Date
July 22, 2025, 5:13 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 33.134047] ================================================================== [ 33.134436] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 33.134524] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.134578] [ 33.134844] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.134955] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.134988] Hardware name: linux,dummy-virt (DT) [ 33.135176] Call trace: [ 33.135211] show_stack+0x20/0x38 (C) [ 33.135269] dump_stack_lvl+0x8c/0xd0 [ 33.135320] print_report+0x118/0x5e8 [ 33.135367] kasan_report+0xdc/0x128 [ 33.135413] __asan_report_store8_noabort+0x20/0x30 [ 33.135466] kasan_atomics_helper+0x3e5c/0x4858 [ 33.135518] kasan_atomics+0x198/0x2e0 [ 33.136371] kunit_try_run_case+0x170/0x3f0 [ 33.136694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.136774] kthread+0x328/0x630 [ 33.136836] ret_from_fork+0x10/0x20 [ 33.136887] [ 33.136994] Allocated by task 296: [ 33.137041] kasan_save_stack+0x3c/0x68 [ 33.137089] kasan_save_track+0x20/0x40 [ 33.137128] kasan_save_alloc_info+0x40/0x58 [ 33.137532] __kasan_kmalloc+0xd4/0xd8 [ 33.137890] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.137963] kasan_atomics+0xb8/0x2e0 [ 33.138324] kunit_try_run_case+0x170/0x3f0 [ 33.138722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.138839] kthread+0x328/0x630 [ 33.138937] ret_from_fork+0x10/0x20 [ 33.139045] [ 33.139454] The buggy address belongs to the object at fff00000c9225780 [ 33.139454] which belongs to the cache kmalloc-64 of size 64 [ 33.139558] The buggy address is located 0 bytes to the right of [ 33.139558] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.139706] [ 33.139778] The buggy address belongs to the physical page: [ 33.139869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.140124] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.140273] page_type: f5(slab) [ 33.140618] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.141088] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.141160] page dumped because: kasan: bad access detected [ 33.141372] [ 33.141491] Memory state around the buggy address: [ 33.141573] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.141652] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.141707] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.141746] ^ [ 33.142098] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.142262] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.142356] ================================================================== [ 33.014526] ================================================================== [ 33.014699] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 33.014762] Read of size 4 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.014879] [ 33.014916] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.015040] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.015073] Hardware name: linux,dummy-virt (DT) [ 33.015383] Call trace: [ 33.015426] show_stack+0x20/0x38 (C) [ 33.015541] dump_stack_lvl+0x8c/0xd0 [ 33.015593] print_report+0x118/0x5e8 [ 33.015639] kasan_report+0xdc/0x128 [ 33.015753] __asan_report_load4_noabort+0x20/0x30 [ 33.016027] kasan_atomics_helper+0x3dcc/0x4858 [ 33.016102] kasan_atomics+0x198/0x2e0 [ 33.016155] kunit_try_run_case+0x170/0x3f0 [ 33.016207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.016260] kthread+0x328/0x630 [ 33.017017] kasan_save_track+0x20/0x40 [ 33.017575] kasan_atomics+0xb8/0x2e0 [ 33.017690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.018703] [ 33.020438] page_type: f5(slab) [ 33.021285] page dumped because: kasan: bad access detected [ 33.021358] [ 33.021479] Memory state around the buggy address: [ 33.021622] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.022454] ================================================================== [ 33.347547] ================================================================== [ 33.347593] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 33.347664] Read of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.347715] [ 33.347745] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.347846] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.347875] Hardware name: linux,dummy-virt (DT) [ 33.347906] Call trace: [ 33.347931] show_stack+0x20/0x38 (C) [ 33.347979] dump_stack_lvl+0x8c/0xd0 [ 33.348062] print_report+0x118/0x5e8 [ 33.348109] kasan_report+0xdc/0x128 [ 33.348155] __asan_report_load8_noabort+0x20/0x30 [ 33.348206] kasan_atomics_helper+0x3e20/0x4858 [ 33.348657] kasan_atomics+0x198/0x2e0 [ 33.348765] kunit_try_run_case+0x170/0x3f0 [ 33.348949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.349064] kthread+0x328/0x630 [ 33.349112] ret_from_fork+0x10/0x20 [ 33.349212] [ 33.349283] Allocated by task 296: [ 33.349431] kasan_save_stack+0x3c/0x68 [ 33.349882] kasan_save_track+0x20/0x40 [ 