Date
July 4, 2025, 11:10 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 32.391234] ================================================================== [ 32.391444] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 32.391530] Write of size 4 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.391728] [ 32.391764] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.391939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.392002] Hardware name: linux,dummy-virt (DT) [ 32.392422] Call trace: [ 32.392469] show_stack+0x20/0x38 (C) [ 32.392524] dump_stack_lvl+0x8c/0xd0 [ 32.392580] print_report+0x118/0x608 [ 32.392629] kasan_report+0xdc/0x128 [ 32.392699] kasan_check_range+0x100/0x1a8 [ 32.392762] __kasan_check_write+0x20/0x30 [ 32.392816] kasan_atomics_helper+0xd3c/0x4858 [ 32.392866] kasan_atomics+0x198/0x2e0 [ 32.392925] kunit_try_run_case+0x170/0x3f0 [ 32.392979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.393051] kthread+0x328/0x630 [ 32.393096] ret_from_fork+0x10/0x20 [ 32.393155] [ 32.393176] Allocated by task 298: [ 32.393209] kasan_save_stack+0x3c/0x68 [ 32.393254] kasan_save_track+0x20/0x40 [ 32.393295] kasan_save_alloc_info+0x40/0x58 [ 32.393335] __kasan_kmalloc+0xd4/0xd8 [ 32.393376] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.393418] kasan_atomics+0xb8/0x2e0 [ 32.393458] kunit_try_run_case+0x170/0x3f0 [ 32.393500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.393547] kthread+0x328/0x630 [ 32.393583] ret_from_fork+0x10/0x20 [ 32.393623] [ 32.393643] The buggy address belongs to the object at fff00000c5ae7400 [ 32.393643] which belongs to the cache kmalloc-64 of size 64 [ 32.393702] The buggy address is located 0 bytes to the right of [ 32.393702] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.394069] [ 32.394093] The buggy address belongs to the physical page: [ 32.394127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.394274] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.394693] page_type: f5(slab) [ 32.394775] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.395033] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.395096] page dumped because: kasan: bad access detected [ 32.395132] [ 32.395153] Memory state around the buggy address: [ 32.395228] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.395432] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.395509] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.395616] ^ [ 32.395674] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.395741] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.395887] ================================================================== [ 32.528358] ================================================================== [ 32.528599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 32.528659] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.528711] [ 32.528930] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.529094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.529124] Hardware name: linux,dummy-virt (DT) [ 32.529157] Call trace: [ 32.529189] show_stack+0x20/0x38 (C) [ 32.529241] dump_stack_lvl+0x8c/0xd0 [ 32.529287] print_report+0x118/0x608 [ 32.529588] kasan_report+0xdc/0x128 [ 32.529691] kasan_check_range+0x100/0x1a8 [ 32.529912] __kasan_check_write+0x20/0x30 [ 32.530008] kasan_atomics_helper+0x15b4/0x4858 [ 32.530073] kasan_atomics+0x198/0x2e0 [ 32.530121] kunit_try_run_case+0x170/0x3f0 [ 32.530190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.530245] kthread+0x328/0x630 [ 32.530288] ret_from_fork+0x10/0x20 [ 32.530337] [ 32.530360] Allocated by task 298: [ 32.530389] kasan_save_stack+0x3c/0x68 [ 32.530754] kasan_save_track+0x20/0x40 [ 32.530809] kasan_save_alloc_info+0x40/0x58 [ 32.530947] __kasan_kmalloc+0xd4/0xd8 [ 32.531340] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.531512] kasan_atomics+0xb8/0x2e0 [ 32.531583] kunit_try_run_case+0x170/0x3f0 [ 32.531625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.531673] kthread+0x328/0x630 [ 32.531709] ret_from_fork+0x10/0x20 [ 32.531759] [ 32.531792] The buggy address belongs to the object at fff00000c5ae7400 [ 32.531792] which belongs to the cache kmalloc-64 of size 64 [ 32.531856] The buggy address is located 0 bytes to the right of [ 32.531856] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.531932] [ 32.531966] The buggy address belongs to the physical page: [ 32.532012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.532065] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.532113] page_type: f5(slab) [ 32.532154] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.532204] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.532257] page dumped because: kasan: bad access detected [ 32.532307] [ 32.532328] Memory state around the buggy address: [ 32.532362] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.532408] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.532452] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.532491] ^ [ 32.532546] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.532615] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.532663] ================================================================== [ 32.408660] ================================================================== [ 32.408722] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 32.408775] Read of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.408913] [ 32.408951] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.409037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.409259] Hardware name: linux,dummy-virt (DT) [ 32.409411] Call trace: [ 32.409440] show_stack+0x20/0x38 (C) [ 32.409495] dump_stack_lvl+0x8c/0xd0 [ 32.409784] print_report+0x118/0x608 [ 32.409931] kasan_report+0xdc/0x128 [ 32.410051] __asan_report_load8_noabort+0x20/0x30 [ 32.410232] kasan_atomics_helper+0x3f58/0x4858 [ 32.410293] kasan_atomics+0x198/0x2e0 [ 32.410343] kunit_try_run_case+0x170/0x3f0 [ 32.410394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.410794] kthread+0x328/0x630 [ 32.411218] ret_from_fork+0x10/0x20 [ 32.411492] [ 32.411557] Allocated by task 298: [ 32.411589] kasan_save_stack+0x3c/0x68 [ 32.411844] kasan_save_track+0x20/0x40 [ 32.412003] kasan_save_alloc_info+0x40/0x58 [ 32.412121] __kasan_kmalloc+0xd4/0xd8 [ 32.412208] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.412604] kasan_atomics+0xb8/0x2e0 [ 32.412651] kunit_try_run_case+0x170/0x3f0 [ 32.412694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.412987] kthread+0x328/0x630 [ 32.413368] ret_from_fork+0x10/0x20 [ 32.413460] [ 32.413538] The buggy address belongs to the object at fff00000c5ae7400 [ 32.413538] which belongs to the cache kmalloc-64 of size 64 [ 32.413729] The buggy address is located 0 bytes to the right of [ 32.413729] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.414214] [ 32.414417] The buggy address belongs to the physical page: [ 32.414486] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.414660] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.414911] page_type: f5(slab) [ 32.415002] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.415125] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.415500] page dumped because: kasan: bad access detected [ 32.415656] [ 32.415804] Memory state around the buggy address: [ 32.415997] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.416150] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.416200] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.416241] ^ [ 32.416293] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.416734] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.417075] ================================================================== [ 32.445437] ================================================================== [ 32.445487] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 32.445538] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.445662] [ 32.445695] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.446183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.446216] Hardware name: linux,dummy-virt (DT) [ 32.446252] Call trace: [ 32.446277] show_stack+0x20/0x38 (C) [ 32.446330] dump_stack_lvl+0x8c/0xd0 [ 32.446379] print_report+0x118/0x608 [ 32.446427] kasan_report+0xdc/0x128 [ 32.446474] kasan_check_range+0x100/0x1a8 [ 32.446522] __kasan_check_write+0x20/0x30 [ 32.446570] kasan_atomics_helper+0xf88/0x4858 [ 32.446620] kasan_atomics+0x198/0x2e0 [ 32.446668] kunit_try_run_case+0x170/0x3f0 [ 32.446718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.446774] kthread+0x328/0x630 [ 32.446817] ret_from_fork+0x10/0x20 [ 32.446864] [ 32.446887] Allocated by task 298: [ 32.448127] kasan_save_stack+0x3c/0x68 [ 32.448184] kasan_save_track+0x20/0x40 [ 32.448533] kasan_save_alloc_info+0x40/0x58 [ 32.448723] __kasan_kmalloc+0xd4/0xd8 [ 32.448772] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.448822] kasan_atomics+0xb8/0x2e0 [ 32.448870] kunit_try_run_case+0x170/0x3f0 [ 32.448933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.448981] kthread+0x328/0x630 [ 32.449017] ret_from_fork+0x10/0x20 [ 32.449055] [ 32.449078] The buggy address belongs to the object at fff00000c5ae7400 [ 32.449078] which belongs to the cache kmalloc-64 of size 64 [ 32.449140] The buggy address is located 0 bytes to the right of [ 32.449140] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.449205] [ 32.449230] The buggy address belongs to the physical page: [ 32.449263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.449313] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.449362] page_type: f5(slab) [ 32.449400] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.449454] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.449497] page dumped because: kasan: bad access detected [ 32.449530] [ 32.449551] Memory state around the buggy address: [ 32.449586] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.449628] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.449672] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.451010] ^ [ 32.451070] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.451149] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.451318] ================================================================== [ 32.396061] ================================================================== [ 32.396106] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 32.396387] Read of size 4 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.396578] [ 32.396618] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.396706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.396835] Hardware name: linux,dummy-virt (DT) [ 32.396892] Call trace: [ 32.396996] show_stack+0x20/0x38 (C) [ 32.397071] dump_stack_lvl+0x8c/0xd0 [ 32.397152] print_report+0x118/0x608 [ 32.397205] kasan_report+0xdc/0x128 [ 32.397292] __asan_report_load4_noabort+0x20/0x30 [ 32.397401] kasan_atomics_helper+0x3e04/0x4858 [ 32.397454] kasan_atomics+0x198/0x2e0 [ 32.397717] kunit_try_run_case+0x170/0x3f0 [ 32.398028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.398344] kthread+0x328/0x630 [ 32.398518] ret_from_fork+0x10/0x20 [ 32.398728] [ 32.398946] Allocated by task 298: [ 32.399067] kasan_save_stack+0x3c/0x68 [ 32.399116] kasan_save_track+0x20/0x40 [ 32.399303] kasan_save_alloc_info+0x40/0x58 [ 32.399526] __kasan_kmalloc+0xd4/0xd8 [ 32.399634] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.399934] kasan_atomics+0xb8/0x2e0 [ 32.400065] kunit_try_run_case+0x170/0x3f0 [ 32.400251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.400328] kthread+0x328/0x630 [ 32.400468] ret_from_fork+0x10/0x20 [ 32.400703] [ 32.400769] The buggy address belongs to the object at fff00000c5ae7400 [ 32.400769] which belongs to the cache kmalloc-64 of size 64 [ 32.401088] The buggy address is located 0 bytes to the right of [ 32.401088] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.401182] [ 32.401274] The buggy address belongs to the physical page: [ 32.401372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.401496] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.401558] page_type: f5(slab) [ 32.401599] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.401790] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.401989] page dumped because: kasan: bad access detected [ 32.402176] [ 32.402324] Memory state around the buggy address: [ 32.402398] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.402555] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.402608] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.402773] ^ [ 32.402939] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.403008] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.403166] ================================================================== [ 32.513948] ================================================================== [ 32.513999] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 32.514051] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.514103] [ 32.514134] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.514630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.514688] Hardware name: linux,dummy-virt (DT) [ 32.514723] Call trace: [ 32.514747] show_stack+0x20/0x38 (C) [ 32.514802] dump_stack_lvl+0x8c/0xd0 [ 32.514868] print_report+0x118/0x608 [ 32.514929] kasan_report+0xdc/0x128 [ 32.514980] kasan_check_range+0x100/0x1a8 [ 32.515026] __kasan_check_write+0x20/0x30 [ 32.515072] kasan_atomics_helper+0x147c/0x4858 [ 32.515123] kasan_atomics+0x198/0x2e0 [ 32.515324] kunit_try_run_case+0x170/0x3f0 [ 32.515439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.515532] kthread+0x328/0x630 [ 32.515607] ret_from_fork+0x10/0x20 [ 32.515833] [ 32.516101] Allocated by task 298: [ 32.516178] kasan_save_stack+0x3c/0x68 [ 32.516227] kasan_save_track+0x20/0x40 [ 32.516269] kasan_save_alloc_info+0x40/0x58 [ 32.516338] __kasan_kmalloc+0xd4/0xd8 [ 32.516425] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.516518] kasan_atomics+0xb8/0x2e0 [ 32.516564] kunit_try_run_case+0x170/0x3f0 [ 32.516607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.516691] kthread+0x328/0x630 [ 32.516747] ret_from_fork+0x10/0x20 [ 32.516838] [ 32.516886] The buggy address belongs to the object at fff00000c5ae7400 [ 32.516886] which belongs to the cache kmalloc-64 of size 64 [ 32.516985] The buggy address is located 0 bytes to the right of [ 32.516985] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.517058] [ 32.517165] The buggy address belongs to the physical page: [ 32.517199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.517253] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.517336] page_type: f5(slab) [ 32.517377] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.517427] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.517471] page dumped because: kasan: bad access detected [ 32.517650] [ 32.517838] Memory state around the buggy address: [ 32.518058] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.518109] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.518153] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.518192] ^ [ 32.518228] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.518273] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.518313] ================================================================== [ 32.524382] ================================================================== [ 32.524433] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 32.524485] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.524536] [ 32.524566] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.524652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.524679] Hardware name: linux,dummy-virt (DT) [ 32.524712] Call trace: [ 32.524735] show_stack+0x20/0x38 (C) [ 32.524793] dump_stack_lvl+0x8c/0xd0 [ 32.524839] print_report+0x118/0x608 [ 32.524888] kasan_report+0xdc/0x128 [ 32.524952] kasan_check_range+0x100/0x1a8 [ 32.524998] __kasan_check_write+0x20/0x30 [ 32.525043] kasan_atomics_helper+0x154c/0x4858 [ 32.525094] kasan_atomics+0x198/0x2e0 [ 32.525141] kunit_try_run_case+0x170/0x3f0 [ 32.525192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.525247] kthread+0x328/0x630 [ 32.525290] ret_from_fork+0x10/0x20 [ 32.525338] [ 32.525360] Allocated by task 298: [ 32.525388] kasan_save_stack+0x3c/0x68 [ 32.525431] kasan_save_track+0x20/0x40 [ 32.525472] kasan_save_alloc_info+0x40/0x58 [ 32.525512] __kasan_kmalloc+0xd4/0xd8 [ 32.525553] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.525595] kasan_atomics+0xb8/0x2e0 [ 32.525634] kunit_try_run_case+0x170/0x3f0 [ 32.525675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.525723] kthread+0x328/0x630 [ 32.525758] ret_from_fork+0x10/0x20 [ 32.525797] [ 32.525818] The buggy address belongs to the object at fff00000c5ae7400 [ 32.525818] which belongs to the cache kmalloc-64 of size 64 [ 32.525878] The buggy address is located 0 bytes to the right of [ 32.525878] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.525996] [ 32.526019] The buggy address belongs to the physical page: [ 32.526053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.526124] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.526171] page_type: f5(slab) [ 32.526211] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.526261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.526305] page dumped because: kasan: bad access detected [ 32.526339] [ 32.526360] Memory state around the buggy address: [ 32.526950] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.527123] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.527209] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.527523] ^ [ 32.527654] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.527759] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.527956] ================================================================== [ 32.477283] ================================================================== [ 32.477331] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 32.477381] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.477433] [ 32.477464] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.477549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.477576] Hardware name: linux,dummy-virt (DT) [ 32.477609] Call trace: [ 32.477632] show_stack+0x20/0x38 (C) [ 32.477680] dump_stack_lvl+0x8c/0xd0 [ 32.477741] print_report+0x118/0x608 [ 32.477791] kasan_report+0xdc/0x128 [ 32.477837] kasan_check_range+0x100/0x1a8 [ 32.477884] __kasan_check_write+0x20/0x30 [ 32.477992] kasan_atomics_helper+0x1190/0x4858 [ 32.478165] kasan_atomics+0x198/0x2e0 [ 32.478240] kunit_try_run_case+0x170/0x3f0 [ 32.478291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.478347] kthread+0x328/0x630 [ 32.478391] ret_from_fork+0x10/0x20 [ 32.478464] [ 32.478489] Allocated by task 298: [ 32.478520] kasan_save_stack+0x3c/0x68 [ 32.478776] kasan_save_track+0x20/0x40 [ 32.478885] kasan_save_alloc_info+0x40/0x58 [ 32.479040] __kasan_kmalloc+0xd4/0xd8 [ 32.479161] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.479501] kasan_atomics+0xb8/0x2e0 [ 32.479605] kunit_try_run_case+0x170/0x3f0 [ 32.479728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.479844] kthread+0x328/0x630 [ 32.479918] ret_from_fork+0x10/0x20 [ 32.479959] [ 32.479981] The buggy address belongs to the object at fff00000c5ae7400 [ 32.479981] which belongs to the cache kmalloc-64 of size 64 [ 32.480254] The buggy address is located 0 bytes to the right of [ 32.480254] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.480432] [ 32.480507] The buggy address belongs to the physical page: [ 32.480549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.480610] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.480669] page_type: f5(slab) [ 32.480707] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.480760] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.480807] page dumped because: kasan: bad access detected [ 32.480848] [ 32.480878] Memory state around the buggy address: [ 32.480919] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.480967] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.481010] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.481050] ^ [ 32.481085] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.481314] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.481414] ================================================================== [ 32.314337] ================================================================== [ 32.314463] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 32.314518] Write of size 4 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.314739] [ 32.314776] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.314873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.314912] Hardware name: linux,dummy-virt (DT) [ 32.314945] Call trace: [ 32.314969] show_stack+0x20/0x38 (C) [ 32.315021] dump_stack_lvl+0x8c/0xd0 [ 32.315165] print_report+0x118/0x608 [ 32.315289] kasan_report+0xdc/0x128 [ 32.315419] kasan_check_range+0x100/0x1a8 [ 32.315492] __kasan_check_write+0x20/0x30 [ 32.315813] kasan_atomics_helper+0x99c/0x4858 [ 32.315998] kasan_atomics+0x198/0x2e0 [ 32.316115] kunit_try_run_case+0x170/0x3f0 [ 32.316175] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.316285] kthread+0x328/0x630 [ 32.316352] ret_from_fork+0x10/0x20 [ 32.316645] [ 32.316738] Allocated by task 298: [ 32.316774] kasan_save_stack+0x3c/0x68 [ 32.316978] kasan_save_track+0x20/0x40 [ 32.317064] kasan_save_alloc_info+0x40/0x58 [ 32.317108] __kasan_kmalloc+0xd4/0xd8 [ 32.317148] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.317303] kasan_atomics+0xb8/0x2e0 [ 32.317394] kunit_try_run_case+0x170/0x3f0 [ 32.317441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.317507] kthread+0x328/0x630 [ 32.317610] ret_from_fork+0x10/0x20 [ 32.317655] [ 32.317677] The buggy address belongs to the object at fff00000c5ae7400 [ 32.317677] which belongs to the cache kmalloc-64 of size 64 [ 32.317760] The buggy address is located 0 bytes to the right of [ 32.317760] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.317827] [ 32.317850] The buggy address belongs to the physical page: [ 32.317883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.317948] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.318340] page_type: f5(slab) [ 32.318435] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.318578] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.318657] page dumped because: kasan: bad access detected [ 32.318718] [ 32.318952] Memory state around the buggy address: [ 32.319144] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.319258] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.319338] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.319397] ^ [ 32.319786] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.319881] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.319972] ================================================================== [ 32.431246] ================================================================== [ 32.431300] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 32.431353] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.431414] [ 32.431445] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.431531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.431782] Hardware name: linux,dummy-virt (DT) [ 32.431852] Call trace: [ 32.431942] show_stack+0x20/0x38 (C) [ 32.431998] dump_stack_lvl+0x8c/0xd0 [ 32.432044] print_report+0x118/0x608 [ 32.432091] kasan_report+0xdc/0x128 [ 32.432142] kasan_check_range+0x100/0x1a8 [ 32.432189] __kasan_check_write+0x20/0x30 [ 32.432236] kasan_atomics_helper+0xeb8/0x4858 [ 32.432288] kasan_atomics+0x198/0x2e0 [ 32.432335] kunit_try_run_case+0x170/0x3f0 [ 32.432385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.432441] kthread+0x328/0x630 [ 32.432485] ret_from_fork+0x10/0x20 [ 32.432532] [ 32.432552] Allocated by task 298: [ 32.432582] kasan_save_stack+0x3c/0x68 [ 32.432626] kasan_save_track+0x20/0x40 [ 32.432667] kasan_save_alloc_info+0x40/0x58 [ 32.432707] __kasan_kmalloc+0xd4/0xd8 [ 32.433068] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.433498] kasan_atomics+0xb8/0x2e0 [ 32.433667] kunit_try_run_case+0x170/0x3f0 [ 32.433807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.434053] kthread+0x328/0x630 [ 32.434159] ret_from_fork+0x10/0x20 [ 32.434300] [ 32.434382] The buggy address belongs to the object at fff00000c5ae7400 [ 32.434382] which belongs to the cache kmalloc-64 of size 64 [ 32.434584] The buggy address is located 0 bytes to the right of [ 32.434584] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.434667] [ 32.434693] The buggy address belongs to the physical page: [ 32.434725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.434778] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.434951] page_type: f5(slab) [ 32.435116] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.435218] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.435411] page dumped because: kasan: bad access detected [ 32.435448] [ 32.435470] Memory state around the buggy address: [ 32.435661] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.435824] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.436001] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.436276] ^ [ 32.436365] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.436422] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.436574] ================================================================== [ 32.492202] ================================================================== [ 32.492251] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 32.492330] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.492384] [ 32.492415] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.492501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.492531] Hardware name: linux,dummy-virt (DT) [ 32.492571] Call trace: [ 32.492606] show_stack+0x20/0x38 (C) [ 32.492666] dump_stack_lvl+0x8c/0xd0 [ 32.492721] print_report+0x118/0x608 [ 32.492769] kasan_report+0xdc/0x128 [ 32.492822] kasan_check_range+0x100/0x1a8 [ 32.492870] __kasan_check_write+0x20/0x30 [ 32.492928] kasan_atomics_helper+0x12d8/0x4858 [ 32.492979] kasan_atomics+0x198/0x2e0 [ 32.493025] kunit_try_run_case+0x170/0x3f0 [ 32.493075] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.493364] kthread+0x328/0x630 [ 32.493434] ret_from_fork+0x10/0x20 [ 32.493486] [ 32.493590] Allocated by task 298: [ 32.493628] kasan_save_stack+0x3c/0x68 [ 32.493674] kasan_save_track+0x20/0x40 [ 32.494106] kasan_save_alloc_info+0x40/0x58 [ 32.494159] __kasan_kmalloc+0xd4/0xd8 [ 32.494200] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.494243] kasan_atomics+0xb8/0x2e0 [ 32.494283] kunit_try_run_case+0x170/0x3f0 [ 32.494325] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.494372] kthread+0x328/0x630 [ 32.494409] ret_from_fork+0x10/0x20 [ 32.494448] [ 32.494470] The buggy address belongs to the object at fff00000c5ae7400 [ 32.494470] which belongs to the cache kmalloc-64 of size 64 [ 32.494531] The buggy address is located 0 bytes to the right of [ 32.494531] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.494597] [ 32.494620] The buggy address belongs to the physical page: [ 32.494653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.494707] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.494754] page_type: f5(slab) [ 32.494792] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.494844] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.494889] page dumped because: kasan: bad access detected [ 32.495015] [ 32.495177] Memory state around the buggy address: [ 32.495257] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.495351] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.495734] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.495796] ^ [ 32.495840] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.495886] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.495963] ================================================================== [ 32.540223] ================================================================== [ 32.540275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 32.540327] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.540427] [ 32.540604] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.540863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.540916] Hardware name: linux,dummy-virt (DT) [ 32.540967] Call trace: [ 32.541153] show_stack+0x20/0x38 (C) [ 32.541206] dump_stack_lvl+0x8c/0xd0 [ 32.541360] print_report+0x118/0x608 [ 32.541416] kasan_report+0xdc/0x128 [ 32.541660] kasan_check_range+0x100/0x1a8 [ 32.541779] __kasan_check_write+0x20/0x30 [ 32.542054] kasan_atomics_helper+0x1644/0x4858 [ 32.542126] kasan_atomics+0x198/0x2e0 [ 32.542173] kunit_try_run_case+0x170/0x3f0 [ 32.542223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.542640] kthread+0x328/0x630 [ 32.542758] ret_from_fork+0x10/0x20 [ 32.542973] [ 32.543100] Allocated by task 298: [ 32.543408] kasan_save_stack+0x3c/0x68 [ 32.543679] kasan_save_track+0x20/0x40 [ 32.543770] kasan_save_alloc_info+0x40/0x58 [ 32.543979] __kasan_kmalloc+0xd4/0xd8 [ 32.544025] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.544068] kasan_atomics+0xb8/0x2e0 [ 32.544108] kunit_try_run_case+0x170/0x3f0 [ 32.544150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.544197] kthread+0x328/0x630 [ 32.544234] ret_from_fork+0x10/0x20 [ 32.544273] [ 32.544295] The buggy address belongs to the object at fff00000c5ae7400 [ 32.544295] which belongs to the cache kmalloc-64 of size 64 [ 32.544357] The buggy address is located 0 bytes to the right of [ 32.544357] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.544423] [ 32.544446] The buggy address belongs to the physical page: [ 32.544479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.544545] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.544592] page_type: f5(slab) [ 32.544668] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.544731] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.544774] page dumped because: kasan: bad access detected [ 32.544925] [ 32.544960] Memory state around the buggy address: [ 32.545001] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.545058] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.545112] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.545152] ^ [ 32.545190] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.545236] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.545286] ================================================================== [ 32.468827] ================================================================== [ 32.468877] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 32.469042] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.469098] [ 32.469235] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.469329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.469359] Hardware name: linux,dummy-virt (DT) [ 32.469404] Call trace: [ 32.469432] show_stack+0x20/0x38 (C) [ 32.469483] dump_stack_lvl+0x8c/0xd0 [ 32.469638] print_report+0x118/0x608 [ 32.469742] kasan_report+0xdc/0x128 [ 32.470036] kasan_check_range+0x100/0x1a8 [ 32.470151] __kasan_check_write+0x20/0x30 [ 32.470319] kasan_atomics_helper+0x1128/0x4858 [ 32.470495] kasan_atomics+0x198/0x2e0 [ 32.470573] kunit_try_run_case+0x170/0x3f0 [ 32.470624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.470680] kthread+0x328/0x630 [ 32.471287] ret_from_fork+0x10/0x20 [ 32.471658] [ 32.471762] Allocated by task 298: [ 32.471797] kasan_save_stack+0x3c/0x68 [ 32.472137] kasan_save_track+0x20/0x40 [ 32.472323] kasan_save_alloc_info+0x40/0x58 [ 32.472434] __kasan_kmalloc+0xd4/0xd8 [ 32.472767] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.472947] kasan_atomics+0xb8/0x2e0 [ 32.473015] kunit_try_run_case+0x170/0x3f0 [ 32.473057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.473279] kthread+0x328/0x630 [ 32.473442] ret_from_fork+0x10/0x20 [ 32.473548] [ 32.473746] The buggy address belongs to the object at fff00000c5ae7400 [ 32.473746] which belongs to the cache kmalloc-64 of size 64 [ 32.473906] The buggy address is located 0 bytes to the right of [ 32.473906] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.474094] [ 32.474142] The buggy address belongs to the physical page: [ 32.474175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.474229] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.474280] page_type: f5(slab) [ 32.474318] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.474738] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.475265] page dumped because: kasan: bad access detected [ 32.475447] [ 32.475610] Memory state around the buggy address: [ 32.475739] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.475881] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.476914] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.476956] ^ [ 32.476992] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.477037] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.477078] ================================================================== [ 32.423800] ================================================================== [ 32.423846] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 32.423911] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.423964] [ 32.424263] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.424413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.424446] Hardware name: linux,dummy-virt (DT) [ 32.424479] Call trace: [ 32.424503] show_stack+0x20/0x38 (C) [ 32.424554] dump_stack_lvl+0x8c/0xd0 [ 32.424602] print_report+0x118/0x608 [ 32.424662] kasan_report+0xdc/0x128 [ 32.424712] __asan_report_store8_noabort+0x20/0x30 [ 32.424764] kasan_atomics_helper+0x3e5c/0x4858 [ 32.424819] kasan_atomics+0x198/0x2e0 [ 32.424873] kunit_try_run_case+0x170/0x3f0 [ 32.425261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.425356] kthread+0x328/0x630 [ 32.425535] ret_from_fork+0x10/0x20 [ 32.425602] [ 32.425640] Allocated by task 298: [ 32.425714] kasan_save_stack+0x3c/0x68 [ 32.425796] kasan_save_track+0x20/0x40 [ 32.426142] kasan_save_alloc_info+0x40/0x58 [ 32.426201] __kasan_kmalloc+0xd4/0xd8 [ 32.426243] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.426388] kasan_atomics+0xb8/0x2e0 [ 32.426549] kunit_try_run_case+0x170/0x3f0 [ 32.426706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.426762] kthread+0x328/0x630 [ 32.426869] ret_from_fork+0x10/0x20 [ 32.426937] [ 32.426959] The buggy address belongs to the object at fff00000c5ae7400 [ 32.426959] which belongs to the cache kmalloc-64 of size 64 [ 32.427390] The buggy address is located 0 bytes to the right of [ 32.427390] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.427489] [ 32.427753] The buggy address belongs to the physical page: [ 32.427890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.428178] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.428376] page_type: f5(slab) [ 32.428544] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.428676] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.429021] page dumped because: kasan: bad access detected [ 32.429201] [ 32.429592] Memory state around the buggy address: [ 32.429766] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.429871] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.429925] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.429967] ^ [ 32.430151] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.430387] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.430500] ================================================================== [ 32.561601] ================================================================== [ 32.561646] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 32.561697] Read of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.561750] [ 32.561780] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.561864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.561891] Hardware name: linux,dummy-virt (DT) [ 32.561941] Call trace: [ 32.561964] show_stack+0x20/0x38 (C) [ 32.562014] dump_stack_lvl+0x8c/0xd0 [ 32.562060] print_report+0x118/0x608 [ 32.562110] kasan_report+0xdc/0x128 [ 32.562157] __asan_report_load8_noabort+0x20/0x30 [ 32.562209] kasan_atomics_helper+0x3e10/0x4858 [ 32.562258] kasan_atomics+0x198/0x2e0 [ 32.562305] kunit_try_run_case+0x170/0x3f0 [ 32.562355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.562410] kthread+0x328/0x630 [ 32.562454] ret_from_fork+0x10/0x20 [ 32.562503] [ 32.562525] Allocated by task 298: [ 32.562555] kasan_save_stack+0x3c/0x68 [ 32.562597] kasan_save_track+0x20/0x40 [ 32.562638] kasan_save_alloc_info+0x40/0x58 [ 32.562678] __kasan_kmalloc+0xd4/0xd8 [ 32.562716] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.562759] kasan_atomics+0xb8/0x2e0 [ 32.562798] kunit_try_run_case+0x170/0x3f0 [ 32.562838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.562885] kthread+0x328/0x630 [ 32.563128] ret_from_fork+0x10/0x20 [ 32.563339] [ 32.563369] The buggy address belongs to the object at fff00000c5ae7400 [ 32.563369] which belongs to the cache kmalloc-64 of size 64 [ 32.563432] The buggy address is located 0 bytes to the right of [ 32.563432] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.563506] [ 32.563530] The buggy address belongs to the physical page: [ 32.563562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.563617] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.563668] page_type: f5(slab) [ 32.563708] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.564110] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.564376] page dumped because: kasan: bad access detected [ 32.564590] [ 32.564661] Memory state around the buggy address: [ 32.564746] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.564811] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.565035] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.565085] ^ [ 32.565146] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.565192] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.565235] ================================================================== [ 32.566319] ================================================================== [ 32.566581] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 32.566667] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.566729] [ 32.566771] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.566861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.567027] Hardware name: linux,dummy-virt (DT) [ 32.567064] Call trace: [ 32.567177] show_stack+0x20/0x38 (C) [ 32.567454] dump_stack_lvl+0x8c/0xd0 [ 32.567538] print_report+0x118/0x608 [ 32.567605] kasan_report+0xdc/0x128 [ 32.567657] kasan_check_range+0x100/0x1a8 [ 32.567884] __kasan_check_write+0x20/0x30 [ 32.568010] kasan_atomics_helper+0x175c/0x4858 [ 32.568083] kasan_atomics+0x198/0x2e0 [ 32.568141] kunit_try_run_case+0x170/0x3f0 [ 32.568193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.568249] kthread+0x328/0x630 [ 32.568293] ret_from_fork+0x10/0x20 [ 32.568500] [ 32.568526] Allocated by task 298: [ 32.568596] kasan_save_stack+0x3c/0x68 [ 32.569130] kasan_save_track+0x20/0x40 [ 32.569191] kasan_save_alloc_info+0x40/0x58 [ 32.569243] __kasan_kmalloc+0xd4/0xd8 [ 32.569299] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.569345] kasan_atomics+0xb8/0x2e0 [ 32.569386] kunit_try_run_case+0x170/0x3f0 [ 32.569428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.569475] kthread+0x328/0x630 [ 32.569512] ret_from_fork+0x10/0x20 [ 32.569551] [ 32.569575] The buggy address belongs to the object at fff00000c5ae7400 [ 32.569575] which belongs to the cache kmalloc-64 of size 64 [ 32.569655] The buggy address is located 0 bytes to the right of [ 32.569655] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.569723] [ 32.569748] The buggy address belongs to the physical page: [ 32.569781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.569940] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.569995] page_type: f5(slab) [ 32.570035] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.570086] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.570129] page dumped because: kasan: bad access detected [ 32.570162] [ 32.570195] Memory state around the buggy address: [ 32.570237] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.570280] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.570325] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.570364] ^ [ 32.570400] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.570450] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.570491] ================================================================== [ 32.578379] ================================================================== [ 32.578757] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 32.578852] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.578929] [ 32.578977] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.579064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.579091] Hardware name: linux,dummy-virt (DT) [ 32.579125] Call trace: [ 32.579254] show_stack+0x20/0x38 (C) [ 32.579326] dump_stack_lvl+0x8c/0xd0 [ 32.579374] print_report+0x118/0x608 [ 32.579673] kasan_report+0xdc/0x128 [ 32.579728] kasan_check_range+0x100/0x1a8 [ 32.579994] __kasan_check_write+0x20/0x30 [ 32.580059] kasan_atomics_helper+0x17ec/0x4858 [ 32.580289] kasan_atomics+0x198/0x2e0 [ 32.580344] kunit_try_run_case+0x170/0x3f0 [ 32.580395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.580451] kthread+0x328/0x630 [ 32.580495] ret_from_fork+0x10/0x20 [ 32.580587] [ 32.580668] Allocated by task 298: [ 32.580988] kasan_save_stack+0x3c/0x68 [ 32.581052] kasan_save_track+0x20/0x40 [ 32.581133] kasan_save_alloc_info+0x40/0x58 [ 32.581271] __kasan_kmalloc+0xd4/0xd8 [ 32.581355] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.581400] kasan_atomics+0xb8/0x2e0 [ 32.581445] kunit_try_run_case+0x170/0x3f0 [ 32.581488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.581823] kthread+0x328/0x630 [ 32.581891] ret_from_fork+0x10/0x20 [ 32.581943] [ 32.581981] The buggy address belongs to the object at fff00000c5ae7400 [ 32.581981] which belongs to the cache kmalloc-64 of size 64 [ 32.582052] The buggy address is located 0 bytes to the right of [ 32.582052] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.582470] [ 32.582510] The buggy address belongs to the physical page: [ 32.582836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.582946] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.583024] page_type: f5(slab) [ 32.583361] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.583444] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.583520] page dumped because: kasan: bad access detected [ 32.583584] [ 32.583780] Memory state around the buggy address: [ 32.583821] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.583867] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.583950] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.584017] ^ [ 32.584166] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.584271] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.584515] ================================================================== [ 32.486840] ================================================================== [ 32.487062] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 32.487138] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.487190] [ 32.487231] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.487324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.487361] Hardware name: linux,dummy-virt (DT) [ 32.487419] Call trace: [ 32.487495] show_stack+0x20/0x38 (C) [ 32.487580] dump_stack_lvl+0x8c/0xd0 [ 32.487702] print_report+0x118/0x608 [ 32.487778] kasan_report+0xdc/0x128 [ 32.487914] kasan_check_range+0x100/0x1a8 [ 32.487964] __kasan_check_write+0x20/0x30 [ 32.488010] kasan_atomics_helper+0x126c/0x4858 [ 32.488097] kasan_atomics+0x198/0x2e0 [ 32.488239] kunit_try_run_case+0x170/0x3f0 [ 32.488432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.488533] kthread+0x328/0x630 [ 32.488711] ret_from_fork+0x10/0x20 [ 32.488874] [ 32.488954] Allocated by task 298: [ 32.488990] kasan_save_stack+0x3c/0x68 [ 32.489096] kasan_save_track+0x20/0x40 [ 32.489140] kasan_save_alloc_info+0x40/0x58 [ 32.489187] __kasan_kmalloc+0xd4/0xd8 [ 32.489228] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.489271] kasan_atomics+0xb8/0x2e0 [ 32.489502] kunit_try_run_case+0x170/0x3f0 [ 32.489565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.489613] kthread+0x328/0x630 [ 32.489649] ret_from_fork+0x10/0x20 [ 32.489719] [ 32.490092] The buggy address belongs to the object at fff00000c5ae7400 [ 32.490092] which belongs to the cache kmalloc-64 of size 64 [ 32.490266] The buggy address is located 0 bytes to the right of [ 32.490266] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.490413] [ 32.490465] The buggy address belongs to the physical page: [ 32.490595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.490720] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.490769] page_type: f5(slab) [ 32.490830] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.490884] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.490940] page dumped because: kasan: bad access detected [ 32.491133] [ 32.491224] Memory state around the buggy address: [ 32.491279] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.491347] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.491463] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.491739] ^ [ 32.491782] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.491828] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.491964] ================================================================== [ 32.418038] ================================================================== [ 32.418173] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 32.418233] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.418348] [ 32.418434] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.418531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.418751] Hardware name: linux,dummy-virt (DT) [ 32.418844] Call trace: [ 32.418975] show_stack+0x20/0x38 (C) [ 32.419048] dump_stack_lvl+0x8c/0xd0 [ 32.419175] print_report+0x118/0x608 [ 32.419325] kasan_report+0xdc/0x128 [ 32.419378] kasan_check_range+0x100/0x1a8 [ 32.419455] __kasan_check_write+0x20/0x30 [ 32.419652] kasan_atomics_helper+0xe44/0x4858 [ 32.419801] kasan_atomics+0x198/0x2e0 [ 32.419854] kunit_try_run_case+0x170/0x3f0 [ 32.419996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.420057] kthread+0x328/0x630 [ 32.420115] ret_from_fork+0x10/0x20 [ 32.420287] [ 32.420319] Allocated by task 298: [ 32.420354] kasan_save_stack+0x3c/0x68 [ 32.420402] kasan_save_track+0x20/0x40 [ 32.420443] kasan_save_alloc_info+0x40/0x58 [ 32.420484] __kasan_kmalloc+0xd4/0xd8 [ 32.420681] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.420847] kasan_atomics+0xb8/0x2e0 [ 32.420926] kunit_try_run_case+0x170/0x3f0 [ 32.421156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.421253] kthread+0x328/0x630 [ 32.421298] ret_from_fork+0x10/0x20 [ 32.421387] [ 32.421412] The buggy address belongs to the object at fff00000c5ae7400 [ 32.421412] which belongs to the cache kmalloc-64 of size 64 [ 32.421475] The buggy address is located 0 bytes to the right of [ 32.421475] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.421586] [ 32.421610] The buggy address belongs to the physical page: [ 32.421643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.421694] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.421745] page_type: f5(slab) [ 32.422047] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.422187] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.422274] page dumped because: kasan: bad access detected [ 32.422496] [ 32.422656] Memory state around the buggy address: [ 32.422774] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.423176] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.423289] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.423441] ^ [ 32.423509] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.423598] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.423641] ================================================================== [ 32.570569] ================================================================== [ 32.570611] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 32.570658] Read of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.570726] [ 32.570757] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.570841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.570870] Hardware name: linux,dummy-virt (DT) [ 32.571236] Call trace: [ 32.571270] show_stack+0x20/0x38 (C) [ 32.571322] dump_stack_lvl+0x8c/0xd0 [ 32.571379] print_report+0x118/0x608 [ 32.571428] kasan_report+0xdc/0x128 [ 32.571478] __asan_report_load8_noabort+0x20/0x30 [ 32.571569] kasan_atomics_helper+0x3e20/0x4858 [ 32.571641] kasan_atomics+0x198/0x2e0 [ 32.571825] kunit_try_run_case+0x170/0x3f0 [ 32.571908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.572013] kthread+0x328/0x630 [ 32.572060] ret_from_fork+0x10/0x20 [ 32.572110] [ 32.572618] Allocated by task 298: [ 32.572710] kasan_save_stack+0x3c/0x68 [ 32.572779] kasan_save_track+0x20/0x40 [ 32.572856] kasan_save_alloc_info+0x40/0x58 [ 32.573342] __kasan_kmalloc+0xd4/0xd8 [ 32.573397] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.573658] kasan_atomics+0xb8/0x2e0 [ 32.573748] kunit_try_run_case+0x170/0x3f0 [ 32.573934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.574327] kthread+0x328/0x630 [ 32.574423] ret_from_fork+0x10/0x20 [ 32.574521] [ 32.574577] The buggy address belongs to the object at fff00000c5ae7400 [ 32.574577] which belongs to the cache kmalloc-64 of size 64 [ 32.574638] The buggy address is located 0 bytes to the right of [ 32.574638] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.574705] [ 32.574728] The buggy address belongs to the physical page: [ 32.574760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.574814] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.575309] page_type: f5(slab) [ 32.575527] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.575603] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.575805] page dumped because: kasan: bad access detected [ 32.575839] [ 32.575859] Memory state around the buggy address: [ 32.575948] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.576597] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.576668] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.576740] ^ [ 32.576791] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.576849] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.577410] ================================================================== [ 32.518502] ================================================================== [ 32.518551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 32.518602] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.518652] [ 32.518683] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.518768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.518797] Hardware name: linux,dummy-virt (DT) [ 32.518831] Call trace: [ 32.518856] show_stack+0x20/0x38 (C) [ 32.519061] dump_stack_lvl+0x8c/0xd0 [ 32.519166] print_report+0x118/0x608 [ 32.519219] kasan_report+0xdc/0x128 [ 32.519303] kasan_check_range+0x100/0x1a8 [ 32.519389] __kasan_check_write+0x20/0x30 [ 32.519464] kasan_atomics_helper+0x14e4/0x4858 [ 32.519518] kasan_atomics+0x198/0x2e0 [ 32.519603] kunit_try_run_case+0x170/0x3f0 [ 32.519703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.519778] kthread+0x328/0x630 [ 32.519938] ret_from_fork+0x10/0x20 [ 32.520027] [ 32.520052] Allocated by task 298: [ 32.520081] kasan_save_stack+0x3c/0x68 [ 32.520214] kasan_save_track+0x20/0x40 [ 32.520256] kasan_save_alloc_info+0x40/0x58 [ 32.520297] __kasan_kmalloc+0xd4/0xd8 [ 32.520336] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.520378] kasan_atomics+0xb8/0x2e0 [ 32.520418] kunit_try_run_case+0x170/0x3f0 [ 32.520460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.520675] kthread+0x328/0x630 [ 32.520822] ret_from_fork+0x10/0x20 [ 32.520876] [ 32.520933] The buggy address belongs to the object at fff00000c5ae7400 [ 32.520933] which belongs to the cache kmalloc-64 of size 64 [ 32.521090] The buggy address is located 0 bytes to the right of [ 32.521090] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.521159] [ 32.521188] The buggy address belongs to the physical page: [ 32.521252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.521306] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.521353] page_type: f5(slab) [ 32.521393] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.521558] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.521610] page dumped because: kasan: bad access detected [ 32.521736] [ 32.522022] Memory state around the buggy address: [ 32.522136] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.522386] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.522632] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.522819] ^ [ 32.523014] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.523232] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.523529] ================================================================== [ 32.308259] ================================================================== [ 32.308321] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 32.308373] Read of size 4 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.308425] [ 32.308455] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.308540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.308569] Hardware name: linux,dummy-virt (DT) [ 32.308607] Call trace: [ 32.308630] show_stack+0x20/0x38 (C) [ 32.308680] dump_stack_lvl+0x8c/0xd0 [ 32.308728] print_report+0x118/0x608 [ 32.308790] kasan_report+0xdc/0x128 [ 32.308953] kasan_atomics+0x198/0x2e0 [ 32.310568] __kasan_kmalloc+0xd4/0xd8 [ 32.310862] [ 32.311022] [ 32.311131] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.311182] page_type: f5(slab) [ 32.311346] [ 32.311530] ^ [ 32.311859] Write of size 4 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.312358] __kasan_check_write+0x20/0x30 [ 32.312866] __kasan_kmalloc+0xd4/0xd8 [ 32.313097] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.313143] kasan_atomics+0xb8/0x2e0 [ 32.313184] kunit_try_run_case+0x170/0x3f0 [ 32.313224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.313269] kthread+0x328/0x630 [ 32.313305] ret_from_fork+0x10/0x20 [ 32.313344] [ 32.313365] The buggy address belongs to the object at fff00000c5ae7400 [ 32.313365] which belongs to the cache kmalloc-64 of size 64 [ 32.313425] The buggy address is located 0 bytes to the right of [ 32.313425] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.313490] [ 32.313513] The buggy address belongs to the physical page: [ 32.313546] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.313598] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.313648] page_type: f5(slab) [ 32.313688] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.313742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.313786] page dumped because: kasan: bad access detected [ 32.313820] [ 32.313840] Memory state around the buggy address: [ 32.313874] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.313931] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.313976] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.314018] ^ [ 32.314054] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.314097] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.314139] ================================================================== [ 32.404084] ================================================================== [ 32.404138] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 32.404190] Read of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.404502] [ 32.404658] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.404754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.404793] Hardware name: linux,dummy-virt (DT) [ 32.404943] Call trace: [ 32.404979] show_stack+0x20/0x38 (C) [ 32.405033] dump_stack_lvl+0x8c/0xd0 [ 32.405131] print_report+0x118/0x608 [ 32.405210] kasan_report+0xdc/0x128 [ 32.405262] kasan_check_range+0x100/0x1a8 [ 32.405395] __kasan_check_read+0x20/0x30 [ 32.405498] kasan_atomics_helper+0xdd4/0x4858 [ 32.405566] kasan_atomics+0x198/0x2e0 [ 32.405722] kunit_try_run_case+0x170/0x3f0 [ 32.405789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.405946] kthread+0x328/0x630 [ 32.406023] ret_from_fork+0x10/0x20 [ 32.406112] [ 32.406137] Allocated by task 298: [ 32.406182] kasan_save_stack+0x3c/0x68 [ 32.406238] kasan_save_track+0x20/0x40 [ 32.406279] kasan_save_alloc_info+0x40/0x58 [ 32.406328] __kasan_kmalloc+0xd4/0xd8 [ 32.406377] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.406420] kasan_atomics+0xb8/0x2e0 [ 32.406468] kunit_try_run_case+0x170/0x3f0 [ 32.406510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.406557] kthread+0x328/0x630 [ 32.406602] ret_from_fork+0x10/0x20 [ 32.406641] [ 32.406664] The buggy address belongs to the object at fff00000c5ae7400 [ 32.406664] which belongs to the cache kmalloc-64 of size 64 [ 32.406724] The buggy address is located 0 bytes to the right of [ 32.406724] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.406788] [ 32.406818] The buggy address belongs to the physical page: [ 32.406851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.406936] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.406986] page_type: f5(slab) [ 32.407024] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.407078] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.407121] page dumped because: kasan: bad access detected [ 32.407153] [ 32.407185] Memory state around the buggy address: [ 32.407232] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.407286] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.407339] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.407380] ^ [ 32.407413] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.407458] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.407507] ================================================================== [ 32.509499] ================================================================== [ 32.509633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 32.509686] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.509772] [ 32.510037] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.510309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.510544] Hardware name: linux,dummy-virt (DT) [ 32.510720] Call trace: [ 32.510812] show_stack+0x20/0x38 (C) [ 32.510965] dump_stack_lvl+0x8c/0xd0 [ 32.511127] print_report+0x118/0x608 [ 32.511298] kasan_report+0xdc/0x128 [ 32.511423] kasan_check_range+0x100/0x1a8 [ 32.511471] __kasan_check_write+0x20/0x30 [ 32.511540] kasan_atomics_helper+0x1414/0x4858 [ 32.511592] kasan_atomics+0x198/0x2e0 [ 32.511638] kunit_try_run_case+0x170/0x3f0 [ 32.511705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.512006] kthread+0x328/0x630 [ 32.512146] ret_from_fork+0x10/0x20 [ 32.512217] [ 32.512240] Allocated by task 298: [ 32.512281] kasan_save_stack+0x3c/0x68 [ 32.512340] kasan_save_track+0x20/0x40 [ 32.512382] kasan_save_alloc_info+0x40/0x58 [ 32.512429] __kasan_kmalloc+0xd4/0xd8 [ 32.512470] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.512513] kasan_atomics+0xb8/0x2e0 [ 32.512571] kunit_try_run_case+0x170/0x3f0 [ 32.512614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.512662] kthread+0x328/0x630 [ 32.512698] ret_from_fork+0x10/0x20 [ 32.512737] [ 32.512768] The buggy address belongs to the object at fff00000c5ae7400 [ 32.512768] which belongs to the cache kmalloc-64 of size 64 [ 32.512832] The buggy address is located 0 bytes to the right of [ 32.512832] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.512908] [ 32.512949] The buggy address belongs to the physical page: [ 32.512984] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.513037] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.513084] page_type: f5(slab) [ 32.513130] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.513199] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.513243] page dumped because: kasan: bad access detected [ 32.513277] [ 32.513297] Memory state around the buggy address: [ 32.513342] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.513393] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.513447] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.513494] ^ [ 32.513537] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.513591] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.513651] ================================================================== [ 32.482207] ================================================================== [ 32.482321] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 32.482403] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.482489] [ 32.482566] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.482654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.482690] Hardware name: linux,dummy-virt (DT) [ 32.482722] Call trace: [ 32.482747] show_stack+0x20/0x38 (C) [ 32.482812] dump_stack_lvl+0x8c/0xd0 [ 32.482861] print_report+0x118/0x608 [ 32.483131] kasan_report+0xdc/0x128 [ 32.483192] kasan_check_range+0x100/0x1a8 [ 32.483239] __kasan_check_write+0x20/0x30 [ 32.483385] kasan_atomics_helper+0x11f8/0x4858 [ 32.483494] kasan_atomics+0x198/0x2e0 [ 32.483570] kunit_try_run_case+0x170/0x3f0 [ 32.483622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.483680] kthread+0x328/0x630 [ 32.483724] ret_from_fork+0x10/0x20 [ 32.483912] [ 32.484148] Allocated by task 298: [ 32.484222] kasan_save_stack+0x3c/0x68 [ 32.484325] kasan_save_track+0x20/0x40 [ 32.484368] kasan_save_alloc_info+0x40/0x58 [ 32.484415] __kasan_kmalloc+0xd4/0xd8 [ 32.484462] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.484653] kasan_atomics+0xb8/0x2e0 [ 32.484720] kunit_try_run_case+0x170/0x3f0 [ 32.484850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.484927] kthread+0x328/0x630 [ 32.484966] ret_from_fork+0x10/0x20 [ 32.485005] [ 32.485027] The buggy address belongs to the object at fff00000c5ae7400 [ 32.485027] which belongs to the cache kmalloc-64 of size 64 [ 32.485299] The buggy address is located 0 bytes to the right of [ 32.485299] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.485404] [ 32.485488] The buggy address belongs to the physical page: [ 32.485523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.485607] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.485657] page_type: f5(slab) [ 32.485845] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.485926] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.486146] page dumped because: kasan: bad access detected [ 32.486205] [ 32.486237] Memory state around the buggy address: [ 32.486271] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.486336] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.486382] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.486433] ^ [ 32.486476] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.486523] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.486575] ================================================================== [ 32.503536] ================================================================== [ 32.503594] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 32.503648] Read of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.504168] [ 32.504214] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.504302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.504368] Hardware name: linux,dummy-virt (DT) [ 32.504532] Call trace: [ 32.504583] show_stack+0x20/0x38 (C) [ 32.504760] dump_stack_lvl+0x8c/0xd0 [ 32.504855] print_report+0x118/0x608 [ 32.504955] kasan_report+0xdc/0x128 [ 32.505007] __asan_report_load8_noabort+0x20/0x30 [ 32.505067] kasan_atomics_helper+0x3f04/0x4858 [ 32.505119] kasan_atomics+0x198/0x2e0 [ 32.505166] kunit_try_run_case+0x170/0x3f0 [ 32.505216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.505273] kthread+0x328/0x630 [ 32.505317] ret_from_fork+0x10/0x20 [ 32.505367] [ 32.505399] Allocated by task 298: [ 32.505441] kasan_save_stack+0x3c/0x68 [ 32.505484] kasan_save_track+0x20/0x40 [ 32.505525] kasan_save_alloc_info+0x40/0x58 [ 32.505573] __kasan_kmalloc+0xd4/0xd8 [ 32.505622] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.505665] kasan_atomics+0xb8/0x2e0 [ 32.505734] kunit_try_run_case+0x170/0x3f0 [ 32.505777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.505842] kthread+0x328/0x630 [ 32.505879] ret_from_fork+0x10/0x20 [ 32.505927] [ 32.505948] The buggy address belongs to the object at fff00000c5ae7400 [ 32.505948] which belongs to the cache kmalloc-64 of size 64 [ 32.506368] The buggy address is located 0 bytes to the right of [ 32.506368] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.506496] [ 32.506692] The buggy address belongs to the physical page: [ 32.506814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.506977] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.507029] page_type: f5(slab) [ 32.507069] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.507122] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.507505] page dumped because: kasan: bad access detected [ 32.507547] [ 32.507579] Memory state around the buggy address: [ 32.507697] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.508013] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.508081] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.508123] ^ [ 32.508409] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.508556] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.508646] ================================================================== [ 32.437315] ================================================================== [ 32.437379] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 32.437463] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.437518] [ 32.437551] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.437750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.437997] Hardware name: linux,dummy-virt (DT) [ 32.438083] Call trace: [ 32.438180] show_stack+0x20/0x38 (C) [ 32.438372] dump_stack_lvl+0x8c/0xd0 [ 32.438533] print_report+0x118/0x608 [ 32.438589] kasan_report+0xdc/0x128 [ 32.438873] kasan_check_range+0x100/0x1a8 [ 32.439018] __kasan_check_write+0x20/0x30 [ 32.439190] kasan_atomics_helper+0xf20/0x4858 [ 32.439519] kasan_atomics+0x198/0x2e0 [ 32.439610] kunit_try_run_case+0x170/0x3f0 [ 32.439765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.439850] kthread+0x328/0x630 [ 32.440050] ret_from_fork+0x10/0x20 [ 32.440219] [ 32.440242] Allocated by task 298: [ 32.440279] kasan_save_stack+0x3c/0x68 [ 32.440326] kasan_save_track+0x20/0x40 [ 32.440368] kasan_save_alloc_info+0x40/0x58 [ 32.440409] __kasan_kmalloc+0xd4/0xd8 [ 32.440449] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.440531] kasan_atomics+0xb8/0x2e0 [ 32.440595] kunit_try_run_case+0x170/0x3f0 [ 32.440653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.440701] kthread+0x328/0x630 [ 32.440761] ret_from_fork+0x10/0x20 [ 32.440806] [ 32.440838] The buggy address belongs to the object at fff00000c5ae7400 [ 32.440838] which belongs to the cache kmalloc-64 of size 64 [ 32.441206] The buggy address is located 0 bytes to the right of [ 32.441206] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.441415] [ 32.441478] The buggy address belongs to the physical page: [ 32.441642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.444617] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.444682] page_type: f5(slab) [ 32.444731] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.444791] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.444835] page dumped because: kasan: bad access detected [ 32.444870] [ 32.444891] Memory state around the buggy address: [ 32.444981] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.445027] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.445071] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.445113] ^ [ 32.445149] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.445193] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.445233] ================================================================== [ 32.496197] ================================================================== [ 32.496395] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 32.496458] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.496550] [ 32.496609] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.496719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.496767] Hardware name: linux,dummy-virt (DT) [ 32.496829] Call trace: [ 32.497013] show_stack+0x20/0x38 (C) [ 32.497219] dump_stack_lvl+0x8c/0xd0 [ 32.497283] print_report+0x118/0x608 [ 32.497444] kasan_report+0xdc/0x128 [ 32.497496] kasan_check_range+0x100/0x1a8 [ 32.497573] __kasan_check_write+0x20/0x30 [ 32.497622] kasan_atomics_helper+0x1384/0x4858 [ 32.497735] kasan_atomics+0x198/0x2e0 [ 32.497792] kunit_try_run_case+0x170/0x3f0 [ 32.497846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.497912] kthread+0x328/0x630 [ 32.498251] ret_from_fork+0x10/0x20 [ 32.498338] [ 32.498390] Allocated by task 298: [ 32.498588] kasan_save_stack+0x3c/0x68 [ 32.498861] kasan_save_track+0x20/0x40 [ 32.499080] kasan_save_alloc_info+0x40/0x58 [ 32.499148] __kasan_kmalloc+0xd4/0xd8 [ 32.499189] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.499232] kasan_atomics+0xb8/0x2e0 [ 32.499296] kunit_try_run_case+0x170/0x3f0 [ 32.499338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.499386] kthread+0x328/0x630 [ 32.499615] ret_from_fork+0x10/0x20 [ 32.499787] [ 32.499866] The buggy address belongs to the object at fff00000c5ae7400 [ 32.499866] which belongs to the cache kmalloc-64 of size 64 [ 32.500124] The buggy address is located 0 bytes to the right of [ 32.500124] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.500377] [ 32.500452] The buggy address belongs to the physical page: [ 32.500584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.500679] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.500728] page_type: f5(slab) [ 32.501139] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.501358] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.501444] page dumped because: kasan: bad access detected [ 32.501661] [ 32.501922] Memory state around the buggy address: [ 32.502046] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.502171] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.502341] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.502458] ^ [ 32.502698] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.502929] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.502993] ================================================================== [ 32.554093] ================================================================== [ 32.554146] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 32.554197] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.554250] [ 32.554522] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.554772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.554841] Hardware name: linux,dummy-virt (DT) [ 32.554877] Call trace: [ 32.555075] show_stack+0x20/0x38 (C) [ 32.555132] dump_stack_lvl+0x8c/0xd0 [ 32.555185] print_report+0x118/0x608 [ 32.555235] kasan_report+0xdc/0x128 [ 32.555516] kasan_check_range+0x100/0x1a8 [ 32.555746] __kasan_check_write+0x20/0x30 [ 32.555849] kasan_atomics_helper+0x16d0/0x4858 [ 32.555919] kasan_atomics+0x198/0x2e0 [ 32.555967] kunit_try_run_case+0x170/0x3f0 [ 32.556017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.556290] kthread+0x328/0x630 [ 32.556645] ret_from_fork+0x10/0x20 [ 32.556864] [ 32.556892] Allocated by task 298: [ 32.556962] kasan_save_stack+0x3c/0x68 [ 32.557017] kasan_save_track+0x20/0x40 [ 32.557069] kasan_save_alloc_info+0x40/0x58 [ 32.557112] __kasan_kmalloc+0xd4/0xd8 [ 32.557373] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.557431] kasan_atomics+0xb8/0x2e0 [ 32.557521] kunit_try_run_case+0x170/0x3f0 [ 32.557565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.557613] kthread+0x328/0x630 [ 32.557648] ret_from_fork+0x10/0x20 [ 32.560625] [ 32.560664] The buggy address belongs to the object at fff00000c5ae7400 [ 32.560664] which belongs to the cache kmalloc-64 of size 64 [ 32.560732] The buggy address is located 0 bytes to the right of [ 32.560732] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.560810] [ 32.560834] The buggy address belongs to the physical page: [ 32.560868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.560931] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.560981] page_type: f5(slab) [ 32.561020] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.561072] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.561113] page dumped because: kasan: bad access detected [ 32.561148] [ 32.561169] Memory state around the buggy address: [ 32.561202] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.561246] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.561291] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.561330] ^ [ 32.561364] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.561409] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.561450] ================================================================== [ 32.532858] ================================================================== [ 32.532919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 32.532972] Read of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.533023] [ 32.533053] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.533159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.533187] Hardware name: linux,dummy-virt (DT) [ 32.533221] Call trace: [ 32.533245] show_stack+0x20/0x38 (C) [ 32.533294] dump_stack_lvl+0x8c/0xd0 [ 32.533340] print_report+0x118/0x608 [ 32.533838] kasan_report+0xdc/0x128 [ 32.533921] __asan_report_load8_noabort+0x20/0x30 [ 32.533973] kasan_atomics_helper+0x3db0/0x4858 [ 32.534024] kasan_atomics+0x198/0x2e0 [ 32.534071] kunit_try_run_case+0x170/0x3f0 [ 32.534247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.534489] kthread+0x328/0x630 [ 32.534566] ret_from_fork+0x10/0x20 [ 32.534908] [ 32.535154] Allocated by task 298: [ 32.535231] kasan_save_stack+0x3c/0x68 [ 32.535378] kasan_save_track+0x20/0x40 [ 32.535438] kasan_save_alloc_info+0x40/0x58 [ 32.535478] __kasan_kmalloc+0xd4/0xd8 [ 32.535544] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.535587] kasan_atomics+0xb8/0x2e0 [ 32.535627] kunit_try_run_case+0x170/0x3f0 [ 32.536006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.536101] kthread+0x328/0x630 [ 32.536253] ret_from_fork+0x10/0x20 [ 32.536367] [ 32.536447] The buggy address belongs to the object at fff00000c5ae7400 [ 32.536447] which belongs to the cache kmalloc-64 of size 64 [ 32.536773] The buggy address is located 0 bytes to the right of [ 32.536773] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.536852] [ 32.536875] The buggy address belongs to the physical page: [ 32.536920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.537247] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.537389] page_type: f5(slab) [ 32.537494] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.537916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.538109] page dumped because: kasan: bad access detected [ 32.538180] [ 32.538201] Memory state around the buggy address: [ 32.538234] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.538307] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.538353] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.538845] ^ [ 32.539070] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.539179] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.539499] ================================================================== [ 32.451760] ================================================================== [ 32.451851] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 32.451959] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.452014] [ 32.452047] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.452135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.452162] Hardware name: linux,dummy-virt (DT) [ 32.452194] Call trace: [ 32.452268] show_stack+0x20/0x38 (C) [ 32.452496] dump_stack_lvl+0x8c/0xd0 [ 32.452619] print_report+0x118/0x608 [ 32.452823] kasan_report+0xdc/0x128 [ 32.453049] kasan_check_range+0x100/0x1a8 [ 32.453160] __kasan_check_write+0x20/0x30 [ 32.453247] kasan_atomics_helper+0xff0/0x4858 [ 32.453301] kasan_atomics+0x198/0x2e0 [ 32.453414] kunit_try_run_case+0x170/0x3f0 [ 32.453468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.453524] kthread+0x328/0x630 [ 32.453606] ret_from_fork+0x10/0x20 [ 32.453672] [ 32.453749] Allocated by task 298: [ 32.453862] kasan_save_stack+0x3c/0x68 [ 32.453930] kasan_save_track+0x20/0x40 [ 32.453974] kasan_save_alloc_info+0x40/0x58 [ 32.454014] __kasan_kmalloc+0xd4/0xd8 [ 32.454055] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.454097] kasan_atomics+0xb8/0x2e0 [ 32.454137] kunit_try_run_case+0x170/0x3f0 [ 32.454470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.454531] kthread+0x328/0x630 [ 32.454585] ret_from_fork+0x10/0x20 [ 32.454626] [ 32.454650] The buggy address belongs to the object at fff00000c5ae7400 [ 32.454650] which belongs to the cache kmalloc-64 of size 64 [ 32.454713] The buggy address is located 0 bytes to the right of [ 32.454713] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.454787] [ 32.454812] The buggy address belongs to the physical page: [ 32.454846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.454924] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.454976] page_type: f5(slab) [ 32.455015] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.455334] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.455435] page dumped because: kasan: bad access detected [ 32.455572] [ 32.455866] Memory state around the buggy address: [ 32.455922] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.456115] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.456334] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.456526] ^ [ 32.456808] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.456877] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.456987] ================================================================== [ 32.328263] ================================================================== [ 32.328415] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 32.328478] Write of size 4 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.328532] [ 32.328584] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.328673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.328928] Hardware name: linux,dummy-virt (DT) [ 32.329117] Call trace: [ 32.329195] show_stack+0x20/0x38 (C) [ 32.329416] dump_stack_lvl+0x8c/0xd0 [ 32.329518] print_report+0x118/0x608 [ 32.329619] kasan_report+0xdc/0x128 [ 32.329674] kasan_check_range+0x100/0x1a8 [ 32.329823] __kasan_check_write+0x20/0x30 [ 32.329876] kasan_atomics_helper+0xa6c/0x4858 [ 32.330049] kasan_atomics+0x198/0x2e0 [ 32.330260] kunit_try_run_case+0x170/0x3f0 [ 32.330374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.330628] kthread+0x328/0x630 [ 32.330790] ret_from_fork+0x10/0x20 [ 32.330987] [ 32.331048] Allocated by task 298: [ 32.331113] kasan_save_stack+0x3c/0x68 [ 32.331161] kasan_save_track+0x20/0x40 [ 32.331543] kasan_save_alloc_info+0x40/0x58 [ 32.331673] __kasan_kmalloc+0xd4/0xd8 [ 32.331886] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.332076] kasan_atomics+0xb8/0x2e0 [ 32.332181] kunit_try_run_case+0x170/0x3f0 [ 32.332291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.332466] kthread+0x328/0x630 [ 32.332697] ret_from_fork+0x10/0x20 [ 32.332833] [ 32.333095] The buggy address belongs to the object at fff00000c5ae7400 [ 32.333095] which belongs to the cache kmalloc-64 of size 64 [ 32.333277] The buggy address is located 0 bytes to the right of [ 32.333277] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.333478] [ 32.333579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.333641] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.333692] page_type: f5(slab) [ 32.333864] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.333990] page dumped because: kasan: bad access detected [ 32.334498] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.337010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.338210] kasan_save_stack+0x3c/0x68 [ 32.340924] [ 32.341206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.341442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.341932] page_type: f5(slab) [ 32.342016] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.342096] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.342262] page dumped because: kasan: bad access detected [ 32.342524] [ 32.342635] Memory state around the buggy address: [ 32.342776] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.342822] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.342874] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.342922] ^ [ 32.343202] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.343369] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.343454] ================================================================== [ 32.461172] ================================================================== [ 32.461220] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 32.461271] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.461822] [ 32.461941] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.462057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.462086] Hardware name: linux,dummy-virt (DT) [ 32.462119] Call trace: [ 32.462144] show_stack+0x20/0x38 (C) [ 32.462238] dump_stack_lvl+0x8c/0xd0 [ 32.462289] print_report+0x118/0x608 [ 32.462348] kasan_report+0xdc/0x128 [ 32.462594] kasan_check_range+0x100/0x1a8 [ 32.462694] __kasan_check_write+0x20/0x30 [ 32.462816] kasan_atomics_helper+0x10c0/0x4858 [ 32.463255] kasan_atomics+0x198/0x2e0 [ 32.463351] kunit_try_run_case+0x170/0x3f0 [ 32.463493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.463611] kthread+0x328/0x630 [ 32.463744] ret_from_fork+0x10/0x20 [ 32.463910] [ 32.464018] Allocated by task 298: [ 32.464098] kasan_save_stack+0x3c/0x68 [ 32.464230] kasan_save_track+0x20/0x40 [ 32.464351] kasan_save_alloc_info+0x40/0x58 [ 32.464494] __kasan_kmalloc+0xd4/0xd8 [ 32.464564] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.464608] kasan_atomics+0xb8/0x2e0 [ 32.464649] kunit_try_run_case+0x170/0x3f0 [ 32.464920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.465185] kthread+0x328/0x630 [ 32.465245] ret_from_fork+0x10/0x20 [ 32.465646] [ 32.465794] The buggy address belongs to the object at fff00000c5ae7400 [ 32.465794] which belongs to the cache kmalloc-64 of size 64 [ 32.465881] The buggy address is located 0 bytes to the right of [ 32.465881] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.465962] [ 32.465986] The buggy address belongs to the physical page: [ 32.466022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.466372] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.466488] page_type: f5(slab) [ 32.466675] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.466806] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.467013] page dumped because: kasan: bad access detected [ 32.467049] [ 32.467070] Memory state around the buggy address: [ 32.467338] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.467435] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.467541] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.467621] ^ [ 32.468130] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.468267] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.468367] ================================================================== [ 32.381581] ================================================================== [ 32.381622] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 32.381670] Read of size 4 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.381736] [ 32.381768] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.382403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.382494] Hardware name: linux,dummy-virt (DT) [ 32.382574] Call trace: [ 32.382769] show_stack+0x20/0x38 (C) [ 32.382824] dump_stack_lvl+0x8c/0xd0 [ 32.382873] print_report+0x118/0x608 [ 32.382935] kasan_report+0xdc/0x128 [ 32.383090] __asan_report_load4_noabort+0x20/0x30 [ 32.383305] kasan_atomics_helper+0x3dd8/0x4858 [ 32.383636] kasan_atomics+0x198/0x2e0 [ 32.383833] kunit_try_run_case+0x170/0x3f0 [ 32.383970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.384030] kthread+0x328/0x630 [ 32.384306] ret_from_fork+0x10/0x20 [ 32.384594] [ 32.384756] Allocated by task 298: [ 32.384995] kasan_save_stack+0x3c/0x68 [ 32.385086] kasan_save_track+0x20/0x40 [ 32.385136] kasan_save_alloc_info+0x40/0x58 [ 32.385374] __kasan_kmalloc+0xd4/0xd8 [ 32.385572] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.386081] kasan_atomics+0xb8/0x2e0 [ 32.386191] kunit_try_run_case+0x170/0x3f0 [ 32.386250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.386297] kthread+0x328/0x630 [ 32.386597] ret_from_fork+0x10/0x20 [ 32.386811] [ 32.387259] The buggy address belongs to the object at fff00000c5ae7400 [ 32.387259] which belongs to the cache kmalloc-64 of size 64 [ 32.387347] The buggy address is located 0 bytes to the right of [ 32.387347] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.387428] [ 32.387452] The buggy address belongs to the physical page: [ 32.387667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.387873] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.387981] page_type: f5(slab) [ 32.388275] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.388404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.388525] page dumped because: kasan: bad access detected [ 32.388664] [ 32.389123] Memory state around the buggy address: [ 32.389219] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.389274] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.389686] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.389757] ^ [ 32.389825] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.390263] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.390353] ================================================================== [ 32.545504] ================================================================== [ 32.545551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 32.545602] Read of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.545654] [ 32.545686] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.545780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.545810] Hardware name: linux,dummy-virt (DT) [ 32.545842] Call trace: [ 32.546417] show_stack+0x20/0x38 (C) [ 32.546489] dump_stack_lvl+0x8c/0xd0 [ 32.546558] print_report+0x118/0x608 [ 32.546615] kasan_report+0xdc/0x128 [ 32.547000] __asan_report_load8_noabort+0x20/0x30 [ 32.547081] kasan_atomics_helper+0x3df4/0x4858 [ 32.547385] kasan_atomics+0x198/0x2e0 [ 32.547478] kunit_try_run_case+0x170/0x3f0 [ 32.547561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.547823] kthread+0x328/0x630 [ 32.548092] ret_from_fork+0x10/0x20 [ 32.548204] [ 32.548332] Allocated by task 298: [ 32.548487] kasan_save_stack+0x3c/0x68 [ 32.548551] kasan_save_track+0x20/0x40 [ 32.548940] kasan_save_alloc_info+0x40/0x58 [ 32.549012] __kasan_kmalloc+0xd4/0xd8 [ 32.549184] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.549432] kasan_atomics+0xb8/0x2e0 [ 32.549533] kunit_try_run_case+0x170/0x3f0 [ 32.549757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.549847] kthread+0x328/0x630 [ 32.549885] ret_from_fork+0x10/0x20 [ 32.550273] [ 32.550362] The buggy address belongs to the object at fff00000c5ae7400 [ 32.550362] which belongs to the cache kmalloc-64 of size 64 [ 32.550499] The buggy address is located 0 bytes to the right of [ 32.550499] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.550651] [ 32.550844] The buggy address belongs to the physical page: [ 32.551149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.551305] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.551394] page_type: f5(slab) [ 32.551443] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.551653] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.551865] page dumped because: kasan: bad access detected [ 32.552088] [ 32.552148] Memory state around the buggy address: [ 32.552184] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.552247] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.552305] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.552624] ^ [ 32.552729] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.552803] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.553254] ================================================================== [ 32.457631] ================================================================== [ 32.457766] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 32.457915] Write of size 8 at addr fff00000c5ae7430 by task kunit_try_catch/298 [ 32.458097] [ 32.458210] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT [ 32.458345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.458394] Hardware name: linux,dummy-virt (DT) [ 32.458427] Call trace: [ 32.458452] show_stack+0x20/0x38 (C) [ 32.458532] dump_stack_lvl+0x8c/0xd0 [ 32.458894] print_report+0x118/0x608 [ 32.458968] kasan_report+0xdc/0x128 [ 32.459018] kasan_check_range+0x100/0x1a8 [ 32.459065] __kasan_check_write+0x20/0x30 [ 32.459114] kasan_atomics_helper+0x1058/0x4858 [ 32.459177] kasan_atomics+0x198/0x2e0 [ 32.459246] kunit_try_run_case+0x170/0x3f0 [ 32.459322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.459391] kthread+0x328/0x630 [ 32.459444] ret_from_fork+0x10/0x20 [ 32.459515] [ 32.459547] Allocated by task 298: [ 32.459577] kasan_save_stack+0x3c/0x68 [ 32.459623] kasan_save_track+0x20/0x40 [ 32.459666] kasan_save_alloc_info+0x40/0x58 [ 32.459726] __kasan_kmalloc+0xd4/0xd8 [ 32.459766] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.459810] kasan_atomics+0xb8/0x2e0 [ 32.459861] kunit_try_run_case+0x170/0x3f0 [ 32.459920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.459970] kthread+0x328/0x630 [ 32.460007] ret_from_fork+0x10/0x20 [ 32.460046] [ 32.460070] The buggy address belongs to the object at fff00000c5ae7400 [ 32.460070] which belongs to the cache kmalloc-64 of size 64 [ 32.460141] The buggy address is located 0 bytes to the right of [ 32.460141] allocated 48-byte region [fff00000c5ae7400, fff00000c5ae7430) [ 32.460218] [ 32.460271] The buggy address belongs to the physical page: [ 32.460317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae7 [ 32.460381] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.460439] page_type: f5(slab) [ 32.460498] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.460559] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.460606] page dumped because: kasan: bad access detected [ 32.460648] [ 32.460678] Memory state around the buggy address: [ 32.460712] fff00000c5ae7300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.460758] fff00000c5ae7380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.460807] >fff00000c5ae7400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.460857] ^ [ 32.460893] fff00000c5ae7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.460948] fff00000c5ae7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.460989] ==================================================================
