmalloc+0xd4/0xd8 [ 35.399069] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.399113] kasan_atomics+0xb8/0x2e0 [ 35.399544] kunit_try_run_case+0x170/0x3f0 [ 35.399625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.399674] kthread+0x328/0x630 [ 35.399710] ret_from_fork+0x10/0x20 [ 35.399750] [ 35.399773] The buggy address belongs to the object at fff00000c997d800 [ 35.399773] which belongs to the cache kmalloc-64 of size 64 [ 35.399834] The buggy address is located 0 bytes to the right of [ 35.399834] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.399901] [ 35.399924] The buggy address belongs to the physical page: [ 35.399959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.400010] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.400060] page_type: f5(slab) [ 35.400101] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.400165] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.400253] page dumped because: kasan: bad access detected [ 35.400332] [ 35.400472] Memory state around the buggy address: [ 35.400610] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.400660] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.400763] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.400806] ^ [ 35.400996] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.401199] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.401250] ================================================================== [ 35.308924] ================================================================== [ 35.309008] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 35.309063] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.309229] [ 35.309583] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.309696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.309726] Hardware name: linux,dummy-virt (DT) [ 35.309763] Call trace: [ 35.309790] show_stack+0x20/0x38 (C) [ 35.310067] dump_stack_lvl+0x8c/0xd0 [ 35.310606] print_report+0x118/0x608 [ 35.310848] kasan_report+0xdc/0x128 [ 35.311263] kasan_check_range+0x100/0x1a8 [ 35.311343] __kasan_check_write+0x20/0x30 [ 35.311393] kasan_atomics_helper+0xeb8/0x4858 [ 35.311454] kasan_atomics+0x198/0x2e0 [ 35.311502] kunit_try_run_case+0x170/0x3f0 [ 35.312099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.312313] kthread+0x328/0x630 [ 35.312362] ret_from_fork+0x10/0x20 [ 35.312724] [ 35.312918] Allocated by task 296: [ 35.313150] kasan_save_stack+0x3c/0x68 [ 35.313220] kasan_save_track+0x20/0x40 [ 35.313478] kasan_save_alloc_info+0x40/0x58 [ 35.313779] __kasan_kmalloc+0xd4/0xd8 [ 35.313945] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.314303] kasan_atomics+0xb8/0x2e0 [ 35.314558] kunit_try_run_case+0x170/0x3f0 [ 35.314788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.314957] kthread+0x328/0x630 [ 35.314998] ret_from_fork+0x10/0x20 [ 35.315181] [ 35.315265] The buggy address belongs to the object at fff00000c997d800 [ 35.315265] which belongs to the cache kmalloc-64 of size 64 [ 35.315488] The buggy address is located 0 bytes to the right of [ 35.315488] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.315673] [ 35.315848] The buggy address belongs to the physical page: [ 35.316229] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.316321] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.316590] page_type: f5(slab) [ 35.316897] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.317081] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.317211] page dumped because: kasan: bad access detected [ 35.317256] [ 35.317597] Memory state around the buggy address: [ 35.317660] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.318129] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.318201] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.318558] ^ [ 35.318672] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.318753] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.318847] ================================================================== [ 35.328877] ================================================================== [ 35.328944] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 35.328997] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.329059] [ 35.329093] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.329196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.329228] Hardware name: linux,dummy-virt (DT) [ 35.329262] Call trace: [ 35.329286] show_stack+0x20/0x38 (C) [ 35.329337] dump_stack_lvl+0x8c/0xd0 [ 35.329388] print_report+0x118/0x608 [ 35.329437] kasan_report+0xdc/0x128 [ 35.329490] kasan_check_range+0x100/0x1a8 [ 35.329538] __kasan_check_write+0x20/0x30 [ 35.329588] kasan_atomics_helper+0xf88/0x4858 [ 35.329638] kasan_atomics+0x198/0x2e0 [ 35.329686] kunit_try_run_case+0x170/0x3f0 [ 35.329737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.329791] kthread+0x328/0x630 [ 35.329835] ret_from_fork+0x10/0x20 [ 35.329885] [ 35.329906] Allocated by task 296: [ 35.329937] kasan_save_stack+0x3c/0x68 [ 35.329981] kasan_save_track+0x20/0x40 [ 35.330022] kasan_save_alloc_info+0x40/0x58 [ 35.330063] __kasan_kmalloc+0xd4/0xd8 [ 35.330104] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.330147] kasan_atomics+0xb8/0x2e0 [ 35.330197] kunit_try_run_case+0x170/0x3f0 [ 35.330238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.330285] kthread+0x328/0x630 [ 35.330320] ret_from_fork+0x10/0x20 [ 35.330360] [ 35.330381] The buggy address belongs to the object at fff00000c997d800 [ 35.330381] which belongs to the cache kmalloc-64 of size 64 [ 35.330442] The buggy address is located 0 bytes to the right of [ 35.330442] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.330508] [ 35.330530] The buggy address belongs to the physical page: [ 35.330563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.330615] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.330665] page_type: f5(slab) [ 35.330707] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.330760] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.330803] page dumped because: kasan: bad access detected [ 35.330835] [ 35.330857] Memory state around the buggy address: [ 35.330888] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.330932] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.330977] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.331018] ^ [ 35.331054] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.331098] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.331139] ================================================================== [ 35.289989] ================================================================== [ 35.290050] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 35.290116] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.290514] [ 35.290553] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.290657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.290689] Hardware name: linux,dummy-virt (DT) [ 35.290726] Call trace: [ 35.290751] show_stack+0x20/0x38 (C) [ 35.290805] dump_stack_lvl+0x8c/0xd0 [ 35.290866] print_report+0x118/0x608 [ 35.290919] kasan_report+0xdc/0x128 [ 35.290969] kasan_check_range+0x100/0x1a8 [ 35.291016] __kasan_check_write+0x20/0x30 [ 35.291065] kasan_atomics_helper+0xe44/0x4858 [ 35.291117] kasan_atomics+0x198/0x2e0 [ 35.291184] kunit_try_run_case+0x170/0x3f0 [ 35.291238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.291294] kthread+0x328/0x630 [ 35.291339] ret_from_fork+0x10/0x20 [ 35.291758] [ 35.292060] Allocated by task 296: [ 35.292148] kasan_save_stack+0x3c/0x68 [ 35.292472] kasan_save_track+0x20/0x40 [ 35.292661] kasan_save_alloc_info+0x40/0x58 [ 35.292878] __kasan_kmalloc+0xd4/0xd8 [ 35.292945] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.293017] kasan_atomics+0xb8/0x2e0 [ 35.293263] kunit_try_run_case+0x170/0x3f0 [ 35.293678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.293973] kthread+0x328/0x630 [ 35.294424] ret_from_fork+0x10/0x20 [ 35.294576] [ 35.294604] The buggy address belongs to the object at fff00000c997d800 [ 35.294604] which belongs to the cache kmalloc-64 of size 64 [ 35.294822] The buggy address is located 0 bytes to the right of [ 35.294822] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.295045] [ 35.295428] The buggy address belongs to the physical page: [ 35.295591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.295685] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.295769] page_type: f5(slab) [ 35.296049] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.296189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.296430] page dumped because: kasan: bad access detected [ 35.296789] [ 35.296830] Memory state around the buggy address: [ 35.296983] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.297175] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.297395] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.297492] ^ [ 35.297560] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.297718] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.297811] ================================================================== [ 35.250986] ================================================================== [ 35.251062] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 35.251457] Write of size 4 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.251922] [ 35.251985] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.252368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.252419] Hardware name: linux,dummy-virt (DT) [ 35.252974] Call trace: [ 35.253103] show_stack+0x20/0x38 (C) [ 35.253200] dump_stack_lvl+0x8c/0xd0 [ 35.253432] print_report+0x118/0x608 [ 35.253510] kasan_report+0xdc/0x128 [ 35.253570] kasan_check_range+0x100/0x1a8 [ 35.253618] __kasan_check_write+0x20/0x30 [ 35.253674] kasan_atomics_helper+0xd3c/0x4858 [ 35.253726] kasan_atomics+0x198/0x2e0 [ 35.253775] kunit_try_run_case+0x170/0x3f0 [ 35.253830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.253888] kthread+0x328/0x630 [ 35.253935] ret_from_fork+0x10/0x20 [ 35.253993] [ 35.254031] Allocated by task 296: [ 35.254073] kasan_save_stack+0x3c/0x68 [ 35.254117] kasan_save_track+0x20/0x40 [ 35.254201] kasan_save_alloc_info+0x40/0x58 [ 35.254798] __kasan_kmalloc+0xd4/0xd8 [ 35.255009] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.255300] kasan_atomics+0xb8/0x2e0 [ 35.255844] kunit_try_run_case+0x170/0x3f0 [ 35.255942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.256153] kthread+0x328/0x630 [ 35.256242] ret_from_fork+0x10/0x20 [ 35.256366] [ 35.256390] The buggy address belongs to the object at fff00000c997d800 [ 35.256390] which belongs to the cache kmalloc-64 of size 64 [ 35.256641] The buggy address is located 0 bytes to the right of [ 35.256641] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.257037] [ 35.257126] The buggy address belongs to the physical page: [ 35.257297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.257505] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.257591] page_type: f5(slab) [ 35.257839] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.258048] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.258153] page dumped because: kasan: bad access detected [ 35.258561] [ 35.258696] Memory state around the buggy address: [ 35.258765] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.258945] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.258993] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.259058] ^ [ 35.259105] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.259395] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.260003] ================================================================== [ 35.416280] ================================================================== [ 35.416333] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 35.416384] Read of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.416653] [ 35.416694] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.416784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.416839] Hardware name: linux,dummy-virt (DT) [ 35.416875] Call trace: [ 35.416904] show_stack+0x20/0x38 (C) [ 35.416959] dump_stack_lvl+0x8c/0xd0 [ 35.417008] print_report+0x118/0x608 [ 35.417149] kasan_report+0xdc/0x128 [ 35.417215] __asan_report_load8_noabort+0x20/0x30 [ 35.417382] kasan_atomics_helper+0x3df4/0x4858 [ 35.417470] kasan_atomics+0x198/0x2e0 [ 35.417526] kunit_try_run_case+0x170/0x3f0 [ 35.417597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.417656] kthread+0x328/0x630 [ 35.417715] ret_from_fork+0x10/0x20 [ 35.417783] [ 35.417823] Allocated by task 296: [ 35.417862] kasan_save_stack+0x3c/0x68 [ 35.417949] kasan_save_track+0x20/0x40 [ 35.417996] kasan_save_alloc_info+0x40/0x58 [ 35.418043] __kasan_kmalloc+0xd4/0xd8 [ 35.418085] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.418127] kasan_atomics+0xb8/0x2e0 [ 35.418176] kunit_try_run_case+0x170/0x3f0 [ 35.418431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.418495] kthread+0x328/0x630 [ 35.418595] ret_from_fork+0x10/0x20 [ 35.418639] [ 35.418679] The buggy address belongs to the object at fff00000c997d800 [ 35.418679] which belongs to the cache kmalloc-64 of size 64 [ 35.418849] The buggy address is located 0 bytes to the right of [ 35.418849] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.419028] [ 35.419096] The buggy address belongs to the physical page: [ 35.419174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.419232] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.419282] page_type: f5(slab) [ 35.419323] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.419464] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.419700] page dumped because: kasan: bad access detected [ 35.419758] [ 35.419807] Memory state around the buggy address: [ 35.419937] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.420021] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.420294] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.420351] ^ [ 35.420408] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.420464] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.420505] ================================================================== [ 35.381907] ================================================================== [ 35.381957] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 35.382007] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.382059] [ 35.382089] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.382191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.382219] Hardware name: linux,dummy-virt (DT) [ 35.382253] Call trace: [ 35.382287] show_stack+0x20/0x38 (C) [ 35.382339] dump_stack_lvl+0x8c/0xd0 [ 35.382389] print_report+0x118/0x608 [ 35.382439] kasan_report+0xdc/0x128 [ 35.382488] kasan_check_range+0x100/0x1a8 [ 35.382535] __kasan_check_write+0x20/0x30 [ 35.382583] kasan_atomics_helper+0x1414/0x4858 [ 35.382646] kasan_atomics+0x198/0x2e0 [ 35.382694] kunit_try_run_case+0x170/0x3f0 [ 35.382745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.382811] kthread+0x328/0x630 [ 35.382855] ret_from_fork+0x10/0x20 [ 35.382905] [ 35.382928] Allocated by task 296: [ 35.382966] kasan_save_stack+0x3c/0x68 [ 35.383010] kasan_save_track+0x20/0x40 [ 35.383066] kasan_save_alloc_info+0x40/0x58 [ 35.383107] __kasan_kmalloc+0xd4/0xd8 [ 35.383147] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.383199] kasan_atomics+0xb8/0x2e0 [ 35.383238] kunit_try_run_case+0x170/0x3f0 [ 35.383280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.383334] kthread+0x328/0x630 [ 35.383371] ret_from_fork+0x10/0x20 [ 35.383410] [ 35.383431] The buggy address belongs to the object at fff00000c997d800 [ 35.383431] which belongs to the cache kmalloc-64 of size 64 [ 35.383491] The buggy address is located 0 bytes to the right of [ 35.383491] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.383557] [ 35.383579] The buggy address belongs to the physical page: [ 35.383614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.383664] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.383714] page_type: f5(slab) [ 35.384207] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.384285] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.384328] page dumped because: kasan: bad access detected [ 35.384515] [ 35.384540] Memory state around the buggy address: [ 35.384610] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.384657] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.384732] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.384774] ^ [ 35.384811] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.384980] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.385022] ================================================================== [ 35.239262] ================================================================== [ 35.239619] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 35.239775] Read of size 4 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.240064] [ 35.240106] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.240571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.240811] Hardware name: linux,dummy-virt (DT) [ 35.240947] Call trace: [ 35.241349] show_stack+0x20/0x38 (C) [ 35.241645] dump_stack_lvl+0x8c/0xd0 [ 35.241813] print_report+0x118/0x608 [ 35.241875] kasan_report+0xdc/0x128 [ 35.242213] __asan_report_load4_noabort+0x20/0x30 [ 35.242840] kasan_atomics_helper+0x3dd8/0x4858 [ 35.243295] kasan_atomics+0x198/0x2e0 [ 35.243396] kunit_try_run_case+0x170/0x3f0 [ 35.243691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.243899] kthread+0x328/0x630 [ 35.243957] ret_from_fork+0x10/0x20 [ 35.244008] [ 35.244031] Allocated by task 296: [ 35.244510] kasan_save_stack+0x3c/0x68 [ 35.244667] kasan_save_track+0x20/0x40 [ 35.244871] kasan_save_alloc_info+0x40/0x58 [ 35.244931] __kasan_kmalloc+0xd4/0xd8 [ 35.245232] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.245466] kasan_atomics+0xb8/0x2e0 [ 35.245811] kunit_try_run_case+0x170/0x3f0 [ 35.246016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.246182] kthread+0x328/0x630 [ 35.246273] ret_from_fork+0x10/0x20 [ 35.246352] [ 35.246691] The buggy address belongs to the object at fff00000c997d800 [ 35.246691] which belongs to the cache kmalloc-64 of size 64 [ 35.246777] The buggy address is located 0 bytes to the right of [ 35.246777] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.246981] [ 35.247311] The buggy address belongs to the physical page: [ 35.247500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.247812] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.248079] page_type: f5(slab) [ 35.248267] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.248342] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.248680] page dumped because: kasan: bad access detected [ 35.248745] [ 35.249001] Memory state around the buggy address: [ 35.249217] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.249294] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.249457] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.249522] ^ [ 35.249559] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.249612] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.249730] ================================================================== [ 35.390706] ================================================================== [ 35.390780] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 35.390833] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.390886] [ 35.391057] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.391272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.391344] Hardware name: linux,dummy-virt (DT) [ 35.391378] Call trace: [ 35.391405] show_stack+0x20/0x38 (C) [ 35.391456] dump_stack_lvl+0x8c/0xd0 [ 35.391518] print_report+0x118/0x608 [ 35.391708] kasan_report+0xdc/0x128 [ 35.391849] kasan_check_range+0x100/0x1a8 [ 35.391932] __kasan_check_write+0x20/0x30 [ 35.392057] kasan_atomics_helper+0x14e4/0x4858 [ 35.392143] kasan_atomics+0x198/0x2e0 [ 35.392311] kunit_try_run_case+0x170/0x3f0 [ 35.392396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.392520] kthread+0x328/0x630 [ 35.392565] ret_from_fork+0x10/0x20 [ 35.392615] [ 35.392638] Allocated by task 296: [ 35.392667] kasan_save_stack+0x3c/0x68 [ 35.392714] kasan_save_track+0x20/0x40 [ 35.392755] kasan_save_alloc_info+0x40/0x58 [ 35.392794] __kasan_kmalloc+0xd4/0xd8 [ 35.393122] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.393599] kasan_atomics+0xb8/0x2e0 [ 35.393718] kunit_try_run_case+0x170/0x3f0 [ 35.393795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.393883] kthread+0x328/0x630 [ 35.393950] ret_from_fork+0x10/0x20 [ 35.394231] [ 35.394311] The buggy address belongs to the object at fff00000c997d800 [ 35.394311] which belongs to the cache kmalloc-64 of size 64 [ 35.394388] The buggy address is located 0 bytes to the right of [ 35.394388] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.394456] [ 35.394674] The buggy address belongs to the physical page: [ 35.394783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.394863] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.394937] page_type: f5(slab) [ 35.394989] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.395200] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.395305] page dumped because: kasan: bad access detected [ 35.395383] [ 35.395446] Memory state around the buggy address: [ 35.395531] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.395577] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.395637] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.395678] ^ [ 35.395715] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.395799] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.395842] ================================================================== [ 35.372699] ================================================================== [ 35.372764] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 35.372817] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.372869] [ 35.372907] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.372997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.373032] Hardware name: linux,dummy-virt (DT) [ 35.373077] Call trace: [ 35.373101] show_stack+0x20/0x38 (C) [ 35.373167] dump_stack_lvl+0x8c/0xd0 [ 35.373219] print_report+0x118/0x608 [ 35.373371] kasan_report+0xdc/0x128 [ 35.373425] kasan_check_range+0x100/0x1a8 [ 35.373472] __kasan_check_write+0x20/0x30 [ 35.373525] kasan_atomics_helper+0x1384/0x4858 [ 35.373723] kasan_atomics+0x198/0x2e0 [ 35.373787] kunit_try_run_case+0x170/0x3f0 [ 35.373858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.374091] kthread+0x328/0x630 [ 35.374173] ret_from_fork+0x10/0x20 [ 35.374229] [ 35.374269] Allocated by task 296: [ 35.374310] kasan_save_stack+0x3c/0x68 [ 35.374356] kasan_save_track+0x20/0x40 [ 35.374403] kasan_save_alloc_info+0x40/0x58 [ 35.374467] __kasan_kmalloc+0xd4/0xd8 [ 35.374507] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.374550] kasan_atomics+0xb8/0x2e0 [ 35.374886] kunit_try_run_case+0x170/0x3f0 [ 35.374963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.375035] kthread+0x328/0x630 [ 35.375268] ret_from_fork+0x10/0x20 [ 35.375362] [ 35.375388] The buggy address belongs to the object at fff00000c997d800 [ 35.375388] which belongs to the cache kmalloc-64 of size 64 [ 35.375460] The buggy address is located 0 bytes to the right of [ 35.375460] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.375563] [ 35.375615] The buggy address belongs to the physical page: [ 35.375667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.375718] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.375876] page_type: f5(slab) [ 35.375917] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.375971] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.376127] page dumped because: kasan: bad access detected [ 35.376187] [ 35.376233] Memory state around the buggy address: [ 35.376268] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.376322] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.376376] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.376423] ^ [ 35.376466] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.376526] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.376567] ================================================================== [ 35.377056] ================================================================== [ 35.377260] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 35.377355] Read of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.377410] [ 35.377443] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.377671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.377779] Hardware name: linux,dummy-virt (DT) [ 35.377847] Call trace: [ 35.377874] show_stack+0x20/0x38 (C) [ 35.377926] dump_stack_lvl+0x8c/0xd0 [ 35.377995] print_report+0x118/0x608 [ 35.378047] kasan_report+0xdc/0x128 [ 35.378095] __asan_report_load8_noabort+0x20/0x30 [ 35.378146] kasan_atomics_helper+0x3f04/0x4858 [ 35.378209] kasan_atomics+0x198/0x2e0 [ 35.378258] kunit_try_run_case+0x170/0x3f0 [ 35.378311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.378368] kthread+0x328/0x630 [ 35.378412] ret_from_fork+0x10/0x20 [ 35.378603] [ 35.378678] Allocated by task 296: [ 35.378715] kasan_save_stack+0x3c/0x68 [ 35.378777] kasan_save_track+0x20/0x40 [ 35.379007] kasan_save_alloc_info+0x40/0x58 [ 35.379072] __kasan_kmalloc+0xd4/0xd8 [ 35.379131] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.379191] kasan_atomics+0xb8/0x2e0 [ 35.379231] kunit_try_run_case+0x170/0x3f0 [ 35.379272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.379330] kthread+0x328/0x630 [ 35.379376] ret_from_fork+0x10/0x20 [ 35.379530] [ 35.379592] The buggy address belongs to the object at fff00000c997d800 [ 35.379592] which belongs to the cache kmalloc-64 of size 64 [ 35.379756] The buggy address is located 0 bytes to the right of [ 35.379756] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.379849] [ 35.380093] The buggy address belongs to the physical page: [ 35.380133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.380200] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.380249] page_type: f5(slab) [ 35.380292] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.380559] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.380608] page dumped because: kasan: bad access detected [ 35.380672] [ 35.380711] Memory state around the buggy address: [ 35.380775] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.381065] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.381152] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.381259] ^ [ 35.381329] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.381455] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.381537] ================================================================== [ 35.410994] ================================================================== [ 35.411050] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 35.411125] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.411190] [ 35.411221] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.411375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.411439] Hardware name: linux,dummy-virt (DT) [ 35.411488] Call trace: [ 35.411612] show_stack+0x20/0x38 (C) [ 35.411688] dump_stack_lvl+0x8c/0xd0 [ 35.411786] print_report+0x118/0x608 [ 35.411847] kasan_report+0xdc/0x128 [ 35.411896] kasan_check_range+0x100/0x1a8 [ 35.412097] __kasan_check_write+0x20/0x30 [ 35.412185] kasan_atomics_helper+0x1644/0x4858 [ 35.412299] kasan_atomics+0x198/0x2e0 [ 35.412377] kunit_try_run_case+0x170/0x3f0 [ 35.412490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.412585] kthread+0x328/0x630 [ 35.412637] ret_from_fork+0x10/0x20 [ 35.412696] [ 35.412719] Allocated by task 296: [ 35.412751] kasan_save_stack+0x3c/0x68 [ 35.412943] kasan_save_track+0x20/0x40 [ 35.412999] kasan_save_alloc_info+0x40/0x58 [ 35.413174] __kasan_kmalloc+0xd4/0xd8 [ 35.413241] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.413295] kasan_atomics+0xb8/0x2e0 [ 35.413358] kunit_try_run_case+0x170/0x3f0 [ 35.413438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.413779] kthread+0x328/0x630 [ 35.413856] ret_from_fork+0x10/0x20 [ 35.413960] [ 35.414009] The buggy address belongs to the object at fff00000c997d800 [ 35.414009] which belongs to the cache kmalloc-64 of size 64 [ 35.414106] The buggy address is located 0 bytes to the right of [ 35.414106] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.414184] [ 35.414207] The buggy address belongs to the physical page: [ 35.414561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.414647] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.414845] page_type: f5(slab) [ 35.414969] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.415023] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.415066] page dumped because: kasan: bad access detected [ 35.415101] [ 35.415122] Memory state around the buggy address: [ 35.415166] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.415213] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.415326] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.415375] ^ [ 35.415426] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.415472] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.415513] ================================================================== [ 35.299103] ================================================================== [ 35.299504] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 35.299716] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.300025] [ 35.300084] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.300390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.300566] Hardware name: linux,dummy-virt (DT) [ 35.300658] Call trace: [ 35.300706] show_stack+0x20/0x38 (C) [ 35.300796] dump_stack_lvl+0x8c/0xd0 [ 35.301204] print_report+0x118/0x608 [ 35.301292] kasan_report+0xdc/0x128 [ 35.301368] __asan_report_store8_noabort+0x20/0x30 [ 35.301717] kasan_atomics_helper+0x3e5c/0x4858 [ 35.302030] kasan_atomics+0x198/0x2e0 [ 35.302229] kunit_try_run_case+0x170/0x3f0 [ 35.302847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.303057] kthread+0x328/0x630 [ 35.303168] ret_from_fork+0x10/0x20 [ 35.303252] [ 35.303416] Allocated by task 296: [ 35.303756] kasan_save_stack+0x3c/0x68 [ 35.303944] kasan_save_track+0x20/0x40 [ 35.304435] kasan_save_alloc_info+0x40/0x58 [ 35.304508] __kasan_kmalloc+0xd4/0xd8 [ 35.304667] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.304912] kasan_atomics+0xb8/0x2e0 [ 35.304977] kunit_try_run_case+0x170/0x3f0 [ 35.305018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.305109] kthread+0x328/0x630 [ 35.305165] ret_from_fork+0x10/0x20 [ 35.305216] [ 35.305239] The buggy address belongs to the object at fff00000c997d800 [ 35.305239] which belongs to the cache kmalloc-64 of size 64 [ 35.305301] The buggy address is located 0 bytes to the right of [ 35.305301] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.305369] [ 35.305401] The buggy address belongs to the physical page: [ 35.305444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.305512] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.305564] page_type: f5(slab) [ 35.305606] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.305659] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.305703] page dumped because: kasan: bad access detected [ 35.305736] [ 35.305763] Memory state around the buggy address: [ 35.305799] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.305850] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.305904] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.305945] ^ [ 35.305989] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.306051] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.306098] ================================================================== [ 35.406270] ================================================================== [ 35.406325] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 35.406377] Read of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.406456] [ 35.406504] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.406599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.406647] Hardware name: linux,dummy-virt (DT) [ 35.406680] Call trace: [ 35.406718] show_stack+0x20/0x38 (C) [ 35.406769] dump_stack_lvl+0x8c/0xd0 [ 35.406828] print_report+0x118/0x608 [ 35.406879] kasan_report+0xdc/0x128 [ 35.406927] __asan_report_load8_noabort+0x20/0x30 [ 35.407093] kasan_atomics_helper+0x3db0/0x4858 [ 35.407304] kasan_atomics+0x198/0x2e0 [ 35.407368] kunit_try_run_case+0x170/0x3f0 [ 35.407431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.407497] kthread+0x328/0x630 [ 35.407684] ret_from_fork+0x10/0x20 [ 35.407803] [ 35.407853] Allocated by task 296: [ 35.407907] kasan_save_stack+0x3c/0x68 [ 35.407996] kasan_save_track+0x20/0x40 [ 35.408050] kasan_save_alloc_info+0x40/0x58 [ 35.408115] __kasan_kmalloc+0xd4/0xd8 [ 35.408185] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.408228] kasan_atomics+0xb8/0x2e0 [ 35.408267] kunit_try_run_case+0x170/0x3f0 [ 35.408308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.408388] kthread+0x328/0x630 [ 35.408423] ret_from_fork+0x10/0x20 [ 35.408462] [ 35.408484] The buggy address belongs to the object at fff00000c997d800 [ 35.408484] which belongs to the cache kmalloc-64 of size 64 [ 35.408665] The buggy address is located 0 bytes to the right of [ 35.408665] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.408762] [ 35.408840] The buggy address belongs to the physical page: [ 35.408905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.409003] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.409339] page_type: f5(slab) [ 35.409438] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.409525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.409580] page dumped because: kasan: bad access detected [ 35.409614] [ 35.409635] Memory state around the buggy address: [ 35.409780] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.410000] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.410064] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.410146] ^ [ 35.410454] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.410559] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.410629] ================================================================== [ 35.348098] ================================================================== [ 35.348391] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 35.348457] Write of size 8 at addr fff00000c997d830 by task kunit_try_catch/296 [ 35.348511] [ 35.348593] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT [ 35.348796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.348846] Hardware name: linux,dummy-virt (DT) [ 35.348902] Call trace: [ 35.348927] show_stack+0x20/0x38 (C) [ 35.348980] dump_stack_lvl+0x8c/0xd0 [ 35.349050] print_report+0x118/0x608 [ 35.349125] kasan_report+0xdc/0x128 [ 35.349202] kasan_check_range+0x100/0x1a8 [ 35.349490] __kasan_check_write+0x20/0x30 [ 35.349556] kasan_atomics_helper+0x1128/0x4858 [ 35.349681] kasan_atomics+0x198/0x2e0 [ 35.349738] kunit_try_run_case+0x170/0x3f0 [ 35.349806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.349880] kthread+0x328/0x630 [ 35.349932] ret_from_fork+0x10/0x20 [ 35.350000] [ 35.350040] Allocated by task 296: [ 35.350084] kasan_save_stack+0x3c/0x68 [ 35.350131] kasan_save_track+0x20/0x40 [ 35.350190] kasan_save_alloc_info+0x40/0x58 [ 35.350244] __kasan_kmalloc+0xd4/0xd8 [ 35.350285] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.350329] kasan_atomics+0xb8/0x2e0 [ 35.350369] kunit_try_run_case+0x170/0x3f0 [ 35.350513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.350666] kthread+0x328/0x630 [ 35.350712] ret_from_fork+0x10/0x20 [ 35.351014] [ 35.351080] The buggy address belongs to the object at fff00000c997d800 [ 35.351080] which belongs to the cache kmalloc-64 of size 64 [ 35.351173] The buggy address is located 0 bytes to the right of [ 35.351173] allocated 48-byte region [fff00000c997d800, fff00000c997d830) [ 35.351259] [ 35.351283] The buggy address belongs to the physical page: [ 35.351324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10997d [ 35.351389] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.351447] page_type: f5(slab) [ 35.351500] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.351586] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.351663] page dumped because: kasan: bad access detected [ 35.351715] [ 35.351736] Memory state around the buggy address: [ 35.351770] fff00000c997d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.351964] fff00000c997d780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.352017] >fff00000c997d800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.352058] ^ [ 35.352254] fff00000c997d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.352323] fff00000c997d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.352410] ==================================================================
[ 25.788075] ================================================================== [ 25.788380] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 25.788888] Read of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 25.789227] [ 25.789317] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.789372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.789387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.789412] Call Trace: [ 25.789428] <TASK> [ 25.789448] dump_stack_lvl+0x73/0xb0 [ 25.789480] print_report+0xd1/0x650 [ 25.789504] ? __virt_addr_valid+0x1db/0x2d0 [ 25.789529] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.789552] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.789579] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.789604] kasan_report+0x141/0x180 [ 25.789627] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.789654] __asan_report_load4_noabort+0x18/0x20 [ 25.789681] kasan_atomics_helper+0x4b88/0x5450 [ 25.789706] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.789730] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.789757] ? kasan_atomics+0x152/0x310 [ 25.789784] kasan_atomics+0x1dc/0x310 [ 25.789809] ? __pfx_kasan_atomics+0x10/0x10 [ 25.789838] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.789865] ? __pfx_read_tsc+0x10/0x10 [ 25.789889] ? ktime_get_ts64+0x86/0x230 [ 25.789916] kunit_try_run_case+0x1a5/0x480 [ 25.789945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.789971] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.789994] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.790032] ? __kthread_parkme+0x82/0x180 [ 25.790056] ? preempt_count_sub+0x50/0x80 [ 25.790091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.790118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.790143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.790170] kthread+0x337/0x6f0 [ 25.790191] ? trace_preempt_on+0x20/0xc0 [ 25.790216] ? __pfx_kthread+0x10/0x10 [ 25.790238] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.790265] ? calculate_sigpending+0x7b/0xa0 [ 25.790290] ? __pfx_kthread+0x10/0x10 [ 25.790313] ret_from_fork+0x116/0x1d0 [ 25.790333] ? __pfx_kthread+0x10/0x10 [ 25.790355] ret_from_fork_asm+0x1a/0x30 [ 25.790387] </TASK> [ 25.790402] [ 25.802886] Allocated by task 314: [ 25.803100] kasan_save_stack+0x45/0x70 [ 25.803355] kasan_save_track+0x18/0x40 [ 25.803670] kasan_save_alloc_info+0x3b/0x50 [ 25.804023] __kasan_kmalloc+0xb7/0xc0 [ 25.804248] __kmalloc_cache_noprof+0x189/0x420 [ 25.804637] kasan_atomics+0x95/0x310 [ 25.804769] kunit_try_run_case+0x1a5/0x480 [ 25.804924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.805191] kthread+0x337/0x6f0 [ 25.805361] ret_from_fork+0x116/0x1d0 [ 25.805550] ret_from_fork_asm+0x1a/0x30 [ 25.805751] [ 25.805833] The buggy address belongs to the object at ffff888105a1e600 [ 25.805833] which belongs to the cache kmalloc-64 of size 64 [ 25.806346] The buggy address is located 0 bytes to the right of [ 25.806346] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 25.806786] [ 25.806859] The buggy address belongs to the physical page: [ 25.807502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 25.807885] flags: 0x200000000000000(node=0|zone=2) [ 25.808129] page_type: f5(slab) [ 25.808523] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.809227] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.809891] page dumped because: kasan: bad access detected [ 25.810339] [ 25.810554] Memory state around the buggy address: [ 25.811072] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.811749] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.812213] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.812626] ^ [ 25.812971] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.813407] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.814074] ================================================================== [ 26.029322] ================================================================== [ 26.029677] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 26.030192] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.030473] [ 26.030603] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.030654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.030669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.030694] Call Trace: [ 26.030715] <TASK> [ 26.030736] dump_stack_lvl+0x73/0xb0 [ 26.030766] print_report+0xd1/0x650 [ 26.030791] ? __virt_addr_valid+0x1db/0x2d0 [ 26.030816] ? kasan_atomics_helper+0x860/0x5450 [ 26.030838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.030865] ? kasan_atomics_helper+0x860/0x5450 [ 26.030888] kasan_report+0x141/0x180 [ 26.030911] ? kasan_atomics_helper+0x860/0x5450 [ 26.030970] kasan_check_range+0x10c/0x1c0 [ 26.030995] __kasan_check_write+0x18/0x20 [ 26.031020] kasan_atomics_helper+0x860/0x5450 [ 26.031054] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.031086] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.031114] ? kasan_atomics+0x152/0x310 [ 26.031142] kasan_atomics+0x1dc/0x310 [ 26.031174] ? __pfx_kasan_atomics+0x10/0x10 [ 26.031198] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.031234] ? __pfx_read_tsc+0x10/0x10 [ 26.031258] ? ktime_get_ts64+0x86/0x230 [ 26.031284] kunit_try_run_case+0x1a5/0x480 [ 26.031321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.031346] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.031370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.031404] ? __kthread_parkme+0x82/0x180 [ 26.031427] ? preempt_count_sub+0x50/0x80 [ 26.031452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.031486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.031512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.031538] kthread+0x337/0x6f0 [ 26.031569] ? trace_preempt_on+0x20/0xc0 [ 26.031595] ? __pfx_kthread+0x10/0x10 [ 26.031617] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.031652] ? calculate_sigpending+0x7b/0xa0 [ 26.031677] ? __pfx_kthread+0x10/0x10 [ 26.031701] ret_from_fork+0x116/0x1d0 [ 26.031733] ? __pfx_kthread+0x10/0x10 [ 26.031755] ret_from_fork_asm+0x1a/0x30 [ 26.031788] </TASK> [ 26.031802] [ 26.039379] Allocated by task 314: [ 26.039556] kasan_save_stack+0x45/0x70 [ 26.039740] kasan_save_track+0x18/0x40 [ 26.039954] kasan_save_alloc_info+0x3b/0x50 [ 26.040175] __kasan_kmalloc+0xb7/0xc0 [ 26.040348] __kmalloc_cache_noprof+0x189/0x420 [ 26.040532] kasan_atomics+0x95/0x310 [ 26.040659] kunit_try_run_case+0x1a5/0x480 [ 26.040801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.040996] kthread+0x337/0x6f0 [ 26.041150] ret_from_fork+0x116/0x1d0 [ 26.041356] ret_from_fork_asm+0x1a/0x30 [ 26.041550] [ 26.041641] The buggy address belongs to the object at ffff888105a1e600 [ 26.041641] which belongs to the cache kmalloc-64 of size 64 [ 26.042173] The buggy address is located 0 bytes to the right of [ 26.042173] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.042535] [ 26.042605] The buggy address belongs to the physical page: [ 26.042786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.043189] flags: 0x200000000000000(node=0|zone=2) [ 26.043445] page_type: f5(slab) [ 26.043640] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.044023] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.044401] page dumped because: kasan: bad access detected [ 26.044654] [ 26.044721] Memory state around the buggy address: [ 26.044905] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.045230] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.045448] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.045682] ^ [ 26.045951] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.046274] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.046583] ================================================================== [ 26.119191] ================================================================== [ 26.119544] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 26.119880] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.120172] [ 26.120283] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.120335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.120349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.120374] Call Trace: [ 26.120396] <TASK> [ 26.120417] dump_stack_lvl+0x73/0xb0 [ 26.120447] print_report+0xd1/0x650 [ 26.120470] ? __virt_addr_valid+0x1db/0x2d0 [ 26.120495] ? kasan_atomics_helper+0xb6a/0x5450 [ 26.120517] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.120545] ? kasan_atomics_helper+0xb6a/0x5450 [ 26.120568] kasan_report+0x141/0x180 [ 26.120591] ? kasan_atomics_helper+0xb6a/0x5450 [ 26.120618] kasan_check_range+0x10c/0x1c0 [ 26.120642] __kasan_check_write+0x18/0x20 [ 26.120667] kasan_atomics_helper+0xb6a/0x5450 [ 26.120690] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.120713] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.120741] ? kasan_atomics+0x152/0x310 [ 26.120768] kasan_atomics+0x1dc/0x310 [ 26.120791] ? __pfx_kasan_atomics+0x10/0x10 [ 26.120814] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.120839] ? __pfx_read_tsc+0x10/0x10 [ 26.120862] ? ktime_get_ts64+0x86/0x230 [ 26.120889] kunit_try_run_case+0x1a5/0x480 [ 26.120916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.120941] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.120964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.120986] ? __kthread_parkme+0x82/0x180 [ 26.121009] ? preempt_count_sub+0x50/0x80 [ 26.121034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.121531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.121592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.121622] kthread+0x337/0x6f0 [ 26.121655] ? trace_preempt_on+0x20/0xc0 [ 26.121681] ? __pfx_kthread+0x10/0x10 [ 26.121704] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.121743] ? calculate_sigpending+0x7b/0xa0 [ 26.121770] ? __pfx_kthread+0x10/0x10 [ 26.121794] ret_from_fork+0x116/0x1d0 [ 26.121830] ? __pfx_kthread+0x10/0x10 [ 26.121853] ret_from_fork_asm+0x1a/0x30 [ 26.121897] </TASK> [ 26.121912] [ 26.129448] Allocated by task 314: [ 26.129635] kasan_save_stack+0x45/0x70 [ 26.129856] kasan_save_track+0x18/0x40 [ 26.130088] kasan_save_alloc_info+0x3b/0x50 [ 26.130258] __kasan_kmalloc+0xb7/0xc0 [ 26.130457] __kmalloc_cache_noprof+0x189/0x420 [ 26.130634] kasan_atomics+0x95/0x310 [ 26.130833] kunit_try_run_case+0x1a5/0x480 [ 26.131018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.131284] kthread+0x337/0x6f0 [ 26.131436] ret_from_fork+0x116/0x1d0 [ 26.131635] ret_from_fork_asm+0x1a/0x30 [ 26.131844] [ 26.131977] The buggy address belongs to the object at ffff888105a1e600 [ 26.131977] which belongs to the cache kmalloc-64 of size 64 [ 26.132488] The buggy address is located 0 bytes to the right of [ 26.132488] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.132967] [ 26.133041] The buggy address belongs to the physical page: [ 26.133221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.133460] flags: 0x200000000000000(node=0|zone=2) [ 26.133621] page_type: f5(slab) [ 26.133748] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.134144] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.134475] page dumped because: kasan: bad access detected [ 26.134720] [ 26.134809] Memory state around the buggy address: [ 26.135053] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.135361] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.135619] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.135969] ^ [ 26.136243] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.136572] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.136829] ================================================================== [ 26.858310] ================================================================== [ 26.858573] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 26.858791] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.859047] [ 26.859173] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.859225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.859239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.859263] Call Trace: [ 26.859284] <TASK> [ 26.859323] dump_stack_lvl+0x73/0xb0 [ 26.859354] print_report+0xd1/0x650 [ 26.859378] ? __virt_addr_valid+0x1db/0x2d0 [ 26.859403] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.859425] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.859452] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.859475] kasan_report+0x141/0x180 [ 26.859499] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.859525] kasan_check_range+0x10c/0x1c0 [ 26.859550] __kasan_check_write+0x18/0x20 [ 26.859575] kasan_atomics_helper+0x1eaa/0x5450 [ 26.859599] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.859622] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.859647] ? kasan_atomics+0x152/0x310 [ 26.859675] kasan_atomics+0x1dc/0x310 [ 26.859698] ? __pfx_kasan_atomics+0x10/0x10 [ 26.859721] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.859747] ? __pfx_read_tsc+0x10/0x10 [ 26.859770] ? ktime_get_ts64+0x86/0x230 [ 26.859796] kunit_try_run_case+0x1a5/0x480 [ 26.859823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.859849] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.859872] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.859895] ? __kthread_parkme+0x82/0x180 [ 26.859919] ? preempt_count_sub+0x50/0x80 [ 26.859953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.859980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.860007] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.860034] kthread+0x337/0x6f0 [ 26.860055] ? trace_preempt_on+0x20/0xc0 [ 26.860092] ? __pfx_kthread+0x10/0x10 [ 26.860114] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.860140] ? calculate_sigpending+0x7b/0xa0 [ 26.860166] ? __pfx_kthread+0x10/0x10 [ 26.860189] ret_from_fork+0x116/0x1d0 [ 26.860210] ? __pfx_kthread+0x10/0x10 [ 26.860232] ret_from_fork_asm+0x1a/0x30 [ 26.860263] </TASK> [ 26.860277] [ 26.866636] Allocated by task 314: [ 26.866812] kasan_save_stack+0x45/0x70 [ 26.867104] kasan_save_track+0x18/0x40 [ 26.867296] kasan_save_alloc_info+0x3b/0x50 [ 26.867506] __kasan_kmalloc+0xb7/0xc0 [ 26.867693] __kmalloc_cache_noprof+0x189/0x420 [ 26.867913] kasan_atomics+0x95/0x310 [ 26.868289] kunit_try_run_case+0x1a5/0x480 [ 26.868495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.868747] kthread+0x337/0x6f0 [ 26.868912] ret_from_fork+0x116/0x1d0 [ 26.869097] ret_from_fork_asm+0x1a/0x30 [ 26.869234] [ 26.869301] The buggy address belongs to the object at ffff888105a1e600 [ 26.869301] which belongs to the cache kmalloc-64 of size 64 [ 26.869639] The buggy address is located 0 bytes to the right of [ 26.869639] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.870512] [ 26.870605] The buggy address belongs to the physical page: [ 26.870848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.871418] flags: 0x200000000000000(node=0|zone=2) [ 26.871576] page_type: f5(slab) [ 26.871692] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.871915] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.872271] page dumped because: kasan: bad access detected [ 26.872532] [ 26.872623] Memory state around the buggy address: [ 26.872851] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.873170] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.873383] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.873689] ^ [ 26.873912] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.874245] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.874508] ================================================================== [ 26.780290] ================================================================== [ 26.780641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 26.781034] Read of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.781418] [ 26.781531] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.781584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.781599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.781624] Call Trace: [ 26.781645] <TASK> [ 26.781668] dump_stack_lvl+0x73/0xb0 [ 26.781699] print_report+0xd1/0x650 [ 26.781723] ? __virt_addr_valid+0x1db/0x2d0 [ 26.781749] ? kasan_atomics_helper+0x4f30/0x5450 [ 26.781772] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.781799] ? kasan_atomics_helper+0x4f30/0x5450 [ 26.781832] kasan_report+0x141/0x180 [ 26.781856] ? kasan_atomics_helper+0x4f30/0x5450 [ 26.781884] __asan_report_load8_noabort+0x18/0x20 [ 26.781909] kasan_atomics_helper+0x4f30/0x5450 [ 26.781955] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.781989] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.782017] ? kasan_atomics+0x152/0x310 [ 26.782044] kasan_atomics+0x1dc/0x310 [ 26.782087] ? __pfx_kasan_atomics+0x10/0x10 [ 26.782119] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.782146] ? __pfx_read_tsc+0x10/0x10 [ 26.782179] ? ktime_get_ts64+0x86/0x230 [ 26.782206] kunit_try_run_case+0x1a5/0x480 [ 26.782235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.782259] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.782283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.782316] ? __kthread_parkme+0x82/0x180 [ 26.782338] ? preempt_count_sub+0x50/0x80 [ 26.782363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.782399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.782425] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.782451] kthread+0x337/0x6f0 [ 26.782481] ? trace_preempt_on+0x20/0xc0 [ 26.782506] ? __pfx_kthread+0x10/0x10 [ 26.782528] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.782564] ? calculate_sigpending+0x7b/0xa0 [ 26.782589] ? __pfx_kthread+0x10/0x10 [ 26.782613] ret_from_fork+0x116/0x1d0 [ 26.782642] ? __pfx_kthread+0x10/0x10 [ 26.782664] ret_from_fork_asm+0x1a/0x30 [ 26.782707] </TASK> [ 26.782721] [ 26.790180] Allocated by task 314: [ 26.790345] kasan_save_stack+0x45/0x70 [ 26.790488] kasan_save_track+0x18/0x40 [ 26.790620] kasan_save_alloc_info+0x3b/0x50 [ 26.790764] __kasan_kmalloc+0xb7/0xc0 [ 26.790893] __kmalloc_cache_noprof+0x189/0x420 [ 26.791811] kasan_atomics+0x95/0x310 [ 26.792258] kunit_try_run_case+0x1a5/0x480 [ 26.792850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.793748] kthread+0x337/0x6f0 [ 26.794172] ret_from_fork+0x116/0x1d0 [ 26.794688] ret_from_fork_asm+0x1a/0x30 [ 26.795258] [ 26.795425] The buggy address belongs to the object at ffff888105a1e600 [ 26.795425] which belongs to the cache kmalloc-64 of size 64 [ 26.796458] The buggy address is located 0 bytes to the right of [ 26.796458] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.796823] [ 26.796898] The buggy address belongs to the physical page: [ 26.797075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.798020] flags: 0x200000000000000(node=0|zone=2) [ 26.798490] page_type: f5(slab) [ 26.798819] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.799625] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.800360] page dumped because: kasan: bad access detected [ 26.800864] [ 26.801015] Memory state around the buggy address: [ 26.801385] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.801596] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.801801] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.802025] ^ [ 26.802385] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.803177] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.803801] ================================================================== [ 25.952020] ================================================================== [ 25.953042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 25.953512] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 25.953827] [ 25.953917] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.953991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.954007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.954032] Call Trace: [ 25.954055] <TASK> [ 25.954093] dump_stack_lvl+0x73/0xb0 [ 25.954125] print_report+0xd1/0x650 [ 25.954149] ? __virt_addr_valid+0x1db/0x2d0 [ 25.954175] ? kasan_atomics_helper+0x5fe/0x5450 [ 25.954207] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.954235] ? kasan_atomics_helper+0x5fe/0x5450 [ 25.954270] kasan_report+0x141/0x180 [ 25.954294] ? kasan_atomics_helper+0x5fe/0x5450 [ 25.954323] kasan_check_range+0x10c/0x1c0 [ 25.954347] __kasan_check_write+0x18/0x20 [ 25.954382] kasan_atomics_helper+0x5fe/0x5450 [ 25.954406] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.954440] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.954468] ? kasan_atomics+0x152/0x310 [ 25.954496] kasan_atomics+0x1dc/0x310 [ 25.954520] ? __pfx_kasan_atomics+0x10/0x10 [ 25.954553] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.954580] ? __pfx_read_tsc+0x10/0x10 [ 25.954614] ? ktime_get_ts64+0x86/0x230 [ 25.954641] kunit_try_run_case+0x1a5/0x480 [ 25.954669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.954704] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.954727] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.954752] ? __kthread_parkme+0x82/0x180 [ 25.954785] ? preempt_count_sub+0x50/0x80 [ 25.954812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.954839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.954874] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.954901] kthread+0x337/0x6f0 [ 25.954933] ? trace_preempt_on+0x20/0xc0 [ 25.954970] ? __pfx_kthread+0x10/0x10 [ 25.954993] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.955020] ? calculate_sigpending+0x7b/0xa0 [ 25.955053] ? __pfx_kthread+0x10/0x10 [ 25.955086] ret_from_fork+0x116/0x1d0 [ 25.955108] ? __pfx_kthread+0x10/0x10 [ 25.955143] ret_from_fork_asm+0x1a/0x30 [ 25.955176] </TASK> [ 25.955190] [ 25.963591] Allocated by task 314: [ 25.963755] kasan_save_stack+0x45/0x70 [ 25.963973] kasan_save_track+0x18/0x40 [ 25.964169] kasan_save_alloc_info+0x3b/0x50 [ 25.964376] __kasan_kmalloc+0xb7/0xc0 [ 25.964577] __kmalloc_cache_noprof+0x189/0x420 [ 25.964782] kasan_atomics+0x95/0x310 [ 25.964977] kunit_try_run_case+0x1a5/0x480 [ 25.965208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.965451] kthread+0x337/0x6f0 [ 25.965602] ret_from_fork+0x116/0x1d0 [ 25.965729] ret_from_fork_asm+0x1a/0x30 [ 25.965871] [ 25.965937] The buggy address belongs to the object at ffff888105a1e600 [ 25.965937] which belongs to the cache kmalloc-64 of size 64 [ 25.966299] The buggy address is located 0 bytes to the right of [ 25.966299] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 25.966912] [ 25.967045] The buggy address belongs to the physical page: [ 25.967304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 25.967654] flags: 0x200000000000000(node=0|zone=2) [ 25.967886] page_type: f5(slab) [ 25.968219] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.968562] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.968887] page dumped because: kasan: bad access detected [ 25.969197] [ 25.969272] Memory state around the buggy address: [ 25.969429] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.969642] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.969863] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.970172] ^ [ 25.970396] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.970719] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.971168] ================================================================== [ 26.047450] ================================================================== [ 26.047798] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 26.048211] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.048531] [ 26.048651] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.048712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.048727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.048751] Call Trace: [ 26.048785] <TASK> [ 26.048808] dump_stack_lvl+0x73/0xb0 [ 26.048839] print_report+0xd1/0x650 [ 26.048870] ? __virt_addr_valid+0x1db/0x2d0 [ 26.048896] ? kasan_atomics_helper+0x8f9/0x5450 [ 26.048943] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.048971] ? kasan_atomics_helper+0x8f9/0x5450 [ 26.048994] kasan_report+0x141/0x180 [ 26.049024] ? kasan_atomics_helper+0x8f9/0x5450 [ 26.049051] kasan_check_range+0x10c/0x1c0 [ 26.049092] __kasan_check_write+0x18/0x20 [ 26.049116] kasan_atomics_helper+0x8f9/0x5450 [ 26.049140] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.049173] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.049209] ? kasan_atomics+0x152/0x310 [ 26.049235] kasan_atomics+0x1dc/0x310 [ 26.049259] ? __pfx_kasan_atomics+0x10/0x10 [ 26.049292] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.049318] ? __pfx_read_tsc+0x10/0x10 [ 26.049341] ? ktime_get_ts64+0x86/0x230 [ 26.049377] kunit_try_run_case+0x1a5/0x480 [ 26.049404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.049429] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.049457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.049480] ? __kthread_parkme+0x82/0x180 [ 26.049502] ? preempt_count_sub+0x50/0x80 [ 26.049527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.049553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.049580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.049606] kthread+0x337/0x6f0 [ 26.049626] ? trace_preempt_on+0x20/0xc0 [ 26.049651] ? __pfx_kthread+0x10/0x10 [ 26.049673] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.049699] ? calculate_sigpending+0x7b/0xa0 [ 26.049724] ? __pfx_kthread+0x10/0x10 [ 26.049746] ret_from_fork+0x116/0x1d0 [ 26.049768] ? __pfx_kthread+0x10/0x10 [ 26.049790] ret_from_fork_asm+0x1a/0x30 [ 26.049828] </TASK> [ 26.049843] [ 26.057197] Allocated by task 314: [ 26.057381] kasan_save_stack+0x45/0x70 [ 26.057600] kasan_save_track+0x18/0x40 [ 26.057785] kasan_save_alloc_info+0x3b/0x50 [ 26.058007] __kasan_kmalloc+0xb7/0xc0 [ 26.058213] __kmalloc_cache_noprof+0x189/0x420 [ 26.058425] kasan_atomics+0x95/0x310 [ 26.058599] kunit_try_run_case+0x1a5/0x480 [ 26.058795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.059099] kthread+0x337/0x6f0 [ 26.059221] ret_from_fork+0x116/0x1d0 [ 26.059350] ret_from_fork_asm+0x1a/0x30 [ 26.059546] [ 26.059652] The buggy address belongs to the object at ffff888105a1e600 [ 26.059652] which belongs to the cache kmalloc-64 of size 64 [ 26.060213] The buggy address is located 0 bytes to the right of [ 26.060213] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.060628] [ 26.060712] The buggy address belongs to the physical page: [ 26.060990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.061364] flags: 0x200000000000000(node=0|zone=2) [ 26.061584] page_type: f5(slab) [ 26.061724] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.062122] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.062433] page dumped because: kasan: bad access detected [ 26.062688] [ 26.062770] Memory state around the buggy address: [ 26.063002] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.063327] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.063620] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.063848] ^ [ 26.064016] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.064236] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.064443] ================================================================== [ 26.725180] ================================================================== [ 26.725654] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 26.726089] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.726438] [ 26.726542] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.726604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.726618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.726642] Call Trace: [ 26.726676] <TASK> [ 26.726697] dump_stack_lvl+0x73/0xb0 [ 26.726727] print_report+0xd1/0x650 [ 26.726763] ? __virt_addr_valid+0x1db/0x2d0 [ 26.726788] ? kasan_atomics_helper+0x1a7f/0x5450 [ 26.726810] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.726849] ? kasan_atomics_helper+0x1a7f/0x5450 [ 26.726872] kasan_report+0x141/0x180 [ 26.726896] ? kasan_atomics_helper+0x1a7f/0x5450 [ 26.726934] kasan_check_range+0x10c/0x1c0 [ 26.726959] __kasan_check_write+0x18/0x20 [ 26.726993] kasan_atomics_helper+0x1a7f/0x5450 [ 26.727017] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.727041] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.727077] ? kasan_atomics+0x152/0x310 [ 26.727104] kasan_atomics+0x1dc/0x310 [ 26.727138] ? __pfx_kasan_atomics+0x10/0x10 [ 26.727161] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.727188] ? __pfx_read_tsc+0x10/0x10 [ 26.727222] ? ktime_get_ts64+0x86/0x230 [ 26.727249] kunit_try_run_case+0x1a5/0x480 [ 26.727275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.727300] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.727322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.727344] ? __kthread_parkme+0x82/0x180 [ 26.727367] ? preempt_count_sub+0x50/0x80 [ 26.727392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.727418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.727443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.727469] kthread+0x337/0x6f0 [ 26.727490] ? trace_preempt_on+0x20/0xc0 [ 26.727516] ? __pfx_kthread+0x10/0x10 [ 26.727537] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.727563] ? calculate_sigpending+0x7b/0xa0 [ 26.727589] ? __pfx_kthread+0x10/0x10 [ 26.727612] ret_from_fork+0x116/0x1d0 [ 26.727633] ? __pfx_kthread+0x10/0x10 [ 26.727655] ret_from_fork_asm+0x1a/0x30 [ 26.727687] </TASK> [ 26.727700] [ 26.735353] Allocated by task 314: [ 26.735486] kasan_save_stack+0x45/0x70 [ 26.735624] kasan_save_track+0x18/0x40 [ 26.735754] kasan_save_alloc_info+0x3b/0x50 [ 26.735906] __kasan_kmalloc+0xb7/0xc0 [ 26.736099] __kmalloc_cache_noprof+0x189/0x420 [ 26.736338] kasan_atomics+0x95/0x310 [ 26.736537] kunit_try_run_case+0x1a5/0x480 [ 26.736770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.737137] kthread+0x337/0x6f0 [ 26.737302] ret_from_fork+0x116/0x1d0 [ 26.737508] ret_from_fork_asm+0x1a/0x30 [ 26.737677] [ 26.737769] The buggy address belongs to the object at ffff888105a1e600 [ 26.737769] which belongs to the cache kmalloc-64 of size 64 [ 26.738310] The buggy address is located 0 bytes to the right of [ 26.738310] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.738763] [ 26.738860] The buggy address belongs to the physical page: [ 26.739147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.739493] flags: 0x200000000000000(node=0|zone=2) [ 26.739712] page_type: f5(slab) [ 26.739886] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.740238] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.740532] page dumped because: kasan: bad access detected [ 26.740758] [ 26.740846] Memory