Date
July 16, 2025, 12:11 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 33.546725] ================================================================== [ 33.546777] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 33.546829] Read of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.546881] [ 33.546911] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.546999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.547027] Hardware name: linux,dummy-virt (DT) [ 33.547061] Call trace: [ 33.547151] show_stack+0x20/0x38 (C) [ 33.547206] dump_stack_lvl+0x8c/0xd0 [ 33.547290] print_report+0x118/0x5d0 [ 33.547367] kasan_report+0xdc/0x128 [ 33.547424] __asan_report_load8_noabort+0x20/0x30 [ 33.547528] kasan_atomics_helper+0x3e20/0x4858 [ 33.547617] kasan_atomics+0x198/0x2e0 [ 33.547666] kunit_try_run_case+0x170/0x3f0 [ 33.547715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.547770] kthread+0x328/0x630 [ 33.547818] ret_from_fork+0x10/0x20 [ 33.547868] [ 33.547888] Allocated by task 296: [ 33.547919] kasan_save_stack+0x3c/0x68 [ 33.547959] kasan_save_track+0x20/0x40 [ 33.547999] kasan_save_alloc_info+0x40/0x58 [ 33.548040] __kasan_kmalloc+0xd4/0xd8 [ 33.548081] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.548125] kasan_atomics+0xb8/0x2e0 [ 33.548181] kunit_try_run_case+0x170/0x3f0 [ 33.548220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.548266] kthread+0x328/0x630 [ 33.549277] ret_from_fork+0x10/0x20 [ 33.549410] [ 33.549491] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.549491] which belongs to the cache kmalloc-64 of size 64 [ 33.549581] The buggy address is located 0 bytes to the right of [ 33.549581] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.549658] [ 33.549679] The buggy address belongs to the physical page: [ 33.549714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.549770] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.549822] page_type: f5(slab) [ 33.549860] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.549914] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.549956] page dumped because: kasan: bad access detected [ 33.549991] [ 33.550011] Memory state around the buggy address: [ 33.550046] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.550094] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.550178] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.550266] ^ [ 33.550411] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.550555] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.550632] ================================================================== [ 33.503600] ================================================================== [ 33.503666] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 33.503845] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.503918] [ 33.503977] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.504194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.504274] Hardware name: linux,dummy-virt (DT) [ 33.504364] Call trace: [ 33.504389] show_stack+0x20/0x38 (C) [ 33.504463] dump_stack_lvl+0x8c/0xd0 [ 33.504527] print_report+0x118/0x5d0 [ 33.504573] kasan_report+0xdc/0x128 [ 33.504617] kasan_check_range+0x100/0x1a8 [ 33.504781] __kasan_check_write+0x20/0x30 [ 33.504944] kasan_atomics_helper+0x14e4/0x4858 [ 33.505067] kasan_atomics+0x198/0x2e0 [ 33.505146] kunit_try_run_case+0x170/0x3f0 [ 33.505204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.505261] kthread+0x328/0x630 [ 33.505451] ret_from_fork+0x10/0x20 [ 33.505587] [ 33.505631] Allocated by task 296: [ 33.505757] kasan_save_stack+0x3c/0x68 [ 33.505797] kasan_save_track+0x20/0x40 [ 33.505860] kasan_save_alloc_info+0x40/0x58 [ 33.505902] __kasan_kmalloc+0xd4/0xd8 [ 33.506088] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.506167] kasan_atomics+0xb8/0x2e0 [ 33.506273] kunit_try_run_case+0x170/0x3f0 [ 33.506349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.506617] kthread+0x328/0x630 [ 33.506717] ret_from_fork+0x10/0x20 [ 33.506788] [ 33.506810] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.506810] which belongs to the cache kmalloc-64 of size 64 [ 33.506883] The buggy address is located 0 bytes to the right of [ 33.506883] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.506951] [ 33.506974] The buggy address belongs to the physical page: [ 33.507009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.507070] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.507121] page_type: f5(slab) [ 33.507176] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.507230] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.507284] page dumped because: kasan: bad access detected [ 33.507327] [ 33.507357] Memory state around the buggy address: [ 33.507412] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.507459] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.507514] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.507556] ^ [ 33.507592] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.507638] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.507695] ================================================================== [ 33.489915] ================================================================== [ 33.489966] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 33.490037] Read of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.490091] [ 33.490123] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.490323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.490523] Hardware name: linux,dummy-virt (DT) [ 33.490631] Call trace: [ 33.490717] show_stack+0x20/0x38 (C) [ 33.490769] dump_stack_lvl+0x8c/0xd0 [ 33.490820] print_report+0x118/0x5d0 [ 33.490994] kasan_report+0xdc/0x128 [ 33.491174] __asan_report_load8_noabort+0x20/0x30 [ 33.491273] kasan_atomics_helper+0x3f04/0x4858 [ 33.491377] kasan_atomics+0x198/0x2e0 [ 33.491453] kunit_try_run_case+0x170/0x3f0 [ 33.491574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.491669] kthread+0x328/0x630 [ 33.491783] ret_from_fork+0x10/0x20 [ 33.491836] [ 33.491856] Allocated by task 296: [ 33.491901] kasan_save_stack+0x3c/0x68 [ 33.492021] kasan_save_track+0x20/0x40 [ 33.492116] kasan_save_alloc_info+0x40/0x58 [ 33.492276] __kasan_kmalloc+0xd4/0xd8 [ 33.492317] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.492378] kasan_atomics+0xb8/0x2e0 [ 33.492418] kunit_try_run_case+0x170/0x3f0 [ 33.492628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.492695] kthread+0x328/0x630 [ 33.492815] ret_from_fork+0x10/0x20 [ 33.492922] [ 33.493000] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.493000] which belongs to the cache kmalloc-64 of size 64 [ 33.493284] The buggy address is located 0 bytes to the right of [ 33.493284] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.493410] [ 33.493462] The buggy address belongs to the physical page: [ 33.493496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.493585] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.493678] page_type: f5(slab) [ 33.493717] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.493768] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.493814] page dumped because: kasan: bad access detected [ 33.493847] [ 33.493867] Memory state around the buggy address: [ 33.494135] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.494249] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.494303] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.494380] ^ [ 33.494437] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.494593] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.494738] ================================================================== [ 33.350590] ================================================================== [ 33.350645] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 33.350698] Write of size 4 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.350780] [ 33.350818] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.350906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.350970] Hardware name: linux,dummy-virt (DT) [ 33.351019] Call trace: [ 33.351044] show_stack+0x20/0x38 (C) [ 33.351111] dump_stack_lvl+0x8c/0xd0 [ 33.351172] print_report+0x118/0x5d0 [ 33.351217] kasan_report+0xdc/0x128 [ 33.351270] kasan_check_range+0x100/0x1a8 [ 33.351319] __kasan_check_write+0x20/0x30 [ 33.351365] kasan_atomics_helper+0x99c/0x4858 [ 33.351416] kasan_atomics+0x198/0x2e0 [ 33.351462] kunit_try_run_case+0x170/0x3f0 [ 33.351665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.351759] kthread+0x328/0x630 [ 33.351868] ret_from_fork+0x10/0x20 [ 33.352029] [ 33.352139] Allocated by task 296: [ 33.352226] kasan_save_stack+0x3c/0x68 [ 33.352320] kasan_save_track+0x20/0x40 [ 33.352447] kasan_save_alloc_info+0x40/0x58 [ 33.352603] __kasan_kmalloc+0xd4/0xd8 [ 33.352667] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.352711] kasan_atomics+0xb8/0x2e0 [ 33.352773] kunit_try_run_case+0x170/0x3f0 [ 33.352814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.353009] kthread+0x328/0x630 [ 33.353212] ret_from_fork+0x10/0x20 [ 33.353309] [ 33.353332] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.353332] which belongs to the cache kmalloc-64 of size 64 [ 33.353427] The buggy address is located 0 bytes to the right of [ 33.353427] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.353591] [ 33.353661] The buggy address belongs to the physical page: [ 33.353723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.353846] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.354030] page_type: f5(slab) [ 33.354171] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.354235] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.354316] page dumped because: kasan: bad access detected [ 33.354350] [ 33.354377] Memory state around the buggy address: [ 33.354480] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.355239] ================================================================== [ 33.495313] ================================================================== [ 33.495366] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 33.495433] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.495494] [ 33.495538] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.495789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.495845] Hardware name: linux,dummy-virt (DT) [ 33.495880] Call trace: [ 33.495903] show_stack+0x20/0x38 (C) [ 33.496063] dump_stack_lvl+0x8c/0xd0 [ 33.496117] print_report+0x118/0x5d0 [ 33.496232] kasan_report+0xdc/0x128 [ 33.496559] kasan_check_range+0x100/0x1a8 [ 33.496680] __kasan_check_write+0x20/0x30 [ 33.496786] kasan_atomics_helper+0x1414/0x4858 [ 33.496867] kasan_atomics+0x198/0x2e0 [ 33.497009] kunit_try_run_case+0x170/0x3f0 [ 33.497123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.497201] kthread+0x328/0x630 [ 33.497253] ret_from_fork+0x10/0x20 [ 33.497303] [ 33.497324] Allocated by task 296: [ 33.497379] kasan_save_stack+0x3c/0x68 [ 33.497420] kasan_save_track+0x20/0x40 [ 33.497459] kasan_save_alloc_info+0x40/0x58 [ 33.497500] __kasan_kmalloc+0xd4/0xd8 [ 33.497552] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.497596] kasan_atomics+0xb8/0x2e0 [ 33.497636] kunit_try_run_case+0x170/0x3f0 [ 33.497677] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.497722] kthread+0x328/0x630 [ 33.497847] ret_from_fork+0x10/0x20 [ 33.498119] [ 33.498196] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.498196] which belongs to the cache kmalloc-64 of size 64 [ 33.498376] The buggy address is located 0 bytes to the right of [ 33.498376] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.498686] [ 33.498772] The buggy address belongs to the physical page: [ 33.498816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.498870] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.498920] page_type: f5(slab) [ 33.498987] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.499245] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.499310] page dumped because: kasan: bad access detected [ 33.499378] [ 33.499428] Memory state around the buggy address: [ 33.499474] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.499724] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.499784] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.499826] ^ [ 33.500016] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.500104] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.500231] ================================================================== [ 33.531523] ================================================================== [ 33.531571] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 33.531620] Read of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.531736] [ 33.531831] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.531980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.532054] Hardware name: linux,dummy-virt (DT) [ 33.532141] Call trace: [ 33.532209] show_stack+0x20/0x38 (C) [ 33.532257] dump_stack_lvl+0x8c/0xd0 [ 33.532306] print_report+0x118/0x5d0 [ 33.532351] kasan_report+0xdc/0x128 [ 33.532667] __asan_report_load8_noabort+0x20/0x30 [ 33.532812] kasan_atomics_helper+0x3e10/0x4858 [ 33.532930] kasan_atomics+0x198/0x2e0 [ 33.532999] kunit_try_run_case+0x170/0x3f0 [ 33.533049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.533289] kthread+0x328/0x630 [ 33.533384] ret_from_fork+0x10/0x20 [ 33.533434] [ 33.533455] Allocated by task 296: [ 33.533527] kasan_save_stack+0x3c/0x68 [ 33.533569] kasan_save_track+0x20/0x40 [ 33.533608] kasan_save_alloc_info+0x40/0x58 [ 33.533649] __kasan_kmalloc+0xd4/0xd8 [ 33.533806] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.533963] kasan_atomics+0xb8/0x2e0 [ 33.534028] kunit_try_run_case+0x170/0x3f0 [ 33.534319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.534440] kthread+0x328/0x630 [ 33.534545] ret_from_fork+0x10/0x20 [ 33.534624] [ 33.534664] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.534664] which belongs to the cache kmalloc-64 of size 64 [ 33.534726] The buggy address is located 0 bytes to the right of [ 33.534726] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.534991] [ 33.535015] The buggy address belongs to the physical page: [ 33.535066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.535156] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.535288] page_type: f5(slab) [ 33.535354] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.535407] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.535451] page dumped because: kasan: bad access detected [ 33.535589] [ 33.535650] Memory state around the buggy address: [ 33.535801] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.535897] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.536005] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.536074] ^ [ 33.536133] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.536356] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.536409] ================================================================== [ 33.501226] ================================================================== [ 33.501284] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 33.501334] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.501386] [ 33.501418] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.501518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.501548] Hardware name: linux,dummy-virt (DT) [ 33.501580] Call trace: [ 33.501605] show_stack+0x20/0x38 (C) [ 33.501652] dump_stack_lvl+0x8c/0xd0 [ 33.501702] print_report+0x118/0x5d0 [ 33.501746] kasan_report+0xdc/0x128 [ 33.501790] kasan_check_range+0x100/0x1a8 [ 33.501838] __kasan_check_write+0x20/0x30 [ 33.501886] kasan_atomics_helper+0x147c/0x4858 [ 33.501938] kasan_atomics+0x198/0x2e0 [ 33.501987] kunit_try_run_case+0x170/0x3f0 [ 33.502035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.502090] kthread+0x328/0x630 [ 33.502133] ret_from_fork+0x10/0x20 [ 33.502180] [ 33.502202] Allocated by task 296: [ 33.502232] kasan_save_stack+0x3c/0x68 [ 33.502271] kasan_save_track+0x20/0x40 [ 33.502309] kasan_save_alloc_info+0x40/0x58 [ 33.502350] __kasan_kmalloc+0xd4/0xd8 [ 33.502395] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.502438] kasan_atomics+0xb8/0x2e0 [ 33.502477] kunit_try_run_case+0x170/0x3f0 [ 33.502529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.502575] kthread+0x328/0x630 [ 33.502610] ret_from_fork+0x10/0x20 [ 33.502648] [ 33.502669] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.502669] which belongs to the cache kmalloc-64 of size 64 [ 33.502730] The buggy address is located 0 bytes to the right of [ 33.502730] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.502797] [ 33.502820] The buggy address belongs to the physical page: [ 33.502854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.502904] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.502954] page_type: f5(slab) [ 33.502991] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.503045] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.503088] page dumped because: kasan: bad access detected [ 33.503122] [ 33.503142] Memory state around the buggy address: [ 33.503176] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.503221] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.503266] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.503307] ^ [ 33.503342] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.503387] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.503428] ================================================================== [ 33.401627] ================================================================== [ 33.401678] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 33.401884] Write of size 4 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.401958] [ 33.402008] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.402154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.402212] Hardware name: linux,dummy-virt (DT) [ 33.402246] Call trace: [ 33.402298] show_stack+0x20/0x38 (C) [ 33.402372] dump_stack_lvl+0x8c/0xd0 [ 33.402422] print_report+0x118/0x5d0 [ 33.402469] kasan_report+0xdc/0x128 [ 33.402552] kasan_check_range+0x100/0x1a8 [ 33.402778] __kasan_check_write+0x20/0x30 [ 33.402851] kasan_atomics_helper+0xd3c/0x4858 [ 33.402910] kasan_atomics+0x198/0x2e0 [ 33.402960] kunit_try_run_case+0x170/0x3f0 [ 33.403009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.403064] kthread+0x328/0x630 [ 33.403105] ret_from_fork+0x10/0x20 [ 33.403155] [ 33.403175] Allocated by task 296: [ 33.403205] kasan_save_stack+0x3c/0x68 [ 33.403246] kasan_save_track+0x20/0x40 [ 33.403286] kasan_save_alloc_info+0x40/0x58 [ 33.403328] __kasan_kmalloc+0xd4/0xd8 [ 33.403368] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.403422] kasan_atomics+0xb8/0x2e0 [ 33.403462] kunit_try_run_case+0x170/0x3f0 [ 33.403522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.403570] kthread+0x328/0x630 [ 33.403605] ret_from_fork+0x10/0x20 [ 33.403644] [ 33.403665] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.403665] which belongs to the cache kmalloc-64 of size 64 [ 33.403910] The buggy address is located 0 bytes to the right of [ 33.403910] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.404161] [ 33.404196] The buggy address belongs to the physical page: [ 33.404229] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.404403] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.406008] page_type: f5(slab) [ 33.406063] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.406117] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.406161] page dumped because: kasan: bad access detected [ 33.406197] [ 33.406217] Memory state around the buggy address: [ 33.406253] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.406300] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.406346] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.406393] ^ [ 33.406429] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.406474] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.406527] ================================================================== [ 33.406935] ================================================================== [ 33.406985] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 33.407037] Read of size 4 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.407091] [ 33.407122] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.407208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.407237] Hardware name: linux,dummy-virt (DT) [ 33.407272] Call trace: [ 33.407295] show_stack+0x20/0x38 (C) [ 33.407345] dump_stack_lvl+0x8c/0xd0 [ 33.407395] print_report+0x118/0x5d0 [ 33.407441] kasan_report+0xdc/0x128 [ 33.407487] __asan_report_load4_noabort+0x20/0x30 [ 33.407556] kasan_atomics_helper+0x3e04/0x4858 [ 33.407608] kasan_atomics+0x198/0x2e0 [ 33.407658] kunit_try_run_case+0x170/0x3f0 [ 33.407708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.407763] kthread+0x328/0x630 [ 33.407807] ret_from_fork+0x10/0x20 [ 33.407855] [ 33.407893] Allocated by task 296: [ 33.407925] kasan_save_stack+0x3c/0x68 [ 33.407965] kasan_save_track+0x20/0x40 [ 33.408014] kasan_save_alloc_info+0x40/0x58 [ 33.408062] __kasan_kmalloc+0xd4/0xd8 [ 33.408103] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.408149] kasan_atomics+0xb8/0x2e0 [ 33.408188] kunit_try_run_case+0x170/0x3f0 [ 33.408228] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.408280] kthread+0x328/0x630 [ 33.408320] ret_from_fork+0x10/0x20 [ 33.408359] [ 33.408380] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.408380] which belongs to the cache kmalloc-64 of size 64 [ 33.408441] The buggy address is located 0 bytes to the right of [ 33.408441] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.408526] [ 33.408553] The buggy address belongs to the physical page: [ 33.408595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.408650] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.408701] page_type: f5(slab) [ 33.408741] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.408802] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.408846] page dumped because: kasan: bad access detected [ 33.408880] [ 33.408908] Memory state around the buggy address: [ 33.408951] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.408997] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.409043] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.409083] ^ [ 33.409118] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.409164] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.409205] ================================================================== [ 33.364777] ================================================================== [ 33.364879] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 33.364931] Write of size 4 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.364983] [ 33.365012] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.365101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.365277] Hardware name: linux,dummy-virt (DT) [ 33.365529] kasan_report+0xdc/0x128 [ 33.365933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.366585] __kasan_kmalloc+0xd4/0xd8 [ 33.366966] The buggy address is located 0 bytes to the right of [ 33.366966] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.367033] [ 33.367069] The buggy address belongs to the physical page: [ 33.367103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.367157] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.367209] page_type: f5(slab) [ 33.367248] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.367311] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.367369] page dumped because: kasan: bad access detected [ 33.367402] [ 33.367424] Memory state around the buggy address: [ 33.367468] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.367525] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.367576] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.367617] ^ [ 33.367652] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.367697] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.367740] ================================================================== [ 33.421087] ================================================================== [ 33.421170] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 33.421221] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.421311] [ 33.421370] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.421487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.421529] Hardware name: linux,dummy-virt (DT) [ 33.421561] Call trace: [ 33.421586] show_stack+0x20/0x38 (C) [ 33.421675] dump_stack_lvl+0x8c/0xd0 [ 33.421724] print_report+0x118/0x5d0 [ 33.421771] kasan_report+0xdc/0x128 [ 33.421816] kasan_check_range+0x100/0x1a8 [ 33.421864] __kasan_check_write+0x20/0x30 [ 33.422018] kasan_atomics_helper+0xe44/0x4858 [ 33.422150] kasan_atomics+0x198/0x2e0 [ 33.422203] kunit_try_run_case+0x170/0x3f0 [ 33.422269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.422337] kthread+0x328/0x630 [ 33.422411] ret_from_fork+0x10/0x20 [ 33.422691] [ 33.422753] Allocated by task 296: [ 33.422787] kasan_save_stack+0x3c/0x68 [ 33.422832] kasan_save_track+0x20/0x40 [ 33.422891] kasan_save_alloc_info+0x40/0x58 [ 33.423012] __kasan_kmalloc+0xd4/0xd8 [ 33.423055] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.423098] kasan_atomics+0xb8/0x2e0 [ 33.423151] kunit_try_run_case+0x170/0x3f0 [ 33.423192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.423238] kthread+0x328/0x630 [ 33.423445] ret_from_fork+0x10/0x20 [ 33.423498] [ 33.423607] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.423607] which belongs to the cache kmalloc-64 of size 64 [ 33.423727] The buggy address is located 0 bytes to the right of [ 33.423727] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.423943] [ 33.424071] The buggy address belongs to the physical page: [ 33.424106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.424201] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.424324] page_type: f5(slab) [ 33.424383] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.424437] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.424481] page dumped because: kasan: bad access detected [ 33.424699] [ 33.424842] Memory state around the buggy address: [ 33.424946] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.425012] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.425103] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.425402] ^ [ 33.425481] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.425663] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.425759] ================================================================== [ 33.551760] ================================================================== [ 33.551844] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 33.551949] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.552049] [ 33.552436] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.552600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.552659] Hardware name: linux,dummy-virt (DT) [ 33.552816] Call trace: [ 33.552904] show_stack+0x20/0x38 (C) [ 33.553083] dump_stack_lvl+0x8c/0xd0 [ 33.553189] print_report+0x118/0x5d0 [ 33.553344] kasan_report+0xdc/0x128 [ 33.553442] kasan_check_range+0x100/0x1a8 [ 33.553488] __kasan_check_write+0x20/0x30 [ 33.553559] kasan_atomics_helper+0x17ec/0x4858 [ 33.553609] kasan_atomics+0x198/0x2e0 [ 33.553656] kunit_try_run_case+0x170/0x3f0 [ 33.553704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.554112] kthread+0x328/0x630 [ 33.554220] ret_from_fork+0x10/0x20 [ 33.554297] [ 33.554382] Allocated by task 296: [ 33.554554] kasan_save_stack+0x3c/0x68 [ 33.554639] kasan_save_track+0x20/0x40 [ 33.554974] kasan_save_alloc_info+0x40/0x58 [ 33.555058] __kasan_kmalloc+0xd4/0xd8 [ 33.555188] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.555256] kasan_atomics+0xb8/0x2e0 [ 33.555328] kunit_try_run_case+0x170/0x3f0 [ 33.555368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.555415] kthread+0x328/0x630 [ 33.555595] ret_from_fork+0x10/0x20 [ 33.555751] [ 33.555879] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.555879] which belongs to the cache kmalloc-64 of size 64 [ 33.556021] The buggy address is located 0 bytes to the right of [ 33.556021] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.556170] [ 33.556385] The buggy address belongs to the physical page: [ 33.556478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.556685] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.556803] page_type: f5(slab) [ 33.556865] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.556919] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.557109] page dumped because: kasan: bad access detected [ 33.557145] [ 33.557166] Memory state around the buggy address: [ 33.557201] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.557404] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.557559] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.557629] ^ [ 33.557666] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.557748] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.557854] ================================================================== [ 33.512665] ================================================================== [ 33.512754] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 33.512810] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.512863] [ 33.512923] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.513035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.513073] Hardware name: linux,dummy-virt (DT) [ 33.513122] Call trace: [ 33.513148] show_stack+0x20/0x38 (C) [ 33.513196] dump_stack_lvl+0x8c/0xd0 [ 33.513245] print_report+0x118/0x5d0 [ 33.513289] kasan_report+0xdc/0x128 [ 33.513333] kasan_check_range+0x100/0x1a8 [ 33.513381] __kasan_check_write+0x20/0x30 [ 33.513429] kasan_atomics_helper+0x15b4/0x4858 [ 33.513651] kasan_atomics+0x198/0x2e0 [ 33.513738] kunit_try_run_case+0x170/0x3f0 [ 33.513791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.513863] kthread+0x328/0x630 [ 33.513935] ret_from_fork+0x10/0x20 [ 33.514067] [ 33.514220] Allocated by task 296: [ 33.514277] kasan_save_stack+0x3c/0x68 [ 33.514320] kasan_save_track+0x20/0x40 [ 33.514382] kasan_save_alloc_info+0x40/0x58 [ 33.514425] __kasan_kmalloc+0xd4/0xd8 [ 33.514467] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.514522] kasan_atomics+0xb8/0x2e0 [ 33.514563] kunit_try_run_case+0x170/0x3f0 [ 33.514604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.514755] kthread+0x328/0x630 [ 33.514802] ret_from_fork+0x10/0x20 [ 33.514840] [ 33.514880] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.514880] which belongs to the cache kmalloc-64 of size 64 [ 33.514974] The buggy address is located 0 bytes to the right of [ 33.514974] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.515044] [ 33.515072] The buggy address belongs to the physical page: [ 33.515106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.515158] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.515305] page_type: f5(slab) [ 33.515350] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.515404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.515448] page dumped because: kasan: bad access detected [ 33.515494] [ 33.515527] Memory state around the buggy address: [ 33.515562] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.515607] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.515662] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.515704] ^ [ 33.515741] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.515814] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.515857] ================================================================== [ 33.457597] ================================================================== [ 33.457651] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 33.457701] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.457753] [ 33.457821] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.457922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.457951] Hardware name: linux,dummy-virt (DT) [ 33.457983] Call trace: [ 33.458014] show_stack+0x20/0x38 (C) [ 33.458181] dump_stack_lvl+0x8c/0xd0 [ 33.458234] print_report+0x118/0x5d0 [ 33.458344] kasan_report+0xdc/0x128 [ 33.458455] kasan_check_range+0x100/0x1a8 [ 33.458545] __kasan_check_write+0x20/0x30 [ 33.458632] kasan_atomics_helper+0x10c0/0x4858 [ 33.458686] kasan_atomics+0x198/0x2e0 [ 33.458752] kunit_try_run_case+0x170/0x3f0 [ 33.458827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.458981] kthread+0x328/0x630 [ 33.459027] ret_from_fork+0x10/0x20 [ 33.459074] [ 33.459200] Allocated by task 296: [ 33.459286] kasan_save_stack+0x3c/0x68 [ 33.459361] kasan_save_track+0x20/0x40 [ 33.459419] kasan_save_alloc_info+0x40/0x58 [ 33.459477] __kasan_kmalloc+0xd4/0xd8 [ 33.459527] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.459570] kasan_atomics+0xb8/0x2e0 [ 33.459675] kunit_try_run_case+0x170/0x3f0 [ 33.459804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.459947] kthread+0x328/0x630 [ 33.460001] ret_from_fork+0x10/0x20 [ 33.460136] [ 33.460186] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.460186] which belongs to the cache kmalloc-64 of size 64 [ 33.460318] The buggy address is located 0 bytes to the right of [ 33.460318] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.460434] [ 33.460535] The buggy address belongs to the physical page: [ 33.460619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.460713] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.460799] page_type: f5(slab) [ 33.460900] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.460953] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.461022] page dumped because: kasan: bad access detected [ 33.461057] [ 33.461077] Memory state around the buggy address: [ 33.461111] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.461157] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.461202] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.461477] ^ [ 33.461525] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.461608] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.461736] ================================================================== [ 33.453395] ================================================================== [ 33.453446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 33.453496] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.453562] [ 33.453592] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.453679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.453708] Hardware name: linux,dummy-virt (DT) [ 33.453782] Call trace: [ 33.453936] show_stack+0x20/0x38 (C) [ 33.454011] dump_stack_lvl+0x8c/0xd0 [ 33.454064] print_report+0x118/0x5d0 [ 33.454116] kasan_report+0xdc/0x128 [ 33.454161] kasan_check_range+0x100/0x1a8 [ 33.454225] __kasan_check_write+0x20/0x30 [ 33.454274] kasan_atomics_helper+0x1058/0x4858 [ 33.454326] kasan_atomics+0x198/0x2e0 [ 33.454543] kunit_try_run_case+0x170/0x3f0 [ 33.454609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.454687] kthread+0x328/0x630 [ 33.454732] ret_from_fork+0x10/0x20 [ 33.454807] [ 33.454866] Allocated by task 296: [ 33.454923] kasan_save_stack+0x3c/0x68 [ 33.454965] kasan_save_track+0x20/0x40 [ 33.455004] kasan_save_alloc_info+0x40/0x58 [ 33.455063] __kasan_kmalloc+0xd4/0xd8 [ 33.455119] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.455165] kasan_atomics+0xb8/0x2e0 [ 33.455223] kunit_try_run_case+0x170/0x3f0 [ 33.455270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.455317] kthread+0x328/0x630 [ 33.455352] ret_from_fork+0x10/0x20 [ 33.455389] [ 33.455411] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.455411] which belongs to the cache kmalloc-64 of size 64 [ 33.455495] The buggy address is located 0 bytes to the right of [ 33.455495] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.455690] [ 33.455739] The buggy address belongs to the physical page: [ 33.455855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.456038] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.456149] page_type: f5(slab) [ 33.456292] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.456486] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.456584] page dumped because: kasan: bad access detected [ 33.456668] [ 33.456762] Memory state around the buggy address: [ 33.456839] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.456888] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.456964] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.457006] ^ [ 33.457066] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.457114] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.457155] ================================================================== [ 33.341828] ================================================================== [ 33.341899] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 33.341952] Read of size 4 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.342005] [ 33.342035] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.342883] kasan_save_stack+0x3c/0x68 [ 33.343530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.345440] Write of size 4 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.346744] kasan_save_track+0x20/0x40 [ 33.346811] kasan_save_alloc_info+0x40/0x58 [ 33.346858] __kasan_kmalloc+0xd4/0xd8 [ 33.346945] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.346989] kasan_atomics+0xb8/0x2e0 [ 33.347045] kunit_try_run_case+0x170/0x3f0 [ 33.347141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.347186] kthread+0x328/0x630 [ 33.347220] ret_from_fork+0x10/0x20 [ 33.347336] [ 33.347384] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.347384] which belongs to the cache kmalloc-64 of size 64 [ 33.347447] The buggy address is located 0 bytes to the right of [ 33.347447] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.347758] [ 33.347798] The buggy address belongs to the physical page: [ 33.347889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.347978] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.348167] page_type: f5(slab) [ 33.348244] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.348441] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.348487] page dumped because: kasan: bad access detected [ 33.348561] [ 33.348582] Memory state around the buggy address: [ 33.348861] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.348990] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.349057] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.349355] ^ [ 33.349440] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.349566] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.349676] ================================================================== [ 33.397061] ================================================================== [ 33.397314] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 33.397386] Read of size 4 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.397455] [ 33.397542] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.397707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.397814] Hardware name: linux,dummy-virt (DT) [ 33.397854] Call trace: [ 33.397877] show_stack+0x20/0x38 (C) [ 33.397931] dump_stack_lvl+0x8c/0xd0 [ 33.398007] print_report+0x118/0x5d0 [ 33.398092] kasan_report+0xdc/0x128 [ 33.398157] __asan_report_load4_noabort+0x20/0x30 [ 33.398236] kasan_atomics_helper+0x3dd8/0x4858 [ 33.398289] kasan_atomics+0x198/0x2e0 [ 33.398376] kunit_try_run_case+0x170/0x3f0 [ 33.398433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.398517] kthread+0x328/0x630 [ 33.398589] ret_from_fork+0x10/0x20 [ 33.398639] [ 33.398659] Allocated by task 296: [ 33.398690] kasan_save_stack+0x3c/0x68 [ 33.398731] kasan_save_track+0x20/0x40 [ 33.398798] kasan_save_alloc_info+0x40/0x58 [ 33.398938] __kasan_kmalloc+0xd4/0xd8 [ 33.398983] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.399110] kasan_atomics+0xb8/0x2e0 [ 33.399206] kunit_try_run_case+0x170/0x3f0 [ 33.399254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.399349] kthread+0x328/0x630 [ 33.399422] ret_from_fork+0x10/0x20 [ 33.399628] [ 33.399659] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.399659] which belongs to the cache kmalloc-64 of size 64 [ 33.399723] The buggy address is located 0 bytes to the right of [ 33.399723] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.399804] [ 33.399845] The buggy address belongs to the physical page: [ 33.399879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.399960] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.400013] page_type: f5(slab) [ 33.400051] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.400105] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.400148] page dumped because: kasan: bad access detected [ 33.400305] [ 33.400405] Memory state around the buggy address: [ 33.400522] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.400588] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.400653] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.400840] ^ [ 33.400892] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.400941] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.401162] ================================================================== [ 33.426719] ================================================================== [ 33.426771] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 33.426937] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.427002] [ 33.427061] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.427197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.427426] Hardware name: linux,dummy-virt (DT) [ 33.427484] Call trace: [ 33.427575] show_stack+0x20/0x38 (C) [ 33.427628] dump_stack_lvl+0x8c/0xd0 [ 33.427695] print_report+0x118/0x5d0 [ 33.427792] kasan_report+0xdc/0x128 [ 33.427887] __asan_report_store8_noabort+0x20/0x30 [ 33.428040] kasan_atomics_helper+0x3e5c/0x4858 [ 33.428137] kasan_atomics+0x198/0x2e0 [ 33.428187] kunit_try_run_case+0x170/0x3f0 [ 33.428270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.428325] kthread+0x328/0x630 [ 33.428592] ret_from_fork+0x10/0x20 [ 33.428648] [ 33.428671] Allocated by task 296: [ 33.428701] kasan_save_stack+0x3c/0x68 [ 33.428741] kasan_save_track+0x20/0x40 [ 33.428780] kasan_save_alloc_info+0x40/0x58 [ 33.428821] __kasan_kmalloc+0xd4/0xd8 [ 33.428946] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.429032] kasan_atomics+0xb8/0x2e0 [ 33.429140] kunit_try_run_case+0x170/0x3f0 [ 33.429248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.429460] kthread+0x328/0x630 [ 33.429600] ret_from_fork+0x10/0x20 [ 33.429647] [ 33.429688] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.429688] which belongs to the cache kmalloc-64 of size 64 [ 33.429774] The buggy address is located 0 bytes to the right of [ 33.429774] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.429843] [ 33.429864] The buggy address belongs to the physical page: [ 