Date
July 10, 2025, 9:07 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 32.264606] ================================================================== [ 32.265329] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 32.265384] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.265526] [ 32.265581] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.265790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.265827] Hardware name: linux,dummy-virt (DT) [ 32.266242] Call trace: [ 32.266272] show_stack+0x20/0x38 (C) [ 32.266411] dump_stack_lvl+0x8c/0xd0 [ 32.266936] print_report+0x118/0x5d0 [ 32.267276] kasan_report+0xdc/0x128 [ 32.267337] kasan_check_range+0x100/0x1a8 [ 32.267387] __kasan_check_write+0x20/0x30 [ 32.267435] kasan_atomics_helper+0xff0/0x4858 [ 32.267842] kasan_atomics+0x198/0x2e0 [ 32.268183] kunit_try_run_case+0x170/0x3f0 [ 32.268283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.268689] kthread+0x328/0x630 [ 32.268742] ret_from_fork+0x10/0x20 [ 32.268793] [ 32.269426] Allocated by task 296: [ 32.269610] kasan_save_stack+0x3c/0x68 [ 32.269863] kasan_save_track+0x20/0x40 [ 32.269909] kasan_save_alloc_info+0x40/0x58 [ 32.269952] __kasan_kmalloc+0xd4/0xd8 [ 32.270544] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.270601] kasan_atomics+0xb8/0x2e0 [ 32.271148] kunit_try_run_case+0x170/0x3f0 [ 32.271235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.271358] kthread+0x328/0x630 [ 32.271401] ret_from_fork+0x10/0x20 [ 32.271439] [ 32.271464] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.271464] which belongs to the cache kmalloc-64 of size 64 [ 32.271725] The buggy address is located 0 bytes to the right of [ 32.271725] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.271804] [ 32.271826] The buggy address belongs to the physical page: [ 32.271859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.271943] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.272145] page_type: f5(slab) [ 32.272204] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.272386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.272430] page dumped because: kasan: bad access detected [ 32.272513] [ 32.273034] Memory state around the buggy address: [ 32.273069] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.273116] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.273171] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.273214] ^ [ 32.273248] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.273344] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.273387] ================================================================== [ 32.288007] ================================================================== [ 32.288058] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 32.288107] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.288170] [ 32.288201] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.288481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.288532] Hardware name: linux,dummy-virt (DT) [ 32.288865] Call trace: [ 32.288915] show_stack+0x20/0x38 (C) [ 32.288966] dump_stack_lvl+0x8c/0xd0 [ 32.289031] print_report+0x118/0x5d0 [ 32.289076] kasan_report+0xdc/0x128 [ 32.289122] kasan_check_range+0x100/0x1a8 [ 32.289180] __kasan_check_write+0x20/0x30 [ 32.289228] kasan_atomics_helper+0x1190/0x4858 [ 32.289283] kasan_atomics+0x198/0x2e0 [ 32.289334] kunit_try_run_case+0x170/0x3f0 [ 32.289387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.289447] kthread+0x328/0x630 [ 32.289491] ret_from_fork+0x10/0x20 [ 32.289540] [ 32.289569] Allocated by task 296: [ 32.289700] kasan_save_stack+0x3c/0x68 [ 32.289816] kasan_save_track+0x20/0x40 [ 32.289878] kasan_save_alloc_info+0x40/0x58 [ 32.290076] __kasan_kmalloc+0xd4/0xd8 [ 32.290276] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.290322] kasan_atomics+0xb8/0x2e0 [ 32.290369] kunit_try_run_case+0x170/0x3f0 [ 32.290462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.290577] kthread+0x328/0x630 [ 32.291017] ret_from_fork+0x10/0x20 [ 32.291526] [ 32.291554] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.291554] which belongs to the cache kmalloc-64 of size 64 [ 32.291687] The buggy address is located 0 bytes to the right of [ 32.291687] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.291849] [ 32.291873] The buggy address belongs to the physical page: [ 32.291962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.292033] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.292122] page_type: f5(slab) [ 32.292225] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.292524] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.292732] page dumped because: kasan: bad access detected [ 32.292773] [ 32.292800] Memory state around the buggy address: [ 32.293095] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.293363] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.293418] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.293464] ^ [ 32.293661] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.293942] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.293994] ================================================================== [ 32.139954] ================================================================== [ 32.140161] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 32.140370] Write of size 4 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.140618] [ 32.140675] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.140769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.140962] Hardware name: linux,dummy-virt (DT) [ 32.141251] Call trace: [ 32.141302] show_stack+0x20/0x38 (C) [ 32.141359] dump_stack_lvl+0x8c/0xd0 [ 32.141408] print_report+0x118/0x5d0 [ 32.141453] kasan_report+0xdc/0x128 [ 32.141648] kasan_check_range+0x100/0x1a8 [ 32.141894] __kasan_check_write+0x20/0x30 [ 32.142220] kasan_atomics_helper+0xb70/0x4858 [ 32.142313] kasan_atomics+0x198/0x2e0 [ 32.142535] kunit_try_run_case+0x170/0x3f0 [ 32.142602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.142980] kthread+0x328/0x630 [ 32.143107] ret_from_fork+0x10/0x20 [ 32.143213] [ 32.143349] Allocated by task 296: [ 32.143459] kasan_save_stack+0x3c/0x68 [ 32.143703] kasan_save_track+0x20/0x40 [ 32.143872] kasan_save_alloc_info+0x40/0x58 [ 32.144000] __kasan_kmalloc+0xd4/0xd8 [ 32.144079] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.144238] kasan_atomics+0xb8/0x2e0 [ 32.144327] kunit_try_run_case+0x170/0x3f0 [ 32.144372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.144424] kthread+0x328/0x630 [ 32.144676] ret_from_fork+0x10/0x20 [ 32.144732] [ 32.144862] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.144862] which belongs to the cache kmalloc-64 of size 64 [ 32.144945] The buggy address is located 0 bytes to the right of [ 32.144945] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.145020] [ 32.145061] The buggy address belongs to the physical page: [ 32.145096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.145312] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.145459] page_type: f5(slab) [ 32.146220] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.146716] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.146771] page dumped because: kasan: bad access detected [ 32.147057] [ 32.148317] ^ [ 32.150822] kasan_atomics_helper+0x3dbc/0x4858 [ 32.153050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.155387] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.161953] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.164687] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.166689] kasan_save_track+0x20/0x40 [ 32.169920] page_type: f5(slab) [ 32.170292] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.171791] ^ [ 32.173896] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858 [ 32.175306] kasan_report+0xdc/0x128 [ 32.177616] Allocated by task 296: [ 32.179762] [ 32.180396] page_type: f5(slab) [ 32.180498] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.180567] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.180612] page dumped because: kasan: bad access detected [ 32.180792] [ 32.181153] Memory state around the buggy address: [ 32.181225] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.181455] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.181535] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.181578] ^ [ 32.182024] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.182078] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.182120] ================================================================== [ 32.209251] ================================================================== [ 32.209358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 32.209485] Read of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.209579] [ 32.209773] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.210006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.210036] Hardware name: linux,dummy-virt (DT) [ 32.210069] Call trace: [ 32.210092] show_stack+0x20/0x38 (C) [ 32.210157] dump_stack_lvl+0x8c/0xd0 [ 32.210204] print_report+0x118/0x5d0 [ 32.210250] kasan_report+0xdc/0x128 [ 32.211124] kasan_check_range+0x100/0x1a8 [ 32.211215] __kasan_check_read+0x20/0x30 [ 32.211416] kasan_atomics_helper+0xdd4/0x4858 [ 32.211717] kasan_atomics+0x198/0x2e0 [ 32.211778] kunit_try_run_case+0x170/0x3f0 [ 32.211829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.211894] kthread+0x328/0x630 [ 32.211938] ret_from_fork+0x10/0x20 [ 32.211988] [ 32.212008] Allocated by task 296: [ 32.212039] kasan_save_stack+0x3c/0x68 [ 32.212084] kasan_save_track+0x20/0x40 [ 32.212466] kasan_save_alloc_info+0x40/0x58 [ 32.212509] __kasan_kmalloc+0xd4/0xd8 [ 32.212731] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.212972] kasan_atomics+0xb8/0x2e0 [ 32.213018] kunit_try_run_case+0x170/0x3f0 [ 32.213061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.213216] kthread+0x328/0x630 [ 32.213262] ret_from_fork+0x10/0x20 [ 32.213302] [ 32.213803] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.213803] which belongs to the cache kmalloc-64 of size 64 [ 32.214275] The buggy address is located 0 bytes to the right of [ 32.214275] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.214467] [ 32.214618] The buggy address belongs to the physical page: [ 32.214655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.214723] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.215239] page_type: f5(slab) [ 32.215390] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.215446] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.215490] page dumped because: kasan: bad access detected [ 32.215773] [ 32.215798] Memory state around the buggy address: [ 32.215834] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.215881] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.215965] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.216007] ^ [ 32.216043] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.216271] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.216404] ================================================================== [ 32.192375] ================================================================== [ 32.192447] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 32.192783] Write of size 4 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.193104] [ 32.193623] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.193949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.193985] Hardware name: linux,dummy-virt (DT) [ 32.194019] Call trace: [ 32.194313] show_stack+0x20/0x38 (C) [ 32.194375] dump_stack_lvl+0x8c/0xd0 [ 32.194529] print_report+0x118/0x5d0 [ 32.194575] kasan_report+0xdc/0x128 [ 32.194812] kasan_check_range+0x100/0x1a8 [ 32.195027] __kasan_check_write+0x20/0x30 [ 32.195234] kasan_atomics_helper+0xd3c/0x4858 [ 32.195296] kasan_atomics+0x198/0x2e0 [ 32.195345] kunit_try_run_case+0x170/0x3f0 [ 32.195404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.195867] kthread+0x328/0x630 [ 32.196154] ret_from_fork+0x10/0x20 [ 32.196518] [ 32.196545] Allocated by task 296: [ 32.196578] kasan_save_stack+0x3c/0x68 [ 32.196625] kasan_save_track+0x20/0x40 [ 32.196751] kasan_save_alloc_info+0x40/0x58 [ 32.196792] __kasan_kmalloc+0xd4/0xd8 [ 32.197054] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.197100] kasan_atomics+0xb8/0x2e0 [ 32.197150] kunit_try_run_case+0x170/0x3f0 [ 32.197455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.197681] kthread+0x328/0x630 [ 32.197717] ret_from_fork+0x10/0x20 [ 32.197754] [ 32.197784] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.197784] which belongs to the cache kmalloc-64 of size 64 [ 32.197987] The buggy address is located 0 bytes to the right of [ 32.197987] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.198264] [ 32.198288] The buggy address belongs to the physical page: [ 32.198322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.198565] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.198772] page_type: f5(slab) [ 32.198970] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.199031] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.199076] page dumped because: kasan: bad access detected [ 32.199119] [ 32.199166] Memory state around the buggy address: [ 32.199206] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.199253] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.199298] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.199606] ^ [ 32.199649] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.199695] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.199969] ================================================================== [ 32.325160] ================================================================== [ 32.325463] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 32.325516] Read of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.325576] [ 32.325710] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.325904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.326036] Hardware name: linux,dummy-virt (DT) [ 32.326112] Call trace: [ 32.326186] show_stack+0x20/0x38 (C) [ 32.326265] dump_stack_lvl+0x8c/0xd0 [ 32.326312] print_report+0x118/0x5d0 [ 32.326364] kasan_report+0xdc/0x128 [ 32.326545] __asan_report_load8_noabort+0x20/0x30 [ 32.326595] kasan_atomics_helper+0x3f04/0x4858 [ 32.327068] kasan_atomics+0x198/0x2e0 [ 32.327433] kunit_try_run_case+0x170/0x3f0 [ 32.327565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.327761] kthread+0x328/0x630 [ 32.327809] ret_from_fork+0x10/0x20 [ 32.327910] [ 32.327934] Allocated by task 296: [ 32.328088] kasan_save_stack+0x3c/0x68 [ 32.328211] kasan_save_track+0x20/0x40 [ 32.328259] kasan_save_alloc_info+0x40/0x58 [ 32.328396] __kasan_kmalloc+0xd4/0xd8 [ 32.328826] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.328912] kasan_atomics+0xb8/0x2e0 [ 32.328952] kunit_try_run_case+0x170/0x3f0 [ 32.328994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.329043] kthread+0x328/0x630 [ 32.329156] ret_from_fork+0x10/0x20 [ 32.329197] [ 32.329218] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.329218] which belongs to the cache kmalloc-64 of size 64 [ 32.329283] The buggy address is located 0 bytes to the right of [ 32.329283] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.329356] [ 32.329378] The buggy address belongs to the physical page: [ 32.329412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.329468] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.329518] page_type: f5(slab) [ 32.329558] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.329610] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.329655] page dumped because: kasan: bad access detected [ 32.329690] [ 32.329711] Memory state around the buggy address: [ 32.329745] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.329791] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.329837] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.329877] ^ [ 32.329913] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.329959] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.330001] ================================================================== [ 32.096319] ================================================================== [ 32.096384] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 32.096667] Write of size 4 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.096747] [ 32.096898] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.097276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.097337] Hardware name: linux,dummy-virt (DT) [ 32.097372] Call trace: [ 32.097398] show_stack+0x20/0x38 (C) [ 32.097648] dump_stack_lvl+0x8c/0xd0 [ 32.097714] print_report+0x118/0x5d0 [ 32.097760] kasan_report+0xdc/0x128 [ 32.097806] kasan_check_range+0x100/0x1a8 [ 32.097993] __kasan_check_write+0x20/0x30 [ 32.098073] kasan_atomics_helper+0x99c/0x4858 [ 32.098565] kasan_atomics+0x198/0x2e0 [ 32.098736] kunit_try_run_case+0x170/0x3f0 [ 32.098832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.099021] kthread+0x328/0x630 [ 32.099069] ret_from_fork+0x10/0x20 [ 32.099118] [ 32.099149] Allocated by task 296: [ 32.099179] kasan_save_stack+0x3c/0x68 [ 32.099225] kasan_save_track+0x20/0x40 [ 32.099374] kasan_save_alloc_info+0x40/0x58 [ 32.099573] __kasan_kmalloc+0xd4/0xd8 [ 32.099644] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.099990] kasan_atomics+0xb8/0x2e0 [ 32.100205] kunit_try_run_case+0x170/0x3f0 [ 32.100260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.100310] kthread+0x328/0x630 [ 32.100698] ret_from_fork+0x10/0x20 [ 32.101045] [ 32.101086] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.101086] which belongs to the cache kmalloc-64 of size 64 [ 32.101163] The buggy address is located 0 bytes to the right of [ 32.101163] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.101426] [ 32.101559] The buggy address belongs to the physical page: [ 32.101923] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.101987] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.102038] page_type: f5(slab) [ 32.102078] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.102220] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.102280] page dumped because: kasan: bad access detected [ 32.102317] [ 32.102348] Memory state around the buggy address: [ 32.102393] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.102450] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.102497] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.102539] ^ [ 32.102575] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.102622] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.102664] ================================================================== [ 32.183657] ================================================================== [ 32.183850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 32.183904] Read of size 4 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.183958] [ 32.184419] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.184576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.184606] Hardware name: linux,dummy-virt (DT) [ 32.184902] Call trace: [ 32.184931] show_stack+0x20/0x38 (C) [ 32.184985] dump_stack_lvl+0x8c/0xd0 [ 32.185032] print_report+0x118/0x5d0 [ 32.185429] kasan_report+0xdc/0x128 [ 32.185493] __asan_report_load4_noabort+0x20/0x30 [ 32.185548] kasan_atomics_helper+0x3dd8/0x4858 [ 32.185611] kasan_atomics+0x198/0x2e0 [ 32.186079] kunit_try_run_case+0x170/0x3f0 [ 32.186162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.186377] kthread+0x328/0x630 [ 32.186435] ret_from_fork+0x10/0x20 [ 32.186487] [ 32.186518] Allocated by task 296: [ 32.186748] kasan_save_stack+0x3c/0x68 [ 32.186822] kasan_save_track+0x20/0x40 [ 32.186960] kasan_save_alloc_info+0x40/0x58 [ 32.187000] __kasan_kmalloc+0xd4/0xd8 [ 32.187038] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.187234] kasan_atomics+0xb8/0x2e0 [ 32.187286] kunit_try_run_case+0x170/0x3f0 [ 32.187328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.187415] kthread+0x328/0x630 [ 32.187592] ret_from_fork+0x10/0x20 [ 32.187890] [ 32.187915] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.187915] which belongs to the cache kmalloc-64 of size 64 [ 32.187980] The buggy address is located 0 bytes to the right of [ 32.187980] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.188629] [ 32.188780] The buggy address belongs to the physical page: [ 32.188816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.189173] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.189244] page_type: f5(slab) [ 32.189290] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.189344] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.189391] page dumped because: kasan: bad access detected [ 32.189423] [ 32.189445] Memory state around the buggy address: [ 32.189985] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.190537] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.190620] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.190763] ^ [ 32.190958] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.191147] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.191192] ================================================================== [ 32.374313] ================================================================== [ 32.374365] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 32.374417] Read of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.374469] [ 32.374499] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.374587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.374616] Hardware name: linux,dummy-virt (DT) [ 32.374649] Call trace: [ 32.374671] show_stack+0x20/0x38 (C) [ 32.374790] dump_stack_lvl+0x8c/0xd0 [ 32.374840] print_report+0x118/0x5d0 [ 32.375248] kasan_report+0xdc/0x128 [ 32.375844] __asan_report_load8_noabort+0x20/0x30 [ 32.375911] kasan_atomics_helper+0x3df4/0x4858 [ 32.376216] kasan_atomics+0x198/0x2e0 [ 32.376311] kunit_try_run_case+0x170/0x3f0 [ 32.376363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.376421] kthread+0x328/0x630 [ 32.376499] ret_from_fork+0x10/0x20 [ 32.376549] [ 32.376579] Allocated by task 296: [ 32.376634] kasan_save_stack+0x3c/0x68 [ 32.376678] kasan_save_track+0x20/0x40 [ 32.376718] kasan_save_alloc_info+0x40/0x58 [ 32.376759] __kasan_kmalloc+0xd4/0xd8 [ 32.376819] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.377011] kasan_atomics+0xb8/0x2e0 [ 32.377057] kunit_try_run_case+0x170/0x3f0 [ 32.377517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.377936] kthread+0x328/0x630 [ 32.377973] ret_from_fork+0x10/0x20 [ 32.378162] [ 32.378191] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.378191] which belongs to the cache kmalloc-64 of size 64 [ 32.378256] The buggy address is located 0 bytes to the right of [ 32.378256] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.378326] [ 32.378348] The buggy address belongs to the physical page: [ 32.378638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.378809] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.379243] page_type: f5(slab) [ 32.379288] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.379614] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.379663] page dumped because: kasan: bad access detected [ 32.379697] [ 32.379717] Memory state around the buggy address: [ 32.379750] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.379796] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.379890] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.379933] ^ [ 32.380203] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.380314] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.380391] ================================================================== [ 32.408050] ================================================================== [ 32.408274] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 32.408325] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.408377] [ 32.408407] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.408568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.408603] Hardware name: linux,dummy-virt (DT) [ 32.408755] Call trace: [ 32.408788] show_stack+0x20/0x38 (C) [ 32.408902] dump_stack_lvl+0x8c/0xd0 [ 32.408949] print_report+0x118/0x5d0 [ 32.408992] kasan_report+0xdc/0x128 [ 32.409037] kasan_check_range+0x100/0x1a8 [ 32.411145] __kasan_check_write+0x20/0x30 [ 32.411498] kasan_atomics_helper+0x17ec/0x4858 [ 32.411557] kasan_atomics+0x198/0x2e0 [ 32.411613] kunit_try_run_case+0x170/0x3f0 [ 32.411664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.411722] kthread+0x328/0x630 [ 32.411766] ret_from_fork+0x10/0x20 [ 32.411815] [ 32.411837] Allocated by task 296: [ 32.411868] kasan_save_stack+0x3c/0x68 [ 32.411913] kasan_save_track+0x20/0x40 [ 32.411954] kasan_save_alloc_info+0x40/0x58 [ 32.411994] __kasan_kmalloc+0xd4/0xd8 [ 32.412033] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.412075] kasan_atomics+0xb8/0x2e0 [ 32.412114] kunit_try_run_case+0x170/0x3f0 [ 32.412170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.412218] kthread+0x328/0x630 [ 32.412254] ret_from_fork+0x10/0x20 [ 32.412292] [ 32.412315] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.412315] which belongs to the cache kmalloc-64 of size 64 [ 32.412377] The buggy address is located 0 bytes to the right of [ 32.412377] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.412445] [ 32.412468] The buggy address belongs to the physical page: [ 32.412501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.412555] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.412606] page_type: f5(slab) [ 32.412645] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.412696] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.412741] page dumped because: kasan: bad access detected [ 32.412775] [ 32.412796] Memory state around the buggy address: [ 32.412830] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.412874] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.412921] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.412962] ^ [ 32.412997] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.413042] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.413084] ================================================================== [ 32.217501] ================================================================== [ 32.217555] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 32.217607] Read of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.217661] [ 32.217695] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.217785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.217816] Hardware name: linux,dummy-virt (DT) [ 32.217850] Call trace: [ 32.217873] show_stack+0x20/0x38 (C) [ 32.217923] dump_stack_lvl+0x8c/0xd0 [ 32.217971] print_report+0x118/0x5d0 [ 32.218016] kasan_report+0xdc/0x128 [ 32.218060] __asan_report_load8_noabort+0x20/0x30 [ 32.218111] kasan_atomics_helper+0x3f58/0x4858 [ 32.218178] kasan_atomics+0x198/0x2e0 [ 32.218227] kunit_try_run_case+0x170/0x3f0 [ 32.218278] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.218334] kthread+0x328/0x630 [ 32.218750] ret_from_fork+0x10/0x20 [ 32.218818] [ 32.218841] Allocated by task 296: [ 32.218872] kasan_save_stack+0x3c/0x68 [ 32.219542] kasan_save_track+0x20/0x40 [ 32.219591] kasan_save_alloc_info+0x40/0x58 [ 32.219633] __kasan_kmalloc+0xd4/0xd8 [ 32.219681] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.219724] kasan_atomics+0xb8/0x2e0 [ 32.219914] kunit_try_run_case+0x170/0x3f0 [ 32.219967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.220014] kthread+0x328/0x630 [ 32.220047] ret_from_fork+0x10/0x20 [ 32.220095] [ 32.220117] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.220117] which belongs to the cache kmalloc-64 of size 64 [ 32.220191] The buggy address is located 0 bytes to the right of [ 32.220191] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.220931] [ 32.220972] The buggy address belongs to the physical page: [ 32.221139] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.221269] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.221494] page_type: f5(slab) [ 32.221643] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.221699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.222003] page dumped because: kasan: bad access detected [ 32.222273] [ 32.222343] Memory state around the buggy address: [ 32.222489] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.222537] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.222583] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.222625] ^ [ 32.223458] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.223769] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.224057] ================================================================== [ 32.224488] ================================================================== [ 32.224592] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 32.224666] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.224719] [ 32.224753] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.224844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.224874] Hardware name: linux,dummy-virt (DT) [ 32.225354] Call trace: [ 32.225392] show_stack+0x20/0x38 (C) [ 32.225445] dump_stack_lvl+0x8c/0xd0 [ 32.225491] print_report+0x118/0x5d0 [ 32.225751] kasan_report+0xdc/0x128 [ 32.225807] kasan_check_range+0x100/0x1a8 [ 32.225855] __kasan_check_write+0x20/0x30 [ 32.225903] kasan_atomics_helper+0xe44/0x4858 [ 32.225952] kasan_atomics+0x198/0x2e0 [ 32.226416] kunit_try_run_case+0x170/0x3f0 [ 32.226488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.226546] kthread+0x328/0x630 [ 32.226662] ret_from_fork+0x10/0x20 [ 32.226807] [ 32.227196] Allocated by task 296: [ 32.227426] kasan_save_stack+0x3c/0x68 [ 32.227482] kasan_save_track+0x20/0x40 [ 32.227528] kasan_save_alloc_info+0x40/0x58 [ 32.227578] __kasan_kmalloc+0xd4/0xd8 [ 32.227641] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.227684] kasan_atomics+0xb8/0x2e0 [ 32.228103] kunit_try_run_case+0x170/0x3f0 [ 32.228260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.228725] kthread+0x328/0x630 [ 32.228985] ret_from_fork+0x10/0x20 [ 32.229200] [ 32.229227] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.229227] which belongs to the cache kmalloc-64 of size 64 [ 32.229291] The buggy address is located 0 bytes to the right of [ 32.229291] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.229359] [ 32.229380] The buggy address belongs to the physical page: [ 32.229414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.229890] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.229947] page_type: f5(slab) [ 32.229987] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.230198] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.230245] page dumped because: kasan: bad access detected [ 32.230732] [ 32.231061] Memory state around the buggy address: [ 32.231108] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.231169] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.231238] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.231285] ^ [ 32.231321] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.231367] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.231409] ================================================================== [ 32.303267] ================================================================== [ 32.303322] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 32.303642] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.303989] [ 32.304026] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.304234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.304270] Hardware name: linux,dummy-virt (DT) [ 32.304333] Call trace: [ 32.304356] show_stack+0x20/0x38 (C) [ 32.304463] dump_stack_lvl+0x8c/0xd0 [ 32.304803] print_report+0x118/0x5d0 [ 32.304851] kasan_report+0xdc/0x128 [ 32.305111] kasan_check_range+0x100/0x1a8 [ 32.305255] __kasan_check_write+0x20/0x30 [ 32.305306] kasan_atomics_helper+0x126c/0x4858 [ 32.305661] kasan_atomics+0x198/0x2e0 [ 32.305808] kunit_try_run_case+0x170/0x3f0 [ 32.305859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.305915] kthread+0x328/0x630 [ 32.305958] ret_from_fork+0x10/0x20 [ 32.306457] [ 32.306573] Allocated by task 296: [ 32.306604] kasan_save_stack+0x3c/0x68 [ 32.307030] kasan_save_track+0x20/0x40 [ 32.307078] kasan_save_alloc_info+0x40/0x58 [ 32.307143] __kasan_kmalloc+0xd4/0xd8 [ 32.307185] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.307227] kasan_atomics+0xb8/0x2e0 [ 32.307307] kunit_try_run_case+0x170/0x3f0 [ 32.307433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.307507] kthread+0x328/0x630 [ 32.307683] ret_from_fork+0x10/0x20 [ 32.307742] [ 32.307832] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.307832] which belongs to the cache kmalloc-64 of size 64 [ 32.307895] The buggy address is located 0 bytes to the right of [ 32.307895] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.308012] [ 32.308059] The buggy address belongs to the physical page: [ 32.308117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.308499] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.308564] page_type: f5(slab) [ 32.308821] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.309007] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.309319] page dumped because: kasan: bad access detected [ 32.309361] [ 32.309381] Memory state around the buggy address: [ 32.309464] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.309996] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.310143] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.310187] ^ [ 32.310224] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.310418] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.310521] ================================================================== [ 32.387752] ================================================================== [ 32.387858] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 32.388008] Read of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.388067] [ 32.388098] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.388212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.388307] Hardware name: linux,dummy-virt (DT) [ 32.388580] Call trace: [ 32.388722] show_stack+0x20/0x38 (C) [ 32.388775] dump_stack_lvl+0x8c/0xd0 [ 32.388823] print_report+0x118/0x5d0 [ 32.389066] kasan_report+0xdc/0x128 [ 32.389189] __asan_report_load8_noabort+0x20/0x30 [ 32.389243] kasan_atomics_helper+0x3e10/0x4858 [ 32.389300] kasan_atomics+0x198/0x2e0 [ 32.389458] kunit_try_run_case+0x170/0x3f0 [ 32.389572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.389706] kthread+0x328/0x630 [ 32.389851] ret_from_fork+0x10/0x20 [ 32.389900] [ 32.389928] Allocated by task 296: [ 32.390053] kasan_save_stack+0x3c/0x68 [ 32.390097] kasan_save_track+0x20/0x40 [ 32.390157] kasan_save_alloc_info+0x40/0x58 [ 32.390197] __kasan_kmalloc+0xd4/0xd8 [ 32.390236] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.390278] kasan_atomics+0xb8/0x2e0 [ 32.390601] kunit_try_run_case+0x170/0x3f0 [ 32.390645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.390692] kthread+0x328/0x630 [ 32.391985] ret_from_fork+0x10/0x20 [ 32.392043] [ 32.392100] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.392100] which belongs to the cache kmalloc-64 of size 64 [ 32.392307] The buggy address is located 0 bytes to the right of [ 32.392307] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.392391] [ 32.392416] The buggy address belongs to the physical page: [ 32.392450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.392512] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.392945] page_type: f5(slab) [ 32.393333] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.393543] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.393589] page dumped because: kasan: bad access detected [ 32.393626] [ 32.393646] Memory state around the buggy address: [ 32.393680] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.393771] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.393985] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.394172] ^ [ 32.394270] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.394365] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.394408] ================================================================== [ 32.311520] ================================================================== [ 32.311687] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 32.311739] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.311791] [ 32.311821] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.311911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.311939] Hardware name: linux,dummy-virt (DT) [ 32.311971] Call trace: [ 32.312005] show_stack+0x20/0x38 (C) [ 32.312054] dump_stack_lvl+0x8c/0xd0 [ 32.312313] print_report+0x118/0x5d0 [ 32.312715] kasan_report+0xdc/0x128 [ 32.312978] kasan_check_range+0x100/0x1a8 [ 32.313065] __kasan_check_write+0x20/0x30 [ 32.313112] kasan_atomics_helper+0x12d8/0x4858 [ 32.313173] kasan_atomics+0x198/0x2e0 [ 32.313222] kunit_try_run_case+0x170/0x3f0 [ 32.313273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.313329] kthread+0x328/0x630 [ 32.313373] ret_from_fork+0x10/0x20 [ 32.313421] [ 32.313451] Allocated by task 296: [ 32.313588] kasan_save_stack+0x3c/0x68 [ 32.313646] kasan_save_track+0x20/0x40 [ 32.313752] kasan_save_alloc_info+0x40/0x58 [ 32.313935] __kasan_kmalloc+0xd4/0xd8 [ 32.314120] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.314171] kasan_atomics+0xb8/0x2e0 [ 32.314210] kunit_try_run_case+0x170/0x3f0 [ 32.314276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.314325] kthread+0x328/0x630 [ 32.314360] ret_from_fork+0x10/0x20 [ 32.314739] [ 32.314761] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.314761] which belongs to the cache kmalloc-64 of size 64 [ 32.315140] The buggy address is located 0 bytes to the right of [ 32.315140] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.315217] [ 32.315542] The buggy address belongs to the physical page: [ 32.315582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.315639] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.315741] page_type: f5(slab) [ 32.315885] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.315993] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.316052] page dumped because: kasan: bad access detected [ 32.316095] [ 32.316115] Memory state around the buggy address: [ 32.316222] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.316276] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.316321] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.316434] ^ [ 32.316752] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.316927] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.317022] ================================================================== [ 32.361928] ================================================================== [ 32.362011] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 32.362062] Read of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.362114] [ 32.362156] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.362254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.362285] Hardware name: linux,dummy-virt (DT) [ 32.362316] Call trace: [ 32.362527] show_stack+0x20/0x38 (C) [ 32.362581] dump_stack_lvl+0x8c/0xd0 [ 32.362973] print_report+0x118/0x5d0 [ 32.363029] kasan_report+0xdc/0x128 [ 32.363073] __asan_report_load8_noabort+0x20/0x30 [ 32.363123] kasan_atomics_helper+0x3db0/0x4858 [ 32.363185] kasan_atomics+0x198/0x2e0 [ 32.363240] kunit_try_run_case+0x170/0x3f0 [ 32.363480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.363744] kthread+0x328/0x630 [ 32.363866] ret_from_fork+0x10/0x20 [ 32.363938] [ 32.363959] Allocated by task 296: [ 32.363988] kasan_save_stack+0x3c/0x68 [ 32.364031] kasan_save_track+0x20/0x40 [ 32.364078] kasan_save_alloc_info+0x40/0x58 [ 32.364165] __kasan_kmalloc+0xd4/0xd8 [ 32.364205] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.364246] kasan_atomics+0xb8/0x2e0 [ 32.364335] kunit_try_run_case+0x170/0x3f0 [ 32.364811] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.364872] kthread+0x328/0x630 [ 32.364908] ret_from_fork+0x10/0x20 [ 32.364946] [ 32.365162] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.365162] which belongs to the cache kmalloc-64 of size 64 [ 32.365429] The buggy address is located 0 bytes to the right of [ 32.365429] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.365567] [ 32.365634] The buggy address belongs to the physical page: [ 32.365669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.365725] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.365773] page_type: f5(slab) [ 32.366038] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.366170] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.366216] page dumped because: kasan: bad access detected [ 32.366251] [ 32.366270] Memory state around the buggy address: [ 32.366304] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.366725] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.366779] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.366820] ^ [ 32.367103] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.367166] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.367208] ================================================================== [ 32.367458] ================================================================== [ 32.367515] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 32.367566] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.367618] [ 32.367649] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.367737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.367765] Hardware name: linux,dummy-virt (DT) [ 32.367798] Call trace: [ 32.367821] show_stack+0x20/0x38 (C) [ 32.368275] dump_stack_lvl+0x8c/0xd0 [ 32.368767] print_report+0x118/0x5d0 [ 32.368818] kasan_report+0xdc/0x128 [ 32.369426] kasan_check_range+0x100/0x1a8 [ 32.369654] __kasan_check_write+0x20/0x30 [ 32.369803] kasan_atomics_helper+0x1644/0x4858 [ 32.369909] kasan_atomics+0x198/0x2e0 [ 32.369957] kunit_try_run_case+0x170/0x3f0 [ 32.370008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.370064] kthread+0x328/0x630 [ 32.370118] ret_from_fork+0x10/0x20 [ 32.370369] [ 32.370392] Allocated by task 296: [ 32.370421] kasan_save_stack+0x3c/0x68 [ 32.370465] kasan_save_track+0x20/0x40 [ 32.370506] kasan_save_alloc_info+0x40/0x58 [ 32.370546] __kasan_kmalloc+0xd4/0xd8 [ 32.370586] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.370630] kasan_atomics+0xb8/0x2e0 [ 32.370672] kunit_try_run_case+0x170/0x3f0 [ 32.370727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.370777] kthread+0x328/0x630 [ 32.371259] ret_from_fork+0x10/0x20 [ 32.371309] [ 32.371528] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.371528] which belongs to the cache kmalloc-64 of size 64 [ 32.371619] The buggy address is located 0 bytes to the right of [ 32.371619] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.371713] [ 32.371735] The buggy address belongs to the physical page: [ 32.371770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.371824] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.371873] page_type: f5(slab) [ 32.371913] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.371966] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.372365] page dumped because: kasan: bad access detected [ 32.372406] [ 32.372447] Memory state around the buggy address: [ 32.372718] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.372877] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.372924] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.373045] ^ [ 