33.349954] kasan_save_alloc_info+0x40/0x58 [ 33.350070] __kasan_kmalloc+0xd4/0xd8 [ 33.350139] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.350200] kasan_atomics+0xb8/0x2e0 [ 33.350240] kunit_try_run_case+0x170/0x3f0 [ 33.350280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.350324] kthread+0x328/0x630 [ 33.350473] ret_from_fork+0x10/0x20 [ 33.350518] [ 33.350539] The buggy address belongs to the object at fff00000c9225780 [ 33.350539] which belongs to the cache kmalloc-64 of size 64 [ 33.350701] The buggy address is located 0 bytes to the right of [ 33.350701] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.350886] [ 33.350969] The buggy address belongs to the physical page: [ 33.351016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.351113] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.351472] page_type: f5(slab) [ 33.351538] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.351642] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.351846] page dumped because: kasan: bad access detected [ 33.351878] [ 33.351899] Memory state around the buggy address: [ 33.351931] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.351977] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.352021] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.352061] ^ [ 33.352246] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.352403] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.352505] ================================================================== [ 33.178914] ================================================================== [ 33.178970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 33.179033] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.179086] [ 33.179117] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.179209] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.179252] Hardware name: linux,dummy-virt (DT) [ 33.179286] Call trace: [ 33.179320] show_stack+0x20/0x38 (C) [ 33.179372] dump_stack_lvl+0x8c/0xd0 [ 33.179430] print_report+0x118/0x5e8 [ 33.179477] kasan_report+0xdc/0x128 [ 33.179529] kasan_check_range+0x100/0x1a8 [ 33.179577] __kasan_check_write+0x20/0x30 [ 33.179625] kasan_atomics_helper+0x1058/0x4858 [ 33.179676] kasan_atomics+0x198/0x2e0 [ 33.179725] kunit_try_run_case+0x170/0x3f0 [ 33.179772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.179859] kthread+0x328/0x630 [ 33.180357] ret_from_fork+0x10/0x20 [ 33.180825] [ 33.180875] Allocated by task 296: [ 33.180933] kasan_save_stack+0x3c/0x68 [ 33.181002] kasan_save_track+0x20/0x40 [ 33.181067] kasan_save_alloc_info+0x40/0x58 [ 33.181133] __kasan_kmalloc+0xd4/0xd8 [ 33.181448] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.181505] kasan_atomics+0xb8/0x2e0 [ 33.181546] kunit_try_run_case+0x170/0x3f0 [ 33.181585] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.181978] kthread+0x328/0x630 [ 33.182054] ret_from_fork+0x10/0x20 [ 33.182284] [ 33.182365] The buggy address belongs to the object at fff00000c9225780 [ 33.182365] which belongs to the cache kmalloc-64 of size 64 [ 33.182662] The buggy address is located 0 bytes to the right of [ 33.182662] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.182923] [ 33.182992] The buggy address belongs to the physical page: [ 33.183295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.183542] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.183711] page_type: f5(slab) [ 33.183860] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.183961] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.184029] page dumped because: kasan: bad access detected [ 33.184138] [ 33.184160] Memory state around the buggy address: [ 33.184302] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.184543] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.184875] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.184964] ^ [ 33.185081] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.185213] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.185290] ================================================================== [ 33.236213] ================================================================== [ 33.236398] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 33.236500] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.236826] [ 33.236878] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.236975] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.237044] Hardware name: linux,dummy-virt (DT) [ 33.237091] Call trace: [ 33.237124] show_stack+0x20/0x38 (C) [ 33.237188] dump_stack_lvl+0x8c/0xd0 [ 33.237237] print_report+0x118/0x5e8 [ 33.237289] kasan_report+0xdc/0x128 [ 33.237335] kasan_check_range+0x100/0x1a8 [ 33.237396] __kasan_check_write+0x20/0x30 [ 33.237454] kasan_atomics_helper+0x12d8/0x4858 [ 33.237514] kasan_atomics+0x198/0x2e0 [ 33.237562] kunit_try_run_case+0x170/0x3f0 [ 33.237611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.237672] kthread+0x328/0x630 [ 33.237723] ret_from_fork+0x10/0x20 [ 33.237772] [ 33.237794] Allocated by task 296: [ 33.237986] kasan_save_stack+0x3c/0x68 [ 33.238572] kasan_save_track+0x20/0x40 [ 33.238634] kasan_save_alloc_info+0x40/0x58 [ 33.238677] __kasan_kmalloc+0xd4/0xd8 [ 33.238715] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.238840] kasan_atomics+0xb8/0x2e0 [ 33.238926] kunit_try_run_case+0x170/0x3f0 [ 33.239343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.239589] kthread+0x328/0x630 [ 33.239638] ret_from_fork+0x10/0x20 [ 33.239959] [ 33.240235] The buggy address belongs to the object at fff00000c9225780 [ 33.240235] which belongs to the cache kmalloc-64 of size 64 [ 33.240380] The buggy address is located 0 bytes to the right of [ 33.240380] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.240629] [ 33.240665] The buggy address belongs to the physical page: [ 33.240848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.240941] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.241381] page_type: f5(slab) [ 33.241561] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.241839] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.241930] page dumped because: kasan: bad access detected [ 33.241964] [ 33.242435] Memory state around the buggy address: [ 33.242570] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.242757] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.242994] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.243186] ^ [ 33.243409] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.243526] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.243669] ================================================================== [ 33.283489] ================================================================== [ 33.283550] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 33.283911] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.284161] [ 33.284225] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.284470] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.284514] Hardware name: linux,dummy-virt (DT) [ 33.284584] Call trace: [ 33.284611] show_stack+0x20/0x38 (C) [ 33.284757] dump_stack_lvl+0x8c/0xd0 [ 33.284811] print_report+0x118/0x5e8 [ 33.284997] kasan_report+0xdc/0x128 [ 33.285148] kasan_check_range+0x100/0x1a8 [ 33.285215] __kasan_check_write+0x20/0x30 [ 33.285714] kasan_atomics_helper+0x14e4/0x4858 [ 33.286167] kasan_atomics+0x198/0x2e0 [ 33.286232] kunit_try_run_case+0x170/0x3f0 [ 33.286378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.286768] kthread+0x328/0x630 [ 33.286998] ret_from_fork+0x10/0x20 [ 33.287057] [ 33.287080] Allocated by task 296: [ 33.287396] kasan_save_stack+0x3c/0x68 [ 33.287714] kasan_save_track+0x20/0x40 [ 33.288000] kasan_save_alloc_info+0x40/0x58 [ 33.288316] __kasan_kmalloc+0xd4/0xd8 [ 33.289168] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.289433] kasan_atomics+0xb8/0x2e0 [ 33.289904] kunit_try_run_case+0x170/0x3f0 [ 33.290001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.290637] kthread+0x328/0x630 [ 33.291022] ret_from_fork+0x10/0x20 [ 33.291168] [ 33.291197] The buggy address belongs to the object at fff00000c9225780 [ 33.291197] which belongs to the cache kmalloc-64 of size 64 [ 33.291395] The buggy address is located 0 bytes to the right of [ 33.291395] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.291623] [ 33.291664] The buggy address belongs to the physical page: [ 33.292126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.292348] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.292446] page_type: f5(slab) [ 33.292897] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.293002] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.293046] page dumped because: kasan: bad access detected [ 33.293505] [ 33.293708] Memory state around the buggy address: [ 33.293870] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.294106] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.294329] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.294647] ^ [ 33.295144] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.295225] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.295285] ================================================================== [ 32.855544] ================================================================== [ 32.855624] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858 [ 32.855937] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.856827] kasan_report+0xdc/0x128 [ 32.857327] kunit_try_run_case+0x170/0x3f0 [ 32.857826] ret_from_fork+0x10/0x20 [ 32.858372] __kasan_kmalloc+0xd4/0xd8 [ 32.858572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.858794] The buggy address is located 0 bytes to the right of [ 32.858794] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 32.859981] ================================================================== [ 33.089974] ================================================================== [ 