33.429897] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.429949] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.430000] page_type: f5(slab) [ 33.430102] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.430291] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.430349] page dumped because: kasan: bad access detected [ 33.430417] [ 33.430488] Memory state around the buggy address: [ 33.430540] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.430587] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.430833] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.430923] ^ [ 33.431075] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.431172] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.431214] ================================================================== [ 33.416421] ================================================================== [ 33.416619] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 33.416685] Read of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.416762] [ 33.416810] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.416898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.416927] Hardware name: linux,dummy-virt (DT) [ 33.416961] Call trace: [ 33.416984] show_stack+0x20/0x38 (C) [ 33.417216] dump_stack_lvl+0x8c/0xd0 [ 33.417321] print_report+0x118/0x5d0 [ 33.417370] kasan_report+0xdc/0x128 [ 33.417416] __asan_report_load8_noabort+0x20/0x30 [ 33.417470] kasan_atomics_helper+0x3f58/0x4858 [ 33.417566] kasan_atomics+0x198/0x2e0 [ 33.417643] kunit_try_run_case+0x170/0x3f0 [ 33.417710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.417767] kthread+0x328/0x630 [ 33.417812] ret_from_fork+0x10/0x20 [ 33.417878] [ 33.417907] Allocated by task 296: [ 33.417939] kasan_save_stack+0x3c/0x68 [ 33.417980] kasan_save_track+0x20/0x40 [ 33.418018] kasan_save_alloc_info+0x40/0x58 [ 33.418059] __kasan_kmalloc+0xd4/0xd8 [ 33.418108] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.418152] kasan_atomics+0xb8/0x2e0 [ 33.418192] kunit_try_run_case+0x170/0x3f0 [ 33.418441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.418545] kthread+0x328/0x630 [ 33.418644] ret_from_fork+0x10/0x20 [ 33.418720] [ 33.418749] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.418749] which belongs to the cache kmalloc-64 of size 64 [ 33.418919] The buggy address is located 0 bytes to the right of [ 33.418919] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.418989] [ 33.419010] The buggy address belongs to the physical page: [ 33.419122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.419184] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.419304] page_type: f5(slab) [ 33.419369] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.419424] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.419467] page dumped because: kasan: bad access detected [ 33.419691] [ 33.419721] Memory state around the buggy address: [ 33.419759] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.419997] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.420094] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.420154] ^ [ 33.420190] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.420454] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.420598] ================================================================== [ 33.516742] ================================================================== [ 33.516924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 33.516983] Read of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.517036] [ 33.517073] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.517159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.517189] Hardware name: linux,dummy-virt (DT) [ 33.517221] Call trace: [ 33.517245] show_stack+0x20/0x38 (C) [ 33.517321] dump_stack_lvl+0x8c/0xd0 [ 33.517395] print_report+0x118/0x5d0 [ 33.517441] kasan_report+0xdc/0x128 [ 33.517485] __asan_report_load8_noabort+0x20/0x30 [ 33.517550] kasan_atomics_helper+0x3db0/0x4858 [ 33.517602] kasan_atomics+0x198/0x2e0 [ 33.517760] kunit_try_run_case+0x170/0x3f0 [ 33.517826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.518099] kthread+0x328/0x630 [ 33.518190] ret_from_fork+0x10/0x20 [ 33.518242] [ 33.518262] Allocated by task 296: [ 33.518334] kasan_save_stack+0x3c/0x68 [ 33.518389] kasan_save_track+0x20/0x40 [ 33.518446] kasan_save_alloc_info+0x40/0x58 [ 33.518555] __kasan_kmalloc+0xd4/0xd8 [ 33.518614] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.518659] kasan_atomics+0xb8/0x2e0 [ 33.518699] kunit_try_run_case+0x170/0x3f0 [ 33.518849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.518936] kthread+0x328/0x630 [ 33.519042] ret_from_fork+0x10/0x20 [ 33.519086] [ 33.519126] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.519126] which belongs to the cache kmalloc-64 of size 64 [ 33.519222] The buggy address is located 0 bytes to the right of [ 33.519222] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.519292] [ 33.519320] The buggy address belongs to the physical page: [ 33.519354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.519571] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.519629] page_type: f5(slab) [ 33.519668] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.519722] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.519778] page dumped because: kasan: bad access detected [ 33.519812] [ 33.519832] Memory state around the buggy address: [ 33.520248] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.520300] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.520347] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.520389] ^ [ 33.520426] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.520472] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.520531] ================================================================== [ 33.523633] ================================================================== [ 33.523673] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 33.523718] Read of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.523769] [ 33.523797] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.523882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.523910] Hardware name: linux,dummy-virt (DT) [ 33.523943] Call trace: [ 33.523965] show_stack+0x20/0x38 (C) [ 33.524013] dump_stack_lvl+0x8c/0xd0 [ 33.524060] print_report+0x118/0x5d0 [ 33.524125] kasan_report+0xdc/0x128 [ 33.524171] __asan_report_load8_noabort+0x20/0x30 [ 33.524221] kasan_atomics_helper+0x3df4/0x4858 [ 33.524284] kasan_atomics+0x198/0x2e0 [ 33.524341] kunit_try_run_case+0x170/0x3f0 [ 33.524390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.524446] kthread+0x328/0x630 [ 33.524489] ret_from_fork+0x10/0x20 [ 33.524550] [ 33.524569] Allocated by task 296: [ 33.524599] kasan_save_stack+0x3c/0x68 [ 33.524638] kasan_save_track+0x20/0x40 [ 33.524676] kasan_save_alloc_info+0x40/0x58 [ 33.524717] __kasan_kmalloc+0xd4/0xd8 [ 33.524757] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.524800] kasan_atomics+0xb8/0x2e0 [ 33.524838] kunit_try_run_case+0x170/0x3f0 [ 33.524890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.524937] kthread+0x328/0x630 [ 33.524973] ret_from_fork+0x10/0x20 [ 33.525011] [ 33.525032] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.525032] which belongs to the cache kmalloc-64 of size 64 [ 33.525093] The buggy address is located 0 bytes to the right of [ 33.525093] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.525161] [ 33.525183] The buggy address belongs to the physical page: [ 33.525215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.525270] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.525317] page_type: f5(slab) [ 33.525354] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.525407] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.525452] page dumped because: kasan: bad access detected [ 33.525485] [ 33.525516] Memory state around the buggy address: [ 33.525550] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.525596] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.525642] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.525683] ^ [ 33.525718] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.525764] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.525865] ================================================================== [ 33.467598] ================================================================== [ 33.467693] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 33.467748] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.467832] [ 33.467868] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.467965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.467995] Hardware name: linux,dummy-virt (DT) [ 33.468027] Call trace: [ 33.468052] show_stack+0x20/0x38 (C) [ 33.468101] dump_stack_lvl+0x8c/0xd0 [ 33.468177] print_report+0x118/0x5d0 [ 33.468222] kasan_report+0xdc/0x128 [ 33.468268] kasan_check_range+0x100/0x1a8 [ 33.468315] __kasan_check_write+0x20/0x30 [ 33.468503] kasan_atomics_helper+0x1190/0x4858 [ 33.468629] kasan_atomics+0x198/0x2e0 [ 33.468808] kunit_try_run_case+0x170/0x3f0 [ 33.469012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.469170] kthread+0x328/0x630 [ 33.469251] ret_from_fork+0x10/0x20 [ 33.469312] [ 33.469340] Allocated by task 296: [ 33.469439] kasan_save_stack+0x3c/0x68 [ 33.469492] kasan_save_track+0x20/0x40 [ 33.469581] kasan_save_alloc_info+0x40/0x58 [ 33.469643] __kasan_kmalloc+0xd4/0xd8 [ 33.469683] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.469726] kasan_atomics+0xb8/0x2e0 [ 33.469766] kunit_try_run_case+0x170/0x3f0 [ 33.469806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.469973] kthread+0x328/0x630 [ 33.470066] ret_from_fork+0x10/0x20 [ 33.470209] [ 33.470268] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.470268] which belongs to the cache kmalloc-64 of size 64 [ 33.470564] The buggy address is located 0 bytes to the right of [ 33.470564] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.470730] [ 33.470763] The buggy address belongs to the physical page: [ 33.470844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.470959] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.471071] page_type: f5(slab) [ 33.471125] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.471177] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.471222] page dumped because: kasan: bad access detected [ 33.471255] [ 33.471286] Memory state around the buggy address: [ 33.471329] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.471377] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.471431] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.471473] ^ [ 33.471528] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.471574] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.471616] ================================================================== [ 33.442417] ================================================================== [ 33.442490] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 33.442591] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.442644] [ 33.442675] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.442790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.443073] Hardware name: linux,dummy-virt (DT) [ 33.443116] Call trace: [ 33.443142] show_stack+0x20/0x38 (C) [ 33.443272] dump_stack_lvl+0x8c/0xd0 [ 33.443564] print_report+0x118/0x5d0 [ 33.443625] kasan_report+0xdc/0x128 [ 33.443673] kasan_check_range+0x100/0x1a8 [ 33.443747] __kasan_check_write+0x20/0x30 [ 33.444294] kasan_atomics_helper+0xf88/0x4858 [ 33.444386] kasan_atomics+0x198/0x2e0 [ 33.444537] kunit_try_run_case+0x170/0x3f0 [ 33.444661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.444809] kthread+0x328/0x630 [ 33.444921] ret_from_fork+0x10/0x20 [ 33.445008] [ 33.445029] Allocated by task 296: [ 33.445081] kasan_save_stack+0x3c/0x68 [ 33.445125] kasan_save_track+0x20/0x40 [ 33.445163] kasan_save_alloc_info+0x40/0x58 [ 33.445204] __kasan_kmalloc+0xd4/0xd8 [ 33.445245] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.445290] kasan_atomics+0xb8/0x2e0 [ 33.445332] kunit_try_run_case+0x170/0x3f0 [ 33.445540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.445925] kthread+0x328/0x630 [ 33.446120] ret_from_fork+0x10/0x20 [ 33.446169] [ 33.446191] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.446191] which belongs to the cache kmalloc-64 of size 64 [ 33.446384] The buggy address is located 0 bytes to the right of [ 33.446384] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.446595] [ 33.446668] The buggy address belongs to the physical page: [ 33.446706] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.446768] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.446817] page_type: f5(slab) [ 33.446999] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.447094] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.447188] page dumped because: kasan: bad access detected [ 33.447252] [ 33.447275] Memory state around the buggy address: [ 33.447309] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.447534] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.447717] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.447818] ^ [ 33.447886] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.448170] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.448232] ================================================================== [ 33.537427] ================================================================== [ 33.537480] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 33.537577] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.537631] [ 33.537733] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.537849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.537923] Hardware name: linux,dummy-virt (DT) [ 33.537974] Call trace: [ 33.537998] show_stack+0x20/0x38 (C) [ 33.538047] dump_stack_lvl+0x8c/0xd0 [ 33.538130] print_report+0x118/0x5d0 [ 33.538262] kasan_report+0xdc/0x128 [ 33.538463] kasan_check_range+0x100/0x1a8 [ 33.540730] __kasan_check_write+0x20/0x30 [ 33.541084] kasan_atomics_helper+0x175c/0x4858 [ 33.541151] kasan_atomics+0x198/0x2e0 [ 33.542786] kunit_try_run_case+0x170/0x3f0 [ 33.542851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.543305] kthread+0x328/0x630 [ 33.543385] ret_from_fork+0x10/0x20 [ 33.543447] [ 33.543471] Allocated by task 296: [ 33.543544] kasan_save_stack+0x3c/0x68 [ 33.543602] kasan_save_track+0x20/0x40 [ 33.543650] kasan_save_alloc_info+0x40/0x58 [ 33.543692] __kasan_kmalloc+0xd4/0xd8 [ 33.543743] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.543792] kasan_atomics+0xb8/0x2e0 [ 33.543833] kunit_try_run_case+0x170/0x3f0 [ 33.543890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.543938] kthread+0x328/0x630 [ 33.543973] ret_from_fork+0x10/0x20 [ 33.544021] [ 33.544044] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.544044] which belongs to the cache kmalloc-64 of size 64 [ 33.544106] The buggy address is located 0 bytes to the right of [ 33.544106] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.544182] [ 33.544213] The buggy address belongs to the physical page: [ 33.544247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.544313] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.544364] page_type: f5(slab) [ 33.544411] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.544473] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.544541] page dumped because: kasan: bad access detected [ 33.544576] [ 33.544597] Memory state around the buggy address: [ 33.544631] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.544676] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.544723] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.544764] ^ [ 33.544798] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.544844] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.544886] ================================================================== [ 33.476817] ================================================================== [ 33.476876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 33.476926] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.476979] [ 33.477019] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.477116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.477144] Hardware name: linux,dummy-virt (DT) [ 33.477190] Call trace: [ 33.477214] show_stack+0x20/0x38 (C) [ 33.477263] dump_stack_lvl+0x8c/0xd0 [ 33.477311] print_report+0x118/0x5d0 [ 33.477358] kasan_report+0xdc/0x128 [ 33.477410] kasan_check_range+0x100/0x1a8 [ 33.477465] __kasan_check_write+0x20/0x30 [ 33.477527] kasan_atomics_helper+0x126c/0x4858 [ 33.477579] kasan_atomics+0x198/0x2e0 [ 33.477628] kunit_try_run_case+0x170/0x3f0 [ 33.477681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.477737] kthread+0x328/0x630 [ 33.477781] ret_from_fork+0x10/0x20 [ 33.477830] [ 33.477850] Allocated by task 296: [ 33.477888] kasan_save_stack+0x3c/0x68 [ 33.477929] kasan_save_track+0x20/0x40 [ 33.477966] kasan_save_alloc_info+0x40/0x58 [ 33.478020] __kasan_kmalloc+0xd4/0xd8 [ 33.478060] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.478109] kasan_atomics+0xb8/0x2e0 [ 33.478157] kunit_try_run_case+0x170/0x3f0 [ 33.478206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.478254] kthread+0x328/0x630 [ 33.478289] ret_from_fork+0x10/0x20 [ 33.478327] [ 33.478349] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.478349] which belongs to the cache kmalloc-64 of size 64 [ 33.478420] The buggy address is located 0 bytes to the right of [ 33.478420] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.478489] [ 33.478520] The buggy address belongs to the physical page: [ 33.478554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.478608] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.478699] page_type: f5(slab) [ 33.478750] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.478800] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.478845] page dumped because: kasan: bad access detected [ 33.478877] [ 33.478897] Memory state around the buggy address: [ 33.478931] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.479356] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.479444] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.479490] ^ [ 33.479538] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.479794] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.479931] ================================================================== [ 33.431502] ================================================================== [ 33.431576] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 33.431627] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.431679] [ 33.431736] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.431825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.431913] Hardware name: linux,dummy-virt (DT) [ 33.431951] Call trace: [ 33.431974] show_stack+0x20/0x38 (C) [ 33.432023] dump_stack_lvl+0x8c/0xd0 [ 33.432070] print_report+0x118/0x5d0 [ 33.432176] kasan_report+0xdc/0x128 [ 33.432226] kasan_check_range+0x100/0x1a8 [ 33.432276] __kasan_check_write+0x20/0x30 [ 33.432325] kasan_atomics_helper+0xeb8/0x4858 [ 33.432377] kasan_atomics+0x198/0x2e0 [ 33.432425] kunit_try_run_case+0x170/0x3f0 [ 33.432621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.432705] kthread+0x328/0x630 [ 33.432777] ret_from_fork+0x10/0x20 [ 33.432847] [ 33.432869] Allocated by task 296: [ 33.432898] kasan_save_stack+0x3c/0x68 [ 33.432940] kasan_save_track+0x20/0x40 [ 33.433115] kasan_save_alloc_info+0x40/0x58 [ 33.433269] __kasan_kmalloc+0xd4/0xd8 [ 33.433365] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.433431] kasan_atomics+0xb8/0x2e0 [ 33.433472] kunit_try_run_case+0x170/0x3f0 [ 33.433525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.433572] kthread+0x328/0x630 [ 33.433614] ret_from_fork+0x10/0x20 [ 33.433674] [ 33.433703] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.433703] which belongs to the cache kmalloc-64 of size 64 [ 33.433789] The buggy address is located 0 bytes to the right of [ 33.433789] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.433871] [ 33.433897] The buggy address belongs to the physical page: [ 33.433952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.434003] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.434054] page_type: f5(slab) [ 33.434092] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.434155] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.434206] page dumped because: kasan: bad access detected [ 33.434251] [ 33.434287] Memory state around the buggy address: [ 33.434337] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.434395] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.434448] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.434901] ^ [ 33.434954] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.435030] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.435119] ================================================================== [ 33.521284] ================================================================== [ 33.521333] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 33.521383] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.521436] [ 33.521465] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.521566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.521594] Hardware name: linux,dummy-virt (DT) [ 33.521628] Call trace: [ 33.521651] show_stack+0x20/0x38 (C) [ 33.521699] dump_stack_lvl+0x8c/0xd0 [ 33.521746] print_report+0x118/0x5d0 [ 33.521793] kasan_report+0xdc/0x128 [ 33.521836] kasan_check_range+0x100/0x1a8 [ 33.521883] __kasan_check_write+0x20/0x30 [ 33.521931] kasan_atomics_helper+0x1644/0x4858 [ 33.521982] kasan_atomics+0x198/0x2e0 [ 33.522031] kunit_try_run_case+0x170/0x3f0 [ 33.522079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.522134] kthread+0x328/0x630 [ 33.522177] ret_from_fork+0x10/0x20 [ 33.522225] [ 33.522245] Allocated by task 296: [ 33.522274] kasan_save_stack+0x3c/0x68 [ 33.522314] kasan_save_track+0x20/0x40 [ 33.522350] kasan_save_alloc_info+0x40/0x58 [ 33.522397] __kasan_kmalloc+0xd4/0xd8 [ 33.522436] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.522479] kasan_atomics+0xb8/0x2e0 [ 33.522530] kunit_try_run_case+0x170/0x3f0 [ 33.522583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.522630] kthread+0x328/0x630 [ 33.522665] ret_from_fork+0x10/0x20 [ 33.522703] [ 33.522725] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.522725] which belongs to the cache kmalloc-64 of size 64 [ 33.522785] The buggy address is located 0 bytes to the right of [ 33.522785] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.522874] [ 33.522897] The buggy address belongs to the physical page: [ 33.522931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.522985] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.523043] page_type: f5(slab) [ 33.523080] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.523130] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.523175] page dumped because: kasan: bad access detected [ 33.523208] [ 33.523237] Memory state around the buggy address: [ 33.523280] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.523327] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.523382] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.523423] ^ [ 33.523467] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.523523] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.523564] ================================================================== [ 33.508549] ================================================================== [ 33.508604] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 33.508655] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.508708] [ 33.508740] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.509009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.509076] Hardware name: linux,dummy-virt (DT) [ 33.509114] Call trace: [ 33.509141] show_stack+0x20/0x38 (C) [ 33.509196] dump_stack_lvl+0x8c/0xd0 [ 33.509246] print_report+0x118/0x5d0 [ 33.509290] kasan_report+0xdc/0x128 [ 33.509430] kasan_check_range+0x100/0x1a8 [ 33.509567] __kasan_check_write+0x20/0x30 [ 33.509625] kasan_atomics_helper+0x154c/0x4858 [ 33.509678] kasan_atomics+0x198/0x2e0 [ 33.509743] kunit_try_run_case+0x170/0x3f0 [ 33.509843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.509955] kthread+0x328/0x630 [ 33.510000] ret_from_fork+0x10/0x20 [ 33.510075] [ 33.510098] Allocated by task 296: [ 33.510129] kasan_save_stack+0x3c/0x68 [ 33.510195] kasan_save_track+0x20/0x40 [ 33.510261] kasan_save_alloc_info+0x40/0x58 [ 33.510304] __kasan_kmalloc+0xd4/0xd8 [ 33.510345] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.510396] kasan_atomics+0xb8/0x2e0 [ 33.510451] kunit_try_run_case+0x170/0x3f0 [ 33.510494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.510706] kthread+0x328/0x630 [ 33.510783] ret_from_fork+0x10/0x20 [ 33.510829] [ 33.510876] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.510876] which belongs to the cache kmalloc-64 of size 64 [ 33.510966] The buggy address is located 0 bytes to the right of [ 33.510966] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.511038] [ 33.511062] The buggy address belongs to the physical page: [ 33.511120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.511173] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.511223] page_type: f5(slab) [ 33.511344] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.511416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.511460] page dumped because: kasan: bad access detected [ 33.511495] [ 33.511533] Memory state around the buggy address: [ 33.511596] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.511642] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.511688] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.511838] ^ [ 33.511996] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.512090] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.512169] ================================================================== [ 33.360308] ================================================================== [ 33.360377] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 33.360610] Write of size 4 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.360673] [ 33.360705] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.360882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.361012] Hardware name: linux,dummy-virt (DT) [ 33.361068] Call trace: [ 33.361094] show_stack+0x20/0x38 (C) [ 33.361144] dump_stack_lvl+0x8c/0xd0 [ 33.361220] print_report+0x118/0x5d0 [ 33.361285] kasan_report+0xdc/0x128 [ 33.361694] kasan_check_range+0x100/0x1a8 [ 33.361792] __kasan_check_write+0x20/0x30 [ 33.361843] kasan_atomics_helper+0xa6c/0x4858 [ 33.361903] kasan_atomics+0x198/0x2e0 [ 33.361969] kunit_try_run_case+0x170/0x3f0 [ 33.362022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.362097] kthread+0x328/0x630 [ 33.362140] ret_from_fork+0x10/0x20 [ 33.362196] [ 33.362250] Allocated by task 296: [ 33.362374] kasan_save_stack+0x3c/0x68 [ 33.362420] kasan_save_track+0x20/0x40 [ 33.362459] kasan_save_alloc_info+0x40/0x58 [ 33.362500] __kasan_kmalloc+0xd4/0xd8 [ 33.362628] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.362715] kasan_atomics+0xb8/0x2e0 [ 33.362761] kunit_try_run_case+0x170/0x3f0 [ 33.362829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.362875] kthread+0x328/0x630 [ 33.362910] ret_from_fork+0x10/0x20 [ 33.362971] [ 33.363005] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.363005] which belongs to the cache kmalloc-64 of size 64 [ 33.363068] The buggy address is located 0 bytes to the right of [ 33.363068] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.363201] [ 33.363223] The buggy address belongs to the physical page: [ 33.363257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.363345] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.363396] page_type: f5(slab) [ 33.363435] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.363497] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.363712] page dumped because: kasan: bad access detected [ 33.363757] [ 33.363777] Memory state around the buggy address: [ 33.363896] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.363952] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.364048] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.364106] ^ [ 33.364143] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.364277] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.364376] ================================================================== [ 33.472675] ================================================================== [ 33.472755] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 33.472808] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.472953] [ 33.473059] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.473170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.473218] Hardware name: linux,dummy-virt (DT) [ 33.473252] Call trace: [ 33.473309] show_stack+0x20/0x38 (C) [ 33.473362] dump_stack_lvl+0x8c/0xd0 [ 33.473437] print_report+0x118/0x5d0 [ 33.473487] kasan_report+0xdc/0x128 [ 33.473632] kasan_check_range+0x100/0x1a8 [ 33.473780] __kasan_check_write+0x20/0x30 [ 33.473848] kasan_atomics_helper+0x11f8/0x4858 [ 33.473901] kasan_atomics+0x198/0x2e0 [ 33.473966] kunit_try_run_case+0x170/0x3f0 [ 33.474021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.474095] kthread+0x328/0x630 [ 33.474159] ret_from_fork+0x10/0x20 [ 33.474245] [ 33.474293] Allocated by task 296: [ 33.474325] kasan_save_stack+0x3c/0x68 [ 33.474400] kasan_save_track+0x20/0x40 [ 33.474457] kasan_save_alloc_info+0x40/0x58 [ 33.474500] __kasan_kmalloc+0xd4/0xd8 [ 33.474550] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.474593] kasan_atomics+0xb8/0x2e0 [ 33.474633] kunit_try_run_case+0x170/0x3f0 [ 33.474762] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.474911] kthread+0x328/0x630 [ 33.474956] ret_from_fork+0x10/0x20 [ 33.475023] [ 33.475048] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.475048] which belongs to the cache kmalloc-64 of size 64 [ 33.475137] The buggy address is located 0 bytes to the right of [ 33.475137] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.475227] [ 33.475361] The buggy address belongs to the physical page: [ 33.475457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.475528] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.475643] page_type: f5(slab) [ 33.475718] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.475804] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.475869] page dumped because: kasan: bad access detected [ 33.475902] [ 33.475922] Memory state around the buggy address: [ 33.475958] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.476004] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.476081] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.476123] ^ [ 33.476272] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.476364] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.476504] ================================================================== [ 33.483852] ================================================================== [ 33.483969] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 33.484066] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.484223] [ 33.484406] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.484599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.484701] Hardware name: linux,dummy-virt (DT) [ 33.484807] Call trace: [ 33.484867] show_stack+0x20/0x38 (C) [ 33.484921] dump_stack_lvl+0x8c/0xd0 [ 33.484968] print_report+0x118/0x5d0 [ 33.485016] kasan_report+0xdc/0x128 [ 33.485059] kasan_check_range+0x100/0x1a8 [ 33.485148] __kasan_check_write+0x20/0x30 [ 33.485200] kasan_atomics_helper+0x1384/0x4858 [ 33.485413] kasan_atomics+0x198/0x2e0 [ 33.485504] kunit_try_run_case+0x170/0x3f0 [ 33.485605] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.485700] kthread+0x328/0x630 [ 33.485795] ret_from_fork+0x10/0x20 [ 33.486056] [ 33.486078] Allocated by task 296: [ 33.486173] kasan_save_stack+0x3c/0x68 [ 33.486245] kasan_save_track+0x20/0x40 [ 33.486284] kasan_save_alloc_info+0x40/0x58 [ 33.486395] __kasan_kmalloc+0xd4/0xd8 [ 33.486448] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.486536] kasan_atomics+0xb8/0x2e0 [ 33.486593] kunit_try_run_case+0x170/0x3f0 [ 33.486634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.486680] kthread+0x328/0x630 [ 33.486716] ret_from_fork+0x10/0x20 [ 33.486754] [ 33.486775] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.486775] which belongs to the cache kmalloc-64 of size 64 [ 33.486991] The buggy address is located 0 bytes to the right of [ 33.486991] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.487174] [ 33.487271] The buggy address belongs to the physical page: [ 33.487471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.487694] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.487834] page_type: f5(slab) [ 33.487923] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.487979] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.488023] page dumped because: kasan: bad access detected [ 33.488190] [ 33.488211] Memory state around the buggy address: [ 33.488367] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.488554] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.488689] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.488741] ^ [ 33.488778] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.488943] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.488988] ================================================================== [ 33.409369] ================================================================== [ 33.409413] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 33.409470] Read of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.410090] [ 33.410191] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.410328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.410482] Hardware name: linux,dummy-virt (DT) [ 33.410567] Call trace: [ 33.410700] show_stack+0x20/0x38 (C) [ 33.410843] dump_stack_lvl+0x8c/0xd0 [ 33.410912] print_report+0x118/0x5d0 [ 33.410968] kasan_report+0xdc/0x128 [ 33.411014] kasan_check_range+0x100/0x1a8 [ 33.411062] __kasan_check_read+0x20/0x30 [ 33.411110] kasan_atomics_helper+0xdd4/0x4858 [ 33.411160] kasan_atomics+0x198/0x2e0 [ 33.411404] kunit_try_run_case+0x170/0x3f0 [ 33.411476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.411592] kthread+0x328/0x630 [ 33.411768] ret_from_fork+0x10/0x20 [ 33.412057] [ 33.412176] Allocated by task 296: [ 33.412265] kasan_save_stack+0x3c/0x68 [ 33.412382] kasan_save_track+0x20/0x40 [ 33.412479] kasan_save_alloc_info+0x40/0x58 [ 33.412553] __kasan_kmalloc+0xd4/0xd8 [ 33.412809] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.412900] kasan_atomics+0xb8/0x2e0 [ 33.413040] kunit_try_run_case+0x170/0x3f0 [ 33.413154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.413313] kthread+0x328/0x630 [ 33.413428] ret_from_fork+0x10/0x20 [ 33.413693] [ 33.413786] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.413786] which belongs to the cache kmalloc-64 of size 64 [ 33.413936] The buggy address is located 0 bytes to the right of [ 33.413936] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.414025] [ 33.414048] The buggy address belongs to the physical page: [ 33.414081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.414334] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.414485] page_type: f5(slab) [ 33.414612] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.414710] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.415014] page dumped because: kasan: bad access detected [ 33.415115] [ 33.415175] Memory state around the buggy address: [ 33.415288] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.415404] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.415554] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.415668] ^ [ 33.415750] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.415804] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.415880] ================================================================== [ 33.462269] ================================================================== [ 33.462320] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 33.462421] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.462475] [ 33.462516] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.462633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.462711] Hardware name: linux,dummy-virt (DT) [ 33.462765] Call trace: [ 33.462835] show_stack+0x20/0x38 (C) [ 33.462911] dump_stack_lvl+0x8c/0xd0 [ 33.462962] print_report+0x118/0x5d0 [ 33.463008] kasan_report+0xdc/0x128 [ 33.463167] kasan_check_range+0x100/0x1a8 [ 33.463236] __kasan_check_write+0x20/0x30 [ 33.463305] kasan_atomics_helper+0x1128/0x4858 [ 33.463412] kasan_atomics+0x198/0x2e0 [ 33.463496] kunit_try_run_case+0x170/0x3f0 [ 33.463594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.463651] kthread+0x328/0x630 [ 33.463695] ret_from_fork+0x10/0x20 [ 33.463777] [ 33.463818] Allocated by task 296: [ 33.463954] kasan_save_stack+0x3c/0x68 [ 33.464038] kasan_save_track+0x20/0x40 [ 33.464078] kasan_save_alloc_info+0x40/0x58 [ 33.464213] __kasan_kmalloc+0xd4/0xd8 [ 33.464255] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.464299] kasan_atomics+0xb8/0x2e0 [ 33.464338] kunit_try_run_case+0x170/0x3f0 [ 33.464398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.464445] kthread+0x328/0x630 [ 33.464481] ret_from_fork+0x10/0x20 [ 33.464529] [ 33.464552] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.464552] which belongs to the cache kmalloc-64 of size 64 [ 33.464614] The buggy address is located 0 bytes to the right of [ 33.464614] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.464764] [ 33.464988] The buggy address belongs to the physical page: [ 33.465069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.465172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.465266] page_type: f5(slab) [ 33.465439] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.465630] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.465713] page dumped because: kasan: bad access detected [ 33.465839] [ 33.465940] Memory state around the buggy address: [ 33.466000] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.466046] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.466358] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.466456] ^ [ 33.466595] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.466682] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.466723] ================================================================== [ 33.436992] ================================================================== [ 33.437077] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 33.437186] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.437240] [ 33.437277] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.437366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.437414] Hardware name: linux,dummy-virt (DT) [ 33.437449] Call trace: [ 33.437489] show_stack+0x20/0x38 (C) [ 33.437577] dump_stack_lvl+0x8c/0xd0 [ 33.437626] print_report+0x118/0x5d0 [ 33.437672] kasan_report+0xdc/0x128 [ 33.437717] kasan_check_range+0x100/0x1a8 [ 33.437765] __kasan_check_write+0x20/0x30 [ 33.437814] kasan_atomics_helper+0xf20/0x4858 [ 33.438089] kasan_atomics+0x198/0x2e0 [ 33.438174] kunit_try_run_case+0x170/0x3f0 [ 33.438226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.438301] kthread+0x328/0x630 [ 33.438383] ret_from_fork+0x10/0x20 [ 33.438446] [ 33.438469] Allocated by task 296: [ 33.438499] kasan_save_stack+0x3c/0x68 [ 33.438552] kasan_save_track+0x20/0x40 [ 33.438736] kasan_save_alloc_info+0x40/0x58 [ 33.438785] __kasan_kmalloc+0xd4/0xd8 [ 33.438908] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.438954] kasan_atomics+0xb8/0x2e0 [ 33.439030] kunit_try_run_case+0x170/0x3f0 [ 33.439071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.439117] kthread+0x328/0x630 [ 33.439153] ret_from_fork+0x10/0x20 [ 33.439192] [ 33.439348] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.439348] which belongs to the cache kmalloc-64 of size 64 [ 33.439547] The buggy address is located 0 bytes to the right of [ 33.439547] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.439651] [ 33.439679] The buggy address belongs to the physical page: [ 33.439748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.439804] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.439986] page_type: f5(slab) [ 33.440109] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.440205] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.440283] page dumped because: kasan: bad access detected [ 33.440413] [ 33.440474] Memory state around the buggy address: [ 33.440599] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.440647] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.440692] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.440734] ^ [ 33.441029] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.441126] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.441286] ================================================================== [ 33.449473] ================================================================== [ 33.449574] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 33.449627] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.449680] [ 33.449711] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.449798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.449837] Hardware name: linux,dummy-virt (DT) [ 33.449869] Call trace: [ 33.449893] show_stack+0x20/0x38 (C) [ 33.449943] dump_stack_lvl+0x8c/0xd0 [ 33.449991] print_report+0x118/0x5d0 [ 33.450036] kasan_report+0xdc/0x128 [ 33.450082] kasan_check_range+0x100/0x1a8 [ 33.450141] __kasan_check_write+0x20/0x30 [ 33.450190] kasan_atomics_helper+0xff0/0x4858 [ 33.450250] kasan_atomics+0x198/0x2e0 [ 33.450299] kunit_try_run_case+0x170/0x3f0 [ 33.450352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.450415] kthread+0x328/0x630 [ 33.450468] ret_from_fork+0x10/0x20 [ 33.450528] [ 33.450549] Allocated by task 296: [ 33.450587] kasan_save_stack+0x3c/0x68 [ 33.450629] kasan_save_track+0x20/0x40 [ 33.450676] kasan_save_alloc_info+0x40/0x58 [ 33.450727] __kasan_kmalloc+0xd4/0xd8 [ 33.450772] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.450817] kasan_atomics+0xb8/0x2e0 [ 33.450865] kunit_try_run_case+0x170/0x3f0 [ 33.450907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.450953] kthread+0x328/0x630 [ 33.450988] ret_from_fork+0x10/0x20 [ 33.451026] [ 33.451055] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.451055] which belongs to the cache kmalloc-64 of size 64 [ 33.451116] The buggy address is located 0 bytes to the right of [ 33.451116] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.451193] [ 33.451220] The buggy address belongs to the physical page: [ 33.451256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.451308] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.451357] page_type: f5(slab) [ 33.451395] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.451449] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.451498] page dumped because: kasan: bad access detected [ 33.452073] [ 33.452109] Memory state around the buggy address: [ 33.452247] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.452464] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.452586] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.452685] ^ [ 33.452780] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.452876] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.452957] ================================================================== [ 33.480486] ================================================================== [ 33.480556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 33.480607] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.480673] [ 33.480714] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.480808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.480855] Hardware name: linux,dummy-virt (DT) [ 33.480890] Call trace: [ 33.480913] show_stack+0x20/0x38 (C) [ 33.480962] dump_stack_lvl+0x8c/0xd0 [ 33.481009] print_report+0x118/0x5d0 [ 33.481084] kasan_report+0xdc/0x128 [ 33.481205] kasan_check_range+0x100/0x1a8 [ 33.481299] __kasan_check_write+0x20/0x30 [ 33.481349] kasan_atomics_helper+0x12d8/0x4858 [ 33.481402] kasan_atomics+0x198/0x2e0 [ 33.481455] kunit_try_run_case+0x170/0x3f0 [ 33.481568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.481645] kthread+0x328/0x630 [ 33.481689] ret_from_fork+0x10/0x20 [ 33.481738] [ 33.481758] Allocated by task 296: [ 33.481789] kasan_save_stack+0x3c/0x68 [ 33.481856] kasan_save_track+0x20/0x40 [ 33.481970] kasan_save_alloc_info+0x40/0x58 [ 33.482035] __kasan_kmalloc+0xd4/0xd8 [ 33.482112] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.482158] kasan_atomics+0xb8/0x2e0 [ 33.482198] kunit_try_run_case+0x170/0x3f0 [ 33.482255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.482331] kthread+0x328/0x630 [ 33.482372] ret_from_fork+0x10/0x20 [ 33.482410] [ 33.482434] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.482434] which belongs to the cache kmalloc-64 of size 64 [ 33.482495] The buggy address is located 0 bytes to the right of [ 33.482495] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.482574] [ 33.482705] The buggy address belongs to the physical page: [ 33.482741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.482884] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.482958] page_type: f5(slab) [ 33.483005] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.483056] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.483102] page dumped because: kasan: bad access detected [ 33.483151] [ 33.483172] Memory state around the buggy address: [ 33.483206] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.483253] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.483298] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.483339] ^ [ 33.483375] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.483535] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.483616] ================================================================== [ 33.526401] ================================================================== [ 33.526453] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 33.526518] Write of size 8 at addr fff00000c9bb2fb0 by task kunit_try_catch/296 [ 33.526571] [ 33.526621] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT [ 33.526710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.526758] Hardware name: linux,dummy-virt (DT) [ 33.526831] Call trace: [ 33.526857] show_stack+0x20/0x38 (C) [ 33.526905] dump_stack_lvl+0x8c/0xd0 [ 33.526954] print_report+0x118/0x5d0 [ 33.526998] kasan_report+0xdc/0x128 [ 33.527044] kasan_check_range+0x100/0x1a8 [ 33.527091] __kasan_check_write+0x20/0x30 [ 33.527137] kasan_atomics_helper+0x16d0/0x4858 [ 33.527189] kasan_atomics+0x198/0x2e0 [ 33.527238] kunit_try_run_case+0x170/0x3f0 [ 33.527286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.527341] kthread+0x328/0x630 [ 33.527384] ret_from_fork+0x10/0x20 [ 33.527440] [ 33.527531] Allocated by task 296: [ 33.527579] kasan_save_stack+0x3c/0x68 [ 33.527621] kasan_save_track+0x20/0x40 [ 33.527660] kasan_save_alloc_info+0x40/0x58 [ 33.527727] __kasan_kmalloc+0xd4/0xd8 [ 33.527769] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.527821] kasan_atomics+0xb8/0x2e0 [ 33.527906] kunit_try_run_case+0x170/0x3f0 [ 33.528216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.528422] kthread+0x328/0x630 [ 33.528536] ret_from_fork+0x10/0x20 [ 33.528594] [ 33.528617] The buggy address belongs to the object at fff00000c9bb2f80 [ 33.528617] which belongs to the cache kmalloc-64 of size 64 [ 33.528680] The buggy address is located 0 bytes to the right of [ 33.528680] allocated 48-byte region [fff00000c9bb2f80, fff00000c9bb2fb0) [ 33.528746] [ 33.529015] The buggy address belongs to the physical page: [ 33.529118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bb2 [ 33.529285] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.529371] page_type: f5(slab) [ 33.529572] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.529767] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.529963] page dumped because: kasan: bad access detected [ 33.530038] [ 33.530136] Memory state around the buggy address: [ 33.530239] fff00000c9bb2e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.530407] fff00000c9bb2f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.530455] >fff00000c9bb2f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.530497] ^ [ 33.530814] fff00000c9bb3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.530875] fff00000c9bb3080: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 33.530999] ==================================================================
