Date
July 3, 2025, 10:10 a.m.
| Environment | |
|---|---|
| dragonboard-845c | |
| qemu-arm64 | |
| qemu-x86_64 |
[ 61.128073] ================================================================== [ 61.135387] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 61.142883] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 61.150375] [ 61.151902] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 61.151931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 61.151938] Hardware name: Thundercomm Dragonboard 845c (DT) [ 61.151949] Call trace: [ 61.151955] show_stack+0x20/0x38 (C) [ 61.151972] dump_stack_lvl+0x8c/0xd0 [ 61.151991] print_report+0x118/0x608 [ 61.152010] kasan_report+0xdc/0x128 [ 61.152029] __asan_report_store4_noabort+0x20/0x30 [ 61.152046] kasan_atomics_helper+0x3f94/0x4858 [ 61.152065] kasan_atomics+0x198/0x2e0 [ 61.152082] kunit_try_run_case+0x170/0x3f0 [ 61.152099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.152120] kthread+0x328/0x630 [ 61.152133] ret_from_fork+0x10/0x20 [ 61.152150] [ 61.222060] Allocated by task 374: [ 61.225518] kasan_save_stack+0x3c/0x68 [ 61.229418] kasan_save_track+0x20/0x40 [ 61.233316] kasan_save_alloc_info+0x40/0x58 [ 61.237655] __kasan_kmalloc+0xd4/0xd8 [ 61.241467] __kmalloc_cache_noprof+0x16c/0x3c0 [ 61.246072] kasan_atomics+0xb8/0x2e0 [ 61.249795] kunit_try_run_case+0x170/0x3f0 [ 61.254051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.259623] kthread+0x328/0x630 [ 61.262909] ret_from_fork+0x10/0x20 [ 61.266547] [ 61.268071] The buggy address belongs to the object at ffff000081814300 [ 61.268071] which belongs to the cache kmalloc-64 of size 64 [ 61.280553] The buggy address is located 0 bytes to the right of [ 61.280553] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 61.293560] [ 61.295085] The buggy address belongs to the physical page: [ 61.300735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 61.308836] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 61.315794] page_type: f5(slab) [ 61.318995] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 61.326836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 61.334671] page dumped because: kasan: bad access detected [ 61.340321] [ 61.341846] Memory state around the buggy address: [ 61.346703] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.354019] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.361332] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 61.368643] ^ [ 61.373503] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.380820] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.388134] ================================================================== [ 61.395515] ================================================================== [ 61.402829] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858 [ 61.410236] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 61.417727] [ 61.419255] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 61.419285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 61.419293] Hardware name: Thundercomm Dragonboard 845c (DT) [ 61.419305] Call trace: [ 61.419311] show_stack+0x20/0x38 (C) [ 61.419330] dump_stack_lvl+0x8c/0xd0 [ 61.419350] print_report+0x118/0x608 [ 61.419369] kasan_report+0xdc/0x128 [ 61.419388] kasan_check_range+0x100/0x1a8 [ 61.419409] __kasan_check_write+0x20/0x30 [ 61.419425] kasan_atomics_helper+0x3ac/0x4858 [ 61.419444] kasan_atomics+0x198/0x2e0 [ 61.419462] kunit_try_run_case+0x170/0x3f0 [ 61.419480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.419502] kthread+0x328/0x630 [ 61.419516] ret_from_fork+0x10/0x20 [ 61.419534] [ 61.492710] Allocated by task 374: [ 61.496169] kasan_save_stack+0x3c/0x68 [ 61.500069] kasan_save_track+0x20/0x40 [ 61.503967] kasan_save_alloc_info+0x40/0x58 [ 61.508309] __kasan_kmalloc+0xd4/0xd8 [ 61.512120] __kmalloc_cache_noprof+0x16c/0x3c0 [ 61.516725] kasan_atomics+0xb8/0x2e0 [ 61.520449] kunit_try_run_case+0x170/0x3f0 [ 61.524706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.530265] kthread+0x328/0x630 [ 61.533554] ret_from_fork+0x10/0x20 [ 61.537191] [ 61.538716] The buggy address belongs to the object at ffff000081814300 [ 61.538716] which belongs to the cache kmalloc-64 of size 64 [ 61.551198] The buggy address is located 0 bytes to the right of [ 61.551198] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 61.564205] [ 61.565730] The buggy address belongs to the physical page: [ 61.571378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 61.579478] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 61.586437] page_type: f5(slab) [ 61.589638] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 61.597480] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 61.605315] page dumped because: kasan: bad access detected [ 61.610965] [ 61.612489] Memory state around the buggy address: [ 61.617347] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.624661] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.631979] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 61.639291] ^ [ 61.644149] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.651465] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.658778] ================================================================== [ 63.560409] ================================================================== [ 63.567724] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858 [ 63.575132] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 63.582623] [ 63.584149] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 63.584179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.584188] Hardware name: Thundercomm Dragonboard 845c (DT) [ 63.584199] Call trace: [ 63.584205] show_stack+0x20/0x38 (C) [ 63.584223] dump_stack_lvl+0x8c/0xd0 [ 63.584243] print_report+0x118/0x608 [ 63.584262] kasan_report+0xdc/0x128 [ 63.584280] kasan_check_range+0x100/0x1a8 [ 63.584300] __kasan_check_write+0x20/0x30 [ 63.584315] kasan_atomics_helper+0x6ec/0x4858 [ 63.584335] kasan_atomics+0x198/0x2e0 [ 63.584353] kunit_try_run_case+0x170/0x3f0 [ 63.584370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.584392] kthread+0x328/0x630 [ 63.584406] ret_from_fork+0x10/0x20 [ 63.584422] [ 63.657598] Allocated by task 374: [ 63.661055] kasan_save_stack+0x3c/0x68 [ 63.664956] kasan_save_track+0x20/0x40 [ 63.668855] kasan_save_alloc_info+0x40/0x58 [ 63.673196] __kasan_kmalloc+0xd4/0xd8 [ 63.677007] __kmalloc_cache_noprof+0x16c/0x3c0 [ 63.681610] kasan_atomics+0xb8/0x2e0 [ 63.685334] kunit_try_run_case+0x170/0x3f0 [ 63.689588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.695160] kthread+0x328/0x630 [ 63.698447] ret_from_fork+0x10/0x20 [ 63.702083] [ 63.703608] The buggy address belongs to the object at ffff000081814300 [ 63.703608] which belongs to the cache kmalloc-64 of size 64 [ 63.716091] The buggy address is located 0 bytes to the right of [ 63.716091] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 63.729097] [ 63.730623] The buggy address belongs to the physical page: [ 63.736271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 63.744371] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 63.751330] page_type: f5(slab) [ 63.754531] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 63.762371] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 63.770207] page dumped because: kasan: bad access detected [ 63.775855] [ 63.777381] Memory state around the buggy address: [ 63.782238] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.789555] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.796870] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 63.804182] ^ [ 63.809042] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.816357] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.823670] ================================================================== [ 60.857444] ================================================================== [ 60.864758] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 60.872166] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 60.879657] [ 60.881184] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 60.881213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.881220] Hardware name: Thundercomm Dragonboard 845c (DT) [ 60.881231] Call trace: [ 60.881238] show_stack+0x20/0x38 (C) [ 60.881255] dump_stack_lvl+0x8c/0xd0 [ 60.881274] print_report+0x118/0x608 [ 60.881292] kasan_report+0xdc/0x128 [ 60.881310] kasan_check_range+0x100/0x1a8 [ 60.881330] __kasan_check_write+0x20/0x30 [ 60.881346] kasan_atomics_helper+0x32c/0x4858 [ 60.881363] kasan_atomics+0x198/0x2e0 [ 60.881382] kunit_try_run_case+0x170/0x3f0 [ 60.881399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.881420] kthread+0x328/0x630 [ 60.881435] ret_from_fork+0x10/0x20 [ 60.881452] [ 60.954631] Allocated by task 374: [ 60.958090] kasan_save_stack+0x3c/0x68 [ 60.961990] kasan_save_track+0x20/0x40 [ 60.965891] kasan_save_alloc_info+0x40/0x58 [ 60.970231] __kasan_kmalloc+0xd4/0xd8 [ 60.974041] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.978646] kasan_atomics+0xb8/0x2e0 [ 60.982371] kunit_try_run_case+0x170/0x3f0 [ 60.986626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.992197] kthread+0x328/0x630 [ 60.995484] ret_from_fork+0x10/0x20 [ 60.999120] [ 61.000644] The buggy address belongs to the object at ffff000081814300 [ 61.000644] which belongs to the cache kmalloc-64 of size 64 [ 61.013128] The buggy address is located 0 bytes to the right of [ 61.013128] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 61.026135] [ 61.027660] The buggy address belongs to the physical page: [ 61.033308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 61.041405] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 61.048363] page_type: f5(slab) [ 61.051566] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 61.059406] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 61.067242] page dumped because: kasan: bad access detected [ 61.072892] [ 61.074415] Memory state around the buggy address: [ 61.079272] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.086589] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.093904] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 61.101217] ^ [ 61.106076] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.113392] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.120705] ================================================================== [ 59.234906] ================================================================== [ 59.249978] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858 [ 59.257484] Read of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 59.264892] [ 59.266429] CPU: 3 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 59.266459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.266469] Hardware name: Thundercomm Dragonboard 845c (DT) [ 59.266484] Call trace: [ 59.266491] show_stack+0x20/0x38 (C) [ 59.266511] dump_stack_lvl+0x8c/0xd0 [ 59.266534] print_report+0x118/0x608 [ 59.266556] kasan_report+0xdc/0x128 [ 59.266575] __asan_report_load4_noabort+0x20/0x30 [ 59.266594] kasan_atomics_helper+0x40a8/0x4858 [ 59.266614] kasan_atomics+0x198/0x2e0 [ 59.266632] kunit_try_run_case+0x170/0x3f0 [ 59.266652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.266674] kthread+0x328/0x630 [ 59.266690] ret_from_fork+0x10/0x20 [ 59.266709] [ 59.336543] Allocated by task 374: [ 59.340005] kasan_save_stack+0x3c/0x68 [ 59.343919] kasan_save_track+0x20/0x40 [ 59.347830] kasan_save_alloc_info+0x40/0x58 [ 59.352172] __kasan_kmalloc+0xd4/0xd8 [ 59.355995] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.360600] kasan_atomics+0xb8/0x2e0 [ 59.364327] kunit_try_run_case+0x170/0x3f0 [ 59.368583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.374160] kthread+0x328/0x630 [ 59.377453] ret_from_fork+0x10/0x20 [ 59.381092] [ 59.382626] The buggy address belongs to the object at ffff000081814300 [ 59.382626] which belongs to the cache kmalloc-64 of size 64 [ 59.395109] The buggy address is located 0 bytes to the right of [ 59.395109] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 59.408122] [ 59.409654] The buggy address belongs to the physical page: [ 59.415303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 59.423410] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.430383] page_type: f5(slab) [ 59.433591] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 59.441439] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 59.449282] page dumped because: kasan: bad access detected [ 59.454933] [ 59.456471] Memory state around the buggy address: [ 59.461335] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.468652] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.475970] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 59.483286] ^ [ 59.488150] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.495471] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.502787] ================================================================== [ 60.049140] ================================================================== [ 60.056462] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x24c/0x4858 [ 60.063875] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 60.071371] [ 60.072899] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 60.072930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.072940] Hardware name: Thundercomm Dragonboard 845c (DT) [ 60.072950] Call trace: [ 60.072956] show_stack+0x20/0x38 (C) [ 60.072975] dump_stack_lvl+0x8c/0xd0 [ 60.072994] print_report+0x118/0x608 [ 60.073014] kasan_report+0xdc/0x128 [ 60.073034] kasan_check_range+0x100/0x1a8 [ 60.073057] __kasan_check_write+0x20/0x30 [ 60.073072] kasan_atomics_helper+0x24c/0x4858 [ 60.073090] kasan_atomics+0x198/0x2e0 [ 60.073107] kunit_try_run_case+0x170/0x3f0 [ 60.073126] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.073148] kthread+0x328/0x630 [ 60.073161] ret_from_fork+0x10/0x20 [ 60.073178] [ 60.146339] Allocated by task 374: [ 60.149792] kasan_save_stack+0x3c/0x68 [ 60.153699] kasan_save_track+0x20/0x40 [ 60.157606] kasan_save_alloc_info+0x40/0x58 [ 60.161943] __kasan_kmalloc+0xd4/0xd8 [ 60.165761] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.170362] kasan_atomics+0xb8/0x2e0 [ 60.174083] kunit_try_run_case+0x170/0x3f0 [ 60.178336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.183900] kthread+0x328/0x630 [ 60.187184] ret_from_fork+0x10/0x20 [ 60.190818] [ 60.192348] The buggy address belongs to the object at ffff000081814300 [ 60.192348] which belongs to the cache kmalloc-64 of size 64 [ 60.204831] The buggy address is located 0 bytes to the right of [ 60.204831] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 60.217837] [ 60.219369] The buggy address belongs to the physical page: [ 60.225014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 60.233116] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.240078] page_type: f5(slab) [ 60.243277] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 60.251120] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 60.258957] page dumped because: kasan: bad access detected [ 60.264599] [ 60.266122] Memory state around the buggy address: [ 60.270974] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.278283] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.285599] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 60.292904] ^ [ 60.297758] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.305065] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.312370] ================================================================== [ 59.778720] ================================================================== [ 59.786041] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ec/0x4858 [ 59.793459] Read of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 59.800859] [ 59.802389] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 59.802421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.802430] Hardware name: Thundercomm Dragonboard 845c (DT) [ 59.802442] Call trace: [ 59.802449] show_stack+0x20/0x38 (C) [ 59.802469] dump_stack_lvl+0x8c/0xd0 [ 59.802490] print_report+0x118/0x608 [ 59.802509] kasan_report+0xdc/0x128 [ 59.802529] kasan_check_range+0x100/0x1a8 [ 59.802550] __kasan_check_read+0x20/0x30 [ 59.802567] kasan_atomics_helper+0x1ec/0x4858 [ 59.802585] kasan_atomics+0x198/0x2e0 [ 59.802602] kunit_try_run_case+0x170/0x3f0 [ 59.802621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.802642] kthread+0x328/0x630 [ 59.802656] ret_from_fork+0x10/0x20 [ 59.802672] [ 59.875760] Allocated by task 374: [ 59.879219] kasan_save_stack+0x3c/0x68 [ 59.883118] kasan_save_track+0x20/0x40 [ 59.887013] kasan_save_alloc_info+0x40/0x58 [ 59.891347] __kasan_kmalloc+0xd4/0xd8 [ 59.895156] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.899754] kasan_atomics+0xb8/0x2e0 [ 59.903476] kunit_try_run_case+0x170/0x3f0 [ 59.907729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.913297] kthread+0x328/0x630 [ 59.916580] ret_from_fork+0x10/0x20 [ 59.920213] [ 59.921737] The buggy address belongs to the object at ffff000081814300 [ 59.921737] which belongs to the cache kmalloc-64 of size 64 [ 59.934220] The buggy address is located 0 bytes to the right of [ 59.934220] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 59.947229] [ 59.948753] The buggy address belongs to the physical page: [ 59.954399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 59.962502] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.969466] page_type: f5(slab) [ 59.972663] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 59.980508] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 59.988346] page dumped because: kasan: bad access detected [ 59.993991] [ 59.995521] Memory state around the buggy address: [ 60.000375] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.007686] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.014997] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 60.022303] ^ [ 60.027157] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.034466] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.041771] ================================================================== [ 60.590189] ================================================================== [ 60.597507] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858 [ 60.605001] Read of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 60.612407] [ 60.613934] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 60.613963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.613973] Hardware name: Thundercomm Dragonboard 845c (DT) [ 60.613983] Call trace: [ 60.613990] show_stack+0x20/0x38 (C) [ 60.614006] dump_stack_lvl+0x8c/0xd0 [ 60.614025] print_report+0x118/0x608 [ 60.614044] kasan_report+0xdc/0x128 [ 60.614062] __asan_report_load4_noabort+0x20/0x30 [ 60.614079] kasan_atomics_helper+0x40fc/0x4858 [ 60.614098] kasan_atomics+0x198/0x2e0 [ 60.614116] kunit_try_run_case+0x170/0x3f0 [ 60.614134] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.614156] kthread+0x328/0x630 [ 60.614170] ret_from_fork+0x10/0x20 [ 60.614188] [ 60.684000] Allocated by task 374: [ 60.687458] kasan_save_stack+0x3c/0x68 [ 60.691357] kasan_save_track+0x20/0x40 [ 60.695256] kasan_save_alloc_info+0x40/0x58 [ 60.699596] __kasan_kmalloc+0xd4/0xd8 [ 60.703408] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.708010] kasan_atomics+0xb8/0x2e0 [ 60.711733] kunit_try_run_case+0x170/0x3f0 [ 60.715988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.721558] kthread+0x328/0x630 [ 60.724845] ret_from_fork+0x10/0x20 [ 60.728481] [ 60.730006] The buggy address belongs to the object at ffff000081814300 [ 60.730006] which belongs to the cache kmalloc-64 of size 64 [ 60.742488] The buggy address is located 0 bytes to the right of [ 60.742488] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 60.755492] [ 60.757018] The buggy address belongs to the physical page: [ 60.762666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 60.770765] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.777723] page_type: f5(slab) [ 60.780925] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 60.788766] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 60.796601] page dumped because: kasan: bad access detected [ 60.802249] [ 60.803774] Memory state around the buggy address: [ 60.808631] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.815945] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.823259] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 60.830575] ^ [ 60.835433] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.842747] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.850060] ================================================================== [ 63.019186] ================================================================== [ 63.026500] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 63.033906] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 63.041397] [ 63.042924] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 63.042953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.042962] Hardware name: Thundercomm Dragonboard 845c (DT) [ 63.042972] Call trace: [ 63.042978] show_stack+0x20/0x38 (C) [ 63.042996] dump_stack_lvl+0x8c/0xd0 [ 63.043014] print_report+0x118/0x608 [ 63.043033] kasan_report+0xdc/0x128 [ 63.043055] kasan_check_range+0x100/0x1a8 [ 63.043075] __kasan_check_write+0x20/0x30 [ 63.043092] kasan_atomics_helper+0x61c/0x4858 [ 63.043111] kasan_atomics+0x198/0x2e0 [ 63.043128] kunit_try_run_case+0x170/0x3f0 [ 63.043147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.043168] kthread+0x328/0x630 [ 63.043181] ret_from_fork+0x10/0x20 [ 63.043197] [ 63.116363] Allocated by task 374: [ 63.119820] kasan_save_stack+0x3c/0x68 [ 63.123723] kasan_save_track+0x20/0x40 [ 63.127621] kasan_save_alloc_info+0x40/0x58 [ 63.131962] __kasan_kmalloc+0xd4/0xd8 [ 63.135773] __kmalloc_cache_noprof+0x16c/0x3c0 [ 63.140376] kasan_atomics+0xb8/0x2e0 [ 63.144098] kunit_try_run_case+0x170/0x3f0 [ 63.148354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.153915] kthread+0x328/0x630 [ 63.157203] ret_from_fork+0x10/0x20 [ 63.160840] [ 63.162365] The buggy address belongs to the object at ffff000081814300 [ 63.162365] which belongs to the cache kmalloc-64 of size 64 [ 63.174848] The buggy address is located 0 bytes to the right of [ 63.174848] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 63.187858] [ 63.189382] The buggy address belongs to the physical page: [ 63.195031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 63.203130] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 63.210089] page_type: f5(slab) [ 63.213288] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 63.221129] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 63.228963] page dumped because: kasan: bad access detected [ 63.234612] [ 63.236136] Memory state around the buggy address: [ 63.240994] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.248309] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.255624] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 63.262939] ^ [ 63.267797] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.275113] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.282426] ================================================================== [ 61.666143] ================================================================== [ 61.673456] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 61.680863] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 61.688353] [ 61.689878] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 61.689908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 61.689916] Hardware name: Thundercomm Dragonboard 845c (DT) [ 61.689926] Call trace: [ 61.689931] show_stack+0x20/0x38 (C) [ 61.689948] dump_stack_lvl+0x8c/0xd0 [ 61.689971] print_report+0x118/0x608 [ 61.689991] kasan_report+0xdc/0x128 [ 61.690009] kasan_check_range+0x100/0x1a8 [ 61.690029] __kasan_check_write+0x20/0x30 [ 61.690044] kasan_atomics_helper+0x414/0x4858 [ 61.690063] kasan_atomics+0x198/0x2e0 [ 61.690082] kunit_try_run_case+0x170/0x3f0 [ 61.690100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.690121] kthread+0x328/0x630 [ 61.690136] ret_from_fork+0x10/0x20 [ 61.690153] [ 61.763307] Allocated by task 374: [ 61.766764] kasan_save_stack+0x3c/0x68 [ 61.770663] kasan_save_track+0x20/0x40 [ 61.774563] kasan_save_alloc_info+0x40/0x58 [ 61.778901] __kasan_kmalloc+0xd4/0xd8 [ 61.782713] __kmalloc_cache_noprof+0x16c/0x3c0 [ 61.787317] kasan_atomics+0xb8/0x2e0 [ 61.791039] kunit_try_run_case+0x170/0x3f0 [ 61.795297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.800868] kthread+0x328/0x630 [ 61.804156] ret_from_fork+0x10/0x20 [ 61.807793] [ 61.809318] The buggy address belongs to the object at ffff000081814300 [ 61.809318] which belongs to the cache kmalloc-64 of size 64 [ 61.821800] The buggy address is located 0 bytes to the right of [ 61.821800] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 61.834807] [ 61.836331] The buggy address belongs to the physical page: [ 61.841979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 61.850079] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 61.857038] page_type: f5(slab) [ 61.860239] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 61.868080] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 61.875917] page dumped because: kasan: bad access detected [ 61.881567] [ 61.883090] Memory state around the buggy address: [ 61.887949] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.895266] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.902582] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 61.909897] ^ [ 61.914754] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.922070] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 61.929385] ================================================================== [ 62.207363] ================================================================== [ 62.214679] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4e4/0x4858 [ 62.222086] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 62.229578] [ 62.231104] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 62.231133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.231141] Hardware name: Thundercomm Dragonboard 845c (DT) [ 62.231151] Call trace: [ 62.231157] show_stack+0x20/0x38 (C) [ 62.231174] dump_stack_lvl+0x8c/0xd0 [ 62.231193] print_report+0x118/0x608 [ 62.231211] kasan_report+0xdc/0x128 [ 62.231230] kasan_check_range+0x100/0x1a8 [ 62.231249] __kasan_check_write+0x20/0x30 [ 62.231264] kasan_atomics_helper+0x4e4/0x4858 [ 62.231282] kasan_atomics+0x198/0x2e0 [ 62.231299] kunit_try_run_case+0x170/0x3f0 [ 62.231317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.231337] kthread+0x328/0x630 [ 62.231350] ret_from_fork+0x10/0x20 [ 62.231367] [ 62.304525] Allocated by task 374: [ 62.307982] kasan_save_stack+0x3c/0x68 [ 62.311881] kasan_save_track+0x20/0x40 [ 62.315782] kasan_save_alloc_info+0x40/0x58 [ 62.320122] __kasan_kmalloc+0xd4/0xd8 [ 62.323933] __kmalloc_cache_noprof+0x16c/0x3c0 [ 62.328537] kasan_atomics+0xb8/0x2e0 [ 62.332261] kunit_try_run_case+0x170/0x3f0 [ 62.336515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.342075] kthread+0x328/0x630 [ 62.345363] ret_from_fork+0x10/0x20 [ 62.349000] [ 62.350524] The buggy address belongs to the object at ffff000081814300 [ 62.350524] which belongs to the cache kmalloc-64 of size 64 [ 62.363006] The buggy address is located 0 bytes to the right of [ 62.363006] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 62.376010] [ 62.377534] The buggy address belongs to the physical page: [ 62.383184] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 62.391282] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 62.398240] page_type: f5(slab) [ 62.401441] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 62.409281] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 62.417117] page dumped because: kasan: bad access detected [ 62.422767] [ 62.424291] Memory state around the buggy address: [ 62.429150] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.436466] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.443782] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 62.451095] ^ [ 62.455952] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.463265] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.470578] ================================================================== [ 60.319739] ================================================================== [ 60.327049] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 60.334449] Read of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 60.341857] [ 60.343383] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 60.343413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.343422] Hardware name: Thundercomm Dragonboard 845c (DT) [ 60.343434] Call trace: [ 60.343440] show_stack+0x20/0x38 (C) [ 60.343457] dump_stack_lvl+0x8c/0xd0 [ 60.343477] print_report+0x118/0x608 [ 60.343495] kasan_report+0xdc/0x128 [ 60.343515] kasan_check_range+0x100/0x1a8 [ 60.343534] __kasan_check_read+0x20/0x30 [ 60.343550] kasan_atomics_helper+0x2b0/0x4858 [ 60.343569] kasan_atomics+0x198/0x2e0 [ 60.343587] kunit_try_run_case+0x170/0x3f0 [ 60.343606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.343628] kthread+0x328/0x630 [ 60.343642] ret_from_fork+0x10/0x20 [ 60.343659] [ 60.416744] Allocated by task 374: [ 60.420202] kasan_save_stack+0x3c/0x68 [ 60.424103] kasan_save_track+0x20/0x40 [ 60.428003] kasan_save_alloc_info+0x40/0x58 [ 60.432344] __kasan_kmalloc+0xd4/0xd8 [ 60.436158] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.440762] kasan_atomics+0xb8/0x2e0 [ 60.444487] kunit_try_run_case+0x170/0x3f0 [ 60.448744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.454304] kthread+0x328/0x630 [ 60.457592] ret_from_fork+0x10/0x20 [ 60.461228] [ 60.462753] The buggy address belongs to the object at ffff000081814300 [ 60.462753] which belongs to the cache kmalloc-64 of size 64 [ 60.475235] The buggy address is located 0 bytes to the right of [ 60.475235] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 60.488239] [ 60.489763] The buggy address belongs to the physical page: [ 60.495413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 60.503513] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.510472] page_type: f5(slab) [ 60.513674] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 60.521513] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 60.529349] page dumped because: kasan: bad access detected [ 60.534999] [ 60.536523] Memory state around the buggy address: [ 60.541380] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.548695] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.556011] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 60.563324] ^ [ 60.568182] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.575496] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 60.582809] ================================================================== [ 62.477958] ================================================================== [ 62.485272] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x54c/0x4858 [ 62.492679] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 62.500172] [ 62.501698] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 62.501727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.501735] Hardware name: Thundercomm Dragonboard 845c (DT) [ 62.501745] Call trace: [ 62.501752] show_stack+0x20/0x38 (C) [ 62.501769] dump_stack_lvl+0x8c/0xd0 [ 62.501788] print_report+0x118/0x608 [ 62.501806] kasan_report+0xdc/0x128 [ 62.501824] kasan_check_range+0x100/0x1a8 [ 62.501844] __kasan_check_write+0x20/0x30 [ 62.501861] kasan_atomics_helper+0x54c/0x4858 [ 62.501880] kasan_atomics+0x198/0x2e0 [ 62.501897] kunit_try_run_case+0x170/0x3f0 [ 62.501916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.501938] kthread+0x328/0x630 [ 62.501952] ret_from_fork+0x10/0x20 [ 62.501969] [ 62.575144] Allocated by task 374: [ 62.578601] kasan_save_stack+0x3c/0x68 [ 62.582502] kasan_save_track+0x20/0x40 [ 62.586399] kasan_save_alloc_info+0x40/0x58 [ 62.590738] __kasan_kmalloc+0xd4/0xd8 [ 62.594549] __kmalloc_cache_noprof+0x16c/0x3c0 [ 62.599153] kasan_atomics+0xb8/0x2e0 [ 62.602877] kunit_try_run_case+0x170/0x3f0 [ 62.607133] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.612695] kthread+0x328/0x630 [ 62.615983] ret_from_fork+0x10/0x20 [ 62.619620] [ 62.621144] The buggy address belongs to the object at ffff000081814300 [ 62.621144] which belongs to the cache kmalloc-64 of size 64 [ 62.633626] The buggy address is located 0 bytes to the right of [ 62.633626] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 62.646634] [ 62.648159] The buggy address belongs to the physical page: [ 62.653806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 62.661905] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 62.668864] page_type: f5(slab) [ 62.672066] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 62.679905] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 62.687741] page dumped because: kasan: bad access detected [ 62.693390] [ 62.694914] Memory state around the buggy address: [ 62.699772] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.707088] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.714405] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 62.721719] ^ [ 62.726578] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.733891] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.741205] ================================================================== [ 62.748571] ================================================================== [ 62.755885] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 62.763293] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 62.770784] [ 62.772309] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 62.772338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.772346] Hardware name: Thundercomm Dragonboard 845c (DT) [ 62.772356] Call trace: [ 62.772362] show_stack+0x20/0x38 (C) [ 62.772380] dump_stack_lvl+0x8c/0xd0 [ 62.772398] print_report+0x118/0x608 [ 62.772418] kasan_report+0xdc/0x128 [ 62.772436] kasan_check_range+0x100/0x1a8 [ 62.772456] __kasan_check_write+0x20/0x30 [ 62.772472] kasan_atomics_helper+0x5b4/0x4858 [ 62.772490] kasan_atomics+0x198/0x2e0 [ 62.772507] kunit_try_run_case+0x170/0x3f0 [ 62.772526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.772548] kthread+0x328/0x630 [ 62.772561] ret_from_fork+0x10/0x20 [ 62.772578] [ 62.845742] Allocated by task 374: [ 62.849200] kasan_save_stack+0x3c/0x68 [ 62.853100] kasan_save_track+0x20/0x40 [ 62.857000] kasan_save_alloc_info+0x40/0x58 [ 62.861341] __kasan_kmalloc+0xd4/0xd8 [ 62.865152] __kmalloc_cache_noprof+0x16c/0x3c0 [ 62.869754] kasan_atomics+0xb8/0x2e0 [ 62.873476] kunit_try_run_case+0x170/0x3f0 [ 62.877731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.883302] kthread+0x328/0x630 [ 62.886588] ret_from_fork+0x10/0x20 [ 62.890223] [ 62.891747] The buggy address belongs to the object at ffff000081814300 [ 62.891747] which belongs to the cache kmalloc-64 of size 64 [ 62.904230] The buggy address is located 0 bytes to the right of [ 62.904230] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 62.917235] [ 62.918761] The buggy address belongs to the physical page: [ 62.924411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 62.932510] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 62.939468] page_type: f5(slab) [ 62.942668] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 62.950508] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 62.958343] page dumped because: kasan: bad access detected [ 62.963993] [ 62.965518] Memory state around the buggy address: [ 62.970375] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.977693] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.985008] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 62.992321] ^ [ 62.997179] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.004493] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.011808] ================================================================== [ 63.289792] ================================================================== [ 63.297106] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x684/0x4858 [ 63.304513] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 63.312006] [ 63.313532] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 63.313561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.313570] Hardware name: Thundercomm Dragonboard 845c (DT) [ 63.313581] Call trace: [ 63.313587] show_stack+0x20/0x38 (C) [ 63.313603] dump_stack_lvl+0x8c/0xd0 [ 63.313621] print_report+0x118/0x608 [ 63.313639] kasan_report+0xdc/0x128 [ 63.313658] kasan_check_range+0x100/0x1a8 [ 63.313678] __kasan_check_write+0x20/0x30 [ 63.313695] kasan_atomics_helper+0x684/0x4858 [ 63.313713] kasan_atomics+0x198/0x2e0 [ 63.313731] kunit_try_run_case+0x170/0x3f0 [ 63.313749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.313770] kthread+0x328/0x630 [ 63.313784] ret_from_fork+0x10/0x20 [ 63.313802] [ 63.386957] Allocated by task 374: [ 63.390417] kasan_save_stack+0x3c/0x68 [ 63.394315] kasan_save_track+0x20/0x40 [ 63.398216] kasan_save_alloc_info+0x40/0x58 [ 63.402558] __kasan_kmalloc+0xd4/0xd8 [ 63.406369] __kmalloc_cache_noprof+0x16c/0x3c0 [ 63.410974] kasan_atomics+0xb8/0x2e0 [ 63.414699] kunit_try_run_case+0x170/0x3f0 [ 63.418955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.424517] kthread+0x328/0x630 [ 63.427804] ret_from_fork+0x10/0x20 [ 63.431440] [ 63.432964] The buggy address belongs to the object at ffff000081814300 [ 63.432964] which belongs to the cache kmalloc-64 of size 64 [ 63.445448] The buggy address is located 0 bytes to the right of [ 63.445448] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 63.458456] [ 63.459981] The buggy address belongs to the physical page: [ 63.465629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 63.473729] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 63.480687] page_type: f5(slab) [ 63.483888] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 63.491729] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 63.499566] page dumped because: kasan: bad access detected [ 63.505216] [ 63.506740] Memory state around the buggy address: [ 63.511597] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.518913] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.526231] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 63.533543] ^ [ 63.538401] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.545717] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 63.553032] ================================================================== [ 61.936763] ================================================================== [ 61.944079] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858 [ 61.951488] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 61.958979] [ 61.960506] CPU: 4 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 61.960536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 61.960543] Hardware name: Thundercomm Dragonboard 845c (DT) [ 61.960555] Call trace: [ 61.960561] show_stack+0x20/0x38 (C) [ 61.960578] dump_stack_lvl+0x8c/0xd0 [ 61.960598] print_report+0x118/0x608 [ 61.960617] kasan_report+0xdc/0x128 [ 61.960636] kasan_check_range+0x100/0x1a8 [ 61.960656] __kasan_check_write+0x20/0x30 [ 61.960671] kasan_atomics_helper+0x47c/0x4858 [ 61.960692] kasan_atomics+0x198/0x2e0 [ 61.960709] kunit_try_run_case+0x170/0x3f0 [ 61.960727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.960749] kthread+0x328/0x630 [ 61.960764] ret_from_fork+0x10/0x20 [ 61.960781] [ 62.033945] Allocated by task 374: [ 62.037404] kasan_save_stack+0x3c/0x68 [ 62.041305] kasan_save_track+0x20/0x40 [ 62.045202] kasan_save_alloc_info+0x40/0x58 [ 62.049541] __kasan_kmalloc+0xd4/0xd8 [ 62.053353] __kmalloc_cache_noprof+0x16c/0x3c0 [ 62.057955] kasan_atomics+0xb8/0x2e0 [ 62.061678] kunit_try_run_case+0x170/0x3f0 [ 62.065932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.071493] kthread+0x328/0x630 [ 62.074780] ret_from_fork+0x10/0x20 [ 62.078416] [ 62.079940] The buggy address belongs to the object at ffff000081814300 [ 62.079940] which belongs to the cache kmalloc-64 of size 64 [ 62.092423] The buggy address is located 0 bytes to the right of [ 62.092423] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 62.105430] [ 62.106954] The buggy address belongs to the physical page: [ 62.112602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 62.120700] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 62.127660] page_type: f5(slab) [ 62.130861] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 62.138701] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 62.146536] page dumped because: kasan: bad access detected [ 62.152186] [ 62.153709] Memory state around the buggy address: [ 62.158568] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.165884] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.173199] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 62.180513] ^ [ 62.185371] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.192686] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 62.200000] ================================================================== [ 59.510179] ================================================================== [ 59.517505] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 59.525010] Write of size 4 at addr ffff000081814330 by task kunit_try_catch/374 [ 59.532510] [ 59.534047] CPU: 3 UID: 0 PID: 374 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 59.534079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.534089] Hardware name: Thundercomm Dragonboard 845c (DT) [ 59.534101] Call trace: [ 59.534109] show_stack+0x20/0x38 (C) [ 59.534128] dump_stack_lvl+0x8c/0xd0 [ 59.534149] print_report+0x118/0x608 [ 59.534169] kasan_report+0xdc/0x128 [ 59.534190] __asan_report_store4_noabort+0x20/0x30 [ 59.534209] kasan_atomics_helper+0x3f7c/0x4858 [ 59.534229] kasan_atomics+0x198/0x2e0 [ 59.534249] kunit_try_run_case+0x170/0x3f0 [ 59.534269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.534292] kthread+0x328/0x630 [ 59.534308] ret_from_fork+0x10/0x20 [ 59.534326] [ 59.604257] Allocated by task 374: [ 59.607720] kasan_save_stack+0x3c/0x68 [ 59.611623] kasan_save_track+0x20/0x40 [ 59.615525] kasan_save_alloc_info+0x40/0x58 [ 59.619863] __kasan_kmalloc+0xd4/0xd8 [ 59.623675] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.628277] kasan_atomics+0xb8/0x2e0 [ 59.632014] kunit_try_run_case+0x170/0x3f0 [ 59.636271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.641846] kthread+0x328/0x630 [ 59.645140] ret_from_fork+0x10/0x20 [ 59.648780] [ 59.650312] The buggy address belongs to the object at ffff000081814300 [ 59.650312] which belongs to the cache kmalloc-64 of size 64 [ 59.662799] The buggy address is located 0 bytes to the right of [ 59.662799] allocated 48-byte region [ffff000081814300, ffff000081814330) [ 59.675811] [ 59.677342] The buggy address belongs to the physical page: [ 59.682993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101814 [ 59.691098] ksm flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.698074] page_type: f5(slab) [ 59.701281] raw: 0bfffe0000000000 ffff0000800028c0 fffffdffc20ea340 0000000000000007 [ 59.709131] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 59.716974] page dumped because: kasan: bad access detected [ 59.722628] [ 59.724165] Memory state around the buggy address: [ 59.729030] ffff000081814200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.736355] ffff000081814280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.743673] >ffff000081814300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 59.750990] ^ [ 59.755853] ffff000081814380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.763172] ffff000081814400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 59.770488] ==================================================================