33.090026] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 33.090093] Read of size 4 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.090154] [ 33.090191] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.090281] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.090323] Hardware name: linux,dummy-virt (DT) [ 33.090365] Call trace: [ 33.090390] show_stack+0x20/0x38 (C) [ 33.090441] dump_stack_lvl+0x8c/0xd0 [ 33.090498] print_report+0x118/0x5e8 [ 33.090545] kasan_report+0xdc/0x128 [ 33.090591] __asan_report_load4_noabort+0x20/0x30 [ 33.090642] kasan_atomics_helper+0x3e04/0x4858 [ 33.090694] kasan_atomics+0x198/0x2e0 [ 33.090743] kunit_try_run_case+0x170/0x3f0 [ 33.090790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.091268] kthread+0x328/0x630 [ 33.091321] ret_from_fork+0x10/0x20 [ 33.091689] [ 33.091742] Allocated by task 296: [ 33.091787] kasan_save_stack+0x3c/0x68 [ 33.091846] kasan_save_track+0x20/0x40 [ 33.091883] kasan_save_alloc_info+0x40/0x58 [ 33.092282] __kasan_kmalloc+0xd4/0xd8 [ 33.092343] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.092387] kasan_atomics+0xb8/0x2e0 [ 33.092670] kunit_try_run_case+0x170/0x3f0 [ 33.092722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.093091] kthread+0x328/0x630 [ 33.093262] ret_from_fork+0x10/0x20 [ 33.093337] [ 33.093476] The buggy address belongs to the object at fff00000c9225780 [ 33.093476] which belongs to the cache kmalloc-64 of size 64 [ 33.093593] The buggy address is located 0 bytes to the right of [ 33.093593] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.093711] [ 33.093733] The buggy address belongs to the physical page: [ 33.093769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.093835] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.093884] page_type: f5(slab) [ 33.094484] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.094736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.094808] page dumped because: kasan: bad access detected [ 33.095021] [ 33.095061] Memory state around the buggy address: [ 33.095097] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.095394] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.095588] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.095790] ^ [ 33.096055] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.096244] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.096344] ================================================================== [ 33.307550] ================================================================== [ 33.307602] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 33.307655] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.307707] [ 33.307740] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.307846] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.307878] Hardware name: linux,dummy-virt (DT) [ 33.307910] Call trace: [ 33.307947] show_stack+0x20/0x38 (C) [ 33.308009] dump_stack_lvl+0x8c/0xd0 [ 33.308063] print_report+0x118/0x5e8 [ 33.308111] kasan_report+0xdc/0x128 [ 33.308161] kasan_check_range+0x100/0x1a8 [ 33.308209] __kasan_check_write+0x20/0x30 [ 33.308263] kasan_atomics_helper+0x15b4/0x4858 [ 33.308329] kasan_atomics+0x198/0x2e0 [ 33.308378] kunit_try_run_case+0x170/0x3f0 [ 33.308429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.308485] kthread+0x328/0x630 [ 33.308529] ret_from_fork+0x10/0x20 [ 33.308578] [ 33.308600] Allocated by task 296: [ 33.308640] kasan_save_stack+0x3c/0x68 [ 33.308693] kasan_save_track+0x20/0x40 [ 33.308732] kasan_save_alloc_info+0x40/0x58 [ 33.308773] __kasan_kmalloc+0xd4/0xd8 [ 33.308810] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.308862] kasan_atomics+0xb8/0x2e0 [ 33.308902] kunit_try_run_case+0x170/0x3f0 [ 33.308941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.309035] kthread+0x328/0x630 [ 33.309322] ret_from_fork+0x10/0x20 [ 33.309367] [ 33.309390] The buggy address belongs to the object at fff00000c9225780 [ 33.309390] which belongs to the cache kmalloc-64 of size 64 [ 33.309448] The buggy address is located 0 bytes to the right of [ 33.309448] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.309510] [ 33.309533] The buggy address belongs to the physical page: [ 33.309567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.309622] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.310105] page_type: f5(slab) [ 33.310165] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.310447] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.310575] page dumped because: kasan: bad access detected [ 33.310676] [ 33.310735] Memory state around the buggy address: [ 33.310891] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.311030] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.311119] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.311184] ^ [ 