[ 26.986401] ================================================================== [ 26.987108] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 26.987773] Read of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.988529] [ 26.988732] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.988814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.988828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.988850] Call Trace: [ 26.988872] <TASK> [ 26.988889] dump_stack_lvl+0x73/0xb0 [ 26.988919] print_report+0xd1/0x610 [ 26.988942] ? __virt_addr_valid+0x1db/0x2d0 [ 26.988967] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.988989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.989016] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.989039] kasan_report+0x141/0x180 [ 26.989062] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.989105] __asan_report_load8_noabort+0x18/0x20 [ 26.989131] kasan_atomics_helper+0x4f98/0x5450 [ 26.989155] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.989178] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.989204] ? kasan_atomics+0x152/0x310 [ 26.989231] kasan_atomics+0x1dc/0x310 [ 26.989255] ? __pfx_kasan_atomics+0x10/0x10 [ 26.989279] ? __pfx_read_tsc+0x10/0x10 [ 26.989303] ? ktime_get_ts64+0x86/0x230 [ 26.989339] kunit_try_run_case+0x1a5/0x480 [ 26.989364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.989387] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.989411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.989435] ? __kthread_parkme+0x82/0x180 [ 26.989457] ? preempt_count_sub+0x50/0x80 [ 26.989481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.989506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.989533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.989560] kthread+0x337/0x6f0 [ 26.989581] ? trace_preempt_on+0x20/0xc0 [ 26.989623] ? __pfx_kthread+0x10/0x10 [ 26.989645] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.989667] ? calculate_sigpending+0x7b/0xa0 [ 26.989691] ? __pfx_kthread+0x10/0x10 [ 26.989714] ret_from_fork+0x116/0x1d0 [ 26.989734] ? __pfx_kthread+0x10/0x10 [ 26.989756] ret_from_fork_asm+0x1a/0x30 [ 26.989788] </TASK> [ 26.989799] [ 26.997159] Allocated by task 314: [ 26.997291] kasan_save_stack+0x45/0x70 [ 26.997503] kasan_save_track+0x18/0x40 [ 26.997694] kasan_save_alloc_info+0x3b/0x50 [ 26.998014] __kasan_kmalloc+0xb7/0xc0 [ 26.998204] __kmalloc_cache_noprof+0x189/0x420 [ 26.998363] kasan_atomics+0x95/0x310 [ 26.998486] kunit_try_run_case+0x1a5/0x480 [ 26.998623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.998836] kthread+0x337/0x6f0 [ 26.999036] ret_from_fork+0x116/0x1d0 [ 26.999347] ret_from_fork_asm+0x1a/0x30 [ 26.999541] [ 26.999627] The buggy address belongs to the object at ffff88810623b200 [ 26.999627] which belongs to the cache kmalloc-64 of size 64 [ 27.000084] The buggy address is located 0 bytes to the right of [ 27.000084] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 27.000745] [ 27.000870] The buggy address belongs to the physical page: [ 27.001136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 27.001509] flags: 0x200000000000000(node=0|zone=2) [ 27.001763] page_type: f5(slab) [ 27.001880] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.002096] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.002310] page dumped because: kasan: bad access detected [ 27.002509] [ 27.002595] Memory state around the buggy address: [ 27.002849] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.003171] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.003531] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.004004] ^ [ 27.004252] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.004509] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.004937] ================================================================== [ 27.067435] ================================================================== [ 27.067760] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 27.068193] Read of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 27.068429] [ 27.068511] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 27.068560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.068573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.068594] Call Trace: [ 27.068626] <TASK> [ 27.068641] dump_stack_lvl+0x73/0xb0 [ 27.068670] print_report+0xd1/0x610 [ 27.068694] ? __virt_addr_valid+0x1db/0x2d0 [ 27.068718] ? kasan_atomics_helper+0x4fa5/0x5450 [ 27.068741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.068768] ? kasan_atomics_helper+0x4fa5/0x5450 [ 27.068802] kasan_report+0x141/0x180 [ 27.068826] ? kasan_atomics_helper+0x4fa5/0x5450 [ 27.068853] __asan_report_load8_noabort+0x18/0x20 [ 27.068891] kasan_atomics_helper+0x4fa5/0x5450 [ 27.068915] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.068939] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.068964] ? kasan_atomics+0x152/0x310 [ 27.068991] kasan_atomics+0x1dc/0x310 [ 27.069015] ? __pfx_kasan_atomics+0x10/0x10 [ 27.069040] ? __pfx_read_tsc+0x10/0x10 [ 27.069063] ? ktime_get_ts64+0x86/0x230 [ 27.069089] kunit_try_run_case+0x1a5/0x480 [ 27.069114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.069138] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.069162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.069187] ? __kthread_parkme+0x82/0x180 [ 27.069219] ? preempt_count_sub+0x50/0x80 [ 27.069245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.069270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.069308] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.069346] kthread+0x337/0x6f0 [ 27.069367] ? trace_preempt_on+0x20/0xc0 [ 27.069402] ? __pfx_kthread+0x10/0x10 [ 27.069423] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.069446] ? calculate_sigpending+0x7b/0xa0 [ 27.069482] ? __pfx_kthread+0x10/0x10 [ 27.069506] ret_from_fork+0x116/0x1d0 [ 27.069526] ? __pfx_kthread+0x10/0x10 [ 27.069547] ret_from_fork_asm+0x1a/0x30 [ 27.069588] </TASK> [ 27.069601] [ 27.077195] Allocated by task 314: [ 27.077388] kasan_save_stack+0x45/0x70 [ 27.077606] kasan_save_track+0x18/0x40 [ 27.077814] kasan_save_alloc_info+0x3b/0x50 [ 27.078009] __kasan_kmalloc+0xb7/0xc0 [ 27.078193] __kmalloc_cache_noprof+0x189/0x420 [ 27.078415] kasan_atomics+0x95/0x310 [ 27.078580] kunit_try_run_case+0x1a5/0x480 [ 27.078795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.079001] kthread+0x337/0x6f0 [ 27.079186] ret_from_fork+0x116/0x1d0 [ 27.079333] ret_from_fork_asm+0x1a/0x30 [ 27.079469] [ 27.079535] The buggy address belongs to the object at ffff88810623b200 [ 27.079535] which belongs to the cache kmalloc-64 of size 64 [ 27.080145] The buggy address is located 0 bytes to the right of [ 27.080145] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 27.080602] [ 27.080706] The buggy address belongs to the physical page: [ 27.080983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 27.081310] flags: 0x200000000000000(node=0|zone=2) [ 27.081545] page_type: f5(slab) [ 27.081760] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.082082] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.082414] page dumped because: kasan: bad access detected [ 27.082715] [ 27.082783] Memory state around the buggy address: [ 27.083000] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.083214] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.083493] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.083847] ^ [ 27.084024] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.084349] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.084690] ================================================================== [ 26.713276] ================================================================== [ 26.713605] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 26.714123] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.714392] [ 26.714479] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.714567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.714592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.714626] Call Trace: [ 26.714645] <TASK> [ 26.714662] dump_stack_lvl+0x73/0xb0 [ 26.714693] print_report+0xd1/0x610 [ 26.714716] ? __virt_addr_valid+0x1db/0x2d0 [ 26.714741] ? kasan_atomics_helper+0x194a/0x5450 [ 26.714795] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.714822] ? kasan_atomics_helper+0x194a/0x5450 [ 26.714857] kasan_report+0x141/0x180 [ 26.714879] ? kasan_atomics_helper+0x194a/0x5450 [ 26.714906] kasan_check_range+0x10c/0x1c0 [ 26.714930] __kasan_check_write+0x18/0x20 [ 26.714954] kasan_atomics_helper+0x194a/0x5450 [ 26.714978] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.715000] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.715026] ? kasan_atomics+0x152/0x310 [ 26.715052] kasan_atomics+0x1dc/0x310 [ 26.715076] ? __pfx_kasan_atomics+0x10/0x10 [ 26.715101] ? __pfx_read_tsc+0x10/0x10 [ 26.715151] ? ktime_get_ts64+0x86/0x230 [ 26.715177] kunit_try_run_case+0x1a5/0x480 [ 26.715214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.715237] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.715263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.715287] ? __kthread_parkme+0x82/0x180 [ 26.715309] ? preempt_count_sub+0x50/0x80 [ 26.715343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.715368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.715396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.715424] kthread+0x337/0x6f0 [ 26.715446] ? trace_preempt_on+0x20/0xc0 [ 26.715471] ? __pfx_kthread+0x10/0x10 [ 26.715492] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.715514] ? calculate_sigpending+0x7b/0xa0 [ 26.715540] ? __pfx_kthread+0x10/0x10 [ 26.715563] ret_from_fork+0x116/0x1d0 [ 26.715584] ? __pfx_kthread+0x10/0x10 [ 26.715615] ret_from_fork_asm+0x1a/0x30 [ 26.715648] </TASK> [ 26.715660] [ 26.723553] Allocated by task 314: [ 26.723845] kasan_save_stack+0x45/0x70 [ 26.724028] kasan_save_track+0x18/0x40 [ 26.724247] kasan_save_alloc_info+0x3b/0x50 [ 26.724465] __kasan_kmalloc+0xb7/0xc0 [ 26.724617] __kmalloc_cache_noprof+0x189/0x420 [ 26.724822] kasan_atomics+0x95/0x310 [ 26.725025] kunit_try_run_case+0x1a5/0x480 [ 26.725172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.725433] kthread+0x337/0x6f0 [ 26.725688] ret_from_fork+0x116/0x1d0 [ 26.725929] ret_from_fork_asm+0x1a/0x30 [ 26.726115] [ 26.726184] The buggy address belongs to the object at ffff88810623b200 [ 26.726184] which belongs to the cache kmalloc-64 of size 64 [ 26.726707] The buggy address is located 0 bytes to the right of [ 26.726707] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.727193] [ 26.727293] The buggy address belongs to the physical page: [ 26.727520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.728000] flags: 0x200000000000000(node=0|zone=2) [ 26.728256] page_type: f5(slab) [ 26.728384] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.728612] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.728893] page dumped because: kasan: bad access detected [ 26.729191] [ 26.729282] Memory state around the buggy address: [ 26.729510] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.730036] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.731133] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.731541] ^ [ 26.731918] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.732363] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.732805] ================================================================== [ 26.833234] ================================================================== [ 26.833502] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 26.834112] Read of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.834775] [ 26.834968] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.835028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.835042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.835074] Call Trace: [ 26.835095] <TASK> [ 26.835114] dump_stack_lvl+0x73/0xb0 [ 26.835144] print_report+0xd1/0x610 [ 26.835167] ? __virt_addr_valid+0x1db/0x2d0 [ 26.835201] ? kasan_atomics_helper+0x4f30/0x5450 [ 26.835223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.835250] ? kasan_atomics_helper+0x4f30/0x5450 [ 26.835283] kasan_report+0x141/0x180 [ 26.835306] ? kasan_atomics_helper+0x4f30/0x5450 [ 26.835342] __asan_report_load8_noabort+0x18/0x20 [ 26.835367] kasan_atomics_helper+0x4f30/0x5450 [ 26.835391] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.835414] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.835439] ? kasan_atomics+0x152/0x310 [ 26.835466] kasan_atomics+0x1dc/0x310 [ 26.835490] ? __pfx_kasan_atomics+0x10/0x10 [ 26.835515] ? __pfx_read_tsc+0x10/0x10 [ 26.835538] ? ktime_get_ts64+0x86/0x230 [ 26.835564] kunit_try_run_case+0x1a5/0x480 [ 26.835607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.835631] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.835655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.835679] ? __kthread_parkme+0x82/0x180 [ 26.835700] ? preempt_count_sub+0x50/0x80 [ 26.835724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.835749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.835776] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.835804] kthread+0x337/0x6f0 [ 26.835825] ? trace_preempt_on+0x20/0xc0 [ 26.835849] ? __pfx_kthread+0x10/0x10 [ 26.835871] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.835893] ? calculate_sigpending+0x7b/0xa0 [ 26.835918] ? __pfx_kthread+0x10/0x10 [ 26.835940] ret_from_fork+0x116/0x1d0 [ 26.835961] ? __pfx_kthread+0x10/0x10 [ 26.835983] ret_from_fork_asm+0x1a/0x30 [ 26.836015] </TASK> [ 26.836027] [ 26.847669] Allocated by task 314: [ 26.848011] kasan_save_stack+0x45/0x70 [ 26.848377] kasan_save_track+0x18/0x40 [ 26.848754] kasan_save_alloc_info+0x3b/0x50 [ 26.849073] __kasan_kmalloc+0xb7/0xc0 [ 26.849201] __kmalloc_cache_noprof+0x189/0x420 [ 26.849360] kasan_atomics+0x95/0x310 [ 26.849489] kunit_try_run_case+0x1a5/0x480 [ 26.849746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.850225] kthread+0x337/0x6f0 [ 26.850549] ret_from_fork+0x116/0x1d0 [ 26.850917] ret_from_fork_asm+0x1a/0x30 [ 26.851280] [ 26.851440] The buggy address belongs to the object at ffff88810623b200 [ 26.851440] which belongs to the cache kmalloc-64 of size 64 [ 26.852506] The buggy address is located 0 bytes to the right of [ 26.852506] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.853028] [ 26.853099] The buggy address belongs to the physical page: [ 26.853268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.853520] flags: 0x200000000000000(node=0|zone=2) [ 26.853800] page_type: f5(slab) [ 26.853971] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.854285] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.854616] page dumped because: kasan: bad access detected [ 26.854865] [ 26.854977] Memory state around the buggy address: [ 26.855143] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.855454] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.855781] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.856085] ^ [ 26.856302] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.856647] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.856939] ================================================================== [ 25.991075] ================================================================== [ 25.991335] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 25.992705] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 25.993404] [ 25.993622] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.993679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.993694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.993718] Call Trace: [ 25.993740] <TASK> [ 25.993760] dump_stack_lvl+0x73/0xb0 [ 25.993794] print_report+0xd1/0x610 [ 25.993817] ? __virt_addr_valid+0x1db/0x2d0 [ 25.993842] ? kasan_atomics_helper+0x697/0x5450 [ 25.993864] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.993891] ? kasan_atomics_helper+0x697/0x5450 [ 25.993914] kasan_report+0x141/0x180 [ 25.993937] ? kasan_atomics_helper+0x697/0x5450 [ 25.993964] kasan_check_range+0x10c/0x1c0 [ 25.993989] __kasan_check_write+0x18/0x20 [ 25.994013] kasan_atomics_helper+0x697/0x5450 [ 25.994036] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.994058] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.994083] ? kasan_atomics+0x152/0x310 [ 25.994110] kasan_atomics+0x1dc/0x310 [ 25.994134] ? __pfx_kasan_atomics+0x10/0x10 [ 25.994159] ? __pfx_read_tsc+0x10/0x10 [ 25.994184] ? ktime_get_ts64+0x86/0x230 [ 25.994213] kunit_try_run_case+0x1a5/0x480 [ 25.994238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.994261] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.994285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.994340] ? __kthread_parkme+0x82/0x180 [ 25.994364] ? preempt_count_sub+0x50/0x80 [ 25.994389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.994412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.994440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.994468] kthread+0x337/0x6f0 [ 25.994488] ? trace_preempt_on+0x20/0xc0 [ 25.994512] ? __pfx_kthread+0x10/0x10 [ 25.994534] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.994556] ? calculate_sigpending+0x7b/0xa0 [ 25.994600] ? __pfx_kthread+0x10/0x10 [ 25.994622] ret_from_fork+0x116/0x1d0 [ 25.994641] ? __pfx_kthread+0x10/0x10 [ 25.994663] ret_from_fork_asm+0x1a/0x30 [ 25.994695] </TASK> [ 25.994708] [ 26.006274] Allocated by task 314: [ 26.006564] kasan_save_stack+0x45/0x70 [ 26.006922] kasan_save_track+0x18/0x40 [ 26.007266] kasan_save_alloc_info+0x3b/0x50 [ 26.007667] __kasan_kmalloc+0xb7/0xc0 [ 26.007992] __kmalloc_cache_noprof+0x189/0x420 [ 26.008383] kasan_atomics+0x95/0x310 [ 26.008509] kunit_try_run_case+0x1a5/0x480 [ 26.008821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.009289] kthread+0x337/0x6f0 [ 26.009612] ret_from_fork+0x116/0x1d0 [ 26.009810] ret_from_fork_asm+0x1a/0x30 [ 26.009947] [ 26.010015] The buggy address belongs to the object at ffff88810623b200 [ 26.010015] which belongs to the cache kmalloc-64 of size 64 [ 26.010378] The buggy address is located 0 bytes to the right of [ 26.010378] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.011098] [ 26.011252] The buggy address belongs to the physical page: [ 26.011735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.012391] flags: 0x200000000000000(node=0|zone=2) [ 26.012841] page_type: f5(slab) [ 26.013139] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.013824] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.014452] page dumped because: kasan: bad access detected [ 26.014947] [ 26.015111] Memory state around the buggy address: [ 26.015321] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.015529] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.016122] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.016756] ^ [ 26.017177] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.017678] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.017885] ================================================================== [ 26.894428] ================================================================== [ 26.894799] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 26.895155] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.895542] [ 26.895736] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.895805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.895819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.895875] Call Trace: [ 26.895897] <TASK> [ 26.895917] dump_stack_lvl+0x73/0xb0 [ 26.895948] print_report+0xd1/0x610 [ 26.895971] ? __virt_addr_valid+0x1db/0x2d0 [ 26.895996] ? kasan_atomics_helper+0x1e12/0x5450 [ 26.896022] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.896050] ? kasan_atomics_helper+0x1e12/0x5450 [ 26.896073] kasan_report+0x141/0x180 [ 26.896096] ? kasan_atomics_helper+0x1e12/0x5450 [ 26.896124] kasan_check_range+0x10c/0x1c0 [ 26.896148] __kasan_check_write+0x18/0x20 [ 26.896172] kasan_atomics_helper+0x1e12/0x5450 [ 26.896196] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.896218] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.896244] ? kasan_atomics+0x152/0x310 [ 26.896271] kasan_atomics+0x1dc/0x310 [ 26.896295] ? __pfx_kasan_atomics+0x10/0x10 [ 26.896332] ? __pfx_read_tsc+0x10/0x10 [ 26.896355] ? ktime_get_ts64+0x86/0x230 [ 26.896382] kunit_try_run_case+0x1a5/0x480 [ 26.896409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.896431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.896457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.896481] ? __kthread_parkme+0x82/0x180 [ 26.896503] ? preempt_count_sub+0x50/0x80 [ 26.896528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.896553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.896581] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.896609] kthread+0x337/0x6f0 [ 26.896630] ? trace_preempt_on+0x20/0xc0 [ 26.896655] ? __pfx_kthread+0x10/0x10 [ 26.896676] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.896698] ? calculate_sigpending+0x7b/0xa0 [ 26.896723] ? __pfx_kthread+0x10/0x10 [ 26.896745] ret_from_fork+0x116/0x1d0 [ 26.896766] ? __pfx_kthread+0x10/0x10 [ 26.896788] ret_from_fork_asm+0x1a/0x30 [ 26.896820] </TASK> [ 26.896832] [ 26.904207] Allocated by task 314: [ 26.904346] kasan_save_stack+0x45/0x70 [ 26.904488] kasan_save_track+0x18/0x40 [ 26.904638] kasan_save_alloc_info+0x3b/0x50 [ 26.904817] __kasan_kmalloc+0xb7/0xc0 [ 26.905052] __kmalloc_cache_noprof+0x189/0x420 [ 26.905276] kasan_atomics+0x95/0x310 [ 26.905462] kunit_try_run_case+0x1a5/0x480 [ 26.905748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.906091] kthread+0x337/0x6f0 [ 26.906252] ret_from_fork+0x116/0x1d0 [ 26.906458] ret_from_fork_asm+0x1a/0x30 [ 26.906694] [ 26.906789] The buggy address belongs to the object at ffff88810623b200 [ 26.906789] which belongs to the cache kmalloc-64 of size 64 [ 26.907186] The buggy address is located 0 bytes to the right of [ 26.907186] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.907683] [ 26.907781] The buggy address belongs to the physical page: [ 26.908037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.908475] flags: 0x200000000000000(node=0|zone=2) [ 26.908843] page_type: f5(slab) [ 26.909077] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.909399] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.909651] page dumped because: kasan: bad access detected [ 26.909819] [ 26.909884] Memory state around the buggy address: [ 26.910096] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.910476] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.910830] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.911133] ^ [ 26.911422] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.911721] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.912013] ================================================================== [ 26.274725] ================================================================== [ 26.275111] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 26.275744] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.276175] [ 26.276427] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.276484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.276499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.276521] Call Trace: [ 26.276540] <TASK> [ 26.276564] dump_stack_lvl+0x73/0xb0 [ 26.276609] print_report+0xd1/0x610 [ 26.276633] ? __virt_addr_valid+0x1db/0x2d0 [ 26.276658] ? kasan_atomics_helper+0xf10/0x5450 [ 26.276681] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.276708] ? kasan_atomics_helper+0xf10/0x5450 [ 26.276730] kasan_report+0x141/0x180 [ 26.276753] ? kasan_atomics_helper+0xf10/0x5450 [ 26.276780] kasan_check_range+0x10c/0x1c0 [ 26.276805] __kasan_check_write+0x18/0x20 [ 26.276829] kasan_atomics_helper+0xf10/0x5450 [ 26.276853] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.276876] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.276903] ? kasan_atomics+0x152/0x310 [ 26.276930] kasan_atomics+0x1dc/0x310 [ 26.276954] ? __pfx_kasan_atomics+0x10/0x10 [ 26.276979] ? __pfx_read_tsc+0x10/0x10 [ 26.277003] ? ktime_get_ts64+0x86/0x230 [ 26.277031] kunit_try_run_case+0x1a5/0x480 [ 26.277056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.277079] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.277104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.277129] ? __kthread_parkme+0x82/0x180 [ 26.277150] ? preempt_count_sub+0x50/0x80 [ 26.277175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.277199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.277228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.277257] kthread+0x337/0x6f0 [ 26.277278] ? trace_preempt_on+0x20/0xc0 [ 26.277301] ? __pfx_kthread+0x10/0x10 [ 26.277331] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.277353] ? calculate_sigpending+0x7b/0xa0 [ 26.277377] ? __pfx_kthread+0x10/0x10 [ 26.277400] ret_from_fork+0x116/0x1d0 [ 26.277420] ? __pfx_kthread+0x10/0x10 [ 26.277441] ret_from_fork_asm+0x1a/0x30 [ 26.277473] </TASK> [ 26.277486] [ 26.284435] Allocated by task 314: [ 26.284571] kasan_save_stack+0x45/0x70 [ 26.284782] kasan_save_track+0x18/0x40 [ 26.284971] kasan_save_alloc_info+0x3b/0x50 [ 26.285179] __kasan_kmalloc+0xb7/0xc0 [ 26.285370] __kmalloc_cache_noprof+0x189/0x420 [ 26.285584] kasan_atomics+0x95/0x310 [ 26.285759] kunit_try_run_case+0x1a5/0x480 [ 26.285948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.286161] kthread+0x337/0x6f0 [ 26.286328] ret_from_fork+0x116/0x1d0 [ 26.286484] ret_from_fork_asm+0x1a/0x30 [ 26.286684] [ 26.286770] The buggy address belongs to the object at ffff88810623b200 [ 26.286770] which belongs to the cache kmalloc-64 of size 64 [ 26.287224] The buggy address is located 0 bytes to the right of [ 26.287224] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.287785] [ 26.287872] The buggy address belongs to the physical page: [ 26.288043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.288280] flags: 0x200000000000000(node=0|zone=2) [ 26.288449] page_type: f5(slab) [ 26.288566] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.288852] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.289508] page dumped because: kasan: bad access detected [ 26.289734] [ 26.289800] Memory state around the buggy address: [ 26.289953] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.290164] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.290503] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.291125] ^ [ 26.291357] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.291740] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.291997] ================================================================== [ 26.018492] ================================================================== [ 26.019186] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 26.019831] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.020441] [ 26.020631] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.020685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.020699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.020721] Call Trace: [ 26.020740] <TASK> [ 26.020756] dump_stack_lvl+0x73/0xb0 [ 26.020787] print_report+0xd1/0x610 [ 26.020810] ? __virt_addr_valid+0x1db/0x2d0 [ 26.020835] ? kasan_atomics_helper+0x72f/0x5450 [ 26.020857] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.020884] ? kasan_atomics_helper+0x72f/0x5450 [ 26.020906] kasan_report+0x141/0x180 [ 26.020929] ? kasan_atomics_helper+0x72f/0x5450 [ 26.020955] kasan_check_range+0x10c/0x1c0 [ 26.020980] __kasan_check_write+0x18/0x20 [ 26.021003] kasan_atomics_helper+0x72f/0x5450 [ 26.021027] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.021050] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.021074] ? kasan_atomics+0x152/0x310 [ 26.021102] kasan_atomics+0x1dc/0x310 [ 26.021125] ? __pfx_kasan_atomics+0x10/0x10 [ 26.021151] ? __pfx_read_tsc+0x10/0x10 [ 26.021175] ? ktime_get_ts64+0x86/0x230 [ 26.021200] kunit_try_run_case+0x1a5/0x480 [ 26.021226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.021250] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.021274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.021297] ? __kthread_parkme+0x82/0x180 [ 26.021331] ? preempt_count_sub+0x50/0x80 [ 26.021355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.021380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.021407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.021435] kthread+0x337/0x6f0 [ 26.021458] ? trace_preempt_on+0x20/0xc0 [ 26.021482] ? __pfx_kthread+0x10/0x10 [ 26.021503] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.021526] ? calculate_sigpending+0x7b/0xa0 [ 26.021551] ? __pfx_kthread+0x10/0x10 [ 26.021592] ret_from_fork+0x116/0x1d0 [ 26.021619] ? __pfx_kthread+0x10/0x10 [ 26.021640] ret_from_fork_asm+0x1a/0x30 [ 26.021673] </TASK> [ 26.021684] [ 26.031088] Allocated by task 314: [ 26.031275] kasan_save_stack+0x45/0x70 [ 26.031485] kasan_save_track+0x18/0x40 [ 26.031706] kasan_save_alloc_info+0x3b/0x50 [ 26.031921] __kasan_kmalloc+0xb7/0xc0 [ 26.032105] __kmalloc_cache_noprof+0x189/0x420 [ 26.032261] kasan_atomics+0x95/0x310 [ 26.032400] kunit_try_run_case+0x1a5/0x480 [ 26.032543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.032819] kthread+0x337/0x6f0 [ 26.032984] ret_from_fork+0x116/0x1d0 [ 26.033168] ret_from_fork_asm+0x1a/0x30 [ 26.033340] [ 26.033431] The buggy address belongs to the object at ffff88810623b200 [ 26.033431] which belongs to the cache kmalloc-64 of size 64 [ 26.033824] The buggy address is located 0 bytes to the right of [ 26.033824] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.034339] [ 26.034435] The buggy address belongs to the physical page: [ 26.034711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.035054] flags: 0x200000000000000(node=0|zone=2) [ 26.035264] page_type: f5(slab) [ 26.035435] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.035757] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.036033] page dumped because: kasan: bad access detected [ 26.036207] [ 26.036298] Memory state around the buggy address: [ 26.036535] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.036829] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.037043] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.037351] ^ [ 26.037588] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.037909] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.038182] ================================================================== [ 25.909522] ================================================================== [ 25.910262] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 25.910736] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 25.911210] [ 25.911328] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.911384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.911398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.911421] Call Trace: [ 25.911444] <TASK> [ 25.911464] dump_stack_lvl+0x73/0xb0 [ 25.911497] print_report+0xd1/0x610 [ 25.911520] ? __virt_addr_valid+0x1db/0x2d0 [ 25.911545] ? kasan_atomics_helper+0x4b3a/0x5450 [ 25.911567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.911761] ? kasan_atomics_helper+0x4b3a/0x5450 [ 25.911786] kasan_report+0x141/0x180 [ 25.911809] ? kasan_atomics_helper+0x4b3a/0x5450 [ 25.911837] __asan_report_store4_noabort+0x1b/0x30 [ 25.911888] kasan_atomics_helper+0x4b3a/0x5450 [ 25.911911] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.911934] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.911960] ? kasan_atomics+0x152/0x310 [ 25.911988] kasan_atomics+0x1dc/0x310 [ 25.912011] ? __pfx_kasan_atomics+0x10/0x10 [ 25.912036] ? __pfx_read_tsc+0x10/0x10 [ 25.912061] ? ktime_get_ts64+0x86/0x230 [ 25.912089] kunit_try_run_case+0x1a5/0x480 [ 25.912114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.912138] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.912163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.912188] ? __kthread_parkme+0x82/0x180 [ 25.912210] ? preempt_count_sub+0x50/0x80 [ 25.912235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.912259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.912287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.912325] kthread+0x337/0x6f0 [ 25.912346] ? trace_preempt_on+0x20/0xc0 [ 25.912372] ? __pfx_kthread+0x10/0x10 [ 25.912395] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.912417] ? calculate_sigpending+0x7b/0xa0 [ 25.912442] ? __pfx_kthread+0x10/0x10 [ 25.912465] ret_from_fork+0x116/0x1d0 [ 25.912485] ? __pfx_kthread+0x10/0x10 [ 25.912506] ret_from_fork_asm+0x1a/0x30 [ 25.912539] </TASK> [ 25.912552] [ 25.923285] Allocated by task 314: [ 25.923727] kasan_save_stack+0x45/0x70 [ 25.923936] kasan_save_track+0x18/0x40 [ 25.924293] kasan_save_alloc_info+0x3b/0x50 [ 25.924507] __kasan_kmalloc+0xb7/0xc0 [ 25.924776] __kmalloc_cache_noprof+0x189/0x420 [ 25.925002] kasan_atomics+0x95/0x310 [ 25.925167] kunit_try_run_case+0x1a5/0x480 [ 25.925374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.925609] kthread+0x337/0x6f0 [ 25.925757] ret_from_fork+0x116/0x1d0 [ 25.925928] ret_from_fork_asm+0x1a/0x30 [ 25.926101] [ 25.926179] The buggy address belongs to the object at ffff88810623b200 [ 25.926179] which belongs to the cache kmalloc-64 of size 64 [ 25.927266] The buggy address is located 0 bytes to the right of [ 25.927266] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 25.928179] [ 25.928277] The buggy address belongs to the physical page: [ 25.928701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 25.929253] flags: 0x200000000000000(node=0|zone=2) [ 25.929634] page_type: f5(slab) [ 25.929779] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.930327] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.930779] page dumped because: kasan: bad access detected [ 25.931186] [ 25.931287] Memory state around the buggy address: [ 25.931673] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.932140] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.932475] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.933009] ^ [ 25.933289] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.933722] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.934192] ================================================================== [ 26.106602] ================================================================== [ 26.106876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 26.107194] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.107532] [ 26.107664] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.107713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.107728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.107749] Call Trace: [ 26.107766] <TASK> [ 26.107782] dump_stack_lvl+0x73/0xb0 [ 26.107810] print_report+0xd1/0x610 [ 26.107835] ? __virt_addr_valid+0x1db/0x2d0 [ 26.107881] ? kasan_atomics_helper+0xa2b/0x5450 [ 26.107903] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.107932] ? kasan_atomics_helper+0xa2b/0x5450 [ 26.107954] kasan_report+0x141/0x180 [ 26.107977] ? kasan_atomics_helper+0xa2b/0x5450 [ 26.108005] kasan_check_range+0x10c/0x1c0 [ 26.108029] __kasan_check_write+0x18/0x20 [ 26.108054] kasan_atomics_helper+0xa2b/0x5450 [ 26.108077] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.108100] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.108127] ? kasan_atomics+0x152/0x310 [ 26.108154] kasan_atomics+0x1dc/0x310 [ 26.108177] ? __pfx_kasan_atomics+0x10/0x10 [ 26.108202] ? __pfx_read_tsc+0x10/0x10 [ 26.108226] ? ktime_get_ts64+0x86/0x230 [ 26.108251] kunit_try_run_case+0x1a5/0x480 [ 26.108275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.108299] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.108331] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.108356] ? __kthread_parkme+0x82/0x180 [ 26.108377] ? preempt_count_sub+0x50/0x80 [ 26.108402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.108426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.108454] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.108482] kthread+0x337/0x6f0 [ 26.108502] ? trace_preempt_on+0x20/0xc0 [ 26.108527] ? __pfx_kthread+0x10/0x10 [ 26.108548] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.108570] ? calculate_sigpending+0x7b/0xa0 [ 26.108613] ? __pfx_kthread+0x10/0x10 [ 26.108636] ret_from_fork+0x116/0x1d0 [ 26.108656] ? __pfx_kthread+0x10/0x10 [ 26.108678] ret_from_fork_asm+0x1a/0x30 [ 26.108709] </TASK> [ 26.108720] [ 26.118670] Allocated by task 314: [ 26.118904] kasan_save_stack+0x45/0x70 [ 26.119222] kasan_save_track+0x18/0x40 [ 26.119569] kasan_save_alloc_info+0x3b/0x50 [ 26.119797] __kasan_kmalloc+0xb7/0xc0 [ 26.119972] __kmalloc_cache_noprof+0x189/0x420 [ 26.120169] kasan_atomics+0x95/0x310 [ 26.120592] kunit_try_run_case+0x1a5/0x480 [ 26.120912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.121324] kthread+0x337/0x6f0 [ 26.121635] ret_from_fork+0x116/0x1d0 [ 26.122012] ret_from_fork_asm+0x1a/0x30 [ 26.122207] [ 26.122296] The buggy address belongs