[ 33.799315] ================================================================== [ 33.799369] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 33.799422] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.799920] [ 33.799989] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.800176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.800211] Hardware name: linux,dummy-virt (DT) [ 33.800247] Call trace: [ 33.800277] show_stack+0x20/0x38 (C) [ 33.800390] dump_stack_lvl+0x8c/0xd0 [ 33.800662] print_report+0x118/0x608 [ 33.800734] kasan_report+0xdc/0x128 [ 33.800790] kasan_check_range+0x100/0x1a8 [ 33.800851] __kasan_check_write+0x20/0x30 [ 33.801411] kasan_atomics_helper+0xe44/0x4858 [ 33.801646] kasan_atomics+0x198/0x2e0 [ 33.801898] kunit_try_run_case+0x170/0x3f0 [ 33.802119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.802217] kthread+0x328/0x630 [ 33.802497] ret_from_fork+0x10/0x20 [ 33.802938] [ 33.803118] Allocated by task 297: [ 33.803311] kasan_save_stack+0x3c/0x68 [ 33.803657] kasan_save_track+0x20/0x40 [ 33.803946] kasan_save_alloc_info+0x40/0x58 [ 33.804204] __kasan_kmalloc+0xd4/0xd8 [ 33.804491] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.804548] kasan_atomics+0xb8/0x2e0 [ 33.804822] kunit_try_run_case+0x170/0x3f0 [ 33.805069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.805283] kthread+0x328/0x630 [ 33.805402] ret_from_fork+0x10/0x20 [ 33.805444] [ 33.805628] The buggy address belongs to the object at fff00000c5a8e300 [ 33.805628] which belongs to the cache kmalloc-64 of size 64 [ 33.805865] The buggy address is located 0 bytes to the right of [ 33.805865] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.806118] [ 33.806353] The buggy address belongs to the physical page: [ 33.806442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.806519] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.806587] page_type: f5(slab) [ 33.806628] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.806693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.806738] page dumped because: kasan: bad access detected [ 33.806772] [ 33.806803] Memory state around the buggy address: [ 33.806847] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.806893] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.806938] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.806979] ^ [ 33.807034] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.807088] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.807138] ================================================================== [ 33.841013] ================================================================== [ 33.841265] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 33.841335] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.841389] [ 33.841425] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.841561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.842155] Hardware name: linux,dummy-virt (DT) [ 33.842340] Call trace: [ 33.842380] show_stack+0x20/0x38 (C) [ 33.842651] dump_stack_lvl+0x8c/0xd0 [ 33.842866] print_report+0x118/0x608 [ 33.843108] kasan_report+0xdc/0x128 [ 33.843263] kasan_check_range+0x100/0x1a8 [ 33.843318] __kasan_check_write+0x20/0x30 [ 33.843615] kasan_atomics_helper+0xf88/0x4858 [ 33.843871] kasan_atomics+0x198/0x2e0 [ 33.844051] kunit_try_run_case+0x170/0x3f0 [ 33.844107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.844846] kthread+0x328/0x630 [ 33.844951] ret_from_fork+0x10/0x20 [ 33.845060] [ 33.845085] Allocated by task 297: [ 33.845115] kasan_save_stack+0x3c/0x68 [ 33.845164] kasan_save_track+0x20/0x40 [ 33.845206] kasan_save_alloc_info+0x40/0x58 [ 33.845707] __kasan_kmalloc+0xd4/0xd8 [ 33.846043] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.846274] kasan_atomics+0xb8/0x2e0 [ 33.846496] kunit_try_run_case+0x170/0x3f0 [ 33.846567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.846872] kthread+0x328/0x630 [ 33.846933] ret_from_fork+0x10/0x20 [ 33.847095] [ 33.847143] The buggy address belongs to the object at fff00000c5a8e300 [ 33.847143] which belongs to the cache kmalloc-64 of size 64 [ 33.847217] The buggy address is located 0 bytes to the right of [ 33.847217] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.847300] [ 33.847341] The buggy address belongs to the physical page: [ 33.847376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.847450] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.847512] page_type: f5(slab) [ 33.847556] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.847619] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.847663] page dumped because: kasan: bad access detected [ 33.847696] [ 33.847718] Memory state around the buggy address: [ 33.847757] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.847803] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.847888] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.848306] ^ [ 33.848418] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.848993] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.849299] ================================================================== [ 33.967980] ================================================================== [ 33.968101] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 33.968302] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.968357] [ 33.968391] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.968480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.968508] Hardware name: linux,dummy-virt (DT) [ 33.968543] Call trace: [ 33.968567] show_stack+0x20/0x38 (C) [ 33.968618] dump_stack_lvl+0x8c/0xd0 [ 33.968669] print_report+0x118/0x608 [ 33.969052] kasan_report+0xdc/0x128 [ 33.969177] kasan_check_range+0x100/0x1a8 [ 33.969678] __kasan_check_write+0x20/0x30 [ 33.969923] kasan_atomics_helper+0x147c/0x4858 [ 33.970151] kasan_atomics+0x198/0x2e0 [ 33.970266] kunit_try_run_case+0x170/0x3f0 [ 33.970703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.971055] kthread+0x328/0x630 [ 33.971195] ret_from_fork+0x10/0x20 [ 33.971575] [ 33.971617] Allocated by task 297: [ 33.971769] kasan_save_stack+0x3c/0x68 [ 33.972001] kasan_save_track+0x20/0x40 [ 33.972292] kasan_save_alloc_info+0x40/0x58 [ 33.972479] __kasan_kmalloc+0xd4/0xd8 [ 33.972531] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.972577] kasan_atomics+0xb8/0x2e0 [ 33.972625] kunit_try_run_case+0x170/0x3f0 [ 33.972667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.973080] kthread+0x328/0x630 [ 33.973142] ret_from_fork+0x10/0x20 [ 33.973184] [ 33.973207] The buggy address belongs to the object at fff00000c5a8e300 [ 33.973207] which belongs to the cache kmalloc-64 of size 64 [ 33.973280] The buggy address is located 0 bytes to the right of [ 33.973280] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.973351] [ 33.973391] The buggy address belongs to the physical page: [ 33.973428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.973494] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.973553] page_type: f5(slab) [ 33.973598] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.973650] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.973703] page dumped because: kasan: bad access detected [ 33.973760] [ 33.973789] Memory state around the buggy address: [ 33.973846] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.974650] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.974709] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.975023] ^ [ 33.975304] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.975388] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.975488] ================================================================== [ 33.904414] ================================================================== [ 33.904475] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 33.904858] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.905162] [ 33.905465] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.905847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.906134] Hardware name: linux,dummy-virt (DT) [ 33.906215] Call trace: [ 33.906331] show_stack+0x20/0x38 (C) [ 33.906830] dump_stack_lvl+0x8c/0xd0 [ 33.907104] print_report+0x118/0x608 [ 33.907342] kasan_report+0xdc/0x128 [ 33.907587] kasan_check_range+0x100/0x1a8 [ 33.907759] __kasan_check_write+0x20/0x30 [ 33.907811] kasan_atomics_helper+0x11f8/0x4858 [ 33.908046] kasan_atomics+0x198/0x2e0 [ 33.908445] kunit_try_run_case+0x170/0x3f0 [ 33.908814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.909028] kthread+0x328/0x630 [ 33.909209] ret_from_fork+0x10/0x20 [ 33.909517] [ 33.909549] Allocated by task 297: [ 33.909863] kasan_save_stack+0x3c/0x68 [ 33.910054] kasan_save_track+0x20/0x40 [ 33.910288] kasan_save_alloc_info+0x40/0x58 [ 33.910398] __kasan_kmalloc+0xd4/0xd8 [ 33.910548] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.910770] kasan_atomics+0xb8/0x2e0 [ 33.911187] kunit_try_run_case+0x170/0x3f0 [ 33.912013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.912215] kthread+0x328/0x630 [ 33.912263] ret_from_fork+0x10/0x20 [ 33.912628] [ 33.912763] The buggy address belongs to the object at fff00000c5a8e300 [ 33.912763] which belongs to the cache kmalloc-64 of size 64 [ 33.913011] The buggy address is located 0 bytes to the right of [ 33.913011] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.913481] [ 33.913535] The buggy address belongs to the physical page: [ 33.913662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.914343] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.914437] page_type: f5(slab) [ 33.915031] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.915395] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.915730] page dumped because: kasan: bad access detected [ 33.915853] [ 33.915976] Memory state around the buggy address: [ 33.916113] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.916343] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.916412] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.916458] ^ [ 33.916495] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.916911] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.917100] ================================================================== [ 33.665301] ================================================================== [ 33.665356] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 33.665846] Write of size 4 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.665917] [ 33.666122] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.666413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.666472] Hardware name: linux,dummy-virt (DT) [ 33.666602] Call trace: [ 33.666630] show_stack+0x20/0x38 (C) [ 33.666722] dump_stack_lvl+0x8c/0xd0 [ 33.666784] print_report+0x118/0x608 [ 33.667000] kasan_report+0xdc/0x128 [ 33.667071] kasan_check_range+0x100/0x1a8 [ 33.667368] __kasan_check_write+0x20/0x30 [ 33.667436] kasan_atomics_helper+0xa6c/0x4858 [ 33.667690] kasan_atomics+0x198/0x2e0 [ 33.667872] kunit_try_run_case+0x170/0x3f0 [ 33.668332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.668494] kthread+0x328/0x630 [ 33.668657] ret_from_fork+0x10/0x20 [ 33.668796] [ 33.668874] Allocated by task 297: [ 33.668907] kasan_save_stack+0x3c/0x68 [ 33.669130] kasan_save_track+0x20/0x40 [ 33.669341] kasan_save_alloc_info+0x40/0x58 [ 33.669568] __kasan_kmalloc+0xd4/0xd8 [ 33.669684] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.669862] kasan_atomics+0xb8/0x2e0 [ 33.669918] kunit_try_run_case+0x170/0x3f0 [ 33.670308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.670492] kthread+0x328/0x630 [ 33.670637] ret_from_fork+0x10/0x20 [ 33.670866] [ 33.670895] The buggy address belongs to the object at fff00000c5a8e300 [ 33.670895] which belongs to the cache kmalloc-64 of size 64 [ 33.671319] The buggy address is located 0 bytes to the right of [ 33.671319] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.671615] [ 33.671693] The buggy address belongs to the physical page: [ 33.671832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.671978] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.672032] page_type: f5(slab) [ 33.672084] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.672166] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.672216] page dumped because: kasan: bad access detected [ 33.672266] [ 33.672448] Memory state around the buggy address: [ 33.672688] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.672754] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.673073] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.673243] ^ [ 33.673305] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.673552] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.673685] ================================================================== [ 33.746762] ================================================================== [ 33.746980] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 33.747049] Read of size 4 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.747110] [ 33.747435] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.747899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.748120] Hardware name: linux,dummy-virt (DT) [ 33.748283] Call trace: [ 33.748332] show_stack+0x20/0x38 (C) [ 33.748475] dump_stack_lvl+0x8c/0xd0 [ 33.748735] print_report+0x118/0x608 [ 33.749031] kasan_report+0xdc/0x128 [ 33.749260] __asan_report_load4_noabort+0x20/0x30 [ 33.749557] kasan_atomics_helper+0x3dd8/0x4858 [ 33.749631] kasan_atomics+0x198/0x2e0 [ 33.749967] kunit_try_run_case+0x170/0x3f0 [ 33.750444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.750791] kthread+0x328/0x630 [ 33.751185] ret_from_fork+0x10/0x20 [ 33.751390] [ 33.751415] Allocated by task 297: [ 33.751747] kasan_save_stack+0x3c/0x68 [ 33.751926] kasan_save_track+0x20/0x40 [ 33.752111] kasan_save_alloc_info+0x40/0x58 [ 33.752175] __kasan_kmalloc+0xd4/0xd8 [ 33.752316] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.752472] kasan_atomics+0xb8/0x2e0 [ 33.752917] kunit_try_run_case+0x170/0x3f0 [ 33.753062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.753320] kthread+0x328/0x630 [ 33.753362] ret_from_fork+0x10/0x20 [ 33.753408] [ 33.753432] The buggy address belongs to the object at fff00000c5a8e300 [ 33.753432] which belongs to the cache kmalloc-64 of size 64 [ 33.754189] The buggy address is located 0 bytes to the right of [ 33.754189] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.754416] [ 33.754536] The buggy address belongs to the physical page: [ 33.754779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.754853] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.755195] page_type: f5(slab) [ 33.755325] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.755928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.755984] page dumped because: kasan: bad access detected [ 33.756020] [ 33.756040] Memory state around the buggy address: [ 33.756076] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.756124] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.756194] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.756241] ^ [ 33.756277] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.756368] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.756612] ================================================================== [ 33.758504] ================================================================== [ 33.759040] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 33.759205] Write of size 4 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.759264] [ 33.759297] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.759392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.759710] Hardware name: linux,dummy-virt (DT) [ 33.759764] Call trace: [ 33.759791] show_stack+0x20/0x38 (C) [ 33.760082] dump_stack_lvl+0x8c/0xd0 [ 33.760527] print_report+0x118/0x608 [ 33.760713] kasan_report+0xdc/0x128 [ 33.760798] kasan_check_range+0x100/0x1a8 [ 33.761046] __kasan_check_write+0x20/0x30 [ 33.761204] kasan_atomics_helper+0xd3c/0x4858 [ 33.761265] kasan_atomics+0x198/0x2e0 [ 33.761460] kunit_try_run_case+0x170/0x3f0 [ 33.761521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.761579] kthread+0x328/0x630 [ 33.761622] ret_from_fork+0x10/0x20 [ 33.761674] [ 33.761695] Allocated by task 297: [ 33.761796] kasan_save_stack+0x3c/0x68 [ 33.761884] kasan_save_track+0x20/0x40 [ 33.761936] kasan_save_alloc_info+0x40/0x58 [ 33.761985] __kasan_kmalloc+0xd4/0xd8 [ 33.762024] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.762066] kasan_atomics+0xb8/0x2e0 [ 33.762106] kunit_try_run_case+0x170/0x3f0 [ 33.762148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.762207] kthread+0x328/0x630 [ 33.762257] ret_from_fork+0x10/0x20 [ 33.762306] [ 33.762327] The buggy address belongs to the object at fff00000c5a8e300 [ 33.762327] which belongs to the cache kmalloc-64 of size 64 [ 33.762389] The buggy address is located 0 bytes to the right of [ 33.762389] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.762460] [ 33.762483] The buggy address belongs to the physical page: [ 33.762524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.762588] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.762639] page_type: f5(slab) [ 33.762679] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.762733] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.762786] page dumped because: kasan: bad access detected [ 33.762829] [ 33.763763] Memory state around the buggy address: [ 33.763844] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.763914] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.763971] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.764039] ^ [ 33.764448] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.764754] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.765087] ================================================================== [ 33.861958] ================================================================== [ 33.862011] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 33.862066] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.862119] [ 33.862317] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.862573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.862747] Hardware name: linux,dummy-virt (DT) [ 33.862811] Call trace: [ 33.863143] show_stack+0x20/0x38 (C) [ 33.863209] dump_stack_lvl+0x8c/0xd0 [ 33.863407] print_report+0x118/0x608 [ 33.863569] kasan_report+0xdc/0x128 [ 33.863624] kasan_check_range+0x100/0x1a8 [ 33.863677] __kasan_check_write+0x20/0x30 [ 33.864075] kasan_atomics_helper+0x1058/0x4858 [ 33.864385] kasan_atomics+0x198/0x2e0 [ 33.864789] kunit_try_run_case+0x170/0x3f0 [ 33.865190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.865264] kthread+0x328/0x630 [ 33.865724] ret_from_fork+0x10/0x20 [ 33.866083] [ 33.866274] Allocated by task 297: [ 33.866397] kasan_save_stack+0x3c/0x68 [ 33.866505] kasan_save_track+0x20/0x40 [ 33.866555] kasan_save_alloc_info+0x40/0x58 [ 33.867336] __kasan_kmalloc+0xd4/0xd8 [ 33.867426] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.867642] kasan_atomics+0xb8/0x2e0 [ 33.867688] kunit_try_run_case+0x170/0x3f0 [ 33.867983] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.868172] kthread+0x328/0x630 [ 33.868533] ret_from_fork+0x10/0x20 [ 33.868588] [ 33.868610] The buggy address belongs to the object at fff00000c5a8e300 [ 33.868610] which belongs to the cache kmalloc-64 of size 64 [ 33.868681] The buggy address is located 0 bytes to the right of [ 33.868681] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.868992] [ 33.869500] The buggy address belongs to the physical page: [ 33.869689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.870058] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.870242] page_type: f5(slab) [ 33.870347] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.870405] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.870896] page dumped because: kasan: bad access detected [ 33.871096] [ 33.871155] Memory state around the buggy address: [ 33.871195] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.871243] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.871288] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.871330] ^ [ 33.871367] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.871412] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.871454] ================================================================== [ 33.766966] ================================================================== [ 33.767026] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 33.767307] Read of size 4 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.767388] [ 33.767423] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.767510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.767540] Hardware name: linux,dummy-virt (DT) [ 33.767815] Call trace: [ 33.768225] show_stack+0x20/0x38 (C) [ 33.768328] dump_stack_lvl+0x8c/0xd0 [ 33.768411] print_report+0x118/0x608 [ 33.768646] kasan_report+0xdc/0x128 [ 33.769058] __asan_report_load4_noabort+0x20/0x30 [ 33.769536] kasan_atomics_helper+0x3e04/0x4858 [ 33.769891] kasan_atomics+0x198/0x2e0 [ 33.769991] kunit_try_run_case+0x170/0x3f0 [ 33.770058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.770737] kthread+0x328/0x630 [ 33.770968] ret_from_fork+0x10/0x20 [ 33.771025] [ 33.771054] Allocated by task 297: [ 33.771277] kasan_save_stack+0x3c/0x68 [ 33.771645] kasan_save_track+0x20/0x40 [ 33.772078] kasan_save_alloc_info+0x40/0x58 [ 33.772202] __kasan_kmalloc+0xd4/0xd8 [ 33.772278] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.772718] kasan_atomics+0xb8/0x2e0 [ 33.772819] kunit_try_run_case+0x170/0x3f0 [ 33.773300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.773818] kthread+0x328/0x630 [ 33.773904] ret_from_fork+0x10/0x20 [ 33.774079] [ 33.774167] The buggy address belongs to the object at fff00000c5a8e300 [ 33.774167] which belongs to the cache kmalloc-64 of size 64 [ 33.774492] The buggy address is located 0 bytes to the right of [ 33.774492] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.774693] [ 33.774750] The buggy address belongs to the physical page: [ 33.774995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.775179] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.775477] page_type: f5(slab) [ 33.775765] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.776055] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.776125] page dumped because: kasan: bad access detected [ 33.776332] [ 33.776500] Memory state around the buggy address: [ 33.776672] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.776872] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.776922] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.776971] ^ [ 33.777008] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.777323] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.777388] ================================================================== [ 33.851082] ================================================================== [ 33.851233] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 33.851437] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.851647] [ 33.851794] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.852053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.852337] Hardware name: linux,dummy-virt (DT) [ 33.852384] Call trace: [ 33.852774] show_stack+0x20/0x38 (C) [ 33.853145] dump_stack_lvl+0x8c/0xd0 [ 33.853426] print_report+0x118/0x608 [ 33.853688] kasan_report+0xdc/0x128 [ 33.853925] kasan_check_range+0x100/0x1a8 [ 33.854409] __kasan_check_write+0x20/0x30 [ 33.854522] kasan_atomics_helper+0xff0/0x4858 [ 33.854874] kasan_atomics+0x198/0x2e0 [ 33.854939] kunit_try_run_case+0x170/0x3f0 [ 33.855283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.855689] kthread+0x328/0x630 [ 33.855828] ret_from_fork+0x10/0x20 [ 33.856485] [ 33.856549] Allocated by task 297: [ 33.856805] kasan_save_stack+0x3c/0x68 [ 33.856869] kasan_save_track+0x20/0x40 [ 33.856912] kasan_save_alloc_info+0x40/0x58 [ 33.856954] __kasan_kmalloc+0xd4/0xd8 [ 33.856996] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.857043] kasan_atomics+0xb8/0x2e0 [ 33.857242] kunit_try_run_case+0x170/0x3f0 [ 33.857749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.858113] kthread+0x328/0x630 [ 33.858430] ret_from_fork+0x10/0x20 [ 33.858772] [ 33.858801] The buggy address belongs to the object at fff00000c5a8e300 [ 33.858801] which belongs to the cache kmalloc-64 of size 64 [ 33.859039] The buggy address is located 0 bytes to the right of [ 33.859039] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.859249] [ 33.859287] The buggy address belongs to the physical page: [ 33.859330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.859396] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.859457] page_type: f5(slab) [ 33.859507] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.859563] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.859614] page dumped because: kasan: bad access detected [ 33.859652] [ 33.859675] Memory state around the buggy address: [ 33.859711] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.859758] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.859804] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.859858] ^ [ 33.859894] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.859959] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.860008] ================================================================== [ 33.872115] ================================================================== [ 33.872169] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 33.872225] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.872277] [ 33.872326] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.872416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.872446] Hardware name: linux,dummy-virt (DT) [ 33.872490] Call trace: [ 33.872516] show_stack+0x20/0x38 (C) [ 33.872565] dump_stack_lvl+0x8c/0xd0 [ 33.872616] print_report+0x118/0x608 [ 33.872673] kasan_report+0xdc/0x128 [ 33.872721] kasan_check_range+0x100/0x1a8 [ 33.872770] __kasan_check_write+0x20/0x30 [ 33.872819] kasan_atomics_helper+0x10c0/0x4858 [ 33.872898] kasan_atomics+0x198/0x2e0 [ 33.873276] kunit_try_run_case+0x170/0x3f0 [ 33.873780] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.873888] kthread+0x328/0x630 [ 33.874328] ret_from_fork+0x10/0x20 [ 33.874656] [ 33.874731] Allocated by task 297: [ 33.875120] kasan_save_stack+0x3c/0x68 [ 33.875274] kasan_save_track+0x20/0x40 [ 33.875320] kasan_save_alloc_info+0x40/0x58 [ 33.875628] __kasan_kmalloc+0xd4/0xd8 [ 33.875999] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.876189] kasan_atomics+0xb8/0x2e0 [ 33.876236] kunit_try_run_case+0x170/0x3f0 [ 33.876857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.876932] kthread+0x328/0x630 [ 33.876971] ret_from_fork+0x10/0x20 [ 33.877015] [ 33.877675] The buggy address belongs to the object at fff00000c5a8e300 [ 33.877675] which belongs to the cache kmalloc-64 of size 64 [ 33.877780] The buggy address is located 0 bytes to the right of [ 33.877780] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.877861] [ 33.877884] The buggy address belongs to the physical page: [ 33.878545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.878622] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.878675] page_type: f5(slab) [ 33.878719] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.879350] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.879710] page dumped because: kasan: bad access detected [ 33.880126] [ 33.880269] Memory state around the buggy address: [ 33.880663] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.880808] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.881049] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.881244] ^ [ 33.881326] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.881668] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.881905] ================================================================== [ 33.938578] ================================================================== [ 33.938633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 33.938689] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.938740] [ 33.938773] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.938877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.938907] Hardware name: linux,dummy-virt (DT) [ 33.938942] Call trace: [ 33.938994] show_stack+0x20/0x38 (C) [ 33.939045] dump_stack_lvl+0x8c/0xd0 [ 33.939097] print_report+0x118/0x608 [ 33.939146] kasan_report+0xdc/0x128 [ 33.939196] kasan_check_range+0x100/0x1a8 [ 33.939247] __kasan_check_write+0x20/0x30 [ 33.939305] kasan_atomics_helper+0x1384/0x4858 [ 33.939358] kasan_atomics+0x198/0x2e0 [ 33.939405] kunit_try_run_case+0x170/0x3f0 [ 33.939456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.939514] kthread+0x328/0x630 [ 33.939558] ret_from_fork+0x10/0x20 [ 33.939608] [ 33.939630] Allocated by task 297: [ 33.939661] kasan_save_stack+0x3c/0x68 [ 33.939715] kasan_save_track+0x20/0x40 [ 33.939759] kasan_save_alloc_info+0x40/0x58 [ 33.939801] __kasan_kmalloc+0xd4/0xd8 [ 33.939852] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.939988] kasan_atomics+0xb8/0x2e0 [ 33.940227] kunit_try_run_case+0x170/0x3f0 [ 33.940449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.940873] kthread+0x328/0x630 [ 33.941126] ret_from_fork+0x10/0x20 [ 33.941375] [ 33.941637] The buggy address belongs to the object at fff00000c5a8e300 [ 33.941637] which belongs to the cache kmalloc-64 of size 64 [ 33.941851] The buggy address is located 0 bytes to the right of [ 33.941851] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.941936] [ 33.941963] The buggy address belongs to the physical page: [ 33.942370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.942756] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.943210] page_type: f5(slab) [ 33.943290] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.943725] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.943879] page dumped because: kasan: bad access detected [ 33.944113] [ 33.944181] Memory state around the buggy address: [ 33.944345] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.944430] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.944550] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.944666] ^ [ 33.944892] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.945088] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.945163] ================================================================== [ 33.827890] ================================================================== [ 33.827998] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 33.828199] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.828669] [ 33.828722] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.829214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.829291] Hardware name: linux,dummy-virt (DT) [ 33.829371] Call trace: [ 33.829408] show_stack+0x20/0x38 (C) [ 33.830072] dump_stack_lvl+0x8c/0xd0 [ 33.830393] print_report+0x118/0x608 [ 33.830777] kasan_report+0xdc/0x128 [ 33.831160] kasan_check_range+0x100/0x1a8 [ 33.831365] __kasan_check_write+0x20/0x30 [ 33.831576] kasan_atomics_helper+0xf20/0x4858 [ 33.831638] kasan_atomics+0x198/0x2e0 [ 33.831898] kunit_try_run_case+0x170/0x3f0 [ 33.832076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.832287] kthread+0x328/0x630 [ 33.832472] ret_from_fork+0x10/0x20 [ 33.832654] [ 33.832789] Allocated by task 297: [ 33.832822] kasan_save_stack+0x3c/0x68 [ 33.833268] kasan_save_track+0x20/0x40 [ 33.833462] kasan_save_alloc_info+0x40/0x58 [ 33.833710] __kasan_kmalloc+0xd4/0xd8 [ 33.834137] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.834302] kasan_atomics+0xb8/0x2e0 [ 33.834514] kunit_try_run_case+0x170/0x3f0 [ 33.834885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.835114] kthread+0x328/0x630 [ 33.835347] ret_from_fork+0x10/0x20 [ 33.835398] [ 33.835422] The buggy address belongs to the object at fff00000c5a8e300 [ 33.835422] which belongs to the cache kmalloc-64 of size 64 [ 33.836129] The buggy address is located 0 bytes to the right of [ 33.836129] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.836222] [ 33.836464] The buggy address belongs to the physical page: [ 33.836755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.836819] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.836882] page_type: f5(slab) [ 33.836924] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.837183] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.837654] page dumped because: kasan: bad access detected [ 33.837797] [ 33.837978] Memory state around the buggy address: [ 33.838067] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.838132] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.838189] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.838485] ^ [ 33.838532] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.839031] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.839214] ================================================================== [ 33.646076] ================================================================== [ 33.646248] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 33.646670] Write of size 4 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.646939] [ 33.647031] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.647128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.647158] Hardware name: linux,dummy-virt (DT) [ 33.647358] Call trace: [ 33.647560] show_stack+0x20/0x38 (C) [ 33.647625] dump_stack_lvl+0x8c/0xd0 [ 33.648067] print_report+0x118/0x608 [ 33.648326] kasan_report+0xdc/0x128 [ 33.648394] kasan_check_range+0x100/0x1a8 [ 33.648547] __kasan_check_write+0x20/0x30 [ 33.648787] kasan_atomics_helper+0x99c/0x4858 [ 33.649051] kasan_atomics+0x198/0x2e0 [ 33.649237] kunit_try_run_case+0x170/0x3f0 [ 33.649391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.649509] kthread+0x328/0x630 [ 33.649681] ret_from_fork+0x10/0x20 [ 33.649945] [ 33.649975] Allocated by task 297: [ 33.650119] kasan_save_stack+0x3c/0x68 [ 33.650367] kasan_save_track+0x20/0x40 [ 33.650422] kasan_save_alloc_info+0x40/0x58 [ 33.650656] __kasan_kmalloc+0xd4/0xd8 [ 33.650820] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.651130] kasan_atomics+0xb8/0x2e0 [ 33.651286] kunit_try_run_case+0x170/0x3f0 [ 33.651624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.651886] kthread+0x328/0x630 [ 33.652027] ret_from_fork+0x10/0x20 [ 33.652340] [ 33.652459] The buggy address belongs to the object at fff00000c5a8e300 [ 33.652459] which belongs to the cache kmalloc-64 of size 64 [ 33.652689] The buggy address is located 0 bytes to the right of [ 33.652689] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.652789] [ 33.652811] The buggy address belongs to the physical page: [ 33.653076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.653310] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.653493] page_type: f5(slab) [ 33.653754] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.653872] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.653919] page dumped because: kasan: bad access detected [ 33.654186] [ 33.654342] Memory state around the buggy address: [ 33.654383] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.654596] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.654926] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.655072] ^ [ 33.655295] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.655516] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.655561] ================================================================== [ 34.070969] ================================================================== [ 34.071036] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 34.071393] Read of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 34.071466] [ 34.071500] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 34.071617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.071649] Hardware name: linux,dummy-virt (DT) [ 34.071684] Call trace: [ 34.071710] show_stack+0x20/0x38 (C) [ 34.071791] dump_stack_lvl+0x8c/0xd0 [ 34.071859] print_report+0x118/0x608 [ 34.071908] kasan_report+0xdc/0x128 [ 34.071959] __asan_report_load8_noabort+0x20/0x30 [ 34.072009] kasan_atomics_helper+0x3e20/0x4858 [ 34.072073] kasan_atomics+0x198/0x2e0 [ 34.072129] kunit_try_run_case+0x170/0x3f0 [ 34.072180] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.072237] kthread+0x328/0x630 [ 34.072282] ret_from_fork+0x10/0x20 [ 34.072333] [ 34.072364] Allocated by task 297: [ 34.072395] kasan_save_stack+0x3c/0x68 [ 34.072441] kasan_save_track+0x20/0x40 [ 34.072483] kasan_save_alloc_info+0x40/0x58 [ 34.072523] __kasan_kmalloc+0xd4/0xd8 [ 34.072563] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.072606] kasan_atomics+0xb8/0x2e0 [ 34.072645] kunit_try_run_case+0x170/0x3f0 [ 34.072697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.072753] kthread+0x328/0x630 [ 34.072788] ret_from_fork+0x10/0x20 [ 34.072827] [ 34.073302] The buggy address belongs to the object at fff00000c5a8e300 [ 34.073302] which belongs to the cache kmalloc-64 of size 64 [ 34.073372] The buggy address is located 0 bytes to the right of [ 34.073372] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 34.074304] [ 34.074620] The buggy address belongs to the physical page: [ 34.074690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 34.074876] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.074932] page_type: f5(slab) [ 34.075061] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 34.075506] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.076164] page dumped because: kasan: bad access detected [ 34.076335] [ 34.076402] Memory state around the buggy address: [ 34.076612] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.077002] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.077068] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.077417] ^ [ 34.077458] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.077505] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.077546] ================================================================== [ 34.050490] ================================================================== [ 34.050749] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 34.050810] Read of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 34.050877] [ 34.050909] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 34.050997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.051024] Hardware name: linux,dummy-virt (DT) [ 34.051058] Call trace: [ 34.051248] show_stack+0x20/0x38 (C) [ 34.051558] dump_stack_lvl+0x8c/0xd0 [ 34.051821] print_report+0x118/0x608 [ 34.051938] kasan_report+0xdc/0x128 [ 34.052064] __asan_report_load8_noabort+0x20/0x30 [ 34.052123] kasan_atomics_helper+0x3e10/0x4858 [ 34.052397] kasan_atomics+0x198/0x2e0 [ 34.052560] kunit_try_run_case+0x170/0x3f0 [ 34.052921] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.052998] kthread+0x328/0x630 [ 34.053044] ret_from_fork+0x10/0x20 [ 34.053660] [ 34.053828] Allocated by task 297: [ 34.053885] kasan_save_stack+0x3c/0x68 [ 34.053934] kasan_save_track+0x20/0x40 [ 34.054241] kasan_save_alloc_info+0x40/0x58 [ 34.054563] __kasan_kmalloc+0xd4/0xd8 [ 34.054634] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.054684] kasan_atomics+0xb8/0x2e0 [ 34.054725] kunit_try_run_case+0x170/0x3f0 [ 34.054828] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.054901] kthread+0x328/0x630 [ 34.054937] ret_from_fork+0x10/0x20 [ 34.054976] [ 34.055000] The buggy address belongs to the object at fff00000c5a8e300 [ 34.055000] which belongs to the cache kmalloc-64 of size 64 [ 34.055076] The buggy address is located 0 bytes to the right of [ 34.055076] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 34.055144] [ 34.055176] The buggy address belongs to the physical page: [ 34.055218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 34.055286] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.055338] page_type: f5(slab) [ 34.055380] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 34.055443] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.055495] page dumped because: kasan: bad access detected [ 34.055546] [ 34.055567] Memory state around the buggy address: [ 34.055601] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.055654] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.055700] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.055740] ^ [ 34.055775] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.056332] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.056672] ================================================================== [ 33.790061] ================================================================== [ 33.790123] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 33.790527] Read of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.790808] [ 33.790866] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.791081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.791148] Hardware name: linux,dummy-virt (DT) [ 33.791231] Call trace: [ 33.791341] show_stack+0x20/0x38 (C) [ 33.791550] dump_stack_lvl+0x8c/0xd0 [ 33.791973] print_report+0x118/0x608 [ 33.792052] kasan_report+0xdc/0x128 [ 33.792137] __asan_report_load8_noabort+0x20/0x30 [ 33.792245] kasan_atomics_helper+0x3f58/0x4858 [ 33.792543] kasan_atomics+0x198/0x2e0 [ 33.792733] kunit_try_run_case+0x170/0x3f0 [ 33.793021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.793294] kthread+0x328/0x630 [ 33.793405] ret_from_fork+0x10/0x20 [ 33.793541] [ 33.793695] Allocated by task 297: [ 33.793922] kasan_save_stack+0x3c/0x68 [ 33.794259] kasan_save_track+0x20/0x40 [ 33.794358] kasan_save_alloc_info+0x40/0x58 [ 33.794702] __kasan_kmalloc+0xd4/0xd8 [ 33.794863] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.794913] kasan_atomics+0xb8/0x2e0 [ 33.795255] kunit_try_run_case+0x170/0x3f0 [ 33.795433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.795491] kthread+0x328/0x630 [ 33.795649] ret_from_fork+0x10/0x20 [ 33.795697] [ 33.795727] The buggy address belongs to the object at fff00000c5a8e300 [ 33.795727] which belongs to the cache kmalloc-64 of size 64 [ 33.795798] The buggy address is located 0 bytes to the right of [ 33.795798] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.795877] [ 33.795919] The buggy address belongs to the physical page: [ 33.795963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.796029] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.796078] page_type: f5(slab) [ 33.796130] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.796185] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.796238] page dumped because: kasan: bad access detected [ 33.796280] [ 33.796549] Memory state around the buggy address: [ 33.796592] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.796992] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.797054] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.797492] ^ [ 33.797568] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.797731] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.798081] ================================================================== [ 34.079284] ================================================================== [ 34.079427] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 34.079650] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 34.079999] [ 34.080125] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 34.080232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.080272] Hardware name: linux,dummy-virt (DT) [ 34.080309] Call trace: [ 34.080492] show_stack+0x20/0x38 (C) [ 34.080704] dump_stack_lvl+0x8c/0xd0 [ 34.080783] print_report+0x118/0x608 [ 34.081244] kasan_report+0xdc/0x128 [ 34.081698] kasan_check_range+0x100/0x1a8 [ 34.081821] __kasan_check_write+0x20/0x30 [ 34.082054] kasan_atomics_helper+0x17ec/0x4858 [ 34.082289] kasan_atomics+0x198/0x2e0 [ 34.082347] kunit_try_run_case+0x170/0x3f0 [ 34.082856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.082940] kthread+0x328/0x630 [ 34.083158] ret_from_fork+0x10/0x20 [ 34.083237] [ 34.083263] Allocated by task 297: [ 34.083585] kasan_save_stack+0x3c/0x68 [ 34.083850] kasan_save_track+0x20/0x40 [ 34.084048] kasan_save_alloc_info+0x40/0x58 [ 34.084460] __kasan_kmalloc+0xd4/0xd8 [ 34.084872] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.084957] kasan_atomics+0xb8/0x2e0 [ 34.085146] kunit_try_run_case+0x170/0x3f0 [ 34.085355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.085435] kthread+0x328/0x630 [ 34.085933] ret_from_fork+0x10/0x20 [ 34.086072] [ 34.086294] The buggy address belongs to the object at fff00000c5a8e300 [ 34.086294] which belongs to the cache kmalloc-64 of size 64 [ 34.086457] The buggy address is located 0 bytes to the right of [ 34.086457] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 34.086795] [ 34.086826] The buggy address belongs to the physical page: [ 34.086871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 34.087375] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.087745] page_type: f5(slab) [ 34.087848] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 34.088147] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.088316] page dumped because: kasan: bad access detected [ 34.088607] [ 34.088778] Memory state around the buggy address: [ 34.088859] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.088908] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.088953] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.088996] ^ [ 34.089032] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.089078] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.089218] ================================================================== [ 33.883754] ================================================================== [ 33.884086] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 33.884160] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.884212] [ 33.884256] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.884347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.884718] Hardware name: linux,dummy-virt (DT) [ 33.884979] Call trace: [ 33.885259] show_stack+0x20/0x38 (C) [ 33.885533] dump_stack_lvl+0x8c/0xd0 [ 33.885589] print_report+0x118/0x608 [ 33.885638] kasan_report+0xdc/0x128 [ 33.885687] kasan_check_range+0x100/0x1a8 [ 33.886953] __kasan_check_write+0x20/0x30 [ 33.887056] kasan_atomics_helper+0x1128/0x4858 [ 33.887140] kasan_atomics+0x198/0x2e0 [ 33.887232] kunit_try_run_case+0x170/0x3f0 [ 33.887311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.887623] kthread+0x328/0x630 [ 33.887678] ret_from_fork+0x10/0x20 [ 33.888260] [ 33.888401] Allocated by task 297: [ 33.888526] kasan_save_stack+0x3c/0x68 [ 33.888586] kasan_save_track+0x20/0x40 [ 33.888630] kasan_save_alloc_info+0x40/0x58 [ 33.888677] __kasan_kmalloc+0xd4/0xd8 [ 33.889077] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.889378] kasan_atomics+0xb8/0x2e0 [ 33.889625] kunit_try_run_case+0x170/0x3f0 [ 33.889800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.890072] kthread+0x328/0x630 [ 33.890395] ret_from_fork+0x10/0x20 [ 33.890827] [ 33.891038] The buggy address belongs to the object at fff00000c5a8e300 [ 33.891038] which belongs to the cache kmalloc-64 of size 64 [ 33.891296] The buggy address is located 0 bytes to the right of [ 33.891296] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.891726] [ 33.891757] The buggy address belongs to the physical page: [ 33.891799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.892347] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.892484] page_type: f5(slab) [ 33.892657] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.892791] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.892845] page dumped because: kasan: bad access detected [ 33.892881] [ 33.892901] Memory state around the buggy address: [ 33.893234] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.893321] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.893426] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.893480] ^ [ 33.893516] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.893561] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.893603] ================================================================== [ 33.958754] ================================================================== [ 33.958915] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 33.958976] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.959052] [ 33.959087] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.959177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.959532] Hardware name: linux,dummy-virt (DT) [ 33.959726] Call trace: [ 33.959788] show_stack+0x20/0x38 (C) [ 33.960015] dump_stack_lvl+0x8c/0xd0 [ 33.960141] print_report+0x118/0x608 [ 33.960509] kasan_report+0xdc/0x128 [ 33.960561] kasan_check_range+0x100/0x1a8 [ 33.960774] __kasan_check_write+0x20/0x30 [ 33.961442] kasan_atomics_helper+0x1414/0x4858 [ 33.961556] kasan_atomics+0x198/0x2e0 [ 33.961722] kunit_try_run_case+0x170/0x3f0 [ 33.961912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.962097] kthread+0x328/0x630 [ 33.962263] ret_from_fork+0x10/0x20 [ 33.962351] [ 33.962373] Allocated by task 297: [ 33.962717] kasan_save_stack+0x3c/0x68 [ 33.963044] kasan_save_track+0x20/0x40 [ 33.963195] kasan_save_alloc_info+0x40/0x58 [ 33.963443] __kasan_kmalloc+0xd4/0xd8 [ 33.963674] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.963739] kasan_atomics+0xb8/0x2e0 [ 33.963781] kunit_try_run_case+0x170/0x3f0 [ 33.963824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.963899] kthread+0x328/0x630 [ 33.963936] ret_from_fork+0x10/0x20 [ 33.963985] [ 33.964009] The buggy address belongs to the object at fff00000c5a8e300 [ 33.964009] which belongs to the cache kmalloc-64 of size 64 [ 33.964078] The buggy address is located 0 bytes to the right of [ 33.964078] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.964157] [ 33.964189] The buggy address belongs to the physical page: [ 33.964225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.964281] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.964426] page_type: f5(slab) [ 33.964798] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.964870] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.964915] page dumped because: kasan: bad access detected [ 33.964950] [ 33.964970] Memory state around the buggy address: [ 33.965006] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.965053] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.965098] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.965817] ^ [ 33.965929] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.966133] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.966180] ================================================================== [ 33.820952] ================================================================== [ 33.821496] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 33.821709] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.821855] [ 33.821896] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.821995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.822024] Hardware name: linux,dummy-virt (DT) [ 33.822108] Call trace: [ 33.822143] show_stack+0x20/0x38 (C) [ 33.822200] dump_stack_lvl+0x8c/0xd0 [ 33.822253] print_report+0x118/0x608 [ 33.822303] kasan_report+0xdc/0x128 [ 33.822352] kasan_check_range+0x100/0x1a8 [ 33.822403] __kasan_check_write+0x20/0x30 [ 33.822451] kasan_atomics_helper+0xeb8/0x4858 [ 33.822507] kasan_atomics+0x198/0x2e0 [ 33.822555] kunit_try_run_case+0x170/0x3f0 [ 33.822606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.822663] kthread+0x328/0x630 [ 33.822709] ret_from_fork+0x10/0x20 [ 33.822759] [ 33.822782] Allocated by task 297: [ 33.822812] kasan_save_stack+0x3c/0x68 [ 33.822870] kasan_save_track+0x20/0x40 [ 33.822913] kasan_save_alloc_info+0x40/0x58 [ 33.822963] __kasan_kmalloc+0xd4/0xd8 [ 33.823004] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.823048] kasan_atomics+0xb8/0x2e0 [ 33.823087] kunit_try_run_case+0x170/0x3f0 [ 33.823139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.823198] kthread+0x328/0x630 [ 33.823245] ret_from_fork+0x10/0x20 [ 33.823286] [ 33.823307] The buggy address belongs to the object at fff00000c5a8e300 [ 33.823307] which belongs to the cache kmalloc-64 of size 64 [ 33.823367] The buggy address is located 0 bytes to the right of [ 33.823367] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.823443] [ 33.823466] The buggy address belongs to the physical page: [ 33.823500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.823554] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.823605] page_type: f5(slab) [ 33.823651] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.823705] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.823755] page dumped because: kasan: bad access detected [ 33.823789] [ 33.823809] Memory state around the buggy address: [ 33.825017] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.825101] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.825184] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.825337] ^ [ 33.825382] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.825674] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.825935] ================================================================== [ 33.977669] ================================================================== [ 33.977728] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 33.978122] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.978289] [ 