32.373083] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.373142] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.373730] ================================================================== [ 32.201815] ================================================================== [ 32.201931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 32.201983] Read of size 4 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.202037] [ 32.202069] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.202487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.202537] Hardware name: linux,dummy-virt (DT) [ 32.202585] Call trace: [ 32.202617] show_stack+0x20/0x38 (C) [ 32.203194] dump_stack_lvl+0x8c/0xd0 [ 32.203265] print_report+0x118/0x5d0 [ 32.203674] kasan_report+0xdc/0x128 [ 32.203742] __asan_report_load4_noabort+0x20/0x30 [ 32.203840] kasan_atomics_helper+0x3e04/0x4858 [ 32.203894] kasan_atomics+0x198/0x2e0 [ 32.203943] kunit_try_run_case+0x170/0x3f0 [ 32.203994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.204146] kthread+0x328/0x630 [ 32.204192] ret_from_fork+0x10/0x20 [ 32.204556] [ 32.204579] Allocated by task 296: [ 32.204609] kasan_save_stack+0x3c/0x68 [ 32.205000] kasan_save_track+0x20/0x40 [ 32.205052] kasan_save_alloc_info+0x40/0x58 [ 32.205092] __kasan_kmalloc+0xd4/0xd8 [ 32.205277] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.205320] kasan_atomics+0xb8/0x2e0 [ 32.205358] kunit_try_run_case+0x170/0x3f0 [ 32.205513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.205563] kthread+0x328/0x630 [ 32.205850] ret_from_fork+0x10/0x20 [ 32.205897] [ 32.205919] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.205919] which belongs to the cache kmalloc-64 of size 64 [ 32.205989] The buggy address is located 0 bytes to the right of [ 32.205989] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.206117] [ 32.206320] The buggy address belongs to the physical page: [ 32.206355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.206411] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.206828] page_type: f5(slab) [ 32.206874] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.206928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.206980] page dumped because: kasan: bad access detected [ 32.207084] [ 32.207105] Memory state around the buggy address: [ 32.207148] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.207310] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.207373] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.207414] ^ [ 32.207451] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.207605] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.207648] ================================================================== [ 32.394661] ================================================================== [ 32.394904] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 32.394967] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.395021] [ 32.395053] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.395153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.395181] Hardware name: linux,dummy-virt (DT) [ 32.395214] Call trace: [ 32.395237] show_stack+0x20/0x38 (C) [ 32.395287] dump_stack_lvl+0x8c/0xd0 [ 32.395784] print_report+0x118/0x5d0 [ 32.395841] kasan_report+0xdc/0x128 [ 32.395886] kasan_check_range+0x100/0x1a8 [ 32.396145] __kasan_check_write+0x20/0x30 [ 32.396250] kasan_atomics_helper+0x175c/0x4858 [ 32.396379] kasan_atomics+0x198/0x2e0 [ 32.396427] kunit_try_run_case+0x170/0x3f0 [ 32.396477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.396532] kthread+0x328/0x630 [ 32.396576] ret_from_fork+0x10/0x20 [ 32.396631] [ 32.396743] Allocated by task 296: [ 32.396817] kasan_save_stack+0x3c/0x68 [ 32.396936] kasan_save_track+0x20/0x40 [ 32.397027] kasan_save_alloc_info+0x40/0x58 [ 32.397101] __kasan_kmalloc+0xd4/0xd8 [ 32.397151] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.397193] kasan_atomics+0xb8/0x2e0 [ 32.397233] kunit_try_run_case+0x170/0x3f0 [ 32.397274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.397699] kthread+0x328/0x630 [ 32.397752] ret_from_fork+0x10/0x20 [ 32.398276] [ 32.398335] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.398335] which belongs to the cache kmalloc-64 of size 64 [ 32.398402] The buggy address is located 0 bytes to the right of [ 32.398402] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.398474] [ 32.398497] The buggy address belongs to the physical page: [ 32.398735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.398822] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.399370] page_type: f5(slab) [ 32.399410] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.399702] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.399883] page dumped because: kasan: bad access detected [ 32.399921] [ 32.400003] Memory state around the buggy address: [ 32.400222] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.400269] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.400316] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.400358] ^ [ 32.400393] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.400438] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.400480] ================================================================== [ 32.240677] ================================================================== [ 32.240763] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 32.240814] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.240869] [ 32.240902] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.240993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.241022] Hardware name: linux,dummy-virt (DT) [ 32.241055] Call trace: [ 32.241078] show_stack+0x20/0x38 (C) [ 32.241138] dump_stack_lvl+0x8c/0xd0 [ 32.241556] print_report+0x118/0x5d0 [ 32.241620] kasan_report+0xdc/0x128 [ 32.241751] kasan_check_range+0x100/0x1a8 [ 32.242085] __kasan_check_write+0x20/0x30 [ 32.242281] kasan_atomics_helper+0xeb8/0x4858 [ 32.242501] kasan_atomics+0x198/0x2e0 [ 32.242551] kunit_try_run_case+0x170/0x3f0 [ 32.242601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.242657] kthread+0x328/0x630 [ 32.242701] ret_from_fork+0x10/0x20 [ 32.243170] [ 32.243197] Allocated by task 296: [ 32.243230] kasan_save_stack+0x3c/0x68 [ 32.243277] kasan_save_track+0x20/0x40 [ 32.243325] kasan_save_alloc_info+0x40/0x58 [ 32.243427] __kasan_kmalloc+0xd4/0xd8 [ 32.243527] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.243634] kasan_atomics+0xb8/0x2e0 [ 32.243696] kunit_try_run_case+0x170/0x3f0 [ 32.243860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.244153] kthread+0x328/0x630 [ 32.244384] ret_from_fork+0x10/0x20 [ 32.244458] [ 32.244587] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.244587] which belongs to the cache kmalloc-64 of size 64 [ 32.244668] The buggy address is located 0 bytes to the right of [ 32.244668] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.244735] [ 32.245255] The buggy address belongs to the physical page: [ 32.245304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.245360] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.245422] page_type: f5(slab) [ 32.245464] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.245552] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.245620] page dumped because: kasan: bad access detected [ 32.245957] [ 32.246066] Memory state around the buggy address: [ 32.246105] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.246162] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.246305] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.246589] ^ [ 32.246638] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.246684] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.246726] ================================================================== [ 32.279284] ================================================================== [ 32.279334] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 32.279481] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.279556] [ 32.279592] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.279841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.279869] Hardware name: linux,dummy-virt (DT) [ 32.279902] Call trace: [ 32.279925] show_stack+0x20/0x38 (C) [ 32.279973] dump_stack_lvl+0x8c/0xd0 [ 32.280119] print_report+0x118/0x5d0 [ 32.280173] kasan_report+0xdc/0x128 [ 32.280223] kasan_check_range+0x100/0x1a8 [ 32.280355] __kasan_check_write+0x20/0x30 [ 32.280449] kasan_atomics_helper+0x10c0/0x4858 [ 32.280643] kasan_atomics+0x198/0x2e0 [ 32.280691] kunit_try_run_case+0x170/0x3f0 [ 32.280742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.280798] kthread+0x328/0x630 [ 32.280840] ret_from_fork+0x10/0x20 [ 32.280889] [ 32.280909] Allocated by task 296: [ 32.280937] kasan_save_stack+0x3c/0x68 [ 32.280980] kasan_save_track+0x20/0x40 [ 32.281021] kasan_save_alloc_info+0x40/0x58 [ 32.281060] __kasan_kmalloc+0xd4/0xd8 [ 32.281099] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.281150] kasan_atomics+0xb8/0x2e0 [ 32.281189] kunit_try_run_case+0x170/0x3f0 [ 32.281232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.281279] kthread+0x328/0x630 [ 32.281339] ret_from_fork+0x10/0x20 [ 32.281378] [ 32.281398] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.281398] which belongs to the cache kmalloc-64 of size 64 [ 32.281460] The buggy address is located 0 bytes to the right of [ 32.281460] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.281530] [ 32.281550] The buggy address belongs to the physical page: [ 32.281584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.281635] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.281979] page_type: f5(slab) [ 32.282124] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.282188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.282337] page dumped because: kasan: bad access detected [ 32.282422] [ 32.282442] Memory state around the buggy address: [ 32.282476] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.282521] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.282567] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.282608] ^ [ 32.282643] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.282688] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.282739] ================================================================== [ 32.121027] ================================================================== [ 32.121081] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 32.121351] Write of size 4 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.121722] [ 32.121900] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.122209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.122254] Hardware name: linux,dummy-virt (DT) [ 32.122421] Call trace: [ 32.122457] show_stack+0x20/0x38 (C) [ 32.122692] dump_stack_lvl+0x8c/0xd0 [ 32.122760] print_report+0x118/0x5d0 [ 32.123161] kasan_report+0xdc/0x128 [ 32.123266] kasan_check_range+0x100/0x1a8 [ 32.123323] __kasan_check_write+0x20/0x30 [ 32.123655] kasan_atomics_helper+0xad4/0x4858 [ 32.123752] kasan_atomics+0x198/0x2e0 [ 32.124106] kunit_try_run_case+0x170/0x3f0 [ 32.124221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.124383] kthread+0x328/0x630 [ 32.124470] ret_from_fork+0x10/0x20 [ 32.124782] [ 32.124931] Allocated by task 296: [ 32.125021] kasan_save_stack+0x3c/0x68 [ 32.125148] kasan_save_track+0x20/0x40 [ 32.125207] kasan_save_alloc_info+0x40/0x58 [ 32.125320] __kasan_kmalloc+0xd4/0xd8 [ 32.125362] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.125435] kasan_atomics+0xb8/0x2e0 [ 32.125627] kunit_try_run_case+0x170/0x3f0 [ 32.125994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.126210] kthread+0x328/0x630 [ 32.126280] ret_from_fork+0x10/0x20 [ 32.126380] [ 32.126460] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.126460] which belongs to the cache kmalloc-64 of size 64 [ 32.126537] The buggy address is located 0 bytes to the right of [ 32.126537] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.126901] [ 32.126954] The buggy address belongs to the physical page: [ 32.127284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.127380] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.127484] page_type: f5(slab) [ 32.127580] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.127695] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.127744] page dumped because: kasan: bad access detected [ 32.127778] [ 32.127800] Memory state around the buggy address: [ 32.127835] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.127880] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.128187] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.128519] ^ [ 32.128706] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.128821] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.128865] ================================================================== [ 32.077640] ================================================================== [ 32.077863] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 32.077958] Read of size 4 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.078110] [ 32.078157] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.078246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.078277] Hardware name: linux,dummy-virt (DT) [ 32.078311] Call trace: [ 32.078563] show_stack+0x20/0x38 (C) [ 32.079178] dump_stack_lvl+0x8c/0xd0 [ 32.079343] print_report+0x118/0x5d0 [ 32.079430] kasan_report+0xdc/0x128 [ 32.079675] __asan_report_load4_noabort+0x20/0x30 [ 32.079892] kasan_atomics_helper+0x42d8/0x4858 [ 32.079980] kasan_atomics+0x198/0x2e0 [ 32.080104] kunit_try_run_case+0x170/0x3f0 [ 32.080170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.080379] kthread+0x328/0x630 [ 32.081213] kasan_save_stack+0x3c/0x68 [ 32.082418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.083591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.083691] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.084426] page dumped because: kasan: bad access detected [ 32.084628] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.087208] [ 32.088013] __kasan_check_write+0x20/0x30 [ 32.089593] [ 32.089688] kasan_save_stack+0x3c/0x68 [ 32.090022] kasan_save_track+0x20/0x40 [ 32.090078] kasan_save_alloc_info+0x40/0x58 [ 32.090245] __kasan_kmalloc+0xd4/0xd8 [ 32.090460] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.090725] kasan_atomics+0xb8/0x2e0 [ 32.090870] kunit_try_run_case+0x170/0x3f0 [ 32.090918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.091068] kthread+0x328/0x630 [ 32.091110] ret_from_fork+0x10/0x20 [ 32.091162] [ 32.091404] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.091404] which belongs to the cache kmalloc-64 of size 64 [ 32.091779] The buggy address is located 0 bytes to the right of [ 32.091779] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.091960] [ 32.092009] The buggy address belongs to the physical page: [ 32.092044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.092419] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.092507] page_type: f5(slab) [ 32.092969] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.093186] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.093461] page dumped because: kasan: bad access detected [ 32.093559] [ 32.093629] Memory state around the buggy address: [ 32.093875] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.094076] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.094140] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.094182] ^ [ 32.094220] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.094516] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.094804] ================================================================== [ 32.282933] ================================================================== [ 32.283006] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 32.283172] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.283242] [ 32.283293] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.283567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.283608] Hardware name: linux,dummy-virt (DT) [ 32.283641] Call trace: [ 32.283698] show_stack+0x20/0x38 (C) [ 32.283791] dump_stack_lvl+0x8c/0xd0 [ 32.283995] print_report+0x118/0x5d0 [ 32.284145] kasan_report+0xdc/0x128 [ 32.284189] kasan_check_range+0x100/0x1a8 [ 32.284500] __kasan_check_write+0x20/0x30 [ 32.284705] kasan_atomics_helper+0x1128/0x4858 [ 32.284883] kasan_atomics+0x198/0x2e0 [ 32.284931] kunit_try_run_case+0x170/0x3f0 [ 32.284982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.285045] kthread+0x328/0x630 [ 32.285295] ret_from_fork+0x10/0x20 [ 32.285357] [ 32.285385] Allocated by task 296: [ 32.285521] kasan_save_stack+0x3c/0x68 [ 32.285573] kasan_save_track+0x20/0x40 [ 32.285742] kasan_save_alloc_info+0x40/0x58 [ 32.285844] __kasan_kmalloc+0xd4/0xd8 [ 32.285960] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.286110] kasan_atomics+0xb8/0x2e0 [ 32.286158] kunit_try_run_case+0x170/0x3f0 [ 32.286199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.286246] kthread+0x328/0x630 [ 32.286282] ret_from_fork+0x10/0x20 [ 32.286320] [ 32.286341] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.286341] which belongs to the cache kmalloc-64 of size 64 [ 32.286599] The buggy address is located 0 bytes to the right of [ 32.286599] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.286676] [ 32.286720] The buggy address belongs to the physical page: [ 32.286756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.286904] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.287095] page_type: f5(slab) [ 32.287144] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.287197] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.287254] page dumped because: kasan: bad access detected [ 32.287301] [ 32.287357] Memory state around the buggy address: [ 32.287390] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.287437] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.287591] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.287633] ^ [ 32.287668] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.287714] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.287755] ================================================================== [ 32.247560] ================================================================== [ 32.247615] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 32.247885] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.247959] [ 32.248351] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.248673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.248704] Hardware name: linux,dummy-virt (DT) [ 32.248738] Call trace: [ 32.248764] show_stack+0x20/0x38 (C) [ 32.249102] dump_stack_lvl+0x8c/0xd0 [ 32.249390] print_report+0x118/0x5d0 [ 32.249452] kasan_report+0xdc/0x128 [ 32.249499] kasan_check_range+0x100/0x1a8 [ 32.249597] __kasan_check_write+0x20/0x30 [ 32.249696] kasan_atomics_helper+0xf20/0x4858 [ 32.250046] kasan_atomics+0x198/0x2e0 [ 32.250110] kunit_try_run_case+0x170/0x3f0 [ 32.250171] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.250487] kthread+0x328/0x630 [ 32.250788] ret_from_fork+0x10/0x20 [ 32.250839] [ 32.251043] Allocated by task 296: [ 32.251074] kasan_save_stack+0x3c/0x68 [ 32.251212] kasan_save_track+0x20/0x40 [ 32.251272] kasan_save_alloc_info+0x40/0x58 [ 32.251313] __kasan_kmalloc+0xd4/0xd8 [ 32.251353] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.251827] kasan_atomics+0xb8/0x2e0 [ 32.251898] kunit_try_run_case+0x170/0x3f0 [ 32.251943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.252649] kthread+0x328/0x630 [ 32.252708] ret_from_fork+0x10/0x20 [ 32.252749] [ 32.252771] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.252771] which belongs to the cache kmalloc-64 of size 64 [ 32.252838] The buggy address is located 0 bytes to the right of [ 32.252838] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.253348] [ 32.253376] The buggy address belongs to the physical page: [ 32.253409] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.253467] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.253791] page_type: f5(slab) [ 32.253832] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.253888] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.253934] page dumped because: kasan: bad access detected [ 32.254511] [ 32.254536] Memory state around the buggy address: [ 32.254573] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.254621] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.254676] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.254794] ^ [ 32.255022] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.255069] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.255111] ================================================================== [ 32.400735] ================================================================== [ 32.400983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 32.401644] Read of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.401704] [ 32.401906] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.402000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.402035] Hardware name: linux,dummy-virt (DT) [ 32.402199] Call trace: [ 32.402223] show_stack+0x20/0x38 (C) [ 32.402274] dump_stack_lvl+0x8c/0xd0 [ 32.402320] print_report+0x118/0x5d0 [ 32.402366] kasan_report+0xdc/0x128 [ 32.402409] __asan_report_load8_noabort+0x20/0x30 [ 32.402461] kasan_atomics_helper+0x3e20/0x4858 [ 32.402511] kasan_atomics+0x198/0x2e0 [ 32.402558] kunit_try_run_case+0x170/0x3f0 [ 32.402615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.403018] kthread+0x328/0x630 [ 32.403618] ret_from_fork+0x10/0x20 [ 32.403679] [ 32.403705] Allocated by task 296: [ 32.403736] kasan_save_stack+0x3c/0x68 [ 32.403780] kasan_save_track+0x20/0x40 [ 32.403821] kasan_save_alloc_info+0x40/0x58 [ 32.403862] __kasan_kmalloc+0xd4/0xd8 [ 32.403904] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.403947] kasan_atomics+0xb8/0x2e0 [ 32.404139] kunit_try_run_case+0x170/0x3f0 [ 32.404494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.404582] kthread+0x328/0x630 [ 32.404618] ret_from_fork+0x10/0x20 [ 32.404656] [ 32.404678] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.404678] which belongs to the cache kmalloc-64 of size 64 [ 32.405057] The buggy address is located 0 bytes to the right of [ 32.405057] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.405145] [ 32.405168] The buggy address belongs to the physical page: [ 32.405208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.405459] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.405833] page_type: f5(slab) [ 32.405873] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.405926] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.405997] page dumped because: kasan: bad access detected [ 32.406562] [ 32.406748] Memory state around the buggy address: [ 32.406786] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.406920] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.407077] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.407286] ^ [ 32.407341] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.407387] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.407430] ================================================================== [ 32.273664] ================================================================== [ 32.273715] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 32.273764] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.273816] [ 32.273848] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.274211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.274350] Hardware name: linux,dummy-virt (DT) [ 32.274390] Call trace: [ 32.274624] show_stack+0x20/0x38 (C) [ 32.274863] dump_stack_lvl+0x8c/0xd0 [ 32.274922] print_report+0x118/0x5d0 [ 32.275101] kasan_report+0xdc/0x128 [ 32.275225] kasan_check_range+0x100/0x1a8 [ 32.275294] __kasan_check_write+0x20/0x30 [ 32.275433] kasan_atomics_helper+0x1058/0x4858 [ 32.275767] kasan_atomics+0x198/0x2e0 [ 32.275823] kunit_try_run_case+0x170/0x3f0 [ 32.275874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.275933] kthread+0x328/0x630 [ 32.276016] ret_from_fork+0x10/0x20 [ 32.276065] [ 32.276088] Allocated by task 296: [ 32.276119] kasan_save_stack+0x3c/0x68 [ 32.276173] kasan_save_track+0x20/0x40 [ 32.276214] kasan_save_alloc_info+0x40/0x58 [ 32.276262] __kasan_kmalloc+0xd4/0xd8 [ 32.276304] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.276346] kasan_atomics+0xb8/0x2e0 [ 32.276438] kunit_try_run_case+0x170/0x3f0 [ 32.276488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.276660] kthread+0x328/0x630 [ 32.276825] ret_from_fork+0x10/0x20 [ 32.276993] [ 32.277014] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.277014] which belongs to the cache kmalloc-64 of size 64 [ 32.277077] The buggy address is located 0 bytes to the right of [ 32.277077] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.277299] [ 32.277349] The buggy address belongs to the physical page: [ 32.277919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.278047] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.278108] page_type: f5(slab) [ 32.278191] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.278273] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.278317] page dumped because: kasan: bad access detected [ 32.278350] [ 32.278371] Memory state around the buggy address: [ 32.278404] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.278450] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.278745] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.278790] ^ [ 32.278864] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.278909] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.279008] ================================================================== [ 32.232008] ================================================================== [ 32.232355] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 32.232408] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.232461] [ 32.232492] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.233254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.233521] Hardware name: linux,dummy-virt (DT) [ 32.233633] Call trace: [ 32.233757] show_stack+0x20/0x38 (C) [ 32.233811] dump_stack_lvl+0x8c/0xd0 [ 32.234032] print_report+0x118/0x5d0 [ 32.234083] kasan_report+0xdc/0x128 [ 32.234141] __asan_report_store8_noabort+0x20/0x30 [ 32.234431] kasan_atomics_helper+0x3e5c/0x4858 [ 32.234646] kasan_atomics+0x198/0x2e0 [ 32.234696] kunit_try_run_case+0x170/0x3f0 [ 32.234782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.235067] kthread+0x328/0x630 [ 32.235402] ret_from_fork+0x10/0x20 [ 32.235490] [ 32.235515] Allocated by task 296: [ 32.235834] kasan_save_stack+0x3c/0x68 [ 32.235929] kasan_save_track+0x20/0x40 [ 32.235979] kasan_save_alloc_info+0x40/0x58 [ 32.236019] __kasan_kmalloc+0xd4/0xd8 [ 32.236356] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.236774] kasan_atomics+0xb8/0x2e0 [ 32.236818] kunit_try_run_case+0x170/0x3f0 [ 32.236860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.237057] kthread+0x328/0x630 [ 32.237101] ret_from_fork+0x10/0x20 [ 32.237410] [ 32.237436] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.237436] which belongs to the cache kmalloc-64 of size 64 [ 32.237654] The buggy address is located 0 bytes to the right of [ 32.237654] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.237730] [ 32.237832] The buggy address belongs to the physical page: [ 32.238089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.238202] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.238363] page_type: f5(slab) [ 32.238470] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.238525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.238787] page dumped because: kasan: bad access detected [ 32.238826] [ 32.238847] Memory state around the buggy address: [ 32.238882] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.238994] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.239193] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.239335] ^ [ 32.239376] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.239422] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.239471] ================================================================== [ 32.334233] ================================================================== [ 32.334283] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 32.334330] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.334381] [ 32.334411] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.334499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.334529] Hardware name: linux,dummy-virt (DT) [ 32.334560] Call trace: [ 32.334585] show_stack+0x20/0x38 (C) [ 32.334632] dump_stack_lvl+0x8c/0xd0 [ 32.334678] print_report+0x118/0x5d0 [ 32.334734] kasan_report+0xdc/0x128 [ 32.334777] kasan_check_range+0x100/0x1a8 [ 32.334823] __kasan_check_write+0x20/0x30 [ 32.334938] kasan_atomics_helper+0x147c/0x4858 [ 32.335707] kasan_atomics+0x198/0x2e0 [ 32.335976] kunit_try_run_case+0x170/0x3f0 [ 32.336274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.336801] kthread+0x328/0x630 [ 32.336862] ret_from_fork+0x10/0x20 [ 32.336918] [ 32.337339] Allocated by task 296: [ 32.337560] kasan_save_stack+0x3c/0x68 [ 32.337680] kasan_save_track+0x20/0x40 [ 32.337760] kasan_save_alloc_info+0x40/0x58 [ 32.337806] __kasan_kmalloc+0xd4/0xd8 [ 32.337886] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.337980] kasan_atomics+0xb8/0x2e0 [ 32.338040] kunit_try_run_case+0x170/0x3f0 [ 32.338599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.338737] kthread+0x328/0x630 [ 32.338918] ret_from_fork+0x10/0x20 [ 32.338962] [ 32.339110] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.339110] which belongs to the cache kmalloc-64 of size 64 [ 32.339195] The buggy address is located 0 bytes to the right of [ 32.339195] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.339433] [ 32.339562] The buggy address belongs to the physical page: [ 32.339603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.339658] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.339709] page_type: f5(slab) [ 32.339798] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.340012] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.340082] page dumped because: kasan: bad access detected [ 32.340147] [ 32.340167] Memory state around the buggy address: [ 32.340210] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.340293] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.340372] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.340414] ^ [ 32.340566] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.340820] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.340865] ================================================================== [ 32.112536] ================================================================== [ 32.112590] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 32.112639] Write of size 4 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.112694] [ 32.112727] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.112828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.112857] Hardware name: linux,dummy-virt (DT) [ 32.112888] Call trace: [ 32.112921] show_stack+0x20/0x38 (C) [ 32.112980] dump_stack_lvl+0x8c/0xd0 [ 32.113027] print_report+0x118/0x5d0 [ 32.113071] kasan_report+0xdc/0x128 [ 32.113114] kasan_check_range+0x100/0x1a8 [ 32.113582] __kasan_check_write+0x20/0x30 [ 32.114001] kasan_atomics_helper+0xa6c/0x4858 [ 32.114068] kasan_atomics+0x198/0x2e0 [ 32.114146] kunit_try_run_case+0x170/0x3f0 [ 32.114199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.114256] kthread+0x328/0x630 [ 32.114306] ret_from_fork+0x10/0x20 [ 32.114781] [ 32.114843] Allocated by task 296: [ 32.114897] kasan_save_stack+0x3c/0x68 [ 32.115008] kasan_save_track+0x20/0x40 [ 32.115074] kasan_save_alloc_info+0x40/0x58 [ 32.115201] __kasan_kmalloc+0xd4/0xd8 [ 32.115290] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.115560] kasan_atomics+0xb8/0x2e0 [ 32.115720] kunit_try_run_case+0x170/0x3f0 [ 32.115826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.115948] kthread+0x328/0x630 [ 32.116027] ret_from_fork+0x10/0x20 [ 32.116360] [ 32.116435] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.116435] which belongs to the cache kmalloc-64 of size 64 [ 32.116592] The buggy address is located 0 bytes to the right of [ 32.116592] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.116678] [ 32.116700] The buggy address belongs to the physical page: [ 32.116735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.117323] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.117439] page_type: f5(slab) [ 32.117533] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.117716] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.117955] page dumped because: kasan: bad access detected [ 32.118019] [ 32.118385] Memory state around the buggy address: [ 32.118485] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.118553] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.118710] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.118926] ^ [ 32.119180] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.119349] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.119693] ================================================================== [ 32.380939] ================================================================== [ 32.380994] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 32.381045] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.381382] [ 32.381433] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.381609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.381729] Hardware name: linux,dummy-virt (DT) [ 32.381762] Call trace: [ 32.381794] show_stack+0x20/0x38 (C) [ 32.381977] dump_stack_lvl+0x8c/0xd0 [ 32.382051] print_report+0x118/0x5d0 [ 32.382095] kasan_report+0xdc/0x128 [ 32.382151] kasan_check_range+0x100/0x1a8 [ 32.382198] __kasan_check_write+0x20/0x30 [ 32.382244] kasan_atomics_helper+0x16d0/0x4858 [ 32.382294] kasan_atomics+0x198/0x2e0 [ 32.382340] kunit_try_run_case+0x170/0x3f0 [ 32.382390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.382446] kthread+0x328/0x630 [ 32.382489] ret_from_fork+0x10/0x20 [ 32.382537] [ 32.382559] Allocated by task 296: [ 32.382588] kasan_save_stack+0x3c/0x68 [ 32.382630] kasan_save_track+0x20/0x40 [ 32.382679] kasan_save_alloc_info+0x40/0x58 [ 32.384816] __kasan_kmalloc+0xd4/0xd8 [ 32.384956] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.384999] kasan_atomics+0xb8/0x2e0 [ 32.385039] kunit_try_run_case+0x170/0x3f0 [ 32.385081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.385138] kthread+0x328/0x630 [ 32.385526] ret_from_fork+0x10/0x20 [ 32.385576] [ 32.385600] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.385600] which belongs to the cache kmalloc-64 of size 64 [ 32.385663] The buggy address is located 0 bytes to the right of [ 32.385663] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.385745] [ 32.385767] The buggy address belongs to the physical page: [ 32.385802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.386157] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.386218] page_type: f5(slab) [ 32.386257] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.386310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.386356] page dumped because: kasan: bad access detected [ 32.386629] [ 32.386663] Memory state around the buggy address: [ 32.386803] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.386963] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.387008] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.387050] ^ [ 32.387085] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.387470] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.387574] ================================================================== [ 32.354790] ================================================================== [ 32.354996] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 32.355047] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.355100] [ 32.355144] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.355233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.355274] Hardware name: linux,dummy-virt (DT) [ 32.355306] Call trace: [ 32.355331] show_stack+0x20/0x38 (C) [ 32.356029] dump_stack_lvl+0x8c/0xd0 [ 32.356203] print_report+0x118/0x5d0 [ 32.356257] kasan_report+0xdc/0x128 [ 32.356312] kasan_check_range+0x100/0x1a8 [ 32.356545] __kasan_check_write+0x20/0x30 [ 32.356607] kasan_atomics_helper+0x15b4/0x4858 [ 32.356659] kasan_atomics+0x198/0x2e0 [ 32.356708] kunit_try_run_case+0x170/0x3f0 [ 32.356758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.357040] kthread+0x328/0x630 [ 32.357289] ret_from_fork+0x10/0x20 [ 32.357339] [ 32.357571] Allocated by task 296: [ 32.357686] kasan_save_stack+0x3c/0x68 [ 32.357740] kasan_save_track+0x20/0x40 [ 32.357782] kasan_save_alloc_info+0x40/0x58 [ 32.357861] __kasan_kmalloc+0xd4/0xd8 [ 32.357921] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.358095] kasan_atomics+0xb8/0x2e0 [ 32.358783] kunit_try_run_case+0x170/0x3f0 [ 32.359041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.359095] kthread+0x328/0x630 [ 32.359143] ret_from_fork+0x10/0x20 [ 32.359239] [ 32.359263] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.359263] which belongs to the cache kmalloc-64 of size 64 [ 32.359333] The buggy address is located 0 bytes to the right of [ 32.359333] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.359402] [ 32.359531] The buggy address belongs to the physical page: [ 32.359817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.359876] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.359926] page_type: f5(slab) [ 32.359970] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.360486] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.360539] page dumped because: kasan: bad access detected [ 32.360803] [ 32.360850] Memory state around the buggy address: [ 32.360914] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.361027] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.361073] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.361114] ^ [ 32.361163] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.361208] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.361250] ================================================================== [ 32.130091] ================================================================== [ 32.130162] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 32.130234] Read of size 4 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.130291] [ 32.130323] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.130413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.130442] Hardware name: linux,dummy-virt (DT) [ 32.130476] Call trace: [ 32.130510] show_stack+0x20/0x38 (C) [ 32.130570] dump_stack_lvl+0x8c/0xd0 [ 32.130619] print_report+0x118/0x5d0 [ 32.130678] kasan_report+0xdc/0x128 [ 32.130998] __asan_report_load4_noabort+0x20/0x30 [ 32.131429] kasan_atomics_helper+0x3dcc/0x4858 [ 32.131523] kasan_atomics+0x198/0x2e0 [ 32.131595] kunit_try_run_case+0x170/0x3f0 [ 32.132019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.132279] kthread+0x328/0x630 [ 32.132457] ret_from_fork+0x10/0x20 [ 32.132874] [ 32.132915] Allocated by task 296: [ 32.133073] kasan_save_stack+0x3c/0x68 [ 32.133181] kasan_save_track+0x20/0x40 [ 32.133486] kasan_save_alloc_info+0x40/0x58 [ 32.133653] __kasan_kmalloc+0xd4/0xd8 [ 32.133722] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.134135] kasan_atomics+0xb8/0x2e0 [ 32.134248] kunit_try_run_case+0x170/0x3f0 [ 32.134359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.134446] kthread+0x328/0x630 [ 32.134651] ret_from_fork+0x10/0x20 [ 32.134847] [ 32.134904] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.134904] which belongs to the cache kmalloc-64 of size 64 [ 32.135207] The buggy address is located 0 bytes to the right of [ 32.135207] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.135582] [ 32.135919] The buggy address belongs to the physical page: [ 32.136103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.136221] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.136362] page_type: f5(slab) [ 32.136433] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.136515] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.136560] page dumped because: kasan: bad access detected [ 32.136749] [ 32.136942] Memory state around the buggy address: [ 32.137184] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.137425] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.137509] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.137612] ^ [ 32.137721] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.137788] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.137832] ================================================================== [ 32.348690] ================================================================== [ 32.348743] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 32.348793] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.349535] [ 32.349640] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.349813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.349844] Hardware name: linux,dummy-virt (DT) [ 32.349876] Call trace: [ 32.349907] show_stack+0x20/0x38 (C) [ 32.350140] dump_stack_lvl+0x8c/0xd0 [ 32.350188] print_report+0x118/0x5d0 [ 32.350234] kasan_report+0xdc/0x128 [ 32.350755] kasan_check_range+0x100/0x1a8 [ 32.350961] __kasan_check_write+0x20/0x30 [ 32.351075] kasan_atomics_helper+0x154c/0x4858 [ 32.351208] kasan_atomics+0x198/0x2e0 [ 32.351259] kunit_try_run_case+0x170/0x3f0 [ 32.351310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.351367] kthread+0x328/0x630 [ 32.351411] ret_from_fork+0x10/0x20 [ 32.351482] [ 32.351509] Allocated by task 296: [ 32.351540] kasan_save_stack+0x3c/0x68 [ 32.351588] kasan_save_track+0x20/0x40 [ 32.351657] kasan_save_alloc_info+0x40/0x58 [ 32.351698] __kasan_kmalloc+0xd4/0xd8 [ 32.351779] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.351983] kasan_atomics+0xb8/0x2e0 [ 32.352034] kunit_try_run_case+0x170/0x3f0 [ 32.352077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.352135] kthread+0x328/0x630 [ 32.352170] ret_from_fork+0x10/0x20 [ 32.352209] [ 32.352230] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.352230] which belongs to the cache kmalloc-64 of size 64 [ 32.352745] The buggy address is located 0 bytes to the right of [ 32.352745] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.352822] [ 32.352896] The buggy address belongs to the physical page: [ 32.353058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.353173] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.353223] page_type: f5(slab) [ 32.353261] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.353315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.353361] page dumped because: kasan: bad access detected [ 32.353395] [ 32.353418] Memory state around the buggy address: [ 32.353453] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.353500] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.353547] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.353588] ^ [ 32.353624] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.353669] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.353712] ================================================================== [ 32.255968] ================================================================== [ 32.256162] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 32.256215] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.256599] [ 