to the object at ffff88810623b200 [ 26.122296] which belongs to the cache kmalloc-64 of size 64 [ 26.123138] The buggy address is located 0 bytes to the right of [ 26.123138] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.124021] [ 26.124246] The buggy address belongs to the physical page: [ 26.124798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.125338] flags: 0x200000000000000(node=0|zone=2) [ 26.125516] page_type: f5(slab) [ 26.125791] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.126467] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.127077] page dumped because: kasan: bad access detected [ 26.127248] [ 26.127326] Memory state around the buggy address: [ 26.127482] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.127992] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.128605] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.129350] ^ [ 26.129803] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.130546] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.131114] ================================================================== [ 26.131766] ================================================================== [ 26.132160] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 26.132802] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.133263] [ 26.133362] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.133417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.133431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.133454] Call Trace: [ 26.133477] <TASK> [ 26.133497] dump_stack_lvl+0x73/0xb0 [ 26.133528] print_report+0xd1/0x610 [ 26.133551] ? __virt_addr_valid+0x1db/0x2d0 [ 26.133576] ? kasan_atomics_helper+0xac7/0x5450 [ 26.133624] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.133651] ? kasan_atomics_helper+0xac7/0x5450 [ 26.133674] kasan_report+0x141/0x180 [ 26.133719] ? kasan_atomics_helper+0xac7/0x5450 [ 26.133747] kasan_check_range+0x10c/0x1c0 [ 26.133771] __kasan_check_write+0x18/0x20 [ 26.133795] kasan_atomics_helper+0xac7/0x5450 [ 26.133818] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.133841] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.133882] ? kasan_atomics+0x152/0x310 [ 26.133909] kasan_atomics+0x1dc/0x310 [ 26.133933] ? __pfx_kasan_atomics+0x10/0x10 [ 26.133958] ? __pfx_read_tsc+0x10/0x10 [ 26.133981] ? ktime_get_ts64+0x86/0x230 [ 26.134007] kunit_try_run_case+0x1a5/0x480 [ 26.134033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.134057] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.134082] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.134106] ? __kthread_parkme+0x82/0x180 [ 26.134128] ? preempt_count_sub+0x50/0x80 [ 26.134153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.134177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.134207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.134234] kthread+0x337/0x6f0 [ 26.134255] ? trace_preempt_on+0x20/0xc0 [ 26.134280] ? __pfx_kthread+0x10/0x10 [ 26.134302] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.134335] ? calculate_sigpending+0x7b/0xa0 [ 26.134360] ? __pfx_kthread+0x10/0x10 [ 26.134382] ret_from_fork+0x116/0x1d0 [ 26.134403] ? __pfx_kthread+0x10/0x10 [ 26.134425] ret_from_fork_asm+0x1a/0x30 [ 26.134458] </TASK> [ 26.134470] [ 26.143213] Allocated by task 314: [ 26.143413] kasan_save_stack+0x45/0x70 [ 26.143672] kasan_save_track+0x18/0x40 [ 26.143849] kasan_save_alloc_info+0x3b/0x50 [ 26.144056] __kasan_kmalloc+0xb7/0xc0 [ 26.144226] __kmalloc_cache_noprof+0x189/0x420 [ 26.144444] kasan_atomics+0x95/0x310 [ 26.144662] kunit_try_run_case+0x1a5/0x480 [ 26.144849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.145083] kthread+0x337/0x6f0 [ 26.145263] ret_from_fork+0x116/0x1d0 [ 26.145419] ret_from_fork_asm+0x1a/0x30 [ 26.145658] [ 26.145750] The buggy address belongs to the object at ffff88810623b200 [ 26.145750] which belongs to the cache kmalloc-64 of size 64 [ 26.146247] The buggy address is located 0 bytes to the right of [ 26.146247] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.146799] [ 26.146895] The buggy address belongs to the physical page: [ 26.147105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.147473] flags: 0x200000000000000(node=0|zone=2) [ 26.147718] page_type: f5(slab) [ 26.147871] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.148194] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.148575] page dumped because: kasan: bad access detected [ 26.148779] [ 26.148872] Memory state around the buggy address: [ 26.149094] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.149409] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.149728] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.149999] ^ [ 26.150145] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.150376] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.150578] ================================================================== [ 26.309456] ================================================================== [ 26.309749] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 26.310082] Read of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.310406] [ 26.310486] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.310534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.310549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.310570] Call Trace: [ 26.310585] <TASK> [ 26.310601] dump_stack_lvl+0x73/0xb0 [ 26.310628] print_report+0xd1/0x610 [ 26.310651] ? __virt_addr_valid+0x1db/0x2d0 [ 26.310675] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.310697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.310723] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.310746] kasan_report+0x141/0x180 [ 26.310768] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.310795] __asan_report_load4_noabort+0x18/0x20 [ 26.310819] kasan_atomics_helper+0x4a36/0x5450 [ 26.310842] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.310865] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.310890] ? kasan_atomics+0x152/0x310 [ 26.310916] kasan_atomics+0x1dc/0x310 [ 26.310939] ? __pfx_kasan_atomics+0x10/0x10 [ 26.310964] ? __pfx_read_tsc+0x10/0x10 [ 26.310986] ? ktime_get_ts64+0x86/0x230 [ 26.311011] kunit_try_run_case+0x1a5/0x480 [ 26.311035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.311058] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.311082] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.311105] ? __kthread_parkme+0x82/0x180 [ 26.311125] ? preempt_count_sub+0x50/0x80 [ 26.311150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.311174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.311201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.311229] kthread+0x337/0x6f0 [ 26.311249] ? trace_preempt_on+0x20/0xc0 [ 26.311273] ? __pfx_kthread+0x10/0x10 [ 26.311294] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.311328] ? calculate_sigpending+0x7b/0xa0 [ 26.311353] ? __pfx_kthread+0x10/0x10 [ 26.311375] ret_from_fork+0x116/0x1d0 [ 26.311395] ? __pfx_kthread+0x10/0x10 [ 26.311416] ret_from_fork_asm+0x1a/0x30 [ 26.311447] </TASK> [ 26.311458] [ 26.318168] Allocated by task 314: [ 26.318296] kasan_save_stack+0x45/0x70 [ 26.318441] kasan_save_track+0x18/0x40 [ 26.318570] kasan_save_alloc_info+0x3b/0x50 [ 26.318734] __kasan_kmalloc+0xb7/0xc0 [ 26.318861] __kmalloc_cache_noprof+0x189/0x420 [ 26.319080] kasan_atomics+0x95/0x310 [ 26.319263] kunit_try_run_case+0x1a5/0x480 [ 26.319479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.319754] kthread+0x337/0x6f0 [ 26.319924] ret_from_fork+0x116/0x1d0 [ 26.320113] ret_from_fork_asm+0x1a/0x30 [ 26.320318] [ 26.320409] The buggy address belongs to the object at ffff88810623b200 [ 26.320409] which belongs to the cache kmalloc-64 of size 64 [ 26.320953] The buggy address is located 0 bytes to the right of [ 26.320953] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.321490] [ 26.321561] The buggy address belongs to the physical page: [ 26.321815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.322126] flags: 0x200000000000000(node=0|zone=2) [ 26.322335] page_type: f5(slab) [ 26.322501] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.322829] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.323130] page dumped because: kasan: bad access detected [ 26.323365] [ 26.323447] Memory state around the buggy address: [ 26.323668] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.323947] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.324230] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.324509] ^ [ 26.324731] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.325020] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.325262] ================================================================== [ 26.421679] ================================================================== [ 26.421966] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 26.422201] Read of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.422433] [ 26.422521] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.422570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.422604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.422627] Call Trace: [ 26.422648] <TASK> [ 26.422665] dump_stack_lvl+0x73/0xb0 [ 26.422694] print_report+0xd1/0x610 [ 26.422717] ? __virt_addr_valid+0x1db/0x2d0 [ 26.422741] ? kasan_atomics_helper+0x49e8/0x5450 [ 26.422763] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.422791] ? kasan_atomics_helper+0x49e8/0x5450 [ 26.422812] kasan_report+0x141/0x180 [ 26.422836] ? kasan_atomics_helper+0x49e8/0x5450 [ 26.422862] __asan_report_load4_noabort+0x18/0x20 [ 26.422887] kasan_atomics_helper+0x49e8/0x5450 [ 26.422910] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.422933] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.422958] ? kasan_atomics+0x152/0x310 [ 26.422985] kasan_atomics+0x1dc/0x310 [ 26.423008] ? __pfx_kasan_atomics+0x10/0x10 [ 26.423033] ? __pfx_read_tsc+0x10/0x10 [ 26.423057] ? ktime_get_ts64+0x86/0x230 [ 26.423083] kunit_try_run_case+0x1a5/0x480 [ 26.423107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.423130] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.423154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.423178] ? __kthread_parkme+0x82/0x180 [ 26.423199] ? preempt_count_sub+0x50/0x80 [ 26.423224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.423249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.423277] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.423305] kthread+0x337/0x6f0 [ 26.423336] ? trace_preempt_on+0x20/0xc0 [ 26.423361] ? __pfx_kthread+0x10/0x10 [ 26.423383] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.423405] ? calculate_sigpending+0x7b/0xa0 [ 26.423430] ? __pfx_kthread+0x10/0x10 [ 26.423452] ret_from_fork+0x116/0x1d0 [ 26.423473] ? __pfx_kthread+0x10/0x10 [ 26.423495] ret_from_fork_asm+0x1a/0x30 [ 26.423527] </TASK> [ 26.423538] [ 26.430663] Allocated by task 314: [ 26.430819] kasan_save_stack+0x45/0x70 [ 26.430979] kasan_save_track+0x18/0x40 [ 26.431152] kasan_save_alloc_info+0x3b/0x50 [ 26.431349] __kasan_kmalloc+0xb7/0xc0 [ 26.431520] __kmalloc_cache_noprof+0x189/0x420 [ 26.431728] kasan_atomics+0x95/0x310 [ 26.431907] kunit_try_run_case+0x1a5/0x480 [ 26.432086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.432271] kthread+0x337/0x6f0 [ 26.432438] ret_from_fork+0x116/0x1d0 [ 26.432648] ret_from_fork_asm+0x1a/0x30 [ 26.432804] [ 26.432870] The buggy address belongs to the object at ffff88810623b200 [ 26.432870] which belongs to the cache kmalloc-64 of size 64 [ 26.433383] The buggy address is located 0 bytes to the right of [ 26.433383] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.433836] [ 26.433905] The buggy address belongs to the physical page: [ 26.434075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.434388] flags: 0x200000000000000(node=0|zone=2) [ 26.434642] page_type: f5(slab) [ 26.434807] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.435142] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.435484] page dumped because: kasan: bad access detected [ 26.435738] [ 26.435809] Memory state around the buggy address: [ 26.435961] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.436180] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.436509] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.436846] ^ [ 26.437070] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.437366] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.437664] ================================================================== [ 27.049565] ================================================================== [ 27.049967] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 27.050333] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 27.050625] [ 27.050750] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 27.050802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.050817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.050839] Call Trace: [ 27.050872] <TASK> [ 27.050890] dump_stack_lvl+0x73/0xb0 [ 27.050920] print_report+0xd1/0x610 [ 27.050956] ? __virt_addr_valid+0x1db/0x2d0 [ 27.050981] ? kasan_atomics_helper+0x218a/0x5450 [ 27.051005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.051032] ? kasan_atomics_helper+0x218a/0x5450 [ 27.051055] kasan_report+0x141/0x180 [ 27.051078] ? kasan_atomics_helper+0x218a/0x5450 [ 27.051105] kasan_check_range+0x10c/0x1c0 [ 27.051130] __kasan_check_write+0x18/0x20 [ 27.051163] kasan_atomics_helper+0x218a/0x5450 [ 27.051187] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.051210] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.051245] ? kasan_atomics+0x152/0x310 [ 27.051273] kasan_atomics+0x1dc/0x310 [ 27.051296] ? __pfx_kasan_atomics+0x10/0x10 [ 27.051339] ? __pfx_read_tsc+0x10/0x10 [ 27.051362] ? ktime_get_ts64+0x86/0x230 [ 27.051399] kunit_try_run_case+0x1a5/0x480 [ 27.051424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.051448] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.051473] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.051497] ? __kthread_parkme+0x82/0x180 [ 27.051529] ? preempt_count_sub+0x50/0x80 [ 27.051554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.051584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.051631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.051660] kthread+0x337/0x6f0 [ 27.051681] ? trace_preempt_on+0x20/0xc0 [ 27.051706] ? __pfx_kthread+0x10/0x10 [ 27.051727] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.051749] ? calculate_sigpending+0x7b/0xa0 [ 27.051775] ? __pfx_kthread+0x10/0x10 [ 27.051798] ret_from_fork+0x116/0x1d0 [ 27.051817] ? __pfx_kthread+0x10/0x10 [ 27.051838] ret_from_fork_asm+0x1a/0x30 [ 27.051870] </TASK> [ 27.051882] [ 27.059255] Allocated by task 314: [ 27.059437] kasan_save_stack+0x45/0x70 [ 27.059629] kasan_save_track+0x18/0x40 [ 27.059815] kasan_save_alloc_info+0x3b/0x50 [ 27.060032] __kasan_kmalloc+0xb7/0xc0 [ 27.060206] __kmalloc_cache_noprof+0x189/0x420 [ 27.060411] kasan_atomics+0x95/0x310 [ 27.060598] kunit_try_run_case+0x1a5/0x480 [ 27.060793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.061049] kthread+0x337/0x6f0 [ 27.061223] ret_from_fork+0x116/0x1d0 [ 27.061430] ret_from_fork_asm+0x1a/0x30 [ 27.061607] [ 27.061737] The buggy address belongs to the object at ffff88810623b200 [ 27.061737] which belongs to the cache kmalloc-64 of size 64 [ 27.062165] The buggy address is located 0 bytes to the right of [ 27.062165] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 27.062742] [ 27.062841] The buggy address belongs to the physical page: [ 27.063087] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 27.063436] flags: 0x200000000000000(node=0|zone=2) [ 27.063626] page_type: f5(slab) [ 27.063818] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.064128] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.064475] page dumped because: kasan: bad access detected [ 27.064676] [ 27.064779] Memory state around the buggy address: [ 27.065078] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.065289] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.065509] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.065722] ^ [ 27.065873] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.066378] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.066964] ================================================================== [ 25.829329] ================================================================== [ 25.829674] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 25.829929] Read of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 25.830162] [ 25.830275] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.830337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.830351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.830374] Call Trace: [ 25.830395] <TASK> [ 25.830413] dump_stack_lvl+0x73/0xb0 [ 25.830442] print_report+0xd1/0x610 [ 25.830465] ? __virt_addr_valid+0x1db/0x2d0 [ 25.830490] ? kasan_atomics_helper+0x3df/0x5450 [ 25.830511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.830537] ? kasan_atomics_helper+0x3df/0x5450 [ 25.830559] kasan_report+0x141/0x180 [ 25.830582] ? kasan_atomics_helper+0x3df/0x5450 [ 25.830623] kasan_check_range+0x10c/0x1c0 [ 25.830649] __kasan_check_read+0x15/0x20 [ 25.830673] kasan_atomics_helper+0x3df/0x5450 [ 25.830697] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.830720] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.830746] ? kasan_atomics+0x152/0x310 [ 25.830773] kasan_atomics+0x1dc/0x310 [ 25.830796] ? __pfx_kasan_atomics+0x10/0x10 [ 25.830821] ? __pfx_read_tsc+0x10/0x10 [ 25.830844] ? ktime_get_ts64+0x86/0x230 [ 25.830870] kunit_try_run_case+0x1a5/0x480 [ 25.830896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.830920] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.830945] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.830969] ? __kthread_parkme+0x82/0x180 [ 25.830991] ? preempt_count_sub+0x50/0x80 [ 25.831016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.831040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.831068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.831096] kthread+0x337/0x6f0 [ 25.831117] ? trace_preempt_on+0x20/0xc0 [ 25.831141] ? __pfx_kthread+0x10/0x10 [ 25.831163] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.831185] ? calculate_sigpending+0x7b/0xa0 [ 25.831210] ? __pfx_kthread+0x10/0x10 [ 25.831233] ret_from_fork+0x116/0x1d0 [ 25.831253] ? __pfx_kthread+0x10/0x10 [ 25.831275] ret_from_fork_asm+0x1a/0x30 [ 25.831317] </TASK> [ 25.831329] [ 25.838762] Allocated by task 314: [ 25.839229] kasan_save_stack+0x45/0x70 [ 25.839444] kasan_save_track+0x18/0x40 [ 25.839684] kasan_save_alloc_info+0x3b/0x50 [ 25.839976] __kasan_kmalloc+0xb7/0xc0 [ 25.840175] __kmalloc_cache_noprof+0x189/0x420 [ 25.840404] kasan_atomics+0x95/0x310 [ 25.840569] kunit_try_run_case+0x1a5/0x480 [ 25.840769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.841094] kthread+0x337/0x6f0 [ 25.841261] ret_from_fork+0x116/0x1d0 [ 25.841403] ret_from_fork_asm+0x1a/0x30 [ 25.841540] [ 25.841663] The buggy address belongs to the object at ffff88810623b200 [ 25.841663] which belongs to the cache kmalloc-64 of size 64 [ 25.842547] The buggy address is located 0 bytes to the right of [ 25.842547] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 25.843243] [ 25.843337] The buggy address belongs to the physical page: [ 25.843510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 25.843991] flags: 0x200000000000000(node=0|zone=2) [ 25.844243] page_type: f5(slab) [ 25.844429] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.844734] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.846000] page dumped because: kasan: bad access detected [ 25.846261] [ 25.846368] Memory state around the buggy address: [ 25.846580] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.847262] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.847567] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.847842] ^ [ 25.848378] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.848780] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.849216] ================================================================== [ 25.877423] ================================================================== [ 25.878872] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 25.879546] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 25.880367] [ 25.880602] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.880674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.880688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.880713] Call Trace: [ 25.880735] <TASK> [ 25.880757] dump_stack_lvl+0x73/0xb0 [ 25.880788] print_report+0xd1/0x610 [ 25.880812] ? __virt_addr_valid+0x1db/0x2d0 [ 25.880837] ? kasan_atomics_helper+0x4a0/0x5450 [ 25.880867] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.880894] ? kasan_atomics_helper+0x4a0/0x5450 [ 25.880917] kasan_report+0x141/0x180 [ 25.880939] ? kasan_atomics_helper+0x4a0/0x5450 [ 25.880966] kasan_check_range+0x10c/0x1c0 [ 25.880990] __kasan_check_write+0x18/0x20 [ 25.881014] kasan_atomics_helper+0x4a0/0x5450 [ 25.881037] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.881059] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.881085] ? kasan_atomics+0x152/0x310 [ 25.881112] kasan_atomics+0x1dc/0x310 [ 25.881134] ? __pfx_kasan_atomics+0x10/0x10 [ 25.881160] ? __pfx_read_tsc+0x10/0x10 [ 25.881182] ? ktime_get_ts64+0x86/0x230 [ 25.881208] kunit_try_run_case+0x1a5/0x480 [ 25.881233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.881257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.881282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.881315] ? __kthread_parkme+0x82/0x180 [ 25.881337] ? preempt_count_sub+0x50/0x80 [ 25.881362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.881386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.881414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.881443] kthread+0x337/0x6f0 [ 25.881463] ? trace_preempt_on+0x20/0xc0 [ 25.881488] ? __pfx_kthread+0x10/0x10 [ 25.881510] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.881532] ? calculate_sigpending+0x7b/0xa0 [ 25.881557] ? __pfx_kthread+0x10/0x10 [ 25.881579] ret_from_fork+0x116/0x1d0 [ 25.881603] ? __pfx_kthread+0x10/0x10 [ 25.881628] ret_from_fork_asm+0x1a/0x30 [ 25.881662] </TASK> [ 25.881675] [ 25.896591] Allocated by task 314: [ 25.897443] kasan_save_stack+0x45/0x70 [ 25.897778] kasan_save_track+0x18/0x40 [ 25.898135] kasan_save_alloc_info+0x3b/0x50 [ 25.898458] __kasan_kmalloc+0xb7/0xc0 [ 25.898736] __kmalloc_cache_noprof+0x189/0x420 [ 25.899129] kasan_atomics+0x95/0x310 [ 25.899358] kunit_try_run_case+0x1a5/0x480 [ 25.899761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.900165] kthread+0x337/0x6f0 [ 25.900324] ret_from_fork+0x116/0x1d0 [ 25.900531] ret_from_fork_asm+0x1a/0x30 [ 25.900967] [ 25.901063] The buggy address belongs to the object at ffff88810623b200 [ 25.901063] which belongs to the cache kmalloc-64 of size 64 [ 25.901726] The buggy address is located 0 bytes to the right of [ 25.901726] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 25.902477] [ 25.902698] The buggy address belongs to the physical page: [ 25.902918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 25.903758] flags: 0x200000000000000(node=0|zone=2) [ 25.904157] page_type: f5(slab) [ 25.904294] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.904836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.905356] page dumped because: kasan: bad access detected [ 25.905712] [ 25.905798] Memory state around the buggy address: [ 25.906125] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.906749] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.907181] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.907482] ^ [ 25.907808] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.908148] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.908706] ================================================================== [ 26.455138] ================================================================== [ 26.455505] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 26.455886] Read of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.456195] [ 26.456287] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.456346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.456360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.456383] Call Trace: [ 26.456401] <TASK> [ 26.456418] dump_stack_lvl+0x73/0xb0 [ 26.456447] print_report+0xd1/0x610 [ 26.456470] ? __virt_addr_valid+0x1db/0x2d0 [ 26.456494] ? kasan_atomics_helper+0x49ce/0x5450 [ 26.456516] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.456543] ? kasan_atomics_helper+0x49ce/0x5450 [ 26.456565] kasan_report+0x141/0x180 [ 26.456609] ? kasan_atomics_helper+0x49ce/0x5450 [ 26.456635] __asan_report_load4_noabort+0x18/0x20 [ 26.456660] kasan_atomics_helper+0x49ce/0x5450 [ 26.456684] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.456707] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.456732] ? kasan_atomics+0x152/0x310 [ 26.456759] kasan_atomics+0x1dc/0x310 [ 26.456781] ? __pfx_kasan_atomics+0x10/0x10 [ 26.456806] ? __pfx_read_tsc+0x10/0x10 [ 26.456829] ? ktime_get_ts64+0x86/0x230 [ 26.456855] kunit_try_run_case+0x1a5/0x480 [ 26.456879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.456902] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.456926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.456950] ? __kthread_parkme+0x82/0x180 [ 26.456972] ? preempt_count_sub+0x50/0x80 [ 26.456997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.457021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.457049] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.457077] kthread+0x337/0x6f0 [ 26.457098] ? trace_preempt_on+0x20/0xc0 [ 26.457122] ? __pfx_kthread+0x10/0x10 [ 26.457144] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.457166] ? calculate_sigpending+0x7b/0xa0 [ 26.457190] ? __pfx_kthread+0x10/0x10 [ 26.457213] ret_from_fork+0x116/0x1d0 [ 26.457233] ? __pfx_kthread+0x10/0x10 [ 26.457255] ret_from_fork_asm+0x1a/0x30 [ 26.457286] </TASK> [ 26.457298] [ 26.464080] Allocated by task 314: [ 26.464258] kasan_save_stack+0x45/0x70 [ 26.464457] kasan_save_track+0x18/0x40 [ 26.464647] kasan_save_alloc_info+0x3b/0x50 [ 26.464836] __kasan_kmalloc+0xb7/0xc0 [ 26.464992] __kmalloc_cache_noprof+0x189/0x420 [ 26.465176] kasan_atomics+0x95/0x310 [ 26.465361] kunit_try_run_case+0x1a5/0x480 [ 26.465540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.465768] kthread+0x337/0x6f0 [ 26.465889] ret_from_fork+0x116/0x1d0 [ 26.466019] ret_from_fork_asm+0x1a/0x30 [ 26.466154] [ 26.466219] The buggy address belongs to the object at ffff88810623b200 [ 26.466219] which belongs to the cache kmalloc-64 of size 64 [ 26.466741] The buggy address is located 0 bytes to the right of [ 26.466741] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.467276] [ 26.467378] The buggy address belongs to the physical page: [ 26.467655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.467998] flags: 0x200000000000000(node=0|zone=2) [ 26.468158] page_type: f5(slab) [ 26.468273] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.468541] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.468900] page dumped because: kasan: bad access detected [ 26.469153] [ 26.469242] Memory state around the buggy address: [ 26.469415] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.469658] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.469879] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.470185] ^ [ 26.470417] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.470758] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.471071] ================================================================== [ 26.292482] ================================================================== [ 26.293247] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 26.293609] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.293898] [ 26.294007] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.294059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.294073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.294097] Call Trace: [ 26.294116] <TASK> [ 26.294134] dump_stack_lvl+0x73/0xb0 [ 26.294164] print_report+0xd1/0x610 [ 26.294187] ? __virt_addr_valid+0x1db/0x2d0 [ 26.294212] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.294235] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.294262] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.294284] kasan_report+0x141/0x180 [ 26.294307] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.294344] kasan_check_range+0x10c/0x1c0 [ 26.294369] __kasan_check_write+0x18/0x20 [ 26.294393] kasan_atomics_helper+0xfa9/0x5450 [ 26.294418] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.294441] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.294467] ? kasan_atomics+0x152/0x310 [ 26.294493] kasan_atomics+0x1dc/0x310 [ 26.294517] ? __pfx_kasan_atomics+0x10/0x10 [ 26.294542] ? __pfx_read_tsc+0x10/0x10 [ 26.294566] ? ktime_get_ts64+0x86/0x230 [ 26.294592] kunit_try_run_case+0x1a5/0x480 [ 26.294633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.294657] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.294682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.294706] ? __kthread_parkme+0x82/0x180 [ 26.294729] ? preempt_count_sub+0x50/0x80 [ 26.294754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.294778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.294806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.294835] kthread+0x337/0x6f0 [ 26.294856] ? trace_preempt_on+0x20/0xc0 [ 26.294881] ? __pfx_kthread+0x10/0x10 [ 26.294903] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.294925] ? calculate_sigpending+0x7b/0xa0 [ 26.294950] ? __pfx_kthread+0x10/0x10 [ 26.294973] ret_from_fork+0x116/0x1d0 [ 26.294994] ? __pfx_kthread+0x10/0x10 [ 26.295016] ret_from_fork_asm+0x1a/0x30 [ 26.295048] </TASK> [ 26.295060] [ 26.302181] Allocated by task 314: [ 26.302326] kasan_save_stack+0x45/0x70 [ 26.302460] kasan_save_track+0x18/0x40 [ 26.302586] kasan_save_alloc_info+0x3b/0x50 [ 26.302805] __kasan_kmalloc+0xb7/0xc0 [ 26.302983] __kmalloc_cache_noprof+0x189/0x420 [ 26.303169] kasan_atomics+0x95/0x310 [ 26.303304] kunit_try_run_case+0x1a5/0x480 [ 26.303493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.303784] kthread+0x337/0x6f0 [ 26.303922] ret_from_fork+0x116/0x1d0 [ 26.304083] ret_from_fork_asm+0x1a/0x30 [ 26.304238] [ 26.304329] The buggy address belongs to the object at ffff88810623b200 [ 26.304329] which belongs to the cache kmalloc-64 of size 64 [ 26.304816] The buggy address is located 0 bytes to the right of [ 26.304816] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.305285] [ 26.305374] The buggy address belongs to the physical page: [ 26.305573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.305894] flags: 0x200000000000000(node=0|zone=2) [ 26.306110] page_type: f5(slab) [ 26.306245] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.306478] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.306756] page dumped because: kasan: bad access detected [ 26.306996] [ 26.307094] Memory state around the buggy address: [ 26.307299] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.307516] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.307895] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.308202] ^ [ 26.308431] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.308731] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.309027] ================================================================== [ 26.694085] ================================================================== [ 26.694451] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 26.694784] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.695146] [ 26.695340] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.695396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.695410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.695433] Call Trace: [ 26.695456] <TASK> [ 26.695474] dump_stack_lvl+0x73/0xb0 [ 26.695505] print_report+0xd1/0x610 [ 26.695529] ? __virt_addr_valid+0x1db/0x2d0 [ 26.695555] ? kasan_atomics_helper+0x18b1/0x5450 [ 26.695578] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.695604] ? kasan_atomics_helper+0x18b1/0x5450 [ 26.695627] kasan_report+0x141/0x180 [ 26.695650] ? kasan_atomics_helper+0x18b1/0x5450 [ 26.695676] kasan_check_range+0x10c/0x1c0 [ 26.695701] __kasan_check_write+0x18/0x20 [ 26.695724] kasan_atomics_helper+0x18b1/0x5450 [ 26.695748] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.695771] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.695797] ? kasan_atomics+0x152/0x310 [ 26.695823] kasan_atomics+0x1dc/0x310 [ 26.695846] ? __pfx_kasan_atomics+0x10/0x10 [ 26.695871] ? __pfx_read_tsc+0x10/0x10 [ 26.695928] ? ktime_get_ts64+0x86/0x230 [ 26.695954] kunit_try_run_case+0x1a5/0x480 [ 26.695980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.696015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.696041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.696066] ? __kthread_parkme+0x82/0x180 [ 26.696088] ? preempt_count_sub+0x50/0x80 [ 26.696113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.696139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.696167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.696195] kthread+0x337/0x6f0 [ 26.696216] ? trace_preempt_on+0x20/0xc0 [ 26.696241] ? __pfx_kthread+0x10/0x10 [ 26.696263] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.696285] ? calculate_sigpending+0x7b/0xa0 [ 26.696309] ? __pfx_kthread+0x10/0x10 [ 26.696340] ret_from_fork+0x116/0x1d0 [ 26.696361] ? __pfx_kthread+0x10/0x10 [ 26.696384] ret_from_fork_asm+0x1a/0x30 [ 26.696416] </TASK> [ 26.696428] [ 26.704596] Allocated by task 314: [ 26.704769] kasan_save_stack+0x45/0x70 [ 26.704911] kasan_save_track+0x18/0x40 [ 26.705152] kasan_save_alloc_info+0x3b/0x50 [ 26.705368] __kasan_kmalloc+0xb7/0xc0 [ 26.705553] __kmalloc_cache_noprof+0x189/0x420 [ 26.705844] kasan_atomics+0x95/0x310 [ 26.706084] kunit_try_run_case+0x1a5/0x480 [ 26.706286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.706501] kthread+0x337/0x6f0 [ 26.706737] ret_from_fork+0x116/0x1d0 [ 26.706966] ret_from_fork_asm+0x1a/0x30 [ 26.707216] [ 26.707321] The buggy address belongs to the object at ffff88810623b200 [ 26.707321] which belongs to the cache kmalloc-64 of size 64 [ 26.707853] The buggy address is located 0 bytes to the right of [ 26.707853] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.708380] [ 26.708515] The buggy address belongs to the physical page: [ 26.708821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.709060] flags: 0x200000000000000(node=0|zone=2) [ 26.709346] page_type: f5(slab) [ 26.709514] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.709904] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.710130] page dumped because: kasan: bad access detected [ 26.710356] [ 26.710472] Memory state around the buggy address: [ 26.710733] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.711126] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.711501] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.711806] ^ [ 26.711963] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.712231] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.712594] ================================================================== [ 26.055486] ================================================================== [ 26.055869] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 26.056214] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.056526] [ 26.056632] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.056685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.056699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.056722] Call Trace: [ 26.056742] <TASK> [ 26.056759] dump_stack_lvl+0x73/0xb0 [ 26.056789] print_report+0xd1/0x610 [ 26.056813] ? __virt_addr_valid+0x1db/0x2d0 [ 26.056838] ? kasan_atomics_helper+0x860/0x5450 [ 26.056861] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.056889] ? kasan_atomics_helper+0x860/0x5450 [ 26.056911] kasan_report+0x141/0x180 [ 26.056934] ? kasan_atomics_helper+0x860/0x5450 [ 26.056961] kasan_check_range+0x10c/0x1c0 [ 26.056985] __kasan_check_write+0x18/0x20 [ 26.057010] kasan_atomics_helper+0x860/0x5450 [ 26.057033] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.057055] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.057081] ? kasan_atomics+0x152/0x310 [ 26.057108] kasan_atomics+0x1dc/0x310 [ 26.057131] ? __pfx_kasan_atomics+0x10/0x10 [ 26.057157] ? __pfx_read_tsc+0x10/0x10 [ 26.057181] ? ktime_get_ts64+0x86/0x230 [ 26.057208] kunit_try_run_case+0x1a5/0x480 [ 26.057233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.057257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.057282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.057316] ? __kthread_parkme+0x82/0x180 [ 26.057338] ? preempt_count_sub+0x50/0x80 [ 26.057362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.057387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.057416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.057444] kthread+0x337/0x6f0 [ 26.057464] ? trace_preempt_on+0x20/0xc0 [ 26.057488] ? __pfx_kthread+0x10/0x10 [ 26.057509] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.057531] ? calculate_sigpending+0x7b/0xa0 [ 26.057557] ? __pfx_kthread+0x10/0x10 [ 26.057598] ret_from_fork+0x116/0x1d0 [ 26.057622] ? __pfx_kthread+0x10/0x10 [ 26.057644] ret_from_fork_asm+0x1a/0x30 [ 26.057676] </TASK> [ 26.057688] [ 26.064698] Allocated by task 314: [ 26.064878] kasan_save_stack+0x45/0x70 [ 26.065068] kasan_save_track+0x18/0x40 [ 26.065251] kasan_save_alloc_info+0x3b/0x50 [ 26.065468] __kasan_kmalloc+0xb7/0xc0 [ 26.065680] __kmalloc_cache_noprof+0x189/0x420 [ 26.065893] kasan_atomics+0x95/0x310 [ 26.066076] kunit_try_run_case+0x1a5/0x480 [ 26.066257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.066440] kthread+0x337/0x6f0 [ 26.066558] ret_from_fork+0x116/0x1d0 [ 26.066742] ret_from_fork_asm+0x1a/0x30 [ 26.066939] [ 26.067030] The buggy address belongs to the object at ffff88810623b200 [ 26.067030] which belongs to the cache kmalloc-64 of size 64 [ 26.067564] The buggy address is located 0 bytes to the right of [ 26.067564] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.068093] [ 26.068177] The buggy address belongs to the physical page: [ 26.068378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.068733] flags: 0x200000000000000(node=0|zone=2) [ 26.068947] page_type: f5(slab) [ 26.069090] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.069404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.069725] page dumped because: kasan: bad access detected [ 26.069926] [ 26.069990] Memory state around the buggy address: [ 26.070141] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.070362] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.070592] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.070829] ^ [ 26.071051] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.071382] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.071723] ================================================================== [ 26.564379] ================================================================== [ 26.564840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 26.565251] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.565692] [ 26.565803] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.565880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.565896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.565917] Call Trace: [ 26.565937] <TASK> [ 26.565955] dump_stack_lvl+0x73/0xb0 [ 26.565985] print_report+0xd1/0x610 [ 26.566008] ? __virt_addr_valid+0x1db/0x2d0 [ 26.566034] ? kasan_atomics_helper+0x151d/0x5450 [ 26.566056] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.566082] ? kasan_atomics_helper+0x151d/0x5450 [ 26.566105] kasan_report+0x141/0x180 [ 26.566128] ? kasan_atomics_helper+0x151d/0x5450 [ 26.566155] kasan_check_range+0x10c/0x1c0 [ 26.566180] __kasan_check_write+0x18/0x20 [ 26.566205] kasan_atomics_helper+0x151d/0x5450 [ 26.566229] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.566252] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.566278] ? kasan_atomics+0x152/0x310 [ 26.566305] kasan_atomics+0x1dc/0x310 [ 26.566341] ? __pfx_kasan_atomics+0x10/0x10 [ 26.566366] ? __pfx_read_tsc+0x10/0x10 [ 26.566391] ? ktime_get_ts64+0x86/0x230 [ 26.566418] kunit_try_run_case+0x1a5/0x480 [ 26.566444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.566467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.566490] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.566513] ? __kthread_parkme+0x82/0x180 [ 26.566535] ? preempt_count_sub+0x50/0x80 [ 26.566560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.566601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.566629] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.566659] kthread+0x337/0x6f0 [ 26.566680] ? trace_preempt_on+0x20/0xc0 [ 26.566707] ? __pfx_kthread+0x10/0x10 [ 26.566729] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.566752] ? calculate_sigpending+0x7b/0xa0 [ 26.566778] ? __pfx_kthread+0x10/0x10 [ 26.566800] ret_from_fork+0x116/0x1d0 [ 26.566821] ? __pfx_kthread+0x10/0x10 [ 26.566842] ret_from_fork_asm+0x1a/0x30 [ 26.566889] </TASK> [ 26.566900] [ 26.574485] Allocated by task 314: [ 26.574732] kasan_save_stack+0x45/0x70 [ 26.574981] kasan_save_track+0x18/0x40 [ 26.575187] kasan_save_alloc_info+0x3b/0x50 [ 26.575440] __kasan_kmalloc+0xb7/0xc0 [ 26.575621] __kmalloc_cache_noprof+0x189/0x420 [ 26.575869] kasan_atomics+0x95/0x310 [ 26.576060] kunit_try_run_case+0x1a5/0x480 [ 26.576249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.576436] kthread+0x337/0x6f0 [ 26.576555] ret_from_fork+0x116/0x1d0 [ 26.576700] ret_from_fork_asm+0x1a/0x30 [ 26.576839] [ 26.576934] The buggy address belongs to the object at ffff88810623b200 [ 26.576934] which belongs to the cache kmalloc-64 of size 64 [ 26.577527] The buggy address is located 0 bytes to the right of [ 26.577527] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.578030] [ 26.578128] The buggy address belongs to the physical page: [ 26.578310] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.578626] flags: 0x200000000000000(node=0|zone=2) [ 26.578857] page_type: f5(slab) [ 26.579005] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.579302] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.579648] page dumped because: kasan: bad access detected [ 26.579835] [ 26.579924] Memory state around the buggy address: [ 26.580142] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.580521] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.580877] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.581138] ^ [ 