[ 27.765836] ================================================================== [ 27.766296] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 27.767235] Read of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.767608] [ 27.767737] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.767796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.767814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.767842] Call Trace: [ 27.767867] <TASK> [ 27.767893] dump_stack_lvl+0x73/0xb0 [ 27.767928] print_report+0xd1/0x650 [ 27.768267] ? __virt_addr_valid+0x1db/0x2d0 [ 27.768300] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.768330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.768361] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.768407] kasan_report+0x141/0x180 [ 27.768433] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.768469] __asan_report_load4_noabort+0x18/0x20 [ 27.768497] kasan_atomics_helper+0x4b54/0x5450 [ 27.768530] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.768561] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.768591] ? kasan_atomics+0x152/0x310 [ 27.768622] kasan_atomics+0x1dc/0x310 [ 27.768648] ? __pfx_kasan_atomics+0x10/0x10 [ 27.768678] ? __pfx_read_tsc+0x10/0x10 [ 27.768709] ? ktime_get_ts64+0x86/0x230 [ 27.768741] kunit_try_run_case+0x1a5/0x480 [ 27.768772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.768800] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.768830] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.768860] ? __kthread_parkme+0x82/0x180 [ 27.768885] ? preempt_count_sub+0x50/0x80 [ 27.768914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.768960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.768990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.769020] kthread+0x337/0x6f0 [ 27.769044] ? trace_preempt_on+0x20/0xc0 [ 27.769073] ? __pfx_kthread+0x10/0x10 [ 27.769098] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.769126] ? calculate_sigpending+0x7b/0xa0 [ 27.769155] ? __pfx_kthread+0x10/0x10 [ 27.769181] ret_from_fork+0x116/0x1d0 [ 27.769205] ? __pfx_kthread+0x10/0x10 [ 27.769230] ret_from_fork_asm+0x1a/0x30 [ 27.769268] </TASK> [ 27.769283] [ 27.781509] Allocated by task 314: [ 27.781730] kasan_save_stack+0x45/0x70 [ 27.782093] kasan_save_track+0x18/0x40 [ 27.782331] kasan_save_alloc_info+0x3b/0x50 [ 27.782773] __kasan_kmalloc+0xb7/0xc0 [ 27.783054] __kmalloc_cache_noprof+0x189/0x420 [ 27.783424] kasan_atomics+0x95/0x310 [ 27.783607] kunit_try_run_case+0x1a5/0x480 [ 27.783827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.784411] kthread+0x337/0x6f0 [ 27.784602] ret_from_fork+0x116/0x1d0 [ 27.784791] ret_from_fork_asm+0x1a/0x30 [ 27.785013] [ 27.785139] The buggy address belongs to the object at ffff88810625b900 [ 27.785139] which belongs to the cache kmalloc-64 of size 64 [ 27.786013] The buggy address is located 0 bytes to the right of [ 27.786013] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.786903] [ 27.787100] The buggy address belongs to the physical page: [ 27.787445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.787987] flags: 0x200000000000000(node=0|zone=2) [ 27.788230] page_type: f5(slab) [ 27.788548] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.788916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.789415] page dumped because: kasan: bad access detected [ 27.789658] [ 27.789749] Memory state around the buggy address: [ 27.790268] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.790589] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.791051] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.791678] ^ [ 27.792049] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.792625] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.793285] ================================================================== [ 28.882082] ================================================================== [ 28.882846] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 28.883304] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.883766] [ 28.883946] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.884001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.884015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.884041] Call Trace: [ 28.884063] <TASK> [ 28.884085] dump_stack_lvl+0x73/0xb0 [ 28.884116] print_report+0xd1/0x650 [ 28.884142] ? __virt_addr_valid+0x1db/0x2d0 [ 28.884170] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.884196] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.884231] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.884259] kasan_report+0x141/0x180 [ 28.884283] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.884316] kasan_check_range+0x10c/0x1c0 [ 28.884342] __kasan_check_write+0x18/0x20 [ 28.884367] kasan_atomics_helper+0x19e3/0x5450 [ 28.884407] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.884470] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.884497] ? kasan_atomics+0x152/0x310 [ 28.884536] kasan_atomics+0x1dc/0x310 [ 28.884561] ? __pfx_kasan_atomics+0x10/0x10 [ 28.884587] ? __pfx_read_tsc+0x10/0x10 [ 28.884612] ? ktime_get_ts64+0x86/0x230 [ 28.884667] kunit_try_run_case+0x1a5/0x480 [ 28.884696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.884734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.884762] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.884815] ? __kthread_parkme+0x82/0x180 [ 28.884838] ? preempt_count_sub+0x50/0x80 [ 28.884865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.884915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.884942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.884996] kthread+0x337/0x6f0 [ 28.885019] ? trace_preempt_on+0x20/0xc0 [ 28.885058] ? __pfx_kthread+0x10/0x10 [ 28.885081] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.885123] ? calculate_sigpending+0x7b/0xa0 [ 28.885162] ? __pfx_kthread+0x10/0x10 [ 28.885187] ret_from_fork+0x116/0x1d0 [ 28.885219] ? __pfx_kthread+0x10/0x10 [ 28.885243] ret_from_fork_asm+0x1a/0x30 [ 28.885305] </TASK> [ 28.885319] [ 28.893932] Allocated by task 314: [ 28.894133] kasan_save_stack+0x45/0x70 [ 28.894342] kasan_save_track+0x18/0x40 [ 28.894576] kasan_save_alloc_info+0x3b/0x50 [ 28.894800] __kasan_kmalloc+0xb7/0xc0 [ 28.895092] __kmalloc_cache_noprof+0x189/0x420 [ 28.895342] kasan_atomics+0x95/0x310 [ 28.895596] kunit_try_run_case+0x1a5/0x480 [ 28.895913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.896175] kthread+0x337/0x6f0 [ 28.896348] ret_from_fork+0x116/0x1d0 [ 28.896547] ret_from_fork_asm+0x1a/0x30 [ 28.896741] [ 28.896841] The buggy address belongs to the object at ffff88810625b900 [ 28.896841] which belongs to the cache kmalloc-64 of size 64 [ 28.897223] The buggy address is located 0 bytes to the right of [ 28.897223] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.897756] [ 28.897931] The buggy address belongs to the physical page: [ 28.898194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.898612] flags: 0x200000000000000(node=0|zone=2) [ 28.898830] page_type: f5(slab) [ 28.899137] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.899520] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.899889] page dumped because: kasan: bad access detected [ 28.900157] [ 28.900253] Memory state around the buggy address: [ 28.900507] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.900861] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.901226] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.901563] ^ [ 28.901795] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.902457] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.902699] ================================================================== [ 28.903418] ================================================================== [ 28.903802] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 28.904318] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.904642] [ 28.904759] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.904814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.904829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.904854] Call Trace: [ 28.904899] <TASK> [ 28.904933] dump_stack_lvl+0x73/0xb0 [ 28.904991] print_report+0xd1/0x650 [ 28.905033] ? __virt_addr_valid+0x1db/0x2d0 [ 28.905074] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.905116] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.905158] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.905212] kasan_report+0x141/0x180 [ 28.905250] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.905296] kasan_check_range+0x10c/0x1c0 [ 28.905336] __kasan_check_write+0x18/0x20 [ 28.905375] kasan_atomics_helper+0x1a7f/0x5450 [ 28.905427] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.905469] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.905496] ? kasan_atomics+0x152/0x310 [ 28.905525] kasan_atomics+0x1dc/0x310 [ 28.905550] ? __pfx_kasan_atomics+0x10/0x10 [ 28.905577] ? __pfx_read_tsc+0x10/0x10 [ 28.905602] ? ktime_get_ts64+0x86/0x230 [ 28.905629] kunit_try_run_case+0x1a5/0x480 [ 28.905657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.905683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.905710] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.905737] ? __kthread_parkme+0x82/0x180 [ 28.905760] ? preempt_count_sub+0x50/0x80 [ 28.905787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.905813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.905842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.905870] kthread+0x337/0x6f0 [ 28.905902] ? trace_preempt_on+0x20/0xc0 [ 28.905938] ? __pfx_kthread+0x10/0x10 [ 28.905962] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.905999] ? calculate_sigpending+0x7b/0xa0 [ 28.906026] ? __pfx_kthread+0x10/0x10 [ 28.906050] ret_from_fork+0x116/0x1d0 [ 28.906074] ? __pfx_kthread+0x10/0x10 [ 28.906098] ret_from_fork_asm+0x1a/0x30 [ 28.906133] </TASK> [ 28.906148] [ 28.914740] Allocated by task 314: [ 28.914951] kasan_save_stack+0x45/0x70 [ 28.915232] kasan_save_track+0x18/0x40 [ 28.915445] kasan_save_alloc_info+0x3b/0x50 [ 28.915681] __kasan_kmalloc+0xb7/0xc0 [ 28.915918] __kmalloc_cache_noprof+0x189/0x420 [ 28.916156] kasan_atomics+0x95/0x310 [ 28.916368] kunit_try_run_case+0x1a5/0x480 [ 28.916581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.916827] kthread+0x337/0x6f0 [ 28.917052] ret_from_fork+0x116/0x1d0 [ 28.917273] ret_from_fork_asm+0x1a/0x30 [ 28.917504] [ 28.917641] The buggy address belongs to the object at ffff88810625b900 [ 28.917641] which belongs to the cache kmalloc-64 of size 64 [ 28.918211] The buggy address is located 0 bytes to the right of [ 28.918211] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.918821] [ 28.918944] The buggy address belongs to the physical page: [ 28.919165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.919571] flags: 0x200000000000000(node=0|zone=2) [ 28.919810] page_type: f5(slab) [ 28.920084] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.920442] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.920851] page dumped because: kasan: bad access detected [ 28.921136] [ 28.921265] Memory state around the buggy address: [ 28.921565] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.921786] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.922103] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.922432] ^ [ 28.922665] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.923078] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.923297] ================================================================== [ 29.078619] ================================================================== [ 29.079067] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 29.079378] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.079691] [ 29.079808] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.079861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.079877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.079944] Call Trace: [ 29.079966] <TASK> [ 29.080001] dump_stack_lvl+0x73/0xb0 [ 29.080032] print_report+0xd1/0x650 [ 29.080058] ? __virt_addr_valid+0x1db/0x2d0 [ 29.080088] ? kasan_atomics_helper+0x1f43/0x5450 [ 29.080116] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.080145] ? kasan_atomics_helper+0x1f43/0x5450 [ 29.080173] kasan_report+0x141/0x180 [ 29.080198] ? kasan_atomics_helper+0x1f43/0x5450 [ 29.080236] kasan_check_range+0x10c/0x1c0 [ 29.080263] __kasan_check_write+0x18/0x20 [ 29.080320] kasan_atomics_helper+0x1f43/0x5450 [ 29.080350] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.080399] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.080427] ? kasan_atomics+0x152/0x310 [ 29.080456] kasan_atomics+0x1dc/0x310 [ 29.080482] ? __pfx_kasan_atomics+0x10/0x10 [ 29.080508] ? __pfx_read_tsc+0x10/0x10 [ 29.080532] ? ktime_get_ts64+0x86/0x230 [ 29.080561] kunit_try_run_case+0x1a5/0x480 [ 29.080589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.080614] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.080642] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.080669] ? __kthread_parkme+0x82/0x180 [ 29.080693] ? preempt_count_sub+0x50/0x80 [ 29.080721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.080749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.080811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.080840] kthread+0x337/0x6f0 [ 29.080873] ? trace_preempt_on+0x20/0xc0 [ 29.080914] ? __pfx_kthread+0x10/0x10 [ 29.080938] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.080987] ? calculate_sigpending+0x7b/0xa0 [ 29.081015] ? __pfx_kthread+0x10/0x10 [ 29.081040] ret_from_fork+0x116/0x1d0 [ 29.081083] ? __pfx_kthread+0x10/0x10 [ 29.081106] ret_from_fork_asm+0x1a/0x30 [ 29.081152] </TASK> [ 29.081166] [ 29.091905] Allocated by task 314: [ 29.092081] kasan_save_stack+0x45/0x70 [ 29.092530] kasan_save_track+0x18/0x40 [ 29.092922] kasan_save_alloc_info+0x3b/0x50 [ 29.093291] __kasan_kmalloc+0xb7/0xc0 [ 29.093616] __kmalloc_cache_noprof+0x189/0x420 [ 29.093973] kasan_atomics+0x95/0x310 [ 29.094339] kunit_try_run_case+0x1a5/0x480 [ 29.094506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.095133] kthread+0x337/0x6f0 [ 29.095532] ret_from_fork+0x116/0x1d0 [ 29.095756] ret_from_fork_asm+0x1a/0x30 [ 29.096208] [ 29.096329] The buggy address belongs to the object at ffff88810625b900 [ 29.096329] which belongs to the cache kmalloc-64 of size 64 [ 29.097091] The buggy address is located 0 bytes to the right of [ 29.097091] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.097505] [ 29.097608] The buggy address belongs to the physical page: [ 29.097839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.098248] flags: 0x200000000000000(node=0|zone=2) [ 29.098481] page_type: f5(slab) [ 29.098619] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.098955] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.099456] page dumped because: kasan: bad access detected [ 29.099691] [ 29.099775] Memory state around the buggy address: [ 29.100056] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.100314] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.100661] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.101039] ^ [ 29.101235] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.101582] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.101900] ================================================================== [ 28.680285] ================================================================== [ 28.681428] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 28.682457] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.683044] [ 28.683384] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.683461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.683478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.683506] Call Trace: [ 28.683529] <TASK> [ 28.683552] dump_stack_lvl+0x73/0xb0 [ 28.683587] print_report+0xd1/0x650 [ 28.683614] ? __virt_addr_valid+0x1db/0x2d0 [ 28.683643] ? kasan_atomics_helper+0x151d/0x5450 [ 28.683673] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.683703] ? kasan_atomics_helper+0x151d/0x5450 [ 28.683733] kasan_report+0x141/0x180 [ 28.683759] ? kasan_atomics_helper+0x151d/0x5450 [ 28.683793] kasan_check_range+0x10c/0x1c0 [ 28.683821] __kasan_check_write+0x18/0x20 [ 28.683849] kasan_atomics_helper+0x151d/0x5450 [ 28.683993] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.684048] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.684093] ? kasan_atomics+0x152/0x310 [ 28.684126] kasan_atomics+0x1dc/0x310 [ 28.684192] ? __pfx_kasan_atomics+0x10/0x10 [ 28.684225] ? __pfx_read_tsc+0x10/0x10 [ 28.684252] ? ktime_get_ts64+0x86/0x230 [ 28.684282] kunit_try_run_case+0x1a5/0x480 [ 28.684312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.684341] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.684371] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.684411] ? __kthread_parkme+0x82/0x180 [ 28.684436] ? preempt_count_sub+0x50/0x80 [ 28.684466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.684496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.684526] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.684555] kthread+0x337/0x6f0 [ 28.684580] ? trace_preempt_on+0x20/0xc0 [ 28.684611] ? __pfx_kthread+0x10/0x10 [ 28.684636] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.684663] ? calculate_sigpending+0x7b/0xa0 [ 28.684691] ? __pfx_kthread+0x10/0x10 [ 28.684717] ret_from_fork+0x116/0x1d0 [ 28.684740] ? __pfx_kthread+0x10/0x10 [ 28.684764] ret_from_fork_asm+0x1a/0x30 [ 28.684802] </TASK> [ 28.684818] [ 28.701087] Allocated by task 314: [ 28.701347] kasan_save_stack+0x45/0x70 [ 28.702494] kasan_save_track+0x18/0x40 [ 28.703109] kasan_save_alloc_info+0x3b/0x50 [ 28.703566] __kasan_kmalloc+0xb7/0xc0 [ 28.703739] __kmalloc_cache_noprof+0x189/0x420 [ 28.703929] kasan_atomics+0x95/0x310 [ 28.704082] kunit_try_run_case+0x1a5/0x480 [ 28.704259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.704502] kthread+0x337/0x6f0 [ 28.704644] ret_from_fork+0x116/0x1d0 [ 28.704822] ret_from_fork_asm+0x1a/0x30 [ 28.705086] [ 28.705194] The buggy address belongs to the object at ffff88810625b900 [ 28.705194] which belongs to the cache kmalloc-64 of size 64 [ 28.706022] The buggy address is located 0 bytes to the right of [ 28.706022] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.706998] [ 28.707086] The buggy address belongs to the physical page: [ 28.707285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.708011] flags: 0x200000000000000(node=0|zone=2) [ 28.708550] page_type: f5(slab) [ 28.708944] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.709705] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.710122] page dumped because: kasan: bad access detected [ 28.710316] [ 28.710404] Memory state around the buggy address: [ 28.710584] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.710827] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.711569] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.712298] ^ [ 28.712800] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.713524] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.714229] ================================================================== [ 28.793489] ================================================================== [ 28.793839] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 28.794273] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.794691] [ 28.794848] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.794968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.794987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.795029] Call Trace: [ 28.795052] <TASK> [ 28.795092] dump_stack_lvl+0x73/0xb0 [ 28.795143] print_report+0xd1/0x650 [ 28.795172] ? __virt_addr_valid+0x1db/0x2d0 [ 28.795201] ? kasan_atomics_helper+0x177f/0x5450 [ 28.795230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.795273] ? kasan_atomics_helper+0x177f/0x5450 [ 28.795304] kasan_report+0x141/0x180 [ 28.795342] ? kasan_atomics_helper+0x177f/0x5450 [ 28.795377] kasan_check_range+0x10c/0x1c0 [ 28.795416] __kasan_check_write+0x18/0x20 [ 28.795444] kasan_atomics_helper+0x177f/0x5450 [ 28.795475] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.795505] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.795534] ? kasan_atomics+0x152/0x310 [ 28.795566] kasan_atomics+0x1dc/0x310 [ 28.795592] ? __pfx_kasan_atomics+0x10/0x10 [ 28.795653] ? __pfx_read_tsc+0x10/0x10 [ 28.795681] ? ktime_get_ts64+0x86/0x230 [ 28.795724] kunit_try_run_case+0x1a5/0x480 [ 28.795755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.795784] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.795814] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.795844] ? __kthread_parkme+0x82/0x180 [ 28.795921] ? preempt_count_sub+0x50/0x80 [ 28.795951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.795994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.796024] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.796084] kthread+0x337/0x6f0 [ 28.796108] ? trace_preempt_on+0x20/0xc0 [ 28.796150] ? __pfx_kthread+0x10/0x10 [ 28.796176] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.796204] ? calculate_sigpending+0x7b/0xa0 [ 28.796240] ? __pfx_kthread+0x10/0x10 [ 28.796267] ret_from_fork+0x116/0x1d0 [ 28.796290] ? __pfx_kthread+0x10/0x10 [ 28.796316] ret_from_fork_asm+0x1a/0x30 [ 28.796354] </TASK> [ 28.796369] [ 28.805255] Allocated by task 314: [ 28.805467] kasan_save_stack+0x45/0x70 [ 28.805712] kasan_save_track+0x18/0x40 [ 28.805994] kasan_save_alloc_info+0x3b/0x50 [ 28.806264] __kasan_kmalloc+0xb7/0xc0 [ 28.806570] __kmalloc_cache_noprof+0x189/0x420 [ 28.806884] kasan_atomics+0x95/0x310 [ 28.807094] kunit_try_run_case+0x1a5/0x480 [ 28.807303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.807556] kthread+0x337/0x6f0 [ 28.807741] ret_from_fork+0x116/0x1d0 [ 28.808021] ret_from_fork_asm+0x1a/0x30 [ 28.808249] [ 28.808353] The buggy address belongs to the object at ffff88810625b900 [ 28.808353] which belongs to the cache kmalloc-64 of size 64 [ 28.809054] The buggy address is located 0 bytes to the right of [ 28.809054] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.809680] [ 28.809835] The buggy address belongs to the physical page: [ 28.810210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.810620] flags: 0x200000000000000(node=0|zone=2) [ 28.810973] page_type: f5(slab) [ 28.811162] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.811594] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.811996] page dumped because: kasan: bad access detected [ 28.812194] [ 28.812275] Memory state around the buggy address: [ 28.812464] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.812862] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.813272] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.813639] ^ [ 28.813951] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.814278] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.814566] ================================================================== [ 28.268300] ================================================================== [ 28.269028] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 28.269576] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.270157] [ 28.270255] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.270332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.270347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.270373] Call Trace: [ 28.270406] <TASK> [ 28.270431] dump_stack_lvl+0x73/0xb0 [ 28.270463] print_report+0xd1/0x650 [ 28.270490] ? __virt_addr_valid+0x1db/0x2d0 [ 28.270517] ? kasan_atomics_helper+0xe78/0x5450 [ 28.270545] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.270574] ? kasan_atomics_helper+0xe78/0x5450 [ 28.270601] kasan_report+0x141/0x180 [ 28.270626] ? kasan_atomics_helper+0xe78/0x5450 [ 28.270659] kasan_check_range+0x10c/0x1c0 [ 28.270685] __kasan_check_write+0x18/0x20 [ 28.270710] kasan_atomics_helper+0xe78/0x5450 [ 28.270739] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.270767] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.270795] ? kasan_atomics+0x152/0x310 [ 28.270824] kasan_atomics+0x1dc/0x310 [ 28.270849] ? __pfx_kasan_atomics+0x10/0x10 [ 28.270875] ? __pfx_read_tsc+0x10/0x10 [ 28.270900] ? ktime_get_ts64+0x86/0x230 [ 28.270929] kunit_try_run_case+0x1a5/0x480 [ 28.270957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.270983] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.271011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.271045] ? __kthread_parkme+0x82/0x180 [ 28.271068] ? preempt_count_sub+0x50/0x80 [ 28.271095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.271123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.271161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.271189] kthread+0x337/0x6f0 [ 28.271212] ? trace_preempt_on+0x20/0xc0 [ 28.271239] ? __pfx_kthread+0x10/0x10 [ 28.271263] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.271288] ? calculate_sigpending+0x7b/0xa0 [ 28.271315] ? __pfx_kthread+0x10/0x10 [ 28.271340] ret_from_fork+0x116/0x1d0 [ 28.271362] ? __pfx_kthread+0x10/0x10 [ 28.271385] ret_from_fork_asm+0x1a/0x30 [ 28.271429] </TASK> [ 28.271444] [ 28.283981] Allocated by task 314: [ 28.284399] kasan_save_stack+0x45/0x70 [ 28.284843] kasan_save_track+0x18/0x40 [ 28.285265] kasan_save_alloc_info+0x3b/0x50 [ 28.285769] __kasan_kmalloc+0xb7/0xc0 [ 28.286164] __kmalloc_cache_noprof+0x189/0x420 [ 28.286648] kasan_atomics+0x95/0x310 [ 28.286994] kunit_try_run_case+0x1a5/0x480 [ 28.287470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.288042] kthread+0x337/0x6f0 [ 28.288420] ret_from_fork+0x116/0x1d0 [ 28.288828] ret_from_fork_asm+0x1a/0x30 [ 28.289251] [ 28.289439] The buggy address belongs to the object at ffff88810625b900 [ 28.289439] which belongs to the cache kmalloc-64 of size 64 [ 28.290718] The buggy address is located 0 bytes to the right of [ 28.290718] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.292009] [ 28.292204] The buggy address belongs to the physical page: [ 28.292760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.293292] flags: 0x200000000000000(node=0|zone=2) [ 28.293480] page_type: f5(slab) [ 28.293608] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.294489] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.295334] page dumped because: kasan: bad access detected [ 28.295865] [ 28.296067] Memory state around the buggy address: [ 28.296563] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.297255] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.298057] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.298712] ^ [ 28.299146] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.299863] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.300100] ================================================================== [ 28.815208] ================================================================== [ 28.815646] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 28.815955] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.816276] [ 28.816418] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.816512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.816529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.816588] Call Trace: [ 28.816610] <TASK> [ 28.816645] dump_stack_lvl+0x73/0xb0 [ 28.816699] print_report+0xd1/0x650 [ 28.816740] ? __virt_addr_valid+0x1db/0x2d0 [ 28.816804] ? kasan_atomics_helper+0x1818/0x5450 [ 28.816834] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.816889] ? kasan_atomics_helper+0x1818/0x5450 [ 28.816921] kasan_report+0x141/0x180 [ 28.816947] ? kasan_atomics_helper+0x1818/0x5450 [ 28.816984] kasan_check_range+0x10c/0x1c0 [ 28.817012] __kasan_check_write+0x18/0x20 [ 28.817040] kasan_atomics_helper+0x1818/0x5450 [ 28.817072] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.817104] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.817167] ? kasan_atomics+0x152/0x310 [ 28.817204] kasan_atomics+0x1dc/0x310 [ 28.817246] ? __pfx_kasan_atomics+0x10/0x10 [ 28.817277] ? __pfx_read_tsc+0x10/0x10 [ 28.817332] ? ktime_get_ts64+0x86/0x230 [ 28.817364] kunit_try_run_case+0x1a5/0x480 [ 28.817416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.817446] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.817475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.817504] ? __kthread_parkme+0x82/0x180 [ 28.817561] ? preempt_count_sub+0x50/0x80 [ 28.817591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.817621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.817666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.817696] kthread+0x337/0x6f0 [ 28.817752] ? trace_preempt_on+0x20/0xc0 [ 28.817783] ? __pfx_kthread+0x10/0x10 [ 28.817822] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.817850] ? calculate_sigpending+0x7b/0xa0 [ 28.817900] ? __pfx_kthread+0x10/0x10 [ 28.817927] ret_from_fork+0x116/0x1d0 [ 28.817952] ? __pfx_kthread+0x10/0x10 [ 28.817997] ret_from_fork_asm+0x1a/0x30 [ 28.818050] </TASK> [ 28.818066] [ 28.827928] Allocated by task 314: [ 28.828136] kasan_save_stack+0x45/0x70 [ 28.828313] kasan_save_track+0x18/0x40 [ 28.828522] kasan_save_alloc_info+0x3b/0x50 [ 28.828808] __kasan_kmalloc+0xb7/0xc0 [ 28.829110] __kmalloc_cache_noprof+0x189/0x420 [ 28.829420] kasan_atomics+0x95/0x310 [ 28.829630] kunit_try_run_case+0x1a5/0x480 [ 28.829841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.830201] kthread+0x337/0x6f0 [ 28.830437] ret_from_fork+0x116/0x1d0 [ 28.830653] ret_from_fork_asm+0x1a/0x30 [ 28.830941] [ 28.831068] The buggy address belongs to the object at ffff88810625b900 [ 28.831068] which belongs to the cache kmalloc-64 of size 64 [ 28.831676] The buggy address is located 0 bytes to the right of [ 28.831676] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.832401] [ 28.832527] The buggy address belongs to the physical page: [ 28.832802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.833239] flags: 0x200000000000000(node=0|zone=2) [ 28.833483] page_type: f5(slab) [ 28.833626] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.833966] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.834373] page dumped because: kasan: bad access detected [ 28.834681] [ 28.834832] Memory state around the buggy address: [ 28.835067] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.835318] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.835697] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.836150] ^ [ 28.836520] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.836889] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.837136] ================================================================== [ 27.847618] ================================================================== [ 27.848146] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 27.848598] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.849272] [ 27.849465] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.849530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.849546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.849577] Call Trace: [ 27.849636] <TASK> [ 27.849682] dump_stack_lvl+0x73/0xb0 [ 27.849734] print_report+0xd1/0x650 [ 27.849765] ? __virt_addr_valid+0x1db/0x2d0 [ 27.849795] ? kasan_atomics_helper+0x565/0x5450 [ 27.849824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.849855] ? kasan_atomics_helper+0x565/0x5450 [ 27.849885] kasan_report+0x141/0x180 [ 27.849911] ? kasan_atomics_helper+0x565/0x5450 [ 27.849945] kasan_check_range+0x10c/0x1c0 [ 27.850003] __kasan_check_write+0x18/0x20 [ 27.850030] kasan_atomics_helper+0x565/0x5450 [ 27.850089] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.850119] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.850182] ? kasan_atomics+0x152/0x310 [ 27.850216] kasan_atomics+0x1dc/0x310 [ 27.850243] ? __pfx_kasan_atomics+0x10/0x10 [ 27.850333] ? __pfx_read_tsc+0x10/0x10 [ 27.850359] ? ktime_get_ts64+0x86/0x230 [ 27.850404] kunit_try_run_case+0x1a5/0x480 [ 27.850436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.850463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.850492] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.850522] ? __kthread_parkme+0x82/0x180 [ 27.850547] ? preempt_count_sub+0x50/0x80 [ 27.850575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.850605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.850636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.850664] kthread+0x337/0x6f0 [ 27.850689] ? trace_preempt_on+0x20/0xc0 [ 27.850718] ? __pfx_kthread+0x10/0x10 [ 27.850744] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.850772] ? calculate_sigpending+0x7b/0xa0 [ 27.850800] ? __pfx_kthread+0x10/0x10 [ 27.850826] ret_from_fork+0x116/0x1d0 [ 27.850849] ? __pfx_kthread+0x10/0x10 [ 27.850874] ret_from_fork_asm+0x1a/0x30 [ 27.850911] </TASK> [ 27.850927] [ 27.861651] Allocated by task 314: [ 27.862072] kasan_save_stack+0x45/0x70 [ 27.862361] kasan_save_track+0x18/0x40 [ 27.862629] kasan_save_alloc_info+0x3b/0x50 [ 27.862925] __kasan_kmalloc+0xb7/0xc0 [ 27.863265] __kmalloc_cache_noprof+0x189/0x420 [ 27.863507] kasan_atomics+0x95/0x310 [ 27.863910] kunit_try_run_case+0x1a5/0x480 [ 27.864148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.864583] kthread+0x337/0x6f0 [ 27.864785] ret_from_fork+0x116/0x1d0 [ 27.865111] ret_from_fork_asm+0x1a/0x30 [ 27.865479] [ 27.865605] The buggy address belongs to the object at ffff88810625b900 [ 27.865605] which belongs to the cache kmalloc-64 of size 64 [ 27.866192] The buggy address is located 0 bytes to the right of [ 27.866192] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.866640] [ 27.866850] The buggy address belongs to the physical page: [ 27.867179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.867944] flags: 0x200000000000000(node=0|zone=2) [ 27.868351] page_type: f5(slab) [ 27.868511] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.868876] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.869422] page dumped because: kasan: bad access detected [ 27.869690] [ 27.869763] Memory state around the buggy address: [ 27.870246] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.870642] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.871045] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.871611] ^ [ 27.871841] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.872425] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.872798] ================================================================== [ 28.767048] ================================================================== [ 28.767484] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 28.767838] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.768611] [ 28.768861] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.768962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.768980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.769008] Call Trace: [ 28.769031] <TASK> [ 28.769055] dump_stack_lvl+0x73/0xb0 [ 28.769088] print_report+0xd1/0x650 [ 28.769115] ? __virt_addr_valid+0x1db/0x2d0 [ 28.769144] ? kasan_atomics_helper+0x16e7/0x5450 [ 28.769174] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.769203] ? kasan_atomics_helper+0x16e7/0x5450 [ 28.769233] kasan_report+0x141/0x180 [ 28.769259] ? kasan_atomics_helper+0x16e7/0x5450 [ 28.769293] kasan_check_range+0x10c/0x1c0 [ 28.769320] __kasan_check_write+0x18/0x20 [ 28.769348] kasan_atomics_helper+0x16e7/0x5450 [ 28.769379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.769550] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.769583] ? kasan_atomics+0x152/0x310 [ 28.769628] kasan_atomics+0x1dc/0x310 [ 28.769694] ? __pfx_kasan_atomics+0x10/0x10 [ 28.769724] ? __pfx_read_tsc+0x10/0x10 [ 28.769750] ? ktime_get_ts64+0x86/0x230 [ 28.769780] kunit_try_run_case+0x1a5/0x480 [ 28.769810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.769838] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.769891] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.769921] ? __kthread_parkme+0x82/0x180 [ 28.769946] ? preempt_count_sub+0x50/0x80 [ 28.769974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.770004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.770033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.770062] kthread+0x337/0x6f0 [ 28.770086] ? trace_preempt_on+0x20/0xc0 [ 28.770116] ? __pfx_kthread+0x10/0x10 [ 28.770141] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.770168] ? calculate_sigpending+0x7b/0xa0 [ 28.770197] ? __pfx_kthread+0x10/0x10 [ 28.770223] ret_from_fork+0x116/0x1d0 [ 28.770246] ? __pfx_kthread+0x10/0x10 [ 28.770271] ret_from_fork_asm+0x1a/0x30 [ 28.770307] </TASK> [ 28.770322] [ 28.783265] Allocated by task 314: [ 28.783697] kasan_save_stack+0x45/0x70 [ 28.784212] kasan_save_track+0x18/0x40 [ 28.784537] kasan_save_alloc_info+0x3b/0x50 [ 28.784938] __kasan_kmalloc+0xb7/0xc0 [ 28.785144] __kmalloc_cache_noprof+0x189/0x420 [ 28.785364] kasan_atomics+0x95/0x310 [ 28.785522] kunit_try_run_case+0x1a5/0x480 [ 28.785781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.786004] kthread+0x337/0x6f0 [ 28.786188] ret_from_fork+0x116/0x1d0 [ 28.786424] ret_from_fork_asm+0x1a/0x30 [ 28.786603] [ 