state around the buggy address: [ 26.741103] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.741387] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.741621] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.741834] ^ [ 26.741983] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.742204] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.742420] ================================================================== [ 25.743336] ================================================================== [ 25.743912] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 25.744200] Read of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 25.744575] [ 25.744672] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.744728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.744742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.744767] Call Trace: [ 25.744782] <TASK> [ 25.744803] dump_stack_lvl+0x73/0xb0 [ 25.744835] print_report+0xd1/0x650 [ 25.744859] ? __virt_addr_valid+0x1db/0x2d0 [ 25.744885] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.744907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.744933] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.744956] kasan_report+0x141/0x180 [ 25.744978] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.745004] __asan_report_load4_noabort+0x18/0x20 [ 25.745029] kasan_atomics_helper+0x4bbc/0x5450 [ 25.745051] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.745087] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.745113] ? kasan_atomics+0x152/0x310 [ 25.745140] kasan_atomics+0x1dc/0x310 [ 25.745163] ? __pfx_kasan_atomics+0x10/0x10 [ 25.745230] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.745259] ? __pfx_read_tsc+0x10/0x10 [ 25.745283] ? ktime_get_ts64+0x86/0x230 [ 25.745310] kunit_try_run_case+0x1a5/0x480 [ 25.745338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.745362] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.745383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.745406] ? __kthread_parkme+0x82/0x180 [ 25.745428] ? preempt_count_sub+0x50/0x80 [ 25.745454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.745479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.745505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.745530] kthread+0x337/0x6f0 [ 25.745550] ? trace_preempt_on+0x20/0xc0 [ 25.745574] ? __pfx_kthread+0x10/0x10 [ 25.745595] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.745620] ? calculate_sigpending+0x7b/0xa0 [ 25.745646] ? __pfx_kthread+0x10/0x10 [ 25.745668] ret_from_fork+0x116/0x1d0 [ 25.745688] ? __pfx_kthread+0x10/0x10 [ 25.745709] ret_from_fork_asm+0x1a/0x30 [ 25.745741] </TASK> [ 25.745754] [ 25.756727] Allocated by task 314: [ 25.757082] kasan_save_stack+0x45/0x70 [ 25.757276] kasan_save_track+0x18/0x40 [ 25.757441] kasan_save_alloc_info+0x3b/0x50 [ 25.757650] __kasan_kmalloc+0xb7/0xc0 [ 25.757918] __kmalloc_cache_noprof+0x189/0x420 [ 25.758116] kasan_atomics+0x95/0x310 [ 25.758311] kunit_try_run_case+0x1a5/0x480 [ 25.758524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.758784] kthread+0x337/0x6f0 [ 25.758957] ret_from_fork+0x116/0x1d0 [ 25.759141] ret_from_fork_asm+0x1a/0x30 [ 25.759440] [ 25.759509] The buggy address belongs to the object at ffff888105a1e600 [ 25.759509] which belongs to the cache kmalloc-64 of size 64 [ 25.760414] The buggy address is located 0 bytes to the right of [ 25.760414] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 25.761324] [ 25.761564] The buggy address belongs to the physical page: [ 25.761926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 25.762573] flags: 0x200000000000000(node=0|zone=2) [ 25.762850] page_type: f5(slab) [ 25.763245] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.763688] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.764160] page dumped because: kasan: bad access detected [ 25.764651] [ 25.764753] Memory state around the buggy address: [ 25.765158] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.765589] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.765892] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.766435] ^ [ 25.766868] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.767378] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.767780] ================================================================== [ 26.596518] ================================================================== [ 26.596819] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 26.597358] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.597593] [ 26.597682] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.597737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.597753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.597778] Call Trace: [ 26.597802] <TASK> [ 26.597832] dump_stack_lvl+0x73/0xb0 [ 26.597864] print_report+0xd1/0x650 [ 26.597889] ? __virt_addr_valid+0x1db/0x2d0 [ 26.597916] ? kasan_atomics_helper+0x16e7/0x5450 [ 26.597939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.597967] ? kasan_atomics_helper+0x16e7/0x5450 [ 26.598012] kasan_report+0x141/0x180 [ 26.598036] ? kasan_atomics_helper+0x16e7/0x5450 [ 26.598083] kasan_check_range+0x10c/0x1c0 [ 26.598110] __kasan_check_write+0x18/0x20 [ 26.598135] kasan_atomics_helper+0x16e7/0x5450 [ 26.598160] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.598185] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.598213] ? kasan_atomics+0x152/0x310 [ 26.598241] kasan_atomics+0x1dc/0x310 [ 26.598267] ? __pfx_kasan_atomics+0x10/0x10 [ 26.598291] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.598321] ? __pfx_read_tsc+0x10/0x10 [ 26.598346] ? ktime_get_ts64+0x86/0x230 [ 26.598374] kunit_try_run_case+0x1a5/0x480 [ 26.598402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.598429] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.598451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.598476] ? __kthread_parkme+0x82/0x180 [ 26.598499] ? preempt_count_sub+0x50/0x80 [ 26.598525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.598553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.598580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.598607] kthread+0x337/0x6f0 [ 26.598630] ? trace_preempt_on+0x20/0xc0 [ 26.598656] ? __pfx_kthread+0x10/0x10 [ 26.598679] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.598706] ? calculate_sigpending+0x7b/0xa0 [ 26.598732] ? __pfx_kthread+0x10/0x10 [ 26.598756] ret_from_fork+0x116/0x1d0 [ 26.598778] ? __pfx_kthread+0x10/0x10 [ 26.598801] ret_from_fork_asm+0x1a/0x30 [ 26.598834] </TASK> [ 26.598848] [ 26.606909] Allocated by task 314: [ 26.607057] kasan_save_stack+0x45/0x70 [ 26.607222] kasan_save_track+0x18/0x40 [ 26.607613] kasan_save_alloc_info+0x3b/0x50 [ 26.608002] __kasan_kmalloc+0xb7/0xc0 [ 26.608349] __kmalloc_cache_noprof+0x189/0x420 [ 26.608755] kasan_atomics+0x95/0x310 [ 26.609116] kunit_try_run_case+0x1a5/0x480 [ 26.609521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.610034] kthread+0x337/0x6f0 [ 26.610344] ret_from_fork+0x116/0x1d0 [ 26.610687] ret_from_fork_asm+0x1a/0x30 [ 26.611044] [ 26.611254] The buggy address belongs to the object at ffff888105a1e600 [ 26.611254] which belongs to the cache kmalloc-64 of size 64 [ 26.612545] The buggy address is located 0 bytes to the right of [ 26.612545] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.613925] [ 26.614108] The buggy address belongs to the physical page: [ 26.614618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.615317] flags: 0x200000000000000(node=0|zone=2) [ 26.615764] page_type: f5(slab) [ 26.616081] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.616524] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.616753] page dumped because: kasan: bad access detected [ 26.616933] [ 26.617108] Memory state around the buggy address: [ 26.617540] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.618233] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.618851] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.619644] ^ [ 26.620138] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.620756] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.621229] ================================================================== [ 26.409138] ================================================================== [ 26.409470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 26.409789] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.410450] [ 26.410675] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.410848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.410869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.410896] Call Trace: [ 26.410942] <TASK> [ 26.410967] dump_stack_lvl+0x73/0xb0 [ 26.411038] print_report+0xd1/0x650 [ 26.411078] ? __virt_addr_valid+0x1db/0x2d0 [ 26.411107] ? kasan_atomics_helper+0x12e6/0x5450 [ 26.411130] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.411158] ? kasan_atomics_helper+0x12e6/0x5450 [ 26.411181] kasan_report+0x141/0x180 [ 26.411204] ? kasan_atomics_helper+0x12e6/0x5450 [ 26.411231] kasan_check_range+0x10c/0x1c0 [ 26.411256] __kasan_check_write+0x18/0x20 [ 26.411280] kasan_atomics_helper+0x12e6/0x5450 [ 26.411305] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.411329] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.411356] ? kasan_atomics+0x152/0x310 [ 26.411383] kasan_atomics+0x1dc/0x310 [ 26.411407] ? __pfx_kasan_atomics+0x10/0x10 [ 26.411430] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.411457] ? __pfx_read_tsc+0x10/0x10 [ 26.411480] ? ktime_get_ts64+0x86/0x230 [ 26.411507] kunit_try_run_case+0x1a5/0x480 [ 26.411534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.411559] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.411581] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.411604] ? __kthread_parkme+0x82/0x180 [ 26.411626] ? preempt_count_sub+0x50/0x80 [ 26.411652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.411678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.411703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.411730] kthread+0x337/0x6f0 [ 26.411750] ? trace_preempt_on+0x20/0xc0 [ 26.411775] ? __pfx_kthread+0x10/0x10 [ 26.411797] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.411821] ? calculate_sigpending+0x7b/0xa0 [ 26.411847] ? __pfx_kthread+0x10/0x10 [ 26.411869] ret_from_fork+0x116/0x1d0 [ 26.411892] ? __pfx_kthread+0x10/0x10 [ 26.411916] ret_from_fork_asm+0x1a/0x30 [ 26.411949] </TASK> [ 26.411963] [ 26.423585] Allocated by task 314: [ 26.423934] kasan_save_stack+0x45/0x70 [ 26.424334] kasan_save_track+0x18/0x40 [ 26.424713] kasan_save_alloc_info+0x3b/0x50 [ 26.425153] __kasan_kmalloc+0xb7/0xc0 [ 26.425464] __kmalloc_cache_noprof+0x189/0x420 [ 26.425881] kasan_atomics+0x95/0x310 [ 26.426241] kunit_try_run_case+0x1a5/0x480 [ 26.426554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.427107] kthread+0x337/0x6f0 [ 26.427404] ret_from_fork+0x116/0x1d0 [ 26.427721] ret_from_fork_asm+0x1a/0x30 [ 26.428139] [ 26.428241] The buggy address belongs to the object at ffff888105a1e600 [ 26.428241] which belongs to the cache kmalloc-64 of size 64 [ 26.428724] The buggy address is located 0 bytes to the right of [ 26.428724] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.429576] [ 26.429684] The buggy address belongs to the physical page: [ 26.429919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.430609] flags: 0x200000000000000(node=0|zone=2) [ 26.430832] page_type: f5(slab) [ 26.431260] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.431699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.432299] page dumped because: kasan: bad access detected [ 26.432609] [ 26.432831] Memory state around the buggy address: [ 26.433373] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.433810] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.434330] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.434624] ^ [ 26.434826] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.435395] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.435696] ================================================================== [ 26.175490] ================================================================== [ 26.175849] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 26.176238] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.176561] [ 26.176661] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.176714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.176727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.176752] Call Trace: [ 26.176785] <TASK> [ 26.176805] dump_stack_lvl+0x73/0xb0 [ 26.176835] print_report+0xd1/0x650 [ 26.176872] ? __virt_addr_valid+0x1db/0x2d0 [ 26.176897] ? kasan_atomics_helper+0xd47/0x5450 [ 26.176925] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.176961] ? kasan_atomics_helper+0xd47/0x5450 [ 26.176984] kasan_report+0x141/0x180 [ 26.177007] ? kasan_atomics_helper+0xd47/0x5450 [ 26.177044] kasan_check_range+0x10c/0x1c0 [ 26.177082] __kasan_check_write+0x18/0x20 [ 26.177128] kasan_atomics_helper+0xd47/0x5450 [ 26.177151] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.177175] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.177212] ? kasan_atomics+0x152/0x310 [ 26.177240] kasan_atomics+0x1dc/0x310 [ 26.177263] ? __pfx_kasan_atomics+0x10/0x10 [ 26.177295] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.177322] ? __pfx_read_tsc+0x10/0x10 [ 26.177356] ? ktime_get_ts64+0x86/0x230 [ 26.177382] kunit_try_run_case+0x1a5/0x480 [ 26.177410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.177434] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.177456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.177488] ? __kthread_parkme+0x82/0x180 [ 26.177510] ? preempt_count_sub+0x50/0x80 [ 26.177534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.177571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.177598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.177624] kthread+0x337/0x6f0 [ 26.177645] ? trace_preempt_on+0x20/0xc0 [ 26.177670] ? __pfx_kthread+0x10/0x10 [ 26.177692] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.177717] ? calculate_sigpending+0x7b/0xa0 [ 26.177744] ? __pfx_kthread+0x10/0x10 [ 26.177766] ret_from_fork+0x116/0x1d0 [ 26.177787] ? __pfx_kthread+0x10/0x10 [ 26.177810] ret_from_fork_asm+0x1a/0x30 [ 26.177849] </TASK> [ 26.177864] [ 26.185388] Allocated by task 314: [ 26.185516] kasan_save_stack+0x45/0x70 [ 26.185715] kasan_save_track+0x18/0x40 [ 26.185904] kasan_save_alloc_info+0x3b/0x50 [ 26.186145] __kasan_kmalloc+0xb7/0xc0 [ 26.186311] __kmalloc_cache_noprof+0x189/0x420 [ 26.186534] kasan_atomics+0x95/0x310 [ 26.186712] kunit_try_run_case+0x1a5/0x480 [ 26.186910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.187184] kthread+0x337/0x6f0 [ 26.187327] ret_from_fork+0x116/0x1d0 [ 26.187531] ret_from_fork_asm+0x1a/0x30 [ 26.187712] [ 26.187788] The buggy address belongs to the object at ffff888105a1e600 [ 26.187788] which belongs to the cache kmalloc-64 of size 64 [ 26.188313] The buggy address is located 0 bytes to the right of [ 26.188313] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.188721] [ 26.188792] The buggy address belongs to the physical page: [ 26.188984] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.189323] flags: 0x200000000000000(node=0|zone=2) [ 26.189572] page_type: f5(slab) [ 26.189736] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.190105] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.190354] page dumped because: kasan: bad access detected [ 26.190521] [ 26.190587] Memory state around the buggy address: [ 26.190736] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.191110] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.191428] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.191755] ^ [ 26.192002] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.192335] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.192617] ================================================================== [ 26.894865] ================================================================== [ 26.895283] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 26.895636] Read of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.895997] [ 26.896126] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.896180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.896196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.896222] Call Trace: [ 26.896246] <TASK> [ 26.896267] dump_stack_lvl+0x73/0xb0 [ 26.896299] print_report+0xd1/0x650 [ 26.896324] ? __virt_addr_valid+0x1db/0x2d0 [ 26.896351] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.896374] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.896403] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.896428] kasan_report+0x141/0x180 [ 26.896452] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.896481] __asan_report_load8_noabort+0x18/0x20 [ 26.896508] kasan_atomics_helper+0x4f71/0x5450 [ 26.896533] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.896557] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.896585] ? kasan_atomics+0x152/0x310 [ 26.896615] kasan_atomics+0x1dc/0x310 [ 26.896640] ? __pfx_kasan_atomics+0x10/0x10 [ 26.896664] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.896691] ? __pfx_read_tsc+0x10/0x10 [ 26.896716] ? ktime_get_ts64+0x86/0x230 [ 26.896743] kunit_try_run_case+0x1a5/0x480 [ 26.896772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.896798] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.896822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.896847] ? __kthread_parkme+0x82/0x180 [ 26.896870] ? preempt_count_sub+0x50/0x80 [ 26.896896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.896946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.896975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.897003] kthread+0x337/0x6f0 [ 26.897025] ? trace_preempt_on+0x20/0xc0 [ 26.897052] ? __pfx_kthread+0x10/0x10 [ 26.897084] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.897112] ? calculate_sigpending+0x7b/0xa0 [ 26.897139] ? __pfx_kthread+0x10/0x10 [ 26.897165] ret_from_fork+0x116/0x1d0 [ 26.897188] ? __pfx_kthread+0x10/0x10 [ 26.897211] ret_from_fork_asm+0x1a/0x30 [ 26.897246] </TASK> [ 26.897260] [ 26.904729] Allocated by task 314: [ 26.904872] kasan_save_stack+0x45/0x70 [ 26.905084] kasan_save_track+0x18/0x40 [ 26.905279] kasan_save_alloc_info+0x3b/0x50 [ 26.905472] __kasan_kmalloc+0xb7/0xc0 [ 26.905605] __kmalloc_cache_noprof+0x189/0x420 [ 26.905818] kasan_atomics+0x95/0x310 [ 26.906043] kunit_try_run_case+0x1a5/0x480 [ 26.906284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.906474] kthread+0x337/0x6f0 [ 26.906594] ret_from_fork+0x116/0x1d0 [ 26.906729] ret_from_fork_asm+0x1a/0x30 [ 26.906870] [ 26.906965] The buggy address belongs to the object at ffff888105a1e600 [ 26.906965] which belongs to the cache kmalloc-64 of size 64 [ 26.907332] The buggy address is located 0 bytes to the right of [ 26.907332] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.907744] [ 26.907840] The buggy address belongs to the physical page: [ 26.908140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.908507] flags: 0x200000000000000(node=0|zone=2) [ 26.908751] page_type: f5(slab) [ 26.908942] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.909298] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.909632] page dumped because: kasan: bad access detected [ 26.909824] [ 26.909893] Memory state around the buggy address: [ 26.910077] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.910298] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.910515] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.910742] ^ [ 26.911001] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.911333] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.911659] ================================================================== [ 25.837908] ================================================================== [ 25.838189] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 25.838602] Read of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 25.838970] [ 25.839096] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.839149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.839164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.839265] Call Trace: [ 25.839293] <TASK> [ 25.839346] dump_stack_lvl+0x73/0xb0 [ 25.839380] print_report+0xd1/0x650 [ 25.839433] ? __virt_addr_valid+0x1db/0x2d0 [ 25.839459] ? kasan_atomics_helper+0x3df/0x5450 [ 25.839493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.839522] ? kasan_atomics_helper+0x3df/0x5450 [ 25.839545] kasan_report+0x141/0x180 [ 25.839569] ? kasan_atomics_helper+0x3df/0x5450 [ 25.839595] kasan_check_range+0x10c/0x1c0 [ 25.839620] __kasan_check_read+0x15/0x20 [ 25.839645] kasan_atomics_helper+0x3df/0x5450 [ 25.839669] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.839692] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.839720] ? kasan_atomics+0x152/0x310 [ 25.839748] kasan_atomics+0x1dc/0x310 [ 25.839772] ? __pfx_kasan_atomics+0x10/0x10 [ 25.839821] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.839847] ? __pfx_read_tsc+0x10/0x10 [ 25.839882] ? ktime_get_ts64+0x86/0x230 [ 25.839909] kunit_try_run_case+0x1a5/0x480 [ 25.839945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.839970] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.839993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.840017] ? __kthread_parkme+0x82/0x180 [ 25.840039] ? preempt_count_sub+0x50/0x80 [ 25.840075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.840101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.840127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.840154] kthread+0x337/0x6f0 [ 25.840249] ? trace_preempt_on+0x20/0xc0 [ 25.840293] ? __pfx_kthread+0x10/0x10 [ 25.840317] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.840345] ? calculate_sigpending+0x7b/0xa0 [ 25.840401] ? __pfx_kthread+0x10/0x10 [ 25.840426] ret_from_fork+0x116/0x1d0 [ 25.840448] ? __pfx_kthread+0x10/0x10 [ 25.840481] ret_from_fork_asm+0x1a/0x30 [ 25.840514] </TASK> [ 25.840528] [ 25.850689] Allocated by task 314: [ 25.850876] kasan_save_stack+0x45/0x70 [ 25.851153] kasan_save_track+0x18/0x40 [ 25.851289] kasan_save_alloc_info+0x3b/0x50 [ 25.851632] __kasan_kmalloc+0xb7/0xc0 [ 25.851880] __kmalloc_cache_noprof+0x189/0x420 [ 25.852227] kasan_atomics+0x95/0x310 [ 25.852427] kunit_try_run_case+0x1a5/0x480 [ 25.852633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.852898] kthread+0x337/0x6f0 [ 25.853037] ret_from_fork+0x116/0x1d0 [ 25.853425] ret_from_fork_asm+0x1a/0x30 [ 25.853849] [ 25.853966] The buggy address belongs to the object at ffff888105a1e600 [ 25.853966] which belongs to the cache kmalloc-64 of size 64 [ 25.854663] The buggy address is located 0 bytes to the right of [ 25.854663] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 25.855263] [ 25.855426] The buggy address belongs to the physical page: [ 25.855673] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 25.855931] flags: 0x200000000000000(node=0|zone=2) [ 25.856180] page_type: f5(slab) [ 25.856500] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.856822] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.857048] page dumped because: kasan: bad access detected [ 25.857282] [ 25.857396] Memory state around the buggy address: [ 25.857681] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.858380] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.858704] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.858920] ^ [ 25.859180] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.859626] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.860452] ================================================================== [ 26.687001] ================================================================== [ 26.688245] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 26.688639] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.688878] [ 26.689006] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.689073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.689090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.689118] Call Trace: [ 26.689140] <TASK> [ 26.689163] dump_stack_lvl+0x73/0xb0 [ 26.689194] print_report+0xd1/0x650 [ 26.689219] ? __virt_addr_valid+0x1db/0x2d0 [ 26.689245] ? kasan_atomics_helper+0x194a/0x5450 [ 26.689269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.689298] ? kasan_atomics_helper+0x194a/0x5450 [ 26.689321] kasan_report+0x141/0x180 [ 26.689345] ? kasan_atomics_helper+0x194a/0x5450 [ 26.689373] kasan_check_range+0x10c/0x1c0 [ 26.689398] __kasan_check_write+0x18/0x20 [ 26.689434] kasan_atomics_helper+0x194a/0x5450 [ 26.689459] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.689494] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.689522] ? kasan_atomics+0x152/0x310 [ 26.689549] kasan_atomics+0x1dc/0x310 [ 26.689575] ? __pfx_kasan_atomics+0x10/0x10 [ 26.689598] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.689624] ? __pfx_read_tsc+0x10/0x10 [ 26.689648] ? ktime_get_ts64+0x86/0x230 [ 26.689675] kunit_try_run_case+0x1a5/0x480 [ 26.689702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.689728] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.689751] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.689774] ? __kthread_parkme+0x82/0x180 [ 26.689797] ? preempt_count_sub+0x50/0x80 [ 26.689828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.689855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.689880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.689906] kthread+0x337/0x6f0 [ 26.689936] ? trace_preempt_on+0x20/0xc0 [ 26.689963] ? __pfx_kthread+0x10/0x10 [ 26.689985] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.690011] ? calculate_sigpending+0x7b/0xa0 [ 26.690036] ? __pfx_kthread+0x10/0x10 [ 26.690070] ret_from_fork+0x116/0x1d0 [ 26.690093] ? __pfx_kthread+0x10/0x10 [ 26.690115] ret_from_fork_asm+0x1a/0x30 [ 26.690157] </TASK> [ 26.690171] [ 26.697874] Allocated by task 314: [ 26.698281] kasan_save_stack+0x45/0x70 [ 26.698487] kasan_save_track+0x18/0x40 [ 26.698670] kasan_save_alloc_info+0x3b/0x50 [ 26.698844] __kasan_kmalloc+0xb7/0xc0 [ 26.699092] __kmalloc_cache_noprof+0x189/0x420 [ 26.699273] kasan_atomics+0x95/0x310 [ 26.699402] kunit_try_run_case+0x1a5/0x480 [ 26.699546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.699738] kthread+0x337/0x6f0 [ 26.699903] ret_from_fork+0x116/0x1d0 [ 26.700095] ret_from_fork_asm+0x1a/0x30 [ 26.700312] [ 26.700404] The buggy address belongs to the object at ffff888105a1e600 [ 26.700404] which belongs to the cache kmalloc-64 of size 64 [ 26.701085] The buggy address is located 0 bytes to the right of [ 26.701085] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.701448] [ 26.701519] The buggy address belongs to the physical page: [ 26.701700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.702244] flags: 0x200000000000000(node=0|zone=2) [ 26.702506] page_type: f5(slab) [ 26.702688] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.703075] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.703551] page dumped because: kasan: bad access detected [ 26.703806] [ 26.703919] Memory state around the buggy address: [ 26.704135] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.704378] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.704612] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.704966] ^ [ 26.705201] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.705504] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.705783] ================================================================== [ 26.841014] ================================================================== [ 26.841385] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 26.841607] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.841815] [ 26.841904] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.841956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.841971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.841996] Call Trace: [ 26.842018] <TASK> [ 26.842040] dump_stack_lvl+0x73/0xb0 [ 26.842082] print_report+0xd1/0x650 [ 26.842106] ? __virt_addr_valid+0x1db/0x2d0 [ 26.842132] ? kasan_atomics_helper+0x1e12/0x5450 [ 26.842155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.842183] ? kasan_atomics_helper+0x1e12/0x5450 [ 26.842206] kasan_report+0x141/0x180 [ 26.842229] ? kasan_atomics_helper+0x1e12/0x5450 [ 26.842257] kasan_check_range+0x10c/0x1c0 [ 26.842281] __kasan_check_write+0x18/0x20 [ 26.842306] kasan_atomics_helper+0x1e12/0x5450 [ 26.842329] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.842352] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.842379] ? kasan_atomics+0x152/0x310 [ 26.842406] kasan_atomics+0x1dc/0x310 [ 26.842429] ? __pfx_kasan_atomics+0x10/0x10 [ 26.842452] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.842479] ? __pfx_read_tsc+0x10/0x10 [ 26.842502] ? ktime_get_ts64+0x86/0x230 [ 26.842529] kunit_try_run_case+0x1a5/0x480 [ 26.842556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.842582] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.842605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.842629] ? __kthread_parkme+0x82/0x180 [ 26.842651] ? preempt_count_sub+0x50/0x80 [ 26.842676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.842702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.842728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.842754] kthread+0x337/0x6f0 [ 26.842775] ? trace_preempt_on+0x20/0xc0 [ 26.842800] ? __pfx_kthread+0x10/0x10 [ 26.842823] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.842849] ? calculate_sigpending+0x7b/0xa0 [ 26.842874] ? __pfx_kthread+0x10/0x10 [ 26.842897] ret_from_fork+0x116/0x1d0 [ 26.842917] ? __pfx_kthread+0x10/0x10 [ 26.842952] ret_from_fork_asm+0x1a/0x30 [ 26.842984] </TASK> [ 26.842997] [ 26.850294] Allocated by task 314: [ 26.850483] kasan_save_stack+0x45/0x70 [ 26.850683] kasan_save_track+0x18/0x40 [ 26.850868] kasan_save_alloc_info+0x3b/0x50 [ 26.851238] __kasan_kmalloc+0xb7/0xc0 [ 26.851423] __kmalloc_cache_noprof+0x189/0x420 [ 26.851616] kasan_atomics+0x95/0x310 [ 26.851762] kunit_try_run_case+0x1a5/0x480 [ 26.851944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.852123] kthread+0x337/0x6f0 [ 26.852236] ret_from_fork+0x116/0x1d0 [ 26.852358] ret_from_fork_asm+0x1a/0x30 [ 26.852486] [ 26.852549] The buggy address belongs to the object at ffff888105a1e600 [ 26.852549] which belongs to the cache kmalloc-64 of size 64 [ 26.852917] The buggy address is located 0 bytes to the right of [ 26.852917] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.853463] [ 26.853557] The buggy address belongs to the physical page: [ 26.853806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.854308] flags: 0x200000000000000(node=0|zone=2) [ 26.854462] page_type: f5(slab) [ 26.854575] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.854787] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.854994] page dumped because: kasan: bad access detected [ 26.855160] [ 26.855250] Memory state around the buggy address: [ 26.855469] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.855770] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.856282] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.856593] ^ [ 26.856805] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.857298] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.857536] ================================================================== [ 26.265867] ================================================================== [ 26.266233] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 26.266568] Read of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.266893] [ 26.267002] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.267053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.267227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.267254] Call Trace: [ 26.267277] <TASK> [ 26.267298] dump_stack_lvl+0x73/0xb0 [ 26.267329] print_report+0xd1/0x650 [ 26.267353] ? __virt_addr_valid+0x1db/0x2d0 [ 26.267379] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.267402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.267430] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.267453] kasan_report+0x141/0x180 [ 26.267476] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.267503] __asan_report_load4_noabort+0x18/0x20 [ 26.267529] kasan_atomics_helper+0x4a36/0x5450 [ 26.267552] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.267576] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.267603] ? kasan_atomics+0x152/0x310 [ 26.267631] kasan_atomics+0x1dc/0x310 [ 26.267655] ? __pfx_kasan_atomics+0x10/0x10 [ 26.267678] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.267717] ? __pfx_read_tsc+0x10/0x10 [ 26.267740] ? ktime_get_ts64+0x86/0x230 [ 26.267780] kunit_try_run_case+0x1a5/0x480 [ 26.267808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.267833] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.267855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.267879] ? __kthread_parkme+0x82/0x180 [ 26.267901] ? preempt_count_sub+0x50/0x80 [ 26.267945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.267972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.268007] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.268032] kthread+0x337/0x6f0 [ 26.268054] ? trace_preempt_on+0x20/0xc0 [ 26.268156] ? __pfx_kthread+0x10/0x10 [ 26.268188] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.268216] ? calculate_sigpending+0x7b/0xa0 [ 26.268241] ? __pfx_kthread+0x10/0x10 [ 26.268275] ret_from_fork+0x116/0x1d0 [ 26.268296] ? __pfx_kthread+0x10/0x10 [ 26.268319] ret_from_fork_asm+0x1a/0x30 [ 26.268360] </TASK> [ 26.268374] [ 26.277602] Allocated by task 314: [ 26.277774] kasan_save_stack+0x45/0x70 [ 26.278293] kasan_save_track+0x18/0x40 [ 26.278477] kasan_save_alloc_info+0x3b/0x50 [ 26.278668] __kasan_kmalloc+0xb7/0xc0 [ 26.278834] __kmalloc_cache_noprof+0x189/0x420 [ 26.279364] kasan_atomics+0x95/0x310 [ 26.279668] kunit_try_run_case+0x1a5/0x480 [ 26.280097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.280559] kthread+0x337/0x6f0 [ 26.280814] ret_from_fork+0x116/0x1d0 [ 26.281143] ret_from_fork_asm+0x1a/0x30 [ 26.281542] [ 26.281772] The buggy address belongs to the object at ffff888105a1e600 [ 26.281772] which belongs to the cache kmalloc-64 of size 64 [ 26.282620] The buggy address is located 0 bytes to the right of [ 26.282620] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.283370] [ 26.283629] The buggy address belongs to the physical page: [ 26.284272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.284605] flags: 0x200000000000000(node=0|zone=2) [ 26.284810] page_type: f5(slab) [ 26.285198] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.285539] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.285849] page dumped because: kasan: bad access detected [ 26.286506] [ 26.286604] Memory state around the buggy address: [ 26.287183] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.287507] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.287795] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.288361] ^ [ 26.288720] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.289330] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.289788] ================================================================== [ 26.876121] ================================================================== [ 26.876675] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 26.876912] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.877556] [ 26.877656] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.877710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.877725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.877751] Call Trace: [ 26.877771] <TASK> [ 26.877792] dump_stack_lvl+0x73/0xb0 [ 26.877830] print_report+0xd1/0x650 [ 26.877856] ? __virt_addr_valid+0x1db/0x2d0 [ 26.877882] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.877906] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.878339] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.878379] kasan_report+0x141/0x180 [ 26.878405] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.878434] kasan_check_range+0x10c/0x1c0 [ 26.878460] __kasan_check_write+0x18/0x20 [ 26.878485] kasan_atomics_helper+0x1f43/0x5450 [ 26.878510] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.878534] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.878562] ? kasan_atomics+0x152/0x310 [ 26.878590] kasan_atomics+0x1dc/0x310 [ 26.878614] ? __pfx_kasan_atomics+0x10/0x10 [ 26.878638] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.878666] ? __pfx_read_tsc+0x10/0x10 [ 26.878690] ? ktime_get_ts64+0x86/0x230 [ 26.878718] kunit_try_run_case+0x1a5/0x480 [ 26.878746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.878772] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.878796] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.878820] ? __kthread_parkme+0x82/0x180 [ 26.878842] ? preempt_count_sub+0x50/0x80 [ 26.878868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.878896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.878923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.878960] kthread+0x337/0x6f0 [ 26.878982] ? trace_preempt_on+0x20/0xc0 [ 26.879008] ? __pfx_kthread+0x10/0x10 [ 26.879031] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.879058] ? calculate_sigpending+0x7b/0xa0 [ 26.879099] ? __pfx_kthread+0x10/0x10 [ 26.879123] ret_from_fork+0x116/0x1d0 [ 26.879144] ? __pfx_kthread+0x10/0x10 [ 26.879168] ret_from_fork_asm+0x1a/0x30 [ 26.879201] </TASK> [ 26.879216] [ 26.887033] Allocated by task 314: [ 26.887215] kasan_save_stack+0x45/0x70 [ 26.887365] kasan_save_track+0x18/0x40 [ 26.887500] kasan_save_alloc_info+0x3b/0x50 [ 26.887649] __kasan_kmalloc+0xb7/0xc0 [ 26.887779] __kmalloc_cache_noprof+0x189/0x420 [ 26.887932] kasan_atomics+0x95/0x310 [ 26.888170] kunit_try_run_case+0x1a5/0x480 [ 26.888393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.888658] kthread+0x337/0x6f0 [ 26.888831] ret_from_fork+0x116/0x1d0 [ 26.889048] ret_from_fork_asm+0x1a/0x30 [ 26.889231] [ 26.889325] The buggy address belongs to the object at ffff888105a1e600 [ 26.889325] which belongs to the cache kmalloc-64 of size 64 [ 26.889756] The buggy address is located 0 bytes to the right of [ 26.889756] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.890162] [ 26.890234] The buggy address belongs to the physical page: [ 26.890406] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.890772] flags: 0x200000000000000(node=0|zone=2) [ 26.891028] page_type: f5(slab) [ 26.891213] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.891572] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.891964] page dumped because: kasan: bad access detected [ 26.892249] [ 26.892346] Memory state around the buggy address: [ 26.892587] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.892936] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.893203] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.893418] ^ [ 26.893637] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.894002] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.894241] ================================================================== [ 25.992439] ================================================================== [ 25.993117] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 25.993512] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 25.993849] [ 25.993985] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.994041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.994057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.994092] Call Trace: [ 25.994116] <TASK> [ 25.994138] dump_stack_lvl+0x73/0xb0 [ 25.994168] print_report+0xd1/0x650 [ 25.994194] ? __virt_addr_valid+0x1db/0x2d0 [ 25.994219] ? kasan_atomics_helper+0x72f/0x5450 [ 25.994242] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.994270] ? kasan_atomics_helper+0x72f/0x5450 [ 25.994293] kasan_report+0x141/0x180 [ 25.994316] ? kasan_atomics_helper+0x72f/0x5450 [ 25.994343] kasan_check_range+0x10c/0x1c0 [ 25.994369] __kasan_check_write+0x18/0x20 [ 25.994394] kasan_atomics_helper+0x72f/0x5450 [ 25.994418] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.994441] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.994469] ? kasan_atomics+0x152/0x310 [ 25.994508] kasan_atomics+0x1dc/0x310 [ 25.994532] ? __pfx_kasan_atomics+0x10/0x10 [ 25.994568] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.994595] ? __pfx_read_tsc+0x10/0x10 [ 25.994619] ? ktime_get_ts64+0x86/0x230 [ 25.994658] kunit_try_run_case+0x1a5/0x480 [ 25.994686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.994723] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.994746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.994771] ? __kthread_parkme+0x82/0x180 [ 25.994805] ? preempt_count_sub+0x50/0x80 [ 25.994831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.994858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.994894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.994946] kthread+0x337/0x6f0 [ 25.994969] ? trace_preempt_on+0x20/0xc0 [ 25.995005] ? __pfx_kthread+0x10/0x10 [ 25.995028] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.995054] ? calculate_sigpending+0x7b/0xa0 [ 25.995095] ? __pfx_kthread+0x10/0x10 [ 25.995119] ret_from_fork+0x116/0x1d0 [ 25.995140] ? __pfx_kthread+0x10/0x10 [ 25.995163] ret_from_fork_asm+0x1a/0x30 [ 25.995205] </TASK> [ 25.995220] [ 26.002763] Allocated by task 314: [ 26.002973] kasan_save_stack+0x45/0x70 [ 26.003184] kasan_save_track+0x18/0x40 [ 26.003329] kasan_save_alloc_info+0x3b/0x50 [ 26.003475] __kasan_kmalloc+0xb7/0xc0 [ 26.003681] __kmalloc_cache_noprof+0x189/0x420 [ 26.003900] kasan_atomics+0x95/0x310 [ 26.004100] kunit_try_run_case+0x1a5/0x480 [ 26.004250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.004446] kthread+0x337/0x6f0 [ 26.004611] ret_from_fork+0x116/0x1d0 [ 26.004797] ret_from_fork_asm+0x1a/0x30 [ 26.005042] [ 26.005143] The buggy address belongs to the object at ffff888105a1e600 [ 26.005143] which belongs to the cache kmalloc-64 of size 64 [ 26.005497] The buggy address is located 0 bytes to the right of [ 26.005497] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.005882] [ 26.006023] The buggy address belongs to the physical page: [ 26.006287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.006646] flags: 0x200000000000000(node=0|zone=2) [ 26.006881] page_type: f5(slab) [ 26.007087] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.007430] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.007735] page dumped because: kasan: bad access detected [ 26.007903] [ 26.007986] Memory state around the buggy address: [ 26.008191] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.008515] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.008855] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.009221] ^ [ 26.009446] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.009733] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.009976] ================================================================== [ 26.806153] ================================================================== [ 26.807189] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 26.807469] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.807689] [ 26.807776] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.807833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.807849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.807874] Call Trace: [ 26.807898] <TASK> [ 26.807923] dump_stack_lvl+0x73/0xb0 [ 26.807956] print_report+0xd1/0x650 [ 26.807981] ? __virt_addr_valid+0x1db/0x2d0 [ 26.808008] ? kasan_atomics_helper+0x1ce1/0x5450 [ 26.808030] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.808058] ? kasan_atomics_helper+0x1ce1/0x5450 [ 26.808094] kasan_report+0x141/0x180 [ 26.808117] ? kasan_atomics_helper+0x1ce1/0x5450 [ 26.808145] kasan_check_range+0x10c/0x1c0 [ 26.808171] __kasan_check_write+0x18/0x20 [ 26.808197] kasan_atomics_helper+0x1ce1/0x5450 [ 26.808222] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.808246] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.808274] ? kasan_atomics+0x152/0x310 [ 26.808301] kasan_atomics+0x1dc/0x310 [ 26.808325] ? __pfx_kasan_atomics+0x10/0x10 [ 26.808349] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.808375] ? __pfx_read_tsc+0x10/0x10 [ 26.808399] ? ktime_get_ts64+0x86/0x230 [ 26.808426] kunit_try_run_case+0x1a5/0x480 [ 26.808454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.808480] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.808503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.808527] ? __kthread_parkme+0x82/0x180 [ 26.808549] ? preempt_count_sub+0x50/0x80 [ 26.808575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.808601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.808627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.808652] kthread+0x337/0x6f0 [ 26.808674] ? trace_preempt_on+0x20/0xc0 [ 26.808698] ? __pfx_kthread+0x10/0x10 [ 26.808720] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.808746] ? calculate_sigpending+0x7b/0xa0 [ 26.808772] ? __pfx_kthread+0x10/0x10 [ 26.808795] ret_from_fork+0x116/0x1d0 [ 26.808815] ? __pfx_kthread+0x10/0x10 [ 26.808837] ret_from_fork_asm+0x1a/0x30 [ 26.808870] </TASK> [ 26.808885] [ 26.816178] Allocated by task 314: [ 26.816353] kasan_save_stack+0x45/0x70 [ 26.816583] kasan_save_track+0x18/0x40 [ 26.816728] kasan_save_alloc_info+0x3b/0x50 [ 26.816869] __kasan_kmalloc+0xb7/0xc0 [ 26.817049] __kmalloc_cache_noprof+0x189/0x420 [ 26.817287] kasan_atomics+0x95/0x310 [ 26.817446] kunit_try_run_case+0x1a5/0x480 [ 26.817639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.817860] kthread+0x337/0x6f0 [ 26.818018] ret_from_fork+0x116/0x1d0 [ 26.818216] ret_from_fork_asm+0x1a/0x30 [ 26.818392] [ 26.818471] The buggy address belongs to the object at ffff888105a1e600 [ 26.818471] which belongs to the cache kmalloc-64 of size 64 [ 26.818852] The buggy address is located 0 bytes to the right of [ 26.818852] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.819329] [ 26.819398] The buggy address belongs to the physical page: [ 26.819793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.820180] flags: 0x200000000000000(node=0|zone=2) [ 26.820372] page_type: f5(slab) [ 26.820544] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.820818] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.821159] page dumped because: kasan: bad access detected [ 26.821323] [ 26.821414] Memory state around the buggy address: [ 26.821636] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.821905] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.822125] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.822336] ^ [ 26.822488] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.822695] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.823095] ================================================================== [ 26.437148] ================================================================== [ 26.437459] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 26.437785] Read of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.438093] [ 26.438250] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.438312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.438328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.438354] Call Trace: [ 26.438376] <TASK> [ 26.438410] dump_stack_lvl+0x73/0xb0 [ 26.438442] print_report+0xd1/0x650 [ 26.438467] ? __virt_addr_valid+0x1db/0x2d0 [ 26.438493] ? kasan_atomics_helper+0x49ce/0x5450 [ 26.438515] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.438553] ? kasan_atomics_helper+0x49ce/0x5450 [ 26.438576] kasan_report+0x141/0x180 [ 26.438598] ? kasan_atomics_helper+0x49ce/0x5450 [ 26.438635] __asan_report_load4_noabort+0x18/0x20 [ 26.438662] kasan_atomics_helper+0x49ce/0x5450 [ 26.438686] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.438709] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.438735] ? kasan_atomics+0x152/0x310 [ 26.438762] kasan_atomics+0x1dc/0x310 [ 26.438786] ? __pfx_kasan_atomics+0x10/0x10 [ 26.438810] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.438845] ? __pfx_read_tsc+0x10/0x10 [ 26.438868] ? ktime_get_ts64+0x86/0x230 [ 26.438905] kunit_try_run_case+0x1a5/0x480 [ 26.438943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.438968] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.438991] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.439014] ? __kthread_parkme+0x82/0x180 [ 26.439044] ? preempt_count_sub+0x50/0x80 [ 26.439085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.439111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.439137] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.439163] kthread+0x337/0x6f0 [ 26.439184] ? trace_preempt_on+0x20/0xc0 [ 26.439209] ? __pfx_kthread+0x10/0x10 [ 26.439230] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.439256] ? calculate_sigpending+0x7b/0xa0 [ 26.439280] ? __pfx_kthread+0x10/0x10 [ 26.439303] ret_from_fork+0x116/0x1d0 [ 26.439324] ? __pfx_kthread+0x10/0x10 [ 26.439346] ret_from_fork_asm+0x1a/0x30 [ 26.439378] </TASK> [ 26.439391] [ 26.448345] Allocated by task 314: [ 26.448504] kasan_save_stack+0x45/0x70 [ 26.448681] kasan_save_track+0x18/0x40 [ 26.448864] kasan_save_alloc_info+0x3b/0x50 [ 26.449146] __kasan_kmalloc+0xb7/0xc0 [ 26.449306] __kmalloc_cache_noprof+0x189/0x420 [ 26.449499] kasan_atomics+0x95/0x310 [ 26.449679] kunit_try_run_case+0x1a5/0x480 [ 26.449844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.450160] kthread+0x337/0x6f0 [ 26.450305] ret_from_fork+0x116/0x1d0 [ 26.450473] ret_from_fork_asm+0x1a/0x30 [ 26.450645] [ 26.450720] The buggy address belongs to the object at ffff888105a1e600 [ 26.450720] which belongs to the cache kmalloc-64 of size 64 [ 26.451146] The buggy address is located 0 bytes to the right of [ 26.451146] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.451502] [ 26.451586] The buggy address belongs to the physical page: [ 26.451836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.452190] flags: 0x200000000000000(node=0|zone=2) [ 26.452422] page_type: f5(slab) [ 26.452554] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.452785] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.453043] page dumped because: kasan: bad access detected [ 26.453309] [ 26.453400] Memory state around the buggy address: [ 26.453647] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.453978] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.454377] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.454710] ^ [ 26.454963] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.455282] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.455490] ================================================================== [ 26.539951] ================================================================== [ 26.540429] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 26.540763] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.541110] [ 26.541205] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.541260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.541274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.541300] Call Trace: [ 26.541324] <TASK> [ 26.541347] dump_stack_lvl+0x73/0xb0 [ 26.541378] print_report+0xd1/0x650 [ 26.541403] ? __virt_addr_valid+0x1db/0x2d0 [ 26.541429] ? kasan_atomics_helper+0x151d/0x5450 [ 26.541453] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.541480] ? kasan_atomics_helper+0x151d/0x5450 [ 26.541504] kasan_report+0x141/0x180 [ 26.541527] ? kasan_atomics_helper+0x151d/0x5450 [ 26.541554] kasan_check_range+0x10c/0x1c0 [ 26.541578] __kasan_check_write+0x18/0x20 [ 26.541603] kasan_atomics_helper+0x151d/0x5450 [ 26.541628] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.541651] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.541678] ? kasan_atomics+0x152/0x310 [ 26.541706] kasan_atomics+0x1dc/0x310 [ 26.541743] ? __pfx_kasan_atomics+0x10/0x10 [ 26.541766] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.541804] ? __pfx_read_tsc+0x10/0x10 [ 26.541835] ? ktime_get_ts64+0x86/0x230 [ 26.541863] kunit_try_run_case+0x1a5/0x480 [ 26.541890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.541916] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.541939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.541963] ? __kthread_parkme+0x82/0x180 [ 26.541986] ? preempt_count_sub+0x50/0x80 [ 26.542013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.542047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.542097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.542136] kthread+0x337/0x6f0 [ 26.542158] ? trace_preempt_on+0x20/0xc0 [ 26.542184] ? __pfx_kthread+0x10/0x10 [ 26.542206] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.542233] ? calculate_sigpending+0x7b/0xa0 [ 26.542260] ? __pfx_kthread+0x10/0x10 [ 26.542284] ret_from_fork+0x116/0x1d0 [ 26.542306] ? __pfx_kthread+0x10/0x10 [ 26.542329] ret_from_fork_asm+0x1a/0x30 [ 26.542363] </TASK> [ 26.542379] [ 26.550069] Allocated by task 314: [ 26.550276] kasan_save_stack+0x45/0x70 [ 26.550506] kasan_save_track+0x18/0x40 [ 26.550695] kasan_save_alloc_info+0x3b/0x50 [ 26.550906] __kasan_kmalloc+0xb7/0xc0 [ 26.551259] __kmalloc_cache_noprof+0x189/0x420 [ 26.551482] kasan_atomics+0x95/0x310 [ 26.551668] kunit_try_run_case+0x1a5/0x480 [ 26.551834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.552153] kthread+0x337/0x6f0 [ 26.552341] ret_from_fork+0x116/0x1d0 [ 26.552543] ret_from_fork_asm+0x1a/0x30 [ 26.552741] [ 26.552810] The buggy address belongs to the object at ffff888105a1e600 [ 26.552810] which belongs to the cache kmalloc-64 of size 64 [ 26.553262] The buggy address is located 0 bytes to the right of [ 26.553262] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.553844] [ 26.553937] The buggy address belongs to the physical page: [ 26.554271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.554610] flags: 0x200000000000000(node=0|zone=2) [ 26.554843] page_type: f5(slab) [ 26.555002] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.555344] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.555679] page dumped because: kasan: bad access detected [ 26.555907] [ 26.556074] Memory state around the buggy address: [ 26.556287] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.556603] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.556849] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.557199] ^ [ 26.557395] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.557680] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.557983] ================================================================== [ 26.499211] ================================================================== [ 26.499764] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 26.500163] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.500459] [ 26.500596] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.500651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.500667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.500692] Call Trace: [ 26.500727] <TASK> [ 26.500749] dump_stack_lvl+0x73/0xb0 [ 26.500792] print_report+0xd1/0x650 [ 26.500826] ? __virt_addr_valid+0x1db/0x2d0 [ 26.500851] ? kasan_atomics_helper+0x1467/0x5450 [ 26.500884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.500911] ? kasan_atomics_helper+0x1467/0x5450 [ 26.500934] kasan_report+0x141/0x180 [ 26.500956] ? kasan_atomics_helper+0x1467/0x5450 [ 26.500983] kasan_check_range+0x10c/0x1c0 [ 26.501008] __kasan_check_write+0x18/0x20 [ 26.501032] kasan_atomics_helper+0x1467/0x5450 [ 26.501055] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.501089] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.501116] ? kasan_atomics+0x152/0x310 [ 26.501144] kasan_atomics+0x1dc/0x310 [ 26.501168] ? __pfx_kasan_atomics+0x10/0x10 [ 26.501199] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.501234] ? __pfx_read_tsc+0x10/0x10 [ 26.501258] ? ktime_get_ts64+0x86/0x230 [ 26.501284] kunit_try_run_case+0x1a5/0x480 [ 26.501323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.501347] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.501370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.501394] ? __kthread_parkme+0x82/0x180 [ 26.501416] ? preempt_count_sub+0x50/0x80 [ 26.501441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.501467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.501493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.501519] kthread+0x337/0x6f0 [ 26.501540] ? trace_preempt_on+0x20/0xc0 [ 26.501574] ? __pfx_kthread+0x10/0x10 [ 26.501596] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.501622] ? calculate_sigpending+0x7b/0xa0 [ 26.501658] ? __pfx_kthread+0x10/0x10 [ 26.501682] ret_from_fork+0x116/0x1d0 [ 26.501702] ? __pfx_kthread+0x10/0x10 [ 26.501738] ret_from_fork_asm+0x1a/0x30 [ 26.501776] </TASK> [ 26.501800] [ 26.509808] Allocated by task 314: [ 26.510006] kasan_save_stack+0x45/0x70 [ 26.510214] kasan_save_track+0x18/0x40 [ 26.510348] kasan_save_alloc_info+0x3b/0x50 [ 26.510534] __kasan_kmalloc+0xb7/0xc0 [ 26.510728] __kmalloc_cache_noprof+0x189/0x420 [ 26.510942] kasan_atomics+0x95/0x310 [ 26.511156] kunit_try_run_case+0x1a5/0x480 [ 26.511350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.511580] kthread+0x337/0x6f0 [ 26.511734] ret_from_fork+0x116/0x1d0 [ 26.511904] ret_from_fork_asm+0x1a/0x30 [ 26.512088] [ 26.512159] The buggy address belongs to the object at ffff888105a1e600 [ 26.512159] which belongs to the cache kmalloc-64 of size 64 [ 26.512631] The buggy address is located 0 bytes to the right of [ 26.512631] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.514220] [ 26.514367] The buggy address belongs to the physical page: [ 26.514546] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.514785] flags: 0x200000000000000(node=0|zone=2) [ 26.514949] page_type: f5(slab) [ 26.515081] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.516120] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.516586] page dumped because: kasan: bad access detected [ 26.516829] [ 26.516917] Memory state around the buggy address: [ 26.517134] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.517422] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.517706] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.518337] ^ [ 26.518758] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.519290] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.519789] ================================================================== [ 26.346402] ================================================================== [ 26.347362] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 26.347723] Read of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.348038] [ 26.348165] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.348243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.348260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.348285] Call Trace: [ 26.348367] <TASK> [ 26.348393] dump_stack_lvl+0x73/0xb0 [ 26.348438] print_report+0xd1/0x650 [ 26.348464] ? __virt_addr_valid+0x1db/0x2d0 [ 26.348502] ? kasan_atomics_helper+0x4a02/0x5450 [ 26.348525] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.348554] ? kasan_atomics_helper+0x4a02/0x5450 [ 26.348587] kasan_report+0x141/0x180 [ 26.348611] ? kasan_atomics_helper+0x4a02/0x5450 [ 26.348638] __asan_report_load4_noabort+0x18/0x20 [ 26.348675] kasan_atomics_helper+0x4a02/0x5450 [ 26.348699] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.348722] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.348751] ? kasan_atomics+0x152/0x310 [ 26.348779] kasan_atomics+0x1dc/0x310 [ 26.348802] ? __pfx_kasan_atomics+0x10/0x10 [ 26.348825] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.348851] ? __pfx_read_tsc+0x10/0x10 [ 26.348875] ? ktime_get_ts64+0x86/0x230 [ 26.348903] kunit_try_run_case+0x1a5/0x480 [ 26.348931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.348956] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.348978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.349002] ? __kthread_parkme+0x82/0x180 [ 26.349025] ? preempt_count_sub+0x50/0x80 [ 26.349050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.349086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.349113] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.349139] kthread+0x337/0x6f0 [ 26.349160] ? trace_preempt_on+0x20/0xc0 [ 26.349185] ? __pfx_kthread+0x10/0x10 [ 26.349207] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.349233] ? calculate_sigpending+0x7b/0xa0 [ 26.349258] ? __pfx_kthread+0x10/0x10 [ 26.349281] ret_from_fork+0x116/0x1d0 [ 26.349311] ? __pfx_kthread+0x10/0x10 [ 26.349333] ret_from_fork_asm+0x1a/0x30 [ 26.349377] </TASK> [ 26.349392] [ 26.357638] Allocated by task 314: [ 26.357842] kasan_save_stack+0x45/0x70 [ 26.358108] kasan_save_track+0x18/0x40 [ 26.358289] kasan_save_alloc_info+0x3b/0x50 [ 26.358475] __kasan_kmalloc+0xb7/0xc0 [ 26.358669] __kmalloc_cache_noprof+0x189/0x420 [ 26.358886] kasan_atomics+0x95/0x310 [ 26.359162] kunit_try_run_case+0x1a5/0x480 [ 26.359358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.359600] kthread+0x337/0x6f0 [ 26.359758] ret_from_fork+0x116/0x1d0 [ 26.359942] ret_from_fork_asm+0x1a/0x30 [ 26.360177] [ 26.360292] The buggy address belongs to the object at ffff888105a1e600 [ 26.360292] which belongs to the cache kmalloc-64 of size 64 [ 26.360826] The buggy address is located 0 bytes to the right of [ 26.360826] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.361362] [ 26.361437] The buggy address belongs to the physical page: [ 26.361608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.361850] flags: 0x200000000000000(node=0|zone=2) [ 26.362096] page_type: f5(slab) [ 26.362286] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.362622] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.362963] page dumped because: kasan: bad access detected [ 26.363219] [ 26.363313] Memory state around the buggy address: [ 26.363557] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.363854] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.364231] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.364440] ^ [ 26.364588] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.364798] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.365049] ================================================================== [ 26.667961] ================================================================== [ 26.668520] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 26.668836] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.669078] [ 26.669197] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.669264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.669279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.669326] Call Trace: [ 26.669350] <TASK> [ 26.669373] dump_stack_lvl+0x73/0xb0 [ 26.669417] print_report+0xd1/0x650 [ 26.669445] ? __virt_addr_valid+0x1db/0x2d0 [ 26.669473] ? kasan_atomics_helper+0x18b1/0x5450 [ 26.669499] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.669532] ? kasan_atomics_helper+0x18b1/0x5450 [ 26.669557] kasan_report+0x141/0x180 [ 26.669582] ? kasan_atomics_helper+0x18b1/0x5450 [ 26.669611] kasan_check_range+0x10c/0x1c0 [ 26.669637] __kasan_check_write+0x18/0x20 [ 26.669663] kasan_atomics_helper+0x18b1/0x5450 [ 26.669689] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.669714] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.669755] ? kasan_atomics+0x152/0x310 [ 26.669783] kasan_atomics+0x1dc/0x310 [ 26.669829] ? __pfx_kasan_atomics+0x10/0x10 [ 26.669854] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.669881] ? __pfx_read_tsc+0x10/0x10 [ 26.669904] ? ktime_get_ts64+0x86/0x230 [ 26.669955] kunit_try_run_case+0x1a5/0x480 [ 26.669984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.670030] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.670056] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.670091] ? __kthread_parkme+0x82/0x180 [ 26.670115] ? preempt_count_sub+0x50/0x80 [ 26.670150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.670178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.670206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.670245] kthread+0x337/0x6f0 [ 26.670267] ? trace_preempt_on+0x20/0xc0 [ 26.670293] ? __pfx_kthread+0x10/0x10 [ 26.670325] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.670352] ? calculate_sigpending+0x7b/0xa0 [ 26.670379] ? __pfx_kthread+0x10/0x10 [ 26.670414] ret_from_fork+0x116/0x1d0 [ 26.670436] ? __pfx_kthread+0x10/0x10 [ 26.670459] ret_from_fork_asm+0x1a/0x30 [ 26.670494] </TASK> [ 26.670508] [ 26.678388] Allocated by task 314: [ 26.678520] kasan_save_stack+0x45/0x70 [ 26.678721] kasan_save_track+0x18/0x40 [ 26.678915] kasan_save_alloc_info+0x3b/0x50 [ 26.679287] __kasan_kmalloc+0xb7/0xc0 [ 26.679477] __kmalloc_cache_noprof+0x189/0x420 [ 26.679689] kasan_atomics+0x95/0x310 [ 26.679869] kunit_try_run_case+0x1a5/0x480 [ 26.680133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.680376] kthread+0x337/0x6f0 [ 26.680541] ret_from_fork+0x116/0x1d0 [ 26.680722] ret_from_fork_asm+0x1a/0x30 [ 26.680903] [ 26.681001] The buggy address belongs to the object at ffff888105a1e600 [ 26.681001] which belongs to the cache kmalloc-64 of size 64 [ 26.681600] The buggy address is located 0 bytes to the right of [ 26.681600] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.682095] [ 26.682225] The buggy address belongs to the physical page: [ 26.682459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.682733] flags: 0x200000000000000(node=0|zone=2) [ 26.682895] page_type: f5(slab) [ 26.683199] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.683563] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.683871] page dumped because: kasan: bad access detected [ 26.684038] [ 26.684115] Memory state around the buggy address: [ 26.684544] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.684889] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.685117] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.685325] ^ [ 26.685476] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.685688] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.686146] ================================================================== [ 26.291433] ================================================================== [ 26.291769] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 26.292156] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.292452] [ 26.292579] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.292646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.292673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.292699] Call Trace: [ 26.292724] <TASK> [ 26.292746] dump_stack_lvl+0x73/0xb0 [ 26.292779] print_report+0xd1/0x650 [ 26.292805] ? __virt_addr_valid+0x1db/0x2d0 [ 26.292840] ? kasan_atomics_helper+0x1079/0x5450 [ 26.292863] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.292891] ? kasan_atomics_helper+0x1079/0x5450 [ 26.292924] kasan_report+0x141/0x180 [ 26.292947] ? kasan_atomics_helper+0x1079/0x5450 [ 26.292986] kasan_check_range+0x10c/0x1c0 [ 26.293010] __kasan_check_write+0x18/0x20 [ 26.293035] kasan_atomics_helper+0x1079/0x5450 [ 26.293069] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.293092] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.293128] ? kasan_atomics+0x152/0x310 [ 26.293156] kasan_atomics+0x1dc/0x310 [ 26.293179] ? __pfx_kasan_atomics+0x10/0x10 [ 26.293213] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.293239] ? __pfx_read_tsc+0x10/0x10 [ 