26.581376] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.581689] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.581893] ================================================================== [ 26.343495] ================================================================== [ 26.346020] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 26.347056] Read of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.347387] [ 26.347477] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.347528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.347543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.347566] Call Trace: [ 26.347587] <TASK> [ 26.347607] dump_stack_lvl+0x73/0xb0 [ 26.347639] print_report+0xd1/0x610 [ 26.347663] ? __virt_addr_valid+0x1db/0x2d0 [ 26.347688] ? kasan_atomics_helper+0x4a1c/0x5450 [ 26.347711] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.347738] ? kasan_atomics_helper+0x4a1c/0x5450 [ 26.347760] kasan_report+0x141/0x180 [ 26.347784] ? kasan_atomics_helper+0x4a1c/0x5450 [ 26.347810] __asan_report_load4_noabort+0x18/0x20 [ 26.347835] kasan_atomics_helper+0x4a1c/0x5450 [ 26.347859] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.347882] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.347907] ? kasan_atomics+0x152/0x310 [ 26.347934] kasan_atomics+0x1dc/0x310 [ 26.347957] ? __pfx_kasan_atomics+0x10/0x10 [ 26.347982] ? __pfx_read_tsc+0x10/0x10 [ 26.348008] ? ktime_get_ts64+0x86/0x230 [ 26.348035] kunit_try_run_case+0x1a5/0x480 [ 26.348060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.348085] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.348109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.348133] ? __kthread_parkme+0x82/0x180 [ 26.348155] ? preempt_count_sub+0x50/0x80 [ 26.348179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.348203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.348232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.348259] kthread+0x337/0x6f0 [ 26.348280] ? trace_preempt_on+0x20/0xc0 [ 26.348304] ? __pfx_kthread+0x10/0x10 [ 26.348336] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.348359] ? calculate_sigpending+0x7b/0xa0 [ 26.348384] ? __pfx_kthread+0x10/0x10 [ 26.348406] ret_from_fork+0x116/0x1d0 [ 26.348427] ? __pfx_kthread+0x10/0x10 [ 26.348448] ret_from_fork_asm+0x1a/0x30 [ 26.348481] </TASK> [ 26.348493] [ 26.358365] Allocated by task 314: [ 26.358505] kasan_save_stack+0x45/0x70 [ 26.358650] kasan_save_track+0x18/0x40 [ 26.359054] kasan_save_alloc_info+0x3b/0x50 [ 26.359443] __kasan_kmalloc+0xb7/0xc0 [ 26.359799] __kmalloc_cache_noprof+0x189/0x420 [ 26.360013] kasan_atomics+0x95/0x310 [ 26.360185] kunit_try_run_case+0x1a5/0x480 [ 26.360380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.360845] kthread+0x337/0x6f0 [ 26.361174] ret_from_fork+0x116/0x1d0 [ 26.361543] ret_from_fork_asm+0x1a/0x30 [ 26.361907] [ 26.361993] The buggy address belongs to the object at ffff88810623b200 [ 26.361993] which belongs to the cache kmalloc-64 of size 64 [ 26.362486] The buggy address is located 0 bytes to the right of [ 26.362486] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.363630] [ 26.363773] The buggy address belongs to the physical page: [ 26.364464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.364898] flags: 0x200000000000000(node=0|zone=2) [ 26.365129] page_type: f5(slab) [ 26.365287] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.365893] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.366456] page dumped because: kasan: bad access detected [ 26.366925] [ 26.367022] Memory state around the buggy address: [ 26.367232] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.367535] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.368341] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.368593] ^ [ 26.368759] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.369140] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.369440] ================================================================== [ 26.072241] ================================================================== [ 26.072558] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 26.072897] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.073190] [ 26.073282] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.073341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.073355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.073377] Call Trace: [ 26.073396] <TASK> [ 26.073413] dump_stack_lvl+0x73/0xb0 [ 26.073441] print_report+0xd1/0x610 [ 26.073464] ? __virt_addr_valid+0x1db/0x2d0 [ 26.073489] ? kasan_atomics_helper+0x8f9/0x5450 [ 26.073511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.073539] ? kasan_atomics_helper+0x8f9/0x5450 [ 26.073561] kasan_report+0x141/0x180 [ 26.073608] ? kasan_atomics_helper+0x8f9/0x5450 [ 26.073635] kasan_check_range+0x10c/0x1c0 [ 26.073660] __kasan_check_write+0x18/0x20 [ 26.073684] kasan_atomics_helper+0x8f9/0x5450 [ 26.073708] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.073731] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.073757] ? kasan_atomics+0x152/0x310 [ 26.073784] kasan_atomics+0x1dc/0x310 [ 26.073808] ? __pfx_kasan_atomics+0x10/0x10 [ 26.073832] ? __pfx_read_tsc+0x10/0x10 [ 26.073856] ? ktime_get_ts64+0x86/0x230 [ 26.073882] kunit_try_run_case+0x1a5/0x480 [ 26.073906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.073929] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.073953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.073977] ? __kthread_parkme+0x82/0x180 [ 26.073997] ? preempt_count_sub+0x50/0x80 [ 26.074022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.074046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.074074] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.074102] kthread+0x337/0x6f0 [ 26.074122] ? trace_preempt_on+0x20/0xc0 [ 26.074147] ? __pfx_kthread+0x10/0x10 [ 26.074168] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.074190] ? calculate_sigpending+0x7b/0xa0 [ 26.074216] ? __pfx_kthread+0x10/0x10 [ 26.074238] ret_from_fork+0x116/0x1d0 [ 26.074260] ? __pfx_kthread+0x10/0x10 [ 26.074281] ret_from_fork_asm+0x1a/0x30 [ 26.074324] </TASK> [ 26.074336] [ 26.082408] Allocated by task 314: [ 26.082569] kasan_save_stack+0x45/0x70 [ 26.082748] kasan_save_track+0x18/0x40 [ 26.082917] kasan_save_alloc_info+0x3b/0x50 [ 26.083106] __kasan_kmalloc+0xb7/0xc0 [ 26.083275] __kmalloc_cache_noprof+0x189/0x420 [ 26.083458] kasan_atomics+0x95/0x310 [ 26.083668] kunit_try_run_case+0x1a5/0x480 [ 26.083856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.084086] kthread+0x337/0x6f0 [ 26.084201] ret_from_fork+0x116/0x1d0 [ 26.084339] ret_from_fork_asm+0x1a/0x30 [ 26.084474] [ 26.084540] The buggy address belongs to the object at ffff88810623b200 [ 26.084540] which belongs to the cache kmalloc-64 of size 64 [ 26.085085] The buggy address is located 0 bytes to the right of [ 26.085085] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.085670] [ 26.085765] The buggy address belongs to the physical page: [ 26.085995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.086338] flags: 0x200000000000000(node=0|zone=2) [ 26.086532] page_type: f5(slab) [ 26.086709] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.086937] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.087157] page dumped because: kasan: bad access detected [ 26.087394] [ 26.087483] Memory state around the buggy address: [ 26.087733] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.088058] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.088386] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.088730] ^ [ 26.088923] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.089168] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.089468] ================================================================== [ 26.733815] ================================================================== [ 26.734313] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 26.734839] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.735160] [ 26.735275] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.735337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.735352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.735374] Call Trace: [ 26.735394] <TASK> [ 26.735661] dump_stack_lvl+0x73/0xb0 [ 26.735697] print_report+0xd1/0x610 [ 26.735720] ? __virt_addr_valid+0x1db/0x2d0 [ 26.735745] ? kasan_atomics_helper+0x19e3/0x5450 [ 26.735767] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.735794] ? kasan_atomics_helper+0x19e3/0x5450 [ 26.735817] kasan_report+0x141/0x180 [ 26.735840] ? kasan_atomics_helper+0x19e3/0x5450 [ 26.735866] kasan_check_range+0x10c/0x1c0 [ 26.735891] __kasan_check_write+0x18/0x20 [ 26.735915] kasan_atomics_helper+0x19e3/0x5450 [ 26.735938] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.735961] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.735987] ? kasan_atomics+0x152/0x310 [ 26.736013] kasan_atomics+0x1dc/0x310 [ 26.736036] ? __pfx_kasan_atomics+0x10/0x10 [ 26.736061] ? __pfx_read_tsc+0x10/0x10 [ 26.736084] ? ktime_get_ts64+0x86/0x230 [ 26.736110] kunit_try_run_case+0x1a5/0x480 [ 26.736136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.736159] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.736183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.736207] ? __kthread_parkme+0x82/0x180 [ 26.736228] ? preempt_count_sub+0x50/0x80 [ 26.736253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.736278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.736306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.736346] kthread+0x337/0x6f0 [ 26.736368] ? trace_preempt_on+0x20/0xc0 [ 26.736393] ? __pfx_kthread+0x10/0x10 [ 26.736414] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.736436] ? calculate_sigpending+0x7b/0xa0 [ 26.736462] ? __pfx_kthread+0x10/0x10 [ 26.736484] ret_from_fork+0x116/0x1d0 [ 26.736505] ? __pfx_kthread+0x10/0x10 [ 26.736526] ret_from_fork_asm+0x1a/0x30 [ 26.736559] </TASK> [ 26.736570] [ 26.746647] Allocated by task 314: [ 26.746833] kasan_save_stack+0x45/0x70 [ 26.747018] kasan_save_track+0x18/0x40 [ 26.747200] kasan_save_alloc_info+0x3b/0x50 [ 26.747406] __kasan_kmalloc+0xb7/0xc0 [ 26.747590] __kmalloc_cache_noprof+0x189/0x420 [ 26.748297] kasan_atomics+0x95/0x310 [ 26.748452] kunit_try_run_case+0x1a5/0x480 [ 26.748745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.749051] kthread+0x337/0x6f0 [ 26.749176] ret_from_fork+0x116/0x1d0 [ 26.749439] ret_from_fork_asm+0x1a/0x30 [ 26.749757] [ 26.749842] The buggy address belongs to the object at ffff88810623b200 [ 26.749842] which belongs to the cache kmalloc-64 of size 64 [ 26.750421] The buggy address is located 0 bytes to the right of [ 26.750421] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.751054] [ 26.751227] The buggy address belongs to the physical page: [ 26.751550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.752142] flags: 0x200000000000000(node=0|zone=2) [ 26.752454] page_type: f5(slab) [ 26.752616] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.753020] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.753336] page dumped because: kasan: bad access detected [ 26.753565] [ 26.753653] Memory state around the buggy address: [ 26.754046] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.754444] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.754834] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.755172] ^ [ 26.755408] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.755867] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.756165] ================================================================== [ 26.948405] ================================================================== [ 26.948801] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 26.949182] Read of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.949530] [ 26.949677] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.949731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.949746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.949769] Call Trace: [ 26.949792] <TASK> [ 26.949811] dump_stack_lvl+0x73/0xb0 [ 26.949842] print_report+0xd1/0x610 [ 26.949866] ? __virt_addr_valid+0x1db/0x2d0 [ 26.949891] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.949914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.949941] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.949965] kasan_report+0x141/0x180 [ 26.949990] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.950019] __asan_report_load8_noabort+0x18/0x20 [ 26.950045] kasan_atomics_helper+0x4f71/0x5450 [ 26.950069] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.950093] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.950119] ? kasan_atomics+0x152/0x310 [ 26.950146] kasan_atomics+0x1dc/0x310 [ 26.950170] ? __pfx_kasan_atomics+0x10/0x10 [ 26.950196] ? __pfx_read_tsc+0x10/0x10 [ 26.950219] ? ktime_get_ts64+0x86/0x230 [ 26.950245] kunit_try_run_case+0x1a5/0x480 [ 26.950270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.950302] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.950347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.950372] ? __kthread_parkme+0x82/0x180 [ 26.950394] ? preempt_count_sub+0x50/0x80 [ 26.950419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.950444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.950472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.950500] kthread+0x337/0x6f0 [ 26.950521] ? trace_preempt_on+0x20/0xc0 [ 26.950547] ? __pfx_kthread+0x10/0x10 [ 26.950571] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.950613] ? calculate_sigpending+0x7b/0xa0 [ 26.950641] ? __pfx_kthread+0x10/0x10 [ 26.950663] ret_from_fork+0x116/0x1d0 [ 26.950684] ? __pfx_kthread+0x10/0x10 [ 26.950707] ret_from_fork_asm+0x1a/0x30 [ 26.950740] </TASK> [ 26.950751] [ 26.957897] Allocated by task 314: [ 26.958031] kasan_save_stack+0x45/0x70 [ 26.958175] kasan_save_track+0x18/0x40 [ 26.958354] kasan_save_alloc_info+0x3b/0x50 [ 26.958560] __kasan_kmalloc+0xb7/0xc0 [ 26.958784] __kmalloc_cache_noprof+0x189/0x420 [ 26.959001] kasan_atomics+0x95/0x310 [ 26.959184] kunit_try_run_case+0x1a5/0x480 [ 26.959397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.959672] kthread+0x337/0x6f0 [ 26.959837] ret_from_fork+0x116/0x1d0 [ 26.959981] ret_from_fork_asm+0x1a/0x30 [ 26.960115] [ 26.960181] The buggy address belongs to the object at ffff88810623b200 [ 26.960181] which belongs to the cache kmalloc-64 of size 64 [ 26.960539] The buggy address is located 0 bytes to the right of [ 26.960539] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.961060] [ 26.961156] The buggy address belongs to the physical page: [ 26.961440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.961852] flags: 0x200000000000000(node=0|zone=2) [ 26.962089] page_type: f5(slab) [ 26.962286] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.962668] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.963012] page dumped because: kasan: bad access detected [ 26.963261] [ 26.963358] Memory state around the buggy address: [ 26.963610] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.963892] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.964159] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.964439] ^ [ 26.964692] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.965005] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.965257] ================================================================== [ 26.205597] ================================================================== [ 26.206195] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 26.206591] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.206907] [ 26.206991] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.207042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.207056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.207079] Call Trace: [ 26.207096] <TASK> [ 26.207115] dump_stack_lvl+0x73/0xb0 [ 26.207144] print_report+0xd1/0x610 [ 26.207168] ? __virt_addr_valid+0x1db/0x2d0 [ 26.207215] ? kasan_atomics_helper+0xd47/0x5450 [ 26.207237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.207265] ? kasan_atomics_helper+0xd47/0x5450 [ 26.207306] kasan_report+0x141/0x180 [ 26.207340] ? kasan_atomics_helper+0xd47/0x5450 [ 26.207384] kasan_check_range+0x10c/0x1c0 [ 26.207409] __kasan_check_write+0x18/0x20 [ 26.207434] kasan_atomics_helper+0xd47/0x5450 [ 26.207457] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.207479] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.207505] ? kasan_atomics+0x152/0x310 [ 26.207531] kasan_atomics+0x1dc/0x310 [ 26.207572] ? __pfx_kasan_atomics+0x10/0x10 [ 26.207597] ? __pfx_read_tsc+0x10/0x10 [ 26.207621] ? ktime_get_ts64+0x86/0x230 [ 26.207646] kunit_try_run_case+0x1a5/0x480 [ 26.207671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.207694] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.207736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.207761] ? __kthread_parkme+0x82/0x180 [ 26.207782] ? preempt_count_sub+0x50/0x80 [ 26.207808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.207832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.207860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.207906] kthread+0x337/0x6f0 [ 26.207927] ? trace_preempt_on+0x20/0xc0 [ 26.207951] ? __pfx_kthread+0x10/0x10 [ 26.207973] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.207994] ? calculate_sigpending+0x7b/0xa0 [ 26.208020] ? __pfx_kthread+0x10/0x10 [ 26.208058] ret_from_fork+0x116/0x1d0 [ 26.208079] ? __pfx_kthread+0x10/0x10 [ 26.208100] ret_from_fork_asm+0x1a/0x30 [ 26.208132] </TASK> [ 26.208144] [ 26.215768] Allocated by task 314: [ 26.215974] kasan_save_stack+0x45/0x70 [ 26.216180] kasan_save_track+0x18/0x40 [ 26.216380] kasan_save_alloc_info+0x3b/0x50 [ 26.216647] __kasan_kmalloc+0xb7/0xc0 [ 26.216823] __kmalloc_cache_noprof+0x189/0x420 [ 26.217035] kasan_atomics+0x95/0x310 [ 26.217213] kunit_try_run_case+0x1a5/0x480 [ 26.217484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.217940] kthread+0x337/0x6f0 [ 26.218300] ret_from_fork+0x116/0x1d0 [ 26.218494] ret_from_fork_asm+0x1a/0x30 [ 26.218804] [ 26.220250] The buggy address belongs to the object at ffff88810623b200 [ 26.220250] which belongs to the cache kmalloc-64 of size 64 [ 26.220880] The buggy address is located 0 bytes to the right of [ 26.220880] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.221260] [ 26.221348] The buggy address belongs to the physical page: [ 26.221593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.221944] flags: 0x200000000000000(node=0|zone=2) [ 26.222175] page_type: f5(slab) [ 26.222749] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.223225] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.223882] page dumped because: kasan: bad access detected [ 26.224244] [ 26.224483] Memory state around the buggy address: [ 26.224920] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.225371] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.225931] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.226245] ^ [ 26.226463] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.227060] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.227510] ================================================================== [ 25.750446] ================================================================== [ 25.751120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 25.751439] Read of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 25.751758] [ 25.751892] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.751948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.751962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.751986] Call Trace: [ 25.752022] <TASK> [ 25.752044] dump_stack_lvl+0x73/0xb0 [ 25.752075] print_report+0xd1/0x610 [ 25.752097] ? __virt_addr_valid+0x1db/0x2d0 [ 25.752121] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.752143] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.752168] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.752190] kasan_report+0x141/0x180 [ 25.752212] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.752237] __asan_report_load4_noabort+0x18/0x20 [ 25.752261] kasan_atomics_helper+0x4bbc/0x5450 [ 25.752314] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.752336] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.752361] ? kasan_atomics+0x152/0x310 [ 25.752388] kasan_atomics+0x1dc/0x310 [ 25.752410] ? __pfx_kasan_atomics+0x10/0x10 [ 25.752433] ? __pfx_read_tsc+0x10/0x10 [ 25.752455] ? ktime_get_ts64+0x86/0x230 [ 25.752481] kunit_try_run_case+0x1a5/0x480 [ 25.752506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.752528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.752552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.752592] ? __kthread_parkme+0x82/0x180 [ 25.752614] ? preempt_count_sub+0x50/0x80 [ 25.752656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.752680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.752706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.752734] kthread+0x337/0x6f0 [ 25.752753] ? trace_preempt_on+0x20/0xc0 [ 25.752778] ? __pfx_kthread+0x10/0x10 [ 25.752799] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.752820] ? calculate_sigpending+0x7b/0xa0 [ 25.752845] ? __pfx_kthread+0x10/0x10 [ 25.752883] ret_from_fork+0x116/0x1d0 [ 25.752902] ? __pfx_kthread+0x10/0x10 [ 25.752923] ret_from_fork_asm+0x1a/0x30 [ 25.752955] </TASK> [ 25.752967] [ 25.761052] Allocated by task 314: [ 25.761226] kasan_save_stack+0x45/0x70 [ 25.761434] kasan_save_track+0x18/0x40 [ 25.761654] kasan_save_alloc_info+0x3b/0x50 [ 25.761809] __kasan_kmalloc+0xb7/0xc0 [ 25.762009] __kmalloc_cache_noprof+0x189/0x420 [ 25.762217] kasan_atomics+0x95/0x310 [ 25.762404] kunit_try_run_case+0x1a5/0x480 [ 25.762612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.762941] kthread+0x337/0x6f0 [ 25.763112] ret_from_fork+0x116/0x1d0 [ 25.763294] ret_from_fork_asm+0x1a/0x30 [ 25.763498] [ 25.763620] The buggy address belongs to the object at ffff88810623b200 [ 25.763620] which belongs to the cache kmalloc-64 of size 64 [ 25.764033] The buggy address is located 0 bytes to the right of [ 25.764033] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 25.764627] [ 25.764750] The buggy address belongs to the physical page: [ 25.765224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 25.765520] flags: 0x200000000000000(node=0|zone=2) [ 25.765785] page_type: f5(slab) [ 25.765991] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.766261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.766633] page dumped because: kasan: bad access detected [ 25.767008] [ 25.767104] Memory state around the buggy address: [ 25.767359] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.767708] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.768082] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.768388] ^ [ 25.768595] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.768978] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.769274] ================================================================== [ 26.151465] ================================================================== [ 26.152114] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 26.152497] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.152828] [ 26.152959] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.153012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.153026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.153048] Call Trace: [ 26.153070] <TASK> [ 26.153088] dump_stack_lvl+0x73/0xb0 [ 26.153119] print_report+0xd1/0x610 [ 26.153142] ? __virt_addr_valid+0x1db/0x2d0 [ 26.153167] ? kasan_atomics_helper+0xb6a/0x5450 [ 26.153188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.153238] ? kasan_atomics_helper+0xb6a/0x5450 [ 26.153260] kasan_report+0x141/0x180 [ 26.153283] ? kasan_atomics_helper+0xb6a/0x5450 [ 26.153341] kasan_check_range+0x10c/0x1c0 [ 26.153366] __kasan_check_write+0x18/0x20 [ 26.153390] kasan_atomics_helper+0xb6a/0x5450 [ 26.153415] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.153437] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.153482] ? kasan_atomics+0x152/0x310 [ 26.153510] kasan_atomics+0x1dc/0x310 [ 26.153533] ? __pfx_kasan_atomics+0x10/0x10 [ 26.153557] ? __pfx_read_tsc+0x10/0x10 [ 26.153585] ? ktime_get_ts64+0x86/0x230 [ 26.153632] kunit_try_run_case+0x1a5/0x480 [ 26.153658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.153700] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.153725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.153750] ? __kthread_parkme+0x82/0x180 [ 26.153772] ? preempt_count_sub+0x50/0x80 [ 26.153797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.153822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.153867] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.153896] kthread+0x337/0x6f0 [ 26.153917] ? trace_preempt_on+0x20/0xc0 [ 26.153942] ? __pfx_kthread+0x10/0x10 [ 26.153964] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.153986] ? calculate_sigpending+0x7b/0xa0 [ 26.154013] ? __pfx_kthread+0x10/0x10 [ 26.154036] ret_from_fork+0x116/0x1d0 [ 26.154056] ? __pfx_kthread+0x10/0x10 [ 26.154078] ret_from_fork_asm+0x1a/0x30 [ 26.154110] </TASK> [ 26.154122] [ 26.161948] Allocated by task 314: [ 26.162203] kasan_save_stack+0x45/0x70 [ 26.162374] kasan_save_track+0x18/0x40 [ 26.162560] kasan_save_alloc_info+0x3b/0x50 [ 26.162747] __kasan_kmalloc+0xb7/0xc0 [ 26.162927] __kmalloc_cache_noprof+0x189/0x420 [ 26.163121] kasan_atomics+0x95/0x310 [ 26.163277] kunit_try_run_case+0x1a5/0x480 [ 26.163438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.163856] kthread+0x337/0x6f0 [ 26.164038] ret_from_fork+0x116/0x1d0 [ 26.164196] ret_from_fork_asm+0x1a/0x30 [ 26.164408] [ 26.164500] The buggy address belongs to the object at ffff88810623b200 [ 26.164500] which belongs to the cache kmalloc-64 of size 64 [ 26.165007] The buggy address is located 0 bytes to the right of [ 26.165007] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.165502] [ 26.165590] The buggy address belongs to the physical page: [ 26.165820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.166148] flags: 0x200000000000000(node=0|zone=2) [ 26.166361] page_type: f5(slab) [ 26.166542] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.166857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.167173] page dumped because: kasan: bad access detected [ 26.167388] [ 26.167477] Memory state around the buggy address: [ 26.167746] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.168041] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.168340] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.168691] ^ [ 26.168906] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.169206] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.169566] ================================================================== [ 26.857579] ================================================================== [ 26.857905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 26.858220] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.858601] [ 26.858707] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.858758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.858772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.858795] Call Trace: [ 26.858826] <TASK> [ 26.858843] dump_stack_lvl+0x73/0xb0 [ 26.858876] print_report+0xd1/0x610 [ 26.858911] ? __virt_addr_valid+0x1db/0x2d0 [ 26.858936] ? kasan_atomics_helper+0x1ce1/0x5450 [ 26.858959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.858986] ? kasan_atomics_helper+0x1ce1/0x5450 [ 26.859009] kasan_report+0x141/0x180 [ 26.859031] ? kasan_atomics_helper+0x1ce1/0x5450 [ 26.859059] kasan_check_range+0x10c/0x1c0 [ 26.859083] __kasan_check_write+0x18/0x20 [ 26.859107] kasan_atomics_helper+0x1ce1/0x5450 [ 26.859130] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.859162] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.859190] ? kasan_atomics+0x152/0x310 [ 26.859218] kasan_atomics+0x1dc/0x310 [ 26.859252] ? __pfx_kasan_atomics+0x10/0x10 [ 26.859277] ? __pfx_read_tsc+0x10/0x10 [ 26.859300] ? ktime_get_ts64+0x86/0x230 [ 26.859334] kunit_try_run_case+0x1a5/0x480 [ 26.859359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.859383] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.859408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.859432] ? __kthread_parkme+0x82/0x180 [ 26.859453] ? preempt_count_sub+0x50/0x80 [ 26.859477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.859501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.859528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.859556] kthread+0x337/0x6f0 [ 26.859576] ? trace_preempt_on+0x20/0xc0 [ 26.859621] ? __pfx_kthread+0x10/0x10 [ 26.859643] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.859665] ? calculate_sigpending+0x7b/0xa0 [ 26.859690] ? __pfx_kthread+0x10/0x10 [ 26.859712] ret_from_fork+0x116/0x1d0 [ 26.859733] ? __pfx_kthread+0x10/0x10 [ 26.859755] ret_from_fork_asm+0x1a/0x30 [ 26.859795] </TASK> [ 26.859807] [ 26.867236] Allocated by task 314: [ 26.867448] kasan_save_stack+0x45/0x70 [ 26.867624] kasan_save_track+0x18/0x40 [ 26.867756] kasan_save_alloc_info+0x3b/0x50 [ 26.867900] __kasan_kmalloc+0xb7/0xc0 [ 26.868115] __kmalloc_cache_noprof+0x189/0x420 [ 26.868342] kasan_atomics+0x95/0x310 [ 26.868524] kunit_try_run_case+0x1a5/0x480 [ 26.868751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.869003] kthread+0x337/0x6f0 [ 26.869167] ret_from_fork+0x116/0x1d0 [ 26.869355] ret_from_fork_asm+0x1a/0x30 [ 26.869544] [ 26.869661] The buggy address belongs to the object at ffff88810623b200 [ 26.869661] which belongs to the cache kmalloc-64 of size 64 [ 26.870159] The buggy address is located 0 bytes to the right of [ 26.870159] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.870639] [ 26.870784] The buggy address belongs to the physical page: [ 26.871041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.871283] flags: 0x200000000000000(node=0|zone=2) [ 26.871454] page_type: f5(slab) [ 26.871574] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.871972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.872306] page dumped because: kasan: bad access detected [ 26.872561] [ 26.872677] Memory state around the buggy address: [ 26.872889] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.873167] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.873390] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.873626] ^ [ 26.873851] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.874226] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.874552] ================================================================== [ 26.090027] ================================================================== [ 26.090271] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 26.090613] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.090962] [ 26.091066] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.091114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.091128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.091149] Call Trace: [ 26.091166] <TASK> [ 26.091183] dump_stack_lvl+0x73/0xb0 [ 26.091211] print_report+0xd1/0x610 [ 26.091234] ? __virt_addr_valid+0x1db/0x2d0 [ 26.091258] ? kasan_atomics_helper+0x992/0x5450 [ 26.091280] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.091318] ? kasan_atomics_helper+0x992/0x5450 [ 26.091341] kasan_report+0x141/0x180 [ 26.091364] ? kasan_atomics_helper+0x992/0x5450 [ 26.091392] kasan_check_range+0x10c/0x1c0 [ 26.091417] __kasan_check_write+0x18/0x20 [ 26.091441] kasan_atomics_helper+0x992/0x5450 [ 26.091464] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.091488] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.091513] ? kasan_atomics+0x152/0x310 [ 26.091540] kasan_atomics+0x1dc/0x310 [ 26.091564] ? __pfx_kasan_atomics+0x10/0x10 [ 26.091609] ? __pfx_read_tsc+0x10/0x10 [ 26.091635] ? ktime_get_ts64+0x86/0x230 [ 26.091662] kunit_try_run_case+0x1a5/0x480 [ 26.091687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.091711] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.091735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.091759] ? __kthread_parkme+0x82/0x180 [ 26.091781] ? preempt_count_sub+0x50/0x80 [ 26.091805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.091830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.091859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.091887] kthread+0x337/0x6f0 [ 26.091908] ? trace_preempt_on+0x20/0xc0 [ 26.091932] ? __pfx_kthread+0x10/0x10 [ 26.091954] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.091976] ? calculate_sigpending+0x7b/0xa0 [ 26.092001] ? __pfx_kthread+0x10/0x10 [ 26.092024] ret_from_fork+0x116/0x1d0 [ 26.092044] ? __pfx_kthread+0x10/0x10 [ 26.092066] ret_from_fork_asm+0x1a/0x30 [ 26.092098] </TASK> [ 26.092109] [ 26.098950] Allocated by task 314: [ 26.099114] kasan_save_stack+0x45/0x70 [ 26.099285] kasan_save_track+0x18/0x40 [ 26.099458] kasan_save_alloc_info+0x3b/0x50 [ 26.099671] __kasan_kmalloc+0xb7/0xc0 [ 26.099846] __kmalloc_cache_noprof+0x189/0x420 [ 26.100057] kasan_atomics+0x95/0x310 [ 26.100203] kunit_try_run_case+0x1a5/0x480 [ 26.100420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.100678] kthread+0x337/0x6f0 [ 26.100819] ret_from_fork+0x116/0x1d0 [ 26.100976] ret_from_fork_asm+0x1a/0x30 [ 26.101166] [ 26.101233] The buggy address belongs to the object at ffff88810623b200 [ 26.101233] which belongs to the cache kmalloc-64 of size 64 [ 26.101699] The buggy address is located 0 bytes to the right of [ 26.101699] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.102061] [ 26.102128] The buggy address belongs to the physical page: [ 26.102295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.102679] flags: 0x200000000000000(node=0|zone=2) [ 26.102905] page_type: f5(slab) [ 26.103067] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.103416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.103771] page dumped because: kasan: bad access detected [ 26.104006] [ 26.104071] Memory state around the buggy address: [ 26.104222] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.104444] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.104748] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.105069] ^ [ 26.105292] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.105657] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.105965] ================================================================== [ 26.875315] ================================================================== [ 26.875644] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 26.875964] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.876366] [ 26.876549] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.876636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.876651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.876674] Call Trace: [ 26.876695] <TASK> [ 26.876713] dump_stack_lvl+0x73/0xb0 [ 26.876744] print_report+0xd1/0x610 [ 26.876798] ? __virt_addr_valid+0x1db/0x2d0 [ 26.876834] ? kasan_atomics_helper+0x1d7a/0x5450 [ 26.876868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.876894] ? kasan_atomics_helper+0x1d7a/0x5450 [ 26.876917] kasan_report+0x141/0x180 [ 26.876940] ? kasan_atomics_helper+0x1d7a/0x5450 [ 26.876967] kasan_check_range+0x10c/0x1c0 [ 26.876992] __kasan_check_write+0x18/0x20 [ 26.877019] kasan_atomics_helper+0x1d7a/0x5450 [ 26.877042] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.877066] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.877092] ? kasan_atomics+0x152/0x310 [ 26.877119] kasan_atomics+0x1dc/0x310 [ 26.877143] ? __pfx_kasan_atomics+0x10/0x10 [ 26.877167] ? __pfx_read_tsc+0x10/0x10 [ 26.877220] ? ktime_get_ts64+0x86/0x230 [ 26.877258] kunit_try_run_case+0x1a5/0x480 [ 26.877294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.877326] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.877350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.877374] ? __kthread_parkme+0x82/0x180 [ 26.877396] ? preempt_count_sub+0x50/0x80 [ 26.877420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.877444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.877472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.877499] kthread+0x337/0x6f0 [ 26.877520] ? trace_preempt_on+0x20/0xc0 [ 26.877573] ? __pfx_kthread+0x10/0x10 [ 26.877608] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.877633] ? calculate_sigpending+0x7b/0xa0 [ 26.877659] ? __pfx_kthread+0x10/0x10 [ 26.877681] ret_from_fork+0x116/0x1d0 [ 26.877701] ? __pfx_kthread+0x10/0x10 [ 26.877723] ret_from_fork_asm+0x1a/0x30 [ 26.877754] </TASK> [ 26.877765] [ 26.885326] Allocated by task 314: [ 26.885468] kasan_save_stack+0x45/0x70 [ 26.885732] kasan_save_track+0x18/0x40 [ 26.885927] kasan_save_alloc_info+0x3b/0x50 [ 26.886135] __kasan_kmalloc+0xb7/0xc0 [ 26.886417] __kmalloc_cache_noprof+0x189/0x420 [ 26.886679] kasan_atomics+0x95/0x310 [ 26.886877] kunit_try_run_case+0x1a5/0x480 [ 26.887090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.887471] kthread+0x337/0x6f0 [ 26.887670] ret_from_fork+0x116/0x1d0 [ 26.887885] ret_from_fork_asm+0x1a/0x30 [ 26.888036] [ 26.888129] The buggy address belongs to the object at ffff88810623b200 [ 26.888129] which belongs to the cache kmalloc-64 of size 64 [ 26.888790] The buggy address is located 0 bytes to the right of [ 26.888790] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.889266] [ 26.889401] The buggy address belongs to the physical page: [ 26.889697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.890051] flags: 0x200000000000000(node=0|zone=2) [ 26.890216] page_type: f5(slab) [ 26.890391] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.890838] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.891147] page dumped because: kasan: bad access detected [ 26.891441] [ 26.891562] Memory state around the buggy address: [ 26.891822] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.892038] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.892297] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.892676] ^ [ 26.892944] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.893263] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.893600] ================================================================== [ 27.005701] ================================================================== [ 27.006425] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 27.006745] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 27.007050] [ 27.007155] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 27.007207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.007221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.007243] Call Trace: [ 27.007264] <TASK> [ 27.007282] dump_stack_lvl+0x73/0xb0 [ 27.007311] print_report+0xd1/0x610 [ 27.007348] ? __virt_addr_valid+0x1db/0x2d0 [ 27.007373] ? kasan_atomics_helper+0x20c8/0x5450 [ 27.007395] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.007422] ? kasan_atomics_helper+0x20c8/0x5450 [ 27.007445] kasan_report+0x141/0x180 [ 27.007468] ? kasan_atomics_helper+0x20c8/0x5450 [ 27.007494] kasan_check_range+0x10c/0x1c0 [ 27.007519] __kasan_check_write+0x18/0x20 [ 27.007543] kasan_atomics_helper+0x20c8/0x5450 [ 27.007567] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.007590] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.007630] ? kasan_atomics+0x152/0x310 [ 27.007657] kasan_atomics+0x1dc/0x310 [ 27.007681] ? __pfx_kasan_atomics+0x10/0x10 [ 27.007705] ? __pfx_read_tsc+0x10/0x10 [ 27.007729] ? ktime_get_ts64+0x86/0x230 [ 27.007754] kunit_try_run_case+0x1a5/0x480 [ 27.007779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.007803] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.007828] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.007852] ? __kthread_parkme+0x82/0x180 [ 27.007873] ? preempt_count_sub+0x50/0x80 [ 27.007898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.007922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.007951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.007979] kthread+0x337/0x6f0 [ 27.007999] ? trace_preempt_on+0x20/0xc0 [ 27.008023] ? __pfx_kthread+0x10/0x10 [ 27.008044] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.008066] ? calculate_sigpending+0x7b/0xa0 [ 27.008091] ? __pfx_kthread+0x10/0x10 [ 27.008113] ret_from_fork+0x116/0x1d0 [ 27.008134] ? __pfx_kthread+0x10/0x10 [ 27.008155] ret_from_fork_asm+0x1a/0x30 [ 27.008186] </TASK> [ 27.008197] [ 27.016845] Allocated by task 314: [ 27.017019] kasan_save_stack+0x45/0x70 [ 27.017182] kasan_save_track+0x18/0x40 [ 27.017314] kasan_save_alloc_info+0x3b/0x50 [ 27.017470] __kasan_kmalloc+0xb7/0xc0 [ 27.017600] __kmalloc_cache_noprof+0x189/0x420 [ 27.017819] kasan_atomics+0x95/0x310 [ 27.018166] kunit_try_run_case+0x1a5/0x480 [ 27.018377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.018550] kthread+0x337/0x6f0 [ 27.018799] ret_from_fork+0x116/0x1d0 [ 27.018987] ret_from_fork_asm+0x1a/0x30 [ 27.019141] [ 27.019207] The buggy address belongs to the object at ffff88810623b200 [ 27.019207] which belongs to the cache kmalloc-64 of size 64 [ 27.019805] The buggy address is located 0 bytes to the right of [ 27.019805] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 27.020330] [ 27.020425] The buggy address belongs to the physical page: [ 27.020670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 27.020960] flags: 0x200000000000000(node=0|zone=2) [ 27.021179] page_type: f5(slab) [ 27.021313] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.021677] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.021964] page dumped because: kasan: bad access detected [ 27.022180] [ 27.022269] Memory state around the buggy address: [ 27.022457] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.022753] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.023028] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.023270] ^ [ 27.023434] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.023812] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.024147] ================================================================== [ 26.783570] ================================================================== [ 26.784149] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 26.784464] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.785676] [ 26.785787] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.785845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.785860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.785884] Call Trace: [ 26.785906] <TASK> [ 26.785927] dump_stack_lvl+0x73/0xb0 [ 26.785963] print_report+0xd1/0x610 [ 26.785987] ? __virt_addr_valid+0x1db/0x2d0 [ 26.786012] ? kasan_atomics_helper+0x1b22/0x5450 [ 26.786034] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.786062] ? kasan_atomics_helper+0x1b22/0x5450 [ 26.786084] kasan_report+0x141/0x180 [ 26.786107] ? kasan_atomics_helper+0x1b22/0x5450 [ 26.786133] kasan_check_range+0x10c/0x1c0 [ 26.786158] __kasan_check_write+0x18/0x20 [ 