32.256667] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.256971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.257014] Hardware name: linux,dummy-virt (DT) [ 32.257225] Call trace: [ 32.257400] show_stack+0x20/0x38 (C) [ 32.257456] dump_stack_lvl+0x8c/0xd0 [ 32.257504] print_report+0x118/0x5d0 [ 32.257548] kasan_report+0xdc/0x128 [ 32.257594] kasan_check_range+0x100/0x1a8 [ 32.257641] __kasan_check_write+0x20/0x30 [ 32.258300] kasan_atomics_helper+0xf88/0x4858 [ 32.258371] kasan_atomics+0x198/0x2e0 [ 32.258420] kunit_try_run_case+0x170/0x3f0 [ 32.258715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.258835] kthread+0x328/0x630 [ 32.259012] ret_from_fork+0x10/0x20 [ 32.259187] [ 32.259676] Allocated by task 296: [ 32.260112] kasan_save_stack+0x3c/0x68 [ 32.260258] kasan_save_track+0x20/0x40 [ 32.260526] kasan_save_alloc_info+0x40/0x58 [ 32.260693] __kasan_kmalloc+0xd4/0xd8 [ 32.260735] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.260992] kasan_atomics+0xb8/0x2e0 [ 32.261121] kunit_try_run_case+0x170/0x3f0 [ 32.261193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.261542] kthread+0x328/0x630 [ 32.261583] ret_from_fork+0x10/0x20 [ 32.261972] [ 32.262038] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.262038] which belongs to the cache kmalloc-64 of size 64 [ 32.262615] The buggy address is located 0 bytes to the right of [ 32.262615] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.262821] [ 32.262853] The buggy address belongs to the physical page: [ 32.262938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.262995] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.263053] page_type: f5(slab) [ 32.263092] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.263700] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.263876] page dumped because: kasan: bad access detected [ 32.263924] [ 32.263999] Memory state around the buggy address: [ 32.264032] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.264204] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.264252] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.264293] ^ [ 32.264327] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.264373] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.264414] ================================================================== [ 32.317679] ================================================================== [ 32.318049] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 32.318172] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.318346] [ 32.318416] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.318506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.318540] Hardware name: linux,dummy-virt (DT) [ 32.318691] Call trace: [ 32.318728] show_stack+0x20/0x38 (C) [ 32.318778] dump_stack_lvl+0x8c/0xd0 [ 32.318824] print_report+0x118/0x5d0 [ 32.318960] kasan_report+0xdc/0x128 [ 32.319493] kasan_check_range+0x100/0x1a8 [ 32.319604] __kasan_check_write+0x20/0x30 [ 32.319686] kasan_atomics_helper+0x1384/0x4858 [ 32.319738] kasan_atomics+0x198/0x2e0 [ 32.319786] kunit_try_run_case+0x170/0x3f0 [ 32.319968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.320027] kthread+0x328/0x630 [ 32.320293] ret_from_fork+0x10/0x20 [ 32.320460] [ 32.320485] Allocated by task 296: [ 32.320514] kasan_save_stack+0x3c/0x68 [ 32.320559] kasan_save_track+0x20/0x40 [ 32.320773] kasan_save_alloc_info+0x40/0x58 [ 32.320940] __kasan_kmalloc+0xd4/0xd8 [ 32.320982] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.321025] kasan_atomics+0xb8/0x2e0 [ 32.321443] kunit_try_run_case+0x170/0x3f0 [ 32.321496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.321564] kthread+0x328/0x630 [ 32.321668] ret_from_fork+0x10/0x20 [ 32.321706] [ 32.321728] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.321728] which belongs to the cache kmalloc-64 of size 64 [ 32.321963] The buggy address is located 0 bytes to the right of [ 32.321963] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.322033] [ 32.322054] The buggy address belongs to the physical page: [ 32.322095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.322453] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.322509] page_type: f5(slab) [ 32.322547] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.322601] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.323105] page dumped because: kasan: bad access detected [ 32.323156] [ 32.323177] Memory state around the buggy address: [ 32.323486] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.323670] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.323741] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.323796] ^ [ 32.323895] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.323940] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.323982] ================================================================== [ 32.341181] ================================================================== [ 32.341254] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 32.341304] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.341538] [ 32.341954] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.342247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.342277] Hardware name: linux,dummy-virt (DT) [ 32.342309] Call trace: [ 32.342334] show_stack+0x20/0x38 (C) [ 32.342384] dump_stack_lvl+0x8c/0xd0 [ 32.342432] print_report+0x118/0x5d0 [ 32.342477] kasan_report+0xdc/0x128 [ 32.342520] kasan_check_range+0x100/0x1a8 [ 32.342565] __kasan_check_write+0x20/0x30 [ 32.342613] kasan_atomics_helper+0x14e4/0x4858 [ 32.342664] kasan_atomics+0x198/0x2e0 [ 32.342713] kunit_try_run_case+0x170/0x3f0 [ 32.342770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.342970] kthread+0x328/0x630 [ 32.343014] ret_from_fork+0x10/0x20 [ 32.343399] [ 32.343532] Allocated by task 296: [ 32.343565] kasan_save_stack+0x3c/0x68 [ 32.343952] kasan_save_track+0x20/0x40 [ 32.344120] kasan_save_alloc_info+0x40/0x58 [ 32.344346] __kasan_kmalloc+0xd4/0xd8 [ 32.344393] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.344436] kasan_atomics+0xb8/0x2e0 [ 32.344477] kunit_try_run_case+0x170/0x3f0 [ 32.344520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.344567] kthread+0x328/0x630 [ 32.344893] ret_from_fork+0x10/0x20 [ 32.345406] [ 32.345548] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.345548] which belongs to the cache kmalloc-64 of size 64 [ 32.345614] The buggy address is located 0 bytes to the right of [ 32.345614] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.345684] [ 32.345712] The buggy address belongs to the physical page: [ 32.345866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.346099] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.346175] page_type: f5(slab) [ 32.346215] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.346363] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.346462] page dumped because: kasan: bad access detected [ 32.346574] [ 32.346594] Memory state around the buggy address: [ 32.346629] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.346675] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.346721] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.346762] ^ [ 32.346799] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.346975] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.347325] ================================================================== [ 32.330860] ================================================================== [ 32.330987] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 32.331053] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.331106] [ 32.331158] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.331384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.331444] Hardware name: linux,dummy-virt (DT) [ 32.331489] Call trace: [ 32.331517] show_stack+0x20/0x38 (C) [ 32.331569] dump_stack_lvl+0x8c/0xd0 [ 32.331614] print_report+0x118/0x5d0 [ 32.331660] kasan_report+0xdc/0x128 [ 32.331704] kasan_check_range+0x100/0x1a8 [ 32.331750] __kasan_check_write+0x20/0x30 [ 32.331796] kasan_atomics_helper+0x1414/0x4858 [ 32.331847] kasan_atomics+0x198/0x2e0 [ 32.331895] kunit_try_run_case+0x170/0x3f0 [ 32.331946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.332001] kthread+0x328/0x630 [ 32.332045] ret_from_fork+0x10/0x20 [ 32.332093] [ 32.332114] Allocated by task 296: [ 32.332151] kasan_save_stack+0x3c/0x68 [ 32.332195] kasan_save_track+0x20/0x40 [ 32.332272] kasan_save_alloc_info+0x40/0x58 [ 32.332353] __kasan_kmalloc+0xd4/0xd8 [ 32.332472] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.332515] kasan_atomics+0xb8/0x2e0 [ 32.332554] kunit_try_run_case+0x170/0x3f0 [ 32.332866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.332946] kthread+0x328/0x630 [ 32.332984] ret_from_fork+0x10/0x20 [ 32.333022] [ 32.333044] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.333044] which belongs to the cache kmalloc-64 of size 64 [ 32.333106] The buggy address is located 0 bytes to the right of [ 32.333106] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.333187] [ 32.333209] The buggy address belongs to the physical page: [ 32.333243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.333296] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.333346] page_type: f5(slab) [ 32.333385] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.333439] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.333483] page dumped because: kasan: bad access detected [ 32.333517] [ 32.333536] Memory state around the buggy address: [ 32.333570] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.333615] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.333660] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.333702] ^ [ 32.333737] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.333783] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.333824] ================================================================== [ 32.294206] ================================================================== [ 32.294456] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 32.294846] Write of size 8 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.295340] [ 32.295376] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.295634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.295668] Hardware name: linux,dummy-virt (DT) [ 32.295884] Call trace: [ 32.296013] show_stack+0x20/0x38 (C) [ 32.296305] dump_stack_lvl+0x8c/0xd0 [ 32.296410] print_report+0x118/0x5d0 [ 32.296564] kasan_report+0xdc/0x128 [ 32.296635] kasan_check_range+0x100/0x1a8 [ 32.296684] __kasan_check_write+0x20/0x30 [ 32.296822] kasan_atomics_helper+0x11f8/0x4858 [ 32.296904] kasan_atomics+0x198/0x2e0 [ 32.296954] kunit_try_run_case+0x170/0x3f0 [ 32.297007] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.297068] kthread+0x328/0x630 [ 32.297399] ret_from_fork+0x10/0x20 [ 32.297465] [ 32.297488] Allocated by task 296: [ 32.298157] kasan_save_stack+0x3c/0x68 [ 32.298499] kasan_save_track+0x20/0x40 [ 32.298544] kasan_save_alloc_info+0x40/0x58 [ 32.298719] __kasan_kmalloc+0xd4/0xd8 [ 32.298903] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.299001] kasan_atomics+0xb8/0x2e0 [ 32.299045] kunit_try_run_case+0x170/0x3f0 [ 32.299089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.299239] kthread+0x328/0x630 [ 32.299445] ret_from_fork+0x10/0x20 [ 32.299585] [ 32.299608] The buggy address belongs to the object at fff00000c9bc6c80 [ 32.299608] which belongs to the cache kmalloc-64 of size 64 [ 32.299677] The buggy address is located 0 bytes to the right of [ 32.299677] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.299746] [ 32.299768] The buggy address belongs to the physical page: [ 32.299988] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.300490] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.300549] page_type: f5(slab) [ 32.300770] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.301300] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.301434] page dumped because: kasan: bad access detected [ 32.301479] [ 32.301592] Memory state around the buggy address: [ 32.301629] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.301677] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.301912] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.302267] ^ [ 32.302347] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.302396] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.302437] ================================================================== [ 32.103789] ================================================================== [ 32.104211] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 32.104384] Write of size 4 at addr fff00000c9bc6cb0 by task kunit_try_catch/296 [ 32.104709] [ 32.104761] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT [ 32.106207] kasan_atomics_helper+0xa04/0x4858 [ 32.107167] ret_from_fork+0x10/0x20 [ 32.109901] The buggy address is located 0 bytes to the right of [ 32.109901] allocated 48-byte region [fff00000c9bc6c80, fff00000c9bc6cb0) [ 32.110004] [ 32.110058] The buggy address belongs to the physical page: [ 32.110094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bc6 [ 32.110353] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.110855] page_type: f5(slab) [ 32.110934] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.111066] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.111114] page dumped because: kasan: bad access detected [ 32.111261] [ 32.111287] Memory state around the buggy address: [ 32.111363] fff00000c9bc6b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.111610] fff00000c9bc6c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.111688] >fff00000c9bc6c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.111757] ^ [ 32.111796] fff00000c9bc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.111854] fff00000c9bc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.111896] ==================================================================
[ 28.842720] ================================================================== [ 28.843498] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 28.843797] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.844030] [ 28.844110] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.844159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.844173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.844195] Call Trace: [ 28.844211] <TASK> [ 28.844228] dump_stack_lvl+0x73/0xb0 [ 28.844256] print_report+0xd1/0x610 [ 28.844282] ? __virt_addr_valid+0x1db/0x2d0 [ 28.844308] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.844330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.844359] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.844383] kasan_report+0x141/0x180 [ 28.844407] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.844435] kasan_check_range+0x10c/0x1c0 [ 28.844460] __kasan_check_write+0x18/0x20 [ 28.844501] kasan_atomics_helper+0x1eaa/0x5450 [ 28.844526] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.844550] ? ret_from_fork_asm+0x1a/0x30 [ 28.844580] kasan_atomics+0x1dc/0x310 [ 28.844604] ? __pfx_kasan_atomics+0x10/0x10 [ 28.844630] ? __pfx_read_tsc+0x10/0x10 [ 28.844654] ? ktime_get_ts64+0x86/0x230 [ 28.844681] kunit_try_run_case+0x1a5/0x480 [ 28.844716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.844738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.844764] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.844789] ? __kthread_parkme+0x82/0x180 [ 28.844812] ? preempt_count_sub+0x50/0x80 [ 28.844837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.844861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.844888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.844915] kthread+0x337/0x6f0 [ 28.844937] ? trace_preempt_on+0x20/0xc0 [ 28.844962] ? __pfx_kthread+0x10/0x10 [ 28.844984] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.845007] ? calculate_sigpending+0x7b/0xa0 [ 28.845034] ? __pfx_kthread+0x10/0x10 [ 28.845057] ret_from_fork+0x116/0x1d0 [ 28.845080] ? __pfx_kthread+0x10/0x10 [ 28.845103] ret_from_fork_asm+0x1a/0x30 [ 28.845136] </TASK> [ 28.845150] [ 28.851964] Allocated by task 313: [ 28.852144] kasan_save_stack+0x45/0x70 [ 28.852343] kasan_save_track+0x18/0x40 [ 28.852600] kasan_save_alloc_info+0x3b/0x50 [ 28.852764] __kasan_kmalloc+0xb7/0xc0 [ 28.852938] __kmalloc_cache_noprof+0x189/0x420 [ 28.853155] kasan_atomics+0x95/0x310 [ 28.853321] kunit_try_run_case+0x1a5/0x480 [ 28.853464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.853742] kthread+0x337/0x6f0 [ 28.853912] ret_from_fork+0x116/0x1d0 [ 28.854084] ret_from_fork_asm+0x1a/0x30 [ 28.854246] [ 28.854338] The buggy address belongs to the object at ffff88810439e280 [ 28.854338] which belongs to the cache kmalloc-64 of size 64 [ 28.854835] The buggy address is located 0 bytes to the right of [ 28.854835] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.855248] [ 28.855317] The buggy address belongs to the physical page: [ 28.855487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.855874] flags: 0x200000000000000(node=0|zone=2) [ 28.856106] page_type: f5(slab) [ 28.856270] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.856570] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.856805] page dumped because: kasan: bad access detected [ 28.856973] [ 28.857039] Memory state around the buggy address: [ 28.857264] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.857695] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.858026] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.858346] ^ [ 28.858568] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.859139] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.859369] ================================================================== [ 28.604147] ================================================================== [ 28.604558] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 28.604864] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.605202] [ 28.605333] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.605390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.605404] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.605426] Call Trace: [ 28.605452] <TASK> [ 28.605468] dump_stack_lvl+0x73/0xb0 [ 28.605507] print_report+0xd1/0x610 [ 28.605532] ? __virt_addr_valid+0x1db/0x2d0 [ 28.605557] ? kasan_atomics_helper+0x1818/0x5450 [ 28.605579] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.605606] ? kasan_atomics_helper+0x1818/0x5450 [ 28.605629] kasan_report+0x141/0x180 [ 28.605653] ? kasan_atomics_helper+0x1818/0x5450 [ 28.605680] kasan_check_range+0x10c/0x1c0 [ 28.605726] __kasan_check_write+0x18/0x20 [ 28.605750] kasan_atomics_helper+0x1818/0x5450 [ 28.605774] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.605798] ? ret_from_fork_asm+0x1a/0x30 [ 28.605827] kasan_atomics+0x1dc/0x310 [ 28.605860] ? __pfx_kasan_atomics+0x10/0x10 [ 28.605885] ? __pfx_read_tsc+0x10/0x10 [ 28.605920] ? ktime_get_ts64+0x86/0x230 [ 28.605945] kunit_try_run_case+0x1a5/0x480 [ 28.605969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.605991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.606024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.606048] ? __kthread_parkme+0x82/0x180 [ 28.606070] ? preempt_count_sub+0x50/0x80 [ 28.606105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.606128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.606154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.606189] kthread+0x337/0x6f0 [ 28.606211] ? trace_preempt_on+0x20/0xc0 [ 28.606234] ? __pfx_kthread+0x10/0x10 [ 28.606267] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.606290] ? calculate_sigpending+0x7b/0xa0 [ 28.606315] ? __pfx_kthread+0x10/0x10 [ 28.606347] ret_from_fork+0x116/0x1d0 [ 28.606368] ? __pfx_kthread+0x10/0x10 [ 28.606390] ret_from_fork_asm+0x1a/0x30 [ 28.606431] </TASK> [ 28.606443] [ 28.617297] Allocated by task 313: [ 28.618116] kasan_save_stack+0x45/0x70 [ 28.618875] kasan_save_track+0x18/0x40 [ 28.619276] kasan_save_alloc_info+0x3b/0x50 [ 28.619438] __kasan_kmalloc+0xb7/0xc0 [ 28.619575] __kmalloc_cache_noprof+0x189/0x420 [ 28.619736] kasan_atomics+0x95/0x310 [ 28.619868] kunit_try_run_case+0x1a5/0x480 [ 28.620007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.620175] kthread+0x337/0x6f0 [ 28.620292] ret_from_fork+0x116/0x1d0 [ 28.620420] ret_from_fork_asm+0x1a/0x30 [ 28.620553] [ 28.620618] The buggy address belongs to the object at ffff88810439e280 [ 28.620618] which belongs to the cache kmalloc-64 of size 64 [ 28.623365] The buggy address is located 0 bytes to the right of [ 28.623365] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.624213] [ 28.624538] The buggy address belongs to the physical page: [ 28.624883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.625325] flags: 0x200000000000000(node=0|zone=2) [ 28.625690] page_type: f5(slab) [ 28.625872] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.626343] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.626865] page dumped because: kasan: bad access detected [ 28.627206] [ 28.627307] Memory state around the buggy address: [ 28.627732] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.628139] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.628517] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.628932] ^ [ 28.629184] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.629490] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.630050] ================================================================== [ 28.788634] ================================================================== [ 28.789089] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 28.789343] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.789872] [ 28.789979] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.790027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.790041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.790064] Call Trace: [ 28.790080] <TASK> [ 28.790097] dump_stack_lvl+0x73/0xb0 [ 28.790125] print_report+0xd1/0x610 [ 28.790150] ? __virt_addr_valid+0x1db/0x2d0 [ 28.790175] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.790199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.790226] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.790250] kasan_report+0x141/0x180 [ 28.790274] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.790302] kasan_check_range+0x10c/0x1c0 [ 28.790328] __kasan_check_write+0x18/0x20 [ 28.790353] kasan_atomics_helper+0x1ce1/0x5450 [ 28.790377] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.790402] ? ret_from_fork_asm+0x1a/0x30 [ 28.790431] kasan_atomics+0x1dc/0x310 [ 28.790455] ? __pfx_kasan_atomics+0x10/0x10 [ 28.790481] ? __pfx_read_tsc+0x10/0x10 [ 28.790505] ? ktime_get_ts64+0x86/0x230 [ 28.790530] kunit_try_run_case+0x1a5/0x480 [ 28.790554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.790575] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.790601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.790644] ? __kthread_parkme+0x82/0x180 [ 28.790666] ? preempt_count_sub+0x50/0x80 [ 28.790691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.790728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.790754] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.790782] kthread+0x337/0x6f0 [ 28.790803] ? trace_preempt_on+0x20/0xc0 [ 28.790828] ? __pfx_kthread+0x10/0x10 [ 28.790851] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.790874] ? calculate_sigpending+0x7b/0xa0 [ 28.790900] ? __pfx_kthread+0x10/0x10 [ 28.790923] ret_from_fork+0x116/0x1d0 [ 28.790945] ? __pfx_kthread+0x10/0x10 [ 28.790968] ret_from_fork_asm+0x1a/0x30 [ 28.790999] </TASK> [ 28.791012] [ 28.798438] Allocated by task 313: [ 28.798715] kasan_save_stack+0x45/0x70 [ 28.798858] kasan_save_track+0x18/0x40 [ 28.799038] kasan_save_alloc_info+0x3b/0x50 [ 28.799249] __kasan_kmalloc+0xb7/0xc0 [ 28.799437] __kmalloc_cache_noprof+0x189/0x420 [ 28.799776] kasan_atomics+0x95/0x310 [ 28.799915] kunit_try_run_case+0x1a5/0x480 [ 28.800057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.800263] kthread+0x337/0x6f0 [ 28.800425] ret_from_fork+0x116/0x1d0 [ 28.800608] ret_from_fork_asm+0x1a/0x30 [ 28.800811] [ 28.800903] The buggy address belongs to the object at ffff88810439e280 [ 28.800903] which belongs to the cache kmalloc-64 of size 64 [ 28.801272] The buggy address is located 0 bytes to the right of [ 28.801272] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.802145] [ 28.802230] The buggy address belongs to the physical page: [ 28.802480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.802813] flags: 0x200000000000000(node=0|zone=2) [ 28.803003] page_type: f5(slab) [ 28.803164] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.803434] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.803899] page dumped because: kasan: bad access detected [ 28.804083] [ 28.804153] Memory state around the buggy address: [ 28.804308] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.804523] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.804805] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.805121] ^ [ 28.805340] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.805655] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.806075] ================================================================== [ 29.050911] ================================================================== [ 29.051496] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 29.051786] Read of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 29.052075] [ 29.052181] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 29.052230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.052244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.052268] Call Trace: [ 29.052286] <TASK> [ 29.052303] dump_stack_lvl+0x73/0xb0 [ 29.052331] print_report+0xd1/0x610 [ 29.052357] ? __virt_addr_valid+0x1db/0x2d0 [ 29.052383] ? kasan_atomics_helper+0x5115/0x5450 [ 29.052407] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.052436] ? kasan_atomics_helper+0x5115/0x5450 [ 29.052461] kasan_report+0x141/0x180 [ 29.052484] ? kasan_atomics_helper+0x5115/0x5450 [ 29.052511] __asan_report_load8_noabort+0x18/0x20 [ 29.052536] kasan_atomics_helper+0x5115/0x5450 [ 29.052559] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.052583] ? ret_from_fork_asm+0x1a/0x30 [ 29.052611] kasan_atomics+0x1dc/0x310 [ 29.052636] ? __pfx_kasan_atomics+0x10/0x10 [ 29.052661] ? __pfx_read_tsc+0x10/0x10 [ 29.052685] ? ktime_get_ts64+0x86/0x230 [ 29.052721] kunit_try_run_case+0x1a5/0x480 [ 29.052745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.052778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.052804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.052829] ? __kthread_parkme+0x82/0x180 [ 29.052851] ? preempt_count_sub+0x50/0x80 [ 29.052876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.052899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.052925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.052952] kthread+0x337/0x6f0 [ 29.052973] ? trace_preempt_on+0x20/0xc0 [ 29.052996] ? __pfx_kthread+0x10/0x10 [ 29.053019] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.053041] ? calculate_sigpending+0x7b/0xa0 [ 29.053066] ? __pfx_kthread+0x10/0x10 [ 29.053089] ret_from_fork+0x116/0x1d0 [ 29.053110] ? __pfx_kthread+0x10/0x10 [ 29.053132] ret_from_fork_asm+0x1a/0x30 [ 29.053164] </TASK> [ 29.053177] [ 29.060196] Allocated by task 313: [ 29.060368] kasan_save_stack+0x45/0x70 [ 29.060523] kasan_save_track+0x18/0x40 [ 29.060726] kasan_save_alloc_info+0x3b/0x50 [ 29.060920] __kasan_kmalloc+0xb7/0xc0 [ 29.061048] __kmalloc_cache_noprof+0x189/0x420 [ 29.061200] kasan_atomics+0x95/0x310 [ 29.061454] kunit_try_run_case+0x1a5/0x480 [ 29.061668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.061929] kthread+0x337/0x6f0 [ 29.062088] ret_from_fork+0x116/0x1d0 [ 29.062219] ret_from_fork_asm+0x1a/0x30 [ 29.062357] [ 29.062439] The buggy address belongs to the object at ffff88810439e280 [ 29.062439] which belongs to the cache kmalloc-64 of size 64 [ 29.063294] The buggy address is located 0 bytes to the right of [ 29.063294] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 29.063706] [ 29.063776] The buggy address belongs to the physical page: [ 29.063954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 29.064491] flags: 0x200000000000000(node=0|zone=2) [ 29.064726] page_type: f5(slab) [ 29.064890] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.065228] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.065502] page dumped because: kasan: bad access detected [ 29.065760] [ 29.065828] Memory state around the buggy address: [ 29.065980] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.066195] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.066525] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.066860] ^ [ 29.067054] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.067306] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.067636] ================================================================== [ 28.088632] ================================================================== [ 28.089183] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 28.089493] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.090344] [ 28.090783] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.090840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.090855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.090941] Call Trace: [ 28.090961] <TASK> [ 28.091003] dump_stack_lvl+0x73/0xb0 [ 28.091036] print_report+0xd1/0x610 [ 28.091063] ? __virt_addr_valid+0x1db/0x2d0 [ 28.091089] ? kasan_atomics_helper+0xe78/0x5450 [ 28.091112] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.091141] ? kasan_atomics_helper+0xe78/0x5450 [ 28.091163] kasan_report+0x141/0x180 [ 28.091186] ? kasan_atomics_helper+0xe78/0x5450 [ 28.091214] kasan_check_range+0x10c/0x1c0 [ 28.091832] __kasan_check_write+0x18/0x20 [ 28.091867] kasan_atomics_helper+0xe78/0x5450 [ 28.091893] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.091918] ? ret_from_fork_asm+0x1a/0x30 [ 28.091948] kasan_atomics+0x1dc/0x310 [ 28.091973] ? __pfx_kasan_atomics+0x10/0x10 [ 28.091998] ? __pfx_read_tsc+0x10/0x10 [ 28.092023] ? ktime_get_ts64+0x86/0x230 [ 28.092050] kunit_try_run_case+0x1a5/0x480 [ 28.092075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.092097] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.092122] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.092148] ? __kthread_parkme+0x82/0x180 [ 28.092170] ? preempt_count_sub+0x50/0x80 [ 28.092196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.092220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.092249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.092277] kthread+0x337/0x6f0 [ 28.092299] ? trace_preempt_on+0x20/0xc0 [ 28.092324] ? __pfx_kthread+0x10/0x10 [ 28.092347] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.092370] ? calculate_sigpending+0x7b/0xa0 [ 28.092396] ? __pfx_kthread+0x10/0x10 [ 28.092419] ret_from_fork+0x116/0x1d0 [ 28.092440] ? __pfx_kthread+0x10/0x10 [ 28.092463] ret_from_fork_asm+0x1a/0x30 [ 28.092495] </TASK> [ 28.092508] [ 28.107173] Allocated by task 313: [ 28.107361] kasan_save_stack+0x45/0x70 [ 28.107791] kasan_save_track+0x18/0x40 [ 28.108282] kasan_save_alloc_info+0x3b/0x50 [ 28.108615] __kasan_kmalloc+0xb7/0xc0 [ 28.108949] __kmalloc_cache_noprof+0x189/0x420 [ 28.109356] kasan_atomics+0x95/0x310 [ 28.109788] kunit_try_run_case+0x1a5/0x480 [ 28.110163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.110414] kthread+0x337/0x6f0 [ 28.110739] ret_from_fork+0x116/0x1d0 [ 28.111174] ret_from_fork_asm+0x1a/0x30 [ 28.111443] [ 28.111678] The buggy address belongs to the object at ffff88810439e280 [ 28.111678] which belongs to the cache kmalloc-64 of size 64 [ 28.112719] The buggy address is located 0 bytes to the right of [ 28.112719] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.113734] [ 28.113955] The buggy address belongs to the physical page: [ 28.114303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.115220] flags: 0x200000000000000(node=0|zone=2) [ 28.115453] page_type: f5(slab) [ 28.115927] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.116378] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.117114] page dumped because: kasan: bad access detected [ 28.117361] [ 28.117450] Memory state around the buggy address: [ 28.118028] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.118347] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.119162] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.120059] ^ [ 28.120293] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.120954] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.121400] ================================================================== [ 28.012071] ================================================================== [ 28.012418] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 28.012770] Read of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.012993] [ 28.013091] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.013154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.013168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.013191] Call Trace: [ 28.013205] <TASK> [ 28.013223] dump_stack_lvl+0x73/0xb0 [ 28.013250] print_report+0xd1/0x610 [ 28.013275] ? __virt_addr_valid+0x1db/0x2d0 [ 28.013299] ? kasan_atomics_helper+0x4a84/0x5450 [ 28.013322] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.013351] ? kasan_atomics_helper+0x4a84/0x5450 [ 28.013373] kasan_report+0x141/0x180 [ 28.013397] ? kasan_atomics_helper+0x4a84/0x5450 [ 28.013424] __asan_report_load4_noabort+0x18/0x20 [ 28.013450] kasan_atomics_helper+0x4a84/0x5450 [ 28.013474] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.013516] ? ret_from_fork_asm+0x1a/0x30 [ 28.013545] kasan_atomics+0x1dc/0x310 [ 28.013569] ? __pfx_kasan_atomics+0x10/0x10 [ 28.013594] ? __pfx_read_tsc+0x10/0x10 [ 28.013618] ? ktime_get_ts64+0x86/0x230 [ 28.013644] kunit_try_run_case+0x1a5/0x480 [ 28.013668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.013689] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.013726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.013751] ? __kthread_parkme+0x82/0x180 [ 28.013773] ? preempt_count_sub+0x50/0x80 [ 28.013798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.013821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.013848] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.013875] kthread+0x337/0x6f0 [ 28.013895] ? trace_preempt_on+0x20/0xc0 [ 28.013920] ? __pfx_kthread+0x10/0x10 [ 28.013943] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.013965] ? calculate_sigpending+0x7b/0xa0 [ 28.013990] ? __pfx_kthread+0x10/0x10 [ 28.014014] ret_from_fork+0x116/0x1d0 [ 28.014035] ? __pfx_kthread+0x10/0x10 [ 28.014057] ret_from_fork_asm+0x1a/0x30 [ 28.014088] </TASK> [ 28.014101] [ 28.025338] Allocated by task 313: [ 28.025967] kasan_save_stack+0x45/0x70 [ 28.026165] kasan_save_track+0x18/0x40 [ 28.026351] kasan_save_alloc_info+0x3b/0x50 [ 28.026883] __kasan_kmalloc+0xb7/0xc0 [ 28.027155] __kmalloc_cache_noprof+0x189/0x420 [ 28.027550] kasan_atomics+0x95/0x310 [ 28.027749] kunit_try_run_case+0x1a5/0x480 [ 28.028010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.028249] kthread+0x337/0x6f0 [ 28.028406] ret_from_fork+0x116/0x1d0 [ 28.029163] ret_from_fork_asm+0x1a/0x30 [ 28.029491] [ 28.029722] The buggy address belongs to the object at ffff88810439e280 [ 28.029722] which belongs to the cache kmalloc-64 of size 64 [ 28.030354] The buggy address is located 0 bytes to the right of [ 28.030354] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.031416] [ 28.031550] The buggy address belongs to the physical page: [ 28.031999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.032344] flags: 0x200000000000000(node=0|zone=2) [ 28.033103] page_type: f5(slab) [ 28.033305] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.033906] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.034217] page dumped because: kasan: bad access detected [ 28.034451] [ 28.034895] Memory state around the buggy address: [ 28.035305] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.035883] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.036383] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.037179] ^ [ 28.037623] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.038164] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.038469] ================================================================== [ 28.806535] ================================================================== [ 28.806955] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 28.807365] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.807683] [ 28.807779] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.807831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.807852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.807874] Call Trace: [ 28.807890] <TASK> [ 28.807906] dump_stack_lvl+0x73/0xb0 [ 28.807935] print_report+0xd1/0x610 [ 28.807962] ? __virt_addr_valid+0x1db/0x2d0 [ 28.807988] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.808011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.808040] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.808063] kasan_report+0x141/0x180 [ 28.808087] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.808114] kasan_check_range+0x10c/0x1c0 [ 28.808140] __kasan_check_write+0x18/0x20 [ 28.808165] kasan_atomics_helper+0x1d7a/0x5450 [ 28.808189] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.808213] ? ret_from_fork_asm+0x1a/0x30 [ 28.808243] kasan_atomics+0x1dc/0x310 [ 28.808266] ? __pfx_kasan_atomics+0x10/0x10 [ 28.808293] ? __pfx_read_tsc+0x10/0x10 [ 28.808317] ? ktime_get_ts64+0x86/0x230 [ 28.808343] kunit_try_run_case+0x1a5/0x480 [ 28.808367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.808390] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.808415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.808440] ? __kthread_parkme+0x82/0x180 [ 28.808463] ? preempt_count_sub+0x50/0x80 [ 28.808488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.808523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.808550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.808577] kthread+0x337/0x6f0 [ 28.808598] ? trace_preempt_on+0x20/0xc0 [ 28.808623] ? __pfx_kthread+0x10/0x10 [ 28.808646] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.808669] ? calculate_sigpending+0x7b/0xa0 [ 28.808695] ? __pfx_kthread+0x10/0x10 [ 28.808727] ret_from_fork+0x116/0x1d0 [ 28.808749] ? __pfx_kthread+0x10/0x10 [ 28.808772] ret_from_fork_asm+0x1a/0x30 [ 28.808805] </TASK> [ 28.808818] [ 28.815991] Allocated by task 313: [ 28.816146] kasan_save_stack+0x45/0x70 [ 28.816323] kasan_save_track+0x18/0x40 [ 28.816502] kasan_save_alloc_info+0x3b/0x50 [ 28.816686] __kasan_kmalloc+0xb7/0xc0 [ 28.816856] __kmalloc_cache_noprof+0x189/0x420 [ 28.817051] kasan_atomics+0x95/0x310 [ 28.817220] kunit_try_run_case+0x1a5/0x480 [ 28.817419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.817636] kthread+0x337/0x6f0 [ 28.817789] ret_from_fork+0x116/0x1d0 [ 28.817979] ret_from_fork_asm+0x1a/0x30 [ 28.818173] [ 28.818263] The buggy address belongs to the object at ffff88810439e280 [ 28.818263] which belongs to the cache kmalloc-64 of size 64 [ 28.818763] The buggy address is located 0 bytes to the right of [ 28.818763] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.819267] [ 28.819341] The buggy address belongs to the physical page: [ 28.819589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.819924] flags: 0x200000000000000(node=0|zone=2) [ 28.820156] page_type: f5(slab) [ 28.820274] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.820512] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.820957] page dumped because: kasan: bad access detected [ 28.821163] [ 28.821229] Memory state around the buggy address: [ 28.821442] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.821978] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.822260] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.822522] ^ [ 28.822727] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.823033] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.823304] ================================================================== [ 27.916744] ================================================================== [ 27.917062] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 27.917294] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.917635] [ 27.917753] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.917801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.917814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.917837] Call Trace: [ 27.917851] <TASK> [ 27.917867] dump_stack_lvl+0x73/0xb0 [ 27.917895] print_report+0xd1/0x610 [ 27.917919] ? __virt_addr_valid+0x1db/0x2d0 [ 27.917945] ? kasan_atomics_helper+0x992/0x5450 [ 27.917968] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.917996] ? kasan_atomics_helper+0x992/0x5450 [ 27.918018] kasan_report+0x141/0x180 [ 27.918042] ? kasan_atomics_helper+0x992/0x5450 [ 27.918069] kasan_check_range+0x10c/0x1c0 [ 27.918094] __kasan_check_write+0x18/0x20 [ 27.918119] kasan_atomics_helper+0x992/0x5450 [ 27.918143] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.918166] ? ret_from_fork_asm+0x1a/0x30 [ 27.918197] kasan_atomics+0x1dc/0x310 [ 27.918221] ? __pfx_kasan_atomics+0x10/0x10 [ 27.918247] ? __pfx_read_tsc+0x10/0x10 [ 27.918270] ? ktime_get_ts64+0x86/0x230 [ 27.918296] kunit_try_run_case+0x1a5/0x480 [ 27.918320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.918342] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.918368] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.918393] ? __kthread_parkme+0x82/0x180 [ 27.918415] ? preempt_count_sub+0x50/0x80 [ 27.918440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.918464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.918509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.918537] kthread+0x337/0x6f0 [ 27.918559] ? trace_preempt_on+0x20/0xc0 [ 27.918583] ? __pfx_kthread+0x10/0x10 [ 27.918606] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.918629] ? calculate_sigpending+0x7b/0xa0 [ 27.918655] ? __pfx_kthread+0x10/0x10 [ 27.918678] ret_from_fork+0x116/0x1d0 [ 27.918711] ? __pfx_kthread+0x10/0x10 [ 27.918734] ret_from_fork_asm+0x1a/0x30 [ 27.918766] </TASK> [ 27.918778] [ 27.926899] Allocated by task 313: [ 27.927063] kasan_save_stack+0x45/0x70 [ 27.927232] kasan_save_track+0x18/0x40 [ 27.927369] kasan_save_alloc_info+0x3b/0x50 [ 27.927643] __kasan_kmalloc+0xb7/0xc0 [ 27.927957] __kmalloc_cache_noprof+0x189/0x420 [ 27.928183] kasan_atomics+0x95/0x310 [ 27.928360] kunit_try_run_case+0x1a5/0x480 [ 27.928573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.928975] kthread+0x337/0x6f0 [ 27.929137] ret_from_fork+0x116/0x1d0 [ 27.929309] ret_from_fork_asm+0x1a/0x30 [ 27.929486] [ 27.929589] The buggy address belongs to the object at ffff88810439e280 [ 27.929589] which belongs to the cache kmalloc-64 of size 64 [ 27.930120] The buggy address is located 0 bytes to the right of [ 27.930120] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.930630] [ 27.930710] The buggy address belongs to the physical page: [ 27.930880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.931115] flags: 0x200000000000000(node=0|zone=2) [ 27.931273] page_type: f5(slab) [ 27.931390] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.931738] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.932177] page dumped because: kasan: bad access detected [ 27.932432] [ 27.932543] Memory state around the buggy address: [ 