26.293264] ? ktime_get_ts64+0x86/0x230 [ 26.293290] kunit_try_run_case+0x1a5/0x480 [ 26.293318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.293342] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.293374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.293398] ? __kthread_parkme+0x82/0x180 [ 26.293430] ? preempt_count_sub+0x50/0x80 [ 26.293456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.293481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.293507] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.293532] kthread+0x337/0x6f0 [ 26.293553] ? trace_preempt_on+0x20/0xc0 [ 26.293577] ? __pfx_kthread+0x10/0x10 [ 26.293599] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.293625] ? calculate_sigpending+0x7b/0xa0 [ 26.293649] ? __pfx_kthread+0x10/0x10 [ 26.293672] ret_from_fork+0x116/0x1d0 [ 26.293692] ? __pfx_kthread+0x10/0x10 [ 26.293714] ret_from_fork_asm+0x1a/0x30 [ 26.293746] </TASK> [ 26.293761] [ 26.301564] Allocated by task 314: [ 26.301714] kasan_save_stack+0x45/0x70 [ 26.301907] kasan_save_track+0x18/0x40 [ 26.302309] kasan_save_alloc_info+0x3b/0x50 [ 26.302488] __kasan_kmalloc+0xb7/0xc0 [ 26.302616] __kmalloc_cache_noprof+0x189/0x420 [ 26.302767] kasan_atomics+0x95/0x310 [ 26.302960] kunit_try_run_case+0x1a5/0x480 [ 26.303176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.303452] kthread+0x337/0x6f0 [ 26.303641] ret_from_fork+0x116/0x1d0 [ 26.303826] ret_from_fork_asm+0x1a/0x30 [ 26.304016] [ 26.304107] The buggy address belongs to the object at ffff888105a1e600 [ 26.304107] which belongs to the cache kmalloc-64 of size 64 [ 26.304455] The buggy address is located 0 bytes to the right of [ 26.304455] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.304925] [ 26.305022] The buggy address belongs to the physical page: [ 26.305279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.305659] flags: 0x200000000000000(node=0|zone=2) [ 26.305869] page_type: f5(slab) [ 26.306128] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.306379] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.306599] page dumped because: kasan: bad access detected [ 26.306818] [ 26.306907] Memory state around the buggy address: [ 26.307147] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.307486] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.307814] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.308205] ^ [ 26.308354] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.308562] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.309019] ================================================================== [ 26.309835] ================================================================== [ 26.310312] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 26.310655] Read of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.310893] [ 26.311075] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.311131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.311146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.311172] Call Trace: [ 26.311196] <TASK> [ 26.311218] dump_stack_lvl+0x73/0xb0 [ 26.311249] print_report+0xd1/0x650 [ 26.311273] ? __virt_addr_valid+0x1db/0x2d0 [ 26.311299] ? kasan_atomics_helper+0x4a1c/0x5450 [ 26.311321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.311349] ? kasan_atomics_helper+0x4a1c/0x5450 [ 26.311372] kasan_report+0x141/0x180 [ 26.311395] ? kasan_atomics_helper+0x4a1c/0x5450 [ 26.311422] __asan_report_load4_noabort+0x18/0x20 [ 26.311448] kasan_atomics_helper+0x4a1c/0x5450 [ 26.311472] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.311495] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.311534] ? kasan_atomics+0x152/0x310 [ 26.311560] kasan_atomics+0x1dc/0x310 [ 26.311584] ? __pfx_kasan_atomics+0x10/0x10 [ 26.311619] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.311645] ? __pfx_read_tsc+0x10/0x10 [ 26.311669] ? ktime_get_ts64+0x86/0x230 [ 26.311704] kunit_try_run_case+0x1a5/0x480 [ 26.311732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.311757] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.311790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.311814] ? __kthread_parkme+0x82/0x180 [ 26.311836] ? preempt_count_sub+0x50/0x80 [ 26.311871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.311897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.311923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.311971] kthread+0x337/0x6f0 [ 26.311992] ? trace_preempt_on+0x20/0xc0 [ 26.312017] ? __pfx_kthread+0x10/0x10 [ 26.312038] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.312073] ? calculate_sigpending+0x7b/0xa0 [ 26.312100] ? __pfx_kthread+0x10/0x10 [ 26.312123] ret_from_fork+0x116/0x1d0 [ 26.312144] ? __pfx_kthread+0x10/0x10 [ 26.312165] ret_from_fork_asm+0x1a/0x30 [ 26.312197] </TASK> [ 26.312212] [ 26.319705] Allocated by task 314: [ 26.319846] kasan_save_stack+0x45/0x70 [ 26.320116] kasan_save_track+0x18/0x40 [ 26.320306] kasan_save_alloc_info+0x3b/0x50 [ 26.320510] __kasan_kmalloc+0xb7/0xc0 [ 26.320689] __kmalloc_cache_noprof+0x189/0x420 [ 26.320907] kasan_atomics+0x95/0x310 [ 26.321106] kunit_try_run_case+0x1a5/0x480 [ 26.321250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.321420] kthread+0x337/0x6f0 [ 26.321584] ret_from_fork+0x116/0x1d0 [ 26.321793] ret_from_fork_asm+0x1a/0x30 [ 26.322078] [ 26.322171] The buggy address belongs to the object at ffff888105a1e600 [ 26.322171] which belongs to the cache kmalloc-64 of size 64 [ 26.322667] The buggy address is located 0 bytes to the right of [ 26.322667] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.323224] [ 26.323320] The buggy address belongs to the physical page: [ 26.323558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.323893] flags: 0x200000000000000(node=0|zone=2) [ 26.324139] page_type: f5(slab) [ 26.324308] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.324635] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.324956] page dumped because: kasan: bad access detected [ 26.325189] [ 26.325269] Memory state around the buggy address: [ 26.325483] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.325730] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.325971] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.326292] ^ [ 26.326540] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.326754] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.327158] ================================================================== [ 26.101313] ================================================================== [ 26.101668] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 26.101970] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.102224] [ 26.102315] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.102368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.102384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.102410] Call Trace: [ 26.102433] <TASK> [ 26.102454] dump_stack_lvl+0x73/0xb0 [ 26.102485] print_report+0xd1/0x650 [ 26.102510] ? __virt_addr_valid+0x1db/0x2d0 [ 26.102536] ? kasan_atomics_helper+0xac7/0x5450 [ 26.102559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.102586] ? kasan_atomics_helper+0xac7/0x5450 [ 26.102610] kasan_report+0x141/0x180 [ 26.102634] ? kasan_atomics_helper+0xac7/0x5450 [ 26.102661] kasan_check_range+0x10c/0x1c0 [ 26.102686] __kasan_check_write+0x18/0x20 [ 26.102710] kasan_atomics_helper+0xac7/0x5450 [ 26.102734] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.102758] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.102785] ? kasan_atomics+0x152/0x310 [ 26.102814] kasan_atomics+0x1dc/0x310 [ 26.102839] ? __pfx_kasan_atomics+0x10/0x10 [ 26.102862] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.102888] ? __pfx_read_tsc+0x10/0x10 [ 26.102913] ? ktime_get_ts64+0x86/0x230 [ 26.102973] kunit_try_run_case+0x1a5/0x480 [ 26.103002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.103038] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.103077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.103101] ? __kthread_parkme+0x82/0x180 [ 26.103124] ? preempt_count_sub+0x50/0x80 [ 26.103161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.103188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.103214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.103253] kthread+0x337/0x6f0 [ 26.103274] ? trace_preempt_on+0x20/0xc0 [ 26.103311] ? __pfx_kthread+0x10/0x10 [ 26.103334] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.103360] ? calculate_sigpending+0x7b/0xa0 [ 26.103398] ? __pfx_kthread+0x10/0x10 [ 26.103422] ret_from_fork+0x116/0x1d0 [ 26.103444] ? __pfx_kthread+0x10/0x10 [ 26.103477] ret_from_fork_asm+0x1a/0x30 [ 26.103511] </TASK> [ 26.103526] [ 26.111377] Allocated by task 314: [ 26.111520] kasan_save_stack+0x45/0x70 [ 26.111661] kasan_save_track+0x18/0x40 [ 26.111793] kasan_save_alloc_info+0x3b/0x50 [ 26.111959] __kasan_kmalloc+0xb7/0xc0 [ 26.112121] __kmalloc_cache_noprof+0x189/0x420 [ 26.112297] kasan_atomics+0x95/0x310 [ 26.112425] kunit_try_run_case+0x1a5/0x480 [ 26.112567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.112736] kthread+0x337/0x6f0 [ 26.112852] ret_from_fork+0x116/0x1d0 [ 26.113083] ret_from_fork_asm+0x1a/0x30 [ 26.113279] [ 26.113367] The buggy address belongs to the object at ffff888105a1e600 [ 26.113367] which belongs to the cache kmalloc-64 of size 64 [ 26.113884] The buggy address is located 0 bytes to the right of [ 26.113884] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.114450] [ 26.114520] The buggy address belongs to the physical page: [ 26.114688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.114956] flags: 0x200000000000000(node=0|zone=2) [ 26.115199] page_type: f5(slab) [ 26.115369] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.115761] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.116143] page dumped because: kasan: bad access detected [ 26.116310] [ 26.116375] Memory state around the buggy address: [ 26.116524] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.116734] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.116971] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.117263] ^ [ 26.117490] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.117868] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.118264] ================================================================== [ 26.967672] ================================================================== [ 26.968057] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 26.968361] Read of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.968598] [ 26.968694] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.968750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.968765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.968830] Call Trace: [ 26.968857] <TASK> [ 26.968905] dump_stack_lvl+0x73/0xb0 [ 26.969006] print_report+0xd1/0x650 [ 26.969058] ? __virt_addr_valid+0x1db/0x2d0 [ 26.969096] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.969121] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.969151] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.969175] kasan_report+0x141/0x180 [ 26.969199] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.969227] __asan_report_load8_noabort+0x18/0x20 [ 26.969254] kasan_atomics_helper+0x4fb2/0x5450 [ 26.969278] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.969302] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.969330] ? kasan_atomics+0x152/0x310 [ 26.969358] kasan_atomics+0x1dc/0x310 [ 26.969382] ? __pfx_kasan_atomics+0x10/0x10 [ 26.969406] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.969434] ? __pfx_read_tsc+0x10/0x10 [ 26.969458] ? ktime_get_ts64+0x86/0x230 [ 26.969487] kunit_try_run_case+0x1a5/0x480 [ 26.969515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.969541] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.969564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.969589] ? __kthread_parkme+0x82/0x180 [ 26.969613] ? preempt_count_sub+0x50/0x80 [ 26.969639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.969666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.969693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.969719] kthread+0x337/0x6f0 [ 26.969742] ? trace_preempt_on+0x20/0xc0 [ 26.969768] ? __pfx_kthread+0x10/0x10 [ 26.969790] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.969817] ? calculate_sigpending+0x7b/0xa0 [ 26.969850] ? __pfx_kthread+0x10/0x10 [ 26.969873] ret_from_fork+0x116/0x1d0 [ 26.969937] ? __pfx_kthread+0x10/0x10 [ 26.969960] ret_from_fork_asm+0x1a/0x30 [ 26.969995] </TASK> [ 26.970009] [ 26.977330] Allocated by task 314: [ 26.977476] kasan_save_stack+0x45/0x70 [ 26.977697] kasan_save_track+0x18/0x40 [ 26.977895] kasan_save_alloc_info+0x3b/0x50 [ 26.978138] __kasan_kmalloc+0xb7/0xc0 [ 26.978366] __kmalloc_cache_noprof+0x189/0x420 [ 26.978592] kasan_atomics+0x95/0x310 [ 26.978794] kunit_try_run_case+0x1a5/0x480 [ 26.979043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.979328] kthread+0x337/0x6f0 [ 26.979500] ret_from_fork+0x116/0x1d0 [ 26.979630] ret_from_fork_asm+0x1a/0x30 [ 26.979766] [ 26.979859] The buggy address belongs to the object at ffff888105a1e600 [ 26.979859] which belongs to the cache kmalloc-64 of size 64 [ 26.980414] The buggy address is located 0 bytes to the right of [ 26.980414] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.980959] [ 26.981056] The buggy address belongs to the physical page: [ 26.981297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.981629] flags: 0x200000000000000(node=0|zone=2) [ 26.981799] page_type: f5(slab) [ 26.981945] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.982185] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.982494] page dumped because: kasan: bad access detected [ 26.982741] [ 26.982829] Memory state around the buggy address: [ 26.983087] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.983337] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.983549] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.983757] ^ [ 26.984001] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.984349] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.984662] ================================================================== [ 26.762291] ================================================================== [ 26.762676] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 26.763024] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.763311] [ 26.763449] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.763503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.763518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.763543] Call Trace: [ 26.763567] <TASK> [ 26.763589] dump_stack_lvl+0x73/0xb0 [ 26.763620] print_report+0xd1/0x650 [ 26.763643] ? __virt_addr_valid+0x1db/0x2d0 [ 26.763670] ? kasan_atomics_helper+0x1c18/0x5450 [ 26.763693] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.763721] ? kasan_atomics_helper+0x1c18/0x5450 [ 26.763745] kasan_report+0x141/0x180 [ 26.763770] ? kasan_atomics_helper+0x1c18/0x5450 [ 26.763798] kasan_check_range+0x10c/0x1c0 [ 26.763823] __kasan_check_write+0x18/0x20 [ 26.763848] kasan_atomics_helper+0x1c18/0x5450 [ 26.763872] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.763905] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.763957] ? kasan_atomics+0x152/0x310 [ 26.763984] kasan_atomics+0x1dc/0x310 [ 26.764008] ? __pfx_kasan_atomics+0x10/0x10 [ 26.764031] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.764058] ? __pfx_read_tsc+0x10/0x10 [ 26.764091] ? ktime_get_ts64+0x86/0x230 [ 26.764118] kunit_try_run_case+0x1a5/0x480 [ 26.764145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.764170] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.764193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.764216] ? __kthread_parkme+0x82/0x180 [ 26.764238] ? preempt_count_sub+0x50/0x80 [ 26.764263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.764288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.764314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.764340] kthread+0x337/0x6f0 [ 26.764360] ? trace_preempt_on+0x20/0xc0 [ 26.764385] ? __pfx_kthread+0x10/0x10 [ 26.764408] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.764433] ? calculate_sigpending+0x7b/0xa0 [ 26.764458] ? __pfx_kthread+0x10/0x10 [ 26.764481] ret_from_fork+0x116/0x1d0 [ 26.764501] ? __pfx_kthread+0x10/0x10 [ 26.764523] ret_from_fork_asm+0x1a/0x30 [ 26.764555] </TASK> [ 26.764570] [ 26.772042] Allocated by task 314: [ 26.772181] kasan_save_stack+0x45/0x70 [ 26.772323] kasan_save_track+0x18/0x40 [ 26.772481] kasan_save_alloc_info+0x3b/0x50 [ 26.772710] __kasan_kmalloc+0xb7/0xc0 [ 26.772896] __kmalloc_cache_noprof+0x189/0x420 [ 26.773160] kasan_atomics+0x95/0x310 [ 26.773347] kunit_try_run_case+0x1a5/0x480 [ 26.773576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.773806] kthread+0x337/0x6f0 [ 26.773969] ret_from_fork+0x116/0x1d0 [ 26.774175] ret_from_fork_asm+0x1a/0x30 [ 26.774354] [ 26.774443] The buggy address belongs to the object at ffff888105a1e600 [ 26.774443] which belongs to the cache kmalloc-64 of size 64 [ 26.774940] The buggy address is located 0 bytes to the right of [ 26.774940] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.775464] [ 26.775548] The buggy address belongs to the physical page: [ 26.775784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.776155] flags: 0x200000000000000(node=0|zone=2) [ 26.776372] page_type: f5(slab) [ 26.776546] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.776851] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.777205] page dumped because: kasan: bad access detected [ 26.777420] [ 26.777485] Memory state around the buggy address: [ 26.777634] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.777851] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.778085] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.778431] ^ [ 26.778651] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.778986] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.779328] ================================================================== [ 26.823725] ================================================================== [ 26.824085] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 26.824613] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.824837] [ 26.824922] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.824990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.825005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.825030] Call Trace: [ 26.825051] <TASK> [ 26.825084] dump_stack_lvl+0x73/0xb0 [ 26.825115] print_report+0xd1/0x650 [ 26.825138] ? __virt_addr_valid+0x1db/0x2d0 [ 26.825163] ? kasan_atomics_helper+0x1d7a/0x5450 [ 26.825185] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.825213] ? kasan_atomics_helper+0x1d7a/0x5450 [ 26.825236] kasan_report+0x141/0x180 [ 26.825259] ? kasan_atomics_helper+0x1d7a/0x5450 [ 26.825286] kasan_check_range+0x10c/0x1c0 [ 26.825311] __kasan_check_write+0x18/0x20 [ 26.825335] kasan_atomics_helper+0x1d7a/0x5450 [ 26.825359] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.825382] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.825409] ? kasan_atomics+0x152/0x310 [ 26.825435] kasan_atomics+0x1dc/0x310 [ 26.825458] ? __pfx_kasan_atomics+0x10/0x10 [ 26.825482] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.825508] ? __pfx_read_tsc+0x10/0x10 [ 26.825531] ? ktime_get_ts64+0x86/0x230 [ 26.825557] kunit_try_run_case+0x1a5/0x480 [ 26.825584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.825609] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.825631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.825655] ? __kthread_parkme+0x82/0x180 [ 26.825676] ? preempt_count_sub+0x50/0x80 [ 26.825701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.825727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.825753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.825779] kthread+0x337/0x6f0 [ 26.825800] ? trace_preempt_on+0x20/0xc0 [ 26.825830] ? __pfx_kthread+0x10/0x10 [ 26.825855] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.825882] ? calculate_sigpending+0x7b/0xa0 [ 26.825907] ? __pfx_kthread+0x10/0x10 [ 26.825940] ret_from_fork+0x116/0x1d0 [ 26.825963] ? __pfx_kthread+0x10/0x10 [ 26.825985] ret_from_fork_asm+0x1a/0x30 [ 26.826017] </TASK> [ 26.826031] [ 26.832889] Allocated by task 314: [ 26.833083] kasan_save_stack+0x45/0x70 [ 26.833279] kasan_save_track+0x18/0x40 [ 26.833469] kasan_save_alloc_info+0x3b/0x50 [ 26.833677] __kasan_kmalloc+0xb7/0xc0 [ 26.833868] __kmalloc_cache_noprof+0x189/0x420 [ 26.834095] kasan_atomics+0x95/0x310 [ 26.834275] kunit_try_run_case+0x1a5/0x480 [ 26.834486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.834742] kthread+0x337/0x6f0 [ 26.834904] ret_from_fork+0x116/0x1d0 [ 26.835082] ret_from_fork_asm+0x1a/0x30 [ 26.835244] [ 26.835308] The buggy address belongs to the object at ffff888105a1e600 [ 26.835308] which belongs to the cache kmalloc-64 of size 64 [ 26.835649] The buggy address is located 0 bytes to the right of [ 26.835649] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.836122] [ 26.836218] The buggy address belongs to the physical page: [ 26.836464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.836806] flags: 0x200000000000000(node=0|zone=2) [ 26.837029] page_type: f5(slab) [ 26.837160] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.837389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.837615] page dumped because: kasan: bad access detected [ 26.837781] [ 26.837850] Memory state around the buggy address: [ 26.838000] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.838551] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.838870] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.839198] ^ [ 26.839422] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.839754] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.840216] ================================================================== [ 26.193400] ================================================================== [ 26.193728] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 26.194024] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.194342] [ 26.194441] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.194492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.194506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.194531] Call Trace: [ 26.194552] <TASK> [ 26.194573] dump_stack_lvl+0x73/0xb0 [ 26.194603] print_report+0xd1/0x650 [ 26.194626] ? __virt_addr_valid+0x1db/0x2d0 [ 26.194651] ? kasan_atomics_helper+0xde0/0x5450 [ 26.194673] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.194699] ? kasan_atomics_helper+0xde0/0x5450 [ 26.194722] kasan_report+0x141/0x180 [ 26.194745] ? kasan_atomics_helper+0xde0/0x5450 [ 26.194772] kasan_check_range+0x10c/0x1c0 [ 26.194795] __kasan_check_write+0x18/0x20 [ 26.194820] kasan_atomics_helper+0xde0/0x5450 [ 26.194843] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.194867] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.194894] ? kasan_atomics+0x152/0x310 [ 26.194920] kasan_atomics+0x1dc/0x310 [ 26.194943] ? __pfx_kasan_atomics+0x10/0x10 [ 26.194966] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.194992] ? __pfx_read_tsc+0x10/0x10 [ 26.195015] ? ktime_get_ts64+0x86/0x230 [ 26.195041] kunit_try_run_case+0x1a5/0x480 [ 26.195108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.195134] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.195156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.195193] ? __kthread_parkme+0x82/0x180 [ 26.195215] ? preempt_count_sub+0x50/0x80 [ 26.195240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.195275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.195301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.195327] kthread+0x337/0x6f0 [ 26.195357] ? trace_preempt_on+0x20/0xc0 [ 26.195383] ? __pfx_kthread+0x10/0x10 [ 26.195405] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.195431] ? calculate_sigpending+0x7b/0xa0 [ 26.195457] ? __pfx_kthread+0x10/0x10 [ 26.195479] ret_from_fork+0x116/0x1d0 [ 26.195499] ? __pfx_kthread+0x10/0x10 [ 26.195522] ret_from_fork_asm+0x1a/0x30 [ 26.195553] </TASK> [ 26.195568] [ 26.203087] Allocated by task 314: [ 26.203263] kasan_save_stack+0x45/0x70 [ 26.203466] kasan_save_track+0x18/0x40 [ 26.203659] kasan_save_alloc_info+0x3b/0x50 [ 26.203827] __kasan_kmalloc+0xb7/0xc0 [ 26.204052] __kmalloc_cache_noprof+0x189/0x420 [ 26.204244] kasan_atomics+0x95/0x310 [ 26.204433] kunit_try_run_case+0x1a5/0x480 [ 26.204575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.204746] kthread+0x337/0x6f0 [ 26.204860] ret_from_fork+0x116/0x1d0 [ 26.205012] ret_from_fork_asm+0x1a/0x30 [ 26.205202] [ 26.205291] The buggy address belongs to the object at ffff888105a1e600 [ 26.205291] which belongs to the cache kmalloc-64 of size 64 [ 26.205831] The buggy address is located 0 bytes to the right of [ 26.205831] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.206403] [ 26.206499] The buggy address belongs to the physical page: [ 26.206702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.206961] flags: 0x200000000000000(node=0|zone=2) [ 26.207130] page_type: f5(slab) [ 26.207270] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.207633] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.208023] page dumped because: kasan: bad access detected [ 26.208280] [ 26.208362] Memory state around the buggy address: [ 26.208524] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.208854] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.209195] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.209485] ^ [ 26.209693] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.210029] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.210338] ================================================================== [ 26.065196] ================================================================== [ 26.065549] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 26.065897] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.066230] [ 26.066343] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.066396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.066410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.066658] Call Trace: [ 26.066687] <TASK> [ 26.066710] dump_stack_lvl+0x73/0xb0 [ 26.066744] print_report+0xd1/0x650 [ 26.066769] ? __virt_addr_valid+0x1db/0x2d0 [ 26.066794] ? kasan_atomics_helper+0x992/0x5450 [ 26.066817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.066844] ? kasan_atomics_helper+0x992/0x5450 [ 26.066868] kasan_report+0x141/0x180 [ 26.066891] ? kasan_atomics_helper+0x992/0x5450 [ 26.066938] kasan_check_range+0x10c/0x1c0 [ 26.066964] __kasan_check_write+0x18/0x20 [ 26.066988] kasan_atomics_helper+0x992/0x5450 [ 26.067020] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.067044] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.067088] ? kasan_atomics+0x152/0x310 [ 26.067116] kasan_atomics+0x1dc/0x310 [ 26.067141] ? __pfx_kasan_atomics+0x10/0x10 [ 26.067166] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.067204] ? __pfx_read_tsc+0x10/0x10 [ 26.067229] ? ktime_get_ts64+0x86/0x230 [ 26.067268] kunit_try_run_case+0x1a5/0x480 [ 26.067297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.067322] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.067354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.067378] ? __kthread_parkme+0x82/0x180 [ 26.067402] ? preempt_count_sub+0x50/0x80 [ 26.067438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.067465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.067491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.067526] kthread+0x337/0x6f0 [ 26.067546] ? trace_preempt_on+0x20/0xc0 [ 26.067571] ? __pfx_kthread+0x10/0x10 [ 26.067604] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.067629] ? calculate_sigpending+0x7b/0xa0 [ 26.067655] ? __pfx_kthread+0x10/0x10 [ 26.067686] ret_from_fork+0x116/0x1d0 [ 26.067707] ? __pfx_kthread+0x10/0x10 [ 26.067729] ret_from_fork_asm+0x1a/0x30 [ 26.067772] </TASK> [ 26.067786] [ 26.075456] Allocated by task 314: [ 26.075640] kasan_save_stack+0x45/0x70 [ 26.075833] kasan_save_track+0x18/0x40 [ 26.076080] kasan_save_alloc_info+0x3b/0x50 [ 26.076267] __kasan_kmalloc+0xb7/0xc0 [ 26.076449] __kmalloc_cache_noprof+0x189/0x420 [ 26.076623] kasan_atomics+0x95/0x310 [ 26.076825] kunit_try_run_case+0x1a5/0x480 [ 26.077055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.077302] kthread+0x337/0x6f0 [ 26.077419] ret_from_fork+0x116/0x1d0 [ 26.077548] ret_from_fork_asm+0x1a/0x30 [ 26.077684] [ 26.077750] The buggy address belongs to the object at ffff888105a1e600 [ 26.077750] which belongs to the cache kmalloc-64 of size 64 [ 26.078185] The buggy address is located 0 bytes to the right of [ 26.078185] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.078733] [ 26.078827] The buggy address belongs to the physical page: [ 26.079136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.079491] flags: 0x200000000000000(node=0|zone=2) [ 26.079726] page_type: f5(slab) [ 26.079933] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.080270] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.080506] page dumped because: kasan: bad access detected [ 26.080674] [ 26.080738] Memory state around the buggy address: [ 26.080890] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.081139] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.081477] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.081837] ^ [ 26.082104] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.082458] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.082788] ================================================================== [ 27.048455] ================================================================== [ 27.048788] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 27.049493] Read of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 27.050089] [ 27.050308] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 27.050465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.050485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.050512] Call Trace: [ 27.050538] <TASK> [ 27.050561] dump_stack_lvl+0x73/0xb0 [ 27.050605] print_report+0xd1/0x650 [ 27.050632] ? __virt_addr_valid+0x1db/0x2d0 [ 27.050659] ? kasan_atomics_helper+0x5115/0x5450 [ 27.050683] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.050711] ? kasan_atomics_helper+0x5115/0x5450 [ 27.050736] kasan_report+0x141/0x180 [ 27.050759] ? kasan_atomics_helper+0x5115/0x5450 [ 27.050787] __asan_report_load8_noabort+0x18/0x20 [ 27.050814] kasan_atomics_helper+0x5115/0x5450 [ 27.050839] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.050865] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.050894] ? kasan_atomics+0x152/0x310 [ 27.050922] kasan_atomics+0x1dc/0x310 [ 27.050981] ? __pfx_kasan_atomics+0x10/0x10 [ 27.051006] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 27.051034] ? __pfx_read_tsc+0x10/0x10 [ 27.051058] ? ktime_get_ts64+0x86/0x230 [ 27.051096] kunit_try_run_case+0x1a5/0x480 [ 27.051125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.051152] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 27.051175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.051199] ? __kthread_parkme+0x82/0x180 [ 27.051223] ? preempt_count_sub+0x50/0x80 [ 27.051250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.051276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.051304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.051330] kthread+0x337/0x6f0 [ 27.051353] ? trace_preempt_on+0x20/0xc0 [ 27.051379] ? __pfx_kthread+0x10/0x10 [ 27.051401] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.051428] ? calculate_sigpending+0x7b/0xa0 [ 27.051455] ? __pfx_kthread+0x10/0x10 [ 27.051479] ret_from_fork+0x116/0x1d0 [ 27.051500] ? __pfx_kthread+0x10/0x10 [ 27.051523] ret_from_fork_asm+0x1a/0x30 [ 27.051558] </TASK> [ 27.051573] [ 27.063755] Allocated by task 314: [ 27.064083] kasan_save_stack+0x45/0x70 [ 27.064301] kasan_save_track+0x18/0x40 [ 27.064484] kasan_save_alloc_info+0x3b/0x50 [ 27.064686] __kasan_kmalloc+0xb7/0xc0 [ 27.064859] __kmalloc_cache_noprof+0x189/0x420 [ 27.065337] kasan_atomics+0x95/0x310 [ 27.065648] kunit_try_run_case+0x1a5/0x480 [ 27.066185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.066505] kthread+0x337/0x6f0 [ 27.066773] ret_from_fork+0x116/0x1d0 [ 27.067113] ret_from_fork_asm+0x1a/0x30 [ 27.067422] [ 27.067529] The buggy address belongs to the object at ffff888105a1e600 [ 27.067529] which belongs to the cache kmalloc-64 of size 64 [ 27.068240] The buggy address is located 0 bytes to the right of [ 27.068240] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 27.069102] [ 27.069211] The buggy address belongs to the physical page: [ 27.069455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 27.069792] flags: 0x200000000000000(node=0|zone=2) [ 27.070324] page_type: f5(slab) [ 27.070636] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.071310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.071769] page dumped because: kasan: bad access detected [ 27.072271] [ 27.072510] Memory state around the buggy address: [ 27.072733] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.073294] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.073801] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.074293] ^ [ 27.074512] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.074810] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.075407] ================================================================== [ 25.861315] ================================================================== [ 25.862323] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 25.863070] Read of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 25.863559] [ 25.863832] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.863902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.863918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.863954] Call Trace: [ 25.863972] <TASK> [ 25.863993] dump_stack_lvl+0x73/0xb0 [ 25.864054] print_report+0xd1/0x650 [ 25.864095] ? __virt_addr_valid+0x1db/0x2d0 [ 25.864122] ? kasan_atomics_helper+0x4b54/0x5450 [ 25.864144] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.864172] ? kasan_atomics_helper+0x4b54/0x5450 [ 25.864222] kasan_report+0x141/0x180 [ 25.864246] ? kasan_atomics_helper+0x4b54/0x5450 [ 25.864273] __asan_report_load4_noabort+0x18/0x20 [ 25.864310] kasan_atomics_helper+0x4b54/0x5450 [ 25.864334] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.864357] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.864384] ? kasan_atomics+0x152/0x310 [ 25.864412] kasan_atomics+0x1dc/0x310 [ 25.864435] ? __pfx_kasan_atomics+0x10/0x10 [ 25.864458] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.864484] ? __pfx_read_tsc+0x10/0x10 [ 25.864508] ? ktime_get_ts64+0x86/0x230 [ 25.864534] kunit_try_run_case+0x1a5/0x480 [ 25.864562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.864586] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.864609] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.864633] ? __kthread_parkme+0x82/0x180 [ 25.864654] ? preempt_count_sub+0x50/0x80 [ 25.864679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.864705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.864731] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.864757] kthread+0x337/0x6f0 [ 25.864779] ? trace_preempt_on+0x20/0xc0 [ 25.864805] ? __pfx_kthread+0x10/0x10 [ 25.864827] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.864853] ? calculate_sigpending+0x7b/0xa0 [ 25.864878] ? __pfx_kthread+0x10/0x10 [ 25.864901] ret_from_fork+0x116/0x1d0 [ 25.864922] ? __pfx_kthread+0x10/0x10 [ 25.864957] ret_from_fork_asm+0x1a/0x30 [ 25.864989] </TASK> [ 25.865003] [ 25.872907] Allocated by task 314: [ 25.874052] kasan_save_stack+0x45/0x70 [ 25.874703] kasan_save_track+0x18/0x40 [ 25.875312] kasan_save_alloc_info+0x3b/0x50 [ 25.875832] __kasan_kmalloc+0xb7/0xc0 [ 25.876445] __kmalloc_cache_noprof+0x189/0x420 [ 25.876698] kasan_atomics+0x95/0x310 [ 25.876831] kunit_try_run_case+0x1a5/0x480 [ 25.876980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.877458] kthread+0x337/0x6f0 [ 25.877760] ret_from_fork+0x116/0x1d0 [ 25.878149] ret_from_fork_asm+0x1a/0x30 [ 25.878532] [ 25.878686] The buggy address belongs to the object at ffff888105a1e600 [ 25.878686] which belongs to the cache kmalloc-64 of size 64 [ 25.879654] The buggy address is located 0 bytes to the right of [ 25.879654] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 25.880186] [ 25.880346] The buggy address belongs to the physical page: [ 25.880818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 25.881560] flags: 0x200000000000000(node=0|zone=2) [ 25.882096] page_type: f5(slab) [ 25.882396] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.883003] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.883240] page dumped because: kasan: bad access detected [ 25.883409] [ 25.883476] Memory state around the buggy address: [ 25.883631] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.883843] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.884089] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.884481] ^ [ 25.884717] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.884921] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.885581] ================================================================== [ 25.972632] ================================================================== [ 25.973160] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 25.973428] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 25.973668] [ 25.973798] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.973871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.973887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.973913] Call Trace: [ 25.973939] <TASK> [ 25.973961] dump_stack_lvl+0x73/0xb0 [ 25.974003] print_report+0xd1/0x650 [ 25.974027] ? __virt_addr_valid+0x1db/0x2d0 [ 25.974074] ? kasan_atomics_helper+0x697/0x5450 [ 25.974097] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.974124] ? kasan_atomics_helper+0x697/0x5450 [ 25.974148] kasan_report+0x141/0x180 [ 25.974172] ? kasan_atomics_helper+0x697/0x5450 [ 25.974198] kasan_check_range+0x10c/0x1c0 [ 25.974223] __kasan_check_write+0x18/0x20 [ 25.974248] kasan_atomics_helper+0x697/0x5450 [ 25.974281] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.974305] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.974343] ? kasan_atomics+0x152/0x310 [ 25.974372] kasan_atomics+0x1dc/0x310 [ 25.974396] ? __pfx_kasan_atomics+0x10/0x10 [ 25.974420] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.974446] ? __pfx_read_tsc+0x10/0x10 [ 25.974469] ? ktime_get_ts64+0x86/0x230 [ 25.974497] kunit_try_run_case+0x1a5/0x480 [ 25.974525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.974550] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.974573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.974598] ? __kthread_parkme+0x82/0x180 [ 25.974620] ? preempt_count_sub+0x50/0x80 [ 25.974646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.974673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.974699] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.974726] kthread+0x337/0x6f0 [ 25.974758] ? trace_preempt_on+0x20/0xc0 [ 25.974782] ? __pfx_kthread+0x10/0x10 [ 25.974805] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.974842] ? calculate_sigpending+0x7b/0xa0 [ 25.974868] ? __pfx_kthread+0x10/0x10 [ 25.974892] ret_from_fork+0x116/0x1d0 [ 25.974913] ? __pfx_kthread+0x10/0x10 [ 25.974935] ret_from_fork_asm+0x1a/0x30 [ 25.974968] </TASK> [ 25.974983] [ 25.983105] Allocated by task 314: [ 25.983244] kasan_save_stack+0x45/0x70 [ 25.983509] kasan_save_track+0x18/0x40 [ 25.983754] kasan_save_alloc_info+0x3b/0x50 [ 25.984111] __kasan_kmalloc+0xb7/0xc0 [ 25.984339] __kmalloc_cache_noprof+0x189/0x420 [ 25.984519] kasan_atomics+0x95/0x310 [ 25.984650] kunit_try_run_case+0x1a5/0x480 [ 25.984797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.985100] kthread+0x337/0x6f0 [ 25.985271] ret_from_fork+0x116/0x1d0 [ 25.985460] ret_from_fork_asm+0x1a/0x30 [ 25.985682] [ 25.985785] The buggy address belongs to the object at ffff888105a1e600 [ 25.985785] which belongs to the cache kmalloc-64 of size 64 [ 25.986385] The buggy address is located 0 bytes to the right of [ 25.986385] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 25.986756] [ 25.986855] The buggy address belongs to the physical page: [ 25.987326] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 25.987724] flags: 0x200000000000000(node=0|zone=2) [ 25.988017] page_type: f5(slab) [ 25.988169] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.988511] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.988829] page dumped because: kasan: bad access detected [ 25.989077] [ 25.989193] Memory state around the buggy address: [ 25.989387] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.989605] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.989823] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.990179] ^ [ 25.990410] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.990739] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.991089] ================================================================== [ 26.229071] ================================================================== [ 26.229666] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 26.230473] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.230811] [ 26.230969] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.231024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.231040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.231075] Call Trace: [ 26.231107] <TASK> [ 26.231129] dump_stack_lvl+0x73/0xb0 [ 26.231173] print_report+0xd1/0x650 [ 26.231198] ? __virt_addr_valid+0x1db/0x2d0 [ 26.231222] ? kasan_atomics_helper+0xf10/0x5450 [ 26.231245] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.231281] ? kasan_atomics_helper+0xf10/0x5450 [ 26.231305] kasan_report+0x141/0x180 [ 26.231328] ? kasan_atomics_helper+0xf10/0x5450 [ 26.231366] kasan_check_range+0x10c/0x1c0 [ 26.231390] __kasan_check_write+0x18/0x20 [ 26.231416] kasan_atomics_helper+0xf10/0x5450 [ 26.231449] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.231472] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.231509] ? kasan_atomics+0x152/0x310 [ 26.231536] kasan_atomics+0x1dc/0x310 [ 26.231560] ? __pfx_kasan_atomics+0x10/0x10 [ 26.231591] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.231618] ? __pfx_read_tsc+0x10/0x10 [ 26.231641] ? ktime_get_ts64+0x86/0x230 [ 26.231678] kunit_try_run_case+0x1a5/0x480 [ 26.231706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.231732] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.231763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.231787] ? __kthread_parkme+0x82/0x180 [ 26.231809] ? preempt_count_sub+0x50/0x80 [ 26.231844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.231870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.231903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.231947] kthread+0x337/0x6f0 [ 26.231968] ? trace_preempt_on+0x20/0xc0 [ 26.232004] ? __pfx_kthread+0x10/0x10 [ 26.232026] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.232052] ? calculate_sigpending+0x7b/0xa0 [ 26.232095] ? __pfx_kthread+0x10/0x10 [ 26.232118] ret_from_fork+0x116/0x1d0 [ 26.232139] ? __pfx_kthread+0x10/0x10 [ 26.232172] ret_from_fork_asm+0x1a/0x30 [ 26.232204] </TASK> [ 26.232218] [ 26.240051] Allocated by task 314: [ 26.240266] kasan_save_stack+0x45/0x70 [ 26.240432] kasan_save_track+0x18/0x40 [ 26.240625] kasan_save_alloc_info+0x3b/0x50 [ 26.240823] __kasan_kmalloc+0xb7/0xc0 [ 26.241037] __kmalloc_cache_noprof+0x189/0x420 [ 26.241253] kasan_atomics+0x95/0x310 [ 26.241435] kunit_try_run_case+0x1a5/0x480 [ 26.241625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.241798] kthread+0x337/0x6f0 [ 26.241938] ret_from_fork+0x116/0x1d0 [ 26.242078] ret_from_fork_asm+0x1a/0x30 [ 26.242299] [ 26.242397] The buggy address belongs to the object at ffff888105a1e600 [ 26.242397] which belongs to the cache kmalloc-64 of size 64 [ 26.242959] The buggy address is located 0 bytes to the right of [ 26.242959] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.243529] [ 26.243618] The buggy address belongs to the physical page: [ 26.243789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.244053] flags: 0x200000000000000(node=0|zone=2) [ 26.244248] page_type: f5(slab) [ 26.244417] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.244781] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.245172] page dumped because: kasan: bad access detected [ 26.245445] [ 26.245557] Memory state around the buggy address: [ 26.245767] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.246000] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.246328] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.246639] ^ [ 26.246800] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.247044] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.247262] ================================================================== [ 26.743367] ================================================================== [ 26.744122] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 26.744556] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.744777] [ 26.744866] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.744919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.744942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.744967] Call Trace: [ 26.744990] <TASK> [ 26.745013] dump_stack_lvl+0x73/0xb0 [ 26.745044] print_report+0xd1/0x650 [ 26.745082] ? __virt_addr_valid+0x1db/0x2d0 [ 26.745107] ? kasan_atomics_helper+0x1b22/0x5450 [ 26.745131] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.745158] ? kasan_atomics_helper+0x1b22/0x5450 [ 26.745181] kasan_report+0x141/0x180 [ 26.745205] ? kasan_atomics_helper+0x1b22/0x5450 [ 26.745232] kasan_check_range+0x10c/0x1c0 [ 26.745258] __kasan_check_write+0x18/0x20 [ 26.745282] kasan_atomics_helper+0x1b22/0x5450 [ 26.745306] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.745330] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.745358] ? kasan_atomics+0x152/0x310 [ 26.745385] kasan_atomics+0x1dc/0x310 [ 26.745409] ? __pfx_kasan_atomics+0x10/0x10 [ 26.745432] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.745460] ? __pfx_read_tsc+0x10/0x10 [ 26.745487] ? ktime_get_ts64+0x86/0x230 [ 26.745528] kunit_try_run_case+0x1a5/0x480 [ 26.745557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.745593] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.745616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.745640] ? __kthread_parkme+0x82/0x180 [ 26.745661] ? preempt_count_sub+0x50/0x80 [ 26.745687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.745714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.745740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.745766] kthread+0x337/0x6f0 [ 26.745788] ? trace_preempt_on+0x20/0xc0 [ 26.745813] ? __pfx_kthread+0x10/0x10 [ 26.745839] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.745865] ? calculate_sigpending+0x7b/0xa0 [ 26.745890] ? __pfx_kthread+0x10/0x10 [ 26.745913] ret_from_fork+0x116/0x1d0 [ 26.745945] ? __pfx_kthread+0x10/0x10 [ 26.745968] ret_from_fork_asm+0x1a/0x30 [ 26.746001] </TASK> [ 26.746014] [ 26.753629] Allocated by task 314: [ 26.753768] kasan_save_stack+0x45/0x70 [ 26.753992] kasan_save_track+0x18/0x40 [ 26.754187] kasan_save_alloc_info+0x3b/0x50 [ 26.754390] __kasan_kmalloc+0xb7/0xc0 [ 26.754571] __kmalloc_cache_noprof+0x189/0x420 [ 26.754790] kasan_atomics+0x95/0x310 [ 26.754969] kunit_try_run_case+0x1a5/0x480 [ 26.755180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.755491] kthread+0x337/0x6f0 [ 26.755606] ret_from_fork+0x116/0x1d0 [ 26.755734] ret_from_fork_asm+0x1a/0x30 [ 26.755867] [ 26.756070] The buggy address belongs to the object at ffff888105a1e600 [ 26.756070] which belongs to the cache kmalloc-64 of size 64 [ 26.756595] The buggy address is located 0 bytes to the right of [ 26.756595] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.757178] [ 26.757261] The buggy address belongs to the physical page: [ 26.757428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.757665] flags: 0x200000000000000(node=0|zone=2) [ 26.757855] page_type: f5(slab) [ 26.758167] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.758504] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.758831] page dumped because: kasan: bad access detected [ 26.759242] [ 26.759312] Memory state around the buggy address: [ 26.759462] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.759674] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.759886] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.760165] ^ [ 26.760405] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.760755] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.761136] ================================================================== [ 26.521305] ================================================================== [ 26.521629] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 26.522271] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.522614] [ 26.522725] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.522781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.522797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.522822] Call Trace: [ 26.522845] <TASK> [ 26.522867] dump_stack_lvl+0x73/0xb0 [ 26.522901] print_report+0xd1/0x650 [ 26.522925] ? __virt_addr_valid+0x1db/0x2d0 [ 26.522952] ? kasan_atomics_helper+0x50d4/0x5450 [ 26.522975] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.523002] ? kasan_atomics_helper+0x50d4/0x5450 [ 26.523025] kasan_report+0x141/0x180 [ 26.523048] ? kasan_atomics_helper+0x50d4/0x5450 [ 26.523086] __asan_report_store8_noabort+0x1b/0x30 [ 26.523123] kasan_atomics_helper+0x50d4/0x5450 [ 26.523146] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.523169] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.523208] ? kasan_atomics+0x152/0x310 [ 26.523236] kasan_atomics+0x1dc/0x310 [ 26.523259] ? __pfx_kasan_atomics+0x10/0x10 [ 26.523282] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.523308] ? __pfx_read_tsc+0x10/0x10 [ 26.523332] ? ktime_get_ts64+0x86/0x230 [ 26.523359] kunit_try_run_case+0x1a5/0x480 [ 26.523386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.523411] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.523433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.523457] ? __kthread_parkme+0x82/0x180 [ 26.523521] ? preempt_count_sub+0x50/0x80 [ 26.523547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.523806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.523844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.523871] kthread+0x337/0x6f0 [ 26.523892] ? trace_preempt_on+0x20/0xc0 [ 26.523917] ? __pfx_kthread+0x10/0x10 [ 26.523953] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.523980] ? calculate_sigpending+0x7b/0xa0 [ 26.524007] ? __pfx_kthread+0x10/0x10 [ 26.524030] ret_from_fork+0x116/0x1d0 [ 26.524052] ? __pfx_kthread+0x10/0x10 [ 26.524085] ret_from_fork_asm+0x1a/0x30 [ 26.524118] </TASK> [ 26.524132] [ 26.531846] Allocated by task 314: [ 26.531987] kasan_save_stack+0x45/0x70 [ 26.532200] kasan_save_track+0x18/0x40 [ 26.532403] kasan_save_alloc_info+0x3b/0x50 [ 26.532607] __kasan_kmalloc+0xb7/0xc0 [ 26.532788] __kmalloc_cache_noprof+0x189/0x420 [ 26.533154] kasan_atomics+0x95/0x310 [ 26.533324] kunit_try_run_case+0x1a5/0x480 [ 26.533467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.533706] kthread+0x337/0x6f0 [ 26.533874] ret_from_fork+0x116/0x1d0 [ 26.534171] ret_from_fork_asm+0x1a/0x30 [ 26.534354] [ 26.534448] The buggy address belongs to the object at ffff888105a1e600 [ 26.534448] which belongs to the cache kmalloc-64 of size 64 [ 26.534951] The buggy address is located 0 bytes to the right of [ 26.534951] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.535467] [ 26.535567] The buggy address belongs to the physical page: [ 26.535767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.536004] flags: 0x200000000000000(node=0|zone=2) [ 26.536174] page_type: f5(slab) [ 26.536295] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.536656] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.537093] page dumped because: kasan: bad access detected [ 26.537342] [ 26.537422] Memory state around the buggy address: [ 26.537583] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.537811] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.538082] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.538325] ^ [ 26.538500] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.538742] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.538990] ================================================================== [ 25.888134] ================================================================== [ 25.888590] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 25.888839] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 25.889424] [ 25.889629] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.889687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.889702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.889728] Call Trace: [ 25.889753] <TASK> [ 25.889795] dump_stack_lvl+0x73/0xb0 [ 25.889838] print_report+0xd1/0x650 [ 25.889865] ? __virt_addr_valid+0x1db/0x2d0 [ 25.889891] ? kasan_atomics_helper+0x4a0/0x5450 [ 25.889914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.889943] ? kasan_atomics_helper+0x4a0/0x5450 [ 25.889986] kasan_report+0x141/0x180 [ 25.890024] ? kasan_atomics_helper+0x4a0/0x5450 [ 25.890052] kasan_check_range+0x10c/0x1c0 [ 25.890088] __kasan_check_write+0x18/0x20 [ 25.890113] kasan_atomics_helper+0x4a0/0x5450 [ 25.890137] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.890161] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.890189] ? kasan_atomics+0x152/0x310 [ 25.890216] kasan_atomics+0x1dc/0x310 [ 25.890241] ? __pfx_kasan_atomics+0x10/0x10 [ 25.890265] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.890292] ? __pfx_read_tsc+0x10/0x10 [ 25.890316] ? ktime_get_ts64+0x86/0x230 [ 25.890343] kunit_try_run_case+0x1a5/0x480 [ 25.890373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.890400] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.890422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.890446] ? __kthread_parkme+0x82/0x180 [ 25.890469] ? preempt_count_sub+0x50/0x80 [ 25.890495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.890522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.890548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.890574] kthread+0x337/0x6f0 [ 25.890596] ? trace_preempt_on+0x20/0xc0 [ 25.890620] ? __pfx_kthread+0x10/0x10 [ 25.890644] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.890670] ? calculate_sigpending+0x7b/0xa0 [ 25.890696] ? __pfx_kthread+0x10/0x10 [ 25.890720] ret_from_fork+0x116/0x1d0 [ 25.890740] ? __pfx_kthread+0x10/0x10 [ 25.890763] ret_from_fork_asm+0x1a/0x30 [ 25.890796] </TASK> [ 25.890811] [ 25.900559] Allocated by task 314: [ 25.900754] kasan_save_stack+0x45/0x70 [ 25.900992] kasan_save_track+0x18/0x40 [ 25.901237] kasan_save_alloc_info+0x3b/0x50 [ 25.901388] __kasan_kmalloc+0xb7/0xc0 [ 25.901515] __kmalloc_cache_noprof+0x189/0x420 [ 25.901664] kasan_atomics+0x95/0x310 [ 25.901867] kunit_try_run_case+0x1a5/0x480 [ 25.902294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.902974] kthread+0x337/0x6f0 [ 25.903233] ret_from_fork+0x116/0x1d0 [ 25.903400] ret_from_fork_asm+0x1a/0x30 [ 25.903636] [ 25.903732] The buggy address belongs to the object at ffff888105a1e600 [ 25.903732] which belongs to the cache kmalloc-64 of size 64 [ 25.904321] The buggy address is located 0 bytes to the right of [ 25.904321] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 25.905043] [ 25.905140] The buggy address belongs to the physical page: [ 25.905466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 25.905896] flags: 0x200000000000000(node=0|zone=2) [ 25.906108] page_type: f5(slab) [ 25.906230] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.906577] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.906924] page dumped because: kasan: bad access detected [ 25.907312] [ 25.907405] Memory state around the buggy address: [ 25.907667] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.908108] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.908450] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.908723] ^ [ 25.908907] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.909196] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.909487] ================================================================== [ 26.328176] ================================================================== [ 26.328539] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 26.328868] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.329267] [ 26.329400] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.329456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.329471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.329498] Call Trace: [ 26.329522] <TASK> [ 26.329544] dump_stack_lvl+0x73/0xb0 [ 26.329576] print_report+0xd1/0x650 [ 26.329602] ? __virt_addr_valid+0x1db/0x2d0 [ 26.329628] ? kasan_atomics_helper+0x1148/0x5450 [ 26.329651] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.329678] ? kasan_atomics_helper+0x1148/0x5450 [ 26.329702] kasan_report+0x141/0x180 [ 26.329725] ? kasan_atomics_helper+0x1148/0x5450 [ 26.329763] kasan_check_range+0x10c/0x1c0 [ 26.329788] __kasan_check_write+0x18/0x20 [ 26.329813] kasan_atomics_helper+0x1148/0x5450 [ 26.329849] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.329873] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.329900] ? kasan_atomics+0x152/0x310 [ 26.329927] kasan_atomics+0x1dc/0x310 [ 26.329950] ? __pfx_kasan_atomics+0x10/0x10 [ 26.329973] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.329999] ? __pfx_read_tsc+0x10/0x10 [ 26.330022] ? ktime_get_ts64+0x86/0x230 [ 26.330049] kunit_try_run_case+0x1a5/0x480 [ 26.330086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.330111] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.330134] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.330157] ? __kthread_parkme+0x82/0x180 [ 26.330180] ? preempt_count_sub+0x50/0x80 [ 26.330221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.330248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.330274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.330300] kthread+0x337/0x6f0 [ 26.330321] ? trace_preempt_on+0x20/0xc0 [ 26.330345] ? __pfx_kthread+0x10/0x10 [ 26.330367] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.330392] ? calculate_sigpending+0x7b/0xa0 [ 26.330418] ? __pfx_kthread+0x10/0x10 [ 26.330440] ret_from_fork+0x116/0x1d0 [ 26.330462] ? __pfx_kthread+0x10/0x10 [ 26.330484] ret_from_fork_asm+0x1a/0x30 [ 26.330516] </TASK> [ 26.330530] [ 26.338158] Allocated by task 314: [ 26.338352] kasan_save_stack+0x45/0x70 [ 26.338544] kasan_save_track+0x18/0x40 [ 26.338739] kasan_save_alloc_info+0x3b/0x50 [ 26.338907] __kasan_kmalloc+0xb7/0xc0 [ 26.339131] __kmalloc_cache_noprof+0x189/0x420 [ 26.339307] kasan_atomics+0x95/0x310 [ 26.339502] kunit_try_run_case+0x1a5/0x480 [ 26.339694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.339931] kthread+0x337/0x6f0 [ 26.340116] ret_from_fork+0x116/0x1d0 [ 26.340276] ret_from_fork_asm+0x1a/0x30 [ 26.340462] [ 26.340553] The buggy address belongs to the object at ffff888105a1e600 [ 26.340553] which belongs to the cache kmalloc-64 of size 64 [ 26.341107] The buggy address is located 0 bytes to the right of [ 26.341107] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.341493] [ 26.341563] The buggy address belongs to the physical page: [ 26.341734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.342009] flags: 0x200000000000000(node=0|zone=2) [ 26.342290] page_type: f5(slab) [ 26.342493] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.342874] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.343353] page dumped because: kasan: bad access detected [ 26.343579] [ 26.343644] Memory state around the buggy address: [ 26.343795] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.344150] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.344497] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.344861] ^ [ 26.345084] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.345364] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.345573] ================================================================== [ 26.384025] ================================================================== [ 26.384422] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 26.384756] Read of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.385380] [ 26.385501] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.385553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.385568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.385593] Call Trace: [ 26.385617] <TASK> [ 26.385639] dump_stack_lvl+0x73/0xb0 [ 26.385670] print_report+0xd1/0x650 [ 26.385694] ? __virt_addr_valid+0x1db/0x2d0 [ 26.385719] ? kasan_atomics_helper+0x49e8/0x5450 [ 26.385742] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.385770] ? kasan_atomics_helper+0x49e8/0x5450 [ 26.385794] kasan_report+0x141/0x180 [ 26.385817] ? kasan_atomics_helper+0x49e8/0x5450 [ 26.385850] __asan_report_load4_noabort+0x18/0x20 [ 26.385876] kasan_atomics_helper+0x49e8/0x5450 [ 26.385900] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.385923] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.385960] ? kasan_atomics+0x152/0x310 [ 26.385988] kasan_atomics+0x1dc/0x310 [ 26.386021] ? __pfx_kasan_atomics+0x10/0x10 [ 26.386045] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.386089] ? __pfx_read_tsc+0x10/0x10 [ 26.386113] ? ktime_get_ts64+0x86/0x230 [ 26.386150] kunit_try_run_case+0x1a5/0x480 [ 26.386178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.386213] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.386236] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.386259] ? __kthread_parkme+0x82/0x180 [ 26.386283] ? preempt_count_sub+0x50/0x80 [ 26.386308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.386336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.386361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.386387] kthread+0x337/0x6f0 [ 26.386408] ? trace_preempt_on+0x20/0xc0 [ 26.386433] ? __pfx_kthread+0x10/0x10 [ 26.386464] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.386490] ? calculate_sigpending+0x7b/0xa0 [ 26.386515] ? __pfx_kthread+0x10/0x10 [ 26.386548] ret_from_fork+0x116/0x1d0 [ 26.386569] ? __pfx_kthread+0x10/0x10 [ 26.386592] ret_from_fork_asm+0x1a/0x30 [ 26.386633] </TASK> [ 26.386647] [ 26.396426] Allocated by task 314: [ 26.396754] kasan_save_stack+0x45/0x70 [ 26.397177] kasan_save_track+0x18/0x40 [ 26.397446] kasan_save_alloc_info+0x3b/0x50 [ 26.397833] __kasan_kmalloc+0xb7/0xc0 [ 26.398265] __kmalloc_cache_noprof+0x189/0x420 [ 26.398568] kasan_atomics+0x95/0x310 [ 26.398861] kunit_try_run_case+0x1a5/0x480 [ 26.399268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.399636] kthread+0x337/0x6f0 [ 26.399806] ret_from_fork+0x116/0x1d0 [ 26.400252] ret_from_fork_asm+0x1a/0x30 [ 26.400504] [ 26.400754] The buggy address belongs to the object at ffff888105a1e600 [ 26.400754] which belongs to the cache kmalloc-64 of size 64 [ 26.401347] The buggy address is located 0 bytes to the right of [ 26.401347] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.401852] [ 26.402231] The buggy address belongs to the physical page: [ 26.402526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.403202] flags: 0x200000000000000(node=0|zone=2) [ 26.403440] page_type: f5(slab) [ 26.403596] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.403903] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.404221] page dumped because: kasan: bad access detected [ 26.404448] [ 26.404531] Memory state around the buggy address: [ 26.404736] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.405482] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.406182] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.406631] ^ [ 26.406975] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.407294] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.407580] ================================================================== [ 26.365909] ================================================================== [ 26.366356] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 26.366699] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.367137] [ 26.367250] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.367302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.367317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.367342] Call Trace: [ 26.367365] <TASK> [ 26.367388] dump_stack_lvl+0x73/0xb0 [ 26.367419] print_report+0xd1/0x650 [ 26.367443] ? __virt_addr_valid+0x1db/0x2d0 [ 26.367468] ? kasan_atomics_helper+0x1217/0x5450 [ 26.367491] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.367518] ? kasan_atomics_helper+0x1217/0x5450 [ 26.367541] kasan_report+0x141/0x180 [ 26.367564] ? kasan_atomics_helper+0x1217/0x5450 [ 26.367591] kasan_check_range+0x10c/0x1c0 [ 26.367616] __kasan_check_write+0x18/0x20 [ 26.367641] kasan_atomics_helper+0x1217/0x5450 [ 26.367664] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.367700] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.367728] ? kasan_atomics+0x152/0x310 [ 26.367767] kasan_atomics+0x1dc/0x310 [ 26.367791] ? __pfx_kasan_atomics+0x10/0x10 [ 26.367814] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.367841] ? __pfx_read_tsc+0x10/0x10 [ 26.367873] ? ktime_get_ts64+0x86/0x230 [ 26.367901] kunit_try_run_case+0x1a5/0x480 [ 26.367946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.367972] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.367995] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.368018] ? __kthread_parkme+0x82/0x180 [ 26.368041] ? preempt_count_sub+0x50/0x80 [ 26.368077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.368103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.368129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.368155] kthread+0x337/0x6f0 [ 26.368177] ? trace_preempt_on+0x20/0xc0 [ 26.368202] ? __pfx_kthread+0x10/0x10 [ 26.368224] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.368249] ? calculate_sigpending+0x7b/0xa0 [ 26.368275] ? __pfx_kthread+0x10/0x10 [ 26.368297] ret_from_fork+0x116/0x1d0 [ 26.368318] ? __pfx_kthread+0x10/0x10 [ 26.368349] ret_from_fork_asm+0x1a/0x30 [ 26.368382] </TASK> [ 26.368396] [ 26.376076] Allocated by task 314: [ 26.376260] kasan_save_stack+0x45/0x70 [ 26.376413] kasan_save_track+0x18/0x40 [ 26.376597] kasan_save_alloc_info+0x3b/0x50 [ 26.376781] __kasan_kmalloc+0xb7/0xc0 [ 26.376935] __kmalloc_cache_noprof+0x189/0x420 [ 26.377244] kasan_atomics+0x95/0x310 [ 26.377437] kunit_try_run_case+0x1a5/0x480 [ 26.377619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.377859] kthread+0x337/0x6f0 [ 26.378117] ret_from_fork+0x116/0x1d0 [ 26.378292] ret_from_fork_asm+0x1a/0x30 [ 26.378491] [ 26.378585] The buggy address belongs to the object at ffff888105a1e600 [ 26.378585] which belongs to the cache kmalloc-64 of size 64 [ 26.379072] The buggy address is located 0 bytes to the right of [ 26.379072] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.379549] [ 26.379643] The buggy address belongs to the physical page: [ 26.379891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.380190] flags: 