26.786183] kasan_atomics_helper+0x1b22/0x5450 [ 26.786207] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.786231] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.786258] ? kasan_atomics+0x152/0x310 [ 26.786284] kasan_atomics+0x1dc/0x310 [ 26.786308] ? __pfx_kasan_atomics+0x10/0x10 [ 26.786344] ? __pfx_read_tsc+0x10/0x10 [ 26.786367] ? ktime_get_ts64+0x86/0x230 [ 26.786393] kunit_try_run_case+0x1a5/0x480 [ 26.786418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.786441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.786466] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.786491] ? __kthread_parkme+0x82/0x180 [ 26.786684] ? preempt_count_sub+0x50/0x80 [ 26.786710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.786736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.786765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.786792] kthread+0x337/0x6f0 [ 26.786813] ? trace_preempt_on+0x20/0xc0 [ 26.786839] ? __pfx_kthread+0x10/0x10 [ 26.786861] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.786883] ? calculate_sigpending+0x7b/0xa0 [ 26.786908] ? __pfx_kthread+0x10/0x10 [ 26.786931] ret_from_fork+0x116/0x1d0 [ 26.786951] ? __pfx_kthread+0x10/0x10 [ 26.786973] ret_from_fork_asm+0x1a/0x30 [ 26.787006] </TASK> [ 26.787018] [ 26.798279] Allocated by task 314: [ 26.798624] kasan_save_stack+0x45/0x70 [ 26.798833] kasan_save_track+0x18/0x40 [ 26.799092] kasan_save_alloc_info+0x3b/0x50 [ 26.799431] __kasan_kmalloc+0xb7/0xc0 [ 26.799608] __kmalloc_cache_noprof+0x189/0x420 [ 26.799933] kasan_atomics+0x95/0x310 [ 26.800079] kunit_try_run_case+0x1a5/0x480 [ 26.800285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.800530] kthread+0x337/0x6f0 [ 26.800918] ret_from_fork+0x116/0x1d0 [ 26.801184] ret_from_fork_asm+0x1a/0x30 [ 26.801530] [ 26.801646] The buggy address belongs to the object at ffff88810623b200 [ 26.801646] which belongs to the cache kmalloc-64 of size 64 [ 26.802206] The buggy address is located 0 bytes to the right of [ 26.802206] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.803104] [ 26.803193] The buggy address belongs to the physical page: [ 26.803583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.804039] flags: 0x200000000000000(node=0|zone=2) [ 26.804264] page_type: f5(slab) [ 26.804440] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.804936] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.805344] page dumped because: kasan: bad access detected [ 26.805701] [ 26.805783] Memory state around the buggy address: [ 26.806126] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.806413] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.806973] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.807334] ^ [ 26.807635] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.808022] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.808380] ================================================================== [ 26.370213] ================================================================== [ 26.370903] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 26.371555] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.371860] [ 26.371953] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.372008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.372022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.372045] Call Trace: [ 26.372070] <TASK> [ 26.372092] dump_stack_lvl+0x73/0xb0 [ 26.372123] print_report+0xd1/0x610 [ 26.372147] ? __virt_addr_valid+0x1db/0x2d0 [ 26.372172] ? kasan_atomics_helper+0x1148/0x5450 [ 26.372194] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.372222] ? kasan_atomics_helper+0x1148/0x5450 [ 26.372244] kasan_report+0x141/0x180 [ 26.372266] ? kasan_atomics_helper+0x1148/0x5450 [ 26.372293] kasan_check_range+0x10c/0x1c0 [ 26.372331] __kasan_check_write+0x18/0x20 [ 26.372355] kasan_atomics_helper+0x1148/0x5450 [ 26.372378] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.372400] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.372427] ? kasan_atomics+0x152/0x310 [ 26.372453] kasan_atomics+0x1dc/0x310 [ 26.372476] ? __pfx_kasan_atomics+0x10/0x10 [ 26.372502] ? __pfx_read_tsc+0x10/0x10 [ 26.372526] ? ktime_get_ts64+0x86/0x230 [ 26.372552] kunit_try_run_case+0x1a5/0x480 [ 26.372598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.372622] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.372647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.372671] ? __kthread_parkme+0x82/0x180 [ 26.372693] ? preempt_count_sub+0x50/0x80 [ 26.372718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.372742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.372770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.372799] kthread+0x337/0x6f0 [ 26.372819] ? trace_preempt_on+0x20/0xc0 [ 26.372844] ? __pfx_kthread+0x10/0x10 [ 26.372866] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.372888] ? calculate_sigpending+0x7b/0xa0 [ 26.372913] ? __pfx_kthread+0x10/0x10 [ 26.372936] ret_from_fork+0x116/0x1d0 [ 26.372956] ? __pfx_kthread+0x10/0x10 [ 26.372977] ret_from_fork_asm+0x1a/0x30 [ 26.373010] </TASK> [ 26.373022] [ 26.380014] Allocated by task 314: [ 26.380191] kasan_save_stack+0x45/0x70 [ 26.380370] kasan_save_track+0x18/0x40 [ 26.380551] kasan_save_alloc_info+0x3b/0x50 [ 26.380745] __kasan_kmalloc+0xb7/0xc0 [ 26.380930] __kmalloc_cache_noprof+0x189/0x420 [ 26.381116] kasan_atomics+0x95/0x310 [ 26.381279] kunit_try_run_case+0x1a5/0x480 [ 26.381468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.381727] kthread+0x337/0x6f0 [ 26.381846] ret_from_fork+0x116/0x1d0 [ 26.382025] ret_from_fork_asm+0x1a/0x30 [ 26.382215] [ 26.382306] The buggy address belongs to the object at ffff88810623b200 [ 26.382306] which belongs to the cache kmalloc-64 of size 64 [ 26.382759] The buggy address is located 0 bytes to the right of [ 26.382759] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.383258] [ 26.383365] The buggy address belongs to the physical page: [ 26.383573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.383889] flags: 0x200000000000000(node=0|zone=2) [ 26.384121] page_type: f5(slab) [ 26.384259] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.384595] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.384903] page dumped because: kasan: bad access detected [ 26.385123] [ 26.385215] Memory state around the buggy address: [ 26.385404] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.385730] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.386026] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.386289] ^ [ 26.386483] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.386720] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.386927] ================================================================== [ 27.085365] ================================================================== [ 27.085732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 27.086059] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 27.086384] [ 27.086466] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 27.086513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.086527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.086548] Call Trace: [ 27.086566] <TASK> [ 27.086582] dump_stack_lvl+0x73/0xb0 [ 27.086610] print_report+0xd1/0x610 [ 27.086644] ? __virt_addr_valid+0x1db/0x2d0 [ 27.086669] ? kasan_atomics_helper+0x224c/0x5450 [ 27.086703] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.086730] ? kasan_atomics_helper+0x224c/0x5450 [ 27.086752] kasan_report+0x141/0x180 [ 27.086786] ? kasan_atomics_helper+0x224c/0x5450 [ 27.086813] kasan_check_range+0x10c/0x1c0 [ 27.086838] __kasan_check_write+0x18/0x20 [ 27.086862] kasan_atomics_helper+0x224c/0x5450 [ 27.086885] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.086909] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.086944] ? kasan_atomics+0x152/0x310 [ 27.086971] kasan_atomics+0x1dc/0x310 [ 27.087005] ? __pfx_kasan_atomics+0x10/0x10 [ 27.087030] ? __pfx_read_tsc+0x10/0x10 [ 27.087053] ? ktime_get_ts64+0x86/0x230 [ 27.087078] kunit_try_run_case+0x1a5/0x480 [ 27.087103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.087127] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.087150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.087175] ? __kthread_parkme+0x82/0x180 [ 27.087196] ? preempt_count_sub+0x50/0x80 [ 27.087221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.087246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.087273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.087301] kthread+0x337/0x6f0 [ 27.087333] ? trace_preempt_on+0x20/0xc0 [ 27.087356] ? __pfx_kthread+0x10/0x10 [ 27.087378] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.087400] ? calculate_sigpending+0x7b/0xa0 [ 27.087437] ? __pfx_kthread+0x10/0x10 [ 27.087459] ret_from_fork+0x116/0x1d0 [ 27.087479] ? __pfx_kthread+0x10/0x10 [ 27.087510] ret_from_fork_asm+0x1a/0x30 [ 27.087543] </TASK> [ 27.087554] [ 27.094864] Allocated by task 314: [ 27.095037] kasan_save_stack+0x45/0x70 [ 27.095264] kasan_save_track+0x18/0x40 [ 27.095457] kasan_save_alloc_info+0x3b/0x50 [ 27.095603] __kasan_kmalloc+0xb7/0xc0 [ 27.095793] __kmalloc_cache_noprof+0x189/0x420 [ 27.096036] kasan_atomics+0x95/0x310 [ 27.096182] kunit_try_run_case+0x1a5/0x480 [ 27.096387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.096632] kthread+0x337/0x6f0 [ 27.096800] ret_from_fork+0x116/0x1d0 [ 27.096938] ret_from_fork_asm+0x1a/0x30 [ 27.097141] [ 27.097215] The buggy address belongs to the object at ffff88810623b200 [ 27.097215] which belongs to the cache kmalloc-64 of size 64 [ 27.097715] The buggy address is located 0 bytes to the right of [ 27.097715] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 27.098223] [ 27.098310] The buggy address belongs to the physical page: [ 27.098549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 27.098933] flags: 0x200000000000000(node=0|zone=2) [ 27.099174] page_type: f5(slab) [ 27.099347] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.099573] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.099916] page dumped because: kasan: bad access detected [ 27.100170] [ 27.100236] Memory state around the buggy address: [ 27.100397] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.100790] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.101125] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.101420] ^ [ 27.101680] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.101981] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.102283] ================================================================== [ 26.487924] ================================================================== [ 26.488281] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 26.488782] Read of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.489147] [ 26.489261] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.489324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.489338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.489361] Call Trace: [ 26.489383] <TASK> [ 26.489400] dump_stack_lvl+0x73/0xb0 [ 26.489431] print_report+0xd1/0x610 [ 26.489456] ? __virt_addr_valid+0x1db/0x2d0 [ 26.489480] ? kasan_atomics_helper+0x4eae/0x5450 [ 26.489501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.489529] ? kasan_atomics_helper+0x4eae/0x5450 [ 26.489551] kasan_report+0x141/0x180 [ 26.489574] ? kasan_atomics_helper+0x4eae/0x5450 [ 26.489629] __asan_report_load8_noabort+0x18/0x20 [ 26.489654] kasan_atomics_helper+0x4eae/0x5450 [ 26.489678] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.489701] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.489727] ? kasan_atomics+0x152/0x310 [ 26.489753] kasan_atomics+0x1dc/0x310 [ 26.489776] ? __pfx_kasan_atomics+0x10/0x10 [ 26.489801] ? __pfx_read_tsc+0x10/0x10 [ 26.489826] ? ktime_get_ts64+0x86/0x230 [ 26.489852] kunit_try_run_case+0x1a5/0x480 [ 26.489878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.489901] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.489925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.489949] ? __kthread_parkme+0x82/0x180 [ 26.489971] ? preempt_count_sub+0x50/0x80 [ 26.489996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.490021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.490048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.490076] kthread+0x337/0x6f0 [ 26.490097] ? trace_preempt_on+0x20/0xc0 [ 26.490122] ? __pfx_kthread+0x10/0x10 [ 26.490144] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.490165] ? calculate_sigpending+0x7b/0xa0 [ 26.490190] ? __pfx_kthread+0x10/0x10 [ 26.490213] ret_from_fork+0x116/0x1d0 [ 26.490233] ? __pfx_kthread+0x10/0x10 [ 26.490255] ret_from_fork_asm+0x1a/0x30 [ 26.490287] </TASK> [ 26.490299] [ 26.500455] Allocated by task 314: [ 26.501018] kasan_save_stack+0x45/0x70 [ 26.501410] kasan_save_track+0x18/0x40 [ 26.502031] kasan_save_alloc_info+0x3b/0x50 [ 26.502192] __kasan_kmalloc+0xb7/0xc0 [ 26.502332] __kmalloc_cache_noprof+0x189/0x420 [ 26.502483] kasan_atomics+0x95/0x310 [ 26.502711] kunit_try_run_case+0x1a5/0x480 [ 26.503070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.503524] kthread+0x337/0x6f0 [ 26.503809] ret_from_fork+0x116/0x1d0 [ 26.504134] ret_from_fork_asm+0x1a/0x30 [ 26.505140] [ 26.505327] The buggy address belongs to the object at ffff88810623b200 [ 26.505327] which belongs to the cache kmalloc-64 of size 64 [ 26.506758] The buggy address is located 0 bytes to the right of [ 26.506758] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.507130] [ 26.507199] The buggy address belongs to the physical page: [ 26.507863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.508717] flags: 0x200000000000000(node=0|zone=2) [ 26.509501] page_type: f5(slab) [ 26.510163] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.510707] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.511568] page dumped because: kasan: bad access detected [ 26.512030] [ 26.512134] Memory state around the buggy address: [ 26.512500] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.513058] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.513789] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.514039] ^ [ 26.514191] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.514585] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.515565] ================================================================== [ 26.038741] ================================================================== [ 26.039075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 26.039419] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.039805] [ 26.039933] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.039987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.040001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.040025] Call Trace: [ 26.040047] <TASK> [ 26.040064] dump_stack_lvl+0x73/0xb0 [ 26.040094] print_report+0xd1/0x610 [ 26.040116] ? __virt_addr_valid+0x1db/0x2d0 [ 26.040142] ? kasan_atomics_helper+0x7c7/0x5450 [ 26.040164] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.040191] ? kasan_atomics_helper+0x7c7/0x5450 [ 26.040214] kasan_report+0x141/0x180 [ 26.040236] ? kasan_atomics_helper+0x7c7/0x5450 [ 26.040262] kasan_check_range+0x10c/0x1c0 [ 26.040286] __kasan_check_write+0x18/0x20 [ 26.040322] kasan_atomics_helper+0x7c7/0x5450 [ 26.040345] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.040368] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.040394] ? kasan_atomics+0x152/0x310 [ 26.040420] kasan_atomics+0x1dc/0x310 [ 26.040444] ? __pfx_kasan_atomics+0x10/0x10 [ 26.040469] ? __pfx_read_tsc+0x10/0x10 [ 26.040493] ? ktime_get_ts64+0x86/0x230 [ 26.040518] kunit_try_run_case+0x1a5/0x480 [ 26.040543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.040565] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.040610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.040635] ? __kthread_parkme+0x82/0x180 [ 26.040657] ? preempt_count_sub+0x50/0x80 [ 26.040681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.040705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.040733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.040761] kthread+0x337/0x6f0 [ 26.040782] ? trace_preempt_on+0x20/0xc0 [ 26.040806] ? __pfx_kthread+0x10/0x10 [ 26.040827] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.040850] ? calculate_sigpending+0x7b/0xa0 [ 26.040875] ? __pfx_kthread+0x10/0x10 [ 26.040897] ret_from_fork+0x116/0x1d0 [ 26.040917] ? __pfx_kthread+0x10/0x10 [ 26.040938] ret_from_fork_asm+0x1a/0x30 [ 26.040971] </TASK> [ 26.040982] [ 26.047968] Allocated by task 314: [ 26.048144] kasan_save_stack+0x45/0x70 [ 26.048347] kasan_save_track+0x18/0x40 [ 26.048533] kasan_save_alloc_info+0x3b/0x50 [ 26.048762] __kasan_kmalloc+0xb7/0xc0 [ 26.048937] __kmalloc_cache_noprof+0x189/0x420 [ 26.049145] kasan_atomics+0x95/0x310 [ 26.049290] kunit_try_run_case+0x1a5/0x480 [ 26.049440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.049643] kthread+0x337/0x6f0 [ 26.049761] ret_from_fork+0x116/0x1d0 [ 26.049933] ret_from_fork_asm+0x1a/0x30 [ 26.050126] [ 26.050214] The buggy address belongs to the object at ffff88810623b200 [ 26.050214] which belongs to the cache kmalloc-64 of size 64 [ 26.050785] The buggy address is located 0 bytes to the right of [ 26.050785] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.051303] [ 26.051398] The buggy address belongs to the physical page: [ 26.051589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.051923] flags: 0x200000000000000(node=0|zone=2) [ 26.052084] page_type: f5(slab) [ 26.052200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.052434] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.052774] page dumped because: kasan: bad access detected [ 26.053020] [ 26.053110] Memory state around the buggy address: [ 26.053338] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.053593] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.053809] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.054016] ^ [ 26.054212] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.054540] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.054876] ================================================================== [ 26.930454] ================================================================== [ 26.931055] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 26.931655] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.931991] [ 26.932078] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.932130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.932144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.932167] Call Trace: [ 26.932188] <TASK> [ 26.932205] dump_stack_lvl+0x73/0xb0 [ 26.932235] print_report+0xd1/0x610 [ 26.932260] ? __virt_addr_valid+0x1db/0x2d0 [ 26.932285] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.932334] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.932362] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.932386] kasan_report+0x141/0x180 [ 26.932409] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.932437] kasan_check_range+0x10c/0x1c0 [ 26.932461] __kasan_check_write+0x18/0x20 [ 26.932486] kasan_atomics_helper+0x1f43/0x5450 [ 26.932510] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.932534] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.932559] ? kasan_atomics+0x152/0x310 [ 26.932604] kasan_atomics+0x1dc/0x310 [ 26.932628] ? __pfx_kasan_atomics+0x10/0x10 [ 26.932653] ? __pfx_read_tsc+0x10/0x10 [ 26.932675] ? ktime_get_ts64+0x86/0x230 [ 26.932711] kunit_try_run_case+0x1a5/0x480 [ 26.932736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.932759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.932794] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.932818] ? __kthread_parkme+0x82/0x180 [ 26.932840] ? preempt_count_sub+0x50/0x80 [ 26.932873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.932898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.932925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.932963] kthread+0x337/0x6f0 [ 26.932983] ? trace_preempt_on+0x20/0xc0 [ 26.933008] ? __pfx_kthread+0x10/0x10 [ 26.933038] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.933060] ? calculate_sigpending+0x7b/0xa0 [ 26.933085] ? __pfx_kthread+0x10/0x10 [ 26.933117] ret_from_fork+0x116/0x1d0 [ 26.933137] ? __pfx_kthread+0x10/0x10 [ 26.933160] ret_from_fork_asm+0x1a/0x30 [ 26.933200] </TASK> [ 26.933212] [ 26.940651] Allocated by task 314: [ 26.940806] kasan_save_stack+0x45/0x70 [ 26.941019] kasan_save_track+0x18/0x40 [ 26.941196] kasan_save_alloc_info+0x3b/0x50 [ 26.941386] __kasan_kmalloc+0xb7/0xc0 [ 26.941568] __kmalloc_cache_noprof+0x189/0x420 [ 26.941816] kasan_atomics+0x95/0x310 [ 26.941994] kunit_try_run_case+0x1a5/0x480 [ 26.942138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.942311] kthread+0x337/0x6f0 [ 26.942490] ret_from_fork+0x116/0x1d0 [ 26.942732] ret_from_fork_asm+0x1a/0x30 [ 26.942967] [ 26.943068] The buggy address belongs to the object at ffff88810623b200 [ 26.943068] which belongs to the cache kmalloc-64 of size 64 [ 26.943574] The buggy address is located 0 bytes to the right of [ 26.943574] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.944099] [ 26.944226] The buggy address belongs to the physical page: [ 26.944456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.944819] flags: 0x200000000000000(node=0|zone=2) [ 26.945026] page_type: f5(slab) [ 26.945204] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.945473] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.945727] page dumped because: kasan: bad access detected [ 26.945895] [ 26.945960] Memory state around the buggy address: [ 26.946194] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.946456] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.946732] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.947039] ^ [ 26.947259] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.947580] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.947913] ================================================================== [ 26.170350] ================================================================== [ 26.170732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 26.171111] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.171489] [ 26.171615] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.171698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.171713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.171736] Call Trace: [ 26.171759] <TASK> [ 26.171777] dump_stack_lvl+0x73/0xb0 [ 26.171837] print_report+0xd1/0x610 [ 26.171860] ? __virt_addr_valid+0x1db/0x2d0 [ 26.171885] ? kasan_atomics_helper+0xc70/0x5450 [ 26.171907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.171935] ? kasan_atomics_helper+0xc70/0x5450 [ 26.171985] kasan_report+0x141/0x180 [ 26.172009] ? kasan_atomics_helper+0xc70/0x5450 [ 26.172035] kasan_check_range+0x10c/0x1c0 [ 26.172060] __kasan_check_write+0x18/0x20 [ 26.172084] kasan_atomics_helper+0xc70/0x5450 [ 26.172136] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.172183] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.172209] ? kasan_atomics+0x152/0x310 [ 26.172236] kasan_atomics+0x1dc/0x310 [ 26.172259] ? __pfx_kasan_atomics+0x10/0x10 [ 26.172284] ? __pfx_read_tsc+0x10/0x10 [ 26.172319] ? ktime_get_ts64+0x86/0x230 [ 26.172377] kunit_try_run_case+0x1a5/0x480 [ 26.172427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.172449] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.172474] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.172498] ? __kthread_parkme+0x82/0x180 [ 26.172519] ? preempt_count_sub+0x50/0x80 [ 26.172544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.172590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.172638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.172665] kthread+0x337/0x6f0 [ 26.172686] ? trace_preempt_on+0x20/0xc0 [ 26.172712] ? __pfx_kthread+0x10/0x10 [ 26.172757] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.172780] ? calculate_sigpending+0x7b/0xa0 [ 26.172806] ? __pfx_kthread+0x10/0x10 [ 26.172829] ret_from_fork+0x116/0x1d0 [ 26.172849] ? __pfx_kthread+0x10/0x10 [ 26.172871] ret_from_fork_asm+0x1a/0x30 [ 26.172904] </TASK> [ 26.172916] [ 26.180130] Allocated by task 314: [ 26.180305] kasan_save_stack+0x45/0x70 [ 26.180513] kasan_save_track+0x18/0x40 [ 26.180697] kasan_save_alloc_info+0x3b/0x50 [ 26.180926] __kasan_kmalloc+0xb7/0xc0 [ 26.181124] __kmalloc_cache_noprof+0x189/0x420 [ 26.181285] kasan_atomics+0x95/0x310 [ 26.181420] kunit_try_run_case+0x1a5/0x480 [ 26.181558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.181729] kthread+0x337/0x6f0 [ 26.181842] ret_from_fork+0x116/0x1d0 [ 26.181966] ret_from_fork_asm+0x1a/0x30 [ 26.182094] [ 26.182158] The buggy address belongs to the object at ffff88810623b200 [ 26.182158] which belongs to the cache kmalloc-64 of size 64 [ 26.183085] The buggy address is located 0 bytes to the right of [ 26.183085] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.183698] [ 26.183791] The buggy address belongs to the physical page: [ 26.184042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.184396] flags: 0x200000000000000(node=0|zone=2) [ 26.184573] page_type: f5(slab) [ 26.184741] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.184983] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.185196] page dumped because: kasan: bad access detected [ 26.185367] [ 26.185430] Memory state around the buggy address: [ 26.185578] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.185897] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.186220] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.186571] ^ [ 26.186792] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.187097] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.187325] ================================================================== [ 26.228298] ================================================================== [ 26.228740] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 26.228996] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.229325] [ 26.229408] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.229459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.229474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.229497] Call Trace: [ 26.229513] <TASK> [ 26.229529] dump_stack_lvl+0x73/0xb0 [ 26.229558] print_report+0xd1/0x610 [ 26.229581] ? __virt_addr_valid+0x1db/0x2d0 [ 26.229613] ? kasan_atomics_helper+0xde0/0x5450 [ 26.229635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.229661] ? kasan_atomics_helper+0xde0/0x5450 [ 26.229684] kasan_report+0x141/0x180 [ 26.229718] ? kasan_atomics_helper+0xde0/0x5450 [ 26.229745] kasan_check_range+0x10c/0x1c0 [ 26.229770] __kasan_check_write+0x18/0x20 [ 26.229794] kasan_atomics_helper+0xde0/0x5450 [ 26.229818] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.229842] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.229867] ? kasan_atomics+0x152/0x310 [ 26.229894] kasan_atomics+0x1dc/0x310 [ 26.229918] ? __pfx_kasan_atomics+0x10/0x10 [ 26.229943] ? __pfx_read_tsc+0x10/0x10 [ 26.229967] ? ktime_get_ts64+0x86/0x230 [ 26.229994] kunit_try_run_case+0x1a5/0x480 [ 26.230019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.230043] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.230068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.230092] ? __kthread_parkme+0x82/0x180 [ 26.230114] ? preempt_count_sub+0x50/0x80 [ 26.230139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.230163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.230192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.230219] kthread+0x337/0x6f0 [ 26.230240] ? trace_preempt_on+0x20/0xc0 [ 26.230264] ? __pfx_kthread+0x10/0x10 [ 26.230286] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.230317] ? calculate_sigpending+0x7b/0xa0 [ 26.230343] ? __pfx_kthread+0x10/0x10 [ 26.230366] ret_from_fork+0x116/0x1d0 [ 26.230386] ? __pfx_kthread+0x10/0x10 [ 26.230407] ret_from_fork_asm+0x1a/0x30 [ 26.230439] </TASK> [ 26.230451] [ 26.237764] Allocated by task 314: [ 26.237914] kasan_save_stack+0x45/0x70 [ 26.238088] kasan_save_track+0x18/0x40 [ 26.238253] kasan_save_alloc_info+0x3b/0x50 [ 26.238452] __kasan_kmalloc+0xb7/0xc0 [ 26.238658] __kmalloc_cache_noprof+0x189/0x420 [ 26.238842] kasan_atomics+0x95/0x310 [ 26.239010] kunit_try_run_case+0x1a5/0x480 [ 26.239172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.239415] kthread+0x337/0x6f0 [ 26.239569] ret_from_fork+0x116/0x1d0 [ 26.239753] ret_from_fork_asm+0x1a/0x30 [ 26.239903] [ 26.239968] The buggy address belongs to the object at ffff88810623b200 [ 26.239968] which belongs to the cache kmalloc-64 of size 64 [ 26.240418] The buggy address is located 0 bytes to the right of [ 26.240418] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.241006] [ 26.241075] The buggy address belongs to the physical page: [ 26.241244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.241611] flags: 0x200000000000000(node=0|zone=2) [ 26.241859] page_type: f5(slab) [ 26.242025] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.242306] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.242585] page dumped because: kasan: bad access detected [ 26.242791] [ 26.242896] Memory state around the buggy address: [ 26.244868] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.245093] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.245306] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.245532] ^ [ 26.245696] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.245909] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.246115] ================================================================== [ 26.965962] ================================================================== [ 26.966208] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 26.966743] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.967110] [ 26.967223] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.967277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.967292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.967315] Call Trace: [ 26.967347] <TASK> [ 26.967364] dump_stack_lvl+0x73/0xb0 [ 26.967396] print_report+0xd1/0x610 [ 26.967420] ? __virt_addr_valid+0x1db/0x2d0 [ 26.967445] ? kasan_atomics_helper+0x2006/0x5450 [ 26.967468] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.967495] ? kasan_atomics_helper+0x2006/0x5450 [ 26.967518] kasan_report+0x141/0x180 [ 26.967541] ? kasan_atomics_helper+0x2006/0x5450 [ 26.967569] kasan_check_range+0x10c/0x1c0 [ 26.967614] __kasan_check_write+0x18/0x20 [ 26.967639] kasan_atomics_helper+0x2006/0x5450 [ 26.967663] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.967686] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.967713] ? kasan_atomics+0x152/0x310 [ 26.967740] kasan_atomics+0x1dc/0x310 [ 26.967763] ? __pfx_kasan_atomics+0x10/0x10 [ 26.967788] ? __pfx_read_tsc+0x10/0x10 [ 26.967811] ? ktime_get_ts64+0x86/0x230 [ 26.967837] kunit_try_run_case+0x1a5/0x480 [ 26.967862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.967886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.967911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.967934] ? __kthread_parkme+0x82/0x180 [ 26.967956] ? preempt_count_sub+0x50/0x80 [ 26.967980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.968006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.968033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.968061] kthread+0x337/0x6f0 [ 26.968083] ? trace_preempt_on+0x20/0xc0 [ 26.968107] ? __pfx_kthread+0x10/0x10 [ 26.968129] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.968151] ? calculate_sigpending+0x7b/0xa0 [ 26.968176] ? __pfx_kthread+0x10/0x10 [ 26.968198] ret_from_fork+0x116/0x1d0 [ 26.968219] ? __pfx_kthread+0x10/0x10 [ 26.968240] ret_from_fork_asm+0x1a/0x30 [ 26.968273] </TASK> [ 26.968285] [ 26.975724] Allocated by task 314: [ 26.975935] kasan_save_stack+0x45/0x70 [ 26.976156] kasan_save_track+0x18/0x40 [ 26.976356] kasan_save_alloc_info+0x3b/0x50 [ 26.976536] __kasan_kmalloc+0xb7/0xc0 [ 26.976728] __kmalloc_cache_noprof+0x189/0x420 [ 26.976884] kasan_atomics+0x95/0x310 [ 26.977063] kunit_try_run_case+0x1a5/0x480 [ 26.977297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.977602] kthread+0x337/0x6f0 [ 26.977741] ret_from_fork+0x116/0x1d0 [ 26.977936] ret_from_fork_asm+0x1a/0x30 [ 26.978114] [ 26.978214] The buggy address belongs to the object at ffff88810623b200 [ 26.978214] which belongs to the cache kmalloc-64 of size 64 [ 26.978751] The buggy address is located 0 bytes to the right of [ 26.978751] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.979264] [ 26.979357] The buggy address belongs to the physical page: [ 26.979621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.979963] flags: 0x200000000000000(node=0|zone=2) [ 26.980129] page_type: f5(slab) [ 26.980272] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.980621] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.980885] page dumped because: kasan: bad access detected [ 26.981053] [ 26.981117] Memory state around the buggy address: [ 26.981269] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.982911] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.983785] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.984539] ^ [ 26.985058] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.985282] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.985504] ================================================================== [ 25.809604] ================================================================== [ 25.810033] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 25.810393] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 25.810713] [ 25.810797] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.810850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.810864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.810887] Call Trace: [ 25.810972] <TASK> [ 25.810995] dump_stack_lvl+0x73/0xb0 [ 25.811027] print_report+0xd1/0x610 [ 25.811051] ? __virt_addr_valid+0x1db/0x2d0 [ 25.811076] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.811098] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.811126] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.811148] kasan_report+0x141/0x180 [ 25.811172] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.811199] __asan_report_store4_noabort+0x1b/0x30 [ 25.811224] kasan_atomics_helper+0x4b6e/0x5450 [ 25.811248] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.811271] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.811298] ? kasan_atomics+0x152/0x310 [ 25.811357] kasan_atomics+0x1dc/0x310 [ 25.811382] ? __pfx_kasan_atomics+0x10/0x10 [ 25.811407] ? __pfx_read_tsc+0x10/0x10 [ 25.811431] ? ktime_get_ts64+0x86/0x230 [ 25.811456] kunit_try_run_case+0x1a5/0x480 [ 25.811482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.811525] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.811551] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.811575] ? __kthread_parkme+0x82/0x180 [ 25.811597] ? preempt_count_sub+0x50/0x80 [ 25.811633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.811658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.811687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.811719] kthread+0x337/0x6f0 [ 25.811741] ? trace_preempt_on+0x20/0xc0 [ 25.811768] ? __pfx_kthread+0x10/0x10 [ 25.811791] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.811814] ? calculate_sigpending+0x7b/0xa0 [ 25.811840] ? __pfx_kthread+0x10/0x10 [ 25.811901] ret_from_fork+0x116/0x1d0 [ 25.811926] ? __pfx_kthread+0x10/0x10 [ 25.811970] ret_from_fork_asm+0x1a/0x30 [ 25.812005] </TASK> [ 25.812019] [ 25.820809] Allocated by task 314: [ 25.821050] kasan_save_stack+0x45/0x70 [ 25.821206] kasan_save_track+0x18/0x40 [ 25.821371] kasan_save_alloc_info+0x3b/0x50 [ 25.821578] __kasan_kmalloc+0xb7/0xc0 [ 25.821844] __kmalloc_cache_noprof+0x189/0x420 [ 25.822012] kasan_atomics+0x95/0x310 [ 25.822142] kunit_try_run_case+0x1a5/0x480 [ 25.822335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.822591] kthread+0x337/0x6f0 [ 25.822767] ret_from_fork+0x116/0x1d0 [ 25.823021] ret_from_fork_asm+0x1a/0x30 [ 25.823369] [ 25.823466] The buggy address belongs to the object at ffff88810623b200 [ 25.823466] which belongs to the cache kmalloc-64 of size 64 [ 25.823890] The buggy address is located 0 bytes to the right of [ 25.823890] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 25.824378] [ 25.824472] The buggy address belongs to the physical page: [ 25.824776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 25.825064] flags: 0x200000000000000(node=0|zone=2) [ 25.825229] page_type: f5(slab) [ 25.825361] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.826015] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.826350] page dumped because: kasan: bad access detected [ 25.826520] [ 25.826585] Memory state around the buggy address: [ 25.826770] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.827082] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.827498] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.827786] ^ [ 25.828168] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.828469] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.828777] ================================================================== [ 26.404133] ================================================================== [ 26.404479] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 26.404816] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.405109] [ 26.405200] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.405254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.405268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.405291] Call Trace: [ 26.405324] <TASK> [ 26.405344] dump_stack_lvl+0x73/0xb0 [ 26.405375] print_report+0xd1/0x610 [ 26.405398] ? __virt_addr_valid+0x1db/0x2d0 [ 26.405423] ? kasan_atomics_helper+0x1217/0x5450 [ 26.405445] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.405471] ? kasan_atomics_helper+0x1217/0x5450 [ 26.405494] kasan_report+0x141/0x180 [ 26.405517] ? kasan_atomics_helper+0x1217/0x5450 [ 26.405544] kasan_check_range+0x10c/0x1c0 [ 26.405567] __kasan_check_write+0x18/0x20 [ 26.405619] kasan_atomics_helper+0x1217/0x5450 [ 26.405643] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.405665] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.405691] ? kasan_atomics+0x152/0x310 [ 26.405718] kasan_atomics+0x1dc/0x310 [ 26.405741] ? __pfx_kasan_atomics+0x10/0x10 [ 26.405765] ? __pfx_read_tsc+0x10/0x10 [ 26.405791] ? ktime_get_ts64+0x86/0x230 [ 26.405817] kunit_try_run_case+0x1a5/0x480 [ 26.405844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.405866] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.405891] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.405915] ? __kthread_parkme+0x82/0x180 [ 26.405938] ? preempt_count_sub+0x50/0x80 [ 26.405962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.405987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.406015] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.406043] kthread+0x337/0x6f0 [ 26.406064] ? trace_preempt_on+0x20/0xc0 [ 26.406089] ? __pfx_kthread+0x10/0x10 [ 26.406111] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.406132] ? calculate_sigpending+0x7b/0xa0 [ 26.406157] ? __pfx_kthread+0x10/0x10 [ 26.406180] ret_from_fork+0x116/0x1d0 [ 26.406201] ? __pfx_kthread+0x10/0x10 [ 26.406222] ret_from_fork_asm+0x1a/0x30 [ 26.406254] </TASK> [ 26.406267] [ 26.413516] Allocated by task 314: [ 26.413731] kasan_save_stack+0x45/0x70 [ 26.413894] kasan_save_track+0x18/0x40 [ 26.414070] kasan_save_alloc_info+0x3b/0x50 [ 26.414266] __kasan_kmalloc+0xb7/0xc0 [ 26.414421] __kmalloc_cache_noprof+0x189/0x420 [ 26.414661] kasan_atomics+0x95/0x310 [ 26.414816] kunit_try_run_case+0x1a5/0x480 [ 26.414958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.415130] kthread+0x337/0x6f0 [ 26.415246] ret_from_fork+0x116/0x1d0 [ 26.415418] ret_from_fork_asm+0x1a/0x30 [ 26.415640] [ 26.415729] The buggy address belongs to the object at ffff88810623b200 [ 26.415729] which belongs to the cache kmalloc-64 of size 64 [ 26.416255] The buggy address is located 0 bytes to the right of [ 26.416255] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.416791] [ 26.416862] The buggy address belongs to the physical page: [ 26.417114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.417436] flags: 0x200000000000000(node=0|zone=2) [ 26.417678] page_type: f5(slab) [ 26.417827] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.418134] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.418427] page dumped because: kasan: bad access detected [ 26.418672] [ 26.418761] Memory state around the buggy address: [ 26.418952] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.419232] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.419508] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.419807] ^ [ 26.420001] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.420280] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.420557] ================================================================== [ 26.187760] ================================================================== [ 26.188297] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 26.188683] Read of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.188987] [ 26.189073] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.189124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.189137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.189159] Call Trace: [ 26.189176] <TASK> [ 26.189192] dump_stack_lvl+0x73/0xb0 [ 26.189222] print_report+0xd1/0x610 [ 26.189246] ? __virt_addr_valid+0x1db/0x2d0 [ 26.189271] ? kasan_atomics_helper+0x4a84/0x5450 [ 26.189293] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.189333] ? kasan_atomics_helper+0x4a84/0x5450 [ 26.189356] kasan_report+0x141/0x180 [ 26.189378] ? kasan_atomics_helper+0x4a84/0x5450 [ 26.189405] __asan_report_load4_noabort+0x18/0x20 [ 26.189430] kasan_atomics_helper+0x4a84/0x5450 [ 26.189453] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.189476] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.189503] ? kasan_atomics+0x152/0x310 [ 26.189530] kasan_atomics+0x1dc/0x310 [ 26.189553] ? __pfx_kasan_atomics+0x10/0x10 [ 26.189578] ? __pfx_read_tsc+0x10/0x10 [ 26.189632] ? ktime_get_ts64+0x86/0x230 [ 26.189658] kunit_try_run_case+0x1a5/0x480 [ 26.189682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.189706] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.189729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.189753] ? __kthread_parkme+0x82/0x180 [ 26.189775] ? preempt_count_sub+0x50/0x80 [ 26.189798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.189826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.189852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.189899] kthread+0x337/0x6f0 [ 26.189921] ? trace_preempt_on+0x20/0xc0 [ 26.189945] ? __pfx_kthread+0x10/0x10 [ 