33.978353] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.978579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.978613] Hardware name: linux,dummy-virt (DT) [ 33.978649] Call trace: [ 33.978698] show_stack+0x20/0x38 (C) [ 33.978766] dump_stack_lvl+0x8c/0xd0 [ 33.979126] print_report+0x118/0x608 [ 33.979202] kasan_report+0xdc/0x128 [ 33.979345] kasan_check_range+0x100/0x1a8 [ 33.979457] __kasan_check_write+0x20/0x30 [ 33.979562] kasan_atomics_helper+0x14e4/0x4858 [ 33.979621] kasan_atomics+0x198/0x2e0 [ 33.980099] kunit_try_run_case+0x170/0x3f0 [ 33.980267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.980453] kthread+0x328/0x630 [ 33.980725] ret_from_fork+0x10/0x20 [ 33.980952] [ 33.981003] Allocated by task 297: [ 33.981181] kasan_save_stack+0x3c/0x68 [ 33.981527] kasan_save_track+0x20/0x40 [ 33.981850] kasan_save_alloc_info+0x40/0x58 [ 33.982027] __kasan_kmalloc+0xd4/0xd8 [ 33.982383] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.982585] kasan_atomics+0xb8/0x2e0 [ 33.982792] kunit_try_run_case+0x170/0x3f0 [ 33.983134] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.983489] kthread+0x328/0x630 [ 33.983625] ret_from_fork+0x10/0x20 [ 33.983763] [ 33.984069] The buggy address belongs to the object at fff00000c5a8e300 [ 33.984069] which belongs to the cache kmalloc-64 of size 64 [ 33.984192] The buggy address is located 0 bytes to the right of [ 33.984192] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.984265] [ 33.984306] The buggy address belongs to the physical page: [ 33.984711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.984778] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.984829] page_type: f5(slab) [ 33.984887] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.985554] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.985824] page dumped because: kasan: bad access detected [ 33.985907] [ 33.985959] Memory state around the buggy address: [ 33.986176] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.986623] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.986936] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.987049] ^ [ 33.987089] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.987385] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.987544] ================================================================== [ 33.896325] ================================================================== [ 33.896563] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 33.896654] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.896708] [ 33.896741] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.897231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.897384] Hardware name: linux,dummy-virt (DT) [ 33.897675] Call trace: [ 33.897764] show_stack+0x20/0x38 (C) [ 33.897961] dump_stack_lvl+0x8c/0xd0 [ 33.898019] print_report+0x118/0x608 [ 33.898206] kasan_report+0xdc/0x128 [ 33.898430] kasan_check_range+0x100/0x1a8 [ 33.898551] __kasan_check_write+0x20/0x30 [ 33.898605] kasan_atomics_helper+0x1190/0x4858 [ 33.898665] kasan_atomics+0x198/0x2e0 [ 33.898714] kunit_try_run_case+0x170/0x3f0 [ 33.898765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.898822] kthread+0x328/0x630 [ 33.898877] ret_from_fork+0x10/0x20 [ 33.898933] [ 33.898992] Allocated by task 297: [ 33.899025] kasan_save_stack+0x3c/0x68 [ 33.899081] kasan_save_track+0x20/0x40 [ 33.899122] kasan_save_alloc_info+0x40/0x58 [ 33.899163] __kasan_kmalloc+0xd4/0xd8 [ 33.899213] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.899257] kasan_atomics+0xb8/0x2e0 [ 33.899297] kunit_try_run_case+0x170/0x3f0 [ 33.899353] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.899403] kthread+0x328/0x630 [ 33.899439] ret_from_fork+0x10/0x20 [ 33.899479] [ 33.899509] The buggy address belongs to the object at fff00000c5a8e300 [ 33.899509] which belongs to the cache kmalloc-64 of size 64 [ 33.899571] The buggy address is located 0 bytes to the right of [ 33.899571] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.899647] [ 33.899678] The buggy address belongs to the physical page: [ 33.899731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.899804] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.900249] page_type: f5(slab) [ 33.900316] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.900394] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.900462] page dumped because: kasan: bad access detected [ 33.901059] [ 33.901504] Memory state around the buggy address: [ 33.901995] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.902166] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.902222] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.902411] ^ [ 33.902456] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.902675] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.902826] ================================================================== [ 33.993572] ================================================================== [ 33.993624] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 33.993674] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.993731] [ 33.993761] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.995082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.995126] Hardware name: linux,dummy-virt (DT) [ 33.995182] Call trace: [ 33.995226] show_stack+0x20/0x38 (C) [ 33.995298] dump_stack_lvl+0x8c/0xd0 [ 33.995379] print_report+0x118/0x608 [ 33.995466] kasan_report+0xdc/0x128 [ 33.995695] kasan_check_range+0x100/0x1a8 [ 33.996268] __kasan_check_write+0x20/0x30 [ 33.996571] kasan_atomics_helper+0x15b4/0x4858 [ 33.996928] kasan_atomics+0x198/0x2e0 [ 33.997176] kunit_try_run_case+0x170/0x3f0 [ 33.997561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.997934] kthread+0x328/0x630 [ 33.998312] ret_from_fork+0x10/0x20 [ 33.998627] [ 33.998707] Allocated by task 297: [ 33.998741] kasan_save_stack+0x3c/0x68 [ 33.999087] kasan_save_track+0x20/0x40 [ 33.999853] kasan_save_alloc_info+0x40/0x58 [ 34.000040] __kasan_kmalloc+0xd4/0xd8 [ 34.000312] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.000602] kasan_atomics+0xb8/0x2e0 [ 34.000658] kunit_try_run_case+0x170/0x3f0 [ 34.001004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.001349] kthread+0x328/0x630 [ 34.001486] ret_from_fork+0x10/0x20 [ 34.001530] [ 34.001893] The buggy address belongs to the object at fff00000c5a8e300 [ 34.001893] which belongs to the cache kmalloc-64 of size 64 [ 34.002127] The buggy address is located 0 bytes to the right of [ 34.002127] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 34.002637] [ 34.002708] The buggy address belongs to the physical page: [ 34.003017] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 34.003094] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.003198] page_type: f5(slab) [ 34.003243] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 34.003527] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.003870] page dumped because: kasan: bad access detected [ 34.004176] [ 34.004525] Memory state around the buggy address: [ 34.004825] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.005087] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.005254] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.005295] ^ [ 34.005332] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.005379] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.005728] ================================================================== [ 33.675797] ================================================================== [ 33.675929] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 33.675991] Write of size 4 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.676193] [ 33.676378] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.676494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.676662] Hardware name: linux,dummy-virt (DT) [ 33.676768] Call trace: [ 33.676902] show_stack+0x20/0x38 (C) [ 33.676988] dump_stack_lvl+0x8c/0xd0 [ 33.677045] print_report+0x118/0x608 [ 33.677093] kasan_report+0xdc/0x128 [ 33.677142] kasan_check_range+0x100/0x1a8 [ 33.677193] __kasan_check_write+0x20/0x30 [ 33.677727] kasan_atomics_helper+0xad4/0x4858 [ 33.678675] kasan_atomics+0x198/0x2e0 [ 33.678951] kunit_try_run_case+0x170/0x3f0 [ 33.679258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.680503] kasan_save_stack+0x3c/0x68 [ 33.681312] kasan_atomics+0xb8/0x2e0 [ 33.682427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.682499] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.682550] page_type: f5(slab) [ 33.682600] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.682663] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.682706] page dumped because: kasan: bad access detected [ 33.682740] [ 33.682771] Memory state around the buggy address: [ 33.682819] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.683083] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.683225] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.683670] ^ [ 33.683727] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.683777] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.686319] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 33.687282] Call trace: [ 33.689706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.690665] kasan_save_alloc_info+0x40/0x58 [ 33.692847] The buggy address is located 0 bytes to the right of [ 33.692847] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.693822] page_type: f5(slab) [ 33.694051] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.694611] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.694798] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.697665] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 33.699540] print_report+0x118/0x608 [ 33.700101] kthread+0x328/0x630 [ 33.701797] __kasan_kmalloc+0xd4/0xd8 [ 33.703194] [ 33.703566] The buggy address is located 0 bytes to the right of [ 33.703566] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.704409] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.705713] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.706293] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.707819] [ 33.707951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.708101] dump_stack_lvl+0x8c/0xd0 [ 33.709935] kasan_save_stack+0x3c/0x68 [ 33.713164] [ 33.714499] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.716525] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.718941] ================================================================== [ 33.947335] ================================================================== [ 33.947589] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 33.947830] Read of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.947941] [ 33.947978] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.948066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.948094] Hardware name: linux,dummy-virt (DT) [ 33.948130] Call trace: [ 33.948625] show_stack+0x20/0x38 (C) [ 33.948914] dump_stack_lvl+0x8c/0xd0 [ 33.949118] print_report+0x118/0x608 [ 33.949245] kasan_report+0xdc/0x128 [ 33.949497] __asan_report_load8_noabort+0x20/0x30 [ 33.949600] kasan_atomics_helper+0x3f04/0x4858 [ 33.949663] kasan_atomics+0x198/0x2e0 [ 33.949718] kunit_try_run_case+0x170/0x3f0 [ 33.950155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.950576] kthread+0x328/0x630 [ 33.950664] ret_from_fork+0x10/0x20 [ 33.950721] [ 33.950991] Allocated by task 297: [ 33.951406] kasan_save_stack+0x3c/0x68 [ 33.951704] kasan_save_track+0x20/0x40 [ 33.952125] kasan_save_alloc_info+0x40/0x58 [ 33.952283] __kasan_kmalloc+0xd4/0xd8 [ 33.952353] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.952477] kasan_atomics+0xb8/0x2e0 [ 33.952518] kunit_try_run_case+0x170/0x3f0 [ 33.952567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.952616] kthread+0x328/0x630 [ 33.952844] ret_from_fork+0x10/0x20 [ 33.953188] [ 33.953224] The buggy address belongs to the object at fff00000c5a8e300 [ 33.953224] which belongs to the cache kmalloc-64 of size 64 [ 33.953324] The buggy address is located 0 bytes to the right of [ 33.953324] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.953755] [ 33.953820] The buggy address belongs to the physical page: [ 33.953970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.954035] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.954086] page_type: f5(slab) [ 33.954463] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.954856] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.955106] page dumped because: kasan: bad access detected [ 33.955492] [ 33.955648] Memory state around the buggy address: [ 33.955774] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.955854] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.955900] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.955941] ^ [ 33.955977] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.956023] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.956148] ================================================================== [ 33.989293] ================================================================== [ 33.989437] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 33.989547] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.989609] [ 33.989806] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.989922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.990324] Hardware name: linux,dummy-virt (DT) [ 33.990374] Call trace: [ 33.990399] show_stack+0x20/0x38 (C) [ 33.990455] dump_stack_lvl+0x8c/0xd0 [ 33.990683] print_report+0x118/0x608 [ 33.990872] kasan_report+0xdc/0x128 [ 33.990926] kasan_check_range+0x100/0x1a8 [ 33.991105] __kasan_check_write+0x20/0x30 [ 33.991331] kasan_atomics_helper+0x154c/0x4858 [ 33.991551] kasan_atomics+0x198/0x2e0 [ 33.991607] kunit_try_run_case+0x170/0x3f0 [ 33.991767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.991853] kthread+0x328/0x630 [ 33.991899] ret_from_fork+0x10/0x20 [ 33.991950] [ 33.991972] Allocated by task 297: [ 33.992001] kasan_save_stack+0x3c/0x68 [ 33.992058] kasan_save_track+0x20/0x40 [ 33.992111] kasan_save_alloc_info+0x40/0x58 [ 33.992153] __kasan_kmalloc+0xd4/0xd8 [ 33.992202] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.992254] kasan_atomics+0xb8/0x2e0 [ 33.992295] kunit_try_run_case+0x170/0x3f0 [ 33.992347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.992397] kthread+0x328/0x630 [ 33.992433] ret_from_fork+0x10/0x20 [ 33.992472] [ 33.992493] The buggy address belongs to the object at fff00000c5a8e300 [ 33.992493] which belongs to the cache kmalloc-64 of size 64 [ 33.992563] The buggy address is located 0 bytes to the right of [ 33.992563] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.992632] [ 33.992653] The buggy address belongs to the physical page: [ 33.992687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.992740] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.992788] page_type: f5(slab) [ 33.992829] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.993023] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.993082] page dumped because: kasan: bad access detected [ 33.993118] [ 33.993138] Memory state around the buggy address: [ 33.993172] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.993218] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.993263] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.993302] ^ [ 33.993337] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.993384] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.993456] ================================================================== [ 33.657620] ================================================================== [ 33.657696] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 33.657856] Write of size 4 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.657919] [ 33.657990] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.658101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.658138] Hardware name: linux,dummy-virt (DT) [ 33.658174] Call trace: [ 33.658198] show_stack+0x20/0x38 (C) [ 33.658257] dump_stack_lvl+0x8c/0xd0 [ 33.658310] print_report+0x118/0x608 [ 33.658359] kasan_report+0xdc/0x128 [ 33.658406] kasan_check_range+0x100/0x1a8 [ 33.658457] __kasan_check_write+0x20/0x30 [ 33.658503] kasan_atomics_helper+0xa04/0x4858 [ 33.658554] kasan_atomics+0x198/0x2e0 [ 33.658608] kunit_try_run_case+0x170/0x3f0 [ 33.658659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.658725] kthread+0x328/0x630 [ 33.658772] ret_from_fork+0x10/0x20 [ 33.658820] [ 33.659198] Allocated by task 297: [ 33.659248] kasan_save_stack+0x3c/0x68 [ 33.659578] kasan_save_track+0x20/0x40 [ 33.659631] kasan_save_alloc_info+0x40/0x58 [ 33.659887] __kasan_kmalloc+0xd4/0xd8 [ 33.659961] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.660171] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.661252] [ 33.661390] The buggy address belongs to the physical page: [ 33.661430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.661967] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.662341] page_type: f5(slab) [ 33.662504] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.662727] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.662933] page dumped because: kasan: bad access detected [ 33.663009] [ 33.663089] Memory state around the buggy address: [ 33.663178] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.663261] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.663495] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.663696] ^ [ 33.663826] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.664045] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.664266] ================================================================== [ 33.628070] ================================================================== [ 33.628386] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 33.628542] Read of size 4 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.628611] [ 33.628678] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.628781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.628811] Hardware name: linux,dummy-virt (DT) [ 33.628945] Call trace: [ 33.628979] show_stack+0x20/0x38 (C) [ 33.629042] dump_stack_lvl+0x8c/0xd0 [ 33.629104] print_report+0x118/0x608 [ 33.629161] kasan_report+0xdc/0x128 [ 33.629210] __asan_report_load4_noabort+0x20/0x30 [ 33.629262] kasan_atomics_helper+0x42d8/0x4858 [ 33.629315] kasan_atomics+0x198/0x2e0 [ 33.629374] kunit_try_run_case+0x170/0x3f0 [ 33.629425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.629484] kthread+0x328/0x630 [ 33.629538] ret_from_fork+0x10/0x20 [ 33.629598] [ 33.629619] Allocated by task 297: [ 33.629655] kasan_save_stack+0x3c/0x68 [ 33.629700] kasan_save_track+0x20/0x40 [ 33.629742] kasan_save_alloc_info+0x40/0x58 [ 33.629791] __kasan_kmalloc+0xd4/0xd8 [ 33.629868] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.631787] [ 33.632252] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.632311] page_type: f5(slab) [ 33.632562] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.632777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.633673] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.634590] ================================================================== [ 33.778646] ================================================================== [ 33.779253] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 33.779435] Read of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.779692] [ 33.779737] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.780066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.780110] Hardware name: linux,dummy-virt (DT) [ 33.780146] Call trace: [ 33.780334] show_stack+0x20/0x38 (C) [ 33.780566] dump_stack_lvl+0x8c/0xd0 [ 33.780619] print_report+0x118/0x608 [ 33.780945] kasan_report+0xdc/0x128 [ 33.781411] kasan_check_range+0x100/0x1a8 [ 33.781496] __kasan_check_read+0x20/0x30 [ 33.781807] kasan_atomics_helper+0xdd4/0x4858 [ 33.781884] kasan_atomics+0x198/0x2e0 [ 33.781994] kunit_try_run_case+0x170/0x3f0 [ 33.782049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.782118] kthread+0x328/0x630 [ 33.782163] ret_from_fork+0x10/0x20 [ 33.782222] [ 33.782251] Allocated by task 297: [ 33.782322] kasan_save_stack+0x3c/0x68 [ 33.782371] kasan_save_track+0x20/0x40 [ 33.782413] kasan_save_alloc_info+0x40/0x58 [ 33.782469] __kasan_kmalloc+0xd4/0xd8 [ 33.782517] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.782560] kasan_atomics+0xb8/0x2e0 [ 33.782601] kunit_try_run_case+0x170/0x3f0 [ 33.782641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.782688] kthread+0x328/0x630 [ 33.782745] ret_from_fork+0x10/0x20 [ 33.782785] [ 33.782814] The buggy address belongs to the object at fff00000c5a8e300 [ 33.782814] which belongs to the cache kmalloc-64 of size 64 [ 33.783776] The buggy address is located 0 bytes to the right of [ 33.783776] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.784020] [ 33.784189] The buggy address belongs to the physical page: [ 33.784225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.784911] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.785114] page_type: f5(slab) [ 33.785399] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.785574] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.785726] page dumped because: kasan: bad access detected [ 33.785784] [ 33.786037] Memory state around the buggy address: [ 33.786212] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.786303] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.786433] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.786645] ^ [ 33.786683] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.786753] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.786972] ================================================================== [ 33.809279] ================================================================== [ 33.809333] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 33.809390] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.809441] [ 33.809964] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.810184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.810219] Hardware name: linux,dummy-virt (DT) [ 33.810317] Call trace: [ 33.810342] show_stack+0x20/0x38 (C) [ 33.810397] dump_stack_lvl+0x8c/0xd0 [ 33.810504] print_report+0x118/0x608 [ 33.810580] kasan_report+0xdc/0x128 [ 33.810640] __asan_report_store8_noabort+0x20/0x30 [ 33.810937] kasan_atomics_helper+0x3e5c/0x4858 [ 33.811135] kasan_atomics+0x198/0x2e0 [ 33.811477] kunit_try_run_case+0x170/0x3f0 [ 33.811556] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.811618] kthread+0x328/0x630 [ 33.811663] ret_from_fork+0x10/0x20 [ 33.811715] [ 33.812009] Allocated by task 297: [ 33.812076] kasan_save_stack+0x3c/0x68 [ 33.812130] kasan_save_track+0x20/0x40 [ 33.812425] kasan_save_alloc_info+0x40/0x58 [ 33.812718] __kasan_kmalloc+0xd4/0xd8 [ 33.813189] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.813414] kasan_atomics+0xb8/0x2e0 [ 33.813612] kunit_try_run_case+0x170/0x3f0 [ 33.813684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.814020] kthread+0x328/0x630 [ 33.814530] ret_from_fork+0x10/0x20 [ 33.814817] [ 33.815140] The buggy address belongs to the object at fff00000c5a8e300 [ 33.815140] which belongs to the cache kmalloc-64 of size 64 [ 33.815590] The buggy address is located 0 bytes to the right of [ 33.815590] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.815901] [ 33.816083] The buggy address belongs to the physical page: [ 33.816140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.816464] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.816747] page_type: f5(slab) [ 33.816911] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.816974] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.817017] page dumped because: kasan: bad access detected [ 33.817052] [ 33.817072] Memory state around the buggy address: [ 33.817406] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.817778] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.818071] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.818185] ^ [ 33.818226] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.818282] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.818324] ================================================================== [ 34.038987] ================================================================== [ 34.039257] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 34.039468] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 34.039639] [ 34.039674] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 34.040020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.040065] Hardware name: linux,dummy-virt (DT) [ 34.040102] Call trace: [ 34.040126] show_stack+0x20/0x38 (C) [ 34.040388] dump_stack_lvl+0x8c/0xd0 [ 34.040605] print_report+0x118/0x608 [ 34.040881] kasan_report+0xdc/0x128 [ 34.041161] kasan_check_range+0x100/0x1a8 [ 34.041244] __kasan_check_write+0x20/0x30 [ 34.041452] kasan_atomics_helper+0x16d0/0x4858 [ 34.042249] kasan_atomics+0x198/0x2e0 [ 34.042344] kunit_try_run_case+0x170/0x3f0 [ 34.042411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.042493] kthread+0x328/0x630 [ 34.042564] ret_from_fork+0x10/0x20 [ 34.042789] [ 34.042915] Allocated by task 297: [ 34.042947] kasan_save_stack+0x3c/0x68 [ 34.043212] kasan_save_track+0x20/0x40 [ 34.043674] kasan_save_alloc_info+0x40/0x58 [ 34.043813] __kasan_kmalloc+0xd4/0xd8 [ 34.043869] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.044226] kasan_atomics+0xb8/0x2e0 [ 34.044505] kunit_try_run_case+0x170/0x3f0 [ 34.044658] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.044715] kthread+0x328/0x630 [ 34.044752] ret_from_fork+0x10/0x20 [ 34.044802] [ 34.044825] The buggy address belongs to the object at fff00000c5a8e300 [ 34.044825] which belongs to the cache kmalloc-64 of size 64 [ 34.045155] The buggy address is located 0 bytes to the right of [ 34.045155] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 34.045508] [ 34.045644] The buggy address belongs to the physical page: [ 34.045965] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 34.046287] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.046676] page_type: f5(slab) [ 34.046886] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 34.047092] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.047346] page dumped because: kasan: bad access detected [ 34.047545] [ 34.048037] Memory state around the buggy address: [ 34.048211] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.048270] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.048417] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.048463] ^ [ 34.048730] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.049100] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.049372] ================================================================== [ 34.018285] ================================================================== [ 34.018549] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 34.018786] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 34.018995] [ 34.019222] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 34.019462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.019887] Hardware name: linux,dummy-virt (DT) [ 34.019948] Call trace: [ 34.019977] show_stack+0x20/0x38 (C) [ 34.020325] dump_stack_lvl+0x8c/0xd0 [ 34.020672] print_report+0x118/0x608 [ 34.020880] kasan_report+0xdc/0x128 [ 34.021300] kasan_check_range+0x100/0x1a8 [ 34.021551] __kasan_check_write+0x20/0x30 [ 34.022010] kasan_atomics_helper+0x1644/0x4858 [ 34.022178] kasan_atomics+0x198/0x2e0 [ 34.022324] kunit_try_run_case+0x170/0x3f0 [ 34.022753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.023116] kthread+0x328/0x630 [ 34.023488] ret_from_fork+0x10/0x20 [ 34.023815] [ 34.023914] Allocated by task 297: [ 34.023948] kasan_save_stack+0x3c/0x68 [ 34.023999] kasan_save_track+0x20/0x40 [ 34.024063] kasan_save_alloc_info+0x40/0x58 [ 34.024106] __kasan_kmalloc+0xd4/0xd8 [ 34.024147] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.024222] kasan_atomics+0xb8/0x2e0 [ 34.024264] kunit_try_run_case+0x170/0x3f0 [ 34.024728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.025050] kthread+0x328/0x630 [ 34.025256] ret_from_fork+0x10/0x20 [ 34.025306] [ 34.025572] The buggy address belongs to the object at fff00000c5a8e300 [ 34.025572] which belongs to the cache kmalloc-64 of size 64 [ 34.026262] The buggy address is located 0 bytes to the right of [ 34.026262] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 34.026611] [ 34.026762] The buggy address belongs to the physical page: [ 34.027037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 34.027218] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.027349] page_type: f5(slab) [ 34.027699] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 34.028006] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.028214] page dumped because: kasan: bad access detected [ 34.028296] [ 34.028333] Memory state around the buggy address: [ 34.028463] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.028923] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.029237] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.029345] ^ [ 34.029409] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.029461] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.029733] ================================================================== [ 33.919730] ================================================================== [ 33.919858] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 33.919982] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.920313] [ 33.920361] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.920571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.920741] Hardware name: linux,dummy-virt (DT) [ 33.920860] Call trace: [ 33.920954] show_stack+0x20/0x38 (C) [ 33.921013] dump_stack_lvl+0x8c/0xd0 [ 33.921066] print_report+0x118/0x608 [ 33.921361] kasan_report+0xdc/0x128 [ 33.921614] kasan_check_range+0x100/0x1a8 [ 33.922015] __kasan_check_write+0x20/0x30 [ 33.922108] kasan_atomics_helper+0x126c/0x4858 [ 33.922380] kasan_atomics+0x198/0x2e0 [ 33.922547] kunit_try_run_case+0x170/0x3f0 [ 33.922600] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.922659] kthread+0x328/0x630 [ 33.922705] ret_from_fork+0x10/0x20 [ 33.922756] [ 33.922779] Allocated by task 297: [ 33.922811] kasan_save_stack+0x3c/0x68 [ 33.922870] kasan_save_track+0x20/0x40 [ 33.922914] kasan_save_alloc_info+0x40/0x58 [ 33.922955] __kasan_kmalloc+0xd4/0xd8 [ 33.923008] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.923052] kasan_atomics+0xb8/0x2e0 [ 33.923093] kunit_try_run_case+0x170/0x3f0 [ 33.923135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.923184] kthread+0x328/0x630 [ 33.923222] ret_from_fork+0x10/0x20 [ 33.923262] [ 33.923293] The buggy address belongs to the object at fff00000c5a8e300 [ 33.923293] which belongs to the cache kmalloc-64 of size 64 [ 33.923356] The buggy address is located 0 bytes to the right of [ 33.923356] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.923434] [ 33.923465] The buggy address belongs to the physical page: [ 33.923511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.923567] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.923617] page_type: f5(slab) [ 33.923657] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.923713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.923758] page dumped because: kasan: bad access detected [ 33.923799] [ 33.923828] Memory state around the buggy address: [ 33.923880] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.924318] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.924798] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.924880] ^ [ 33.924939] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.925158] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.925256] ================================================================== [ 34.057888] ================================================================== [ 34.058224] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 34.058294] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 34.058347] [ 34.059001] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 34.059198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.059232] Hardware name: linux,dummy-virt (DT) [ 34.059267] Call trace: [ 34.059293] show_stack+0x20/0x38 (C) [ 34.059644] dump_stack_lvl+0x8c/0xd0 [ 34.059714] print_report+0x118/0x608 [ 34.059896] kasan_report+0xdc/0x128 [ 34.059989] kasan_check_range+0x100/0x1a8 [ 34.060154] __kasan_check_write+0x20/0x30 [ 34.060372] kasan_atomics_helper+0x175c/0x4858 [ 34.060591] kasan_atomics+0x198/0x2e0 [ 34.060787] kunit_try_run_case+0x170/0x3f0 [ 34.060933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.061288] kthread+0x328/0x630 [ 34.061526] ret_from_fork+0x10/0x20 [ 34.061978] [ 34.062141] Allocated by task 297: [ 34.062364] kasan_save_stack+0x3c/0x68 [ 34.062417] kasan_save_track+0x20/0x40 [ 34.062459] kasan_save_alloc_info+0x40/0x58 [ 34.063152] __kasan_kmalloc+0xd4/0xd8 [ 34.063471] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.063655] kasan_atomics+0xb8/0x2e0 [ 34.063818] kunit_try_run_case+0x170/0x3f0 [ 34.063941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.064049] kthread+0x328/0x630 [ 34.064443] ret_from_fork+0x10/0x20 [ 34.064657] [ 34.064750] The buggy address belongs to the object at fff00000c5a8e300 [ 34.064750] which belongs to the cache kmalloc-64 of size 64 [ 34.064915] The buggy address is located 0 bytes to the right of [ 34.064915] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 34.065378] [ 34.065853] The buggy address belongs to the physical page: [ 34.065895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 34.066522] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.066920] page_type: f5(slab) [ 34.067020] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 34.067305] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.067750] page dumped because: kasan: bad access detected [ 34.067944] [ 34.068175] Memory state around the buggy address: [ 34.068353] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.068562] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.068804] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.069014] ^ [ 34.069059] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.069362] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.069524] ================================================================== [ 33.926814] ================================================================== [ 33.926883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 33.926945] Write of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 33.927388] [ 33.927439] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 33.927540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.927570] Hardware name: linux,dummy-virt (DT) [ 33.927604] Call trace: [ 33.927631] show_stack+0x20/0x38 (C) [ 33.928105] dump_stack_lvl+0x8c/0xd0 [ 33.928620] print_report+0x118/0x608 [ 33.928755] kasan_report+0xdc/0x128 [ 33.928807] kasan_check_range+0x100/0x1a8 [ 33.928871] __kasan_check_write+0x20/0x30 [ 33.929204] kasan_atomics_helper+0x12d8/0x4858 [ 33.929621] kasan_atomics+0x198/0x2e0 [ 33.929777] kunit_try_run_case+0x170/0x3f0 [ 33.930058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.930301] kthread+0x328/0x630 [ 33.930372] ret_from_fork+0x10/0x20 [ 33.930447] [ 33.930718] Allocated by task 297: [ 33.931132] kasan_save_stack+0x3c/0x68 [ 33.931377] kasan_save_track+0x20/0x40 [ 33.931571] kasan_save_alloc_info+0x40/0x58 [ 33.931869] __kasan_kmalloc+0xd4/0xd8 [ 33.932041] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.932403] kasan_atomics+0xb8/0x2e0 [ 33.932571] kunit_try_run_case+0x170/0x3f0 [ 33.932934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.933017] kthread+0x328/0x630 [ 33.933142] ret_from_fork+0x10/0x20 [ 33.933222] [ 33.933407] The buggy address belongs to the object at fff00000c5a8e300 [ 33.933407] which belongs to the cache kmalloc-64 of size 64 [ 33.933543] The buggy address is located 0 bytes to the right of [ 33.933543] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 33.933971] [ 33.934231] The buggy address belongs to the physical page: [ 33.934272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 33.934357] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.934714] page_type: f5(slab) [ 33.935045] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.935121] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.935280] page dumped because: kasan: bad access detected [ 33.935606] [ 33.935684] Memory state around the buggy address: [ 33.935871] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.936438] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.936680] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.936882] ^ [ 33.936920] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.936974] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.937015] ================================================================== [ 34.030590] ================================================================== [ 34.030641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 34.030695] Read of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 34.030852] [ 34.030902] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 34.030997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.031026] Hardware name: linux,dummy-virt (DT) [ 34.031070] Call trace: [ 34.031098] show_stack+0x20/0x38 (C) [ 34.031153] dump_stack_lvl+0x8c/0xd0 [ 34.031205] print_report+0x118/0x608 [ 34.031253] kasan_report+0xdc/0x128 [ 34.031311] __asan_report_load8_noabort+0x20/0x30 [ 34.031364] kasan_atomics_helper+0x3df4/0x4858 [ 34.031415] kasan_atomics+0x198/0x2e0 [ 34.031464] kunit_try_run_case+0x170/0x3f0 [ 34.031515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.031573] kthread+0x328/0x630 [ 34.031624] ret_from_fork+0x10/0x20 [ 34.031685] [ 34.031707] Allocated by task 297: [ 34.031737] kasan_save_stack+0x3c/0x68 [ 34.031791] kasan_save_track+0x20/0x40 [ 34.031832] kasan_save_alloc_info+0x40/0x58 [ 34.032297] __kasan_kmalloc+0xd4/0xd8 [ 34.032769] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.032848] kasan_atomics+0xb8/0x2e0 [ 34.032890] kunit_try_run_case+0x170/0x3f0 [ 34.032933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.032983] kthread+0x328/0x630 [ 34.033020] ret_from_fork+0x10/0x20 [ 34.033614] [ 34.033742] The buggy address belongs to the object at fff00000c5a8e300 [ 34.033742] which belongs to the cache kmalloc-64 of size 64 [ 34.034141] The buggy address is located 0 bytes to the right of [ 34.034141] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 34.034506] [ 34.034535] The buggy address belongs to the physical page: [ 34.034846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 34.035147] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.035352] page_type: f5(slab) [ 34.035521] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 34.035610] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.035677] page dumped because: kasan: bad access detected [ 34.035933] [ 34.036025] Memory state around the buggy address: [ 34.036340] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.036912] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.037022] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.037219] ^ [ 34.037458] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.037513] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.037556] ================================================================== [ 34.007945] ================================================================== [ 34.007999] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 34.008338] Read of size 8 at addr fff00000c5a8e330 by task kunit_try_catch/297 [ 34.008415] [ 34.008457] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT [ 34.008547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.008576] Hardware name: linux,dummy-virt (DT) [ 34.008612] Call trace: [ 34.008636] show_stack+0x20/0x38 (C) [ 34.008691] dump_stack_lvl+0x8c/0xd0 [ 34.009027] print_report+0x118/0x608 [ 34.009810] kasan_report+0xdc/0x128 [ 34.010238] __asan_report_load8_noabort+0x20/0x30 [ 34.010530] kasan_atomics_helper+0x3db0/0x4858 [ 34.010703] kasan_atomics+0x198/0x2e0 [ 34.010930] kunit_try_run_case+0x170/0x3f0 [ 34.011613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.011717] kthread+0x328/0x630 [ 34.012092] ret_from_fork+0x10/0x20 [ 34.012534] [ 34.012702] Allocated by task 297: [ 34.012741] kasan_save_stack+0x3c/0x68 [ 34.012933] kasan_save_track+0x20/0x40 [ 34.013161] kasan_save_alloc_info+0x40/0x58 [ 34.013408] __kasan_kmalloc+0xd4/0xd8 [ 34.013466] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.013511] kasan_atomics+0xb8/0x2e0 [ 34.013552] kunit_try_run_case+0x170/0x3f0 [ 34.013725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.014281] kthread+0x328/0x630 [ 34.014432] ret_from_fork+0x10/0x20 [ 34.014490] [ 34.014519] The buggy address belongs to the object at fff00000c5a8e300 [ 34.014519] which belongs to the cache kmalloc-64 of size 64 [ 34.014786] The buggy address is located 0 bytes to the right of [ 34.014786] allocated 48-byte region [fff00000c5a8e300, fff00000c5a8e330) [ 34.015130] [ 34.015353] The buggy address belongs to the physical page: [ 34.015399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8e [ 34.015830] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.016249] page_type: f5(slab) [ 34.016299] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 34.016987] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.017062] page dumped because: kasan: bad access detected [ 34.017172] [ 34.017203] Memory state around the buggy address: [ 34.017239] fff00000c5a8e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.017288] fff00000c5a8e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.017410] >fff00000c5a8e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.017451] ^ [ 34.017487] fff00000c5a8e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.017533] fff00000c5a8e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.017575] ==================================================================