0x200000000000000(node=0|zone=2) [ 26.380411] page_type: f5(slab) [ 26.380582] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.380882] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.381322] page dumped because: kasan: bad access detected [ 26.381578] [ 26.381671] Memory state around the buggy address: [ 26.381885] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.382219] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.382525] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.382832] ^ [ 26.383091] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.383333] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.383544] ================================================================== [ 26.912464] ================================================================== [ 26.912827] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 26.913708] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.914112] [ 26.914228] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.914285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.914301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.914328] Call Trace: [ 26.914352] <TASK> [ 26.914375] dump_stack_lvl+0x73/0xb0 [ 26.914415] print_report+0xd1/0x650 [ 26.914444] ? __virt_addr_valid+0x1db/0x2d0 [ 26.914471] ? kasan_atomics_helper+0x2006/0x5450 [ 26.914496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.914525] ? kasan_atomics_helper+0x2006/0x5450 [ 26.914549] kasan_report+0x141/0x180 [ 26.914573] ? kasan_atomics_helper+0x2006/0x5450 [ 26.914602] kasan_check_range+0x10c/0x1c0 [ 26.914631] __kasan_check_write+0x18/0x20 [ 26.914658] kasan_atomics_helper+0x2006/0x5450 [ 26.914683] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.914707] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.914736] ? kasan_atomics+0x152/0x310 [ 26.914765] kasan_atomics+0x1dc/0x310 [ 26.914790] ? __pfx_kasan_atomics+0x10/0x10 [ 26.914815] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.914842] ? __pfx_read_tsc+0x10/0x10 [ 26.914867] ? ktime_get_ts64+0x86/0x230 [ 26.914896] kunit_try_run_case+0x1a5/0x480 [ 26.914949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.914975] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.914999] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.915023] ? __kthread_parkme+0x82/0x180 [ 26.915047] ? preempt_count_sub+0x50/0x80 [ 26.915083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.915111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.915138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.915166] kthread+0x337/0x6f0 [ 26.915189] ? trace_preempt_on+0x20/0xc0 [ 26.915216] ? __pfx_kthread+0x10/0x10 [ 26.915239] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.915267] ? calculate_sigpending+0x7b/0xa0 [ 26.915295] ? __pfx_kthread+0x10/0x10 [ 26.915319] ret_from_fork+0x116/0x1d0 [ 26.915341] ? __pfx_kthread+0x10/0x10 [ 26.915365] ret_from_fork_asm+0x1a/0x30 [ 26.915400] </TASK> [ 26.915414] [ 26.922894] Allocated by task 314: [ 26.923075] kasan_save_stack+0x45/0x70 [ 26.923283] kasan_save_track+0x18/0x40 [ 26.923466] kasan_save_alloc_info+0x3b/0x50 [ 26.923657] __kasan_kmalloc+0xb7/0xc0 [ 26.923818] __kmalloc_cache_noprof+0x189/0x420 [ 26.924069] kasan_atomics+0x95/0x310 [ 26.924234] kunit_try_run_case+0x1a5/0x480 [ 26.924429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.924647] kthread+0x337/0x6f0 [ 26.924813] ret_from_fork+0x116/0x1d0 [ 26.924997] ret_from_fork_asm+0x1a/0x30 [ 26.925173] [ 26.925242] The buggy address belongs to the object at ffff888105a1e600 [ 26.925242] which belongs to the cache kmalloc-64 of size 64 [ 26.925600] The buggy address is located 0 bytes to the right of [ 26.925600] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.926001] [ 26.926083] The buggy address belongs to the physical page: [ 26.926343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.926699] flags: 0x200000000000000(node=0|zone=2) [ 26.926961] page_type: f5(slab) [ 26.927142] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.927487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.927830] page dumped because: kasan: bad access detected [ 26.928119] [ 26.928212] Memory state around the buggy address: [ 26.928440] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.928729] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.928985] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.929215] ^ [ 26.929371] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.929587] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.929859] ================================================================== [ 26.083587] ================================================================== [ 26.083983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 26.084288] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.084589] [ 26.084678] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.084730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.084745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.084769] Call Trace: [ 26.084791] <TASK> [ 26.084811] dump_stack_lvl+0x73/0xb0 [ 26.084841] print_report+0xd1/0x650 [ 26.084865] ? __virt_addr_valid+0x1db/0x2d0 [ 26.084891] ? kasan_atomics_helper+0xa2b/0x5450 [ 26.084936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.084965] ? kasan_atomics_helper+0xa2b/0x5450 [ 26.084988] kasan_report+0x141/0x180 [ 26.085012] ? kasan_atomics_helper+0xa2b/0x5450 [ 26.085040] kasan_check_range+0x10c/0x1c0 [ 26.085074] __kasan_check_write+0x18/0x20 [ 26.085101] kasan_atomics_helper+0xa2b/0x5450 [ 26.085127] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.085150] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.085178] ? kasan_atomics+0x152/0x310 [ 26.085215] kasan_atomics+0x1dc/0x310 [ 26.085240] ? __pfx_kasan_atomics+0x10/0x10 [ 26.085263] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.085301] ? __pfx_read_tsc+0x10/0x10 [ 26.085324] ? ktime_get_ts64+0x86/0x230 [ 26.085352] kunit_try_run_case+0x1a5/0x480 [ 26.085379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.085405] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.085429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.085453] ? __kthread_parkme+0x82/0x180 [ 26.085476] ? preempt_count_sub+0x50/0x80 [ 26.085501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.085528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.085555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.085581] kthread+0x337/0x6f0 [ 26.085603] ? trace_preempt_on+0x20/0xc0 [ 26.085630] ? __pfx_kthread+0x10/0x10 [ 26.085652] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.085678] ? calculate_sigpending+0x7b/0xa0 [ 26.085704] ? __pfx_kthread+0x10/0x10 [ 26.085728] ret_from_fork+0x116/0x1d0 [ 26.085749] ? __pfx_kthread+0x10/0x10 [ 26.085772] ret_from_fork_asm+0x1a/0x30 [ 26.085806] </TASK> [ 26.085825] [ 26.093321] Allocated by task 314: [ 26.093503] kasan_save_stack+0x45/0x70 [ 26.093688] kasan_save_track+0x18/0x40 [ 26.093828] kasan_save_alloc_info+0x3b/0x50 [ 26.094001] __kasan_kmalloc+0xb7/0xc0 [ 26.094150] __kmalloc_cache_noprof+0x189/0x420 [ 26.094305] kasan_atomics+0x95/0x310 [ 26.094435] kunit_try_run_case+0x1a5/0x480 [ 26.094580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.094753] kthread+0x337/0x6f0 [ 26.094870] ret_from_fork+0x116/0x1d0 [ 26.095025] ret_from_fork_asm+0x1a/0x30 [ 26.095172] [ 26.095266] The buggy address belongs to the object at ffff888105a1e600 [ 26.095266] which belongs to the cache kmalloc-64 of size 64 [ 26.095807] The buggy address is located 0 bytes to the right of [ 26.095807] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.096206] [ 26.096278] The buggy address belongs to the physical page: [ 26.096450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.096690] flags: 0x200000000000000(node=0|zone=2) [ 26.096911] page_type: f5(slab) [ 26.097123] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.097504] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.097867] page dumped because: kasan: bad access detected [ 26.098177] [ 26.098269] Memory state around the buggy address: [ 26.098494] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.098830] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.099196] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.099515] ^ [ 26.099666] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.100024] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.100313] ================================================================== [ 26.247894] ================================================================== [ 26.248324] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 26.248658] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.249013] [ 26.249134] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.249188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.249204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.249229] Call Trace: [ 26.249251] <TASK> [ 26.249275] dump_stack_lvl+0x73/0xb0 [ 26.249304] print_report+0xd1/0x650 [ 26.249329] ? __virt_addr_valid+0x1db/0x2d0 [ 26.249354] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.249376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.249404] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.249427] kasan_report+0x141/0x180 [ 26.249449] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.249476] kasan_check_range+0x10c/0x1c0 [ 26.249501] __kasan_check_write+0x18/0x20 [ 26.249526] kasan_atomics_helper+0xfa9/0x5450 [ 26.249549] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.249572] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.249599] ? kasan_atomics+0x152/0x310 [ 26.249625] kasan_atomics+0x1dc/0x310 [ 26.249649] ? __pfx_kasan_atomics+0x10/0x10 [ 26.249673] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.249699] ? __pfx_read_tsc+0x10/0x10 [ 26.249721] ? ktime_get_ts64+0x86/0x230 [ 26.249747] kunit_try_run_case+0x1a5/0x480 [ 26.249774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.249800] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.249827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.249860] ? __kthread_parkme+0x82/0x180 [ 26.249882] ? preempt_count_sub+0x50/0x80 [ 26.249907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.249968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.249993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.250031] kthread+0x337/0x6f0 [ 26.250052] ? trace_preempt_on+0x20/0xc0 [ 26.250088] ? __pfx_kthread+0x10/0x10 [ 26.250111] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.250138] ? calculate_sigpending+0x7b/0xa0 [ 26.250164] ? __pfx_kthread+0x10/0x10 [ 26.250196] ret_from_fork+0x116/0x1d0 [ 26.250217] ? __pfx_kthread+0x10/0x10 [ 26.250240] ret_from_fork_asm+0x1a/0x30 [ 26.250284] </TASK> [ 26.250298] [ 26.257951] Allocated by task 314: [ 26.258108] kasan_save_stack+0x45/0x70 [ 26.258255] kasan_save_track+0x18/0x40 [ 26.258465] kasan_save_alloc_info+0x3b/0x50 [ 26.258672] __kasan_kmalloc+0xb7/0xc0 [ 26.258853] __kmalloc_cache_noprof+0x189/0x420 [ 26.259104] kasan_atomics+0x95/0x310 [ 26.259289] kunit_try_run_case+0x1a5/0x480 [ 26.259492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.259738] kthread+0x337/0x6f0 [ 26.259902] ret_from_fork+0x116/0x1d0 [ 26.260096] ret_from_fork_asm+0x1a/0x30 [ 26.260301] [ 26.260385] The buggy address belongs to the object at ffff888105a1e600 [ 26.260385] which belongs to the cache kmalloc-64 of size 64 [ 26.260762] The buggy address is located 0 bytes to the right of [ 26.260762] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.261356] [ 26.261447] The buggy address belongs to the physical page: [ 26.261686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.262045] flags: 0x200000000000000(node=0|zone=2) [ 26.262287] page_type: f5(slab) [ 26.262452] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.262772] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.263118] page dumped because: kasan: bad access detected [ 26.263362] [ 26.263459] Memory state around the buggy address: [ 26.263658] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.263979] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.264291] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.264567] ^ [ 26.264784] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.265074] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.265285] ================================================================== [ 25.769384] ================================================================== [ 25.769777] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 25.770157] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 25.770443] [ 25.770587] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.770642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.770656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.770681] Call Trace: [ 25.770704] <TASK> [ 25.770725] dump_stack_lvl+0x73/0xb0 [ 25.770755] print_report+0xd1/0x650 [ 25.770778] ? __virt_addr_valid+0x1db/0x2d0 [ 25.770803] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.770825] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.770851] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.770873] kasan_report+0x141/0x180 [ 25.770895] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.770921] __asan_report_store4_noabort+0x1b/0x30 [ 25.770946] kasan_atomics_helper+0x4ba2/0x5450 [ 25.770969] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.770991] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.771025] ? kasan_atomics+0x152/0x310 [ 25.771052] kasan_atomics+0x1dc/0x310 [ 25.771085] ? __pfx_kasan_atomics+0x10/0x10 [ 25.771107] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.771132] ? __pfx_read_tsc+0x10/0x10 [ 25.771155] ? ktime_get_ts64+0x86/0x230 [ 25.771181] kunit_try_run_case+0x1a5/0x480 [ 25.771208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.771232] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.771254] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.771277] ? __kthread_parkme+0x82/0x180 [ 25.771309] ? preempt_count_sub+0x50/0x80 [ 25.771334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.771362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.771386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.771411] kthread+0x337/0x6f0 [ 25.771431] ? trace_preempt_on+0x20/0xc0 [ 25.771455] ? __pfx_kthread+0x10/0x10 [ 25.771477] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.771501] ? calculate_sigpending+0x7b/0xa0 [ 25.771526] ? __pfx_kthread+0x10/0x10 [ 25.771548] ret_from_fork+0x116/0x1d0 [ 25.771568] ? __pfx_kthread+0x10/0x10 [ 25.771588] ret_from_fork_asm+0x1a/0x30 [ 25.771620] </TASK> [ 25.771632] [ 25.779471] Allocated by task 314: [ 25.779634] kasan_save_stack+0x45/0x70 [ 25.779779] kasan_save_track+0x18/0x40 [ 25.779910] kasan_save_alloc_info+0x3b/0x50 [ 25.780126] __kasan_kmalloc+0xb7/0xc0 [ 25.780487] __kmalloc_cache_noprof+0x189/0x420 [ 25.780704] kasan_atomics+0x95/0x310 [ 25.780856] kunit_try_run_case+0x1a5/0x480 [ 25.781039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.781217] kthread+0x337/0x6f0 [ 25.781334] ret_from_fork+0x116/0x1d0 [ 25.781573] ret_from_fork_asm+0x1a/0x30 [ 25.781930] [ 25.782041] The buggy address belongs to the object at ffff888105a1e600 [ 25.782041] which belongs to the cache kmalloc-64 of size 64 [ 25.782472] The buggy address is located 0 bytes to the right of [ 25.782472] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 25.782831] [ 25.782900] The buggy address belongs to the physical page: [ 25.783241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 25.783596] flags: 0x200000000000000(node=0|zone=2) [ 25.783823] page_type: f5(slab) [ 25.784018] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.784463] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.784685] page dumped because: kasan: bad access detected [ 25.784851] [ 25.784914] Memory state around the buggy address: [ 25.785072] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.785568] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.786166] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.786500] ^ [ 25.786769] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.787044] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.787328] ================================================================== [ 26.011377] ================================================================== [ 26.011827] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 26.012231] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.012586] [ 26.012698] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.012752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.012778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.012803] Call Trace: [ 26.012819] <TASK> [ 26.012852] dump_stack_lvl+0x73/0xb0 [ 26.012884] print_report+0xd1/0x650 [ 26.012933] ? __virt_addr_valid+0x1db/0x2d0 [ 26.012970] ? kasan_atomics_helper+0x7c7/0x5450 [ 26.012994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.013022] ? kasan_atomics_helper+0x7c7/0x5450 [ 26.013057] kasan_report+0x141/0x180 [ 26.013090] ? kasan_atomics_helper+0x7c7/0x5450 [ 26.013117] kasan_check_range+0x10c/0x1c0 [ 26.013143] __kasan_check_write+0x18/0x20 [ 26.013168] kasan_atomics_helper+0x7c7/0x5450 [ 26.013192] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.013215] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.013252] ? kasan_atomics+0x152/0x310 [ 26.013280] kasan_atomics+0x1dc/0x310 [ 26.013304] ? __pfx_kasan_atomics+0x10/0x10 [ 26.013339] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.013366] ? __pfx_read_tsc+0x10/0x10 [ 26.013401] ? ktime_get_ts64+0x86/0x230 [ 26.013429] kunit_try_run_case+0x1a5/0x480 [ 26.013456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.013493] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.013516] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.013539] ? __kthread_parkme+0x82/0x180 [ 26.013562] ? preempt_count_sub+0x50/0x80 [ 26.013597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.013623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.013650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.013687] kthread+0x337/0x6f0 [ 26.013709] ? trace_preempt_on+0x20/0xc0 [ 26.013734] ? __pfx_kthread+0x10/0x10 [ 26.013757] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.013783] ? calculate_sigpending+0x7b/0xa0 [ 26.013809] ? __pfx_kthread+0x10/0x10 [ 26.013839] ret_from_fork+0x116/0x1d0 [ 26.013861] ? __pfx_kthread+0x10/0x10 [ 26.013883] ret_from_fork_asm+0x1a/0x30 [ 26.013942] </TASK> [ 26.013957] [ 26.021282] Allocated by task 314: [ 26.021471] kasan_save_stack+0x45/0x70 [ 26.021607] kasan_save_track+0x18/0x40 [ 26.021733] kasan_save_alloc_info+0x3b/0x50 [ 26.021877] __kasan_kmalloc+0xb7/0xc0 [ 26.022105] __kmalloc_cache_noprof+0x189/0x420 [ 26.022324] kasan_atomics+0x95/0x310 [ 26.022503] kunit_try_run_case+0x1a5/0x480 [ 26.022704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.022870] kthread+0x337/0x6f0 [ 26.023009] ret_from_fork+0x116/0x1d0 [ 26.023195] ret_from_fork_asm+0x1a/0x30 [ 26.023393] [ 26.023483] The buggy address belongs to the object at ffff888105a1e600 [ 26.023483] which belongs to the cache kmalloc-64 of size 64 [ 26.024053] The buggy address is located 0 bytes to the right of [ 26.024053] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.024576] [ 26.024671] The buggy address belongs to the physical page: [ 26.024888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.025271] flags: 0x200000000000000(node=0|zone=2) [ 26.025506] page_type: f5(slab) [ 26.025673] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.026024] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.026354] page dumped because: kasan: bad access detected [ 26.026607] [ 26.026674] Memory state around the buggy address: [ 26.026820] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.027042] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.027254] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.027553] ^ [ 26.027765] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.028113] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.028425] ================================================================== [ 26.139275] ================================================================== [ 26.139651] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 26.140416] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.140786] [ 26.140906] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.140991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.141007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.141033] Call Trace: [ 26.141076] <TASK> [ 26.141098] dump_stack_lvl+0x73/0xb0 [ 26.141131] print_report+0xd1/0x650 [ 26.141156] ? __virt_addr_valid+0x1db/0x2d0 [ 26.141183] ? kasan_atomics_helper+0xc70/0x5450 [ 26.141205] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.141243] ? kasan_atomics_helper+0xc70/0x5450 [ 26.141266] kasan_report+0x141/0x180 [ 26.141300] ? kasan_atomics_helper+0xc70/0x5450 [ 26.141327] kasan_check_range+0x10c/0x1c0 [ 26.141353] __kasan_check_write+0x18/0x20 [ 26.141377] kasan_atomics_helper+0xc70/0x5450 [ 26.141401] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.141425] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.141452] ? kasan_atomics+0x152/0x310 [ 26.141488] kasan_atomics+0x1dc/0x310 [ 26.141511] ? __pfx_kasan_atomics+0x10/0x10 [ 26.141545] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.141572] ? __pfx_read_tsc+0x10/0x10 [ 26.141596] ? ktime_get_ts64+0x86/0x230 [ 26.141623] kunit_try_run_case+0x1a5/0x480 [ 26.141651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.141685] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.141707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.141731] ? __kthread_parkme+0x82/0x180 [ 26.141764] ? preempt_count_sub+0x50/0x80 [ 26.141791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.141824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.141850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.141875] kthread+0x337/0x6f0 [ 26.141897] ? trace_preempt_on+0x20/0xc0 [ 26.141940] ? __pfx_kthread+0x10/0x10 [ 26.141963] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.141989] ? calculate_sigpending+0x7b/0xa0 [ 26.142014] ? __pfx_kthread+0x10/0x10 [ 26.142037] ret_from_fork+0x116/0x1d0 [ 26.142058] ? __pfx_kthread+0x10/0x10 [ 26.142089] ret_from_fork_asm+0x1a/0x30 [ 26.142122] </TASK> [ 26.142136] [ 26.149565] Allocated by task 314: [ 26.149753] kasan_save_stack+0x45/0x70 [ 26.149975] kasan_save_track+0x18/0x40 [ 26.150184] kasan_save_alloc_info+0x3b/0x50 [ 26.150381] __kasan_kmalloc+0xb7/0xc0 [ 26.150509] __kmalloc_cache_noprof+0x189/0x420 [ 26.150709] kasan_atomics+0x95/0x310 [ 26.150901] kunit_try_run_case+0x1a5/0x480 [ 26.151138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.151360] kthread+0x337/0x6f0 [ 26.151503] ret_from_fork+0x116/0x1d0 [ 26.151686] ret_from_fork_asm+0x1a/0x30 [ 26.151893] [ 26.151994] The buggy address belongs to the object at ffff888105a1e600 [ 26.151994] which belongs to the cache kmalloc-64 of size 64 [ 26.152478] The buggy address is located 0 bytes to the right of [ 26.152478] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.153018] [ 26.153106] The buggy address belongs to the physical page: [ 26.153361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.153683] flags: 0x200000000000000(node=0|zone=2) [ 26.153851] page_type: f5(slab) [ 26.153996] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.154346] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.154675] page dumped because: kasan: bad access detected [ 26.154945] [ 26.155048] Memory state around the buggy address: [ 26.155262] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.155573] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.155798] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.156032] ^ [ 26.156220] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.156558] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.156898] ================================================================== [ 25.932895] ================================================================== [ 25.933253] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 25.934099] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 25.934422] [ 25.934544] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.934599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.934626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.934652] Call Trace: [ 25.934676] <TASK> [ 25.934710] dump_stack_lvl+0x73/0xb0 [ 25.934742] print_report+0xd1/0x650 [ 25.934778] ? __virt_addr_valid+0x1db/0x2d0 [ 25.934804] ? kasan_atomics_helper+0x565/0x5450 [ 25.934826] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.934865] ? kasan_atomics_helper+0x565/0x5450 [ 25.934889] kasan_report+0x141/0x180 [ 25.934913] ? kasan_atomics_helper+0x565/0x5450 [ 25.934950] kasan_check_range+0x10c/0x1c0 [ 25.934975] __kasan_check_write+0x18/0x20 [ 25.935007] kasan_atomics_helper+0x565/0x5450 [ 25.935031] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.935054] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.935100] ? kasan_atomics+0x152/0x310 [ 25.935128] kasan_atomics+0x1dc/0x310 [ 25.935153] ? __pfx_kasan_atomics+0x10/0x10 [ 25.935185] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.935212] ? __pfx_read_tsc+0x10/0x10 [ 25.935235] ? ktime_get_ts64+0x86/0x230 [ 25.935273] kunit_try_run_case+0x1a5/0x480 [ 25.935302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.935327] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.935349] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.935374] ? __kthread_parkme+0x82/0x180 [ 25.935396] ? preempt_count_sub+0x50/0x80 [ 25.935422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.935449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.935485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.935511] kthread+0x337/0x6f0 [ 25.935532] ? trace_preempt_on+0x20/0xc0 [ 25.935568] ? __pfx_kthread+0x10/0x10 [ 25.935590] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.935616] ? calculate_sigpending+0x7b/0xa0 [ 25.935642] ? __pfx_kthread+0x10/0x10 [ 25.935665] ret_from_fork+0x116/0x1d0 [ 25.935686] ? __pfx_kthread+0x10/0x10 [ 25.935708] ret_from_fork_asm+0x1a/0x30 [ 25.935742] </TASK> [ 25.935756] [ 25.943479] Allocated by task 314: [ 25.943659] kasan_save_stack+0x45/0x70 [ 25.943837] kasan_save_track+0x18/0x40 [ 25.943971] kasan_save_alloc_info+0x3b/0x50 [ 25.944130] __kasan_kmalloc+0xb7/0xc0 [ 25.944260] __kmalloc_cache_noprof+0x189/0x420 [ 25.944413] kasan_atomics+0x95/0x310 [ 25.944561] kunit_try_run_case+0x1a5/0x480 [ 25.944785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.945080] kthread+0x337/0x6f0 [ 25.945323] ret_from_fork+0x116/0x1d0 [ 25.945512] ret_from_fork_asm+0x1a/0x30 [ 25.945708] [ 25.945799] The buggy address belongs to the object at ffff888105a1e600 [ 25.945799] which belongs to the cache kmalloc-64 of size 64 [ 25.946778] The buggy address is located 0 bytes to the right of [ 25.946778] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 25.947358] [ 25.947451] The buggy address belongs to the physical page: [ 25.947677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 25.948071] flags: 0x200000000000000(node=0|zone=2) [ 25.948234] page_type: f5(slab) [ 25.948356] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.948586] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.948810] page dumped because: kasan: bad access detected [ 25.949095] [ 25.949187] Memory state around the buggy address: [ 25.949410] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.949737] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.950069] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.950324] ^ [ 25.950477] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.950690] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.950900] ================================================================== [ 26.157742] ================================================================== [ 26.158125] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 26.158470] Read of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.158798] [ 26.158931] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.158994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.159009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.159044] Call Trace: [ 26.159075] <TASK> [ 26.159096] dump_stack_lvl+0x73/0xb0 [ 26.159127] print_report+0xd1/0x650 [ 26.159161] ? __virt_addr_valid+0x1db/0x2d0 [ 26.159186] ? kasan_atomics_helper+0x4a84/0x5450 [ 26.159208] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.159246] ? kasan_atomics_helper+0x4a84/0x5450 [ 26.159269] kasan_report+0x141/0x180 [ 26.159293] ? kasan_atomics_helper+0x4a84/0x5450 [ 26.159321] __asan_report_load4_noabort+0x18/0x20 [ 26.159356] kasan_atomics_helper+0x4a84/0x5450 [ 26.159380] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.159406] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.159446] ? kasan_atomics+0x152/0x310 [ 26.159476] kasan_atomics+0x1dc/0x310 [ 26.159500] ? __pfx_kasan_atomics+0x10/0x10 [ 26.159524] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.159551] ? __pfx_read_tsc+0x10/0x10 [ 26.159574] ? ktime_get_ts64+0x86/0x230 [ 26.159602] kunit_try_run_case+0x1a5/0x480 [ 26.159629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.159657] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.159680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.159704] ? __kthread_parkme+0x82/0x180 [ 26.159727] ? preempt_count_sub+0x50/0x80 [ 26.159752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.159778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.159803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.159830] kthread+0x337/0x6f0 [ 26.159851] ? trace_preempt_on+0x20/0xc0 [ 26.159876] ? __pfx_kthread+0x10/0x10 [ 26.159898] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.159942] ? calculate_sigpending+0x7b/0xa0 [ 26.159977] ? __pfx_kthread+0x10/0x10 [ 26.160001] ret_from_fork+0x116/0x1d0 [ 26.160021] ? __pfx_kthread+0x10/0x10 [ 26.160054] ret_from_fork_asm+0x1a/0x30 [ 26.160095] </TASK> [ 26.160109] [ 26.167390] Allocated by task 314: [ 26.167569] kasan_save_stack+0x45/0x70 [ 26.167712] kasan_save_track+0x18/0x40 [ 26.167843] kasan_save_alloc_info+0x3b/0x50 [ 26.168014] __kasan_kmalloc+0xb7/0xc0 [ 26.168211] __kmalloc_cache_noprof+0x189/0x420 [ 26.168441] kasan_atomics+0x95/0x310 [ 26.168622] kunit_try_run_case+0x1a5/0x480 [ 26.168841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.169096] kthread+0x337/0x6f0 [ 26.169269] ret_from_fork+0x116/0x1d0 [ 26.169454] ret_from_fork_asm+0x1a/0x30 [ 26.169590] [ 26.169658] The buggy address belongs to the object at ffff888105a1e600 [ 26.169658] which belongs to the cache kmalloc-64 of size 64 [ 26.170106] The buggy address is located 0 bytes to the right of [ 26.170106] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.170707] [ 26.170817] The buggy address belongs to the physical page: [ 26.171109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.171392] flags: 0x200000000000000(node=0|zone=2) [ 26.171641] page_type: f5(slab) [ 26.171821] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.172165] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.172473] page dumped because: kasan: bad access detected [ 26.172717] [ 26.172810] Memory state around the buggy address: [ 26.173053] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.173369] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.173620] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.173831] ^ [ 26.174008] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.174345] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.174652] ================================================================== [ 26.475653] ================================================================== [ 26.476132] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 26.476468] Read of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.476750] [ 26.476862] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.476925] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.476949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.476984] Call Trace: [ 26.477006] <TASK> [ 26.477028] dump_stack_lvl+0x73/0xb0 [ 26.477058] print_report+0xd1/0x650 [ 26.477091] ? __virt_addr_valid+0x1db/0x2d0 [ 26.477117] ? kasan_atomics_helper+0x4eae/0x5450 [ 26.477140] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.477168] ? kasan_atomics_helper+0x4eae/0x5450 [ 26.477191] kasan_report+0x141/0x180 [ 26.477214] ? kasan_atomics_helper+0x4eae/0x5450 [ 26.477241] __asan_report_load8_noabort+0x18/0x20 [ 26.477266] kasan_atomics_helper+0x4eae/0x5450 [ 26.477298] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.477321] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.477359] ? kasan_atomics+0x152/0x310 [ 26.477385] kasan_atomics+0x1dc/0x310 [ 26.477409] ? __pfx_kasan_atomics+0x10/0x10 [ 26.477431] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.477457] ? __pfx_read_tsc+0x10/0x10 [ 26.477480] ? ktime_get_ts64+0x86/0x230 [ 26.477506] kunit_try_run_case+0x1a5/0x480 [ 26.477533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.477558] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.477580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.477603] ? __kthread_parkme+0x82/0x180 [ 26.477625] ? preempt_count_sub+0x50/0x80 [ 26.477649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.477675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.477701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.477726] kthread+0x337/0x6f0 [ 26.477747] ? trace_preempt_on+0x20/0xc0 [ 26.477771] ? __pfx_kthread+0x10/0x10 [ 26.477794] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.477823] ? calculate_sigpending+0x7b/0xa0 [ 26.477848] ? __pfx_kthread+0x10/0x10 [ 26.477870] ret_from_fork+0x116/0x1d0 [ 26.477891] ? __pfx_kthread+0x10/0x10 [ 26.477913] ret_from_fork_asm+0x1a/0x30 [ 26.477946] </TASK> [ 26.477969] [ 26.485485] Allocated by task 314: [ 26.486425] kasan_save_stack+0x45/0x70 [ 26.486664] kasan_save_track+0x18/0x40 [ 26.486862] kasan_save_alloc_info+0x3b/0x50 [ 26.487423] __kasan_kmalloc+0xb7/0xc0 [ 26.487838] __kmalloc_cache_noprof+0x189/0x420 [ 26.488154] kasan_atomics+0x95/0x310 [ 26.488680] kunit_try_run_case+0x1a5/0x480 [ 26.488978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.489408] kthread+0x337/0x6f0 [ 26.489701] ret_from_fork+0x116/0x1d0 [ 26.490092] ret_from_fork_asm+0x1a/0x30 [ 26.490292] [ 26.490379] The buggy address belongs to the object at ffff888105a1e600 [ 26.490379] which belongs to the cache kmalloc-64 of size 64 [ 26.490870] The buggy address is located 0 bytes to the right of [ 26.490870] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.491655] [ 26.491757] The buggy address belongs to the physical page: [ 26.492320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.492804] flags: 0x200000000000000(node=0|zone=2) [ 26.493229] page_type: f5(slab) [ 26.493547] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.494173] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.494677] page dumped because: kasan: bad access detected [ 26.495142] [ 26.495372] Memory state around the buggy address: [ 26.495605] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.495894] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.496482] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.497104] ^ [ 26.497585] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.498055] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.498560] ================================================================== [ 26.558839] ================================================================== [ 26.559235] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 26.559517] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.559762] [ 26.559875] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.559938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.559953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.559991] Call Trace: [ 26.560014] <TASK> [ 26.560035] dump_stack_lvl+0x73/0xb0 [ 26.560077] print_report+0xd1/0x650 [ 26.560101] ? __virt_addr_valid+0x1db/0x2d0 [ 26.560128] ? kasan_atomics_helper+0x15b6/0x5450 [ 26.560151] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.560179] ? kasan_atomics_helper+0x15b6/0x5450 [ 26.560202] kasan_report+0x141/0x180 [ 26.560226] ? kasan_atomics_helper+0x15b6/0x5450 [ 26.560252] kasan_check_range+0x10c/0x1c0 [ 26.560277] __kasan_check_write+0x18/0x20 [ 26.560302] kasan_atomics_helper+0x15b6/0x5450 [ 26.560325] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.560348] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.560375] ? kasan_atomics+0x152/0x310 [ 26.560402] kasan_atomics+0x1dc/0x310 [ 26.560426] ? __pfx_kasan_atomics+0x10/0x10 [ 26.560448] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.560474] ? __pfx_read_tsc+0x10/0x10 [ 26.560498] ? ktime_get_ts64+0x86/0x230 [ 26.560524] kunit_try_run_case+0x1a5/0x480 [ 26.560551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.560575] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.560598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.560629] ? __kthread_parkme+0x82/0x180 [ 26.560662] ? preempt_count_sub+0x50/0x80 [ 26.560688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.560714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.560750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.560777] kthread+0x337/0x6f0 [ 26.560798] ? trace_preempt_on+0x20/0xc0 [ 26.560824] ? __pfx_kthread+0x10/0x10 [ 26.560846] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.560872] ? calculate_sigpending+0x7b/0xa0 [ 26.560898] ? __pfx_kthread+0x10/0x10 [ 26.560921] ret_from_fork+0x116/0x1d0 [ 26.560941] ? __pfx_kthread+0x10/0x10 [ 26.560964] ret_from_fork_asm+0x1a/0x30 [ 26.560996] </TASK> [ 26.561010] [ 26.568536] Allocated by task 314: [ 26.568693] kasan_save_stack+0x45/0x70 [ 26.568879] kasan_save_track+0x18/0x40 [ 26.569145] kasan_save_alloc_info+0x3b/0x50 [ 26.569344] __kasan_kmalloc+0xb7/0xc0 [ 26.569521] __kmalloc_cache_noprof+0x189/0x420 [ 26.569720] kasan_atomics+0x95/0x310 [ 26.569899] kunit_try_run_case+0x1a5/0x480 [ 26.570102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.570318] kthread+0x337/0x6f0 [ 26.570445] ret_from_fork+0x116/0x1d0 [ 26.570668] ret_from_fork_asm+0x1a/0x30 [ 26.570856] [ 26.570926] The buggy address belongs to the object at ffff888105a1e600 [ 26.570926] which belongs to the cache kmalloc-64 of size 64 [ 26.571453] The buggy address is located 0 bytes to the right of [ 26.571453] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.571956] [ 26.572053] The buggy address belongs to the physical page: [ 26.572279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.572619] flags: 0x200000000000000(node=0|zone=2) [ 26.572838] page_type: f5(slab) [ 26.573048] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.573379] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.573636] page dumped because: kasan: bad access detected [ 26.573805] [ 26.573874] Memory state around the buggy address: [ 26.574026] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.574248] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.574460] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.574767] ^ [ 26.575154] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.575488] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.575797] ================================================================== [ 27.003751] ================================================================== [ 27.004108] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 27.004447] Read of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 27.004750] [ 27.004842] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 27.004896] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.004912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.004957] Call Trace: [ 27.004980] <TASK> [ 27.005002] dump_stack_lvl+0x73/0xb0 [ 27.005034] print_report+0xd1/0x650 [ 27.005068] ? __virt_addr_valid+0x1db/0x2d0 [ 27.005098] ? kasan_atomics_helper+0x4fa5/0x5450 [ 27.005122] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.005151] ? kasan_atomics_helper+0x4fa5/0x5450 [ 27.005175] kasan_report+0x141/0x180 [ 27.005198] ? kasan_atomics_helper+0x4fa5/0x5450 [ 27.005227] __asan_report_load8_noabort+0x18/0x20 [ 27.005254] kasan_atomics_helper+0x4fa5/0x5450 [ 27.005280] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.005305] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.005332] ? kasan_atomics+0x152/0x310 [ 27.005360] kasan_atomics+0x1dc/0x310 [ 27.005385] ? __pfx_kasan_atomics+0x10/0x10 [ 27.005433] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 27.005461] ? __pfx_read_tsc+0x10/0x10 [ 27.005486] ? ktime_get_ts64+0x86/0x230 [ 27.005515] kunit_try_run_case+0x1a5/0x480 [ 27.005543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.005569] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 27.005610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.005635] ? __kthread_parkme+0x82/0x180 [ 27.005658] ? preempt_count_sub+0x50/0x80 [ 27.005684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.005712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.005740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.005766] kthread+0x337/0x6f0 [ 27.005788] ? trace_preempt_on+0x20/0xc0 [ 27.005814] ? __pfx_kthread+0x10/0x10 [ 27.005857] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.005884] ? calculate_sigpending+0x7b/0xa0 [ 27.005942] ? __pfx_kthread+0x10/0x10 [ 27.005967] ret_from_fork+0x116/0x1d0 [ 27.005989] ? __pfx_kthread+0x10/0x10 [ 27.006012] ret_from_fork_asm+0x1a/0x30 [ 27.006044] </TASK> [ 27.006068] [ 27.013236] Allocated by task 314: [ 27.013418] kasan_save_stack+0x45/0x70 [ 27.013637] kasan_save_track+0x18/0x40 [ 27.013842] kasan_save_alloc_info+0x3b/0x50 [ 27.014131] __kasan_kmalloc+0xb7/0xc0 [ 27.014323] __kmalloc_cache_noprof+0x189/0x420 [ 27.014570] kasan_atomics+0x95/0x310 [ 27.014736] kunit_try_run_case+0x1a5/0x480 [ 27.014899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.015181] kthread+0x337/0x6f0 [ 27.015351] ret_from_fork+0x116/0x1d0 [ 27.015492] ret_from_fork_asm+0x1a/0x30 [ 27.015633] [ 27.015701] The buggy address belongs to the object at ffff888105a1e600 [ 27.015701] which belongs to the cache kmalloc-64 of size 64 [ 27.016168] The buggy address is located 0 bytes to the right of [ 27.016168] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 27.016727] [ 27.016824] The buggy address belongs to the physical page: [ 27.017104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 27.017348] flags: 0x200000000000000(node=0|zone=2) [ 27.017511] page_type: f5(slab) [ 27.017669] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.018080] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.018441] page dumped because: kasan: bad access detected [ 27.018698] [ 27.018791] Memory state around the buggy address: [ 27.019070] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.019367] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.019670] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.019980] ^ [ 27.020157] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.020373] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.020695] ================================================================== [ 26.706750] ================================================================== [ 26.707100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 26.707617] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.707849] [ 26.707990] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.708051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.708083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.708108] Call Trace: [ 26.708131] <TASK> [ 26.708162] dump_stack_lvl+0x73/0xb0 [ 26.708192] print_report+0xd1/0x650 [ 26.708217] ? __virt_addr_valid+0x1db/0x2d0 [ 26.708243] ? kasan_atomics_helper+0x19e3/0x5450 [ 26.708265] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.708293] ? kasan_atomics_helper+0x19e3/0x5450 [ 26.708318] kasan_report+0x141/0x180 [ 26.708342] ? kasan_atomics_helper+0x19e3/0x5450 [ 26.708370] kasan_check_range+0x10c/0x1c0 [ 26.708395] __kasan_check_write+0x18/0x20 [ 26.708420] kasan_atomics_helper+0x19e3/0x5450 [ 26.708444] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.708478] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.708505] ? kasan_atomics+0x152/0x310 [ 26.708544] kasan_atomics+0x1dc/0x310 [ 26.708568] ? __pfx_kasan_atomics+0x10/0x10 [ 26.708591] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.708630] ? __pfx_read_tsc+0x10/0x10 [ 26.708653] ? ktime_get_ts64+0x86/0x230 [ 26.708679] kunit_try_run_case+0x1a5/0x480 [ 26.708718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.708742] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.708777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.708800] ? __kthread_parkme+0x82/0x180 [ 26.708822] ? preempt_count_sub+0x50/0x80 [ 26.708859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.708885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.708911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.708967] kthread+0x337/0x6f0 [ 26.708988] ? trace_preempt_on+0x20/0xc0 [ 26.709014] ? __pfx_kthread+0x10/0x10 [ 26.709046] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.709081] ? calculate_sigpending+0x7b/0xa0 [ 26.709107] ? __pfx_kthread+0x10/0x10 [ 26.709130] ret_from_fork+0x116/0x1d0 [ 26.709151] ? __pfx_kthread+0x10/0x10 [ 26.709173] ret_from_fork_asm+0x1a/0x30 [ 26.709205] </TASK> [ 26.709219] [ 26.716880] Allocated by task 314: [ 26.717180] kasan_save_stack+0x45/0x70 [ 26.717397] kasan_save_track+0x18/0x40 [ 26.717641] kasan_save_alloc_info+0x3b/0x50 [ 26.717858] __kasan_kmalloc+0xb7/0xc0 [ 26.718141] __kmalloc_cache_noprof+0x189/0x420 [ 26.718370] kasan_atomics+0x95/0x310 [ 26.718511] kunit_try_run_case+0x1a5/0x480 [ 26.718664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.718837] kthread+0x337/0x6f0 [ 26.719038] ret_from_fork+0x116/0x1d0 [ 26.719232] ret_from_fork_asm+0x1a/0x30 [ 26.719455] [ 26.719552] The buggy address belongs to the object at ffff888105a1e600 [ 26.719552] which belongs to the cache kmalloc-64 of size 64 [ 26.720109] The buggy address is located 0 bytes to the right of [ 26.720109] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.720613] [ 26.720695] The buggy address belongs to the physical page: [ 26.720964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.721229] flags: 0x200000000000000(node=0|zone=2) [ 26.721392] page_type: f5(slab) [ 26.721511] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.721736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.722041] page dumped because: kasan: bad access detected [ 26.722297] [ 26.722385] Memory state around the buggy address: [ 26.722603] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.722914] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.723346] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.723656] ^ [ 26.723825] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.724327] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.724548] ================================================================== [ 27.021675] ================================================================== [ 27.022207] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 27.022533] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 27.022823] [ 27.022938] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 27.022991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.023008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.023031] Call Trace: [ 27.023054] <TASK> [ 27.023087] dump_stack_lvl+0x73/0xb0 [ 27.023117] print_report+0xd1/0x650 [ 27.023141] ? __virt_addr_valid+0x1db/0x2d0 [ 27.023167] ? kasan_atomics_helper+0x224c/0x5450 [ 27.023190] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.023218] ? kasan_atomics_helper+0x224c/0x5450 [ 27.023243] kasan_report+0x141/0x180 [ 27.023266] ? kasan_atomics_helper+0x224c/0x5450 [ 27.023293] kasan_check_range+0x10c/0x1c0 [ 27.023318] __kasan_check_write+0x18/0x20 [ 27.023343] kasan_atomics_helper+0x224c/0x5450 [ 27.023367] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.023390] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.023418] ? kasan_atomics+0x152/0x310 [ 27.023445] kasan_atomics+0x1dc/0x310 [ 27.023469] ? __pfx_kasan_atomics+0x10/0x10 [ 27.023493] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 27.023519] ? __pfx_read_tsc+0x10/0x10 [ 27.023543] ? ktime_get_ts64+0x86/0x230 [ 27.023570] kunit_try_run_case+0x1a5/0x480 [ 27.023598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.023623] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 27.023645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.023669] ? __kthread_parkme+0x82/0x180 [ 27.023691] ? preempt_count_sub+0x50/0x80 [ 27.023716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.023742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.023768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.023794] kthread+0x337/0x6f0 [ 27.023815] ? trace_preempt_on+0x20/0xc0 [ 27.023840] ? __pfx_kthread+0x10/0x10 [ 27.023861] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.023888] ? calculate_sigpending+0x7b/0xa0 [ 27.024542] ? __pfx_kthread+0x10/0x10 [ 27.024568] ret_from_fork+0x116/0x1d0 [ 27.024599] ? __pfx_kthread+0x10/0x10 [ 27.024622] ret_from_fork_asm+0x1a/0x30 [ 27.024655] </TASK> [ 27.024671] [ 27.035539] Allocated by task 314: [ 27.035717] kasan_save_stack+0x45/0x70 [ 27.035908] kasan_save_track+0x18/0x40 [ 27.036477] kasan_save_alloc_info+0x3b/0x50 [ 27.036819] __kasan_kmalloc+0xb7/0xc0 [ 27.037114] __kmalloc_cache_noprof+0x189/0x420 [ 27.037510] kasan_atomics+0x95/0x310 [ 27.037694] kunit_try_run_case+0x1a5/0x480 [ 27.037900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.038427] kthread+0x337/0x6f0 [ 27.038712] ret_from_fork+0x116/0x1d0 [ 27.038912] ret_from_fork_asm+0x1a/0x30 [ 27.039273] [ 27.039364] The buggy address belongs to the object at ffff888105a1e600 [ 27.039364] which belongs to the cache kmalloc-64 of size 64 [ 27.039854] The buggy address is located 0 bytes to the right of [ 27.039854] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 27.040820] [ 27.041069] The buggy address belongs to the physical page: [ 27.041578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 27.042178] flags: 0x200000000000000(node=0|zone=2) [ 27.042427] page_type: f5(slab) [ 27.042590] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.042905] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.043222] page dumped because: kasan: bad access detected [ 27.043455] [ 27.043542] Memory state around the buggy address: [ 27.043752] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.044453] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.045043] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.045551] ^ [ 27.045908] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.046510] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.047045] ================================================================== [ 25.814687] ================================================================== [ 25.815192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 25.815493] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 25.815870] [ 25.816029] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.816095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.816111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.816136] Call Trace: [ 25.816160] <TASK> [ 25.816243] dump_stack_lvl+0x73/0xb0 [ 25.816279] print_report+0xd1/0x650 [ 25.816339] ? __virt_addr_valid+0x1db/0x2d0 [ 25.816369] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.816392] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.816431] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.816454] kasan_report+0x141/0x180 [ 25.816504] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.816531] __asan_report_store4_noabort+0x1b/0x30 [ 25.816558] kasan_atomics_helper+0x4b6e/0x5450 [ 25.816592] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.816616] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.816669] ? kasan_atomics+0x152/0x310 [ 25.816697] kasan_atomics+0x1dc/0x310 [ 25.816732] ? __pfx_kasan_atomics+0x10/0x10 [ 25.816756] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.816782] ? __pfx_read_tsc+0x10/0x10 [ 25.816806] ? ktime_get_ts64+0x86/0x230 [ 25.816833] kunit_try_run_case+0x1a5/0x480 [ 25.816860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.816886] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.816938] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.816976] ? __kthread_parkme+0x82/0x180 [ 25.817010] ? preempt_count_sub+0x50/0x80 [ 25.817036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.817072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.817114] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.817141] kthread+0x337/0x6f0 [ 25.817171] ? trace_preempt_on+0x20/0xc0 [ 25.817259] ? __pfx_kthread+0x10/0x10 [ 25.817283] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.817309] ? calculate_sigpending+0x7b/0xa0 [ 25.817335] ? __pfx_kthread+0x10/0x10 [ 25.817358] ret_from_fork+0x116/0x1d0 [ 25.817379] ? __pfx_kthread+0x10/0x10 [ 25.817401] ret_from_fork_asm+0x1a/0x30 [ 25.817434] </TASK> [ 25.817448] [ 25.826804] Allocated by task 314: [ 25.827052] kasan_save_stack+0x45/0x70 [ 25.827357] kasan_save_track+0x18/0x40 [ 25.827608] kasan_save_alloc_info+0x3b/0x50 [ 25.827799] __kasan_kmalloc+0xb7/0xc0 [ 25.828103] __kmalloc_cache_noprof+0x189/0x420 [ 25.828398] kasan_atomics+0x95/0x310 [ 25.828593] kunit_try_run_case+0x1a5/0x480 [ 25.828870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.829210] kthread+0x337/0x6f0 [ 25.829444] ret_from_fork+0x116/0x1d0 [ 25.829827] ret_from_fork_asm+0x1a/0x30 [ 25.830114] [ 25.830274] The buggy address belongs to the object at ffff888105a1e600 [ 25.830274] which belongs to the cache kmalloc-64 of size 64 [ 25.830842] The buggy address is located 0 bytes to the right of [ 25.830842] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 25.831448] [ 25.831521] The buggy address belongs to the physical page: [ 25.831801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 25.832375] flags: 0x200000000000000(node=0|zone=2) [ 25.832617] page_type: f5(slab) [ 25.832787] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.833503] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.833831] page dumped because: kasan: bad access detected [ 25.834000] [ 25.834083] Memory state around the buggy address: [ 25.834361] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.835085] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.835665] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.835887] ^ [ 25.836043] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.836378] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.837103] ================================================================== [ 26.211023] ================================================================== [ 26.211531] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 26.211863] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.212174] [ 26.212261] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.212314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.212329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.212354] Call Trace: [ 26.212376] <TASK> [ 26.212396] dump_stack_lvl+0x73/0xb0 [ 26.212425] print_report+0xd1/0x650 [ 26.212449] ? __virt_addr_valid+0x1db/0x2d0 [ 26.212475] ? kasan_atomics_helper+0xe78/0x5450 [ 26.212497] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.212524] ? kasan_atomics_helper+0xe78/0x5450 [ 26.212549] kasan_report+0x141/0x180 [ 26.212574] ? kasan_atomics_helper+0xe78/0x5450 [ 26.212602] kasan_check_range+0x10c/0x1c0 [ 26.212629] __kasan_check_write+0x18/0x20 [ 26.212653] kasan_atomics_helper+0xe78/0x5450 [ 26.212676] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.212700] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.212727] ? kasan_atomics+0x152/0x310 [ 26.212755] kasan_atomics+0x1dc/0x310 [ 26.212778] ? __pfx_kasan_atomics+0x10/0x10 [ 26.212801] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.212827] ? __pfx_read_tsc+0x10/0x10 [ 26.212850] ? ktime_get_ts64+0x86/0x230 [ 26.212877] kunit_try_run_case+0x1a5/0x480 [ 26.212905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.212954] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.212977] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.213010] ? __kthread_parkme+0x82/0x180 [ 26.213033] ? preempt_count_sub+0x50/0x80 [ 26.213074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.213101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.213130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.213160] kthread+0x337/0x6f0 [ 26.213181] ? trace_preempt_on+0x20/0xc0 [ 26.213206] ? __pfx_kthread+0x10/0x10 [ 26.213229] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.213255] ? calculate_sigpending+0x7b/0xa0 [ 26.213279] ? __pfx_kthread+0x10/0x10 [ 26.213303] ret_from_fork+0x116/0x1d0 [ 26.213323] ? __pfx_kthread+0x10/0x10 [ 26.213346] ret_from_fork_asm+0x1a/0x30 [ 26.213379] </TASK> [ 26.213394] [ 26.220833] Allocated by task 314: [ 26.221070] kasan_save_stack+0x45/0x70 [ 26.221268] kasan_save_track+0x18/0x40 [ 26.221448] kasan_save_alloc_info+0x3b/0x50 [ 26.221651] __kasan_kmalloc+0xb7/0xc0 [ 26.221840] __kmalloc_cache_noprof+0x189/0x420 [ 26.222094] kasan_atomics+0x95/0x310 [ 26.222268] kunit_try_run_case+0x1a5/0x480 [ 26.222490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.222749] kthread+0x337/0x6f0 [ 26.222895] ret_from_fork+0x116/0x1d0 [ 26.223128] ret_from_fork_asm+0x1a/0x30 [ 26.223337] [ 26.223405] The buggy address belongs to the object at ffff888105a1e600 [ 26.223405] which belongs to the cache kmalloc-64 of size 64 [ 26.223756] The buggy address is located 0 bytes to the right of [ 26.223756] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.224147] [ 26.224218] The buggy address belongs to the physical page: [ 26.224387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.224685] flags: 0x200000000000000(node=0|zone=2) [ 26.224950] page_type: f5(slab) [ 26.225125] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.225457] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.225783] page dumped because: kasan: bad access detected [ 26.226077] [ 26.226167] Memory state around the buggy address: [ 26.226390] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.226718] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.227078] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.227414] ^ [ 26.227637] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.227967] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.228234] ================================================================== [ 26.930485] ================================================================== [ 26.930833] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 26.931450] Read of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.931795] [ 26.931912] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.931986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.932002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.932028] Call Trace: [ 26.932049] <TASK> [ 26.932079] dump_stack_lvl+0x73/0xb0 [ 26.932111] print_report+0xd1/0x650 [ 26.932135] ? __virt_addr_valid+0x1db/0x2d0 [ 26.932160] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.932184] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.932211] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.932235] kasan_report+0x141/0x180 [ 26.932258] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.932286] __asan_report_load8_noabort+0x18/0x20 [ 26.932312] kasan_atomics_helper+0x4f98/0x5450 [ 26.932335] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.932359] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.932386] ? kasan_atomics+0x152/0x310 [ 26.932413] kasan_atomics+0x1dc/0x310 [ 26.932437] ? __pfx_kasan_atomics+0x10/0x10 [ 26.932460] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.932486] ? __pfx_read_tsc+0x10/0x10 [ 26.932510] ? ktime_get_ts64+0x86/0x230 [ 26.932537] kunit_try_run_case+0x1a5/0x480 [ 26.932565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.932590] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.932614] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.932638] ? __kthread_parkme+0x82/0x180 [ 26.932660] ? preempt_count_sub+0x50/0x80 [ 26.932685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.932713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.932739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.932766] kthread+0x337/0x6f0 [ 26.932787] ? trace_preempt_on+0x20/0xc0 [ 26.932812] ? __pfx_kthread+0x10/0x10 [ 26.932835] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.932864] ? calculate_sigpending+0x7b/0xa0 [ 26.932891] ? __pfx_kthread+0x10/0x10 [ 26.932934] ret_from_fork+0x116/0x1d0 [ 26.932957] ? __pfx_kthread+0x10/0x10 [ 26.932980] ret_from_fork_asm+0x1a/0x30 [ 26.933014] </TASK> [ 26.933029] [ 26.939911] Allocated by task 314: [ 26.940071] kasan_save_stack+0x45/0x70 [ 26.940220] kasan_save_track+0x18/0x40 [ 26.940357] kasan_save_alloc_info+0x3b/0x50 [ 26.940506] __kasan_kmalloc+0xb7/0xc0 [ 26.940638] __kmalloc_cache_noprof+0x189/0x420 [ 26.940860] kasan_atomics+0x95/0x310 [ 26.941105] kunit_try_run_case+0x1a5/0x480 [ 26.941326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.941617] kthread+0x337/0x6f0 [ 26.941792] ret_from_fork+0x116/0x1d0 [ 26.942025] ret_from_fork_asm+0x1a/0x30 [ 26.942244] [ 26.942364] The buggy address belongs to the object at ffff888105a1e600 [ 26.942364] which belongs to the cache kmalloc-64 of size 64 [ 26.942898] The buggy address is located 0 bytes to the right of [ 26.942898] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.943317] [ 26.943391] The buggy address belongs to the physical page: [ 26.943586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.943978] flags: 0x200000000000000(node=0|zone=2) [ 26.944238] page_type: f5(slab) [ 26.944442] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.944759] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.945090] page dumped because: kasan: bad access detected [ 26.945345] [ 26.945442] Memory state around the buggy address: [ 26.945649] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.945938] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.946173] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.946391] ^ [ 26.946547] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.946767] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.947151] ================================================================== [ 25.910422] ================================================================== [ 25.911440] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 25.911840] Write of size 4 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 25.912268] [ 25.912442] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.912499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.912514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.912539] Call Trace: [ 25.912564] <TASK> [ 25.912585] dump_stack_lvl+0x73/0xb0 [ 25.912619] print_report+0xd1/0x650 [ 25.912690] ? __virt_addr_valid+0x1db/0x2d0 [ 25.912719] ? kasan_atomics_helper+0x4b3a/0x5450 [ 25.912743] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.912819] ? kasan_atomics_helper+0x4b3a/0x5450 [ 25.912843] kasan_report+0x141/0x180 [ 25.912878] ? kasan_atomics_helper+0x4b3a/0x5450 [ 25.912906] __asan_report_store4_noabort+0x1b/0x30 [ 25.912944] kasan_atomics_helper+0x4b3a/0x5450 [ 25.912968] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.912991] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.913020] ? kasan_atomics+0x152/0x310 [ 25.913049] kasan_atomics+0x1dc/0x310 [ 25.913083] ? __pfx_kasan_atomics+0x10/0x10 [ 25.913107] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 25.913135] ? __pfx_read_tsc+0x10/0x10 [ 25.913159] ? ktime_get_ts64+0x86/0x230 [ 25.913187] kunit_try_run_case+0x1a5/0x480 [ 25.913215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.913242] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 25.913265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.913289] ? __kthread_parkme+0x82/0x180 [ 25.913312] ? preempt_count_sub+0x50/0x80 [ 25.913339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.913366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.913393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.913419] kthread+0x337/0x6f0 [ 25.913442] ? trace_preempt_on+0x20/0xc0 [ 25.913468] ? __pfx_kthread+0x10/0x10 [ 25.913490] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.913517] ? calculate_sigpending+0x7b/0xa0 [ 25.913544] ? __pfx_kthread+0x10/0x10 [ 25.913568] ret_from_fork+0x116/0x1d0 [ 25.913588] ? __pfx_kthread+0x10/0x10 [ 25.913611] ret_from_fork_asm+0x1a/0x30 [ 25.913645] </TASK> [ 25.913659] [ 25.924919] Allocated by task 314: [ 25.925110] kasan_save_stack+0x45/0x70 [ 25.925259] kasan_save_track+0x18/0x40 [ 25.925579] kasan_save_alloc_info+0x3b/0x50 [ 25.925792] __kasan_kmalloc+0xb7/0xc0 [ 25.926012] __kmalloc_cache_noprof+0x189/0x420 [ 25.926278] kasan_atomics+0x95/0x310 [ 25.926453] kunit_try_run_case+0x1a5/0x480 [ 25.926645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.926823] kthread+0x337/0x6f0 [ 25.927072] ret_from_fork+0x116/0x1d0 [ 25.927269] ret_from_fork_asm+0x1a/0x30 [ 25.927417] [ 25.927488] The buggy address belongs to the object at ffff888105a1e600 [ 25.927488] which belongs to the cache kmalloc-64 of size 64 [ 25.928030] The buggy address is located 0 bytes to the right of [ 25.928030] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 25.928497] [ 25.928567] The buggy address belongs to the physical page: [ 25.928732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 25.928982] flags: 0x200000000000000(node=0|zone=2) [ 25.929249] page_type: f5(slab) [ 25.929414] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.929755] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.930042] page dumped because: kasan: bad access detected [ 25.930216] [ 25.930280] Memory state around the buggy address: [ 25.930429] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.930677] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.931004] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.931341] ^ [ 25.931587] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.931910] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.932259] ================================================================== [ 26.456437] ================================================================== [ 26.457419] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 26.457763] Read of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.458145] [ 26.458262] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.458317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.458344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.458369] Call Trace: [ 26.458392] <TASK> [ 26.458424] dump_stack_lvl+0x73/0xb0 [ 26.458456] print_report+0xd1/0x650 [ 26.458480] ? __virt_addr_valid+0x1db/0x2d0 [ 26.458515] ? kasan_atomics_helper+0x13b5/0x5450 [ 26.458539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.458578] ? kasan_atomics_helper+0x13b5/0x5450 [ 26.458601] kasan_report+0x141/0x180 [ 26.458624] ? kasan_atomics_helper+0x13b5/0x5450 [ 26.458660] kasan_check_range+0x10c/0x1c0 [ 26.458685] __kasan_check_read+0x15/0x20 [ 26.458710] kasan_atomics_helper+0x13b5/0x5450 [ 