27.932745] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.933154] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.933378] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.933849] ^ [ 27.934088] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.934415] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.934861] ================================================================== [ 28.330414] ================================================================== [ 28.330728] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 28.331276] Read of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.331675] [ 28.331791] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.332096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.332112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.332136] Call Trace: [ 28.332153] <TASK> [ 28.332170] dump_stack_lvl+0x73/0xb0 [ 28.332200] print_report+0xd1/0x610 [ 28.332226] ? __virt_addr_valid+0x1db/0x2d0 [ 28.332252] ? kasan_atomics_helper+0x49e8/0x5450 [ 28.332275] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.332303] ? kasan_atomics_helper+0x49e8/0x5450 [ 28.332326] kasan_report+0x141/0x180 [ 28.332349] ? kasan_atomics_helper+0x49e8/0x5450 [ 28.332377] __asan_report_load4_noabort+0x18/0x20 [ 28.332402] kasan_atomics_helper+0x49e8/0x5450 [ 28.332426] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.332449] ? ret_from_fork_asm+0x1a/0x30 [ 28.332478] kasan_atomics+0x1dc/0x310 [ 28.332512] ? __pfx_kasan_atomics+0x10/0x10 [ 28.332537] ? __pfx_read_tsc+0x10/0x10 [ 28.332561] ? ktime_get_ts64+0x86/0x230 [ 28.332586] kunit_try_run_case+0x1a5/0x480 [ 28.332611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.332633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.332657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.332682] ? __kthread_parkme+0x82/0x180 [ 28.332718] ? preempt_count_sub+0x50/0x80 [ 28.332742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.332766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.332792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.332819] kthread+0x337/0x6f0 [ 28.332840] ? trace_preempt_on+0x20/0xc0 [ 28.332863] ? __pfx_kthread+0x10/0x10 [ 28.332886] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.332909] ? calculate_sigpending+0x7b/0xa0 [ 28.332934] ? __pfx_kthread+0x10/0x10 [ 28.332958] ret_from_fork+0x116/0x1d0 [ 28.332978] ? __pfx_kthread+0x10/0x10 [ 28.333001] ret_from_fork_asm+0x1a/0x30 [ 28.333032] </TASK> [ 28.333047] [ 28.342389] Allocated by task 313: [ 28.342686] kasan_save_stack+0x45/0x70 [ 28.342975] kasan_save_track+0x18/0x40 [ 28.343125] kasan_save_alloc_info+0x3b/0x50 [ 28.343332] __kasan_kmalloc+0xb7/0xc0 [ 28.343510] __kmalloc_cache_noprof+0x189/0x420 [ 28.343952] kasan_atomics+0x95/0x310 [ 28.344232] kunit_try_run_case+0x1a5/0x480 [ 28.344435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.344896] kthread+0x337/0x6f0 [ 28.345151] ret_from_fork+0x116/0x1d0 [ 28.345342] ret_from_fork_asm+0x1a/0x30 [ 28.345674] [ 28.345776] The buggy address belongs to the object at ffff88810439e280 [ 28.345776] which belongs to the cache kmalloc-64 of size 64 [ 28.346457] The buggy address is located 0 bytes to the right of [ 28.346457] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.347041] [ 28.347165] The buggy address belongs to the physical page: [ 28.347403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.347967] flags: 0x200000000000000(node=0|zone=2) [ 28.348262] page_type: f5(slab) [ 28.348394] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.348876] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.349175] page dumped because: kasan: bad access detected [ 28.349403] [ 28.349480] Memory state around the buggy address: [ 28.349937] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.350331] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.350709] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.351096] ^ [ 28.351369] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.351603] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.352524] ================================================================== [ 28.901852] ================================================================== [ 28.902246] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 28.902657] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.903054] [ 28.903167] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.903216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.903229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.903253] Call Trace: [ 28.903268] <TASK> [ 28.903284] dump_stack_lvl+0x73/0xb0 [ 28.903312] print_report+0xd1/0x610 [ 28.903336] ? __virt_addr_valid+0x1db/0x2d0 [ 28.903361] ? kasan_atomics_helper+0x2006/0x5450 [ 28.903384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.903411] ? kasan_atomics_helper+0x2006/0x5450 [ 28.903456] kasan_report+0x141/0x180 [ 28.903501] ? kasan_atomics_helper+0x2006/0x5450 [ 28.903547] kasan_check_range+0x10c/0x1c0 [ 28.903573] __kasan_check_write+0x18/0x20 [ 28.903597] kasan_atomics_helper+0x2006/0x5450 [ 28.903638] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.903661] ? ret_from_fork_asm+0x1a/0x30 [ 28.903713] kasan_atomics+0x1dc/0x310 [ 28.903737] ? __pfx_kasan_atomics+0x10/0x10 [ 28.903762] ? __pfx_read_tsc+0x10/0x10 [ 28.903786] ? ktime_get_ts64+0x86/0x230 [ 28.903812] kunit_try_run_case+0x1a5/0x480 [ 28.903835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.903861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.903887] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.903912] ? __kthread_parkme+0x82/0x180 [ 28.903933] ? preempt_count_sub+0x50/0x80 [ 28.903959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.903982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.904029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.904056] kthread+0x337/0x6f0 [ 28.904077] ? trace_preempt_on+0x20/0xc0 [ 28.904101] ? __pfx_kthread+0x10/0x10 [ 28.904124] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.904147] ? calculate_sigpending+0x7b/0xa0 [ 28.904172] ? __pfx_kthread+0x10/0x10 [ 28.904194] ret_from_fork+0x116/0x1d0 [ 28.904216] ? __pfx_kthread+0x10/0x10 [ 28.904239] ret_from_fork_asm+0x1a/0x30 [ 28.904271] </TASK> [ 28.904283] [ 28.912114] Allocated by task 313: [ 28.912241] kasan_save_stack+0x45/0x70 [ 28.912380] kasan_save_track+0x18/0x40 [ 28.912539] kasan_save_alloc_info+0x3b/0x50 [ 28.912691] __kasan_kmalloc+0xb7/0xc0 [ 28.912888] __kmalloc_cache_noprof+0x189/0x420 [ 28.913128] kasan_atomics+0x95/0x310 [ 28.913333] kunit_try_run_case+0x1a5/0x480 [ 28.913603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.913877] kthread+0x337/0x6f0 [ 28.914071] ret_from_fork+0x116/0x1d0 [ 28.914310] ret_from_fork_asm+0x1a/0x30 [ 28.914569] [ 28.914662] The buggy address belongs to the object at ffff88810439e280 [ 28.914662] which belongs to the cache kmalloc-64 of size 64 [ 28.915086] The buggy address is located 0 bytes to the right of [ 28.915086] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.915586] [ 28.915684] The buggy address belongs to the physical page: [ 28.915978] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.916400] flags: 0x200000000000000(node=0|zone=2) [ 28.916705] page_type: f5(slab) [ 28.916862] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.917158] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.917403] page dumped because: kasan: bad access detected [ 28.917715] [ 28.917811] Memory state around the buggy address: [ 28.918074] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.918379] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.918717] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.919035] ^ [ 28.919269] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.919672] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.920017] ================================================================== [ 28.920568] ================================================================== [ 28.920993] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 28.921333] Read of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.921707] [ 28.921791] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.921838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.921851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.921873] Call Trace: [ 28.921890] <TASK> [ 28.921906] dump_stack_lvl+0x73/0xb0 [ 28.921934] print_report+0xd1/0x610 [ 28.921959] ? __virt_addr_valid+0x1db/0x2d0 [ 28.921983] ? kasan_atomics_helper+0x4f98/0x5450 [ 28.922005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.922033] ? kasan_atomics_helper+0x4f98/0x5450 [ 28.922057] kasan_report+0x141/0x180 [ 28.922080] ? kasan_atomics_helper+0x4f98/0x5450 [ 28.922107] __asan_report_load8_noabort+0x18/0x20 [ 28.922156] kasan_atomics_helper+0x4f98/0x5450 [ 28.922179] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.922202] ? ret_from_fork_asm+0x1a/0x30 [ 28.922248] kasan_atomics+0x1dc/0x310 [ 28.922285] ? __pfx_kasan_atomics+0x10/0x10 [ 28.922324] ? __pfx_read_tsc+0x10/0x10 [ 28.922349] ? ktime_get_ts64+0x86/0x230 [ 28.922388] kunit_try_run_case+0x1a5/0x480 [ 28.922425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.922460] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.922506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.922531] ? __kthread_parkme+0x82/0x180 [ 28.922554] ? preempt_count_sub+0x50/0x80 [ 28.922579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.922602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.922628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.922655] kthread+0x337/0x6f0 [ 28.922676] ? trace_preempt_on+0x20/0xc0 [ 28.922707] ? __pfx_kthread+0x10/0x10 [ 28.922730] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.922753] ? calculate_sigpending+0x7b/0xa0 [ 28.922779] ? __pfx_kthread+0x10/0x10 [ 28.922802] ret_from_fork+0x116/0x1d0 [ 28.922823] ? __pfx_kthread+0x10/0x10 [ 28.922845] ret_from_fork_asm+0x1a/0x30 [ 28.922877] </TASK> [ 28.922889] [ 28.929910] Allocated by task 313: [ 28.930105] kasan_save_stack+0x45/0x70 [ 28.930340] kasan_save_track+0x18/0x40 [ 28.930579] kasan_save_alloc_info+0x3b/0x50 [ 28.930836] __kasan_kmalloc+0xb7/0xc0 [ 28.931041] __kmalloc_cache_noprof+0x189/0x420 [ 28.931266] kasan_atomics+0x95/0x310 [ 28.931447] kunit_try_run_case+0x1a5/0x480 [ 28.931817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.932085] kthread+0x337/0x6f0 [ 28.932252] ret_from_fork+0x116/0x1d0 [ 28.932436] ret_from_fork_asm+0x1a/0x30 [ 28.932663] [ 28.932767] The buggy address belongs to the object at ffff88810439e280 [ 28.932767] which belongs to the cache kmalloc-64 of size 64 [ 28.933304] The buggy address is located 0 bytes to the right of [ 28.933304] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.933722] [ 28.933855] The buggy address belongs to the physical page: [ 28.934110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.934519] flags: 0x200000000000000(node=0|zone=2) [ 28.934798] page_type: f5(slab) [ 28.934968] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.935222] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.935447] page dumped because: kasan: bad access detected [ 28.935764] [ 28.935863] Memory state around the buggy address: [ 28.936085] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.936400] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.936666] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.936948] ^ [ 28.937210] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.937596] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.937934] ================================================================== [ 28.305926] ================================================================== [ 28.306868] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 28.307779] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.308688] [ 28.308981] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.309038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.309137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.309162] Call Trace: [ 28.309178] <TASK> [ 28.309196] dump_stack_lvl+0x73/0xb0 [ 28.309228] print_report+0xd1/0x610 [ 28.309255] ? __virt_addr_valid+0x1db/0x2d0 [ 28.309283] ? kasan_atomics_helper+0x1217/0x5450 [ 28.309305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.309333] ? kasan_atomics_helper+0x1217/0x5450 [ 28.309357] kasan_report+0x141/0x180 [ 28.309381] ? kasan_atomics_helper+0x1217/0x5450 [ 28.309409] kasan_check_range+0x10c/0x1c0 [ 28.309435] __kasan_check_write+0x18/0x20 [ 28.309459] kasan_atomics_helper+0x1217/0x5450 [ 28.309494] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.309518] ? ret_from_fork_asm+0x1a/0x30 [ 28.309548] kasan_atomics+0x1dc/0x310 [ 28.309572] ? __pfx_kasan_atomics+0x10/0x10 [ 28.309597] ? __pfx_read_tsc+0x10/0x10 [ 28.309621] ? ktime_get_ts64+0x86/0x230 [ 28.309647] kunit_try_run_case+0x1a5/0x480 [ 28.309672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.309694] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.309736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.309761] ? __kthread_parkme+0x82/0x180 [ 28.309783] ? preempt_count_sub+0x50/0x80 [ 28.309810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.309833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.309860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.309887] kthread+0x337/0x6f0 [ 28.309908] ? trace_preempt_on+0x20/0xc0 [ 28.309933] ? __pfx_kthread+0x10/0x10 [ 28.309955] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.309978] ? calculate_sigpending+0x7b/0xa0 [ 28.310003] ? __pfx_kthread+0x10/0x10 [ 28.310026] ret_from_fork+0x116/0x1d0 [ 28.310047] ? __pfx_kthread+0x10/0x10 [ 28.310069] ret_from_fork_asm+0x1a/0x30 [ 28.310101] </TASK> [ 28.310114] [ 28.319999] Allocated by task 313: [ 28.320327] kasan_save_stack+0x45/0x70 [ 28.320628] kasan_save_track+0x18/0x40 [ 28.320855] kasan_save_alloc_info+0x3b/0x50 [ 28.321160] __kasan_kmalloc+0xb7/0xc0 [ 28.321422] __kmalloc_cache_noprof+0x189/0x420 [ 28.321669] kasan_atomics+0x95/0x310 [ 28.321831] kunit_try_run_case+0x1a5/0x480 [ 28.322036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.322265] kthread+0x337/0x6f0 [ 28.322420] ret_from_fork+0x116/0x1d0 [ 28.322899] ret_from_fork_asm+0x1a/0x30 [ 28.323078] [ 28.323152] The buggy address belongs to the object at ffff88810439e280 [ 28.323152] which belongs to the cache kmalloc-64 of size 64 [ 28.324101] The buggy address is located 0 bytes to the right of [ 28.324101] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.324773] [ 28.324877] The buggy address belongs to the physical page: [ 28.325252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.325707] flags: 0x200000000000000(node=0|zone=2) [ 28.325877] page_type: f5(slab) [ 28.326045] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.326352] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.326654] page dumped because: kasan: bad access detected [ 28.327213] [ 28.327305] Memory state around the buggy address: [ 28.327468] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.328094] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.328477] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.328912] ^ [ 28.329237] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.329568] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.329937] ================================================================== [ 28.210939] ================================================================== [ 28.211244] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 28.212222] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.212877] [ 28.213077] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.213133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.213156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.213179] Call Trace: [ 28.213193] <TASK> [ 28.213212] dump_stack_lvl+0x73/0xb0 [ 28.213242] print_report+0xd1/0x610 [ 28.213269] ? __virt_addr_valid+0x1db/0x2d0 [ 28.213294] ? kasan_atomics_helper+0x1079/0x5450 [ 28.213316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.213344] ? kasan_atomics_helper+0x1079/0x5450 [ 28.213367] kasan_report+0x141/0x180 [ 28.213390] ? kasan_atomics_helper+0x1079/0x5450 [ 28.213418] kasan_check_range+0x10c/0x1c0 [ 28.213443] __kasan_check_write+0x18/0x20 [ 28.213467] kasan_atomics_helper+0x1079/0x5450 [ 28.213583] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.213612] ? ret_from_fork_asm+0x1a/0x30 [ 28.213644] kasan_atomics+0x1dc/0x310 [ 28.213669] ? __pfx_kasan_atomics+0x10/0x10 [ 28.213694] ? __pfx_read_tsc+0x10/0x10 [ 28.213764] ? ktime_get_ts64+0x86/0x230 [ 28.213791] kunit_try_run_case+0x1a5/0x480 [ 28.213816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.213837] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.213864] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.213890] ? __kthread_parkme+0x82/0x180 [ 28.213912] ? preempt_count_sub+0x50/0x80 [ 28.213937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.213961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.213987] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.214014] kthread+0x337/0x6f0 [ 28.214036] ? trace_preempt_on+0x20/0xc0 [ 28.214060] ? __pfx_kthread+0x10/0x10 [ 28.214082] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.214105] ? calculate_sigpending+0x7b/0xa0 [ 28.214131] ? __pfx_kthread+0x10/0x10 [ 28.214154] ret_from_fork+0x116/0x1d0 [ 28.214175] ? __pfx_kthread+0x10/0x10 [ 28.214198] ret_from_fork_asm+0x1a/0x30 [ 28.214230] </TASK> [ 28.214243] [ 28.224768] Allocated by task 313: [ 28.224946] kasan_save_stack+0x45/0x70 [ 28.225139] kasan_save_track+0x18/0x40 [ 28.225316] kasan_save_alloc_info+0x3b/0x50 [ 28.225793] __kasan_kmalloc+0xb7/0xc0 [ 28.226017] __kmalloc_cache_noprof+0x189/0x420 [ 28.226359] kasan_atomics+0x95/0x310 [ 28.226671] kunit_try_run_case+0x1a5/0x480 [ 28.227016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.227253] kthread+0x337/0x6f0 [ 28.227406] ret_from_fork+0x116/0x1d0 [ 28.227848] ret_from_fork_asm+0x1a/0x30 [ 28.228166] [ 28.228381] The buggy address belongs to the object at ffff88810439e280 [ 28.228381] which belongs to the cache kmalloc-64 of size 64 [ 28.229255] The buggy address is located 0 bytes to the right of [ 28.229255] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.229996] [ 28.230100] The buggy address belongs to the physical page: [ 28.230331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.230912] flags: 0x200000000000000(node=0|zone=2) [ 28.231333] page_type: f5(slab) [ 28.231627] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.232104] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.232422] page dumped because: kasan: bad access detected [ 28.233060] [ 28.233158] Memory state around the buggy address: [ 28.233604] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.234098] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.234750] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.235186] ^ [ 28.235403] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.235995] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.236483] ================================================================== [ 28.280951] ================================================================== [ 28.281495] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 28.281828] Read of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.282384] [ 28.282488] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.282548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.282845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.282876] Call Trace: [ 28.282893] <TASK> [ 28.282911] dump_stack_lvl+0x73/0xb0 [ 28.282942] print_report+0xd1/0x610 [ 28.282966] ? __virt_addr_valid+0x1db/0x2d0 [ 28.282992] ? kasan_atomics_helper+0x4a02/0x5450 [ 28.283014] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.283041] ? kasan_atomics_helper+0x4a02/0x5450 [ 28.283065] kasan_report+0x141/0x180 [ 28.283087] ? kasan_atomics_helper+0x4a02/0x5450 [ 28.283115] __asan_report_load4_noabort+0x18/0x20 [ 28.283140] kasan_atomics_helper+0x4a02/0x5450 [ 28.283165] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.283187] ? ret_from_fork_asm+0x1a/0x30 [ 28.283217] kasan_atomics+0x1dc/0x310 [ 28.283241] ? __pfx_kasan_atomics+0x10/0x10 [ 28.283267] ? __pfx_read_tsc+0x10/0x10 [ 28.283291] ? ktime_get_ts64+0x86/0x230 [ 28.283316] kunit_try_run_case+0x1a5/0x480 [ 28.283339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.283362] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.283386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.283412] ? __kthread_parkme+0x82/0x180 [ 28.283434] ? preempt_count_sub+0x50/0x80 [ 28.283460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.283483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.283521] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.283548] kthread+0x337/0x6f0 [ 28.283570] ? trace_preempt_on+0x20/0xc0 [ 28.283593] ? __pfx_kthread+0x10/0x10 [ 28.283618] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.283641] ? calculate_sigpending+0x7b/0xa0 [ 28.283666] ? __pfx_kthread+0x10/0x10 [ 28.283690] ret_from_fork+0x116/0x1d0 [ 28.283725] ? __pfx_kthread+0x10/0x10 [ 28.283748] ret_from_fork_asm+0x1a/0x30 [ 28.283780] </TASK> [ 28.283794] [ 28.293457] Allocated by task 313: [ 28.293623] kasan_save_stack+0x45/0x70 [ 28.294029] kasan_save_track+0x18/0x40 [ 28.294298] kasan_save_alloc_info+0x3b/0x50 [ 28.294602] __kasan_kmalloc+0xb7/0xc0 [ 28.294781] __kmalloc_cache_noprof+0x189/0x420 [ 28.295078] kasan_atomics+0x95/0x310 [ 28.295266] kunit_try_run_case+0x1a5/0x480 [ 28.295463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.295936] kthread+0x337/0x6f0 [ 28.296216] ret_from_fork+0x116/0x1d0 [ 28.296482] ret_from_fork_asm+0x1a/0x30 [ 28.296651] [ 28.296902] The buggy address belongs to the object at ffff88810439e280 [ 28.296902] which belongs to the cache kmalloc-64 of size 64 [ 28.297393] The buggy address is located 0 bytes to the right of [ 28.297393] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.298290] [ 28.298370] The buggy address belongs to the physical page: [ 28.298802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.299593] flags: 0x200000000000000(node=0|zone=2) [ 28.300042] page_type: f5(slab) [ 28.300174] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.300410] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.301150] page dumped because: kasan: bad access detected [ 28.301775] [ 28.302027] Memory state around the buggy address: [ 28.302539] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.303239] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.303467] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.304102] ^ [ 28.304714] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.305109] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.305333] ================================================================== [ 28.353004] ================================================================== [ 28.353242] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 28.353473] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.353712] [ 28.353795] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.353843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.353856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.353878] Call Trace: [ 28.353892] <TASK> [ 28.353909] dump_stack_lvl+0x73/0xb0 [ 28.353936] print_report+0xd1/0x610 [ 28.353960] ? __virt_addr_valid+0x1db/0x2d0 [ 28.353983] ? kasan_atomics_helper+0x12e6/0x5450 [ 28.354005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.354032] ? kasan_atomics_helper+0x12e6/0x5450 [ 28.354054] kasan_report+0x141/0x180 [ 28.354077] ? kasan_atomics_helper+0x12e6/0x5450 [ 28.354103] kasan_check_range+0x10c/0x1c0 [ 28.354126] __kasan_check_write+0x18/0x20 [ 28.354150] kasan_atomics_helper+0x12e6/0x5450 [ 28.354173] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.354196] ? ret_from_fork_asm+0x1a/0x30 [ 28.354224] kasan_atomics+0x1dc/0x310 [ 28.354247] ? __pfx_kasan_atomics+0x10/0x10 [ 28.354272] ? __pfx_read_tsc+0x10/0x10 [ 28.354294] ? ktime_get_ts64+0x86/0x230 [ 28.354320] kunit_try_run_case+0x1a5/0x480 [ 28.354341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.354362] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.354387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.354410] ? __kthread_parkme+0x82/0x180 [ 28.354431] ? preempt_count_sub+0x50/0x80 [ 28.354455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.354478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.354502] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.354528] kthread+0x337/0x6f0 [ 28.354548] ? trace_preempt_on+0x20/0xc0 [ 28.354571] ? __pfx_kthread+0x10/0x10 [ 28.354593] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.354616] ? calculate_sigpending+0x7b/0xa0 [ 28.354642] ? __pfx_kthread+0x10/0x10 [ 28.354664] ret_from_fork+0x116/0x1d0 [ 28.354684] ? __pfx_kthread+0x10/0x10 [ 28.355236] ret_from_fork_asm+0x1a/0x30 [ 28.355277] </TASK> [ 28.355748] [ 28.373833] Allocated by task 313: [ 28.374075] kasan_save_stack+0x45/0x70 [ 28.374577] kasan_save_track+0x18/0x40 [ 28.375017] kasan_save_alloc_info+0x3b/0x50 [ 28.375598] __kasan_kmalloc+0xb7/0xc0 [ 28.375990] __kmalloc_cache_noprof+0x189/0x420 [ 28.376477] kasan_atomics+0x95/0x310 [ 28.376856] kunit_try_run_case+0x1a5/0x480 [ 28.377006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.377181] kthread+0x337/0x6f0 [ 28.377302] ret_from_fork+0x116/0x1d0 [ 28.377436] ret_from_fork_asm+0x1a/0x30 [ 28.377622] [ 28.377809] The buggy address belongs to the object at ffff88810439e280 [ 28.377809] which belongs to the cache kmalloc-64 of size 64 [ 28.378945] The buggy address is located 0 bytes to the right of [ 28.378945] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.380083] [ 28.380241] The buggy address belongs to the physical page: [ 28.380776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.381199] flags: 0x200000000000000(node=0|zone=2) [ 28.381362] page_type: f5(slab) [ 28.381483] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.382176] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.382835] page dumped because: kasan: bad access detected [ 28.383314] [ 28.383476] Memory state around the buggy address: [ 28.383807] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.384033] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.384247] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.384459] ^ [ 28.384933] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.385576] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.386327] ================================================================== [ 28.507930] ================================================================== [ 28.509114] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 28.509832] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.510496] [ 28.510705] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.510755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.510768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.510790] Call Trace: [ 28.510816] <TASK> [ 28.510836] dump_stack_lvl+0x73/0xb0 [ 28.510864] print_report+0xd1/0x610 [ 28.510899] ? __virt_addr_valid+0x1db/0x2d0 [ 28.510923] ? kasan_atomics_helper+0x15b6/0x5450 [ 28.510947] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.510973] ? kasan_atomics_helper+0x15b6/0x5450 [ 28.510997] kasan_report+0x141/0x180 [ 28.511021] ? kasan_atomics_helper+0x15b6/0x5450 [ 28.511048] kasan_check_range+0x10c/0x1c0 [ 28.511073] __kasan_check_write+0x18/0x20 [ 28.511098] kasan_atomics_helper+0x15b6/0x5450 [ 28.511122] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.511146] ? ret_from_fork_asm+0x1a/0x30 [ 28.511175] kasan_atomics+0x1dc/0x310 [ 28.511209] ? __pfx_kasan_atomics+0x10/0x10 [ 28.511234] ? __pfx_read_tsc+0x10/0x10 [ 28.511258] ? ktime_get_ts64+0x86/0x230 [ 28.511295] kunit_try_run_case+0x1a5/0x480 [ 28.511319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.511341] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.511374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.511400] ? __kthread_parkme+0x82/0x180 [ 28.511422] ? preempt_count_sub+0x50/0x80 [ 28.511456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.511479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.511515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.511542] kthread+0x337/0x6f0 [ 28.511572] ? trace_preempt_on+0x20/0xc0 [ 28.511597] ? __pfx_kthread+0x10/0x10 [ 28.511619] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.511654] ? calculate_sigpending+0x7b/0xa0 [ 28.511682] ? __pfx_kthread+0x10/0x10 [ 28.511714] ret_from_fork+0x116/0x1d0 [ 28.511735] ? __pfx_kthread+0x10/0x10 [ 28.511757] ret_from_fork_asm+0x1a/0x30 [ 28.511789] </TASK> [ 28.511801] [ 28.524814] Allocated by task 313: [ 28.524946] kasan_save_stack+0x45/0x70 [ 28.525088] kasan_save_track+0x18/0x40 [ 28.525221] kasan_save_alloc_info+0x3b/0x50 [ 28.525367] __kasan_kmalloc+0xb7/0xc0 [ 28.525512] __kmalloc_cache_noprof+0x189/0x420 [ 28.525956] kasan_atomics+0x95/0x310 [ 28.526298] kunit_try_run_case+0x1a5/0x480 [ 28.526750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.527226] kthread+0x337/0x6f0 [ 28.527557] ret_from_fork+0x116/0x1d0 [ 28.527924] ret_from_fork_asm+0x1a/0x30 [ 28.528292] [ 28.528467] The buggy address belongs to the object at ffff88810439e280 [ 28.528467] which belongs to the cache kmalloc-64 of size 64 [ 28.529769] The buggy address is located 0 bytes to the right of [ 28.529769] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.530815] [ 28.530890] The buggy address belongs to the physical page: [ 28.531287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.531552] flags: 0x200000000000000(node=0|zone=2) [ 28.531998] page_type: f5(slab) [ 28.532244] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.532826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.533231] page dumped because: kasan: bad access detected [ 28.533402] [ 28.533467] Memory state around the buggy address: [ 28.533932] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.534566] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.535174] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.535781] ^ [ 28.535940] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.536155] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.536366] ================================================================== [ 28.237099] ================================================================== [ 28.237349] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 28.237677] Read of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.237988] [ 28.238158] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.238208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.238222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.238245] Call Trace: [ 28.238261] <TASK> [ 28.238277] dump_stack_lvl+0x73/0xb0 [ 28.238308] print_report+0xd1/0x610 [ 28.238331] ? __virt_addr_valid+0x1db/0x2d0 [ 28.238357] ? kasan_atomics_helper+0x4a1c/0x5450 [ 28.238379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.238407] ? kasan_atomics_helper+0x4a1c/0x5450 [ 28.238429] kasan_report+0x141/0x180 [ 28.238452] ? kasan_atomics_helper+0x4a1c/0x5450 [ 28.238480] __asan_report_load4_noabort+0x18/0x20 [ 28.238518] kasan_atomics_helper+0x4a1c/0x5450 [ 28.238543] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.238565] ? ret_from_fork_asm+0x1a/0x30 [ 28.238594] kasan_atomics+0x1dc/0x310 [ 28.238618] ? __pfx_kasan_atomics+0x10/0x10 [ 28.238643] ? __pfx_read_tsc+0x10/0x10 [ 28.238667] ? ktime_get_ts64+0x86/0x230 [ 28.238692] kunit_try_run_case+0x1a5/0x480 [ 28.238727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.238749] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.238774] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.238798] ? __kthread_parkme+0x82/0x180 [ 28.238821] ? preempt_count_sub+0x50/0x80 [ 28.238846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.238869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.238896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.238923] kthread+0x337/0x6f0 [ 28.238943] ? trace_preempt_on+0x20/0xc0 [ 28.238967] ? __pfx_kthread+0x10/0x10 [ 28.238990] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.239013] ? calculate_sigpending+0x7b/0xa0 [ 28.239038] ? __pfx_kthread+0x10/0x10 [ 28.239061] ret_from_fork+0x116/0x1d0 [ 28.239082] ? __pfx_kthread+0x10/0x10 [ 28.239104] ret_from_fork_asm+0x1a/0x30 [ 28.239136] </TASK> [ 28.239150] [ 28.245645] Allocated by task 313: [ 28.245948] kasan_save_stack+0x45/0x70 [ 28.246154] kasan_save_track+0x18/0x40 [ 28.246369] kasan_save_alloc_info+0x3b/0x50 [ 28.246725] __kasan_kmalloc+0xb7/0xc0 [ 28.247017] __kmalloc_cache_noprof+0x189/0x420 [ 28.247770] kasan_atomics+0x95/0x310 [ 28.248291] kunit_try_run_case+0x1a5/0x480 [ 28.248457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.249112] kthread+0x337/0x6f0 [ 28.249295] ret_from_fork+0x116/0x1d0 [ 28.249653] ret_from_fork_asm+0x1a/0x30 [ 28.250007] [ 28.250105] The buggy address belongs to the object at ffff88810439e280 [ 28.250105] which belongs to the cache kmalloc-64 of size 64 [ 28.250695] The buggy address is located 0 bytes to the right of [ 28.250695] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.251425] [ 28.251556] The buggy address belongs to the physical page: [ 28.251939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.252297] flags: 0x200000000000000(node=0|zone=2) [ 28.252651] page_type: f5(slab) [ 28.252946] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.253279] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.253686] page dumped because: kasan: bad access detected [ 28.254032] [ 28.254130] Memory state around the buggy address: [ 28.254347] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.254855] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.255222] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.255596] ^ [ 28.255934] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.256237] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.256487] ================================================================== [ 28.451503] ================================================================== [ 28.452110] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 28.452456] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.452832] [ 28.452936] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.452983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.453007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.453030] Call Trace: [ 28.453046] <TASK> [ 28.453063] dump_stack_lvl+0x73/0xb0 [ 28.453103] print_report+0xd1/0x610 [ 28.453128] ? __virt_addr_valid+0x1db/0x2d0 [ 28.453152] ? kasan_atomics_helper+0x1467/0x5450 [ 28.453175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.453202] ? kasan_atomics_helper+0x1467/0x5450 [ 28.453225] kasan_report+0x141/0x180 [ 28.453249] ? kasan_atomics_helper+0x1467/0x5450 [ 28.453275] kasan_check_range+0x10c/0x1c0 [ 28.453300] __kasan_check_write+0x18/0x20 [ 28.453324] kasan_atomics_helper+0x1467/0x5450 [ 28.453348] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.453373] ? ret_from_fork_asm+0x1a/0x30 [ 28.453401] kasan_atomics+0x1dc/0x310 [ 28.453425] ? __pfx_kasan_atomics+0x10/0x10 [ 28.453450] ? __pfx_read_tsc+0x10/0x10 [ 28.453473] ? ktime_get_ts64+0x86/0x230 [ 28.453509] kunit_try_run_case+0x1a5/0x480 [ 28.453533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.453555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.453582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.453619] ? __kthread_parkme+0x82/0x180 [ 28.453641] ? preempt_count_sub+0x50/0x80 [ 28.453677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.453709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.453736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.453762] kthread+0x337/0x6f0 [ 28.453792] ? trace_preempt_on+0x20/0xc0 [ 28.453816] ? __pfx_kthread+0x10/0x10 [ 28.453838] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.453872] ? calculate_sigpending+0x7b/0xa0 [ 28.453897] ? __pfx_kthread+0x10/0x10 [ 28.453920] ret_from_fork+0x116/0x1d0 [ 28.453950] ? __pfx_kthread+0x10/0x10 [ 28.453972] ret_from_fork_asm+0x1a/0x30 [ 28.454004] </TASK> [ 28.454028] [ 28.461780] Allocated by task 313: [ 28.461967] kasan_save_stack+0x45/0x70 [ 28.462126] kasan_save_track+0x18/0x40 [ 28.462324] kasan_save_alloc_info+0x3b/0x50 [ 28.462560] __kasan_kmalloc+0xb7/0xc0 [ 28.462743] __kmalloc_cache_noprof+0x189/0x420 [ 28.462980] kasan_atomics+0x95/0x310 [ 28.463118] kunit_try_run_case+0x1a5/0x480 [ 28.463261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.463435] kthread+0x337/0x6f0 [ 28.463553] ret_from_fork+0x116/0x1d0 [ 28.463685] ret_from_fork_asm+0x1a/0x30 [ 28.464056] [ 28.464160] The buggy address belongs to the object at ffff88810439e280 [ 28.464160] which belongs to the cache kmalloc-64 of size 64 [ 28.464709] The buggy address is located 0 bytes to the right of [ 28.464709] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.465071] [ 28.465138] The buggy address belongs to the physical page: [ 28.465412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.466164] flags: 0x200000000000000(node=0|zone=2) [ 28.466419] page_type: f5(slab) [ 28.466600] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.467003] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.467226] page dumped because: kasan: bad access detected [ 28.467393] [ 28.467457] Memory state around the buggy address: [ 28.467881] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.468222] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.468598] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.468925] ^ [ 28.469111] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.469324] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.469666] ================================================================== [ 27.879058] ================================================================== [ 27.879364] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 27.879756] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.880239] [ 27.880359] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.880409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.880424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.880448] Call Trace: [ 27.880463] <TASK> [ 27.880480] dump_stack_lvl+0x73/0xb0 [ 27.880511] print_report+0xd1/0x610 [ 27.880534] ? __virt_addr_valid+0x1db/0x2d0 [ 27.880560] ? kasan_atomics_helper+0x860/0x5450 [ 27.880582] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.880610] ? kasan_atomics_helper+0x860/0x5450 [ 27.880632] kasan_report+0x141/0x180 [ 27.880757] ? kasan_atomics_helper+0x860/0x5450 [ 27.880793] kasan_check_range+0x10c/0x1c0 [ 27.880819] __kasan_check_write+0x18/0x20 [ 27.880845] kasan_atomics_helper+0x860/0x5450 [ 27.880929] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.880954] ? ret_from_fork_asm+0x1a/0x30 [ 27.880983] kasan_atomics+0x1dc/0x310 [ 27.881008] ? __pfx_kasan_atomics+0x10/0x10 [ 27.881033] ? __pfx_read_tsc+0x10/0x10 [ 27.881058] ? ktime_get_ts64+0x86/0x230 [ 27.881083] kunit_try_run_case+0x1a5/0x480 [ 27.881107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.881129] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.881154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.881180] ? __kthread_parkme+0x82/0x180 [ 27.881203] ? preempt_count_sub+0x50/0x80 [ 27.881227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.881252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.881281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.881308] kthread+0x337/0x6f0 [ 27.881330] ? trace_preempt_on+0x20/0xc0 [ 27.881356] ? __pfx_kthread+0x10/0x10 [ 27.881380] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.881404] ? calculate_sigpending+0x7b/0xa0 [ 27.881430] ? __pfx_kthread+0x10/0x10 [ 27.881453] ret_from_fork+0x116/0x1d0 [ 27.881474] ? __pfx_kthread+0x10/0x10 [ 27.881506] ret_from_fork_asm+0x1a/0x30 [ 27.881537] </TASK> [ 27.881550] [ 27.888935] Allocated by task 313: [ 27.889063] kasan_save_stack+0x45/0x70 [ 27.889357] kasan_save_track+0x18/0x40 [ 27.889552] kasan_save_alloc_info+0x3b/0x50 [ 27.889928] __kasan_kmalloc+0xb7/0xc0 [ 27.890087] __kmalloc_cache_noprof+0x189/0x420 [ 27.890238] kasan_atomics+0x95/0x310 [ 27.890365] kunit_try_run_case+0x1a5/0x480 [ 27.890534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.890863] kthread+0x337/0x6f0 [ 27.891042] ret_from_fork+0x116/0x1d0 [ 27.891232] ret_from_fork_asm+0x1a/0x30 [ 27.891436] [ 27.891557] The buggy address belongs to the object at ffff88810439e280 [ 27.891557] which belongs to the cache kmalloc-64 of size 64 [ 27.892250] The buggy address is located 0 bytes to the right of [ 27.892250] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.892883] [ 27.892960] The buggy address belongs to the physical page: [ 27.893188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.893515] flags: 0x200000000000000(node=0|zone=2) [ 27.893682] page_type: f5(slab) [ 27.893978] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.894270] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.894582] page dumped because: kasan: bad access detected [ 27.894861] [ 27.894930] Memory state around the buggy address: [ 27.895153] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.895359] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.895562] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.895827] ^ [ 27.896219] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.896565] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.896971] ================================================================== [ 29.025071] ================================================================== [ 29.025455] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 29.026129] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 29.026656] [ 29.026881] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 29.026945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.026960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.026984] Call Trace: [ 29.027001] <TASK> [ 29.027018] dump_stack_lvl+0x73/0xb0 [ 29.027049] print_report+0xd1/0x610 [ 29.027074] ? __virt_addr_valid+0x1db/0x2d0 [ 29.027099] ? kasan_atomics_helper+0x224c/0x5450 [ 29.027123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.027151] ? kasan_atomics_helper+0x224c/0x5450 [ 29.027174] kasan_report+0x141/0x180 [ 29.027198] ? kasan_atomics_helper+0x224c/0x5450 [ 29.027226] kasan_check_range+0x10c/0x1c0 [ 29.027251] __kasan_check_write+0x18/0x20 [ 29.027275] kasan_atomics_helper+0x224c/0x5450 [ 29.027298] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.027322] ? ret_from_fork_asm+0x1a/0x30 [ 29.027350] kasan_atomics+0x1dc/0x310 [ 29.027374] ? __pfx_kasan_atomics+0x10/0x10 [ 29.027400] ? __pfx_read_tsc+0x10/0x10 [ 29.027423] ? ktime_get_ts64+0x86/0x230 [ 29.027448] kunit_try_run_case+0x1a5/0x480 [ 29.027472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.027593] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.027623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.027648] ? __kthread_parkme+0x82/0x180 [ 29.027670] ? preempt_count_sub+0x50/0x80 [ 29.027733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.027760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.027787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.027814] kthread+0x337/0x6f0 [ 29.027836] ? trace_preempt_on+0x20/0xc0 [ 29.027868] ? __pfx_kthread+0x10/0x10 [ 29.027891] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.027914] ? calculate_sigpending+0x7b/0xa0 [ 29.027939] ? __pfx_kthread+0x10/0x10 [ 29.027962] ret_from_fork+0x116/0x1d0 [ 29.027985] ? __pfx_kthread+0x10/0x10 [ 29.028009] ret_from_fork_asm+0x1a/0x30 [ 29.028041] </TASK> [ 29.028055] [ 