28.786734] The buggy address belongs to the object at ffff88810625b900 [ 28.786734] which belongs to the cache kmalloc-64 of size 64 [ 28.787276] The buggy address is located 0 bytes to the right of [ 28.787276] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.787909] [ 28.788020] The buggy address belongs to the physical page: [ 28.788303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.788685] flags: 0x200000000000000(node=0|zone=2) [ 28.788892] page_type: f5(slab) [ 28.789084] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.789481] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.789741] page dumped because: kasan: bad access detected [ 28.790047] [ 28.790151] Memory state around the buggy address: [ 28.790433] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.790752] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.791142] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.791490] ^ [ 28.791760] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.792231] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.792574] ================================================================== [ 27.987904] ================================================================== [ 27.988353] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 27.988810] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.989218] [ 27.989387] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.989463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.989479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.989509] Call Trace: [ 27.989559] <TASK> [ 27.989585] dump_stack_lvl+0x73/0xb0 [ 27.989618] print_report+0xd1/0x650 [ 27.989647] ? __virt_addr_valid+0x1db/0x2d0 [ 27.989678] ? kasan_atomics_helper+0x860/0x5450 [ 27.989727] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.989774] ? kasan_atomics_helper+0x860/0x5450 [ 27.989805] kasan_report+0x141/0x180 [ 27.989847] ? kasan_atomics_helper+0x860/0x5450 [ 27.989899] kasan_check_range+0x10c/0x1c0 [ 27.989943] __kasan_check_write+0x18/0x20 [ 27.989987] kasan_atomics_helper+0x860/0x5450 [ 27.990020] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.990051] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.990082] ? kasan_atomics+0x152/0x310 [ 27.990114] kasan_atomics+0x1dc/0x310 [ 27.990141] ? __pfx_kasan_atomics+0x10/0x10 [ 27.990170] ? __pfx_read_tsc+0x10/0x10 [ 27.990199] ? ktime_get_ts64+0x86/0x230 [ 27.990230] kunit_try_run_case+0x1a5/0x480 [ 27.990262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.990291] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.990322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.990351] ? __kthread_parkme+0x82/0x180 [ 27.990378] ? preempt_count_sub+0x50/0x80 [ 27.990419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.990449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.990480] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.990511] kthread+0x337/0x6f0 [ 27.990536] ? trace_preempt_on+0x20/0xc0 [ 27.990567] ? __pfx_kthread+0x10/0x10 [ 27.990894] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.990952] ? calculate_sigpending+0x7b/0xa0 [ 27.990983] ? __pfx_kthread+0x10/0x10 [ 27.991038] ret_from_fork+0x116/0x1d0 [ 27.991065] ? __pfx_kthread+0x10/0x10 [ 27.991092] ret_from_fork_asm+0x1a/0x30 [ 27.991131] </TASK> [ 27.991202] [ 28.001056] Allocated by task 314: [ 28.001281] kasan_save_stack+0x45/0x70 [ 28.001625] kasan_save_track+0x18/0x40 [ 28.001853] kasan_save_alloc_info+0x3b/0x50 [ 28.002112] __kasan_kmalloc+0xb7/0xc0 [ 28.002584] __kmalloc_cache_noprof+0x189/0x420 [ 28.002860] kasan_atomics+0x95/0x310 [ 28.003131] kunit_try_run_case+0x1a5/0x480 [ 28.003436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.003702] kthread+0x337/0x6f0 [ 28.003950] ret_from_fork+0x116/0x1d0 [ 28.004280] ret_from_fork_asm+0x1a/0x30 [ 28.004553] [ 28.004664] The buggy address belongs to the object at ffff88810625b900 [ 28.004664] which belongs to the cache kmalloc-64 of size 64 [ 28.005279] The buggy address is located 0 bytes to the right of [ 28.005279] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.005949] [ 28.006107] The buggy address belongs to the physical page: [ 28.006665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.007101] flags: 0x200000000000000(node=0|zone=2) [ 28.007351] page_type: f5(slab) [ 28.007504] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.008033] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.008507] page dumped because: kasan: bad access detected [ 28.008710] [ 28.008816] Memory state around the buggy address: [ 28.009129] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.009618] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.009924] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.010581] ^ [ 28.010815] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.011106] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.011510] ================================================================== [ 28.066809] ================================================================== [ 28.067150] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 28.067687] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.068079] [ 28.068182] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.068288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.068305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.068332] Call Trace: [ 28.068367] <TASK> [ 28.068410] dump_stack_lvl+0x73/0xb0 [ 28.068444] print_report+0xd1/0x650 [ 28.068471] ? __virt_addr_valid+0x1db/0x2d0 [ 28.068500] ? kasan_atomics_helper+0xa2b/0x5450 [ 28.068530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.068571] ? kasan_atomics_helper+0xa2b/0x5450 [ 28.068600] kasan_report+0x141/0x180 [ 28.068638] ? kasan_atomics_helper+0xa2b/0x5450 [ 28.068672] kasan_check_range+0x10c/0x1c0 [ 28.068700] __kasan_check_write+0x18/0x20 [ 28.068727] kasan_atomics_helper+0xa2b/0x5450 [ 28.068758] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.068788] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.068819] ? kasan_atomics+0x152/0x310 [ 28.068849] kasan_atomics+0x1dc/0x310 [ 28.068876] ? __pfx_kasan_atomics+0x10/0x10 [ 28.068904] ? __pfx_read_tsc+0x10/0x10 [ 28.068931] ? ktime_get_ts64+0x86/0x230 [ 28.068961] kunit_try_run_case+0x1a5/0x480 [ 28.068992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.069020] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.069051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.069080] ? __kthread_parkme+0x82/0x180 [ 28.069105] ? preempt_count_sub+0x50/0x80 [ 28.069133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.069403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.069443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.069473] kthread+0x337/0x6f0 [ 28.069498] ? trace_preempt_on+0x20/0xc0 [ 28.069527] ? __pfx_kthread+0x10/0x10 [ 28.069564] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.069592] ? calculate_sigpending+0x7b/0xa0 [ 28.069621] ? __pfx_kthread+0x10/0x10 [ 28.069661] ret_from_fork+0x116/0x1d0 [ 28.069684] ? __pfx_kthread+0x10/0x10 [ 28.069709] ret_from_fork_asm+0x1a/0x30 [ 28.069747] </TASK> [ 28.069762] [ 28.079273] Allocated by task 314: [ 28.079602] kasan_save_stack+0x45/0x70 [ 28.079826] kasan_save_track+0x18/0x40 [ 28.080041] kasan_save_alloc_info+0x3b/0x50 [ 28.080301] __kasan_kmalloc+0xb7/0xc0 [ 28.080544] __kmalloc_cache_noprof+0x189/0x420 [ 28.080857] kasan_atomics+0x95/0x310 [ 28.081068] kunit_try_run_case+0x1a5/0x480 [ 28.081358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.081662] kthread+0x337/0x6f0 [ 28.081848] ret_from_fork+0x116/0x1d0 [ 28.082060] ret_from_fork_asm+0x1a/0x30 [ 28.082212] [ 28.082288] The buggy address belongs to the object at ffff88810625b900 [ 28.082288] which belongs to the cache kmalloc-64 of size 64 [ 28.082703] The buggy address is located 0 bytes to the right of [ 28.082703] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.083794] [ 28.083986] The buggy address belongs to the physical page: [ 28.084379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.084786] flags: 0x200000000000000(node=0|zone=2) [ 28.085132] page_type: f5(slab) [ 28.085366] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.085648] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.085977] page dumped because: kasan: bad access detected [ 28.086286] [ 28.086527] Memory state around the buggy address: [ 28.086731] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.087094] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.087483] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.087789] ^ [ 28.088145] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.088701] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.089267] ================================================================== [ 27.700123] ================================================================== [ 27.700812] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 27.701331] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.701837] [ 27.702253] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.702316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.702334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.702362] Call Trace: [ 27.702388] <TASK> [ 27.702427] dump_stack_lvl+0x73/0xb0 [ 27.702462] print_report+0xd1/0x650 [ 27.702488] ? __virt_addr_valid+0x1db/0x2d0 [ 27.702516] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.702544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.702574] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.702604] kasan_report+0x141/0x180 [ 27.702628] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.702662] __asan_report_store4_noabort+0x1b/0x30 [ 27.702689] kasan_atomics_helper+0x4b6e/0x5450 [ 27.702718] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.702749] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.702778] ? kasan_atomics+0x152/0x310 [ 27.702807] kasan_atomics+0x1dc/0x310 [ 27.702833] ? __pfx_kasan_atomics+0x10/0x10 [ 27.702860] ? __pfx_read_tsc+0x10/0x10 [ 27.702886] ? ktime_get_ts64+0x86/0x230 [ 27.702915] kunit_try_run_case+0x1a5/0x480 [ 27.702947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.702974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.703003] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.703031] ? __kthread_parkme+0x82/0x180 [ 27.703056] ? preempt_count_sub+0x50/0x80 [ 27.703084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.703112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.703140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.703169] kthread+0x337/0x6f0 [ 27.703191] ? trace_preempt_on+0x20/0xc0 [ 27.703219] ? __pfx_kthread+0x10/0x10 [ 27.703243] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.703268] ? calculate_sigpending+0x7b/0xa0 [ 27.703296] ? __pfx_kthread+0x10/0x10 [ 27.703321] ret_from_fork+0x116/0x1d0 [ 27.703345] ? __pfx_kthread+0x10/0x10 [ 27.703369] ret_from_fork_asm+0x1a/0x30 [ 27.703418] </TASK> [ 27.703432] [ 27.717047] Allocated by task 314: [ 27.717472] kasan_save_stack+0x45/0x70 [ 27.717945] kasan_save_track+0x18/0x40 [ 27.718446] kasan_save_alloc_info+0x3b/0x50 [ 27.718916] __kasan_kmalloc+0xb7/0xc0 [ 27.719356] __kmalloc_cache_noprof+0x189/0x420 [ 27.719802] kasan_atomics+0x95/0x310 [ 27.719960] kunit_try_run_case+0x1a5/0x480 [ 27.720121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.720786] kthread+0x337/0x6f0 [ 27.721205] ret_from_fork+0x116/0x1d0 [ 27.721585] ret_from_fork_asm+0x1a/0x30 [ 27.721998] [ 27.722074] The buggy address belongs to the object at ffff88810625b900 [ 27.722074] which belongs to the cache kmalloc-64 of size 64 [ 27.723097] The buggy address is located 0 bytes to the right of [ 27.723097] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.724397] [ 27.724502] The buggy address belongs to the physical page: [ 27.724694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.725538] flags: 0x200000000000000(node=0|zone=2) [ 27.726020] page_type: f5(slab) [ 27.726336] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.726887] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.727128] page dumped because: kasan: bad access detected [ 27.727768] [ 27.727967] Memory state around the buggy address: [ 27.728532] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.729312] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.729921] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.730770] ^ [ 27.730964] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.731749] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.732307] ================================================================== [ 28.992842] ================================================================== [ 28.993179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 28.993764] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.994225] [ 28.994352] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.994419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.994435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.994461] Call Trace: [ 28.994483] <TASK> [ 28.994505] dump_stack_lvl+0x73/0xb0 [ 28.994537] print_report+0xd1/0x650 [ 28.994565] ? __virt_addr_valid+0x1db/0x2d0 [ 28.994593] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.994621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.994650] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.994677] kasan_report+0x141/0x180 [ 28.994702] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.994737] kasan_check_range+0x10c/0x1c0 [ 28.994764] __kasan_check_write+0x18/0x20 [ 28.994790] kasan_atomics_helper+0x1ce1/0x5450 [ 28.994819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.994850] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.994879] ? kasan_atomics+0x152/0x310 [ 28.994967] kasan_atomics+0x1dc/0x310 [ 28.994995] ? __pfx_kasan_atomics+0x10/0x10 [ 28.995035] ? __pfx_read_tsc+0x10/0x10 [ 28.995061] ? ktime_get_ts64+0x86/0x230 [ 28.995090] kunit_try_run_case+0x1a5/0x480 [ 28.995119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.995146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.995175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.995202] ? __kthread_parkme+0x82/0x180 [ 28.995226] ? preempt_count_sub+0x50/0x80 [ 28.995253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.995282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.995310] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.995338] kthread+0x337/0x6f0 [ 28.995464] ? trace_preempt_on+0x20/0xc0 [ 28.995493] ? __pfx_kthread+0x10/0x10 [ 28.995529] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.995556] ? calculate_sigpending+0x7b/0xa0 [ 28.995585] ? __pfx_kthread+0x10/0x10 [ 28.995609] ret_from_fork+0x116/0x1d0 [ 28.995632] ? __pfx_kthread+0x10/0x10 [ 28.995656] ret_from_fork_asm+0x1a/0x30 [ 28.995691] </TASK> [ 28.995706] [ 29.005938] Allocated by task 314: [ 29.006246] kasan_save_stack+0x45/0x70 [ 29.006429] kasan_save_track+0x18/0x40 [ 29.006579] kasan_save_alloc_info+0x3b/0x50 [ 29.006766] __kasan_kmalloc+0xb7/0xc0 [ 29.007097] __kmalloc_cache_noprof+0x189/0x420 [ 29.007588] kasan_atomics+0x95/0x310 [ 29.007800] kunit_try_run_case+0x1a5/0x480 [ 29.008143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.008446] kthread+0x337/0x6f0 [ 29.008580] ret_from_fork+0x116/0x1d0 [ 29.008783] ret_from_fork_asm+0x1a/0x30 [ 29.009154] [ 29.009466] The buggy address belongs to the object at ffff88810625b900 [ 29.009466] which belongs to the cache kmalloc-64 of size 64 [ 29.009994] The buggy address is located 0 bytes to the right of [ 29.009994] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.010664] [ 29.010773] The buggy address belongs to the physical page: [ 29.011117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.011413] flags: 0x200000000000000(node=0|zone=2) [ 29.011670] page_type: f5(slab) [ 29.012011] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.012377] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.012767] page dumped because: kasan: bad access detected [ 29.013068] [ 29.013280] Memory state around the buggy address: [ 29.013577] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.013982] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.014474] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.014847] ^ [ 29.015128] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.015538] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.015911] ================================================================== [ 28.971372] ================================================================== [ 28.972017] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 28.972809] Read of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.973269] [ 28.973412] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.973470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.973485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.973511] Call Trace: [ 28.973535] <TASK> [ 28.973559] dump_stack_lvl+0x73/0xb0 [ 28.973590] print_report+0xd1/0x650 [ 28.973614] ? __virt_addr_valid+0x1db/0x2d0 [ 28.973642] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.973669] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.973697] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.973724] kasan_report+0x141/0x180 [ 28.973749] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.973781] __asan_report_load8_noabort+0x18/0x20 [ 28.973807] kasan_atomics_helper+0x4f30/0x5450 [ 28.973835] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.973862] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.973889] ? kasan_atomics+0x152/0x310 [ 28.973916] kasan_atomics+0x1dc/0x310 [ 28.973940] ? __pfx_kasan_atomics+0x10/0x10 [ 28.973967] ? __pfx_read_tsc+0x10/0x10 [ 28.973991] ? ktime_get_ts64+0x86/0x230 [ 28.974018] kunit_try_run_case+0x1a5/0x480 [ 28.974046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.974072] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.974099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.974125] ? __kthread_parkme+0x82/0x180 [ 28.974179] ? preempt_count_sub+0x50/0x80 [ 28.974206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.974244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.974272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.974298] kthread+0x337/0x6f0 [ 28.974321] ? trace_preempt_on+0x20/0xc0 [ 28.974348] ? __pfx_kthread+0x10/0x10 [ 28.974372] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.974404] ? calculate_sigpending+0x7b/0xa0 [ 28.974431] ? __pfx_kthread+0x10/0x10 [ 28.974454] ret_from_fork+0x116/0x1d0 [ 28.974476] ? __pfx_kthread+0x10/0x10 [ 28.974499] ret_from_fork_asm+0x1a/0x30 [ 28.974534] </TASK> [ 28.974547] [ 28.982982] Allocated by task 314: [ 28.983194] kasan_save_stack+0x45/0x70 [ 28.983612] kasan_save_track+0x18/0x40 [ 28.983753] kasan_save_alloc_info+0x3b/0x50 [ 28.983900] __kasan_kmalloc+0xb7/0xc0 [ 28.984043] __kmalloc_cache_noprof+0x189/0x420 [ 28.984202] kasan_atomics+0x95/0x310 [ 28.984339] kunit_try_run_case+0x1a5/0x480 [ 28.984706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.985019] kthread+0x337/0x6f0 [ 28.985447] ret_from_fork+0x116/0x1d0 [ 28.985654] ret_from_fork_asm+0x1a/0x30 [ 28.985865] [ 28.985961] The buggy address belongs to the object at ffff88810625b900 [ 28.985961] which belongs to the cache kmalloc-64 of size 64 [ 28.986529] The buggy address is located 0 bytes to the right of [ 28.986529] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.987068] [ 28.987226] The buggy address belongs to the physical page: [ 28.987584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.987910] flags: 0x200000000000000(node=0|zone=2) [ 28.988241] page_type: f5(slab) [ 28.988440] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.988842] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.989176] page dumped because: kasan: bad access detected [ 28.989353] [ 28.989434] Memory state around the buggy address: [ 28.989596] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.989980] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.990574] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.990954] ^ [ 28.991271] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.991598] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.991857] ================================================================== [ 29.262722] ================================================================== [ 29.263072] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 29.263528] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.263871] [ 29.264033] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.264115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.264131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.264160] Call Trace: [ 29.264184] <TASK> [ 29.264209] dump_stack_lvl+0x73/0xb0 [ 29.264250] print_report+0xd1/0x650 [ 29.264277] ? __virt_addr_valid+0x1db/0x2d0 [ 29.264307] ? kasan_atomics_helper+0x224c/0x5450 [ 29.264338] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.264369] ? kasan_atomics_helper+0x224c/0x5450 [ 29.264436] kasan_report+0x141/0x180 [ 29.264463] ? kasan_atomics_helper+0x224c/0x5450 [ 29.264499] kasan_check_range+0x10c/0x1c0 [ 29.264546] __kasan_check_write+0x18/0x20 [ 29.264574] kasan_atomics_helper+0x224c/0x5450 [ 29.264604] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.264635] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.264665] ? kasan_atomics+0x152/0x310 [ 29.264696] kasan_atomics+0x1dc/0x310 [ 29.264741] ? __pfx_kasan_atomics+0x10/0x10 [ 29.264770] ? __pfx_read_tsc+0x10/0x10 [ 29.264796] ? ktime_get_ts64+0x86/0x230 [ 29.264827] kunit_try_run_case+0x1a5/0x480 [ 29.264858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.264887] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.264919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.264950] ? __kthread_parkme+0x82/0x180 [ 29.264993] ? preempt_count_sub+0x50/0x80 [ 29.265023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.265065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.265095] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.265125] kthread+0x337/0x6f0 [ 29.265149] ? trace_preempt_on+0x20/0xc0 [ 29.265180] ? __pfx_kthread+0x10/0x10 [ 29.265206] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.265253] ? calculate_sigpending+0x7b/0xa0 [ 29.265283] ? __pfx_kthread+0x10/0x10 [ 29.265310] ret_from_fork+0x116/0x1d0 [ 29.265333] ? __pfx_kthread+0x10/0x10 [ 29.265358] ret_from_fork_asm+0x1a/0x30 [ 29.265406] </TASK> [ 29.265422] [ 29.274322] Allocated by task 314: [ 29.274582] kasan_save_stack+0x45/0x70 [ 29.274817] kasan_save_track+0x18/0x40 [ 29.275015] kasan_save_alloc_info+0x3b/0x50 [ 29.275179] __kasan_kmalloc+0xb7/0xc0 [ 29.275360] __kmalloc_cache_noprof+0x189/0x420 [ 29.275644] kasan_atomics+0x95/0x310 [ 29.275877] kunit_try_run_case+0x1a5/0x480 [ 29.276189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.276471] kthread+0x337/0x6f0 [ 29.276680] ret_from_fork+0x116/0x1d0 [ 29.276875] ret_from_fork_asm+0x1a/0x30 [ 29.277116] [ 29.277254] The buggy address belongs to the object at ffff88810625b900 [ 29.277254] which belongs to the cache kmalloc-64 of size 64 [ 29.277901] The buggy address is located 0 bytes to the right of [ 29.277901] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.278511] [ 29.278615] The buggy address belongs to the physical page: [ 29.278880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.279151] flags: 0x200000000000000(node=0|zone=2) [ 29.279334] page_type: f5(slab) [ 29.279476] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.279895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.280277] page dumped because: kasan: bad access detected [ 29.280597] [ 29.280739] Memory state around the buggy address: [ 29.281175] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.281487] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.281726] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.282237] ^ [ 29.282495] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.282905] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.283240] ================================================================== [ 27.605015] ================================================================== [ 27.605924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 27.606479] Read of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.607052] [ 27.607184] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.607246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.607260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.607287] Call Trace: [ 27.607303] <TASK> [ 27.607326] dump_stack_lvl+0x73/0xb0 [ 27.607362] print_report+0xd1/0x650 [ 27.607388] ? __virt_addr_valid+0x1db/0x2d0 [ 27.607432] ? kasan_atomics_helper+0x4bbc/0x5450 [ 27.607459] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.607489] ? kasan_atomics_helper+0x4bbc/0x5450 [ 27.607517] kasan_report+0x141/0x180 [ 27.607542] ? kasan_atomics_helper+0x4bbc/0x5450 [ 27.607574] __asan_report_load4_noabort+0x18/0x20 [ 27.607600] kasan_atomics_helper+0x4bbc/0x5450 [ 27.607629] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.607658] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.607686] ? kasan_atomics+0x152/0x310 [ 27.607715] kasan_atomics+0x1dc/0x310 [ 27.607741] ? __pfx_kasan_atomics+0x10/0x10 [ 27.607768] ? __pfx_read_tsc+0x10/0x10 [ 27.607794] ? ktime_get_ts64+0x86/0x230 [ 27.607824] kunit_try_run_case+0x1a5/0x480 [ 27.607857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.607901] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.607931] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.607958] ? __kthread_parkme+0x82/0x180 [ 27.607983] ? preempt_count_sub+0x50/0x80 [ 27.608012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.608040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.608068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.608096] kthread+0x337/0x6f0 [ 27.608119] ? trace_preempt_on+0x20/0xc0 [ 27.608146] ? __pfx_kthread+0x10/0x10 [ 27.608169] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.608195] ? calculate_sigpending+0x7b/0xa0 [ 27.608230] ? __pfx_kthread+0x10/0x10 [ 27.608255] ret_from_fork+0x116/0x1d0 [ 27.608277] ? __pfx_kthread+0x10/0x10 [ 27.608301] ret_from_fork_asm+0x1a/0x30 [ 27.608338] </TASK> [ 27.608353] [ 27.619403] Allocated by task 314: [ 27.619646] kasan_save_stack+0x45/0x70 [ 27.619842] kasan_save_track+0x18/0x40 [ 27.620236] kasan_save_alloc_info+0x3b/0x50 [ 27.620493] __kasan_kmalloc+0xb7/0xc0 [ 27.620655] __kmalloc_cache_noprof+0x189/0x420 [ 27.621002] kasan_atomics+0x95/0x310 [ 27.621381] kunit_try_run_case+0x1a5/0x480 [ 27.621680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.621911] kthread+0x337/0x6f0 [ 27.622243] ret_from_fork+0x116/0x1d0 [ 27.622519] ret_from_fork_asm+0x1a/0x30 [ 27.622974] [ 27.623065] The buggy address belongs to the object at ffff88810625b900 [ 27.623065] which belongs to the cache kmalloc-64 of size 64 [ 27.623752] The buggy address is located 0 bytes to the right of [ 27.623752] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.624707] [ 27.624831] The buggy address belongs to the physical page: [ 27.625185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.625683] flags: 0x200000000000000(node=0|zone=2) [ 27.626015] page_type: f5(slab) [ 27.626182] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.626642] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.627154] page dumped because: kasan: bad access detected [ 27.627421] [ 27.627590] Memory state around the buggy address: [ 27.627941] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.628292] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.628947] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.629317] ^ [ 27.629554] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.629968] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.630280] ================================================================== [ 28.715808] ================================================================== [ 28.717137] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 28.717439] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.717695] [ 28.717800] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.717859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.717884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.717912] Call Trace: [ 28.717937] <TASK> [ 28.717963] dump_stack_lvl+0x73/0xb0 [ 28.717995] print_report+0xd1/0x650 [ 28.718024] ? __virt_addr_valid+0x1db/0x2d0 [ 28.718053] ? kasan_atomics_helper+0x15b6/0x5450 [ 28.718083] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.718115] ? kasan_atomics_helper+0x15b6/0x5450 [ 28.718146] kasan_report+0x141/0x180 [ 28.718173] ? kasan_atomics_helper+0x15b6/0x5450 [ 28.718209] kasan_check_range+0x10c/0x1c0 [ 28.718237] __kasan_check_write+0x18/0x20 [ 28.718266] kasan_atomics_helper+0x15b6/0x5450 [ 28.718297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.718328] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.718358] ? kasan_atomics+0x152/0x310 [ 28.718415] kasan_atomics+0x1dc/0x310 [ 28.718459] ? __pfx_kasan_atomics+0x10/0x10 [ 28.718488] ? __pfx_read_tsc+0x10/0x10 [ 28.718515] ? ktime_get_ts64+0x86/0x230 [ 28.718545] kunit_try_run_case+0x1a5/0x480 [ 28.718577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.718605] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.718635] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.718665] ? __kthread_parkme+0x82/0x180 [ 28.718691] ? preempt_count_sub+0x50/0x80 [ 28.718720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.718751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.718780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.718824] kthread+0x337/0x6f0 [ 28.718849] ? trace_preempt_on+0x20/0xc0 [ 28.718892] ? __pfx_kthread+0x10/0x10 [ 28.718918] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.718946] ? calculate_sigpending+0x7b/0xa0 [ 28.718976] ? __pfx_kthread+0x10/0x10 [ 28.719002] ret_from_fork+0x116/0x1d0 [ 28.719026] ? __pfx_kthread+0x10/0x10 [ 28.719062] ret_from_fork_asm+0x1a/0x30 [ 28.719113] </TASK> [ 28.719140] [ 28.734489] Allocated by task 314: [ 28.734892] kasan_save_stack+0x45/0x70 [ 28.735310] kasan_save_track+0x18/0x40 [ 28.735591] kasan_save_alloc_info+0x3b/0x50 [ 28.735981] __kasan_kmalloc+0xb7/0xc0 [ 28.736407] __kmalloc_cache_noprof+0x189/0x420 [ 28.736789] kasan_atomics+0x95/0x310 [ 28.737045] kunit_try_run_case+0x1a5/0x480 [ 28.737407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.737601] kthread+0x337/0x6f0 [ 28.737731] ret_from_fork+0x116/0x1d0 [ 28.737875] ret_from_fork_asm+0x1a/0x30 [ 28.738061] [ 28.738194] The buggy address belongs to the object at ffff88810625b900 [ 28.738194] which belongs to the cache kmalloc-64 of size 64 [ 28.738754] The buggy address is located 0 bytes to the right of [ 28.738754] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.739351] [ 28.739470] The buggy address belongs to the physical page: [ 28.739723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.740096] flags: 0x200000000000000(node=0|zone=2) [ 28.740315] page_type: f5(slab) [ 28.740461] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.741162] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.741494] page dumped because: kasan: bad access detected [ 28.741763] [ 28.741863] Memory state around the buggy address: [ 28.742194] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.742442] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.742795] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.743243] ^ [ 28.743469] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.743783] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.744091] ================================================================== [ 29.039010] ================================================================== [ 29.039475] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 29.039860] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.040195] [ 29.040318] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.040374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.040400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.040427] Call Trace: [ 29.040450] <TASK> [ 29.040473] dump_stack_lvl+0x73/0xb0 [ 29.040503] print_report+0xd1/0x650 [ 29.040529] ? __virt_addr_valid+0x1db/0x2d0 [ 29.040556] ? kasan_atomics_helper+0x1e12/0x5450 [ 29.040583] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.040612] ? kasan_atomics_helper+0x1e12/0x5450 [ 29.040641] kasan_report+0x141/0x180 [ 29.040665] ? kasan_atomics_helper+0x1e12/0x5450 [ 29.040697] kasan_check_range+0x10c/0x1c0 [ 29.040725] __kasan_check_write+0x18/0x20 [ 29.040750] kasan_atomics_helper+0x1e12/0x5450 [ 29.040777] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.040806] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.040833] ? kasan_atomics+0x152/0x310 [ 29.040862] kasan_atomics+0x1dc/0x310 [ 29.040886] ? __pfx_kasan_atomics+0x10/0x10 [ 29.040953] ? __pfx_read_tsc+0x10/0x10 [ 29.040979] ? ktime_get_ts64+0x86/0x230 [ 29.041020] kunit_try_run_case+0x1a5/0x480 [ 29.041050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.041076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.041104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.041130] ? __kthread_parkme+0x82/0x180 [ 29.041154] ? preempt_count_sub+0x50/0x80 [ 29.041181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.041208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.041236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.041263] kthread+0x337/0x6f0 [ 29.041285] ? trace_preempt_on+0x20/0xc0 [ 29.041313] ? __pfx_kthread+0x10/0x10 [ 29.041339] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.041363] ? calculate_sigpending+0x7b/0xa0 [ 29.041399] ? __pfx_kthread+0x10/0x10 [ 29.041422] ret_from_fork+0x116/0x1d0 [ 29.041445] ? __pfx_kthread+0x10/0x10 [ 29.041468] ret_from_fork_asm+0x1a/0x30 [ 29.041502] </TASK> [ 29.041516] [ 29.049650] Allocated by task 314: [ 29.049860] kasan_save_stack+0x45/0x70 [ 29.050112] kasan_save_track+0x18/0x40 [ 29.050298] kasan_save_alloc_info+0x3b/0x50 [ 29.050502] __kasan_kmalloc+0xb7/0xc0 [ 29.050697] __kmalloc_cache_noprof+0x189/0x420 [ 29.050919] kasan_atomics+0x95/0x310 [ 29.051058] kunit_try_run_case+0x1a5/0x480 [ 29.051255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.051551] kthread+0x337/0x6f0 [ 29.051723] ret_from_fork+0x116/0x1d0 [ 29.051956] ret_from_fork_asm+0x1a/0x30 [ 29.052141] [ 29.052277] The buggy address belongs to the object at ffff88810625b900 [ 29.052277] which belongs to the cache kmalloc-64 of size 64 [ 29.052777] The buggy address is located 0 bytes to the right of [ 29.052777] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.053459] [ 29.053560] The buggy address belongs to the physical page: [ 29.053865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.054162] flags: 0x200000000000000(node=0|zone=2) [ 29.054333] page_type: f5(slab) [ 29.054560] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.054979] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.055320] page dumped because: kasan: bad access detected [ 29.055613] [ 29.055740] Memory state around the buggy address: [ 29.056052] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.056397] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.056626] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.056848] ^ [ 29.057007] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.057415] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.057885] ================================================================== [ 29.164862] ================================================================== [ 29.165257] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 29.166081] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.166401] [ 29.166522] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.166577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.166593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.166620] Call Trace: [ 29.166643] <TASK> [ 29.166666] dump_stack_lvl+0x73/0xb0 [ 29.166697] print_report+0xd1/0x650 [ 29.166723] ? __virt_addr_valid+0x1db/0x2d0 [ 29.166750] ? kasan_atomics_helper+0x20c8/0x5450 [ 29.166778] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.166807] ? kasan_atomics_helper+0x20c8/0x5450 [ 29.166835] kasan_report+0x141/0x180 [ 29.166860] ? kasan_atomics_helper+0x20c8/0x5450 [ 29.166893] kasan_check_range+0x10c/0x1c0 [ 29.166947] __kasan_check_write+0x18/0x20 [ 29.166974] kasan_atomics_helper+0x20c8/0x5450 [ 29.167004] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.167036] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.167065] ? kasan_atomics+0x152/0x310 [ 29.167095] kasan_atomics+0x1dc/0x310 [ 29.167121] ? __pfx_kasan_atomics+0x10/0x10 [ 29.167148] ? __pfx_read_tsc+0x10/0x10 [ 29.167173] ? ktime_get_ts64+0x86/0x230 [ 29.167202] kunit_try_run_case+0x1a5/0x480 [ 29.167232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.167259] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.167287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.167315] ? __kthread_parkme+0x82/0x180 [ 29.167339] ? preempt_count_sub+0x50/0x80 [ 29.167366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.167436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.167465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.167506] kthread+0x337/0x6f0 [ 29.167529] ? trace_preempt_on+0x20/0xc0 [ 29.167587] ? __pfx_kthread+0x10/0x10 [ 29.167610] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.167664] ? calculate_sigpending+0x7b/0xa0 [ 29.167692] ? __pfx_kthread+0x10/0x10 [ 29.167717] ret_from_fork+0x116/0x1d0 [ 29.167739] ? __pfx_kthread+0x10/0x10 [ 29.167764] ret_from_fork_asm+0x1a/0x30 [ 29.167799] </TASK> [ 29.167813] [ 29.176544] Allocated by task 314: [ 29.176741] kasan_save_stack+0x45/0x70 [ 29.177050] kasan_save_track+0x18/0x40 [ 29.177227] kasan_save_alloc_info+0x3b/0x50 [ 29.177374] __kasan_kmalloc+0xb7/0xc0 [ 29.177520] __kmalloc_cache_noprof+0x189/0x420 [ 29.177676] kasan_atomics+0x95/0x310 [ 29.177807] kunit_try_run_case+0x1a5/0x480 [ 29.178191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.178536] kthread+0x337/0x6f0 [ 29.178773] ret_from_fork+0x116/0x1d0 [ 29.179176] ret_from_fork_asm+0x1a/0x30 [ 29.179428] [ 29.179520] The buggy address belongs to the object at ffff88810625b900 [ 29.179520] which belongs to the cache kmalloc-64 of size 64 [ 29.180076] The buggy address is located 0 bytes to the right of [ 29.180076] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.180470] [ 29.180546] The buggy address belongs to the physical page: [ 29.180722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.180963] flags: 0x200000000000000(node=0|zone=2) [ 29.181144] page_type: f5(slab) [ 29.181327] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.181740] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.182240] page dumped because: kasan: bad access detected [ 29.182616] [ 29.182777] Memory state around the buggy address: [ 29.183161] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.183581] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.183935] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.184266] ^ [ 29.184508] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.184833] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.185262] ================================================================== [ 28.166351] ================================================================== [ 28.168713] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 28.170545] Read of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.171771] [ 28.172375] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.172465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.172484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.172513] Call Trace: [ 28.172538] <TASK> [ 28.172565] dump_stack_lvl+0x73/0xb0 [ 28.172603] print_report+0xd1/0x650 [ 28.172633] ? __virt_addr_valid+0x1db/0x2d0 [ 28.172664] ? kasan_atomics_helper+0x4a84/0x5450 [ 28.172694] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.172724] ? kasan_atomics_helper+0x4a84/0x5450 [ 28.172755] kasan_report+0x141/0x180 [ 28.172781] ? kasan_atomics_helper+0x4a84/0x5450 [ 28.172818] __asan_report_load4_noabort+0x18/0x20 [ 28.172848] kasan_atomics_helper+0x4a84/0x5450 [ 28.172879] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.172910] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.172940] ? kasan_atomics+0x152/0x310 [ 28.172972] kasan_atomics+0x1dc/0x310 [ 28.173001] ? __pfx_kasan_atomics+0x10/0x10 [ 28.173031] ? __pfx_read_tsc+0x10/0x10 [ 28.173059] ? ktime_get_ts64+0x86/0x230 [ 28.173090] kunit_try_run_case+0x1a5/0x480 [ 28.173121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.173150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.173180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.173210] ? __kthread_parkme+0x82/0x180 [ 28.173236] ? preempt_count_sub+0x50/0x80 [ 28.173267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.173298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.173329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.173359] kthread+0x337/0x6f0 [ 28.173383] ? trace_preempt_on+0x20/0xc0 [ 28.173427] ? __pfx_kthread+0x10/0x10 [ 28.173452] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.173480] ? calculate_sigpending+0x7b/0xa0 [ 28.173509] ? __pfx_kthread+0x10/0x10 [ 28.173536] ret_from_fork+0x116/0x1d0 [ 28.173559] ? __pfx_kthread+0x10/0x10 [ 28.173584] ret_from_fork_asm+0x1a/0x30 [ 28.173622] </TASK> [ 28.173637] [ 28.190763] Allocated by task 314: [ 28.191172] kasan_save_stack+0x45/0x70 [ 28.191373] kasan_save_track+0x18/0x40 [ 28.191617] kasan_save_alloc_info+0x3b/0x50 [ 28.192112] __kasan_kmalloc+0xb7/0xc0 [ 28.192568] __kmalloc_cache_noprof+0x189/0x420 [ 28.193043] kasan_atomics+0x95/0x310 [ 28.193299] kunit_try_run_case+0x1a5/0x480 [ 28.193818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.194356] kthread+0x337/0x6f0 [ 28.194500] ret_from_fork+0x116/0x1d0 [ 28.194700] ret_from_fork_asm+0x1a/0x30 [ 28.195141] [ 28.195321] The buggy address belongs to the object at ffff88810625b900 [ 28.195321] which belongs to the cache kmalloc-64 of size 64 [ 28.196721] The buggy address is located 0 bytes to the right of [ 28.196721] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.197784] [ 28.197977] The buggy address belongs to the physical page: [ 28.198595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.198933] flags: 0x200000000000000(node=0|zone=2) [ 28.199446] page_type: f5(slab) [ 28.199811] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.200615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.201317] page dumped because: kasan: bad access detected [ 28.201554] [ 28.201630] Memory state around the buggy address: [ 28.201802] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.202406] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.203055] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.203304] ^ [ 