26.458745] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.458768] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.458795] ? kasan_atomics+0x152/0x310 [ 26.458831] kasan_atomics+0x1dc/0x310 [ 26.458854] ? __pfx_kasan_atomics+0x10/0x10 [ 26.458888] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.458913] ? __pfx_read_tsc+0x10/0x10 [ 26.458949] ? ktime_get_ts64+0x86/0x230 [ 26.458975] kunit_try_run_case+0x1a5/0x480 [ 26.459003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.459035] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.459057] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.459096] ? __kthread_parkme+0x82/0x180 [ 26.459119] ? preempt_count_sub+0x50/0x80 [ 26.459143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.459169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.459195] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.459220] kthread+0x337/0x6f0 [ 26.459242] ? trace_preempt_on+0x20/0xc0 [ 26.459267] ? __pfx_kthread+0x10/0x10 [ 26.459288] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.459314] ? calculate_sigpending+0x7b/0xa0 [ 26.459339] ? __pfx_kthread+0x10/0x10 [ 26.459362] ret_from_fork+0x116/0x1d0 [ 26.459382] ? __pfx_kthread+0x10/0x10 [ 26.459405] ret_from_fork_asm+0x1a/0x30 [ 26.459446] </TASK> [ 26.459459] [ 26.466849] Allocated by task 314: [ 26.466989] kasan_save_stack+0x45/0x70 [ 26.467149] kasan_save_track+0x18/0x40 [ 26.467352] kasan_save_alloc_info+0x3b/0x50 [ 26.467587] __kasan_kmalloc+0xb7/0xc0 [ 26.467797] __kmalloc_cache_noprof+0x189/0x420 [ 26.468058] kasan_atomics+0x95/0x310 [ 26.468275] kunit_try_run_case+0x1a5/0x480 [ 26.468482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.468731] kthread+0x337/0x6f0 [ 26.468893] ret_from_fork+0x116/0x1d0 [ 26.469282] ret_from_fork_asm+0x1a/0x30 [ 26.469480] [ 26.469580] The buggy address belongs to the object at ffff888105a1e600 [ 26.469580] which belongs to the cache kmalloc-64 of size 64 [ 26.470159] The buggy address is located 0 bytes to the right of [ 26.470159] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.470628] [ 26.470724] The buggy address belongs to the physical page: [ 26.471019] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.471350] flags: 0x200000000000000(node=0|zone=2) [ 26.471568] page_type: f5(slab) [ 26.471748] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.472090] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.472415] page dumped because: kasan: bad access detected [ 26.472627] [ 26.472718] Memory state around the buggy address: [ 26.472982] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.473322] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.473631] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.473921] ^ [ 26.474213] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.474527] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.474814] ================================================================== [ 26.622007] ================================================================== [ 26.622716] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 26.623523] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.624242] [ 26.624422] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.624481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.624509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.624548] Call Trace: [ 26.624573] <TASK> [ 26.624596] dump_stack_lvl+0x73/0xb0 [ 26.624642] print_report+0xd1/0x650 [ 26.624668] ? __virt_addr_valid+0x1db/0x2d0 [ 26.624695] ? kasan_atomics_helper+0x177f/0x5450 [ 26.624719] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.624748] ? kasan_atomics_helper+0x177f/0x5450 [ 26.624772] kasan_report+0x141/0x180 [ 26.624797] ? kasan_atomics_helper+0x177f/0x5450 [ 26.624826] kasan_check_range+0x10c/0x1c0 [ 26.624853] __kasan_check_write+0x18/0x20 [ 26.624878] kasan_atomics_helper+0x177f/0x5450 [ 26.624903] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.624936] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.624965] ? kasan_atomics+0x152/0x310 [ 26.624994] kasan_atomics+0x1dc/0x310 [ 26.625019] ? __pfx_kasan_atomics+0x10/0x10 [ 26.625043] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.625080] ? __pfx_read_tsc+0x10/0x10 [ 26.625105] ? ktime_get_ts64+0x86/0x230 [ 26.625133] kunit_try_run_case+0x1a5/0x480 [ 26.625162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.625187] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.625211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.625235] ? __kthread_parkme+0x82/0x180 [ 26.625258] ? preempt_count_sub+0x50/0x80 [ 26.625285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.625313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.625340] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.625367] kthread+0x337/0x6f0 [ 26.625390] ? trace_preempt_on+0x20/0xc0 [ 26.625415] ? __pfx_kthread+0x10/0x10 [ 26.625438] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.625465] ? calculate_sigpending+0x7b/0xa0 [ 26.625491] ? __pfx_kthread+0x10/0x10 [ 26.625515] ret_from_fork+0x116/0x1d0 [ 26.625536] ? __pfx_kthread+0x10/0x10 [ 26.625559] ret_from_fork_asm+0x1a/0x30 [ 26.625592] </TASK> [ 26.625608] [ 26.639373] Allocated by task 314: [ 26.639669] kasan_save_stack+0x45/0x70 [ 26.640005] kasan_save_track+0x18/0x40 [ 26.640422] kasan_save_alloc_info+0x3b/0x50 [ 26.640787] __kasan_kmalloc+0xb7/0xc0 [ 26.640921] __kmalloc_cache_noprof+0x189/0x420 [ 26.641086] kasan_atomics+0x95/0x310 [ 26.641218] kunit_try_run_case+0x1a5/0x480 [ 26.641363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.641535] kthread+0x337/0x6f0 [ 26.641654] ret_from_fork+0x116/0x1d0 [ 26.641785] ret_from_fork_asm+0x1a/0x30 [ 26.641934] [ 26.642005] The buggy address belongs to the object at ffff888105a1e600 [ 26.642005] which belongs to the cache kmalloc-64 of size 64 [ 26.642401] The buggy address is located 0 bytes to the right of [ 26.642401] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.642998] [ 26.643106] The buggy address belongs to the physical page: [ 26.643320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.643568] flags: 0x200000000000000(node=0|zone=2) [ 26.643831] page_type: f5(slab) [ 26.644044] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.644341] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.644687] page dumped because: kasan: bad access detected [ 26.644933] [ 26.645075] Memory state around the buggy address: [ 26.645230] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.645508] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.645858] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.646349] ^ [ 26.646503] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.647053] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.647361] ================================================================== [ 26.648382] ================================================================== [ 26.648774] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 26.649146] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.649488] [ 26.649616] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.649684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.649701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.649728] Call Trace: [ 26.649752] <TASK> [ 26.649775] dump_stack_lvl+0x73/0xb0 [ 26.649808] print_report+0xd1/0x650 [ 26.649840] ? __virt_addr_valid+0x1db/0x2d0 [ 26.649867] ? kasan_atomics_helper+0x1818/0x5450 [ 26.649891] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.649921] ? kasan_atomics_helper+0x1818/0x5450 [ 26.649958] kasan_report+0x141/0x180 [ 26.649982] ? kasan_atomics_helper+0x1818/0x5450 [ 26.650011] kasan_check_range+0x10c/0x1c0 [ 26.650038] __kasan_check_write+0x18/0x20 [ 26.650073] kasan_atomics_helper+0x1818/0x5450 [ 26.650098] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.650123] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.650152] ? kasan_atomics+0x152/0x310 [ 26.650182] kasan_atomics+0x1dc/0x310 [ 26.650217] ? __pfx_kasan_atomics+0x10/0x10 [ 26.650241] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.650280] ? __pfx_read_tsc+0x10/0x10 [ 26.650304] ? ktime_get_ts64+0x86/0x230 [ 26.650333] kunit_try_run_case+0x1a5/0x480 [ 26.650363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.650389] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.650414] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.650438] ? __kthread_parkme+0x82/0x180 [ 26.650462] ? preempt_count_sub+0x50/0x80 [ 26.650488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.650516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.650544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.650572] kthread+0x337/0x6f0 [ 26.650593] ? trace_preempt_on+0x20/0xc0 [ 26.650620] ? __pfx_kthread+0x10/0x10 [ 26.650652] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.650680] ? calculate_sigpending+0x7b/0xa0 [ 26.650707] ? __pfx_kthread+0x10/0x10 [ 26.650742] ret_from_fork+0x116/0x1d0 [ 26.650764] ? __pfx_kthread+0x10/0x10 [ 26.650787] ret_from_fork_asm+0x1a/0x30 [ 26.650831] </TASK> [ 26.650846] [ 26.659119] Allocated by task 314: [ 26.659322] kasan_save_stack+0x45/0x70 [ 26.659520] kasan_save_track+0x18/0x40 [ 26.659709] kasan_save_alloc_info+0x3b/0x50 [ 26.659927] __kasan_kmalloc+0xb7/0xc0 [ 26.660135] __kmalloc_cache_noprof+0x189/0x420 [ 26.660336] kasan_atomics+0x95/0x310 [ 26.660508] kunit_try_run_case+0x1a5/0x480 [ 26.660735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.660992] kthread+0x337/0x6f0 [ 26.661144] ret_from_fork+0x116/0x1d0 [ 26.661363] ret_from_fork_asm+0x1a/0x30 [ 26.661517] [ 26.661586] The buggy address belongs to the object at ffff888105a1e600 [ 26.661586] which belongs to the cache kmalloc-64 of size 64 [ 26.661963] The buggy address is located 0 bytes to the right of [ 26.661963] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.662563] [ 26.662674] The buggy address belongs to the physical page: [ 26.662934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.663213] flags: 0x200000000000000(node=0|zone=2) [ 26.663380] page_type: f5(slab) [ 26.663504] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.663846] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.664556] page dumped because: kasan: bad access detected [ 26.664818] [ 26.664939] Memory state around the buggy address: [ 26.665205] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.665465] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.665685] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.666328] ^ [ 26.666573] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.666857] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.667305] ================================================================== [ 26.948023] ================================================================== [ 26.948425] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 26.948782] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.949161] [ 26.949280] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.949335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.949351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.949376] Call Trace: [ 26.949401] <TASK> [ 26.949424] dump_stack_lvl+0x73/0xb0 [ 26.949457] print_report+0xd1/0x650 [ 26.949483] ? __virt_addr_valid+0x1db/0x2d0 [ 26.949510] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.949533] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.949561] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.949586] kasan_report+0x141/0x180 [ 26.949611] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.949640] kasan_check_range+0x10c/0x1c0 [ 26.949666] __kasan_check_write+0x18/0x20 [ 26.949691] kasan_atomics_helper+0x20c8/0x5450 [ 26.949716] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.949741] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.949769] ? kasan_atomics+0x152/0x310 [ 26.949797] kasan_atomics+0x1dc/0x310 [ 26.949828] ? __pfx_kasan_atomics+0x10/0x10 [ 26.949852] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.949879] ? __pfx_read_tsc+0x10/0x10 [ 26.949904] ? ktime_get_ts64+0x86/0x230 [ 26.949954] kunit_try_run_case+0x1a5/0x480 [ 26.949983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.950010] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.950035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.950149] ? __kthread_parkme+0x82/0x180 [ 26.950178] ? preempt_count_sub+0x50/0x80 [ 26.950206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.950234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.950262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.950289] kthread+0x337/0x6f0 [ 26.950311] ? trace_preempt_on+0x20/0xc0 [ 26.950338] ? __pfx_kthread+0x10/0x10 [ 26.950361] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.950389] ? calculate_sigpending+0x7b/0xa0 [ 26.950416] ? __pfx_kthread+0x10/0x10 [ 26.950440] ret_from_fork+0x116/0x1d0 [ 26.950463] ? __pfx_kthread+0x10/0x10 [ 26.950487] ret_from_fork_asm+0x1a/0x30 [ 26.950521] </TASK> [ 26.950536] [ 26.958335] Allocated by task 314: [ 26.958540] kasan_save_stack+0x45/0x70 [ 26.958751] kasan_save_track+0x18/0x40 [ 26.958972] kasan_save_alloc_info+0x3b/0x50 [ 26.959199] __kasan_kmalloc+0xb7/0xc0 [ 26.959387] __kmalloc_cache_noprof+0x189/0x420 [ 26.959546] kasan_atomics+0x95/0x310 [ 26.959738] kunit_try_run_case+0x1a5/0x480 [ 26.960012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.960281] kthread+0x337/0x6f0 [ 26.960473] ret_from_fork+0x116/0x1d0 [ 26.960689] ret_from_fork_asm+0x1a/0x30 [ 26.960877] [ 26.961031] The buggy address belongs to the object at ffff888105a1e600 [ 26.961031] which belongs to the cache kmalloc-64 of size 64 [ 26.961574] The buggy address is located 0 bytes to the right of [ 26.961574] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.962172] [ 26.962277] The buggy address belongs to the physical page: [ 26.962540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.962887] flags: 0x200000000000000(node=0|zone=2) [ 26.963188] page_type: f5(slab) [ 26.963356] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.963699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.963999] page dumped because: kasan: bad access detected [ 26.964273] [ 26.964367] Memory state around the buggy address: [ 26.964631] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.964894] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.965181] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.965579] ^ [ 26.965846] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.966220] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.966468] ================================================================== [ 26.576684] ================================================================== [ 26.577406] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 26.578073] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.578390] [ 26.578477] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.578532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.578547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.578572] Call Trace: [ 26.578595] <TASK> [ 26.578616] dump_stack_lvl+0x73/0xb0 [ 26.578649] print_report+0xd1/0x650 [ 26.578673] ? __virt_addr_valid+0x1db/0x2d0 [ 26.578699] ? kasan_atomics_helper+0x164f/0x5450 [ 26.578722] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.578750] ? kasan_atomics_helper+0x164f/0x5450 [ 26.578773] kasan_report+0x141/0x180 [ 26.578796] ? kasan_atomics_helper+0x164f/0x5450 [ 26.578824] kasan_check_range+0x10c/0x1c0 [ 26.578851] __kasan_check_write+0x18/0x20 [ 26.578878] kasan_atomics_helper+0x164f/0x5450 [ 26.578903] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.578927] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.578954] ? kasan_atomics+0x152/0x310 [ 26.578981] kasan_atomics+0x1dc/0x310 [ 26.579004] ? __pfx_kasan_atomics+0x10/0x10 [ 26.579028] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.579055] ? __pfx_read_tsc+0x10/0x10 [ 26.579093] ? ktime_get_ts64+0x86/0x230 [ 26.579121] kunit_try_run_case+0x1a5/0x480 [ 26.579149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.579174] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.579199] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.579223] ? __kthread_parkme+0x82/0x180 [ 26.579246] ? preempt_count_sub+0x50/0x80 [ 26.579271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.579298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.579324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.579350] kthread+0x337/0x6f0 [ 26.579371] ? trace_preempt_on+0x20/0xc0 [ 26.579396] ? __pfx_kthread+0x10/0x10 [ 26.579418] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.579444] ? calculate_sigpending+0x7b/0xa0 [ 26.579469] ? __pfx_kthread+0x10/0x10 [ 26.579493] ret_from_fork+0x116/0x1d0 [ 26.579514] ? __pfx_kthread+0x10/0x10 [ 26.579537] ret_from_fork_asm+0x1a/0x30 [ 26.579570] </TASK> [ 26.579583] [ 26.588172] Allocated by task 314: [ 26.588367] kasan_save_stack+0x45/0x70 [ 26.588586] kasan_save_track+0x18/0x40 [ 26.588777] kasan_save_alloc_info+0x3b/0x50 [ 26.589019] __kasan_kmalloc+0xb7/0xc0 [ 26.589201] __kmalloc_cache_noprof+0x189/0x420 [ 26.589422] kasan_atomics+0x95/0x310 [ 26.589616] kunit_try_run_case+0x1a5/0x480 [ 26.589792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.590043] kthread+0x337/0x6f0 [ 26.590241] ret_from_fork+0x116/0x1d0 [ 26.590423] ret_from_fork_asm+0x1a/0x30 [ 26.590567] [ 26.590658] The buggy address belongs to the object at ffff888105a1e600 [ 26.590658] which belongs to the cache kmalloc-64 of size 64 [ 26.591286] The buggy address is located 0 bytes to the right of [ 26.591286] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.591641] [ 26.591713] The buggy address belongs to the physical page: [ 26.591986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.592347] flags: 0x200000000000000(node=0|zone=2) [ 26.592577] page_type: f5(slab) [ 26.592743] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.593152] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.593384] page dumped because: kasan: bad access detected [ 26.593555] [ 26.593642] Memory state around the buggy address: [ 26.593870] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.594478] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.594740] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.594986] ^ [ 26.595219] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.595477] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.595743] ================================================================== [ 26.985693] ================================================================== [ 26.986115] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 26.986457] Write of size 8 at addr ffff888105a1e630 by task kunit_try_catch/314 [ 26.986787] [ 26.986898] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.986972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.986988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.987033] Call Trace: [ 26.987056] <TASK> [ 26.987086] dump_stack_lvl+0x73/0xb0 [ 26.987118] print_report+0xd1/0x650 [ 26.987142] ? __virt_addr_valid+0x1db/0x2d0 [ 26.987168] ? kasan_atomics_helper+0x218a/0x5450 [ 26.987192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.987220] ? kasan_atomics_helper+0x218a/0x5450 [ 26.987243] kasan_report+0x141/0x180 [ 26.987267] ? kasan_atomics_helper+0x218a/0x5450 [ 26.987294] kasan_check_range+0x10c/0x1c0 [ 26.987318] __kasan_check_write+0x18/0x20 [ 26.987343] kasan_atomics_helper+0x218a/0x5450 [ 26.987367] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.987391] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.987417] ? kasan_atomics+0x152/0x310 [ 26.987445] kasan_atomics+0x1dc/0x310 [ 26.987469] ? __pfx_kasan_atomics+0x10/0x10 [ 26.987493] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 26.987520] ? __pfx_read_tsc+0x10/0x10 [ 26.987561] ? ktime_get_ts64+0x86/0x230 [ 26.987588] kunit_try_run_case+0x1a5/0x480 [ 26.987616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.987641] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 26.987664] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.987688] ? __kthread_parkme+0x82/0x180 [ 26.987711] ? preempt_count_sub+0x50/0x80 [ 26.987737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.987763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.987790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.987816] kthread+0x337/0x6f0 [ 26.987837] ? trace_preempt_on+0x20/0xc0 [ 26.987862] ? __pfx_kthread+0x10/0x10 [ 26.987884] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.987910] ? calculate_sigpending+0x7b/0xa0 [ 26.987958] ? __pfx_kthread+0x10/0x10 [ 26.987981] ret_from_fork+0x116/0x1d0 [ 26.988002] ? __pfx_kthread+0x10/0x10 [ 26.988027] ret_from_fork_asm+0x1a/0x30 [ 26.988071] </TASK> [ 26.988086] [ 26.995460] Allocated by task 314: [ 26.995655] kasan_save_stack+0x45/0x70 [ 26.995884] kasan_save_track+0x18/0x40 [ 26.996111] kasan_save_alloc_info+0x3b/0x50 [ 26.996347] __kasan_kmalloc+0xb7/0xc0 [ 26.996535] __kmalloc_cache_noprof+0x189/0x420 [ 26.996776] kasan_atomics+0x95/0x310 [ 26.996980] kunit_try_run_case+0x1a5/0x480 [ 26.997210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.997423] kthread+0x337/0x6f0 [ 26.997600] ret_from_fork+0x116/0x1d0 [ 26.997776] ret_from_fork_asm+0x1a/0x30 [ 26.998012] [ 26.998111] The buggy address belongs to the object at ffff888105a1e600 [ 26.998111] which belongs to the cache kmalloc-64 of size 64 [ 26.998470] The buggy address is located 0 bytes to the right of [ 26.998470] allocated 48-byte region [ffff888105a1e600, ffff888105a1e630) [ 26.998938] [ 26.999035] The buggy address belongs to the physical page: [ 26.999294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1e [ 26.999644] flags: 0x200000000000000(node=0|zone=2) [ 26.999842] page_type: f5(slab) [ 26.999988] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.000315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.000680] page dumped because: kasan: bad access detected [ 27.000947] [ 27.001073] Memory state around the buggy address: [ 27.001248] ffff888105a1e500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.001463] ffff888105a1e580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.001770] >ffff888105a1e600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.002121] ^ [ 27.002314] ffff888105a1e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.002531] ffff888105a1e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.002861] ==================================================================
[ 25.764585] ================================================================== [ 25.764814] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 25.765284] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.765630] [ 25.765737] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.765797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.765811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.765833] Call Trace: [ 25.765849] <TASK> [ 25.765864] dump_stack_lvl+0x73/0xb0 [ 25.765891] print_report+0xd1/0x650 [ 25.765915] ? __virt_addr_valid+0x1db/0x2d0 [ 25.765938] ? kasan_atomics_helper+0x860/0x5450 [ 25.765961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.765988] ? kasan_atomics_helper+0x860/0x5450 [ 25.766011] kasan_report+0x141/0x180 [ 25.766033] ? kasan_atomics_helper+0x860/0x5450 [ 25.766061] kasan_check_range+0x10c/0x1c0 [ 25.766086] __kasan_check_write+0x18/0x20 [ 25.766110] kasan_atomics_helper+0x860/0x5450 [ 25.766134] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.766158] ? kasan_save_alloc_info+0x3b/0x50 [ 25.766187] kasan_atomics+0x1dc/0x310 [ 25.766211] ? __pfx_kasan_atomics+0x10/0x10 [ 25.766236] ? __pfx_read_tsc+0x10/0x10 [ 25.766259] ? ktime_get_ts64+0x86/0x230 [ 25.766284] kunit_try_run_case+0x1a5/0x480 [ 25.766319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.766344] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.766366] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.766390] ? __kthread_parkme+0x82/0x180 [ 25.766411] ? preempt_count_sub+0x50/0x80 [ 25.766435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.766461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.766486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.766512] kthread+0x337/0x6f0 [ 25.766533] ? trace_preempt_on+0x20/0xc0 [ 25.766558] ? __pfx_kthread+0x10/0x10 [ 25.766581] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.766607] ? calculate_sigpending+0x7b/0xa0 [ 25.766632] ? __pfx_kthread+0x10/0x10 [ 25.766656] ret_from_fork+0x116/0x1d0 [ 25.766676] ? __pfx_kthread+0x10/0x10 [ 25.766698] ret_from_fork_asm+0x1a/0x30 [ 25.766730] </TASK> [ 25.766742] [ 25.774283] Allocated by task 313: [ 25.774473] kasan_save_stack+0x45/0x70 [ 25.774875] kasan_save_track+0x18/0x40 [ 25.775075] kasan_save_alloc_info+0x3b/0x50 [ 25.775288] __kasan_kmalloc+0xb7/0xc0 [ 25.775464] __kmalloc_cache_noprof+0x189/0x420 [ 25.775664] kasan_atomics+0x95/0x310 [ 25.775844] kunit_try_run_case+0x1a5/0x480 [ 25.776034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.776221] kthread+0x337/0x6f0 [ 25.776355] ret_from_fork+0x116/0x1d0 [ 25.776488] ret_from_fork_asm+0x1a/0x30 [ 25.776625] [ 25.776693] The buggy address belongs to the object at ffff88810490f900 [ 25.776693] which belongs to the cache kmalloc-64 of size 64 [ 25.777093] The buggy address is located 0 bytes to the right of [ 25.777093] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.777757] [ 25.777856] The buggy address belongs to the physical page: [ 25.778110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.778430] flags: 0x200000000000000(node=0|zone=2) [ 25.778627] page_type: f5(slab) [ 25.779119] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.779377] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.779941] page dumped because: kasan: bad access detected [ 25.780192] [ 25.780288] Memory state around the buggy address: [ 25.780513] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.780836] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.781099] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.781364] ^ [ 25.781567] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.782106] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.782387] ================================================================== [ 26.608015] ================================================================== [ 26.608775] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 26.609159] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.609466] [ 26.609878] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.609946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.609962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.609987] Call Trace: [ 26.610009] <TASK> [ 26.610031] dump_stack_lvl+0x73/0xb0 [ 26.610062] print_report+0xd1/0x650 [ 26.610086] ? __virt_addr_valid+0x1db/0x2d0 [ 26.610111] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.610133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.610160] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.610183] kasan_report+0x141/0x180 [ 26.610205] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.610232] kasan_check_range+0x10c/0x1c0 [ 26.610256] __kasan_check_write+0x18/0x20 [ 26.610280] kasan_atomics_helper+0x1eaa/0x5450 [ 26.610303] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.610336] ? kasan_save_alloc_info+0x3b/0x50 [ 26.610365] kasan_atomics+0x1dc/0x310 [ 26.610388] ? __pfx_kasan_atomics+0x10/0x10 [ 26.610413] ? __pfx_read_tsc+0x10/0x10 [ 26.610472] ? ktime_get_ts64+0x86/0x230 [ 26.610511] kunit_try_run_case+0x1a5/0x480 [ 26.610538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.610562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.610586] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.610609] ? __kthread_parkme+0x82/0x180 [ 26.610631] ? preempt_count_sub+0x50/0x80 [ 26.610655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.610681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.610706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.610731] kthread+0x337/0x6f0 [ 26.610752] ? trace_preempt_on+0x20/0xc0 [ 26.610778] ? __pfx_kthread+0x10/0x10 [ 26.610801] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.610826] ? calculate_sigpending+0x7b/0xa0 [ 26.610850] ? __pfx_kthread+0x10/0x10 [ 26.610874] ret_from_fork+0x116/0x1d0 [ 26.610895] ? __pfx_kthread+0x10/0x10 [ 26.610917] ret_from_fork_asm+0x1a/0x30 [ 26.610950] </TASK> [ 26.610964] [ 26.622370] Allocated by task 313: [ 26.622517] kasan_save_stack+0x45/0x70 [ 26.622770] kasan_save_track+0x18/0x40 [ 26.622969] kasan_save_alloc_info+0x3b/0x50 [ 26.623183] __kasan_kmalloc+0xb7/0xc0 [ 26.623387] __kmalloc_cache_noprof+0x189/0x420 [ 26.623606] kasan_atomics+0x95/0x310 [ 26.623846] kunit_try_run_case+0x1a5/0x480 [ 26.623988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.624407] kthread+0x337/0x6f0 [ 26.624675] ret_from_fork+0x116/0x1d0 [ 26.624808] ret_from_fork_asm+0x1a/0x30 [ 26.624949] [ 26.625022] The buggy address belongs to the object at ffff88810490f900 [ 26.625022] which belongs to the cache kmalloc-64 of size 64 [ 26.625487] The buggy address is located 0 bytes to the right of [ 26.625487] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.626151] [ 26.626282] The buggy address belongs to the physical page: [ 26.626608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.626868] flags: 0x200000000000000(node=0|zone=2) [ 26.627127] page_type: f5(slab) [ 26.627300] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.627677] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.628018] page dumped because: kasan: bad access detected [ 26.628260] [ 26.628390] Memory state around the buggy address: [ 26.628665] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.628872] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.629109] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.629375] ^ [ 26.629712] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.630064] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.630327] ================================================================== [ 26.282888] ================================================================== [ 26.283136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 26.283424] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.283847] [ 26.283943] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.284004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.284018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.284052] Call Trace: [ 26.284068] <TASK> [ 26.284086] dump_stack_lvl+0x73/0xb0 [ 26.284127] print_report+0xd1/0x650 [ 26.284151] ? __virt_addr_valid+0x1db/0x2d0 [ 26.284176] ? kasan_atomics_helper+0x50d4/0x5450 [ 26.284198] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.284226] ? kasan_atomics_helper+0x50d4/0x5450 [ 26.284248] kasan_report+0x141/0x180 [ 26.284271] ? kasan_atomics_helper+0x50d4/0x5450 [ 26.284322] __asan_report_store8_noabort+0x1b/0x30 [ 26.284348] kasan_atomics_helper+0x50d4/0x5450 [ 26.284373] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.284397] ? kasan_save_alloc_info+0x3b/0x50 [ 26.284425] kasan_atomics+0x1dc/0x310 [ 26.284449] ? __pfx_kasan_atomics+0x10/0x10 [ 26.284495] ? __pfx_read_tsc+0x10/0x10 [ 26.284521] ? ktime_get_ts64+0x86/0x230 [ 26.284548] kunit_try_run_case+0x1a5/0x480 [ 26.284575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.284600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.284623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.284648] ? __kthread_parkme+0x82/0x180 [ 26.284670] ? preempt_count_sub+0x50/0x80 [ 26.284695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.284721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.284748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.284774] kthread+0x337/0x6f0 [ 26.284796] ? trace_preempt_on+0x20/0xc0 [ 26.284820] ? __pfx_kthread+0x10/0x10 [ 26.284843] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.284868] ? calculate_sigpending+0x7b/0xa0 [ 26.284893] ? __pfx_kthread+0x10/0x10 [ 26.284916] ret_from_fork+0x116/0x1d0 [ 26.284937] ? __pfx_kthread+0x10/0x10 [ 26.284959] ret_from_fork_asm+0x1a/0x30 [ 26.285000] </TASK> [ 26.285014] [ 26.291983] Allocated by task 313: [ 26.292175] kasan_save_stack+0x45/0x70 [ 26.292377] kasan_save_track+0x18/0x40 [ 26.292553] kasan_save_alloc_info+0x3b/0x50 [ 26.292700] __kasan_kmalloc+0xb7/0xc0 [ 26.292828] __kmalloc_cache_noprof+0x189/0x420 [ 26.292978] kasan_atomics+0x95/0x310 [ 26.293104] kunit_try_run_case+0x1a5/0x480 [ 26.293303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.293615] kthread+0x337/0x6f0 [ 26.293789] ret_from_fork+0x116/0x1d0 [ 26.293974] ret_from_fork_asm+0x1a/0x30 [ 26.294190] [ 26.294286] The buggy address belongs to the object at ffff88810490f900 [ 26.294286] which belongs to the cache kmalloc-64 of size 64 [ 26.294870] The buggy address is located 0 bytes to the right of [ 26.294870] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.295448] [ 26.295571] The buggy address belongs to the physical page: [ 26.295826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.296158] flags: 0x200000000000000(node=0|zone=2) [ 26.296350] page_type: f5(slab) [ 26.296565] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.296888] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.297213] page dumped because: kasan: bad access detected [ 26.297434] [ 26.297524] Memory state around the buggy address: [ 26.297676] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.297894] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.298108] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.298450] ^ [ 26.298686] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.298996] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.299302] ================================================================== [ 26.769984] ================================================================== [ 26.771166] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 26.771659] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.771991] [ 26.772159] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.772263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.772279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.772304] Call Trace: [ 26.772347] <TASK> [ 26.772396] dump_stack_lvl+0x73/0xb0 [ 26.772452] print_report+0xd1/0x650 [ 26.772513] ? __virt_addr_valid+0x1db/0x2d0 [ 26.772538] ? kasan_atomics_helper+0x218a/0x5450 [ 26.772560] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.772588] ? kasan_atomics_helper+0x218a/0x5450 [ 26.772612] kasan_report+0x141/0x180 [ 26.772634] ? kasan_atomics_helper+0x218a/0x5450 [ 26.772660] kasan_check_range+0x10c/0x1c0 [ 26.772685] __kasan_check_write+0x18/0x20 [ 26.772709] kasan_atomics_helper+0x218a/0x5450 [ 26.772731] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.772784] ? kasan_save_alloc_info+0x3b/0x50 [ 26.772814] kasan_atomics+0x1dc/0x310 [ 26.772837] ? __pfx_kasan_atomics+0x10/0x10 [ 26.772863] ? __pfx_read_tsc+0x10/0x10 [ 26.772913] ? ktime_get_ts64+0x86/0x230 [ 26.772941] kunit_try_run_case+0x1a5/0x480 [ 26.772968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.772993] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.773017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.773040] ? __kthread_parkme+0x82/0x180 [ 26.773064] ? preempt_count_sub+0x50/0x80 [ 26.773089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.773115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.773140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.773166] kthread+0x337/0x6f0 [ 26.773187] ? trace_preempt_on+0x20/0xc0 [ 26.773212] ? __pfx_kthread+0x10/0x10 [ 26.773234] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.773260] ? calculate_sigpending+0x7b/0xa0 [ 26.773285] ? __pfx_kthread+0x10/0x10 [ 26.773320] ret_from_fork+0x116/0x1d0 [ 26.773341] ? __pfx_kthread+0x10/0x10 [ 26.773362] ret_from_fork_asm+0x1a/0x30 [ 26.773396] </TASK> [ 26.773411] [ 26.781075] Allocated by task 313: [ 26.781284] kasan_save_stack+0x45/0x70 [ 26.781549] kasan_save_track+0x18/0x40 [ 26.781747] kasan_save_alloc_info+0x3b/0x50 [ 26.781919] __kasan_kmalloc+0xb7/0xc0 [ 26.782125] __kmalloc_cache_noprof+0x189/0x420 [ 26.782353] kasan_atomics+0x95/0x310 [ 26.782481] kunit_try_run_case+0x1a5/0x480 [ 26.782716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.782993] kthread+0x337/0x6f0 [ 26.783175] ret_from_fork+0x116/0x1d0 [ 26.783365] ret_from_fork_asm+0x1a/0x30 [ 26.783499] [ 26.783566] The buggy address belongs to the object at ffff88810490f900 [ 26.783566] which belongs to the cache kmalloc-64 of size 64 [ 26.784135] The buggy address is located 0 bytes to the right of [ 26.784135] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.784667] [ 26.784739] The buggy address belongs to the physical page: [ 26.784951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.785380] flags: 0x200000000000000(node=0|zone=2) [ 26.785778] page_type: f5(slab) [ 26.785898] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.786263] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.786663] page dumped because: kasan: bad access detected [ 26.786905] [ 26.787024] Memory state around the buggy address: [ 26.787233] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.787613] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.787925] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.788223] ^ [ 26.788482] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.788797] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.789096] ================================================================== [ 26.223815] ================================================================== [ 26.224160] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 26.224518] Read of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.224853] [ 26.224977] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.225038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.225053] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.225076] Call Trace: [ 26.225094] <TASK> [ 26.225121] dump_stack_lvl+0x73/0xb0 [ 26.225151] print_report+0xd1/0x650 [ 26.225175] ? __virt_addr_valid+0x1db/0x2d0 [ 26.225210] ? kasan_atomics_helper+0x13b5/0x5450 [ 26.225232] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.225260] ? kasan_atomics_helper+0x13b5/0x5450 [ 26.225290] kasan_report+0x141/0x180 [ 26.225328] ? kasan_atomics_helper+0x13b5/0x5450 [ 26.225355] kasan_check_range+0x10c/0x1c0 [ 26.225379] __kasan_check_read+0x15/0x20 [ 26.225404] kasan_atomics_helper+0x13b5/0x5450 [ 26.225429] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.225454] ? kasan_save_alloc_info+0x3b/0x50 [ 26.225513] kasan_atomics+0x1dc/0x310 [ 26.225537] ? __pfx_kasan_atomics+0x10/0x10 [ 26.225572] ? __pfx_read_tsc+0x10/0x10 [ 26.225596] ? ktime_get_ts64+0x86/0x230 [ 26.225623] kunit_try_run_case+0x1a5/0x480 [ 26.225649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.225682] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.225706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.225740] ? __kthread_parkme+0x82/0x180 [ 26.225763] ? preempt_count_sub+0x50/0x80 [ 26.225788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.225814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.225840] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.225866] kthread+0x337/0x6f0 [ 26.225887] ? trace_preempt_on+0x20/0xc0 [ 26.225911] ? __pfx_kthread+0x10/0x10 [ 26.225934] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.225959] ? calculate_sigpending+0x7b/0xa0 [ 26.225984] ? __pfx_kthread+0x10/0x10 [ 26.226007] ret_from_fork+0x116/0x1d0 [ 26.226027] ? __pfx_kthread+0x10/0x10 [ 26.226049] ret_from_fork_asm+0x1a/0x30 [ 26.226081] </TASK> [ 26.226094] [ 26.235893] Allocated by task 313: [ 26.236072] kasan_save_stack+0x45/0x70 [ 26.236250] kasan_save_track+0x18/0x40 [ 26.236431] kasan_save_alloc_info+0x3b/0x50 [ 26.236628] __kasan_kmalloc+0xb7/0xc0 [ 26.236799] __kmalloc_cache_noprof+0x189/0x420 [ 26.236997] kasan_atomics+0x95/0x310 [ 26.237591] kunit_try_run_case+0x1a5/0x480 [ 26.237925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.238355] kthread+0x337/0x6f0 [ 26.238594] ret_from_fork+0x116/0x1d0 [ 26.238769] ret_from_fork_asm+0x1a/0x30 [ 26.238950] [ 26.239034] The buggy address belongs to the object at ffff88810490f900 [ 26.239034] which belongs to the cache kmalloc-64 of size 64 [ 26.239793] The buggy address is located 0 bytes to the right of [ 26.239793] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.240454] [ 26.240758] The buggy address belongs to the physical page: [ 26.241206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.241829] flags: 0x200000000000000(node=0|zone=2) [ 26.242244] page_type: f5(slab) [ 26.242690] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.243144] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.243680] page dumped because: kasan: bad access detected [ 26.244118] [ 26.244364] Memory state around the buggy address: [ 26.244613] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.244900] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.245187] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.245744] ^ [ 26.245963] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.246249] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.246783] ================================================================== [ 25.782894] ================================================================== [ 25.783195] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 25.783478] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.783955] [ 25.784047] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.784095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.784110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.784132] Call Trace: [ 25.784147] <TASK> [ 25.784164] dump_stack_lvl+0x73/0xb0 [ 25.784193] print_report+0xd1/0x650 [ 25.784216] ? __virt_addr_valid+0x1db/0x2d0 [ 25.784241] ? kasan_atomics_helper+0x8f9/0x5450 [ 25.784265] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.784295] ? kasan_atomics_helper+0x8f9/0x5450 [ 25.784330] kasan_report+0x141/0x180 [ 25.784353] ? kasan_atomics_helper+0x8f9/0x5450 [ 25.784380] kasan_check_range+0x10c/0x1c0 [ 25.784405] __kasan_check_write+0x18/0x20 [ 25.784429] kasan_atomics_helper+0x8f9/0x5450 [ 25.784453] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.784478] ? kasan_save_alloc_info+0x3b/0x50 [ 25.784518] kasan_atomics+0x1dc/0x310 [ 25.784543] ? __pfx_kasan_atomics+0x10/0x10 [ 25.784568] ? __pfx_read_tsc+0x10/0x10 [ 25.784590] ? ktime_get_ts64+0x86/0x230 [ 25.784616] kunit_try_run_case+0x1a5/0x480 [ 25.784643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.784667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.784701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.784725] ? __kthread_parkme+0x82/0x180 [ 25.784746] ? preempt_count_sub+0x50/0x80 [ 25.784771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.784797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.784822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.784849] kthread+0x337/0x6f0 [ 25.784870] ? trace_preempt_on+0x20/0xc0 [ 25.784894] ? __pfx_kthread+0x10/0x10 [ 25.784917] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.784942] ? calculate_sigpending+0x7b/0xa0 [ 25.784966] ? __pfx_kthread+0x10/0x10 [ 25.784989] ret_from_fork+0x116/0x1d0 [ 25.785010] ? __pfx_kthread+0x10/0x10 [ 25.785032] ret_from_fork_asm+0x1a/0x30 [ 25.785063] </TASK> [ 25.785077] [ 25.792884] Allocated by task 313: [ 25.793064] kasan_save_stack+0x45/0x70 [ 25.793231] kasan_save_track+0x18/0x40 [ 25.793372] kasan_save_alloc_info+0x3b/0x50 [ 25.793534] __kasan_kmalloc+0xb7/0xc0 [ 25.793716] __kmalloc_cache_noprof+0x189/0x420 [ 25.793933] kasan_atomics+0x95/0x310 [ 25.794251] kunit_try_run_case+0x1a5/0x480 [ 25.794439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.794612] kthread+0x337/0x6f0 [ 25.794973] ret_from_fork+0x116/0x1d0 [ 25.795166] ret_from_fork_asm+0x1a/0x30 [ 25.795373] [ 25.795467] The buggy address belongs to the object at ffff88810490f900 [ 25.795467] which belongs to the cache kmalloc-64 of size 64 [ 25.795993] The buggy address is located 0 bytes to the right of [ 25.795993] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.796429] [ 25.796504] The buggy address belongs to the physical page: [ 25.796762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.797110] flags: 0x200000000000000(node=0|zone=2) [ 25.797298] page_type: f5(slab) [ 25.797424] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.797648] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.797966] page dumped because: kasan: bad access detected [ 25.798208] [ 25.798296] Memory state around the buggy address: [ 25.798988] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.799427] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.799827] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.800041] ^ [ 25.800191] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.800540] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.801130] ================================================================== [ 26.299776] ================================================================== [ 26.300010] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 26.300301] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.300740] [ 26.300862] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.300921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.300936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.300967] Call Trace: [ 26.300983] <TASK> [ 26.301000] dump_stack_lvl+0x73/0xb0 [ 26.301042] print_report+0xd1/0x650 [ 26.301065] ? __virt_addr_valid+0x1db/0x2d0 [ 26.301089] ? kasan_atomics_helper+0x151d/0x5450 [ 26.301112] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.301139] ? kasan_atomics_helper+0x151d/0x5450 [ 26.301171] kasan_report+0x141/0x180 [ 26.301195] ? kasan_atomics_helper+0x151d/0x5450 [ 26.301222] kasan_check_range+0x10c/0x1c0 [ 26.301256] __kasan_check_write+0x18/0x20 [ 26.301281] kasan_atomics_helper+0x151d/0x5450 [ 26.301314] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.301337] ? kasan_save_alloc_info+0x3b/0x50 [ 26.301366] kasan_atomics+0x1dc/0x310 [ 26.301390] ? __pfx_kasan_atomics+0x10/0x10 [ 26.301415] ? __pfx_read_tsc+0x10/0x10 [ 26.301438] ? ktime_get_ts64+0x86/0x230 [ 26.301464] kunit_try_run_case+0x1a5/0x480 [ 26.301511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.301536] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.301561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.301592] ? __kthread_parkme+0x82/0x180 [ 26.301614] ? preempt_count_sub+0x50/0x80 [ 26.301638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.301675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.301700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.301726] kthread+0x337/0x6f0 [ 26.301751] ? trace_preempt_on+0x20/0xc0 [ 26.301775] ? __pfx_kthread+0x10/0x10 [ 26.301798] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.301823] ? calculate_sigpending+0x7b/0xa0 [ 26.301848] ? __pfx_kthread+0x10/0x10 [ 26.301871] ret_from_fork+0x116/0x1d0 [ 26.301891] ? __pfx_kthread+0x10/0x10 [ 26.301913] ret_from_fork_asm+0x1a/0x30 [ 26.301945] </TASK> [ 26.301959] [ 26.309114] Allocated by task 313: [ 26.309291] kasan_save_stack+0x45/0x70 [ 26.309535] kasan_save_track+0x18/0x40 [ 26.309730] kasan_save_alloc_info+0x3b/0x50 [ 26.309972] __kasan_kmalloc+0xb7/0xc0 [ 26.310157] __kmalloc_cache_noprof+0x189/0x420 [ 26.310336] kasan_atomics+0x95/0x310 [ 26.310465] kunit_try_run_case+0x1a5/0x480 [ 26.310627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.310798] kthread+0x337/0x6f0 [ 26.310914] ret_from_fork+0x116/0x1d0 [ 26.311040] ret_from_fork_asm+0x1a/0x30 [ 26.311237] [ 26.311352] The buggy address belongs to the object at ffff88810490f900 [ 26.311352] which belongs to the cache kmalloc-64 of size 64 [ 26.311905] The buggy address is located 0 bytes to the right of [ 26.311905] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.312455] [ 26.312577] The buggy address belongs to the physical page: [ 26.312838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.313216] flags: 0x200000000000000(node=0|zone=2) [ 26.313431] page_type: f5(slab) [ 26.313614] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.313933] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.314277] page dumped because: kasan: bad access detected [ 26.314585] [ 26.314684] Memory state around the buggy address: [ 26.314910] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.315128] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.315351] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.315589] ^ [ 26.315747] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.316107] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.316443] ================================================================== [ 25.661520] ================================================================== [ 25.662431] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 25.662719] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.663560] [ 25.663690] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.663739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.663754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.663776] Call Trace: [ 25.663792] <TASK> [ 25.663808] dump_stack_lvl+0x73/0xb0 [ 25.663839] print_report+0xd1/0x650 [ 25.663863] ? __virt_addr_valid+0x1db/0x2d0 [ 25.663886] ? kasan_atomics_helper+0x565/0x5450 [ 25.663908] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.663936] ? kasan_atomics_helper+0x565/0x5450 [ 25.663958] kasan_report+0x141/0x180 [ 25.663981] ? kasan_atomics_helper+0x565/0x5450 [ 25.664026] kasan_check_range+0x10c/0x1c0 [ 25.664400] __kasan_check_write+0x18/0x20 [ 25.664431] kasan_atomics_helper+0x565/0x5450 [ 25.664455] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.664479] ? kasan_save_alloc_info+0x3b/0x50 [ 25.664509] kasan_atomics+0x1dc/0x310 [ 25.664533] ? __pfx_kasan_atomics+0x10/0x10 [ 25.664558] ? __pfx_read_tsc+0x10/0x10 [ 25.664580] ? ktime_get_ts64+0x86/0x230 [ 25.664605] kunit_try_run_case+0x1a5/0x480 [ 25.664632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.664658] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.664691] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.664715] ? __kthread_parkme+0x82/0x180 [ 25.664737] ? preempt_count_sub+0x50/0x80 [ 25.664761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.664788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.664813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.664839] kthread+0x337/0x6f0 [ 25.664861] ? trace_preempt_on+0x20/0xc0 [ 25.664884] ? __pfx_kthread+0x10/0x10 [ 25.664906] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.664932] ? calculate_sigpending+0x7b/0xa0 [ 25.664956] ? __pfx_kthread+0x10/0x10 [ 25.664979] ret_from_fork+0x116/0x1d0 [ 25.664999] ? __pfx_kthread+0x10/0x10 [ 25.665021] ret_from_fork_asm+0x1a/0x30 [ 25.665053] </TASK> [ 25.665065] [ 25.675127] Allocated by task 313: [ 25.675326] kasan_save_stack+0x45/0x70 [ 25.675481] kasan_save_track+0x18/0x40 [ 25.675985] kasan_save_alloc_info+0x3b/0x50 [ 25.676166] __kasan_kmalloc+0xb7/0xc0 [ 25.676469] __kmalloc_cache_noprof+0x189/0x420 [ 25.676886] kasan_atomics+0x95/0x310 [ 25.677064] kunit_try_run_case+0x1a5/0x480 [ 25.677263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.677681] kthread+0x337/0x6f0 [ 25.677867] ret_from_fork+0x116/0x1d0 [ 25.678041] ret_from_fork_asm+0x1a/0x30 [ 25.678214] [ 25.678319] The buggy address belongs to the object at ffff88810490f900 [ 25.678319] which belongs to the cache kmalloc-64 of size 64 [ 25.679193] The buggy address is located 0 bytes to the right of [ 25.679193] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.680023] [ 25.680135] The buggy address belongs to the physical page: [ 25.680505] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.680991] flags: 0x200000000000000(node=0|zone=2) [ 25.681348] page_type: f5(slab) [ 25.681496] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.682047] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.682389] page dumped because: kasan: bad access detected [ 25.682873] [ 25.682963] Memory state around the buggy address: [ 25.683339] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.683676] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.684266] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.684724] ^ [ 25.684900] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.685220] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.685536] ================================================================== [ 26.181800] ================================================================== [ 26.182166] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 26.182517] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.183091] [ 26.183227] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.183286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.183300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.183331] Call Trace: [ 26.183348] <TASK> [ 26.183364] dump_stack_lvl+0x73/0xb0 [ 26.183394] print_report+0xd1/0x650 [ 26.183417] ? __virt_addr_valid+0x1db/0x2d0 [ 26.183441] ? kasan_atomics_helper+0x12e6/0x5450 [ 26.183464] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.183492] ? kasan_atomics_helper+0x12e6/0x5450 [ 26.183515] kasan_report+0x141/0x180 [ 26.183540] ? kasan_atomics_helper+0x12e6/0x5450 [ 26.183567] kasan_check_range+0x10c/0x1c0 [ 26.183591] __kasan_check_write+0x18/0x20 [ 26.183616] kasan_atomics_helper+0x12e6/0x5450 [ 26.183640] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.183664] ? kasan_save_alloc_info+0x3b/0x50 [ 26.183727] kasan_atomics+0x1dc/0x310 [ 26.183751] ? __pfx_kasan_atomics+0x10/0x10 [ 26.183787] ? __pfx_read_tsc+0x10/0x10 [ 26.183810] ? ktime_get_ts64+0x86/0x230 [ 26.183863] kunit_try_run_case+0x1a5/0x480 [ 26.183891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.183926] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.183950] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.183974] ? __kthread_parkme+0x82/0x180 [ 26.183996] ? preempt_count_sub+0x50/0x80 [ 26.184021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.184047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.184100] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.184126] kthread+0x337/0x6f0 [ 26.184148] ? trace_preempt_on+0x20/0xc0 [ 26.184182] ? __pfx_kthread+0x10/0x10 [ 26.184204] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.184229] ? calculate_sigpending+0x7b/0xa0 [ 26.184254] ? __pfx_kthread+0x10/0x10 [ 26.184277] ret_from_fork+0x116/0x1d0 [ 26.184333] ? __pfx_kthread+0x10/0x10 [ 26.184356] ret_from_fork_asm+0x1a/0x30 [ 26.184398] </TASK> [ 26.184412] [ 26.192223] Allocated by task 313: [ 26.192382] kasan_save_stack+0x45/0x70 [ 26.192670] kasan_save_track+0x18/0x40 [ 26.192810] kasan_save_alloc_info+0x3b/0x50 [ 26.192954] __kasan_kmalloc+0xb7/0xc0 [ 26.193138] __kmalloc_cache_noprof+0x189/0x420 [ 26.193412] kasan_atomics+0x95/0x310 [ 26.193675] kunit_try_run_case+0x1a5/0x480 [ 26.193908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.194165] kthread+0x337/0x6f0 [ 26.194287] ret_from_fork+0x116/0x1d0 [ 26.194454] ret_from_fork_asm+0x1a/0x30 [ 26.194684] [ 26.194776] The buggy address belongs to the object at ffff88810490f900 [ 26.194776] which belongs to the cache kmalloc-64 of size 64 [ 26.195284] The buggy address is located 0 bytes to the right of [ 26.195284] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.195774] [ 26.195853] The buggy address belongs to the physical page: [ 26.196146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.196466] flags: 0x200000000000000(node=0|zone=2) [ 26.196704] page_type: f5(slab) [ 26.196878] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.197108] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.197380] page dumped because: kasan: bad access detected [ 26.197671] [ 26.197772] Memory state around the buggy address: [ 26.197996] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.198388] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.198678] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.198962] ^ [ 26.199149] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.199441] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.199731] ================================================================== [ 25.884845] ================================================================== [ 25.885162] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 25.885484] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.886203] [ 25.886548] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.886699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.886719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.886743] Call Trace: [ 25.886759] <TASK> [ 25.886776] dump_stack_lvl+0x73/0xb0 [ 25.886807] print_report+0xd1/0x650 [ 25.886868] ? __virt_addr_valid+0x1db/0x2d0 [ 25.886895] ? kasan_atomics_helper+0xb6a/0x5450 [ 25.886917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.886945] ? kasan_atomics_helper+0xb6a/0x5450 [ 25.886968] kasan_report+0x141/0x180 [ 25.886992] ? kasan_atomics_helper+0xb6a/0x5450 [ 25.887018] kasan_check_range+0x10c/0x1c0 [ 25.887043] __kasan_check_write+0x18/0x20 [ 25.887068] kasan_atomics_helper+0xb6a/0x5450 [ 25.887093] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.887118] ? kasan_save_alloc_info+0x3b/0x50 [ 25.887148] kasan_atomics+0x1dc/0x310 [ 25.887172] ? __pfx_kasan_atomics+0x10/0x10 [ 25.887197] ? __pfx_read_tsc+0x10/0x10 [ 25.887221] ? ktime_get_ts64+0x86/0x230 [ 25.887248] kunit_try_run_case+0x1a5/0x480 [ 25.887274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.887299] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.887334] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.887358] ? __kthread_parkme+0x82/0x180 [ 25.887380] ? preempt_count_sub+0x50/0x80 [ 25.887406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.887431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.887456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.887481] kthread+0x337/0x6f0 [ 25.887511] ? trace_preempt_on+0x20/0xc0 [ 25.887536] ? __pfx_kthread+0x10/0x10 [ 25.887558] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.887583] ? calculate_sigpending+0x7b/0xa0 [ 25.887608] ? __pfx_kthread+0x10/0x10 [ 25.887631] ret_from_fork+0x116/0x1d0 [ 25.887652] ? __pfx_kthread+0x10/0x10 [ 25.887683] ret_from_fork_asm+0x1a/0x30 [ 25.887715] </TASK> [ 25.887729] [ 25.896223] Allocated by task 313: [ 25.896443] kasan_save_stack+0x45/0x70 [ 25.896664] kasan_save_track+0x18/0x40 [ 25.896930] kasan_save_alloc_info+0x3b/0x50 [ 25.897132] __kasan_kmalloc+0xb7/0xc0 [ 25.897259] __kmalloc_cache_noprof+0x189/0x420 [ 25.897421] kasan_atomics+0x95/0x310 [ 25.897551] kunit_try_run_case+0x1a5/0x480 [ 25.897756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.898001] kthread+0x337/0x6f0 [ 25.898351] ret_from_fork+0x116/0x1d0 [ 25.898544] ret_from_fork_asm+0x1a/0x30 [ 25.898764] [ 25.898833] The buggy address belongs to the object at ffff88810490f900 [ 25.898833] which belongs to the cache kmalloc-64 of size 64 [ 25.899172] The buggy address is located 0 bytes to the right of [ 25.899172] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.900203] [ 25.900301] The buggy address belongs to the physical page: [ 25.900529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.900765] flags: 0x200000000000000(node=0|zone=2) [ 25.900923] page_type: f5(slab) [ 25.901087] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.901426] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.901753] page dumped because: kasan: bad access detected [ 25.902201] [ 25.902273] Memory state around the buggy address: [ 25.902435] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.902648] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.902963] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.903279] ^ [ 25.903508] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.904033] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.904263] ================================================================== [ 26.265578] ================================================================== [ 26.265857] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 26.266181] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.266538] [ 26.266646] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.266694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.266709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.266733] Call Trace: [ 26.266751] <TASK> [ 26.266769] dump_stack_lvl+0x73/0xb0 [ 26.266799] print_report+0xd1/0x650 [ 26.266832] ? __virt_addr_valid+0x1db/0x2d0 [ 26.266857] ? kasan_atomics_helper+0x1467/0x5450 [ 26.266879] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.266906] ? kasan_atomics_helper+0x1467/0x5450 [ 26.266929] kasan_report+0x141/0x180 [ 26.266952] ? kasan_atomics_helper+0x1467/0x5450 [ 26.266979] kasan_check_range+0x10c/0x1c0 [ 26.267004] __kasan_check_write+0x18/0x20 [ 26.267029] kasan_atomics_helper+0x1467/0x5450 [ 26.267052] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.267076] ? kasan_save_alloc_info+0x3b/0x50 [ 26.267106] kasan_atomics+0x1dc/0x310 [ 26.267129] ? __pfx_kasan_atomics+0x10/0x10 [ 26.267154] ? __pfx_read_tsc+0x10/0x10 [ 26.267178] ? ktime_get_ts64+0x86/0x230 [ 26.267203] kunit_try_run_case+0x1a5/0x480 [ 26.267231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.267257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.267281] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.267316] ? __kthread_parkme+0x82/0x180 [ 26.267350] ? preempt_count_sub+0x50/0x80 [ 26.267374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.267413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.267440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.267465] kthread+0x337/0x6f0 [ 26.267506] ? trace_preempt_on+0x20/0xc0 [ 26.267540] ? __pfx_kthread+0x10/0x10 [ 26.267562] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.267588] ? calculate_sigpending+0x7b/0xa0 [ 26.267623] ? __pfx_kthread+0x10/0x10 [ 26.267647] ret_from_fork+0x116/0x1d0 [ 26.267667] ? __pfx_kthread+0x10/0x10 [ 26.267698] ret_from_fork_asm+0x1a/0x30 [ 26.267731] </TASK> [ 26.267744] [ 26.275228] Allocated by task 313: [ 26.275394] kasan_save_stack+0x45/0x70 [ 26.275624] kasan_save_track+0x18/0x40 [ 26.275795] kasan_save_alloc_info+0x3b/0x50 [ 26.275940] __kasan_kmalloc+0xb7/0xc0 [ 26.276069] __kmalloc_cache_noprof+0x189/0x420 [ 26.276220] kasan_atomics+0x95/0x310 [ 26.276357] kunit_try_run_case+0x1a5/0x480 [ 26.276520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.276694] kthread+0x337/0x6f0 [ 26.276818] ret_from_fork+0x116/0x1d0 [ 26.277001] ret_from_fork_asm+0x1a/0x30 [ 26.277193] [ 26.277314] The buggy address belongs to the object at ffff88810490f900 [ 26.277314] which belongs to the cache kmalloc-64 of size 64 [ 26.277868] The buggy address is located 0 bytes to the right of [ 26.277868] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.278417] [ 26.278534] The buggy address belongs to the physical page: [ 26.278781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.279130] flags: 0x200000000000000(node=0|zone=2) [ 26.279367] page_type: f5(slab) [ 26.279506] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.279738] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.280019] page dumped because: kasan: bad access detected [ 26.280266] [ 26.280381] Memory state around the buggy address: [ 26.280630] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.280971] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.281280] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.281600] ^ [ 26.281792] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.282084] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.282399] ================================================================== [ 26.587891] ================================================================== [ 26.588184] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 26.588526] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.588848] [ 26.588938] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.588990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.589005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.589029] Call Trace: [ 26.589061] <TASK> [ 26.589082] dump_stack_lvl+0x73/0xb0 [ 26.589124] print_report+0xd1/0x650 [ 26.589147] ? __virt_addr_valid+0x1db/0x2d0 [ 26.589172] ? kasan_atomics_helper+0x1e12/0x5450 [ 26.589193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.589220] ? kasan_atomics_helper+0x1e12/0x5450 [ 26.589243] kasan_report+0x141/0x180 [ 26.589266] ? kasan_atomics_helper+0x1e12/0x5450 [ 26.589292] kasan_check_range+0x10c/0x1c0 [ 26.589325] __kasan_check_write+0x18/0x20 [ 26.589359] kasan_atomics_helper+0x1e12/0x5450 [ 26.589381] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.589405] ? kasan_save_alloc_info+0x3b/0x50 [ 26.589445] kasan_atomics+0x1dc/0x310 [ 26.589468] ? __pfx_kasan_atomics+0x10/0x10 [ 26.589503] ? __pfx_read_tsc+0x10/0x10 [ 26.589526] ? ktime_get_ts64+0x86/0x230 [ 26.589552] kunit_try_run_case+0x1a5/0x480 [ 26.589587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.589611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.589635] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.589657] ? __kthread_parkme+0x82/0x180 [ 26.589679] ? preempt_count_sub+0x50/0x80 [ 26.589703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.589730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.589759] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.589784] kthread+0x337/0x6f0 [ 26.589806] ? trace_preempt_on+0x20/0xc0 [ 26.589840] ? __pfx_kthread+0x10/0x10 [ 26.589861] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.589889] ? calculate_sigpending+0x7b/0xa0 [ 26.589925] ? __pfx_kthread+0x10/0x10 [ 26.589949] ret_from_fork+0x116/0x1d0 [ 26.589979] ? __pfx_kthread+0x10/0x10 [ 26.590001] ret_from_fork_asm+0x1a/0x30 [ 26.590044] </TASK> [ 26.590057] [ 26.598038] Allocated by task 313: [ 26.598225] kasan_save_stack+0x45/0x70 [ 26.598459] kasan_save_track+0x18/0x40 [ 26.598640] kasan_save_alloc_info+0x3b/0x50 [ 26.598829] __kasan_kmalloc+0xb7/0xc0 [ 26.598957] __kmalloc_cache_noprof+0x189/0x420 [ 26.599107] kasan_atomics+0x95/0x310 [ 26.599276] kunit_try_run_case+0x1a5/0x480 [ 26.599486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.599749] kthread+0x337/0x6f0 [ 26.599925] ret_from_fork+0x116/0x1d0 [ 26.600164] ret_from_fork_asm+0x1a/0x30 [ 26.600300] [ 26.600377] The buggy address belongs to the object at ffff88810490f900 [ 26.600377] which belongs to the cache kmalloc-64 of size 64 [ 26.600958] The buggy address is located 0 bytes to the right of [ 26.600958] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.601637] [ 26.601760] The buggy address belongs to the physical page: [ 26.602004] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.602336] flags: 0x200000000000000(node=0|zone=2) [ 26.602497] page_type: f5(slab) [ 26.602652] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.602904] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.603231] page dumped because: kasan: bad access detected [ 26.603414] [ 26.603480] Memory state around the buggy address: [ 26.603640] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.604247] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.605352] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.605637] ^ [ 26.605804] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.606019] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.606228] ================================================================== [ 25.643171] ================================================================== [ 