[ 26.711745] ================================================================== [ 26.712041] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 26.712391] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.712732] [ 26.712835] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.712883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.712897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.712919] Call Trace: [ 26.712933] <TASK> [ 26.712950] dump_stack_lvl+0x73/0xb0 [ 26.712976] print_report+0xd1/0x650 [ 26.712999] ? __virt_addr_valid+0x1db/0x2d0 [ 26.713022] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.713048] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.713075] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.713102] kasan_report+0x141/0x180 [ 26.713124] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.713154] kasan_check_range+0x10c/0x1c0 [ 26.713178] __kasan_check_write+0x18/0x20 [ 26.713201] kasan_atomics_helper+0x1eaa/0x5450 [ 26.713228] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.713254] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.713279] ? kasan_atomics+0x152/0x310 [ 26.713306] kasan_atomics+0x1dc/0x310 [ 26.713329] ? __pfx_kasan_atomics+0x10/0x10 [ 26.713353] ? trace_hardirqs_on+0x37/0xe0 [ 26.713375] ? __pfx_read_tsc+0x10/0x10 [ 26.713396] ? ktime_get_ts64+0x86/0x230 [ 26.713421] kunit_try_run_case+0x1a5/0x480 [ 26.713445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.713520] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.713558] ? __kthread_parkme+0x82/0x180 [ 26.713593] ? preempt_count_sub+0x50/0x80 [ 26.713630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.713669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.713706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.713821] kthread+0x337/0x6f0 [ 26.713851] ? trace_preempt_on+0x20/0xc0 [ 26.713876] ? __pfx_kthread+0x10/0x10 [ 26.713897] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.713924] ? calculate_sigpending+0x7b/0xa0 [ 26.713948] ? __pfx_kthread+0x10/0x10 [ 26.713971] ret_from_fork+0x116/0x1d0 [ 26.714014] ? __pfx_kthread+0x10/0x10 [ 26.714037] ret_from_fork_asm+0x1a/0x30 [ 26.714069] </TASK> [ 26.714082] [ 26.721405] Allocated by task 314: [ 26.721612] kasan_save_stack+0x45/0x70 [ 26.721852] kasan_save_track+0x18/0x40 [ 26.722061] kasan_save_alloc_info+0x3b/0x50 [ 26.722322] __kasan_kmalloc+0xb7/0xc0 [ 26.722569] __kmalloc_cache_noprof+0x189/0x420 [ 26.722808] kasan_atomics+0x95/0x310 [ 26.722951] kunit_try_run_case+0x1a5/0x480 [ 26.723088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.723288] kthread+0x337/0x6f0 [ 26.723480] ret_from_fork+0x116/0x1d0 [ 26.723681] ret_from_fork_asm+0x1a/0x30 [ 26.723894] [ 26.724003] The buggy address belongs to the object at ffff888106195400 [ 26.724003] which belongs to the cache kmalloc-64 of size 64 [ 26.724519] The buggy address is located 0 bytes to the right of [ 26.724519] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.725144] [ 26.725247] The buggy address belongs to the physical page: [ 26.725524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.725875] flags: 0x200000000000000(node=0|zone=2) [ 26.726235] page_type: f5(slab) [ 26.726404] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.726759] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.727085] page dumped because: kasan: bad access detected [ 26.727420] [ 26.727532] Memory state around the buggy address: [ 26.727733] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.727936] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.728138] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.728336] ^ [ 26.728501] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.728847] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.729205] ================================================================== [ 25.890864] ================================================================== [ 25.891153] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 25.891600] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.891886] [ 25.891969] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.892019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.892033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.892055] Call Trace: [ 25.892070] <TASK> [ 25.892086] dump_stack_lvl+0x73/0xb0 [ 25.892114] print_report+0xd1/0x650 [ 25.892137] ? __virt_addr_valid+0x1db/0x2d0 [ 25.892161] ? kasan_atomics_helper+0x860/0x5450 [ 25.892186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.892213] ? kasan_atomics_helper+0x860/0x5450 [ 25.892238] kasan_report+0x141/0x180 [ 25.892261] ? kasan_atomics_helper+0x860/0x5450 [ 25.892299] kasan_check_range+0x10c/0x1c0 [ 25.892324] __kasan_check_write+0x18/0x20 [ 25.892349] kasan_atomics_helper+0x860/0x5450 [ 25.892395] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.892422] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.892447] ? kasan_atomics+0x152/0x310 [ 25.892484] kasan_atomics+0x1dc/0x310 [ 25.892508] ? __pfx_kasan_atomics+0x10/0x10 [ 25.892530] ? trace_hardirqs_on+0x37/0xe0 [ 25.892555] ? __pfx_read_tsc+0x10/0x10 [ 25.892577] ? ktime_get_ts64+0x86/0x230 [ 25.892602] kunit_try_run_case+0x1a5/0x480 [ 25.892627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.892654] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.892677] ? __kthread_parkme+0x82/0x180 [ 25.892699] ? preempt_count_sub+0x50/0x80 [ 25.892723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.892749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.892774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.892800] kthread+0x337/0x6f0 [ 25.892820] ? trace_preempt_on+0x20/0xc0 [ 25.892842] ? __pfx_kthread+0x10/0x10 [ 25.892864] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.892890] ? calculate_sigpending+0x7b/0xa0 [ 25.892915] ? __pfx_kthread+0x10/0x10 [ 25.892938] ret_from_fork+0x116/0x1d0 [ 25.892959] ? __pfx_kthread+0x10/0x10 [ 25.892981] ret_from_fork_asm+0x1a/0x30 [ 25.893014] </TASK> [ 25.893026] [ 25.901108] Allocated by task 314: [ 25.901333] kasan_save_stack+0x45/0x70 [ 25.901763] kasan_save_track+0x18/0x40 [ 25.901954] kasan_save_alloc_info+0x3b/0x50 [ 25.902098] __kasan_kmalloc+0xb7/0xc0 [ 25.902266] __kmalloc_cache_noprof+0x189/0x420 [ 25.902581] kasan_atomics+0x95/0x310 [ 25.902755] kunit_try_run_case+0x1a5/0x480 [ 25.902952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.903156] kthread+0x337/0x6f0 [ 25.903388] ret_from_fork+0x116/0x1d0 [ 25.903589] ret_from_fork_asm+0x1a/0x30 [ 25.903795] [ 25.903863] The buggy address belongs to the object at ffff888106195400 [ 25.903863] which belongs to the cache kmalloc-64 of size 64 [ 25.904365] The buggy address is located 0 bytes to the right of [ 25.904365] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.904971] [ 25.905038] The buggy address belongs to the physical page: [ 25.905204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.905436] flags: 0x200000000000000(node=0|zone=2) [ 25.905676] page_type: f5(slab) [ 25.906037] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.906660] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.907015] page dumped because: kasan: bad access detected [ 25.907317] [ 25.907437] Memory state around the buggy address: [ 25.907597] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.907808] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.908017] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.908410] ^ [ 25.908829] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.909149] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.909440] ================================================================== [ 26.009603] ================================================================== [ 26.009910] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 26.010141] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.010973] [ 26.011076] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.011125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.011139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.011219] Call Trace: [ 26.011233] <TASK> [ 26.011249] dump_stack_lvl+0x73/0xb0 [ 26.011279] print_report+0xd1/0x650 [ 26.011302] ? __virt_addr_valid+0x1db/0x2d0 [ 26.011327] ? kasan_atomics_helper+0xb6a/0x5450 [ 26.011352] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.011380] ? kasan_atomics_helper+0xb6a/0x5450 [ 26.011406] kasan_report+0x141/0x180 [ 26.011428] ? kasan_atomics_helper+0xb6a/0x5450 [ 26.011471] kasan_check_range+0x10c/0x1c0 [ 26.011497] __kasan_check_write+0x18/0x20 [ 26.011522] kasan_atomics_helper+0xb6a/0x5450 [ 26.011549] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.011576] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.011603] ? kasan_atomics+0x152/0x310 [ 26.011630] kasan_atomics+0x1dc/0x310 [ 26.011653] ? __pfx_kasan_atomics+0x10/0x10 [ 26.011677] ? trace_hardirqs_on+0x37/0xe0 [ 26.011700] ? __pfx_read_tsc+0x10/0x10 [ 26.011723] ? ktime_get_ts64+0x86/0x230 [ 26.011748] kunit_try_run_case+0x1a5/0x480 [ 26.011774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.011800] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.011825] ? __kthread_parkme+0x82/0x180 [ 26.011847] ? preempt_count_sub+0x50/0x80 [ 26.011872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.011898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.011924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.011950] kthread+0x337/0x6f0 [ 26.011970] ? trace_preempt_on+0x20/0xc0 [ 26.011993] ? __pfx_kthread+0x10/0x10 [ 26.012016] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.012041] ? calculate_sigpending+0x7b/0xa0 [ 26.012067] ? __pfx_kthread+0x10/0x10 [ 26.012090] ret_from_fork+0x116/0x1d0 [ 26.012111] ? __pfx_kthread+0x10/0x10 [ 26.012134] ret_from_fork_asm+0x1a/0x30 [ 26.012246] </TASK> [ 26.012259] [ 26.019883] Allocated by task 314: [ 26.020049] kasan_save_stack+0x45/0x70 [ 26.020191] kasan_save_track+0x18/0x40 [ 26.020321] kasan_save_alloc_info+0x3b/0x50 [ 26.020645] __kasan_kmalloc+0xb7/0xc0 [ 26.020851] __kmalloc_cache_noprof+0x189/0x420 [ 26.021072] kasan_atomics+0x95/0x310 [ 26.021331] kunit_try_run_case+0x1a5/0x480 [ 26.021685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.021995] kthread+0x337/0x6f0 [ 26.022249] ret_from_fork+0x116/0x1d0 [ 26.022419] ret_from_fork_asm+0x1a/0x30 [ 26.022589] [ 26.022657] The buggy address belongs to the object at ffff888106195400 [ 26.022657] which belongs to the cache kmalloc-64 of size 64 [ 26.023098] The buggy address is located 0 bytes to the right of [ 26.023098] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.023929] [ 26.024029] The buggy address belongs to the physical page: [ 26.024206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.024439] flags: 0x200000000000000(node=0|zone=2) [ 26.024608] page_type: f5(slab) [ 26.024724] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.025237] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.026106] page dumped because: kasan: bad access detected [ 26.026400] [ 26.026488] Memory state around the buggy address: [ 26.026641] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.026958] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.027446] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.027743] ^ [ 26.027940] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.028431] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.028730] ================================================================== [ 25.756794] ================================================================== [ 25.757074] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 25.757358] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.757745] [ 25.758141] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.758193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.758208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.758231] Call Trace: [ 25.758247] <TASK> [ 25.758264] dump_stack_lvl+0x73/0xb0 [ 25.758294] print_report+0xd1/0x650 [ 25.758317] ? __virt_addr_valid+0x1db/0x2d0 [ 25.758341] ? kasan_atomics_helper+0x565/0x5450 [ 25.758366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.758393] ? kasan_atomics_helper+0x565/0x5450 [ 25.758486] kasan_report+0x141/0x180 [ 25.758510] ? kasan_atomics_helper+0x565/0x5450 [ 25.758541] kasan_check_range+0x10c/0x1c0 [ 25.758566] __kasan_check_write+0x18/0x20 [ 25.758590] kasan_atomics_helper+0x565/0x5450 [ 25.758619] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.758646] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.758671] ? kasan_atomics+0x152/0x310 [ 25.758699] kasan_atomics+0x1dc/0x310 [ 25.758723] ? __pfx_kasan_atomics+0x10/0x10 [ 25.758746] ? trace_hardirqs_on+0x37/0xe0 [ 25.758769] ? __pfx_read_tsc+0x10/0x10 [ 25.758793] ? ktime_get_ts64+0x86/0x230 [ 25.758819] kunit_try_run_case+0x1a5/0x480 [ 25.758844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.758871] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.758895] ? __kthread_parkme+0x82/0x180 [ 25.758917] ? preempt_count_sub+0x50/0x80 [ 25.758941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.758968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.758993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.759018] kthread+0x337/0x6f0 [ 25.759040] ? trace_preempt_on+0x20/0xc0 [ 25.759063] ? __pfx_kthread+0x10/0x10 [ 25.759086] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.759112] ? calculate_sigpending+0x7b/0xa0 [ 25.759138] ? __pfx_kthread+0x10/0x10 [ 25.759161] ret_from_fork+0x116/0x1d0 [ 25.759182] ? __pfx_kthread+0x10/0x10 [ 25.759204] ret_from_fork_asm+0x1a/0x30 [ 25.759237] </TASK> [ 25.759248] [ 25.766697] Allocated by task 314: [ 25.766873] kasan_save_stack+0x45/0x70 [ 25.767073] kasan_save_track+0x18/0x40 [ 25.767257] kasan_save_alloc_info+0x3b/0x50 [ 25.767450] __kasan_kmalloc+0xb7/0xc0 [ 25.767590] __kmalloc_cache_noprof+0x189/0x420 [ 25.767738] kasan_atomics+0x95/0x310 [ 25.768238] kunit_try_run_case+0x1a5/0x480 [ 25.768478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.768732] kthread+0x337/0x6f0 [ 25.768900] ret_from_fork+0x116/0x1d0 [ 25.769068] ret_from_fork_asm+0x1a/0x30 [ 25.769417] [ 25.769519] The buggy address belongs to the object at ffff888106195400 [ 25.769519] which belongs to the cache kmalloc-64 of size 64 [ 25.769972] The buggy address is located 0 bytes to the right of [ 25.769972] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.770413] [ 25.770489] The buggy address belongs to the physical page: [ 25.770656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.771113] flags: 0x200000000000000(node=0|zone=2) [ 25.771449] page_type: f5(slab) [ 25.771643] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.771891] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.772111] page dumped because: kasan: bad access detected [ 25.772654] [ 25.772762] Memory state around the buggy address: [ 25.772980] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.773492] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.773728] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.773974] ^ [ 25.774190] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.774687] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.774967] ================================================================== [ 26.272594] ================================================================== [ 26.272932] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 26.273441] Read of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.273732] [ 26.273835] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.273890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.273903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.273926] Call Trace: [ 26.273940] <TASK> [ 26.273955] dump_stack_lvl+0x73/0xb0 [ 26.273982] print_report+0xd1/0x650 [ 26.274005] ? __virt_addr_valid+0x1db/0x2d0 [ 26.274029] ? kasan_atomics_helper+0x49e8/0x5450 [ 26.274057] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.274083] ? kasan_atomics_helper+0x49e8/0x5450 [ 26.274110] kasan_report+0x141/0x180 [ 26.274133] ? kasan_atomics_helper+0x49e8/0x5450 [ 26.274163] __asan_report_load4_noabort+0x18/0x20 [ 26.274189] kasan_atomics_helper+0x49e8/0x5450 [ 26.274230] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.274257] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.274282] ? kasan_atomics+0x152/0x310 [ 26.274308] kasan_atomics+0x1dc/0x310 [ 26.274331] ? __pfx_kasan_atomics+0x10/0x10 [ 26.274355] ? trace_hardirqs_on+0x37/0xe0 [ 26.274378] ? __pfx_read_tsc+0x10/0x10 [ 26.274401] ? ktime_get_ts64+0x86/0x230 [ 26.274426] kunit_try_run_case+0x1a5/0x480 [ 26.274452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.274490] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.274514] ? __kthread_parkme+0x82/0x180 [ 26.274536] ? preempt_count_sub+0x50/0x80 [ 26.274561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.274586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.274611] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.274637] kthread+0x337/0x6f0 [ 26.274658] ? trace_preempt_on+0x20/0xc0 [ 26.274681] ? __pfx_kthread+0x10/0x10 [ 26.274704] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.274729] ? calculate_sigpending+0x7b/0xa0 [ 26.274754] ? __pfx_kthread+0x10/0x10 [ 26.274777] ret_from_fork+0x116/0x1d0 [ 26.274798] ? __pfx_kthread+0x10/0x10 [ 26.274820] ret_from_fork_asm+0x1a/0x30 [ 26.274852] </TASK> [ 26.274864] [ 26.281605] Allocated by task 314: [ 26.281782] kasan_save_stack+0x45/0x70 [ 26.281987] kasan_save_track+0x18/0x40 [ 26.282176] kasan_save_alloc_info+0x3b/0x50 [ 26.282374] __kasan_kmalloc+0xb7/0xc0 [ 26.282574] __kmalloc_cache_noprof+0x189/0x420 [ 26.282748] kasan_atomics+0x95/0x310 [ 26.282927] kunit_try_run_case+0x1a5/0x480 [ 26.283113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.283362] kthread+0x337/0x6f0 [ 26.283506] ret_from_fork+0x116/0x1d0 [ 26.283666] ret_from_fork_asm+0x1a/0x30 [ 26.283832] [ 26.283923] The buggy address belongs to the object at ffff888106195400 [ 26.283923] which belongs to the cache kmalloc-64 of size 64 [ 26.284369] The buggy address is located 0 bytes to the right of [ 26.284369] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.284865] [ 26.284933] The buggy address belongs to the physical page: [ 26.285161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.285441] flags: 0x200000000000000(node=0|zone=2) [ 26.285680] page_type: f5(slab) [ 26.285844] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.286075] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.286579] page dumped because: kasan: bad access detected [ 26.286799] [ 26.286882] Memory state around the buggy address: [ 26.287045] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.287469] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.287756] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.288038] ^ [ 26.288255] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.288537] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.288824] ================================================================== [ 26.831254] ================================================================== [ 26.831989] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 26.832442] Read of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.832682] [ 26.832761] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.832806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.832820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.832843] Call Trace: [ 26.832860] <TASK> [ 26.832876] dump_stack_lvl+0x73/0xb0 [ 26.832902] print_report+0xd1/0x650 [ 26.832926] ? __virt_addr_valid+0x1db/0x2d0 [ 26.832950] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.832976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.833003] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.833029] kasan_report+0x141/0x180 [ 26.833052] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.833083] __asan_report_load8_noabort+0x18/0x20 [ 26.833108] kasan_atomics_helper+0x4fb2/0x5450 [ 26.833135] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.833162] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.833188] ? kasan_atomics+0x152/0x310 [ 26.833214] kasan_atomics+0x1dc/0x310 [ 26.833238] ? __pfx_kasan_atomics+0x10/0x10 [ 26.833261] ? trace_hardirqs_on+0x37/0xe0 [ 26.833285] ? __pfx_read_tsc+0x10/0x10 [ 26.833307] ? ktime_get_ts64+0x86/0x230 [ 26.833333] kunit_try_run_case+0x1a5/0x480 [ 26.833360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.833386] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.833410] ? __kthread_parkme+0x82/0x180 [ 26.833432] ? preempt_count_sub+0x50/0x80 [ 26.833467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.833492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.833518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.833545] kthread+0x337/0x6f0 [ 26.833566] ? trace_preempt_on+0x20/0xc0 [ 26.833588] ? __pfx_kthread+0x10/0x10 [ 26.833611] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.833637] ? calculate_sigpending+0x7b/0xa0 [ 26.833662] ? __pfx_kthread+0x10/0x10 [ 26.833685] ret_from_fork+0x116/0x1d0 [ 26.833705] ? __pfx_kthread+0x10/0x10 [ 26.833727] ret_from_fork_asm+0x1a/0x30 [ 26.833760] </TASK> [ 26.833772] [ 26.846009] Allocated by task 314: [ 26.846693] kasan_save_stack+0x45/0x70 [ 26.847282] kasan_save_track+0x18/0x40 [ 26.847792] kasan_save_alloc_info+0x3b/0x50 [ 26.848352] __kasan_kmalloc+0xb7/0xc0 [ 26.848820] __kmalloc_cache_noprof+0x189/0x420 [ 26.849408] kasan_atomics+0x95/0x310 [ 26.849877] kunit_try_run_case+0x1a5/0x480 [ 26.850434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.851119] kthread+0x337/0x6f0 [ 26.851531] ret_from_fork+0x116/0x1d0 [ 26.851682] ret_from_fork_asm+0x1a/0x30 [ 26.851819] [ 26.851887] The buggy address belongs to the object at ffff888106195400 [ 26.851887] which belongs to the cache kmalloc-64 of size 64 [ 26.852542] The buggy address is located 0 bytes to the right of [ 26.852542] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.853316] [ 26.853553] The buggy address belongs to the physical page: [ 26.853798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.854121] flags: 0x200000000000000(node=0|zone=2) [ 26.854632] page_type: f5(slab) [ 26.854920] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.855376] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.855869] page dumped because: kasan: bad access detected [ 26.856258] [ 26.856352] Memory state around the buggy address: [ 26.856569] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.856847] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.857113] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.857729] ^ [ 26.858213] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.858630] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.858851] ================================================================== [ 26.657632] ================================================================== [ 26.658024] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 26.658436] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.658762] [ 26.658888] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.658935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.658948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.658969] Call Trace: [ 26.658986] <TASK> [ 26.659001] dump_stack_lvl+0x73/0xb0 [ 26.659029] print_report+0xd1/0x650 [ 26.659051] ? __virt_addr_valid+0x1db/0x2d0 [ 26.659075] ? kasan_atomics_helper+0x1ce1/0x5450 [ 26.659100] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.659127] ? kasan_atomics_helper+0x1ce1/0x5450 [ 26.659153] kasan_report+0x141/0x180 [ 26.659176] ? kasan_atomics_helper+0x1ce1/0x5450 [ 26.659229] kasan_check_range+0x10c/0x1c0 [ 26.659254] __kasan_check_write+0x18/0x20 [ 26.659279] kasan_atomics_helper+0x1ce1/0x5450 [ 26.659307] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.659333] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.659358] ? kasan_atomics+0x152/0x310 [ 26.659385] kasan_atomics+0x1dc/0x310 [ 26.659408] ? __pfx_kasan_atomics+0x10/0x10 [ 26.659431] ? trace_hardirqs_on+0x37/0xe0 [ 26.659463] ? __pfx_read_tsc+0x10/0x10 [ 26.659485] ? ktime_get_ts64+0x86/0x230 [ 26.659510] kunit_try_run_case+0x1a5/0x480 [ 26.659535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.659562] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.659585] ? __kthread_parkme+0x82/0x180 [ 26.659606] ? preempt_count_sub+0x50/0x80 [ 26.659630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.659655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.659681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.659707] kthread+0x337/0x6f0 [ 26.659727] ? trace_preempt_on+0x20/0xc0 [ 26.659750] ? __pfx_kthread+0x10/0x10 [ 26.659772] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.659797] ? calculate_sigpending+0x7b/0xa0 [ 26.659821] ? __pfx_kthread+0x10/0x10 [ 26.659844] ret_from_fork+0x116/0x1d0 [ 26.659865] ? __pfx_kthread+0x10/0x10 [ 26.659887] ret_from_fork_asm+0x1a/0x30 [ 26.659919] </TASK> [ 26.659931] [ 26.667577] Allocated by task 314: [ 26.667705] kasan_save_stack+0x45/0x70 [ 26.667845] kasan_save_track+0x18/0x40 [ 26.667974] kasan_save_alloc_info+0x3b/0x50 [ 26.668117] __kasan_kmalloc+0xb7/0xc0 [ 26.668272] __kmalloc_cache_noprof+0x189/0x420 [ 26.668422] kasan_atomics+0x95/0x310 [ 26.668612] kunit_try_run_case+0x1a5/0x480 [ 26.668833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.669115] kthread+0x337/0x6f0 [ 26.669351] ret_from_fork+0x116/0x1d0 [ 26.669577] ret_from_fork_asm+0x1a/0x30 [ 26.669802] [ 26.669926] The buggy address belongs to the object at ffff888106195400 [ 26.669926] which belongs to the cache kmalloc-64 of size 64 [ 26.670563] The buggy address is located 0 bytes to the right of [ 26.670563] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.671154] [ 26.671292] The buggy address belongs to the physical page: [ 26.671563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.671910] flags: 0x200000000000000(node=0|zone=2) [ 26.672144] page_type: f5(slab) [ 26.672288] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.672554] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.672921] page dumped because: kasan: bad access detected [ 26.673221] [ 26.673315] Memory state around the buggy address: [ 26.673568] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.673876] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.674090] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.674323] ^ [ 26.674482] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.674690] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.674898] ================================================================== [ 26.460567] ================================================================== [ 26.460846] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 26.461116] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.461935] [ 26.462052] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.462248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.462264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.462287] Call Trace: [ 26.462302] <TASK> [ 26.462318] dump_stack_lvl+0x73/0xb0 [ 26.462348] print_report+0xd1/0x650 [ 26.462371] ? __virt_addr_valid+0x1db/0x2d0 [ 26.462395] ? kasan_atomics_helper+0x16e7/0x5450 [ 26.462421] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.462448] ? kasan_atomics_helper+0x16e7/0x5450 [ 26.462486] kasan_report+0x141/0x180 [ 26.462509] ? kasan_atomics_helper+0x16e7/0x5450 [ 26.462542] kasan_check_range+0x10c/0x1c0 [ 26.462567] __kasan_check_write+0x18/0x20 [ 26.462591] kasan_atomics_helper+0x16e7/0x5450 [ 26.462618] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.462644] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.462669] ? kasan_atomics+0x152/0x310 [ 26.462696] kasan_atomics+0x1dc/0x310 [ 26.462719] ? __pfx_kasan_atomics+0x10/0x10 [ 26.462742] ? trace_hardirqs_on+0x37/0xe0 [ 26.462765] ? __pfx_read_tsc+0x10/0x10 [ 26.462787] ? ktime_get_ts64+0x86/0x230 [ 26.462812] kunit_try_run_case+0x1a5/0x480 [ 26.462838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.462865] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.462888] ? __kthread_parkme+0x82/0x180 [ 26.462909] ? preempt_count_sub+0x50/0x80 [ 26.462934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.462960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.462985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.463011] kthread+0x337/0x6f0 [ 26.463033] ? trace_preempt_on+0x20/0xc0 [ 26.463055] ? __pfx_kthread+0x10/0x10 [ 26.463078] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.463103] ? calculate_sigpending+0x7b/0xa0 [ 26.463128] ? __pfx_kthread+0x10/0x10 [ 26.463151] ret_from_fork+0x116/0x1d0 [ 26.463172] ? __pfx_kthread+0x10/0x10 [ 26.463195] ret_from_fork_asm+0x1a/0x30 [ 26.463230] </TASK> [ 26.463242] [ 26.473275] Allocated by task 314: [ 26.473439] kasan_save_stack+0x45/0x70 [ 26.473644] kasan_save_track+0x18/0x40 [ 26.473818] kasan_save_alloc_info+0x3b/0x50 [ 26.474016] __kasan_kmalloc+0xb7/0xc0 [ 26.474185] __kmalloc_cache_noprof+0x189/0x420 [ 26.474762] kasan_atomics+0x95/0x310 [ 26.474919] kunit_try_run_case+0x1a5/0x480 [ 26.475224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.475570] kthread+0x337/0x6f0 [ 26.475746] ret_from_fork+0x116/0x1d0 [ 26.476052] ret_from_fork_asm+0x1a/0x30 [ 26.476417] [ 26.476532] The buggy address belongs to the object at ffff888106195400 [ 26.476532] which belongs to the cache kmalloc-64 of size 64 [ 26.477213] The buggy address is located 0 bytes to the right of [ 26.477213] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.477721] [ 26.477818] The buggy address belongs to the physical page: [ 26.478057] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.478632] flags: 0x200000000000000(node=0|zone=2) [ 26.478834] page_type: f5(slab) [ 26.478984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.479586] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.479965] page dumped because: kasan: bad access detected [ 26.480289] [ 26.480385] Memory state around the buggy address: [ 26.480594] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.481083] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.481465] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.481824] ^ [ 26.482136] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.482544] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.482870] ================================================================== [ 26.162590] ================================================================== [ 26.162891] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 26.163435] Read of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.163715] [ 26.163796] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.163843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.163857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.163880] Call Trace: [ 26.163898] <TASK> [ 26.163915] dump_stack_lvl+0x73/0xb0 [ 26.163944] print_report+0xd1/0x650 [ 26.163967] ? __virt_addr_valid+0x1db/0x2d0 [ 26.163992] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.164018] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.164045] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.164071] kasan_report+0x141/0x180 [ 26.164094] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.164126] __asan_report_load4_noabort+0x18/0x20 [ 26.164168] kasan_atomics_helper+0x4a36/0x5450 [ 26.164196] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.164223] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.164249] ? kasan_atomics+0x152/0x310 [ 26.164276] kasan_atomics+0x1dc/0x310 [ 26.164300] ? __pfx_kasan_atomics+0x10/0x10 [ 26.164324] ? trace_hardirqs_on+0x37/0xe0 [ 26.164348] ? __pfx_read_tsc+0x10/0x10 [ 26.164370] ? ktime_get_ts64+0x86/0x230 [ 26.164396] kunit_try_run_case+0x1a5/0x480 [ 26.164422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.164449] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.164486] ? __kthread_parkme+0x82/0x180 [ 26.164508] ? preempt_count_sub+0x50/0x80 [ 26.164532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.164558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.164584] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.164610] kthread+0x337/0x6f0 [ 26.164632] ? trace_preempt_on+0x20/0xc0 [ 26.164655] ? __pfx_kthread+0x10/0x10 [ 26.164677] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.164702] ? calculate_sigpending+0x7b/0xa0 [ 26.164727] ? __pfx_kthread+0x10/0x10 [ 26.164750] ret_from_fork+0x116/0x1d0 [ 26.164770] ? __pfx_kthread+0x10/0x10 [ 26.164793] ret_from_fork_asm+0x1a/0x30 [ 26.164825] </TASK> [ 26.164837] [ 26.171959] Allocated by task 314: [ 26.172084] kasan_save_stack+0x45/0x70 [ 26.172317] kasan_save_track+0x18/0x40 [ 26.172517] kasan_save_alloc_info+0x3b/0x50 [ 26.172720] __kasan_kmalloc+0xb7/0xc0 [ 26.172911] __kmalloc_cache_noprof+0x189/0x420 [ 26.173096] kasan_atomics+0x95/0x310 [ 26.173299] kunit_try_run_case+0x1a5/0x480 [ 26.173509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.173682] kthread+0x337/0x6f0 [ 26.173797] ret_from_fork+0x116/0x1d0 [ 26.173929] ret_from_fork_asm+0x1a/0x30 [ 26.174061] [ 26.174127] The buggy address belongs to the object at ffff888106195400 [ 26.174127] which belongs to the cache kmalloc-64 of size 64 [ 26.174579] The buggy address is located 0 bytes to the right of [ 26.174579] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.175122] [ 26.175264] The buggy address belongs to the physical page: [ 26.175520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.175865] flags: 0x200000000000000(node=0|zone=2) [ 26.176070] page_type: f5(slab) [ 26.176188] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.176542] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.176762] page dumped because: kasan: bad access detected [ 26.176928] [ 26.176993] Memory state around the buggy address: [ 26.177140] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.177805] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.178128] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.178480] ^ [ 26.178688] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.178972] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.179312] ================================================================== [ 26.322884] ================================================================== [ 26.323175] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 26.323496] Read of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.323715] [ 26.323793] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.323840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.323854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.323875] Call Trace: [ 26.323892] <TASK> [ 26.323908] dump_stack_lvl+0x73/0xb0 [ 26.323934] print_report+0xd1/0x650 [ 26.323957] ? __virt_addr_valid+0x1db/0x2d0 [ 26.323980] ? kasan_atomics_helper+0x13b5/0x5450 [ 26.324006] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.324033] ? kasan_atomics_helper+0x13b5/0x5450 [ 26.324060] kasan_report+0x141/0x180 [ 26.324082] ? kasan_atomics_helper+0x13b5/0x5450 [ 26.324113] kasan_check_range+0x10c/0x1c0 [ 26.324138] __kasan_check_read+0x15/0x20 [ 26.324162] kasan_atomics_helper+0x13b5/0x5450 [ 26.324189] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.324216] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.324242] ? kasan_atomics+0x152/0x310 [ 26.324269] kasan_atomics+0x1dc/0x310 [ 26.324292] ? __pfx_kasan_atomics+0x10/0x10 [ 26.324316] ? trace_hardirqs_on+0x37/0xe0 [ 26.324339] ? __pfx_read_tsc+0x10/0x10 [ 26.324362] ? ktime_get_ts64+0x86/0x230 [ 26.324387] kunit_try_run_case+0x1a5/0x480 [ 26.324413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.324439] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.324473] ? __kthread_parkme+0x82/0x180 [ 26.324495] ? preempt_count_sub+0x50/0x80 [ 26.324520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.324546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.324598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.324623] kthread+0x337/0x6f0 [ 26.324644] ? trace_preempt_on+0x20/0xc0 [ 26.324667] ? __pfx_kthread+0x10/0x10 [ 26.324689] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.324715] ? calculate_sigpending+0x7b/0xa0 [ 26.324740] ? __pfx_kthread+0x10/0x10 [ 26.324763] ret_from_fork+0x116/0x1d0 [ 26.324783] ? __pfx_kthread+0x10/0x10 [ 26.324806] ret_from_fork_asm+0x1a/0x30 [ 26.324838] </TASK> [ 26.324849] [ 26.332345] Allocated by task 314: [ 26.332484] kasan_save_stack+0x45/0x70 [ 26.332625] kasan_save_track+0x18/0x40 [ 26.332813] kasan_save_alloc_info+0x3b/0x50 [ 26.333017] __kasan_kmalloc+0xb7/0xc0 [ 26.333212] __kmalloc_cache_noprof+0x189/0x420 [ 26.333401] kasan_atomics+0x95/0x310 [ 26.333579] kunit_try_run_case+0x1a5/0x480 [ 26.333780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.333963] kthread+0x337/0x6f0 [ 26.334080] ret_from_fork+0x116/0x1d0 [ 26.334243] ret_from_fork_asm+0x1a/0x30 [ 26.334436] [ 26.334536] The buggy address belongs to the object at ffff888106195400 [ 26.334536] which belongs to the cache kmalloc-64 of size 64 [ 26.335053] The buggy address is located 0 bytes to the right of [ 26.335053] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.335558] [ 26.335650] The buggy address belongs to the physical page: [ 26.335867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.336173] flags: 0x200000000000000(node=0|zone=2) [ 26.336375] page_type: f5(slab) [ 26.336532] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.336760] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.336980] page dumped because: kasan: bad access detected [ 26.337147] [ 26.337225] Memory state around the buggy address: [ 26.337443] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.337770] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.338262] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.338586] ^ [ 26.338754] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.338964] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.339185] ================================================================== [ 26.590823] ================================================================== [ 26.591143] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 26.591464] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.591733] [ 26.591841] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.591889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.591904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.591927] Call Trace: [ 26.591947] <TASK> [ 26.591964] dump_stack_lvl+0x73/0xb0 [ 26.591992] print_report+0xd1/0x650 [ 26.592015] ? __virt_addr_valid+0x1db/0x2d0 [ 26.592039] ? kasan_atomics_helper+0x1a7f/0x5450 [ 26.592064] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.592091] ? kasan_atomics_helper+0x1a7f/0x5450 [ 26.592117] kasan_report+0x141/0x180 [ 26.592139] ? kasan_atomics_helper+0x1a7f/0x5450 [ 26.592170] kasan_check_range+0x10c/0x1c0 [ 26.592194] __kasan_check_write+0x18/0x20 [ 26.592217] kasan_atomics_helper+0x1a7f/0x5450 [ 26.592244] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.592270] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.592295] ? kasan_atomics+0x152/0x310 [ 26.592321] kasan_atomics+0x1dc/0x310 [ 26.592345] ? __pfx_kasan_atomics+0x10/0x10 [ 26.592367] ? trace_hardirqs_on+0x37/0xe0 [ 26.592390] ? __pfx_read_tsc+0x10/0x10 [ 26.592412] ? ktime_get_ts64+0x86/0x230 [ 26.592438] kunit_try_run_case+0x1a5/0x480 [ 26.592661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.592693] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.592718] ? __kthread_parkme+0x82/0x180 [ 26.592741] ? preempt_count_sub+0x50/0x80 [ 26.592766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.592792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.592818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.592845] kthread+0x337/0x6f0 [ 26.592866] ? trace_preempt_on+0x20/0xc0 [ 26.592890] ? __pfx_kthread+0x10/0x10 [ 26.592913] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.592939] ? calculate_sigpending+0x7b/0xa0 [ 26.592965] ? __pfx_kthread+0x10/0x10 [ 26.592988] ret_from_fork+0x116/0x1d0 [ 26.593009] ? __pfx_kthread+0x10/0x10 [ 26.593031] ret_from_fork_asm+0x1a/0x30 [ 26.593063] </TASK> [ 26.593076] [ 26.600120] Allocated by task 314: [ 26.600305] kasan_save_stack+0x45/0x70 [ 26.600470] kasan_save_track+0x18/0x40 [ 26.600659] kasan_save_alloc_info+0x3b/0x50 [ 26.600832] __kasan_kmalloc+0xb7/0xc0 [ 26.601014] __kmalloc_cache_noprof+0x189/0x420 [ 26.601168] kasan_atomics+0x95/0x310 [ 26.601314] kunit_try_run_case+0x1a5/0x480 [ 26.601464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.601634] kthread+0x337/0x6f0 [ 26.601750] ret_from_fork+0x116/0x1d0 [ 26.601885] ret_from_fork_asm+0x1a/0x30 [ 26.602018] [ 26.602083] The buggy address belongs to the object at ffff888106195400 [ 26.602083] which belongs to the cache kmalloc-64 of size 64 [ 26.602466] The buggy address is located 0 bytes to the right of [ 26.602466] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.603006] [ 26.603095] The buggy address belongs to the physical page: [ 26.603365] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.603720] flags: 0x200000000000000(node=0|zone=2) [ 26.603948] page_type: f5(slab) [ 26.604109] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.604398] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.604631] page dumped because: kasan: bad access detected [ 26.604798] [ 26.604863] Memory state around the buggy address: [ 26.605012] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.605248] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.605468] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.605777] ^ [ 26.606008] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.606355] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.606677] ================================================================== [ 25.593537] ================================================================== [ 25.593961] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 25.594416] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.594666] [ 25.594746] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.594793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.594806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.594826] Call Trace: [ 25.594867] <TASK> [ 25.594884] dump_stack_lvl+0x73/0xb0 [ 25.594913] print_report+0xd1/0x650 [ 25.594935] ? __virt_addr_valid+0x1db/0x2d0 [ 25.594959] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.594984] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.595009] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.595056] kasan_report+0x141/0x180 [ 25.595078] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.595108] __asan_report_store4_noabort+0x1b/0x30 [ 25.595132] kasan_atomics_helper+0x4ba2/0x5450 [ 25.595292] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.595320] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.595345] ? kasan_atomics+0x152/0x310 [ 25.595372] kasan_atomics+0x1dc/0x310 [ 25.595394] ? __pfx_kasan_atomics+0x10/0x10 [ 25.595416] ? trace_hardirqs_on+0x37/0xe0 [ 25.595438] ? __pfx_read_tsc+0x10/0x10 [ 25.595472] ? ktime_get_ts64+0x86/0x230 [ 25.595496] kunit_try_run_case+0x1a5/0x480 [ 25.595522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.595547] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.595569] ? __kthread_parkme+0x82/0x180 [ 25.595591] ? preempt_count_sub+0x50/0x80 [ 25.595614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.595639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.595663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.595687] kthread+0x337/0x6f0 [ 25.595707] ? trace_preempt_on+0x20/0xc0 [ 25.595729] ? __pfx_kthread+0x10/0x10 [ 25.595750] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.595774] ? calculate_sigpending+0x7b/0xa0 [ 25.595798] ? __pfx_kthread+0x10/0x10 [ 25.595819] ret_from_fork+0x116/0x1d0 [ 25.595838] ? __pfx_kthread+0x10/0x10 [ 25.595859] ret_from_fork_asm+0x1a/0x30 [ 25.595963] </TASK> [ 25.595976] [ 25.604410] Allocated by task 314: [ 25.604601] kasan_save_stack+0x45/0x70 [ 25.604772] kasan_save_track+0x18/0x40 [ 25.605046] kasan_save_alloc_info+0x3b/0x50 [ 25.605331] __kasan_kmalloc+0xb7/0xc0 [ 25.605547] __kmalloc_cache_noprof+0x189/0x420 [ 25.605739] kasan_atomics+0x95/0x310 [ 25.605870] kunit_try_run_case+0x1a5/0x480 [ 25.606009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.606416] kthread+0x337/0x6f0 [ 25.606657] ret_from_fork+0x116/0x1d0 [ 25.606845] ret_from_fork_asm+0x1a/0x30 [ 25.607058] [ 25.607124] The buggy address belongs to the object at ffff888106195400 [ 25.607124] which belongs to the cache kmalloc-64 of size 64 [ 25.607965] The buggy address is located 0 bytes to the right of [ 25.607965] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.608688] [ 25.608784] The buggy address belongs to the physical page: [ 25.609113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.609615] flags: 0x200000000000000(node=0|zone=2) [ 25.609851] page_type: f5(slab) [ 25.609999] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.610227] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.610506] page dumped because: kasan: bad access detected [ 25.610779] [ 25.610872] Memory state around the buggy address: [ 25.611242] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.611970] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.612679] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.612971] ^ [ 25.613179] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.613717] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.614123] ================================================================== [ 25.634563] ================================================================== [ 25.635383] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 25.635740] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.636080] [ 25.636706] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.636760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.636776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.636800] Call Trace: [ 25.636815] <TASK> [ 25.636833] dump_stack_lvl+0x73/0xb0 [ 25.636863] print_report+0xd1/0x650 [ 25.636887] ? __virt_addr_valid+0x1db/0x2d0 [ 25.636911] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.636937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.636964] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.636992] kasan_report+0x141/0x180 [ 25.637016] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.637047] __asan_report_store4_noabort+0x1b/0x30 [ 25.637073] kasan_atomics_helper+0x4b6e/0x5450 [ 25.637100] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.637128] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.637173] ? kasan_atomics+0x152/0x310 [ 25.637201] kasan_atomics+0x1dc/0x310 [ 25.637225] ? __pfx_kasan_atomics+0x10/0x10 [ 25.637249] ? trace_hardirqs_on+0x37/0xe0 [ 25.637273] ? __pfx_read_tsc+0x10/0x10 [ 25.637296] ? ktime_get_ts64+0x86/0x230 [ 25.637322] kunit_try_run_case+0x1a5/0x480 [ 25.637348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.637375] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.637399] ? __kthread_parkme+0x82/0x180 [ 25.637421] ? preempt_count_sub+0x50/0x80 [ 25.637446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.637484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.637510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.637536] kthread+0x337/0x6f0 [ 25.637558] ? trace_preempt_on+0x20/0xc0 [ 25.637581] ? __pfx_kthread+0x10/0x10 [ 25.637604] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.637630] ? calculate_sigpending+0x7b/0xa0 [ 25.637654] ? __pfx_kthread+0x10/0x10 [ 25.637678] ret_from_fork+0x116/0x1d0 [ 25.637699] ? __pfx_kthread+0x10/0x10 [ 25.637721] ret_from_fork_asm+0x1a/0x30 [ 25.637753] </TASK> [ 25.637765] [ 25.649221] Allocated by task 314: [ 25.649471] kasan_save_stack+0x45/0x70 [ 25.649818] kasan_save_track+0x18/0x40 [ 25.650102] kasan_save_alloc_info+0x3b/0x50 [ 25.650535] __kasan_kmalloc+0xb7/0xc0 [ 25.650812] __kmalloc_cache_noprof+0x189/0x420 [ 25.651055] kasan_atomics+0x95/0x310 [ 25.651477] kunit_try_run_case+0x1a5/0x480 [ 25.651643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.651937] kthread+0x337/0x6f0 [ 25.652281] ret_from_fork+0x116/0x1d0 [ 25.652781] ret_from_fork_asm+0x1a/0x30 [ 25.652966] [ 25.653077] The buggy address belongs to the object at ffff888106195400 [ 25.653077] which belongs to the cache kmalloc-64 of size 64 [ 25.654056] The buggy address is located 0 bytes to the right of [ 25.654056] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.654865] [ 25.654956] The buggy address belongs to the physical page: [ 25.655482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.655849] flags: 0x200000000000000(node=0|zone=2) [ 25.656420] page_type: f5(slab) [ 25.656602] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.657128] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.657618] page dumped because: kasan: bad access detected [ 25.657958] [ 25.658081] Memory state around the buggy address: [ 25.658605] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.658887] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.659436] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.659848] ^ [ 25.660168] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.660730] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.661055] ================================================================== [ 26.374382] ================================================================== [ 26.374746] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 26.375359] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.375716] [ 26.375822] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.375870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.375884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.375907] Call Trace: [ 26.375921] <TASK> [ 26.375938] dump_stack_lvl+0x73/0xb0 [ 26.375965] print_report+0xd1/0x650 [ 26.375988] ? __virt_addr_valid+0x1db/0x2d0 [ 26.376013] ? kasan_atomics_helper+0x50d4/0x5450 [ 26.376039] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.376065] ? kasan_atomics_helper+0x50d4/0x5450 [ 26.376093] kasan_report+0x141/0x180 [ 26.376116] ? kasan_atomics_helper+0x50d4/0x5450 [ 26.376147] __asan_report_store8_noabort+0x1b/0x30 [ 26.376173] kasan_atomics_helper+0x50d4/0x5450 [ 26.376214] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.376241] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.376266] ? kasan_atomics+0x152/0x310 [ 26.376294] kasan_atomics+0x1dc/0x310 [ 26.376317] ? __pfx_kasan_atomics+0x10/0x10 [ 26.376341] ? trace_hardirqs_on+0x37/0xe0 [ 26.376364] ? __pfx_read_tsc+0x10/0x10 [ 26.376387] ? ktime_get_ts64+0x86/0x230 [ 26.376412] kunit_try_run_case+0x1a5/0x480 [ 26.376438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.376476] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.376499] ? __kthread_parkme+0x82/0x180 [ 26.376522] ? preempt_count_sub+0x50/0x80 [ 26.376546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.376572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.376597] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.376623] kthread+0x337/0x6f0 [ 26.376645] ? trace_preempt_on+0x20/0xc0 [ 26.376668] ? __pfx_kthread+0x10/0x10 [ 26.376690] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.376715] ? calculate_sigpending+0x7b/0xa0 [ 26.376741] ? __pfx_kthread+0x10/0x10 [ 26.376765] ret_from_fork+0x116/0x1d0 [ 26.376785] ? __pfx_kthread+0x10/0x10 [ 26.376808] ret_from_fork_asm+0x1a/0x30 [ 26.376840] </TASK> [ 26.376852] [ 26.383643] Allocated by task 314: [ 26.383770] kasan_save_stack+0x45/0x70 [ 26.383912] kasan_save_track+0x18/0x40 [ 26.384043] kasan_save_alloc_info+0x3b/0x50 [ 26.384187] __kasan_kmalloc+0xb7/0xc0 [ 26.384318] __kmalloc_cache_noprof+0x189/0x420 [ 26.384486] kasan_atomics+0x95/0x310 [ 26.384670] kunit_try_run_case+0x1a5/0x480 [ 26.384871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.385124] kthread+0x337/0x6f0 [ 26.385291] ret_from_fork+0x116/0x1d0 [ 26.385484] ret_from_fork_asm+0x1a/0x30 [ 26.385677] [ 26.385766] The buggy address belongs to the object at ffff888106195400 [ 26.385766] which belongs to the cache kmalloc-64 of size 64 [ 26.386298] The buggy address is located 0 bytes to the right of [ 26.386298] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.387204] [ 26.387299] The buggy address belongs to the physical page: [ 26.387561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.387911] flags: 0x200000000000000(node=0|zone=2) [ 26.388124] page_type: f5(slab) [ 26.388327] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.388639] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.388865] page dumped because: kasan: bad access detected [ 26.389031] [ 26.389096] Memory state around the buggy address: [ 26.389390] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.389717] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.390040] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.390552] ^ [ 26.390745] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.391026] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.391297] ================================================================== [ 25.935582] ================================================================== [ 25.935896] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 25.936735] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.937593] [ 25.937716] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.937767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.937783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.937805] Call Trace: [ 25.937821] <TASK> [ 25.937837] dump_stack_lvl+0x73/0xb0 [ 25.937874] print_report+0xd1/0x650 [ 25.937899] ? __virt_addr_valid+0x1db/0x2d0 [ 25.937924] ? kasan_atomics_helper+0x992/0x5450 [ 25.937950] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.937976] ? kasan_atomics_helper+0x992/0x5450 [ 25.938002] kasan_report+0x141/0x180 [ 25.938025] ? kasan_atomics_helper+0x992/0x5450 [ 25.938055] kasan_check_range+0x10c/0x1c0 [ 25.938079] __kasan_check_write+0x18/0x20 [ 25.938104] kasan_atomics_helper+0x992/0x5450 [ 25.938130] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.938326] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.938354] ? kasan_atomics+0x152/0x310 [ 25.938382] kasan_atomics+0x1dc/0x310 [ 25.938406] ? __pfx_kasan_atomics+0x10/0x10 [ 25.938429] ? trace_hardirqs_on+0x37/0xe0 [ 25.938502] ? __pfx_read_tsc+0x10/0x10 [ 25.938525] ? ktime_get_ts64+0x86/0x230 [ 25.938550] kunit_try_run_case+0x1a5/0x480 [ 25.938576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.938603] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.938626] ? __kthread_parkme+0x82/0x180 [ 25.938648] ? preempt_count_sub+0x50/0x80 [ 25.938673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.938699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.938723] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.938749] kthread+0x337/0x6f0 [ 25.938770] ? trace_preempt_on+0x20/0xc0 [ 25.938793] ? __pfx_kthread+0x10/0x10 [ 25.938815] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.938840] ? calculate_sigpending+0x7b/0xa0 [ 25.938866] ? __pfx_kthread+0x10/0x10 [ 25.938888] ret_from_fork+0x116/0x1d0 [ 25.938909] ? __pfx_kthread+0x10/0x10 [ 25.938930] ret_from_fork_asm+0x1a/0x30 [ 25.938963] </TASK> [ 25.938975] [ 25.949944] Allocated by task 314: [ 25.950077] kasan_save_stack+0x45/0x70 [ 25.950431] kasan_save_track+0x18/0x40 [ 25.950581] kasan_save_alloc_info+0x3b/0x50 [ 25.950726] __kasan_kmalloc+0xb7/0xc0 [ 25.950862] __kmalloc_cache_noprof+0x189/0x420 [ 25.951083] kasan_atomics+0x95/0x310 [ 25.951373] kunit_try_run_case+0x1a5/0x480 [ 25.951549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.951721] kthread+0x337/0x6f0 [ 25.951837] ret_from_fork+0x116/0x1d0 [ 25.951979] ret_from_fork_asm+0x1a/0x30 [ 25.952203] [ 25.952319] The buggy address belongs to the object at ffff888106195400 [ 25.952319] which belongs to the cache kmalloc-64 of size 64 [ 25.952946] The buggy address is located 0 bytes to the right of [ 25.952946] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.953634] [ 25.953719] The buggy address belongs to the physical page: [ 25.953924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.954260] flags: 0x200000000000000(node=0|zone=2) [ 25.954418] page_type: f5(slab) [ 25.954545] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.954821] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.955151] page dumped because: kasan: bad access detected [ 25.955431] [ 25.955507] Memory state around the buggy address: [ 25.955759] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.956897] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.957451] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.957741] ^ [ 25.957968] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.958551] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.959039] ================================================================== [ 26.214734] ================================================================== [ 26.215049] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 26.215398] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.215638] [ 26.215720] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.215767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.215781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.215804] Call Trace: [ 26.215817] <TASK> [ 26.215836] dump_stack_lvl+0x73/0xb0 [ 26.215863] print_report+0xd1/0x650 [ 26.215886] ? __virt_addr_valid+0x1db/0x2d0 [ 26.215910] ? kasan_atomics_helper+0x1148/0x5450 [ 26.215936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.215963] ? kasan_atomics_helper+0x1148/0x5450 [ 26.215990] kasan_report+0x141/0x180 [ 26.216014] ? kasan_atomics_helper+0x1148/0x5450 [ 26.216045] kasan_check_range+0x10c/0x1c0 [ 26.216069] __kasan_check_write+0x18/0x20 [ 26.216094] kasan_atomics_helper+0x1148/0x5450 [ 26.216122] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.216149] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.216174] ? kasan_atomics+0x152/0x310 [ 26.216288] kasan_atomics+0x1dc/0x310 [ 26.216318] ? __pfx_kasan_atomics+0x10/0x10 [ 26.216342] ? trace_hardirqs_on+0x37/0xe0 [ 26.216366] ? __pfx_read_tsc+0x10/0x10 [ 26.216388] ? ktime_get_ts64+0x86/0x230 [ 26.216413] kunit_try_run_case+0x1a5/0x480 [ 26.216439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.216480] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.216504] ? __kthread_parkme+0x82/0x180 [ 26.216526] ? preempt_count_sub+0x50/0x80 [ 26.216550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.216577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.216602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.216628] kthread+0x337/0x6f0 [ 26.216649] ? trace_preempt_on+0x20/0xc0 [ 26.216673] ? __pfx_kthread+0x10/0x10 [ 26.216695] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.216721] ? calculate_sigpending+0x7b/0xa0 [ 26.216747] ? __pfx_kthread+0x10/0x10 [ 26.216771] ret_from_fork+0x116/0x1d0 [ 26.216792] ? __pfx_kthread+0x10/0x10 [ 26.216814] ret_from_fork_asm+0x1a/0x30 [ 26.216846] </TASK> [ 26.216859] [ 26.225567] Allocated by task 314: [ 26.225696] kasan_save_stack+0x45/0x70 [ 26.225849] kasan_save_track+0x18/0x40 [ 26.225982] kasan_save_alloc_info+0x3b/0x50 [ 26.226127] __kasan_kmalloc+0xb7/0xc0 [ 26.226257] __kmalloc_cache_noprof+0x189/0x420 [ 26.226407] kasan_atomics+0x95/0x310 [ 26.227341] kunit_try_run_case+0x1a5/0x480 [ 26.227633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.228075] kthread+0x337/0x6f0 [ 26.228568] ret_from_fork+0x116/0x1d0 [ 26.228950] ret_from_fork_asm+0x1a/0x30 [ 26.229285] [ 26.229514] The buggy address belongs to the object at ffff888106195400 [ 26.229514] which belongs to the cache kmalloc-64 of size 64 [ 26.230176] The buggy address is located 0 bytes to the right of [ 26.230176] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.230692] [ 26.230780] The buggy address belongs to the physical page: [ 26.231009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.231607] flags: 0x200000000000000(node=0|zone=2) [ 26.232043] page_type: f5(slab) [ 26.232331] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.232850] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.233423] page dumped because: kasan: bad access detected [ 26.233795] [ 26.234030] Memory state around the buggy address: [ 26.234467] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.234841] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.235134] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.235644] ^ [ 26.236038] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.236505] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.236819] ================================================================== [ 26.391843] ================================================================== [ 26.392163] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 26.392435] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.392672] [ 26.392750] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.392795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.392810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.392832] Call Trace: [ 26.392848] <TASK> [ 26.392864] dump_stack_lvl+0x73/0xb0 [ 26.392891] print_report+0xd1/0x650 [ 26.392914] ? __virt_addr_valid+0x1db/0x2d0 [ 26.392939] ? kasan_atomics_helper+0x151d/0x5450 [ 26.392965] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.392992] ? kasan_atomics_helper+0x151d/0x5450 [ 26.393019] kasan_report+0x141/0x180 [ 26.393043] ? kasan_atomics_helper+0x151d/0x5450 [ 26.393073] kasan_check_range+0x10c/0x1c0 [ 26.393098] __kasan_check_write+0x18/0x20 [ 26.393123] kasan_atomics_helper+0x151d/0x5450 [ 26.393150] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.393178] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.393204] ? kasan_atomics+0x152/0x310 [ 26.393231] kasan_atomics+0x1dc/0x310 [ 26.393254] ? __pfx_kasan_atomics+0x10/0x10 [ 26.393277] ? trace_hardirqs_on+0x37/0xe0 [ 26.393301] ? __pfx_read_tsc+0x10/0x10 [ 26.393323] ? ktime_get_ts64+0x86/0x230 [ 26.393349] kunit_try_run_case+0x1a5/0x480 [ 26.393375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.393400] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.393424] ? __kthread_parkme+0x82/0x180 [ 26.393447] ? preempt_count_sub+0x50/0x80 [ 26.393483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.393509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.393534] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.393560] kthread+0x337/0x6f0 [ 26.393580] ? trace_preempt_on+0x20/0xc0 [ 26.393603] ? __pfx_kthread+0x10/0x10 [ 26.393625] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.393651] ? calculate_sigpending+0x7b/0xa0 [ 26.393675] ? __pfx_kthread+0x10/0x10 [ 26.393698] ret_from_fork+0x116/0x1d0 [ 26.393718] ? __pfx_kthread+0x10/0x10 [ 26.393740] ret_from_fork_asm+0x1a/0x30 [ 26.393772] </TASK> [ 26.393785] [ 26.400658] Allocated by task 314: [ 26.400829] kasan_save_stack+0x45/0x70 [ 26.401026] kasan_save_track+0x18/0x40 [ 26.401217] kasan_save_alloc_info+0x3b/0x50 [ 26.401424] __kasan_kmalloc+0xb7/0xc0 [ 26.401625] __kmalloc_cache_noprof+0x189/0x420 [ 26.401850] kasan_atomics+0x95/0x310 [ 26.402033] kunit_try_run_case+0x1a5/0x480 [ 26.402270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.402542] kthread+0x337/0x6f0 [ 26.402718] ret_from_fork+0x116/0x1d0 [ 26.402905] ret_from_fork_asm+0x1a/0x30 [ 26.403101] [ 26.403188] The buggy address belongs to the object at ffff888106195400 [ 26.403188] which belongs to the cache kmalloc-64 of size 64 [ 26.403716] The buggy address is located 0 bytes to the right of [ 26.403716] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.404188] [ 26.404283] The buggy address belongs to the physical page: [ 26.404481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.404721] flags: 0x200000000000000(node=0|zone=2) [ 26.404880] page_type: f5(slab) [ 26.405002] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.405306] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.405643] page dumped because: kasan: bad access detected [ 26.405898] [ 26.405988] Memory state around the buggy address: [ 26.406202] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.406534] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.406845] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.407159] ^ [ 26.407382] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.407604] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.407813] ================================================================== [ 26.483492] ================================================================== [ 26.483905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 26.484163] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.484745] [ 26.484849] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.484897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.484912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.484934] Call Trace: [ 26.484949] <TASK> [ 26.484965] dump_stack_lvl+0x73/0xb0 [ 26.484994] print_report+0xd1/0x650 [ 26.485017] ? __virt_addr_valid+0x1db/0x2d0 [ 26.485041] ? kasan_atomics_helper+0x177f/0x5450 [ 26.485068] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.485094] ? kasan_atomics_helper+0x177f/0x5450 [ 26.485121] kasan_report+0x141/0x180 [ 26.485144] ? kasan_atomics_helper+0x177f/0x5450 [ 26.485175] kasan_check_range+0x10c/0x1c0 [ 26.485200] __kasan_check_write+0x18/0x20 [ 26.485685] kasan_atomics_helper+0x177f/0x5450 [ 26.485727] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.485756] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.485783] ? kasan_atomics+0x152/0x310 [ 26.485811] kasan_atomics+0x1dc/0x310 [ 26.485836] ? __pfx_kasan_atomics+0x10/0x10 [ 26.485868] ? trace_hardirqs_on+0x37/0xe0 [ 26.485891] ? __pfx_read_tsc+0x10/0x10 [ 26.485913] ? ktime_get_ts64+0x86/0x230 [ 26.485938] kunit_try_run_case+0x1a5/0x480 [ 26.485965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.485991] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.486016] ? __kthread_parkme+0x82/0x180 [ 26.486038] ? preempt_count_sub+0x50/0x80 [ 26.486063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.486089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.486114] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.486140] kthread+0x337/0x6f0 [ 26.486160] ? trace_preempt_on+0x20/0xc0 [ 26.486183] ? __pfx_kthread+0x10/0x10 [ 26.486220] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.486246] ? calculate_sigpending+0x7b/0xa0 [ 26.486271] ? __pfx_kthread+0x10/0x10 [ 26.486295] ret_from_fork+0x116/0x1d0 [ 26.486315] ? __pfx_kthread+0x10/0x10 [ 26.486337] ret_from_fork_asm+0x1a/0x30 [ 26.486370] </TASK> [ 26.486382] [ 26.496289] Allocated by task 314: [ 26.496674] kasan_save_stack+0x45/0x70 [ 26.496964] kasan_save_track+0x18/0x40 [ 26.497279] kasan_save_alloc_info+0x3b/0x50 [ 26.497568] __kasan_kmalloc+0xb7/0xc0 [ 26.497715] __kmalloc_cache_noprof+0x189/0x420 [ 26.497987] kasan_atomics+0x95/0x310 [ 26.498167] kunit_try_run_case+0x1a5/0x480 [ 26.498577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.498900] kthread+0x337/0x6f0 [ 26.499030] ret_from_fork+0x116/0x1d0 [ 26.499380] ret_from_fork_asm+0x1a/0x30 [ 26.499674] [ 26.499750] The buggy address belongs to the object at ffff888106195400 [ 26.499750] which belongs to the cache kmalloc-64 of size 64 [ 26.500416] The buggy address is located 0 bytes to the right of [ 26.500416] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.500923] [ 26.501003] The buggy address belongs to the physical page: [ 26.501539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.501972] flags: 0x200000000000000(node=0|zone=2) [ 26.502271] page_type: f5(slab) [ 26.502443] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.502915] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.503333] page dumped because: kasan: bad access detected [ 26.503654] [ 26.503749] Memory state around the buggy address: [ 26.504096] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.504487] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.504842] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.505146] ^ [ 26.505505] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.505916] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.506309] ================================================================== [ 26.876022] ================================================================== [ 26.876249] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 26.876598] Read of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.876918] [ 26.877013] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.877061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.877075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.877097] Call Trace: [ 26.877111] <TASK> [ 26.877127] dump_stack_lvl+0x73/0xb0 [ 26.877154] print_report+0xd1/0x650 [ 26.877177] ? __virt_addr_valid+0x1db/0x2d0 [ 26.877201] ? kasan_atomics_helper+0x4fa5/0x5450 [ 26.877227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.877254] ? kasan_atomics_helper+0x4fa5/0x5450 [ 26.877280] kasan_report+0x141/0x180 [ 26.877303] ? kasan_atomics_helper+0x4fa5/0x5450 [ 26.877334] __asan_report_load8_noabort+0x18/0x20 [ 26.877359] kasan_atomics_helper+0x4fa5/0x5450 [ 26.877387] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.877413] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.877438] ? kasan_atomics+0x152/0x310 [ 26.877475] kasan_atomics+0x1dc/0x310 [ 26.877499] ? __pfx_kasan_atomics+0x10/0x10 [ 26.877522] ? trace_hardirqs_on+0x37/0xe0 [ 26.877545] ? __pfx_read_tsc+0x10/0x10 [ 26.877568] ? ktime_get_ts64+0x86/0x230 [ 26.877592] kunit_try_run_case+0x1a5/0x480 [ 26.877618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.877644] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.877668] ? __kthread_parkme+0x82/0x180 [ 26.877689] ? preempt_count_sub+0x50/0x80 [ 26.877714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.877740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.877765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.877792] kthread+0x337/0x6f0 [ 26.877814] ? trace_preempt_on+0x20/0xc0 [ 26.877840] ? __pfx_kthread+0x10/0x10 [ 26.877872] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.877897] ? calculate_sigpending+0x7b/0xa0 [ 26.877922] ? __pfx_kthread+0x10/0x10 [ 26.877945] ret_from_fork+0x116/0x1d0 [ 26.877966] ? __pfx_kthread+0x10/0x10 [ 26.877988] ret_from_fork_asm+0x1a/0x30 [ 26.878020] </TASK> [ 26.878032] [ 26.888424] Allocated by task 314: [ 26.888735] kasan_save_stack+0x45/0x70 [ 26.888932] kasan_save_track+0x18/0x40 [ 26.889273] kasan_save_alloc_info+0x3b/0x50 [ 26.889547] __kasan_kmalloc+0xb7/0xc0 [ 26.889706] __kmalloc_cache_noprof+0x189/0x420 [ 26.889930] kasan_atomics+0x95/0x310 [ 26.890074] kunit_try_run_case+0x1a5/0x480 [ 26.890297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.890476] kthread+0x337/0x6f0 [ 26.890591] ret_from_fork+0x116/0x1d0 [ 26.890718] ret_from_fork_asm+0x1a/0x30 [ 26.890851] [ 26.890918] The buggy address belongs to the object at ffff888106195400 [ 26.890918] which belongs to the cache kmalloc-64 of size 64 [ 26.891375] The buggy address is located 0 bytes to the right of [ 26.891375] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.892483] [ 26.892584] The buggy address belongs to the physical page: [ 26.893053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.893549] flags: 0x200000000000000(node=0|zone=2) [ 26.893776] page_type: f5(slab) [ 26.893984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.894216] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.894439] page dumped because: kasan: bad access detected [ 26.894616] [ 26.894683] Memory state around the buggy address: [ 26.894834] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.895256] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.895919] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.896243] ^ [ 26.896595] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.896845] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.897301] ================================================================== [ 26.046569] ================================================================== [ 26.046922] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 26.047280] Read of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.047573] [ 26.047670] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.047719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.047734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.047756] Call Trace: [ 26.047771] <TASK> [ 26.047788] dump_stack_lvl+0x73/0xb0 [ 26.047814] print_report+0xd1/0x650 [ 26.047837] ? __virt_addr_valid+0x1db/0x2d0 [ 26.047860] ? kasan_atomics_helper+0x4a84/0x5450 [ 26.047886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.047913] ? kasan_atomics_helper+0x4a84/0x5450 [ 26.047938] kasan_report+0x141/0x180 [ 26.047961] ? kasan_atomics_helper+0x4a84/0x5450 [ 26.047992] __asan_report_load4_noabort+0x18/0x20 [ 26.048017] kasan_atomics_helper+0x4a84/0x5450 [ 26.048044] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.048070] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.048095] ? kasan_atomics+0x152/0x310 [ 26.048122] kasan_atomics+0x1dc/0x310 [ 26.048145] ? __pfx_kasan_atomics+0x10/0x10 [ 26.048168] ? trace_hardirqs_on+0x37/0xe0 [ 26.048192] ? __pfx_read_tsc+0x10/0x10 [ 26.048215] ? ktime_get_ts64+0x86/0x230 [ 26.048239] kunit_try_run_case+0x1a5/0x480 [ 26.048265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.048292] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.048315] ? __kthread_parkme+0x82/0x180 [ 26.048336] ? preempt_count_sub+0x50/0x80 [ 26.048361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.048387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.048412] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.048438] kthread+0x337/0x6f0 [ 26.048469] ? trace_preempt_on+0x20/0xc0 [ 26.048493] ? __pfx_kthread+0x10/0x10 [ 26.048516] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.048541] ? calculate_sigpending+0x7b/0xa0 [ 26.048567] ? __pfx_kthread+0x10/0x10 [ 26.048590] ret_from_fork+0x116/0x1d0 [ 26.048610] ? __pfx_kthread+0x10/0x10 [ 26.048633] ret_from_fork_asm+0x1a/0x30 [ 26.048665] </TASK> [ 26.048677] [ 26.055950] Allocated by task 314: [ 26.056127] kasan_save_stack+0x45/0x70 [ 26.056332] kasan_save_track+0x18/0x40 [ 26.056479] kasan_save_alloc_info+0x3b/0x50 [ 26.056623] __kasan_kmalloc+0xb7/0xc0 [ 26.056753] __kmalloc_cache_noprof+0x189/0x420 [ 26.056902] kasan_atomics+0x95/0x310 [ 26.057029] kunit_try_run_case+0x1a5/0x480 [ 26.057169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.057421] kthread+0x337/0x6f0 [ 26.057592] ret_from_fork+0x116/0x1d0 [ 26.057774] ret_from_fork_asm+0x1a/0x30 [ 26.057969] [ 26.058059] The buggy address belongs to the object at ffff888106195400 [ 26.058059] which belongs to the cache kmalloc-64 of size 64 [ 26.058802] The buggy address is located 0 bytes to the right of [ 26.058802] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.059160] [ 26.059226] The buggy address belongs to the physical page: [ 26.059394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.059708] flags: 0x200000000000000(node=0|zone=2) [ 26.059939] page_type: f5(slab) [ 26.060102] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.060552] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.060888] page dumped because: kasan: bad access detected [ 26.061141] [ 26.061283] Memory state around the buggy address: [ 26.061515] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.061833] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.062108] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.062576] ^ [ 26.062727] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.062936] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.063213] ================================================================== [ 26.506938] ================================================================== [ 26.507363] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 26.507818] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.508150] [ 26.508704] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.508828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.508845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.508867] Call Trace: [ 26.508885] <TASK> [ 26.508903] dump_stack_lvl+0x73/0xb0 [ 26.508933] print_report+0xd1/0x650 [ 26.508957] ? __virt_addr_valid+0x1db/0x2d0 [ 26.508981] ? kasan_atomics_helper+0x1818/0x5450 [ 26.509009] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.509037] ? kasan_atomics_helper+0x1818/0x5450 [ 26.509063] kasan_report+0x141/0x180 [ 26.509087] ? kasan_atomics_helper+0x1818/0x5450 [ 26.509117] kasan_check_range+0x10c/0x1c0 [ 26.509142] __kasan_check_write+0x18/0x20 [ 26.509167] kasan_atomics_helper+0x1818/0x5450 [ 26.509195] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.509221] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.509247] ? kasan_atomics+0x152/0x310 [ 26.509275] kasan_atomics+0x1dc/0x310 [ 26.509298] ? __pfx_kasan_atomics+0x10/0x10 [ 26.509320] ? trace_hardirqs_on+0x37/0xe0 [ 26.509344] ? __pfx_read_tsc+0x10/0x10 [ 26.509367] ? ktime_get_ts64+0x86/0x230 [ 26.509392] kunit_try_run_case+0x1a5/0x480 [ 26.509419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.509445] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.509481] ? __kthread_parkme+0x82/0x180 [ 26.509503] ? preempt_count_sub+0x50/0x80 [ 26.509527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.509554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.509579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.509604] kthread+0x337/0x6f0 [ 26.509625] ? trace_preempt_on+0x20/0xc0 [ 26.509648] ? __pfx_kthread+0x10/0x10 [ 26.509671] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.509696] ? calculate_sigpending+0x7b/0xa0 [ 26.509721] ? __pfx_kthread+0x10/0x10 [ 26.509745] ret_from_fork+0x116/0x1d0 [ 26.509765] ? __pfx_kthread+0x10/0x10 [ 26.509787] ret_from_fork_asm+0x1a/0x30 [ 26.509820] </TASK> [ 26.509833] [ 26.519680] Allocated by task 314: [ 26.519838] kasan_save_stack+0x45/0x70 [ 26.520034] kasan_save_track+0x18/0x40 [ 26.520530] kasan_save_alloc_info+0x3b/0x50 [ 26.520735] __kasan_kmalloc+0xb7/0xc0 [ 26.520960] __kmalloc_cache_noprof+0x189/0x420 [ 26.521247] kasan_atomics+0x95/0x310 [ 26.521527] kunit_try_run_case+0x1a5/0x480 [ 26.521848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.522027] kthread+0x337/0x6f0 [ 26.522305] ret_from_fork+0x116/0x1d0 [ 26.522675] ret_from_fork_asm+0x1a/0x30 [ 26.523082] [ 26.523214] The buggy address belongs to the object at ffff888106195400 [ 26.523214] which belongs to the cache kmalloc-64 of size 64 [ 26.523842] The buggy address is located 0 bytes to the right of [ 26.523842] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.524493] [ 26.524600] The buggy address belongs to the physical page: [ 26.525002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.525415] flags: 0x200000000000000(node=0|zone=2) [ 26.525722] page_type: f5(slab) [ 26.525949] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.526264] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.526720] page dumped because: kasan: bad access detected [ 26.527049] [ 26.527146] Memory state around the buggy address: [ 26.527367] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.527677] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.527969] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.528544] ^ [ 26.528748] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.529153] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.529719] ================================================================== [ 25.687245] ================================================================== [ 25.687639] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 25.687960] Read of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.688277] [ 25.688363] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.688582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.688598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.688620] Call Trace: [ 25.688635] <TASK> [ 25.688652] dump_stack_lvl+0x73/0xb0 [ 25.688682] print_report+0xd1/0x650 [ 25.688706] ? __virt_addr_valid+0x1db/0x2d0 [ 25.688730] ? kasan_atomics_helper+0x4b54/0x5450 [ 25.688757] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.688784] ? kasan_atomics_helper+0x4b54/0x5450 [ 25.688811] kasan_report+0x141/0x180 [ 25.688834] ? kasan_atomics_helper+0x4b54/0x5450 [ 25.688866] __asan_report_load4_noabort+0x18/0x20 [ 25.688892] kasan_atomics_helper+0x4b54/0x5450 [ 25.688956] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.688984] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.689028] ? kasan_atomics+0x152/0x310 [ 25.689055] kasan_atomics+0x1dc/0x310 [ 25.689080] ? __pfx_kasan_atomics+0x10/0x10 [ 25.689103] ? trace_hardirqs_on+0x37/0xe0 [ 25.689127] ? __pfx_read_tsc+0x10/0x10 [ 25.689241] ? ktime_get_ts64+0x86/0x230 [ 25.689284] kunit_try_run_case+0x1a5/0x480 [ 25.689311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.689351] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.689375] ? __kthread_parkme+0x82/0x180 [ 25.689412] ? preempt_count_sub+0x50/0x80 [ 25.689437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.689477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.689503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.689543] kthread+0x337/0x6f0 [ 25.689565] ? trace_preempt_on+0x20/0xc0 [ 25.689588] ? __pfx_kthread+0x10/0x10 [ 25.689611] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.689637] ? calculate_sigpending+0x7b/0xa0 [ 25.689663] ? __pfx_kthread+0x10/0x10 [ 25.689686] ret_from_fork+0x116/0x1d0 [ 25.689707] ? __pfx_kthread+0x10/0x10 [ 25.689730] ret_from_fork_asm+0x1a/0x30 [ 25.689764] </TASK> [ 25.689777] [ 25.698215] Allocated by task 314: [ 25.698338] kasan_save_stack+0x45/0x70 [ 25.698559] kasan_save_track+0x18/0x40 [ 25.698854] kasan_save_alloc_info+0x3b/0x50 [ 25.699085] __kasan_kmalloc+0xb7/0xc0 [ 25.699415] __kmalloc_cache_noprof+0x189/0x420 [ 25.699637] kasan_atomics+0x95/0x310 [ 25.699797] kunit_try_run_case+0x1a5/0x480 [ 25.699941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.700229] kthread+0x337/0x6f0 [ 25.700415] ret_from_fork+0x116/0x1d0 [ 25.700762] ret_from_fork_asm+0x1a/0x30 [ 25.700929] [ 25.701031] The buggy address belongs to the object at ffff888106195400 [ 25.701031] which belongs to the cache kmalloc-64 of size 64 [ 25.701489] The buggy address is located 0 bytes to the right of [ 25.701489] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.702119] [ 25.702211] The buggy address belongs to the physical page: [ 25.702452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.702954] flags: 0x200000000000000(node=0|zone=2) [ 25.703121] page_type: f5(slab) [ 25.703429] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.703812] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.704128] page dumped because: kasan: bad access detected [ 25.704374] [ 25.704488] Memory state around the buggy address: [ 25.704699] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.705420] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.705650] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.706032] ^ [ 25.706409] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.706762] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.707268] ================================================================== [ 26.306050] ================================================================== [ 26.306319] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 26.306676] Read of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.307001] [ 26.307104] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.307150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.307163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.307187] Call Trace: [ 26.307209] <TASK> [ 26.307225] dump_stack_lvl+0x73/0xb0 [ 26.307251] print_report+0xd1/0x650 [ 26.307275] ? __virt_addr_valid+0x1db/0x2d0 [ 26.307299] ? kasan_atomics_helper+0x49ce/0x5450 [ 26.307325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.307352] ? kasan_atomics_helper+0x49ce/0x5450 [ 26.307379] kasan_report+0x141/0x180 [ 26.307402] ? kasan_atomics_helper+0x49ce/0x5450 [ 26.307433] __asan_report_load4_noabort+0x18/0x20 [ 26.307470] kasan_atomics_helper+0x49ce/0x5450 [ 26.307497] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.307524] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.307549] ? kasan_atomics+0x152/0x310 [ 26.307577] kasan_atomics+0x1dc/0x310 [ 26.307600] ? __pfx_kasan_atomics+0x10/0x10 [ 26.307623] ? trace_hardirqs_on+0x37/0xe0 [ 26.307647] ? __pfx_read_tsc+0x10/0x10 [ 26.307670] ? ktime_get_ts64+0x86/0x230 [ 26.307694] kunit_try_run_case+0x1a5/0x480 [ 26.307720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.307746] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.307769] ? __kthread_parkme+0x82/0x180 [ 26.307792] ? preempt_count_sub+0x50/0x80 [ 26.307816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.307843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.307868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.307894] kthread+0x337/0x6f0 [ 26.307915] ? trace_preempt_on+0x20/0xc0 [ 26.307939] ? __pfx_kthread+0x10/0x10 [ 26.307961] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.307986] ? calculate_sigpending+0x7b/0xa0 [ 26.308012] ? __pfx_kthread+0x10/0x10 [ 26.308036] ret_from_fork+0x116/0x1d0 [ 26.308056] ? __pfx_kthread+0x10/0x10 [ 26.308079] ret_from_fork_asm+0x1a/0x30 [ 26.308111] </TASK> [ 26.308123] [ 26.315320] Allocated by task 314: [ 26.315497] kasan_save_stack+0x45/0x70 [ 26.315677] kasan_save_track+0x18/0x40 [ 26.315839] kasan_save_alloc_info+0x3b/0x50 [ 26.316043] __kasan_kmalloc+0xb7/0xc0 [ 26.316198] __kmalloc_cache_noprof+0x189/0x420 [ 26.316419] kasan_atomics+0x95/0x310 [ 26.316572] kunit_try_run_case+0x1a5/0x480 [ 26.316779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.316998] kthread+0x337/0x6f0 [ 26.317144] ret_from_fork+0x116/0x1d0 [ 26.317315] ret_from_fork_asm+0x1a/0x30 [ 26.317528] [ 26.317599] The buggy address belongs to the object at ffff888106195400 [ 26.317599] which belongs to the cache kmalloc-64 of size 64 [ 26.318044] The buggy address is located 0 bytes to the right of [ 26.318044] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.318539] [ 26.318605] The buggy address belongs to the physical page: [ 26.318774] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.319100] flags: 0x200000000000000(node=0|zone=2) [ 26.319328] page_type: f5(slab) [ 26.319500] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.319768] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.319991] page dumped because: kasan: bad access detected [ 26.320217] [ 26.320307] Memory state around the buggy address: [ 26.320536] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.320859] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.321185] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.321531] ^ [ 26.321737] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.321998] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.322335] ================================================================== [ 25.614759] ================================================================== [ 25.615014] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 25.615971] Read of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.616737] [ 25.616841] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.616892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.616906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.616926] Call Trace: [ 25.616939] <TASK> [ 25.616955] dump_stack_lvl+0x73/0xb0 [ 25.616982] print_report+0xd1/0x650 [ 25.617004] ? __virt_addr_valid+0x1db/0x2d0 [ 25.617027] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.617052] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.617078] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.617103] kasan_report+0x141/0x180 [ 25.617125] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.617155] __asan_report_load4_noabort+0x18/0x20 [ 25.617179] kasan_atomics_helper+0x4b88/0x5450 [ 25.617219] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.617244] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.617268] ? kasan_atomics+0x152/0x310 [ 25.617294] kasan_atomics+0x1dc/0x310 [ 25.617317] ? __pfx_kasan_atomics+0x10/0x10 [ 25.617339] ? trace_hardirqs_on+0x37/0xe0 [ 25.617360] ? __pfx_read_tsc+0x10/0x10 [ 25.617381] ? ktime_get_ts64+0x86/0x230 [ 25.617405] kunit_try_run_case+0x1a5/0x480 [ 25.617430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.617468] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.617490] ? __kthread_parkme+0x82/0x180 [ 25.617511] ? preempt_count_sub+0x50/0x80 [ 25.617534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.617559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.617583] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.617607] kthread+0x337/0x6f0 [ 25.617627] ? trace_preempt_on+0x20/0xc0 [ 25.617648] ? __pfx_kthread+0x10/0x10 [ 25.617670] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.617694] ? calculate_sigpending+0x7b/0xa0 [ 25.617719] ? __pfx_kthread+0x10/0x10 [ 25.617741] ret_from_fork+0x116/0x1d0 [ 25.617759] ? __pfx_kthread+0x10/0x10 [ 25.617780] ret_from_fork_asm+0x1a/0x30 [ 25.617810] </TASK> [ 25.617822] [ 25.625640] Allocated by task 314: [ 25.625820] kasan_save_stack+0x45/0x70 [ 25.626029] kasan_save_track+0x18/0x40 [ 25.626208] kasan_save_alloc_info+0x3b/0x50 [ 25.626512] __kasan_kmalloc+0xb7/0xc0 [ 25.626716] __kmalloc_cache_noprof+0x189/0x420 [ 25.626928] kasan_atomics+0x95/0x310 [ 25.627103] kunit_try_run_case+0x1a5/0x480 [ 25.627242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.627509] kthread+0x337/0x6f0 [ 25.627666] ret_from_fork+0x116/0x1d0 [ 25.627793] ret_from_fork_asm+0x1a/0x30 [ 25.628001] [ 25.628069] The buggy address belongs to the object at ffff888106195400 [ 25.628069] which belongs to the cache kmalloc-64 of size 64 [ 25.628402] The buggy address is located 0 bytes to the right of [ 25.628402] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.629034] [ 25.629136] The buggy address belongs to the physical page: [ 25.629444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.629812] flags: 0x200000000000000(node=0|zone=2) [ 25.630070] page_type: f5(slab) [ 25.630345] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.630676] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.630893] page dumped because: kasan: bad access detected [ 25.631130] [ 25.631244] Memory state around the buggy address: [ 25.631549] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.631784] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.631989] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.632189] ^ [ 25.632408] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.632731] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.633206] ================================================================== [ 25.707676] ================================================================== [ 25.708024] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 25.708577] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.708869] [ 25.708996] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.709083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.709097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.709121] Call Trace: [ 25.709137] <TASK> [ 25.709153] dump_stack_lvl+0x73/0xb0 [ 25.709322] print_report+0xd1/0x650 [ 25.709348] ? __virt_addr_valid+0x1db/0x2d0 [ 25.709373] ? kasan_atomics_helper+0x4a0/0x5450 [ 25.709400] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.709427] ? kasan_atomics_helper+0x4a0/0x5450 [ 25.709470] kasan_report+0x141/0x180 [ 25.709493] ? kasan_atomics_helper+0x4a0/0x5450 [ 25.709524] kasan_check_range+0x10c/0x1c0 [ 25.709575] __kasan_check_write+0x18/0x20 [ 25.709600] kasan_atomics_helper+0x4a0/0x5450 [ 25.709642] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.709670] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.709695] ? kasan_atomics+0x152/0x310 [ 25.709723] kasan_atomics+0x1dc/0x310 [ 25.709747] ? __pfx_kasan_atomics+0x10/0x10 [ 25.709771] ? trace_hardirqs_on+0x37/0xe0 [ 25.709794] ? __pfx_read_tsc+0x10/0x10 [ 25.709816] ? ktime_get_ts64+0x86/0x230 [ 25.709846] kunit_try_run_case+0x1a5/0x480 [ 25.709871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.709898] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.709939] ? __kthread_parkme+0x82/0x180 [ 25.709962] ? preempt_count_sub+0x50/0x80 [ 25.709987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.710013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.710039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.710065] kthread+0x337/0x6f0 [ 25.710086] ? trace_preempt_on+0x20/0xc0 [ 25.710128] ? __pfx_kthread+0x10/0x10 [ 25.710228] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.710260] ? calculate_sigpending+0x7b/0xa0 [ 25.710287] ? __pfx_kthread+0x10/0x10 [ 25.710311] ret_from_fork+0x116/0x1d0 [ 25.710358] ? __pfx_kthread+0x10/0x10 [ 25.710382] ret_from_fork_asm+0x1a/0x30 [ 25.710415] </TASK> [ 25.710429] [ 25.719199] Allocated by task 314: [ 25.719532] kasan_save_stack+0x45/0x70 [ 25.719739] kasan_save_track+0x18/0x40 [ 25.720191] kasan_save_alloc_info+0x3b/0x50 [ 25.720466] __kasan_kmalloc+0xb7/0xc0 [ 25.720661] __kmalloc_cache_noprof+0x189/0x420 [ 25.720808] kasan_atomics+0x95/0x310 [ 25.720989] kunit_try_run_case+0x1a5/0x480 [ 25.721226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.721551] kthread+0x337/0x6f0 [ 25.722019] ret_from_fork+0x116/0x1d0 [ 25.722248] ret_from_fork_asm+0x1a/0x30 [ 25.722424] [ 25.722547] The buggy address belongs to the object at ffff888106195400 [ 25.722547] which belongs to the cache kmalloc-64 of size 64 [ 25.723107] The buggy address is located 0 bytes to the right of [ 25.723107] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.723829] [ 25.723903] The buggy address belongs to the physical page: [ 25.724068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.724642] flags: 0x200000000000000(node=0|zone=2) [ 25.725015] page_type: f5(slab) [ 25.725166] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.725601] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.725970] page dumped because: kasan: bad access detected [ 25.726316] [ 25.726484] Memory state around the buggy address: [ 25.727244] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.727490] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.727733] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.728020] ^ [ 25.728488] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.729119] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.730332] ================================================================== [ 26.029322] ================================================================== [ 26.029668] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 26.029991] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.030362] [ 26.030443] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.030501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.030516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.030537] Call Trace: [ 26.030551] <TASK> [ 26.030567] dump_stack_lvl+0x73/0xb0 [ 26.030594] print_report+0xd1/0x650 [ 26.030616] ? __virt_addr_valid+0x1db/0x2d0 [ 26.030640] ? kasan_atomics_helper+0xc70/0x5450 [ 26.030666] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.030692] ? kasan_atomics_helper+0xc70/0x5450 [ 26.030718] kasan_report+0x141/0x180 [ 26.030742] ? kasan_atomics_helper+0xc70/0x5450 [ 26.030772] kasan_check_range+0x10c/0x1c0 [ 26.030797] __kasan_check_write+0x18/0x20 [ 26.030821] kasan_atomics_helper+0xc70/0x5450 [ 26.030849] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.030875] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.030901] ? kasan_atomics+0x152/0x310 [ 26.030927] kasan_atomics+0x1dc/0x310 [ 26.030951] ? __pfx_kasan_atomics+0x10/0x10 [ 26.030974] ? trace_hardirqs_on+0x37/0xe0 [ 26.030997] ? __pfx_read_tsc+0x10/0x10 [ 26.031020] ? ktime_get_ts64+0x86/0x230 [ 26.031045] kunit_try_run_case+0x1a5/0x480 [ 26.031070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.031096] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.031119] ? __kthread_parkme+0x82/0x180 [ 26.031141] ? preempt_count_sub+0x50/0x80 [ 26.031165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.031388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.031427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.031467] kthread+0x337/0x6f0 [ 26.031489] ? trace_preempt_on+0x20/0xc0 [ 26.031513] ? __pfx_kthread+0x10/0x10 [ 26.031536] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.031562] ? calculate_sigpending+0x7b/0xa0 [ 26.031587] ? __pfx_kthread+0x10/0x10 [ 26.031611] ret_from_fork+0x116/0x1d0 [ 26.031632] ? __pfx_kthread+0x10/0x10 [ 26.031654] ret_from_fork_asm+0x1a/0x30 [ 26.031686] </TASK> [ 26.031698] [ 26.038950] Allocated by task 314: [ 26.039125] kasan_save_stack+0x45/0x70 [ 26.039385] kasan_save_track+0x18/0x40 [ 26.039571] kasan_save_alloc_info+0x3b/0x50 [ 26.039715] __kasan_kmalloc+0xb7/0xc0 [ 26.039844] __kmalloc_cache_noprof+0x189/0x420 [ 26.039994] kasan_atomics+0x95/0x310 [ 26.040120] kunit_try_run_case+0x1a5/0x480 [ 26.040311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.040571] kthread+0x337/0x6f0 [ 26.040740] ret_from_fork+0x116/0x1d0 [ 26.040922] ret_from_fork_asm+0x1a/0x30 [ 26.041113] [ 26.041208] The buggy address belongs to the object at ffff888106195400 [ 26.041208] which belongs to the cache kmalloc-64 of size 64 [ 26.041744] The buggy address is located 0 bytes to the right of [ 26.041744] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.042336] [ 26.042418] The buggy address belongs to the physical page: [ 26.042642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.042900] flags: 0x200000000000000(node=0|zone=2) [ 26.043059] page_type: f5(slab) [ 26.043194] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.043541] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.043876] page dumped because: kasan: bad access detected [ 26.044107] [ 26.044203] Memory state around the buggy address: [ 26.044366] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.044666] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.044958] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.045287] ^ [ 26.045482] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.045736] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.046021] ================================================================== [ 26.356828] ================================================================== [ 26.357071] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 26.357304] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.357540] [ 26.357620] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.357666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.357680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.357703] Call Trace: [ 26.357717] <TASK> [ 26.357732] dump_stack_lvl+0x73/0xb0 [ 26.357757] print_report+0xd1/0x650 [ 26.357780] ? __virt_addr_valid+0x1db/0x2d0 [ 26.357804] ? kasan_atomics_helper+0x1467/0x5450 [ 26.357829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.357864] ? kasan_atomics_helper+0x1467/0x5450 [ 26.357890] kasan_report+0x141/0x180 [ 26.357914] ? kasan_atomics_helper+0x1467/0x5450 [ 26.357944] kasan_check_range+0x10c/0x1c0 [ 26.357969] __kasan_check_write+0x18/0x20 [ 26.357994] kasan_atomics_helper+0x1467/0x5450 [ 26.358021] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.358048] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.358074] ? kasan_atomics+0x152/0x310 [ 26.358100] kasan_atomics+0x1dc/0x310 [ 26.358124] ? __pfx_kasan_atomics+0x10/0x10 [ 26.358147] ? trace_hardirqs_on+0x37/0xe0 [ 26.358170] ? __pfx_read_tsc+0x10/0x10 [ 26.358192] ? ktime_get_ts64+0x86/0x230 [ 26.358216] kunit_try_run_case+0x1a5/0x480 [ 26.358242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.358268] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.358291] ? __kthread_parkme+0x82/0x180 [ 26.358313] ? preempt_count_sub+0x50/0x80 [ 26.358338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.358363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.358407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.358433] kthread+0x337/0x6f0 [ 26.358465] ? trace_preempt_on+0x20/0xc0 [ 26.358490] ? __pfx_kthread+0x10/0x10 [ 26.358512] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.358538] ? calculate_sigpending+0x7b/0xa0 [ 26.358563] ? __pfx_kthread+0x10/0x10 [ 26.358587] ret_from_fork+0x116/0x1d0 [ 26.358607] ? __pfx_kthread+0x10/0x10 [ 26.358630] ret_from_fork_asm+0x1a/0x30 [ 26.358663] </TASK> [ 26.358675] [ 26.366373] Allocated by task 314: [ 26.366507] kasan_save_stack+0x45/0x70 [ 26.366648] kasan_save_track+0x18/0x40 [ 26.366778] kasan_save_alloc_info+0x3b/0x50 [ 26.366920] __kasan_kmalloc+0xb7/0xc0 [ 26.367051] __kmalloc_cache_noprof+0x189/0x420 [ 26.367201] kasan_atomics+0x95/0x310 [ 26.367327] kunit_try_run_case+0x1a5/0x480 [ 26.367486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.367735] kthread+0x337/0x6f0 [ 26.367901] ret_from_fork+0x116/0x1d0 [ 26.368085] ret_from_fork_asm+0x1a/0x30 [ 26.368279] [ 26.368370] The buggy address belongs to the object at ffff888106195400 [ 26.368370] which belongs to the cache kmalloc-64 of size 64 [ 26.369002] The buggy address is located 0 bytes to the right of [ 26.369002] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.369897] [ 26.370008] The buggy address belongs to the physical page: [ 26.370176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.370411] flags: 0x200000000000000(node=0|zone=2) [ 26.370578] page_type: f5(slab) [ 26.370692] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.370920] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.371326] page dumped because: kasan: bad access detected [ 26.371582] [ 26.371672] Memory state around the buggy address: [ 26.371888] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.372197] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.372517] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.372831] ^ [ 26.373047] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.373366] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.373588] ================================================================== [ 26.624089] ================================================================== [ 26.624446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 26.624724] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.625052] [ 26.625153] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.625218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.625233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.625255] Call Trace: [ 26.625269] <TASK> [ 26.625286] dump_stack_lvl+0x73/0xb0 [ 26.625312] print_report+0xd1/0x650 [ 26.625335] ? __virt_addr_valid+0x1db/0x2d0 [ 26.625359] ? kasan_atomics_helper+0x1c18/0x5450 [ 26.625385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.625411] ? kasan_atomics_helper+0x1c18/0x5450 [ 26.625437] kasan_report+0x141/0x180 [ 26.625469] ? kasan_atomics_helper+0x1c18/0x5450 [ 26.625500] kasan_check_range+0x10c/0x1c0 [ 26.625525] __kasan_check_write+0x18/0x20 [ 26.625549] kasan_atomics_helper+0x1c18/0x5450 [ 26.625576] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.625602] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.625628] ? kasan_atomics+0x152/0x310 [ 26.625654] kasan_atomics+0x1dc/0x310 [ 26.625677] ? __pfx_kasan_atomics+0x10/0x10 [ 26.625700] ? trace_hardirqs_on+0x37/0xe0 [ 26.625723] ? __pfx_read_tsc+0x10/0x10 [ 26.625745] ? ktime_get_ts64+0x86/0x230 [ 26.625770] kunit_try_run_case+0x1a5/0x480 [ 26.625794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.625821] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.625852] ? __kthread_parkme+0x82/0x180 [ 26.625873] ? preempt_count_sub+0x50/0x80 [ 26.625897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.625923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.625947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.625974] kthread+0x337/0x6f0 [ 26.625995] ? trace_preempt_on+0x20/0xc0 [ 26.626018] ? __pfx_kthread+0x10/0x10 [ 26.626040] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.626065] ? calculate_sigpending+0x7b/0xa0 [ 26.626090] ? __pfx_kthread+0x10/0x10 [ 26.626113] ret_from_fork+0x116/0x1d0 [ 26.626133] ? __pfx_kthread+0x10/0x10 [ 26.626156] ret_from_fork_asm+0x1a/0x30 [ 26.626208] </TASK> [ 26.626220] [ 26.633128] Allocated by task 314: [ 26.633275] kasan_save_stack+0x45/0x70 [ 26.633419] kasan_save_track+0x18/0x40 [ 26.633557] kasan_save_alloc_info+0x3b/0x50 [ 26.633724] __kasan_kmalloc+0xb7/0xc0 [ 26.633916] __kmalloc_cache_noprof+0x189/0x420 [ 26.634126] kasan_atomics+0x95/0x310 [ 26.634335] kunit_try_run_case+0x1a5/0x480 [ 26.634547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.634788] kthread+0x337/0x6f0 [ 26.634954] ret_from_fork+0x116/0x1d0 [ 26.635142] ret_from_fork_asm+0x1a/0x30 [ 26.635351] [ 26.635442] The buggy address belongs to the object at ffff888106195400 [ 26.635442] which belongs to the cache kmalloc-64 of size 64 [ 26.635961] The buggy address is located 0 bytes to the right of [ 26.635961] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.636350] [ 26.636443] The buggy address belongs to the physical page: [ 26.636702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.637033] flags: 0x200000000000000(node=0|zone=2) [ 26.637261] page_type: f5(slab) [ 26.637411] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.637704] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.638009] page dumped because: kasan: bad access detected [ 26.638274] [ 26.638355] Memory state around the buggy address: [ 26.638559] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.638831] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.639101] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.639402] ^ [ 26.639605] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.639879] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.640165] ================================================================== [ 26.693586] ================================================================== [ 26.693929] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 26.694424] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.694788] [ 26.694895] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.694942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.694956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.694978] Call Trace: [ 26.695012] <TASK> [ 26.695028] dump_stack_lvl+0x73/0xb0 [ 26.695070] print_report+0xd1/0x650 [ 26.695107] ? __virt_addr_valid+0x1db/0x2d0 [ 26.695157] ? kasan_atomics_helper+0x1e12/0x5450 [ 26.695223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.695250] ? kasan_atomics_helper+0x1e12/0x5450 [ 26.695277] kasan_report+0x141/0x180 [ 26.695300] ? kasan_atomics_helper+0x1e12/0x5450 [ 26.695331] kasan_check_range+0x10c/0x1c0 [ 26.695356] __kasan_check_write+0x18/0x20 [ 26.695380] kasan_atomics_helper+0x1e12/0x5450 [ 26.695407] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.695434] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.695467] ? kasan_atomics+0x152/0x310 [ 26.695495] kasan_atomics+0x1dc/0x310 [ 26.695517] ? __pfx_kasan_atomics+0x10/0x10 [ 26.695541] ? trace_hardirqs_on+0x37/0xe0 [ 26.695563] ? __pfx_read_tsc+0x10/0x10 [ 26.695587] ? ktime_get_ts64+0x86/0x230 [ 26.695612] kunit_try_run_case+0x1a5/0x480 [ 26.695638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.695665] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.695688] ? __kthread_parkme+0x82/0x180 [ 26.695709] ? preempt_count_sub+0x50/0x80 [ 26.695733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.695759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.695783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.695809] kthread+0x337/0x6f0 [ 26.695830] ? trace_preempt_on+0x20/0xc0 [ 26.695872] ? __pfx_kthread+0x10/0x10 [ 26.695895] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.695920] ? calculate_sigpending+0x7b/0xa0 [ 26.695945] ? __pfx_kthread+0x10/0x10 [ 26.695968] ret_from_fork+0x116/0x1d0 [ 26.695988] ? __pfx_kthread+0x10/0x10 [ 26.696010] ret_from_fork_asm+0x1a/0x30 [ 26.696042] </TASK> [ 26.696055] [ 26.703366] Allocated by task 314: [ 26.703514] kasan_save_stack+0x45/0x70 [ 26.703712] kasan_save_track+0x18/0x40 [ 26.703897] kasan_save_alloc_info+0x3b/0x50 [ 26.704064] __kasan_kmalloc+0xb7/0xc0 [ 26.704220] __kmalloc_cache_noprof+0x189/0x420 [ 26.704371] kasan_atomics+0x95/0x310 [ 26.704560] kunit_try_run_case+0x1a5/0x480 [ 26.704785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.705036] kthread+0x337/0x6f0 [ 26.705247] ret_from_fork+0x116/0x1d0 [ 26.705429] ret_from_fork_asm+0x1a/0x30 [ 26.705638] [ 26.705718] The buggy address belongs to the object at ffff888106195400 [ 26.705718] which belongs to the cache kmalloc-64 of size 64 [ 26.706217] The buggy address is located 0 bytes to the right of [ 26.706217] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.706729] [ 26.706820] The buggy address belongs to the physical page: [ 26.707061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.707416] flags: 0x200000000000000(node=0|zone=2) [ 26.707654] page_type: f5(slab) [ 26.707803] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.708091] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.708479] page dumped because: kasan: bad access detected [ 26.708721] [ 26.708834] Memory state around the buggy address: [ 26.709096] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.709506] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.709819] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.710144] ^ [ 26.710389] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.710709] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.711013] ================================================================== [ 26.436898] ================================================================== [ 26.437351] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 26.437951] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.438550] [ 26.438878] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.439014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.439033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.439056] Call Trace: [ 26.439074] <TASK> [ 26.439092] dump_stack_lvl+0x73/0xb0 [ 26.439122] print_report+0xd1/0x650 [ 26.439146] ? __virt_addr_valid+0x1db/0x2d0 [ 26.439170] ? kasan_atomics_helper+0x164f/0x5450 [ 26.439196] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.439223] ? kasan_atomics_helper+0x164f/0x5450 [ 26.439250] kasan_report+0x141/0x180 [ 26.439272] ? kasan_atomics_helper+0x164f/0x5450 [ 26.439303] kasan_check_range+0x10c/0x1c0 [ 26.439327] __kasan_check_write+0x18/0x20 [ 26.439352] kasan_atomics_helper+0x164f/0x5450 [ 26.439379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.439406] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.439432] ? kasan_atomics+0x152/0x310 [ 26.439471] kasan_atomics+0x1dc/0x310 [ 26.439495] ? __pfx_kasan_atomics+0x10/0x10 [ 26.439518] ? trace_hardirqs_on+0x37/0xe0 [ 26.439542] ? __pfx_read_tsc+0x10/0x10 [ 26.439564] ? ktime_get_ts64+0x86/0x230 [ 26.439590] kunit_try_run_case+0x1a5/0x480 [ 26.439615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.439641] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.439664] ? __kthread_parkme+0x82/0x180 [ 26.439687] ? preempt_count_sub+0x50/0x80 [ 26.439711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.439737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.439762] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.439788] kthread+0x337/0x6f0 [ 26.439809] ? trace_preempt_on+0x20/0xc0 [ 26.439832] ? __pfx_kthread+0x10/0x10 [ 26.439854] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.439879] ? calculate_sigpending+0x7b/0xa0 [ 26.439904] ? __pfx_kthread+0x10/0x10 [ 26.439927] ret_from_fork+0x116/0x1d0 [ 26.439948] ? __pfx_kthread+0x10/0x10 [ 26.439970] ret_from_fork_asm+0x1a/0x30 [ 26.440002] </TASK> [ 26.440015] [ 26.450511] Allocated by task 314: [ 26.450754] kasan_save_stack+0x45/0x70 [ 26.450956] kasan_save_track+0x18/0x40 [ 26.451093] kasan_save_alloc_info+0x3b/0x50 [ 26.451298] __kasan_kmalloc+0xb7/0xc0 [ 26.451490] __kmalloc_cache_noprof+0x189/0x420 [ 26.451668] kasan_atomics+0x95/0x310 [ 26.451832] kunit_try_run_case+0x1a5/0x480 [ 26.452018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.452655] kthread+0x337/0x6f0 [ 26.452813] ret_from_fork+0x116/0x1d0 [ 26.452945] ret_from_fork_asm+0x1a/0x30 [ 26.453302] [ 26.453394] The buggy address belongs to the object at ffff888106195400 [ 26.453394] which belongs to the cache kmalloc-64 of size 64 [ 26.454110] The buggy address is located 0 bytes to the right of [ 26.454110] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.454739] [ 26.454967] The buggy address belongs to the physical page: [ 26.455266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.455619] flags: 0x200000000000000(node=0|zone=2) [ 26.455891] page_type: f5(slab) [ 26.456056] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.456585] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.456987] page dumped because: kasan: bad access detected [ 26.457192] [ 26.457473] Memory state around the buggy address: [ 26.457800] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.458099] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.458497] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.458902] ^ [ 26.459218] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.459521] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.459935] ================================================================== [ 25.567717] ================================================================== [ 25.568876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 25.569338] Read of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.569590] [ 25.569983] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.570039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.570053] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.570078] Call Trace: [ 25.570092] <TASK> [ 25.570109] dump_stack_lvl+0x73/0xb0 [ 25.570296] print_report+0xd1/0x650 [ 25.570332] ? __virt_addr_valid+0x1db/0x2d0 [ 25.570357] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.570383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.570409] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.570434] kasan_report+0x141/0x180 [ 25.570472] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.570504] __asan_report_load4_noabort+0x18/0x20 [ 25.570529] kasan_atomics_helper+0x4bbc/0x5450 [ 25.570555] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.570581] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.570605] ? kasan_atomics+0x152/0x310 [ 25.570631] kasan_atomics+0x1dc/0x310 [ 25.570654] ? __pfx_kasan_atomics+0x10/0x10 [ 25.570676] ? trace_hardirqs_on+0x37/0xe0 [ 25.570699] ? __pfx_read_tsc+0x10/0x10 [ 25.570721] ? ktime_get_ts64+0x86/0x230 [ 25.570746] kunit_try_run_case+0x1a5/0x480 [ 25.570772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.570797] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.570821] ? __kthread_parkme+0x82/0x180 [ 25.570842] ? preempt_count_sub+0x50/0x80 [ 25.570866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.570891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.570915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.570939] kthread+0x337/0x6f0 [ 25.570960] ? trace_preempt_on+0x20/0xc0 [ 25.570982] ? __pfx_kthread+0x10/0x10 [ 25.571003] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.571027] ? calculate_sigpending+0x7b/0xa0 [ 25.571052] ? __pfx_kthread+0x10/0x10 [ 25.571074] ret_from_fork+0x116/0x1d0 [ 25.571093] ? __pfx_kthread+0x10/0x10 [ 25.571114] ret_from_fork_asm+0x1a/0x30 [ 25.571146] </TASK> [ 25.571158] [ 25.582758] Allocated by task 314: [ 25.583117] kasan_save_stack+0x45/0x70 [ 25.583546] kasan_save_track+0x18/0x40 [ 25.583824] kasan_save_alloc_info+0x3b/0x50 [ 25.583998] __kasan_kmalloc+0xb7/0xc0 [ 25.584203] __kmalloc_cache_noprof+0x189/0x420 [ 25.584675] kasan_atomics+0x95/0x310 [ 25.584822] kunit_try_run_case+0x1a5/0x480 [ 25.585030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.585583] kthread+0x337/0x6f0 [ 25.585751] ret_from_fork+0x116/0x1d0 [ 25.585963] ret_from_fork_asm+0x1a/0x30 [ 25.586595] [ 25.586675] The buggy address belongs to the object at ffff888106195400 [ 25.586675] which belongs to the cache kmalloc-64 of size 64 [ 25.587622] The buggy address is located 0 bytes to the right of [ 25.587622] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.588146] [ 25.588525] The buggy address belongs to the physical page: [ 25.588862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.589364] flags: 0x200000000000000(node=0|zone=2) [ 25.589615] page_type: f5(slab) [ 25.589765] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.590093] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.590406] page dumped because: kasan: bad access detected [ 25.590644] [ 25.590720] Memory state around the buggy address: [ 25.590925] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.591226] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.591751] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.592037] ^ [ 25.592335] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.592610] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.592958] ================================================================== [ 26.119394] ================================================================== [ 26.119751] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 26.120097] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.120784] [ 26.120886] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.120936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.120951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.120974] Call Trace: [ 26.120990] <TASK> [ 26.121007] dump_stack_lvl+0x73/0xb0 [ 26.121035] print_report+0xd1/0x650 [ 26.121059] ? __virt_addr_valid+0x1db/0x2d0 [ 26.121084] ? kasan_atomics_helper+0xf10/0x5450 [ 26.121111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.121139] ? kasan_atomics_helper+0xf10/0x5450 [ 26.121167] kasan_report+0x141/0x180 [ 26.121192] ? kasan_atomics_helper+0xf10/0x5450 [ 26.121410] kasan_check_range+0x10c/0x1c0 [ 26.121438] __kasan_check_write+0x18/0x20 [ 26.121479] kasan_atomics_helper+0xf10/0x5450 [ 26.121508] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.121536] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.121563] ? kasan_atomics+0x152/0x310 [ 26.121592] kasan_atomics+0x1dc/0x310 [ 26.121617] ? __pfx_kasan_atomics+0x10/0x10 [ 26.121641] ? trace_hardirqs_on+0x37/0xe0 [ 26.121665] ? __pfx_read_tsc+0x10/0x10 [ 26.121689] ? ktime_get_ts64+0x86/0x230 [ 26.121716] kunit_try_run_case+0x1a5/0x480 [ 26.121743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.121771] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.121796] ? __kthread_parkme+0x82/0x180 [ 26.121819] ? preempt_count_sub+0x50/0x80 [ 26.121852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.121880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.121907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.121935] kthread+0x337/0x6f0 [ 26.121957] ? trace_preempt_on+0x20/0xc0 [ 26.121981] ? __pfx_kthread+0x10/0x10 [ 26.122004] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.122032] ? calculate_sigpending+0x7b/0xa0 [ 26.122058] ? __pfx_kthread+0x10/0x10 [ 26.122083] ret_from_fork+0x116/0x1d0 [ 26.122104] ? __pfx_kthread+0x10/0x10 [ 26.122127] ret_from_fork_asm+0x1a/0x30 [ 26.122161] </TASK> [ 26.122175] [ 26.134418] Allocated by task 314: [ 26.134782] kasan_save_stack+0x45/0x70 [ 26.135170] kasan_save_track+0x18/0x40 [ 26.135632] kasan_save_alloc_info+0x3b/0x50 [ 26.136030] __kasan_kmalloc+0xb7/0xc0 [ 26.136385] __kmalloc_cache_noprof+0x189/0x420 [ 26.136793] kasan_atomics+0x95/0x310 [ 26.137126] kunit_try_run_case+0x1a5/0x480 [ 26.137564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.138169] kthread+0x337/0x6f0 [ 26.138508] ret_from_fork+0x116/0x1d0 [ 26.138867] ret_from_fork_asm+0x1a/0x30 [ 26.139225] [ 26.139379] The buggy address belongs to the object at ffff888106195400 [ 26.139379] which belongs to the cache kmalloc-64 of size 64 [ 26.139770] The buggy address is located 0 bytes to the right of [ 26.139770] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.140121] [ 26.140189] The buggy address belongs to the physical page: [ 26.140395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.140660] flags: 0x200000000000000(node=0|zone=2) [ 26.140875] page_type: f5(slab) [ 26.141032] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.141295] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.141651] page dumped because: kasan: bad access detected [ 26.141892] [ 26.141963] Memory state around the buggy address: [ 26.142180] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.142453] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.142704] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.143016] ^ [ 26.143187] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.143467] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.143692] ================================================================== [ 26.755771] ================================================================== [ 26.756673] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 26.757643] Read of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.758622] [ 26.758893] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.758947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.758963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.758994] Call Trace: [ 26.759014] <TASK> [ 26.759031] dump_stack_lvl+0x73/0xb0 [ 26.759061] print_report+0xd1/0x650 [ 26.759085] ? __virt_addr_valid+0x1db/0x2d0 [ 26.759110] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.759137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.759164] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.759190] kasan_report+0x141/0x180 [ 26.759214] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.759245] __asan_report_load8_noabort+0x18/0x20 [ 26.759271] kasan_atomics_helper+0x4f71/0x5450 [ 26.759298] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.759324] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.759350] ? kasan_atomics+0x152/0x310 [ 26.759377] kasan_atomics+0x1dc/0x310 [ 26.759401] ? __pfx_kasan_atomics+0x10/0x10 [ 26.759423] ? trace_hardirqs_on+0x37/0xe0 [ 26.759446] ? __pfx_read_tsc+0x10/0x10 [ 26.759478] ? ktime_get_ts64+0x86/0x230 [ 26.759503] kunit_try_run_case+0x1a5/0x480 [ 26.759530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.759556] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.759580] ? __kthread_parkme+0x82/0x180 [ 26.759602] ? preempt_count_sub+0x50/0x80 [ 26.759627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.759653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.759678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.759703] kthread+0x337/0x6f0 [ 26.759724] ? trace_preempt_on+0x20/0xc0 [ 26.759747] ? __pfx_kthread+0x10/0x10 [ 26.759769] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.759794] ? calculate_sigpending+0x7b/0xa0 [ 26.759820] ? __pfx_kthread+0x10/0x10 [ 26.759843] ret_from_fork+0x116/0x1d0 [ 26.759863] ? __pfx_kthread+0x10/0x10 [ 26.759885] ret_from_fork_asm+0x1a/0x30 [ 26.759918] </TASK> [ 26.759929] [ 26.772716] Allocated by task 314: [ 26.772847] kasan_save_stack+0x45/0x70 [ 26.772991] kasan_save_track+0x18/0x40 [ 26.773122] kasan_save_alloc_info+0x3b/0x50 [ 26.773291] __kasan_kmalloc+0xb7/0xc0 [ 26.773420] __kmalloc_cache_noprof+0x189/0x420 [ 26.773606] kasan_atomics+0x95/0x310 [ 26.773794] kunit_try_run_case+0x1a5/0x480 [ 26.774005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.774318] kthread+0x337/0x6f0 [ 26.774467] ret_from_fork+0x116/0x1d0 [ 26.774596] ret_from_fork_asm+0x1a/0x30 [ 26.774760] [ 26.774852] The buggy address belongs to the object at ffff888106195400 [ 26.774852] which belongs to the cache kmalloc-64 of size 64 [ 26.775463] The buggy address is located 0 bytes to the right of [ 26.775463] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.775947] [ 26.776039] The buggy address belongs to the physical page: [ 26.776282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.776529] flags: 0x200000000000000(node=0|zone=2) [ 26.776688] page_type: f5(slab) [ 26.776845] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.777174] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.777532] page dumped because: kasan: bad access detected [ 26.777697] [ 26.777760] Memory state around the buggy address: [ 26.778021] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.778419] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.778746] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.779026] ^ [ 26.779225] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.779546] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.779794] ================================================================== [ 26.797205] ================================================================== [ 26.797644] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 26.797888] Read of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.798109] [ 26.798202] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.798248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.798261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.798282] Call Trace: [ 26.798295] <TASK> [ 26.798311] dump_stack_lvl+0x73/0xb0 [ 26.798336] print_report+0xd1/0x650 [ 26.798359] ? __virt_addr_valid+0x1db/0x2d0 [ 26.798383] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.798408] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.798445] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.798483] kasan_report+0x141/0x180 [ 26.798505] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.798537] __asan_report_load8_noabort+0x18/0x20 [ 26.798562] kasan_atomics_helper+0x4f98/0x5450 [ 26.798590] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.798617] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.798642] ? kasan_atomics+0x152/0x310 [ 26.798669] kasan_atomics+0x1dc/0x310 [ 26.798693] ? __pfx_kasan_atomics+0x10/0x10 [ 26.798716] ? trace_hardirqs_on+0x37/0xe0 [ 26.798742] ? __pfx_read_tsc+0x10/0x10 [ 26.798767] ? ktime_get_ts64+0x86/0x230 [ 26.798792] kunit_try_run_case+0x1a5/0x480 [ 26.798818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.798844] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.798867] ? __kthread_parkme+0x82/0x180 [ 26.798889] ? preempt_count_sub+0x50/0x80 [ 26.798913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.798939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.798964] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.798989] kthread+0x337/0x6f0 [ 26.799009] ? trace_preempt_on+0x20/0xc0 [ 26.799033] ? __pfx_kthread+0x10/0x10 [ 26.799055] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.799080] ? calculate_sigpending+0x7b/0xa0 [ 26.799104] ? __pfx_kthread+0x10/0x10 [ 26.799128] ret_from_fork+0x116/0x1d0 [ 26.799148] ? __pfx_kthread+0x10/0x10 [ 26.799171] ret_from_fork_asm+0x1a/0x30 [ 26.799202] </TASK> [ 26.799213] [ 26.806297] Allocated by task 314: [ 26.806476] kasan_save_stack+0x45/0x70 [ 26.806641] kasan_save_track+0x18/0x40 [ 26.806824] kasan_save_alloc_info+0x3b/0x50 [ 26.806999] __kasan_kmalloc+0xb7/0xc0 [ 26.807187] __kmalloc_cache_noprof+0x189/0x420 [ 26.807368] kasan_atomics+0x95/0x310 [ 26.807550] kunit_try_run_case+0x1a5/0x480 [ 26.807751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.807952] kthread+0x337/0x6f0 [ 26.808117] ret_from_fork+0x116/0x1d0 [ 26.808308] ret_from_fork_asm+0x1a/0x30 [ 26.808497] [ 26.808574] The buggy address belongs to the object at ffff888106195400 [ 26.808574] which belongs to the cache kmalloc-64 of size 64 [ 26.809005] The buggy address is located 0 bytes to the right of [ 26.809005] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.809469] [ 26.809535] The buggy address belongs to the physical page: [ 26.809701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.809941] flags: 0x200000000000000(node=0|zone=2) [ 26.810096] page_type: f5(slab) [ 26.810212] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.810437] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.810696] page dumped because: kasan: bad access detected [ 26.810942] [ 26.811041] Memory state around the buggy address: [ 26.811344] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.811670] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.811980] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.812422] ^ [ 26.812654] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.812964] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.813372] ================================================================== [ 25.909847] ================================================================== [ 25.910091] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 25.910539] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.910869] [ 25.910972] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.911018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.911032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.911067] Call Trace: [ 25.911084] <TASK> [ 25.911101] dump_stack_lvl+0x73/0xb0 [ 25.911128] print_report+0xd1/0x650 [ 25.911151] ? __virt_addr_valid+0x1db/0x2d0 [ 25.911174] ? kasan_atomics_helper+0x8f9/0x5450 [ 25.911200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.911227] ? kasan_atomics_helper+0x8f9/0x5450 [ 25.911253] kasan_report+0x141/0x180 [ 25.911275] ? kasan_atomics_helper+0x8f9/0x5450 [ 25.911306] kasan_check_range+0x10c/0x1c0 [ 25.911331] __kasan_check_write+0x18/0x20 [ 25.911355] kasan_atomics_helper+0x8f9/0x5450 [ 25.911382] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.911408] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.911433] ? kasan_atomics+0x152/0x310 [ 25.911471] kasan_atomics+0x1dc/0x310 [ 25.911496] ? __pfx_kasan_atomics+0x10/0x10 [ 25.911519] ? trace_hardirqs_on+0x37/0xe0 [ 25.911541] ? __pfx_read_tsc+0x10/0x10 [ 25.911564] ? ktime_get_ts64+0x86/0x230 [ 25.911588] kunit_try_run_case+0x1a5/0x480 [ 25.911614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.911640] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.911664] ? __kthread_parkme+0x82/0x180 [ 25.911687] ? preempt_count_sub+0x50/0x80 [ 25.911711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.911738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.911764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.911793] kthread+0x337/0x6f0 [ 25.911814] ? trace_preempt_on+0x20/0xc0 [ 25.911838] ? __pfx_kthread+0x10/0x10 [ 25.911860] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.911886] ? calculate_sigpending+0x7b/0xa0 [ 25.911911] ? __pfx_kthread+0x10/0x10 [ 25.911933] ret_from_fork+0x116/0x1d0 [ 25.911953] ? __pfx_kthread+0x10/0x10 [ 25.911976] ret_from_fork_asm+0x1a/0x30 [ 25.912009] </TASK> [ 25.912034] [ 25.921168] Allocated by task 314: [ 25.921356] kasan_save_stack+0x45/0x70 [ 25.921568] kasan_save_track+0x18/0x40 [ 25.921740] kasan_save_alloc_info+0x3b/0x50 [ 25.921932] __kasan_kmalloc+0xb7/0xc0 [ 25.922106] __kmalloc_cache_noprof+0x189/0x420 [ 25.922288] kasan_atomics+0x95/0x310 [ 25.923083] kunit_try_run_case+0x1a5/0x480 [ 25.924123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.924413] kthread+0x337/0x6f0 [ 25.924597] ret_from_fork+0x116/0x1d0 [ 25.924784] ret_from_fork_asm+0x1a/0x30 [ 25.924958] [ 25.925064] The buggy address belongs to the object at ffff888106195400 [ 25.925064] which belongs to the cache kmalloc-64 of size 64 [ 25.925576] The buggy address is located 0 bytes to the right of [ 25.925576] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.926092] [ 25.926235] The buggy address belongs to the physical page: [ 25.926482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.926790] flags: 0x200000000000000(node=0|zone=2) [ 25.927654] page_type: f5(slab) [ 25.927786] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.928009] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.928704] page dumped because: kasan: bad access detected [ 25.929509] [ 25.929957] Memory state around the buggy address: [ 25.930781] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.931951] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.933125] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.933630] ^ [ 25.933792] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.934011] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.934679] ================================================================== [ 25.863226] ================================================================== [ 25.863817] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 25.864468] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.865387] [ 25.865644] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.865699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.865816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.865845] Call Trace: [ 25.865859] <TASK> [ 25.865876] dump_stack_lvl+0x73/0xb0 [ 25.865908] print_report+0xd1/0x650 [ 25.865932] ? __virt_addr_valid+0x1db/0x2d0 [ 25.865965] ? kasan_atomics_helper+0x7c7/0x5450 [ 25.865991] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.866017] ? kasan_atomics_helper+0x7c7/0x5450 [ 25.866043] kasan_report+0x141/0x180 [ 25.866067] ? kasan_atomics_helper+0x7c7/0x5450 [ 25.866098] kasan_check_range+0x10c/0x1c0 [ 25.866123] __kasan_check_write+0x18/0x20 [ 25.866148] kasan_atomics_helper+0x7c7/0x5450 [ 25.866174] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.866201] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.866227] ? kasan_atomics+0x152/0x310 [ 25.866253] kasan_atomics+0x1dc/0x310 [ 25.866277] ? __pfx_kasan_atomics+0x10/0x10 [ 25.866300] ? trace_hardirqs_on+0x37/0xe0 [ 25.866323] ? __pfx_read_tsc+0x10/0x10 [ 25.866345] ? ktime_get_ts64+0x86/0x230 [ 25.866399] kunit_try_run_case+0x1a5/0x480 [ 25.866437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.866484] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.866507] ? __kthread_parkme+0x82/0x180 [ 25.866529] ? preempt_count_sub+0x50/0x80 [ 25.866554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.866580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.866605] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.866631] kthread+0x337/0x6f0 [ 25.866653] ? trace_preempt_on+0x20/0xc0 [ 25.866676] ? __pfx_kthread+0x10/0x10 [ 25.866699] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.866724] ? calculate_sigpending+0x7b/0xa0 [ 25.866750] ? __pfx_kthread+0x10/0x10 [ 25.866773] ret_from_fork+0x116/0x1d0 [ 25.866794] ? __pfx_kthread+0x10/0x10 [ 25.866816] ret_from_fork_asm+0x1a/0x30 [ 25.866848] </TASK> [ 25.866862] [ 25.878015] Allocated by task 314: [ 25.878151] kasan_save_stack+0x45/0x70 [ 25.878797] kasan_save_track+0x18/0x40 [ 25.878994] kasan_save_alloc_info+0x3b/0x50 [ 25.879146] __kasan_kmalloc+0xb7/0xc0 [ 25.879279] __kmalloc_cache_noprof+0x189/0x420 [ 25.879429] kasan_atomics+0x95/0x310 [ 25.879568] kunit_try_run_case+0x1a5/0x480 [ 25.879709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.879882] kthread+0x337/0x6f0 [ 25.880003] ret_from_fork+0x116/0x1d0 [ 25.880131] ret_from_fork_asm+0x1a/0x30 [ 25.880265] [ 25.880333] The buggy address belongs to the object at ffff888106195400 [ 25.880333] which belongs to the cache kmalloc-64 of size 64 [ 25.881162] The buggy address is located 0 bytes to the right of [ 25.881162] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.882221] [ 25.882508] The buggy address belongs to the physical page: [ 25.883027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.883890] flags: 0x200000000000000(node=0|zone=2) [ 25.884548] page_type: f5(slab) [ 25.885043] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.885698] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.886149] page dumped because: kasan: bad access detected [ 25.886642] [ 25.886739] Memory state around the buggy address: [ 25.887073] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.887651] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.887963] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.888443] ^ [ 25.888797] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.889083] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.889786] ================================================================== [ 26.555950] ================================================================== [ 26.556426] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 26.556885] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.557177] [ 26.557287] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.557335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.557349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.557372] Call Trace: [ 26.557388] <TASK> [ 26.557406] dump_stack_lvl+0x73/0xb0 [ 26.557451] print_report+0xd1/0x650 [ 26.557488] ? __virt_addr_valid+0x1db/0x2d0 [ 26.557511] ? kasan_atomics_helper+0x194a/0x5450 [ 26.557537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.557563] ? kasan_atomics_helper+0x194a/0x5450 [ 26.557589] kasan_report+0x141/0x180 [ 26.557612] ? kasan_atomics_helper+0x194a/0x5450 [ 26.557642] kasan_check_range+0x10c/0x1c0 [ 26.557667] __kasan_check_write+0x18/0x20 [ 26.557691] kasan_atomics_helper+0x194a/0x5450 [ 26.557718] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.557745] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.557770] ? kasan_atomics+0x152/0x310 [ 26.557796] kasan_atomics+0x1dc/0x310 [ 26.557820] ? __pfx_kasan_atomics+0x10/0x10 [ 26.557851] ? trace_hardirqs_on+0x37/0xe0 [ 26.557875] ? __pfx_read_tsc+0x10/0x10 [ 26.557898] ? ktime_get_ts64+0x86/0x230 [ 26.557923] kunit_try_run_case+0x1a5/0x480 [ 26.557949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.557974] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.557998] ? __kthread_parkme+0x82/0x180 [ 26.558020] ? preempt_count_sub+0x50/0x80 [ 26.558044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.558070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.558096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.558121] kthread+0x337/0x6f0 [ 26.558142] ? trace_preempt_on+0x20/0xc0 [ 26.558166] ? __pfx_kthread+0x10/0x10 [ 26.558188] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.558226] ? calculate_sigpending+0x7b/0xa0 [ 26.558251] ? __pfx_kthread+0x10/0x10 [ 26.558274] ret_from_fork+0x116/0x1d0 [ 26.558294] ? __pfx_kthread+0x10/0x10 [ 26.558317] ret_from_fork_asm+0x1a/0x30 [ 26.558349] </TASK> [ 26.558361] [ 26.565662] Allocated by task 314: [ 26.565834] kasan_save_stack+0x45/0x70 [ 26.566036] kasan_save_track+0x18/0x40 [ 26.566235] kasan_save_alloc_info+0x3b/0x50 [ 26.566407] __kasan_kmalloc+0xb7/0xc0 [ 26.566597] __kmalloc_cache_noprof+0x189/0x420 [ 26.566789] kasan_atomics+0x95/0x310 [ 26.566932] kunit_try_run_case+0x1a5/0x480 [ 26.567137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.567340] kthread+0x337/0x6f0 [ 26.567463] ret_from_fork+0x116/0x1d0 [ 26.567594] ret_from_fork_asm+0x1a/0x30 [ 26.567780] [ 26.567870] The buggy address belongs to the object at ffff888106195400 [ 26.567870] which belongs to the cache kmalloc-64 of size 64 [ 26.568394] The buggy address is located 0 bytes to the right of [ 26.568394] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.568762] [ 26.568829] The buggy address belongs to the physical page: [ 26.568996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.569567] flags: 0x200000000000000(node=0|zone=2) [ 26.569797] page_type: f5(slab) [ 26.569961] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.570247] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.570479] page dumped because: kasan: bad access detected [ 26.570646] [ 26.570711] Memory state around the buggy address: [ 26.570859] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.571194] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.571541] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.571867] ^ [ 26.572094] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.572636] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.572893] ================================================================== [ 26.408318] ================================================================== [ 26.408667] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 26.409010] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.409607] [ 26.409721] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.409767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.409781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.409802] Call Trace: [ 26.409820] <TASK> [ 26.409835] dump_stack_lvl+0x73/0xb0 [ 26.409867] print_report+0xd1/0x650 [ 26.409889] ? __virt_addr_valid+0x1db/0x2d0 [ 26.409913] ? kasan_atomics_helper+0x15b6/0x5450 [ 26.409939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.409967] ? kasan_atomics_helper+0x15b6/0x5450 [ 26.409994] kasan_report+0x141/0x180 [ 26.410017] ? kasan_atomics_helper+0x15b6/0x5450 [ 26.410048] kasan_check_range+0x10c/0x1c0 [ 26.410073] __kasan_check_write+0x18/0x20 [ 26.410098] kasan_atomics_helper+0x15b6/0x5450 [ 26.410126] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.410153] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.410179] ? kasan_atomics+0x152/0x310 [ 26.410220] kasan_atomics+0x1dc/0x310 [ 26.410244] ? __pfx_kasan_atomics+0x10/0x10 [ 26.410267] ? trace_hardirqs_on+0x37/0xe0 [ 26.410291] ? __pfx_read_tsc+0x10/0x10 [ 26.410314] ? ktime_get_ts64+0x86/0x230 [ 26.410339] kunit_try_run_case+0x1a5/0x480 [ 26.410366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.410392] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.410416] ? __kthread_parkme+0x82/0x180 [ 26.410440] ? preempt_count_sub+0x50/0x80 [ 26.410517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.410544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.410589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.410615] kthread+0x337/0x6f0 [ 26.410637] ? trace_preempt_on+0x20/0xc0 [ 26.410660] ? __pfx_kthread+0x10/0x10 [ 26.410683] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.410709] ? calculate_sigpending+0x7b/0xa0 [ 26.410735] ? __pfx_kthread+0x10/0x10 [ 26.410758] ret_from_fork+0x116/0x1d0 [ 26.410778] ? __pfx_kthread+0x10/0x10 [ 26.410801] ret_from_fork_asm+0x1a/0x30 [ 26.410833] </TASK> [ 26.410863] [ 26.424265] Allocated by task 314: [ 26.424656] kasan_save_stack+0x45/0x70 [ 26.425029] kasan_save_track+0x18/0x40 [ 26.425410] kasan_save_alloc_info+0x3b/0x50 [ 26.425893] __kasan_kmalloc+0xb7/0xc0 [ 26.426274] __kmalloc_cache_noprof+0x189/0x420 [ 26.426705] kasan_atomics+0x95/0x310 [ 26.427049] kunit_try_run_case+0x1a5/0x480 [ 26.427232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.427893] kthread+0x337/0x6f0 [ 26.428192] ret_from_fork+0x116/0x1d0 [ 26.428543] ret_from_fork_asm+0x1a/0x30 [ 26.428794] [ 26.428964] The buggy address belongs to the object at ffff888106195400 [ 26.428964] which belongs to the cache kmalloc-64 of size 64 [ 26.429493] The buggy address is located 0 bytes to the right of [ 26.429493] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.429861] [ 26.429929] The buggy address belongs to the physical page: [ 26.430095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.430341] flags: 0x200000000000000(node=0|zone=2) [ 26.430645] page_type: f5(slab) [ 26.431378] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.432086] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.432781] page dumped because: kasan: bad access detected [ 26.433327] [ 26.433491] Memory state around the buggy address: [ 26.434079] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.434740] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.434961] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.435172] ^ [ 26.435395] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.435922] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.436211] ================================================================== [ 26.530221] ================================================================== [ 26.530507] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 26.530769] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.531095] [ 26.531756] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.531825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.531841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.531866] Call Trace: [ 26.531883] <TASK> [ 26.531898] dump_stack_lvl+0x73/0xb0 [ 26.531929] print_report+0xd1/0x650 [ 26.531951] ? __virt_addr_valid+0x1db/0x2d0 [ 26.531976] ? kasan_atomics_helper+0x18b1/0x5450 [ 26.532001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.532028] ? kasan_atomics_helper+0x18b1/0x5450 [ 26.532055] kasan_report+0x141/0x180 [ 26.532077] ? kasan_atomics_helper+0x18b1/0x5450 [ 26.532107] kasan_check_range+0x10c/0x1c0 [ 26.532132] __kasan_check_write+0x18/0x20 [ 26.532156] kasan_atomics_helper+0x18b1/0x5450 [ 26.532194] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.532222] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.532247] ? kasan_atomics+0x152/0x310 [ 26.532274] kasan_atomics+0x1dc/0x310 [ 26.532301] ? __pfx_kasan_atomics+0x10/0x10 [ 26.532325] ? trace_hardirqs_on+0x37/0xe0 [ 26.532348] ? __pfx_read_tsc+0x10/0x10 [ 26.532370] ? ktime_get_ts64+0x86/0x230 [ 26.532396] kunit_try_run_case+0x1a5/0x480 [ 26.532423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.532449] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.532483] ? __kthread_parkme+0x82/0x180 [ 26.532527] ? preempt_count_sub+0x50/0x80 [ 26.532552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.532579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.532605] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.532631] kthread+0x337/0x6f0 [ 26.532653] ? trace_preempt_on+0x20/0xc0 [ 26.532677] ? __pfx_kthread+0x10/0x10 [ 26.532700] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.532725] ? calculate_sigpending+0x7b/0xa0 [ 26.532750] ? __pfx_kthread+0x10/0x10 [ 26.532773] ret_from_fork+0x116/0x1d0 [ 26.532794] ? __pfx_kthread+0x10/0x10 [ 26.532815] ret_from_fork_asm+0x1a/0x30 [ 26.532847] </TASK> [ 26.532859] [ 26.544748] Allocated by task 314: [ 26.545111] kasan_save_stack+0x45/0x70 [ 26.545550] kasan_save_track+0x18/0x40 [ 26.545892] kasan_save_alloc_info+0x3b/0x50 [ 26.546287] __kasan_kmalloc+0xb7/0xc0 [ 26.546650] __kmalloc_cache_noprof+0x189/0x420 [ 26.547042] kasan_atomics+0x95/0x310 [ 26.547423] kunit_try_run_case+0x1a5/0x480 [ 26.547623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.547794] kthread+0x337/0x6f0 [ 26.547909] ret_from_fork+0x116/0x1d0 [ 26.548037] ret_from_fork_asm+0x1a/0x30 [ 26.548172] [ 26.548332] The buggy address belongs to the object at ffff888106195400 [ 26.548332] which belongs to the cache kmalloc-64 of size 64 [ 26.549378] The buggy address is located 0 bytes to the right of [ 26.549378] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.550733] [ 26.550891] The buggy address belongs to the physical page: [ 26.551464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.552317] flags: 0x200000000000000(node=0|zone=2) [ 26.552680] page_type: f5(slab) [ 26.552799] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.553027] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.553292] page dumped because: kasan: bad access detected [ 26.553524] [ 26.553614] Memory state around the buggy address: [ 26.553832] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.554119] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.554489] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.554754] ^ [ 26.554968] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.555183] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.555479] ================================================================== [ 26.573477] ================================================================== [ 26.573794] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 26.574095] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.574443] [ 26.574560] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.574607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.574621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.574643] Call Trace: [ 26.574659] <TASK> [ 26.574676] dump_stack_lvl+0x73/0xb0 [ 26.574703] print_report+0xd1/0x650 [ 26.574726] ? __virt_addr_valid+0x1db/0x2d0 [ 26.574750] ? kasan_atomics_helper+0x19e3/0x5450 [ 26.574775] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.574802] ? kasan_atomics_helper+0x19e3/0x5450 [ 26.574828] kasan_report+0x141/0x180 [ 26.574851] ? kasan_atomics_helper+0x19e3/0x5450 [ 26.574881] kasan_check_range+0x10c/0x1c0 [ 26.574905] __kasan_check_write+0x18/0x20 [ 26.574929] kasan_atomics_helper+0x19e3/0x5450 [ 26.574956] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.574983] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.575008] ? kasan_atomics+0x152/0x310 [ 26.575034] kasan_atomics+0x1dc/0x310 [ 26.575057] ? __pfx_kasan_atomics+0x10/0x10 [ 26.575081] ? trace_hardirqs_on+0x37/0xe0 [ 26.575103] ? __pfx_read_tsc+0x10/0x10 [ 26.575126] ? ktime_get_ts64+0x86/0x230 [ 26.575152] kunit_try_run_case+0x1a5/0x480 [ 26.575177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.575223] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.575247] ? __kthread_parkme+0x82/0x180 [ 26.575269] ? preempt_count_sub+0x50/0x80 [ 26.575293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.575318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.575344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.575369] kthread+0x337/0x6f0 [ 26.575390] ? trace_preempt_on+0x20/0xc0 [ 26.575413] ? __pfx_kthread+0x10/0x10 [ 26.575435] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.575470] ? calculate_sigpending+0x7b/0xa0 [ 26.575497] ? __pfx_kthread+0x10/0x10 [ 26.575520] ret_from_fork+0x116/0x1d0 [ 26.575540] ? __pfx_kthread+0x10/0x10 [ 26.575562] ret_from_fork_asm+0x1a/0x30 [ 26.575595] </TASK> [ 26.575607] [ 26.583027] Allocated by task 314: [ 26.583179] kasan_save_stack+0x45/0x70 [ 26.583379] kasan_save_track+0x18/0x40 [ 26.583574] kasan_save_alloc_info+0x3b/0x50 [ 26.583785] __kasan_kmalloc+0xb7/0xc0 [ 26.583971] __kmalloc_cache_noprof+0x189/0x420 [ 26.584187] kasan_atomics+0x95/0x310 [ 26.584365] kunit_try_run_case+0x1a5/0x480 [ 26.584562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.584782] kthread+0x337/0x6f0 [ 26.584946] ret_from_fork+0x116/0x1d0 [ 26.585106] ret_from_fork_asm+0x1a/0x30 [ 26.585334] [ 26.585400] The buggy address belongs to the object at ffff888106195400 [ 26.585400] which belongs to the cache kmalloc-64 of size 64 [ 26.585882] The buggy address is located 0 bytes to the right of [ 26.585882] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.586401] [ 26.586476] The buggy address belongs to the physical page: [ 26.586642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.586876] flags: 0x200000000000000(node=0|zone=2) [ 26.587032] page_type: f5(slab) [ 26.587147] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.587477] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.587805] page dumped because: kasan: bad access detected [ 26.588049] [ 26.588136] Memory state around the buggy address: [ 26.588308] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.588564] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.588778] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.588987] ^ [ 26.589141] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.589469] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.589732] ================================================================== [ 26.197329] ================================================================== [ 26.197681] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 26.198018] Read of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.198391] [ 26.198483] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.198530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.198544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.198566] Call Trace: [ 26.198580] <TASK> [ 26.198594] dump_stack_lvl+0x73/0xb0 [ 26.198621] print_report+0xd1/0x650 [ 26.198644] ? __virt_addr_valid+0x1db/0x2d0 [ 26.198668] ? kasan_atomics_helper+0x4a1c/0x5450 [ 26.198694] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.198721] ? kasan_atomics_helper+0x4a1c/0x5450 [ 26.198748] kasan_report+0x141/0x180 [ 26.198770] ? kasan_atomics_helper+0x4a1c/0x5450 [ 26.198802] __asan_report_load4_noabort+0x18/0x20 [ 26.198827] kasan_atomics_helper+0x4a1c/0x5450 [ 26.198854] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.198881] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.198906] ? kasan_atomics+0x152/0x310 [ 26.198933] kasan_atomics+0x1dc/0x310 [ 26.198957] ? __pfx_kasan_atomics+0x10/0x10 [ 26.198981] ? trace_hardirqs_on+0x37/0xe0 [ 