29.038832] Allocated by task 313: [ 29.039123] kasan_save_stack+0x45/0x70 [ 29.039501] kasan_save_track+0x18/0x40 [ 29.039808] kasan_save_alloc_info+0x3b/0x50 [ 29.040029] __kasan_kmalloc+0xb7/0xc0 [ 29.040207] __kmalloc_cache_noprof+0x189/0x420 [ 29.040413] kasan_atomics+0x95/0x310 [ 29.040948] kunit_try_run_case+0x1a5/0x480 [ 29.041210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.041659] kthread+0x337/0x6f0 [ 29.041956] ret_from_fork+0x116/0x1d0 [ 29.042319] ret_from_fork_asm+0x1a/0x30 [ 29.042654] [ 29.042785] The buggy address belongs to the object at ffff88810439e280 [ 29.042785] which belongs to the cache kmalloc-64 of size 64 [ 29.043269] The buggy address is located 0 bytes to the right of [ 29.043269] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 29.044241] [ 29.044353] The buggy address belongs to the physical page: [ 29.044971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 29.045323] flags: 0x200000000000000(node=0|zone=2) [ 29.045764] page_type: f5(slab) [ 29.046007] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.046331] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.046999] page dumped because: kasan: bad access detected [ 29.047273] [ 29.047504] Memory state around the buggy address: [ 29.047870] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.048438] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.048966] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.049412] ^ [ 29.049870] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.050189] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.050477] ================================================================== [ 28.884132] ================================================================== [ 28.884383] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 28.884790] Read of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.885130] [ 28.885245] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.885308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.885336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.885358] Call Trace: [ 28.885375] <TASK> [ 28.885391] dump_stack_lvl+0x73/0xb0 [ 28.885420] print_report+0xd1/0x610 [ 28.885444] ? __virt_addr_valid+0x1db/0x2d0 [ 28.885469] ? kasan_atomics_helper+0x4f71/0x5450 [ 28.885514] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.885541] ? kasan_atomics_helper+0x4f71/0x5450 [ 28.885565] kasan_report+0x141/0x180 [ 28.885587] ? kasan_atomics_helper+0x4f71/0x5450 [ 28.885614] __asan_report_load8_noabort+0x18/0x20 [ 28.885639] kasan_atomics_helper+0x4f71/0x5450 [ 28.885663] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.885686] ? ret_from_fork_asm+0x1a/0x30 [ 28.885723] kasan_atomics+0x1dc/0x310 [ 28.885768] ? __pfx_kasan_atomics+0x10/0x10 [ 28.885794] ? __pfx_read_tsc+0x10/0x10 [ 28.885834] ? ktime_get_ts64+0x86/0x230 [ 28.885861] kunit_try_run_case+0x1a5/0x480 [ 28.885885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.885907] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.885933] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.885958] ? __kthread_parkme+0x82/0x180 [ 28.885980] ? preempt_count_sub+0x50/0x80 [ 28.886004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.886027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.886054] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.886099] kthread+0x337/0x6f0 [ 28.886119] ? trace_preempt_on+0x20/0xc0 [ 28.886143] ? __pfx_kthread+0x10/0x10 [ 28.886166] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.886189] ? calculate_sigpending+0x7b/0xa0 [ 28.886213] ? __pfx_kthread+0x10/0x10 [ 28.886252] ret_from_fork+0x116/0x1d0 [ 28.886273] ? __pfx_kthread+0x10/0x10 [ 28.886295] ret_from_fork_asm+0x1a/0x30 [ 28.886327] </TASK> [ 28.886341] [ 28.893843] Allocated by task 313: [ 28.894045] kasan_save_stack+0x45/0x70 [ 28.894233] kasan_save_track+0x18/0x40 [ 28.894469] kasan_save_alloc_info+0x3b/0x50 [ 28.894708] __kasan_kmalloc+0xb7/0xc0 [ 28.894893] __kmalloc_cache_noprof+0x189/0x420 [ 28.895112] kasan_atomics+0x95/0x310 [ 28.895295] kunit_try_run_case+0x1a5/0x480 [ 28.895526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.895808] kthread+0x337/0x6f0 [ 28.895938] ret_from_fork+0x116/0x1d0 [ 28.896124] ret_from_fork_asm+0x1a/0x30 [ 28.896335] [ 28.896432] The buggy address belongs to the object at ffff88810439e280 [ 28.896432] which belongs to the cache kmalloc-64 of size 64 [ 28.896917] The buggy address is located 0 bytes to the right of [ 28.896917] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.897466] [ 28.897580] The buggy address belongs to the physical page: [ 28.897826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.898197] flags: 0x200000000000000(node=0|zone=2) [ 28.898365] page_type: f5(slab) [ 28.898560] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.898895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.899120] page dumped because: kasan: bad access detected [ 28.899288] [ 28.899354] Memory state around the buggy address: [ 28.899619] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.899988] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.900338] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.900606] ^ [ 28.900774] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.900986] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.901194] ================================================================== [ 27.823292] ================================================================== [ 27.824178] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 27.824436] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.825102] [ 27.825293] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.825347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.825361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.825386] Call Trace: [ 27.825407] <TASK> [ 27.825427] dump_stack_lvl+0x73/0xb0 [ 27.825461] print_report+0xd1/0x610 [ 27.825486] ? __virt_addr_valid+0x1db/0x2d0 [ 27.825514] ? kasan_atomics_helper+0x72f/0x5450 [ 27.825537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.825564] ? kasan_atomics_helper+0x72f/0x5450 [ 27.825589] kasan_report+0x141/0x180 [ 27.825612] ? kasan_atomics_helper+0x72f/0x5450 [ 27.825640] kasan_check_range+0x10c/0x1c0 [ 27.825677] __kasan_check_write+0x18/0x20 [ 27.825715] kasan_atomics_helper+0x72f/0x5450 [ 27.825740] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.825764] ? ret_from_fork_asm+0x1a/0x30 [ 27.825847] kasan_atomics+0x1dc/0x310 [ 27.825873] ? __pfx_kasan_atomics+0x10/0x10 [ 27.825901] ? __pfx_read_tsc+0x10/0x10 [ 27.825928] ? ktime_get_ts64+0x86/0x230 [ 27.825955] kunit_try_run_case+0x1a5/0x480 [ 27.825979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.826001] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.826028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.826054] ? __kthread_parkme+0x82/0x180 [ 27.826077] ? preempt_count_sub+0x50/0x80 [ 27.826102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.826126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.826155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.826181] kthread+0x337/0x6f0 [ 27.826203] ? trace_preempt_on+0x20/0xc0 [ 27.826228] ? __pfx_kthread+0x10/0x10 [ 27.826250] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.826273] ? calculate_sigpending+0x7b/0xa0 [ 27.826298] ? __pfx_kthread+0x10/0x10 [ 27.826322] ret_from_fork+0x116/0x1d0 [ 27.826344] ? __pfx_kthread+0x10/0x10 [ 27.826366] ret_from_fork_asm+0x1a/0x30 [ 27.826399] </TASK> [ 27.826413] [ 27.841468] Allocated by task 313: [ 27.841616] kasan_save_stack+0x45/0x70 [ 27.842198] kasan_save_track+0x18/0x40 [ 27.842610] kasan_save_alloc_info+0x3b/0x50 [ 27.843098] __kasan_kmalloc+0xb7/0xc0 [ 27.843507] __kmalloc_cache_noprof+0x189/0x420 [ 27.844041] kasan_atomics+0x95/0x310 [ 27.844377] kunit_try_run_case+0x1a5/0x480 [ 27.844839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.845038] kthread+0x337/0x6f0 [ 27.845231] ret_from_fork+0x116/0x1d0 [ 27.845405] ret_from_fork_asm+0x1a/0x30 [ 27.845626] [ 27.845724] The buggy address belongs to the object at ffff88810439e280 [ 27.845724] which belongs to the cache kmalloc-64 of size 64 [ 27.846286] The buggy address is located 0 bytes to the right of [ 27.846286] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.846944] [ 27.847048] The buggy address belongs to the physical page: [ 27.847290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.847668] flags: 0x200000000000000(node=0|zone=2) [ 27.848135] page_type: f5(slab) [ 27.848303] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.848629] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.849077] page dumped because: kasan: bad access detected [ 27.849325] [ 27.849418] Memory state around the buggy address: [ 27.849678] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.850091] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.850407] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.850826] ^ [ 27.851084] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.851365] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.851686] ================================================================== [ 28.536872] ================================================================== [ 28.537379] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 28.537771] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.538154] [ 28.538239] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.538287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.538300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.538357] Call Trace: [ 28.538374] <TASK> [ 28.538391] dump_stack_lvl+0x73/0xb0 [ 28.538432] print_report+0xd1/0x610 [ 28.538456] ? __virt_addr_valid+0x1db/0x2d0 [ 28.538518] ? kasan_atomics_helper+0x164f/0x5450 [ 28.538543] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.538581] ? kasan_atomics_helper+0x164f/0x5450 [ 28.538604] kasan_report+0x141/0x180 [ 28.538629] ? kasan_atomics_helper+0x164f/0x5450 [ 28.538656] kasan_check_range+0x10c/0x1c0 [ 28.538716] __kasan_check_write+0x18/0x20 [ 28.538740] kasan_atomics_helper+0x164f/0x5450 [ 28.538774] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.538798] ? ret_from_fork_asm+0x1a/0x30 [ 28.538828] kasan_atomics+0x1dc/0x310 [ 28.538878] ? __pfx_kasan_atomics+0x10/0x10 [ 28.538905] ? __pfx_read_tsc+0x10/0x10 [ 28.538930] ? ktime_get_ts64+0x86/0x230 [ 28.538967] kunit_try_run_case+0x1a5/0x480 [ 28.538991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.539013] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.539049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.539074] ? __kthread_parkme+0x82/0x180 [ 28.539097] ? preempt_count_sub+0x50/0x80 [ 28.539121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.539144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.539171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.539198] kthread+0x337/0x6f0 [ 28.539218] ? trace_preempt_on+0x20/0xc0 [ 28.539242] ? __pfx_kthread+0x10/0x10 [ 28.539265] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.539289] ? calculate_sigpending+0x7b/0xa0 [ 28.539314] ? __pfx_kthread+0x10/0x10 [ 28.539337] ret_from_fork+0x116/0x1d0 [ 28.539358] ? __pfx_kthread+0x10/0x10 [ 28.539381] ret_from_fork_asm+0x1a/0x30 [ 28.539412] </TASK> [ 28.539425] [ 28.552414] Allocated by task 313: [ 28.552779] kasan_save_stack+0x45/0x70 [ 28.553165] kasan_save_track+0x18/0x40 [ 28.553302] kasan_save_alloc_info+0x3b/0x50 [ 28.553449] __kasan_kmalloc+0xb7/0xc0 [ 28.553813] __kmalloc_cache_noprof+0x189/0x420 [ 28.554249] kasan_atomics+0x95/0x310 [ 28.554608] kunit_try_run_case+0x1a5/0x480 [ 28.555006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.555500] kthread+0x337/0x6f0 [ 28.555830] ret_from_fork+0x116/0x1d0 [ 28.555968] ret_from_fork_asm+0x1a/0x30 [ 28.556106] [ 28.556172] The buggy address belongs to the object at ffff88810439e280 [ 28.556172] which belongs to the cache kmalloc-64 of size 64 [ 28.556554] The buggy address is located 0 bytes to the right of [ 28.556554] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.557224] [ 28.557331] The buggy address belongs to the physical page: [ 28.557584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.557900] flags: 0x200000000000000(node=0|zone=2) [ 28.558088] page_type: f5(slab) [ 28.558257] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.558640] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.558953] page dumped because: kasan: bad access detected [ 28.559216] [ 28.559304] Memory state around the buggy address: [ 28.559519] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.559850] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.560174] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.560465] ^ [ 28.560683] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.560965] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.561219] ================================================================== [ 28.957302] ================================================================== [ 28.957756] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 28.958118] Read of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.958445] [ 28.958591] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.958641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.958687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.958719] Call Trace: [ 28.958734] <TASK> [ 28.958751] dump_stack_lvl+0x73/0xb0 [ 28.958810] print_report+0xd1/0x610 [ 28.958835] ? __virt_addr_valid+0x1db/0x2d0 [ 28.958858] ? kasan_atomics_helper+0x4fb2/0x5450 [ 28.958880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.958930] ? kasan_atomics_helper+0x4fb2/0x5450 [ 28.958953] kasan_report+0x141/0x180 [ 28.958977] ? kasan_atomics_helper+0x4fb2/0x5450 [ 28.959004] __asan_report_load8_noabort+0x18/0x20 [ 28.959029] kasan_atomics_helper+0x4fb2/0x5450 [ 28.959053] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.959076] ? ret_from_fork_asm+0x1a/0x30 [ 28.959105] kasan_atomics+0x1dc/0x310 [ 28.959129] ? __pfx_kasan_atomics+0x10/0x10 [ 28.959154] ? __pfx_read_tsc+0x10/0x10 [ 28.959177] ? ktime_get_ts64+0x86/0x230 [ 28.959202] kunit_try_run_case+0x1a5/0x480 [ 28.959226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.959248] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.959273] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.959297] ? __kthread_parkme+0x82/0x180 [ 28.959319] ? preempt_count_sub+0x50/0x80 [ 28.959343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.959366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.959392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.959419] kthread+0x337/0x6f0 [ 28.959440] ? trace_preempt_on+0x20/0xc0 [ 28.959464] ? __pfx_kthread+0x10/0x10 [ 28.959526] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.959550] ? calculate_sigpending+0x7b/0xa0 [ 28.959574] ? __pfx_kthread+0x10/0x10 [ 28.959597] ret_from_fork+0x116/0x1d0 [ 28.959618] ? __pfx_kthread+0x10/0x10 [ 28.959642] ret_from_fork_asm+0x1a/0x30 [ 28.959675] </TASK> [ 28.959688] [ 28.967062] Allocated by task 313: [ 28.967235] kasan_save_stack+0x45/0x70 [ 28.967411] kasan_save_track+0x18/0x40 [ 28.967570] kasan_save_alloc_info+0x3b/0x50 [ 28.967814] __kasan_kmalloc+0xb7/0xc0 [ 28.968012] __kmalloc_cache_noprof+0x189/0x420 [ 28.968201] kasan_atomics+0x95/0x310 [ 28.968396] kunit_try_run_case+0x1a5/0x480 [ 28.968619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.968882] kthread+0x337/0x6f0 [ 28.969088] ret_from_fork+0x116/0x1d0 [ 28.969286] ret_from_fork_asm+0x1a/0x30 [ 28.969497] [ 28.969581] The buggy address belongs to the object at ffff88810439e280 [ 28.969581] which belongs to the cache kmalloc-64 of size 64 [ 28.970055] The buggy address is located 0 bytes to the right of [ 28.970055] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.970577] [ 28.970671] The buggy address belongs to the physical page: [ 28.970894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.971257] flags: 0x200000000000000(node=0|zone=2) [ 28.971514] page_type: f5(slab) [ 28.971723] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.972072] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.972406] page dumped because: kasan: bad access detected [ 28.972657] [ 28.972733] Memory state around the buggy address: [ 28.972913] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.973254] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.973582] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.973889] ^ [ 28.974092] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.974427] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.974747] ================================================================== [ 28.433566] ================================================================== [ 28.434072] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 28.434466] Read of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.434854] [ 28.434982] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.435029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.435043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.435065] Call Trace: [ 28.435081] <TASK> [ 28.435096] dump_stack_lvl+0x73/0xb0 [ 28.435124] print_report+0xd1/0x610 [ 28.435149] ? __virt_addr_valid+0x1db/0x2d0 [ 28.435173] ? kasan_atomics_helper+0x4eae/0x5450 [ 28.435195] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.435223] ? kasan_atomics_helper+0x4eae/0x5450 [ 28.435246] kasan_report+0x141/0x180 [ 28.435269] ? kasan_atomics_helper+0x4eae/0x5450 [ 28.435296] __asan_report_load8_noabort+0x18/0x20 [ 28.435321] kasan_atomics_helper+0x4eae/0x5450 [ 28.435356] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.435379] ? ret_from_fork_asm+0x1a/0x30 [ 28.435409] kasan_atomics+0x1dc/0x310 [ 28.435444] ? __pfx_kasan_atomics+0x10/0x10 [ 28.435470] ? __pfx_read_tsc+0x10/0x10 [ 28.435503] ? ktime_get_ts64+0x86/0x230 [ 28.435537] kunit_try_run_case+0x1a5/0x480 [ 28.435561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.435582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.435618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.435642] ? __kthread_parkme+0x82/0x180 [ 28.435664] ? preempt_count_sub+0x50/0x80 [ 28.435688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.435723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.435749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.435776] kthread+0x337/0x6f0 [ 28.435798] ? trace_preempt_on+0x20/0xc0 [ 28.435823] ? __pfx_kthread+0x10/0x10 [ 28.435851] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.435882] ? calculate_sigpending+0x7b/0xa0 [ 28.435908] ? __pfx_kthread+0x10/0x10 [ 28.435931] ret_from_fork+0x116/0x1d0 [ 28.435964] ? __pfx_kthread+0x10/0x10 [ 28.435986] ret_from_fork_asm+0x1a/0x30 [ 28.436017] </TASK> [ 28.436031] [ 28.443617] Allocated by task 313: [ 28.443801] kasan_save_stack+0x45/0x70 [ 28.443996] kasan_save_track+0x18/0x40 [ 28.444217] kasan_save_alloc_info+0x3b/0x50 [ 28.444442] __kasan_kmalloc+0xb7/0xc0 [ 28.444641] __kmalloc_cache_noprof+0x189/0x420 [ 28.444867] kasan_atomics+0x95/0x310 [ 28.445049] kunit_try_run_case+0x1a5/0x480 [ 28.445237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.445475] kthread+0x337/0x6f0 [ 28.445669] ret_from_fork+0x116/0x1d0 [ 28.445853] ret_from_fork_asm+0x1a/0x30 [ 28.445990] [ 28.446089] The buggy address belongs to the object at ffff88810439e280 [ 28.446089] which belongs to the cache kmalloc-64 of size 64 [ 28.446614] The buggy address is located 0 bytes to the right of [ 28.446614] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.446994] [ 28.447062] The buggy address belongs to the physical page: [ 28.447231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.447470] flags: 0x200000000000000(node=0|zone=2) [ 28.447627] page_type: f5(slab) [ 28.447829] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.448186] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.448556] page dumped because: kasan: bad access detected [ 28.448814] [ 28.448902] Memory state around the buggy address: [ 28.449121] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.449439] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.449950] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.450163] ^ [ 28.450317] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.450529] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.450749] ================================================================== [ 28.066743] ================================================================== [ 28.067160] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 28.067476] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.068349] [ 28.068455] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.068516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.068531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.068555] Call Trace: [ 28.068570] <TASK> [ 28.068588] dump_stack_lvl+0x73/0xb0 [ 28.068619] print_report+0xd1/0x610 [ 28.068645] ? __virt_addr_valid+0x1db/0x2d0 [ 28.068673] ? kasan_atomics_helper+0xde0/0x5450 [ 28.068695] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.068735] ? kasan_atomics_helper+0xde0/0x5450 [ 28.068759] kasan_report+0x141/0x180 [ 28.068782] ? kasan_atomics_helper+0xde0/0x5450 [ 28.068809] kasan_check_range+0x10c/0x1c0 [ 28.068834] __kasan_check_write+0x18/0x20 [ 28.068859] kasan_atomics_helper+0xde0/0x5450 [ 28.068883] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.068907] ? ret_from_fork_asm+0x1a/0x30 [ 28.068936] kasan_atomics+0x1dc/0x310 [ 28.068960] ? __pfx_kasan_atomics+0x10/0x10 [ 28.068986] ? __pfx_read_tsc+0x10/0x10 [ 28.069010] ? ktime_get_ts64+0x86/0x230 [ 28.069037] kunit_try_run_case+0x1a5/0x480 [ 28.069061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.069083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.069108] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.069133] ? __kthread_parkme+0x82/0x180 [ 28.069155] ? preempt_count_sub+0x50/0x80 [ 28.069181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.069204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.069231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.069258] kthread+0x337/0x6f0 [ 28.069279] ? trace_preempt_on+0x20/0xc0 [ 28.069303] ? __pfx_kthread+0x10/0x10 [ 28.069326] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.069348] ? calculate_sigpending+0x7b/0xa0 [ 28.069374] ? __pfx_kthread+0x10/0x10 [ 28.069397] ret_from_fork+0x116/0x1d0 [ 28.069418] ? __pfx_kthread+0x10/0x10 [ 28.069440] ret_from_fork_asm+0x1a/0x30 [ 28.069471] </TASK> [ 28.069484] [ 28.077998] Allocated by task 313: [ 28.078154] kasan_save_stack+0x45/0x70 [ 28.078355] kasan_save_track+0x18/0x40 [ 28.078539] kasan_save_alloc_info+0x3b/0x50 [ 28.079267] __kasan_kmalloc+0xb7/0xc0 [ 28.079441] __kmalloc_cache_noprof+0x189/0x420 [ 28.079853] kasan_atomics+0x95/0x310 [ 28.080116] kunit_try_run_case+0x1a5/0x480 [ 28.080452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.080809] kthread+0x337/0x6f0 [ 28.081117] ret_from_fork+0x116/0x1d0 [ 28.081325] ret_from_fork_asm+0x1a/0x30 [ 28.081490] [ 28.081590] The buggy address belongs to the object at ffff88810439e280 [ 28.081590] which belongs to the cache kmalloc-64 of size 64 [ 28.082141] The buggy address is located 0 bytes to the right of [ 28.082141] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.082772] [ 28.082904] The buggy address belongs to the physical page: [ 28.083081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.083412] flags: 0x200000000000000(node=0|zone=2) [ 28.083624] page_type: f5(slab) [ 28.083801] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.084189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.084468] page dumped because: kasan: bad access detected [ 28.084746] [ 28.084885] Memory state around the buggy address: [ 28.085113] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.085401] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.085758] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.086734] ^ [ 28.087123] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.087456] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.087984] ================================================================== [ 28.694371] ================================================================== [ 28.695075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 28.695402] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.695971] [ 28.696190] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.696247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.696262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.696285] Call Trace: [ 28.696401] <TASK> [ 28.696420] dump_stack_lvl+0x73/0xb0 [ 28.696452] print_report+0xd1/0x610 [ 28.696479] ? __virt_addr_valid+0x1db/0x2d0 [ 28.696513] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.696546] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.696573] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.696597] kasan_report+0x141/0x180 [ 28.696620] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.696648] kasan_check_range+0x10c/0x1c0 [ 28.696673] __kasan_check_write+0x18/0x20 [ 28.696709] kasan_atomics_helper+0x1a7f/0x5450 [ 28.696733] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.696757] ? ret_from_fork_asm+0x1a/0x30 [ 28.696786] kasan_atomics+0x1dc/0x310 [ 28.696810] ? __pfx_kasan_atomics+0x10/0x10 [ 28.696836] ? __pfx_read_tsc+0x10/0x10 [ 28.696859] ? ktime_get_ts64+0x86/0x230 [ 28.696885] kunit_try_run_case+0x1a5/0x480 [ 28.696908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.696930] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.696956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.696981] ? __kthread_parkme+0x82/0x180 [ 28.697003] ? preempt_count_sub+0x50/0x80 [ 28.697027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.697050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.697075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.697103] kthread+0x337/0x6f0 [ 28.697125] ? trace_preempt_on+0x20/0xc0 [ 28.697150] ? __pfx_kthread+0x10/0x10 [ 28.697173] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.697196] ? calculate_sigpending+0x7b/0xa0 [ 28.697222] ? __pfx_kthread+0x10/0x10 [ 28.697244] ret_from_fork+0x116/0x1d0 [ 28.697267] ? __pfx_kthread+0x10/0x10 [ 28.697289] ret_from_fork_asm+0x1a/0x30 [ 28.697321] </TASK> [ 28.697334] [ 28.704570] Allocated by task 313: [ 28.704763] kasan_save_stack+0x45/0x70 [ 28.704965] kasan_save_track+0x18/0x40 [ 28.705157] kasan_save_alloc_info+0x3b/0x50 [ 28.705456] __kasan_kmalloc+0xb7/0xc0 [ 28.705720] __kmalloc_cache_noprof+0x189/0x420 [ 28.705875] kasan_atomics+0x95/0x310 [ 28.706060] kunit_try_run_case+0x1a5/0x480 [ 28.706264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.706445] kthread+0x337/0x6f0 [ 28.706707] ret_from_fork+0x116/0x1d0 [ 28.706909] ret_from_fork_asm+0x1a/0x30 [ 28.707090] [ 28.707176] The buggy address belongs to the object at ffff88810439e280 [ 28.707176] which belongs to the cache kmalloc-64 of size 64 [ 28.707676] The buggy address is located 0 bytes to the right of [ 28.707676] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.708207] [ 28.708331] The buggy address belongs to the physical page: [ 28.708499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.708745] flags: 0x200000000000000(node=0|zone=2) [ 28.708903] page_type: f5(slab) [ 28.709081] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.709416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.709910] page dumped because: kasan: bad access detected [ 28.710079] [ 28.710144] Memory state around the buggy address: [ 28.710296] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.710509] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.711065] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.711379] ^ [ 28.711763] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.712085] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.712319] ================================================================== [ 27.852381] ================================================================== [ 27.852687] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 27.852983] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.853399] [ 27.853532] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.853586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.853602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.853628] Call Trace: [ 27.853656] <TASK> [ 27.853674] dump_stack_lvl+0x73/0xb0 [ 27.853725] print_report+0xd1/0x610 [ 27.853759] ? __virt_addr_valid+0x1db/0x2d0 [ 27.853785] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.853806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.853845] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.853868] kasan_report+0x141/0x180 [ 27.853948] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.853981] kasan_check_range+0x10c/0x1c0 [ 27.854018] __kasan_check_write+0x18/0x20 [ 27.854042] kasan_atomics_helper+0x7c7/0x5450 [ 27.854066] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.854101] ? ret_from_fork_asm+0x1a/0x30 [ 27.854130] kasan_atomics+0x1dc/0x310 [ 27.854154] ? __pfx_kasan_atomics+0x10/0x10 [ 27.854190] ? __pfx_read_tsc+0x10/0x10 [ 27.854214] ? ktime_get_ts64+0x86/0x230 [ 27.854241] kunit_try_run_case+0x1a5/0x480 [ 27.854264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.854285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.854311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.854344] ? __kthread_parkme+0x82/0x180 [ 27.854367] ? preempt_count_sub+0x50/0x80 [ 27.854391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.854425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.854451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.854477] kthread+0x337/0x6f0 [ 27.854510] ? trace_preempt_on+0x20/0xc0 [ 27.854544] ? __pfx_kthread+0x10/0x10 [ 27.854565] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.854588] ? calculate_sigpending+0x7b/0xa0 [ 27.854624] ? __pfx_kthread+0x10/0x10 [ 27.854648] ret_from_fork+0x116/0x1d0 [ 27.854668] ? __pfx_kthread+0x10/0x10 [ 27.854690] ret_from_fork_asm+0x1a/0x30 [ 27.854731] </TASK> [ 27.854744] [ 27.867588] Allocated by task 313: [ 27.867986] kasan_save_stack+0x45/0x70 [ 27.868458] kasan_save_track+0x18/0x40 [ 27.868772] kasan_save_alloc_info+0x3b/0x50 [ 27.869093] __kasan_kmalloc+0xb7/0xc0 [ 27.869375] __kmalloc_cache_noprof+0x189/0x420 [ 27.869707] kasan_atomics+0x95/0x310 [ 27.870004] kunit_try_run_case+0x1a5/0x480 [ 27.870305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.870752] kthread+0x337/0x6f0 [ 27.871116] ret_from_fork+0x116/0x1d0 [ 27.871435] ret_from_fork_asm+0x1a/0x30 [ 27.871665] [ 27.871775] The buggy address belongs to the object at ffff88810439e280 [ 27.871775] which belongs to the cache kmalloc-64 of size 64 [ 27.872485] The buggy address is located 0 bytes to the right of [ 27.872485] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.873349] [ 27.873458] The buggy address belongs to the physical page: [ 27.873780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.874161] flags: 0x200000000000000(node=0|zone=2) [ 27.874481] page_type: f5(slab) [ 27.874712] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.874999] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.875364] page dumped because: kasan: bad access detected [ 27.875567] [ 27.875797] Memory state around the buggy address: [ 27.876223] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.876547] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.877005] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.877326] ^ [ 27.877562] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.877970] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.878350] ================================================================== [ 28.975640] ================================================================== [ 28.976230] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 28.976468] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.976766] [ 28.976872] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.976922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.976936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.976958] Call Trace: [ 28.976974] <TASK> [ 28.976990] dump_stack_lvl+0x73/0xb0 [ 28.977018] print_report+0xd1/0x610 [ 28.977043] ? __virt_addr_valid+0x1db/0x2d0 [ 28.977068] ? kasan_atomics_helper+0x218a/0x5450 [ 28.977091] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.977118] ? kasan_atomics_helper+0x218a/0x5450 [ 28.977141] kasan_report+0x141/0x180 [ 28.977165] ? kasan_atomics_helper+0x218a/0x5450 [ 28.977191] kasan_check_range+0x10c/0x1c0 [ 28.977215] __kasan_check_write+0x18/0x20 [ 28.977240] kasan_atomics_helper+0x218a/0x5450 [ 28.977263] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.977286] ? ret_from_fork_asm+0x1a/0x30 [ 28.977316] kasan_atomics+0x1dc/0x310 [ 28.977339] ? __pfx_kasan_atomics+0x10/0x10 [ 28.977364] ? __pfx_read_tsc+0x10/0x10 [ 28.977388] ? ktime_get_ts64+0x86/0x230 [ 28.977438] kunit_try_run_case+0x1a5/0x480 [ 28.977463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.977484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.977509] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.977533] ? __kthread_parkme+0x82/0x180 [ 28.977555] ? preempt_count_sub+0x50/0x80 [ 28.977581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.977605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.977631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.977657] kthread+0x337/0x6f0 [ 28.977679] ? trace_preempt_on+0x20/0xc0 [ 28.977712] ? __pfx_kthread+0x10/0x10 [ 28.977734] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.977757] ? calculate_sigpending+0x7b/0xa0 [ 28.977800] ? __pfx_kthread+0x10/0x10 [ 28.977836] ret_from_fork+0x116/0x1d0 [ 28.977857] ? __pfx_kthread+0x10/0x10 [ 28.977892] ret_from_fork_asm+0x1a/0x30 [ 28.977939] </TASK> [ 28.977951] [ 28.989289] Allocated by task 313: [ 28.989426] kasan_save_stack+0x45/0x70 [ 28.989645] kasan_save_track+0x18/0x40 [ 28.989850] kasan_save_alloc_info+0x3b/0x50 [ 28.990064] __kasan_kmalloc+0xb7/0xc0 [ 28.990248] __kmalloc_cache_noprof+0x189/0x420 [ 28.990474] kasan_atomics+0x95/0x310 [ 28.990622] kunit_try_run_case+0x1a5/0x480 [ 28.990838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.991113] kthread+0x337/0x6f0 [ 28.991290] ret_from_fork+0x116/0x1d0 [ 28.991487] ret_from_fork_asm+0x1a/0x30 [ 28.991680] [ 28.991813] The buggy address belongs to the object at ffff88810439e280 [ 28.991813] which belongs to the cache kmalloc-64 of size 64 [ 28.992249] The buggy address is located 0 bytes to the right of [ 28.992249] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.992798] [ 28.992895] The buggy address belongs to the physical page: [ 28.993169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.993494] flags: 0x200000000000000(node=0|zone=2) [ 28.993758] page_type: f5(slab) [ 28.993895] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.994217] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.994677] page dumped because: kasan: bad access detected [ 28.994907] [ 28.994974] Memory state around the buggy address: [ 28.995128] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.995408] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.995946] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.996202] ^ [ 28.996355] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.996608] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.997104] ================================================================== [ 28.561744] ================================================================== [ 28.562175] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 28.562484] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.562787] [ 28.562903] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.562952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.562976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.562998] Call Trace: [ 28.563013] <TASK> [ 28.563029] dump_stack_lvl+0x73/0xb0 [ 28.563059] print_report+0xd1/0x610 [ 28.563084] ? __virt_addr_valid+0x1db/0x2d0 [ 28.563109] ? kasan_atomics_helper+0x16e7/0x5450 [ 28.563131] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.563158] ? kasan_atomics_helper+0x16e7/0x5450 [ 28.563180] kasan_report+0x141/0x180 [ 28.563204] ? kasan_atomics_helper+0x16e7/0x5450 [ 28.563231] kasan_check_range+0x10c/0x1c0 [ 28.563266] __kasan_check_write+0x18/0x20 [ 28.563290] kasan_atomics_helper+0x16e7/0x5450 [ 28.563314] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.563343] ? ret_from_fork_asm+0x1a/0x30 [ 28.563372] kasan_atomics+0x1dc/0x310 [ 28.563396] ? __pfx_kasan_atomics+0x10/0x10 [ 28.563421] ? __pfx_read_tsc+0x10/0x10 [ 28.563445] ? ktime_get_ts64+0x86/0x230 [ 28.563471] kunit_try_run_case+0x1a5/0x480 [ 28.563509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.563531] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.563556] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.563580] ? __kthread_parkme+0x82/0x180 [ 28.563602] ? preempt_count_sub+0x50/0x80 [ 28.563627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.563651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.563677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.563713] kthread+0x337/0x6f0 [ 28.563735] ? trace_preempt_on+0x20/0xc0 [ 28.563759] ? __pfx_kthread+0x10/0x10 [ 28.563781] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.563804] ? calculate_sigpending+0x7b/0xa0 [ 28.563829] ? __pfx_kthread+0x10/0x10 [ 28.563855] ret_from_fork+0x116/0x1d0 [ 28.563877] ? __pfx_kthread+0x10/0x10 [ 28.563899] ret_from_fork_asm+0x1a/0x30 [ 28.563931] </TASK> [ 28.563943] [ 28.573685] Allocated by task 313: [ 28.574025] kasan_save_stack+0x45/0x70 [ 28.574225] kasan_save_track+0x18/0x40 [ 28.574397] kasan_save_alloc_info+0x3b/0x50 [ 28.575011] __kasan_kmalloc+0xb7/0xc0 [ 28.575287] __kmalloc_cache_noprof+0x189/0x420 [ 28.575639] kasan_atomics+0x95/0x310 [ 28.575841] kunit_try_run_case+0x1a5/0x480 [ 28.576036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.576271] kthread+0x337/0x6f0 [ 28.576427] ret_from_fork+0x116/0x1d0 [ 28.577074] ret_from_fork_asm+0x1a/0x30 [ 28.577372] [ 28.577602] The buggy address belongs to the object at ffff88810439e280 [ 28.577602] which belongs to the cache kmalloc-64 of size 64 [ 28.578531] The buggy address is located 0 bytes to the right of [ 28.578531] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.579130] [ 28.579226] The buggy address belongs to the physical page: [ 28.579463] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.580053] flags: 0x200000000000000(node=0|zone=2) [ 28.580502] page_type: f5(slab) [ 28.580676] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.581007] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.581317] page dumped because: kasan: bad access detected [ 28.581787] [ 28.582026] Memory state around the buggy address: [ 28.582390] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.583159] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.583610] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.584120] ^ [ 28.584746] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.585212] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.585915] ================================================================== [ 27.721918] ================================================================== [ 27.722212] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 27.722708] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.722978] [ 27.723063] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.723159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.723176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.723200] Call Trace: [ 27.723219] <TASK> [ 27.723237] dump_stack_lvl+0x73/0xb0 [ 27.723269] print_report+0xd1/0x610 [ 27.723292] ? __virt_addr_valid+0x1db/0x2d0 [ 27.723318] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.723340] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.723368] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.723391] kasan_report+0x141/0x180 [ 27.723414] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.723441] __asan_report_store4_noabort+0x1b/0x30 [ 27.723467] kasan_atomics_helper+0x4b3a/0x5450 [ 27.723491] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.723514] ? ret_from_fork_asm+0x1a/0x30 [ 27.723543] kasan_atomics+0x1dc/0x310 [ 27.723568] ? __pfx_kasan_atomics+0x10/0x10 [ 27.723593] ? __pfx_read_tsc+0x10/0x10 [ 27.723617] ? ktime_get_ts64+0x86/0x230 [ 27.723642] kunit_try_run_case+0x1a5/0x480 [ 27.723666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.723688] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.723725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.723750] ? __kthread_parkme+0x82/0x180 [ 27.723772] ? preempt_count_sub+0x50/0x80 [ 27.723798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.723821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.723855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.723883] kthread+0x337/0x6f0 [ 27.723945] ? trace_preempt_on+0x20/0xc0 [ 27.723970] ? __pfx_kthread+0x10/0x10 [ 27.723992] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.724016] ? calculate_sigpending+0x7b/0xa0 [ 27.724041] ? __pfx_kthread+0x10/0x10 [ 27.724065] ret_from_fork+0x116/0x1d0 [ 27.724087] ? __pfx_kthread+0x10/0x10 [ 27.724110] ret_from_fork_asm+0x1a/0x30 [ 27.724142] </TASK> [ 27.724154] [ 27.732045] Allocated by task 313: [ 27.732234] kasan_save_stack+0x45/0x70 [ 27.732410] kasan_save_track+0x18/0x40 [ 27.732553] kasan_save_alloc_info+0x3b/0x50 [ 27.732788] __kasan_kmalloc+0xb7/0xc0 [ 27.733033] __kmalloc_cache_noprof+0x189/0x420 [ 27.733200] kasan_atomics+0x95/0x310 [ 27.733330] kunit_try_run_case+0x1a5/0x480 [ 27.733530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.733823] kthread+0x337/0x6f0 [ 27.734138] ret_from_fork+0x116/0x1d0 [ 27.734339] ret_from_fork_asm+0x1a/0x30 [ 27.734547] [ 27.734617] The buggy address belongs to the object at ffff88810439e280 [ 27.734617] which belongs to the cache kmalloc-64 of size 64 [ 27.734987] The buggy address is located 0 bytes to the right of [ 27.734987] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.735476] [ 27.735570] The buggy address belongs to the physical page: [ 27.735829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.736482] flags: 0x200000000000000(node=0|zone=2) [ 27.736651] page_type: f5(slab) [ 27.736784] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.737022] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.737671] page dumped because: kasan: bad access detected [ 27.738349] [ 27.738456] Memory state around the buggy address: [ 27.738881] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.739105] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.739426] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.739661] ^ [ 27.739829] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.740380] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.740733] ================================================================== [ 28.488231] ================================================================== [ 28.488597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 28.488935] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.489162] [ 28.489247] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.489296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.489312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.489334] Call Trace: [ 28.489351] <TASK> [ 28.489367] dump_stack_lvl+0x73/0xb0 [ 28.489396] print_report+0xd1/0x610 [ 28.489421] ? __virt_addr_valid+0x1db/0x2d0 [ 28.489446] ? kasan_atomics_helper+0x151d/0x5450 [ 28.489469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.489498] ? kasan_atomics_helper+0x151d/0x5450 [ 