25.643470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 25.643808] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.644321] [ 25.644429] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.644480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.644495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.644517] Call Trace: [ 25.644533] <TASK> [ 25.644551] dump_stack_lvl+0x73/0xb0 [ 25.644579] print_report+0xd1/0x650 [ 25.644604] ? __virt_addr_valid+0x1db/0x2d0 [ 25.644629] ? kasan_atomics_helper+0x4b3a/0x5450 [ 25.644652] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.644679] ? kasan_atomics_helper+0x4b3a/0x5450 [ 25.644703] kasan_report+0x141/0x180 [ 25.644727] ? kasan_atomics_helper+0x4b3a/0x5450 [ 25.644754] __asan_report_store4_noabort+0x1b/0x30 [ 25.644779] kasan_atomics_helper+0x4b3a/0x5450 [ 25.644803] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.644827] ? kasan_save_alloc_info+0x3b/0x50 [ 25.644856] kasan_atomics+0x1dc/0x310 [ 25.644881] ? __pfx_kasan_atomics+0x10/0x10 [ 25.644906] ? __pfx_read_tsc+0x10/0x10 [ 25.644928] ? ktime_get_ts64+0x86/0x230 [ 25.644953] kunit_try_run_case+0x1a5/0x480 [ 25.644980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.645004] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.645027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.645051] ? __kthread_parkme+0x82/0x180 [ 25.645072] ? preempt_count_sub+0x50/0x80 [ 25.645154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.645183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.645209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.645234] kthread+0x337/0x6f0 [ 25.645255] ? trace_preempt_on+0x20/0xc0 [ 25.645278] ? __pfx_kthread+0x10/0x10 [ 25.645299] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.645337] ? calculate_sigpending+0x7b/0xa0 [ 25.645362] ? __pfx_kthread+0x10/0x10 [ 25.645385] ret_from_fork+0x116/0x1d0 [ 25.645404] ? __pfx_kthread+0x10/0x10 [ 25.645426] ret_from_fork_asm+0x1a/0x30 [ 25.645458] </TASK> [ 25.645471] [ 25.652965] Allocated by task 313: [ 25.653130] kasan_save_stack+0x45/0x70 [ 25.653270] kasan_save_track+0x18/0x40 [ 25.653464] kasan_save_alloc_info+0x3b/0x50 [ 25.653728] __kasan_kmalloc+0xb7/0xc0 [ 25.653927] __kmalloc_cache_noprof+0x189/0x420 [ 25.654112] kasan_atomics+0x95/0x310 [ 25.654298] kunit_try_run_case+0x1a5/0x480 [ 25.654455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.654879] kthread+0x337/0x6f0 [ 25.655001] ret_from_fork+0x116/0x1d0 [ 25.655128] ret_from_fork_asm+0x1a/0x30 [ 25.655294] [ 25.655393] The buggy address belongs to the object at ffff88810490f900 [ 25.655393] which belongs to the cache kmalloc-64 of size 64 [ 25.656008] The buggy address is located 0 bytes to the right of [ 25.656008] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.656445] [ 25.656594] The buggy address belongs to the physical page: [ 25.657054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.657368] flags: 0x200000000000000(node=0|zone=2) [ 25.657525] page_type: f5(slab) [ 25.657640] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.657867] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.658137] page dumped because: kasan: bad access detected [ 25.658554] [ 25.658837] Memory state around the buggy address: [ 25.659064] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.659489] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.659703] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.659910] ^ [ 25.660059] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.660503] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.661044] ================================================================== [ 26.514429] ================================================================== [ 26.514967] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 26.515360] Read of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.515688] [ 26.515768] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.515815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.515829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.515851] Call Trace: [ 26.515867] <TASK> [ 26.515884] dump_stack_lvl+0x73/0xb0 [ 26.515909] print_report+0xd1/0x650 [ 26.515932] ? __virt_addr_valid+0x1db/0x2d0 [ 26.515954] ? kasan_atomics_helper+0x4f30/0x5450 [ 26.515977] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.516003] ? kasan_atomics_helper+0x4f30/0x5450 [ 26.516027] kasan_report+0x141/0x180 [ 26.516049] ? kasan_atomics_helper+0x4f30/0x5450 [ 26.516076] __asan_report_load8_noabort+0x18/0x20 [ 26.516100] kasan_atomics_helper+0x4f30/0x5450 [ 26.516123] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.516147] ? kasan_save_alloc_info+0x3b/0x50 [ 26.516175] kasan_atomics+0x1dc/0x310 [ 26.516199] ? __pfx_kasan_atomics+0x10/0x10 [ 26.516224] ? __pfx_read_tsc+0x10/0x10 [ 26.516246] ? ktime_get_ts64+0x86/0x230 [ 26.516270] kunit_try_run_case+0x1a5/0x480 [ 26.516296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.516332] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.516355] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.516378] ? __kthread_parkme+0x82/0x180 [ 26.516400] ? preempt_count_sub+0x50/0x80 [ 26.516424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.516450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.516475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.516501] kthread+0x337/0x6f0 [ 26.516521] ? trace_preempt_on+0x20/0xc0 [ 26.516545] ? __pfx_kthread+0x10/0x10 [ 26.516566] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.516591] ? calculate_sigpending+0x7b/0xa0 [ 26.516630] ? __pfx_kthread+0x10/0x10 [ 26.516653] ret_from_fork+0x116/0x1d0 [ 26.516673] ? __pfx_kthread+0x10/0x10 [ 26.516695] ret_from_fork_asm+0x1a/0x30 [ 26.516726] </TASK> [ 26.516738] [ 26.523483] Allocated by task 313: [ 26.523658] kasan_save_stack+0x45/0x70 [ 26.523858] kasan_save_track+0x18/0x40 [ 26.524050] kasan_save_alloc_info+0x3b/0x50 [ 26.524264] __kasan_kmalloc+0xb7/0xc0 [ 26.524468] __kmalloc_cache_noprof+0x189/0x420 [ 26.524662] kasan_atomics+0x95/0x310 [ 26.524789] kunit_try_run_case+0x1a5/0x480 [ 26.524943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.525195] kthread+0x337/0x6f0 [ 26.525367] ret_from_fork+0x116/0x1d0 [ 26.525551] ret_from_fork_asm+0x1a/0x30 [ 26.525734] [ 26.525804] The buggy address belongs to the object at ffff88810490f900 [ 26.525804] which belongs to the cache kmalloc-64 of size 64 [ 26.526146] The buggy address is located 0 bytes to the right of [ 26.526146] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.526940] [ 26.527041] The buggy address belongs to the physical page: [ 26.527290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.527647] flags: 0x200000000000000(node=0|zone=2) [ 26.527851] page_type: f5(slab) [ 26.527969] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.528195] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.528427] page dumped because: kasan: bad access detected [ 26.528594] [ 26.528659] Memory state around the buggy address: [ 26.528808] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.529019] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.529229] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.529568] ^ [ 26.529796] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.530114] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.530434] ================================================================== [ 26.789813] ================================================================== [ 26.790115] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 26.790365] Read of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.790689] [ 26.791089] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.791155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.791169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.791196] Call Trace: [ 26.791217] <TASK> [ 26.791239] dump_stack_lvl+0x73/0xb0 [ 26.791270] print_report+0xd1/0x650 [ 26.791294] ? __virt_addr_valid+0x1db/0x2d0 [ 26.791332] ? kasan_atomics_helper+0x4fa5/0x5450 [ 26.791355] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.791382] ? kasan_atomics_helper+0x4fa5/0x5450 [ 26.791405] kasan_report+0x141/0x180 [ 26.791428] ? kasan_atomics_helper+0x4fa5/0x5450 [ 26.791455] __asan_report_load8_noabort+0x18/0x20 [ 26.791480] kasan_atomics_helper+0x4fa5/0x5450 [ 26.791503] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.791527] ? kasan_save_alloc_info+0x3b/0x50 [ 26.791555] kasan_atomics+0x1dc/0x310 [ 26.791578] ? __pfx_kasan_atomics+0x10/0x10 [ 26.791603] ? __pfx_read_tsc+0x10/0x10 [ 26.791627] ? ktime_get_ts64+0x86/0x230 [ 26.791652] kunit_try_run_case+0x1a5/0x480 [ 26.791679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.791704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.791736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.791758] ? __kthread_parkme+0x82/0x180 [ 26.791780] ? preempt_count_sub+0x50/0x80 [ 26.791804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.791830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.791856] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.791920] kthread+0x337/0x6f0 [ 26.791965] ? trace_preempt_on+0x20/0xc0 [ 26.792034] ? __pfx_kthread+0x10/0x10 [ 26.792101] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.792171] ? calculate_sigpending+0x7b/0xa0 [ 26.792219] ? __pfx_kthread+0x10/0x10 [ 26.792242] ret_from_fork+0x116/0x1d0 [ 26.792261] ? __pfx_kthread+0x10/0x10 [ 26.792283] ret_from_fork_asm+0x1a/0x30 [ 26.792326] </TASK> [ 26.792339] [ 26.799563] Allocated by task 313: [ 26.799688] kasan_save_stack+0x45/0x70 [ 26.799825] kasan_save_track+0x18/0x40 [ 26.799951] kasan_save_alloc_info+0x3b/0x50 [ 26.800222] __kasan_kmalloc+0xb7/0xc0 [ 26.800488] __kmalloc_cache_noprof+0x189/0x420 [ 26.800788] kasan_atomics+0x95/0x310 [ 26.801038] kunit_try_run_case+0x1a5/0x480 [ 26.801303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.801794] kthread+0x337/0x6f0 [ 26.801970] ret_from_fork+0x116/0x1d0 [ 26.802170] ret_from_fork_asm+0x1a/0x30 [ 26.802348] [ 26.802415] The buggy address belongs to the object at ffff88810490f900 [ 26.802415] which belongs to the cache kmalloc-64 of size 64 [ 26.803099] The buggy address is located 0 bytes to the right of [ 26.803099] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.803637] [ 26.803709] The buggy address belongs to the physical page: [ 26.803872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.804217] flags: 0x200000000000000(node=0|zone=2) [ 26.804540] page_type: f5(slab) [ 26.804740] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.805075] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.805367] page dumped because: kasan: bad access detected [ 26.805779] [ 26.805898] Memory state around the buggy address: [ 26.806115] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.806439] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.806794] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.807038] ^ [ 26.807182] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.807444] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.808155] ================================================================== [ 25.564453] ================================================================== [ 25.564749] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 25.565190] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.565642] [ 25.565882] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.565953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.565968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.565991] Call Trace: [ 25.566008] <TASK> [ 25.566026] dump_stack_lvl+0x73/0xb0 [ 25.566054] print_report+0xd1/0x650 [ 25.566078] ? __virt_addr_valid+0x1db/0x2d0 [ 25.566122] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.566143] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.566170] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.566193] kasan_report+0x141/0x180 [ 25.566215] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.566242] __asan_report_store4_noabort+0x1b/0x30 [ 25.566267] kasan_atomics_helper+0x4b6e/0x5450 [ 25.566291] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.566326] ? kasan_save_alloc_info+0x3b/0x50 [ 25.566355] kasan_atomics+0x1dc/0x310 [ 25.566377] ? __pfx_kasan_atomics+0x10/0x10 [ 25.566421] ? __pfx_read_tsc+0x10/0x10 [ 25.566444] ? ktime_get_ts64+0x86/0x230 [ 25.566468] kunit_try_run_case+0x1a5/0x480 [ 25.566494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.566520] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.566545] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.566577] ? __kthread_parkme+0x82/0x180 [ 25.566617] ? preempt_count_sub+0x50/0x80 [ 25.566640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.566667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.566707] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.566734] kthread+0x337/0x6f0 [ 25.566756] ? trace_preempt_on+0x20/0xc0 [ 25.566779] ? __pfx_kthread+0x10/0x10 [ 25.566801] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.566827] ? calculate_sigpending+0x7b/0xa0 [ 25.566851] ? __pfx_kthread+0x10/0x10 [ 25.566874] ret_from_fork+0x116/0x1d0 [ 25.566895] ? __pfx_kthread+0x10/0x10 [ 25.566917] ret_from_fork_asm+0x1a/0x30 [ 25.566948] </TASK> [ 25.566960] [ 25.574596] Allocated by task 313: [ 25.574884] kasan_save_stack+0x45/0x70 [ 25.575030] kasan_save_track+0x18/0x40 [ 25.575161] kasan_save_alloc_info+0x3b/0x50 [ 25.575382] __kasan_kmalloc+0xb7/0xc0 [ 25.575815] __kmalloc_cache_noprof+0x189/0x420 [ 25.576004] kasan_atomics+0x95/0x310 [ 25.576134] kunit_try_run_case+0x1a5/0x480 [ 25.576277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.576530] kthread+0x337/0x6f0 [ 25.576970] ret_from_fork+0x116/0x1d0 [ 25.577173] ret_from_fork_asm+0x1a/0x30 [ 25.577380] [ 25.577471] The buggy address belongs to the object at ffff88810490f900 [ 25.577471] which belongs to the cache kmalloc-64 of size 64 [ 25.577982] The buggy address is located 0 bytes to the right of [ 25.577982] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.578518] [ 25.578612] The buggy address belongs to the physical page: [ 25.578831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.579068] flags: 0x200000000000000(node=0|zone=2) [ 25.579490] page_type: f5(slab) [ 25.579665] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.580063] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.580301] page dumped because: kasan: bad access detected [ 25.580553] [ 25.580661] Memory state around the buggy address: [ 25.581018] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.581509] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.582030] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.582338] ^ [ 25.582533] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.582913] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.583178] ================================================================== [ 25.623800] ================================================================== [ 25.624091] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 25.624408] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.624828] [ 25.624910] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.624958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.624972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.624995] Call Trace: [ 25.625012] <TASK> [ 25.625028] dump_stack_lvl+0x73/0xb0 [ 25.625055] print_report+0xd1/0x650 [ 25.625077] ? __virt_addr_valid+0x1db/0x2d0 [ 25.625101] ? kasan_atomics_helper+0x4a0/0x5450 [ 25.625123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.625149] ? kasan_atomics_helper+0x4a0/0x5450 [ 25.625173] kasan_report+0x141/0x180 [ 25.625196] ? kasan_atomics_helper+0x4a0/0x5450 [ 25.625222] kasan_check_range+0x10c/0x1c0 [ 25.625246] __kasan_check_write+0x18/0x20 [ 25.625271] kasan_atomics_helper+0x4a0/0x5450 [ 25.625295] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.625331] ? kasan_save_alloc_info+0x3b/0x50 [ 25.625360] kasan_atomics+0x1dc/0x310 [ 25.625383] ? __pfx_kasan_atomics+0x10/0x10 [ 25.625408] ? __pfx_read_tsc+0x10/0x10 [ 25.625430] ? ktime_get_ts64+0x86/0x230 [ 25.625454] kunit_try_run_case+0x1a5/0x480 [ 25.625481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.625507] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.625529] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.625552] ? __kthread_parkme+0x82/0x180 [ 25.625573] ? preempt_count_sub+0x50/0x80 [ 25.625597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.625623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.625647] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.625673] kthread+0x337/0x6f0 [ 25.625694] ? trace_preempt_on+0x20/0xc0 [ 25.625716] ? __pfx_kthread+0x10/0x10 [ 25.625742] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.625767] ? calculate_sigpending+0x7b/0xa0 [ 25.625791] ? __pfx_kthread+0x10/0x10 [ 25.625814] ret_from_fork+0x116/0x1d0 [ 25.625833] ? __pfx_kthread+0x10/0x10 [ 25.625855] ret_from_fork_asm+0x1a/0x30 [ 25.625887] </TASK> [ 25.625899] [ 25.634458] Allocated by task 313: [ 25.634637] kasan_save_stack+0x45/0x70 [ 25.634819] kasan_save_track+0x18/0x40 [ 25.634997] kasan_save_alloc_info+0x3b/0x50 [ 25.635184] __kasan_kmalloc+0xb7/0xc0 [ 25.635352] __kmalloc_cache_noprof+0x189/0x420 [ 25.635519] kasan_atomics+0x95/0x310 [ 25.635647] kunit_try_run_case+0x1a5/0x480 [ 25.635790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.635959] kthread+0x337/0x6f0 [ 25.636074] ret_from_fork+0x116/0x1d0 [ 25.636200] ret_from_fork_asm+0x1a/0x30 [ 25.636715] [ 25.636820] The buggy address belongs to the object at ffff88810490f900 [ 25.636820] which belongs to the cache kmalloc-64 of size 64 [ 25.637346] The buggy address is located 0 bytes to the right of [ 25.637346] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.638062] [ 25.638135] The buggy address belongs to the physical page: [ 25.638319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.638564] flags: 0x200000000000000(node=0|zone=2) [ 25.639016] page_type: f5(slab) [ 25.639190] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.639544] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.640124] page dumped because: kasan: bad access detected [ 25.640366] [ 25.640464] Memory state around the buggy address: [ 25.640657] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.640965] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.641213] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.641431] ^ [ 25.641613] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.641924] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.642237] ================================================================== [ 26.631089] ================================================================== [ 26.631457] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 26.632072] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.632449] [ 26.632890] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.632948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.632963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.632988] Call Trace: [ 26.633010] <TASK> [ 26.633032] dump_stack_lvl+0x73/0xb0 [ 26.633064] print_report+0xd1/0x650 [ 26.633087] ? __virt_addr_valid+0x1db/0x2d0 [ 26.633113] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.633135] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.633162] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.633185] kasan_report+0x141/0x180 [ 26.633207] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.633459] kasan_check_range+0x10c/0x1c0 [ 26.633504] __kasan_check_write+0x18/0x20 [ 26.633531] kasan_atomics_helper+0x1f43/0x5450 [ 26.633557] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.633582] ? kasan_save_alloc_info+0x3b/0x50 [ 26.633611] kasan_atomics+0x1dc/0x310 [ 26.633635] ? __pfx_kasan_atomics+0x10/0x10 [ 26.633659] ? __pfx_read_tsc+0x10/0x10 [ 26.633683] ? ktime_get_ts64+0x86/0x230 [ 26.633710] kunit_try_run_case+0x1a5/0x480 [ 26.633736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.633766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.633790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.633813] ? __kthread_parkme+0x82/0x180 [ 26.633836] ? preempt_count_sub+0x50/0x80 [ 26.633860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.633886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.633913] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.633938] kthread+0x337/0x6f0 [ 26.633960] ? trace_preempt_on+0x20/0xc0 [ 26.633984] ? __pfx_kthread+0x10/0x10 [ 26.634006] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.634031] ? calculate_sigpending+0x7b/0xa0 [ 26.634057] ? __pfx_kthread+0x10/0x10 [ 26.634079] ret_from_fork+0x116/0x1d0 [ 26.634099] ? __pfx_kthread+0x10/0x10 [ 26.634121] ret_from_fork_asm+0x1a/0x30 [ 26.634155] </TASK> [ 26.634170] [ 26.644375] Allocated by task 313: [ 26.644531] kasan_save_stack+0x45/0x70 [ 26.644744] kasan_save_track+0x18/0x40 [ 26.644914] kasan_save_alloc_info+0x3b/0x50 [ 26.645124] __kasan_kmalloc+0xb7/0xc0 [ 26.645287] __kmalloc_cache_noprof+0x189/0x420 [ 26.645801] kasan_atomics+0x95/0x310 [ 26.645996] kunit_try_run_case+0x1a5/0x480 [ 26.646148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.646556] kthread+0x337/0x6f0 [ 26.646798] ret_from_fork+0x116/0x1d0 [ 26.646946] ret_from_fork_asm+0x1a/0x30 [ 26.647230] [ 26.647457] The buggy address belongs to the object at ffff88810490f900 [ 26.647457] which belongs to the cache kmalloc-64 of size 64 [ 26.647953] The buggy address is located 0 bytes to the right of [ 26.647953] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.648514] [ 26.648817] The buggy address belongs to the physical page: [ 26.649045] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.649431] flags: 0x200000000000000(node=0|zone=2) [ 26.649817] page_type: f5(slab) [ 26.649960] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.650463] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.650963] page dumped because: kasan: bad access detected [ 26.651172] [ 26.651407] Memory state around the buggy address: [ 26.651578] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.652004] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.652379] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.652745] ^ [ 26.652937] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.653230] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.653770] ================================================================== [ 26.751332] ================================================================== [ 26.751624] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 26.752164] Read of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.752418] [ 26.752506] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.752585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.752600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.752664] Call Trace: [ 26.752688] <TASK> [ 26.752734] dump_stack_lvl+0x73/0xb0 [ 26.752768] print_report+0xd1/0x650 [ 26.752792] ? __virt_addr_valid+0x1db/0x2d0 [ 26.752819] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.752842] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.752869] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.752892] kasan_report+0x141/0x180 [ 26.752915] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.752941] __asan_report_load8_noabort+0x18/0x20 [ 26.752997] kasan_atomics_helper+0x4fb2/0x5450 [ 26.753022] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.753046] ? kasan_save_alloc_info+0x3b/0x50 [ 26.753074] kasan_atomics+0x1dc/0x310 [ 26.753098] ? __pfx_kasan_atomics+0x10/0x10 [ 26.753153] ? __pfx_read_tsc+0x10/0x10 [ 26.753177] ? ktime_get_ts64+0x86/0x230 [ 26.753204] kunit_try_run_case+0x1a5/0x480 [ 26.753231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.753255] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.753280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.753315] ? __kthread_parkme+0x82/0x180 [ 26.753337] ? preempt_count_sub+0x50/0x80 [ 26.753362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.753417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.753466] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.753506] kthread+0x337/0x6f0 [ 26.753527] ? trace_preempt_on+0x20/0xc0 [ 26.753552] ? __pfx_kthread+0x10/0x10 [ 26.753573] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.753599] ? calculate_sigpending+0x7b/0xa0 [ 26.753624] ? __pfx_kthread+0x10/0x10 [ 26.753647] ret_from_fork+0x116/0x1d0 [ 26.753667] ? __pfx_kthread+0x10/0x10 [ 26.753689] ret_from_fork_asm+0x1a/0x30 [ 26.753722] </TASK> [ 26.753736] [ 26.761260] Allocated by task 313: [ 26.761483] kasan_save_stack+0x45/0x70 [ 26.761716] kasan_save_track+0x18/0x40 [ 26.761979] kasan_save_alloc_info+0x3b/0x50 [ 26.762216] __kasan_kmalloc+0xb7/0xc0 [ 26.762405] __kmalloc_cache_noprof+0x189/0x420 [ 26.762718] kasan_atomics+0x95/0x310 [ 26.762951] kunit_try_run_case+0x1a5/0x480 [ 26.763095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.763344] kthread+0x337/0x6f0 [ 26.763604] ret_from_fork+0x116/0x1d0 [ 26.763839] ret_from_fork_asm+0x1a/0x30 [ 26.764040] [ 26.764135] The buggy address belongs to the object at ffff88810490f900 [ 26.764135] which belongs to the cache kmalloc-64 of size 64 [ 26.764727] The buggy address is located 0 bytes to the right of [ 26.764727] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.765274] [ 26.765354] The buggy address belongs to the physical page: [ 26.765634] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.766028] flags: 0x200000000000000(node=0|zone=2) [ 26.766283] page_type: f5(slab) [ 26.766444] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.766790] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.767131] page dumped because: kasan: bad access detected [ 26.767384] [ 26.767471] Memory state around the buggy address: [ 26.767738] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.767945] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.768148] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.768397] ^ [ 26.768607] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.768910] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.769350] ================================================================== [ 26.144080] ================================================================== [ 26.144410] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 26.144951] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.145182] [ 26.145269] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.145334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.145350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.145374] Call Trace: [ 26.145390] <TASK> [ 26.145406] dump_stack_lvl+0x73/0xb0 [ 26.145436] print_report+0xd1/0x650 [ 26.145460] ? __virt_addr_valid+0x1db/0x2d0 [ 26.145484] ? kasan_atomics_helper+0x1217/0x5450 [ 26.145508] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.145544] ? kasan_atomics_helper+0x1217/0x5450 [ 26.145567] kasan_report+0x141/0x180 [ 26.145591] ? kasan_atomics_helper+0x1217/0x5450 [ 26.145654] kasan_check_range+0x10c/0x1c0 [ 26.145681] __kasan_check_write+0x18/0x20 [ 26.145706] kasan_atomics_helper+0x1217/0x5450 [ 26.145745] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.145769] ? kasan_save_alloc_info+0x3b/0x50 [ 26.145798] kasan_atomics+0x1dc/0x310 [ 26.145822] ? __pfx_kasan_atomics+0x10/0x10 [ 26.145847] ? __pfx_read_tsc+0x10/0x10 [ 26.145870] ? ktime_get_ts64+0x86/0x230 [ 26.145896] kunit_try_run_case+0x1a5/0x480 [ 26.145922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.145947] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.145971] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.145994] ? __kthread_parkme+0x82/0x180 [ 26.146016] ? preempt_count_sub+0x50/0x80 [ 26.146041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.146068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.146094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.146120] kthread+0x337/0x6f0 [ 26.146141] ? trace_preempt_on+0x20/0xc0 [ 26.146165] ? __pfx_kthread+0x10/0x10 [ 26.146187] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.146213] ? calculate_sigpending+0x7b/0xa0 [ 26.146238] ? __pfx_kthread+0x10/0x10 [ 26.146261] ret_from_fork+0x116/0x1d0 [ 26.146281] ? __pfx_kthread+0x10/0x10 [ 26.146304] ret_from_fork_asm+0x1a/0x30 [ 26.146377] </TASK> [ 26.146391] [ 26.154242] Allocated by task 313: [ 26.154389] kasan_save_stack+0x45/0x70 [ 26.154529] kasan_save_track+0x18/0x40 [ 26.154659] kasan_save_alloc_info+0x3b/0x50 [ 26.154802] __kasan_kmalloc+0xb7/0xc0 [ 26.155147] __kmalloc_cache_noprof+0x189/0x420 [ 26.155389] kasan_atomics+0x95/0x310 [ 26.155592] kunit_try_run_case+0x1a5/0x480 [ 26.155804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.156056] kthread+0x337/0x6f0 [ 26.156246] ret_from_fork+0x116/0x1d0 [ 26.156507] ret_from_fork_asm+0x1a/0x30 [ 26.156719] [ 26.156813] The buggy address belongs to the object at ffff88810490f900 [ 26.156813] which belongs to the cache kmalloc-64 of size 64 [ 26.157498] The buggy address is located 0 bytes to the right of [ 26.157498] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.158066] [ 26.158140] The buggy address belongs to the physical page: [ 26.158320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.158922] flags: 0x200000000000000(node=0|zone=2) [ 26.159225] page_type: f5(slab) [ 26.159460] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.159837] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.160063] page dumped because: kasan: bad access detected [ 26.160230] [ 26.160300] Memory state around the buggy address: [ 26.160477] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.160838] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.161160] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.161483] ^ [ 26.161717] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.162042] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.162467] ================================================================== [ 25.605084] ================================================================== [ 25.605413] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 25.606767] Read of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.607058] [ 25.607159] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.607208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.607223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.607245] Call Trace: [ 25.607262] <TASK> [ 25.607278] dump_stack_lvl+0x73/0xb0 [ 25.607320] print_report+0xd1/0x650 [ 25.607344] ? __virt_addr_valid+0x1db/0x2d0 [ 25.607368] ? kasan_atomics_helper+0x4b54/0x5450 [ 25.607390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.607417] ? kasan_atomics_helper+0x4b54/0x5450 [ 25.607439] kasan_report+0x141/0x180 [ 25.607462] ? kasan_atomics_helper+0x4b54/0x5450 [ 25.607489] __asan_report_load4_noabort+0x18/0x20 [ 25.607515] kasan_atomics_helper+0x4b54/0x5450 [ 25.607538] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.607562] ? kasan_save_alloc_info+0x3b/0x50 [ 25.607591] kasan_atomics+0x1dc/0x310 [ 25.607614] ? __pfx_kasan_atomics+0x10/0x10 [ 25.607639] ? __pfx_read_tsc+0x10/0x10 [ 25.607661] ? ktime_get_ts64+0x86/0x230 [ 25.607686] kunit_try_run_case+0x1a5/0x480 [ 25.607712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.607738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.607760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.607795] ? __kthread_parkme+0x82/0x180 [ 25.607817] ? preempt_count_sub+0x50/0x80 [ 25.607841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.607867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.607892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.607918] kthread+0x337/0x6f0 [ 25.607939] ? trace_preempt_on+0x20/0xc0 [ 25.607962] ? __pfx_kthread+0x10/0x10 [ 25.607985] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.608009] ? calculate_sigpending+0x7b/0xa0 [ 25.608034] ? __pfx_kthread+0x10/0x10 [ 25.608057] ret_from_fork+0x116/0x1d0 [ 25.608077] ? __pfx_kthread+0x10/0x10 [ 25.608099] ret_from_fork_asm+0x1a/0x30 [ 25.608131] </TASK> [ 25.608144] [ 25.615213] Allocated by task 313: [ 25.615408] kasan_save_stack+0x45/0x70 [ 25.615771] kasan_save_track+0x18/0x40 [ 25.615972] kasan_save_alloc_info+0x3b/0x50 [ 25.616177] __kasan_kmalloc+0xb7/0xc0 [ 25.616376] __kmalloc_cache_noprof+0x189/0x420 [ 25.616611] kasan_atomics+0x95/0x310 [ 25.616847] kunit_try_run_case+0x1a5/0x480 [ 25.617047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.617278] kthread+0x337/0x6f0 [ 25.617433] ret_from_fork+0x116/0x1d0 [ 25.617606] ret_from_fork_asm+0x1a/0x30 [ 25.617964] [ 25.618043] The buggy address belongs to the object at ffff88810490f900 [ 25.618043] which belongs to the cache kmalloc-64 of size 64 [ 25.618513] The buggy address is located 0 bytes to the right of [ 25.618513] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.618947] [ 25.619017] The buggy address belongs to the physical page: [ 25.619183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.619484] flags: 0x200000000000000(node=0|zone=2) [ 25.619836] page_type: f5(slab) [ 25.620007] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.620354] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.620831] page dumped because: kasan: bad access detected [ 25.621002] [ 25.621068] Memory state around the buggy address: [ 25.621219] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.621541] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.622112] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.622404] ^ [ 25.622661] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.622947] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.623196] ================================================================== [ 25.985518] ================================================================== [ 25.986544] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 25.987970] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.989131] [ 25.989501] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.989557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.989573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.989596] Call Trace: [ 25.989614] <TASK> [ 25.989634] dump_stack_lvl+0x73/0xb0 [ 25.989664] print_report+0xd1/0x650 [ 25.989688] ? __virt_addr_valid+0x1db/0x2d0 [ 25.989713] ? kasan_atomics_helper+0xe78/0x5450 [ 25.989734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.989766] ? kasan_atomics_helper+0xe78/0x5450 [ 25.989789] kasan_report+0x141/0x180 [ 25.989813] ? kasan_atomics_helper+0xe78/0x5450 [ 25.989839] kasan_check_range+0x10c/0x1c0 [ 25.989863] __kasan_check_write+0x18/0x20 [ 25.989888] kasan_atomics_helper+0xe78/0x5450 [ 25.989912] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.989935] ? kasan_save_alloc_info+0x3b/0x50 [ 25.989963] kasan_atomics+0x1dc/0x310 [ 25.989987] ? __pfx_kasan_atomics+0x10/0x10 [ 25.990011] ? __pfx_read_tsc+0x10/0x10 [ 25.990034] ? ktime_get_ts64+0x86/0x230 [ 25.990059] kunit_try_run_case+0x1a5/0x480 [ 25.990085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.990109] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.990132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.990155] ? __kthread_parkme+0x82/0x180 [ 25.990177] ? preempt_count_sub+0x50/0x80 [ 25.990201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.990227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.990252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.990278] kthread+0x337/0x6f0 [ 25.990299] ? trace_preempt_on+0x20/0xc0 [ 25.990333] ? __pfx_kthread+0x10/0x10 [ 25.990355] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.990380] ? calculate_sigpending+0x7b/0xa0 [ 25.990405] ? __pfx_kthread+0x10/0x10 [ 25.990427] ret_from_fork+0x116/0x1d0 [ 25.990446] ? __pfx_kthread+0x10/0x10 [ 25.990469] ret_from_fork_asm+0x1a/0x30 [ 25.990500] </TASK> [ 25.990513] [ 26.002155] Allocated by task 313: [ 26.002323] kasan_save_stack+0x45/0x70 [ 26.002562] kasan_save_track+0x18/0x40 [ 26.002999] kasan_save_alloc_info+0x3b/0x50 [ 26.003185] __kasan_kmalloc+0xb7/0xc0 [ 26.003329] __kmalloc_cache_noprof+0x189/0x420 [ 26.003502] kasan_atomics+0x95/0x310 [ 26.003776] kunit_try_run_case+0x1a5/0x480 [ 26.004056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.004327] kthread+0x337/0x6f0 [ 26.004501] ret_from_fork+0x116/0x1d0 [ 26.004648] ret_from_fork_asm+0x1a/0x30 [ 26.004916] [ 26.004998] The buggy address belongs to the object at ffff88810490f900 [ 26.004998] which belongs to the cache kmalloc-64 of size 64 [ 26.005560] The buggy address is located 0 bytes to the right of [ 26.005560] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.006113] [ 26.006224] The buggy address belongs to the physical page: [ 26.006470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.006845] flags: 0x200000000000000(node=0|zone=2) [ 26.007089] page_type: f5(slab) [ 26.007252] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.007639] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.007970] page dumped because: kasan: bad access detected [ 26.008387] [ 26.008473] Memory state around the buggy address: [ 26.008788] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.009122] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.009390] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.009844] ^ [ 26.010004] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.010245] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.010590] ================================================================== [ 26.072040] ================================================================== [ 26.072407] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 26.073065] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.073365] [ 26.073463] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.073512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.073527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.073550] Call Trace: [ 26.073567] <TASK> [ 26.073585] dump_stack_lvl+0x73/0xb0 [ 26.073614] print_report+0xd1/0x650 [ 26.073636] ? __virt_addr_valid+0x1db/0x2d0 [ 26.073675] ? kasan_atomics_helper+0x1079/0x5450 [ 26.073698] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.073736] ? kasan_atomics_helper+0x1079/0x5450 [ 26.073763] kasan_report+0x141/0x180 [ 26.073786] ? kasan_atomics_helper+0x1079/0x5450 [ 26.073813] kasan_check_range+0x10c/0x1c0 [ 26.073846] __kasan_check_write+0x18/0x20 [ 26.073871] kasan_atomics_helper+0x1079/0x5450 [ 26.073894] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.073928] ? kasan_save_alloc_info+0x3b/0x50 [ 26.073958] kasan_atomics+0x1dc/0x310 [ 26.073981] ? __pfx_kasan_atomics+0x10/0x10 [ 26.074014] ? __pfx_read_tsc+0x10/0x10 [ 26.074037] ? ktime_get_ts64+0x86/0x230 [ 26.074063] kunit_try_run_case+0x1a5/0x480 [ 26.074101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.074125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.074158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.074181] ? __kthread_parkme+0x82/0x180 [ 26.074203] ? preempt_count_sub+0x50/0x80 [ 26.074237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.074263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.074289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.074323] kthread+0x337/0x6f0 [ 26.074344] ? trace_preempt_on+0x20/0xc0 [ 26.074368] ? __pfx_kthread+0x10/0x10 [ 26.074389] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.074415] ? calculate_sigpending+0x7b/0xa0 [ 26.074440] ? __pfx_kthread+0x10/0x10 [ 26.074462] ret_from_fork+0x116/0x1d0 [ 26.074483] ? __pfx_kthread+0x10/0x10 [ 26.074504] ret_from_fork_asm+0x1a/0x30 [ 26.074536] </TASK> [ 26.074548] [ 26.081442] Allocated by task 313: [ 26.081768] kasan_save_stack+0x45/0x70 [ 26.082180] kasan_save_track+0x18/0x40 [ 26.082344] kasan_save_alloc_info+0x3b/0x50 [ 26.082539] __kasan_kmalloc+0xb7/0xc0 [ 26.082668] __kmalloc_cache_noprof+0x189/0x420 [ 26.082816] kasan_atomics+0x95/0x310 [ 26.082966] kunit_try_run_case+0x1a5/0x480 [ 26.083172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.083433] kthread+0x337/0x6f0 [ 26.083598] ret_from_fork+0x116/0x1d0 [ 26.083789] ret_from_fork_asm+0x1a/0x30 [ 26.084085] [ 26.084164] The buggy address belongs to the object at ffff88810490f900 [ 26.084164] which belongs to the cache kmalloc-64 of size 64 [ 26.084767] The buggy address is located 0 bytes to the right of [ 26.084767] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.085314] [ 26.085421] The buggy address belongs to the physical page: [ 26.085687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.086013] flags: 0x200000000000000(node=0|zone=2) [ 26.086255] page_type: f5(slab) [ 26.086425] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.086755] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.087032] page dumped because: kasan: bad access detected [ 26.087198] [ 26.087263] Memory state around the buggy address: [ 26.087505] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.087820] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.088131] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.088402] ^ [ 26.088610] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.088937] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.089218] ================================================================== [ 26.480087] ================================================================== [ 26.480439] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 26.480843] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.481083] [ 26.481161] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.481207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.481221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.481244] Call Trace: [ 26.481258] <TASK> [ 26.481275] dump_stack_lvl+0x73/0xb0 [ 26.481301] print_report+0xd1/0x650 [ 26.481335] ? __virt_addr_valid+0x1db/0x2d0 [ 26.481358] ? kasan_atomics_helper+0x1b22/0x5450 [ 26.481380] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.481407] ? kasan_atomics_helper+0x1b22/0x5450 [ 26.481430] kasan_report+0x141/0x180 [ 26.481452] ? kasan_atomics_helper+0x1b22/0x5450 [ 26.481478] kasan_check_range+0x10c/0x1c0 [ 26.481503] __kasan_check_write+0x18/0x20 [ 26.481527] kasan_atomics_helper+0x1b22/0x5450 [ 26.481550] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.481585] ? kasan_save_alloc_info+0x3b/0x50 [ 26.481614] kasan_atomics+0x1dc/0x310 [ 26.481637] ? __pfx_kasan_atomics+0x10/0x10 [ 26.481662] ? __pfx_read_tsc+0x10/0x10 [ 26.481684] ? ktime_get_ts64+0x86/0x230 [ 26.481709] kunit_try_run_case+0x1a5/0x480 [ 26.481734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.481765] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.481788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.481811] ? __kthread_parkme+0x82/0x180 [ 26.481832] ? preempt_count_sub+0x50/0x80 [ 26.481857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.481886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.481912] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.481939] kthread+0x337/0x6f0 [ 26.481960] ? trace_preempt_on+0x20/0xc0 [ 26.481983] ? __pfx_kthread+0x10/0x10 [ 26.482005] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.482031] ? calculate_sigpending+0x7b/0xa0 [ 26.482058] ? __pfx_kthread+0x10/0x10 [ 26.482083] ret_from_fork+0x116/0x1d0 [ 26.482104] ? __pfx_kthread+0x10/0x10 [ 26.482126] ret_from_fork_asm+0x1a/0x30 [ 26.482157] </TASK> [ 26.482170] [ 26.489362] Allocated by task 313: [ 26.489608] kasan_save_stack+0x45/0x70 [ 26.489792] kasan_save_track+0x18/0x40 [ 26.489965] kasan_save_alloc_info+0x3b/0x50 [ 26.490143] __kasan_kmalloc+0xb7/0xc0 [ 26.490321] __kmalloc_cache_noprof+0x189/0x420 [ 26.490520] kasan_atomics+0x95/0x310 [ 26.490687] kunit_try_run_case+0x1a5/0x480 [ 26.490848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.491017] kthread+0x337/0x6f0 [ 26.491133] ret_from_fork+0x116/0x1d0 [ 26.491259] ret_from_fork_asm+0x1a/0x30 [ 26.491452] [ 26.491600] The buggy address belongs to the object at ffff88810490f900 [ 26.491600] which belongs to the cache kmalloc-64 of size 64 [ 26.492127] The buggy address is located 0 bytes to the right of [ 26.492127] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.492653] [ 26.492722] The buggy address belongs to the physical page: [ 26.492891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.493122] flags: 0x200000000000000(node=0|zone=2) [ 26.493277] page_type: f5(slab) [ 26.493404] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.493630] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.493854] page dumped because: kasan: bad access detected [ 26.494053] [ 26.494140] Memory state around the buggy address: [ 26.494367] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.494674] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.494981] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.495284] ^ [ 26.495507] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.495816] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.496047] ================================================================== [ 26.654482] ================================================================== [ 26.655273] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 26.655773] Read of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.656132] [ 26.656456] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.656518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.656533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.656557] Call Trace: [ 26.656580] <TASK> [ 26.656600] dump_stack_lvl+0x73/0xb0 [ 26.656631] print_report+0xd1/0x650 [ 26.656656] ? __virt_addr_valid+0x1db/0x2d0 [ 26.656682] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.656704] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.656730] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.656754] kasan_report+0x141/0x180 [ 26.656776] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.656804] __asan_report_load8_noabort+0x18/0x20 [ 26.656828] kasan_atomics_helper+0x4f71/0x5450 [ 26.656852] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.656876] ? kasan_save_alloc_info+0x3b/0x50 [ 26.656905] kasan_atomics+0x1dc/0x310 [ 26.656928] ? __pfx_kasan_atomics+0x10/0x10 [ 26.656953] ? __pfx_read_tsc+0x10/0x10 [ 26.656976] ? ktime_get_ts64+0x86/0x230 [ 26.657002] kunit_try_run_case+0x1a5/0x480 [ 26.657028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.657054] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.657079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.657103] ? __kthread_parkme+0x82/0x180 [ 26.657124] ? preempt_count_sub+0x50/0x80 [ 26.657149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.657176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.657201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.657227] kthread+0x337/0x6f0 [ 26.657248] ? trace_preempt_on+0x20/0xc0 [ 26.657273] ? __pfx_kthread+0x10/0x10 [ 26.657295] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.657332] ? calculate_sigpending+0x7b/0xa0 [ 26.657358] ? __pfx_kthread+0x10/0x10 [ 26.657381] ret_from_fork+0x116/0x1d0 [ 26.657402] ? __pfx_kthread+0x10/0x10 [ 26.657424] ret_from_fork_asm+0x1a/0x30 [ 26.657456] </TASK> [ 26.657470] [ 26.666797] Allocated by task 313: [ 26.666988] kasan_save_stack+0x45/0x70 [ 26.667181] kasan_save_track+0x18/0x40 [ 26.667917] kasan_save_alloc_info+0x3b/0x50 [ 26.668113] __kasan_kmalloc+0xb7/0xc0 [ 26.668302] __kmalloc_cache_noprof+0x189/0x420 [ 26.668744] kasan_atomics+0x95/0x310 [ 26.668942] kunit_try_run_case+0x1a5/0x480 [ 26.669278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.669658] kthread+0x337/0x6f0 [ 26.669816] ret_from_fork+0x116/0x1d0 [ 26.670120] ret_from_fork_asm+0x1a/0x30 [ 26.670323] [ 26.670591] The buggy address belongs to the object at ffff88810490f900 [ 26.670591] which belongs to the cache kmalloc-64 of size 64 [ 26.671171] The buggy address is located 0 bytes to the right of [ 26.671171] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.671774] [ 26.672082] The buggy address belongs to the physical page: [ 26.672329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.672761] flags: 0x200000000000000(node=0|zone=2) [ 26.673062] page_type: f5(slab) [ 26.673204] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.673525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.673972] page dumped because: kasan: bad access detected [ 26.674283] [ 26.674366] Memory state around the buggy address: [ 26.674614] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.675156] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.675529] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.675952] ^ [ 26.676156] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.676586] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.676828] ================================================================== [ 26.463157] ================================================================== [ 26.463432] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 26.463783] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.464002] [ 26.464081] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.464127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.464141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.464164] Call Trace: [ 26.464180] <TASK> [ 26.464197] dump_stack_lvl+0x73/0xb0 [ 26.464224] print_report+0xd1/0x650 [ 26.464246] ? __virt_addr_valid+0x1db/0x2d0 [ 26.464270] ? kasan_atomics_helper+0x1a7f/0x5450 [ 26.464291] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.464330] ? kasan_atomics_helper+0x1a7f/0x5450 [ 26.464353] kasan_report+0x141/0x180 [ 26.464375] ? kasan_atomics_helper+0x1a7f/0x5450 [ 26.464402] kasan_check_range+0x10c/0x1c0 [ 26.464427] __kasan_check_write+0x18/0x20 [ 26.464451] kasan_atomics_helper+0x1a7f/0x5450 [ 26.464474] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.464498] ? kasan_save_alloc_info+0x3b/0x50 [ 26.464540] kasan_atomics+0x1dc/0x310 [ 26.464563] ? __pfx_kasan_atomics+0x10/0x10 [ 26.464587] ? __pfx_read_tsc+0x10/0x10 [ 26.464610] ? ktime_get_ts64+0x86/0x230 [ 26.464635] kunit_try_run_case+0x1a5/0x480 [ 26.464660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.464685] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.464707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.464730] ? __kthread_parkme+0x82/0x180 [ 26.464751] ? preempt_count_sub+0x50/0x80 [ 26.464775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.464801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.464826] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.464852] kthread+0x337/0x6f0 [ 26.464873] ? trace_preempt_on+0x20/0xc0 [ 26.464896] ? __pfx_kthread+0x10/0x10 [ 26.464918] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.464943] ? calculate_sigpending+0x7b/0xa0 [ 26.464968] ? __pfx_kthread+0x10/0x10 [ 26.464990] ret_from_fork+0x116/0x1d0 [ 26.465010] ? __pfx_kthread+0x10/0x10 [ 26.465031] ret_from_fork_asm+0x1a/0x30 [ 26.465063] </TASK> [ 26.465075] [ 26.471928] Allocated by task 313: [ 26.472050] kasan_save_stack+0x45/0x70 [ 26.472249] kasan_save_track+0x18/0x40 [ 26.472606] kasan_save_alloc_info+0x3b/0x50 [ 26.472811] __kasan_kmalloc+0xb7/0xc0 [ 26.472992] __kmalloc_cache_noprof+0x189/0x420 [ 26.473205] kasan_atomics+0x95/0x310 [ 26.473393] kunit_try_run_case+0x1a5/0x480 [ 26.473565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.473741] kthread+0x337/0x6f0 [ 26.473856] ret_from_fork+0x116/0x1d0 [ 26.473983] ret_from_fork_asm+0x1a/0x30 [ 26.474116] [ 26.474181] The buggy address belongs to the object at ffff88810490f900 [ 26.474181] which belongs to the cache kmalloc-64 of size 64 [ 26.475033] The buggy address is located 0 bytes to the right of [ 26.475033] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.475693] [ 26.475763] The buggy address belongs to the physical page: [ 26.475996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.476324] flags: 0x200000000000000(node=0|zone=2) [ 26.476558] page_type: f5(slab) [ 26.476684] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.476986] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.477281] page dumped because: kasan: bad access detected [ 26.477505] [ 26.477595] Memory state around the buggy address: [ 26.477788] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.478072] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.478281] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.478746] ^ [ 26.478966] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.479218] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.479436] ================================================================== [ 25.709898] ================================================================== [ 25.710179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 25.710472] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.710778] [ 25.710860] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.710908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.710922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.710945] Call Trace: [ 25.710980] <TASK> [ 25.710997] dump_stack_lvl+0x73/0xb0 [ 25.711025] print_report+0xd1/0x650 [ 25.711048] ? __virt_addr_valid+0x1db/0x2d0 [ 25.711071] ? kasan_atomics_helper+0x697/0x5450 [ 25.711093] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.711120] ? kasan_atomics_helper+0x697/0x5450 [ 25.711143] kasan_report+0x141/0x180 [ 25.711166] ? kasan_atomics_helper+0x697/0x5450 [ 25.711193] kasan_check_range+0x10c/0x1c0 [ 25.711218] __kasan_check_write+0x18/0x20 [ 25.711242] kasan_atomics_helper+0x697/0x5450 [ 25.711265] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.711289] ? kasan_save_alloc_info+0x3b/0x50 [ 25.711330] kasan_atomics+0x1dc/0x310 [ 25.711354] ? __pfx_kasan_atomics+0x10/0x10 [ 25.711378] ? __pfx_read_tsc+0x10/0x10 [ 25.711400] ? ktime_get_ts64+0x86/0x230 [ 25.711425] kunit_try_run_case+0x1a5/0x480 [ 25.711451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.711476] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.711511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.711535] ? __kthread_parkme+0x82/0x180 [ 25.711558] ? preempt_count_sub+0x50/0x80 [ 25.711583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.711609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.711636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.711662] kthread+0x337/0x6f0 [ 25.711692] ? trace_preempt_on+0x20/0xc0 [ 25.711716] ? __pfx_kthread+0x10/0x10 [ 25.711738] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.711764] ? calculate_sigpending+0x7b/0xa0 [ 25.711789] ? __pfx_kthread+0x10/0x10 [ 25.711812] ret_from_fork+0x116/0x1d0 [ 25.711832] ? __pfx_kthread+0x10/0x10 [ 25.711856] ret_from_fork_asm+0x1a/0x30 [ 25.711888] </TASK> [ 25.711901] [ 25.719587] Allocated by task 313: [ 25.719711] kasan_save_stack+0x45/0x70 [ 25.719872] kasan_save_track+0x18/0x40 [ 25.720063] kasan_save_alloc_info+0x3b/0x50 [ 25.720264] __kasan_kmalloc+0xb7/0xc0 [ 25.720450] __kmalloc_cache_noprof+0x189/0x420 [ 25.720658] kasan_atomics+0x95/0x310 [ 25.720836] kunit_try_run_case+0x1a5/0x480 [ 25.720979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.721145] kthread+0x337/0x6f0 [ 25.721403] ret_from_fork+0x116/0x1d0 [ 25.721922] ret_from_fork_asm+0x1a/0x30 [ 25.722097] [ 25.722178] The buggy address belongs to the object at ffff88810490f900 [ 25.722178] which belongs to the cache kmalloc-64 of size 64 [ 25.722530] The buggy address is located 0 bytes to the right of [ 25.722530] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.723408] [ 25.723476] The buggy address belongs to the physical page: [ 25.723640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.723864] flags: 0x200000000000000(node=0|zone=2) [ 25.724014] page_type: f5(slab) [ 25.724233] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.724587] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.724919] page dumped because: kasan: bad access detected [ 25.725170] [ 25.725261] Memory state around the buggy address: [ 25.725490] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.725935] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.726154] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.726458] ^ [ 25.726820] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.727034] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.727242] ================================================================== [ 25.526162] ================================================================== [ 25.526497] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 25.527188] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.527449] [ 25.527596] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.527643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.527655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.527719] Call Trace: [ 25.527736] <TASK> [ 25.527751] dump_stack_lvl+0x73/0xb0 [ 25.527779] print_report+0xd1/0x650 [ 25.527801] ? __virt_addr_valid+0x1db/0x2d0 [ 25.527824] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.527844] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.527870] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.527891] kasan_report+0x141/0x180 [ 25.527913] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.527938] __asan_report_store4_noabort+0x1b/0x30 [ 25.527963] kasan_atomics_helper+0x4ba2/0x5450 [ 25.527984] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.528007] ? kasan_save_alloc_info+0x3b/0x50 [ 25.528034] kasan_atomics+0x1dc/0x310 [ 25.528056] ? __pfx_kasan_atomics+0x10/0x10 [ 25.528080] ? __pfx_read_tsc+0x10/0x10 [ 25.528101] ? ktime_get_ts64+0x86/0x230 [ 25.528125] kunit_try_run_case+0x1a5/0x480 [ 25.528150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.528172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.528194] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.528215] ? __kthread_parkme+0x82/0x180 [ 25.528235] ? preempt_count_sub+0x50/0x80 [ 25.528258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.528282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.528319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.528343] kthread+0x337/0x6f0 [ 25.528362] ? trace_preempt_on+0x20/0xc0 [ 25.528386] ? __pfx_kthread+0x10/0x10 [ 25.528407] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.528432] ? calculate_sigpending+0x7b/0xa0 [ 25.528456] ? __pfx_kthread+0x10/0x10 [ 25.528477] ret_from_fork+0x116/0x1d0 [ 25.528497] ? __pfx_kthread+0x10/0x10 [ 25.528518] ret_from_fork_asm+0x1a/0x30 [ 25.528550] </TASK> [ 25.528561] [ 25.535678] Allocated by task 313: [ 25.535850] kasan_save_stack+0x45/0x70 [ 25.536059] kasan_save_track+0x18/0x40 [ 25.536241] kasan_save_alloc_info+0x3b/0x50 [ 25.536443] __kasan_kmalloc+0xb7/0xc0 [ 25.536566] __kmalloc_cache_noprof+0x189/0x420 [ 25.536710] kasan_atomics+0x95/0x310 [ 25.536832] kunit_try_run_case+0x1a5/0x480 [ 25.537279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.537614] kthread+0x337/0x6f0 [ 25.537807] ret_from_fork+0x116/0x1d0 [ 25.538149] ret_from_fork_asm+0x1a/0x30 [ 25.538420] [ 25.538680] The buggy address belongs to the object at ffff88810490f900 [ 25.538680] which belongs to the cache kmalloc-64 of size 64 [ 25.539161] The buggy address is located 0 bytes to the right of [ 25.539161] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.540002] [ 25.540111] The buggy address belongs to the physical page: [ 25.540329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.540823] flags: 0x200000000000000(node=0|zone=2) [ 25.540993] page_type: f5(slab) [ 25.541110] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.541349] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.541839] page dumped because: kasan: bad access detected [ 25.542128] [ 25.542192] Memory state around the buggy address: [ 25.542350] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.542560] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.542947] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.543289] ^ [ 25.543524] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.543843] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.544153] ================================================================== [ 25.745735] ================================================================== [ 25.746097] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 25.746945] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.747260] [ 25.747407] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.747456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.747471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.747502] Call Trace: [ 25.747515] <TASK> [ 25.747532] dump_stack_lvl+0x73/0xb0 [ 25.747561] print_report+0xd1/0x650 [ 25.747585] ? __virt_addr_valid+0x1db/0x2d0 [ 25.747609] ? kasan_atomics_helper+0x7c7/0x5450 [ 25.747632] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.747660] ? kasan_atomics_helper+0x7c7/0x5450 [ 25.747721] kasan_report+0x141/0x180 [ 25.747747] ? kasan_atomics_helper+0x7c7/0x5450 [ 25.747774] kasan_check_range+0x10c/0x1c0 [ 25.747799] __kasan_check_write+0x18/0x20 [ 25.747822] kasan_atomics_helper+0x7c7/0x5450 [ 25.747846] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.747870] ? kasan_save_alloc_info+0x3b/0x50 [ 25.747899] kasan_atomics+0x1dc/0x310 [ 25.747923] ? __pfx_kasan_atomics+0x10/0x10 [ 25.747948] ? __pfx_read_tsc+0x10/0x10 [ 25.747970] ? ktime_get_ts64+0x86/0x230 [ 25.747995] kunit_try_run_case+0x1a5/0x480 [ 25.748022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.748047] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.748070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.748094] ? __kthread_parkme+0x82/0x180 [ 25.748116] ? preempt_count_sub+0x50/0x80 [ 25.748140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.748167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.748193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.748220] kthread+0x337/0x6f0 [ 25.748241] ? trace_preempt_on+0x20/0xc0 [ 25.748265] ? __pfx_kthread+0x10/0x10 [ 25.748287] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.748326] ? calculate_sigpending+0x7b/0xa0 [ 25.748351] ? __pfx_kthread+0x10/0x10 [ 25.748374] ret_from_fork+0x116/0x1d0 [ 25.748395] ? __pfx_kthread+0x10/0x10 [ 25.748417] ret_from_fork_asm+0x1a/0x30 [ 25.748448] </TASK> [ 25.748462] [ 25.756009] Allocated by task 313: [ 25.756174] kasan_save_stack+0x45/0x70 [ 25.756388] kasan_save_track+0x18/0x40 [ 25.756583] kasan_save_alloc_info+0x3b/0x50 [ 25.756842] __kasan_kmalloc+0xb7/0xc0 [ 25.756979] __kmalloc_cache_noprof+0x189/0x420 [ 25.757131] kasan_atomics+0x95/0x310 [ 25.757259] kunit_try_run_case+0x1a5/0x480 [ 25.757413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.758064] kthread+0x337/0x6f0 [ 25.758257] ret_from_fork+0x116/0x1d0 [ 25.758456] ret_from_fork_asm+0x1a/0x30 [ 25.758649] [ 25.758793] The buggy address belongs to the object at ffff88810490f900 [ 25.758793] which belongs to the cache kmalloc-64 of size 64 [ 25.759331] The buggy address is located 0 bytes to the right of [ 25.759331] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.759927] [ 25.760021] The buggy address belongs to the physical page: [ 25.760252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.760623] flags: 0x200000000000000(node=0|zone=2) [ 25.760902] page_type: f5(slab) [ 25.761070] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.761384] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.761772] page dumped because: kasan: bad access detected [ 25.761994] [ 25.762071] Memory state around the buggy address: [ 25.762260] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.762486] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.762700] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.763211] ^ [ 25.763468] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.763787] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.764073] ================================================================== [ 26.125023] ================================================================== [ 26.125789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 26.126077] Read of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.126294] [ 26.126387] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.126437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.126452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.126475] Call Trace: [ 26.126492] <TASK> [ 26.126509] dump_stack_lvl+0x73/0xb0 [ 26.126537] print_report+0xd1/0x650 [ 26.126559] ? __virt_addr_valid+0x1db/0x2d0 [ 26.126583] ? kasan_atomics_helper+0x4a02/0x5450 [ 26.126630] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.126657] ? kasan_atomics_helper+0x4a02/0x5450 [ 26.126692] kasan_report+0x141/0x180 [ 26.126715] ? kasan_atomics_helper+0x4a02/0x5450 [ 26.126742] __asan_report_load4_noabort+0x18/0x20 [ 26.126768] kasan_atomics_helper+0x4a02/0x5450 [ 26.126791] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.126815] ? kasan_save_alloc_info+0x3b/0x50 [ 26.126843] kasan_atomics+0x1dc/0x310 [ 26.126868] ? __pfx_kasan_atomics+0x10/0x10 [ 26.126893] ? __pfx_read_tsc+0x10/0x10 [ 26.126916] ? ktime_get_ts64+0x86/0x230 [ 26.126941] kunit_try_run_case+0x1a5/0x480 [ 26.126976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.127001] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.127024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.127058] ? __kthread_parkme+0x82/0x180 [ 26.127080] ? preempt_count_sub+0x50/0x80 [ 26.127104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.127130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.127156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.127182] kthread+0x337/0x6f0 [ 26.127203] ? trace_preempt_on+0x20/0xc0 [ 26.127227] ? __pfx_kthread+0x10/0x10 [ 26.127248] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.127274] ? calculate_sigpending+0x7b/0xa0 [ 26.127299] ? __pfx_kthread+0x10/0x10 [ 26.127334] ret_from_fork+0x116/0x1d0 [ 26.127355] ? __pfx_kthread+0x10/0x10 [ 26.127377] ret_from_fork_asm+0x1a/0x30 [ 26.127408] </TASK> [ 26.127422] [ 26.135294] Allocated by task 313: [ 26.135457] kasan_save_stack+0x45/0x70 [ 26.135680] kasan_save_track+0x18/0x40 [ 26.135845] kasan_save_alloc_info+0x3b/0x50 [ 26.136054] __kasan_kmalloc+0xb7/0xc0 [ 26.136230] __kmalloc_cache_noprof+0x189/0x420 [ 26.136447] kasan_atomics+0x95/0x310 [ 26.136652] kunit_try_run_case+0x1a5/0x480 [ 26.136836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.137139] kthread+0x337/0x6f0 [ 26.137270] ret_from_fork+0x116/0x1d0 [ 26.137404] ret_from_fork_asm+0x1a/0x30 [ 26.137538] [ 26.137603] The buggy address belongs to the object at ffff88810490f900 [ 26.137603] which belongs to the cache kmalloc-64 of size 64 [ 26.137938] The buggy address is located 0 bytes to the right of [ 26.137938] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.138282] [ 26.138378] The buggy address belongs to the physical page: [ 26.138618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.139007] flags: 0x200000000000000(node=0|zone=2) [ 26.139233] page_type: f5(slab) [ 26.139400] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.140079] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.140419] page dumped because: kasan: bad access detected [ 26.140799] [ 26.140878] Memory state around the buggy address: [ 26.141025] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.141230] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.141445] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.141760] ^ [ 26.142030] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.142439] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.142815] ================================================================== [ 26.247758] ================================================================== [ 26.248400] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 26.248939] Read