33.311237] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.311301] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.311340] ================================================================== [ 33.170737] ================================================================== [ 33.170789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 33.170861] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.170910] [ 33.170940] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.171033] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.171066] Hardware name: linux,dummy-virt (DT) [ 33.171098] Call trace: [ 33.171122] show_stack+0x20/0x38 (C) [ 33.171172] dump_stack_lvl+0x8c/0xd0 [ 33.171218] print_report+0x118/0x5e8 [ 33.171843] kasan_report+0xdc/0x128 [ 33.171916] kasan_check_range+0x100/0x1a8 [ 33.171967] __kasan_check_write+0x20/0x30 [ 33.172371] kasan_atomics_helper+0xff0/0x4858 [ 33.172770] kasan_atomics+0x198/0x2e0 [ 33.172846] kunit_try_run_case+0x170/0x3f0 [ 33.173182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.173275] kthread+0x328/0x630 [ 33.173489] ret_from_fork+0x10/0x20 [ 33.173981] [ 33.174049] Allocated by task 296: [ 33.174316] kasan_save_stack+0x3c/0x68 [ 33.174505] kasan_save_track+0x20/0x40 [ 33.174575] kasan_save_alloc_info+0x40/0x58 [ 33.174630] __kasan_kmalloc+0xd4/0xd8 [ 33.174666] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.175027] kasan_atomics+0xb8/0x2e0 [ 33.175140] kunit_try_run_case+0x170/0x3f0 [ 33.175569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.175627] kthread+0x328/0x630 [ 33.175982] ret_from_fork+0x10/0x20 [ 33.176228] [ 33.176430] The buggy address belongs to the object at fff00000c9225780 [ 33.176430] which belongs to the cache kmalloc-64 of size 64 [ 33.176565] The buggy address is located 0 bytes to the right of [ 33.176565] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.176706] [ 33.176774] The buggy address belongs to the physical page: [ 33.177170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.177262] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.177418] page_type: f5(slab) [ 33.177524] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.177584] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.177627] page dumped because: kasan: bad access detected [ 33.177661] [ 33.177682] Memory state around the buggy address: [ 33.177943] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.178176] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.178227] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.178278] ^ [ 33.178322] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.178375] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.178418] ================================================================== [ 33.152708] ================================================================== [ 33.152840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 33.152986] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.153131] [ 33.153209] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.153387] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.153425] Hardware name: linux,dummy-virt (DT) [ 33.153458] Call trace: [ 33.153691] show_stack+0x20/0x38 (C) [ 33.154129] dump_stack_lvl+0x8c/0xd0 [ 33.154304] print_report+0x118/0x5e8 [ 33.154356] kasan_report+0xdc/0x128 [ 33.154590] kasan_check_range+0x100/0x1a8 [ 33.154845] __kasan_check_write+0x20/0x30 [ 33.155064] kasan_atomics_helper+0xf20/0x4858 [ 33.155265] kasan_atomics+0x198/0x2e0 [ 33.155349] kunit_try_run_case+0x170/0x3f0 [ 33.155551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.155784] kthread+0x328/0x630 [ 33.155851] ret_from_fork+0x10/0x20 [ 33.156153] [ 33.156474] Allocated by task 296: [ 33.156657] kasan_save_stack+0x3c/0x68 [ 33.156722] kasan_save_track+0x20/0x40 [ 33.157065] kasan_save_alloc_info+0x40/0x58 [ 33.157297] __kasan_kmalloc+0xd4/0xd8 [ 33.157430] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.157605] kasan_atomics+0xb8/0x2e0 [ 33.157706] kunit_try_run_case+0x170/0x3f0 [ 33.157746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.157975] kthread+0x328/0x630 [ 33.158528] ret_from_fork+0x10/0x20 [ 33.158648] [ 33.158722] The buggy address belongs to the object at fff00000c9225780 [ 33.158722] which belongs to the cache kmalloc-64 of size 64 [ 33.158831] The buggy address is located 0 bytes to the right of [ 33.158831] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.158927] [ 33.158970] The buggy address belongs to the physical page: [ 33.159008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.159074] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.159132] page_type: f5(slab) [ 33.159175] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.159227] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.159269] page dumped because: kasan: bad access detected [ 33.159317] [ 33.159337] Memory state around the buggy address: [ 33.159371] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.159415] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.159474] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.159513] ^ [ 33.159557] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.159610] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.159649] ================================================================== [ 33.343396] ================================================================== [ 33.343557] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 33.343660] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.343742] [ 33.343797] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.343938] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.343969] Hardware name: linux,dummy-virt (DT) [ 33.344065] Call trace: [ 33.344091] show_stack+0x20/0x38 (C) [ 33.344139] dump_stack_lvl+0x8c/0xd0 [ 33.344186] print_report+0x118/0x5e8 [ 33.344250] kasan_report+0xdc/0x128 [ 33.344528] kasan_check_range+0x100/0x1a8 [ 33.344674] __kasan_check_write+0x20/0x30 [ 33.344879] kasan_atomics_helper+0x175c/0x4858 [ 33.345079] kasan_atomics+0x198/0x2e0 [ 33.345149] kunit_try_run_case+0x170/0x3f0 [ 33.345199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.345408] kthread+0x328/0x630 [ 33.345455] ret_from_fork+0x10/0x20 [ 33.345771] [ 33.345844] Allocated by task 296: [ 33.345995] kasan_save_stack+0x3c/0x68 [ 33.346075] kasan_save_track+0x20/0x40 [ 33.346145] kasan_save_alloc_info+0x40/0x58 [ 33.346205] __kasan_kmalloc+0xd4/0xd8 [ 33.346246] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.346291] kasan_atomics+0xb8/0x2e0 [ 33.346331] kunit_try_run_case+0x170/0x3f0 [ 33.346381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.346427] kthread+0x328/0x630 [ 33.346466] ret_from_fork+0x10/0x20 [ 33.346505] [ 33.346536] The buggy address belongs to the object at fff00000c9225780 [ 33.346536] which belongs to the cache kmalloc-64 of size 64 [ 33.346596] The buggy address is located 0 bytes to the right of [ 33.346596] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.346658] [ 33.346679] The buggy address belongs to the physical page: [ 33.346718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.346774] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.346843] page_type: f5(slab) [ 33.346882] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.346935] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.346983] page dumped because: kasan: bad access detected [ 33.347016] [ 33.347035] Memory state around the buggy address: [ 33.347069] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.347124] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.347174] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.347219] ^ [ 33.347261] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.347306] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.347345] ================================================================== [ 33.318256] ================================================================== [ 33.318372] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 33.318439] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.318491] [ 33.318523] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.318613] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.318807] Hardware name: linux,dummy-virt (DT) [ 33.318857] Call trace: [ 33.319032] show_stack+0x20/0x38 (C) [ 33.319093] dump_stack_lvl+0x8c/0xd0 [ 33.319164] print_report+0x118/0x5e8 [ 33.319513] kasan_report+0xdc/0x128 [ 33.319584] kasan_check_range+0x100/0x1a8 [ 33.319636] __kasan_check_write+0x20/0x30 [ 33.319703] kasan_atomics_helper+0x1644/0x4858 [ 33.319755] kasan_atomics+0x198/0x2e0 [ 33.319801] kunit_try_run_case+0x170/0x3f0 [ 33.319883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.319954] kthread+0x328/0x630 [ 33.320000] ret_from_fork+0x10/0x20 [ 33.320050] [ 33.320214] Allocated by task 296: [ 33.320249] kasan_save_stack+0x3c/0x68 [ 33.320480] kasan_save_track+0x20/0x40 [ 33.320533] kasan_save_alloc_info+0x40/0x58 [ 33.320623] __kasan_kmalloc+0xd4/0xd8 [ 33.320891] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.321035] kasan_atomics+0xb8/0x2e0 [ 33.321144] kunit_try_run_case+0x170/0x3f0 [ 33.321205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.321282] kthread+0x328/0x630 [ 33.321319] ret_from_fork+0x10/0x20 [ 33.321522] [ 33.321685] The buggy address belongs to the object at fff00000c9225780 [ 33.321685] which belongs to the cache kmalloc-64 of size 64 [ 33.321783] The buggy address is located 0 bytes to the right of [ 33.321783] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.321909] [ 33.322100] The buggy address belongs to the physical page: [ 33.322338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.322463] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.322513] page_type: f5(slab) [ 33.322596] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.322850] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.323029] page dumped because: kasan: bad access