28.489521] kasan_report+0x141/0x180 [ 28.489545] ? kasan_atomics_helper+0x151d/0x5450 [ 28.489574] kasan_check_range+0x10c/0x1c0 [ 28.489600] __kasan_check_write+0x18/0x20 [ 28.489624] kasan_atomics_helper+0x151d/0x5450 [ 28.489649] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.489673] ? ret_from_fork_asm+0x1a/0x30 [ 28.489714] kasan_atomics+0x1dc/0x310 [ 28.489739] ? __pfx_kasan_atomics+0x10/0x10 [ 28.489764] ? __pfx_read_tsc+0x10/0x10 [ 28.489788] ? ktime_get_ts64+0x86/0x230 [ 28.489814] kunit_try_run_case+0x1a5/0x480 [ 28.489837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.489860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.489906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.489931] ? __kthread_parkme+0x82/0x180 [ 28.489953] ? preempt_count_sub+0x50/0x80 [ 28.489989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.490013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.490040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.490067] kthread+0x337/0x6f0 [ 28.490088] ? trace_preempt_on+0x20/0xc0 [ 28.490113] ? __pfx_kthread+0x10/0x10 [ 28.490135] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.490159] ? calculate_sigpending+0x7b/0xa0 [ 28.490184] ? __pfx_kthread+0x10/0x10 [ 28.490208] ret_from_fork+0x116/0x1d0 [ 28.490229] ? __pfx_kthread+0x10/0x10 [ 28.490252] ret_from_fork_asm+0x1a/0x30 [ 28.490284] </TASK> [ 28.490297] [ 28.498335] Allocated by task 313: [ 28.498566] kasan_save_stack+0x45/0x70 [ 28.498745] kasan_save_track+0x18/0x40 [ 28.498944] kasan_save_alloc_info+0x3b/0x50 [ 28.499140] __kasan_kmalloc+0xb7/0xc0 [ 28.499271] __kmalloc_cache_noprof+0x189/0x420 [ 28.499422] kasan_atomics+0x95/0x310 [ 28.499729] kunit_try_run_case+0x1a5/0x480 [ 28.499941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.500195] kthread+0x337/0x6f0 [ 28.500316] ret_from_fork+0x116/0x1d0 [ 28.500447] ret_from_fork_asm+0x1a/0x30 [ 28.500858] [ 28.500950] The buggy address belongs to the object at ffff88810439e280 [ 28.500950] which belongs to the cache kmalloc-64 of size 64 [ 28.501523] The buggy address is located 0 bytes to the right of [ 28.501523] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.501941] [ 28.502035] The buggy address belongs to the physical page: [ 28.502308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.502665] flags: 0x200000000000000(node=0|zone=2) [ 28.502879] page_type: f5(slab) [ 28.503057] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.503377] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.503738] page dumped because: kasan: bad access detected [ 28.504000] [ 28.504096] Memory state around the buggy address: [ 28.504306] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.504610] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.504928] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.505240] ^ [ 28.505447] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.505957] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.506170] ================================================================== [ 27.683047] ================================================================== [ 27.683358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 27.683734] Read of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.684045] [ 27.684136] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.684184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.684199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.684224] Call Trace: [ 27.684243] <TASK> [ 27.684261] dump_stack_lvl+0x73/0xb0 [ 27.684292] print_report+0xd1/0x610 [ 27.684315] ? __virt_addr_valid+0x1db/0x2d0 [ 27.684342] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.684365] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.684392] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.684415] kasan_report+0x141/0x180 [ 27.684438] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.684465] __asan_report_load4_noabort+0x18/0x20 [ 27.684492] kasan_atomics_helper+0x4b54/0x5450 [ 27.684515] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.684539] ? ret_from_fork_asm+0x1a/0x30 [ 27.684578] kasan_atomics+0x1dc/0x310 [ 27.684602] ? __pfx_kasan_atomics+0x10/0x10 [ 27.684628] ? __pfx_read_tsc+0x10/0x10 [ 27.684652] ? ktime_get_ts64+0x86/0x230 [ 27.684679] kunit_try_run_case+0x1a5/0x480 [ 27.684715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.684737] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.684762] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.684786] ? __kthread_parkme+0x82/0x180 [ 27.684808] ? preempt_count_sub+0x50/0x80 [ 27.684834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.684857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.684885] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.685057] kthread+0x337/0x6f0 [ 27.685080] ? trace_preempt_on+0x20/0xc0 [ 27.685106] ? __pfx_kthread+0x10/0x10 [ 27.685129] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.685152] ? calculate_sigpending+0x7b/0xa0 [ 27.685179] ? __pfx_kthread+0x10/0x10 [ 27.685202] ret_from_fork+0x116/0x1d0 [ 27.685224] ? __pfx_kthread+0x10/0x10 [ 27.685246] ret_from_fork_asm+0x1a/0x30 [ 27.685279] </TASK> [ 27.685292] [ 27.692921] Allocated by task 313: [ 27.693056] kasan_save_stack+0x45/0x70 [ 27.693559] kasan_save_track+0x18/0x40 [ 27.693785] kasan_save_alloc_info+0x3b/0x50 [ 27.694070] __kasan_kmalloc+0xb7/0xc0 [ 27.694265] __kmalloc_cache_noprof+0x189/0x420 [ 27.694486] kasan_atomics+0x95/0x310 [ 27.694673] kunit_try_run_case+0x1a5/0x480 [ 27.694832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.695008] kthread+0x337/0x6f0 [ 27.695154] ret_from_fork+0x116/0x1d0 [ 27.695408] ret_from_fork_asm+0x1a/0x30 [ 27.695630] [ 27.695763] The buggy address belongs to the object at ffff88810439e280 [ 27.695763] which belongs to the cache kmalloc-64 of size 64 [ 27.696390] The buggy address is located 0 bytes to the right of [ 27.696390] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.696884] [ 27.696956] The buggy address belongs to the physical page: [ 27.697211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.697833] flags: 0x200000000000000(node=0|zone=2) [ 27.698040] page_type: f5(slab) [ 27.698209] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.698543] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.698790] page dumped because: kasan: bad access detected [ 27.699022] [ 27.699114] Memory state around the buggy address: [ 27.699296] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.699510] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.699732] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.700439] ^ [ 27.700780] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.701175] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.701683] ================================================================== [ 28.387325] ================================================================== [ 28.388128] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 28.389197] Read of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.389664] [ 28.389919] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.389973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.389988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.390021] Call Trace: [ 28.390039] <TASK> [ 28.390058] dump_stack_lvl+0x73/0xb0 [ 28.390101] print_report+0xd1/0x610 [ 28.390127] ? __virt_addr_valid+0x1db/0x2d0 [ 28.390154] ? kasan_atomics_helper+0x49ce/0x5450 [ 28.390177] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.390204] ? kasan_atomics_helper+0x49ce/0x5450 [ 28.390228] kasan_report+0x141/0x180 [ 28.390252] ? kasan_atomics_helper+0x49ce/0x5450 [ 28.390279] __asan_report_load4_noabort+0x18/0x20 [ 28.390304] kasan_atomics_helper+0x49ce/0x5450 [ 28.390328] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.390352] ? ret_from_fork_asm+0x1a/0x30 [ 28.390381] kasan_atomics+0x1dc/0x310 [ 28.390405] ? __pfx_kasan_atomics+0x10/0x10 [ 28.390430] ? __pfx_read_tsc+0x10/0x10 [ 28.390454] ? ktime_get_ts64+0x86/0x230 [ 28.390480] kunit_try_run_case+0x1a5/0x480 [ 28.390517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.390538] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.390564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.390589] ? __kthread_parkme+0x82/0x180 [ 28.390611] ? preempt_count_sub+0x50/0x80 [ 28.390636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.390659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.390686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.390722] kthread+0x337/0x6f0 [ 28.390743] ? trace_preempt_on+0x20/0xc0 [ 28.390768] ? __pfx_kthread+0x10/0x10 [ 28.390790] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.390813] ? calculate_sigpending+0x7b/0xa0 [ 28.390838] ? __pfx_kthread+0x10/0x10 [ 28.390860] ret_from_fork+0x116/0x1d0 [ 28.390882] ? __pfx_kthread+0x10/0x10 [ 28.390903] ret_from_fork_asm+0x1a/0x30 [ 28.390937] </TASK> [ 28.390949] [ 28.402320] Allocated by task 313: [ 28.402445] kasan_save_stack+0x45/0x70 [ 28.402828] kasan_save_track+0x18/0x40 [ 28.403185] kasan_save_alloc_info+0x3b/0x50 [ 28.403608] __kasan_kmalloc+0xb7/0xc0 [ 28.403973] __kmalloc_cache_noprof+0x189/0x420 [ 28.404385] kasan_atomics+0x95/0x310 [ 28.404739] kunit_try_run_case+0x1a5/0x480 [ 28.405135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.405509] kthread+0x337/0x6f0 [ 28.405751] ret_from_fork+0x116/0x1d0 [ 28.406002] ret_from_fork_asm+0x1a/0x30 [ 28.406249] [ 28.406318] The buggy address belongs to the object at ffff88810439e280 [ 28.406318] which belongs to the cache kmalloc-64 of size 64 [ 28.406935] The buggy address is located 0 bytes to the right of [ 28.406935] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.407514] [ 28.407584] The buggy address belongs to the physical page: [ 28.408052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.408297] flags: 0x200000000000000(node=0|zone=2) [ 28.408460] page_type: f5(slab) [ 28.408615] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.409135] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.409361] page dumped because: kasan: bad access detected [ 28.409639] [ 28.409817] Memory state around the buggy address: [ 28.410268] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.410936] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.411625] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.412089] ^ [ 28.412249] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.412473] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.413107] ================================================================== [ 28.823885] ================================================================== [ 28.824207] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 28.824467] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.824816] [ 28.824910] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.824972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.824986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.825009] Call Trace: [ 28.825024] <TASK> [ 28.825040] dump_stack_lvl+0x73/0xb0 [ 28.825068] print_report+0xd1/0x610 [ 28.825094] ? __virt_addr_valid+0x1db/0x2d0 [ 28.825119] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.825142] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.825170] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.825193] kasan_report+0x141/0x180 [ 28.825216] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.825244] kasan_check_range+0x10c/0x1c0 [ 28.825270] __kasan_check_write+0x18/0x20 [ 28.825294] kasan_atomics_helper+0x1e12/0x5450 [ 28.825319] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.825342] ? ret_from_fork_asm+0x1a/0x30 [ 28.825371] kasan_atomics+0x1dc/0x310 [ 28.825396] ? __pfx_kasan_atomics+0x10/0x10 [ 28.825421] ? __pfx_read_tsc+0x10/0x10 [ 28.825445] ? ktime_get_ts64+0x86/0x230 [ 28.825470] kunit_try_run_case+0x1a5/0x480 [ 28.825503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.825526] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.825551] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.825576] ? __kthread_parkme+0x82/0x180 [ 28.825599] ? preempt_count_sub+0x50/0x80 [ 28.825624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.825647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.825674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.825711] kthread+0x337/0x6f0 [ 28.825733] ? trace_preempt_on+0x20/0xc0 [ 28.825757] ? __pfx_kthread+0x10/0x10 [ 28.825780] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.825802] ? calculate_sigpending+0x7b/0xa0 [ 28.825827] ? __pfx_kthread+0x10/0x10 [ 28.825850] ret_from_fork+0x116/0x1d0 [ 28.825872] ? __pfx_kthread+0x10/0x10 [ 28.825894] ret_from_fork_asm+0x1a/0x30 [ 28.825926] </TASK> [ 28.825939] [ 28.832928] Allocated by task 313: [ 28.833104] kasan_save_stack+0x45/0x70 [ 28.833298] kasan_save_track+0x18/0x40 [ 28.833431] kasan_save_alloc_info+0x3b/0x50 [ 28.833675] __kasan_kmalloc+0xb7/0xc0 [ 28.833939] __kmalloc_cache_noprof+0x189/0x420 [ 28.834091] kasan_atomics+0x95/0x310 [ 28.834219] kunit_try_run_case+0x1a5/0x480 [ 28.834360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.834534] kthread+0x337/0x6f0 [ 28.834652] ret_from_fork+0x116/0x1d0 [ 28.834792] ret_from_fork_asm+0x1a/0x30 [ 28.834930] [ 28.834995] The buggy address belongs to the object at ffff88810439e280 [ 28.834995] which belongs to the cache kmalloc-64 of size 64 [ 28.835404] The buggy address is located 0 bytes to the right of [ 28.835404] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.835965] [ 28.836059] The buggy address belongs to the physical page: [ 28.836305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.836656] flags: 0x200000000000000(node=0|zone=2) [ 28.836967] page_type: f5(slab) [ 28.837132] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.837709] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.838026] page dumped because: kasan: bad access detected [ 28.838194] [ 28.838261] Memory state around the buggy address: [ 28.838411] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.838982] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.839299] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.839798] ^ [ 28.840025] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.840327] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.841020] ================================================================== [ 28.122326] ================================================================== [ 28.123298] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 28.123949] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.124272] [ 28.124377] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.124428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.124443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.124468] Call Trace: [ 28.124485] <TASK> [ 28.124878] dump_stack_lvl+0x73/0xb0 [ 28.124913] print_report+0xd1/0x610 [ 28.124940] ? __virt_addr_valid+0x1db/0x2d0 [ 28.125005] ? kasan_atomics_helper+0xf10/0x5450 [ 28.125028] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.125056] ? kasan_atomics_helper+0xf10/0x5450 [ 28.125079] kasan_report+0x141/0x180 [ 28.125104] ? kasan_atomics_helper+0xf10/0x5450 [ 28.125132] kasan_check_range+0x10c/0x1c0 [ 28.125158] __kasan_check_write+0x18/0x20 [ 28.125182] kasan_atomics_helper+0xf10/0x5450 [ 28.125207] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.125230] ? ret_from_fork_asm+0x1a/0x30 [ 28.125259] kasan_atomics+0x1dc/0x310 [ 28.125284] ? __pfx_kasan_atomics+0x10/0x10 [ 28.125310] ? __pfx_read_tsc+0x10/0x10 [ 28.125334] ? ktime_get_ts64+0x86/0x230 [ 28.125359] kunit_try_run_case+0x1a5/0x480 [ 28.125383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.125405] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.125431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.125456] ? __kthread_parkme+0x82/0x180 [ 28.125479] ? preempt_count_sub+0x50/0x80 [ 28.125517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.125541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.125567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.125593] kthread+0x337/0x6f0 [ 28.125615] ? trace_preempt_on+0x20/0xc0 [ 28.125639] ? __pfx_kthread+0x10/0x10 [ 28.125662] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.125685] ? calculate_sigpending+0x7b/0xa0 [ 28.125722] ? __pfx_kthread+0x10/0x10 [ 28.125745] ret_from_fork+0x116/0x1d0 [ 28.125767] ? __pfx_kthread+0x10/0x10 [ 28.125866] ret_from_fork_asm+0x1a/0x30 [ 28.125899] </TASK> [ 28.125913] [ 28.138651] Allocated by task 313: [ 28.138860] kasan_save_stack+0x45/0x70 [ 28.139222] kasan_save_track+0x18/0x40 [ 28.139401] kasan_save_alloc_info+0x3b/0x50 [ 28.139947] __kasan_kmalloc+0xb7/0xc0 [ 28.140208] __kmalloc_cache_noprof+0x189/0x420 [ 28.140673] kasan_atomics+0x95/0x310 [ 28.141041] kunit_try_run_case+0x1a5/0x480 [ 28.141242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.141469] kthread+0x337/0x6f0 [ 28.141931] ret_from_fork+0x116/0x1d0 [ 28.142264] ret_from_fork_asm+0x1a/0x30 [ 28.142663] [ 28.142917] The buggy address belongs to the object at ffff88810439e280 [ 28.142917] which belongs to the cache kmalloc-64 of size 64 [ 28.143596] The buggy address is located 0 bytes to the right of [ 28.143596] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.144571] [ 28.144815] The buggy address belongs to the physical page: [ 28.145284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.145743] flags: 0x200000000000000(node=0|zone=2) [ 28.145980] page_type: f5(slab) [ 28.146135] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.146441] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.147544] page dumped because: kasan: bad access detected [ 28.148015] [ 28.148118] Memory state around the buggy address: [ 28.148330] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.148741] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.149565] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.150302] ^ [ 28.150661] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.151153] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.151455] ================================================================== [ 27.791565] ================================================================== [ 27.792340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 27.792966] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.793299] [ 27.793419] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.793471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.793486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.793788] Call Trace: [ 27.793811] <TASK> [ 27.793831] dump_stack_lvl+0x73/0xb0 [ 27.793865] print_report+0xd1/0x610 [ 27.793891] ? __virt_addr_valid+0x1db/0x2d0 [ 27.793917] ? kasan_atomics_helper+0x697/0x5450 [ 27.793939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.793967] ? kasan_atomics_helper+0x697/0x5450 [ 27.793990] kasan_report+0x141/0x180 [ 27.794014] ? kasan_atomics_helper+0x697/0x5450 [ 27.794040] kasan_check_range+0x10c/0x1c0 [ 27.794066] __kasan_check_write+0x18/0x20 [ 27.794090] kasan_atomics_helper+0x697/0x5450 [ 27.794114] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.794137] ? ret_from_fork_asm+0x1a/0x30 [ 27.794166] kasan_atomics+0x1dc/0x310 [ 27.794191] ? __pfx_kasan_atomics+0x10/0x10 [ 27.794215] ? __pfx_read_tsc+0x10/0x10 [ 27.794240] ? ktime_get_ts64+0x86/0x230 [ 27.794266] kunit_try_run_case+0x1a5/0x480 [ 27.794290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.794312] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.794337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.794362] ? __kthread_parkme+0x82/0x180 [ 27.794385] ? preempt_count_sub+0x50/0x80 [ 27.794409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.794433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.794459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.794486] kthread+0x337/0x6f0 [ 27.794717] ? trace_preempt_on+0x20/0xc0 [ 27.794743] ? __pfx_kthread+0x10/0x10 [ 27.794766] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.794841] ? calculate_sigpending+0x7b/0xa0 [ 27.794868] ? __pfx_kthread+0x10/0x10 [ 27.794892] ret_from_fork+0x116/0x1d0 [ 27.794914] ? __pfx_kthread+0x10/0x10 [ 27.794937] ret_from_fork_asm+0x1a/0x30 [ 27.794970] </TASK> [ 27.794984] [ 27.808621] Allocated by task 313: [ 27.808831] kasan_save_stack+0x45/0x70 [ 27.809207] kasan_save_track+0x18/0x40 [ 27.809548] kasan_save_alloc_info+0x3b/0x50 [ 27.810021] __kasan_kmalloc+0xb7/0xc0 [ 27.810427] __kmalloc_cache_noprof+0x189/0x420 [ 27.810784] kasan_atomics+0x95/0x310 [ 27.810946] kunit_try_run_case+0x1a5/0x480 [ 27.811094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.811269] kthread+0x337/0x6f0 [ 27.811389] ret_from_fork+0x116/0x1d0 [ 27.811673] ret_from_fork_asm+0x1a/0x30 [ 27.812134] [ 27.812299] The buggy address belongs to the object at ffff88810439e280 [ 27.812299] which belongs to the cache kmalloc-64 of size 64 [ 27.813602] The buggy address is located 0 bytes to the right of [ 27.813602] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.815107] [ 27.815281] The buggy address belongs to the physical page: [ 27.815823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.816335] flags: 0x200000000000000(node=0|zone=2) [ 27.816548] page_type: f5(slab) [ 27.816919] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.817585] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.818373] page dumped because: kasan: bad access detected [ 27.818693] [ 27.819050] Memory state around the buggy address: [ 27.819310] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.819557] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.820224] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.821045] ^ [ 27.821509] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.821859] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.822522] ================================================================== [ 27.993347] ================================================================== [ 27.993775] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 27.994094] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.994401] [ 27.994498] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.994546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.994560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.994582] Call Trace: [ 27.994598] <TASK> [ 27.994615] dump_stack_lvl+0x73/0xb0 [ 27.994641] print_report+0xd1/0x610 [ 27.994665] ? __virt_addr_valid+0x1db/0x2d0 [ 27.994690] ? kasan_atomics_helper+0xc70/0x5450 [ 27.994723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.994750] ? kasan_atomics_helper+0xc70/0x5450 [ 27.994772] kasan_report+0x141/0x180 [ 27.994796] ? kasan_atomics_helper+0xc70/0x5450 [ 27.994823] kasan_check_range+0x10c/0x1c0 [ 27.994848] __kasan_check_write+0x18/0x20 [ 27.994872] kasan_atomics_helper+0xc70/0x5450 [ 27.994896] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.994970] ? ret_from_fork_asm+0x1a/0x30 [ 27.995002] kasan_atomics+0x1dc/0x310 [ 27.995027] ? __pfx_kasan_atomics+0x10/0x10 [ 27.995052] ? __pfx_read_tsc+0x10/0x10 [ 27.995077] ? ktime_get_ts64+0x86/0x230 [ 27.995103] kunit_try_run_case+0x1a5/0x480 [ 27.995126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.995147] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.995172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.995197] ? __kthread_parkme+0x82/0x180 [ 27.995219] ? preempt_count_sub+0x50/0x80 [ 27.995243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.995266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.995293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.995318] kthread+0x337/0x6f0 [ 27.995339] ? trace_preempt_on+0x20/0xc0 [ 27.995363] ? __pfx_kthread+0x10/0x10 [ 27.995385] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.995407] ? calculate_sigpending+0x7b/0xa0 [ 27.995432] ? __pfx_kthread+0x10/0x10 [ 27.995456] ret_from_fork+0x116/0x1d0 [ 27.995477] ? __pfx_kthread+0x10/0x10 [ 27.995500] ret_from_fork_asm+0x1a/0x30 [ 27.995532] </TASK> [ 27.995546] [ 28.003379] Allocated by task 313: [ 28.003509] kasan_save_stack+0x45/0x70 [ 28.003653] kasan_save_track+0x18/0x40 [ 28.003800] kasan_save_alloc_info+0x3b/0x50 [ 28.003954] __kasan_kmalloc+0xb7/0xc0 [ 28.004085] __kmalloc_cache_noprof+0x189/0x420 [ 28.004545] kasan_atomics+0x95/0x310 [ 28.004753] kunit_try_run_case+0x1a5/0x480 [ 28.004978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.005236] kthread+0x337/0x6f0 [ 28.005404] ret_from_fork+0x116/0x1d0 [ 28.005801] ret_from_fork_asm+0x1a/0x30 [ 28.006015] [ 28.006111] The buggy address belongs to the object at ffff88810439e280 [ 28.006111] which belongs to the cache kmalloc-64 of size 64 [ 28.006622] The buggy address is located 0 bytes to the right of [ 28.006622] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.007004] [ 28.007123] The buggy address belongs to the physical page: [ 28.007388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.007756] flags: 0x200000000000000(node=0|zone=2) [ 28.007999] page_type: f5(slab) [ 28.008360] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.008803] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.009099] page dumped because: kasan: bad access detected [ 28.009383] [ 28.009453] Memory state around the buggy address: [ 28.009607] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.009918] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.010236] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.010523] ^ [ 28.010677] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.010902] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.011114] ================================================================== [ 28.257409] ================================================================== [ 28.258046] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 28.258359] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.258890] [ 28.258989] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.259039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.259054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.259260] Call Trace: [ 28.259278] <TASK> [ 28.259296] dump_stack_lvl+0x73/0xb0 [ 28.259328] print_report+0xd1/0x610 [ 28.259353] ? __virt_addr_valid+0x1db/0x2d0 [ 28.259379] ? kasan_atomics_helper+0x1148/0x5450 [ 28.259402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.259430] ? kasan_atomics_helper+0x1148/0x5450 [ 28.259453] kasan_report+0x141/0x180 [ 28.259476] ? kasan_atomics_helper+0x1148/0x5450 [ 28.259514] kasan_check_range+0x10c/0x1c0 [ 28.259541] __kasan_check_write+0x18/0x20 [ 28.259565] kasan_atomics_helper+0x1148/0x5450 [ 28.259589] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.259613] ? ret_from_fork_asm+0x1a/0x30 [ 28.259642] kasan_atomics+0x1dc/0x310 [ 28.259667] ? __pfx_kasan_atomics+0x10/0x10 [ 28.259692] ? __pfx_read_tsc+0x10/0x10 [ 28.259730] ? ktime_get_ts64+0x86/0x230 [ 28.259757] kunit_try_run_case+0x1a5/0x480 [ 28.259780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.259802] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.259827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.259858] ? __kthread_parkme+0x82/0x180 [ 28.259880] ? preempt_count_sub+0x50/0x80 [ 28.259905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.259928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.259955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.259984] kthread+0x337/0x6f0 [ 28.260011] ? trace_preempt_on+0x20/0xc0 [ 28.260035] ? __pfx_kthread+0x10/0x10 [ 28.260057] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.260080] ? calculate_sigpending+0x7b/0xa0 [ 28.260106] ? __pfx_kthread+0x10/0x10 [ 28.260128] ret_from_fork+0x116/0x1d0 [ 28.260149] ? __pfx_kthread+0x10/0x10 [ 28.260173] ret_from_fork_asm+0x1a/0x30 [ 28.260205] </TASK> [ 28.260218] [ 28.269932] Allocated by task 313: [ 28.270106] kasan_save_stack+0x45/0x70 [ 28.270299] kasan_save_track+0x18/0x40 [ 28.270461] kasan_save_alloc_info+0x3b/0x50 [ 28.271071] __kasan_kmalloc+0xb7/0xc0 [ 28.271256] __kmalloc_cache_noprof+0x189/0x420 [ 28.271435] kasan_atomics+0x95/0x310 [ 28.271816] kunit_try_run_case+0x1a5/0x480 [ 28.272119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.272429] kthread+0x337/0x6f0 [ 28.272586] ret_from_fork+0x116/0x1d0 [ 28.272924] ret_from_fork_asm+0x1a/0x30 [ 28.273119] [ 28.273350] The buggy address belongs to the object at ffff88810439e280 [ 28.273350] which belongs to the cache kmalloc-64 of size 64 [ 28.274069] The buggy address is located 0 bytes to the right of [ 28.274069] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.274795] [ 28.274896] The buggy address belongs to the physical page: [ 28.275094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.275439] flags: 0x200000000000000(node=0|zone=2) [ 28.275953] page_type: f5(slab) [ 28.276207] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.276653] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.277097] page dumped because: kasan: bad access detected [ 28.277406] [ 28.277483] Memory state around the buggy address: [ 28.277942] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.278317] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.278783] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.279185] ^ [ 28.279470] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.279855] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.280209] ================================================================== [ 28.470215] ================================================================== [ 28.470596] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 28.470838] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.471060] [ 28.471229] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.471277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.471293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.471317] Call Trace: [ 28.471333] <TASK> [ 28.471348] dump_stack_lvl+0x73/0xb0 [ 28.471377] print_report+0xd1/0x610 [ 28.471402] ? __virt_addr_valid+0x1db/0x2d0 [ 28.471428] ? kasan_atomics_helper+0x50d4/0x5450 [ 28.471451] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.471479] ? kasan_atomics_helper+0x50d4/0x5450 [ 28.471503] kasan_report+0x141/0x180 [ 28.471538] ? kasan_atomics_helper+0x50d4/0x5450 [ 28.471567] __asan_report_store8_noabort+0x1b/0x30 [ 28.471605] kasan_atomics_helper+0x50d4/0x5450 [ 28.471630] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.471653] ? ret_from_fork_asm+0x1a/0x30 [ 28.471683] kasan_atomics+0x1dc/0x310 [ 28.471716] ? __pfx_kasan_atomics+0x10/0x10 [ 28.471741] ? __pfx_read_tsc+0x10/0x10 [ 28.471765] ? ktime_get_ts64+0x86/0x230 [ 28.471790] kunit_try_run_case+0x1a5/0x480 [ 28.471814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.471849] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.471874] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.471910] ? __kthread_parkme+0x82/0x180 [ 28.471932] ? preempt_count_sub+0x50/0x80 [ 28.471957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.471981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.472016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.472042] kthread+0x337/0x6f0 [ 28.472074] ? trace_preempt_on+0x20/0xc0 [ 28.472098] ? __pfx_kthread+0x10/0x10 [ 28.472120] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.472142] ? calculate_sigpending+0x7b/0xa0 [ 28.472176] ? __pfx_kthread+0x10/0x10 [ 28.472199] ret_from_fork+0x116/0x1d0 [ 28.472220] ? __pfx_kthread+0x10/0x10 [ 28.472252] ret_from_fork_asm+0x1a/0x30 [ 28.472284] </TASK> [ 28.472297] [ 28.479920] Allocated by task 313: [ 28.480110] kasan_save_stack+0x45/0x70 [ 28.480307] kasan_save_track+0x18/0x40 [ 28.480491] kasan_save_alloc_info+0x3b/0x50 [ 28.480707] __kasan_kmalloc+0xb7/0xc0 [ 28.481001] __kmalloc_cache_noprof+0x189/0x420 [ 28.481157] kasan_atomics+0x95/0x310 [ 28.481289] kunit_try_run_case+0x1a5/0x480 [ 28.481430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.481651] kthread+0x337/0x6f0 [ 28.481860] ret_from_fork+0x116/0x1d0 [ 28.482065] ret_from_fork_asm+0x1a/0x30 [ 28.482298] [ 28.482389] The buggy address belongs to the object at ffff88810439e280 [ 28.482389] which belongs to the cache kmalloc-64 of size 64 [ 28.482979] The buggy address is located 0 bytes to the right of [ 28.482979] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.483526] [ 28.483621] The buggy address belongs to the physical page: [ 28.483868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.484178] flags: 0x200000000000000(node=0|zone=2) [ 28.484409] page_type: f5(slab) [ 28.484615] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.484961] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.485281] page dumped because: kasan: bad access detected [ 28.485516] [ 28.485635] Memory state around the buggy address: [ 28.485868] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.486171] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.486486] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.486803] ^ [ 28.487004] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.487307] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.487645] ================================================================== [ 27.954449] ================================================================== [ 27.954874] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 27.955192] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.956062] [ 27.956184] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.956234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.956248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.956271] Call Trace: [ 27.956288] <TASK> [ 27.956305] dump_stack_lvl+0x73/0xb0 [ 27.956336] print_report+0xd1/0x610 [ 27.956360] ? __virt_addr_valid+0x1db/0x2d0 [ 27.956386] ? kasan_atomics_helper+0xac7/0x5450 [ 27.956408] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.956436] ? kasan_atomics_helper+0xac7/0x5450 [ 27.956459] kasan_report+0x141/0x180 [ 27.956482] ? kasan_atomics_helper+0xac7/0x5450 [ 27.956509] kasan_check_range+0x10c/0x1c0 [ 27.956534] __kasan_check_write+0x18/0x20 [ 27.956559] kasan_atomics_helper+0xac7/0x5450 [ 27.956583] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.956609] ? ret_from_fork_asm+0x1a/0x30 [ 27.956638] kasan_atomics+0x1dc/0x310 [ 27.956661] ? __pfx_kasan_atomics+0x10/0x10 [ 27.956687] ? __pfx_read_tsc+0x10/0x10 [ 27.956722] ? ktime_get_ts64+0x86/0x230 [ 27.956747] kunit_try_run_case+0x1a5/0x480 [ 27.956770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.956792] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.956818] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.956843] ? __kthread_parkme+0x82/0x180 [ 27.956864] ? preempt_count_sub+0x50/0x80 [ 27.956889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.956912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.956939] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.956965] kthread+0x337/0x6f0 [ 27.956987] ? trace_preempt_on+0x20/0xc0 [ 27.957010] ? __pfx_kthread+0x10/0x10 [ 27.957033] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.957055] ? calculate_sigpending+0x7b/0xa0 [ 27.957080] ? __pfx_kthread+0x10/0x10 [ 27.957104] ret_from_fork+0x116/0x1d0 [ 27.957125] ? __pfx_kthread+0x10/0x10 [ 27.957147] ret_from_fork_asm+0x1a/0x30 [ 27.957179] </TASK> [ 27.957193] [ 27.965180] Allocated by task 313: [ 27.965369] kasan_save_stack+0x45/0x70 [ 27.965581] kasan_save_track+0x18/0x40 [ 27.965960] kasan_save_alloc_info+0x3b/0x50 [ 27.966169] __kasan_kmalloc+0xb7/0xc0 [ 27.966334] __kmalloc_cache_noprof+0x189/0x420 [ 27.966522] kasan_atomics+0x95/0x310 [ 27.966651] kunit_try_run_case+0x1a5/0x480 [ 27.966809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.967066] kthread+0x337/0x6f0 [ 27.967236] ret_from_fork+0x116/0x1d0 [ 27.967425] ret_from_fork_asm+0x1a/0x30 [ 27.967632] [ 27.967711] The buggy address belongs to the object at ffff88810439e280 [ 27.967711] which belongs to the cache kmalloc-64 of size 64 [ 27.968130] The buggy address is located 0 bytes to the right of [ 27.968130] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.968943] [ 27.969095] The buggy address belongs to the physical page: [ 27.969268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.969506] flags: 0x200000000000000(node=0|zone=2) [ 27.969675] page_type: f5(slab) [ 27.970161] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.970519] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.970888] page dumped because: kasan: bad access detected [ 27.971057] [ 27.971124] Memory state around the buggy address: [ 27.971464] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.971865] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.972206] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.972487] ^ [ 27.972677] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.973192] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.973434] ================================================================== [ 28.413979] ================================================================== [ 28.414772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 28.415452] Read of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.415908] [ 28.416097] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.416149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.416162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.416196] Call Trace: [ 28.416212] <TASK> [ 28.416229] dump_stack_lvl+0x73/0xb0 [ 28.416258] print_report+0xd1/0x610 [ 28.416292] ? __virt_addr_valid+0x1db/0x2d0 [ 28.416316] ? kasan_atomics_helper+0x13b5/0x5450 [ 28.416350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.416377] ? kasan_atomics_helper+0x13b5/0x5450 [ 28.416400] kasan_report+0x141/0x180 [ 28.416423] ? kasan_atomics_helper+0x13b5/0x5450 [ 28.416451] kasan_check_range+0x10c/0x1c0 [ 28.416475] __kasan_check_read+0x15/0x20 [ 28.416508] kasan_atomics_helper+0x13b5/0x5450 [ 28.416532] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.416555] ? ret_from_fork_asm+0x1a/0x30 [ 28.416584] kasan_atomics+0x1dc/0x310 [ 28.416608] ? __pfx_kasan_atomics+0x10/0x10 [ 28.416633] ? __pfx_read_tsc+0x10/0x10 [ 28.416658] ? ktime_get_ts64+0x86/0x230 [ 28.416684] kunit_try_run_case+0x1a5/0x480 [ 28.416716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.416738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.416763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.416787] ? __kthread_parkme+0x82/0x180 [ 28.416809] ? preempt_count_sub+0x50/0x80 [ 28.416833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.416856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.416883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.416909] kthread+0x337/0x6f0 [ 28.416929] ? trace_preempt_on+0x20/0xc0 [ 28.416953] ? __pfx_kthread+0x10/0x10 [ 28.416975] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.416997] ? calculate_sigpending+0x7b/0xa0 [ 28.417021] ? __pfx_kthread+0x10/0x10 [ 28.417044] ret_from_fork+0x116/0x1d0 [ 28.417065] ? __pfx_kthread+0x10/0x10 [ 28.417088] ret_from_fork_asm+0x1a/0x30 [ 28.417119] </TASK> [ 28.417131] [ 28.425749] Allocated by task 313: [ 28.425926] kasan_save_stack+0x45/0x70 [ 28.426123] kasan_save_track+0x18/0x40 [ 28.426307] kasan_save_alloc_info+0x3b/0x50 [ 28.426535] __kasan_kmalloc+0xb7/0xc0 [ 28.426684] __kmalloc_cache_noprof+0x189/0x420 [ 28.426918] kasan_atomics+0x95/0x310 [ 28.427115] kunit_try_run_case+0x1a5/0x480 [ 28.427298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.427522] kthread+0x337/0x6f0 [ 28.427643] ret_from_fork+0x116/0x1d0 [ 28.427787] ret_from_fork_asm+0x1a/0x30 [ 28.428055] [ 28.428211] The buggy address belongs to the object at ffff88810439e280 [ 28.428211] which belongs to the cache kmalloc-64 of size 64 [ 28.428776] The buggy address is located 0 bytes to the right of [ 28.428776] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.429189] [ 28.429280] The buggy address belongs to the physical page: [ 28.429553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.429902] flags: 0x200000000000000(node=0|zone=2) [ 28.430129] page_type: f5(slab) [ 28.430265] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.430634] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.430981] page dumped because: kasan: bad access detected [ 28.431178] [ 28.431244] Memory state around the buggy address: [ 28.431396] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.431610] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.432049] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.432362] ^ [ 28.432644] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.432990] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.433201] ================================================================== [ 28.768984] ================================================================== [ 28.769282] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 28.769752] Read of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.770235] [ 28.770355] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.770407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.770422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.770445] Call Trace: [ 28.770462] <TASK> [ 28.770481] dump_stack_lvl+0x73/0xb0 [ 28.770526] print_report+0xd1/0x610 [ 28.770551] ? __virt_addr_valid+0x1db/0x2d0 [ 28.770577] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.770621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.770649] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.770672] kasan_report+0x141/0x180 [ 28.770708] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.770736] __asan_report_load8_noabort+0x18/0x20 [ 28.770762] kasan_atomics_helper+0x4f30/0x5450 [ 28.770786] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.770810] ? ret_from_fork_asm+0x1a/0x30 [ 28.770840] kasan_atomics+0x1dc/0x310 [ 28.770863] ? __pfx_kasan_atomics+0x10/0x10 [ 28.770889] ? __pfx_read_tsc+0x10/0x10 [ 28.770913] ? ktime_get_ts64+0x86/0x230 [ 28.770958] kunit_try_run_case+0x1a5/0x480 [ 28.770983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.771005] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.771031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.771057] ? __kthread_parkme+0x82/0x180 [ 28.771081] ? preempt_count_sub+0x50/0x80 [ 28.771106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.771130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.771158] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.771203] kthread+0x337/0x6f0 [ 28.771224] ? trace_preempt_on+0x20/0xc0 [ 28.771249] ? __pfx_kthread+0x10/0x10 [ 28.771272] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.771295] ? calculate_sigpending+0x7b/0xa0 [ 28.771321] ? __pfx_kthread+0x10/0x10 [ 28.771345] ret_from_fork+0x116/0x1d0 [ 28.771384] ? __pfx_kthread+0x10/0x10 [ 28.771407] ret_from_fork_asm+0x1a/0x30 [ 28.771439] </TASK> [ 28.771453] [ 28.779110] Allocated by task 313: [ 28.779267] kasan_save_stack+0x45/0x70 [ 28.779472] kasan_save_track+0x18/0x40 [ 28.779653] kasan_save_alloc_info+0x3b/0x50 [ 28.779885] __kasan_kmalloc+0xb7/0xc0 [ 28.780087] __kmalloc_cache_noprof+0x189/0x420 [ 28.780293] kasan_atomics+0x95/0x310 [ 28.780462] kunit_try_run_case+0x1a5/0x480 [ 28.780665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.781008] kthread+0x337/0x6f0 [ 28.781183] ret_from_fork+0x116/0x1d0 [ 28.781405] ret_from_fork_asm+0x1a/0x30 [ 28.781765] [ 28.781921] The buggy address belongs to the object at ffff88810439e280 [ 28.781921] which belongs to the cache kmalloc-64 of size 64 [ 28.782290] The buggy address is located 0 bytes to the right of [ 28.782290] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.783140] [ 28.783234] The buggy address belongs to the physical page: [ 28.783493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.783850] flags: 0x200000000000000(node=0|zone=2) [ 28.784043] page_type: f5(slab) [ 28.784228] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.784610] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.784928] page dumped because: kasan: bad access detected [ 28.785124] [ 28.785231] Memory state around the buggy address: [ 28.785457] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.785835] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.786160] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.786371] ^ [ 28.786611] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.786937] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.787264] ================================================================== [ 28.182088] ================================================================== [ 28.182407] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 28.183534] Read of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.184100] [ 28.184327] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.184383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.184492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.184537] Call Trace: [ 28.184554] <TASK> [ 28.184572] dump_stack_lvl+0x73/0xb0 [ 28.184603] print_report+0xd1/0x610 [ 28.184664] ? __virt_addr_valid+0x1db/0x2d0 [ 28.184692] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.184728] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.184757] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.184858] kasan_report+0x141/0x180 [ 28.184887] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.184915] __asan_report_load4_noabort+0x18/0x20 [ 28.184941] kasan_atomics_helper+0x4a36/0x5450 [ 28.184965] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.184989] ? ret_from_fork_asm+0x1a/0x30 [ 28.185018] kasan_atomics+0x1dc/0x310 [ 28.185042] ? __pfx_kasan_atomics+0x10/0x10 [ 28.185068] ? __pfx_read_tsc+0x10/0x10 [ 28.185092] ? ktime_get_ts64+0x86/0x230 [ 28.185118] kunit_try_run_case+0x1a5/0x480 [ 28.185141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.185163] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.185188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.185214] ? __kthread_parkme+0x82/0x180 [ 28.185236] ? preempt_count_sub+0x50/0x80 [ 28.185261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.185284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.185311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.185338] kthread+0x337/0x6f0 [ 28.185359] ? trace_preempt_on+0x20/0xc0 [ 28.185383] ? __pfx_kthread+0x10/0x10 [ 28.185406] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.185429] ? calculate_sigpending+0x7b/0xa0 [ 28.185455] ? __pfx_kthread+0x10/0x10 [ 28.185478] ret_from_fork+0x116/0x1d0 [ 28.185500] ? __pfx_kthread+0x10/0x10 [ 28.185523] ret_from_fork_asm+0x1a/0x30 [ 28.185554] </TASK> [ 28.185567] [ 28.198348] Allocated by task 313: [ 28.198829] kasan_save_stack+0x45/0x70 [ 28.199053] kasan_save_track+0x18/0x40 [ 28.199334] kasan_save_alloc_info+0x3b/0x50 [ 28.199689] __kasan_kmalloc+0xb7/0xc0 [ 28.199852] __kmalloc_cache_noprof+0x189/0x420 [ 28.200079] kasan_atomics+0x95/0x310 [ 28.200211] kunit_try_run_case+0x1a5/0x480 [ 28.200353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.200529] kthread+0x337/0x6f0 [ 28.200648] ret_from_fork+0x116/0x1d0 [ 28.200792] ret_from_fork_asm+0x1a/0x30 [ 28.200932] [ 28.201001] The buggy address belongs to the object at ffff88810439e280 [ 28.201001] which belongs to the cache kmalloc-64 of size 64 [ 28.201908] The buggy address is located 0 bytes to the right of [ 28.201908] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.202472] [ 28.202722] The buggy address belongs to the physical page: [ 28.203406] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.204088] flags: 0x200000000000000(node=0|zone=2) [ 28.204509] page_type: f5(slab) [ 28.204825] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.205389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.205964] page dumped because: kasan: bad access detected [ 28.206218] [ 28.206306] Memory state around the buggy address: [ 28.206726] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.207376] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.208056] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.208504] ^ [ 28.208850] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.209290] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.209818] ================================================================== [ 28.040025] ================================================================== [ 28.040305] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 28.040623] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.040956] [ 28.041038] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.041100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.041114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.041138] Call Trace: [ 28.041156] <TASK> [ 28.041174] dump_stack_lvl+0x73/0xb0 [ 28.041202] print_report+0xd1/0x610 [ 28.041226] ? __virt_addr_valid+0x1db/0x2d0 [ 28.041252] ? kasan_atomics_helper+0xd47/0x5450 [ 28.041275] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.041302] ? kasan_atomics_helper+0xd47/0x5450 [ 28.041325] kasan_report+0x141/0x180 [ 28.041349] ? kasan_atomics_helper+0xd47/0x5450 [ 28.041376] kasan_check_range+0x10c/0x1c0 [ 28.041401] __kasan_check_write+0x18/0x20 [ 28.041425] kasan_atomics_helper+0xd47/0x5450 [ 28.041449] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.041473] ? ret_from_fork_asm+0x1a/0x30 [ 28.041503] kasan_atomics+0x1dc/0x310 [ 28.041527] ? __pfx_kasan_atomics+0x10/0x10 [ 28.041567] ? __pfx_read_tsc+0x10/0x10 [ 28.041591] ? ktime_get_ts64+0x86/0x230 [ 28.041615] kunit_try_run_case+0x1a5/0x480 [ 28.041639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.041660] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.041685] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.041722] ? __kthread_parkme+0x82/0x180 [ 28.041745] ? preempt_count_sub+0x50/0x80 [ 28.041769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.041804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.041832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.041858] kthread+0x337/0x6f0 [ 28.041880] ? trace_preempt_on+0x20/0xc0 [ 28.041905] ? __pfx_kthread+0x10/0x10 [ 28.041927] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.041950] ? calculate_sigpending+0x7b/0xa0 [ 28.041976] ? __pfx_kthread+0x10/0x10 [ 28.042000] ret_from_fork+0x116/0x1d0 [ 28.042021] ? __pfx_kthread+0x10/0x10 [ 28.042043] ret_from_fork_asm+0x1a/0x30 [ 28.042075] </TASK> [ 28.042088] [ 28.051823] Allocated by task 313: [ 28.052422] kasan_save_stack+0x45/0x70 [ 28.052770] kasan_save_track+0x18/0x40 [ 28.053213] kasan_save_alloc_info+0x3b/0x50 [ 28.053572] __kasan_kmalloc+0xb7/0xc0 [ 28.053990] __kmalloc_cache_noprof+0x189/0x420 [ 28.054274] kasan_atomics+0x95/0x310 [ 28.054461] kunit_try_run_case+0x1a5/0x480 [ 28.054960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.055228] kthread+0x337/0x6f0 [ 28.055389] ret_from_fork+0x116/0x1d0 [ 28.055974] ret_from_fork_asm+0x1a/0x30 [ 28.056241] [ 28.056457] The buggy address belongs to the object at ffff88810439e280 [ 28.056457] which belongs to the cache kmalloc-64 of size 64 [ 28.057313] The buggy address is located 0 bytes to the right of [ 28.057313] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.058317] [ 28.058572] The buggy address belongs to the physical page: [ 28.059006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.059343] flags: 0x200000000000000(node=0|zone=2) [ 28.059761] page_type: f5(slab) [ 28.060246] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.060713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.061380] page dumped because: kasan: bad access detected [ 28.061979] [ 28.062219] Memory state around the buggy address: [ 28.062440] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.063182] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.063628] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.064240] ^ [ 28.064494] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.065123] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.065419] ================================================================== [ 27.897356] ================================================================== [ 27.897670] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 27.898204] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.898500] [ 27.898613] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.898663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.898677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.898712] Call Trace: [ 27.898727] <TASK> [ 27.898744] dump_stack_lvl+0x73/0xb0 [ 27.898773] print_report+0xd1/0x610 [ 27.898797] ? __virt_addr_valid+0x1db/0x2d0 [ 27.898822] ? kasan_atomics_helper+0x8f9/0x5450 [ 27.898844] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.898872] ? kasan_atomics_helper+0x8f9/0x5450 [ 27.898895] kasan_report+0x141/0x180 [ 27.898918] ? kasan_atomics_helper+0x8f9/0x5450 [ 27.898946] kasan_check_range+0x10c/0x1c0 [ 27.898971] __kasan_check_write+0x18/0x20 [ 27.898995] kasan_atomics_helper+0x8f9/0x5450 [ 27.899020] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.899043] ? ret_from_fork_asm+0x1a/0x30 [ 27.899072] kasan_atomics+0x1dc/0x310 [ 27.899096] ? __pfx_kasan_atomics+0x10/0x10 [ 27.899120] ? __pfx_read_tsc+0x10/0x10 [ 27.899145] ? ktime_get_ts64+0x86/0x230 [ 27.899170] kunit_try_run_case+0x1a5/0x480 [ 27.899193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.899217] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.899242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.899268] ? __kthread_parkme+0x82/0x180 [ 27.899289] ? preempt_count_sub+0x50/0x80 [ 27.899314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.899336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.899364] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.899391] kthread+0x337/0x6f0 [ 27.899412] ? trace_preempt_on+0x20/0xc0 [ 27.899435] ? __pfx_kthread+0x10/0x10 [ 27.899458] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.899480] ? calculate_sigpending+0x7b/0xa0 [ 27.899570] ? __pfx_kthread+0x10/0x10 [ 27.899594] ret_from_fork+0x116/0x1d0 [ 27.899615] ? __pfx_kthread+0x10/0x10 [ 27.899638] ret_from_fork_asm+0x1a/0x30 [ 27.899669] </TASK> [ 27.899682] [ 27.908182] Allocated by task 313: [ 27.908355] kasan_save_stack+0x45/0x70 [ 27.908560] kasan_save_track+0x18/0x40 [ 27.908695] kasan_save_alloc_info+0x3b/0x50 [ 27.909123] __kasan_kmalloc+0xb7/0xc0 [ 27.909276] __kmalloc_cache_noprof+0x189/0x420 [ 27.909508] kasan_atomics+0x95/0x310 [ 27.909665] kunit_try_run_case+0x1a5/0x480 [ 27.909917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.910134] kthread+0x337/0x6f0 [ 27.910254] ret_from_fork+0x116/0x1d0 [ 27.910441] ret_from_fork_asm+0x1a/0x30 [ 27.910767] [ 27.910872] The buggy address belongs to the object at ffff88810439e280 [ 27.910872] which belongs to the cache kmalloc-64 of size 64 [ 27.911310] The buggy address is located 0 bytes to the right of [ 27.911310] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.911798] [ 27.912091] The buggy address belongs to the physical page: [ 27.912366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.912680] flags: 0x200000000000000(node=0|zone=2) [ 27.912859] page_type: f5(slab) [ 27.912981] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.913211] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.913547] page dumped because: kasan: bad access detected [ 27.913805] [ 27.913926] Memory state around the buggy address: [ 27.914229] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.914484] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.914872] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.915169] ^ [ 27.915361] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.915640] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.916262] ================================================================== [ 28.741898] ================================================================== [ 28.743137] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 28.743389] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.744270] [ 28.744606] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.744664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.744680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.744713] Call Trace: [ 28.744731] <TASK> [ 28.744749] dump_stack_lvl+0x73/0xb0 [ 28.744781] print_report+0xd1/0x610 [ 28.744809] ? __virt_addr_valid+0x1db/0x2d0 [ 28.744837] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.744989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.745033] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.745058] kasan_report+0x141/0x180 [ 28.745083] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.745145] kasan_check_range+0x10c/0x1c0 [ 28.745173] __kasan_check_write+0x18/0x20 [ 28.745197] kasan_atomics_helper+0x1c18/0x5450 [ 28.745222] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.745246] ? ret_from_fork_asm+0x1a/0x30 [ 28.745276] kasan_atomics+0x1dc/0x310 [ 28.745301] ? __pfx_kasan_atomics+0x10/0x10 [ 28.745326] ? __pfx_read_tsc+0x10/0x10 [ 28.745351] ? ktime_get_ts64+0x86/0x230 [ 28.745378] kunit_try_run_case+0x1a5/0x480 [ 28.745401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.745424] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.745451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.745476] ? __kthread_parkme+0x82/0x180 [ 28.745513] ? preempt_count_sub+0x50/0x80 [ 28.745538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.745562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.745589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.745616] kthread+0x337/0x6f0 [ 28.745638] ? trace_preempt_on+0x20/0xc0 [ 28.745662] ? __pfx_kthread+0x10/0x10 [ 28.745686] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.745720] ? calculate_sigpending+0x7b/0xa0 [ 28.745745] ? __pfx_kthread+0x10/0x10 [ 28.745767] ret_from_fork+0x116/0x1d0 [ 28.745789] ? __pfx_kthread+0x10/0x10 [ 28.745811] ret_from_fork_asm+0x1a/0x30 [ 28.745843] </TASK> [ 28.745857] [ 28.758647] Allocated by task 313: [ 28.758796] kasan_save_stack+0x45/0x70 [ 28.759111] kasan_save_track+0x18/0x40 [ 28.759307] kasan_save_alloc_info+0x3b/0x50 [ 28.759475] __kasan_kmalloc+0xb7/0xc0 [ 28.759714] __kmalloc_cache_noprof+0x189/0x420 [ 28.759919] kasan_atomics+0x95/0x310 [ 28.760137] kunit_try_run_case+0x1a5/0x480 [ 28.760371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.760670] kthread+0x337/0x6f0 [ 28.760803] ret_from_fork+0x116/0x1d0 [ 28.760937] ret_from_fork_asm+0x1a/0x30 [ 28.761140] [ 28.761278] The buggy address belongs to the object at ffff88810439e280 [ 28.761278] which belongs to the cache kmalloc-64 of size 64 [ 28.762181] The buggy address is located 0 bytes to the right of [ 28.762181] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.763211] [ 28.763296] The buggy address belongs to the physical page: [ 28.763475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.764334] flags: 0x200000000000000(node=0|zone=2) [ 28.764952] page_type: f5(slab) [ 28.765264] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.765611] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.766269] page dumped because: kasan: bad access detected [ 28.766727] [ 28.766797] Memory state around the buggy address: [ 28.766955] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.767171] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.767387] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.767623] ^ [ 28.767867] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.768177] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.768412] ================================================================== [ 28.861040] ================================================================== [ 28.861321] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 28.861825] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.862108] [ 28.862195] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.862243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.862257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.862280] Call Trace: [ 28.862295] <TASK> [ 28.862311] dump_stack_lvl+0x73/0xb0 [ 28.862340] print_report+0xd1/0x610 [ 28.862364] ? __virt_addr_valid+0x1db/0x2d0 [ 28.862389] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.862411] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.862439] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.862462] kasan_report+0x141/0x180 [ 28.862486] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.862856] kasan_check_range+0x10c/0x1c0 [ 28.862886] __kasan_check_write+0x18/0x20 [ 28.862913] kasan_atomics_helper+0x1f43/0x5450 [ 28.862939] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.862963] ? ret_from_fork_asm+0x1a/0x30 [ 28.862993] kasan_atomics+0x1dc/0x310 [ 28.863018] ? __pfx_kasan_atomics+0x10/0x10 [ 28.863043] ? __pfx_read_tsc+0x10/0x10 [ 28.863068] ? ktime_get_ts64+0x86/0x230 [ 28.863093] kunit_try_run_case+0x1a5/0x480 [ 28.863116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.863139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.863163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.863188] ? __kthread_parkme+0x82/0x180 [ 28.863211] ? preempt_count_sub+0x50/0x80 [ 28.863236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.863259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.863286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.863313] kthread+0x337/0x6f0 [ 28.863335] ? trace_preempt_on+0x20/0xc0 [ 28.863360] ? __pfx_kthread+0x10/0x10 [ 28.863383] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.863406] ? calculate_sigpending+0x7b/0xa0 [ 28.863431] ? __pfx_kthread+0x10/0x10 [ 28.863454] ret_from_fork+0x116/0x1d0 [ 28.863476] ? __pfx_kthread+0x10/0x10 [ 28.863512] ret_from_fork_asm+0x1a/0x30 [ 28.863544] </TASK> [ 28.863556] [ 28.871789] Allocated by task 313: [ 28.873280] kasan_save_stack+0x45/0x70 [ 28.873818] kasan_save_track+0x18/0x40 [ 28.874360] kasan_save_alloc_info+0x3b/0x50 [ 28.874844] __kasan_kmalloc+0xb7/0xc0 [ 28.874993] __kmalloc_cache_noprof+0x189/0x420 [ 28.875150] kasan_atomics+0x95/0x310 [ 28.875278] kunit_try_run_case+0x1a5/0x480 [ 28.875421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.875594] kthread+0x337/0x6f0 [ 28.876067] ret_from_fork+0x116/0x1d0 [ 28.876597] ret_from_fork_asm+0x1a/0x30 [ 28.877193] [ 28.877548] The buggy address belongs to the object at ffff88810439e280 [ 28.877548] which belongs to the cache kmalloc-64 of size 64 [ 28.878173] The buggy address is located 0 bytes to the right of [ 28.878173] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.879238] [ 28.879355] The buggy address belongs to the physical page: [ 28.879619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.880011] flags: 0x200000000000000(node=0|zone=2) [ 28.880237] page_type: f5(slab) [ 28.880367] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.880690] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.881009] page dumped because: kasan: bad access detected [ 28.881179] [ 28.881297] Memory state around the buggy address: [ 28.881551] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.881908] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.882213] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.882554] ^ [ 28.882791] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.883110] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.883397] ================================================================== [ 28.653313] ================================================================== [ 28.653725] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 28.654051] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.654355] [ 28.654453] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.654505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.654520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.654787] Call Trace: [ 28.654805] <TASK> [ 28.654823] dump_stack_lvl+0x73/0xb0 [ 28.654950] print_report+0xd1/0x610 [ 28.654976] ? __virt_addr_valid+0x1db/0x2d0 [ 28.655003] ? kasan_atomics_helper+0x194a/0x5450 [ 28.655025] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.655054] ? kasan_atomics_helper+0x194a/0x5450 [ 28.655077] kasan_report+0x141/0x180 [ 28.655100] ? kasan_atomics_helper+0x194a/0x5450 [ 28.655128] kasan_check_range+0x10c/0x1c0 [ 28.655153] __kasan_check_write+0x18/0x20 [ 28.655178] kasan_atomics_helper+0x194a/0x5450 [ 28.655202] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.655226] ? ret_from_fork_asm+0x1a/0x30 [ 28.655255] kasan_atomics+0x1dc/0x310 [ 28.655279] ? __pfx_kasan_atomics+0x10/0x10 [ 28.655305] ? __pfx_read_tsc+0x10/0x10 [ 28.655328] ? ktime_get_ts64+0x86/0x230 [ 28.655354] kunit_try_run_case+0x1a5/0x480 [ 28.655378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.655400] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.655424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.655450] ? __kthread_parkme+0x82/0x180 [ 28.655473] ? preempt_count_sub+0x50/0x80 [ 28.655512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.655536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.655561] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.655588] kthread+0x337/0x6f0 [ 28.655610] ? trace_preempt_on+0x20/0xc0 [ 28.655634] ? __pfx_kthread+0x10/0x10 [ 28.655656] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.655679] ? calculate_sigpending+0x7b/0xa0 [ 28.655714] ? __pfx_kthread+0x10/0x10 [ 28.655738] ret_from_fork+0x116/0x1d0 [ 28.655759] ? __pfx_kthread+0x10/0x10 [ 28.655781] ret_from_fork_asm+0x1a/0x30 [ 28.655813] </TASK> [ 28.655827] [ 28.665144] Allocated by task 313: [ 28.665319] kasan_save_stack+0x45/0x70 [ 28.665672] kasan_save_track+0x18/0x40 [ 28.665881] kasan_save_alloc_info+0x3b/0x50 [ 28.666140] __kasan_kmalloc+0xb7/0xc0 [ 28.666298] __kmalloc_cache_noprof+0x189/0x420 [ 28.666522] kasan_atomics+0x95/0x310 [ 28.666794] kunit_try_run_case+0x1a5/0x480 [ 28.666970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.667215] kthread+0x337/0x6f0 [ 28.667363] ret_from_fork+0x116/0x1d0 [ 28.667535] ret_from_fork_asm+0x1a/0x30 [ 28.668074] [ 28.668171] The buggy address belongs to the object at ffff88810439e280 [ 28.668171] which belongs to the cache kmalloc-64 of size 64 [ 28.668782] The buggy address is located 0 bytes to the right of [ 28.668782] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.669376] [ 28.669586] The buggy address belongs to the physical page: [ 28.669889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.670294] flags: 0x200000000000000(node=0|zone=2) [ 28.670510] page_type: f5(slab) [ 28.670773] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.671139] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.671548] page dumped because: kasan: bad access detected [ 28.671807] [ 28.671890] Memory state around the buggy address: [ 28.672100] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.672397] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.673018] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.673308] ^ [ 28.673528] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.673961] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.674315] ================================================================== [ 28.631350] ================================================================== [ 28.631957] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 28.632264] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.632571] [ 28.632864] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.632918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.632934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.632957] Call Trace: [ 28.632976] <TASK> [ 28.632994] dump_stack_lvl+0x73/0xb0 [ 28.633023] print_report+0xd1/0x610 [ 28.633049] ? __virt_addr_valid+0x1db/0x2d0 [ 28.633074] ? kasan_atomics_helper+0x18b1/0x5450 [ 28.633096] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.633124] ? kasan_atomics_helper+0x18b1/0x5450 [ 28.633147] kasan_report+0x141/0x180 [ 28.633172] ? kasan_atomics_helper+0x18b1/0x5450 [ 28.633198] kasan_check_range+0x10c/0x1c0 [ 28.633223] __kasan_check_write+0x18/0x20 [ 28.633248] kasan_atomics_helper+0x18b1/0x5450 [ 28.633271] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.633295] ? ret_from_fork_asm+0x1a/0x30 [ 28.633324] kasan_atomics+0x1dc/0x310 [ 28.633348] ? __pfx_kasan_atomics+0x10/0x10 [ 28.633373] ? __pfx_read_tsc+0x10/0x10 [ 28.633398] ? ktime_get_ts64+0x86/0x230 [ 28.633424] kunit_try_run_case+0x1a5/0x480 [ 28.633448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.633469] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.633650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.633680] ? __kthread_parkme+0x82/0x180 [ 28.633715] ? preempt_count_sub+0x50/0x80 [ 28.633741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.633765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.633792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.633818] kthread+0x337/0x6f0 [ 28.633840] ? trace_preempt_on+0x20/0xc0 [ 28.633863] ? __pfx_kthread+0x10/0x10 [ 28.633886] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.633909] ? calculate_sigpending+0x7b/0xa0 [ 28.633934] ? __pfx_kthread+0x10/0x10 [ 28.633957] ret_from_fork+0x116/0x1d0 [ 28.633979] ? __pfx_kthread+0x10/0x10 [ 28.634001] ret_from_fork_asm+0x1a/0x30 [ 28.634033] </TASK> [ 28.634045] [ 28.643206] Allocated by task 313: [ 28.643365] kasan_save_stack+0x45/0x70 [ 28.643707] kasan_save_track+0x18/0x40 [ 28.644018] kasan_save_alloc_info+0x3b/0x50 [ 28.644215] __kasan_kmalloc+0xb7/0xc0 [ 28.644550] __kmalloc_cache_noprof+0x189/0x420 [ 28.644858] kasan_atomics+0x95/0x310 [ 28.645089] kunit_try_run_case+0x1a5/0x480 [ 28.645286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.645740] kthread+0x337/0x6f0 [ 28.645914] ret_from_fork+0x116/0x1d0 [ 28.646199] ret_from_fork_asm+0x1a/0x30 [ 28.646376] [ 28.646458] The buggy address belongs to the object at ffff88810439e280 [ 28.646458] which belongs to the cache kmalloc-64 of size 64 [ 28.647080] The buggy address is located 0 bytes to the right of [ 28.647080] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.647774] [ 28.647869] The buggy address belongs to the physical page: [ 28.648110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.648598] flags: 0x200000000000000(node=0|zone=2) [ 28.648893] page_type: f5(slab) [ 28.649022] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.649432] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.649808] page dumped because: kasan: bad access detected [ 28.650161] [ 28.650318] Memory state around the buggy address: [ 28.650739] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.650957] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.651166] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.651369] ^ [ 28.651534] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.651810] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.652127] ================================================================== [ 27.541997] ================================================================== [ 27.542633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 27.543198] Read of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.543489] [ 27.543605] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.543658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.543671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.543695] Call Trace: [ 27.543720] <TASK> [ 27.543740] dump_stack_lvl+0x73/0xb0 [ 27.543773] print_report+0xd1/0x610 [ 27.543797] ? __virt_addr_valid+0x1db/0x2d0 [ 27.543823] ? kasan_atomics_helper+0x4bbc/0x5450 [ 27.543853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.543880] ? kasan_atomics_helper+0x4bbc/0x5450 [ 27.543902] kasan_report+0x141/0x180 [ 27.543924] ? kasan_atomics_helper+0x4bbc/0x5450 [ 27.543951] __asan_report_load4_noabort+0x18/0x20 [ 27.543976] kasan_atomics_helper+0x4bbc/0x5450 [ 27.543999] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.544021] ? ret_from_fork_asm+0x1a/0x30 [ 27.544051] kasan_atomics+0x1dc/0x310 [ 27.544074] ? __pfx_kasan_atomics+0x10/0x10 [ 27.544099] ? __pfx_read_tsc+0x10/0x10 [ 27.544190] ? ktime_get_ts64+0x86/0x230 [ 27.544221] kunit_try_run_case+0x1a5/0x480 [ 27.544246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.544266] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.544291] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.544314] ? __kthread_parkme+0x82/0x180 [ 27.544336] ? preempt_count_sub+0x50/0x80 [ 27.544361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.544384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.544409] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.544434] kthread+0x337/0x6f0 [ 27.544455] ? trace_preempt_on+0x20/0xc0 [ 27.544480] ? __pfx_kthread+0x10/0x10 [ 27.544514] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.544535] ? calculate_sigpending+0x7b/0xa0 [ 27.544562] ? __pfx_kthread+0x10/0x10 [ 27.544584] ret_from_fork+0x116/0x1d0 [ 27.544604] ? __pfx_kthread+0x10/0x10 [ 27.544624] ret_from_fork_asm+0x1a/0x30 [ 27.544655] </TASK> [ 27.544668] [ 27.554883] Allocated by task 313: [ 27.555284] kasan_save_stack+0x45/0x70 [ 27.555485] kasan_save_track+0x18/0x40 [ 27.555853] kasan_save_alloc_info+0x3b/0x50 [ 27.556020] __kasan_kmalloc+0xb7/0xc0 [ 27.556550] __kmalloc_cache_noprof+0x189/0x420 [ 27.556890] kasan_atomics+0x95/0x310 [ 27.557256] kunit_try_run_case+0x1a5/0x480 [ 27.557553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.557930] kthread+0x337/0x6f0 [ 27.558230] ret_from_fork+0x116/0x1d0 [ 27.558423] ret_from_fork_asm+0x1a/0x30 [ 27.558784] [ 27.559003] The buggy address belongs to the object at ffff88810439e280 [ 27.559003] which belongs to the cache kmalloc-64 of size 64 [ 27.559663] The buggy address is located 0 bytes to the right of [ 27.559663] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.560267] [ 27.560361] The buggy address belongs to the physical page: [ 27.560973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.561360] flags: 0x200000000000000(node=0|zone=2) [ 27.561800] page_type: f5(slab) [ 27.562200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.562660] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.563173] page dumped because: kasan: bad access detected [ 27.563408] [ 27.563677] Memory state around the buggy address: [ 27.564079] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.564378] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.564923] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.565392] ^ [ 27.565761] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.566260] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.566743] ================================================================== [ 27.632038] ================================================================== [ 27.632641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 27.633445] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.634127] [ 27.634335] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.634463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.634478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.634502] Call Trace: [ 27.634523] <TASK> [ 27.634542] dump_stack_lvl+0x73/0xb0 [ 27.634573] print_report+0xd1/0x610 [ 27.634598] ? __virt_addr_valid+0x1db/0x2d0 [ 27.634625] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.634647] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.634675] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.634710] kasan_report+0x141/0x180 [ 27.634734] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.634761] __asan_report_store4_noabort+0x1b/0x30 [ 27.634799] kasan_atomics_helper+0x4b6e/0x5450 [ 27.634823] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.634846] ? ret_from_fork_asm+0x1a/0x30 [ 27.634876] kasan_atomics+0x1dc/0x310 [ 27.634901] ? __pfx_kasan_atomics+0x10/0x10 [ 27.634927] ? __pfx_read_tsc+0x10/0x10 [ 27.634951] ? ktime_get_ts64+0x86/0x230 [ 27.634978] kunit_try_run_case+0x1a5/0x480 [ 27.635003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.635025] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.635050] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.635075] ? __kthread_parkme+0x82/0x180 [ 27.635098] ? preempt_count_sub+0x50/0x80 [ 27.635123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.635147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.635175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.635202] kthread+0x337/0x6f0 [ 27.635225] ? trace_preempt_on+0x20/0xc0 [ 27.635250] ? __pfx_kthread+0x10/0x10 [ 27.635273] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.635296] ? calculate_sigpending+0x7b/0xa0 [ 27.635322] ? __pfx_kthread+0x10/0x10 [ 27.635345] ret_from_fork+0x116/0x1d0 [ 27.635366] ? __pfx_kthread+0x10/0x10 [ 27.635388] ret_from_fork_asm+0x1a/0x30 [ 27.635421] </TASK> [ 27.635434] [ 27.647160] Allocated by task 313: [ 27.647470] kasan_save_stack+0x45/0x70 [ 27.647875] kasan_save_track+0x18/0x40 [ 27.648320] kasan_save_alloc_info+0x3b/0x50 [ 27.648864] __kasan_kmalloc+0xb7/0xc0 [ 27.649363] __kmalloc_cache_noprof+0x189/0x420 [ 27.649665] kasan_atomics+0x95/0x310 [ 27.650114] kunit_try_run_case+0x1a5/0x480 [ 27.650261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.650433] kthread+0x337/0x6f0 [ 27.650689] ret_from_fork+0x116/0x1d0 [ 27.651037] ret_from_fork_asm+0x1a/0x30 [ 27.651449] [ 27.651664] The buggy address belongs to the object at ffff88810439e280 [ 27.651664] which belongs to the cache kmalloc-64 of size 64 [ 27.652842] The buggy address is located 0 bytes to the right of [ 27.652842] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.653758] [ 27.653939] The buggy address belongs to the physical page: [ 27.654407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.655291] flags: 0x200000000000000(node=0|zone=2) [ 27.655677] page_type: f5(slab) [ 27.655829] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.656507] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.656749] page dumped because: kasan: bad access detected [ 27.657108] [ 27.657279] Memory state around the buggy address: [ 27.657785] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.658463] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.659225] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.659892] ^ [ 27.660061] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.660270] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.660473] ================================================================== [ 28.586475] ================================================================== [ 28.586768] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 28.587090] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.587434] [ 28.587573] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.587622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.587636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.587662] Call Trace: [ 28.587678] <TASK> [ 28.587706] dump_stack_lvl+0x73/0xb0 [ 28.587733] print_report+0xd1/0x610 [ 28.587768] ? __virt_addr_valid+0x1db/0x2d0 [ 28.587794] ? kasan_atomics_helper+0x177f/0x5450 [ 28.587818] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.587869] ? kasan_atomics_helper+0x177f/0x5450 [ 28.587892] kasan_report+0x141/0x180 [ 28.587915] ? kasan_atomics_helper+0x177f/0x5450 [ 28.587953] kasan_check_range+0x10c/0x1c0 [ 28.587979] __kasan_check_write+0x18/0x20 [ 28.588003] kasan_atomics_helper+0x177f/0x5450 [ 28.588027] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.588050] ? ret_from_fork_asm+0x1a/0x30 [ 28.588081] kasan_atomics+0x1dc/0x310 [ 28.588104] ? __pfx_kasan_atomics+0x10/0x10 [ 28.588130] ? __pfx_read_tsc+0x10/0x10 [ 28.588163] ? ktime_get_ts64+0x86/0x230 [ 28.588189] kunit_try_run_case+0x1a5/0x480 [ 28.588213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.588245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.588270] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.588295] ? __kthread_parkme+0x82/0x180 [ 28.588316] ? preempt_count_sub+0x50/0x80 [ 28.588350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.588373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.588400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.588436] kthread+0x337/0x6f0 [ 28.588457] ? trace_preempt_on+0x20/0xc0 [ 28.588482] ? __pfx_kthread+0x10/0x10 [ 28.588504] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.588526] ? calculate_sigpending+0x7b/0xa0 [ 28.588552] ? __pfx_kthread+0x10/0x10 [ 28.588575] ret_from_fork+0x116/0x1d0 [ 28.588597] ? __pfx_kthread+0x10/0x10 [ 28.588619] ret_from_fork_asm+0x1a/0x30 [ 28.588652] </TASK> [ 28.588666] [ 28.596197] Allocated by task 313: [ 28.596407] kasan_save_stack+0x45/0x70 [ 28.596595] kasan_save_track+0x18/0x40 [ 28.596793] kasan_save_alloc_info+0x3b/0x50 [ 28.596940] __kasan_kmalloc+0xb7/0xc0 [ 28.597146] __kmalloc_cache_noprof+0x189/0x420 [ 28.597367] kasan_atomics+0x95/0x310 [ 28.597535] kunit_try_run_case+0x1a5/0x480 [ 28.597678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.597993] kthread+0x337/0x6f0 [ 28.598167] ret_from_fork+0x116/0x1d0 [ 28.598360] ret_from_fork_asm+0x1a/0x30 [ 28.598638] [ 28.598714] The buggy address belongs to the object at ffff88810439e280 [ 28.598714] which belongs to the cache kmalloc-64 of size 64 [ 28.599062] The buggy address is located 0 bytes to the right of [ 28.599062] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.599629] [ 28.599740] The buggy address belongs to the physical page: [ 28.599920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.600157] flags: 0x200000000000000(node=0|zone=2) [ 28.600400] page_type: f5(slab) [ 28.600650] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.601034] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.601397] page dumped because: kasan: bad access detected [ 28.601709] [ 28.601789] Memory state around the buggy address: [ 28.601999] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.602322] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.602653] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.602961] ^ [ 28.603114] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.603330] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.603671] ================================================================== [ 28.152273] ================================================================== [ 28.152669] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 28.153295] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.154155] [ 28.154411] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.154469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.154495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.154519] Call Trace: [ 28.154534] <TASK> [ 28.154586] dump_stack_lvl+0x73/0xb0 [ 28.154620] print_report+0xd1/0x610 [ 28.154646] ? __virt_addr_valid+0x1db/0x2d0 [ 28.154672] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.154695] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.154731] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.154754] kasan_report+0x141/0x180 [ 28.154777] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.154995] kasan_check_range+0x10c/0x1c0 [ 28.155026] __kasan_check_write+0x18/0x20 [ 28.155051] kasan_atomics_helper+0xfa9/0x5450 [ 28.155075] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.155099] ? ret_from_fork_asm+0x1a/0x30 [ 28.155129] kasan_atomics+0x1dc/0x310 [ 28.155153] ? __pfx_kasan_atomics+0x10/0x10 [ 28.155179] ? __pfx_read_tsc+0x10/0x10 [ 28.155203] ? ktime_get_ts64+0x86/0x230 [ 28.155229] kunit_try_run_case+0x1a5/0x480 [ 28.155253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.155276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.155301] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.155326] ? __kthread_parkme+0x82/0x180 [ 28.155348] ? preempt_count_sub+0x50/0x80 [ 28.155373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.155397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.155422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.155449] kthread+0x337/0x6f0 [ 28.155471] ? trace_preempt_on+0x20/0xc0 [ 28.155496] ? __pfx_kthread+0x10/0x10 [ 28.155518] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.155541] ? calculate_sigpending+0x7b/0xa0 [ 28.155566] ? __pfx_kthread+0x10/0x10 [ 28.155589] ret_from_fork+0x116/0x1d0 [ 28.155610] ? __pfx_kthread+0x10/0x10 [ 28.155633] ret_from_fork_asm+0x1a/0x30 [ 28.155665] </TASK> [ 28.155679] [ 28.168429] Allocated by task 313: [ 28.168915] kasan_save_stack+0x45/0x70 [ 28.169220] kasan_save_track+0x18/0x40 [ 28.169418] kasan_save_alloc_info+0x3b/0x50 [ 28.169791] __kasan_kmalloc+0xb7/0xc0 [ 28.170166] __kmalloc_cache_noprof+0x189/0x420 [ 28.170386] kasan_atomics+0x95/0x310 [ 28.170826] kunit_try_run_case+0x1a5/0x480 [ 28.171318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.171784] kthread+0x337/0x6f0 [ 28.171981] ret_from_fork+0x116/0x1d0 [ 28.172160] ret_from_fork_asm+0x1a/0x30 [ 28.172340] [ 28.172428] The buggy address belongs to the object at ffff88810439e280 [ 28.172428] which belongs to the cache kmalloc-64 of size 64 [ 28.173571] The buggy address is located 0 bytes to the right of [ 28.173571] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.174308] [ 28.174406] The buggy address belongs to the physical page: [ 28.175325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.175916] flags: 0x200000000000000(node=0|zone=2) [ 28.176215] page_type: f5(slab) [ 28.176372] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.177005] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.177551] page dumped because: kasan: bad access detected [ 28.177871] [ 28.177967] Memory state around the buggy address: [ 28.178176] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.178468] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.179465] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.180018] ^ [ 28.180237] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.180795] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.181318] ================================================================== [ 27.661373] ================================================================== [ 27.662120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 27.662832] Read of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.663588] [ 27.663798] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.663903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.663921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.663945] Call Trace: [ 27.663966] <TASK> [ 27.663986] dump_stack_lvl+0x73/0xb0 [ 27.664017] print_report+0xd1/0x610 [ 27.664043] ? __virt_addr_valid+0x1db/0x2d0 [ 27.664070] ? kasan_atomics_helper+0x3df/0x5450 [ 27.664092] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.664121] ? kasan_atomics_helper+0x3df/0x5450 [ 27.664144] kasan_report+0x141/0x180 [ 27.664167] ? kasan_atomics_helper+0x3df/0x5450 [ 27.664194] kasan_check_range+0x10c/0x1c0 [ 27.664220] __kasan_check_read+0x15/0x20 [ 27.664244] kasan_atomics_helper+0x3df/0x5450 [ 27.664268] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.664292] ? ret_from_fork_asm+0x1a/0x30 [ 27.664321] kasan_atomics+0x1dc/0x310 [ 27.664346] ? __pfx_kasan_atomics+0x10/0x10 [ 27.664371] ? __pfx_read_tsc+0x10/0x10 [ 27.664395] ? ktime_get_ts64+0x86/0x230 [ 27.664422] kunit_try_run_case+0x1a5/0x480 [ 27.664447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.664470] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.664504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.664529] ? __kthread_parkme+0x82/0x180 [ 27.664553] ? preempt_count_sub+0x50/0x80 [ 