of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.249449] [ 26.249558] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.249607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.249622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.249645] Call Trace: [ 26.249665] <TASK> [ 26.249683] dump_stack_lvl+0x73/0xb0 [ 26.249716] print_report+0xd1/0x650 [ 26.249744] ? __virt_addr_valid+0x1db/0x2d0 [ 26.249768] ? kasan_atomics_helper+0x4eae/0x5450 [ 26.249791] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.249818] ? kasan_atomics_helper+0x4eae/0x5450 [ 26.249840] kasan_report+0x141/0x180 [ 26.249864] ? kasan_atomics_helper+0x4eae/0x5450 [ 26.249891] __asan_report_load8_noabort+0x18/0x20 [ 26.249917] kasan_atomics_helper+0x4eae/0x5450 [ 26.249940] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.249965] ? kasan_save_alloc_info+0x3b/0x50 [ 26.249994] kasan_atomics+0x1dc/0x310 [ 26.250018] ? __pfx_kasan_atomics+0x10/0x10 [ 26.250043] ? __pfx_read_tsc+0x10/0x10 [ 26.250065] ? ktime_get_ts64+0x86/0x230 [ 26.250092] kunit_try_run_case+0x1a5/0x480 [ 26.250118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.250143] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.250166] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.250190] ? __kthread_parkme+0x82/0x180 [ 26.250212] ? preempt_count_sub+0x50/0x80 [ 26.250236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.250263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.250288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.250346] kthread+0x337/0x6f0 [ 26.250368] ? trace_preempt_on+0x20/0xc0 [ 26.250393] ? __pfx_kthread+0x10/0x10 [ 26.250415] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.250441] ? calculate_sigpending+0x7b/0xa0 [ 26.250467] ? __pfx_kthread+0x10/0x10 [ 26.250508] ret_from_fork+0x116/0x1d0 [ 26.250528] ? __pfx_kthread+0x10/0x10 [ 26.250560] ret_from_fork_asm+0x1a/0x30 [ 26.250592] </TASK> [ 26.250605] [ 26.257599] Allocated by task 313: [ 26.257783] kasan_save_stack+0x45/0x70 [ 26.257983] kasan_save_track+0x18/0x40 [ 26.258167] kasan_save_alloc_info+0x3b/0x50 [ 26.258363] __kasan_kmalloc+0xb7/0xc0 [ 26.258582] __kmalloc_cache_noprof+0x189/0x420 [ 26.258781] kasan_atomics+0x95/0x310 [ 26.258965] kunit_try_run_case+0x1a5/0x480 [ 26.259159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.259386] kthread+0x337/0x6f0 [ 26.259594] ret_from_fork+0x116/0x1d0 [ 26.259755] ret_from_fork_asm+0x1a/0x30 [ 26.259928] [ 26.260019] The buggy address belongs to the object at ffff88810490f900 [ 26.260019] which belongs to the cache kmalloc-64 of size 64 [ 26.260452] The buggy address is located 0 bytes to the right of [ 26.260452] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.260845] [ 26.260939] The buggy address belongs to the physical page: [ 26.261204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.261599] flags: 0x200000000000000(node=0|zone=2) [ 26.261807] page_type: f5(slab) [ 26.261924] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.262150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.262430] page dumped because: kasan: bad access detected [ 26.262707] [ 26.262824] Memory state around the buggy address: [ 26.263069] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.263416] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.263766] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.264010] ^ [ 26.264254] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.264587] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.264886] ================================================================== [ 25.727613] ================================================================== [ 25.727992] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 25.728473] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.728994] [ 25.729367] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.729421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.729436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.729459] Call Trace: [ 25.729477] <TASK> [ 25.729495] dump_stack_lvl+0x73/0xb0 [ 25.729523] print_report+0xd1/0x650 [ 25.729546] ? __virt_addr_valid+0x1db/0x2d0 [ 25.729570] ? kasan_atomics_helper+0x72f/0x5450 [ 25.729592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.729620] ? kasan_atomics_helper+0x72f/0x5450 [ 25.729643] kasan_report+0x141/0x180 [ 25.729666] ? kasan_atomics_helper+0x72f/0x5450 [ 25.729693] kasan_check_range+0x10c/0x1c0 [ 25.729718] __kasan_check_write+0x18/0x20 [ 25.729746] kasan_atomics_helper+0x72f/0x5450 [ 25.729820] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.729844] ? kasan_save_alloc_info+0x3b/0x50 [ 25.729873] kasan_atomics+0x1dc/0x310 [ 25.729896] ? __pfx_kasan_atomics+0x10/0x10 [ 25.729921] ? __pfx_read_tsc+0x10/0x10 [ 25.729944] ? ktime_get_ts64+0x86/0x230 [ 25.729968] kunit_try_run_case+0x1a5/0x480 [ 25.729994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.730019] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.730042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.730065] ? __kthread_parkme+0x82/0x180 [ 25.730086] ? preempt_count_sub+0x50/0x80 [ 25.730110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.730137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.730163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.730189] kthread+0x337/0x6f0 [ 25.730210] ? trace_preempt_on+0x20/0xc0 [ 25.730233] ? __pfx_kthread+0x10/0x10 [ 25.730255] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.730281] ? calculate_sigpending+0x7b/0xa0 [ 25.730317] ? __pfx_kthread+0x10/0x10 [ 25.730342] ret_from_fork+0x116/0x1d0 [ 25.730362] ? __pfx_kthread+0x10/0x10 [ 25.730384] ret_from_fork_asm+0x1a/0x30 [ 25.730416] </TASK> [ 25.730428] [ 25.737992] Allocated by task 313: [ 25.738166] kasan_save_stack+0x45/0x70 [ 25.738337] kasan_save_track+0x18/0x40 [ 25.738465] kasan_save_alloc_info+0x3b/0x50 [ 25.738667] __kasan_kmalloc+0xb7/0xc0 [ 25.738862] __kmalloc_cache_noprof+0x189/0x420 [ 25.739072] kasan_atomics+0x95/0x310 [ 25.739240] kunit_try_run_case+0x1a5/0x480 [ 25.739418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.739766] kthread+0x337/0x6f0 [ 25.739900] ret_from_fork+0x116/0x1d0 [ 25.740074] ret_from_fork_asm+0x1a/0x30 [ 25.740234] [ 25.740322] The buggy address belongs to the object at ffff88810490f900 [ 25.740322] which belongs to the cache kmalloc-64 of size 64 [ 25.740819] The buggy address is located 0 bytes to the right of [ 25.740819] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.741276] [ 25.741592] The buggy address belongs to the physical page: [ 25.742045] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.742330] flags: 0x200000000000000(node=0|zone=2) [ 25.742649] page_type: f5(slab) [ 25.742808] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.743085] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.743373] page dumped because: kasan: bad access detected [ 25.743601] [ 25.743671] Memory state around the buggy address: [ 25.743890] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.744153] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.744439] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.744740] ^ [ 25.744884] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.745084] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.745283] ================================================================== [ 26.677663] ================================================================== [ 26.678347] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 26.678786] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.679171] [ 26.679504] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.679578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.679593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.679620] Call Trace: [ 26.679642] <TASK> [ 26.679664] dump_stack_lvl+0x73/0xb0 [ 26.679696] print_report+0xd1/0x650 [ 26.679720] ? __virt_addr_valid+0x1db/0x2d0 [ 26.679745] ? kasan_atomics_helper+0x2006/0x5450 [ 26.679768] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.679795] ? kasan_atomics_helper+0x2006/0x5450 [ 26.679817] kasan_report+0x141/0x180 [ 26.679841] ? kasan_atomics_helper+0x2006/0x5450 [ 26.679867] kasan_check_range+0x10c/0x1c0 [ 26.679892] __kasan_check_write+0x18/0x20 [ 26.679915] kasan_atomics_helper+0x2006/0x5450 [ 26.679939] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.679962] ? kasan_save_alloc_info+0x3b/0x50 [ 26.679990] kasan_atomics+0x1dc/0x310 [ 26.680015] ? __pfx_kasan_atomics+0x10/0x10 [ 26.680040] ? __pfx_read_tsc+0x10/0x10 [ 26.680063] ? ktime_get_ts64+0x86/0x230 [ 26.680089] kunit_try_run_case+0x1a5/0x480 [ 26.680115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.680140] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.680164] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.680186] ? __kthread_parkme+0x82/0x180 [ 26.680211] ? preempt_count_sub+0x50/0x80 [ 26.680236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.680261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.680287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.680322] kthread+0x337/0x6f0 [ 26.680343] ? trace_preempt_on+0x20/0xc0 [ 26.680369] ? __pfx_kthread+0x10/0x10 [ 26.680392] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.680418] ? calculate_sigpending+0x7b/0xa0 [ 26.680446] ? __pfx_kthread+0x10/0x10 [ 26.680470] ret_from_fork+0x116/0x1d0 [ 26.680491] ? __pfx_kthread+0x10/0x10 [ 26.680513] ret_from_fork_asm+0x1a/0x30 [ 26.680547] </TASK> [ 26.680561] [ 26.690746] Allocated by task 313: [ 26.691028] kasan_save_stack+0x45/0x70 [ 26.691281] kasan_save_track+0x18/0x40 [ 26.691576] kasan_save_alloc_info+0x3b/0x50 [ 26.691764] __kasan_kmalloc+0xb7/0xc0 [ 26.692060] __kmalloc_cache_noprof+0x189/0x420 [ 26.692278] kasan_atomics+0x95/0x310 [ 26.692620] kunit_try_run_case+0x1a5/0x480 [ 26.692910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.693108] kthread+0x337/0x6f0 [ 26.693403] ret_from_fork+0x116/0x1d0 [ 26.693553] ret_from_fork_asm+0x1a/0x30 [ 26.693861] [ 26.693958] The buggy address belongs to the object at ffff88810490f900 [ 26.693958] which belongs to the cache kmalloc-64 of size 64 [ 26.694549] The buggy address is located 0 bytes to the right of [ 26.694549] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.695197] [ 26.695343] The buggy address belongs to the physical page: [ 26.695610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.696122] flags: 0x200000000000000(node=0|zone=2) [ 26.696449] page_type: f5(slab) [ 26.696643] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.697114] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.697560] page dumped because: kasan: bad access detected [ 26.697878] [ 26.697979] Memory state around the buggy address: [ 26.698141] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.698460] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.698968] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.699330] ^ [ 26.699562] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.699975] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.700359] ================================================================== [ 25.905029] ================================================================== [ 25.905298] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 25.905715] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.905998] [ 25.906082] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.906131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.906146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.906169] Call Trace: [ 25.906188] <TASK> [ 25.906205] dump_stack_lvl+0x73/0xb0 [ 25.906233] print_report+0xd1/0x650 [ 25.906256] ? __virt_addr_valid+0x1db/0x2d0 [ 25.906281] ? kasan_atomics_helper+0xc70/0x5450 [ 25.906303] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.906341] ? kasan_atomics_helper+0xc70/0x5450 [ 25.906364] kasan_report+0x141/0x180 [ 25.906388] ? kasan_atomics_helper+0xc70/0x5450 [ 25.906416] kasan_check_range+0x10c/0x1c0 [ 25.906441] __kasan_check_write+0x18/0x20 [ 25.906465] kasan_atomics_helper+0xc70/0x5450 [ 25.906499] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.906523] ? kasan_save_alloc_info+0x3b/0x50 [ 25.906552] kasan_atomics+0x1dc/0x310 [ 25.906576] ? __pfx_kasan_atomics+0x10/0x10 [ 25.906601] ? __pfx_read_tsc+0x10/0x10 [ 25.906625] ? ktime_get_ts64+0x86/0x230 [ 25.906651] kunit_try_run_case+0x1a5/0x480 [ 25.906679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.906704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.906729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.906752] ? __kthread_parkme+0x82/0x180 [ 25.906774] ? preempt_count_sub+0x50/0x80 [ 25.906799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.906825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.906852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.906882] kthread+0x337/0x6f0 [ 25.906905] ? trace_preempt_on+0x20/0xc0 [ 25.906931] ? __pfx_kthread+0x10/0x10 [ 25.906953] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.906979] ? calculate_sigpending+0x7b/0xa0 [ 25.907004] ? __pfx_kthread+0x10/0x10 [ 25.907027] ret_from_fork+0x116/0x1d0 [ 25.907048] ? __pfx_kthread+0x10/0x10 [ 25.907069] ret_from_fork_asm+0x1a/0x30 [ 25.907101] </TASK> [ 25.907115] [ 25.914895] Allocated by task 313: [ 25.915075] kasan_save_stack+0x45/0x70 [ 25.915277] kasan_save_track+0x18/0x40 [ 25.915443] kasan_save_alloc_info+0x3b/0x50 [ 25.915773] __kasan_kmalloc+0xb7/0xc0 [ 25.915932] __kmalloc_cache_noprof+0x189/0x420 [ 25.916120] kasan_atomics+0x95/0x310 [ 25.916274] kunit_try_run_case+0x1a5/0x480 [ 25.916466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.916954] kthread+0x337/0x6f0 [ 25.917118] ret_from_fork+0x116/0x1d0 [ 25.917281] ret_from_fork_asm+0x1a/0x30 [ 25.917462] [ 25.917590] The buggy address belongs to the object at ffff88810490f900 [ 25.917590] which belongs to the cache kmalloc-64 of size 64 [ 25.918110] The buggy address is located 0 bytes to the right of [ 25.918110] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.918626] [ 25.918770] The buggy address belongs to the physical page: [ 25.919011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.919247] flags: 0x200000000000000(node=0|zone=2) [ 25.919421] page_type: f5(slab) [ 25.919572] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.920156] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.920489] page dumped because: kasan: bad access detected [ 25.920878] [ 25.920953] Memory state around the buggy address: [ 25.921104] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.921325] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.922129] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.922482] ^ [ 25.922668] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.923143] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.923416] ================================================================== [ 26.402191] ================================================================== [ 26.402436] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 26.402701] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.402920] [ 26.402999] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.403045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.403059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.403083] Call Trace: [ 26.403101] <TASK> [ 26.403119] dump_stack_lvl+0x73/0xb0 [ 26.403147] print_report+0xd1/0x650 [ 26.403169] ? __virt_addr_valid+0x1db/0x2d0 [ 26.403204] ? kasan_atomics_helper+0x18b1/0x5450 [ 26.403227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.403255] ? kasan_atomics_helper+0x18b1/0x5450 [ 26.403277] kasan_report+0x141/0x180 [ 26.403300] ? kasan_atomics_helper+0x18b1/0x5450 [ 26.403341] kasan_check_range+0x10c/0x1c0 [ 26.403366] __kasan_check_write+0x18/0x20 [ 26.403391] kasan_atomics_helper+0x18b1/0x5450 [ 26.403414] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.403438] ? kasan_save_alloc_info+0x3b/0x50 [ 26.403468] kasan_atomics+0x1dc/0x310 [ 26.403511] ? __pfx_kasan_atomics+0x10/0x10 [ 26.403537] ? __pfx_read_tsc+0x10/0x10 [ 26.403559] ? ktime_get_ts64+0x86/0x230 [ 26.403585] kunit_try_run_case+0x1a5/0x480 [ 26.403611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.403636] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.403660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.403683] ? __kthread_parkme+0x82/0x180 [ 26.403705] ? preempt_count_sub+0x50/0x80 [ 26.403730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.403756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.403782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.403807] kthread+0x337/0x6f0 [ 26.403827] ? trace_preempt_on+0x20/0xc0 [ 26.403853] ? __pfx_kthread+0x10/0x10 [ 26.403874] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.403900] ? calculate_sigpending+0x7b/0xa0 [ 26.403925] ? __pfx_kthread+0x10/0x10 [ 26.403947] ret_from_fork+0x116/0x1d0 [ 26.403968] ? __pfx_kthread+0x10/0x10 [ 26.403990] ret_from_fork_asm+0x1a/0x30 [ 26.404022] </TASK> [ 26.404035] [ 26.410850] Allocated by task 313: [ 26.411007] kasan_save_stack+0x45/0x70 [ 26.411217] kasan_save_track+0x18/0x40 [ 26.411424] kasan_save_alloc_info+0x3b/0x50 [ 26.411642] __kasan_kmalloc+0xb7/0xc0 [ 26.411813] __kmalloc_cache_noprof+0x189/0x420 [ 26.412021] kasan_atomics+0x95/0x310 [ 26.412226] kunit_try_run_case+0x1a5/0x480 [ 26.412462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.412703] kthread+0x337/0x6f0 [ 26.412819] ret_from_fork+0x116/0x1d0 [ 26.412946] ret_from_fork_asm+0x1a/0x30 [ 26.413082] [ 26.413150] The buggy address belongs to the object at ffff88810490f900 [ 26.413150] which belongs to the cache kmalloc-64 of size 64 [ 26.413521] The buggy address is located 0 bytes to the right of [ 26.413521] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.413900] [ 26.413981] The buggy address belongs to the physical page: [ 26.414162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.414406] flags: 0x200000000000000(node=0|zone=2) [ 26.414590] page_type: f5(slab) [ 26.414762] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.415150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.415535] page dumped because: kasan: bad access detected [ 26.415731] [ 26.415797] Memory state around the buggy address: [ 26.415948] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.416188] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.416592] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.416955] ^ [ 26.417172] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.417548] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.417865] ================================================================== [ 25.923972] ================================================================== [ 25.924219] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 25.924543] Read of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.924914] [ 25.925023] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.925069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.925083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.925107] Call Trace: [ 25.925123] <TASK> [ 25.925140] dump_stack_lvl+0x73/0xb0 [ 25.925168] print_report+0xd1/0x650 [ 25.925192] ? __virt_addr_valid+0x1db/0x2d0 [ 25.925216] ? kasan_atomics_helper+0x4a84/0x5450 [ 25.925238] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.925266] ? kasan_atomics_helper+0x4a84/0x5450 [ 25.925289] kasan_report+0x141/0x180 [ 25.925320] ? kasan_atomics_helper+0x4a84/0x5450 [ 25.925348] __asan_report_load4_noabort+0x18/0x20 [ 25.925373] kasan_atomics_helper+0x4a84/0x5450 [ 25.925398] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.925423] ? kasan_save_alloc_info+0x3b/0x50 [ 25.925452] kasan_atomics+0x1dc/0x310 [ 25.925477] ? __pfx_kasan_atomics+0x10/0x10 [ 25.925502] ? __pfx_read_tsc+0x10/0x10 [ 25.925543] ? ktime_get_ts64+0x86/0x230 [ 25.925569] kunit_try_run_case+0x1a5/0x480 [ 25.925596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.925621] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.925644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.925668] ? __kthread_parkme+0x82/0x180 [ 25.925690] ? preempt_count_sub+0x50/0x80 [ 25.925715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.925746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.925773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.925799] kthread+0x337/0x6f0 [ 25.925820] ? trace_preempt_on+0x20/0xc0 [ 25.925845] ? __pfx_kthread+0x10/0x10 [ 25.925867] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.925894] ? calculate_sigpending+0x7b/0xa0 [ 25.925919] ? __pfx_kthread+0x10/0x10 [ 25.925942] ret_from_fork+0x116/0x1d0 [ 25.925963] ? __pfx_kthread+0x10/0x10 [ 25.925986] ret_from_fork_asm+0x1a/0x30 [ 25.926018] </TASK> [ 25.926031] [ 25.933468] Allocated by task 313: [ 25.933654] kasan_save_stack+0x45/0x70 [ 25.933859] kasan_save_track+0x18/0x40 [ 25.934024] kasan_save_alloc_info+0x3b/0x50 [ 25.934220] __kasan_kmalloc+0xb7/0xc0 [ 25.934409] __kmalloc_cache_noprof+0x189/0x420 [ 25.934699] kasan_atomics+0x95/0x310 [ 25.934830] kunit_try_run_case+0x1a5/0x480 [ 25.935030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.935272] kthread+0x337/0x6f0 [ 25.935442] ret_from_fork+0x116/0x1d0 [ 25.935643] ret_from_fork_asm+0x1a/0x30 [ 25.935829] [ 25.935914] The buggy address belongs to the object at ffff88810490f900 [ 25.935914] which belongs to the cache kmalloc-64 of size 64 [ 25.936375] The buggy address is located 0 bytes to the right of [ 25.936375] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.936810] [ 25.936881] The buggy address belongs to the physical page: [ 25.937051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.937286] flags: 0x200000000000000(node=0|zone=2) [ 25.937516] page_type: f5(slab) [ 25.937826] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.938165] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.938499] page dumped because: kasan: bad access detected [ 25.938743] [ 25.938940] Memory state around the buggy address: [ 25.939151] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.939376] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.939891] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.940212] ^ [ 25.940425] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.940979] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.941286] ================================================================== [ 26.418277] ================================================================== [ 26.418577] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 26.418833] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.419337] [ 26.419440] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.419505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.419519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.419541] Call Trace: [ 26.419555] <TASK> [ 26.419571] dump_stack_lvl+0x73/0xb0 [ 26.419600] print_report+0xd1/0x650 [ 26.419624] ? __virt_addr_valid+0x1db/0x2d0 [ 26.419648] ? kasan_atomics_helper+0x194a/0x5450 [ 26.419670] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.419697] ? kasan_atomics_helper+0x194a/0x5450 [ 26.419720] kasan_report+0x141/0x180 [ 26.419743] ? kasan_atomics_helper+0x194a/0x5450 [ 26.419770] kasan_check_range+0x10c/0x1c0 [ 26.419795] __kasan_check_write+0x18/0x20 [ 26.419819] kasan_atomics_helper+0x194a/0x5450 [ 26.419843] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.419866] ? kasan_save_alloc_info+0x3b/0x50 [ 26.419895] kasan_atomics+0x1dc/0x310 [ 26.419919] ? __pfx_kasan_atomics+0x10/0x10 [ 26.419944] ? __pfx_read_tsc+0x10/0x10 [ 26.419967] ? ktime_get_ts64+0x86/0x230 [ 26.419993] kunit_try_run_case+0x1a5/0x480 [ 26.420019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.420044] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.420067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.420090] ? __kthread_parkme+0x82/0x180 [ 26.420112] ? preempt_count_sub+0x50/0x80 [ 26.420136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.420162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.420188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.420214] kthread+0x337/0x6f0 [ 26.420235] ? trace_preempt_on+0x20/0xc0 [ 26.420259] ? __pfx_kthread+0x10/0x10 [ 26.420281] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.420316] ? calculate_sigpending+0x7b/0xa0 [ 26.420340] ? __pfx_kthread+0x10/0x10 [ 26.420363] ret_from_fork+0x116/0x1d0 [ 26.420384] ? __pfx_kthread+0x10/0x10 [ 26.420407] ret_from_fork_asm+0x1a/0x30 [ 26.420439] </TASK> [ 26.420453] [ 26.430830] Allocated by task 313: [ 26.430965] kasan_save_stack+0x45/0x70 [ 26.431108] kasan_save_track+0x18/0x40 [ 26.431259] kasan_save_alloc_info+0x3b/0x50 [ 26.431695] __kasan_kmalloc+0xb7/0xc0 [ 26.432598] __kmalloc_cache_noprof+0x189/0x420 [ 26.433002] kasan_atomics+0x95/0x310 [ 26.433336] kunit_try_run_case+0x1a5/0x480 [ 26.434522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.435060] kthread+0x337/0x6f0 [ 26.435399] ret_from_fork+0x116/0x1d0 [ 26.436000] ret_from_fork_asm+0x1a/0x30 [ 26.436147] [ 26.436215] The buggy address belongs to the object at ffff88810490f900 [ 26.436215] which belongs to the cache kmalloc-64 of size 64 [ 26.437235] The buggy address is located 0 bytes to the right of [ 26.437235] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.438376] [ 26.438558] The buggy address belongs to the physical page: [ 26.438959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.439284] flags: 0x200000000000000(node=0|zone=2) [ 26.439529] page_type: f5(slab) [ 26.439856] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.440777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.441006] page dumped because: kasan: bad access detected [ 26.441171] [ 26.441236] Memory state around the buggy address: [ 26.441567] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.442147] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.442778] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.443405] ^ [ 26.443855] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.444470] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.445091] ================================================================== [ 26.011096] ================================================================== [ 26.011602] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 26.012015] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.012339] [ 26.012449] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.012510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.012525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.012548] Call Trace: [ 26.012565] <TASK> [ 26.012582] dump_stack_lvl+0x73/0xb0 [ 26.012611] print_report+0xd1/0x650 [ 26.012634] ? __virt_addr_valid+0x1db/0x2d0 [ 26.012658] ? kasan_atomics_helper+0xf10/0x5450 [ 26.012689] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.012716] ? kasan_atomics_helper+0xf10/0x5450 [ 26.012738] kasan_report+0x141/0x180 [ 26.012761] ? kasan_atomics_helper+0xf10/0x5450 [ 26.012791] kasan_check_range+0x10c/0x1c0 [ 26.012819] __kasan_check_write+0x18/0x20 [ 26.012844] kasan_atomics_helper+0xf10/0x5450 [ 26.012869] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.012940] ? kasan_save_alloc_info+0x3b/0x50 [ 26.012984] kasan_atomics+0x1dc/0x310 [ 26.013010] ? __pfx_kasan_atomics+0x10/0x10 [ 26.013035] ? __pfx_read_tsc+0x10/0x10 [ 26.013060] ? ktime_get_ts64+0x86/0x230 [ 26.013086] kunit_try_run_case+0x1a5/0x480 [ 26.013113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.013139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.013164] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.013188] ? __kthread_parkme+0x82/0x180 [ 26.013212] ? preempt_count_sub+0x50/0x80 [ 26.013237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.013264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.013291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.013338] kthread+0x337/0x6f0 [ 26.013360] ? trace_preempt_on+0x20/0xc0 [ 26.013385] ? __pfx_kthread+0x10/0x10 [ 26.013418] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.013445] ? calculate_sigpending+0x7b/0xa0 [ 26.013472] ? __pfx_kthread+0x10/0x10 [ 26.013504] ret_from_fork+0x116/0x1d0 [ 26.013526] ? __pfx_kthread+0x10/0x10 [ 26.013558] ret_from_fork_asm+0x1a/0x30 [ 26.013591] </TASK> [ 26.013605] [ 26.026257] Allocated by task 313: [ 26.026416] kasan_save_stack+0x45/0x70 [ 26.026799] kasan_save_track+0x18/0x40 [ 26.026989] kasan_save_alloc_info+0x3b/0x50 [ 26.027207] __kasan_kmalloc+0xb7/0xc0 [ 26.027399] __kmalloc_cache_noprof+0x189/0x420 [ 26.027611] kasan_atomics+0x95/0x310 [ 26.027740] kunit_try_run_case+0x1a5/0x480 [ 26.027883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.028198] kthread+0x337/0x6f0 [ 26.028387] ret_from_fork+0x116/0x1d0 [ 26.028643] ret_from_fork_asm+0x1a/0x30 [ 26.029146] [ 26.029250] The buggy address belongs to the object at ffff88810490f900 [ 26.029250] which belongs to the cache kmalloc-64 of size 64 [ 26.029646] The buggy address is located 0 bytes to the right of [ 26.029646] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.030299] [ 26.030377] The buggy address belongs to the physical page: [ 26.030795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.031161] flags: 0x200000000000000(node=0|zone=2) [ 26.031384] page_type: f5(slab) [ 26.031635] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.032003] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.032509] page dumped because: kasan: bad access detected [ 26.032846] [ 26.032947] Memory state around the buggy address: [ 26.033153] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.033478] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.033864] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.034135] ^ [ 26.034374] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.034898] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.035188] ================================================================== [ 26.163100] ================================================================== [ 26.163352] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 26.163949] Read of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.164341] [ 26.164503] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.164552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.164566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.164588] Call Trace: [ 26.164606] <TASK> [ 26.164622] dump_stack_lvl+0x73/0xb0 [ 26.164652] print_report+0xd1/0x650 [ 26.164676] ? __virt_addr_valid+0x1db/0x2d0 [ 26.164702] ? kasan_atomics_helper+0x49e8/0x5450 [ 26.164725] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.164752] ? kasan_atomics_helper+0x49e8/0x5450 [ 26.164775] kasan_report+0x141/0x180 [ 26.164799] ? kasan_atomics_helper+0x49e8/0x5450 [ 26.164826] __asan_report_load4_noabort+0x18/0x20 [ 26.164852] kasan_atomics_helper+0x49e8/0x5450 [ 26.164875] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.164931] ? kasan_save_alloc_info+0x3b/0x50 [ 26.164962] kasan_atomics+0x1dc/0x310 [ 26.164986] ? __pfx_kasan_atomics+0x10/0x10 [ 26.165022] ? __pfx_read_tsc+0x10/0x10 [ 26.165045] ? ktime_get_ts64+0x86/0x230 [ 26.165071] kunit_try_run_case+0x1a5/0x480 [ 26.165098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.165123] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.165147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.165170] ? __kthread_parkme+0x82/0x180 [ 26.165193] ? preempt_count_sub+0x50/0x80 [ 26.165218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.165244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.165270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.165296] kthread+0x337/0x6f0 [ 26.165328] ? trace_preempt_on+0x20/0xc0 [ 26.165352] ? __pfx_kthread+0x10/0x10 [ 26.165375] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.165400] ? calculate_sigpending+0x7b/0xa0 [ 26.165425] ? __pfx_kthread+0x10/0x10 [ 26.165449] ret_from_fork+0x116/0x1d0 [ 26.165469] ? __pfx_kthread+0x10/0x10 [ 26.165501] ret_from_fork_asm+0x1a/0x30 [ 26.165533] </TASK> [ 26.165547] [ 26.173097] Allocated by task 313: [ 26.173274] kasan_save_stack+0x45/0x70 [ 26.173484] kasan_save_track+0x18/0x40 [ 26.173698] kasan_save_alloc_info+0x3b/0x50 [ 26.173898] __kasan_kmalloc+0xb7/0xc0 [ 26.174028] __kmalloc_cache_noprof+0x189/0x420 [ 26.174199] kasan_atomics+0x95/0x310 [ 26.174390] kunit_try_run_case+0x1a5/0x480 [ 26.174746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.175149] kthread+0x337/0x6f0 [ 26.175302] ret_from_fork+0x116/0x1d0 [ 26.175442] ret_from_fork_asm+0x1a/0x30 [ 26.175763] [ 26.175876] The buggy address belongs to the object at ffff88810490f900 [ 26.175876] which belongs to the cache kmalloc-64 of size 64 [ 26.176470] The buggy address is located 0 bytes to the right of [ 26.176470] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.176924] [ 26.176993] The buggy address belongs to the physical page: [ 26.177247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.177670] flags: 0x200000000000000(node=0|zone=2) [ 26.177851] page_type: f5(slab) [ 26.177969] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.178357] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.178759] page dumped because: kasan: bad access detected [ 26.178928] [ 26.178994] Memory state around the buggy address: [ 26.179146] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.179470] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.179841] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.180157] ^ [ 26.180337] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.180807] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.181127] ================================================================== [ 25.501961] ================================================================== [ 25.503047] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 25.503784] Read of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.504757] [ 25.504945] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.504998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.505011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.505032] Call Trace: [ 25.505047] <TASK> [ 25.505063] dump_stack_lvl+0x73/0xb0 [ 25.505094] print_report+0xd1/0x650 [ 25.505117] ? __virt_addr_valid+0x1db/0x2d0 [ 25.505140] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.505161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.505187] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.505209] kasan_report+0x141/0x180 [ 25.505230] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.505256] __asan_report_load4_noabort+0x18/0x20 [ 25.505280] kasan_atomics_helper+0x4bbc/0x5450 [ 25.505302] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.505339] ? kasan_save_alloc_info+0x3b/0x50 [ 25.505367] kasan_atomics+0x1dc/0x310 [ 25.505389] ? __pfx_kasan_atomics+0x10/0x10 [ 25.505413] ? __pfx_read_tsc+0x10/0x10 [ 25.505435] ? ktime_get_ts64+0x86/0x230 [ 25.505459] kunit_try_run_case+0x1a5/0x480 [ 25.505496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.505521] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.505543] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.505566] ? __kthread_parkme+0x82/0x180 [ 25.505586] ? preempt_count_sub+0x50/0x80 [ 25.505608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.505633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.505658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.505731] kthread+0x337/0x6f0 [ 25.505760] ? trace_preempt_on+0x20/0xc0 [ 25.505785] ? __pfx_kthread+0x10/0x10 [ 25.505806] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.505831] ? calculate_sigpending+0x7b/0xa0 [ 25.505855] ? __pfx_kthread+0x10/0x10 [ 25.505877] ret_from_fork+0x116/0x1d0 [ 25.505897] ? __pfx_kthread+0x10/0x10 [ 25.505918] ret_from_fork_asm+0x1a/0x30 [ 25.505950] </TASK> [ 25.505964] [ 25.518303] Allocated by task 313: [ 25.518511] kasan_save_stack+0x45/0x70 [ 25.518669] kasan_save_track+0x18/0x40 [ 25.518878] kasan_save_alloc_info+0x3b/0x50 [ 25.519052] __kasan_kmalloc+0xb7/0xc0 [ 25.519197] __kmalloc_cache_noprof+0x189/0x420 [ 25.519366] kasan_atomics+0x95/0x310 [ 25.519627] kunit_try_run_case+0x1a5/0x480 [ 25.519830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.520060] kthread+0x337/0x6f0 [ 25.520223] ret_from_fork+0x116/0x1d0 [ 25.520361] ret_from_fork_asm+0x1a/0x30 [ 25.520495] [ 25.520562] The buggy address belongs to the object at ffff88810490f900 [ 25.520562] which belongs to the cache kmalloc-64 of size 64 [ 25.521046] The buggy address is located 0 bytes to the right of [ 25.521046] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.521513] [ 25.521609] The buggy address belongs to the physical page: [ 25.522131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.522454] flags: 0x200000000000000(node=0|zone=2) [ 25.522677] page_type: f5(slab) [ 25.522880] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.523132] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.523481] page dumped because: kasan: bad access detected [ 25.523778] [ 25.523855] Memory state around the buggy address: [ 25.524036] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.524245] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.524512] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.524822] ^ [ 25.525038] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.525352] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.525574] ================================================================== [ 26.035795] ================================================================== [ 26.036094] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 26.036417] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.036703] [ 26.036851] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.037111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.037130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.037169] Call Trace: [ 26.037186] <TASK> [ 26.037203] dump_stack_lvl+0x73/0xb0 [ 26.037234] print_report+0xd1/0x650 [ 26.037258] ? __virt_addr_valid+0x1db/0x2d0 [ 26.037291] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.037330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.037359] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.037383] kasan_report+0x141/0x180 [ 26.037406] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.037431] kasan_check_range+0x10c/0x1c0 [ 26.037456] __kasan_check_write+0x18/0x20 [ 26.037479] kasan_atomics_helper+0xfa9/0x5450 [ 26.037503] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.037527] ? kasan_save_alloc_info+0x3b/0x50 [ 26.037556] kasan_atomics+0x1dc/0x310 [ 26.037578] ? __pfx_kasan_atomics+0x10/0x10 [ 26.037603] ? __pfx_read_tsc+0x10/0x10 [ 26.037627] ? ktime_get_ts64+0x86/0x230 [ 26.037653] kunit_try_run_case+0x1a5/0x480 [ 26.037681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.037706] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.037729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.037756] ? __kthread_parkme+0x82/0x180 [ 26.037778] ? preempt_count_sub+0x50/0x80 [ 26.037803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.037829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.037854] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.037880] kthread+0x337/0x6f0 [ 26.037900] ? trace_preempt_on+0x20/0xc0 [ 26.037926] ? __pfx_kthread+0x10/0x10 [ 26.038025] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.038054] ? calculate_sigpending+0x7b/0xa0 [ 26.038080] ? __pfx_kthread+0x10/0x10 [ 26.038102] ret_from_fork+0x116/0x1d0 [ 26.038124] ? __pfx_kthread+0x10/0x10 [ 26.038145] ret_from_fork_asm+0x1a/0x30 [ 26.038177] </TASK> [ 26.038189] [ 26.045888] Allocated by task 313: [ 26.046081] kasan_save_stack+0x45/0x70 [ 26.046261] kasan_save_track+0x18/0x40 [ 26.046464] kasan_save_alloc_info+0x3b/0x50 [ 26.046668] __kasan_kmalloc+0xb7/0xc0 [ 26.046856] __kmalloc_cache_noprof+0x189/0x420 [ 26.047037] kasan_atomics+0x95/0x310 [ 26.047200] kunit_try_run_case+0x1a5/0x480 [ 26.047394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.047661] kthread+0x337/0x6f0 [ 26.047829] ret_from_fork+0x116/0x1d0 [ 26.048022] ret_from_fork_asm+0x1a/0x30 [ 26.048213] [ 26.048315] The buggy address belongs to the object at ffff88810490f900 [ 26.048315] which belongs to the cache kmalloc-64 of size 64 [ 26.048915] The buggy address is located 0 bytes to the right of [ 26.048915] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.049425] [ 26.049571] The buggy address belongs to the physical page: [ 26.049775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.050129] flags: 0x200000000000000(node=0|zone=2) [ 26.050366] page_type: f5(slab) [ 26.050520] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.050822] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.051120] page dumped because: kasan: bad access detected [ 26.051289] [ 26.051364] Memory state around the buggy address: [ 26.051513] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.051724] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.052034] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.052379] ^ [ 26.052596] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.052904] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.053343] ================================================================== [ 26.725545] ================================================================== [ 26.725810] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 26.726048] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.726271] [ 26.726391] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.726448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.726464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.726501] Call Trace: [ 26.726523] <TASK> [ 26.726545] dump_stack_lvl+0x73/0xb0 [ 26.726576] print_report+0xd1/0x650 [ 26.726601] ? __virt_addr_valid+0x1db/0x2d0 [ 26.726627] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.726649] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.726676] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.726698] kasan_report+0x141/0x180 [ 26.726721] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.726748] kasan_check_range+0x10c/0x1c0 [ 26.726772] __kasan_check_write+0x18/0x20 [ 26.726798] kasan_atomics_helper+0x20c8/0x5450 [ 26.726823] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.726847] ? kasan_save_alloc_info+0x3b/0x50 [ 26.726876] kasan_atomics+0x1dc/0x310 [ 26.726899] ? __pfx_kasan_atomics+0x10/0x10 [ 26.726924] ? __pfx_read_tsc+0x10/0x10 [ 26.726947] ? ktime_get_ts64+0x86/0x230 [ 26.726974] kunit_try_run_case+0x1a5/0x480 [ 26.727000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.727026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.727050] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.727073] ? __kthread_parkme+0x82/0x180 [ 26.727095] ? preempt_count_sub+0x50/0x80 [ 26.727120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.727145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.727171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.727196] kthread+0x337/0x6f0 [ 26.727217] ? trace_preempt_on+0x20/0xc0 [ 26.727242] ? __pfx_kthread+0x10/0x10 [ 26.727264] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.727289] ? calculate_sigpending+0x7b/0xa0 [ 26.727326] ? __pfx_kthread+0x10/0x10 [ 26.727351] ret_from_fork+0x116/0x1d0 [ 26.727371] ? __pfx_kthread+0x10/0x10 [ 26.727393] ret_from_fork_asm+0x1a/0x30 [ 26.727426] </TASK> [ 26.727439] [ 26.741135] Allocated by task 313: [ 26.741522] kasan_save_stack+0x45/0x70 [ 26.741929] kasan_save_track+0x18/0x40 [ 26.742317] kasan_save_alloc_info+0x3b/0x50 [ 26.742678] __kasan_kmalloc+0xb7/0xc0 [ 26.742897] __kmalloc_cache_noprof+0x189/0x420 [ 26.743211] kasan_atomics+0x95/0x310 [ 26.743351] kunit_try_run_case+0x1a5/0x480 [ 26.743510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.744050] kthread+0x337/0x6f0 [ 26.744391] ret_from_fork+0x116/0x1d0 [ 26.744803] ret_from_fork_asm+0x1a/0x30 [ 26.745293] [ 26.745495] The buggy address belongs to the object at ffff88810490f900 [ 26.745495] which belongs to the cache kmalloc-64 of size 64 [ 26.745924] The buggy address is located 0 bytes to the right of [ 26.745924] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.746275] [ 26.746357] The buggy address belongs to the physical page: [ 26.746541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.746950] flags: 0x200000000000000(node=0|zone=2) [ 26.747223] page_type: f5(slab) [ 26.747401] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.747737] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.748053] page dumped because: kasan: bad access detected [ 26.748212] [ 26.748275] Memory state around the buggy address: [ 26.748493] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.748853] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.749253] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.749630] ^ [ 26.749874] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.750089] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.750459] ================================================================== [ 26.351817] ================================================================== [ 26.352086] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 26.352322] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.352714] [ 26.352820] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.352868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.352892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.352914] Call Trace: [ 26.352931] <TASK> [ 26.352948] dump_stack_lvl+0x73/0xb0 [ 26.352988] print_report+0xd1/0x650 [ 26.353012] ? __virt_addr_valid+0x1db/0x2d0 [ 26.353037] ? kasan_atomics_helper+0x16e7/0x5450 [ 26.353060] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.353087] ? kasan_atomics_helper+0x16e7/0x5450 [ 26.353110] kasan_report+0x141/0x180 [ 26.353133] ? kasan_atomics_helper+0x16e7/0x5450 [ 26.353160] kasan_check_range+0x10c/0x1c0 [ 26.353186] __kasan_check_write+0x18/0x20 [ 26.353210] kasan_atomics_helper+0x16e7/0x5450 [ 26.353234] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.353258] ? kasan_save_alloc_info+0x3b/0x50 [ 26.353288] kasan_atomics+0x1dc/0x310 [ 26.353324] ? __pfx_kasan_atomics+0x10/0x10 [ 26.353360] ? __pfx_read_tsc+0x10/0x10 [ 26.353383] ? ktime_get_ts64+0x86/0x230 [ 26.353409] kunit_try_run_case+0x1a5/0x480 [ 26.353445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.353470] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.353513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.353538] ? __kthread_parkme+0x82/0x180 [ 26.353560] ? preempt_count_sub+0x50/0x80 [ 26.353585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.353612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.353638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.353663] kthread+0x337/0x6f0 [ 26.353684] ? trace_preempt_on+0x20/0xc0 [ 26.353708] ? __pfx_kthread+0x10/0x10 [ 26.353742] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.353768] ? calculate_sigpending+0x7b/0xa0 [ 26.353803] ? __pfx_kthread+0x10/0x10 [ 26.353827] ret_from_fork+0x116/0x1d0 [ 26.353847] ? __pfx_kthread+0x10/0x10 [ 26.353869] ret_from_fork_asm+0x1a/0x30 [ 26.353902] </TASK> [ 26.353915] [ 26.360774] Allocated by task 313: [ 26.360947] kasan_save_stack+0x45/0x70 [ 26.361142] kasan_save_track+0x18/0x40 [ 26.361339] kasan_save_alloc_info+0x3b/0x50 [ 26.361552] __kasan_kmalloc+0xb7/0xc0 [ 26.361718] __kmalloc_cache_noprof+0x189/0x420 [ 26.361927] kasan_atomics+0x95/0x310 [ 26.362057] kunit_try_run_case+0x1a5/0x480 [ 26.362199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.362379] kthread+0x337/0x6f0 [ 26.362521] ret_from_fork+0x116/0x1d0 [ 26.362651] ret_from_fork_asm+0x1a/0x30 [ 26.362808] [ 26.362900] The buggy address belongs to the object at ffff88810490f900 [ 26.362900] which belongs to the cache kmalloc-64 of size 64 [ 26.363497] The buggy address is located 0 bytes to the right of [ 26.363497] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.364094] [ 26.364187] The buggy address belongs to the physical page: [ 26.364443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.364836] flags: 0x200000000000000(node=0|zone=2) [ 26.365068] page_type: f5(slab) [ 26.365233] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.365631] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.365927] page dumped because: kasan: bad access detected [ 26.366176] [ 26.366265] Memory state around the buggy address: [ 26.366502] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.366807] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.367100] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.367423] ^ [ 26.367597] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.367811] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.368019] ================================================================== [ 26.496537] ================================================================== [ 26.496767] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 26.496992] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.497208] [ 26.497415] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.497464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.497479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.497500] Call Trace: [ 26.497516] <TASK> [ 26.497546] dump_stack_lvl+0x73/0xb0 [ 26.497574] print_report+0xd1/0x650 [ 26.497596] ? __virt_addr_valid+0x1db/0x2d0 [ 26.497620] ? kasan_atomics_helper+0x1c18/0x5450 [ 26.497641] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.497674] ? kasan_atomics_helper+0x1c18/0x5450 [ 26.497697] kasan_report+0x141/0x180 [ 26.497720] ? kasan_atomics_helper+0x1c18/0x5450 [ 26.497751] kasan_check_range+0x10c/0x1c0 [ 26.497775] __kasan_check_write+0x18/0x20 [ 26.497800] kasan_atomics_helper+0x1c18/0x5450 [ 26.497822] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.497845] ? kasan_save_alloc_info+0x3b/0x50 [ 26.497874] kasan_atomics+0x1dc/0x310 [ 26.497898] ? __pfx_kasan_atomics+0x10/0x10 [ 26.497923] ? __pfx_read_tsc+0x10/0x10 [ 26.497945] ? ktime_get_ts64+0x86/0x230 [ 26.497971] kunit_try_run_case+0x1a5/0x480 [ 26.497997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.498022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.498046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.498070] ? __kthread_parkme+0x82/0x180 [ 26.498092] ? preempt_count_sub+0x50/0x80 [ 26.498116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.498143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.498168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.498193] kthread+0x337/0x6f0 [ 26.498215] ? trace_preempt_on+0x20/0xc0 [ 26.498239] ? __pfx_kthread+0x10/0x10 [ 26.498260] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.498285] ? calculate_sigpending+0x7b/0xa0 [ 26.498321] ? __pfx_kthread+0x10/0x10 [ 26.498344] ret_from_fork+0x116/0x1d0 [ 26.498365] ? __pfx_kthread+0x10/0x10 [ 26.498387] ret_from_fork_asm+0x1a/0x30 [ 26.498419] </TASK> [ 26.498432] [ 26.506074] Allocated by task 313: [ 26.506247] kasan_save_stack+0x45/0x70 [ 26.506449] kasan_save_track+0x18/0x40 [ 26.506853] kasan_save_alloc_info+0x3b/0x50 [ 26.507059] __kasan_kmalloc+0xb7/0xc0 [ 26.507225] __kmalloc_cache_noprof+0x189/0x420 [ 26.507385] kasan_atomics+0x95/0x310 [ 26.507594] kunit_try_run_case+0x1a5/0x480 [ 26.507808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.508062] kthread+0x337/0x6f0 [ 26.508214] ret_from_fork+0x116/0x1d0 [ 26.508384] ret_from_fork_asm+0x1a/0x30 [ 26.508574] [ 26.508670] The buggy address belongs to the object at ffff88810490f900 [ 26.508670] which belongs to the cache kmalloc-64 of size 64 [ 26.509118] The buggy address is located 0 bytes to the right of [ 26.509118] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.509721] [ 26.509793] The buggy address belongs to the physical page: [ 26.510013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.510324] flags: 0x200000000000000(node=0|zone=2) [ 26.510567] page_type: f5(slab) [ 26.510719] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.511006] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.511246] page dumped because: kasan: bad access detected [ 26.511429] [ 26.511496] Memory state around the buggy address: [ 26.511647] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.511857] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.512068] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.512387] ^ [ 26.512607] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.513148] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.513848] ================================================================== [ 26.833177] ================================================================== [ 26.834410] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 26.835316] Read of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.836224] [ 26.836554] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.836611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.836627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.836653] Call Trace: [ 26.836675] <TASK> [ 26.836697] dump_stack_lvl+0x73/0xb0 [ 26.836731] print_report+0xd1/0x650 [ 26.836755] ? __virt_addr_valid+0x1db/0x2d0 [ 26.836794] ? kasan_atomics_helper+0x5115/0x5450 [ 26.836838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.836866] ? kasan_atomics_helper+0x5115/0x5450 [ 26.836889] kasan_report+0x141/0x180 [ 26.836912] ? kasan_atomics_helper+0x5115/0x5450 [ 26.836940] __asan_report_load8_noabort+0x18/0x20 [ 26.836965] kasan_atomics_helper+0x5115/0x5450 [ 26.836989] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.837012] ? kasan_save_alloc_info+0x3b/0x50 [ 26.837040] kasan_atomics+0x1dc/0x310 [ 26.837065] ? __pfx_kasan_atomics+0x10/0x10 [ 26.837090] ? __pfx_read_tsc+0x10/0x10 [ 26.837113] ? ktime_get_ts64+0x86/0x230 [ 26.837139] kunit_try_run_case+0x1a5/0x480 [ 26.837166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.837192] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.837215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.837238] ? __kthread_parkme+0x82/0x180 [ 26.837260] ? preempt_count_sub+0x50/0x80 [ 26.837285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.837324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.837350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.837376] kthread+0x337/0x6f0 [ 26.837397] ? trace_preempt_on+0x20/0xc0 [ 26.837422] ? __pfx_kthread+0x10/0x10 [ 26.837444] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.837470] ? calculate_sigpending+0x7b/0xa0 [ 26.837504] ? __pfx_kthread+0x10/0x10 [ 26.837526] ret_from_fork+0x116/0x1d0 [ 26.837547] ? __pfx_kthread+0x10/0x10 [ 26.837569] ret_from_fork_asm+0x1a/0x30 [ 26.837602] </TASK> [ 26.837615] [ 26.847899] Allocated by task 313: [ 26.848213] kasan_save_stack+0x45/0x70 [ 26.848492] kasan_save_track+0x18/0x40 [ 26.848788] kasan_save_alloc_info+0x3b/0x50 [ 26.849050] __kasan_kmalloc+0xb7/0xc0 [ 26.849190] __kmalloc_cache_noprof+0x189/0x420 [ 26.849541] kasan_atomics+0x95/0x310 [ 26.849848] kunit_try_run_case+0x1a5/0x480 [ 26.850005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.850359] kthread+0x337/0x6f0 [ 26.850671] ret_from_fork+0x116/0x1d0 [ 26.850876] ret_from_fork_asm+0x1a/0x30 [ 26.851058] [ 26.851137] The buggy address belongs to the object at ffff88810490f900 [ 26.851137] which belongs to the cache kmalloc-64 of size 64 [ 26.852016] The buggy address is located 0 bytes to the right of [ 26.852016] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.852493] [ 26.852767] The buggy address belongs to the physical page: [ 26.853147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.853549] flags: 0x200000000000000(node=0|zone=2) [ 26.854074] page_type: f5(slab) [ 26.854458] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.854821] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.855044] page dumped because: kasan: bad access detected [ 26.855208] [ 26.855272] Memory state around the buggy address: [ 26.855437] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.855661] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.856398] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.856802] ^ [ 26.856988] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.857376] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.857818] ================================================================== [ 26.089960] ================================================================== [ 26.090289] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 26.090649] Read of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.090936] [ 26.091043] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.091093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.091107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.091130] Call Trace: [ 26.091146] <TASK> [ 26.091162] dump_stack_lvl+0x73/0xb0 [ 26.091190] print_report+0xd1/0x650 [ 26.091214] ? __virt_addr_valid+0x1db/0x2d0 [ 26.091237] ? kasan_atomics_helper+0x4a1c/0x5450 [ 26.091260] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.091286] ? kasan_atomics_helper+0x4a1c/0x5450 [ 26.091320] kasan_report+0x141/0x180 [ 26.091344] ? kasan_atomics_helper+0x4a1c/0x5450 [ 26.091370] __asan_report_load4_noabort+0x18/0x20 [ 26.091395] kasan_atomics_helper+0x4a1c/0x5450 [ 26.091418] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.091442] ? kasan_save_alloc_info+0x3b/0x50 [ 26.091471] kasan_atomics+0x1dc/0x310 [ 26.091507] ? __pfx_kasan_atomics+0x10/0x10 [ 26.091532] ? __pfx_read_tsc+0x10/0x10 [ 26.091554] ? ktime_get_ts64+0x86/0x230 [ 26.091593] kunit_try_run_case+0x1a5/0x480 [ 26.091622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.091650] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.091675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.091698] ? __kthread_parkme+0x82/0x180 [ 26.091720] ? preempt_count_sub+0x50/0x80 [ 26.091745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.091771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.091797] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.091823] kthread+0x337/0x6f0 [ 26.091844] ? trace_preempt_on+0x20/0xc0 [ 26.091867] ? __pfx_kthread+0x10/0x10 [ 26.091889] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.091914] ? calculate_sigpending+0x7b/0xa0 [ 26.091939] ? __pfx_kthread+0x10/0x10 [ 26.091961] ret_from_fork+0x116/0x1d0 [ 26.091982] ? __pfx_kthread+0x10/0x10 [ 26.092004] ret_from_fork_asm+0x1a/0x30 [ 26.092036] </TASK> [ 26.092049] [ 26.099230] Allocated by task 313: [ 26.099367] kasan_save_stack+0x45/0x70 [ 26.099503] kasan_save_track+0x18/0x40 [ 26.099635] kasan_save_alloc_info+0x3b/0x50 [ 26.099778] __kasan_kmalloc+0xb7/0xc0 [ 26.099906] __kmalloc_cache_noprof+0x189/0x420 [ 26.100056] kasan_atomics+0x95/0x310 [ 26.100183] kunit_try_run_case+0x1a5/0x480 [ 26.100341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.100590] kthread+0x337/0x6f0 [ 26.100790] ret_from_fork+0x116/0x1d0 [ 26.101011] ret_from_fork_asm+0x1a/0x30 [ 26.101243] [ 26.101357] The buggy address belongs to the object at ffff88810490f900 [ 26.101357] which belongs to the cache kmalloc-64 of size 64 [ 26.101969] The buggy address is located 0 bytes to the right of [ 26.101969] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.102469] [ 26.102572] The buggy address belongs to the physical page: [ 26.102801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.103037] flags: 0x200000000000000(node=0|zone=2) [ 26.103194] page_type: f5(slab) [ 26.103320] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.103674] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.104413] page dumped because: kasan: bad access detected [ 26.104716] [ 26.104822] Memory state around the buggy address: [ 26.105013] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.105318] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.105684] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.106018] ^ [ 26.106169] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.106426] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.107015] ================================================================== [ 26.445956] ================================================================== [ 26.446290] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 26.447212] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.447450] [ 26.447554] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.447603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.447617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.447640] Call Trace: [ 26.447656] <TASK> [ 26.447673] dump_stack_lvl+0x73/0xb0 [ 26.447701] print_report+0xd1/0x650 [ 26.447724] ? __virt_addr_valid+0x1db/0x2d0 [ 26.447748] ? kasan_atomics_helper+0x19e3/0x5450 [ 26.447770] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.447797] ? kasan_atomics_helper+0x19e3/0x5450 [ 26.447820] kasan_report+0x141/0x180 [ 26.447843] ? kasan_atomics_helper+0x19e3/0x5450 [ 26.447869] kasan_check_range+0x10c/0x1c0 [ 26.447894] __kasan_check_write+0x18/0x20 [ 26.447917] kasan_atomics_helper+0x19e3/0x5450 [ 26.447940] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.447964] ? kasan_save_alloc_info+0x3b/0x50 [ 26.447992] kasan_atomics+0x1dc/0x310 [ 26.448016] ? __pfx_kasan_atomics+0x10/0x10 [ 26.448041] ? __pfx_read_tsc+0x10/0x10 [ 26.448063] ? ktime_get_ts64+0x86/0x230 [ 26.448089] kunit_try_run_case+0x1a5/0x480 [ 26.448114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.448139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.448162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.448185] ? __kthread_parkme+0x82/0x180 [ 26.448206] ? preempt_count_sub+0x50/0x80 [ 26.448231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.448257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.448282] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.448318] kthread+0x337/0x6f0 [ 26.448340] ? trace_preempt_on+0x20/0xc0 [ 26.448365] ? __pfx_kthread+0x10/0x10 [ 26.448386] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.448412] ? calculate_sigpending+0x7b/0xa0 [ 26.448437] ? __pfx_kthread+0x10/0x10 [ 26.448460] ret_from_fork+0x116/0x1d0 [ 26.448480] ? __pfx_kthread+0x10/0x10 [ 26.448502] ret_from_fork_asm+0x1a/0x30 [ 26.448533] </TASK> [ 26.448546] [ 26.455848] Allocated by task 313: [ 26.455983] kasan_save_stack+0x45/0x70 [ 26.456124] kasan_save_track+0x18/0x40 [ 26.456255] kasan_save_alloc_info+0x3b/0x50 [ 26.456450] __kasan_kmalloc+0xb7/0xc0 [ 26.456636] __kmalloc_cache_noprof+0x189/0x420 [ 26.456857] kasan_atomics+0x95/0x310 [ 26.457044] kunit_try_run_case+0x1a5/0x480 [ 26.457223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.457463] kthread+0x337/0x6f0 [ 26.457611] ret_from_fork+0x116/0x1d0 [ 26.457742] ret_from_fork_asm+0x1a/0x30 [ 26.457878] [ 26.457945] The buggy address belongs to the object at ffff88810490f900 [ 26.457945] which belongs to the cache kmalloc-64 of size 64 [ 26.458286] The buggy address is located 0 bytes to the right of [ 26.458286] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.458744] [ 26.458814] The buggy address belongs to the physical page: [ 26.458994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.459333] flags: 0x200000000000000(node=0|zone=2) [ 26.459490] page_type: f5(slab) [ 26.459762] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.460010] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.460359] page dumped because: kasan: bad access detected [ 26.460620] [ 26.460684] Memory state around the buggy address: [ 26.460831] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.461040] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.461246] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.461619] ^ [ 26.462039] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.462358] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.462700] ================================================================== [ 25.801542] ================================================================== [ 25.801779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 25.802007] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.802479] [ 25.802600] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.802648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.802663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.802687] Call Trace: [ 25.802705] <TASK> [ 25.802721] dump_stack_lvl+0x73/0xb0 [ 25.802750] print_report+0xd1/0x650 [ 25.802773] ? __virt_addr_valid+0x1db/0x2d0 [ 25.802798] ? kasan_atomics_helper+0x992/0x5450 [ 25.802820] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.802847] ? kasan_atomics_helper+0x992/0x5450 [ 25.802869] kasan_report+0x141/0x180 [ 25.802893] ? kasan_atomics_helper+0x992/0x5450 [ 25.802920] kasan_check_range+0x10c/0x1c0 [ 25.802944] __kasan_check_write+0x18/0x20 [ 25.802968] kasan_atomics_helper+0x992/0x5450 [ 25.802992] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.803016] ? kasan_save_alloc_info+0x3b/0x50 [ 25.803045] kasan_atomics+0x1dc/0x310 [ 25.803069] ? __pfx_kasan_atomics+0x10/0x10 [ 25.803094] ? __pfx_read_tsc+0x10/0x10 [ 25.803117] ? ktime_get_ts64+0x86/0x230 [ 25.803142] kunit_try_run_case+0x1a5/0x480 [ 25.803169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.803195] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.803218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.803241] ? __kthread_parkme+0x82/0x180 [ 25.803263] ? preempt_count_sub+0x50/0x80 [ 25.803289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.803325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.803353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.803378] kthread+0x337/0x6f0 [ 25.803400] ? trace_preempt_on+0x20/0xc0 [ 25.803425] ? __pfx_kthread+0x10/0x10 [ 25.803447] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.803473] ? calculate_sigpending+0x7b/0xa0 [ 25.803501] ? __pfx_kthread+0x10/0x10 [ 25.803523] ret_from_fork+0x116/0x1d0 [ 25.803543] ? __pfx_kthread+0x10/0x10 [ 25.803566] ret_from_fork_asm+0x1a/0x30 [ 25.803597] </TASK> [ 25.803609] [ 25.811466] Allocated by task 313: [ 25.811658] kasan_save_stack+0x45/0x70 [ 25.811868] kasan_save_track+0x18/0x40 [ 25.812056] kasan_save_alloc_info+0x3b/0x50 [ 25.812242] __kasan_kmalloc+0xb7/0xc0 [ 25.812419] __kmalloc_cache_noprof+0x189/0x420 [ 25.812633] kasan_atomics+0x95/0x310 [ 25.812927] kunit_try_run_case+0x1a5/0x480 [ 25.813076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.813247] kthread+0x337/0x6f0 [ 25.813376] ret_from_fork+0x116/0x1d0 [ 25.813506] ret_from_fork_asm+0x1a/0x30 [ 25.813642] [ 25.813735] The buggy address belongs to the object at ffff88810490f900 [ 25.813735] which belongs to the cache kmalloc-64 of size 64 [ 25.815147] The buggy address is located 0 bytes to the right of [ 25.815147] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.815598] [ 25.815717] The buggy address belongs to the physical page: [ 25.816064] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.816432] flags: 0x200000000000000(node=0|zone=2) [ 25.816679] page_type: f5(slab) [ 25.816847] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.817075] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.817299] page dumped because: kasan: bad access detected [ 25.819024] [ 25.819181] Memory state around the buggy address: [ 25.819590] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.820246] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.821361] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.822070] ^ [ 25.822831] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.823375] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.823906] ================================================================== [ 26.701023] ================================================================== [ 26.701325] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 26.701581] Read of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.702395] [ 