26.189984] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.190007] ? calculate_sigpending+0x7b/0xa0 [ 26.190032] ? __pfx_kthread+0x10/0x10 [ 26.190054] ret_from_fork+0x116/0x1d0 [ 26.190075] ? __pfx_kthread+0x10/0x10 [ 26.190097] ret_from_fork_asm+0x1a/0x30 [ 26.190146] </TASK> [ 26.190158] [ 26.197780] Allocated by task 314: [ 26.197973] kasan_save_stack+0x45/0x70 [ 26.198150] kasan_save_track+0x18/0x40 [ 26.198277] kasan_save_alloc_info+0x3b/0x50 [ 26.198487] __kasan_kmalloc+0xb7/0xc0 [ 26.198661] __kmalloc_cache_noprof+0x189/0x420 [ 26.198870] kasan_atomics+0x95/0x310 [ 26.199041] kunit_try_run_case+0x1a5/0x480 [ 26.199240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.199516] kthread+0x337/0x6f0 [ 26.199677] ret_from_fork+0x116/0x1d0 [ 26.199855] ret_from_fork_asm+0x1a/0x30 [ 26.200171] [ 26.200239] The buggy address belongs to the object at ffff88810623b200 [ 26.200239] which belongs to the cache kmalloc-64 of size 64 [ 26.200586] The buggy address is located 0 bytes to the right of [ 26.200586] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.201140] [ 26.201232] The buggy address belongs to the physical page: [ 26.201511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.201796] flags: 0x200000000000000(node=0|zone=2) [ 26.201953] page_type: f5(slab) [ 26.202066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.202285] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.202624] page dumped because: kasan: bad access detected [ 26.202977] [ 26.203098] Memory state around the buggy address: [ 26.203346] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.203705] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.204036] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.204381] ^ [ 26.204581] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.204830] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.205032] ================================================================== [ 26.611553] ================================================================== [ 26.611929] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 26.612227] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.612999] [ 26.613685] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.613762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.613777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.613801] Call Trace: [ 26.613824] <TASK> [ 26.613846] dump_stack_lvl+0x73/0xb0 [ 26.613880] print_report+0xd1/0x610 [ 26.613904] ? __virt_addr_valid+0x1db/0x2d0 [ 26.613929] ? kasan_atomics_helper+0x164f/0x5450 [ 26.613951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.613978] ? kasan_atomics_helper+0x164f/0x5450 [ 26.614001] kasan_report+0x141/0x180 [ 26.614024] ? kasan_atomics_helper+0x164f/0x5450 [ 26.614056] kasan_check_range+0x10c/0x1c0 [ 26.614080] __kasan_check_write+0x18/0x20 [ 26.614105] kasan_atomics_helper+0x164f/0x5450 [ 26.614128] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.614151] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.614177] ? kasan_atomics+0x152/0x310 [ 26.614203] kasan_atomics+0x1dc/0x310 [ 26.614227] ? __pfx_kasan_atomics+0x10/0x10 [ 26.614252] ? __pfx_read_tsc+0x10/0x10 [ 26.614275] ? ktime_get_ts64+0x86/0x230 [ 26.614301] kunit_try_run_case+0x1a5/0x480 [ 26.614336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.614360] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.614384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.614408] ? __kthread_parkme+0x82/0x180 [ 26.614430] ? preempt_count_sub+0x50/0x80 [ 26.614456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.614483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.614511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.614539] kthread+0x337/0x6f0 [ 26.614564] ? trace_preempt_on+0x20/0xc0 [ 26.614589] ? __pfx_kthread+0x10/0x10 [ 26.614631] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.614653] ? calculate_sigpending+0x7b/0xa0 [ 26.614678] ? __pfx_kthread+0x10/0x10 [ 26.614701] ret_from_fork+0x116/0x1d0 [ 26.614722] ? __pfx_kthread+0x10/0x10 [ 26.614744] ret_from_fork_asm+0x1a/0x30 [ 26.614777] </TASK> [ 26.614788] [ 26.623363] Allocated by task 314: [ 26.623568] kasan_save_stack+0x45/0x70 [ 26.623771] kasan_save_track+0x18/0x40 [ 26.623955] kasan_save_alloc_info+0x3b/0x50 [ 26.624094] __kasan_kmalloc+0xb7/0xc0 [ 26.624336] __kmalloc_cache_noprof+0x189/0x420 [ 26.624557] kasan_atomics+0x95/0x310 [ 26.624784] kunit_try_run_case+0x1a5/0x480 [ 26.625080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.625342] kthread+0x337/0x6f0 [ 26.625499] ret_from_fork+0x116/0x1d0 [ 26.625711] ret_from_fork_asm+0x1a/0x30 [ 26.625899] [ 26.626138] The buggy address belongs to the object at ffff88810623b200 [ 26.626138] which belongs to the cache kmalloc-64 of size 64 [ 26.626700] The buggy address is located 0 bytes to the right of [ 26.626700] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.627137] [ 26.627276] The buggy address belongs to the physical page: [ 26.627791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.628029] flags: 0x200000000000000(node=0|zone=2) [ 26.628247] page_type: f5(slab) [ 26.628426] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.628993] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.629392] page dumped because: kasan: bad access detected [ 26.629588] [ 26.629695] Memory state around the buggy address: [ 26.629941] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.630287] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.630757] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.631083] ^ [ 26.631244] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.631596] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.631941] ================================================================== [ 26.543947] ================================================================== [ 26.544686] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 26.545413] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.546090] [ 26.547233] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.547304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.547328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.547350] Call Trace: [ 26.547371] <TASK> [ 26.547389] dump_stack_lvl+0x73/0xb0 [ 26.547420] print_report+0xd1/0x610 [ 26.547444] ? __virt_addr_valid+0x1db/0x2d0 [ 26.547469] ? kasan_atomics_helper+0x50d4/0x5450 [ 26.547491] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.547518] ? kasan_atomics_helper+0x50d4/0x5450 [ 26.547540] kasan_report+0x141/0x180 [ 26.547563] ? kasan_atomics_helper+0x50d4/0x5450 [ 26.547609] __asan_report_store8_noabort+0x1b/0x30 [ 26.547635] kasan_atomics_helper+0x50d4/0x5450 [ 26.547658] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.547682] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.547707] ? kasan_atomics+0x152/0x310 [ 26.547734] kasan_atomics+0x1dc/0x310 [ 26.547758] ? __pfx_kasan_atomics+0x10/0x10 [ 26.547783] ? __pfx_read_tsc+0x10/0x10 [ 26.547807] ? ktime_get_ts64+0x86/0x230 [ 26.547833] kunit_try_run_case+0x1a5/0x480 [ 26.547858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.547882] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.547906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.547931] ? __kthread_parkme+0x82/0x180 [ 26.547953] ? preempt_count_sub+0x50/0x80 [ 26.547977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.548001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.548029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.548056] kthread+0x337/0x6f0 [ 26.548077] ? trace_preempt_on+0x20/0xc0 [ 26.548101] ? __pfx_kthread+0x10/0x10 [ 26.548123] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.548145] ? calculate_sigpending+0x7b/0xa0 [ 26.548170] ? __pfx_kthread+0x10/0x10 [ 26.548193] ret_from_fork+0x116/0x1d0 [ 26.548213] ? __pfx_kthread+0x10/0x10 [ 26.548234] ret_from_fork_asm+0x1a/0x30 [ 26.548267] </TASK> [ 26.548278] [ 26.556123] Allocated by task 314: [ 26.556307] kasan_save_stack+0x45/0x70 [ 26.556559] kasan_save_track+0x18/0x40 [ 26.556768] kasan_save_alloc_info+0x3b/0x50 [ 26.556952] __kasan_kmalloc+0xb7/0xc0 [ 26.557136] __kmalloc_cache_noprof+0x189/0x420 [ 26.557399] kasan_atomics+0x95/0x310 [ 26.557559] kunit_try_run_case+0x1a5/0x480 [ 26.557848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.558088] kthread+0x337/0x6f0 [ 26.558292] ret_from_fork+0x116/0x1d0 [ 26.558483] ret_from_fork_asm+0x1a/0x30 [ 26.558742] [ 26.558830] The buggy address belongs to the object at ffff88810623b200 [ 26.558830] which belongs to the cache kmalloc-64 of size 64 [ 26.559269] The buggy address is located 0 bytes to the right of [ 26.559269] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.559656] [ 26.559725] The buggy address belongs to the physical page: [ 26.559888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.560179] flags: 0x200000000000000(node=0|zone=2) [ 26.560385] page_type: f5(slab) [ 26.560550] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.560892] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.561261] page dumped because: kasan: bad access detected [ 26.561517] [ 26.561668] Memory state around the buggy address: [ 26.561919] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.562125] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.562338] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.562538] ^ [ 26.562709] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.562978] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.563326] ================================================================== [ 26.809128] ================================================================== [ 26.809386] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 26.809804] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.810260] [ 26.810895] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.810952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.810967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.810991] Call Trace: [ 26.811012] <TASK> [ 26.811030] dump_stack_lvl+0x73/0xb0 [ 26.811156] print_report+0xd1/0x610 [ 26.811186] ? __virt_addr_valid+0x1db/0x2d0 [ 26.811211] ? kasan_atomics_helper+0x1c18/0x5450 [ 26.811233] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.811260] ? kasan_atomics_helper+0x1c18/0x5450 [ 26.811283] kasan_report+0x141/0x180 [ 26.811307] ? kasan_atomics_helper+0x1c18/0x5450 [ 26.811347] kasan_check_range+0x10c/0x1c0 [ 26.811371] __kasan_check_write+0x18/0x20 [ 26.811397] kasan_atomics_helper+0x1c18/0x5450 [ 26.811420] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.811444] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.811469] ? kasan_atomics+0x152/0x310 [ 26.811496] kasan_atomics+0x1dc/0x310 [ 26.811520] ? __pfx_kasan_atomics+0x10/0x10 [ 26.811545] ? __pfx_read_tsc+0x10/0x10 [ 26.811568] ? ktime_get_ts64+0x86/0x230 [ 26.811595] kunit_try_run_case+0x1a5/0x480 [ 26.811633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.811656] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.811681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.811705] ? __kthread_parkme+0x82/0x180 [ 26.811726] ? preempt_count_sub+0x50/0x80 [ 26.811751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.811776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.811803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.811830] kthread+0x337/0x6f0 [ 26.811851] ? trace_preempt_on+0x20/0xc0 [ 26.811875] ? __pfx_kthread+0x10/0x10 [ 26.811896] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.811919] ? calculate_sigpending+0x7b/0xa0 [ 26.811944] ? __pfx_kthread+0x10/0x10 [ 26.811966] ret_from_fork+0x116/0x1d0 [ 26.811987] ? __pfx_kthread+0x10/0x10 [ 26.812008] ret_from_fork_asm+0x1a/0x30 [ 26.812041] </TASK> [ 26.812053] [ 26.821988] Allocated by task 314: [ 26.822242] kasan_save_stack+0x45/0x70 [ 26.822411] kasan_save_track+0x18/0x40 [ 26.822788] kasan_save_alloc_info+0x3b/0x50 [ 26.823081] __kasan_kmalloc+0xb7/0xc0 [ 26.823221] __kmalloc_cache_noprof+0x189/0x420 [ 26.823562] kasan_atomics+0x95/0x310 [ 26.823853] kunit_try_run_case+0x1a5/0x480 [ 26.824006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.824256] kthread+0x337/0x6f0 [ 26.824416] ret_from_fork+0x116/0x1d0 [ 26.824588] ret_from_fork_asm+0x1a/0x30 [ 26.825042] [ 26.825122] The buggy address belongs to the object at ffff88810623b200 [ 26.825122] which belongs to the cache kmalloc-64 of size 64 [ 26.825707] The buggy address is located 0 bytes to the right of [ 26.825707] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.826092] [ 26.826168] The buggy address belongs to the physical page: [ 26.826386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.827109] flags: 0x200000000000000(node=0|zone=2) [ 26.827474] page_type: f5(slab) [ 26.827619] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.828299] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.828531] page dumped because: kasan: bad access detected [ 26.829026] [ 26.829210] Memory state around the buggy address: [ 26.829698] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.830170] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.830396] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.830674] ^ [ 26.831134] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.831788] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.832399] ================================================================== [ 25.960135] ================================================================== [ 25.960809] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 25.961438] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 25.961814] [ 25.961907] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.962285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.962313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.962337] Call Trace: [ 25.962351] <TASK> [ 25.962369] dump_stack_lvl+0x73/0xb0 [ 25.962401] print_report+0xd1/0x610 [ 25.962425] ? __virt_addr_valid+0x1db/0x2d0 [ 25.962449] ? kasan_atomics_helper+0x5fe/0x5450 [ 25.962471] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.962498] ? kasan_atomics_helper+0x5fe/0x5450 [ 25.962520] kasan_report+0x141/0x180 [ 25.962543] ? kasan_atomics_helper+0x5fe/0x5450 [ 25.962592] kasan_check_range+0x10c/0x1c0 [ 25.962618] __kasan_check_write+0x18/0x20 [ 25.962642] kasan_atomics_helper+0x5fe/0x5450 [ 25.962664] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.962687] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.962713] ? kasan_atomics+0x152/0x310 [ 25.962739] kasan_atomics+0x1dc/0x310 [ 25.962764] ? __pfx_kasan_atomics+0x10/0x10 [ 25.962788] ? __pfx_read_tsc+0x10/0x10 [ 25.962814] ? ktime_get_ts64+0x86/0x230 [ 25.962840] kunit_try_run_case+0x1a5/0x480 [ 25.962865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.962889] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.962913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.962937] ? __kthread_parkme+0x82/0x180 [ 25.962959] ? preempt_count_sub+0x50/0x80 [ 25.962983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.963007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.963035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.963063] kthread+0x337/0x6f0 [ 25.963083] ? trace_preempt_on+0x20/0xc0 [ 25.963107] ? __pfx_kthread+0x10/0x10 [ 25.963128] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.963150] ? calculate_sigpending+0x7b/0xa0 [ 25.963175] ? __pfx_kthread+0x10/0x10 [ 25.963198] ret_from_fork+0x116/0x1d0 [ 25.963218] ? __pfx_kthread+0x10/0x10 [ 25.963240] ret_from_fork_asm+0x1a/0x30 [ 25.963272] </TASK> [ 25.963285] [ 25.976267] Allocated by task 314: [ 25.976633] kasan_save_stack+0x45/0x70 [ 25.976885] kasan_save_track+0x18/0x40 [ 25.977018] kasan_save_alloc_info+0x3b/0x50 [ 25.977165] __kasan_kmalloc+0xb7/0xc0 [ 25.977293] __kmalloc_cache_noprof+0x189/0x420 [ 25.977559] kasan_atomics+0x95/0x310 [ 25.978254] kunit_try_run_case+0x1a5/0x480 [ 25.978723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.978916] kthread+0x337/0x6f0 [ 25.979036] ret_from_fork+0x116/0x1d0 [ 25.979165] ret_from_fork_asm+0x1a/0x30 [ 25.979300] [ 25.979837] The buggy address belongs to the object at ffff88810623b200 [ 25.979837] which belongs to the cache kmalloc-64 of size 64 [ 25.981390] The buggy address is located 0 bytes to the right of [ 25.981390] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 25.982681] [ 25.982763] The buggy address belongs to the physical page: [ 25.982935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 25.983164] flags: 0x200000000000000(node=0|zone=2) [ 25.983658] page_type: f5(slab) [ 25.984387] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.985209] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.985581] page dumped because: kasan: bad access detected [ 25.986413] [ 25.986508] Memory state around the buggy address: [ 25.986666] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.987598] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.988014] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.988236] ^ [ 25.988446] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.989581] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.989955] ================================================================== [ 27.102780] ================================================================== [ 27.103110] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 27.103446] Read of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 27.103835] [ 27.103982] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 27.104031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.104044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.104065] Call Trace: [ 27.104082] <TASK> [ 27.104097] dump_stack_lvl+0x73/0xb0 [ 27.104138] print_report+0xd1/0x610 [ 27.104172] ? __virt_addr_valid+0x1db/0x2d0 [ 27.104197] ? kasan_atomics_helper+0x5115/0x5450 [ 27.104219] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.104258] ? kasan_atomics_helper+0x5115/0x5450 [ 27.104281] kasan_report+0x141/0x180 [ 27.104303] ? kasan_atomics_helper+0x5115/0x5450 [ 27.104341] __asan_report_load8_noabort+0x18/0x20 [ 27.104367] kasan_atomics_helper+0x5115/0x5450 [ 27.104390] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.104413] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.104438] ? kasan_atomics+0x152/0x310 [ 27.104465] kasan_atomics+0x1dc/0x310 [ 27.104489] ? __pfx_kasan_atomics+0x10/0x10 [ 27.104514] ? __pfx_read_tsc+0x10/0x10 [ 27.104537] ? ktime_get_ts64+0x86/0x230 [ 27.104563] kunit_try_run_case+0x1a5/0x480 [ 27.104597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.104631] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.104655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.104690] ? __kthread_parkme+0x82/0x180 [ 27.104711] ? preempt_count_sub+0x50/0x80 [ 27.104736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.104761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.104788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.104817] kthread+0x337/0x6f0 [ 27.104837] ? trace_preempt_on+0x20/0xc0 [ 27.104860] ? __pfx_kthread+0x10/0x10 [ 27.104883] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.104905] ? calculate_sigpending+0x7b/0xa0 [ 27.104930] ? __pfx_kthread+0x10/0x10 [ 27.104952] ret_from_fork+0x116/0x1d0 [ 27.104972] ? __pfx_kthread+0x10/0x10 [ 27.104993] ret_from_fork_asm+0x1a/0x30 [ 27.105025] </TASK> [ 27.105036] [ 27.111826] Allocated by task 314: [ 27.111953] kasan_save_stack+0x45/0x70 [ 27.112108] kasan_save_track+0x18/0x40 [ 27.112295] kasan_save_alloc_info+0x3b/0x50 [ 27.112533] __kasan_kmalloc+0xb7/0xc0 [ 27.112758] __kmalloc_cache_noprof+0x189/0x420 [ 27.112997] kasan_atomics+0x95/0x310 [ 27.113145] kunit_try_run_case+0x1a5/0x480 [ 27.113357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.113602] kthread+0x337/0x6f0 [ 27.113789] ret_from_fork+0x116/0x1d0 [ 27.113961] ret_from_fork_asm+0x1a/0x30 [ 27.114141] [ 27.114244] The buggy address belongs to the object at ffff88810623b200 [ 27.114244] which belongs to the cache kmalloc-64 of size 64 [ 27.114774] The buggy address is located 0 bytes to the right of [ 27.114774] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 27.115140] [ 27.115208] The buggy address belongs to the physical page: [ 27.115420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 27.115850] flags: 0x200000000000000(node=0|zone=2) [ 27.116089] page_type: f5(slab) [ 27.116256] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.116613] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.116887] page dumped because: kasan: bad access detected [ 27.117127] [ 27.117192] Memory state around the buggy address: [ 27.117351] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.117696] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.118029] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.118342] ^ [ 27.118528] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.118855] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.119092] ================================================================== [ 25.770228] ================================================================== [ 25.770630] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 25.771077] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 25.771316] [ 25.771424] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.771497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.771511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.771533] Call Trace: [ 25.771546] <TASK> [ 25.771560] dump_stack_lvl+0x73/0xb0 [ 25.771611] print_report+0xd1/0x610 [ 25.771634] ? __virt_addr_valid+0x1db/0x2d0 [ 25.771678] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.771699] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.771725] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.771746] kasan_report+0x141/0x180 [ 25.771768] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.771812] __asan_report_store4_noabort+0x1b/0x30 [ 25.771837] kasan_atomics_helper+0x4ba2/0x5450 [ 25.771877] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.771900] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.771926] ? kasan_atomics+0x152/0x310 [ 25.771951] kasan_atomics+0x1dc/0x310 [ 25.772032] ? __pfx_kasan_atomics+0x10/0x10 [ 25.772059] ? __pfx_read_tsc+0x10/0x10 [ 25.772084] ? ktime_get_ts64+0x86/0x230 [ 25.772109] kunit_try_run_case+0x1a5/0x480 [ 25.772133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.772155] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.772179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.772202] ? __kthread_parkme+0x82/0x180 [ 25.772222] ? preempt_count_sub+0x50/0x80 [ 25.772263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.772288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.772324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.772351] kthread+0x337/0x6f0 [ 25.772371] ? trace_preempt_on+0x20/0xc0 [ 25.772395] ? __pfx_kthread+0x10/0x10 [ 25.772415] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.772437] ? calculate_sigpending+0x7b/0xa0 [ 25.772461] ? __pfx_kthread+0x10/0x10 [ 25.772483] ret_from_fork+0x116/0x1d0 [ 25.772503] ? __pfx_kthread+0x10/0x10 [ 25.772523] ret_from_fork_asm+0x1a/0x30 [ 25.772555] </TASK> [ 25.772565] [ 25.780348] Allocated by task 314: [ 25.780533] kasan_save_stack+0x45/0x70 [ 25.780824] kasan_save_track+0x18/0x40 [ 25.780983] kasan_save_alloc_info+0x3b/0x50 [ 25.781120] __kasan_kmalloc+0xb7/0xc0 [ 25.781349] __kmalloc_cache_noprof+0x189/0x420 [ 25.781559] kasan_atomics+0x95/0x310 [ 25.781832] kunit_try_run_case+0x1a5/0x480 [ 25.782029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.782212] kthread+0x337/0x6f0 [ 25.782394] ret_from_fork+0x116/0x1d0 [ 25.782577] ret_from_fork_asm+0x1a/0x30 [ 25.782797] [ 25.783043] The buggy address belongs to the object at ffff88810623b200 [ 25.783043] which belongs to the cache kmalloc-64 of size 64 [ 25.783556] The buggy address is located 0 bytes to the right of [ 25.783556] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 25.784075] [ 25.784142] The buggy address belongs to the physical page: [ 25.784619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 25.784983] flags: 0x200000000000000(node=0|zone=2) [ 25.785141] page_type: f5(slab) [ 25.785258] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.785656] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.785984] page dumped because: kasan: bad access detected [ 25.786230] [ 25.786327] Memory state around the buggy address: [ 25.786551] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.786836] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.787190] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.787488] ^ [ 25.787742] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.787953] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.788294] ================================================================== [ 26.247103] ================================================================== [ 26.249881] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 26.250131] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.250370] [ 26.250461] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.250512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.250526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.250549] Call Trace: [ 26.250569] <TASK> [ 26.250588] dump_stack_lvl+0x73/0xb0 [ 26.250616] print_report+0xd1/0x610 [ 26.250638] ? __virt_addr_valid+0x1db/0x2d0 [ 26.250661] ? kasan_atomics_helper+0xe78/0x5450 [ 26.250683] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.250709] ? kasan_atomics_helper+0xe78/0x5450 [ 26.250731] kasan_report+0x141/0x180 [ 26.250753] ? kasan_atomics_helper+0xe78/0x5450 [ 26.250778] kasan_check_range+0x10c/0x1c0 [ 26.250802] __kasan_check_write+0x18/0x20 [ 26.250826] kasan_atomics_helper+0xe78/0x5450 [ 26.250848] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.250871] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.250896] ? kasan_atomics+0x152/0x310 [ 26.250922] kasan_atomics+0x1dc/0x310 [ 26.250944] ? __pfx_kasan_atomics+0x10/0x10 [ 26.250969] ? __pfx_read_tsc+0x10/0x10 [ 26.250994] ? ktime_get_ts64+0x86/0x230 [ 26.251021] kunit_try_run_case+0x1a5/0x480 [ 26.251045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.251069] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.251093] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.251117] ? __kthread_parkme+0x82/0x180 [ 26.251138] ? preempt_count_sub+0x50/0x80 [ 26.251162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.251186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.251213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.251240] kthread+0x337/0x6f0 [ 26.251260] ? trace_preempt_on+0x20/0xc0 [ 26.251284] ? __pfx_kthread+0x10/0x10 [ 26.251305] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.251954] ? calculate_sigpending+0x7b/0xa0 [ 26.251992] ? __pfx_kthread+0x10/0x10 [ 26.252049] ret_from_fork+0x116/0x1d0 [ 26.252072] ? __pfx_kthread+0x10/0x10 [ 26.252095] ret_from_fork_asm+0x1a/0x30 [ 26.252129] </TASK> [ 26.252140] [ 26.264532] Allocated by task 314: [ 26.264690] kasan_save_stack+0x45/0x70 [ 26.264925] kasan_save_track+0x18/0x40 [ 26.265118] kasan_save_alloc_info+0x3b/0x50 [ 26.265291] __kasan_kmalloc+0xb7/0xc0 [ 26.265444] __kmalloc_cache_noprof+0x189/0x420 [ 26.265662] kasan_atomics+0x95/0x310 [ 26.265875] kunit_try_run_case+0x1a5/0x480 [ 26.266060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.266259] kthread+0x337/0x6f0 [ 26.266427] ret_from_fork+0x116/0x1d0 [ 26.266586] ret_from_fork_asm+0x1a/0x30 [ 26.266770] [ 26.266842] The buggy address belongs to the object at ffff88810623b200 [ 26.266842] which belongs to the cache kmalloc-64 of size 64 [ 26.267231] The buggy address is located 0 bytes to the right of [ 26.267231] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.267781] [ 26.267854] The buggy address belongs to the physical page: [ 26.268020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.268515] flags: 0x200000000000000(node=0|zone=2) [ 26.268897] page_type: f5(slab) [ 26.269045] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.269336] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.270020] page dumped because: kasan: bad access detected [ 26.270460] [ 26.270537] Memory state around the buggy address: [ 26.270919] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.271402] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.271920] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.272414] ^ [ 26.272812] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.273113] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.273415] ================================================================== [ 26.325844] ================================================================== [ 26.326106] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 26.326451] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.326805] [ 26.326914] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.326962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.326976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.326998] Call Trace: [ 26.327017] <TASK> [ 26.327034] dump_stack_lvl+0x73/0xb0 [ 26.327062] print_report+0xd1/0x610 [ 26.327086] ? __virt_addr_valid+0x1db/0x2d0 [ 26.327112] ? kasan_atomics_helper+0x1079/0x5450 [ 26.327133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.327162] ? kasan_atomics_helper+0x1079/0x5450 [ 26.327186] kasan_report+0x141/0x180 [ 26.327210] ? kasan_atomics_helper+0x1079/0x5450 [ 26.327237] kasan_check_range+0x10c/0x1c0 [ 26.327261] __kasan_check_write+0x18/0x20 [ 26.327286] kasan_atomics_helper+0x1079/0x5450 [ 26.327321] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.327344] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.327370] ? kasan_atomics+0x152/0x310 [ 26.327397] kasan_atomics+0x1dc/0x310 [ 26.327420] ? __pfx_kasan_atomics+0x10/0x10 [ 26.327445] ? __pfx_read_tsc+0x10/0x10 [ 26.327469] ? ktime_get_ts64+0x86/0x230 [ 26.327496] kunit_try_run_case+0x1a5/0x480 [ 26.327520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.327544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.327568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.327613] ? __kthread_parkme+0x82/0x180 [ 26.327635] ? preempt_count_sub+0x50/0x80 [ 26.327660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.327684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.327712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.327740] kthread+0x337/0x6f0 [ 26.327760] ? trace_preempt_on+0x20/0xc0 [ 26.327784] ? __pfx_kthread+0x10/0x10 [ 26.327806] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.327828] ? calculate_sigpending+0x7b/0xa0 [ 26.327853] ? __pfx_kthread+0x10/0x10 [ 26.327875] ret_from_fork+0x116/0x1d0 [ 26.327895] ? __pfx_kthread+0x10/0x10 [ 26.327917] ret_from_fork_asm+0x1a/0x30 [ 26.327950] </TASK> [ 26.327961] [ 26.335074] Allocated by task 314: [ 26.335246] kasan_save_stack+0x45/0x70 [ 26.335447] kasan_save_track+0x18/0x40 [ 26.335647] kasan_save_alloc_info+0x3b/0x50 [ 26.335814] __kasan_kmalloc+0xb7/0xc0 [ 26.335976] __kmalloc_cache_noprof+0x189/0x420 [ 26.336172] kasan_atomics+0x95/0x310 [ 26.336341] kunit_try_run_case+0x1a5/0x480 [ 26.336509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.336786] kthread+0x337/0x6f0 [ 26.336939] ret_from_fork+0x116/0x1d0 [ 26.337103] ret_from_fork_asm+0x1a/0x30 [ 26.337272] [ 26.337348] The buggy address belongs to the object at ffff88810623b200 [ 26.337348] which belongs to the cache kmalloc-64 of size 64 [ 26.337855] The buggy address is located 0 bytes to the right of [ 26.337855] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.338344] [ 26.338437] The buggy address belongs to the physical page: [ 26.338663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.338981] flags: 0x200000000000000(node=0|zone=2) [ 26.339184] page_type: f5(slab) [ 26.339323] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.339633] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.339858] page dumped because: kasan: bad access detected [ 26.340025] [ 26.340090] Memory state around the buggy address: [ 26.340242] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.340540] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.340879] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.341183] ^ [ 26.341434] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.341776] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.342082] ================================================================== [ 26.653753] ================================================================== [ 26.654135] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 26.654514] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.654979] [ 26.655066] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.655119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.655132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.655156] Call Trace: [ 26.655177] <TASK> [ 26.655195] dump_stack_lvl+0x73/0xb0 [ 26.655369] print_report+0xd1/0x610 [ 26.655395] ? __virt_addr_valid+0x1db/0x2d0 [ 26.655419] ? kasan_atomics_helper+0x177f/0x5450 [ 26.655454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.655483] ? kasan_atomics_helper+0x177f/0x5450 [ 26.655507] kasan_report+0x141/0x180 [ 26.655533] ? kasan_atomics_helper+0x177f/0x5450 [ 26.655561] kasan_check_range+0x10c/0x1c0 [ 26.655618] __kasan_check_write+0x18/0x20 [ 26.655645] kasan_atomics_helper+0x177f/0x5450 [ 26.655668] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.655704] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.655730] ? kasan_atomics+0x152/0x310 [ 26.655758] kasan_atomics+0x1dc/0x310 [ 26.655781] ? __pfx_kasan_atomics+0x10/0x10 [ 26.655807] ? __pfx_read_tsc+0x10/0x10 [ 26.655873] ? ktime_get_ts64+0x86/0x230 [ 26.655900] kunit_try_run_case+0x1a5/0x480 [ 26.655937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.655960] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.655984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.656008] ? __kthread_parkme+0x82/0x180 [ 26.656030] ? preempt_count_sub+0x50/0x80 [ 26.656055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.656080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.656108] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.656135] kthread+0x337/0x6f0 [ 26.656157] ? trace_preempt_on+0x20/0xc0 [ 26.656182] ? __pfx_kthread+0x10/0x10 [ 26.656203] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.656225] ? calculate_sigpending+0x7b/0xa0 [ 26.656250] ? __pfx_kthread+0x10/0x10 [ 26.656272] ret_from_fork+0x116/0x1d0 [ 26.656293] ? __pfx_kthread+0x10/0x10 [ 26.656323] ret_from_fork_asm+0x1a/0x30 [ 26.656355] </TASK> [ 26.656368] [ 26.665164] Allocated by task 314: [ 26.665296] kasan_save_stack+0x45/0x70 [ 26.665489] kasan_save_track+0x18/0x40 [ 26.665788] kasan_save_alloc_info+0x3b/0x50 [ 26.666074] __kasan_kmalloc+0xb7/0xc0 [ 26.666384] __kmalloc_cache_noprof+0x189/0x420 [ 26.666541] kasan_atomics+0x95/0x310 [ 26.666714] kunit_try_run_case+0x1a5/0x480 [ 26.666961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.667127] kthread+0x337/0x6f0 [ 26.667384] ret_from_fork+0x116/0x1d0 [ 26.667765] ret_from_fork_asm+0x1a/0x30 [ 26.667938] [ 26.668006] The buggy address belongs to the object at ffff88810623b200 [ 26.668006] which belongs to the cache kmalloc-64 of size 64 [ 26.668367] The buggy address is located 0 bytes to the right of [ 26.668367] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.669025] [ 26.669166] The buggy address belongs to the physical page: [ 26.669511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.669936] flags: 0x200000000000000(node=0|zone=2) [ 26.670096] page_type: f5(slab) [ 26.670394] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.670865] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.671339] page dumped because: kasan: bad access detected [ 26.671615] [ 26.671756] Memory state around the buggy address: [ 26.672057] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.672324] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.672606] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.673087] ^ [ 26.673344] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.673662] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.674040] ================================================================== [ 26.582369] ================================================================== [ 26.582934] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 26.583423] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.583767] [ 26.583855] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.583938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.583952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.583986] Call Trace: [ 26.584007] <TASK> [ 26.584025] dump_stack_lvl+0x73/0xb0 [ 26.584084] print_report+0xd1/0x610 [ 26.584107] ? __virt_addr_valid+0x1db/0x2d0 [ 26.584144] ? kasan_atomics_helper+0x15b6/0x5450 [ 26.584166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.584193] ? kasan_atomics_helper+0x15b6/0x5450 [ 26.584215] kasan_report+0x141/0x180 [ 26.584239] ? kasan_atomics_helper+0x15b6/0x5450 [ 26.584265] kasan_check_range+0x10c/0x1c0 [ 26.584290] __kasan_check_write+0x18/0x20 [ 26.584323] kasan_atomics_helper+0x15b6/0x5450 [ 26.584347] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.584370] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.584395] ? kasan_atomics+0x152/0x310 [ 26.584423] kasan_atomics+0x1dc/0x310 [ 26.584447] ? __pfx_kasan_atomics+0x10/0x10 [ 26.584472] ? __pfx_read_tsc+0x10/0x10 [ 26.584496] ? ktime_get_ts64+0x86/0x230 [ 26.584523] kunit_try_run_case+0x1a5/0x480 [ 26.584549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.584572] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.584617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.584642] ? __kthread_parkme+0x82/0x180 [ 26.584664] ? preempt_count_sub+0x50/0x80 [ 26.584717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.584742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.584770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.584809] kthread+0x337/0x6f0 [ 26.584830] ? trace_preempt_on+0x20/0xc0 [ 26.584872] ? __pfx_kthread+0x10/0x10 [ 26.584903] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.584925] ? calculate_sigpending+0x7b/0xa0 [ 26.584979] ? __pfx_kthread+0x10/0x10 [ 26.585002] ret_from_fork+0x116/0x1d0 [ 26.585023] ? __pfx_kthread+0x10/0x10 [ 26.585045] ret_from_fork_asm+0x1a/0x30 [ 26.585078] </TASK> [ 26.585089] [ 26.598226] Allocated by task 314: [ 26.598548] kasan_save_stack+0x45/0x70 [ 26.599017] kasan_save_track+0x18/0x40 [ 26.599422] kasan_save_alloc_info+0x3b/0x50 [ 26.599843] __kasan_kmalloc+0xb7/0xc0 [ 26.600206] __kmalloc_cache_noprof+0x189/0x420 [ 26.600664] kasan_atomics+0x95/0x310 [ 26.601013] kunit_try_run_case+0x1a5/0x480 [ 26.601157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.601341] kthread+0x337/0x6f0 [ 26.601456] ret_from_fork+0x116/0x1d0 [ 26.601624] ret_from_fork_asm+0x1a/0x30 [ 26.601963] [ 26.602145] The buggy address belongs to the object at ffff88810623b200 [ 26.602145] which belongs to the cache kmalloc-64 of size 64 [ 26.603286] The buggy address is located 0 bytes to the right of [ 26.603286] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.604451] [ 26.604664] The buggy address belongs to the physical page: [ 26.605103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.605358] flags: 0x200000000000000(node=0|zone=2) [ 26.605523] page_type: f5(slab) [ 26.606412] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.607487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.607771] page dumped because: kasan: bad access detected [ 26.608327] [ 26.608552] Memory state around the buggy address: [ 26.608997] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.609225] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.609448] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.609701] ^ [ 26.609944] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.610309] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.610572] ================================================================== [ 25.789067] ================================================================== [ 25.789429] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 25.790316] Read of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 25.790662] [ 25.790783] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.790837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.790851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.790948] Call Trace: [ 25.790966] <TASK> [ 25.790983] dump_stack_lvl+0x73/0xb0 [ 25.791015] print_report+0xd1/0x610 [ 25.791039] ? __virt_addr_valid+0x1db/0x2d0 [ 25.791064] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.791087] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.791134] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.791157] kasan_report+0x141/0x180 [ 25.791181] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.791208] __asan_report_load4_noabort+0x18/0x20 [ 25.791233] kasan_atomics_helper+0x4b88/0x5450 [ 25.791258] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.791300] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.791338] ? kasan_atomics+0x152/0x310 [ 25.791366] kasan_atomics+0x1dc/0x310 [ 25.791389] ? __pfx_kasan_atomics+0x10/0x10 [ 25.791414] ? __pfx_read_tsc+0x10/0x10 [ 25.791437] ? ktime_get_ts64+0x86/0x230 [ 25.791463] kunit_try_run_case+0x1a5/0x480 [ 25.791489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.791512] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.791536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.791561] ? __kthread_parkme+0x82/0x180 [ 25.791583] ? preempt_count_sub+0x50/0x80 [ 25.791608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.791634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.791663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.791692] kthread+0x337/0x6f0 [ 25.791713] ? trace_preempt_on+0x20/0xc0 [ 25.791758] ? __pfx_kthread+0x10/0x10 [ 25.791780] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.791802] ? calculate_sigpending+0x7b/0xa0 [ 25.791828] ? __pfx_kthread+0x10/0x10 [ 25.791850] ret_from_fork+0x116/0x1d0 [ 25.791918] ? __pfx_kthread+0x10/0x10 [ 25.791941] ret_from_fork_asm+0x1a/0x30 [ 25.791974] </TASK> [ 25.791986] [ 25.800353] Allocated by task 314: [ 25.800539] kasan_save_stack+0x45/0x70 [ 25.800750] kasan_save_track+0x18/0x40 [ 25.800885] kasan_save_alloc_info+0x3b/0x50 [ 25.801076] __kasan_kmalloc+0xb7/0xc0 [ 25.801281] __kmalloc_cache_noprof+0x189/0x420 [ 25.801554] kasan_atomics+0x95/0x310 [ 25.801778] kunit_try_run_case+0x1a5/0x480 [ 25.802078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.802291] kthread+0x337/0x6f0 [ 25.802420] ret_from_fork+0x116/0x1d0 [ 25.802548] ret_from_fork_asm+0x1a/0x30 [ 25.802764] [ 25.802861] The buggy address belongs to the object at ffff88810623b200 [ 25.802861] which belongs to the cache kmalloc-64 of size 64 [ 25.803405] The buggy address is located 0 bytes to the right of [ 25.803405] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 