28.203639] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.203873] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.204462] ================================================================== [ 29.058816] ================================================================== [ 29.059228] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 29.059677] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.060126] [ 29.060276] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.060346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.060361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.060387] Call Trace: [ 29.060421] <TASK> [ 29.060445] dump_stack_lvl+0x73/0xb0 [ 29.060476] print_report+0xd1/0x650 [ 29.060517] ? __virt_addr_valid+0x1db/0x2d0 [ 29.060545] ? kasan_atomics_helper+0x1eaa/0x5450 [ 29.060572] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.060602] ? kasan_atomics_helper+0x1eaa/0x5450 [ 29.060630] kasan_report+0x141/0x180 [ 29.060654] ? kasan_atomics_helper+0x1eaa/0x5450 [ 29.060687] kasan_check_range+0x10c/0x1c0 [ 29.060713] __kasan_check_write+0x18/0x20 [ 29.060771] kasan_atomics_helper+0x1eaa/0x5450 [ 29.060801] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.060859] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.060886] ? kasan_atomics+0x152/0x310 [ 29.060914] kasan_atomics+0x1dc/0x310 [ 29.060940] ? __pfx_kasan_atomics+0x10/0x10 [ 29.060965] ? __pfx_read_tsc+0x10/0x10 [ 29.060990] ? ktime_get_ts64+0x86/0x230 [ 29.061019] kunit_try_run_case+0x1a5/0x480 [ 29.061047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.061073] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.061101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.061128] ? __kthread_parkme+0x82/0x180 [ 29.061152] ? preempt_count_sub+0x50/0x80 [ 29.061179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.061206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.061233] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.061264] kthread+0x337/0x6f0 [ 29.061287] ? trace_preempt_on+0x20/0xc0 [ 29.061345] ? __pfx_kthread+0x10/0x10 [ 29.061369] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.061411] ? calculate_sigpending+0x7b/0xa0 [ 29.061439] ? __pfx_kthread+0x10/0x10 [ 29.061464] ret_from_fork+0x116/0x1d0 [ 29.061487] ? __pfx_kthread+0x10/0x10 [ 29.061510] ret_from_fork_asm+0x1a/0x30 [ 29.061545] </TASK> [ 29.061558] [ 29.069689] Allocated by task 314: [ 29.069832] kasan_save_stack+0x45/0x70 [ 29.070028] kasan_save_track+0x18/0x40 [ 29.070268] kasan_save_alloc_info+0x3b/0x50 [ 29.070517] __kasan_kmalloc+0xb7/0xc0 [ 29.070805] __kmalloc_cache_noprof+0x189/0x420 [ 29.071197] kasan_atomics+0x95/0x310 [ 29.071477] kunit_try_run_case+0x1a5/0x480 [ 29.071805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.072126] kthread+0x337/0x6f0 [ 29.072261] ret_from_fork+0x116/0x1d0 [ 29.072411] ret_from_fork_asm+0x1a/0x30 [ 29.072555] [ 29.072642] The buggy address belongs to the object at ffff88810625b900 [ 29.072642] which belongs to the cache kmalloc-64 of size 64 [ 29.073252] The buggy address is located 0 bytes to the right of [ 29.073252] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.073911] [ 29.073988] The buggy address belongs to the physical page: [ 29.074231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.074633] flags: 0x200000000000000(node=0|zone=2) [ 29.074874] page_type: f5(slab) [ 29.075065] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.075307] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.075553] page dumped because: kasan: bad access detected [ 29.075816] [ 29.075960] Memory state around the buggy address: [ 29.076206] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.076556] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.076892] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.077133] ^ [ 29.077446] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.077676] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.077918] ================================================================== [ 28.462632] ================================================================== [ 28.463010] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 28.463520] Read of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.463767] [ 28.463892] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.463950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.463966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.463993] Call Trace: [ 28.464016] <TASK> [ 28.464040] dump_stack_lvl+0x73/0xb0 [ 28.464072] print_report+0xd1/0x650 [ 28.464098] ? __virt_addr_valid+0x1db/0x2d0 [ 28.464127] ? kasan_atomics_helper+0x4a02/0x5450 [ 28.464156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.464186] ? kasan_atomics_helper+0x4a02/0x5450 [ 28.464217] kasan_report+0x141/0x180 [ 28.464247] ? kasan_atomics_helper+0x4a02/0x5450 [ 28.464282] __asan_report_load4_noabort+0x18/0x20 [ 28.464309] kasan_atomics_helper+0x4a02/0x5450 [ 28.464340] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.464371] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.464411] ? kasan_atomics+0x152/0x310 [ 28.464441] kasan_atomics+0x1dc/0x310 [ 28.464467] ? __pfx_kasan_atomics+0x10/0x10 [ 28.464495] ? __pfx_read_tsc+0x10/0x10 [ 28.464521] ? ktime_get_ts64+0x86/0x230 [ 28.464550] kunit_try_run_case+0x1a5/0x480 [ 28.464581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.464609] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.464660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.464690] ? __kthread_parkme+0x82/0x180 [ 28.464726] ? preempt_count_sub+0x50/0x80 [ 28.464754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.464784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.464814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.464843] kthread+0x337/0x6f0 [ 28.464867] ? trace_preempt_on+0x20/0xc0 [ 28.464896] ? __pfx_kthread+0x10/0x10 [ 28.464922] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.464949] ? calculate_sigpending+0x7b/0xa0 [ 28.464978] ? __pfx_kthread+0x10/0x10 [ 28.465005] ret_from_fork+0x116/0x1d0 [ 28.465028] ? __pfx_kthread+0x10/0x10 [ 28.465053] ret_from_fork_asm+0x1a/0x30 [ 28.465091] </TASK> [ 28.465106] [ 28.473241] Allocated by task 314: [ 28.473424] kasan_save_stack+0x45/0x70 [ 28.473608] kasan_save_track+0x18/0x40 [ 28.473794] kasan_save_alloc_info+0x3b/0x50 [ 28.474014] __kasan_kmalloc+0xb7/0xc0 [ 28.474187] __kmalloc_cache_noprof+0x189/0x420 [ 28.474410] kasan_atomics+0x95/0x310 [ 28.474581] kunit_try_run_case+0x1a5/0x480 [ 28.474781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.475089] kthread+0x337/0x6f0 [ 28.475248] ret_from_fork+0x116/0x1d0 [ 28.475422] ret_from_fork_asm+0x1a/0x30 [ 28.475616] [ 28.475694] The buggy address belongs to the object at ffff88810625b900 [ 28.475694] which belongs to the cache kmalloc-64 of size 64 [ 28.476210] The buggy address is located 0 bytes to the right of [ 28.476210] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.476616] [ 28.476711] The buggy address belongs to the physical page: [ 28.476980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.477360] flags: 0x200000000000000(node=0|zone=2) [ 28.477578] page_type: f5(slab) [ 28.477708] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.477951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.478648] page dumped because: kasan: bad access detected [ 28.478929] [ 28.479018] Memory state around the buggy address: [ 28.479251] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.479505] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.479733] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.479955] ^ [ 28.480115] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.480349] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.480918] ================================================================== [ 28.415150] ================================================================== [ 28.415535] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 28.415921] Read of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.416189] [ 28.416319] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.416375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.416403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.416430] Call Trace: [ 28.416452] <TASK> [ 28.416474] dump_stack_lvl+0x73/0xb0 [ 28.416506] print_report+0xd1/0x650 [ 28.416532] ? __virt_addr_valid+0x1db/0x2d0 [ 28.416560] ? kasan_atomics_helper+0x4a1c/0x5450 [ 28.416590] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.416620] ? kasan_atomics_helper+0x4a1c/0x5450 [ 28.416650] kasan_report+0x141/0x180 [ 28.416677] ? kasan_atomics_helper+0x4a1c/0x5450 [ 28.416711] __asan_report_load4_noabort+0x18/0x20 [ 28.416740] kasan_atomics_helper+0x4a1c/0x5450 [ 28.416771] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.416801] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.416831] ? kasan_atomics+0x152/0x310 [ 28.416861] kasan_atomics+0x1dc/0x310 [ 28.416888] ? __pfx_kasan_atomics+0x10/0x10 [ 28.416917] ? __pfx_read_tsc+0x10/0x10 [ 28.416944] ? ktime_get_ts64+0x86/0x230 [ 28.416974] kunit_try_run_case+0x1a5/0x480 [ 28.417005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.417034] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.417062] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.417105] ? __kthread_parkme+0x82/0x180 [ 28.417131] ? preempt_count_sub+0x50/0x80 [ 28.417160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.417190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.417219] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.417249] kthread+0x337/0x6f0 [ 28.417274] ? trace_preempt_on+0x20/0xc0 [ 28.417304] ? __pfx_kthread+0x10/0x10 [ 28.417329] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.417356] ? calculate_sigpending+0x7b/0xa0 [ 28.417385] ? __pfx_kthread+0x10/0x10 [ 28.417424] ret_from_fork+0x116/0x1d0 [ 28.417448] ? __pfx_kthread+0x10/0x10 [ 28.417473] ret_from_fork_asm+0x1a/0x30 [ 28.417510] </TASK> [ 28.417525] [ 28.425530] Allocated by task 314: [ 28.425680] kasan_save_stack+0x45/0x70 [ 28.425839] kasan_save_track+0x18/0x40 [ 28.425982] kasan_save_alloc_info+0x3b/0x50 [ 28.426140] __kasan_kmalloc+0xb7/0xc0 [ 28.428440] __kmalloc_cache_noprof+0x189/0x420 [ 28.428658] kasan_atomics+0x95/0x310 [ 28.428807] kunit_try_run_case+0x1a5/0x480 [ 28.429031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.429372] kthread+0x337/0x6f0 [ 28.429519] ret_from_fork+0x116/0x1d0 [ 28.429665] ret_from_fork_asm+0x1a/0x30 [ 28.429817] [ 28.429894] The buggy address belongs to the object at ffff88810625b900 [ 28.429894] which belongs to the cache kmalloc-64 of size 64 [ 28.430541] The buggy address is located 0 bytes to the right of [ 28.430541] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.430973] [ 28.431058] The buggy address belongs to the physical page: [ 28.431249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.431733] flags: 0x200000000000000(node=0|zone=2) [ 28.434707] page_type: f5(slab) [ 28.434957] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.435227] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.435506] page dumped because: kasan: bad access detected [ 28.435697] [ 28.435804] Memory state around the buggy address: [ 28.435998] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.436239] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.436581] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.436870] ^ [ 28.437106] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.437339] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.438659] ================================================================== [ 28.329490] ================================================================== [ 28.330013] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 28.331071] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.331501] [ 28.331610] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.331670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.331688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.331717] Call Trace: [ 28.331742] <TASK> [ 28.331767] dump_stack_lvl+0x73/0xb0 [ 28.331802] print_report+0xd1/0x650 [ 28.331830] ? __virt_addr_valid+0x1db/0x2d0 [ 28.331897] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.331930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.331975] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.332006] kasan_report+0x141/0x180 [ 28.332032] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.332067] kasan_check_range+0x10c/0x1c0 [ 28.332095] __kasan_check_write+0x18/0x20 [ 28.332123] kasan_atomics_helper+0xfa9/0x5450 [ 28.332154] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.332358] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.332402] ? kasan_atomics+0x152/0x310 [ 28.332434] kasan_atomics+0x1dc/0x310 [ 28.332462] ? __pfx_kasan_atomics+0x10/0x10 [ 28.332490] ? __pfx_read_tsc+0x10/0x10 [ 28.332517] ? ktime_get_ts64+0x86/0x230 [ 28.332548] kunit_try_run_case+0x1a5/0x480 [ 28.332579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.332607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.332639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.332668] ? __kthread_parkme+0x82/0x180 [ 28.332694] ? preempt_count_sub+0x50/0x80 [ 28.332723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.332875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.332906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.332936] kthread+0x337/0x6f0 [ 28.332961] ? trace_preempt_on+0x20/0xc0 [ 28.332991] ? __pfx_kthread+0x10/0x10 [ 28.333017] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.333045] ? calculate_sigpending+0x7b/0xa0 [ 28.333075] ? __pfx_kthread+0x10/0x10 [ 28.333101] ret_from_fork+0x116/0x1d0 [ 28.333262] ? __pfx_kthread+0x10/0x10 [ 28.333300] ret_from_fork_asm+0x1a/0x30 [ 28.333340] </TASK> [ 28.333356] [ 28.350075] Allocated by task 314: [ 28.350610] kasan_save_stack+0x45/0x70 [ 28.351008] kasan_save_track+0x18/0x40 [ 28.351215] kasan_save_alloc_info+0x3b/0x50 [ 28.351705] __kasan_kmalloc+0xb7/0xc0 [ 28.352131] __kmalloc_cache_noprof+0x189/0x420 [ 28.352693] kasan_atomics+0x95/0x310 [ 28.352857] kunit_try_run_case+0x1a5/0x480 [ 28.353021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.353440] kthread+0x337/0x6f0 [ 28.353825] ret_from_fork+0x116/0x1d0 [ 28.354341] ret_from_fork_asm+0x1a/0x30 [ 28.354776] [ 28.354948] The buggy address belongs to the object at ffff88810625b900 [ 28.354948] which belongs to the cache kmalloc-64 of size 64 [ 28.356615] The buggy address is located 0 bytes to the right of [ 28.356615] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.357415] [ 28.357641] The buggy address belongs to the physical page: [ 28.358000] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.358631] flags: 0x200000000000000(node=0|zone=2) [ 28.359155] page_type: f5(slab) [ 28.359622] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.360169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.360849] page dumped because: kasan: bad access detected [ 28.361623] [ 28.361828] Memory state around the buggy address: [ 28.362093] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.362834] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.363758] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.364526] ^ [ 28.364892] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.365689] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.366051] ================================================================== [ 28.543982] ================================================================== [ 28.544315] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 28.544726] Read of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.545033] [ 28.545156] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.545213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.545229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.545257] Call Trace: [ 28.545279] <TASK> [ 28.545301] dump_stack_lvl+0x73/0xb0 [ 28.545331] print_report+0xd1/0x650 [ 28.545359] ? __virt_addr_valid+0x1db/0x2d0 [ 28.545387] ? kasan_atomics_helper+0x49ce/0x5450 [ 28.545428] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.545457] ? kasan_atomics_helper+0x49ce/0x5450 [ 28.545487] kasan_report+0x141/0x180 [ 28.545512] ? kasan_atomics_helper+0x49ce/0x5450 [ 28.545545] __asan_report_load4_noabort+0x18/0x20 [ 28.545572] kasan_atomics_helper+0x49ce/0x5450 [ 28.545602] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.545632] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.545661] ? kasan_atomics+0x152/0x310 [ 28.545690] kasan_atomics+0x1dc/0x310 [ 28.545717] ? __pfx_kasan_atomics+0x10/0x10 [ 28.545743] ? __pfx_read_tsc+0x10/0x10 [ 28.545769] ? ktime_get_ts64+0x86/0x230 [ 28.545797] kunit_try_run_case+0x1a5/0x480 [ 28.545826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.545853] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.545882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.545909] ? __kthread_parkme+0x82/0x180 [ 28.545933] ? preempt_count_sub+0x50/0x80 [ 28.545960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.545989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.546016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.546044] kthread+0x337/0x6f0 [ 28.546067] ? trace_preempt_on+0x20/0xc0 [ 28.546094] ? __pfx_kthread+0x10/0x10 [ 28.546119] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.546145] ? calculate_sigpending+0x7b/0xa0 [ 28.546173] ? __pfx_kthread+0x10/0x10 [ 28.546198] ret_from_fork+0x116/0x1d0 [ 28.546220] ? __pfx_kthread+0x10/0x10 [ 28.546244] ret_from_fork_asm+0x1a/0x30 [ 28.546279] </TASK> [ 28.546293] [ 28.562235] Allocated by task 314: [ 28.562409] kasan_save_stack+0x45/0x70 [ 28.562573] kasan_save_track+0x18/0x40 [ 28.562712] kasan_save_alloc_info+0x3b/0x50 [ 28.562892] __kasan_kmalloc+0xb7/0xc0 [ 28.563232] __kmalloc_cache_noprof+0x189/0x420 [ 28.563661] kasan_atomics+0x95/0x310 [ 28.564043] kunit_try_run_case+0x1a5/0x480 [ 28.564462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.565006] kthread+0x337/0x6f0 [ 28.565340] ret_from_fork+0x116/0x1d0 [ 28.565723] ret_from_fork_asm+0x1a/0x30 [ 28.566133] [ 28.566336] The buggy address belongs to the object at ffff88810625b900 [ 28.566336] which belongs to the cache kmalloc-64 of size 64 [ 28.567082] The buggy address is located 0 bytes to the right of [ 28.567082] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.567474] [ 28.567551] The buggy address belongs to the physical page: [ 28.567736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.568289] flags: 0x200000000000000(node=0|zone=2) [ 28.568783] page_type: f5(slab) [ 28.569134] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.569825] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.570528] page dumped because: kasan: bad access detected [ 28.571060] [ 28.571218] Memory state around the buggy address: [ 28.571669] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.572334] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.573005] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.573513] ^ [ 28.573745] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.574270] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.574506] ================================================================== [ 28.924055] ================================================================== [ 28.924786] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 28.925252] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.925507] [ 28.925605] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.925663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.925678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.925744] Call Trace: [ 28.925768] <TASK> [ 28.925821] dump_stack_lvl+0x73/0xb0 [ 28.925900] print_report+0xd1/0x650 [ 28.925927] ? __virt_addr_valid+0x1db/0x2d0 [ 28.925968] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.925996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.926025] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.926056] kasan_report+0x141/0x180 [ 28.926081] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.926115] kasan_check_range+0x10c/0x1c0 [ 28.926141] __kasan_check_write+0x18/0x20 [ 28.926198] kasan_atomics_helper+0x1b22/0x5450 [ 28.926228] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.926268] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.926298] ? kasan_atomics+0x152/0x310 [ 28.926329] kasan_atomics+0x1dc/0x310 [ 28.926354] ? __pfx_kasan_atomics+0x10/0x10 [ 28.926420] ? __pfx_read_tsc+0x10/0x10 [ 28.926447] ? ktime_get_ts64+0x86/0x230 [ 28.926477] kunit_try_run_case+0x1a5/0x480 [ 28.926517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.926545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.926602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.926630] ? __kthread_parkme+0x82/0x180 [ 28.926666] ? preempt_count_sub+0x50/0x80 [ 28.926694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.926750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.926779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.926819] kthread+0x337/0x6f0 [ 28.926842] ? trace_preempt_on+0x20/0xc0 [ 28.926890] ? __pfx_kthread+0x10/0x10 [ 28.926924] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.926950] ? calculate_sigpending+0x7b/0xa0 [ 28.926990] ? __pfx_kthread+0x10/0x10 [ 28.927015] ret_from_fork+0x116/0x1d0 [ 28.927039] ? __pfx_kthread+0x10/0x10 [ 28.927091] ret_from_fork_asm+0x1a/0x30 [ 28.927127] </TASK> [ 28.927142] [ 28.936253] Allocated by task 314: [ 28.936467] kasan_save_stack+0x45/0x70 [ 28.936704] kasan_save_track+0x18/0x40 [ 28.936938] kasan_save_alloc_info+0x3b/0x50 [ 28.937144] __kasan_kmalloc+0xb7/0xc0 [ 28.937340] __kmalloc_cache_noprof+0x189/0x420 [ 28.937593] kasan_atomics+0x95/0x310 [ 28.937820] kunit_try_run_case+0x1a5/0x480 [ 28.937978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.938164] kthread+0x337/0x6f0 [ 28.938330] ret_from_fork+0x116/0x1d0 [ 28.938541] ret_from_fork_asm+0x1a/0x30 [ 28.938748] [ 28.938846] The buggy address belongs to the object at ffff88810625b900 [ 28.938846] which belongs to the cache kmalloc-64 of size 64 [ 28.939433] The buggy address is located 0 bytes to the right of [ 28.939433] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.940052] [ 28.940156] The buggy address belongs to the physical page: [ 28.940469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.940931] flags: 0x200000000000000(node=0|zone=2) [ 28.941172] page_type: f5(slab) [ 28.941302] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.941563] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.941937] page dumped because: kasan: bad access detected [ 28.942254] [ 28.942351] Memory state around the buggy address: [ 28.942604] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.943005] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.943350] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.943712] ^ [ 28.943982] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.944332] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.944733] ================================================================== [ 29.121387] ================================================================== [ 29.121899] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 29.122316] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.122564] [ 29.122670] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.122726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.122741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.122780] Call Trace: [ 29.122803] <TASK> [ 29.122827] dump_stack_lvl+0x73/0xb0 [ 29.122871] print_report+0xd1/0x650 [ 29.122907] ? __virt_addr_valid+0x1db/0x2d0 [ 29.122935] ? kasan_atomics_helper+0x2006/0x5450 [ 29.122963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.123004] ? kasan_atomics_helper+0x2006/0x5450 [ 29.123033] kasan_report+0x141/0x180 [ 29.123070] ? kasan_atomics_helper+0x2006/0x5450 [ 29.123103] kasan_check_range+0x10c/0x1c0 [ 29.123130] __kasan_check_write+0x18/0x20 [ 29.123167] kasan_atomics_helper+0x2006/0x5450 [ 29.123198] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.123227] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.123267] ? kasan_atomics+0x152/0x310 [ 29.123296] kasan_atomics+0x1dc/0x310 [ 29.123322] ? __pfx_kasan_atomics+0x10/0x10 [ 29.123358] ? __pfx_read_tsc+0x10/0x10 [ 29.123384] ? ktime_get_ts64+0x86/0x230 [ 29.123429] kunit_try_run_case+0x1a5/0x480 [ 29.123459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.123486] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.123516] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.123554] ? __kthread_parkme+0x82/0x180 [ 29.123577] ? preempt_count_sub+0x50/0x80 [ 29.123615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.123643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.123671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.123709] kthread+0x337/0x6f0 [ 29.123731] ? trace_preempt_on+0x20/0xc0 [ 29.123773] ? __pfx_kthread+0x10/0x10 [ 29.123797] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.123824] ? calculate_sigpending+0x7b/0xa0 [ 29.123861] ? __pfx_kthread+0x10/0x10 [ 29.123886] ret_from_fork+0x116/0x1d0 [ 29.123908] ? __pfx_kthread+0x10/0x10 [ 29.123944] ret_from_fork_asm+0x1a/0x30 [ 29.123979] </TASK> [ 29.123994] [ 29.132310] Allocated by task 314: [ 29.132563] kasan_save_stack+0x45/0x70 [ 29.132784] kasan_save_track+0x18/0x40 [ 29.133061] kasan_save_alloc_info+0x3b/0x50 [ 29.133432] __kasan_kmalloc+0xb7/0xc0 [ 29.133646] __kmalloc_cache_noprof+0x189/0x420 [ 29.133826] kasan_atomics+0x95/0x310 [ 29.134087] kunit_try_run_case+0x1a5/0x480 [ 29.134315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.134642] kthread+0x337/0x6f0 [ 29.134804] ret_from_fork+0x116/0x1d0 [ 29.134990] ret_from_fork_asm+0x1a/0x30 [ 29.135264] [ 29.135341] The buggy address belongs to the object at ffff88810625b900 [ 29.135341] which belongs to the cache kmalloc-64 of size 64 [ 29.135728] The buggy address is located 0 bytes to the right of [ 29.135728] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.136249] [ 29.136350] The buggy address belongs to the physical page: [ 29.136623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.137263] flags: 0x200000000000000(node=0|zone=2) [ 29.137546] page_type: f5(slab) [ 29.137760] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.138112] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.138351] page dumped because: kasan: bad access detected [ 29.140002] [ 29.140217] Memory state around the buggy address: [ 29.140488] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.140830] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.141560] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.142216] ^ [ 29.142693] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.143309] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.144033] ================================================================== [ 29.207366] ================================================================== [ 29.207718] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 29.208135] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.208487] [ 29.208644] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.208747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.208763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.208814] Call Trace: [ 29.208836] <TASK> [ 29.208859] dump_stack_lvl+0x73/0xb0 [ 29.208918] print_report+0xd1/0x650 [ 29.208944] ? __virt_addr_valid+0x1db/0x2d0 [ 29.208972] ? kasan_atomics_helper+0x218a/0x5450 [ 29.209001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.209032] ? kasan_atomics_helper+0x218a/0x5450 [ 29.209061] kasan_report+0x141/0x180 [ 29.209086] ? kasan_atomics_helper+0x218a/0x5450 [ 29.209120] kasan_check_range+0x10c/0x1c0 [ 29.209147] __kasan_check_write+0x18/0x20 [ 29.209204] kasan_atomics_helper+0x218a/0x5450 [ 29.209235] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.209275] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.209304] ? kasan_atomics+0x152/0x310 [ 29.209358] kasan_atomics+0x1dc/0x310 [ 29.209385] ? __pfx_kasan_atomics+0x10/0x10 [ 29.209445] ? __pfx_read_tsc+0x10/0x10 [ 29.209485] ? ktime_get_ts64+0x86/0x230 [ 29.209515] kunit_try_run_case+0x1a5/0x480 [ 29.209544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.209586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.209614] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.209643] ? __kthread_parkme+0x82/0x180 [ 29.209668] ? preempt_count_sub+0x50/0x80 [ 29.209696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.209725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.209775] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.209816] kthread+0x337/0x6f0 [ 29.209839] ? trace_preempt_on+0x20/0xc0 [ 29.209888] ? __pfx_kthread+0x10/0x10 [ 29.209913] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.209939] ? calculate_sigpending+0x7b/0xa0 [ 29.209968] ? __pfx_kthread+0x10/0x10 [ 29.209994] ret_from_fork+0x116/0x1d0 [ 29.210017] ? __pfx_kthread+0x10/0x10 [ 29.210041] ret_from_fork_asm+0x1a/0x30 [ 29.210077] </TASK> [ 29.210091] [ 29.218435] Allocated by task 314: [ 29.218647] kasan_save_stack+0x45/0x70 [ 29.218880] kasan_save_track+0x18/0x40 [ 29.219127] kasan_save_alloc_info+0x3b/0x50 [ 29.219349] __kasan_kmalloc+0xb7/0xc0 [ 29.219593] __kmalloc_cache_noprof+0x189/0x420 [ 29.219845] kasan_atomics+0x95/0x310 [ 29.220105] kunit_try_run_case+0x1a5/0x480 [ 29.220330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.220590] kthread+0x337/0x6f0 [ 29.220791] ret_from_fork+0x116/0x1d0 [ 29.221041] ret_from_fork_asm+0x1a/0x30 [ 29.221292] [ 29.221419] The buggy address belongs to the object at ffff88810625b900 [ 29.221419] which belongs to the cache kmalloc-64 of size 64 [ 29.221813] The buggy address is located 0 bytes to the right of [ 29.221813] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.225041] [ 29.226288] The buggy address belongs to the physical page: [ 29.226805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.228067] flags: 0x200000000000000(node=0|zone=2) [ 29.228288] page_type: f5(slab) [ 29.228455] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.228710] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.228967] page dumped because: kasan: bad access detected [ 29.229153] [ 29.229228] Memory state around the buggy address: [ 29.230310] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.230776] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.231510] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.231870] ^ [ 29.232091] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.232489] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.232850] ================================================================== [ 29.234088] ================================================================== [ 29.234815] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 29.235218] Read of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.235894] [ 29.236054] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.236267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.236287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.236315] Call Trace: [ 29.236339] <TASK> [ 29.236364] dump_stack_lvl+0x73/0xb0 [ 29.236415] print_report+0xd1/0x650 [ 29.236444] ? __virt_addr_valid+0x1db/0x2d0 [ 29.236474] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.236506] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.236538] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.236570] kasan_report+0x141/0x180 [ 29.236596] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.236632] __asan_report_load8_noabort+0x18/0x20 [ 29.236662] kasan_atomics_helper+0x4fa5/0x5450 [ 29.236693] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.236724] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.236755] ? kasan_atomics+0x152/0x310 [ 29.236785] kasan_atomics+0x1dc/0x310 [ 29.236812] ? __pfx_kasan_atomics+0x10/0x10 [ 29.236841] ? __pfx_read_tsc+0x10/0x10 [ 29.236869] ? ktime_get_ts64+0x86/0x230 [ 29.236914] kunit_try_run_case+0x1a5/0x480 [ 29.236945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.236974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.237004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.237034] ? __kthread_parkme+0x82/0x180 [ 29.237060] ? preempt_count_sub+0x50/0x80 [ 29.237090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.237121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.237150] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.237181] kthread+0x337/0x6f0 [ 29.237205] ? trace_preempt_on+0x20/0xc0 [ 29.237236] ? __pfx_kthread+0x10/0x10 [ 29.237261] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.237289] ? calculate_sigpending+0x7b/0xa0 [ 29.237320] ? __pfx_kthread+0x10/0x10 [ 29.237346] ret_from_fork+0x116/0x1d0 [ 29.237370] ? __pfx_kthread+0x10/0x10 [ 29.237408] ret_from_fork_asm+0x1a/0x30 [ 29.237445] </TASK> [ 29.237460] [ 29.249185] Allocated by task 314: [ 29.249387] kasan_save_stack+0x45/0x70 [ 29.249615] kasan_save_track+0x18/0x40 [ 29.249810] kasan_save_alloc_info+0x3b/0x50 [ 29.250570] __kasan_kmalloc+0xb7/0xc0 [ 29.250765] __kmalloc_cache_noprof+0x189/0x420 [ 29.251316] kasan_atomics+0x95/0x310 [ 29.251702] kunit_try_run_case+0x1a5/0x480 [ 29.252005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.252440] kthread+0x337/0x6f0 [ 29.252732] ret_from_fork+0x116/0x1d0 [ 29.253100] ret_from_fork_asm+0x1a/0x30 [ 29.253349] [ 29.253479] The buggy address belongs to the object at ffff88810625b900 [ 29.253479] which belongs to the cache kmalloc-64 of size 64 [ 29.254378] The buggy address is located 0 bytes to the right of [ 29.254378] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.255283] [ 29.255384] The buggy address belongs to the physical page: [ 29.255791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.256500] flags: 0x200000000000000(node=0|zone=2) [ 29.256890] page_type: f5(slab) [ 29.257200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.257655] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.258182] page dumped because: kasan: bad access detected [ 29.258574] [ 29.258775] Memory state around the buggy address: [ 29.259104] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.259618] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.260046] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.260586] ^ [ 29.260944] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.261384] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.261864] ================================================================== [ 28.013215] ================================================================== [ 28.014239] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 28.014739] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.015441] [ 28.015753] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.015819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.015836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.015864] Call Trace: [ 28.015899] <TASK> [ 28.015922] dump_stack_lvl+0x73/0xb0 [ 28.015959] print_report+0xd1/0x650 [ 28.016010] ? __virt_addr_valid+0x1db/0x2d0 [ 28.016041] ? kasan_atomics_helper+0x8f9/0x5450 [ 28.016071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.016102] ? kasan_atomics_helper+0x8f9/0x5450 [ 28.016134] kasan_report+0x141/0x180 [ 28.016160] ? kasan_atomics_helper+0x8f9/0x5450 [ 28.016207] kasan_check_range+0x10c/0x1c0 [ 28.016241] __kasan_check_write+0x18/0x20 [ 28.016269] kasan_atomics_helper+0x8f9/0x5450 [ 28.016300] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.016331] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.016362] ? kasan_atomics+0x152/0x310 [ 28.016405] kasan_atomics+0x1dc/0x310 [ 28.016433] ? __pfx_kasan_atomics+0x10/0x10 [ 28.016462] ? __pfx_read_tsc+0x10/0x10 [ 28.016489] ? ktime_get_ts64+0x86/0x230 [ 28.016518] kunit_try_run_case+0x1a5/0x480 [ 28.016550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.016579] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.016608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.016638] ? __kthread_parkme+0x82/0x180 [ 28.016664] ? preempt_count_sub+0x50/0x80 [ 28.016693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.016723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.016754] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.016784] kthread+0x337/0x6f0 [ 28.016808] ? trace_preempt_on+0x20/0xc0 [ 28.016837] ? __pfx_kthread+0x10/0x10 [ 28.016863] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.016890] ? calculate_sigpending+0x7b/0xa0 [ 28.016919] ? __pfx_kthread+0x10/0x10 [ 28.016945] ret_from_fork+0x116/0x1d0 [ 28.016969] ? __pfx_kthread+0x10/0x10 [ 28.016994] ret_from_fork_asm+0x1a/0x30 [ 28.017031] </TASK> [ 28.017046] [ 28.030959] Allocated by task 314: [ 28.031735] kasan_save_stack+0x45/0x70 [ 28.032410] kasan_save_track+0x18/0x40 [ 28.032636] kasan_save_alloc_info+0x3b/0x50 [ 28.032812] __kasan_kmalloc+0xb7/0xc0 [ 28.033014] __kmalloc_cache_noprof+0x189/0x420 [ 28.033402] kasan_atomics+0x95/0x310 [ 28.033633] kunit_try_run_case+0x1a5/0x480 [ 28.033848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.034118] kthread+0x337/0x6f0 [ 28.034277] ret_from_fork+0x116/0x1d0 [ 28.034515] ret_from_fork_asm+0x1a/0x30 [ 28.034800] [ 28.034951] The buggy address belongs to the object at ffff88810625b900 [ 28.034951] which belongs to the cache kmalloc-64 of size 64 [ 28.035562] The buggy address is located 0 bytes to the right of [ 28.035562] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.036474] [ 28.036598] The buggy address belongs to the physical page: [ 28.037056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.037634] flags: 0x200000000000000(node=0|zone=2) [ 28.037939] page_type: f5(slab) [ 28.038137] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.038532] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.038930] page dumped because: kasan: bad access detected [ 28.039215] [ 28.039430] Memory state around the buggy address: [ 28.039629] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.040012] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.040577] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.041069] ^ [ 28.041410] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.041794] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.042145] ================================================================== [ 28.860488] ================================================================== [ 28.860989] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 28.861862] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.862232] [ 28.862374] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.862446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.862463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.862493] Call Trace: [ 28.862542] <TASK> [ 28.862578] dump_stack_lvl+0x73/0xb0 [ 28.862646] print_report+0xd1/0x650 [ 28.862703] ? __virt_addr_valid+0x1db/0x2d0 [ 28.862753] ? kasan_atomics_helper+0x194a/0x5450 [ 28.862828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.862891] ? kasan_atomics_helper+0x194a/0x5450 [ 28.862923] kasan_report+0x141/0x180 [ 28.862950] ? kasan_atomics_helper+0x194a/0x5450 [ 28.862986] kasan_check_range+0x10c/0x1c0 [ 28.863014] __kasan_check_write+0x18/0x20 [ 28.863042] kasan_atomics_helper+0x194a/0x5450 [ 28.863072] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.863103] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.863133] ? kasan_atomics+0x152/0x310 [ 28.863164] kasan_atomics+0x1dc/0x310 [ 28.863191] ? __pfx_kasan_atomics+0x10/0x10 [ 28.863219] ? __pfx_read_tsc+0x10/0x10 [ 28.863246] ? ktime_get_ts64+0x86/0x230 [ 28.863276] kunit_try_run_case+0x1a5/0x480 [ 28.863308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.863336] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.863366] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.863410] ? __kthread_parkme+0x82/0x180 [ 28.863435] ? preempt_count_sub+0x50/0x80 [ 28.863465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.863494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.863524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.863585] kthread+0x337/0x6f0 [ 28.863609] ? trace_preempt_on+0x20/0xc0 [ 28.863745] ? __pfx_kthread+0x10/0x10 [ 28.863772] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.863814] ? calculate_sigpending+0x7b/0xa0 [ 28.863845] ? __pfx_kthread+0x10/0x10 [ 28.863873] ret_from_fork+0x116/0x1d0 [ 28.863909] ? __pfx_kthread+0x10/0x10 [ 28.863935] ret_from_fork_asm+0x1a/0x30 [ 28.863973] </TASK> [ 28.863988] [ 28.872975] Allocated by task 314: [ 28.873205] kasan_save_stack+0x45/0x70 [ 28.873429] kasan_save_track+0x18/0x40 [ 28.873698] kasan_save_alloc_info+0x3b/0x50 [ 28.873911] __kasan_kmalloc+0xb7/0xc0 [ 28.874177] __kmalloc_cache_noprof+0x189/0x420 [ 28.874380] kasan_atomics+0x95/0x310 [ 28.874629] kunit_try_run_case+0x1a5/0x480 [ 28.874848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.875255] kthread+0x337/0x6f0 [ 28.875464] ret_from_fork+0x116/0x1d0 [ 28.875640] ret_from_fork_asm+0x1a/0x30 [ 28.875939] [ 28.876056] The buggy address belongs to the object at ffff88810625b900 [ 28.876056] which belongs to the cache kmalloc-64 of size 64 [ 28.876606] The buggy address is located 0 bytes to the right of [ 28.876606] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.877248] [ 28.877416] The buggy address belongs to the physical page: [ 28.877740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.878139] flags: 0x200000000000000(node=0|zone=2) [ 28.878441] page_type: f5(slab) [ 28.878660] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.879051] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.879292] page dumped because: kasan: bad access detected [ 28.879505] [ 28.879599] Memory state around the buggy address: [ 28.879853] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.880202] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.880545] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.880863] ^ [ 28.881032] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.881253] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.881481] ================================================================== [ 29.283914] ================================================================== [ 29.284432] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 29.284815] Read of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.285062] [ 29.285158] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.285215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.285232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.285260] Call Trace: [ 29.285280] <TASK> [ 29.285302] dump_stack_lvl+0x73/0xb0 [ 29.285332] print_report+0xd1/0x650 [ 29.285360] ? __virt_addr_valid+0x1db/0x2d0 [ 29.285405] ? kasan_atomics_helper+0x5115/0x5450 [ 29.285434] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.285465] ? kasan_atomics_helper+0x5115/0x5450 [ 29.285496] kasan_report+0x141/0x180 [ 29.285522] ? kasan_atomics_helper+0x5115/0x5450 [ 29.285573] __asan_report_load8_noabort+0x18/0x20 [ 29.285603] kasan_atomics_helper+0x5115/0x5450 [ 29.285634] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.285664] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.285693] ? kasan_atomics+0x152/0x310 [ 29.285724] kasan_atomics+0x1dc/0x310 [ 29.285751] ? __pfx_kasan_atomics+0x10/0x10 [ 29.285804] ? __pfx_read_tsc+0x10/0x10 [ 29.285831] ? ktime_get_ts64+0x86/0x230 [ 29.285877] kunit_try_run_case+0x1a5/0x480 [ 29.285908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.285936] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.285980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.286025] ? __kthread_parkme+0x82/0x180 [ 29.286065] ? preempt_count_sub+0x50/0x80 [ 29.286108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.286139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.286168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.286198] kthread+0x337/0x6f0 [ 29.286221] ? trace_preempt_on+0x20/0xc0 [ 29.286250] ? __pfx_kthread+0x10/0x10 [ 29.286276] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.286302] ? calculate_sigpending+0x7b/0xa0 [ 29.286332] ? __pfx_kthread+0x10/0x10 [ 29.286358] ret_from_fork+0x116/0x1d0 [ 29.286381] ? __pfx_kthread+0x10/0x10 [ 29.286417] ret_from_fork_asm+0x1a/0x30 [ 29.286453] </TASK> [ 29.286468] [ 29.295582] Allocated by task 314: [ 29.295748] kasan_save_stack+0x45/0x70 [ 29.295988] kasan_save_track+0x18/0x40 [ 29.296189] kasan_save_alloc_info+0x3b/0x50 [ 29.296442] __kasan_kmalloc+0xb7/0xc0 [ 29.296642] __kmalloc_cache_noprof+0x189/0x420 [ 29.296864] kasan_atomics+0x95/0x310 [ 29.297078] kunit_try_run_case+0x1a5/0x480 [ 29.297353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.297659] kthread+0x337/0x6f0 [ 29.297835] ret_from_fork+0x116/0x1d0 [ 29.298028] ret_from_fork_asm+0x1a/0x30 [ 29.298243] [ 29.298347] The buggy address belongs to the object at ffff88810625b900 [ 29.298347] which belongs to the cache kmalloc-64 of size 64 [ 29.299048] The buggy address is located 0 bytes to the right of [ 29.299048] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.299453] [ 29.299556] The buggy address belongs to the physical page: [ 29.299829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.300613] flags: 0x200000000000000(node=0|zone=2) [ 29.300860] page_type: f5(slab) [ 29.301049] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.301453] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.301891] page dumped because: kasan: bad access detected [ 29.302206] [ 29.302304] Memory state around the buggy address: [ 29.302555] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.302912] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.303254] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.303597] ^ [ 29.303763] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.303994] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.304227] ================================================================== [ 28.607545] ================================================================== [ 28.608888] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 28.609831] Read of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.610096] [ 28.610200] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.610260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.610277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.610306] Call Trace: [ 28.610332] <TASK> [ 28.610357] dump_stack_lvl+0x73/0xb0 [ 28.610406] print_report+0xd1/0x650 [ 28.610434] ? __virt_addr_valid+0x1db/0x2d0 [ 28.610464] ? kasan_atomics_helper+0x4eae/0x5450 [ 28.610495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.610526] ? kasan_atomics_helper+0x4eae/0x5450 [ 28.610557] kasan_report+0x141/0x180 [ 28.610585] ? kasan_atomics_helper+0x4eae/0x5450 [ 28.610835] __asan_report_load8_noabort+0x18/0x20 [ 28.610866] kasan_atomics_helper+0x4eae/0x5450 [ 28.610898] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.610929] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.610958] ? kasan_atomics+0x152/0x310 [ 28.610990] kasan_atomics+0x1dc/0x310 [ 28.611237] ? __pfx_kasan_atomics+0x10/0x10 [ 28.611266] ? __pfx_read_tsc+0x10/0x10 [ 28.611293] ? ktime_get_ts64+0x86/0x230 [ 28.611325] kunit_try_run_case+0x1a5/0x480 [ 28.611357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.611386] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.611430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.611460] ? __kthread_parkme+0x82/0x180 [ 28.611486] ? preempt_count_sub+0x50/0x80 [ 28.611515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.611545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.611575] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.611605] kthread+0x337/0x6f0 [ 28.611632] ? trace_preempt_on+0x20/0xc0 [ 28.611661] ? __pfx_kthread+0x10/0x10 [ 28.611687] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.611715] ? calculate_sigpending+0x7b/0xa0 [ 28.611744] ? __pfx_kthread+0x10/0x10 [ 28.611771] ret_from_fork+0x116/0x1d0 [ 28.611795] ? __pfx_kthread+0x10/0x10 [ 28.611821] ret_from_fork_asm+0x1a/0x30 [ 28.611858] </TASK> [ 28.611876] [ 28.624871] Allocated by task 314: [ 28.625100] kasan_save_stack+0x45/0x70 [ 28.625581] kasan_save_track+0x18/0x40 [ 28.625852] kasan_save_alloc_info+0x3b/0x50 [ 28.626755] __kasan_kmalloc+0xb7/0xc0 [ 28.626945] __kmalloc_cache_noprof+0x189/0x420 [ 28.627473] kasan_atomics+0x95/0x310 [ 28.627707] kunit_try_run_case+0x1a5/0x480 [ 28.628106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.628509] kthread+0x337/0x6f0 [ 28.628825] ret_from_fork+0x116/0x1d0 [ 28.629181] ret_from_fork_asm+0x1a/0x30 [ 28.629405] [ 28.629610] The buggy address belongs to the object at ffff88810625b900 [ 28.629610] which belongs to the cache kmalloc-64 of size 64 [ 28.630321] The buggy address is located 0 bytes to the right of [ 28.630321] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.630976] [ 28.631242] The buggy address belongs to the physical page: [ 28.631527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.632147] flags: 0x200000000000000(node=0|zone=2) [ 28.632528] page_type: f5(slab) [ 28.632827] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.633441] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.633907] page dumped because: kasan: bad access detected [ 28.634291] [ 28.634420] Memory state around the buggy address: [ 28.634694] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.635621] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.636210] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.636462] ^ [ 28.636630] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.636862] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.637193] ================================================================== [ 28.638491] ================================================================== [ 28.638918] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 28.639410] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.639719] [ 28.639871] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.639929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.639946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.639973] Call Trace: [ 28.639996] <TASK> [ 28.640017] dump_stack_lvl+0x73/0xb0 [ 28.640049] print_report+0xd1/0x650 [ 28.640076] ? __virt_addr_valid+0x1db/0x2d0 [ 28.640105] ? kasan_atomics_helper+0x1467/0x5450 [ 28.640135] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.640165] ? kasan_atomics_helper+0x1467/0x5450 [ 28.640195] kasan_report+0x141/0x180 [ 28.640221] ? kasan_atomics_helper+0x1467/0x5450 [ 28.640261] kasan_check_range+0x10c/0x1c0 [ 28.640289] __kasan_check_write+0x18/0x20 [ 28.640317] kasan_atomics_helper+0x1467/0x5450 [ 28.640348] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.640378] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.640419] ? kasan_atomics+0x152/0x310 [ 28.640449] kasan_atomics+0x1dc/0x310 [ 28.640476] ? __pfx_kasan_atomics+0x10/0x10 [ 28.640504] ? __pfx_read_tsc+0x10/0x10 [ 28.640530] ? ktime_get_ts64+0x86/0x230 [ 28.640561] kunit_try_run_case+0x1a5/0x480 [ 28.640591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.640619] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.640649] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.640678] ? __kthread_parkme+0x82/0x180 [ 28.640703] ? preempt_count_sub+0x50/0x80 [ 28.640731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.640761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.640790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.640820] kthread+0x337/0x6f0 [ 28.640844] ? trace_preempt_on+0x20/0xc0 [ 28.640872] ? __pfx_kthread+0x10/0x10 [ 28.640915] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.640942] ? calculate_sigpending+0x7b/0xa0 [ 28.640971] ? __pfx_kthread+0x10/0x10 [ 28.640996] ret_from_fork+0x116/0x1d0 [ 28.641019] ? __pfx_kthread+0x10/0x10 [ 28.641045] ret_from_fork_asm+0x1a/0x30 [ 28.641081] </TASK> [ 28.641096] [ 28.648637] Allocated by task 314: [ 28.648776] kasan_save_stack+0x45/0x70 [ 28.648997] kasan_save_track+0x18/0x40 [ 28.649203] kasan_save_alloc_info+0x3b/0x50 [ 28.649453] __kasan_kmalloc+0xb7/0xc0 [ 28.649658] __kmalloc_cache_noprof+0x189/0x420 [ 28.649896] kasan_atomics+0x95/0x310 [ 28.650091] kunit_try_run_case+0x1a5/0x480 [ 28.650294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.650543] kthread+0x337/0x6f0 [ 28.650729] ret_from_fork+0x116/0x1d0 [ 28.650924] ret_from_fork_asm+0x1a/0x30 [ 28.651092] [ 28.651195] The buggy address belongs to the object at ffff88810625b900 [ 28.651195] which belongs to the cache kmalloc-64 of size 64 [ 28.651600] The buggy address is located 0 bytes to the right of [ 28.651600] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.652153] [ 28.652268] The buggy address belongs to the physical page: [ 28.652557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.652962] flags: 0x200000000000000(node=0|zone=2) [ 28.653226] page_type: f5(slab) [ 28.653426] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.653759] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.654125] page dumped because: kasan: bad access detected [ 28.654363] [ 28.654459] Memory state around the buggy address: [ 28.654624] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.654854] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.655215] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.655568] ^ [ 28.655805] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.656171] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.656415] ================================================================== [ 28.042863] ================================================================== [ 28.043250] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 28.043758] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.044255] [ 28.044378] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.044693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.044715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.044743] Call Trace: [ 28.044784] <TASK> [ 28.044810] dump_stack_lvl+0x73/0xb0 [ 28.044845] print_report+0xd1/0x650 [ 28.044872] ? __virt_addr_valid+0x1db/0x2d0 [ 28.044902] ? kasan_atomics_helper+0x992/0x5450 [ 28.044930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.044960] ? kasan_atomics_helper+0x992/0x5450 [ 28.044989] kasan_report+0x141/0x180 [ 28.045026] ? kasan_atomics_helper+0x992/0x5450 [ 28.045059] kasan_check_range+0x10c/0x1c0 [ 28.045099] __kasan_check_write+0x18/0x20 [ 28.045125] kasan_atomics_helper+0x992/0x5450 [ 28.045155] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.045185] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.045213] ? kasan_atomics+0x152/0x310 [ 28.045243] kasan_atomics+0x1dc/0x310 [ 28.045269] ? __pfx_kasan_atomics+0x10/0x10 [ 28.045297] ? __pfx_read_tsc+0x10/0x10 [ 28.045323] ? ktime_get_ts64+0x86/0x230 [ 28.045353] kunit_try_run_case+0x1a5/0x480 [ 28.045384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.045421] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.045450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.045479] ? __kthread_parkme+0x82/0x180 [ 28.045514] ? preempt_count_sub+0x50/0x80 [ 28.045542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.045578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.045608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.045637] kthread+0x337/0x6f0 [ 28.045661] ? trace_preempt_on+0x20/0xc0 [ 28.045688] ? __pfx_kthread+0x10/0x10 [ 28.045714] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.045740] ? calculate_sigpending+0x7b/0xa0 [ 28.045768] ? __pfx_kthread+0x10/0x10 [ 28.045803] ret_from_fork+0x116/0x1d0 [ 28.045826] ? __pfx_kthread+0x10/0x10 [ 28.045850] ret_from_fork_asm+0x1a/0x30 [ 28.045887] </TASK> [ 28.045902] [ 28.055544] Allocated by task 314: [ 28.055713] kasan_save_stack+0x45/0x70 [ 28.056007] kasan_save_track+0x18/0x40 [ 28.056214] kasan_save_alloc_info+0x3b/0x50 [ 28.056669] __kasan_kmalloc+0xb7/0xc0 [ 28.056825] __kmalloc_cache_noprof+0x189/0x420 [ 28.057025] kasan_atomics+0x95/0x310 [ 28.057358] kunit_try_run_case+0x1a5/0x480 [ 28.057994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.058210] kthread+0x337/0x6f0 [ 28.058452] ret_from_fork+0x116/0x1d0 [ 28.058657] ret_from_fork_asm+0x1a/0x30 [ 28.058869] [ 28.059029] The buggy address belongs to the object at ffff88810625b900 [ 28.059029] which belongs to the cache kmalloc-64 of size 64 [ 28.059568] The buggy address is located 0 bytes to the right of [ 28.059568] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.060020] [ 28.060127] The buggy address belongs to the physical page: [ 28.060548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.061116] flags: 0x200000000000000(node=0|zone=2) [ 28.061671] page_type: f5(slab) [ 28.061826] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.062451] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.062708] page dumped because: kasan: bad access detected [ 28.063116] [ 28.063343] Memory state around the buggy address: [ 28.063645] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.064008] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.064535] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.064881] ^ [ 28.065304] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.065799] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.066161] ================================================================== [ 27.963101] ================================================================== [ 27.963581] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 27.964246] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.964526] [ 27.964630] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.964691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.964708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.964737] Call Trace: [ 27.964760] <TASK> [ 27.964783] dump_stack_lvl+0x73/0xb0 [ 27.964816] print_report+0xd1/0x650 [ 27.964843] ? __virt_addr_valid+0x1db/0x2d0 [ 27.964873] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.964919] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.964952] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.964983] kasan_report+0x141/0x180 [ 27.965010] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.965046] kasan_check_range+0x10c/0x1c0 [ 27.965074] __kasan_check_write+0x18/0x20 [ 27.965103] kasan_atomics_helper+0x7c7/0x5450 [ 27.965135] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.965166] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.965196] ? kasan_atomics+0x152/0x310 [ 27.965228] kasan_atomics+0x1dc/0x310 [ 27.965255] ? __pfx_kasan_atomics+0x10/0x10 [ 27.965285] ? __pfx_read_tsc+0x10/0x10 [ 27.965312] ? ktime_get_ts64+0x86/0x230 [ 27.965342] kunit_try_run_case+0x1a5/0x480 [ 27.965373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.965414] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.965443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.965473] ? __kthread_parkme+0x82/0x180 [ 27.965500] ? preempt_count_sub+0x50/0x80 [ 27.965528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.965559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.965590] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.965619] kthread+0x337/0x6f0 [ 27.965644] ? trace_preempt_on+0x20/0xc0 [ 27.965672] ? __pfx_kthread+0x10/0x10 [ 27.965699] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.965726] ? calculate_sigpending+0x7b/0xa0 [ 27.965756] ? __pfx_kthread+0x10/0x10 [ 27.965783] ret_from_fork+0x116/0x1d0 [ 27.965807] ? __pfx_kthread+0x10/0x10 [ 27.965833] ret_from_fork_asm+0x1a/0x30 [ 27.965870] </TASK> [ 27.965886] [ 27.976168] Allocated by task 314: [ 27.976376] kasan_save_stack+0x45/0x70 [ 27.976668] kasan_save_track+0x18/0x40 [ 27.976870] kasan_save_alloc_info+0x3b/0x50 [ 27.977138] __kasan_kmalloc+0xb7/0xc0 [ 27.977411] __kmalloc_cache_noprof+0x189/0x420 [ 27.977650] kasan_atomics+0x95/0x310 [ 27.977905] kunit_try_run_case+0x1a5/0x480 [ 27.978139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.978412] kthread+0x337/0x6f0 [ 27.978546] ret_from_fork+0x116/0x1d0 [ 27.979041] ret_from_fork_asm+0x1a/0x30 [ 27.979477] [ 27.979585] The buggy address belongs to the object at ffff88810625b900 [ 27.979585] which belongs to the cache kmalloc-64 of size 64 [ 27.980245] The buggy address is located 0 bytes to the right of [ 27.980245] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.980867] [ 27.980984] The buggy address belongs to the physical page: [ 27.981537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.981815] flags: 0x200000000000000(node=0|zone=2) [ 27.982547] page_type: f5(slab) [ 27.982757] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.983318] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.983614] page dumped because: kasan: bad access detected [ 27.983873] [ 27.983981] Memory state around the buggy address: [ 27.984429] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.984845] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.985287] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.985551] ^ [ 27.985833] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.986497] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.987173] ================================================================== [ 27.896590] ================================================================== [ 27.896954] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 27.897345] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.897695] [ 27.897826] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.897895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.897910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.897937] Call Trace: [ 27.897960] <TASK> [ 27.897983] dump_stack_lvl+0x73/0xb0 [ 27.898014] print_report+0xd1/0x650 [ 27.898040] ? __virt_addr_valid+0x1db/0x2d0 [ 27.898068] ? kasan_atomics_helper+0x697/0x5450 [ 27.898096] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.898125] ? kasan_atomics_helper+0x697/0x5450 [ 27.898153] kasan_report+0x141/0x180 [ 27.898178] ? kasan_atomics_helper+0x697/0x5450 [ 27.898210] kasan_check_range+0x10c/0x1c0 [ 27.898237] __kasan_check_write+0x18/0x20 [ 27.898263] kasan_atomics_helper+0x697/0x5450 [ 27.898303] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.898331] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.898371] ? kasan_atomics+0x152/0x310 [ 27.898408] kasan_atomics+0x1dc/0x310 [ 27.898432] ? __pfx_kasan_atomics+0x10/0x10 [ 27.898459] ? __pfx_read_tsc+0x10/0x10 [ 27.898484] ? ktime_get_ts64+0x86/0x230 [ 27.898512] kunit_try_run_case+0x1a5/0x480 [ 27.898540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.898566] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.898595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.898622] ? __kthread_parkme+0x82/0x180 [ 27.898646] ? preempt_count_sub+0x50/0x80 [ 27.898673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.898756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.898786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.898814] kthread+0x337/0x6f0 [ 27.898836] ? trace_preempt_on+0x20/0xc0 [ 27.898864] ? __pfx_kthread+0x10/0x10 [ 27.898904] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.898930] ? calculate_sigpending+0x7b/0xa0 [ 27.898969] ? __pfx_kthread+0x10/0x10 [ 27.898994] ret_from_fork+0x116/0x1d0 [ 27.899016] ? __pfx_kthread+0x10/0x10 [ 27.899040] ret_from_fork_asm+0x1a/0x30 [ 27.899075] </TASK> [ 27.899090] [ 27.919806] Allocated by task 314: [ 27.920635] kasan_save_stack+0x45/0x70 [ 27.921381] kasan_save_track+0x18/0x40 [ 27.921940] kasan_save_alloc_info+0x3b/0x50 [ 27.922669] __kasan_kmalloc+0xb7/0xc0 [ 27.923373] __kmalloc_cache_noprof+0x189/0x420 [ 27.923969] kasan_atomics+0x95/0x310 [ 27.924356] kunit_try_run_case+0x1a5/0x480 [ 27.924820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.925595] kthread+0x337/0x6f0 [ 27.925737] ret_from_fork+0x116/0x1d0 [ 27.925877] ret_from_fork_asm+0x1a/0x30 [ 27.926021] [ 27.926097] The buggy address belongs to the object at ffff88810625b900 [ 27.926097] which belongs to the cache kmalloc-64 of size 64 [ 27.927346] The buggy address is located 0 bytes to the right of [ 27.927346] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.928854] [ 27.929107] The buggy address belongs to the physical page: [ 27.929719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.930448] flags: 0x200000000000000(node=0|zone=2) [ 27.930634] page_type: f5(slab) [ 27.930764] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.931278] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.932135] page dumped because: kasan: bad access detected [ 27.932869] [ 27.933059] Memory state around the buggy address: [ 27.933665] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.934465] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.934734] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.934997] ^ [ 27.935521] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.936182] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.937036] ================================================================== [ 29.102604] ================================================================== [ 29.102941] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 29.103291] Read of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.103691] [ 29.103812] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.103870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.103884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.103910] Call Trace: [ 29.103934] <TASK> [ 29.103958] dump_stack_lvl+0x73/0xb0 [ 29.103990] print_report+0xd1/0x650 [ 29.104029] ? __virt_addr_valid+0x1db/0x2d0 [ 29.104058] ? kasan_atomics_helper+0x4f71/0x5450 [ 29.104098] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.104128] ? kasan_atomics_helper+0x4f71/0x5450 [ 29.104157] kasan_report+0x141/0x180 [ 29.104183] ? kasan_atomics_helper+0x4f71/0x5450 [ 29.104217] __asan_report_load8_noabort+0x18/0x20 [ 29.104252] kasan_atomics_helper+0x4f71/0x5450 [ 29.104282] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.104321] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.104349] ? kasan_atomics+0x152/0x310 [ 29.104407] kasan_atomics+0x1dc/0x310 [ 29.104434] ? __pfx_kasan_atomics+0x10/0x10 [ 29.104471] ? __pfx_read_tsc+0x10/0x10 [ 29.104497] ? ktime_get_ts64+0x86/0x230 [ 29.104526] kunit_try_run_case+0x1a5/0x480 [ 29.104555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.104582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.104609] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.104638] ? __kthread_parkme+0x82/0x180 [ 29.104661] ? preempt_count_sub+0x50/0x80 [ 29.104689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.104717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.104744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.104782] kthread+0x337/0x6f0 [ 29.104805] ? trace_preempt_on+0x20/0xc0 [ 29.104845] ? __pfx_kthread+0x10/0x10 [ 29.104868] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.104905] ? calculate_sigpending+0x7b/0xa0 [ 29.104932] ? __pfx_kthread+0x10/0x10 [ 29.104957] ret_from_fork+0x116/0x1d0 [ 29.104989] ? __pfx_kthread+0x10/0x10 [ 29.105013] ret_from_fork_asm+0x1a/0x30 [ 29.105059] </TASK> [ 29.105074] [ 29.112469] Allocated by task 314: [ 29.112840] kasan_save_stack+0x45/0x70 [ 29.113060] kasan_save_track+0x18/0x40 [ 29.113288] kasan_save_alloc_info+0x3b/0x50 [ 29.113537] __kasan_kmalloc+0xb7/0xc0 [ 29.113761] __kmalloc_cache_noprof+0x189/0x420 [ 29.114175] kasan_atomics+0x95/0x310 [ 29.114404] kunit_try_run_case+0x1a5/0x480 [ 29.114614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.114888] kthread+0x337/0x6f0 [ 29.115039] ret_from_fork+0x116/0x1d0 [ 29.115172] ret_from_fork_asm+0x1a/0x30 [ 29.115326] [ 29.115434] The buggy address belongs to the object at ffff88810625b900 [ 29.115434] which belongs to the cache kmalloc-64 of size 64 [ 29.116017] The buggy address is located 0 bytes to the right of [ 29.116017] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.116574] [ 29.116676] The buggy address belongs to the physical page: [ 29.116970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.117288] flags: 0x200000000000000(node=0|zone=2) [ 29.117526] page_type: f5(slab) [ 29.117649] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.117876] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.118097] page dumped because: kasan: bad access detected [ 29.118339] [ 29.118439] Memory state around the buggy address: [ 29.118666] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.118989] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.119307] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.119788] ^ [ 29.119946] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.120166] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.120510] ================================================================== [ 29.185991] ================================================================== [ 29.186695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 29.187201] Read of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.187551] [ 29.187648] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.187705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.187721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.187747] Call Trace: [ 29.187770] <TASK> [ 29.187794] dump_stack_lvl+0x73/0xb0 [ 29.187825] print_report+0xd1/0x650 [ 29.187852] ? __virt_addr_valid+0x1db/0x2d0 [ 29.187880] ? kasan_atomics_helper+0x4fb2/0x5450 [ 29.187908] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.187973] ? kasan_atomics_helper+0x4fb2/0x5450 [ 29.188021] kasan_report+0x141/0x180 [ 29.188060] ? kasan_atomics_helper+0x4fb2/0x5450 [ 29.188131] __asan_report_load8_noabort+0x18/0x20 [ 29.188188] kasan_atomics_helper+0x4fb2/0x5450 [ 29.188253] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.188282] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.188348] ? kasan_atomics+0x152/0x310 [ 29.188414] kasan_atomics+0x1dc/0x310 [ 29.188468] ? __pfx_kasan_atomics+0x10/0x10 [ 29.188513] ? __pfx_read_tsc+0x10/0x10 [ 29.188577] ? ktime_get_ts64+0x86/0x230 [ 29.188606] kunit_try_run_case+0x1a5/0x480 [ 29.188649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.188676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.188706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.188735] ? __kthread_parkme+0x82/0x180 [ 29.188759] ? preempt_count_sub+0x50/0x80 [ 29.188787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.188816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.188845] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.188874] kthread+0x337/0x6f0 [ 29.188897] ? trace_preempt_on+0x20/0xc0 [ 29.188926] ? __pfx_kthread+0x10/0x10 [ 29.188951] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.188977] ? calculate_sigpending+0x7b/0xa0 [ 29.189006] ? __pfx_kthread+0x10/0x10 [ 29.189031] ret_from_fork+0x116/0x1d0 [ 29.189053] ? __pfx_kthread+0x10/0x10 [ 29.189078] ret_from_fork_asm+0x1a/0x30 [ 29.189114] </TASK> [ 29.189128] [ 29.198000] Allocated by task 314: [ 29.198183] kasan_save_stack+0x45/0x70 [ 29.198338] kasan_save_track+0x18/0x40 [ 29.198494] kasan_save_alloc_info+0x3b/0x50 [ 29.198645] __kasan_kmalloc+0xb7/0xc0 [ 29.198785] __kmalloc_cache_noprof+0x189/0x420 [ 29.199120] kasan_atomics+0x95/0x310 [ 29.199323] kunit_try_run_case+0x1a5/0x480 [ 29.199549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.199886] kthread+0x337/0x6f0 [ 29.200044] ret_from_fork+0x116/0x1d0 [ 29.200213] ret_from_fork_asm+0x1a/0x30 [ 29.200486] [ 29.200629] The buggy address belongs to the object at ffff88810625b900 [ 29.200629] which belongs to the cache kmalloc-64 of size 64 [ 29.201165] The buggy address is located 0 bytes to the right of [ 29.201165] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.201763] [ 29.201914] The buggy address belongs to the physical page: [ 29.202177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.202575] flags: 0x200000000000000(node=0|zone=2) [ 29.202910] page_type: f5(slab) [ 29.203092] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.203464] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.203802] page dumped because: kasan: bad access detected [ 29.204142] [ 29.204215] Memory state around the buggy address: [ 29.204522] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.204892] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.205216] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.205600] ^ [ 29.205847] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.206212] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.206542] ================================================================== [ 27.631752] ================================================================== [ 27.632318] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 27.632792] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.633191] [ 27.633441] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.633500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.633516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.633542] Call Trace: [ 27.633558] <TASK> [ 27.633581] dump_stack_lvl+0x73/0xb0 [ 27.633614] print_report+0xd1/0x650 [ 27.633639] ? __virt_addr_valid+0x1db/0x2d0 [ 27.633667] ? kasan_atomics_helper+0x4ba2/0x5450 [ 27.633695] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.633724] ? kasan_atomics_helper+0x4ba2/0x5450 [ 27.633753] kasan_report+0x141/0x180 [ 27.633778] ? kasan_atomics_helper+0x4ba2/0x5450 [ 27.633810] __asan_report_store4_noabort+0x1b/0x30 [ 27.633837] kasan_atomics_helper+0x4ba2/0x5450 [ 27.633867] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.633894] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.633923] ? kasan_atomics+0x152/0x310 [ 27.633953] kasan_atomics+0x1dc/0x310 [ 27.633978] ? __pfx_kasan_atomics+0x10/0x10 [ 27.634004] ? __pfx_read_tsc+0x10/0x10 [ 27.634029] ? ktime_get_ts64+0x86/0x230 [ 27.634058] kunit_try_run_case+0x1a5/0x480 [ 27.634087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.634113] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.634142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.634193] ? __kthread_parkme+0x82/0x180 [ 27.634218] ? preempt_count_sub+0x50/0x80 [ 27.634245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.634273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.634301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.634329] kthread+0x337/0x6f0 [ 27.634351] ? trace_preempt_on+0x20/0xc0 [ 27.634378] ? __pfx_kthread+0x10/0x10 [ 27.634413] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.634438] ? calculate_sigpending+0x7b/0xa0 [ 27.634467] ? __pfx_kthread+0x10/0x10 [ 27.634492] ret_from_fork+0x116/0x1d0 [ 27.634513] ? __pfx_kthread+0x10/0x10 [ 27.634537] ret_from_fork_asm+0x1a/0x30 [ 27.634572] </TASK> [ 27.634585] [ 27.652865] Allocated by task 314: [ 27.653082] kasan_save_stack+0x45/0x70 [ 27.653710] kasan_save_track+0x18/0x40 [ 27.654313] kasan_save_alloc_info+0x3b/0x50 [ 27.654565] __kasan_kmalloc+0xb7/0xc0 [ 27.654766] __kmalloc_cache_noprof+0x189/0x420 [ 27.655610] kasan_atomics+0x95/0x310 [ 27.655889] kunit_try_run_case+0x1a5/0x480 [ 27.656553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.656988] kthread+0x337/0x6f0 [ 27.657308] ret_from_fork+0x116/0x1d0 [ 27.657758] ret_from_fork_asm+0x1a/0x30 [ 27.658245] [ 27.658352] The buggy address belongs to the object at ffff88810625b900 [ 27.658352] which belongs to the cache kmalloc-64 of size 64 [ 27.659367] The buggy address is located 0 bytes to the right of [ 27.659367] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.660560] [ 27.660681] The buggy address belongs to the physical page: [ 27.661140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.661755] flags: 0x200000000000000(node=0|zone=2) [ 27.662363] page_type: f5(slab) [ 27.662631] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.663511] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.663856] page dumped because: kasan: bad access detected [ 27.664102] [ 27.664592] Memory state around the buggy address: [ 27.664915] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.665646] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.666220] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.666552] ^ [ 27.666773] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.667426] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.668503] ================================================================== [ 28.439501] ================================================================== [ 28.439882] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 28.440320] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.440714] [ 28.440933] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.440993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.441011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.441038] Call Trace: [ 28.441063] <TASK> [ 28.441088] dump_stack_lvl+0x73/0xb0 [ 28.441123] print_report+0xd1/0x650 [ 28.441151] ? __virt_addr_valid+0x1db/0x2d0 [ 28.441180] ? kasan_atomics_helper+0x1148/0x5450 [ 28.441210] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.441240] ? kasan_atomics_helper+0x1148/0x5450 [ 28.441271] kasan_report+0x141/0x180 [ 28.441297] ? kasan_atomics_helper+0x1148/0x5450 [ 28.441333] kasan_check_range+0x10c/0x1c0 [ 28.441361] __kasan_check_write+0x18/0x20 [ 28.441388] kasan_atomics_helper+0x1148/0x5450 [ 28.441448] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.441478] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.441508] ? kasan_atomics+0x152/0x310 [ 28.441539] kasan_atomics+0x1dc/0x310 [ 28.441565] ? __pfx_kasan_atomics+0x10/0x10 [ 28.441593] ? __pfx_read_tsc+0x10/0x10 [ 28.441620] ? ktime_get_ts64+0x86/0x230 [ 28.441650] kunit_try_run_case+0x1a5/0x480 [ 28.441681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.441709] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.441738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.441767] ? __kthread_parkme+0x82/0x180 [ 28.441793] ? preempt_count_sub+0x50/0x80 [ 28.441823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.441854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.441893] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.441923] kthread+0x337/0x6f0 [ 28.441948] ? trace_preempt_on+0x20/0xc0 [ 28.441976] ? __pfx_kthread+0x10/0x10 [ 28.442003] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.442031] ? calculate_sigpending+0x7b/0xa0 [ 28.442061] ? __pfx_kthread+0x10/0x10 [ 28.442088] ret_from_fork+0x116/0x1d0 [ 28.442112] ? __pfx_kthread+0x10/0x10 [ 28.442136] ret_from_fork_asm+0x1a/0x30 [ 28.442175] </TASK> [ 28.442190] [ 28.453792] Allocated by task 314: [ 28.454120] kasan_save_stack+0x45/0x70 [ 28.454337] kasan_save_track+0x18/0x40 [ 28.454537] kasan_save_alloc_info+0x3b/0x50 [ 28.454701] __kasan_kmalloc+0xb7/0xc0 [ 28.454849] __kmalloc_cache_noprof+0x189/0x420 [ 28.455018] kasan_atomics+0x95/0x310 [ 28.455206] kunit_try_run_case+0x1a5/0x480 [ 28.455469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.455748] kthread+0x337/0x6f0 [ 28.455941] ret_from_fork+0x116/0x1d0 [ 28.456115] ret_from_fork_asm+0x1a/0x30 [ 28.456312] [ 28.456431] The buggy address belongs to the object at ffff88810625b900 [ 28.456431] which belongs to the cache kmalloc-64 of size 64 [ 28.456835] The buggy address is located 0 bytes to the right of [ 28.456835] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.457478] [ 28.457589] The buggy address belongs to the physical page: [ 28.457822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.458234] flags: 0x200000000000000(node=0|zone=2) [ 28.458490] page_type: f5(slab) [ 28.458669] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.459060] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.459400] page dumped because: kasan: bad access detected [ 28.459646] [ 28.459724] Memory state around the buggy address: [ 28.459925] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.460282] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.460580] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.460843] ^ [ 28.461290] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.461623] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.461924] ================================================================== [ 28.236631] ================================================================== [ 28.237387] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 28.238425] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.239310] [ 28.239876] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.239942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.239958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.239985] Call Trace: [ 28.240004] <TASK> [ 28.240028] dump_stack_lvl+0x73/0xb0 [ 28.240062] print_report+0xd1/0x650 [ 28.240090] ? __virt_addr_valid+0x1db/0x2d0 [ 28.240136] ? kasan_atomics_helper+0xde0/0x5450 [ 28.240165] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.240234] ? kasan_atomics_helper+0xde0/0x5450 [ 28.240264] kasan_report+0x141/0x180 [ 28.240290] ? kasan_atomics_helper+0xde0/0x5450 [ 28.240324] kasan_check_range+0x10c/0x1c0 [ 28.240351] __kasan_check_write+0x18/0x20 [ 28.240378] kasan_atomics_helper+0xde0/0x5450 [ 28.240419] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.240449] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.240478] ? kasan_atomics+0x152/0x310 [ 28.240508] kasan_atomics+0x1dc/0x310 [ 28.240534] ? __pfx_kasan_atomics+0x10/0x10 [ 28.240561] ? __pfx_read_tsc+0x10/0x10 [ 28.240588] ? ktime_get_ts64+0x86/0x230 [ 28.240617] kunit_try_run_case+0x1a5/0x480 [ 28.240648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.240675] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.240705] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.240733] ? __kthread_parkme+0x82/0x180 [ 28.240758] ? preempt_count_sub+0x50/0x80 [ 28.240786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.240818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.240847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.240876] kthread+0x337/0x6f0 [ 28.240962] ? trace_preempt_on+0x20/0xc0 [ 28.240993] ? __pfx_kthread+0x10/0x10 [ 28.241018] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.241045] ? calculate_sigpending+0x7b/0xa0 [ 28.241074] ? __pfx_kthread+0x10/0x10 [ 28.241101] ret_from_fork+0x116/0x1d0 [ 28.241125] ? __pfx_kthread+0x10/0x10 [ 28.241213] ret_from_fork_asm+0x1a/0x30 [ 28.241255] </TASK> [ 28.241270] [ 28.253610] Allocated by task 314: [ 28.253826] kasan_save_stack+0x45/0x70 [ 28.254259] kasan_save_track+0x18/0x40 [ 28.254652] kasan_save_alloc_info+0x3b/0x50 [ 28.255146] __kasan_kmalloc+0xb7/0xc0 [ 28.255541] __kmalloc_cache_noprof+0x189/0x420 [ 28.256014] kasan_atomics+0x95/0x310 [ 28.256405] kunit_try_run_case+0x1a5/0x480 [ 28.256904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.257168] kthread+0x337/0x6f0 [ 28.257299] ret_from_fork+0x116/0x1d0 [ 28.257471] ret_from_fork_asm+0x1a/0x30 [ 28.257810] [ 28.258023] The buggy address belongs to the object at ffff88810625b900 [ 28.258023] which belongs to the cache kmalloc-64 of size 64 [ 28.259311] The buggy address is located 0 bytes to the right of [ 28.259311] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.260596] [ 28.260794] The buggy address belongs to the physical page: [ 28.261172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.261462] flags: 0x200000000000000(node=0|zone=2) [ 28.261718] page_type: f5(slab) [ 28.261985] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.262725] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.263037] page dumped because: kasan: bad access detected [ 28.263622] [ 28.263789] Memory state around the buggy address: [ 28.264339] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.264952] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.265198] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.265808] ^ [ 28.266289] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.266681] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.267304] ================================================================== [ 28.089729] ================================================================== [ 28.090470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 28.090904] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.091371] [ 28.091525] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.091595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.091612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.091638] Call Trace: [ 28.091661] <TASK> [ 28.091685] dump_stack_lvl+0x73/0xb0 [ 28.091720] print_report+0xd1/0x650 [ 28.091746] ? __virt_addr_valid+0x1db/0x2d0 [ 28.091775] ? kasan_atomics_helper+0xac7/0x5450 [ 28.091804] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.091834] ? kasan_atomics_helper+0xac7/0x5450 [ 28.091863] kasan_report+0x141/0x180 [ 28.091888] ? kasan_atomics_helper+0xac7/0x5450 [ 28.091921] kasan_check_range+0x10c/0x1c0 [ 28.091959] __kasan_check_write+0x18/0x20 [ 28.091986] kasan_atomics_helper+0xac7/0x5450 [ 28.092028] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.092057] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.092086] ? kasan_atomics+0x152/0x310 [ 28.092126] kasan_atomics+0x1dc/0x310 [ 28.092152] ? __pfx_kasan_atomics+0x10/0x10 [ 28.092180] ? __pfx_read_tsc+0x10/0x10 [ 28.092440] ? ktime_get_ts64+0x86/0x230 [ 28.092485] kunit_try_run_case+0x1a5/0x480 [ 28.092517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.092545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.092574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.092604] ? __kthread_parkme+0x82/0x180 [ 28.092629] ? preempt_count_sub+0x50/0x80 [ 28.092657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.092687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.092717] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.092745] kthread+0x337/0x6f0 [ 28.092770] ? trace_preempt_on+0x20/0xc0 [ 28.092800] ? __pfx_kthread+0x10/0x10 [ 28.092825] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.092851] ? calculate_sigpending+0x7b/0xa0 [ 28.092880] ? __pfx_kthread+0x10/0x10 [ 28.092905] ret_from_fork+0x116/0x1d0 [ 28.092943] ? __pfx_kthread+0x10/0x10 [ 28.092968] ret_from_fork_asm+0x1a/0x30 [ 28.093019] </TASK> [ 28.093034] [ 28.102606] Allocated by task 314: [ 28.102758] kasan_save_stack+0x45/0x70 [ 28.102918] kasan_save_track+0x18/0x40 [ 28.103126] kasan_save_alloc_info+0x3b/0x50 [ 28.103476] __kasan_kmalloc+0xb7/0xc0 [ 28.103735] __kmalloc_cache_noprof+0x189/0x420 [ 28.104242] kasan_atomics+0x95/0x310 [ 28.104606] kunit_try_run_case+0x1a5/0x480 [ 28.104818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.105225] kthread+0x337/0x6f0 [ 28.105464] ret_from_fork+0x116/0x1d0 [ 28.105705] ret_from_fork_asm+0x1a/0x30 [ 28.105855] [ 28.105930] The buggy address belongs to the object at ffff88810625b900 [ 28.105930] which belongs to the cache kmalloc-64 of size 64 [ 28.106988] The buggy address is located 0 bytes to the right of [ 28.106988] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.107998] [ 28.108126] The buggy address belongs to the physical page: [ 28.108998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.109468] flags: 0x200000000000000(node=0|zone=2) [ 28.109723] page_type: f5(slab) [ 28.110355] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.110735] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.111568] page dumped because: kasan: bad access detected [ 28.112009] [ 28.112112] Memory state around the buggy address: [ 28.112630] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.112903] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.113239] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.113686] ^ [ 28.114025] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.114609] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.114957] ================================================================== [ 28.395103] ================================================================== [ 28.395511] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 28.395946] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.396375] [ 28.396512] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.396572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.396588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.396619] Call Trace: [ 28.396643] <TASK> [ 28.396664] dump_stack_lvl+0x73/0xb0 [ 28.396698] print_report+0xd1/0x650 [ 28.396728] ? __virt_addr_valid+0x1db/0x2d0 [ 28.396760] ? kasan_atomics_helper+0x1079/0x5450 [ 28.396792] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.396824] ? kasan_atomics_helper+0x1079/0x5450 [ 28.396858] kasan_report+0x141/0x180 [ 28.396897] ? kasan_atomics_helper+0x1079/0x5450 [ 28.396934] kasan_check_range+0x10c/0x1c0 [ 28.396964] __kasan_check_write+0x18/0x20 [ 28.396993] kasan_atomics_helper+0x1079/0x5450 [ 28.397024] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.397056] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.397086] ? kasan_atomics+0x152/0x310 [ 28.397118] kasan_atomics+0x1dc/0x310 [ 28.397146] ? __pfx_kasan_atomics+0x10/0x10 [ 28.397175] ? __pfx_read_tsc+0x10/0x10 [ 28.397202] ? ktime_get_ts64+0x86/0x230 [ 28.397232] kunit_try_run_case+0x1a5/0x480 [ 28.397264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.397293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.397323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.397355] ? __kthread_parkme+0x82/0x180 [ 28.397381] ? preempt_count_sub+0x50/0x80 [ 28.397424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.397455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.397485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.397517] kthread+0x337/0x6f0 [ 28.397543] ? trace_preempt_on+0x20/0xc0 [ 28.397575] ? __pfx_kthread+0x10/0x10 [ 28.397602] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.397630] ? calculate_sigpending+0x7b/0xa0 [ 28.397661] ? __pfx_kthread+0x10/0x10 [ 28.397688] ret_from_fork+0x116/0x1d0 [ 28.397713] ? __pfx_kthread+0x10/0x10 [ 28.397739] ret_from_fork_asm+0x1a/0x30 [ 28.397778] </TASK> [ 28.397794] [ 28.406162] Allocated by task 314: [ 28.406360] kasan_save_stack+0x45/0x70 [ 28.406590] kasan_save_track+0x18/0x40 [ 28.406811] kasan_save_alloc_info+0x3b/0x50 [ 28.407039] __kasan_kmalloc+0xb7/0xc0 [ 28.407247] __kmalloc_cache_noprof+0x189/0x420 [ 28.407430] kasan_atomics+0x95/0x310 [ 28.407578] kunit_try_run_case+0x1a5/0x480 [ 28.407740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.408133] kthread+0x337/0x6f0 [ 28.408322] ret_from_fork+0x116/0x1d0 [ 28.408545] ret_from_fork_asm+0x1a/0x30 [ 28.408765] [ 28.408873] The buggy address belongs to the object at ffff88810625b900 [ 28.408873] which belongs to the cache kmalloc-64 of size 64 [ 28.409564] The buggy address is located 0 bytes to the right of [ 28.409564] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.410105] [ 28.410187] The buggy address belongs to the physical page: [ 28.410469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.410843] flags: 0x200000000000000(node=0|zone=2) [ 28.411049] page_type: f5(slab) [ 28.411186] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.411459] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.411760] page dumped because: kasan: bad access detected [ 28.412040] [ 28.412152] Memory state around the buggy address: [ 28.412416] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.412771] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.413104] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.413341] ^ [ 28.413521] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.413762] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.414511] ================================================================== [ 28.140905] ================================================================== [ 28.141423] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 28.141818] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.142147] [ 28.142422] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.142487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.142504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.142533] Call Trace: [ 28.142558] <TASK> [ 28.142585] dump_stack_lvl+0x73/0xb0 [ 28.142620] print_report+0xd1/0x650 [ 28.142647] ? __virt_addr_valid+0x1db/0x2d0 [ 28.142677] ? kasan_atomics_helper+0xc70/0x5450 [ 28.142706] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.142737] ? kasan_atomics_helper+0xc70/0x5450 [ 28.142768] kasan_report+0x141/0x180 [ 28.142795] ? kasan_atomics_helper+0xc70/0x5450 [ 28.142843] kasan_check_range+0x10c/0x1c0 [ 28.142872] __kasan_check_write+0x18/0x20 [ 28.142913] kasan_atomics_helper+0xc70/0x5450 [ 28.142945] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.142975] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.143005] ? kasan_atomics+0x152/0x310 [ 28.143037] kasan_atomics+0x1dc/0x310 [ 28.143064] ? __pfx_kasan_atomics+0x10/0x10 [ 28.143093] ? __pfx_read_tsc+0x10/0x10 [ 28.143120] ? ktime_get_ts64+0x86/0x230 [ 28.143150] kunit_try_run_case+0x1a5/0x480 [ 28.143182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.143223] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.143253] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.143283] ? __kthread_parkme+0x82/0x180 [ 28.143309] ? preempt_count_sub+0x50/0x80 [ 28.143412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.143447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.143489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.143519] kthread+0x337/0x6f0 [ 28.143557] ? trace_preempt_on+0x20/0xc0 [ 28.143586] ? __pfx_kthread+0x10/0x10 [ 28.143613] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.143640] ? calculate_sigpending+0x7b/0xa0 [ 28.143670] ? __pfx_kthread+0x10/0x10 [ 28.143697] ret_from_fork+0x116/0x1d0 [ 28.143722] ? __pfx_kthread+0x10/0x10 [ 28.143748] ret_from_fork_asm+0x1a/0x30 [ 28.143785] </TASK> [ 28.143800] [ 28.153447] Allocated by task 314: [ 28.153701] kasan_save_stack+0x45/0x70 [ 28.153884] kasan_save_track+0x18/0x40 [ 28.154297] kasan_save_alloc_info+0x3b/0x50 [ 28.154788] __kasan_kmalloc+0xb7/0xc0 [ 28.155217] __kmalloc_cache_noprof+0x189/0x420 [ 28.155456] kasan_atomics+0x95/0x310 [ 28.155674] kunit_try_run_case+0x1a5/0x480 [ 28.156036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.156465] kthread+0x337/0x6f0 [ 28.156692] ret_from_fork+0x116/0x1d0 [ 28.156879] ret_from_fork_asm+0x1a/0x30 [ 28.157111] [ 28.157298] The buggy address belongs to the object at ffff88810625b900 [ 28.157298] which belongs to the cache kmalloc-64 of size 64 [ 28.158460] The buggy address is located 0 bytes to the right of [ 28.158460] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.159020] [ 28.159132] The buggy address belongs to the physical page: [ 28.159370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.159656] flags: 0x200000000000000(node=0|zone=2) [ 28.160036] page_type: f5(slab) [ 28.160418] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.160826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.161672] page dumped because: kasan: bad access detected [ 28.161880] [ 28.161993] Memory state around the buggy address: [ 28.162735] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.163114] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.163998] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.165135] ^ [ 28.165341] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.165610] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.165855] ================================================================== [ 27.938039] ================================================================== [ 27.938516] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 27.938781] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.939276] [ 27.939383] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.939456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.939472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.939500] Call Trace: [ 27.939523] <TASK> [ 27.939548] dump_stack_lvl+0x73/0xb0 [ 27.939580] print_report+0xd1/0x650 [ 27.939608] ? __virt_addr_valid+0x1db/0x2d0 [ 27.939636] ? kasan_atomics_helper+0x72f/0x5450 [ 27.939664] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.939694] ? kasan_atomics_helper+0x72f/0x5450 [ 27.939723] kasan_report+0x141/0x180 [ 27.939749] ? kasan_atomics_helper+0x72f/0x5450 [ 27.939783] kasan_check_range+0x10c/0x1c0 [ 27.939812] __kasan_check_write+0x18/0x20 [ 27.939838] kasan_atomics_helper+0x72f/0x5450 [ 27.939868] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.939908] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.939937] ? kasan_atomics+0x152/0x310 [ 27.939968] kasan_atomics+0x1dc/0x310 [ 27.939994] ? __pfx_kasan_atomics+0x10/0x10 [ 27.940022] ? __pfx_read_tsc+0x10/0x10 [ 27.940048] ? ktime_get_ts64+0x86/0x230 [ 27.940078] kunit_try_run_case+0x1a5/0x480 [ 27.940108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.940135] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.940378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.940424] ? __kthread_parkme+0x82/0x180 [ 27.940451] ? preempt_count_sub+0x50/0x80 [ 27.940479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.940509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.940539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.940567] kthread+0x337/0x6f0 [ 27.940591] ? trace_preempt_on+0x20/0xc0 [ 27.940620] ? __pfx_kthread+0x10/0x10 [ 27.940645] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.940670] ? calculate_sigpending+0x7b/0xa0 [ 27.940699] ? __pfx_kthread+0x10/0x10 [ 27.940725] ret_from_fork+0x116/0x1d0 [ 27.940747] ? __pfx_kthread+0x10/0x10 [ 27.940772] ret_from_fork_asm+0x1a/0x30 [ 27.940809] </TASK> [ 27.940823] [ 27.952899] Allocated by task 314: [ 27.953216] kasan_save_stack+0x45/0x70 [ 27.953411] kasan_save_track+0x18/0x40 [ 27.953562] kasan_save_alloc_info+0x3b/0x50 [ 27.953726] __kasan_kmalloc+0xb7/0xc0 [ 27.953931] __kmalloc_cache_noprof+0x189/0x420 [ 27.954175] kasan_atomics+0x95/0x310 [ 27.954412] kunit_try_run_case+0x1a5/0x480 [ 27.954762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.955047] kthread+0x337/0x6f0 [ 27.955304] ret_from_fork+0x116/0x1d0 [ 27.955533] ret_from_fork_asm+0x1a/0x30 [ 27.955745] [ 27.955843] The buggy address belongs to the object at ffff88810625b900 [ 27.955843] which belongs to the cache kmalloc-64 of size 64 [ 27.956340] The buggy address is located 0 bytes to the right of [ 27.956340] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.957491] [ 27.957612] The buggy address belongs to the physical page: [ 27.957808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.958205] flags: 0x200000000000000(node=0|zone=2) [ 27.958553] page_type: f5(slab) [ 27.958749] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.959122] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.959535] page dumped because: kasan: bad access detected [ 27.959817] [ 27.959925] Memory state around the buggy address: [ 27.960303] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.960657] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.960912] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.961611] ^ [ 27.961886] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.962278] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.962633] ================================================================== [ 27.732809] ================================================================== [ 27.733337] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 27.733858] Read of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.734640] [ 27.735001] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.735167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.735185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.735213] Call Trace: [ 27.735354] <TASK> [ 27.735380] dump_stack_lvl+0x73/0xb0 [ 27.735456] print_report+0xd1/0x650 [ 27.735567] ? __virt_addr_valid+0x1db/0x2d0 [ 27.735602] ? kasan_atomics_helper+0x3df/0x5450 [ 27.735630] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.735660] ? kasan_atomics_helper+0x3df/0x5450 [ 27.735689] kasan_report+0x141/0x180 [ 27.735715] ? kasan_atomics_helper+0x3df/0x5450 [ 27.735748] kasan_check_range+0x10c/0x1c0 [ 27.735774] __kasan_check_read+0x15/0x20 [ 27.735801] kasan_atomics_helper+0x3df/0x5450 [ 27.735830] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.735860] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.735889] ? kasan_atomics+0x152/0x310 [ 27.735917] kasan_atomics+0x1dc/0x310 [ 27.735943] ? __pfx_kasan_atomics+0x10/0x10 [ 27.735971] ? __pfx_read_tsc+0x10/0x10 [ 27.735996] ? ktime_get_ts64+0x86/0x230 [ 27.736025] kunit_try_run_case+0x1a5/0x480 [ 27.736055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.736083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.736111] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.736139] ? __kthread_parkme+0x82/0x180 [ 27.736165] ? preempt_count_sub+0x50/0x80 [ 27.736193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.736229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.736259] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.736288] kthread+0x337/0x6f0 [ 27.736311] ? trace_preempt_on+0x20/0xc0 [ 27.736340] ? __pfx_kthread+0x10/0x10 [ 27.736364] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.736402] ? calculate_sigpending+0x7b/0xa0 [ 27.736430] ? __pfx_kthread+0x10/0x10 [ 27.736456] ret_from_fork+0x116/0x1d0 [ 27.736480] ? __pfx_kthread+0x10/0x10 [ 27.736504] ret_from_fork_asm+0x1a/0x30 [ 27.736543] </TASK> [ 27.736559] [ 27.753029] Allocated by task 314: [ 27.753208] kasan_save_stack+0x45/0x70 [ 27.753420] kasan_save_track+0x18/0x40 [ 27.753566] kasan_save_alloc_info+0x3b/0x50 [ 27.754308] __kasan_kmalloc+0xb7/0xc0 [ 27.754495] __kmalloc_cache_noprof+0x189/0x420 [ 27.754735] kasan_atomics+0x95/0x310 [ 27.755223] kunit_try_run_case+0x1a5/0x480 [ 27.755543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.755828] kthread+0x337/0x6f0 [ 27.756131] ret_from_fork+0x116/0x1d0 [ 27.756446] ret_from_fork_asm+0x1a/0x30 [ 27.756656] [ 27.756752] The buggy address belongs to the object at ffff88810625b900 [ 27.756752] which belongs to the cache kmalloc-64 of size 64 [ 27.757691] The buggy address is located 0 bytes to the right of [ 27.757691] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.758651] [ 27.758745] The buggy address belongs to the physical page: [ 27.759085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.759538] flags: 0x200000000000000(node=0|zone=2) [ 27.760088] page_type: f5(slab) [ 27.760290] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.760882] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.761369] page dumped because: kasan: bad access detected [ 27.761738] [ 27.761872] Memory state around the buggy address: [ 27.762087] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.762448] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.763278] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.763747] ^ [ 27.764049] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.764661] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.765137] ================================================================== [ 28.481681] ================================================================== [ 28.482482] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 28.482908] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.483144] [ 28.483302] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.483358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.483373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.483412] Call Trace: [ 28.483436] <TASK> [ 28.483458] dump_stack_lvl+0x73/0xb0 [ 28.483488] print_report+0xd1/0x650 [ 28.483514] ? __virt_addr_valid+0x1db/0x2d0 [ 28.483542] ? kasan_atomics_helper+0x1217/0x5450 [ 28.483570] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.483599] ? kasan_atomics_helper+0x1217/0x5450 [ 28.483628] kasan_report+0x141/0x180 [ 28.483653] ? kasan_atomics_helper+0x1217/0x5450 [ 28.483689] kasan_check_range+0x10c/0x1c0 [ 28.483717] __kasan_check_write+0x18/0x20 [ 28.483744] kasan_atomics_helper+0x1217/0x5450 [ 28.483773] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.483801] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.483829] ? kasan_atomics+0x152/0x310 [ 28.483859] kasan_atomics+0x1dc/0x310 [ 28.483886] ? __pfx_kasan_atomics+0x10/0x10 [ 28.483914] ? __pfx_read_tsc+0x10/0x10 [ 28.483938] ? ktime_get_ts64+0x86/0x230 [ 28.483969] kunit_try_run_case+0x1a5/0x480 [ 28.483997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.484024] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.484052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.484080] ? __kthread_parkme+0x82/0x180 [ 28.484104] ? preempt_count_sub+0x50/0x80 [ 28.484132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.484160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.484188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.484216] kthread+0x337/0x6f0 [ 28.484244] ? trace_preempt_on+0x20/0xc0 [ 28.484272] ? __pfx_kthread+0x10/0x10 [ 28.484295] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.484320] ? calculate_sigpending+0x7b/0xa0 [ 28.484348] ? __pfx_kthread+0x10/0x10 [ 28.484373] ret_from_fork+0x116/0x1d0 [ 28.484417] ? __pfx_kthread+0x10/0x10 [ 28.484441] ret_from_fork_asm+0x1a/0x30 [ 28.484476] </TASK> [ 28.484490] [ 28.496008] Allocated by task 314: [ 28.496449] kasan_save_stack+0x45/0x70 [ 28.496727] kasan_save_track+0x18/0x40 [ 28.496895] kasan_save_alloc_info+0x3b/0x50 [ 28.497186] __kasan_kmalloc+0xb7/0xc0 [ 28.497379] __kmalloc_cache_noprof+0x189/0x420 [ 28.497629] kasan_atomics+0x95/0x310 [ 28.497784] kunit_try_run_case+0x1a5/0x480 [ 28.498354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.498613] kthread+0x337/0x6f0 [ 28.498751] ret_from_fork+0x116/0x1d0 [ 28.499113] ret_from_fork_asm+0x1a/0x30 [ 28.499312] [ 28.499562] The buggy address belongs to the object at ffff88810625b900 [ 28.499562] which belongs to the cache kmalloc-64 of size 64 [ 28.500189] The buggy address is located 0 bytes to the right of [ 28.500189] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.500789] [ 28.500892] The buggy address belongs to the physical page: [ 28.501212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.501569] flags: 0x200000000000000(node=0|zone=2) [ 28.501790] page_type: f5(slab) [ 28.502230] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.502557] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.502949] page dumped because: kasan: bad access detected [ 28.503211] [ 28.503439] Memory state around the buggy address: [ 28.503629] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.504172] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.504560] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.504991] ^ [ 28.505179] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.505621] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.506028] ================================================================== [ 28.115650] ================================================================== [ 28.116029] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 28.116562] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.116885] [ 28.117319] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.117382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.117412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.117439] Call Trace: [ 28.117463] <TASK> [ 28.117569] dump_stack_lvl+0x73/0xb0 [ 28.117609] print_report+0xd1/0x650 [ 28.117639] ? __virt_addr_valid+0x1db/0x2d0 [ 28.117669] ? kasan_atomics_helper+0xb6a/0x5450 [ 28.117699] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.117730] ? kasan_atomics_helper+0xb6a/0x5450 [ 28.117759] kasan_report+0x141/0x180 [ 28.117786] ? kasan_atomics_helper+0xb6a/0x5450 [ 28.117820] kasan_check_range+0x10c/0x1c0 [ 28.117860] __kasan_check_write+0x18/0x20 [ 28.117889] kasan_atomics_helper+0xb6a/0x5450 [ 28.117931] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.117962] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.117992] ? kasan_atomics+0x152/0x310 [ 28.118023] kasan_atomics+0x1dc/0x310 [ 28.118050] ? __pfx_kasan_atomics+0x10/0x10 [ 28.118079] ? __pfx_read_tsc+0x10/0x10 [ 28.118105] ? ktime_get_ts64+0x86/0x230 [ 28.118136] kunit_try_run_case+0x1a5/0x480 [ 28.118167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.118195] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.118226] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.118255] ? __kthread_parkme+0x82/0x180 [ 28.118279] ? preempt_count_sub+0x50/0x80 [ 28.118308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.118412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.118448] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.118480] kthread+0x337/0x6f0 [ 28.118505] ? trace_preempt_on+0x20/0xc0 [ 28.118534] ? __pfx_kthread+0x10/0x10 [ 28.118560] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.118587] ? calculate_sigpending+0x7b/0xa0 [ 28.118616] ? __pfx_kthread+0x10/0x10 [ 28.118643] ret_from_fork+0x116/0x1d0 [ 28.118667] ? __pfx_kthread+0x10/0x10 [ 28.118692] ret_from_fork_asm+0x1a/0x30 [ 28.118729] </TASK> [ 28.118745] [ 28.128881] Allocated by task 314: [ 28.129144] kasan_save_stack+0x45/0x70 [ 28.129486] kasan_save_track+0x18/0x40 [ 28.129655] kasan_save_alloc_info+0x3b/0x50 [ 28.129822] __kasan_kmalloc+0xb7/0xc0 [ 28.130087] __kmalloc_cache_noprof+0x189/0x420 [ 28.130537] kasan_atomics+0x95/0x310 [ 28.130737] kunit_try_run_case+0x1a5/0x480 [ 28.130899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.131089] kthread+0x337/0x6f0 [ 28.131220] ret_from_fork+0x116/0x1d0 [ 28.131643] ret_from_fork_asm+0x1a/0x30 [ 28.132043] [ 28.132161] The buggy address belongs to the object at ffff88810625b900 [ 28.132161] which belongs to the cache kmalloc-64 of size 64 [ 28.133153] The buggy address is located 0 bytes to the right of [ 28.133153] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.133874] [ 28.133963] The buggy address belongs to the physical page: [ 28.134238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.134871] flags: 0x200000000000000(node=0|zone=2) [ 28.135067] page_type: f5(slab) [ 28.135201] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.135955] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.136218] page dumped because: kasan: bad access detected [ 28.136417] [ 28.136694] Memory state around the buggy address: [ 28.137434] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.137818] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.138410] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.138702] ^ [ 28.138932] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.139504] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.139751] ================================================================== [ 28.945786] ================================================================== [ 28.946068] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 28.946673] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.947215] [ 28.947346] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.947477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.947495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.947535] Call Trace: [ 28.947559] <TASK> [ 28.947583] dump_stack_lvl+0x73/0xb0 [ 28.947617] print_report+0xd1/0x650 [ 28.947643] ? __virt_addr_valid+0x1db/0x2d0 [ 28.947672] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.947702] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.947735] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.947766] kasan_report+0x141/0x180 [ 28.947791] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.947826] kasan_check_range+0x10c/0x1c0 [ 28.947852] __kasan_check_write+0x18/0x20 [ 28.947879] kasan_atomics_helper+0x1c18/0x5450 [ 28.948470] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.948507] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.948539] ? kasan_atomics+0x152/0x310 [ 28.948570] kasan_atomics+0x1dc/0x310 [ 28.948597] ? __pfx_kasan_atomics+0x10/0x10 [ 28.948624] ? __pfx_read_tsc+0x10/0x10 [ 28.948651] ? ktime_get_ts64+0x86/0x230 [ 28.948680] kunit_try_run_case+0x1a5/0x480 [ 28.948709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.948736] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.948766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.948794] ? __kthread_parkme+0x82/0x180 [ 28.948818] ? preempt_count_sub+0x50/0x80 [ 28.948845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.949434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.949481] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.949513] kthread+0x337/0x6f0 [ 28.949539] ? trace_preempt_on+0x20/0xc0 [ 28.949570] ? __pfx_kthread+0x10/0x10 [ 28.949595] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.949623] ? calculate_sigpending+0x7b/0xa0 [ 28.949651] ? __pfx_kthread+0x10/0x10 [ 28.949676] ret_from_fork+0x116/0x1d0 [ 28.949699] ? __pfx_kthread+0x10/0x10 [ 28.949724] ret_from_fork_asm+0x1a/0x30 [ 28.949762] </TASK> [ 28.949778] [ 28.960952] Allocated by task 314: [ 28.961105] kasan_save_stack+0x45/0x70 [ 28.961264] kasan_save_track+0x18/0x40 [ 28.961468] kasan_save_alloc_info+0x3b/0x50 [ 28.962002] __kasan_kmalloc+0xb7/0xc0 [ 28.962231] __kmalloc_cache_noprof+0x189/0x420 [ 28.962440] kasan_atomics+0x95/0x310 [ 28.962575] kunit_try_run_case+0x1a5/0x480 [ 28.962723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.962903] kthread+0x337/0x6f0 [ 28.963027] ret_from_fork+0x116/0x1d0 [ 28.963161] ret_from_fork_asm+0x1a/0x30 [ 28.963303] [ 28.963373] The buggy address belongs to the object at ffff88810625b900 [ 28.963373] which belongs to the cache kmalloc-64 of size 64 [ 28.963752] The buggy address is located 0 bytes to the right of [ 28.963752] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.964115] [ 28.964191] The buggy address belongs to the physical page: [ 28.964370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.965043] flags: 0x200000000000000(node=0|zone=2) [ 28.965294] page_type: f5(slab) [ 28.965498] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.965949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.966327] page dumped because: kasan: bad access detected [ 28.966585] [ 28.966678] Memory state around the buggy address: [ 28.966900] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.968164] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.968972] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.969191] ^ [ 28.969443] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.969713] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.970598] ================================================================== [ 29.016699] ================================================================== [ 29.017082] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 29.017598] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.017858] [ 29.018155] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.018253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.018282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.018309] Call Trace: [ 29.018332] <TASK> [ 29.018358] dump_stack_lvl+0x73/0xb0 [ 29.018402] print_report+0xd1/0x650 [ 29.018427] ? __virt_addr_valid+0x1db/0x2d0 [ 29.018456] ? kasan_atomics_helper+0x1d7a/0x5450 [ 29.018485] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.018515] ? kasan_atomics_helper+0x1d7a/0x5450 [ 29.018544] kasan_report+0x141/0x180 [ 29.018569] ? kasan_atomics_helper+0x1d7a/0x5450 [ 29.018602] kasan_check_range+0x10c/0x1c0 [ 29.018628] __kasan_check_write+0x18/0x20 [ 29.018653] kasan_atomics_helper+0x1d7a/0x5450 [ 29.018757] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.018799] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.018827] ? kasan_atomics+0x152/0x310 [ 29.018857] kasan_atomics+0x1dc/0x310 [ 29.018894] ? __pfx_kasan_atomics+0x10/0x10 [ 29.018922] ? __pfx_read_tsc+0x10/0x10 [ 29.018948] ? ktime_get_ts64+0x86/0x230 [ 29.018976] kunit_try_run_case+0x1a5/0x480 [ 29.019005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.019032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.019060] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.019088] ? __kthread_parkme+0x82/0x180 [ 29.019112] ? preempt_count_sub+0x50/0x80 [ 29.019139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.019167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.019195] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.019222] kthread+0x337/0x6f0 [ 29.019245] ? trace_preempt_on+0x20/0xc0 [ 29.019274] ? __pfx_kthread+0x10/0x10 [ 29.019298] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.019323] ? calculate_sigpending+0x7b/0xa0 [ 29.019351] ? __pfx_kthread+0x10/0x10 [ 29.019375] ret_from_fork+0x116/0x1d0 [ 29.019410] ? __pfx_kthread+0x10/0x10 [ 29.019433] ret_from_fork_asm+0x1a/0x30 [ 29.019469] </TASK> [ 29.019483] [ 29.028487] Allocated by task 314: [ 29.028800] kasan_save_stack+0x45/0x70 [ 29.029376] kasan_save_track+0x18/0x40 [ 29.029645] kasan_save_alloc_info+0x3b/0x50 [ 29.029863] __kasan_kmalloc+0xb7/0xc0 [ 29.030067] __kmalloc_cache_noprof+0x189/0x420 [ 29.030318] kasan_atomics+0x95/0x310 [ 29.030469] kunit_try_run_case+0x1a5/0x480 [ 29.030621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.031099] kthread+0x337/0x6f0 [ 29.031313] ret_from_fork+0x116/0x1d0 [ 29.031517] ret_from_fork_asm+0x1a/0x30 [ 29.031719] [ 29.031821] The buggy address belongs to the object at ffff88810625b900 [ 29.031821] which belongs to the cache kmalloc-64 of size 64 [ 29.032615] The buggy address is located 0 bytes to the right of [ 29.032615] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.033290] [ 29.033403] The buggy address belongs to the physical page: [ 29.033661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.034091] flags: 0x200000000000000(node=0|zone=2) [ 29.034487] page_type: f5(slab) [ 29.034640] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.035066] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.035438] page dumped because: kasan: bad access detected [ 29.035775] [ 29.035848] Memory state around the buggy address: [ 29.036150] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.036429] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.036928] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.037275] ^ [ 29.037539] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.037837] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.038122] ================================================================== [ 28.506823] ================================================================== [ 28.507482] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 28.507831] Read of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.508249] [ 28.508364] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.508430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.508444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.508471] Call Trace: [ 28.508492] <TASK> [ 28.508515] dump_stack_lvl+0x73/0xb0 [ 28.508548] print_report+0xd1/0x650 [ 28.508576] ? __virt_addr_valid+0x1db/0x2d0 [ 28.508603] ? kasan_atomics_helper+0x49e8/0x5450 [ 28.508631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.508661] ? kasan_atomics_helper+0x49e8/0x5450 [ 28.508689] kasan_report+0x141/0x180 [ 28.508714] ? kasan_atomics_helper+0x49e8/0x5450 [ 28.508746] __asan_report_load4_noabort+0x18/0x20 [ 28.508773] kasan_atomics_helper+0x49e8/0x5450 [ 28.508802] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.508831] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.508861] ? kasan_atomics+0x152/0x310 [ 28.508890] kasan_atomics+0x1dc/0x310 [ 28.508916] ? __pfx_kasan_atomics+0x10/0x10 [ 28.508943] ? __pfx_read_tsc+0x10/0x10 [ 28.508967] ? ktime_get_ts64+0x86/0x230 [ 28.508996] kunit_try_run_case+0x1a5/0x480 [ 28.509024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.509064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.509091] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.509118] ? __kthread_parkme+0x82/0x180 [ 28.509142] ? preempt_count_sub+0x50/0x80 [ 28.509168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.509196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.509223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.509251] kthread+0x337/0x6f0 [ 28.509274] ? trace_preempt_on+0x20/0xc0 [ 28.509301] ? __pfx_kthread+0x10/0x10 [ 28.509324] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.509350] ? calculate_sigpending+0x7b/0xa0 [ 28.509377] ? __pfx_kthread+0x10/0x10 [ 28.509413] ret_from_fork+0x116/0x1d0 [ 28.509436] ? __pfx_kthread+0x10/0x10 [ 28.509460] ret_from_fork_asm+0x1a/0x30 [ 28.509494] </TASK> [ 28.509508] [ 28.516873] Allocated by task 314: [ 28.517040] kasan_save_stack+0x45/0x70 [ 28.517188] kasan_save_track+0x18/0x40 [ 28.517400] kasan_save_alloc_info+0x3b/0x50 [ 28.517623] __kasan_kmalloc+0xb7/0xc0 [ 28.517783] __kmalloc_cache_noprof+0x189/0x420 [ 28.518013] kasan_atomics+0x95/0x310 [ 28.518165] kunit_try_run_case+0x1a5/0x480 [ 28.518383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.518611] kthread+0x337/0x6f0 [ 28.518767] ret_from_fork+0x116/0x1d0 [ 28.518955] ret_from_fork_asm+0x1a/0x30 [ 28.519141] [ 28.519212] The buggy address belongs to the object at ffff88810625b900 [ 28.519212] which belongs to the cache kmalloc-64 of size 64 [ 28.519809] The buggy address is located 0 bytes to the right of [ 28.519809] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.520225] [ 28.520297] The buggy address belongs to the physical page: [ 28.520484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.520942] flags: 0x200000000000000(node=0|zone=2) [ 28.521242] page_type: f5(slab) [ 28.521424] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.521674] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.521976] page dumped because: kasan: bad access detected [ 28.522231] [ 28.522324] Memory state around the buggy address: [ 28.522567] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.522899] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.523194] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.523420] ^ [ 28.523591] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.523959] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.524286] ================================================================== [ 28.205279] ================================================================== [ 28.206086] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 28.206961] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.207230] [ 28.207329] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.207386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.207414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.207441] Call Trace: [ 28.207459] <TASK> [ 28.207481] dump_stack_lvl+0x73/0xb0 [ 28.207513] print_report+0xd1/0x650 [ 28.207540] ? __virt_addr_valid+0x1db/0x2d0 [ 28.207569] ? kasan_atomics_helper+0xd47/0x5450 [ 28.207597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.207626] ? kasan_atomics_helper+0xd47/0x5450 [ 28.207655] kasan_report+0x141/0x180 [ 28.207681] ? kasan_atomics_helper+0xd47/0x5450 [ 28.207716] kasan_check_range+0x10c/0x1c0 [ 28.207745] __kasan_check_write+0x18/0x20 [ 28.207771] kasan_atomics_helper+0xd47/0x5450 [ 28.207801] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.207830] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.207859] ? kasan_atomics+0x152/0x310 [ 28.207889] kasan_atomics+0x1dc/0x310 [ 28.207915] ? __pfx_kasan_atomics+0x10/0x10 [ 28.207943] ? __pfx_read_tsc+0x10/0x10 [ 28.207971] ? ktime_get_ts64+0x86/0x230 [ 28.207999] kunit_try_run_case+0x1a5/0x480 [ 28.208029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.208056] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.208085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.208113] ? __kthread_parkme+0x82/0x180 [ 28.208137] ? preempt_count_sub+0x50/0x80 [ 28.208164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.208192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.208220] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.208270] kthread+0x337/0x6f0 [ 28.208293] ? trace_preempt_on+0x20/0xc0 [ 28.208321] ? __pfx_kthread+0x10/0x10 [ 28.208345] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.208371] ? calculate_sigpending+0x7b/0xa0 [ 28.208410] ? __pfx_kthread+0x10/0x10 [ 28.208435] ret_from_fork+0x116/0x1d0 [ 28.208456] ? __pfx_kthread+0x10/0x10 [ 28.208481] ret_from_fork_asm+0x1a/0x30 [ 28.208516] </TASK> [ 28.208531] [ 28.218920] Allocated by task 314: [ 28.219419] kasan_save_stack+0x45/0x70 [ 28.220045] kasan_save_track+0x18/0x40 [ 28.220629] kasan_save_alloc_info+0x3b/0x50 [ 28.221419] __kasan_kmalloc+0xb7/0xc0 [ 28.221866] __kmalloc_cache_noprof+0x189/0x420 [ 28.222385] kasan_atomics+0x95/0x310 [ 28.222766] kunit_try_run_case+0x1a5/0x480 [ 28.223309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.223923] kthread+0x337/0x6f0 [ 28.224293] ret_from_fork+0x116/0x1d0 [ 28.224769] ret_from_fork_asm+0x1a/0x30 [ 28.225252] [ 28.225491] The buggy address belongs to the object at ffff88810625b900 [ 28.225491] which belongs to the cache kmalloc-64 of size 64 [ 28.226655] The buggy address is located 0 bytes to the right of [ 28.226655] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.227537] [ 28.227773] The buggy address belongs to the physical page: [ 28.228414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.229365] flags: 0x200000000000000(node=0|zone=2) [ 28.229853] page_type: f5(slab) [ 28.229999] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.230847] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.231404] page dumped because: kasan: bad access detected [ 28.231600] [ 28.231691] Memory state around the buggy address: [ 28.232189] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.233030] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.233760] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.234575] ^ [ 28.234746] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.234984] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.235490] ================================================================== [ 28.301124] ================================================================== [ 28.301850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 28.302702] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.303282] [ 28.303380] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.303451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.303468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.303494] Call Trace: [ 28.303518] <TASK> [ 28.303543] dump_stack_lvl+0x73/0xb0 [ 28.303577] print_report+0xd1/0x650 [ 28.303606] ? __virt_addr_valid+0x1db/0x2d0 [ 28.303634] ? kasan_atomics_helper+0xf10/0x5450 [ 28.303664] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.303856] ? kasan_atomics_helper+0xf10/0x5450 [ 28.303937] kasan_report+0x141/0x180 [ 28.303963] ? kasan_atomics_helper+0xf10/0x5450 [ 28.303997] kasan_check_range+0x10c/0x1c0 [ 28.304025] __kasan_check_write+0x18/0x20 [ 28.304051] kasan_atomics_helper+0xf10/0x5450 [ 28.304081] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.304110] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.304140] ? kasan_atomics+0x152/0x310 [ 28.304171] kasan_atomics+0x1dc/0x310 [ 28.304197] ? __pfx_kasan_atomics+0x10/0x10 [ 28.304230] ? __pfx_read_tsc+0x10/0x10 [ 28.304256] ? ktime_get_ts64+0x86/0x230 [ 28.304285] kunit_try_run_case+0x1a5/0x480 [ 28.304314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.304342] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.304370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.304409] ? __kthread_parkme+0x82/0x180 [ 28.304434] ? preempt_count_sub+0x50/0x80 [ 28.304462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.304491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.304520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.304548] kthread+0x337/0x6f0 [ 28.304572] ? trace_preempt_on+0x20/0xc0 [ 28.304600] ? __pfx_kthread+0x10/0x10 [ 28.304624] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.304650] ? calculate_sigpending+0x7b/0xa0 [ 28.304679] ? __pfx_kthread+0x10/0x10 [ 28.304704] ret_from_fork+0x116/0x1d0 [ 28.304727] ? __pfx_kthread+0x10/0x10 [ 28.304752] ret_from_fork_asm+0x1a/0x30 [ 28.304789] </TASK> [ 28.304804] [ 28.316716] Allocated by task 314: [ 28.316904] kasan_save_stack+0x45/0x70 [ 28.317940] kasan_save_track+0x18/0x40 [ 28.318106] kasan_save_alloc_info+0x3b/0x50 [ 28.318626] __kasan_kmalloc+0xb7/0xc0 [ 28.318952] __kmalloc_cache_noprof+0x189/0x420 [ 28.319149] kasan_atomics+0x95/0x310 [ 28.319555] kunit_try_run_case+0x1a5/0x480 [ 28.319777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.320468] kthread+0x337/0x6f0 [ 28.320655] ret_from_fork+0x116/0x1d0 [ 28.320856] ret_from_fork_asm+0x1a/0x30 [ 28.321086] [ 28.321432] The buggy address belongs to the object at ffff88810625b900 [ 28.321432] which belongs to the cache kmalloc-64 of size 64 [ 28.321980] The buggy address is located 0 bytes to the right of [ 28.321980] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.322893] [ 28.323231] The buggy address belongs to the