26.702769] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.702967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.702985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.703011] Call Trace: [ 26.703034] <TASK> [ 26.703058] dump_stack_lvl+0x73/0xb0 [ 26.703090] print_report+0xd1/0x650 [ 26.703115] ? __virt_addr_valid+0x1db/0x2d0 [ 26.703141] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.703164] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.703192] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.703216] kasan_report+0x141/0x180 [ 26.703239] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.703266] __asan_report_load8_noabort+0x18/0x20 [ 26.703292] kasan_atomics_helper+0x4f98/0x5450 [ 26.703329] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.703353] ? kasan_save_alloc_info+0x3b/0x50 [ 26.703382] kasan_atomics+0x1dc/0x310 [ 26.703405] ? __pfx_kasan_atomics+0x10/0x10 [ 26.703430] ? __pfx_read_tsc+0x10/0x10 [ 26.703454] ? ktime_get_ts64+0x86/0x230 [ 26.703481] kunit_try_run_case+0x1a5/0x480 [ 26.703518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.703542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.703566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.703590] ? __kthread_parkme+0x82/0x180 [ 26.703612] ? preempt_count_sub+0x50/0x80 [ 26.703638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.703664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.703689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.703714] kthread+0x337/0x6f0 [ 26.703736] ? trace_preempt_on+0x20/0xc0 [ 26.703760] ? __pfx_kthread+0x10/0x10 [ 26.703782] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.703808] ? calculate_sigpending+0x7b/0xa0 [ 26.703833] ? __pfx_kthread+0x10/0x10 [ 26.703855] ret_from_fork+0x116/0x1d0 [ 26.703876] ? __pfx_kthread+0x10/0x10 [ 26.703897] ret_from_fork_asm+0x1a/0x30 [ 26.703933] </TASK> [ 26.703948] [ 26.713598] Allocated by task 313: [ 26.713948] kasan_save_stack+0x45/0x70 [ 26.714217] kasan_save_track+0x18/0x40 [ 26.714424] kasan_save_alloc_info+0x3b/0x50 [ 26.714757] __kasan_kmalloc+0xb7/0xc0 [ 26.714935] __kmalloc_cache_noprof+0x189/0x420 [ 26.715279] kasan_atomics+0x95/0x310 [ 26.715574] kunit_try_run_case+0x1a5/0x480 [ 26.715736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.716087] kthread+0x337/0x6f0 [ 26.716213] ret_from_fork+0x116/0x1d0 [ 26.716414] ret_from_fork_asm+0x1a/0x30 [ 26.716842] [ 26.716952] The buggy address belongs to the object at ffff88810490f900 [ 26.716952] which belongs to the cache kmalloc-64 of size 64 [ 26.717515] The buggy address is located 0 bytes to the right of [ 26.717515] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.718259] [ 26.718349] The buggy address belongs to the physical page: [ 26.718797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.719196] flags: 0x200000000000000(node=0|zone=2) [ 26.719390] page_type: f5(slab) [ 26.719776] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.720100] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.720506] page dumped because: kasan: bad access detected [ 26.720722] [ 26.720819] Memory state around the buggy address: [ 26.721209] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.721631] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.721918] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.722343] ^ [ 26.722585] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.723019] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.723322] ================================================================== [ 25.686361] ================================================================== [ 25.686651] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 25.687146] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.687462] [ 25.687915] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.688026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.688042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.688064] Call Trace: [ 25.688083] <TASK> [ 25.688196] dump_stack_lvl+0x73/0xb0 [ 25.688231] print_report+0xd1/0x650 [ 25.688255] ? __virt_addr_valid+0x1db/0x2d0 [ 25.688279] ? kasan_atomics_helper+0x5fe/0x5450 [ 25.688301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.688340] ? kasan_atomics_helper+0x5fe/0x5450 [ 25.688363] kasan_report+0x141/0x180 [ 25.688386] ? kasan_atomics_helper+0x5fe/0x5450 [ 25.688412] kasan_check_range+0x10c/0x1c0 [ 25.688437] __kasan_check_write+0x18/0x20 [ 25.688461] kasan_atomics_helper+0x5fe/0x5450 [ 25.688494] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.688518] ? kasan_save_alloc_info+0x3b/0x50 [ 25.688548] kasan_atomics+0x1dc/0x310 [ 25.688572] ? __pfx_kasan_atomics+0x10/0x10 [ 25.688597] ? __pfx_read_tsc+0x10/0x10 [ 25.688620] ? ktime_get_ts64+0x86/0x230 [ 25.688646] kunit_try_run_case+0x1a5/0x480 [ 25.688683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.688709] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.688732] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.688756] ? __kthread_parkme+0x82/0x180 [ 25.688778] ? preempt_count_sub+0x50/0x80 [ 25.688802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.688829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.688855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.688881] kthread+0x337/0x6f0 [ 25.688902] ? trace_preempt_on+0x20/0xc0 [ 25.688927] ? __pfx_kthread+0x10/0x10 [ 25.688949] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.688974] ? calculate_sigpending+0x7b/0xa0 [ 25.688999] ? __pfx_kthread+0x10/0x10 [ 25.689022] ret_from_fork+0x116/0x1d0 [ 25.689041] ? __pfx_kthread+0x10/0x10 [ 25.689063] ret_from_fork_asm+0x1a/0x30 [ 25.689095] </TASK> [ 25.689108] [ 25.699401] Allocated by task 313: [ 25.699652] kasan_save_stack+0x45/0x70 [ 25.700042] kasan_save_track+0x18/0x40 [ 25.700218] kasan_save_alloc_info+0x3b/0x50 [ 25.700417] __kasan_kmalloc+0xb7/0xc0 [ 25.700587] __kmalloc_cache_noprof+0x189/0x420 [ 25.700975] kasan_atomics+0x95/0x310 [ 25.701160] kunit_try_run_case+0x1a5/0x480 [ 25.701454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.701793] kthread+0x337/0x6f0 [ 25.701936] ret_from_fork+0x116/0x1d0 [ 25.702116] ret_from_fork_asm+0x1a/0x30 [ 25.702290] [ 25.702395] The buggy address belongs to the object at ffff88810490f900 [ 25.702395] which belongs to the cache kmalloc-64 of size 64 [ 25.703341] The buggy address is located 0 bytes to the right of [ 25.703341] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.704082] [ 25.704185] The buggy address belongs to the physical page: [ 25.704419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.705006] flags: 0x200000000000000(node=0|zone=2) [ 25.705204] page_type: f5(slab) [ 25.705378] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.705960] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.706286] page dumped because: kasan: bad access detected [ 25.706530] [ 25.706734] Memory state around the buggy address: [ 25.707005] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.707284] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.707630] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.708197] ^ [ 25.708380] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.709003] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.709392] ================================================================== [ 26.334185] ================================================================== [ 26.334694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 26.335001] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.335220] [ 26.335299] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.335359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.335374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.335397] Call Trace: [ 26.335411] <TASK> [ 26.335427] dump_stack_lvl+0x73/0xb0 [ 26.335455] print_report+0xd1/0x650 [ 26.335500] ? __virt_addr_valid+0x1db/0x2d0 [ 26.335524] ? kasan_atomics_helper+0x164f/0x5450 [ 26.335546] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.335574] ? kasan_atomics_helper+0x164f/0x5450 [ 26.335598] kasan_report+0x141/0x180 [ 26.335621] ? kasan_atomics_helper+0x164f/0x5450 [ 26.335648] kasan_check_range+0x10c/0x1c0 [ 26.335673] __kasan_check_write+0x18/0x20 [ 26.335698] kasan_atomics_helper+0x164f/0x5450 [ 26.335721] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.335745] ? kasan_save_alloc_info+0x3b/0x50 [ 26.335785] kasan_atomics+0x1dc/0x310 [ 26.335808] ? __pfx_kasan_atomics+0x10/0x10 [ 26.335844] ? __pfx_read_tsc+0x10/0x10 [ 26.335868] ? ktime_get_ts64+0x86/0x230 [ 26.335893] kunit_try_run_case+0x1a5/0x480 [ 26.335919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.335943] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.335966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.335989] ? __kthread_parkme+0x82/0x180 [ 26.336011] ? preempt_count_sub+0x50/0x80 [ 26.336035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.336061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.336086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.336112] kthread+0x337/0x6f0 [ 26.336133] ? trace_preempt_on+0x20/0xc0 [ 26.336157] ? __pfx_kthread+0x10/0x10 [ 26.336178] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.336204] ? calculate_sigpending+0x7b/0xa0 [ 26.336230] ? __pfx_kthread+0x10/0x10 [ 26.336252] ret_from_fork+0x116/0x1d0 [ 26.336273] ? __pfx_kthread+0x10/0x10 [ 26.336294] ret_from_fork_asm+0x1a/0x30 [ 26.336335] </TASK> [ 26.336348] [ 26.343532] Allocated by task 313: [ 26.343711] kasan_save_stack+0x45/0x70 [ 26.343905] kasan_save_track+0x18/0x40 [ 26.344092] kasan_save_alloc_info+0x3b/0x50 [ 26.344301] __kasan_kmalloc+0xb7/0xc0 [ 26.344546] __kmalloc_cache_noprof+0x189/0x420 [ 26.344786] kasan_atomics+0x95/0x310 [ 26.344915] kunit_try_run_case+0x1a5/0x480 [ 26.345064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.345236] kthread+0x337/0x6f0 [ 26.345361] ret_from_fork+0x116/0x1d0 [ 26.345508] ret_from_fork_asm+0x1a/0x30 [ 26.345695] [ 26.345790] The buggy address belongs to the object at ffff88810490f900 [ 26.345790] which belongs to the cache kmalloc-64 of size 64 [ 26.346349] The buggy address is located 0 bytes to the right of [ 26.346349] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.346988] [ 26.347085] The buggy address belongs to the physical page: [ 26.347364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.347733] flags: 0x200000000000000(node=0|zone=2) [ 26.347895] page_type: f5(slab) [ 26.348064] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.348425] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.348768] page dumped because: kasan: bad access detected [ 26.348995] [ 26.349087] Memory state around the buggy address: [ 26.349297] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.349636] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.349963] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.350240] ^ [ 26.350458] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.350802] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.351125] ================================================================== [ 25.855583] ================================================================== [ 25.856435] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 25.857213] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.857640] [ 25.857931] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.857987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.858003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.858035] Call Trace: [ 25.858054] <TASK> [ 25.858073] dump_stack_lvl+0x73/0xb0 [ 25.858105] print_report+0xd1/0x650 [ 25.858130] ? __virt_addr_valid+0x1db/0x2d0 [ 25.858156] ? kasan_atomics_helper+0xac7/0x5450 [ 25.858179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.858206] ? kasan_atomics_helper+0xac7/0x5450 [ 25.858229] kasan_report+0x141/0x180 [ 25.858252] ? kasan_atomics_helper+0xac7/0x5450 [ 25.858279] kasan_check_range+0x10c/0x1c0 [ 25.858313] __kasan_check_write+0x18/0x20 [ 25.858339] kasan_atomics_helper+0xac7/0x5450 [ 25.858362] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.858387] ? kasan_save_alloc_info+0x3b/0x50 [ 25.858416] kasan_atomics+0x1dc/0x310 [ 25.858440] ? __pfx_kasan_atomics+0x10/0x10 [ 25.858466] ? __pfx_read_tsc+0x10/0x10 [ 25.858587] ? ktime_get_ts64+0x86/0x230 [ 25.858622] kunit_try_run_case+0x1a5/0x480 [ 25.858650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.858675] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.858797] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.858824] ? __kthread_parkme+0x82/0x180 [ 25.858848] ? preempt_count_sub+0x50/0x80 [ 25.858874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.858900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.858927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.858952] kthread+0x337/0x6f0 [ 25.858973] ? trace_preempt_on+0x20/0xc0 [ 25.858999] ? __pfx_kthread+0x10/0x10 [ 25.859021] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.859046] ? calculate_sigpending+0x7b/0xa0 [ 25.859072] ? __pfx_kthread+0x10/0x10 [ 25.859095] ret_from_fork+0x116/0x1d0 [ 25.859116] ? __pfx_kthread+0x10/0x10 [ 25.859137] ret_from_fork_asm+0x1a/0x30 [ 25.859170] </TASK> [ 25.859183] [ 25.871248] Allocated by task 313: [ 25.871579] kasan_save_stack+0x45/0x70 [ 25.872066] kasan_save_track+0x18/0x40 [ 25.872259] kasan_save_alloc_info+0x3b/0x50 [ 25.872467] __kasan_kmalloc+0xb7/0xc0 [ 25.872641] __kmalloc_cache_noprof+0x189/0x420 [ 25.873216] kasan_atomics+0x95/0x310 [ 25.873524] kunit_try_run_case+0x1a5/0x480 [ 25.873935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.874170] kthread+0x337/0x6f0 [ 25.874337] ret_from_fork+0x116/0x1d0 [ 25.874794] ret_from_fork_asm+0x1a/0x30 [ 25.875051] [ 25.875273] The buggy address belongs to the object at ffff88810490f900 [ 25.875273] which belongs to the cache kmalloc-64 of size 64 [ 25.875959] The buggy address is located 0 bytes to the right of [ 25.875959] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.876470] [ 25.876560] The buggy address belongs to the physical page: [ 25.877251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.877959] flags: 0x200000000000000(node=0|zone=2) [ 25.878184] page_type: f5(slab) [ 25.878349] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.878983] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.879513] page dumped because: kasan: bad access detected [ 25.880141] [ 25.880236] Memory state around the buggy address: [ 25.880464] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.881041] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.881348] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.882003] ^ [ 25.882338] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.883407] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.883921] ================================================================== [ 26.385572] ================================================================== [ 26.386365] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 26.386752] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.387233] [ 26.387322] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.387372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.387386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.387409] Call Trace: [ 26.387425] <TASK> [ 26.387443] dump_stack_lvl+0x73/0xb0 [ 26.387472] print_report+0xd1/0x650 [ 26.387516] ? __virt_addr_valid+0x1db/0x2d0 [ 26.387542] ? kasan_atomics_helper+0x1818/0x5450 [ 26.387564] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.387592] ? kasan_atomics_helper+0x1818/0x5450 [ 26.387615] kasan_report+0x141/0x180 [ 26.387638] ? kasan_atomics_helper+0x1818/0x5450 [ 26.387665] kasan_check_range+0x10c/0x1c0 [ 26.387690] __kasan_check_write+0x18/0x20 [ 26.387713] kasan_atomics_helper+0x1818/0x5450 [ 26.387737] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.387761] ? kasan_save_alloc_info+0x3b/0x50 [ 26.387790] kasan_atomics+0x1dc/0x310 [ 26.387814] ? __pfx_kasan_atomics+0x10/0x10 [ 26.387839] ? __pfx_read_tsc+0x10/0x10 [ 26.387862] ? ktime_get_ts64+0x86/0x230 [ 26.387887] kunit_try_run_case+0x1a5/0x480 [ 26.387914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.387939] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.387963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.387986] ? __kthread_parkme+0x82/0x180 [ 26.388009] ? preempt_count_sub+0x50/0x80 [ 26.388034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.388061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.388086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.388112] kthread+0x337/0x6f0 [ 26.388133] ? trace_preempt_on+0x20/0xc0 [ 26.388157] ? __pfx_kthread+0x10/0x10 [ 26.388181] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.388206] ? calculate_sigpending+0x7b/0xa0 [ 26.388233] ? __pfx_kthread+0x10/0x10 [ 26.388256] ret_from_fork+0x116/0x1d0 [ 26.388277] ? __pfx_kthread+0x10/0x10 [ 26.388299] ret_from_fork_asm+0x1a/0x30 [ 26.388339] </TASK> [ 26.388353] [ 26.394904] Allocated by task 313: [ 26.395066] kasan_save_stack+0x45/0x70 [ 26.395230] kasan_save_track+0x18/0x40 [ 26.395372] kasan_save_alloc_info+0x3b/0x50 [ 26.395542] __kasan_kmalloc+0xb7/0xc0 [ 26.395673] __kmalloc_cache_noprof+0x189/0x420 [ 26.395824] kasan_atomics+0x95/0x310 [ 26.395951] kunit_try_run_case+0x1a5/0x480 [ 26.396094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.396263] kthread+0x337/0x6f0 [ 26.396439] ret_from_fork+0x116/0x1d0 [ 26.396679] ret_from_fork_asm+0x1a/0x30 [ 26.396908] [ 26.397011] The buggy address belongs to the object at ffff88810490f900 [ 26.397011] which belongs to the cache kmalloc-64 of size 64 [ 26.397511] The buggy address is located 0 bytes to the right of [ 26.397511] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.398164] [ 26.398294] The buggy address belongs to the physical page: [ 26.398515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.398762] flags: 0x200000000000000(node=0|zone=2) [ 26.398923] page_type: f5(slab) [ 26.399042] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.399398] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.399770] page dumped because: kasan: bad access detected [ 26.399941] [ 26.400025] Memory state around the buggy address: [ 26.400262] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.400609] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.400819] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.401025] ^ [ 26.401173] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.401392] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.401708] ================================================================== [ 26.559850] ================================================================== [ 26.560585] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 26.561436] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.562170] [ 26.562390] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.562447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.562464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.562621] Call Trace: [ 26.562646] <TASK> [ 26.562669] dump_stack_lvl+0x73/0xb0 [ 26.562717] print_report+0xd1/0x650 [ 26.562781] ? __virt_addr_valid+0x1db/0x2d0 [ 26.562808] ? kasan_atomics_helper+0x1d7a/0x5450 [ 26.562832] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.562859] ? kasan_atomics_helper+0x1d7a/0x5450 [ 26.562882] kasan_report+0x141/0x180 [ 26.562905] ? kasan_atomics_helper+0x1d7a/0x5450 [ 26.562931] kasan_check_range+0x10c/0x1c0 [ 26.562956] __kasan_check_write+0x18/0x20 [ 26.562980] kasan_atomics_helper+0x1d7a/0x5450 [ 26.563003] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.563026] ? kasan_save_alloc_info+0x3b/0x50 [ 26.563055] kasan_atomics+0x1dc/0x310 [ 26.563078] ? __pfx_kasan_atomics+0x10/0x10 [ 26.563103] ? __pfx_read_tsc+0x10/0x10 [ 26.563126] ? ktime_get_ts64+0x86/0x230 [ 26.563152] kunit_try_run_case+0x1a5/0x480 [ 26.563178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.563202] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.563225] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.563248] ? __kthread_parkme+0x82/0x180 [ 26.563271] ? preempt_count_sub+0x50/0x80 [ 26.563295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.563330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.563356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.563381] kthread+0x337/0x6f0 [ 26.563402] ? trace_preempt_on+0x20/0xc0 [ 26.563427] ? __pfx_kthread+0x10/0x10 [ 26.563449] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.563495] ? calculate_sigpending+0x7b/0xa0 [ 26.563521] ? __pfx_kthread+0x10/0x10 [ 26.563544] ret_from_fork+0x116/0x1d0 [ 26.563565] ? __pfx_kthread+0x10/0x10 [ 26.563587] ret_from_fork_asm+0x1a/0x30 [ 26.563620] </TASK> [ 26.563633] [ 26.575356] Allocated by task 313: [ 26.576114] kasan_save_stack+0x45/0x70 [ 26.576419] kasan_save_track+0x18/0x40 [ 26.576818] kasan_save_alloc_info+0x3b/0x50 [ 26.577143] __kasan_kmalloc+0xb7/0xc0 [ 26.577476] __kmalloc_cache_noprof+0x189/0x420 [ 26.577680] kasan_atomics+0x95/0x310 [ 26.577848] kunit_try_run_case+0x1a5/0x480 [ 26.578029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.578243] kthread+0x337/0x6f0 [ 26.578755] ret_from_fork+0x116/0x1d0 [ 26.579120] ret_from_fork_asm+0x1a/0x30 [ 26.579454] [ 26.579758] The buggy address belongs to the object at ffff88810490f900 [ 26.579758] which belongs to the cache kmalloc-64 of size 64 [ 26.580395] The buggy address is located 0 bytes to the right of [ 26.580395] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.581213] [ 26.581329] The buggy address belongs to the physical page: [ 26.581847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.582291] flags: 0x200000000000000(node=0|zone=2) [ 26.582702] page_type: f5(slab) [ 26.582872] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.583187] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.583736] page dumped because: kasan: bad access detected [ 26.584035] [ 26.584252] Memory state around the buggy address: [ 26.584634] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.584937] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.585229] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.585752] ^ [ 26.586228] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.586707] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.586987] ================================================================== [ 25.825019] ================================================================== [ 25.826088] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 25.826743] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.827415] [ 25.827651] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.827718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.827734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.827758] Call Trace: [ 25.827820] <TASK> [ 25.827840] dump_stack_lvl+0x73/0xb0 [ 25.827872] print_report+0xd1/0x650 [ 25.827897] ? __virt_addr_valid+0x1db/0x2d0 [ 25.827922] ? kasan_atomics_helper+0xa2b/0x5450 [ 25.827945] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.827973] ? kasan_atomics_helper+0xa2b/0x5450 [ 25.827995] kasan_report+0x141/0x180 [ 25.828018] ? kasan_atomics_helper+0xa2b/0x5450 [ 25.828045] kasan_check_range+0x10c/0x1c0 [ 25.828069] __kasan_check_write+0x18/0x20 [ 25.828092] kasan_atomics_helper+0xa2b/0x5450 [ 25.828117] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.828141] ? kasan_save_alloc_info+0x3b/0x50 [ 25.828169] kasan_atomics+0x1dc/0x310 [ 25.828193] ? __pfx_kasan_atomics+0x10/0x10 [ 25.828218] ? __pfx_read_tsc+0x10/0x10 [ 25.828242] ? ktime_get_ts64+0x86/0x230 [ 25.828267] kunit_try_run_case+0x1a5/0x480 [ 25.828295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.828329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.828353] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.828376] ? __kthread_parkme+0x82/0x180 [ 25.828398] ? preempt_count_sub+0x50/0x80 [ 25.828425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.828451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.828476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.828516] kthread+0x337/0x6f0 [ 25.828538] ? trace_preempt_on+0x20/0xc0 [ 25.828563] ? __pfx_kthread+0x10/0x10 [ 25.828585] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.828611] ? calculate_sigpending+0x7b/0xa0 [ 25.828636] ? __pfx_kthread+0x10/0x10 [ 25.828659] ret_from_fork+0x116/0x1d0 [ 25.828680] ? __pfx_kthread+0x10/0x10 [ 25.828703] ret_from_fork_asm+0x1a/0x30 [ 25.828736] </TASK> [ 25.828749] [ 25.842172] Allocated by task 313: [ 25.842518] kasan_save_stack+0x45/0x70 [ 25.842770] kasan_save_track+0x18/0x40 [ 25.842954] kasan_save_alloc_info+0x3b/0x50 [ 25.843151] __kasan_kmalloc+0xb7/0xc0 [ 25.843335] __kmalloc_cache_noprof+0x189/0x420 [ 25.843855] kasan_atomics+0x95/0x310 [ 25.844157] kunit_try_run_case+0x1a5/0x480 [ 25.844635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.845047] kthread+0x337/0x6f0 [ 25.845213] ret_from_fork+0x116/0x1d0 [ 25.845401] ret_from_fork_asm+0x1a/0x30 [ 25.846163] [ 25.846273] The buggy address belongs to the object at ffff88810490f900 [ 25.846273] which belongs to the cache kmalloc-64 of size 64 [ 25.847236] The buggy address is located 0 bytes to the right of [ 25.847236] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.848220] [ 25.848346] The buggy address belongs to the physical page: [ 25.848867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.849217] flags: 0x200000000000000(node=0|zone=2) [ 25.849448] page_type: f5(slab) [ 25.849925] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.850388] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.851276] page dumped because: kasan: bad access detected [ 25.851779] [ 25.851874] Memory state around the buggy address: [ 25.852079] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.852380] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.853174] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.853657] ^ [ 25.853939] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.854222] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.854798] ================================================================== [ 26.107488] ================================================================== [ 26.108323] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 26.108683] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.108917] [ 26.108997] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.109045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.109061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.109084] Call Trace: [ 26.109100] <TASK> [ 26.109116] dump_stack_lvl+0x73/0xb0 [ 26.109143] print_report+0xd1/0x650 [ 26.109167] ? __virt_addr_valid+0x1db/0x2d0 [ 26.109192] ? kasan_atomics_helper+0x1148/0x5450 [ 26.109215] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.109241] ? kasan_atomics_helper+0x1148/0x5450 [ 26.109264] kasan_report+0x141/0x180 [ 26.109287] ? kasan_atomics_helper+0x1148/0x5450 [ 26.109325] kasan_check_range+0x10c/0x1c0 [ 26.109350] __kasan_check_write+0x18/0x20 [ 26.109374] kasan_atomics_helper+0x1148/0x5450 [ 26.109397] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.109421] ? kasan_save_alloc_info+0x3b/0x50 [ 26.109450] kasan_atomics+0x1dc/0x310 [ 26.109474] ? __pfx_kasan_atomics+0x10/0x10 [ 26.109499] ? __pfx_read_tsc+0x10/0x10 [ 26.109522] ? ktime_get_ts64+0x86/0x230 [ 26.109548] kunit_try_run_case+0x1a5/0x480 [ 26.109574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.109599] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.109622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.109645] ? __kthread_parkme+0x82/0x180 [ 26.109666] ? preempt_count_sub+0x50/0x80 [ 26.109691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.109717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.109746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.109771] kthread+0x337/0x6f0 [ 26.109792] ? trace_preempt_on+0x20/0xc0 [ 26.109817] ? __pfx_kthread+0x10/0x10 [ 26.109839] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.109864] ? calculate_sigpending+0x7b/0xa0 [ 26.109889] ? __pfx_kthread+0x10/0x10 [ 26.109912] ret_from_fork+0x116/0x1d0 [ 26.109941] ? __pfx_kthread+0x10/0x10 [ 26.109974] ret_from_fork_asm+0x1a/0x30 [ 26.110006] </TASK> [ 26.110019] [ 26.117252] Allocated by task 313: [ 26.117427] kasan_save_stack+0x45/0x70 [ 26.117650] kasan_save_track+0x18/0x40 [ 26.117853] kasan_save_alloc_info+0x3b/0x50 [ 26.118058] __kasan_kmalloc+0xb7/0xc0 [ 26.118237] __kmalloc_cache_noprof+0x189/0x420 [ 26.118450] kasan_atomics+0x95/0x310 [ 26.118654] kunit_try_run_case+0x1a5/0x480 [ 26.118835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.119077] kthread+0x337/0x6f0 [ 26.119236] ret_from_fork+0x116/0x1d0 [ 26.119397] ret_from_fork_asm+0x1a/0x30 [ 26.119686] [ 26.119768] The buggy address belongs to the object at ffff88810490f900 [ 26.119768] which belongs to the cache kmalloc-64 of size 64 [ 26.120142] The buggy address is located 0 bytes to the right of [ 26.120142] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.120711] [ 26.120803] The buggy address belongs to the physical page: [ 26.121026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.121261] flags: 0x200000000000000(node=0|zone=2) [ 26.121649] page_type: f5(slab) [ 26.121824] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.122176] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.122423] page dumped because: kasan: bad access detected [ 26.122590] [ 26.122655] Memory state around the buggy address: [ 26.122804] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.123015] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.123226] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.123670] ^ [ 26.123890] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.124225] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.124543] ================================================================== [ 25.941797] ================================================================== [ 25.942101] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 25.942401] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.942790] [ 25.942903] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.942951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.942966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.942989] Call Trace: [ 25.943004] <TASK> [ 25.943021] dump_stack_lvl+0x73/0xb0 [ 25.943051] print_report+0xd1/0x650 [ 25.943075] ? __virt_addr_valid+0x1db/0x2d0 [ 25.943100] ? kasan_atomics_helper+0xd47/0x5450 [ 25.943123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.943150] ? kasan_atomics_helper+0xd47/0x5450 [ 25.943173] kasan_report+0x141/0x180 [ 25.943196] ? kasan_atomics_helper+0xd47/0x5450 [ 25.943223] kasan_check_range+0x10c/0x1c0 [ 25.943248] __kasan_check_write+0x18/0x20 [ 25.943272] kasan_atomics_helper+0xd47/0x5450 [ 25.943297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.943333] ? kasan_save_alloc_info+0x3b/0x50 [ 25.943363] kasan_atomics+0x1dc/0x310 [ 25.943387] ? __pfx_kasan_atomics+0x10/0x10 [ 25.943413] ? __pfx_read_tsc+0x10/0x10 [ 25.943436] ? ktime_get_ts64+0x86/0x230 [ 25.943462] kunit_try_run_case+0x1a5/0x480 [ 25.943502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.943528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.943551] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.943575] ? __kthread_parkme+0x82/0x180 [ 25.943597] ? preempt_count_sub+0x50/0x80 [ 25.943622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.943649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.943716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.943747] kthread+0x337/0x6f0 [ 25.943768] ? trace_preempt_on+0x20/0xc0 [ 25.943794] ? __pfx_kthread+0x10/0x10 [ 25.943817] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.943843] ? calculate_sigpending+0x7b/0xa0 [ 25.943868] ? __pfx_kthread+0x10/0x10 [ 25.943891] ret_from_fork+0x116/0x1d0 [ 25.943912] ? __pfx_kthread+0x10/0x10 [ 25.943935] ret_from_fork_asm+0x1a/0x30 [ 25.943967] </TASK> [ 25.943982] [ 25.951626] Allocated by task 313: [ 25.952011] kasan_save_stack+0x45/0x70 [ 25.952215] kasan_save_track+0x18/0x40 [ 25.952418] kasan_save_alloc_info+0x3b/0x50 [ 25.952642] __kasan_kmalloc+0xb7/0xc0 [ 25.952851] __kmalloc_cache_noprof+0x189/0x420 [ 25.953069] kasan_atomics+0x95/0x310 [ 25.953248] kunit_try_run_case+0x1a5/0x480 [ 25.953427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.953941] kthread+0x337/0x6f0 [ 25.954105] ret_from_fork+0x116/0x1d0 [ 25.954236] ret_from_fork_asm+0x1a/0x30 [ 25.954444] [ 25.954536] The buggy address belongs to the object at ffff88810490f900 [ 25.954536] which belongs to the cache kmalloc-64 of size 64 [ 25.955112] The buggy address is located 0 bytes to the right of [ 25.955112] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.955605] [ 25.955673] The buggy address belongs to the physical page: [ 25.955842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.956074] flags: 0x200000000000000(node=0|zone=2) [ 25.956229] page_type: f5(slab) [ 25.956468] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.957040] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.957383] page dumped because: kasan: bad access detected [ 25.957658] [ 25.957726] Memory state around the buggy address: [ 25.957881] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.958090] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.958301] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.959000] ^ [ 25.959229] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.959609] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.960278] ================================================================== [ 25.583593] ================================================================== [ 25.583876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 25.584342] Read of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.584636] [ 25.584831] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.584878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.584893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.584915] Call Trace: [ 25.584929] <TASK> [ 25.584944] dump_stack_lvl+0x73/0xb0 [ 25.584972] print_report+0xd1/0x650 [ 25.585050] ? __virt_addr_valid+0x1db/0x2d0 [ 25.585078] ? kasan_atomics_helper+0x3df/0x5450 [ 25.585102] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.585131] ? kasan_atomics_helper+0x3df/0x5450 [ 25.585154] kasan_report+0x141/0x180 [ 25.585177] ? kasan_atomics_helper+0x3df/0x5450 [ 25.585204] kasan_check_range+0x10c/0x1c0 [ 25.585229] __kasan_check_read+0x15/0x20 [ 25.585253] kasan_atomics_helper+0x3df/0x5450 [ 25.585277] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.585300] ? kasan_save_alloc_info+0x3b/0x50 [ 25.585341] kasan_atomics+0x1dc/0x310 [ 25.585367] ? __pfx_kasan_atomics+0x10/0x10 [ 25.585391] ? __pfx_read_tsc+0x10/0x10 [ 25.585414] ? ktime_get_ts64+0x86/0x230 [ 25.585439] kunit_try_run_case+0x1a5/0x480 [ 25.585464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.585489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.585536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.585560] ? __kthread_parkme+0x82/0x180 [ 25.585581] ? preempt_count_sub+0x50/0x80 [ 25.585606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.585632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.585657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.585718] kthread+0x337/0x6f0 [ 25.585747] ? trace_preempt_on+0x20/0xc0 [ 25.585771] ? __pfx_kthread+0x10/0x10 [ 25.585793] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.585819] ? calculate_sigpending+0x7b/0xa0 [ 25.585844] ? __pfx_kthread+0x10/0x10 [ 25.585867] ret_from_fork+0x116/0x1d0 [ 25.585887] ? __pfx_kthread+0x10/0x10 [ 25.585909] ret_from_fork_asm+0x1a/0x30 [ 25.585941] </TASK> [ 25.585953] [ 25.593803] Allocated by task 313: [ 25.594015] kasan_save_stack+0x45/0x70 [ 25.594235] kasan_save_track+0x18/0x40 [ 25.594450] kasan_save_alloc_info+0x3b/0x50 [ 25.594675] __kasan_kmalloc+0xb7/0xc0 [ 25.594838] __kmalloc_cache_noprof+0x189/0x420 [ 25.595012] kasan_atomics+0x95/0x310 [ 25.595405] kunit_try_run_case+0x1a5/0x480 [ 25.595612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.595786] kthread+0x337/0x6f0 [ 25.595906] ret_from_fork+0x116/0x1d0 [ 25.596034] ret_from_fork_asm+0x1a/0x30 [ 25.596337] [ 25.596442] The buggy address belongs to the object at ffff88810490f900 [ 25.596442] which belongs to the cache kmalloc-64 of size 64 [ 25.597028] The buggy address is located 0 bytes to the right of [ 25.597028] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.597442] [ 25.597580] The buggy address belongs to the physical page: [ 25.597961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.598390] flags: 0x200000000000000(node=0|zone=2) [ 25.598555] page_type: f5(slab) [ 25.598739] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.599361] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.600027] page dumped because: kasan: bad access detected [ 25.600250] [ 25.600353] Memory state around the buggy address: [ 25.601001] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.601670] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.602133] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.602621] ^ [ 25.603199] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.603936] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.604570] ================================================================== [ 26.317066] ================================================================== [ 26.317423] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 26.317809] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.318180] [ 26.318289] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.318347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.318361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.318383] Call Trace: [ 26.318401] <TASK> [ 26.318419] dump_stack_lvl+0x73/0xb0 [ 26.318447] print_report+0xd1/0x650 [ 26.318470] ? __virt_addr_valid+0x1db/0x2d0 [ 26.318515] ? kasan_atomics_helper+0x15b6/0x5450 [ 26.318538] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.318565] ? kasan_atomics_helper+0x15b6/0x5450 [ 26.318588] kasan_report+0x141/0x180 [ 26.318611] ? kasan_atomics_helper+0x15b6/0x5450 [ 26.318638] kasan_check_range+0x10c/0x1c0 [ 26.318663] __kasan_check_write+0x18/0x20 [ 26.318686] kasan_atomics_helper+0x15b6/0x5450 [ 26.318711] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.318735] ? kasan_save_alloc_info+0x3b/0x50 [ 26.318763] kasan_atomics+0x1dc/0x310 [ 26.318787] ? __pfx_kasan_atomics+0x10/0x10 [ 26.318812] ? __pfx_read_tsc+0x10/0x10 [ 26.318834] ? ktime_get_ts64+0x86/0x230 [ 26.318860] kunit_try_run_case+0x1a5/0x480 [ 26.318897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.318922] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.318945] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.318979] ? __kthread_parkme+0x82/0x180 [ 26.319001] ? preempt_count_sub+0x50/0x80 [ 26.319026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.319052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.319077] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.319103] kthread+0x337/0x6f0 [ 26.319124] ? trace_preempt_on+0x20/0xc0 [ 26.319148] ? __pfx_kthread+0x10/0x10 [ 26.319169] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.319194] ? calculate_sigpending+0x7b/0xa0 [ 26.319228] ? __pfx_kthread+0x10/0x10 [ 26.319251] ret_from_fork+0x116/0x1d0 [ 26.319271] ? __pfx_kthread+0x10/0x10 [ 26.319292] ret_from_fork_asm+0x1a/0x30 [ 26.319343] </TASK> [ 26.319356] [ 26.326648] Allocated by task 313: [ 26.326776] kasan_save_stack+0x45/0x70 [ 26.326911] kasan_save_track+0x18/0x40 [ 26.327041] kasan_save_alloc_info+0x3b/0x50 [ 26.327183] __kasan_kmalloc+0xb7/0xc0 [ 26.327321] __kmalloc_cache_noprof+0x189/0x420 [ 26.327490] kasan_atomics+0x95/0x310 [ 26.327675] kunit_try_run_case+0x1a5/0x480 [ 26.327891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.328154] kthread+0x337/0x6f0 [ 26.328327] ret_from_fork+0x116/0x1d0 [ 26.328527] ret_from_fork_asm+0x1a/0x30 [ 26.328720] [ 26.328809] The buggy address belongs to the object at ffff88810490f900 [ 26.328809] which belongs to the cache kmalloc-64 of size 64 [ 26.329331] The buggy address is located 0 bytes to the right of [ 26.329331] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.329859] [ 26.329930] The buggy address belongs to the physical page: [ 26.330099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.330420] flags: 0x200000000000000(node=0|zone=2) [ 26.330700] page_type: f5(slab) [ 26.330868] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.331226] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.331524] page dumped because: kasan: bad access detected [ 26.331741] [ 26.331835] Memory state around the buggy address: [ 26.332017] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.332314] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.332596] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.332864] ^ [ 26.333069] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.333362] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.333593] ================================================================== [ 26.531009] ================================================================== [ 26.531360] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 26.532000] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.532339] [ 26.532447] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.532496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.532510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.532533] Call Trace: [ 26.532551] <TASK> [ 26.532570] dump_stack_lvl+0x73/0xb0 [ 26.532599] print_report+0xd1/0x650 [ 26.532622] ? __virt_addr_valid+0x1db/0x2d0 [ 26.532645] ? kasan_atomics_helper+0x1ce1/0x5450 [ 26.532667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.532694] ? kasan_atomics_helper+0x1ce1/0x5450 [ 26.532717] kasan_report+0x141/0x180 [ 26.532739] ? kasan_atomics_helper+0x1ce1/0x5450 [ 26.532766] kasan_check_range+0x10c/0x1c0 [ 26.532791] __kasan_check_write+0x18/0x20 [ 26.532814] kasan_atomics_helper+0x1ce1/0x5450 [ 26.532838] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.532874] ? kasan_save_alloc_info+0x3b/0x50 [ 26.532903] kasan_atomics+0x1dc/0x310 [ 26.532927] ? __pfx_kasan_atomics+0x10/0x10 [ 26.532951] ? __pfx_read_tsc+0x10/0x10 [ 26.532974] ? ktime_get_ts64+0x86/0x230 [ 26.532999] kunit_try_run_case+0x1a5/0x480 [ 26.533026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.533050] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.533073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.533096] ? __kthread_parkme+0x82/0x180 [ 26.533118] ? preempt_count_sub+0x50/0x80 [ 26.533142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.533168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.533194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.533220] kthread+0x337/0x6f0 [ 26.533242] ? trace_preempt_on+0x20/0xc0 [ 26.533266] ? __pfx_kthread+0x10/0x10 [ 26.533288] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.533325] ? calculate_sigpending+0x7b/0xa0 [ 26.533350] ? __pfx_kthread+0x10/0x10 [ 26.533374] ret_from_fork+0x116/0x1d0 [ 26.533394] ? __pfx_kthread+0x10/0x10 [ 26.533416] ret_from_fork_asm+0x1a/0x30 [ 26.533449] </TASK> [ 26.533465] [ 26.540493] Allocated by task 313: [ 26.540623] kasan_save_stack+0x45/0x70 [ 26.540758] kasan_save_track+0x18/0x40 [ 26.540889] kasan_save_alloc_info+0x3b/0x50 [ 26.541035] __kasan_kmalloc+0xb7/0xc0 [ 26.541167] __kmalloc_cache_noprof+0x189/0x420 [ 26.542159] kasan_atomics+0x95/0x310 [ 26.542806] kunit_try_run_case+0x1a5/0x480 [ 26.543257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.543885] kthread+0x337/0x6f0 [ 26.544456] ret_from_fork+0x116/0x1d0 [ 26.544989] ret_from_fork_asm+0x1a/0x30 [ 26.545614] [ 26.545808] The buggy address belongs to the object at ffff88810490f900 [ 26.545808] which belongs to the cache kmalloc-64 of size 64 [ 26.547175] The buggy address is located 0 bytes to the right of [ 26.547175] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.548396] [ 26.548659] The buggy address belongs to the physical page: [ 26.549275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.550114] flags: 0x200000000000000(node=0|zone=2) [ 26.550623] page_type: f5(slab) [ 26.551131] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.551815] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.552683] page dumped because: kasan: bad access detected [ 26.553279] [ 26.553403] Memory state around the buggy address: [ 26.553973] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.554616] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.555282] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.555881] ^ [ 26.556459] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.557245] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.557692] ================================================================== [ 26.368420] ================================================================== [ 26.368834] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 26.369165] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.369519] [ 26.369624] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.369671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.369685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.369707] Call Trace: [ 26.369723] <TASK> [ 26.369746] dump_stack_lvl+0x73/0xb0 [ 26.369775] print_report+0xd1/0x650 [ 26.369798] ? __virt_addr_valid+0x1db/0x2d0 [ 26.369823] ? kasan_atomics_helper+0x177f/0x5450 [ 26.369844] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.369871] ? kasan_atomics_helper+0x177f/0x5450 [ 26.369894] kasan_report+0x141/0x180 [ 26.369917] ? kasan_atomics_helper+0x177f/0x5450 [ 26.369944] kasan_check_range+0x10c/0x1c0 [ 26.369969] __kasan_check_write+0x18/0x20 [ 26.369994] kasan_atomics_helper+0x177f/0x5450 [ 26.370017] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.370042] ? kasan_save_alloc_info+0x3b/0x50 [ 26.370071] kasan_atomics+0x1dc/0x310 [ 26.370095] ? __pfx_kasan_atomics+0x10/0x10 [ 26.370120] ? __pfx_read_tsc+0x10/0x10 [ 26.370143] ? ktime_get_ts64+0x86/0x230 [ 26.370169] kunit_try_run_case+0x1a5/0x480 [ 26.370196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.370221] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.370245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.370268] ? __kthread_parkme+0x82/0x180 [ 26.370290] ? preempt_count_sub+0x50/0x80 [ 26.370325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.370353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.370378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.370404] kthread+0x337/0x6f0 [ 26.370425] ? trace_preempt_on+0x20/0xc0 [ 26.370450] ? __pfx_kthread+0x10/0x10 [ 26.370492] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.370519] ? calculate_sigpending+0x7b/0xa0 [ 26.370544] ? __pfx_kthread+0x10/0x10 [ 26.370567] ret_from_fork+0x116/0x1d0 [ 26.370588] ? __pfx_kthread+0x10/0x10 [ 26.370611] ret_from_fork_asm+0x1a/0x30 [ 26.370642] </TASK> [ 26.370655] [ 26.377900] Allocated by task 313: [ 26.378098] kasan_save_stack+0x45/0x70 [ 26.378297] kasan_save_track+0x18/0x40 [ 26.378461] kasan_save_alloc_info+0x3b/0x50 [ 26.378692] __kasan_kmalloc+0xb7/0xc0 [ 26.378880] __kmalloc_cache_noprof+0x189/0x420 [ 26.379067] kasan_atomics+0x95/0x310 [ 26.379259] kunit_try_run_case+0x1a5/0x480 [ 26.379461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.379709] kthread+0x337/0x6f0 [ 26.379827] ret_from_fork+0x116/0x1d0 [ 26.379953] ret_from_fork_asm+0x1a/0x30 [ 26.380089] [ 26.380155] The buggy address belongs to the object at ffff88810490f900 [ 26.380155] which belongs to the cache kmalloc-64 of size 64 [ 26.380536] The buggy address is located 0 bytes to the right of [ 26.380536] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.381043] [ 26.381137] The buggy address belongs to the physical page: [ 26.381399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.381774] flags: 0x200000000000000(node=0|zone=2) [ 26.382004] page_type: f5(slab) [ 26.382170] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.382538] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.382896] page dumped because: kasan: bad access detected [ 26.383147] [ 26.383237] Memory state around the buggy address: [ 26.383506] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.383802] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.384062] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.384271] ^ [ 26.384430] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.384666] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.384898] ================================================================== [ 25.960734] ================================================================== [ 25.960964] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 25.961186] Write of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.961419] [ 25.961501] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.961549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.961563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.961585] Call Trace: [ 25.961603] <TASK> [ 25.961620] dump_stack_lvl+0x73/0xb0 [ 25.961647] print_report+0xd1/0x650 [ 25.961671] ? __virt_addr_valid+0x1db/0x2d0 [ 25.961695] ? kasan_atomics_helper+0xde0/0x5450 [ 25.961716] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.961748] ? kasan_atomics_helper+0xde0/0x5450 [ 25.961770] kasan_report+0x141/0x180 [ 25.961792] ? kasan_atomics_helper+0xde0/0x5450 [ 25.961820] kasan_check_range+0x10c/0x1c0 [ 25.961906] __kasan_check_write+0x18/0x20 [ 25.961931] kasan_atomics_helper+0xde0/0x5450 [ 25.961956] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.961981] ? kasan_save_alloc_info+0x3b/0x50 [ 25.962010] kasan_atomics+0x1dc/0x310 [ 25.962034] ? __pfx_kasan_atomics+0x10/0x10 [ 25.962060] ? __pfx_read_tsc+0x10/0x10 [ 25.962083] ? ktime_get_ts64+0x86/0x230 [ 25.962110] kunit_try_run_case+0x1a5/0x480 [ 25.962136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.962161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.962184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.962207] ? __kthread_parkme+0x82/0x180 [ 25.962230] ? preempt_count_sub+0x50/0x80 [ 25.962254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.962280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.962316] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.962343] kthread+0x337/0x6f0 [ 25.962365] ? trace_preempt_on+0x20/0xc0 [ 25.962389] ? __pfx_kthread+0x10/0x10 [ 25.962411] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.962438] ? calculate_sigpending+0x7b/0xa0 [ 25.962465] ? __pfx_kthread+0x10/0x10 [ 25.962488] ret_from_fork+0x116/0x1d0 [ 25.962516] ? __pfx_kthread+0x10/0x10 [ 25.962538] ret_from_fork_asm+0x1a/0x30 [ 25.962571] </TASK> [ 25.962583] [ 25.970181] Allocated by task 313: [ 25.970415] kasan_save_stack+0x45/0x70 [ 25.970666] kasan_save_track+0x18/0x40 [ 25.970843] kasan_save_alloc_info+0x3b/0x50 [ 25.970988] __kasan_kmalloc+0xb7/0xc0 [ 25.971115] __kmalloc_cache_noprof+0x189/0x420 [ 25.971265] kasan_atomics+0x95/0x310 [ 25.971404] kunit_try_run_case+0x1a5/0x480 [ 25.971548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.971717] kthread+0x337/0x6f0 [ 25.971883] ret_from_fork+0x116/0x1d0 [ 25.972105] ret_from_fork_asm+0x1a/0x30 [ 25.972316] [ 25.972409] The buggy address belongs to the object at ffff88810490f900 [ 25.972409] which belongs to the cache kmalloc-64 of size 64 [ 25.972933] The buggy address is located 0 bytes to the right of [ 25.972933] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.973504] [ 25.973588] The buggy address belongs to the physical page: [ 25.973822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.974125] flags: 0x200000000000000(node=0|zone=2) [ 25.974285] page_type: f5(slab) [ 25.975440] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.976412] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.977480] page dumped because: kasan: bad access detected [ 25.978506] [ 25.979034] Memory state around the buggy address: [ 25.980123] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.980957] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.982220] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.982469] ^ [ 25.983286] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.984359] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.985111] ================================================================== [ 26.809039] ================================================================== [ 26.809410] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 26.809943] Write of size 8 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.810293] [ 26.810392] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.810444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.810458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.810484] Call Trace: [ 26.810507] <TASK> [ 26.810537] dump_stack_lvl+0x73/0xb0 [ 26.810606] print_report+0xd1/0x650 [ 26.810632] ? __virt_addr_valid+0x1db/0x2d0 [ 26.810683] ? kasan_atomics_helper+0x224c/0x5450 [ 26.810706] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.810733] ? kasan_atomics_helper+0x224c/0x5450 [ 26.810756] kasan_report+0x141/0x180 [ 26.810780] ? kasan_atomics_helper+0x224c/0x5450 [ 26.810836] kasan_check_range+0x10c/0x1c0 [ 26.810861] __kasan_check_write+0x18/0x20 [ 26.810885] kasan_atomics_helper+0x224c/0x5450 [ 26.810909] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.810931] ? kasan_save_alloc_info+0x3b/0x50 [ 26.810988] kasan_atomics+0x1dc/0x310 [ 26.811012] ? __pfx_kasan_atomics+0x10/0x10 [ 26.811037] ? __pfx_read_tsc+0x10/0x10 [ 26.811060] ? ktime_get_ts64+0x86/0x230 [ 26.811086] kunit_try_run_case+0x1a5/0x480 [ 26.811113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.811138] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.811161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.811184] ? __kthread_parkme+0x82/0x180 [ 26.811207] ? preempt_count_sub+0x50/0x80 [ 26.811233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.811260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.811285] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.811322] kthread+0x337/0x6f0 [ 26.811373] ? trace_preempt_on+0x20/0xc0 [ 26.811399] ? __pfx_kthread+0x10/0x10 [ 26.811420] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.811446] ? calculate_sigpending+0x7b/0xa0 [ 26.811472] ? __pfx_kthread+0x10/0x10 [ 26.811494] ret_from_fork+0x116/0x1d0 [ 26.811514] ? __pfx_kthread+0x10/0x10 [ 26.811565] ret_from_fork_asm+0x1a/0x30 [ 26.811598] </TASK> [ 26.811612] [ 26.820256] Allocated by task 313: [ 26.820579] kasan_save_stack+0x45/0x70 [ 26.820714] kasan_save_track+0x18/0x40 [ 26.820840] kasan_save_alloc_info+0x3b/0x50 [ 26.820976] __kasan_kmalloc+0xb7/0xc0 [ 26.821139] __kmalloc_cache_noprof+0x189/0x420 [ 26.821287] kasan_atomics+0x95/0x310 [ 26.821421] kunit_try_run_case+0x1a5/0x480 [ 26.821896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.822383] kthread+0x337/0x6f0 [ 26.822774] ret_from_fork+0x116/0x1d0 [ 26.823138] ret_from_fork_asm+0x1a/0x30 [ 26.823533] [ 26.823707] The buggy address belongs to the object at ffff88810490f900 [ 26.823707] which belongs to the cache kmalloc-64 of size 64 [ 26.824173] The buggy address is located 0 bytes to the right of [ 26.824173] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.824631] [ 26.824813] The buggy address belongs to the physical page: [ 26.825327] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.826114] flags: 0x200000000000000(node=0|zone=2) [ 26.826579] page_type: f5(slab) [ 26.826966] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.827657] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.828422] page dumped because: kasan: bad access detected [ 26.829008] [ 26.829080] Memory state around the buggy address: [ 26.829444] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.830019] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.830847] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.831048] ^ [ 26.831192] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.831407] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.831928] ================================================================== [ 26.053888] ================================================================== [ 26.054432] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 26.055104] Read of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.055376] [ 26.055472] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.055533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.055559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.055581] Call Trace: [ 26.055595] <TASK> [ 26.055612] dump_stack_lvl+0x73/0xb0 [ 26.055642] print_report+0xd1/0x650 [ 26.055666] ? __virt_addr_valid+0x1db/0x2d0 [ 26.055691] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.055714] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.055750] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.055774] kasan_report+0x141/0x180 [ 26.055797] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.055835] __asan_report_load4_noabort+0x18/0x20 [ 26.055859] kasan_atomics_helper+0x4a36/0x5450 [ 26.055882] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.055905] ? kasan_save_alloc_info+0x3b/0x50 [ 26.055933] kasan_atomics+0x1dc/0x310 [ 26.055956] ? __pfx_kasan_atomics+0x10/0x10 [ 26.055982] ? __pfx_read_tsc+0x10/0x10 [ 26.056004] ? ktime_get_ts64+0x86/0x230 [ 26.056029] kunit_try_run_case+0x1a5/0x480 [ 26.056056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.056080] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.056103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.056126] ? __kthread_parkme+0x82/0x180 [ 26.056148] ? preempt_count_sub+0x50/0x80 [ 26.056182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.056209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.056235] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.056271] kthread+0x337/0x6f0 [ 26.056292] ? trace_preempt_on+0x20/0xc0 [ 26.056326] ? __pfx_kthread+0x10/0x10 [ 26.056348] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.056381] ? calculate_sigpending+0x7b/0xa0 [ 26.056406] ? __pfx_kthread+0x10/0x10 [ 26.056439] ret_from_fork+0x116/0x1d0 [ 26.056459] ? __pfx_kthread+0x10/0x10 [ 26.056481] ret_from_fork_asm+0x1a/0x30 [ 26.056522] </TASK> [ 26.056535] [ 26.063845] Allocated by task 313: [ 26.064032] kasan_save_stack+0x45/0x70 [ 26.064256] kasan_save_track+0x18/0x40 [ 26.064460] kasan_save_alloc_info+0x3b/0x50 [ 26.064672] __kasan_kmalloc+0xb7/0xc0 [ 26.064834] __kmalloc_cache_noprof+0x189/0x420 [ 26.064985] kasan_atomics+0x95/0x310 [ 26.065112] kunit_try_run_case+0x1a5/0x480 [ 26.065254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.065524] kthread+0x337/0x6f0 [ 26.065688] ret_from_fork+0x116/0x1d0 [ 26.065870] ret_from_fork_asm+0x1a/0x30 [ 26.066060] [ 26.066150] The buggy address belongs to the object at ffff88810490f900 [ 26.066150] which belongs to the cache kmalloc-64 of size 64 [ 26.066823] The buggy address is located 0 bytes to the right of [ 26.066823] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.067176] [ 26.067313] The buggy address belongs to the physical page: [ 26.067641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.068316] flags: 0x200000000000000(node=0|zone=2) [ 26.068560] page_type: f5(slab) [ 26.068735] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.069005] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.069356] page dumped because: kasan: bad access detected [ 26.069592] [ 26.069702] Memory state around the buggy address: [ 26.069890] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.070102] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.070331] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.070655] ^ [ 26.070873] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.071185] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.071484] ================================================================== [ 26.200908] ================================================================== [ 26.201638] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 26.201976] Read of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 26.202259] [ 26.202370] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 26.202418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.202433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.202455] Call Trace: [ 26.203044] <TASK> [ 26.203084] dump_stack_lvl+0x73/0xb0 [ 26.203120] print_report+0xd1/0x650 [ 26.203144] ? __virt_addr_valid+0x1db/0x2d0 [ 26.203170] ? kasan_atomics_helper+0x49ce/0x5450 [ 26.203388] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.203436] ? kasan_atomics_helper+0x49ce/0x5450 [ 26.203462] kasan_report+0x141/0x180 [ 26.203508] ? kasan_atomics_helper+0x49ce/0x5450 [ 26.203535] __asan_report_load4_noabort+0x18/0x20 [ 26.203561] kasan_atomics_helper+0x49ce/0x5450 [ 26.203586] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.203609] ? kasan_save_alloc_info+0x3b/0x50 [ 26.203639] kasan_atomics+0x1dc/0x310 [ 26.203663] ? __pfx_kasan_atomics+0x10/0x10 [ 26.203692] ? __pfx_read_tsc+0x10/0x10 [ 26.203717] ? ktime_get_ts64+0x86/0x230 [ 26.203744] kunit_try_run_case+0x1a5/0x480 [ 26.203771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.203795] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.203819] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.203842] ? __kthread_parkme+0x82/0x180 [ 26.203864] ? preempt_count_sub+0x50/0x80 [ 26.203890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.203918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.203944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.203973] kthread+0x337/0x6f0 [ 26.203994] ? trace_preempt_on+0x20/0xc0 [ 26.204019] ? __pfx_kthread+0x10/0x10 [ 26.204041] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.204067] ? calculate_sigpending+0x7b/0xa0 [ 26.204092] ? __pfx_kthread+0x10/0x10 [ 26.204116] ret_from_fork+0x116/0x1d0 [ 26.204137] ? __pfx_kthread+0x10/0x10 [ 26.204159] ret_from_fork_asm+0x1a/0x30 [ 26.204191] </TASK> [ 26.204205] [ 26.215223] Allocated by task 313: [ 26.215403] kasan_save_stack+0x45/0x70 [ 26.215595] kasan_save_track+0x18/0x40 [ 26.215771] kasan_save_alloc_info+0x3b/0x50 [ 26.215962] __kasan_kmalloc+0xb7/0xc0 [ 26.216126] __kmalloc_cache_noprof+0x189/0x420 [ 26.216724] kasan_atomics+0x95/0x310 [ 26.217036] kunit_try_run_case+0x1a5/0x480 [ 26.217429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.217709] kthread+0x337/0x6f0 [ 26.217872] ret_from_fork+0x116/0x1d0 [ 26.218044] ret_from_fork_asm+0x1a/0x30 [ 26.218221] [ 26.218317] The buggy address belongs to the object at ffff88810490f900 [ 26.218317] which belongs to the cache kmalloc-64 of size 64 [ 26.218721] The buggy address is located 0 bytes to the right of [ 26.218721] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 26.219214] [ 26.219285] The buggy address belongs to the physical page: [ 26.219557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 26.219933] flags: 0x200000000000000(node=0|zone=2) [ 26.220148] page_type: f5(slab) [ 26.220299] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.220670] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.220997] page dumped because: kasan: bad access detected [ 26.221232] [ 26.221332] Memory state around the buggy address: [ 26.221566] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.221874] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.222122] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.222394] ^ [ 26.222651] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.222968] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.223179] ================================================================== [ 25.544892] ================================================================== [ 25.545147] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 25.545524] Read of size 4 at addr ffff88810490f930 by task kunit_try_catch/313 [ 25.546089] [ 25.546181] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250702 #1 PREEMPT(voluntary) [ 25.546227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.546239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.546259] Call Trace: [ 25.546274] <TASK> [ 25.546287] dump_stack_lvl+0x73/0xb0 [ 25.546326] print_report+0xd1/0x650 [ 25.546348] ? __virt_addr_valid+0x1db/0x2d0 [ 25.546370] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.546390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.546415] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.546437] kasan_report+0x141/0x180 [ 25.546459] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.546507] __asan_report_load4_noabort+0x18/0x20 [ 25.546531] kasan_atomics_helper+0x4b88/0x5450 [ 25.546553] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.546576] ? kasan_save_alloc_info+0x3b/0x50 [ 25.546603] kasan_atomics+0x1dc/0x310 [ 25.546625] ? __pfx_kasan_atomics+0x10/0x10 [ 25.546648] ? __pfx_read_tsc+0x10/0x10 [ 25.546669] ? ktime_get_ts64+0x86/0x230 [ 25.546692] kunit_try_run_case+0x1a5/0x480 [ 25.546717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.546741] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.546762] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.546784] ? __kthread_parkme+0x82/0x180 [ 25.546804] ? preempt_count_sub+0x50/0x80 [ 25.546827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.546853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.546880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.546906] kthread+0x337/0x6f0 [ 25.546928] ? trace_preempt_on+0x20/0xc0 [ 25.546951] ? __pfx_kthread+0x10/0x10 [ 25.546973] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.546999] ? calculate_sigpending+0x7b/0xa0 [ 25.547024] ? __pfx_kthread+0x10/0x10 [ 25.547047] ret_from_fork+0x116/0x1d0 [ 25.547067] ? __pfx_kthread+0x10/0x10 [ 25.547089] ret_from_fork_asm+0x1a/0x30 [ 25.547122] </TASK> [ 25.547134] [ 25.555065] Allocated by task 313: [ 25.555212] kasan_save_stack+0x45/0x70 [ 25.555377] kasan_save_track+0x18/0x40 [ 25.555748] kasan_save_alloc_info+0x3b/0x50 [ 25.555956] __kasan_kmalloc+0xb7/0xc0 [ 25.556085] __kmalloc_cache_noprof+0x189/0x420 [ 25.556235] kasan_atomics+0x95/0x310 [ 25.556451] kunit_try_run_case+0x1a5/0x480 [ 25.556842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.557114] kthread+0x337/0x6f0 [ 25.557272] ret_from_fork+0x116/0x1d0 [ 25.557465] ret_from_fork_asm+0x1a/0x30 [ 25.557657] [ 25.557752] The buggy address belongs to the object at ffff88810490f900 [ 25.557752] which belongs to the cache kmalloc-64 of size 64 [ 25.558276] The buggy address is located 0 bytes to the right of [ 25.558276] allocated 48-byte region [ffff88810490f900, ffff88810490f930) [ 25.558948] [ 25.559049] The buggy address belongs to the physical page: [ 25.559252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10490f [ 25.559562] flags: 0x200000000000000(node=0|zone=2) [ 25.560028] page_type: f5(slab) [ 25.560201] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.560614] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.561025] page dumped because: kasan: bad access detected [ 25.561215] [ 25.561282] Memory state around the buggy address: [ 25.561447] ffff88810490f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.562069] ffff88810490f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.562744] >ffff88810490f900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.563025] ^ [ 25.563176] ffff88810490f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.563512] ffff88810490fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.563962] ==================================================================