27.664578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.664602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.664629] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.664656] kthread+0x337/0x6f0 [ 27.664678] ? trace_preempt_on+0x20/0xc0 [ 27.664715] ? __pfx_kthread+0x10/0x10 [ 27.664739] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.664761] ? calculate_sigpending+0x7b/0xa0 [ 27.664916] ? __pfx_kthread+0x10/0x10 [ 27.664943] ret_from_fork+0x116/0x1d0 [ 27.664967] ? __pfx_kthread+0x10/0x10 [ 27.664990] ret_from_fork_asm+0x1a/0x30 [ 27.665024] </TASK> [ 27.665039] [ 27.674238] Allocated by task 313: [ 27.674401] kasan_save_stack+0x45/0x70 [ 27.674628] kasan_save_track+0x18/0x40 [ 27.674774] kasan_save_alloc_info+0x3b/0x50 [ 27.674922] __kasan_kmalloc+0xb7/0xc0 [ 27.675161] __kmalloc_cache_noprof+0x189/0x420 [ 27.675395] kasan_atomics+0x95/0x310 [ 27.675579] kunit_try_run_case+0x1a5/0x480 [ 27.675764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.675943] kthread+0x337/0x6f0 [ 27.676168] ret_from_fork+0x116/0x1d0 [ 27.676356] ret_from_fork_asm+0x1a/0x30 [ 27.676619] [ 27.676723] The buggy address belongs to the object at ffff88810439e280 [ 27.676723] which belongs to the cache kmalloc-64 of size 64 [ 27.677282] The buggy address is located 0 bytes to the right of [ 27.677282] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.677817] [ 27.677914] The buggy address belongs to the physical page: [ 27.678218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.678458] flags: 0x200000000000000(node=0|zone=2) [ 27.678620] page_type: f5(slab) [ 27.678751] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.679594] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.679910] page dumped because: kasan: bad access detected [ 27.680082] [ 27.680149] Memory state around the buggy address: [ 27.680439] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.681025] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.681279] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.681492] ^ [ 27.681647] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.681966] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.682394] ================================================================== [ 28.675111] ================================================================== [ 28.675572] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 28.675982] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.676444] [ 28.676533] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.676596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.676611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.676634] Call Trace: [ 28.676650] <TASK> [ 28.676667] dump_stack_lvl+0x73/0xb0 [ 28.676711] print_report+0xd1/0x610 [ 28.676737] ? __virt_addr_valid+0x1db/0x2d0 [ 28.676762] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.676786] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.676815] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.676838] kasan_report+0x141/0x180 [ 28.676862] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.676890] kasan_check_range+0x10c/0x1c0 [ 28.676915] __kasan_check_write+0x18/0x20 [ 28.676940] kasan_atomics_helper+0x19e3/0x5450 [ 28.676964] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.676988] ? ret_from_fork_asm+0x1a/0x30 [ 28.677018] kasan_atomics+0x1dc/0x310 [ 28.677042] ? __pfx_kasan_atomics+0x10/0x10 [ 28.677068] ? __pfx_read_tsc+0x10/0x10 [ 28.677092] ? ktime_get_ts64+0x86/0x230 [ 28.677119] kunit_try_run_case+0x1a5/0x480 [ 28.677142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.677164] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.677189] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.677213] ? __kthread_parkme+0x82/0x180 [ 28.677236] ? preempt_count_sub+0x50/0x80 [ 28.677262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.677284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.677311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.677339] kthread+0x337/0x6f0 [ 28.677362] ? trace_preempt_on+0x20/0xc0 [ 28.677387] ? __pfx_kthread+0x10/0x10 [ 28.677409] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.677432] ? calculate_sigpending+0x7b/0xa0 [ 28.677457] ? __pfx_kthread+0x10/0x10 [ 28.677482] ret_from_fork+0x116/0x1d0 [ 28.677513] ? __pfx_kthread+0x10/0x10 [ 28.677535] ret_from_fork_asm+0x1a/0x30 [ 28.677568] </TASK> [ 28.677580] [ 28.684678] Allocated by task 313: [ 28.684865] kasan_save_stack+0x45/0x70 [ 28.685143] kasan_save_track+0x18/0x40 [ 28.685279] kasan_save_alloc_info+0x3b/0x50 [ 28.685426] __kasan_kmalloc+0xb7/0xc0 [ 28.685554] __kmalloc_cache_noprof+0x189/0x420 [ 28.685837] kasan_atomics+0x95/0x310 [ 28.686168] kunit_try_run_case+0x1a5/0x480 [ 28.686376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.686603] kthread+0x337/0x6f0 [ 28.686769] ret_from_fork+0x116/0x1d0 [ 28.686945] ret_from_fork_asm+0x1a/0x30 [ 28.687116] [ 28.687210] The buggy address belongs to the object at ffff88810439e280 [ 28.687210] which belongs to the cache kmalloc-64 of size 64 [ 28.687712] The buggy address is located 0 bytes to the right of [ 28.687712] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.688109] [ 28.688178] The buggy address belongs to the physical page: [ 28.688349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.688651] flags: 0x200000000000000(node=0|zone=2) [ 28.688904] page_type: f5(slab) [ 28.689069] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.689400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.690457] page dumped because: kasan: bad access detected [ 28.690679] [ 28.690759] Memory state around the buggy address: [ 28.690915] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.691130] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.691381] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.692076] ^ [ 28.692507] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.693018] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.693523] ================================================================== [ 27.935233] ================================================================== [ 27.935493] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 27.935914] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.936166] [ 27.936247] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.936292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.936306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.936328] Call Trace: [ 27.936342] <TASK> [ 27.936359] dump_stack_lvl+0x73/0xb0 [ 27.936387] print_report+0xd1/0x610 [ 27.936412] ? __virt_addr_valid+0x1db/0x2d0 [ 27.936437] ? kasan_atomics_helper+0xa2b/0x5450 [ 27.936459] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.936500] ? kasan_atomics_helper+0xa2b/0x5450 [ 27.936523] kasan_report+0x141/0x180 [ 27.936546] ? kasan_atomics_helper+0xa2b/0x5450 [ 27.936573] kasan_check_range+0x10c/0x1c0 [ 27.936598] __kasan_check_write+0x18/0x20 [ 27.936622] kasan_atomics_helper+0xa2b/0x5450 [ 27.936646] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.936669] ? ret_from_fork_asm+0x1a/0x30 [ 27.936710] kasan_atomics+0x1dc/0x310 [ 27.936734] ? __pfx_kasan_atomics+0x10/0x10 [ 27.936759] ? __pfx_read_tsc+0x10/0x10 [ 27.936945] ? ktime_get_ts64+0x86/0x230 [ 27.936982] kunit_try_run_case+0x1a5/0x480 [ 27.937007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.937029] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.937054] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.937079] ? __kthread_parkme+0x82/0x180 [ 27.937101] ? preempt_count_sub+0x50/0x80 [ 27.937125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.937149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.937175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.937203] kthread+0x337/0x6f0 [ 27.937223] ? trace_preempt_on+0x20/0xc0 [ 27.937247] ? __pfx_kthread+0x10/0x10 [ 27.937269] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.937293] ? calculate_sigpending+0x7b/0xa0 [ 27.937317] ? __pfx_kthread+0x10/0x10 [ 27.937341] ret_from_fork+0x116/0x1d0 [ 27.937362] ? __pfx_kthread+0x10/0x10 [ 27.937384] ret_from_fork_asm+0x1a/0x30 [ 27.937416] </TASK> [ 27.937429] [ 27.945615] Allocated by task 313: [ 27.945815] kasan_save_stack+0x45/0x70 [ 27.946098] kasan_save_track+0x18/0x40 [ 27.946231] kasan_save_alloc_info+0x3b/0x50 [ 27.946376] __kasan_kmalloc+0xb7/0xc0 [ 27.946503] __kmalloc_cache_noprof+0x189/0x420 [ 27.946852] kasan_atomics+0x95/0x310 [ 27.947055] kunit_try_run_case+0x1a5/0x480 [ 27.947262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.947561] kthread+0x337/0x6f0 [ 27.947753] ret_from_fork+0x116/0x1d0 [ 27.948154] ret_from_fork_asm+0x1a/0x30 [ 27.948359] [ 27.948447] The buggy address belongs to the object at ffff88810439e280 [ 27.948447] which belongs to the cache kmalloc-64 of size 64 [ 27.949270] The buggy address is located 0 bytes to the right of [ 27.949270] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.949844] [ 27.949942] The buggy address belongs to the physical page: [ 27.950165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.950457] flags: 0x200000000000000(node=0|zone=2) [ 27.950622] page_type: f5(slab) [ 27.950853] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.951229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.951650] page dumped because: kasan: bad access detected [ 27.952030] [ 27.952103] Memory state around the buggy address: [ 27.952310] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.952565] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.952895] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.953182] ^ [ 27.953336] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.953549] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.953963] ================================================================== [ 28.938615] ================================================================== [ 28.939012] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 28.939379] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.939754] [ 28.939863] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.939913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.939926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.939948] Call Trace: [ 28.939963] <TASK> [ 28.939978] dump_stack_lvl+0x73/0xb0 [ 28.940006] print_report+0xd1/0x610 [ 28.940031] ? __virt_addr_valid+0x1db/0x2d0 [ 28.940055] ? kasan_atomics_helper+0x20c8/0x5450 [ 28.940077] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.940104] ? kasan_atomics_helper+0x20c8/0x5450 [ 28.940128] kasan_report+0x141/0x180 [ 28.940150] ? kasan_atomics_helper+0x20c8/0x5450 [ 28.940177] kasan_check_range+0x10c/0x1c0 [ 28.940201] __kasan_check_write+0x18/0x20 [ 28.940226] kasan_atomics_helper+0x20c8/0x5450 [ 28.940251] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.940274] ? ret_from_fork_asm+0x1a/0x30 [ 28.940303] kasan_atomics+0x1dc/0x310 [ 28.940327] ? __pfx_kasan_atomics+0x10/0x10 [ 28.940352] ? __pfx_read_tsc+0x10/0x10 [ 28.940375] ? ktime_get_ts64+0x86/0x230 [ 28.940400] kunit_try_run_case+0x1a5/0x480 [ 28.940425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.940447] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.940526] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.940555] ? __kthread_parkme+0x82/0x180 [ 28.940579] ? preempt_count_sub+0x50/0x80 [ 28.940603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.940628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.940655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.940682] kthread+0x337/0x6f0 [ 28.940712] ? trace_preempt_on+0x20/0xc0 [ 28.940737] ? __pfx_kthread+0x10/0x10 [ 28.940760] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.940782] ? calculate_sigpending+0x7b/0xa0 [ 28.940807] ? __pfx_kthread+0x10/0x10 [ 28.940831] ret_from_fork+0x116/0x1d0 [ 28.940852] ? __pfx_kthread+0x10/0x10 [ 28.940874] ret_from_fork_asm+0x1a/0x30 [ 28.940905] </TASK> [ 28.940918] [ 28.948705] Allocated by task 313: [ 28.948893] kasan_save_stack+0x45/0x70 [ 28.949095] kasan_save_track+0x18/0x40 [ 28.949286] kasan_save_alloc_info+0x3b/0x50 [ 28.949456] __kasan_kmalloc+0xb7/0xc0 [ 28.949706] __kmalloc_cache_noprof+0x189/0x420 [ 28.949928] kasan_atomics+0x95/0x310 [ 28.950058] kunit_try_run_case+0x1a5/0x480 [ 28.950229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.950544] kthread+0x337/0x6f0 [ 28.950754] ret_from_fork+0x116/0x1d0 [ 28.950979] ret_from_fork_asm+0x1a/0x30 [ 28.951183] [ 28.951275] The buggy address belongs to the object at ffff88810439e280 [ 28.951275] which belongs to the cache kmalloc-64 of size 64 [ 28.951858] The buggy address is located 0 bytes to the right of [ 28.951858] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.952414] [ 28.952538] The buggy address belongs to the physical page: [ 28.952826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.953187] flags: 0x200000000000000(node=0|zone=2) [ 28.953427] page_type: f5(slab) [ 28.953644] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.953989] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.954353] page dumped because: kasan: bad access detected [ 28.954645] [ 28.954747] Memory state around the buggy address: [ 28.954921] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.955134] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.955416] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.955795] ^ [ 28.956064] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.956385] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.956684] ================================================================== [ 27.567522] ================================================================== [ 27.567860] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 27.568215] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.568592] [ 27.568738] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.568789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.568802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.568825] Call Trace: [ 27.568839] <TASK> [ 27.568855] dump_stack_lvl+0x73/0xb0 [ 27.568885] print_report+0xd1/0x610 [ 27.568908] ? __virt_addr_valid+0x1db/0x2d0 [ 27.568933] ? kasan_atomics_helper+0x4ba2/0x5450 [ 27.568955] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.568993] ? kasan_atomics_helper+0x4ba2/0x5450 [ 27.569017] kasan_report+0x141/0x180 [ 27.569041] ? kasan_atomics_helper+0x4ba2/0x5450 [ 27.569069] __asan_report_store4_noabort+0x1b/0x30 [ 27.569094] kasan_atomics_helper+0x4ba2/0x5450 [ 27.569116] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.569139] ? ret_from_fork_asm+0x1a/0x30 [ 27.569167] kasan_atomics+0x1dc/0x310 [ 27.569190] ? __pfx_kasan_atomics+0x10/0x10 [ 27.569215] ? __pfx_read_tsc+0x10/0x10 [ 27.569239] ? ktime_get_ts64+0x86/0x230 [ 27.569265] kunit_try_run_case+0x1a5/0x480 [ 27.569287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.569308] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.569333] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.569356] ? __kthread_parkme+0x82/0x180 [ 27.569377] ? preempt_count_sub+0x50/0x80 [ 27.569402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.569424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.569449] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.569475] kthread+0x337/0x6f0 [ 27.569505] ? trace_preempt_on+0x20/0xc0 [ 27.569527] ? __pfx_kthread+0x10/0x10 [ 27.569549] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.569570] ? calculate_sigpending+0x7b/0xa0 [ 27.569593] ? __pfx_kthread+0x10/0x10 [ 27.569616] ret_from_fork+0x116/0x1d0 [ 27.569636] ? __pfx_kthread+0x10/0x10 [ 27.569656] ret_from_fork_asm+0x1a/0x30 [ 27.569686] </TASK> [ 27.569709] [ 27.583743] Allocated by task 313: [ 27.584270] kasan_save_stack+0x45/0x70 [ 27.585176] kasan_save_track+0x18/0x40 [ 27.585821] kasan_save_alloc_info+0x3b/0x50 [ 27.586328] __kasan_kmalloc+0xb7/0xc0 [ 27.586470] __kmalloc_cache_noprof+0x189/0x420 [ 27.587209] kasan_atomics+0x95/0x310 [ 27.587708] kunit_try_run_case+0x1a5/0x480 [ 27.588360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.588773] kthread+0x337/0x6f0 [ 27.589186] ret_from_fork+0x116/0x1d0 [ 27.589334] ret_from_fork_asm+0x1a/0x30 [ 27.589472] [ 27.589637] The buggy address belongs to the object at ffff88810439e280 [ 27.589637] which belongs to the cache kmalloc-64 of size 64 [ 27.591320] The buggy address is located 0 bytes to the right of [ 27.591320] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.592449] [ 27.592694] The buggy address belongs to the physical page: [ 27.593286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.594019] flags: 0x200000000000000(node=0|zone=2) [ 27.594193] page_type: f5(slab) [ 27.594319] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.594642] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.595506] page dumped because: kasan: bad access detected [ 27.596091] [ 27.596293] Memory state around the buggy address: [ 27.596738] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.596954] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.597164] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.597377] ^ [ 27.597670] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.598485] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.599298] ================================================================== [ 27.600481] ================================================================== [ 27.601283] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 27.602179] Read of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.602933] [ 27.603073] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.603130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.603183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.603209] Call Trace: [ 27.603230] <TASK> [ 27.603285] dump_stack_lvl+0x73/0xb0 [ 27.603318] print_report+0xd1/0x610 [ 27.603354] ? __virt_addr_valid+0x1db/0x2d0 [ 27.603381] ? kasan_atomics_helper+0x4b88/0x5450 [ 27.603404] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.603431] ? kasan_atomics_helper+0x4b88/0x5450 [ 27.603454] kasan_report+0x141/0x180 [ 27.603478] ? kasan_atomics_helper+0x4b88/0x5450 [ 27.603516] __asan_report_load4_noabort+0x18/0x20 [ 27.603542] kasan_atomics_helper+0x4b88/0x5450 [ 27.603566] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.603590] ? ret_from_fork_asm+0x1a/0x30 [ 27.603620] kasan_atomics+0x1dc/0x310 [ 27.603645] ? __pfx_kasan_atomics+0x10/0x10 [ 27.603671] ? __pfx_read_tsc+0x10/0x10 [ 27.603694] ? ktime_get_ts64+0x86/0x230 [ 27.603732] kunit_try_run_case+0x1a5/0x480 [ 27.603756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.603964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.604001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.604027] ? __kthread_parkme+0x82/0x180 [ 27.604050] ? preempt_count_sub+0x50/0x80 [ 27.604076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.604099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.604127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.604154] kthread+0x337/0x6f0 [ 27.604176] ? trace_preempt_on+0x20/0xc0 [ 27.604200] ? __pfx_kthread+0x10/0x10 [ 27.604222] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.604245] ? calculate_sigpending+0x7b/0xa0 [ 27.604270] ? __pfx_kthread+0x10/0x10 [ 27.604293] ret_from_fork+0x116/0x1d0 [ 27.604314] ? __pfx_kthread+0x10/0x10 [ 27.604336] ret_from_fork_asm+0x1a/0x30 [ 27.604368] </TASK> [ 27.604381] [ 27.617882] Allocated by task 313: [ 27.618326] kasan_save_stack+0x45/0x70 [ 27.618747] kasan_save_track+0x18/0x40 [ 27.619093] kasan_save_alloc_info+0x3b/0x50 [ 27.619248] __kasan_kmalloc+0xb7/0xc0 [ 27.619378] __kmalloc_cache_noprof+0x189/0x420 [ 27.619563] kasan_atomics+0x95/0x310 [ 27.619935] kunit_try_run_case+0x1a5/0x480 [ 27.620556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.621191] kthread+0x337/0x6f0 [ 27.621518] ret_from_fork+0x116/0x1d0 [ 27.621948] ret_from_fork_asm+0x1a/0x30 [ 27.622327] [ 27.622503] The buggy address belongs to the object at ffff88810439e280 [ 27.622503] which belongs to the cache kmalloc-64 of size 64 [ 27.623291] The buggy address is located 0 bytes to the right of [ 27.623291] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.624188] [ 27.624371] The buggy address belongs to the physical page: [ 27.624964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.625688] flags: 0x200000000000000(node=0|zone=2) [ 27.626224] page_type: f5(slab) [ 27.626361] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.626616] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.627063] page dumped because: kasan: bad access detected [ 27.627593] [ 27.627757] Memory state around the buggy address: [ 27.628178] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.628739] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.629242] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.629459] ^ [ 27.629899] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.630602] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.631242] ================================================================== [ 28.712868] ================================================================== [ 28.713585] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 28.713866] Write of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.714168] [ 28.714248] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.714296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.714310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.714332] Call Trace: [ 28.714348] <TASK> [ 28.714365] dump_stack_lvl+0x73/0xb0 [ 28.714392] print_report+0xd1/0x610 [ 28.714417] ? __virt_addr_valid+0x1db/0x2d0 [ 28.714441] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.714464] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.714502] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.714526] kasan_report+0x141/0x180 [ 28.714549] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.714577] kasan_check_range+0x10c/0x1c0 [ 28.714602] __kasan_check_write+0x18/0x20 [ 28.714627] kasan_atomics_helper+0x1b22/0x5450 [ 28.714652] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.714675] ? ret_from_fork_asm+0x1a/0x30 [ 28.714716] kasan_atomics+0x1dc/0x310 [ 28.714741] ? __pfx_kasan_atomics+0x10/0x10 [ 28.714767] ? __pfx_read_tsc+0x10/0x10 [ 28.714791] ? ktime_get_ts64+0x86/0x230 [ 28.714817] kunit_try_run_case+0x1a5/0x480 [ 28.714840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.714863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.714888] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.714913] ? __kthread_parkme+0x82/0x180 [ 28.714936] ? preempt_count_sub+0x50/0x80 [ 28.714961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.714985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.715013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.715039] kthread+0x337/0x6f0 [ 28.715059] ? trace_preempt_on+0x20/0xc0 [ 28.715083] ? __pfx_kthread+0x10/0x10 [ 28.715105] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.715128] ? calculate_sigpending+0x7b/0xa0 [ 28.715153] ? __pfx_kthread+0x10/0x10 [ 28.715176] ret_from_fork+0x116/0x1d0 [ 28.715197] ? __pfx_kthread+0x10/0x10 [ 28.715219] ret_from_fork_asm+0x1a/0x30 [ 28.715251] </TASK> [ 28.715264] [ 28.723728] Allocated by task 313: [ 28.724336] kasan_save_stack+0x45/0x70 [ 28.724990] kasan_save_track+0x18/0x40 [ 28.725603] kasan_save_alloc_info+0x3b/0x50 [ 28.726270] __kasan_kmalloc+0xb7/0xc0 [ 28.726898] __kmalloc_cache_noprof+0x189/0x420 [ 28.727070] kasan_atomics+0x95/0x310 [ 28.727205] kunit_try_run_case+0x1a5/0x480 [ 28.727349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.727952] kthread+0x337/0x6f0 [ 28.728526] ret_from_fork+0x116/0x1d0 [ 28.729105] ret_from_fork_asm+0x1a/0x30 [ 28.729820] [ 28.730028] The buggy address belongs to the object at ffff88810439e280 [ 28.730028] which belongs to the cache kmalloc-64 of size 64 [ 28.731128] The buggy address is located 0 bytes to the right of [ 28.731128] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 28.731763] [ 28.732013] The buggy address belongs to the physical page: [ 28.732801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 28.733848] flags: 0x200000000000000(node=0|zone=2) [ 28.734367] page_type: f5(slab) [ 28.734648] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.735509] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.736257] page dumped because: kasan: bad access detected [ 28.736729] [ 28.736807] Memory state around the buggy address: [ 28.736965] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.737182] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.737399] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.738291] ^ [ 28.739023] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.739864] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.740718] ================================================================== [ 27.973861] ================================================================== [ 27.974203] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 27.974500] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.975002] [ 27.975089] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.975137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.975151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.975174] Call Trace: [ 27.975189] <TASK> [ 27.975206] dump_stack_lvl+0x73/0xb0 [ 27.975234] print_report+0xd1/0x610 [ 27.975260] ? __virt_addr_valid+0x1db/0x2d0 [ 27.975285] ? kasan_atomics_helper+0xb6a/0x5450 [ 27.975307] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.975335] ? kasan_atomics_helper+0xb6a/0x5450 [ 27.975358] kasan_report+0x141/0x180 [ 27.975381] ? kasan_atomics_helper+0xb6a/0x5450 [ 27.975408] kasan_check_range+0x10c/0x1c0 [ 27.975432] __kasan_check_write+0x18/0x20 [ 27.975457] kasan_atomics_helper+0xb6a/0x5450 [ 27.975481] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.975504] ? ret_from_fork_asm+0x1a/0x30 [ 27.975533] kasan_atomics+0x1dc/0x310 [ 27.975557] ? __pfx_kasan_atomics+0x10/0x10 [ 27.975758] ? __pfx_read_tsc+0x10/0x10 [ 27.975842] ? ktime_get_ts64+0x86/0x230 [ 27.975879] kunit_try_run_case+0x1a5/0x480 [ 27.975906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.975928] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.975954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.975979] ? __kthread_parkme+0x82/0x180 [ 27.976001] ? preempt_count_sub+0x50/0x80 [ 27.976027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.976051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.976077] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.976105] kthread+0x337/0x6f0 [ 27.976126] ? trace_preempt_on+0x20/0xc0 [ 27.976150] ? __pfx_kthread+0x10/0x10 [ 27.976172] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.976196] ? calculate_sigpending+0x7b/0xa0 [ 27.976221] ? __pfx_kthread+0x10/0x10 [ 27.976244] ret_from_fork+0x116/0x1d0 [ 27.976265] ? __pfx_kthread+0x10/0x10 [ 27.976287] ret_from_fork_asm+0x1a/0x30 [ 27.976319] </TASK> [ 27.976333] [ 27.984245] Allocated by task 313: [ 27.984375] kasan_save_stack+0x45/0x70 [ 27.984677] kasan_save_track+0x18/0x40 [ 27.985064] kasan_save_alloc_info+0x3b/0x50 [ 27.985282] __kasan_kmalloc+0xb7/0xc0 [ 27.985474] __kmalloc_cache_noprof+0x189/0x420 [ 27.985763] kasan_atomics+0x95/0x310 [ 27.985981] kunit_try_run_case+0x1a5/0x480 [ 27.986180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.986412] kthread+0x337/0x6f0 [ 27.986579] ret_from_fork+0x116/0x1d0 [ 27.986773] ret_from_fork_asm+0x1a/0x30 [ 27.986937] [ 27.987032] The buggy address belongs to the object at ffff88810439e280 [ 27.987032] which belongs to the cache kmalloc-64 of size 64 [ 27.987418] The buggy address is located 0 bytes to the right of [ 27.987418] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.987970] [ 27.988253] The buggy address belongs to the physical page: [ 27.988510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.988781] flags: 0x200000000000000(node=0|zone=2) [ 27.989127] page_type: f5(slab) [ 27.989304] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.989647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.989971] page dumped because: kasan: bad access detected [ 27.990290] [ 27.990376] Memory state around the buggy address: [ 27.990629] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.991053] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.991354] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.991668] ^ [ 27.992093] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.992352] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.992827] ================================================================== [ 27.762292] ================================================================== [ 27.762727] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 27.763796] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.764432] [ 27.764695] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.764765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.764780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.764804] Call Trace: [ 27.764888] <TASK> [ 27.764909] dump_stack_lvl+0x73/0xb0 [ 27.764941] print_report+0xd1/0x610 [ 27.764969] ? __virt_addr_valid+0x1db/0x2d0 [ 27.764995] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.765018] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.765046] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.765069] kasan_report+0x141/0x180 [ 27.765092] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.765119] kasan_check_range+0x10c/0x1c0 [ 27.765144] __kasan_check_write+0x18/0x20 [ 27.765169] kasan_atomics_helper+0x5fe/0x5450 [ 27.765192] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.765216] ? ret_from_fork_asm+0x1a/0x30 [ 27.765247] kasan_atomics+0x1dc/0x310 [ 27.765271] ? __pfx_kasan_atomics+0x10/0x10 [ 27.765297] ? __pfx_read_tsc+0x10/0x10 [ 27.765321] ? ktime_get_ts64+0x86/0x230 [ 27.765347] kunit_try_run_case+0x1a5/0x480 [ 27.765371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.765393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.765419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.765443] ? __kthread_parkme+0x82/0x180 [ 27.765466] ? preempt_count_sub+0x50/0x80 [ 27.765491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.765515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.765541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.765568] kthread+0x337/0x6f0 [ 27.765590] ? trace_preempt_on+0x20/0xc0 [ 27.765615] ? __pfx_kthread+0x10/0x10 [ 27.765639] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.765663] ? calculate_sigpending+0x7b/0xa0 [ 27.765690] ? __pfx_kthread+0x10/0x10 [ 27.765727] ret_from_fork+0x116/0x1d0 [ 27.765750] ? __pfx_kthread+0x10/0x10 [ 27.765789] ret_from_fork_asm+0x1a/0x30 [ 27.765833] </TASK> [ 27.765847] [ 27.778428] Allocated by task 313: [ 27.778919] kasan_save_stack+0x45/0x70 [ 27.779244] kasan_save_track+0x18/0x40 [ 27.779533] kasan_save_alloc_info+0x3b/0x50 [ 27.779937] __kasan_kmalloc+0xb7/0xc0 [ 27.780088] __kmalloc_cache_noprof+0x189/0x420 [ 27.780480] kasan_atomics+0x95/0x310 [ 27.780847] kunit_try_run_case+0x1a5/0x480 [ 27.781157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.781412] kthread+0x337/0x6f0 [ 27.781731] ret_from_fork+0x116/0x1d0 [ 27.782350] ret_from_fork_asm+0x1a/0x30 [ 27.782617] [ 27.782711] The buggy address belongs to the object at ffff88810439e280 [ 27.782711] which belongs to the cache kmalloc-64 of size 64 [ 27.783651] The buggy address is located 0 bytes to the right of [ 27.783651] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.784675] [ 27.784838] The buggy address belongs to the physical page: [ 27.785131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.785452] flags: 0x200000000000000(node=0|zone=2) [ 27.786004] page_type: f5(slab) [ 27.786276] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.786794] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.787228] page dumped because: kasan: bad access detected [ 27.787547] [ 27.787651] Memory state around the buggy address: [ 27.788060] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.788468] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.788999] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.789296] ^ [ 27.789956] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.790246] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.790752] ================================================================== [ 27.702202] ================================================================== [ 27.702497] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 27.703031] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.703347] [ 27.703437] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.703487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.703567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.703591] Call Trace: [ 27.703611] <TASK> [ 27.703630] dump_stack_lvl+0x73/0xb0 [ 27.703658] print_report+0xd1/0x610 [ 27.703684] ? __virt_addr_valid+0x1db/0x2d0 [ 27.703721] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.703743] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.703772] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.703892] kasan_report+0x141/0x180 [ 27.703916] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.703944] kasan_check_range+0x10c/0x1c0 [ 27.703969] __kasan_check_write+0x18/0x20 [ 27.703994] kasan_atomics_helper+0x4a0/0x5450 [ 27.704018] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.704042] ? ret_from_fork_asm+0x1a/0x30 [ 27.704071] kasan_atomics+0x1dc/0x310 [ 27.704095] ? __pfx_kasan_atomics+0x10/0x10 [ 27.704121] ? __pfx_read_tsc+0x10/0x10 [ 27.704145] ? ktime_get_ts64+0x86/0x230 [ 27.704172] kunit_try_run_case+0x1a5/0x480 [ 27.704195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.704217] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.704243] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.704268] ? __kthread_parkme+0x82/0x180 [ 27.704291] ? preempt_count_sub+0x50/0x80 [ 27.704317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.704340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.704367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.704394] kthread+0x337/0x6f0 [ 27.704415] ? trace_preempt_on+0x20/0xc0 [ 27.704440] ? __pfx_kthread+0x10/0x10 [ 27.704463] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.704485] ? calculate_sigpending+0x7b/0xa0 [ 27.704511] ? __pfx_kthread+0x10/0x10 [ 27.704534] ret_from_fork+0x116/0x1d0 [ 27.704556] ? __pfx_kthread+0x10/0x10 [ 27.704578] ret_from_fork_asm+0x1a/0x30 [ 27.704611] </TASK> [ 27.704624] [ 27.712717] Allocated by task 313: [ 27.713058] kasan_save_stack+0x45/0x70 [ 27.713271] kasan_save_track+0x18/0x40 [ 27.713423] kasan_save_alloc_info+0x3b/0x50 [ 27.713653] __kasan_kmalloc+0xb7/0xc0 [ 27.713835] __kmalloc_cache_noprof+0x189/0x420 [ 27.713993] kasan_atomics+0x95/0x310 [ 27.714124] kunit_try_run_case+0x1a5/0x480 [ 27.714615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.715077] kthread+0x337/0x6f0 [ 27.715301] ret_from_fork+0x116/0x1d0 [ 27.715437] ret_from_fork_asm+0x1a/0x30 [ 27.715786] [ 27.715939] The buggy address belongs to the object at ffff88810439e280 [ 27.715939] which belongs to the cache kmalloc-64 of size 64 [ 27.716409] The buggy address is located 0 bytes to the right of [ 27.716409] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.716932] [ 27.717006] The buggy address belongs to the physical page: [ 27.717179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.717538] flags: 0x200000000000000(node=0|zone=2) [ 27.717832] page_type: f5(slab) [ 27.718329] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.718669] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.719057] page dumped because: kasan: bad access detected [ 27.719254] [ 27.719325] Memory state around the buggy address: [ 27.719603] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.719944] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.720164] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.720379] ^ [ 27.720762] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.721141] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.721467] ================================================================== [ 28.997591] ================================================================== [ 28.998197] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 28.998836] Read of size 8 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 28.999312] [ 28.999423] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 28.999476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.000006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.000037] Call Trace: [ 29.000054] <TASK> [ 29.000071] dump_stack_lvl+0x73/0xb0 [ 29.000105] print_report+0xd1/0x610 [ 29.000132] ? __virt_addr_valid+0x1db/0x2d0 [ 29.000158] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.000181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.000209] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.000232] kasan_report+0x141/0x180 [ 29.000256] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.000283] __asan_report_load8_noabort+0x18/0x20 [ 29.000312] kasan_atomics_helper+0x4fa5/0x5450 [ 29.000336] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.000360] ? ret_from_fork_asm+0x1a/0x30 [ 29.000389] kasan_atomics+0x1dc/0x310 [ 29.000412] ? __pfx_kasan_atomics+0x10/0x10 [ 29.000438] ? __pfx_read_tsc+0x10/0x10 [ 29.000461] ? ktime_get_ts64+0x86/0x230 [ 29.000569] kunit_try_run_case+0x1a5/0x480 [ 29.000605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.000629] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.000655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.000680] ? __kthread_parkme+0x82/0x180 [ 29.000749] ? preempt_count_sub+0x50/0x80 [ 29.000776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.000800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.000827] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.000854] kthread+0x337/0x6f0 [ 29.000874] ? trace_preempt_on+0x20/0xc0 [ 29.000899] ? __pfx_kthread+0x10/0x10 [ 29.000920] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.000943] ? calculate_sigpending+0x7b/0xa0 [ 29.000968] ? __pfx_kthread+0x10/0x10 [ 29.000991] ret_from_fork+0x116/0x1d0 [ 29.001012] ? __pfx_kthread+0x10/0x10 [ 29.001034] ret_from_fork_asm+0x1a/0x30 [ 29.001066] </TASK> [ 29.001079] [ 29.012348] Allocated by task 313: [ 29.012799] kasan_save_stack+0x45/0x70 [ 29.013051] kasan_save_track+0x18/0x40 [ 29.013343] kasan_save_alloc_info+0x3b/0x50 [ 29.013676] __kasan_kmalloc+0xb7/0xc0 [ 29.013868] __kmalloc_cache_noprof+0x189/0x420 [ 29.014072] kasan_atomics+0x95/0x310 [ 29.014238] kunit_try_run_case+0x1a5/0x480 [ 29.014424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.015027] kthread+0x337/0x6f0 [ 29.015305] ret_from_fork+0x116/0x1d0 [ 29.015693] ret_from_fork_asm+0x1a/0x30 [ 29.016018] [ 29.016233] The buggy address belongs to the object at ffff88810439e280 [ 29.016233] which belongs to the cache kmalloc-64 of size 64 [ 29.017152] The buggy address is located 0 bytes to the right of [ 29.017152] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 29.017899] [ 29.018123] The buggy address belongs to the physical page: [ 29.018474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 29.018926] flags: 0x200000000000000(node=0|zone=2) [ 29.019145] page_type: f5(slab) [ 29.019300] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.020010] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.020423] page dumped because: kasan: bad access detected [ 29.020924] [ 29.021036] Memory state around the buggy address: [ 29.021418] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.021983] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.022479] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.022799] ^ [ 29.023007] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.023292] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.023817] ================================================================== [ 27.741276] ================================================================== [ 27.741739] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 27.742274] Write of size 4 at addr ffff88810439e2b0 by task kunit_try_catch/313 [ 27.742610] [ 27.742727] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.742778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.742867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.742896] Call Trace: [ 27.742915] <TASK> [ 27.742932] dump_stack_lvl+0x73/0xb0 [ 27.742962] print_report+0xd1/0x610 [ 27.742986] ? __virt_addr_valid+0x1db/0x2d0 [ 27.743011] ? kasan_atomics_helper+0x565/0x5450 [ 27.743034] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.743062] ? kasan_atomics_helper+0x565/0x5450 [ 27.743086] kasan_report+0x141/0x180 [ 27.743109] ? kasan_atomics_helper+0x565/0x5450 [ 27.743136] kasan_check_range+0x10c/0x1c0 [ 27.743161] __kasan_check_write+0x18/0x20 [ 27.743186] kasan_atomics_helper+0x565/0x5450 [ 27.743209] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.743233] ? ret_from_fork_asm+0x1a/0x30 [ 27.743263] kasan_atomics+0x1dc/0x310 [ 27.743287] ? __pfx_kasan_atomics+0x10/0x10 [ 27.743312] ? __pfx_read_tsc+0x10/0x10 [ 27.743336] ? ktime_get_ts64+0x86/0x230 [ 27.743361] kunit_try_run_case+0x1a5/0x480 [ 27.743384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.743406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.743431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.743456] ? __kthread_parkme+0x82/0x180 [ 27.743478] ? preempt_count_sub+0x50/0x80 [ 27.743513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.743537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.743563] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.743590] kthread+0x337/0x6f0 [ 27.743611] ? trace_preempt_on+0x20/0xc0 [ 27.743634] ? __pfx_kthread+0x10/0x10 [ 27.743657] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.743681] ? calculate_sigpending+0x7b/0xa0 [ 27.743720] ? __pfx_kthread+0x10/0x10 [ 27.743743] ret_from_fork+0x116/0x1d0 [ 27.743765] ? __pfx_kthread+0x10/0x10 [ 27.743840] ret_from_fork_asm+0x1a/0x30 [ 27.743880] </TASK> [ 27.743894] [ 27.751931] Allocated by task 313: [ 27.752106] kasan_save_stack+0x45/0x70 [ 27.752330] kasan_save_track+0x18/0x40 [ 27.752547] kasan_save_alloc_info+0x3b/0x50 [ 27.752860] __kasan_kmalloc+0xb7/0xc0 [ 27.753038] __kmalloc_cache_noprof+0x189/0x420 [ 27.753284] kasan_atomics+0x95/0x310 [ 27.753536] kunit_try_run_case+0x1a5/0x480 [ 27.753750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.754242] kthread+0x337/0x6f0 [ 27.754412] ret_from_fork+0x116/0x1d0 [ 27.754630] ret_from_fork_asm+0x1a/0x30 [ 27.754962] [ 27.755063] The buggy address belongs to the object at ffff88810439e280 [ 27.755063] which belongs to the cache kmalloc-64 of size 64 [ 27.755508] The buggy address is located 0 bytes to the right of [ 27.755508] allocated 48-byte region [ffff88810439e280, ffff88810439e2b0) [ 27.756200] [ 27.756276] The buggy address belongs to the physical page: [ 27.756445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10439e [ 27.756811] flags: 0x200000000000000(node=0|zone=2) [ 27.757054] page_type: f5(slab) [ 27.757224] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.757496] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.758034] page dumped because: kasan: bad access detected [ 27.758212] [ 27.758280] Memory state around the buggy address: [ 27.758432] ffff88810439e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.758909] ffff88810439e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.759263] >ffff88810439e280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.759647] ^ [ 27.759967] ffff88810439e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.760246] ffff88810439e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.760613] ==================================================================