physical page: [ 28.323624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.324016] flags: 0x200000000000000(node=0|zone=2) [ 28.324677] page_type: f5(slab) [ 28.324874] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.325206] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.325893] page dumped because: kasan: bad access detected [ 28.326333] [ 28.326435] Memory state around the buggy address: [ 28.326675] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.326991] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.327327] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.327658] ^ [ 28.328447] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.328744] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.328999] ================================================================== [ 29.145309] ================================================================== [ 29.146003] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 29.146794] Read of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 29.147184] [ 29.147307] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 29.147366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.147384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.147422] Call Trace: [ 29.147447] <TASK> [ 29.147472] dump_stack_lvl+0x73/0xb0 [ 29.147507] print_report+0xd1/0x650 [ 29.147535] ? __virt_addr_valid+0x1db/0x2d0 [ 29.147563] ? kasan_atomics_helper+0x4f98/0x5450 [ 29.147592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.147621] ? kasan_atomics_helper+0x4f98/0x5450 [ 29.147651] kasan_report+0x141/0x180 [ 29.147676] ? kasan_atomics_helper+0x4f98/0x5450 [ 29.147710] __asan_report_load8_noabort+0x18/0x20 [ 29.147737] kasan_atomics_helper+0x4f98/0x5450 [ 29.147767] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.147796] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.147825] ? kasan_atomics+0x152/0x310 [ 29.147855] kasan_atomics+0x1dc/0x310 [ 29.147882] ? __pfx_kasan_atomics+0x10/0x10 [ 29.147910] ? __pfx_read_tsc+0x10/0x10 [ 29.147936] ? ktime_get_ts64+0x86/0x230 [ 29.147965] kunit_try_run_case+0x1a5/0x480 [ 29.147995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.148022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.148064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.148092] ? __kthread_parkme+0x82/0x180 [ 29.148129] ? preempt_count_sub+0x50/0x80 [ 29.148158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.148187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.148216] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.148249] kthread+0x337/0x6f0 [ 29.148273] ? trace_preempt_on+0x20/0xc0 [ 29.148311] ? __pfx_kthread+0x10/0x10 [ 29.148334] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.148373] ? calculate_sigpending+0x7b/0xa0 [ 29.148408] ? __pfx_kthread+0x10/0x10 [ 29.148434] ret_from_fork+0x116/0x1d0 [ 29.148456] ? __pfx_kthread+0x10/0x10 [ 29.148480] ret_from_fork_asm+0x1a/0x30 [ 29.148517] </TASK> [ 29.148531] [ 29.155963] Allocated by task 314: [ 29.156167] kasan_save_stack+0x45/0x70 [ 29.156376] kasan_save_track+0x18/0x40 [ 29.156571] kasan_save_alloc_info+0x3b/0x50 [ 29.156780] __kasan_kmalloc+0xb7/0xc0 [ 29.156937] __kmalloc_cache_noprof+0x189/0x420 [ 29.157090] kasan_atomics+0x95/0x310 [ 29.157218] kunit_try_run_case+0x1a5/0x480 [ 29.157509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.157767] kthread+0x337/0x6f0 [ 29.157998] ret_from_fork+0x116/0x1d0 [ 29.158216] ret_from_fork_asm+0x1a/0x30 [ 29.158419] [ 29.158490] The buggy address belongs to the object at ffff88810625b900 [ 29.158490] which belongs to the cache kmalloc-64 of size 64 [ 29.158837] The buggy address is located 0 bytes to the right of [ 29.158837] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 29.159959] [ 29.160058] The buggy address belongs to the physical page: [ 29.160240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 29.160547] flags: 0x200000000000000(node=0|zone=2) [ 29.160789] page_type: f5(slab) [ 29.161047] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.161376] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.161677] page dumped because: kasan: bad access detected [ 29.161889] [ 29.161985] Memory state around the buggy address: [ 29.162250] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.162612] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.162971] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.163255] ^ [ 29.163460] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.163807] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.164159] ================================================================== [ 27.819897] ================================================================== [ 27.820596] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 27.820967] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.821317] [ 27.821443] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.821503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.821519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.821547] Call Trace: [ 27.821572] <TASK> [ 27.821596] dump_stack_lvl+0x73/0xb0 [ 27.821630] print_report+0xd1/0x650 [ 27.821657] ? __virt_addr_valid+0x1db/0x2d0 [ 27.821687] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.821715] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.821745] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.821776] kasan_report+0x141/0x180 [ 27.821803] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.821837] __asan_report_store4_noabort+0x1b/0x30 [ 27.821864] kasan_atomics_helper+0x4b3a/0x5450 [ 27.821894] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.821925] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.821954] ? kasan_atomics+0x152/0x310 [ 27.822008] kasan_atomics+0x1dc/0x310 [ 27.822034] ? __pfx_kasan_atomics+0x10/0x10 [ 27.822061] ? __pfx_read_tsc+0x10/0x10 [ 27.822087] ? ktime_get_ts64+0x86/0x230 [ 27.822116] kunit_try_run_case+0x1a5/0x480 [ 27.822146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.822173] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.822201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.822230] ? __kthread_parkme+0x82/0x180 [ 27.822255] ? preempt_count_sub+0x50/0x80 [ 27.822282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.822312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.822359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.822388] kthread+0x337/0x6f0 [ 27.822423] ? trace_preempt_on+0x20/0xc0 [ 27.822453] ? __pfx_kthread+0x10/0x10 [ 27.822476] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.822503] ? calculate_sigpending+0x7b/0xa0 [ 27.822531] ? __pfx_kthread+0x10/0x10 [ 27.822555] ret_from_fork+0x116/0x1d0 [ 27.822578] ? __pfx_kthread+0x10/0x10 [ 27.822602] ret_from_fork_asm+0x1a/0x30 [ 27.822638] </TASK> [ 27.822652] [ 27.834775] Allocated by task 314: [ 27.835002] kasan_save_stack+0x45/0x70 [ 27.835312] kasan_save_track+0x18/0x40 [ 27.835641] kasan_save_alloc_info+0x3b/0x50 [ 27.835918] __kasan_kmalloc+0xb7/0xc0 [ 27.836327] __kmalloc_cache_noprof+0x189/0x420 [ 27.836574] kasan_atomics+0x95/0x310 [ 27.836820] kunit_try_run_case+0x1a5/0x480 [ 27.837080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.837515] kthread+0x337/0x6f0 [ 27.837731] ret_from_fork+0x116/0x1d0 [ 27.838448] ret_from_fork_asm+0x1a/0x30 [ 27.838665] [ 27.838773] The buggy address belongs to the object at ffff88810625b900 [ 27.838773] which belongs to the cache kmalloc-64 of size 64 [ 27.839623] The buggy address is located 0 bytes to the right of [ 27.839623] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.840424] [ 27.840557] The buggy address belongs to the physical page: [ 27.840827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.841444] flags: 0x200000000000000(node=0|zone=2) [ 27.841677] page_type: f5(slab) [ 27.841855] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.842354] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.842829] page dumped because: kasan: bad access detected [ 27.843115] [ 27.843366] Memory state around the buggy address: [ 27.843865] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.844377] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.844766] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.845322] ^ [ 27.845767] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.846154] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.846631] ================================================================== [ 28.575491] ================================================================== [ 28.576275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 28.577007] Read of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.577697] [ 28.577924] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.577992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.578007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.578034] Call Trace: [ 28.578067] <TASK> [ 28.578091] dump_stack_lvl+0x73/0xb0 [ 28.578124] print_report+0xd1/0x650 [ 28.578162] ? __virt_addr_valid+0x1db/0x2d0 [ 28.578190] ? kasan_atomics_helper+0x13b5/0x5450 [ 28.578218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.578247] ? kasan_atomics_helper+0x13b5/0x5450 [ 28.578278] kasan_report+0x141/0x180 [ 28.578303] ? kasan_atomics_helper+0x13b5/0x5450 [ 28.578336] kasan_check_range+0x10c/0x1c0 [ 28.578362] __kasan_check_read+0x15/0x20 [ 28.578400] kasan_atomics_helper+0x13b5/0x5450 [ 28.578431] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.578460] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.578488] ? kasan_atomics+0x152/0x310 [ 28.578517] kasan_atomics+0x1dc/0x310 [ 28.578542] ? __pfx_kasan_atomics+0x10/0x10 [ 28.578569] ? __pfx_read_tsc+0x10/0x10 [ 28.578594] ? ktime_get_ts64+0x86/0x230 [ 28.578624] kunit_try_run_case+0x1a5/0x480 [ 28.578652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.578679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.578707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.578735] ? __kthread_parkme+0x82/0x180 [ 28.578760] ? preempt_count_sub+0x50/0x80 [ 28.578787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.578815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.578843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.578893] kthread+0x337/0x6f0 [ 28.578916] ? trace_preempt_on+0x20/0xc0 [ 28.578945] ? __pfx_kthread+0x10/0x10 [ 28.578969] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.578994] ? calculate_sigpending+0x7b/0xa0 [ 28.579022] ? __pfx_kthread+0x10/0x10 [ 28.579047] ret_from_fork+0x116/0x1d0 [ 28.579069] ? __pfx_kthread+0x10/0x10 [ 28.579092] ret_from_fork_asm+0x1a/0x30 [ 28.579128] </TASK> [ 28.579143] [ 28.591913] Allocated by task 314: [ 28.592309] kasan_save_stack+0x45/0x70 [ 28.592739] kasan_save_track+0x18/0x40 [ 28.593176] kasan_save_alloc_info+0x3b/0x50 [ 28.593682] __kasan_kmalloc+0xb7/0xc0 [ 28.594062] __kmalloc_cache_noprof+0x189/0x420 [ 28.594456] kasan_atomics+0x95/0x310 [ 28.594599] kunit_try_run_case+0x1a5/0x480 [ 28.594757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.595119] kthread+0x337/0x6f0 [ 28.595458] ret_from_fork+0x116/0x1d0 [ 28.595862] ret_from_fork_asm+0x1a/0x30 [ 28.596282] [ 28.596463] The buggy address belongs to the object at ffff88810625b900 [ 28.596463] which belongs to the cache kmalloc-64 of size 64 [ 28.597619] The buggy address is located 0 bytes to the right of [ 28.597619] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.598371] [ 28.598565] The buggy address belongs to the physical page: [ 28.599250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.599838] flags: 0x200000000000000(node=0|zone=2) [ 28.600348] page_type: f5(slab) [ 28.600696] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.600985] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.601595] page dumped because: kasan: bad access detected [ 28.601787] [ 28.601860] Memory state around the buggy address: [ 28.602361] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.603078] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.603873] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.604369] ^ [ 28.604570] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.604813] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.605680] ================================================================== [ 28.524873] ================================================================== [ 28.525300] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 28.525670] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.526026] [ 28.526135] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.526187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.526202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.526228] Call Trace: [ 28.526248] <TASK> [ 28.526267] dump_stack_lvl+0x73/0xb0 [ 28.526297] print_report+0xd1/0x650 [ 28.526322] ? __virt_addr_valid+0x1db/0x2d0 [ 28.526349] ? kasan_atomics_helper+0x12e6/0x5450 [ 28.526376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.526416] ? kasan_atomics_helper+0x12e6/0x5450 [ 28.526444] kasan_report+0x141/0x180 [ 28.526468] ? kasan_atomics_helper+0x12e6/0x5450 [ 28.526501] kasan_check_range+0x10c/0x1c0 [ 28.526527] __kasan_check_write+0x18/0x20 [ 28.526552] kasan_atomics_helper+0x12e6/0x5450 [ 28.526580] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.526610] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.526638] ? kasan_atomics+0x152/0x310 [ 28.526667] kasan_atomics+0x1dc/0x310 [ 28.526691] ? __pfx_kasan_atomics+0x10/0x10 [ 28.526717] ? __pfx_read_tsc+0x10/0x10 [ 28.526742] ? ktime_get_ts64+0x86/0x230 [ 28.526770] kunit_try_run_case+0x1a5/0x480 [ 28.526798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.526824] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.526851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.526891] ? __kthread_parkme+0x82/0x180 [ 28.526915] ? preempt_count_sub+0x50/0x80 [ 28.526943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.526971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.527000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.527028] kthread+0x337/0x6f0 [ 28.527051] ? trace_preempt_on+0x20/0xc0 [ 28.527078] ? __pfx_kthread+0x10/0x10 [ 28.527102] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.527128] ? calculate_sigpending+0x7b/0xa0 [ 28.527156] ? __pfx_kthread+0x10/0x10 [ 28.527180] ret_from_fork+0x116/0x1d0 [ 28.527203] ? __pfx_kthread+0x10/0x10 [ 28.527229] ret_from_fork_asm+0x1a/0x30 [ 28.527265] </TASK> [ 28.527280] [ 28.535252] Allocated by task 314: [ 28.535469] kasan_save_stack+0x45/0x70 [ 28.535674] kasan_save_track+0x18/0x40 [ 28.535817] kasan_save_alloc_info+0x3b/0x50 [ 28.536066] __kasan_kmalloc+0xb7/0xc0 [ 28.536282] __kmalloc_cache_noprof+0x189/0x420 [ 28.536479] kasan_atomics+0x95/0x310 [ 28.536619] kunit_try_run_case+0x1a5/0x480 [ 28.536774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.537245] kthread+0x337/0x6f0 [ 28.537439] ret_from_fork+0x116/0x1d0 [ 28.537641] ret_from_fork_asm+0x1a/0x30 [ 28.537850] [ 28.537985] The buggy address belongs to the object at ffff88810625b900 [ 28.537985] which belongs to the cache kmalloc-64 of size 64 [ 28.538364] The buggy address is located 0 bytes to the right of [ 28.538364] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.538765] [ 28.538840] The buggy address belongs to the physical page: [ 28.539108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.539491] flags: 0x200000000000000(node=0|zone=2) [ 28.539737] page_type: f5(slab) [ 28.539914] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.540233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.540687] page dumped because: kasan: bad access detected [ 28.540942] [ 28.541013] Memory state around the buggy address: [ 28.541178] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.541423] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.541657] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.542159] ^ [ 28.542421] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.542767] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.543371] ================================================================== [ 28.744861] ================================================================== [ 28.745309] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 28.745652] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.746080] [ 28.746189] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.746245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.746272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.746299] Call Trace: [ 28.746322] <TASK> [ 28.746356] dump_stack_lvl+0x73/0xb0 [ 28.746387] print_report+0xd1/0x650 [ 28.746422] ? __virt_addr_valid+0x1db/0x2d0 [ 28.746452] ? kasan_atomics_helper+0x164f/0x5450 [ 28.746481] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.746512] ? kasan_atomics_helper+0x164f/0x5450 [ 28.746542] kasan_report+0x141/0x180 [ 28.746567] ? kasan_atomics_helper+0x164f/0x5450 [ 28.746601] kasan_check_range+0x10c/0x1c0 [ 28.746629] __kasan_check_write+0x18/0x20 [ 28.746656] kasan_atomics_helper+0x164f/0x5450 [ 28.746687] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.746717] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.746746] ? kasan_atomics+0x152/0x310 [ 28.746776] kasan_atomics+0x1dc/0x310 [ 28.746803] ? __pfx_kasan_atomics+0x10/0x10 [ 28.746831] ? __pfx_read_tsc+0x10/0x10 [ 28.746857] ? ktime_get_ts64+0x86/0x230 [ 28.746899] kunit_try_run_case+0x1a5/0x480 [ 28.746941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.746968] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.747010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.747039] ? __kthread_parkme+0x82/0x180 [ 28.747065] ? preempt_count_sub+0x50/0x80 [ 28.747093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.747123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.747152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.747182] kthread+0x337/0x6f0 [ 28.747207] ? trace_preempt_on+0x20/0xc0 [ 28.747237] ? __pfx_kthread+0x10/0x10 [ 28.747262] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.747289] ? calculate_sigpending+0x7b/0xa0 [ 28.747318] ? __pfx_kthread+0x10/0x10 [ 28.747344] ret_from_fork+0x116/0x1d0 [ 28.747367] ? __pfx_kthread+0x10/0x10 [ 28.747415] ret_from_fork_asm+0x1a/0x30 [ 28.747452] </TASK> [ 28.747466] [ 28.755699] Allocated by task 314: [ 28.755912] kasan_save_stack+0x45/0x70 [ 28.756128] kasan_save_track+0x18/0x40 [ 28.756280] kasan_save_alloc_info+0x3b/0x50 [ 28.756501] __kasan_kmalloc+0xb7/0xc0 [ 28.756723] __kmalloc_cache_noprof+0x189/0x420 [ 28.756927] kasan_atomics+0x95/0x310 [ 28.757069] kunit_try_run_case+0x1a5/0x480 [ 28.757347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.757638] kthread+0x337/0x6f0 [ 28.757838] ret_from_fork+0x116/0x1d0 [ 28.758057] ret_from_fork_asm+0x1a/0x30 [ 28.758277] [ 28.758409] The buggy address belongs to the object at ffff88810625b900 [ 28.758409] which belongs to the cache kmalloc-64 of size 64 [ 28.758898] The buggy address is located 0 bytes to the right of [ 28.758898] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.759456] [ 28.759533] The buggy address belongs to the physical page: [ 28.759720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.760039] flags: 0x200000000000000(node=0|zone=2) [ 28.760338] page_type: f5(slab) [ 28.760545] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.760910] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.761256] page dumped because: kasan: bad access detected [ 28.762221] [ 28.762349] Memory state around the buggy address: [ 28.762604] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.763180] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.763528] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.763833] ^ [ 28.764455] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.764791] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.765518] ================================================================== [ 27.669880] ================================================================== [ 27.670338] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 27.670693] Read of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.671192] [ 27.671579] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.671748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.671765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.671792] Call Trace: [ 27.671815] <TASK> [ 27.671875] dump_stack_lvl+0x73/0xb0 [ 27.671912] print_report+0xd1/0x650 [ 27.671939] ? __virt_addr_valid+0x1db/0x2d0 [ 27.671967] ? kasan_atomics_helper+0x4b88/0x5450 [ 27.671996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.672026] ? kasan_atomics_helper+0x4b88/0x5450 [ 27.672055] kasan_report+0x141/0x180 [ 27.672080] ? kasan_atomics_helper+0x4b88/0x5450 [ 27.672114] __asan_report_load4_noabort+0x18/0x20 [ 27.672142] kasan_atomics_helper+0x4b88/0x5450 [ 27.672173] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.672203] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.672237] ? kasan_atomics+0x152/0x310 [ 27.672267] kasan_atomics+0x1dc/0x310 [ 27.672294] ? __pfx_kasan_atomics+0x10/0x10 [ 27.672322] ? __pfx_read_tsc+0x10/0x10 [ 27.672348] ? ktime_get_ts64+0x86/0x230 [ 27.672377] kunit_try_run_case+0x1a5/0x480 [ 27.672419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.672447] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.672476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.672505] ? __kthread_parkme+0x82/0x180 [ 27.672530] ? preempt_count_sub+0x50/0x80 [ 27.672557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.672585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.672614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.672644] kthread+0x337/0x6f0 [ 27.672667] ? trace_preempt_on+0x20/0xc0 [ 27.672696] ? __pfx_kthread+0x10/0x10 [ 27.672721] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.672747] ? calculate_sigpending+0x7b/0xa0 [ 27.672775] ? __pfx_kthread+0x10/0x10 [ 27.672801] ret_from_fork+0x116/0x1d0 [ 27.672823] ? __pfx_kthread+0x10/0x10 [ 27.672847] ret_from_fork_asm+0x1a/0x30 [ 27.672883] </TASK> [ 27.672897] [ 27.686707] Allocated by task 314: [ 27.687127] kasan_save_stack+0x45/0x70 [ 27.687756] kasan_save_track+0x18/0x40 [ 27.688287] kasan_save_alloc_info+0x3b/0x50 [ 27.688597] __kasan_kmalloc+0xb7/0xc0 [ 27.689105] __kmalloc_cache_noprof+0x189/0x420 [ 27.689444] kasan_atomics+0x95/0x310 [ 27.689647] kunit_try_run_case+0x1a5/0x480 [ 27.689853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.690101] kthread+0x337/0x6f0 [ 27.690666] ret_from_fork+0x116/0x1d0 [ 27.691038] ret_from_fork_asm+0x1a/0x30 [ 27.691546] [ 27.691659] The buggy address belongs to the object at ffff88810625b900 [ 27.691659] which belongs to the cache kmalloc-64 of size 64 [ 27.692512] The buggy address is located 0 bytes to the right of [ 27.692512] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.692973] [ 27.693083] The buggy address belongs to the physical page: [ 27.693339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.693710] flags: 0x200000000000000(node=0|zone=2) [ 27.694033] page_type: f5(slab) [ 27.694164] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.694538] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.694852] page dumped because: kasan: bad access detected [ 27.695781] [ 27.695872] Memory state around the buggy address: [ 27.696465] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.696913] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.697466] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.697895] ^ [ 27.698257] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.698775] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.699488] ================================================================== [ 28.656843] ================================================================== [ 28.657209] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 28.657587] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.658066] [ 28.658158] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.658211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.658227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.658254] Call Trace: [ 28.658273] <TASK> [ 28.658292] dump_stack_lvl+0x73/0xb0 [ 28.658321] print_report+0xd1/0x650 [ 28.658348] ? __virt_addr_valid+0x1db/0x2d0 [ 28.658375] ? kasan_atomics_helper+0x50d4/0x5450 [ 28.658417] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.658447] ? kasan_atomics_helper+0x50d4/0x5450 [ 28.658477] kasan_report+0x141/0x180 [ 28.658503] ? kasan_atomics_helper+0x50d4/0x5450 [ 28.658538] __asan_report_store8_noabort+0x1b/0x30 [ 28.658567] kasan_atomics_helper+0x50d4/0x5450 [ 28.658597] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.658628] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.658656] ? kasan_atomics+0x152/0x310 [ 28.658686] kasan_atomics+0x1dc/0x310 [ 28.658713] ? __pfx_kasan_atomics+0x10/0x10 [ 28.658741] ? __pfx_read_tsc+0x10/0x10 [ 28.658767] ? ktime_get_ts64+0x86/0x230 [ 28.658796] kunit_try_run_case+0x1a5/0x480 [ 28.658825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.658853] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.658882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.658911] ? __kthread_parkme+0x82/0x180 [ 28.658935] ? preempt_count_sub+0x50/0x80 [ 28.658963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.658994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.659023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.659053] kthread+0x337/0x6f0 [ 28.659076] ? trace_preempt_on+0x20/0xc0 [ 28.659105] ? __pfx_kthread+0x10/0x10 [ 28.659130] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.659157] ? calculate_sigpending+0x7b/0xa0 [ 28.659186] ? __pfx_kthread+0x10/0x10 [ 28.659212] ret_from_fork+0x116/0x1d0 [ 28.659236] ? __pfx_kthread+0x10/0x10 [ 28.659261] ret_from_fork_asm+0x1a/0x30 [ 28.659322] </TASK> [ 28.659336] [ 28.667498] Allocated by task 314: [ 28.667699] kasan_save_stack+0x45/0x70 [ 28.667943] kasan_save_track+0x18/0x40 [ 28.668153] kasan_save_alloc_info+0x3b/0x50 [ 28.668377] __kasan_kmalloc+0xb7/0xc0 [ 28.668568] __kmalloc_cache_noprof+0x189/0x420 [ 28.668739] kasan_atomics+0x95/0x310 [ 28.668882] kunit_try_run_case+0x1a5/0x480 [ 28.669359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.669635] kthread+0x337/0x6f0 [ 28.669777] ret_from_fork+0x116/0x1d0 [ 28.669923] ret_from_fork_asm+0x1a/0x30 [ 28.670076] [ 28.670152] The buggy address belongs to the object at ffff88810625b900 [ 28.670152] which belongs to the cache kmalloc-64 of size 64 [ 28.670726] The buggy address is located 0 bytes to the right of [ 28.670726] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.671638] [ 28.671749] The buggy address belongs to the physical page: [ 28.672053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.672327] flags: 0x200000000000000(node=0|zone=2) [ 28.672522] page_type: f5(slab) [ 28.672709] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.673234] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.673667] page dumped because: kasan: bad access detected [ 28.674244] [ 28.674352] Memory state around the buggy address: [ 28.674625] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.674871] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.675230] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.676655] ^ [ 28.677135] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.678127] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.678680] ================================================================== [ 28.367323] ================================================================== [ 28.368024] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 28.368575] Read of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.368934] [ 28.369040] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.369099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.369117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.369142] Call Trace: [ 28.369161] <TASK> [ 28.369185] dump_stack_lvl+0x73/0xb0 [ 28.369219] print_report+0xd1/0x650 [ 28.369246] ? __virt_addr_valid+0x1db/0x2d0 [ 28.369275] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.369306] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.369354] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.369385] kasan_report+0x141/0x180 [ 28.369491] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.369526] __asan_report_load4_noabort+0x18/0x20 [ 28.369556] kasan_atomics_helper+0x4a36/0x5450 [ 28.369587] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.369628] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.369658] ? kasan_atomics+0x152/0x310 [ 28.369700] kasan_atomics+0x1dc/0x310 [ 28.369726] ? __pfx_kasan_atomics+0x10/0x10 [ 28.369755] ? __pfx_read_tsc+0x10/0x10 [ 28.369782] ? ktime_get_ts64+0x86/0x230 [ 28.369813] kunit_try_run_case+0x1a5/0x480 [ 28.369844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.369872] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.369910] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.369939] ? __kthread_parkme+0x82/0x180 [ 28.369965] ? preempt_count_sub+0x50/0x80 [ 28.369994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.370024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.370054] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.370084] kthread+0x337/0x6f0 [ 28.370108] ? trace_preempt_on+0x20/0xc0 [ 28.370137] ? __pfx_kthread+0x10/0x10 [ 28.370162] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.370189] ? calculate_sigpending+0x7b/0xa0 [ 28.370220] ? __pfx_kthread+0x10/0x10 [ 28.370246] ret_from_fork+0x116/0x1d0 [ 28.370269] ? __pfx_kthread+0x10/0x10 [ 28.370295] ret_from_fork_asm+0x1a/0x30 [ 28.370332] </TASK> [ 28.370348] [ 28.385324] Allocated by task 314: [ 28.385696] kasan_save_stack+0x45/0x70 [ 28.386148] kasan_save_track+0x18/0x40 [ 28.386582] kasan_save_alloc_info+0x3b/0x50 [ 28.387026] __kasan_kmalloc+0xb7/0xc0 [ 28.387217] __kmalloc_cache_noprof+0x189/0x420 [ 28.387404] kasan_atomics+0x95/0x310 [ 28.387553] kunit_try_run_case+0x1a5/0x480 [ 28.387719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.387925] kthread+0x337/0x6f0 [ 28.388061] ret_from_fork+0x116/0x1d0 [ 28.388323] ret_from_fork_asm+0x1a/0x30 [ 28.388560] [ 28.388665] The buggy address belongs to the object at ffff88810625b900 [ 28.388665] which belongs to the cache kmalloc-64 of size 64 [ 28.389314] The buggy address is located 0 bytes to the right of [ 28.389314] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.389878] [ 28.389961] The buggy address belongs to the physical page: [ 28.390206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.390677] flags: 0x200000000000000(node=0|zone=2) [ 28.390919] page_type: f5(slab) [ 28.391095] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.391387] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.391782] page dumped because: kasan: bad access detected [ 28.392071] [ 28.392177] Memory state around the buggy address: [ 28.392408] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.392711] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.392962] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.393499] ^ [ 28.393750] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.394042] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.394337] ================================================================== [ 28.837936] ================================================================== [ 28.838349] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 28.838787] Write of size 8 at addr ffff88810625b930 by task kunit_try_catch/314 [ 28.839287] [ 28.839411] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 28.839472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.839489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.839518] Call Trace: [ 28.839542] <TASK> [ 28.839567] dump_stack_lvl+0x73/0xb0 [ 28.839628] print_report+0xd1/0x650 [ 28.839669] ? __virt_addr_valid+0x1db/0x2d0 [ 28.839701] ? kasan_atomics_helper+0x18b1/0x5450 [ 28.839785] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.839817] ? kasan_atomics_helper+0x18b1/0x5450 [ 28.839849] kasan_report+0x141/0x180 [ 28.839877] ? kasan_atomics_helper+0x18b1/0x5450 [ 28.839913] kasan_check_range+0x10c/0x1c0 [ 28.839941] __kasan_check_write+0x18/0x20 [ 28.839969] kasan_atomics_helper+0x18b1/0x5450 [ 28.840001] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.840032] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.840062] ? kasan_atomics+0x152/0x310 [ 28.840094] kasan_atomics+0x1dc/0x310 [ 28.840120] ? __pfx_kasan_atomics+0x10/0x10 [ 28.840150] ? __pfx_read_tsc+0x10/0x10 [ 28.840177] ? ktime_get_ts64+0x86/0x230 [ 28.840208] kunit_try_run_case+0x1a5/0x480 [ 28.840246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.840275] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.840305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.840335] ? __kthread_parkme+0x82/0x180 [ 28.840360] ? preempt_count_sub+0x50/0x80 [ 28.840398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.840429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.840460] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.840491] kthread+0x337/0x6f0 [ 28.840516] ? trace_preempt_on+0x20/0xc0 [ 28.840546] ? __pfx_kthread+0x10/0x10 [ 28.840573] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.840602] ? calculate_sigpending+0x7b/0xa0 [ 28.840632] ? __pfx_kthread+0x10/0x10 [ 28.840658] ret_from_fork+0x116/0x1d0 [ 28.840682] ? __pfx_kthread+0x10/0x10 [ 28.840707] ret_from_fork_asm+0x1a/0x30 [ 28.840790] </TASK> [ 28.840807] [ 28.850654] Allocated by task 314: [ 28.850895] kasan_save_stack+0x45/0x70 [ 28.851115] kasan_save_track+0x18/0x40 [ 28.851365] kasan_save_alloc_info+0x3b/0x50 [ 28.851542] __kasan_kmalloc+0xb7/0xc0 [ 28.851790] __kmalloc_cache_noprof+0x189/0x420 [ 28.852187] kasan_atomics+0x95/0x310 [ 28.852421] kunit_try_run_case+0x1a5/0x480 [ 28.852677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.852917] kthread+0x337/0x6f0 [ 28.853102] ret_from_fork+0x116/0x1d0 [ 28.853440] ret_from_fork_asm+0x1a/0x30 [ 28.853701] [ 28.853793] The buggy address belongs to the object at ffff88810625b900 [ 28.853793] which belongs to the cache kmalloc-64 of size 64 [ 28.854498] The buggy address is located 0 bytes to the right of [ 28.854498] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 28.855155] [ 28.855268] The buggy address belongs to the physical page: [ 28.855572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 28.855985] flags: 0x200000000000000(node=0|zone=2) [ 28.856321] page_type: f5(slab) [ 28.856469] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.856728] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.856978] page dumped because: kasan: bad access detected [ 28.857522] [ 28.857628] Memory state around the buggy address: [ 28.857875] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.858201] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.858479] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.858829] ^ [ 28.859180] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.859624] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.859859] ================================================================== [ 27.873631] ================================================================== [ 27.873949] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 27.874487] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.874800] [ 27.874978] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.875038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.875054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.875081] Call Trace: [ 27.875105] <TASK> [ 27.875129] dump_stack_lvl+0x73/0xb0 [ 27.875366] print_report+0xd1/0x650 [ 27.875423] ? __virt_addr_valid+0x1db/0x2d0 [ 27.875465] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.875495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.875538] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.875567] kasan_report+0x141/0x180 [ 27.875593] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.875627] kasan_check_range+0x10c/0x1c0 [ 27.875654] __kasan_check_write+0x18/0x20 [ 27.875681] kasan_atomics_helper+0x5fe/0x5450 [ 27.875711] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.875741] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.875771] ? kasan_atomics+0x152/0x310 [ 27.875800] kasan_atomics+0x1dc/0x310 [ 27.875825] ? __pfx_kasan_atomics+0x10/0x10 [ 27.875864] ? __pfx_read_tsc+0x10/0x10 [ 27.875902] ? ktime_get_ts64+0x86/0x230 [ 27.875937] kunit_try_run_case+0x1a5/0x480 [ 27.875968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.875996] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.876025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.876053] ? __kthread_parkme+0x82/0x180 [ 27.876078] ? preempt_count_sub+0x50/0x80 [ 27.876107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.876136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.876234] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.876266] kthread+0x337/0x6f0 [ 27.876290] ? trace_preempt_on+0x20/0xc0 [ 27.876319] ? __pfx_kthread+0x10/0x10 [ 27.876344] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.876371] ? calculate_sigpending+0x7b/0xa0 [ 27.876412] ? __pfx_kthread+0x10/0x10 [ 27.876438] ret_from_fork+0x116/0x1d0 [ 27.876462] ? __pfx_kthread+0x10/0x10 [ 27.876486] ret_from_fork_asm+0x1a/0x30 [ 27.876523] </TASK> [ 27.876538] [ 27.886072] Allocated by task 314: [ 27.886228] kasan_save_stack+0x45/0x70 [ 27.886534] kasan_save_track+0x18/0x40 [ 27.886814] kasan_save_alloc_info+0x3b/0x50 [ 27.887223] __kasan_kmalloc+0xb7/0xc0 [ 27.887614] __kmalloc_cache_noprof+0x189/0x420 [ 27.887905] kasan_atomics+0x95/0x310 [ 27.888100] kunit_try_run_case+0x1a5/0x480 [ 27.888409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.888648] kthread+0x337/0x6f0 [ 27.888851] ret_from_fork+0x116/0x1d0 [ 27.889023] ret_from_fork_asm+0x1a/0x30 [ 27.889171] [ 27.889245] The buggy address belongs to the object at ffff88810625b900 [ 27.889245] which belongs to the cache kmalloc-64 of size 64 [ 27.889698] The buggy address is located 0 bytes to the right of [ 27.889698] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.890470] [ 27.890621] The buggy address belongs to the physical page: [ 27.890807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.891646] flags: 0x200000000000000(node=0|zone=2) [ 27.892019] page_type: f5(slab) [ 27.892156] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.892648] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.892998] page dumped because: kasan: bad access detected [ 27.893180] [ 27.893252] Memory state around the buggy address: [ 27.893642] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.894016] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.894475] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.894727] ^ [ 27.895044] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.895612] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.895923] ================================================================== [ 27.793903] ================================================================== [ 27.794523] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 27.794896] Write of size 4 at addr ffff88810625b930 by task kunit_try_catch/314 [ 27.795531] [ 27.795696] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4-next-20250704 #1 PREEMPT(voluntary) [ 27.795930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.795951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.795978] Call Trace: [ 27.796057] <TASK> [ 27.796081] dump_stack_lvl+0x73/0xb0 [ 27.796114] print_report+0xd1/0x650 [ 27.796140] ? __virt_addr_valid+0x1db/0x2d0 [ 27.796167] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.796197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.796232] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.796261] kasan_report+0x141/0x180 [ 27.796286] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.796319] kasan_check_range+0x10c/0x1c0 [ 27.796346] __kasan_check_write+0x18/0x20 [ 27.796373] kasan_atomics_helper+0x4a0/0x5450 [ 27.796415] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.796443] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.796471] ? kasan_atomics+0x152/0x310 [ 27.796500] kasan_atomics+0x1dc/0x310 [ 27.796525] ? __pfx_kasan_atomics+0x10/0x10 [ 27.796552] ? __pfx_read_tsc+0x10/0x10 [ 27.796577] ? ktime_get_ts64+0x86/0x230 [ 27.796606] kunit_try_run_case+0x1a5/0x480 [ 27.796636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.796662] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.796690] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.796718] ? __kthread_parkme+0x82/0x180 [ 27.796742] ? preempt_count_sub+0x50/0x80 [ 27.796768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.796796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.796824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.796852] kthread+0x337/0x6f0 [ 27.796874] ? trace_preempt_on+0x20/0xc0 [ 27.796902] ? __pfx_kthread+0x10/0x10 [ 27.796925] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.796951] ? calculate_sigpending+0x7b/0xa0 [ 27.796981] ? __pfx_kthread+0x10/0x10 [ 27.797005] ret_from_fork+0x116/0x1d0 [ 27.797027] ? __pfx_kthread+0x10/0x10 [ 27.797063] ret_from_fork_asm+0x1a/0x30 [ 27.797100] </TASK> [ 27.797114] [ 27.807686] Allocated by task 314: [ 27.807889] kasan_save_stack+0x45/0x70 [ 27.808088] kasan_save_track+0x18/0x40 [ 27.808764] kasan_save_alloc_info+0x3b/0x50 [ 27.809043] __kasan_kmalloc+0xb7/0xc0 [ 27.809231] __kmalloc_cache_noprof+0x189/0x420 [ 27.809576] kasan_atomics+0x95/0x310 [ 27.809851] kunit_try_run_case+0x1a5/0x480 [ 27.810301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.810564] kthread+0x337/0x6f0 [ 27.810890] ret_from_fork+0x116/0x1d0 [ 27.811112] ret_from_fork_asm+0x1a/0x30 [ 27.811477] [ 27.811585] The buggy address belongs to the object at ffff88810625b900 [ 27.811585] which belongs to the cache kmalloc-64 of size 64 [ 27.812301] The buggy address is located 0 bytes to the right of [ 27.812301] allocated 48-byte region [ffff88810625b900, ffff88810625b930) [ 27.812795] [ 27.812899] The buggy address belongs to the physical page: [ 27.813148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10625b [ 27.813820] flags: 0x200000000000000(node=0|zone=2) [ 27.814154] page_type: f5(slab) [ 27.814345] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.814862] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.815277] page dumped because: kasan: bad access detected [ 27.815675] [ 27.815762] Memory state around the buggy address: [ 27.816075] ffff88810625b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.816532] ffff88810625b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.816962] >ffff88810625b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.817273] ^ [ 27.817717] ffff88810625b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.818289] ffff88810625ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.818615] ==================================================================