26.199004] ? __pfx_read_tsc+0x10/0x10 [ 26.199027] ? ktime_get_ts64+0x86/0x230 [ 26.199052] kunit_try_run_case+0x1a5/0x480 [ 26.199078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.199105] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.199128] ? __kthread_parkme+0x82/0x180 [ 26.199150] ? preempt_count_sub+0x50/0x80 [ 26.199175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.199201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.199226] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.199251] kthread+0x337/0x6f0 [ 26.199272] ? trace_preempt_on+0x20/0xc0 [ 26.199296] ? __pfx_kthread+0x10/0x10 [ 26.199318] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.199344] ? calculate_sigpending+0x7b/0xa0 [ 26.199369] ? __pfx_kthread+0x10/0x10 [ 26.199392] ret_from_fork+0x116/0x1d0 [ 26.199413] ? __pfx_kthread+0x10/0x10 [ 26.199435] ret_from_fork_asm+0x1a/0x30 [ 26.199477] </TASK> [ 26.199489] [ 26.207152] Allocated by task 314: [ 26.207309] kasan_save_stack+0x45/0x70 [ 26.207567] kasan_save_track+0x18/0x40 [ 26.207700] kasan_save_alloc_info+0x3b/0x50 [ 26.207842] __kasan_kmalloc+0xb7/0xc0 [ 26.207972] __kmalloc_cache_noprof+0x189/0x420 [ 26.208162] kasan_atomics+0x95/0x310 [ 26.208464] kunit_try_run_case+0x1a5/0x480 [ 26.208672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.208923] kthread+0x337/0x6f0 [ 26.209087] ret_from_fork+0x116/0x1d0 [ 26.209267] ret_from_fork_asm+0x1a/0x30 [ 26.209419] [ 26.209522] The buggy address belongs to the object at ffff888106195400 [ 26.209522] which belongs to the cache kmalloc-64 of size 64 [ 26.209905] The buggy address is located 0 bytes to the right of [ 26.209905] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.210471] [ 26.210553] The buggy address belongs to the physical page: [ 26.210719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.211018] flags: 0x200000000000000(node=0|zone=2) [ 26.211242] page_type: f5(slab) [ 26.211406] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.211655] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.211961] page dumped because: kasan: bad access detected [ 26.212214] [ 26.212305] Memory state around the buggy address: [ 26.212536] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.212855] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.213127] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.213395] ^ [ 26.213582] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.213904] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.214190] ================================================================== [ 25.959892] ================================================================== [ 25.960372] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 25.961047] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.961499] [ 25.961583] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.961677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.961692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.961716] Call Trace: [ 25.961733] <TASK> [ 25.961751] dump_stack_lvl+0x73/0xb0 [ 25.961780] print_report+0xd1/0x650 [ 25.961803] ? __virt_addr_valid+0x1db/0x2d0 [ 25.961827] ? kasan_atomics_helper+0xa2b/0x5450 [ 25.961859] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.961886] ? kasan_atomics_helper+0xa2b/0x5450 [ 25.961914] kasan_report+0x141/0x180 [ 25.961959] ? kasan_atomics_helper+0xa2b/0x5450 [ 25.962051] kasan_check_range+0x10c/0x1c0 [ 25.962076] __kasan_check_write+0x18/0x20 [ 25.962100] kasan_atomics_helper+0xa2b/0x5450 [ 25.962127] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.962154] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.962181] ? kasan_atomics+0x152/0x310 [ 25.962223] kasan_atomics+0x1dc/0x310 [ 25.962247] ? __pfx_kasan_atomics+0x10/0x10 [ 25.962270] ? trace_hardirqs_on+0x37/0xe0 [ 25.962294] ? __pfx_read_tsc+0x10/0x10 [ 25.962317] ? ktime_get_ts64+0x86/0x230 [ 25.962342] kunit_try_run_case+0x1a5/0x480 [ 25.962368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.962394] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.962438] ? __kthread_parkme+0x82/0x180 [ 25.962474] ? preempt_count_sub+0x50/0x80 [ 25.962500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.962746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.962772] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.962797] kthread+0x337/0x6f0 [ 25.962819] ? trace_preempt_on+0x20/0xc0 [ 25.962842] ? __pfx_kthread+0x10/0x10 [ 25.962865] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.962890] ? calculate_sigpending+0x7b/0xa0 [ 25.962915] ? __pfx_kthread+0x10/0x10 [ 25.962938] ret_from_fork+0x116/0x1d0 [ 25.962959] ? __pfx_kthread+0x10/0x10 [ 25.962981] ret_from_fork_asm+0x1a/0x30 [ 25.963013] </TASK> [ 25.963026] [ 25.971375] Allocated by task 314: [ 25.971714] kasan_save_stack+0x45/0x70 [ 25.971926] kasan_save_track+0x18/0x40 [ 25.972104] kasan_save_alloc_info+0x3b/0x50 [ 25.973127] __kasan_kmalloc+0xb7/0xc0 [ 25.973898] __kmalloc_cache_noprof+0x189/0x420 [ 25.974484] kasan_atomics+0x95/0x310 [ 25.974795] kunit_try_run_case+0x1a5/0x480 [ 25.975008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.975473] kthread+0x337/0x6f0 [ 25.975708] ret_from_fork+0x116/0x1d0 [ 25.976007] ret_from_fork_asm+0x1a/0x30 [ 25.976412] [ 25.976524] The buggy address belongs to the object at ffff888106195400 [ 25.976524] which belongs to the cache kmalloc-64 of size 64 [ 25.977145] The buggy address is located 0 bytes to the right of [ 25.977145] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.978136] [ 25.978255] The buggy address belongs to the physical page: [ 25.978674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.978997] flags: 0x200000000000000(node=0|zone=2) [ 25.979404] page_type: f5(slab) [ 25.979701] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.980302] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.980759] page dumped because: kasan: bad access detected [ 25.981006] [ 25.981090] Memory state around the buggy address: [ 25.981626] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.982124] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.982801] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.983270] ^ [ 25.983636] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.983928] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.984478] ================================================================== [ 26.081309] ================================================================== [ 26.081667] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 26.082007] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.082327] [ 26.082427] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.082482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.082497] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.082519] Call Trace: [ 26.082536] <TASK> [ 26.082552] dump_stack_lvl+0x73/0xb0 [ 26.082578] print_report+0xd1/0x650 [ 26.082602] ? __virt_addr_valid+0x1db/0x2d0 [ 26.082626] ? kasan_atomics_helper+0xde0/0x5450 [ 26.082650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.082677] ? kasan_atomics_helper+0xde0/0x5450 [ 26.082703] kasan_report+0x141/0x180 [ 26.082726] ? kasan_atomics_helper+0xde0/0x5450 [ 26.082757] kasan_check_range+0x10c/0x1c0 [ 26.082781] __kasan_check_write+0x18/0x20 [ 26.082805] kasan_atomics_helper+0xde0/0x5450 [ 26.082832] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.082858] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.082884] ? kasan_atomics+0x152/0x310 [ 26.082911] kasan_atomics+0x1dc/0x310 [ 26.082934] ? __pfx_kasan_atomics+0x10/0x10 [ 26.082957] ? trace_hardirqs_on+0x37/0xe0 [ 26.082980] ? __pfx_read_tsc+0x10/0x10 [ 26.083002] ? ktime_get_ts64+0x86/0x230 [ 26.083027] kunit_try_run_case+0x1a5/0x480 [ 26.083053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.083080] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.083102] ? __kthread_parkme+0x82/0x180 [ 26.083124] ? preempt_count_sub+0x50/0x80 [ 26.083149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.083175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.083200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.083225] kthread+0x337/0x6f0 [ 26.083334] ? trace_preempt_on+0x20/0xc0 [ 26.083359] ? __pfx_kthread+0x10/0x10 [ 26.083382] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.083407] ? calculate_sigpending+0x7b/0xa0 [ 26.083433] ? __pfx_kthread+0x10/0x10 [ 26.083468] ret_from_fork+0x116/0x1d0 [ 26.083489] ? __pfx_kthread+0x10/0x10 [ 26.083511] ret_from_fork_asm+0x1a/0x30 [ 26.083544] </TASK> [ 26.083556] [ 26.091322] Allocated by task 314: [ 26.091509] kasan_save_stack+0x45/0x70 [ 26.091679] kasan_save_track+0x18/0x40 [ 26.091858] kasan_save_alloc_info+0x3b/0x50 [ 26.092024] __kasan_kmalloc+0xb7/0xc0 [ 26.092155] __kmalloc_cache_noprof+0x189/0x420 [ 26.092305] kasan_atomics+0x95/0x310 [ 26.092433] kunit_try_run_case+0x1a5/0x480 [ 26.092646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.092921] kthread+0x337/0x6f0 [ 26.093102] ret_from_fork+0x116/0x1d0 [ 26.093399] ret_from_fork_asm+0x1a/0x30 [ 26.093605] [ 26.093672] The buggy address belongs to the object at ffff888106195400 [ 26.093672] which belongs to the cache kmalloc-64 of size 64 [ 26.094080] The buggy address is located 0 bytes to the right of [ 26.094080] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.094932] [ 26.095027] The buggy address belongs to the physical page: [ 26.095232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.095513] flags: 0x200000000000000(node=0|zone=2) [ 26.095672] page_type: f5(slab) [ 26.095791] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.096019] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.096278] page dumped because: kasan: bad access detected [ 26.096532] [ 26.096622] Memory state around the buggy address: [ 26.096836] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.097145] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.097463] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.097852] ^ [ 26.098058] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.098497] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.098761] ================================================================== [ 26.255181] ================================================================== [ 26.255687] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 26.256028] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.256618] [ 26.256702] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.256750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.256765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.256788] Call Trace: [ 26.256803] <TASK> [ 26.256819] dump_stack_lvl+0x73/0xb0 [ 26.256849] print_report+0xd1/0x650 [ 26.256873] ? __virt_addr_valid+0x1db/0x2d0 [ 26.256897] ? kasan_atomics_helper+0x1217/0x5450 [ 26.256923] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.256950] ? kasan_atomics_helper+0x1217/0x5450 [ 26.256976] kasan_report+0x141/0x180 [ 26.257001] ? kasan_atomics_helper+0x1217/0x5450 [ 26.257032] kasan_check_range+0x10c/0x1c0 [ 26.257057] __kasan_check_write+0x18/0x20 [ 26.257081] kasan_atomics_helper+0x1217/0x5450 [ 26.257108] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.257135] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.257160] ? kasan_atomics+0x152/0x310 [ 26.257198] kasan_atomics+0x1dc/0x310 [ 26.257222] ? __pfx_kasan_atomics+0x10/0x10 [ 26.257246] ? trace_hardirqs_on+0x37/0xe0 [ 26.257270] ? __pfx_read_tsc+0x10/0x10 [ 26.257293] ? ktime_get_ts64+0x86/0x230 [ 26.257371] kunit_try_run_case+0x1a5/0x480 [ 26.257400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.257426] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.257451] ? __kthread_parkme+0x82/0x180 [ 26.257486] ? preempt_count_sub+0x50/0x80 [ 26.257511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.257537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.257563] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.257589] kthread+0x337/0x6f0 [ 26.257610] ? trace_preempt_on+0x20/0xc0 [ 26.257634] ? __pfx_kthread+0x10/0x10 [ 26.257656] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.257682] ? calculate_sigpending+0x7b/0xa0 [ 26.257708] ? __pfx_kthread+0x10/0x10 [ 26.257731] ret_from_fork+0x116/0x1d0 [ 26.257752] ? __pfx_kthread+0x10/0x10 [ 26.257775] ret_from_fork_asm+0x1a/0x30 [ 26.257807] </TASK> [ 26.257820] [ 26.265280] Allocated by task 314: [ 26.265439] kasan_save_stack+0x45/0x70 [ 26.265630] kasan_save_track+0x18/0x40 [ 26.265788] kasan_save_alloc_info+0x3b/0x50 [ 26.265996] __kasan_kmalloc+0xb7/0xc0 [ 26.266154] __kmalloc_cache_noprof+0x189/0x420 [ 26.266393] kasan_atomics+0x95/0x310 [ 26.266572] kunit_try_run_case+0x1a5/0x480 [ 26.266714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.266963] kthread+0x337/0x6f0 [ 26.267125] ret_from_fork+0x116/0x1d0 [ 26.267410] ret_from_fork_asm+0x1a/0x30 [ 26.267600] [ 26.267687] The buggy address belongs to the object at ffff888106195400 [ 26.267687] which belongs to the cache kmalloc-64 of size 64 [ 26.268127] The buggy address is located 0 bytes to the right of [ 26.268127] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.268662] [ 26.268753] The buggy address belongs to the physical page: [ 26.268962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.269286] flags: 0x200000000000000(node=0|zone=2) [ 26.269491] page_type: f5(slab) [ 26.269624] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.269858] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.270138] page dumped because: kasan: bad access detected [ 26.270385] [ 26.270490] Memory state around the buggy address: [ 26.270706] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.270956] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.271164] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.271371] ^ [ 26.271530] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.271760] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.272067] ================================================================== [ 26.144834] ================================================================== [ 26.145385] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 26.145683] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.146023] [ 26.146115] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.146166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.146181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.146206] Call Trace: [ 26.146224] <TASK> [ 26.146243] dump_stack_lvl+0x73/0xb0 [ 26.146271] print_report+0xd1/0x650 [ 26.146296] ? __virt_addr_valid+0x1db/0x2d0 [ 26.146322] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.146349] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.146377] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.146405] kasan_report+0x141/0x180 [ 26.146430] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.146472] kasan_check_range+0x10c/0x1c0 [ 26.146499] __kasan_check_write+0x18/0x20 [ 26.146524] kasan_atomics_helper+0xfa9/0x5450 [ 26.146553] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.146581] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.146608] ? kasan_atomics+0x152/0x310 [ 26.146636] kasan_atomics+0x1dc/0x310 [ 26.146661] ? __pfx_kasan_atomics+0x10/0x10 [ 26.146686] ? trace_hardirqs_on+0x37/0xe0 [ 26.146711] ? __pfx_read_tsc+0x10/0x10 [ 26.146736] ? ktime_get_ts64+0x86/0x230 [ 26.146762] kunit_try_run_case+0x1a5/0x480 [ 26.146790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.146818] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.146842] ? __kthread_parkme+0x82/0x180 [ 26.146865] ? preempt_count_sub+0x50/0x80 [ 26.146891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.146919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.146946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.146973] kthread+0x337/0x6f0 [ 26.146995] ? trace_preempt_on+0x20/0xc0 [ 26.147020] ? __pfx_kthread+0x10/0x10 [ 26.147043] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.147069] ? calculate_sigpending+0x7b/0xa0 [ 26.147096] ? __pfx_kthread+0x10/0x10 [ 26.147120] ret_from_fork+0x116/0x1d0 [ 26.147142] ? __pfx_kthread+0x10/0x10 [ 26.147166] ret_from_fork_asm+0x1a/0x30 [ 26.147199] </TASK> [ 26.147212] [ 26.154607] Allocated by task 314: [ 26.154776] kasan_save_stack+0x45/0x70 [ 26.154947] kasan_save_track+0x18/0x40 [ 26.155135] kasan_save_alloc_info+0x3b/0x50 [ 26.155330] __kasan_kmalloc+0xb7/0xc0 [ 26.155502] __kmalloc_cache_noprof+0x189/0x420 [ 26.155652] kasan_atomics+0x95/0x310 [ 26.155779] kunit_try_run_case+0x1a5/0x480 [ 26.155980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.156223] kthread+0x337/0x6f0 [ 26.156384] ret_from_fork+0x116/0x1d0 [ 26.156573] ret_from_fork_asm+0x1a/0x30 [ 26.156765] [ 26.157250] The buggy address belongs to the object at ffff888106195400 [ 26.157250] which belongs to the cache kmalloc-64 of size 64 [ 26.157686] The buggy address is located 0 bytes to the right of [ 26.157686] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.158053] [ 26.158130] The buggy address belongs to the physical page: [ 26.158371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.158725] flags: 0x200000000000000(node=0|zone=2) [ 26.158920] page_type: f5(slab) [ 26.159085] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.159516] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.159739] page dumped because: kasan: bad access detected [ 26.159906] [ 26.159972] Memory state around the buggy address: [ 26.160180] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.160509] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.160821] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.161127] ^ [ 26.161543] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.161816] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.162092] ================================================================== [ 26.918438] ================================================================== [ 26.918731] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 26.919319] Read of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.919703] [ 26.919795] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.919842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.919856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.919878] Call Trace: [ 26.919895] <TASK> [ 26.919912] dump_stack_lvl+0x73/0xb0 [ 26.919940] print_report+0xd1/0x650 [ 26.919963] ? __virt_addr_valid+0x1db/0x2d0 [ 26.919987] ? kasan_atomics_helper+0x5115/0x5450 [ 26.920013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.920039] ? kasan_atomics_helper+0x5115/0x5450 [ 26.920065] kasan_report+0x141/0x180 [ 26.920089] ? kasan_atomics_helper+0x5115/0x5450 [ 26.920119] __asan_report_load8_noabort+0x18/0x20 [ 26.920145] kasan_atomics_helper+0x5115/0x5450 [ 26.920172] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.920424] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.920453] ? kasan_atomics+0x152/0x310 [ 26.920494] kasan_atomics+0x1dc/0x310 [ 26.920518] ? __pfx_kasan_atomics+0x10/0x10 [ 26.920541] ? trace_hardirqs_on+0x37/0xe0 [ 26.920565] ? __pfx_read_tsc+0x10/0x10 [ 26.920587] ? ktime_get_ts64+0x86/0x230 [ 26.920613] kunit_try_run_case+0x1a5/0x480 [ 26.920639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.920665] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.920689] ? __kthread_parkme+0x82/0x180 [ 26.920712] ? preempt_count_sub+0x50/0x80 [ 26.920737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.920763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.920789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.920815] kthread+0x337/0x6f0 [ 26.920836] ? trace_preempt_on+0x20/0xc0 [ 26.920859] ? __pfx_kthread+0x10/0x10 [ 26.920881] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.920907] ? calculate_sigpending+0x7b/0xa0 [ 26.920932] ? __pfx_kthread+0x10/0x10 [ 26.920955] ret_from_fork+0x116/0x1d0 [ 26.920976] ? __pfx_kthread+0x10/0x10 [ 26.920998] ret_from_fork_asm+0x1a/0x30 [ 26.921030] </TASK> [ 26.921041] [ 26.928742] Allocated by task 314: [ 26.928912] kasan_save_stack+0x45/0x70 [ 26.929105] kasan_save_track+0x18/0x40 [ 26.929323] kasan_save_alloc_info+0x3b/0x50 [ 26.929545] __kasan_kmalloc+0xb7/0xc0 [ 26.929734] __kmalloc_cache_noprof+0x189/0x420 [ 26.929940] kasan_atomics+0x95/0x310 [ 26.930125] kunit_try_run_case+0x1a5/0x480 [ 26.930342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.930528] kthread+0x337/0x6f0 [ 26.930698] ret_from_fork+0x116/0x1d0 [ 26.930888] ret_from_fork_asm+0x1a/0x30 [ 26.931083] [ 26.931208] The buggy address belongs to the object at ffff888106195400 [ 26.931208] which belongs to the cache kmalloc-64 of size 64 [ 26.931709] The buggy address is located 0 bytes to the right of [ 26.931709] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.932113] [ 26.932231] The buggy address belongs to the physical page: [ 26.932509] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.932817] flags: 0x200000000000000(node=0|zone=2) [ 26.932974] page_type: f5(slab) [ 26.933092] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.934141] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.935080] page dumped because: kasan: bad access detected [ 26.935403] [ 26.935550] Memory state around the buggy address: [ 26.935952] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.936189] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.936923] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.937855] ^ [ 26.938020] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.938262] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.938864] ================================================================== [ 25.730938] ================================================================== [ 25.731446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 25.731771] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.732066] [ 25.732546] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.732781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.732797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.732820] Call Trace: [ 25.732837] <TASK> [ 25.732855] dump_stack_lvl+0x73/0xb0 [ 25.732885] print_report+0xd1/0x650 [ 25.732910] ? __virt_addr_valid+0x1db/0x2d0 [ 25.732935] ? kasan_atomics_helper+0x4b3a/0x5450 [ 25.732960] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.732988] ? kasan_atomics_helper+0x4b3a/0x5450 [ 25.733014] kasan_report+0x141/0x180 [ 25.733037] ? kasan_atomics_helper+0x4b3a/0x5450 [ 25.733069] __asan_report_store4_noabort+0x1b/0x30 [ 25.733096] kasan_atomics_helper+0x4b3a/0x5450 [ 25.733123] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.733752] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.733801] ? kasan_atomics+0x152/0x310 [ 25.733832] kasan_atomics+0x1dc/0x310 [ 25.733863] ? __pfx_kasan_atomics+0x10/0x10 [ 25.733889] ? trace_hardirqs_on+0x37/0xe0 [ 25.733913] ? __pfx_read_tsc+0x10/0x10 [ 25.733935] ? ktime_get_ts64+0x86/0x230 [ 25.733962] kunit_try_run_case+0x1a5/0x480 [ 25.733988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.734017] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.734041] ? __kthread_parkme+0x82/0x180 [ 25.734063] ? preempt_count_sub+0x50/0x80 [ 25.734087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.734112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.734146] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.734172] kthread+0x337/0x6f0 [ 25.734193] ? trace_preempt_on+0x20/0xc0 [ 25.734217] ? __pfx_kthread+0x10/0x10 [ 25.734239] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.734264] ? calculate_sigpending+0x7b/0xa0 [ 25.734289] ? __pfx_kthread+0x10/0x10 [ 25.734313] ret_from_fork+0x116/0x1d0 [ 25.734332] ? __pfx_kthread+0x10/0x10 [ 25.734355] ret_from_fork_asm+0x1a/0x30 [ 25.734387] </TASK> [ 25.734400] [ 25.747632] Allocated by task 314: [ 25.748016] kasan_save_stack+0x45/0x70 [ 25.748483] kasan_save_track+0x18/0x40 [ 25.748836] kasan_save_alloc_info+0x3b/0x50 [ 25.749269] __kasan_kmalloc+0xb7/0xc0 [ 25.749616] __kmalloc_cache_noprof+0x189/0x420 [ 25.749784] kasan_atomics+0x95/0x310 [ 25.749922] kunit_try_run_case+0x1a5/0x480 [ 25.750067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.750246] kthread+0x337/0x6f0 [ 25.750429] ret_from_fork+0x116/0x1d0 [ 25.750648] ret_from_fork_asm+0x1a/0x30 [ 25.750850] [ 25.750942] The buggy address belongs to the object at ffff888106195400 [ 25.750942] which belongs to the cache kmalloc-64 of size 64 [ 25.751434] The buggy address is located 0 bytes to the right of [ 25.751434] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.752019] [ 25.752085] The buggy address belongs to the physical page: [ 25.752363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.752739] flags: 0x200000000000000(node=0|zone=2) [ 25.752978] page_type: f5(slab) [ 25.753140] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.753632] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.753942] page dumped because: kasan: bad access detected [ 25.754159] [ 25.754235] Memory state around the buggy address: [ 25.754625] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.754893] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.755167] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.755495] ^ [ 25.755689] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.755970] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.756303] ================================================================== [ 25.661892] ================================================================== [ 25.662557] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 25.662881] Read of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.663185] [ 25.663275] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.663323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.663338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.663361] Call Trace: [ 25.663380] <TASK> [ 25.663398] dump_stack_lvl+0x73/0xb0 [ 25.663427] print_report+0xd1/0x650 [ 25.663450] ? __virt_addr_valid+0x1db/0x2d0 [ 25.663879] ? kasan_atomics_helper+0x3df/0x5450 [ 25.663908] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.663936] ? kasan_atomics_helper+0x3df/0x5450 [ 25.663962] kasan_report+0x141/0x180 [ 25.663987] ? kasan_atomics_helper+0x3df/0x5450 [ 25.664019] kasan_check_range+0x10c/0x1c0 [ 25.664044] __kasan_check_read+0x15/0x20 [ 25.664068] kasan_atomics_helper+0x3df/0x5450 [ 25.664096] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.664123] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.664290] ? kasan_atomics+0x152/0x310 [ 25.664324] kasan_atomics+0x1dc/0x310 [ 25.664349] ? __pfx_kasan_atomics+0x10/0x10 [ 25.664373] ? trace_hardirqs_on+0x37/0xe0 [ 25.664397] ? __pfx_read_tsc+0x10/0x10 [ 25.664420] ? ktime_get_ts64+0x86/0x230 [ 25.664446] kunit_try_run_case+0x1a5/0x480 [ 25.664490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.664518] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.664543] ? __kthread_parkme+0x82/0x180 [ 25.664566] ? preempt_count_sub+0x50/0x80 [ 25.664591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.664617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.664643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.664669] kthread+0x337/0x6f0 [ 25.664691] ? trace_preempt_on+0x20/0xc0 [ 25.664715] ? __pfx_kthread+0x10/0x10 [ 25.664738] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.664764] ? calculate_sigpending+0x7b/0xa0 [ 25.664791] ? __pfx_kthread+0x10/0x10 [ 25.664814] ret_from_fork+0x116/0x1d0 [ 25.664835] ? __pfx_kthread+0x10/0x10 [ 25.664857] ret_from_fork_asm+0x1a/0x30 [ 25.664891] </TASK> [ 25.664904] [ 25.676846] Allocated by task 314: [ 25.677025] kasan_save_stack+0x45/0x70 [ 25.677405] kasan_save_track+0x18/0x40 [ 25.677606] kasan_save_alloc_info+0x3b/0x50 [ 25.677792] __kasan_kmalloc+0xb7/0xc0 [ 25.677942] __kmalloc_cache_noprof+0x189/0x420 [ 25.678359] kasan_atomics+0x95/0x310 [ 25.678672] kunit_try_run_case+0x1a5/0x480 [ 25.678937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.679186] kthread+0x337/0x6f0 [ 25.679584] ret_from_fork+0x116/0x1d0 [ 25.679787] ret_from_fork_asm+0x1a/0x30 [ 25.679968] [ 25.680043] The buggy address belongs to the object at ffff888106195400 [ 25.680043] which belongs to the cache kmalloc-64 of size 64 [ 25.680906] The buggy address is located 0 bytes to the right of [ 25.680906] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.681693] [ 25.681793] The buggy address belongs to the physical page: [ 25.682314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.682647] flags: 0x200000000000000(node=0|zone=2) [ 25.683021] page_type: f5(slab) [ 25.683291] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.683636] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.683967] page dumped because: kasan: bad access detected [ 25.684196] [ 25.684427] Memory state around the buggy address: [ 25.684591] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.684900] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.685229] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.685795] ^ [ 25.685963] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.686473] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.686779] ================================================================== [ 25.797355] ================================================================== [ 25.798530] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 25.799138] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.800150] [ 25.800452] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.800518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.800534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.800557] Call Trace: [ 25.800573] <TASK> [ 25.800592] dump_stack_lvl+0x73/0xb0 [ 25.800622] print_report+0xd1/0x650 [ 25.800647] ? __virt_addr_valid+0x1db/0x2d0 [ 25.800671] ? kasan_atomics_helper+0x697/0x5450 [ 25.800697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.800723] ? kasan_atomics_helper+0x697/0x5450 [ 25.800750] kasan_report+0x141/0x180 [ 25.800772] ? kasan_atomics_helper+0x697/0x5450 [ 25.800803] kasan_check_range+0x10c/0x1c0 [ 25.800827] __kasan_check_write+0x18/0x20 [ 25.800852] kasan_atomics_helper+0x697/0x5450 [ 25.800878] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.800905] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.800930] ? kasan_atomics+0x152/0x310 [ 25.800957] kasan_atomics+0x1dc/0x310 [ 25.800980] ? __pfx_kasan_atomics+0x10/0x10 [ 25.801002] ? trace_hardirqs_on+0x37/0xe0 [ 25.801026] ? __pfx_read_tsc+0x10/0x10 [ 25.801049] ? ktime_get_ts64+0x86/0x230 [ 25.801073] kunit_try_run_case+0x1a5/0x480 [ 25.801099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.801124] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.801148] ? __kthread_parkme+0x82/0x180 [ 25.801319] ? preempt_count_sub+0x50/0x80 [ 25.801347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.801414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.801440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.801476] kthread+0x337/0x6f0 [ 25.801498] ? trace_preempt_on+0x20/0xc0 [ 25.801522] ? __pfx_kthread+0x10/0x10 [ 25.801544] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.801571] ? calculate_sigpending+0x7b/0xa0 [ 25.801596] ? __pfx_kthread+0x10/0x10 [ 25.801618] ret_from_fork+0x116/0x1d0 [ 25.801639] ? __pfx_kthread+0x10/0x10 [ 25.801661] ret_from_fork_asm+0x1a/0x30 [ 25.801694] </TASK> [ 25.801706] [ 25.819486] Allocated by task 314: [ 25.819629] kasan_save_stack+0x45/0x70 [ 25.819780] kasan_save_track+0x18/0x40 [ 25.819913] kasan_save_alloc_info+0x3b/0x50 [ 25.820058] __kasan_kmalloc+0xb7/0xc0 [ 25.820575] __kmalloc_cache_noprof+0x189/0x420 [ 25.821349] kasan_atomics+0x95/0x310 [ 25.821830] kunit_try_run_case+0x1a5/0x480 [ 25.822421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.822666] kthread+0x337/0x6f0 [ 25.822790] ret_from_fork+0x116/0x1d0 [ 25.822919] ret_from_fork_asm+0x1a/0x30 [ 25.823055] [ 25.823123] The buggy address belongs to the object at ffff888106195400 [ 25.823123] which belongs to the cache kmalloc-64 of size 64 [ 25.824001] The buggy address is located 0 bytes to the right of [ 25.824001] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.825039] [ 25.825297] The buggy address belongs to the physical page: [ 25.825551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.825889] flags: 0x200000000000000(node=0|zone=2) [ 25.826117] page_type: f5(slab) [ 25.826588] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.827018] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.827662] page dumped because: kasan: bad access detected [ 25.827910] [ 25.828003] Memory state around the buggy address: [ 25.828716] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.829623] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.829928] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.830535] ^ [ 25.830810] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.831518] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.832001] ================================================================== [ 25.985311] ================================================================== [ 25.985929] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 25.986539] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.987169] [ 25.987419] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.987580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.987596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.987620] Call Trace: [ 25.987640] <TASK> [ 25.987657] dump_stack_lvl+0x73/0xb0 [ 25.987724] print_report+0xd1/0x650 [ 25.987749] ? __virt_addr_valid+0x1db/0x2d0 [ 25.987774] ? kasan_atomics_helper+0xac7/0x5450 [ 25.987800] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.987827] ? kasan_atomics_helper+0xac7/0x5450 [ 25.987855] kasan_report+0x141/0x180 [ 25.987879] ? kasan_atomics_helper+0xac7/0x5450 [ 25.987909] kasan_check_range+0x10c/0x1c0 [ 25.987934] __kasan_check_write+0x18/0x20 [ 25.987958] kasan_atomics_helper+0xac7/0x5450 [ 25.987985] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.988012] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.988038] ? kasan_atomics+0x152/0x310 [ 25.988065] kasan_atomics+0x1dc/0x310 [ 25.988088] ? __pfx_kasan_atomics+0x10/0x10 [ 25.988111] ? trace_hardirqs_on+0x37/0xe0 [ 25.988136] ? __pfx_read_tsc+0x10/0x10 [ 25.988236] ? ktime_get_ts64+0x86/0x230 [ 25.988263] kunit_try_run_case+0x1a5/0x480 [ 25.988291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.988317] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.988342] ? __kthread_parkme+0x82/0x180 [ 25.988365] ? preempt_count_sub+0x50/0x80 [ 25.988389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.988416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.988441] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.988480] kthread+0x337/0x6f0 [ 25.988501] ? trace_preempt_on+0x20/0xc0 [ 25.988525] ? __pfx_kthread+0x10/0x10 [ 25.988547] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.988573] ? calculate_sigpending+0x7b/0xa0 [ 25.988599] ? __pfx_kthread+0x10/0x10 [ 25.988622] ret_from_fork+0x116/0x1d0 [ 25.988643] ? __pfx_kthread+0x10/0x10 [ 25.988666] ret_from_fork_asm+0x1a/0x30 [ 25.988699] </TASK> [ 25.988711] [ 26.000518] Allocated by task 314: [ 26.000704] kasan_save_stack+0x45/0x70 [ 26.000909] kasan_save_track+0x18/0x40 [ 26.001093] kasan_save_alloc_info+0x3b/0x50 [ 26.001549] __kasan_kmalloc+0xb7/0xc0 [ 26.001749] __kmalloc_cache_noprof+0x189/0x420 [ 26.001950] kasan_atomics+0x95/0x310 [ 26.002080] kunit_try_run_case+0x1a5/0x480 [ 26.002450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.002795] kthread+0x337/0x6f0 [ 26.002941] ret_from_fork+0x116/0x1d0 [ 26.003069] ret_from_fork_asm+0x1a/0x30 [ 26.003244] [ 26.003336] The buggy address belongs to the object at ffff888106195400 [ 26.003336] which belongs to the cache kmalloc-64 of size 64 [ 26.003979] The buggy address is located 0 bytes to the right of [ 26.003979] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.004611] [ 26.004695] The buggy address belongs to the physical page: [ 26.004959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.005189] flags: 0x200000000000000(node=0|zone=2) [ 26.005634] page_type: f5(slab) [ 26.005803] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.006143] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.006517] page dumped because: kasan: bad access detected [ 26.006736] [ 26.006808] Memory state around the buggy address: [ 26.006981] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.007550] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.007815] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.008122] ^ [ 26.008389] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.008677] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.008906] ================================================================== [ 26.063953] ================================================================== [ 26.064432] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 26.064679] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.064899] [ 26.064976] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.065021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.065035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.065056] Call Trace: [ 26.065070] <TASK> [ 26.065084] dump_stack_lvl+0x73/0xb0 [ 26.065110] print_report+0xd1/0x650 [ 26.065132] ? __virt_addr_valid+0x1db/0x2d0 [ 26.065155] ? kasan_atomics_helper+0xd47/0x5450 [ 26.065181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.065208] ? kasan_atomics_helper+0xd47/0x5450 [ 26.065234] kasan_report+0x141/0x180 [ 26.065256] ? kasan_atomics_helper+0xd47/0x5450 [ 26.065287] kasan_check_range+0x10c/0x1c0 [ 26.065312] __kasan_check_write+0x18/0x20 [ 26.065336] kasan_atomics_helper+0xd47/0x5450 [ 26.065364] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.065392] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.065417] ? kasan_atomics+0x152/0x310 [ 26.065443] kasan_atomics+0x1dc/0x310 [ 26.065478] ? __pfx_kasan_atomics+0x10/0x10 [ 26.065501] ? trace_hardirqs_on+0x37/0xe0 [ 26.065525] ? __pfx_read_tsc+0x10/0x10 [ 26.065547] ? ktime_get_ts64+0x86/0x230 [ 26.065571] kunit_try_run_case+0x1a5/0x480 [ 26.065597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.065624] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.065646] ? __kthread_parkme+0x82/0x180 [ 26.065669] ? preempt_count_sub+0x50/0x80 [ 26.065694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.065720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.065746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.065772] kthread+0x337/0x6f0 [ 26.065793] ? trace_preempt_on+0x20/0xc0 [ 26.065828] ? __pfx_kthread+0x10/0x10 [ 26.065856] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.065882] ? calculate_sigpending+0x7b/0xa0 [ 26.065907] ? __pfx_kthread+0x10/0x10 [ 26.065931] ret_from_fork+0x116/0x1d0 [ 26.065952] ? __pfx_kthread+0x10/0x10 [ 26.065975] ret_from_fork_asm+0x1a/0x30 [ 26.066007] </TASK> [ 26.066019] [ 26.073294] Allocated by task 314: [ 26.073488] kasan_save_stack+0x45/0x70 [ 26.073708] kasan_save_track+0x18/0x40 [ 26.073900] kasan_save_alloc_info+0x3b/0x50 [ 26.074107] __kasan_kmalloc+0xb7/0xc0 [ 26.074400] __kmalloc_cache_noprof+0x189/0x420 [ 26.074629] kasan_atomics+0x95/0x310 [ 26.074784] kunit_try_run_case+0x1a5/0x480 [ 26.074925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.075148] kthread+0x337/0x6f0 [ 26.075464] ret_from_fork+0x116/0x1d0 [ 26.075648] ret_from_fork_asm+0x1a/0x30 [ 26.075846] [ 26.075917] The buggy address belongs to the object at ffff888106195400 [ 26.075917] which belongs to the cache kmalloc-64 of size 64 [ 26.076403] The buggy address is located 0 bytes to the right of [ 26.076403] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.076900] [ 26.076985] The buggy address belongs to the physical page: [ 26.077196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.077487] flags: 0x200000000000000(node=0|zone=2) [ 26.077690] page_type: f5(slab) [ 26.077850] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.078157] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.078486] page dumped because: kasan: bad access detected [ 26.078712] [ 26.078799] Memory state around the buggy address: [ 26.078960] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.079274] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.079555] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.079857] ^ [ 26.080026] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.080236] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.080444] ================================================================== [ 26.640690] ================================================================== [ 26.641027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 26.641388] Read of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.641682] [ 26.641780] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.641824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.641838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.641867] Call Trace: [ 26.641882] <TASK> [ 26.641899] dump_stack_lvl+0x73/0xb0 [ 26.641926] print_report+0xd1/0x650 [ 26.641949] ? __virt_addr_valid+0x1db/0x2d0 [ 26.641973] ? kasan_atomics_helper+0x4f30/0x5450 [ 26.641998] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.642025] ? kasan_atomics_helper+0x4f30/0x5450 [ 26.642051] kasan_report+0x141/0x180 [ 26.642074] ? kasan_atomics_helper+0x4f30/0x5450 [ 26.642104] __asan_report_load8_noabort+0x18/0x20 [ 26.642130] kasan_atomics_helper+0x4f30/0x5450 [ 26.642157] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.642203] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.642230] ? kasan_atomics+0x152/0x310 [ 26.642257] kasan_atomics+0x1dc/0x310 [ 26.642280] ? __pfx_kasan_atomics+0x10/0x10 [ 26.642304] ? trace_hardirqs_on+0x37/0xe0 [ 26.642327] ? __pfx_read_tsc+0x10/0x10 [ 26.642349] ? ktime_get_ts64+0x86/0x230 [ 26.642375] kunit_try_run_case+0x1a5/0x480 [ 26.642401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.642428] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.642450] ? __kthread_parkme+0x82/0x180 [ 26.642480] ? preempt_count_sub+0x50/0x80 [ 26.642504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.642531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.642555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.642580] kthread+0x337/0x6f0 [ 26.642602] ? trace_preempt_on+0x20/0xc0 [ 26.642626] ? __pfx_kthread+0x10/0x10 [ 26.642648] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.642674] ? calculate_sigpending+0x7b/0xa0 [ 26.642699] ? __pfx_kthread+0x10/0x10 [ 26.642723] ret_from_fork+0x116/0x1d0 [ 26.642743] ? __pfx_kthread+0x10/0x10 [ 26.642765] ret_from_fork_asm+0x1a/0x30 [ 26.642796] </TASK> [ 26.642809] [ 26.649627] Allocated by task 314: [ 26.649748] kasan_save_stack+0x45/0x70 [ 26.649894] kasan_save_track+0x18/0x40 [ 26.650023] kasan_save_alloc_info+0x3b/0x50 [ 26.650164] __kasan_kmalloc+0xb7/0xc0 [ 26.650327] __kmalloc_cache_noprof+0x189/0x420 [ 26.650595] kasan_atomics+0x95/0x310 [ 26.650783] kunit_try_run_case+0x1a5/0x480 [ 26.650983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.651255] kthread+0x337/0x6f0 [ 26.651419] ret_from_fork+0x116/0x1d0 [ 26.651606] ret_from_fork_asm+0x1a/0x30 [ 26.651796] [ 26.651886] The buggy address belongs to the object at ffff888106195400 [ 26.651886] which belongs to the cache kmalloc-64 of size 64 [ 26.652430] The buggy address is located 0 bytes to the right of [ 26.652430] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.652970] [ 26.653036] The buggy address belongs to the physical page: [ 26.653228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.653469] flags: 0x200000000000000(node=0|zone=2) [ 26.653626] page_type: f5(slab) [ 26.653739] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.653969] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.654213] page dumped because: kasan: bad access detected [ 26.654380] [ 26.654446] Memory state around the buggy address: [ 26.654675] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.655017] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.655425] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.655800] ^ [ 26.656024] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.656423] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.656785] ================================================================== [ 26.813887] ================================================================== [ 26.814320] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 26.814619] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.814926] [ 26.815011] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.815056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.815070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.815092] Call Trace: [ 26.815107] <TASK> [ 26.815122] dump_stack_lvl+0x73/0xb0 [ 26.815148] print_report+0xd1/0x650 [ 26.815172] ? __virt_addr_valid+0x1db/0x2d0 [ 26.815195] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.815223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.815250] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.815276] kasan_report+0x141/0x180 [ 26.815299] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.815330] kasan_check_range+0x10c/0x1c0 [ 26.815354] __kasan_check_write+0x18/0x20 [ 26.815378] kasan_atomics_helper+0x20c8/0x5450 [ 26.815406] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.815433] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.815467] ? kasan_atomics+0x152/0x310 [ 26.815494] kasan_atomics+0x1dc/0x310 [ 26.815518] ? __pfx_kasan_atomics+0x10/0x10 [ 26.815541] ? trace_hardirqs_on+0x37/0xe0 [ 26.815566] ? __pfx_read_tsc+0x10/0x10 [ 26.815588] ? ktime_get_ts64+0x86/0x230 [ 26.815613] kunit_try_run_case+0x1a5/0x480 [ 26.815639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.815665] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.815689] ? __kthread_parkme+0x82/0x180 [ 26.815711] ? preempt_count_sub+0x50/0x80 [ 26.815735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.815761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.815786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.815812] kthread+0x337/0x6f0 [ 26.815833] ? trace_preempt_on+0x20/0xc0 [ 26.815855] ? __pfx_kthread+0x10/0x10 [ 26.815877] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.815902] ? calculate_sigpending+0x7b/0xa0 [ 26.815927] ? __pfx_kthread+0x10/0x10 [ 26.815949] ret_from_fork+0x116/0x1d0 [ 26.815970] ? __pfx_kthread+0x10/0x10 [ 26.815992] ret_from_fork_asm+0x1a/0x30 [ 26.816024] </TASK> [ 26.816036] [ 26.823145] Allocated by task 314: [ 26.823319] kasan_save_stack+0x45/0x70 [ 26.823713] kasan_save_track+0x18/0x40 [ 26.823904] kasan_save_alloc_info+0x3b/0x50 [ 26.824148] __kasan_kmalloc+0xb7/0xc0 [ 26.824372] __kmalloc_cache_noprof+0x189/0x420 [ 26.824538] kasan_atomics+0x95/0x310 [ 26.824665] kunit_try_run_case+0x1a5/0x480 [ 26.824805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.824986] kthread+0x337/0x6f0 [ 26.825154] ret_from_fork+0x116/0x1d0 [ 26.825336] ret_from_fork_asm+0x1a/0x30 [ 26.825591] [ 26.825688] The buggy address belongs to the object at ffff888106195400 [ 26.825688] which belongs to the cache kmalloc-64 of size 64 [ 26.826251] The buggy address is located 0 bytes to the right of [ 26.826251] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.826746] [ 26.826831] The buggy address belongs to the physical page: [ 26.827030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.827337] flags: 0x200000000000000(node=0|zone=2) [ 26.827576] page_type: f5(slab) [ 26.827726] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.827973] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.828194] page dumped because: kasan: bad access detected [ 26.828558] [ 26.828646] Memory state around the buggy address: [ 26.828962] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.829170] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.829376] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.830014] ^ [ 26.830260] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.830554] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.830761] ================================================================== [ 26.859312] ================================================================== [ 26.859560] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 26.859793] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.860012] [ 26.860092] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.860138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.860152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.860173] Call Trace: [ 26.860189] <TASK> [ 26.860205] dump_stack_lvl+0x73/0xb0 [ 26.860233] print_report+0xd1/0x650 [ 26.860256] ? __virt_addr_valid+0x1db/0x2d0 [ 26.860280] ? kasan_atomics_helper+0x218a/0x5450 [ 26.860306] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.860333] ? kasan_atomics_helper+0x218a/0x5450 [ 26.860359] kasan_report+0x141/0x180 [ 26.860382] ? kasan_atomics_helper+0x218a/0x5450 [ 26.860412] kasan_check_range+0x10c/0x1c0 [ 26.860437] __kasan_check_write+0x18/0x20 [ 26.860471] kasan_atomics_helper+0x218a/0x5450 [ 26.860498] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.860524] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.860914] ? kasan_atomics+0x152/0x310 [ 26.860947] kasan_atomics+0x1dc/0x310 [ 26.860972] ? __pfx_kasan_atomics+0x10/0x10 [ 26.860997] ? trace_hardirqs_on+0x37/0xe0 [ 26.861020] ? __pfx_read_tsc+0x10/0x10 [ 26.861051] ? ktime_get_ts64+0x86/0x230 [ 26.861077] kunit_try_run_case+0x1a5/0x480 [ 26.861102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.861128] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.861152] ? __kthread_parkme+0x82/0x180 [ 26.861175] ? preempt_count_sub+0x50/0x80 [ 26.861201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.861227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.861253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.861279] kthread+0x337/0x6f0 [ 26.861300] ? trace_preempt_on+0x20/0xc0 [ 26.861323] ? __pfx_kthread+0x10/0x10 [ 26.861345] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.861371] ? calculate_sigpending+0x7b/0xa0 [ 26.861396] ? __pfx_kthread+0x10/0x10 [ 26.861419] ret_from_fork+0x116/0x1d0 [ 26.861440] ? __pfx_kthread+0x10/0x10 [ 26.861472] ret_from_fork_asm+0x1a/0x30 [ 26.861504] </TASK> [ 26.861517] [ 26.868989] Allocated by task 314: [ 26.869115] kasan_save_stack+0x45/0x70 [ 26.869256] kasan_save_track+0x18/0x40 [ 26.869384] kasan_save_alloc_info+0x3b/0x50 [ 26.869609] __kasan_kmalloc+0xb7/0xc0 [ 26.869797] __kmalloc_cache_noprof+0x189/0x420 [ 26.870014] kasan_atomics+0x95/0x310 [ 26.870194] kunit_try_run_case+0x1a5/0x480 [ 26.870402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.870597] kthread+0x337/0x6f0 [ 26.870713] ret_from_fork+0x116/0x1d0 [ 26.870838] ret_from_fork_asm+0x1a/0x30 [ 26.870971] [ 26.871036] The buggy address belongs to the object at ffff888106195400 [ 26.871036] which belongs to the cache kmalloc-64 of size 64 [ 26.871493] The buggy address is located 0 bytes to the right of [ 26.871493] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.872041] [ 26.872132] The buggy address belongs to the physical page: [ 26.872464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.872816] flags: 0x200000000000000(node=0|zone=2) [ 26.873039] page_type: f5(slab) [ 26.873174] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.873490] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.873758] page dumped because: kasan: bad access detected [ 26.873930] [ 26.873995] Memory state around the buggy address: [ 26.874197] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.874528] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.874812] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.875113] ^ [ 26.875261] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.875480] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.875687] ================================================================== [ 26.180329] ================================================================== [ 26.180658] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 26.180921] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.181142] [ 26.181428] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.181491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.181505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.181528] Call Trace: [ 26.181542] <TASK> [ 26.181558] dump_stack_lvl+0x73/0xb0 [ 26.181586] print_report+0xd1/0x650 [ 26.181609] ? __virt_addr_valid+0x1db/0x2d0 [ 26.181634] ? kasan_atomics_helper+0x1079/0x5450 [ 26.181660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.181686] ? kasan_atomics_helper+0x1079/0x5450 [ 26.181713] kasan_report+0x141/0x180 [ 26.181737] ? kasan_atomics_helper+0x1079/0x5450 [ 26.181768] kasan_check_range+0x10c/0x1c0 [ 26.181793] __kasan_check_write+0x18/0x20 [ 26.181817] kasan_atomics_helper+0x1079/0x5450 [ 26.181851] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.181878] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.181904] ? kasan_atomics+0x152/0x310 [ 26.181931] kasan_atomics+0x1dc/0x310 [ 26.181955] ? __pfx_kasan_atomics+0x10/0x10 [ 26.181978] ? trace_hardirqs_on+0x37/0xe0 [ 26.182001] ? __pfx_read_tsc+0x10/0x10 [ 26.182024] ? ktime_get_ts64+0x86/0x230 [ 26.182050] kunit_try_run_case+0x1a5/0x480 [ 26.182075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.182103] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.182127] ? __kthread_parkme+0x82/0x180 [ 26.182163] ? preempt_count_sub+0x50/0x80 [ 26.182189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.182227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.182252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.182278] kthread+0x337/0x6f0 [ 26.182300] ? trace_preempt_on+0x20/0xc0 [ 26.182323] ? __pfx_kthread+0x10/0x10 [ 26.182346] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.182372] ? calculate_sigpending+0x7b/0xa0 [ 26.182397] ? __pfx_kthread+0x10/0x10 [ 26.182421] ret_from_fork+0x116/0x1d0 [ 26.182442] ? __pfx_kthread+0x10/0x10 [ 26.182475] ret_from_fork_asm+0x1a/0x30 [ 26.182508] </TASK> [ 26.182520] [ 26.189567] Allocated by task 314: [ 26.189738] kasan_save_stack+0x45/0x70 [ 26.189936] kasan_save_track+0x18/0x40 [ 26.190118] kasan_save_alloc_info+0x3b/0x50 [ 26.190260] __kasan_kmalloc+0xb7/0xc0 [ 26.190391] __kmalloc_cache_noprof+0x189/0x420 [ 26.190778] kasan_atomics+0x95/0x310 [ 26.190964] kunit_try_run_case+0x1a5/0x480 [ 26.191176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.191426] kthread+0x337/0x6f0 [ 26.191606] ret_from_fork+0x116/0x1d0 [ 26.191770] ret_from_fork_asm+0x1a/0x30 [ 26.191935] [ 26.192008] The buggy address belongs to the object at ffff888106195400 [ 26.192008] which belongs to the cache kmalloc-64 of size 64 [ 26.192500] The buggy address is located 0 bytes to the right of [ 26.192500] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.192943] [ 26.193010] The buggy address belongs to the physical page: [ 26.193177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.193422] flags: 0x200000000000000(node=0|zone=2) [ 26.193794] page_type: f5(slab) [ 26.193960] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.194299] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.194640] page dumped because: kasan: bad access detected [ 26.194854] [ 26.194928] Memory state around the buggy address: [ 26.195141] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.195404] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.195641] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.195957] ^ [ 26.196181] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.196482] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.196732] ================================================================== [ 26.237331] ================================================================== [ 26.237886] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 26.238235] Read of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.238536] [ 26.238644] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.238691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.238705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.238727] Call Trace: [ 26.238744] <TASK> [ 26.238761] dump_stack_lvl+0x73/0xb0 [ 26.238790] print_report+0xd1/0x650 [ 26.238814] ? __virt_addr_valid+0x1db/0x2d0 [ 26.238838] ? kasan_atomics_helper+0x4a02/0x5450 [ 26.238865] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.238891] ? kasan_atomics_helper+0x4a02/0x5450 [ 26.238917] kasan_report+0x141/0x180 [ 26.238941] ? kasan_atomics_helper+0x4a02/0x5450 [ 26.238971] __asan_report_load4_noabort+0x18/0x20 [ 26.238997] kasan_atomics_helper+0x4a02/0x5450 [ 26.239026] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.239053] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.239078] ? kasan_atomics+0x152/0x310 [ 26.239105] kasan_atomics+0x1dc/0x310 [ 26.239129] ? __pfx_kasan_atomics+0x10/0x10 [ 26.239152] ? trace_hardirqs_on+0x37/0xe0 [ 26.239175] ? __pfx_read_tsc+0x10/0x10 [ 26.239209] ? ktime_get_ts64+0x86/0x230 [ 26.239235] kunit_try_run_case+0x1a5/0x480 [ 26.239261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.239288] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.239312] ? __kthread_parkme+0x82/0x180 [ 26.239334] ? preempt_count_sub+0x50/0x80 [ 26.239358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.239384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.239409] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.239434] kthread+0x337/0x6f0 [ 26.239467] ? trace_preempt_on+0x20/0xc0 [ 26.239491] ? __pfx_kthread+0x10/0x10 [ 26.239513] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.239539] ? calculate_sigpending+0x7b/0xa0 [ 26.239564] ? __pfx_kthread+0x10/0x10 [ 26.239587] ret_from_fork+0x116/0x1d0 [ 26.239608] ? __pfx_kthread+0x10/0x10 [ 26.239630] ret_from_fork_asm+0x1a/0x30 [ 26.239664] </TASK> [ 26.239676] [ 26.246810] Allocated by task 314: [ 26.246979] kasan_save_stack+0x45/0x70 [ 26.247121] kasan_save_track+0x18/0x40 [ 26.247252] kasan_save_alloc_info+0x3b/0x50 [ 26.247395] __kasan_kmalloc+0xb7/0xc0 [ 26.247613] __kmalloc_cache_noprof+0x189/0x420 [ 26.247829] kasan_atomics+0x95/0x310 [ 26.248011] kunit_try_run_case+0x1a5/0x480 [ 26.248209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.248478] kthread+0x337/0x6f0 [ 26.248728] ret_from_fork+0x116/0x1d0 [ 26.248873] ret_from_fork_asm+0x1a/0x30 [ 26.249067] [ 26.249150] The buggy address belongs to the object at ffff888106195400 [ 26.249150] which belongs to the cache kmalloc-64 of size 64 [ 26.249592] The buggy address is located 0 bytes to the right of [ 26.249592] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.250014] [ 26.250105] The buggy address belongs to the physical page: [ 26.250431] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.250864] flags: 0x200000000000000(node=0|zone=2) [ 26.251057] page_type: f5(slab) [ 26.251187] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.251529] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.251813] page dumped because: kasan: bad access detected [ 26.252032] [ 26.252119] Memory state around the buggy address: [ 26.252345] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.252647] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.252911] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.253168] ^ [ 26.253385] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.253641] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.253853] ================================================================== [ 26.339742] ================================================================== [ 26.340076] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 26.340775] Read of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.341062] [ 26.341140] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.341185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.341208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.341229] Call Trace: [ 26.341245] <TASK> [ 26.341263] dump_stack_lvl+0x73/0xb0 [ 26.341289] print_report+0xd1/0x650 [ 26.341312] ? __virt_addr_valid+0x1db/0x2d0 [ 26.341335] ? kasan_atomics_helper+0x4eae/0x5450 [ 26.341362] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.341388] ? kasan_atomics_helper+0x4eae/0x5450 [ 26.341414] kasan_report+0x141/0x180 [ 26.341437] ? kasan_atomics_helper+0x4eae/0x5450 [ 26.341481] __asan_report_load8_noabort+0x18/0x20 [ 26.341506] kasan_atomics_helper+0x4eae/0x5450 [ 26.341534] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.341562] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.341587] ? kasan_atomics+0x152/0x310 [ 26.341614] kasan_atomics+0x1dc/0x310 [ 26.341638] ? __pfx_kasan_atomics+0x10/0x10 [ 26.341662] ? trace_hardirqs_on+0x37/0xe0 [ 26.341684] ? __pfx_read_tsc+0x10/0x10 [ 26.341706] ? ktime_get_ts64+0x86/0x230 [ 26.341732] kunit_try_run_case+0x1a5/0x480 [ 26.341757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.341784] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.341807] ? __kthread_parkme+0x82/0x180 [ 26.341830] ? preempt_count_sub+0x50/0x80 [ 26.341859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.341885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.341910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.341936] kthread+0x337/0x6f0 [ 26.341957] ? trace_preempt_on+0x20/0xc0 [ 26.341980] ? __pfx_kthread+0x10/0x10 [ 26.342003] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.342028] ? calculate_sigpending+0x7b/0xa0 [ 26.342053] ? __pfx_kthread+0x10/0x10 [ 26.342076] ret_from_fork+0x116/0x1d0 [ 26.342097] ? __pfx_kthread+0x10/0x10 [ 26.342119] ret_from_fork_asm+0x1a/0x30 [ 26.342152] </TASK> [ 26.342165] [ 26.349192] Allocated by task 314: [ 26.349346] kasan_save_stack+0x45/0x70 [ 26.349517] kasan_save_track+0x18/0x40 [ 26.349661] kasan_save_alloc_info+0x3b/0x50 [ 26.349804] __kasan_kmalloc+0xb7/0xc0 [ 26.349939] __kmalloc_cache_noprof+0x189/0x420 [ 26.350108] kasan_atomics+0x95/0x310 [ 26.350406] kunit_try_run_case+0x1a5/0x480 [ 26.350621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.350870] kthread+0x337/0x6f0 [ 26.351033] ret_from_fork+0x116/0x1d0 [ 26.351249] ret_from_fork_asm+0x1a/0x30 [ 26.351405] [ 26.351507] The buggy address belongs to the object at ffff888106195400 [ 26.351507] which belongs to the cache kmalloc-64 of size 64 [ 26.351958] The buggy address is located 0 bytes to the right of [ 26.351958] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.352489] [ 26.352577] The buggy address belongs to the physical page: [ 26.352798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.353095] flags: 0x200000000000000(node=0|zone=2) [ 26.353311] page_type: f5(slab) [ 26.353465] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.353752] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.354055] page dumped because: kasan: bad access detected [ 26.354315] [ 26.354404] Memory state around the buggy address: [ 26.354588] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.354800] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.355008] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.355372] ^ [ 26.355602] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.355916] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.356262] ================================================================== [ 25.775448] ================================================================== [ 25.775749] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 25.776047] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.776521] [ 25.776619] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.776667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.776682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.776704] Call Trace: [ 25.776718] <TASK> [ 25.776734] dump_stack_lvl+0x73/0xb0 [ 25.776762] print_report+0xd1/0x650 [ 25.776785] ? __virt_addr_valid+0x1db/0x2d0 [ 25.776809] ? kasan_atomics_helper+0x5fe/0x5450 [ 25.776835] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.776862] ? kasan_atomics_helper+0x5fe/0x5450 [ 25.776888] kasan_report+0x141/0x180 [ 25.776911] ? kasan_atomics_helper+0x5fe/0x5450 [ 25.776941] kasan_check_range+0x10c/0x1c0 [ 25.776966] __kasan_check_write+0x18/0x20 [ 25.776990] kasan_atomics_helper+0x5fe/0x5450 [ 25.777018] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.777044] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.777069] ? kasan_atomics+0x152/0x310 [ 25.777095] kasan_atomics+0x1dc/0x310 [ 25.777118] ? __pfx_kasan_atomics+0x10/0x10 [ 25.777141] ? trace_hardirqs_on+0x37/0xe0 [ 25.777164] ? __pfx_read_tsc+0x10/0x10 [ 25.777186] ? ktime_get_ts64+0x86/0x230 [ 25.777212] kunit_try_run_case+0x1a5/0x480 [ 25.777237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.777263] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.777287] ? __kthread_parkme+0x82/0x180 [ 25.777311] ? preempt_count_sub+0x50/0x80 [ 25.777335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.777361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.777385] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.777426] kthread+0x337/0x6f0 [ 25.777448] ? trace_preempt_on+0x20/0xc0 [ 25.777481] ? __pfx_kthread+0x10/0x10 [ 25.777503] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.777528] ? calculate_sigpending+0x7b/0xa0 [ 25.777554] ? __pfx_kthread+0x10/0x10 [ 25.777577] ret_from_fork+0x116/0x1d0 [ 25.777597] ? __pfx_kthread+0x10/0x10 [ 25.777619] ret_from_fork_asm+0x1a/0x30 [ 25.777651] </TASK> [ 25.777664] [ 25.785311] Allocated by task 314: [ 25.785500] kasan_save_stack+0x45/0x70 [ 25.785699] kasan_save_track+0x18/0x40 [ 25.786072] kasan_save_alloc_info+0x3b/0x50 [ 25.786279] __kasan_kmalloc+0xb7/0xc0 [ 25.786563] __kmalloc_cache_noprof+0x189/0x420 [ 25.786750] kasan_atomics+0x95/0x310 [ 25.786878] kunit_try_run_case+0x1a5/0x480 [ 25.787019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.787426] kthread+0x337/0x6f0 [ 25.787610] ret_from_fork+0x116/0x1d0 [ 25.787796] ret_from_fork_asm+0x1a/0x30 [ 25.787987] [ 25.788067] The buggy address belongs to the object at ffff888106195400 [ 25.788067] which belongs to the cache kmalloc-64 of size 64 [ 25.788724] The buggy address is located 0 bytes to the right of [ 25.788724] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.789237] [ 25.789472] The buggy address belongs to the physical page: [ 25.789752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.790029] flags: 0x200000000000000(node=0|zone=2) [ 25.790215] page_type: f5(slab) [ 25.790379] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.790872] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.791104] page dumped because: kasan: bad access detected [ 25.791522] [ 25.791615] Memory state around the buggy address: [ 25.791796] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.792006] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.792217] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.792427] ^ [ 25.793792] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.794908] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.796042] ================================================================== [ 26.607318] ================================================================== [ 26.607676] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 26.608010] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.608366] [ 26.608480] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.608528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.608542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.608564] Call Trace: [ 26.608579] <TASK> [ 26.608594] dump_stack_lvl+0x73/0xb0 [ 26.608621] print_report+0xd1/0x650 [ 26.608644] ? __virt_addr_valid+0x1db/0x2d0 [ 26.608669] ? kasan_atomics_helper+0x1b22/0x5450 [ 26.608694] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.608721] ? kasan_atomics_helper+0x1b22/0x5450 [ 26.608747] kasan_report+0x141/0x180 [ 26.608769] ? kasan_atomics_helper+0x1b22/0x5450 [ 26.608800] kasan_check_range+0x10c/0x1c0 [ 26.608825] __kasan_check_write+0x18/0x20 [ 26.608848] kasan_atomics_helper+0x1b22/0x5450 [ 26.608875] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.608902] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.608927] ? kasan_atomics+0x152/0x310 [ 26.608954] kasan_atomics+0x1dc/0x310 [ 26.608977] ? __pfx_kasan_atomics+0x10/0x10 [ 26.609000] ? trace_hardirqs_on+0x37/0xe0 [ 26.609022] ? __pfx_read_tsc+0x10/0x10 [ 26.609045] ? ktime_get_ts64+0x86/0x230 [ 26.609070] kunit_try_run_case+0x1a5/0x480 [ 26.609095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.609121] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.609144] ? __kthread_parkme+0x82/0x180 [ 26.609166] ? preempt_count_sub+0x50/0x80 [ 26.609213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.609239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.609265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.609290] kthread+0x337/0x6f0 [ 26.609312] ? trace_preempt_on+0x20/0xc0 [ 26.609335] ? __pfx_kthread+0x10/0x10 [ 26.609357] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.609382] ? calculate_sigpending+0x7b/0xa0 [ 26.609408] ? __pfx_kthread+0x10/0x10 [ 26.609430] ret_from_fork+0x116/0x1d0 [ 26.609451] ? __pfx_kthread+0x10/0x10 [ 26.609482] ret_from_fork_asm+0x1a/0x30 [ 26.609514] </TASK> [ 26.609525] [ 26.616541] Allocated by task 314: [ 26.616701] kasan_save_stack+0x45/0x70 [ 26.616894] kasan_save_track+0x18/0x40 [ 26.617024] kasan_save_alloc_info+0x3b/0x50 [ 26.617165] __kasan_kmalloc+0xb7/0xc0 [ 26.617314] __kmalloc_cache_noprof+0x189/0x420 [ 26.617471] kasan_atomics+0x95/0x310 [ 26.617651] kunit_try_run_case+0x1a5/0x480 [ 26.617860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.618108] kthread+0x337/0x6f0 [ 26.618300] ret_from_fork+0x116/0x1d0 [ 26.618490] ret_from_fork_asm+0x1a/0x30 [ 26.618689] [ 26.618779] The buggy address belongs to the object at ffff888106195400 [ 26.618779] which belongs to the cache kmalloc-64 of size 64 [ 26.619272] The buggy address is located 0 bytes to the right of [ 26.619272] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.619768] [ 26.619856] The buggy address belongs to the physical page: [ 26.620077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.620348] flags: 0x200000000000000(node=0|zone=2) [ 26.620544] page_type: f5(slab) [ 26.620710] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.621050] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.621386] page dumped because: kasan: bad access detected [ 26.621620] [ 26.621712] Memory state around the buggy address: [ 26.621895] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.622137] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.622372] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.622590] ^ [ 26.622813] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.623129] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.623471] ================================================================== [ 26.897859] ================================================================== [ 26.898100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 26.898332] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.898566] [ 26.898671] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.898720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.898735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.898758] Call Trace: [ 26.898773] <TASK> [ 26.898790] dump_stack_lvl+0x73/0xb0 [ 26.898818] print_report+0xd1/0x650 [ 26.898841] ? __virt_addr_valid+0x1db/0x2d0 [ 26.898865] ? kasan_atomics_helper+0x224c/0x5450 [ 26.898890] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.898918] ? kasan_atomics_helper+0x224c/0x5450 [ 26.898944] kasan_report+0x141/0x180 [ 26.898967] ? kasan_atomics_helper+0x224c/0x5450 [ 26.898998] kasan_check_range+0x10c/0x1c0 [ 26.899022] __kasan_check_write+0x18/0x20 [ 26.899047] kasan_atomics_helper+0x224c/0x5450 [ 26.899074] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.899101] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.899126] ? kasan_atomics+0x152/0x310 [ 26.899153] kasan_atomics+0x1dc/0x310 [ 26.899177] ? __pfx_kasan_atomics+0x10/0x10 [ 26.899516] ? trace_hardirqs_on+0x37/0xe0 [ 26.899545] ? __pfx_read_tsc+0x10/0x10 [ 26.899569] ? ktime_get_ts64+0x86/0x230 [ 26.899796] kunit_try_run_case+0x1a5/0x480 [ 26.899827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.899854] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.899879] ? __kthread_parkme+0x82/0x180 [ 26.899902] ? preempt_count_sub+0x50/0x80 [ 26.899927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.899953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.899978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.900004] kthread+0x337/0x6f0 [ 26.900025] ? trace_preempt_on+0x20/0xc0 [ 26.900049] ? __pfx_kthread+0x10/0x10 [ 26.900071] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.900097] ? calculate_sigpending+0x7b/0xa0 [ 26.900122] ? __pfx_kthread+0x10/0x10 [ 26.900146] ret_from_fork+0x116/0x1d0 [ 26.900167] ? __pfx_kthread+0x10/0x10 [ 26.900203] ret_from_fork_asm+0x1a/0x30 [ 26.900235] </TASK> [ 26.900247] [ 26.908818] Allocated by task 314: [ 26.909000] kasan_save_stack+0x45/0x70 [ 26.909152] kasan_save_track+0x18/0x40 [ 26.909671] kasan_save_alloc_info+0x3b/0x50 [ 26.909939] __kasan_kmalloc+0xb7/0xc0 [ 26.910099] __kmalloc_cache_noprof+0x189/0x420 [ 26.910365] kasan_atomics+0x95/0x310 [ 26.910669] kunit_try_run_case+0x1a5/0x480 [ 26.910845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.911080] kthread+0x337/0x6f0 [ 26.911237] ret_from_fork+0x116/0x1d0 [ 26.911666] ret_from_fork_asm+0x1a/0x30 [ 26.911840] [ 26.912044] The buggy address belongs to the object at ffff888106195400 [ 26.912044] which belongs to the cache kmalloc-64 of size 64 [ 26.912403] The buggy address is located 0 bytes to the right of [ 26.912403] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.912778] [ 26.912850] The buggy address belongs to the physical page: [ 26.913026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.913808] flags: 0x200000000000000(node=0|zone=2) [ 26.914111] page_type: f5(slab) [ 26.914317] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.914615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.914933] page dumped because: kasan: bad access detected [ 26.915160] [ 26.915237] Memory state around the buggy address: [ 26.915789] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.916009] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.916229] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.916754] ^ [ 26.917079] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.917546] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.917818] ================================================================== [ 26.780260] ================================================================== [ 26.780610] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 26.780987] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.781447] [ 26.781538] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.781585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.781599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.781621] Call Trace: [ 26.781635] <TASK> [ 26.781651] dump_stack_lvl+0x73/0xb0 [ 26.781677] print_report+0xd1/0x650 [ 26.781701] ? __virt_addr_valid+0x1db/0x2d0 [ 26.781725] ? kasan_atomics_helper+0x2006/0x5450 [ 26.781751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.781778] ? kasan_atomics_helper+0x2006/0x5450 [ 26.781805] kasan_report+0x141/0x180 [ 26.781828] ? kasan_atomics_helper+0x2006/0x5450 [ 26.781865] kasan_check_range+0x10c/0x1c0 [ 26.781889] __kasan_check_write+0x18/0x20 [ 26.781914] kasan_atomics_helper+0x2006/0x5450 [ 26.781941] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.781968] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.781994] ? kasan_atomics+0x152/0x310 [ 26.782020] kasan_atomics+0x1dc/0x310 [ 26.782044] ? __pfx_kasan_atomics+0x10/0x10 [ 26.782067] ? trace_hardirqs_on+0x37/0xe0 [ 26.782090] ? __pfx_read_tsc+0x10/0x10 [ 26.782112] ? ktime_get_ts64+0x86/0x230 [ 26.782137] kunit_try_run_case+0x1a5/0x480 [ 26.782163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.782189] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.782221] ? __kthread_parkme+0x82/0x180 [ 26.782242] ? preempt_count_sub+0x50/0x80 [ 26.782266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.782293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.782318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.782344] kthread+0x337/0x6f0 [ 26.782364] ? trace_preempt_on+0x20/0xc0 [ 26.782388] ? __pfx_kthread+0x10/0x10 [ 26.782409] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.782434] ? calculate_sigpending+0x7b/0xa0 [ 26.782469] ? __pfx_kthread+0x10/0x10 [ 26.782492] ret_from_fork+0x116/0x1d0 [ 26.782512] ? __pfx_kthread+0x10/0x10 [ 26.782535] ret_from_fork_asm+0x1a/0x30 [ 26.782567] </TASK> [ 26.782580] [ 26.789837] Allocated by task 314: [ 26.790012] kasan_save_stack+0x45/0x70 [ 26.790163] kasan_save_track+0x18/0x40 [ 26.790361] kasan_save_alloc_info+0x3b/0x50 [ 26.790520] __kasan_kmalloc+0xb7/0xc0 [ 26.790650] __kmalloc_cache_noprof+0x189/0x420 [ 26.790799] kasan_atomics+0x95/0x310 [ 26.790982] kunit_try_run_case+0x1a5/0x480 [ 26.791179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.791435] kthread+0x337/0x6f0 [ 26.791605] ret_from_fork+0x116/0x1d0 [ 26.791763] ret_from_fork_asm+0x1a/0x30 [ 26.791944] [ 26.792035] The buggy address belongs to the object at ffff888106195400 [ 26.792035] which belongs to the cache kmalloc-64 of size 64 [ 26.792383] The buggy address is located 0 bytes to the right of [ 26.792383] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.792938] [ 26.793032] The buggy address belongs to the physical page: [ 26.793293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.793622] flags: 0x200000000000000(node=0|zone=2) [ 26.793784] page_type: f5(slab) [ 26.793920] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.794339] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.794621] page dumped because: kasan: bad access detected [ 26.794848] [ 26.794922] Memory state around the buggy address: [ 26.795099] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.795424] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.795705] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.795966] ^ [ 26.796152] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.796556] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.796828] ================================================================== [ 25.832850] ================================================================== [ 25.833555] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 25.833858] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 25.834152] [ 25.834414] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 25.834682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.834701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.834724] Call Trace: [ 25.834742] <TASK> [ 25.834759] dump_stack_lvl+0x73/0xb0 [ 25.834799] print_report+0xd1/0x650 [ 25.834823] ? __virt_addr_valid+0x1db/0x2d0 [ 25.834848] ? kasan_atomics_helper+0x72f/0x5450 [ 25.834874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.834900] ? kasan_atomics_helper+0x72f/0x5450 [ 25.834926] kasan_report+0x141/0x180 [ 25.834949] ? kasan_atomics_helper+0x72f/0x5450 [ 25.834980] kasan_check_range+0x10c/0x1c0 [ 25.835004] __kasan_check_write+0x18/0x20 [ 25.835028] kasan_atomics_helper+0x72f/0x5450 [ 25.835056] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.835083] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.835107] ? kasan_atomics+0x152/0x310 [ 25.835134] kasan_atomics+0x1dc/0x310 [ 25.835188] ? __pfx_kasan_atomics+0x10/0x10 [ 25.835211] ? trace_hardirqs_on+0x37/0xe0 [ 25.835246] ? __pfx_read_tsc+0x10/0x10 [ 25.835269] ? ktime_get_ts64+0x86/0x230 [ 25.835294] kunit_try_run_case+0x1a5/0x480 [ 25.835320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.835347] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.835370] ? __kthread_parkme+0x82/0x180 [ 25.835392] ? preempt_count_sub+0x50/0x80 [ 25.835417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.835443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.835478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.835505] kthread+0x337/0x6f0 [ 25.835527] ? trace_preempt_on+0x20/0xc0 [ 25.835551] ? __pfx_kthread+0x10/0x10 [ 25.835573] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.835599] ? calculate_sigpending+0x7b/0xa0 [ 25.835624] ? __pfx_kthread+0x10/0x10 [ 25.835648] ret_from_fork+0x116/0x1d0 [ 25.835669] ? __pfx_kthread+0x10/0x10 [ 25.835692] ret_from_fork_asm+0x1a/0x30 [ 25.835724] </TASK> [ 25.835737] [ 25.848090] Allocated by task 314: [ 25.848370] kasan_save_stack+0x45/0x70 [ 25.848787] kasan_save_track+0x18/0x40 [ 25.849078] kasan_save_alloc_info+0x3b/0x50 [ 25.849528] __kasan_kmalloc+0xb7/0xc0 [ 25.849734] __kmalloc_cache_noprof+0x189/0x420 [ 25.849937] kasan_atomics+0x95/0x310 [ 25.850106] kunit_try_run_case+0x1a5/0x480 [ 25.850558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.850902] kthread+0x337/0x6f0 [ 25.851290] ret_from_fork+0x116/0x1d0 [ 25.851537] ret_from_fork_asm+0x1a/0x30 [ 25.851935] [ 25.852025] The buggy address belongs to the object at ffff888106195400 [ 25.852025] which belongs to the cache kmalloc-64 of size 64 [ 25.853031] The buggy address is located 0 bytes to the right of [ 25.853031] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 25.854357] [ 25.854452] The buggy address belongs to the physical page: [ 25.854877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 25.855695] flags: 0x200000000000000(node=0|zone=2) [ 25.856038] page_type: f5(slab) [ 25.856486] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.856994] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.857644] page dumped because: kasan: bad access detected [ 25.858087] [ 25.858312] Memory state around the buggy address: [ 25.858645] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.858940] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.859439] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.859928] ^ [ 25.860504] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.860813] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.861088] ================================================================== [ 26.730092] ================================================================== [ 26.730643] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 26.731010] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.731534] [ 26.731659] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.731721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.731736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.731759] Call Trace: [ 26.731793] <TASK> [ 26.731809] dump_stack_lvl+0x73/0xb0 [ 26.731836] print_report+0xd1/0x650 [ 26.731859] ? __virt_addr_valid+0x1db/0x2d0 [ 26.731883] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.731909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.731935] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.731961] kasan_report+0x141/0x180 [ 26.731985] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.732016] kasan_check_range+0x10c/0x1c0 [ 26.732040] __kasan_check_write+0x18/0x20 [ 26.732065] kasan_atomics_helper+0x1f43/0x5450 [ 26.732091] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.732136] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.732162] ? kasan_atomics+0x152/0x310 [ 26.732188] kasan_atomics+0x1dc/0x310 [ 26.732220] ? __pfx_kasan_atomics+0x10/0x10 [ 26.732244] ? trace_hardirqs_on+0x37/0xe0 [ 26.732268] ? __pfx_read_tsc+0x10/0x10 [ 26.732290] ? ktime_get_ts64+0x86/0x230 [ 26.732315] kunit_try_run_case+0x1a5/0x480 [ 26.732341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.732387] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.732410] ? __kthread_parkme+0x82/0x180 [ 26.732432] ? preempt_count_sub+0x50/0x80 [ 26.732466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.732492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.732517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.732561] kthread+0x337/0x6f0 [ 26.732582] ? trace_preempt_on+0x20/0xc0 [ 26.732604] ? __pfx_kthread+0x10/0x10 [ 26.732627] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.732652] ? calculate_sigpending+0x7b/0xa0 [ 26.732677] ? __pfx_kthread+0x10/0x10 [ 26.732717] ret_from_fork+0x116/0x1d0 [ 26.732737] ? __pfx_kthread+0x10/0x10 [ 26.732759] ret_from_fork_asm+0x1a/0x30 [ 26.732792] </TASK> [ 26.732804] [ 26.740676] Allocated by task 314: [ 26.740880] kasan_save_stack+0x45/0x70 [ 26.741100] kasan_save_track+0x18/0x40 [ 26.741419] kasan_save_alloc_info+0x3b/0x50 [ 26.741636] __kasan_kmalloc+0xb7/0xc0 [ 26.741857] __kmalloc_cache_noprof+0x189/0x420 [ 26.742083] kasan_atomics+0x95/0x310 [ 26.742238] kunit_try_run_case+0x1a5/0x480 [ 26.742479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.742922] kthread+0x337/0x6f0 [ 26.743255] ret_from_fork+0x116/0x1d0 [ 26.743431] ret_from_fork_asm+0x1a/0x30 [ 26.744062] [ 26.744140] The buggy address belongs to the object at ffff888106195400 [ 26.744140] which belongs to the cache kmalloc-64 of size 64 [ 26.744638] The buggy address is located 0 bytes to the right of [ 26.744638] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.744983] [ 26.745048] The buggy address belongs to the physical page: [ 26.745210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.746181] flags: 0x200000000000000(node=0|zone=2) [ 26.746884] page_type: f5(slab) [ 26.747336] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.748210] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.749064] page dumped because: kasan: bad access detected [ 26.749886] [ 26.750057] Memory state around the buggy address: [ 26.750827] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.751656] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.752520] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.753402] ^ [ 26.753988] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.754513] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.754735] ================================================================== [ 26.099266] ================================================================== [ 26.099991] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 26.100339] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.100692] [ 26.100778] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.100837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.100852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.100875] Call Trace: [ 26.100893] <TASK> [ 26.100909] dump_stack_lvl+0x73/0xb0 [ 26.100937] print_report+0xd1/0x650 [ 26.100960] ? __virt_addr_valid+0x1db/0x2d0 [ 26.100985] ? kasan_atomics_helper+0xe78/0x5450 [ 26.101011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.101039] ? kasan_atomics_helper+0xe78/0x5450 [ 26.101066] kasan_report+0x141/0x180 [ 26.101089] ? kasan_atomics_helper+0xe78/0x5450 [ 26.101120] kasan_check_range+0x10c/0x1c0 [ 26.101145] __kasan_check_write+0x18/0x20 [ 26.101169] kasan_atomics_helper+0xe78/0x5450 [ 26.101197] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.101225] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.101251] ? kasan_atomics+0x152/0x310 [ 26.101278] kasan_atomics+0x1dc/0x310 [ 26.101302] ? __pfx_kasan_atomics+0x10/0x10 [ 26.101326] ? trace_hardirqs_on+0x37/0xe0 [ 26.101349] ? __pfx_read_tsc+0x10/0x10 [ 26.101372] ? ktime_get_ts64+0x86/0x230 [ 26.101399] kunit_try_run_case+0x1a5/0x480 [ 26.101424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.101450] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.101488] ? __kthread_parkme+0x82/0x180 [ 26.101511] ? preempt_count_sub+0x50/0x80 [ 26.101539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.101566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.101592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.101619] kthread+0x337/0x6f0 [ 26.101641] ? trace_preempt_on+0x20/0xc0 [ 26.101666] ? __pfx_kthread+0x10/0x10 [ 26.101689] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.101716] ? calculate_sigpending+0x7b/0xa0 [ 26.101741] ? __pfx_kthread+0x10/0x10 [ 26.101766] ret_from_fork+0x116/0x1d0 [ 26.101788] ? __pfx_kthread+0x10/0x10 [ 26.101812] ret_from_fork_asm+0x1a/0x30 [ 26.101867] </TASK> [ 26.101880] [ 26.108968] Allocated by task 314: [ 26.109143] kasan_save_stack+0x45/0x70 [ 26.109362] kasan_save_track+0x18/0x40 [ 26.109506] kasan_save_alloc_info+0x3b/0x50 [ 26.109652] __kasan_kmalloc+0xb7/0xc0 [ 26.109785] __kmalloc_cache_noprof+0x189/0x420 [ 26.110014] kasan_atomics+0x95/0x310 [ 26.110200] kunit_try_run_case+0x1a5/0x480 [ 26.110414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.110677] kthread+0x337/0x6f0 [ 26.110823] ret_from_fork+0x116/0x1d0 [ 26.110990] ret_from_fork_asm+0x1a/0x30 [ 26.111174] [ 26.111278] The buggy address belongs to the object at ffff888106195400 [ 26.111278] which belongs to the cache kmalloc-64 of size 64 [ 26.111768] The buggy address is located 0 bytes to the right of [ 26.111768] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.112349] [ 26.112427] The buggy address belongs to the physical page: [ 26.112665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.112972] flags: 0x200000000000000(node=0|zone=2) [ 26.113187] page_type: f5(slab) [ 26.113338] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.113644] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.113949] page dumped because: kasan: bad access detected [ 26.114151] [ 26.114270] Memory state around the buggy address: [ 26.114475] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.114756] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.115025] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.115311] ^ [ 26.115517] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.115731] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.115941] ================================================================== [ 26.675483] ================================================================== [ 26.675861] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 26.676302] Write of size 8 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.676695] [ 26.676821] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.676907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.676935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.676970] Call Trace: [ 26.676999] <TASK> [ 26.677028] dump_stack_lvl+0x73/0xb0 [ 26.677069] print_report+0xd1/0x650 [ 26.677092] ? __virt_addr_valid+0x1db/0x2d0 [ 26.677142] ? kasan_atomics_helper+0x1d7a/0x5450 [ 26.677213] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.677241] ? kasan_atomics_helper+0x1d7a/0x5450 [ 26.677267] kasan_report+0x141/0x180 [ 26.677290] ? kasan_atomics_helper+0x1d7a/0x5450 [ 26.677321] kasan_check_range+0x10c/0x1c0 [ 26.677346] __kasan_check_write+0x18/0x20 [ 26.677370] kasan_atomics_helper+0x1d7a/0x5450 [ 26.677397] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.677423] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.677476] ? kasan_atomics+0x152/0x310 [ 26.677503] kasan_atomics+0x1dc/0x310 [ 26.677527] ? __pfx_kasan_atomics+0x10/0x10 [ 26.677567] ? trace_hardirqs_on+0x37/0xe0 [ 26.677591] ? __pfx_read_tsc+0x10/0x10 [ 26.677630] ? ktime_get_ts64+0x86/0x230 [ 26.677655] kunit_try_run_case+0x1a5/0x480 [ 26.677681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.677708] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.677731] ? __kthread_parkme+0x82/0x180 [ 26.677755] ? preempt_count_sub+0x50/0x80 [ 26.677799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.677825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.677854] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.677881] kthread+0x337/0x6f0 [ 26.677903] ? trace_preempt_on+0x20/0xc0 [ 26.677926] ? __pfx_kthread+0x10/0x10 [ 26.677948] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.677989] ? calculate_sigpending+0x7b/0xa0 [ 26.678028] ? __pfx_kthread+0x10/0x10 [ 26.678050] ret_from_fork+0x116/0x1d0 [ 26.678070] ? __pfx_kthread+0x10/0x10 [ 26.678093] ret_from_fork_asm+0x1a/0x30 [ 26.678125] </TASK> [ 26.678136] [ 26.685722] Allocated by task 314: [ 26.685865] kasan_save_stack+0x45/0x70 [ 26.686081] kasan_save_track+0x18/0x40 [ 26.686252] kasan_save_alloc_info+0x3b/0x50 [ 26.686397] __kasan_kmalloc+0xb7/0xc0 [ 26.686536] __kmalloc_cache_noprof+0x189/0x420 [ 26.686685] kasan_atomics+0x95/0x310 [ 26.686811] kunit_try_run_case+0x1a5/0x480 [ 26.686952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.687122] kthread+0x337/0x6f0 [ 26.687261] ret_from_fork+0x116/0x1d0 [ 26.687445] ret_from_fork_asm+0x1a/0x30 [ 26.687669] [ 26.687778] The buggy address belongs to the object at ffff888106195400 [ 26.687778] which belongs to the cache kmalloc-64 of size 64 [ 26.688358] The buggy address is located 0 bytes to the right of [ 26.688358] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.688932] [ 26.689023] The buggy address belongs to the physical page: [ 26.689348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.689762] flags: 0x200000000000000(node=0|zone=2) [ 26.690050] page_type: f5(slab) [ 26.690261] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.690603] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.690932] page dumped because: kasan: bad access detected [ 26.691176] [ 26.691283] Memory state around the buggy address: [ 26.691504] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.691738] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.691946] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.692152] ^ [ 26.692325] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.692647] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.692979] ================================================================== [ 26.289368] ================================================================== [ 26.289694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 26.289943] Write of size 4 at addr ffff888106195430 by task kunit_try_catch/314 [ 26.290213] [ 26.290315] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) [ 26.290361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.290375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.290397] Call Trace: [ 26.290412] <TASK> [ 26.290429] dump_stack_lvl+0x73/0xb0 [ 26.290466] print_report+0xd1/0x650 [ 26.290490] ? __virt_addr_valid+0x1db/0x2d0 [ 26.290515] ? kasan_atomics_helper+0x12e6/0x5450 [ 26.290541] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.290567] ? kasan_atomics_helper+0x12e6/0x5450 [ 26.290594] kasan_report+0x141/0x180 [ 26.290620] ? kasan_atomics_helper+0x12e6/0x5450 [ 26.290652] kasan_check_range+0x10c/0x1c0 [ 26.290677] __kasan_check_write+0x18/0x20 [ 26.290701] kasan_atomics_helper+0x12e6/0x5450 [ 26.290729] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.290755] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.290781] ? kasan_atomics+0x152/0x310 [ 26.290808] kasan_atomics+0x1dc/0x310 [ 26.290832] ? __pfx_kasan_atomics+0x10/0x10 [ 26.290855] ? trace_hardirqs_on+0x37/0xe0 [ 26.290879] ? __pfx_read_tsc+0x10/0x10 [ 26.290901] ? ktime_get_ts64+0x86/0x230 [ 26.290926] kunit_try_run_case+0x1a5/0x480 [ 26.290951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.290977] ? queued_spin_lock_slowpath+0x116/0xb40 [ 26.291000] ? __kthread_parkme+0x82/0x180 [ 26.291022] ? preempt_count_sub+0x50/0x80 [ 26.291047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.291073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.291098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.291124] kthread+0x337/0x6f0 [ 26.291145] ? trace_preempt_on+0x20/0xc0 [ 26.291168] ? __pfx_kthread+0x10/0x10 [ 26.291191] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.291216] ? calculate_sigpending+0x7b/0xa0 [ 26.291241] ? __pfx_kthread+0x10/0x10 [ 26.291264] ret_from_fork+0x116/0x1d0 [ 26.291285] ? __pfx_kthread+0x10/0x10 [ 26.291307] ret_from_fork_asm+0x1a/0x30 [ 26.291339] </TASK> [ 26.291351] [ 26.298273] Allocated by task 314: [ 26.298465] kasan_save_stack+0x45/0x70 [ 26.298663] kasan_save_track+0x18/0x40 [ 26.298849] kasan_save_alloc_info+0x3b/0x50 [ 26.299062] __kasan_kmalloc+0xb7/0xc0 [ 26.299326] __kmalloc_cache_noprof+0x189/0x420 [ 26.299558] kasan_atomics+0x95/0x310 [ 26.299744] kunit_try_run_case+0x1a5/0x480 [ 26.299942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.300182] kthread+0x337/0x6f0 [ 26.300344] ret_from_fork+0x116/0x1d0 [ 26.300528] ret_from_fork_asm+0x1a/0x30 [ 26.300712] [ 26.300786] The buggy address belongs to the object at ffff888106195400 [ 26.300786] which belongs to the cache kmalloc-64 of size 64 [ 26.301262] The buggy address is located 0 bytes to the right of [ 26.301262] allocated 48-byte region [ffff888106195400, ffff888106195430) [ 26.301740] [ 26.301831] The buggy address belongs to the physical page: [ 26.302055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106195 [ 26.302387] flags: 0x200000000000000(node=0|zone=2) [ 26.302607] page_type: f5(slab) [ 26.302751] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.303043] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.303371] page dumped because: kasan: bad access detected [ 26.303598] [ 26.303691] Memory state around the buggy address: [ 26.303841] ffff888106195300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.304054] ffff888106195380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.304264] >ffff888106195400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.304487] ^ [ 26.304704] ffff888106195480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.305270] ffff888106195500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.305585] ==================================================================