25.804312] [ 25.804400] The buggy address belongs to the physical page: [ 25.804647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 25.804886] flags: 0x200000000000000(node=0|zone=2) [ 25.805047] page_type: f5(slab) [ 25.805210] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.805736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.806064] page dumped because: kasan: bad access detected [ 25.806232] [ 25.806298] Memory state around the buggy address: [ 25.806460] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.807249] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.807601] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.807975] ^ [ 25.808171] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.808547] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.808798] ================================================================== [ 26.471523] ================================================================== [ 26.471778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 26.472088] Read of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.472419] [ 26.472523] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.472571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.472605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.472626] Call Trace: [ 26.472644] <TASK> [ 26.472660] dump_stack_lvl+0x73/0xb0 [ 26.472689] print_report+0xd1/0x610 [ 26.472712] ? __virt_addr_valid+0x1db/0x2d0 [ 26.472737] ? kasan_atomics_helper+0x13b5/0x5450 [ 26.472759] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.472785] ? kasan_atomics_helper+0x13b5/0x5450 [ 26.472808] kasan_report+0x141/0x180 [ 26.472830] ? kasan_atomics_helper+0x13b5/0x5450 [ 26.472857] kasan_check_range+0x10c/0x1c0 [ 26.472882] __kasan_check_read+0x15/0x20 [ 26.472905] kasan_atomics_helper+0x13b5/0x5450 [ 26.472928] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.472951] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.472976] ? kasan_atomics+0x152/0x310 [ 26.473002] kasan_atomics+0x1dc/0x310 [ 26.473025] ? __pfx_kasan_atomics+0x10/0x10 [ 26.473050] ? __pfx_read_tsc+0x10/0x10 [ 26.473073] ? ktime_get_ts64+0x86/0x230 [ 26.473099] kunit_try_run_case+0x1a5/0x480 [ 26.473124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.473146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.473170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.473194] ? __kthread_parkme+0x82/0x180 [ 26.473215] ? preempt_count_sub+0x50/0x80 [ 26.473241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.473266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.473293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.473331] kthread+0x337/0x6f0 [ 26.473352] ? trace_preempt_on+0x20/0xc0 [ 26.473376] ? __pfx_kthread+0x10/0x10 [ 26.473398] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.473421] ? calculate_sigpending+0x7b/0xa0 [ 26.473445] ? __pfx_kthread+0x10/0x10 [ 26.473467] ret_from_fork+0x116/0x1d0 [ 26.473488] ? __pfx_kthread+0x10/0x10 [ 26.473510] ret_from_fork_asm+0x1a/0x30 [ 26.473542] </TASK> [ 26.473554] [ 26.480427] Allocated by task 314: [ 26.480560] kasan_save_stack+0x45/0x70 [ 26.480718] kasan_save_track+0x18/0x40 [ 26.480856] kasan_save_alloc_info+0x3b/0x50 [ 26.481062] __kasan_kmalloc+0xb7/0xc0 [ 26.481248] __kmalloc_cache_noprof+0x189/0x420 [ 26.481474] kasan_atomics+0x95/0x310 [ 26.481690] kunit_try_run_case+0x1a5/0x480 [ 26.481899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.482157] kthread+0x337/0x6f0 [ 26.482331] ret_from_fork+0x116/0x1d0 [ 26.482517] ret_from_fork_asm+0x1a/0x30 [ 26.482742] [ 26.482835] The buggy address belongs to the object at ffff88810623b200 [ 26.482835] which belongs to the cache kmalloc-64 of size 64 [ 26.483310] The buggy address is located 0 bytes to the right of [ 26.483310] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.483703] [ 26.483773] The buggy address belongs to the physical page: [ 26.483986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.484350] flags: 0x200000000000000(node=0|zone=2) [ 26.484606] page_type: f5(slab) [ 26.484775] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.485113] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.485453] page dumped because: kasan: bad access detected [ 26.485728] [ 26.485805] Memory state around the buggy address: [ 26.486000] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.486211] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.486431] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.486663] ^ [ 26.486816] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.487025] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.487234] ================================================================== [ 26.438108] ================================================================== [ 26.438459] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 26.438802] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.439110] [ 26.439219] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.439269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.439282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.439303] Call Trace: [ 26.439329] <TASK> [ 26.439345] dump_stack_lvl+0x73/0xb0 [ 26.439375] print_report+0xd1/0x610 [ 26.439398] ? __virt_addr_valid+0x1db/0x2d0 [ 26.439422] ? kasan_atomics_helper+0x12e6/0x5450 [ 26.439444] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.439472] ? kasan_atomics_helper+0x12e6/0x5450 [ 26.439495] kasan_report+0x141/0x180 [ 26.439517] ? kasan_atomics_helper+0x12e6/0x5450 [ 26.439544] kasan_check_range+0x10c/0x1c0 [ 26.439569] __kasan_check_write+0x18/0x20 [ 26.439613] kasan_atomics_helper+0x12e6/0x5450 [ 26.439637] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.439660] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.439687] ? kasan_atomics+0x152/0x310 [ 26.439714] kasan_atomics+0x1dc/0x310 [ 26.439737] ? __pfx_kasan_atomics+0x10/0x10 [ 26.439762] ? __pfx_read_tsc+0x10/0x10 [ 26.439785] ? ktime_get_ts64+0x86/0x230 [ 26.439811] kunit_try_run_case+0x1a5/0x480 [ 26.439835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.439859] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.439882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.439906] ? __kthread_parkme+0x82/0x180 [ 26.439928] ? preempt_count_sub+0x50/0x80 [ 26.439954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.439978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.440006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.440034] kthread+0x337/0x6f0 [ 26.440055] ? trace_preempt_on+0x20/0xc0 [ 26.440080] ? __pfx_kthread+0x10/0x10 [ 26.440101] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.440123] ? calculate_sigpending+0x7b/0xa0 [ 26.440148] ? __pfx_kthread+0x10/0x10 [ 26.440170] ret_from_fork+0x116/0x1d0 [ 26.440191] ? __pfx_kthread+0x10/0x10 [ 26.440213] ret_from_fork_asm+0x1a/0x30 [ 26.440244] </TASK> [ 26.440255] [ 26.447168] Allocated by task 314: [ 26.447360] kasan_save_stack+0x45/0x70 [ 26.447525] kasan_save_track+0x18/0x40 [ 26.447731] kasan_save_alloc_info+0x3b/0x50 [ 26.447878] __kasan_kmalloc+0xb7/0xc0 [ 26.448006] __kmalloc_cache_noprof+0x189/0x420 [ 26.448157] kasan_atomics+0x95/0x310 [ 26.448303] kunit_try_run_case+0x1a5/0x480 [ 26.448519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.448781] kthread+0x337/0x6f0 [ 26.448957] ret_from_fork+0x116/0x1d0 [ 26.449145] ret_from_fork_asm+0x1a/0x30 [ 26.449347] [ 26.449443] The buggy address belongs to the object at ffff88810623b200 [ 26.449443] which belongs to the cache kmalloc-64 of size 64 [ 26.449955] The buggy address is located 0 bytes to the right of [ 26.449955] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.450427] [ 26.450503] The buggy address belongs to the physical page: [ 26.450776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.451073] flags: 0x200000000000000(node=0|zone=2) [ 26.451289] page_type: f5(slab) [ 26.451442] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.451754] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.452065] page dumped because: kasan: bad access detected [ 26.452268] [ 26.452367] Memory state around the buggy address: [ 26.452563] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.452863] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.453074] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.453283] ^ [ 26.453514] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.453858] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.454167] ================================================================== [ 26.632767] ================================================================== [ 26.633271] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 26.633569] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.633913] [ 26.634086] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.634218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.634234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.634257] Call Trace: [ 26.634278] <TASK> [ 26.634297] dump_stack_lvl+0x73/0xb0 [ 26.634338] print_report+0xd1/0x610 [ 26.634362] ? __virt_addr_valid+0x1db/0x2d0 [ 26.634388] ? kasan_atomics_helper+0x16e7/0x5450 [ 26.634409] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.634476] ? kasan_atomics_helper+0x16e7/0x5450 [ 26.634499] kasan_report+0x141/0x180 [ 26.634533] ? kasan_atomics_helper+0x16e7/0x5450 [ 26.634603] kasan_check_range+0x10c/0x1c0 [ 26.634629] __kasan_check_write+0x18/0x20 [ 26.634664] kasan_atomics_helper+0x16e7/0x5450 [ 26.634687] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.634710] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.634737] ? kasan_atomics+0x152/0x310 [ 26.634763] kasan_atomics+0x1dc/0x310 [ 26.634787] ? __pfx_kasan_atomics+0x10/0x10 [ 26.634812] ? __pfx_read_tsc+0x10/0x10 [ 26.634835] ? ktime_get_ts64+0x86/0x230 [ 26.634861] kunit_try_run_case+0x1a5/0x480 [ 26.634886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.634909] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.634934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.634958] ? __kthread_parkme+0x82/0x180 [ 26.634979] ? preempt_count_sub+0x50/0x80 [ 26.635004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.635028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.635056] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.635084] kthread+0x337/0x6f0 [ 26.635104] ? trace_preempt_on+0x20/0xc0 [ 26.635129] ? __pfx_kthread+0x10/0x10 [ 26.635151] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.635173] ? calculate_sigpending+0x7b/0xa0 [ 26.635198] ? __pfx_kthread+0x10/0x10 [ 26.635221] ret_from_fork+0x116/0x1d0 [ 26.635242] ? __pfx_kthread+0x10/0x10 [ 26.635263] ret_from_fork_asm+0x1a/0x30 [ 26.635296] </TASK> [ 26.635308] [ 26.644270] Allocated by task 314: [ 26.644445] kasan_save_stack+0x45/0x70 [ 26.644640] kasan_save_track+0x18/0x40 [ 26.644881] kasan_save_alloc_info+0x3b/0x50 [ 26.645133] __kasan_kmalloc+0xb7/0xc0 [ 26.645262] __kmalloc_cache_noprof+0x189/0x420 [ 26.645567] kasan_atomics+0x95/0x310 [ 26.645854] kunit_try_run_case+0x1a5/0x480 [ 26.646066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.646342] kthread+0x337/0x6f0 [ 26.646459] ret_from_fork+0x116/0x1d0 [ 26.646584] ret_from_fork_asm+0x1a/0x30 [ 26.646781] [ 26.646953] The buggy address belongs to the object at ffff88810623b200 [ 26.646953] which belongs to the cache kmalloc-64 of size 64 [ 26.647831] The buggy address is located 0 bytes to the right of [ 26.647831] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.648349] [ 26.648420] The buggy address belongs to the physical page: [ 26.648670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.649204] flags: 0x200000000000000(node=0|zone=2) [ 26.649447] page_type: f5(slab) [ 26.649614] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.650065] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.650347] page dumped because: kasan: bad access detected [ 26.650687] [ 26.650856] Memory state around the buggy address: [ 26.651029] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.651342] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.651886] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.652135] ^ [ 26.652367] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.652805] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.653049] ================================================================== [ 26.516411] ================================================================== [ 26.517428] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 26.518362] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.518799] [ 26.518981] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.519037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.519051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.519382] Call Trace: [ 26.519409] <TASK> [ 26.519432] dump_stack_lvl+0x73/0xb0 [ 26.519468] print_report+0xd1/0x610 [ 26.519493] ? __virt_addr_valid+0x1db/0x2d0 [ 26.519518] ? kasan_atomics_helper+0x1467/0x5450 [ 26.519540] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.519568] ? kasan_atomics_helper+0x1467/0x5450 [ 26.519592] kasan_report+0x141/0x180 [ 26.519629] ? kasan_atomics_helper+0x1467/0x5450 [ 26.519656] kasan_check_range+0x10c/0x1c0 [ 26.519680] __kasan_check_write+0x18/0x20 [ 26.519705] kasan_atomics_helper+0x1467/0x5450 [ 26.519730] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.519753] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.519780] ? kasan_atomics+0x152/0x310 [ 26.519807] kasan_atomics+0x1dc/0x310 [ 26.519830] ? __pfx_kasan_atomics+0x10/0x10 [ 26.519854] ? __pfx_read_tsc+0x10/0x10 [ 26.519881] ? ktime_get_ts64+0x86/0x230 [ 26.519908] kunit_try_run_case+0x1a5/0x480 [ 26.519934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.519958] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.519983] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.520007] ? __kthread_parkme+0x82/0x180 [ 26.520029] ? preempt_count_sub+0x50/0x80 [ 26.520053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.520079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.520106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.520135] kthread+0x337/0x6f0 [ 26.520155] ? trace_preempt_on+0x20/0xc0 [ 26.520180] ? __pfx_kthread+0x10/0x10 [ 26.520201] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.520224] ? calculate_sigpending+0x7b/0xa0 [ 26.520249] ? __pfx_kthread+0x10/0x10 [ 26.520272] ret_from_fork+0x116/0x1d0 [ 26.520293] ? __pfx_kthread+0x10/0x10 [ 26.520335] ret_from_fork_asm+0x1a/0x30 [ 26.520369] </TASK> [ 26.520381] [ 26.532142] Allocated by task 314: [ 26.532287] kasan_save_stack+0x45/0x70 [ 26.532793] kasan_save_track+0x18/0x40 [ 26.533040] kasan_save_alloc_info+0x3b/0x50 [ 26.533255] __kasan_kmalloc+0xb7/0xc0 [ 26.533403] __kmalloc_cache_noprof+0x189/0x420 [ 26.533551] kasan_atomics+0x95/0x310 [ 26.534004] kunit_try_run_case+0x1a5/0x480 [ 26.534413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.534717] kthread+0x337/0x6f0 [ 26.534843] ret_from_fork+0x116/0x1d0 [ 26.534975] ret_from_fork_asm+0x1a/0x30 [ 26.535111] [ 26.535180] The buggy address belongs to the object at ffff88810623b200 [ 26.535180] which belongs to the cache kmalloc-64 of size 64 [ 26.536122] The buggy address is located 0 bytes to the right of [ 26.536122] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.537265] [ 26.537432] The buggy address belongs to the physical page: [ 26.537964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.538702] flags: 0x200000000000000(node=0|zone=2) [ 26.539043] page_type: f5(slab) [ 26.539165] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.539401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.539790] page dumped because: kasan: bad access detected [ 26.540343] [ 26.540522] Memory state around the buggy address: [ 26.540988] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.541662] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.542280] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.542753] ^ [ 26.542910] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.543119] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.543334] ================================================================== [ 25.850104] ================================================================== [ 25.851015] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 25.851262] Read of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 25.851498] [ 25.851586] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.851636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.851651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.851674] Call Trace: [ 25.851695] <TASK> [ 25.851712] dump_stack_lvl+0x73/0xb0 [ 25.851742] print_report+0xd1/0x610 [ 25.851766] ? __virt_addr_valid+0x1db/0x2d0 [ 25.851792] ? kasan_atomics_helper+0x4b54/0x5450 [ 25.851814] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.851841] ? kasan_atomics_helper+0x4b54/0x5450 [ 25.851864] kasan_report+0x141/0x180 [ 25.852099] ? kasan_atomics_helper+0x4b54/0x5450 [ 25.852127] __asan_report_load4_noabort+0x18/0x20 [ 25.852154] kasan_atomics_helper+0x4b54/0x5450 [ 25.852177] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.852201] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.852227] ? kasan_atomics+0x152/0x310 [ 25.852254] kasan_atomics+0x1dc/0x310 [ 25.852278] ? __pfx_kasan_atomics+0x10/0x10 [ 25.852315] ? __pfx_read_tsc+0x10/0x10 [ 25.852339] ? ktime_get_ts64+0x86/0x230 [ 25.852365] kunit_try_run_case+0x1a5/0x480 [ 25.852391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.852414] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.852440] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.852464] ? __kthread_parkme+0x82/0x180 [ 25.852486] ? preempt_count_sub+0x50/0x80 [ 25.852512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.852537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.852565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.852697] kthread+0x337/0x6f0 [ 25.852721] ? trace_preempt_on+0x20/0xc0 [ 25.852746] ? __pfx_kthread+0x10/0x10 [ 25.852768] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.852791] ? calculate_sigpending+0x7b/0xa0 [ 25.852816] ? __pfx_kthread+0x10/0x10 [ 25.852838] ret_from_fork+0x116/0x1d0 [ 25.852859] ? __pfx_kthread+0x10/0x10 [ 25.852896] ret_from_fork_asm+0x1a/0x30 [ 25.852929] </TASK> [ 25.852941] [ 25.863786] Allocated by task 314: [ 25.864126] kasan_save_stack+0x45/0x70 [ 25.864448] kasan_save_track+0x18/0x40 [ 25.864797] kasan_save_alloc_info+0x3b/0x50 [ 25.864946] __kasan_kmalloc+0xb7/0xc0 [ 25.865072] __kmalloc_cache_noprof+0x189/0x420 [ 25.865635] kasan_atomics+0x95/0x310 [ 25.866045] kunit_try_run_case+0x1a5/0x480 [ 25.866478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.867085] kthread+0x337/0x6f0 [ 25.867517] ret_from_fork+0x116/0x1d0 [ 25.867702] ret_from_fork_asm+0x1a/0x30 [ 25.867834] [ 25.868139] The buggy address belongs to the object at ffff88810623b200 [ 25.868139] which belongs to the cache kmalloc-64 of size 64 [ 25.869401] The buggy address is located 0 bytes to the right of [ 25.869401] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 25.870212] [ 25.870290] The buggy address belongs to the physical page: [ 25.870477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 25.870726] flags: 0x200000000000000(node=0|zone=2) [ 25.870888] page_type: f5(slab) [ 25.871007] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.871234] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.871467] page dumped because: kasan: bad access detected [ 25.871633] [ 25.871697] Memory state around the buggy address: [ 25.871850] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.872061] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.872273] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.873612] ^ [ 25.874200] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.875353] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.876161] ================================================================== [ 26.757125] ================================================================== [ 26.757468] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 26.758025] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.758517] [ 26.758616] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.758668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.758682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.758825] Call Trace: [ 26.758848] <TASK> [ 26.758866] dump_stack_lvl+0x73/0xb0 [ 26.758898] print_report+0xd1/0x610 [ 26.758921] ? __virt_addr_valid+0x1db/0x2d0 [ 26.758946] ? kasan_atomics_helper+0x1a7f/0x5450 [ 26.758968] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.758994] ? kasan_atomics_helper+0x1a7f/0x5450 [ 26.759017] kasan_report+0x141/0x180 [ 26.759040] ? kasan_atomics_helper+0x1a7f/0x5450 [ 26.759067] kasan_check_range+0x10c/0x1c0 [ 26.759092] __kasan_check_write+0x18/0x20 [ 26.759116] kasan_atomics_helper+0x1a7f/0x5450 [ 26.759141] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.759164] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.759189] ? kasan_atomics+0x152/0x310 [ 26.759216] kasan_atomics+0x1dc/0x310 [ 26.759239] ? __pfx_kasan_atomics+0x10/0x10 [ 26.759264] ? __pfx_read_tsc+0x10/0x10 [ 26.759287] ? ktime_get_ts64+0x86/0x230 [ 26.759312] kunit_try_run_case+0x1a5/0x480 [ 26.759350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.759373] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.759397] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.759420] ? __kthread_parkme+0x82/0x180 [ 26.759442] ? preempt_count_sub+0x50/0x80 [ 26.759467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.759492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.759520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.759549] kthread+0x337/0x6f0 [ 26.759569] ? trace_preempt_on+0x20/0xc0 [ 26.759595] ? __pfx_kthread+0x10/0x10 [ 26.759627] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.759649] ? calculate_sigpending+0x7b/0xa0 [ 26.759674] ? __pfx_kthread+0x10/0x10 [ 26.759696] ret_from_fork+0x116/0x1d0 [ 26.759717] ? __pfx_kthread+0x10/0x10 [ 26.759739] ret_from_fork_asm+0x1a/0x30 [ 26.759771] </TASK> [ 26.759783] [ 26.768876] Allocated by task 314: [ 26.770985] kasan_save_stack+0x45/0x70 [ 26.771633] kasan_save_track+0x18/0x40 [ 26.771790] kasan_save_alloc_info+0x3b/0x50 [ 26.771933] __kasan_kmalloc+0xb7/0xc0 [ 26.772057] __kmalloc_cache_noprof+0x189/0x420 [ 26.772202] kasan_atomics+0x95/0x310 [ 26.772357] kunit_try_run_case+0x1a5/0x480 [ 26.772494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.772661] kthread+0x337/0x6f0 [ 26.772774] ret_from_fork+0x116/0x1d0 [ 26.773408] ret_from_fork_asm+0x1a/0x30 [ 26.773760] [ 26.773899] The buggy address belongs to the object at ffff88810623b200 [ 26.773899] which belongs to the cache kmalloc-64 of size 64 [ 26.774294] The buggy address is located 0 bytes to the right of [ 26.774294] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.775273] [ 26.775565] The buggy address belongs to the physical page: [ 26.775873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.776233] flags: 0x200000000000000(node=0|zone=2) [ 26.776784] page_type: f5(slab) [ 26.777102] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.777883] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.778222] page dumped because: kasan: bad access detected [ 26.778466] [ 26.778551] Memory state around the buggy address: [ 26.779113] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.779646] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.780138] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.780726] ^ [ 26.780959] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.781253] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.781822] ================================================================== [ 26.912525] ================================================================== [ 26.912973] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 26.913396] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.913820] [ 26.913978] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.914031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.914046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.914101] Call Trace: [ 26.914120] <TASK> [ 26.914140] dump_stack_lvl+0x73/0xb0 [ 26.914183] print_report+0xd1/0x610 [ 26.914206] ? __virt_addr_valid+0x1db/0x2d0 [ 26.914231] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.914254] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.914281] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.914304] kasan_report+0x141/0x180 [ 26.914370] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.914399] kasan_check_range+0x10c/0x1c0 [ 26.914448] __kasan_check_write+0x18/0x20 [ 26.914472] kasan_atomics_helper+0x1eaa/0x5450 [ 26.914495] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.914543] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.914568] ? kasan_atomics+0x152/0x310 [ 26.914621] kasan_atomics+0x1dc/0x310 [ 26.914645] ? __pfx_kasan_atomics+0x10/0x10 [ 26.914669] ? __pfx_read_tsc+0x10/0x10 [ 26.914693] ? ktime_get_ts64+0x86/0x230 [ 26.914718] kunit_try_run_case+0x1a5/0x480 [ 26.914743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.914765] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.914819] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.914854] ? __kthread_parkme+0x82/0x180 [ 26.914887] ? preempt_count_sub+0x50/0x80 [ 26.914913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.914937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.914964] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.914992] kthread+0x337/0x6f0 [ 26.915013] ? trace_preempt_on+0x20/0xc0 [ 26.915037] ? __pfx_kthread+0x10/0x10 [ 26.915059] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.915081] ? calculate_sigpending+0x7b/0xa0 [ 26.915105] ? __pfx_kthread+0x10/0x10 [ 26.915128] ret_from_fork+0x116/0x1d0 [ 26.915147] ? __pfx_kthread+0x10/0x10 [ 26.915169] ret_from_fork_asm+0x1a/0x30 [ 26.915201] </TASK> [ 26.915213] [ 26.922731] Allocated by task 314: [ 26.922898] kasan_save_stack+0x45/0x70 [ 26.923094] kasan_save_track+0x18/0x40 [ 26.923227] kasan_save_alloc_info+0x3b/0x50 [ 26.923380] __kasan_kmalloc+0xb7/0xc0 [ 26.923564] __kmalloc_cache_noprof+0x189/0x420 [ 26.923805] kasan_atomics+0x95/0x310 [ 26.923987] kunit_try_run_case+0x1a5/0x480 [ 26.924158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.924339] kthread+0x337/0x6f0 [ 26.924505] ret_from_fork+0x116/0x1d0 [ 26.924726] ret_from_fork_asm+0x1a/0x30 [ 26.924933] [ 26.925015] The buggy address belongs to the object at ffff88810623b200 [ 26.925015] which belongs to the cache kmalloc-64 of size 64 [ 26.925527] The buggy address is located 0 bytes to the right of [ 26.925527] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.926067] [ 26.926186] The buggy address belongs to the physical page: [ 26.926413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.926786] flags: 0x200000000000000(node=0|zone=2) [ 26.927002] page_type: f5(slab) [ 26.927121] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.927359] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.927602] page dumped because: kasan: bad access detected [ 26.927875] [ 26.927964] Memory state around the buggy address: [ 26.928184] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.928509] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.928871] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.929181] ^ [ 26.929411] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.929653] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.929861] ================================================================== [ 27.024762] ================================================================== [ 27.025397] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 27.025634] Read of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 27.025897] [ 27.026110] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 27.026163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.026177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.026199] Call Trace: [ 27.026219] <TASK> [ 27.026234] dump_stack_lvl+0x73/0xb0 [ 27.026264] print_report+0xd1/0x610 [ 27.026288] ? __virt_addr_valid+0x1db/0x2d0 [ 27.026313] ? kasan_atomics_helper+0x4fb2/0x5450 [ 27.026350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.026379] ? kasan_atomics_helper+0x4fb2/0x5450 [ 27.026403] kasan_report+0x141/0x180 [ 27.026426] ? kasan_atomics_helper+0x4fb2/0x5450 [ 27.026453] __asan_report_load8_noabort+0x18/0x20 [ 27.026478] kasan_atomics_helper+0x4fb2/0x5450 [ 27.026502] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.026525] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.026550] ? kasan_atomics+0x152/0x310 [ 27.026577] kasan_atomics+0x1dc/0x310 [ 27.026601] ? __pfx_kasan_atomics+0x10/0x10 [ 27.026627] ? __pfx_read_tsc+0x10/0x10 [ 27.026651] ? ktime_get_ts64+0x86/0x230 [ 27.026676] kunit_try_run_case+0x1a5/0x480 [ 27.026701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.026725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.026750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.026774] ? __kthread_parkme+0x82/0x180 [ 27.026795] ? preempt_count_sub+0x50/0x80 [ 27.026820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.026845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.026873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.026901] kthread+0x337/0x6f0 [ 27.026921] ? trace_preempt_on+0x20/0xc0 [ 27.026946] ? __pfx_kthread+0x10/0x10 [ 27.026968] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.026991] ? calculate_sigpending+0x7b/0xa0 [ 27.027016] ? __pfx_kthread+0x10/0x10 [ 27.027037] ret_from_fork+0x116/0x1d0 [ 27.027057] ? __pfx_kthread+0x10/0x10 [ 27.027079] ret_from_fork_asm+0x1a/0x30 [ 27.027110] </TASK> [ 27.027122] [ 27.041469] Allocated by task 314: [ 27.041716] kasan_save_stack+0x45/0x70 [ 27.041880] kasan_save_track+0x18/0x40 [ 27.042017] kasan_save_alloc_info+0x3b/0x50 [ 27.042241] __kasan_kmalloc+0xb7/0xc0 [ 27.042432] __kmalloc_cache_noprof+0x189/0x420 [ 27.042646] kasan_atomics+0x95/0x310 [ 27.042914] kunit_try_run_case+0x1a5/0x480 [ 27.043072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.043305] kthread+0x337/0x6f0 [ 27.043432] ret_from_fork+0x116/0x1d0 [ 27.043595] ret_from_fork_asm+0x1a/0x30 [ 27.043787] [ 27.043890] The buggy address belongs to the object at ffff88810623b200 [ 27.043890] which belongs to the cache kmalloc-64 of size 64 [ 27.044298] The buggy address is located 0 bytes to the right of [ 27.044298] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 27.045038] [ 27.045123] The buggy address belongs to the physical page: [ 27.045295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 27.045683] flags: 0x200000000000000(node=0|zone=2) [ 27.045927] page_type: f5(slab) [ 27.046094] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.046404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.046711] page dumped because: kasan: bad access detected [ 27.046965] [ 27.047049] Memory state around the buggy address: [ 27.047290] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.047543] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.047898] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.048162] ^ [ 27.048313] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.048625] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.048928] ================================================================== [ 26.675535] ================================================================== [ 26.675912] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 26.676346] Write of size 8 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.676718] [ 26.676824] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.676908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.676922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.676946] Call Trace: [ 26.676979] <TASK> [ 26.676998] dump_stack_lvl+0x73/0xb0 [ 26.677030] print_report+0xd1/0x610 [ 26.677053] ? __virt_addr_valid+0x1db/0x2d0 [ 26.677078] ? kasan_atomics_helper+0x1818/0x5450 [ 26.677101] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.677128] ? kasan_atomics_helper+0x1818/0x5450 [ 26.677151] kasan_report+0x141/0x180 [ 26.677173] ? kasan_atomics_helper+0x1818/0x5450 [ 26.677200] kasan_check_range+0x10c/0x1c0 [ 26.677256] __kasan_check_write+0x18/0x20 [ 26.677281] kasan_atomics_helper+0x1818/0x5450 [ 26.677324] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.677347] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.677374] ? kasan_atomics+0x152/0x310 [ 26.677401] kasan_atomics+0x1dc/0x310 [ 26.677424] ? __pfx_kasan_atomics+0x10/0x10 [ 26.677449] ? __pfx_read_tsc+0x10/0x10 [ 26.677473] ? ktime_get_ts64+0x86/0x230 [ 26.677500] kunit_try_run_case+0x1a5/0x480 [ 26.677525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.677548] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.677573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.677596] ? __kthread_parkme+0x82/0x180 [ 26.677636] ? preempt_count_sub+0x50/0x80 [ 26.677661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.677686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.677714] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.677742] kthread+0x337/0x6f0 [ 26.677763] ? trace_preempt_on+0x20/0xc0 [ 26.677788] ? __pfx_kthread+0x10/0x10 [ 26.677810] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.677833] ? calculate_sigpending+0x7b/0xa0 [ 26.677858] ? __pfx_kthread+0x10/0x10 [ 26.677880] ret_from_fork+0x116/0x1d0 [ 26.677901] ? __pfx_kthread+0x10/0x10 [ 26.677922] ret_from_fork_asm+0x1a/0x30 [ 26.677955] </TASK> [ 26.677966] [ 26.685622] Allocated by task 314: [ 26.685836] kasan_save_stack+0x45/0x70 [ 26.686031] kasan_save_track+0x18/0x40 [ 26.686158] kasan_save_alloc_info+0x3b/0x50 [ 26.686297] __kasan_kmalloc+0xb7/0xc0 [ 26.686489] __kmalloc_cache_noprof+0x189/0x420 [ 26.686795] kasan_atomics+0x95/0x310 [ 26.686990] kunit_try_run_case+0x1a5/0x480 [ 26.687256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.687593] kthread+0x337/0x6f0 [ 26.687752] ret_from_fork+0x116/0x1d0 [ 26.687981] ret_from_fork_asm+0x1a/0x30 [ 26.688194] [ 26.688280] The buggy address belongs to the object at ffff88810623b200 [ 26.688280] which belongs to the cache kmalloc-64 of size 64 [ 26.688913] The buggy address is located 0 bytes to the right of [ 26.688913] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.689362] [ 26.689432] The buggy address belongs to the physical page: [ 26.689596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.689834] flags: 0x200000000000000(node=0|zone=2) [ 26.690066] page_type: f5(slab) [ 26.690286] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.690654] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.691086] page dumped because: kasan: bad access detected [ 26.691251] [ 26.691371] Memory state around the buggy address: [ 26.691641] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.691940] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.692211] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.692426] ^ [ 26.692580] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.693072] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.693396] ================================================================== [ 26.387354] ================================================================== [ 26.387700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 26.388028] Read of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 26.388530] [ 26.388673] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 26.388725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.388739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.388760] Call Trace: [ 26.388778] <TASK> [ 26.388794] dump_stack_lvl+0x73/0xb0 [ 26.388824] print_report+0xd1/0x610 [ 26.388847] ? __virt_addr_valid+0x1db/0x2d0 [ 26.388873] ? kasan_atomics_helper+0x4a02/0x5450 [ 26.388895] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.388921] ? kasan_atomics_helper+0x4a02/0x5450 [ 26.388944] kasan_report+0x141/0x180 [ 26.388967] ? kasan_atomics_helper+0x4a02/0x5450 [ 26.388994] __asan_report_load4_noabort+0x18/0x20 [ 26.389019] kasan_atomics_helper+0x4a02/0x5450 [ 26.389043] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.389066] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.389092] ? kasan_atomics+0x152/0x310 [ 26.389119] kasan_atomics+0x1dc/0x310 [ 26.389142] ? __pfx_kasan_atomics+0x10/0x10 [ 26.389167] ? __pfx_read_tsc+0x10/0x10 [ 26.389191] ? ktime_get_ts64+0x86/0x230 [ 26.389217] kunit_try_run_case+0x1a5/0x480 [ 26.389242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.389265] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.389290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.389326] ? __kthread_parkme+0x82/0x180 [ 26.389349] ? preempt_count_sub+0x50/0x80 [ 26.389373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.389398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.389426] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.389454] kthread+0x337/0x6f0 [ 26.389476] ? trace_preempt_on+0x20/0xc0 [ 26.389500] ? __pfx_kthread+0x10/0x10 [ 26.389522] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.389544] ? calculate_sigpending+0x7b/0xa0 [ 26.389569] ? __pfx_kthread+0x10/0x10 [ 26.389621] ret_from_fork+0x116/0x1d0 [ 26.389643] ? __pfx_kthread+0x10/0x10 [ 26.389664] ret_from_fork_asm+0x1a/0x30 [ 26.389696] </TASK> [ 26.389709] [ 26.396427] Allocated by task 314: [ 26.396645] kasan_save_stack+0x45/0x70 [ 26.396843] kasan_save_track+0x18/0x40 [ 26.397029] kasan_save_alloc_info+0x3b/0x50 [ 26.397235] __kasan_kmalloc+0xb7/0xc0 [ 26.397424] __kmalloc_cache_noprof+0x189/0x420 [ 26.397649] kasan_atomics+0x95/0x310 [ 26.397809] kunit_try_run_case+0x1a5/0x480 [ 26.397996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.398200] kthread+0x337/0x6f0 [ 26.398377] ret_from_fork+0x116/0x1d0 [ 26.398533] ret_from_fork_asm+0x1a/0x30 [ 26.398746] [ 26.398835] The buggy address belongs to the object at ffff88810623b200 [ 26.398835] which belongs to the cache kmalloc-64 of size 64 [ 26.399288] The buggy address is located 0 bytes to the right of [ 26.399288] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 26.399764] [ 26.399862] The buggy address belongs to the physical page: [ 26.400113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 26.400475] flags: 0x200000000000000(node=0|zone=2) [ 26.400687] page_type: f5(slab) [ 26.400837] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.401157] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.401429] page dumped because: kasan: bad access detected [ 26.401604] [ 26.401679] Memory state around the buggy address: [ 26.401831] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.402041] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.402294] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.402649] ^ [ 26.402869] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.403172] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.403485] ================================================================== [ 25.935012] ================================================================== [ 25.935700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 25.936051] Write of size 4 at addr ffff88810623b230 by task kunit_try_catch/314 [ 25.936650] [ 25.936763] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.936816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.936831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.937053] Call Trace: [ 25.937079] <TASK> [ 25.937095] dump_stack_lvl+0x73/0xb0 [ 25.937128] print_report+0xd1/0x610 [ 25.937151] ? __virt_addr_valid+0x1db/0x2d0 [ 25.937177] ? kasan_atomics_helper+0x565/0x5450 [ 25.937198] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.937225] ? kasan_atomics_helper+0x565/0x5450 [ 25.937248] kasan_report+0x141/0x180 [ 25.937272] ? kasan_atomics_helper+0x565/0x5450 [ 25.937300] kasan_check_range+0x10c/0x1c0 [ 25.937339] __kasan_check_write+0x18/0x20 [ 25.937364] kasan_atomics_helper+0x565/0x5450 [ 25.937387] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.937411] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.937437] ? kasan_atomics+0x152/0x310 [ 25.937463] kasan_atomics+0x1dc/0x310 [ 25.937487] ? __pfx_kasan_atomics+0x10/0x10 [ 25.937512] ? __pfx_read_tsc+0x10/0x10 [ 25.937538] ? ktime_get_ts64+0x86/0x230 [ 25.937565] kunit_try_run_case+0x1a5/0x480 [ 25.937618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.937642] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.937667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.937691] ? __kthread_parkme+0x82/0x180 [ 25.937713] ? preempt_count_sub+0x50/0x80 [ 25.937737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.937762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.937790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.937818] kthread+0x337/0x6f0 [ 25.937839] ? trace_preempt_on+0x20/0xc0 [ 25.937885] ? __pfx_kthread+0x10/0x10 [ 25.937907] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.937929] ? calculate_sigpending+0x7b/0xa0 [ 25.937954] ? __pfx_kthread+0x10/0x10 [ 25.937976] ret_from_fork+0x116/0x1d0 [ 25.937997] ? __pfx_kthread+0x10/0x10 [ 25.938018] ret_from_fork_asm+0x1a/0x30 [ 25.938050] </TASK> [ 25.938062] [ 25.949113] Allocated by task 314: [ 25.949272] kasan_save_stack+0x45/0x70 [ 25.949469] kasan_save_track+0x18/0x40 [ 25.949915] kasan_save_alloc_info+0x3b/0x50 [ 25.950276] __kasan_kmalloc+0xb7/0xc0 [ 25.950441] __kmalloc_cache_noprof+0x189/0x420 [ 25.950688] kasan_atomics+0x95/0x310 [ 25.951029] kunit_try_run_case+0x1a5/0x480 [ 25.951351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.951612] kthread+0x337/0x6f0 [ 25.951770] ret_from_fork+0x116/0x1d0 [ 25.951943] ret_from_fork_asm+0x1a/0x30 [ 25.952138] [ 25.952213] The buggy address belongs to the object at ffff88810623b200 [ 25.952213] which belongs to the cache kmalloc-64 of size 64 [ 25.953160] The buggy address is located 0 bytes to the right of [ 25.953160] allocated 48-byte region [ffff88810623b200, ffff88810623b230) [ 25.953941] [ 25.954042] The buggy address belongs to the physical page: [ 25.954262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10623b [ 25.954617] flags: 0x200000000000000(node=0|zone=2) [ 25.954841] page_type: f5(slab) [ 25.954992] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.955720] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.956117] page dumped because: kasan: bad access detected [ 25.956341] [ 25.956433] Memory state around the buggy address: [ 25.956903] ffff88810623b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.957288] ffff88810623b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.957760] >ffff88810623b200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.958099] ^ [ 25.958296] ffff88810623b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.958908] ffff88810623b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.959158] ==================================================================