detected [ 33.323280] [ 33.323399] Memory state around the buggy address: [ 33.323535] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.323600] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.323662] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.324015] ^ [ 33.324061] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.324230] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.324446] ================================================================== [ 33.324948] ================================================================== [ 33.325029] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 33.325121] Read of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.325208] [ 33.325251] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.325340] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.325372] Hardware name: linux,dummy-virt (DT) [ 33.325406] Call trace: [ 33.325445] show_stack+0x20/0x38 (C) [ 33.325498] dump_stack_lvl+0x8c/0xd0 [ 33.325555] print_report+0x118/0x5e8 [ 33.325611] kasan_report+0xdc/0x128 [ 33.325657] __asan_report_load8_noabort+0x20/0x30 [ 33.325709] kasan_atomics_helper+0x3df4/0x4858 [ 33.325761] kasan_atomics+0x198/0x2e0 [ 33.325833] kunit_try_run_case+0x170/0x3f0 [ 33.325883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.325946] kthread+0x328/0x630 [ 33.326006] ret_from_fork+0x10/0x20 [ 33.326075] [ 33.326123] Allocated by task 296: [ 33.326165] kasan_save_stack+0x3c/0x68 [ 33.326224] kasan_save_track+0x20/0x40 [ 33.326261] kasan_save_alloc_info+0x40/0x58 [ 33.326302] __kasan_kmalloc+0xd4/0xd8 [ 33.326339] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.326382] kasan_atomics+0xb8/0x2e0 [ 33.326437] kunit_try_run_case+0x170/0x3f0 [ 33.326476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.326520] kthread+0x328/0x630 [ 33.326575] ret_from_fork+0x10/0x20 [ 33.326622] [ 33.326653] The buggy address belongs to the object at fff00000c9225780 [ 33.326653] which belongs to the cache kmalloc-64 of size 64 [ 33.326711] The buggy address is located 0 bytes to the right of [ 33.326711] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.326775] [ 33.326796] The buggy address belongs to the physical page: [ 33.326849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.326903] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.326950] page_type: f5(slab) [ 33.326989] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.327041] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.327082] page dumped because: kasan: bad access detected [ 33.327113] [ 33.327132] Memory state around the buggy address: [ 33.327165] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.327351] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.327837] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.327929] ^ [ 33.327996] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.328093] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.328200] ================================================================== [ 32.970986] ================================================================== [ 32.971043] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 32.971113] Read of size 4 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 32.971183] [ 32.971215] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 32.971304] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.971337] Hardware name: linux,dummy-virt (DT) [ 32.971369] Call trace: [ 32.971392] show_stack+0x20/0x38 (C) [ 32.971444] dump_stack_lvl+0x8c/0xd0 [ 32.971492] print_report+0x118/0x5e8 [ 32.971539] kasan_report+0xdc/0x128 [ 32.971594] __asan_report_load4_noabort+0x20/0x30 [ 32.971804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.972537] The buggy address is located 0 bytes to the right of [ 32.972537] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 32.973769] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.975189] [ 32.975750] print_report+0x118/0x5e8 [ 32.978399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.978727] [ 32.978751] The buggy address belongs to the object at fff00000c9225780 [ 32.978751] which belongs to the cache kmalloc-64 of size 64 [ 32.979021] The buggy address is located 0 bytes to the right of [ 32.979021] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 32.979166] [ 32.979245] The buggy address belongs to the physical page: [ 32.979445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 32.979556] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.979696] page_type: f5(slab) [ 32.979763] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.979970] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.980181] page dumped because: kasan: bad access detected [ 32.980289] [ 32.980395] Memory state around the buggy address: [ 32.980465] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.980540] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 32.980597] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.980705] ^ [ 32.980741] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.981010] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.981084] ================================================================== [ 33.328878] ================================================================== [ 33.328935] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 33.329015] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.329099] [ 33.329186] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.329294] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.329325] Hardware name: linux,dummy-virt (DT) [ 33.329357] Call trace: [ 33.329381] show_stack+0x20/0x38 (C) [ 33.329431] dump_stack_lvl+0x8c/0xd0 [ 33.329479] print_report+0x118/0x5e8 [ 33.329654] kasan_report+0xdc/0x128 [ 33.329860] kasan_check_range+0x100/0x1a8 [ 33.329955] __kasan_check_write+0x20/0x30 [ 33.330057] kasan_atomics_helper+0x16d0/0x4858 [ 33.330332] kasan_atomics+0x198/0x2e0 [ 33.330499] kunit_try_run_case+0x170/0x3f0 [ 33.330635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.330690] kthread+0x328/0x630 [ 33.330944] ret_from_fork+0x10/0x20 [ 33.331186] [ 33.331344] Allocated by task 296: [ 33.331483] kasan_save_stack+0x3c/0x68 [ 33.331675] kasan_save_track+0x20/0x40 [ 33.331805] kasan_save_alloc_info+0x40/0x58 [ 33.331963] __kasan_kmalloc+0xd4/0xd8 [ 33.332040] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.332087] kasan_atomics+0xb8/0x2e0 [ 33.332127] kunit_try_run_case+0x170/0x3f0 [ 33.332386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.332514] kthread+0x328/0x630 [ 33.332707] ret_from_fork+0x10/0x20 [ 33.332908] [ 33.333232] The buggy address belongs to the object at fff00000c9225780 [ 33.333232] which belongs to the cache kmalloc-64 of size 64 [ 33.333399] The buggy address is located 0 bytes to the right of [ 33.333399] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.333475] [ 33.333496] The buggy address belongs to the physical page: [ 33.333686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.333849] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.334019] page_type: f5(slab) [ 33.334109] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.334206] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.334555] page dumped because: kasan: bad access detected [ 33.334694] [ 33.334764] Memory state around the buggy address: [ 33.334862] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.334939] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.335038] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.335174] ^ [ 33.335235] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.335279] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.335345] ================================================================== [ 33.186073] ================================================================== [ 33.186126] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 33.186186] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.186239] [ 33.186688] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.186936] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.186968] Hardware name: linux,dummy-virt (DT) [ 33.187174] Call trace: [ 33.187202] show_stack+0x20/0x38 (C) [ 33.187696] dump_stack_lvl+0x8c/0xd0 [ 33.187793] print_report+0x118/0x5e8 [ 33.187867] kasan_report+0xdc/0x128 [ 33.188160] kasan_check_range+0x100/0x1a8 [ 33.188359] __kasan_check_write+0x20/0x30 [ 33.188417] kasan_atomics_helper+0x10c0/0x4858 [ 33.188804] kasan_atomics+0x198/0x2e0 [ 33.189084] kunit_try_run_case+0x170/0x3f0 [ 33.189292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.189502] kthread+0x328/0x630 [ 33.189689] ret_from_fork+0x10/0x20 [ 33.189794] [ 33.190057] Allocated by task 296: [ 33.190228] kasan_save_stack+0x3c/0x68 [ 33.190329] kasan_save_track+0x20/0x40 [ 33.190368] kasan_save_alloc_info+0x40/0x58 [ 33.190574] __kasan_kmalloc+0xd4/0xd8 [ 33.190795] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.190888] kasan_atomics+0xb8/0x2e0 [ 33.191099] kunit_try_run_case+0x170/0x3f0 [ 33.191190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.191355] kthread+0x328/0x630 [ 33.191589] ret_from_fork+0x10/0x20 [ 33.191767] [ 33.191977] The buggy address belongs to the object at fff00000c9225780 [ 33.191977] which belongs to the cache kmalloc-64 of size 64 [ 33.192054] The buggy address is located 0 bytes to the right of [ 33.192054] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.192384] [ 33.192535] The buggy address belongs to the physical page: [ 33.192918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.193084] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.193237] page_type: f5(slab) [ 33.193320] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.193546] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.193737] page dumped because: kasan: bad access detected [ 33.193830] [ 33.193951] Memory state around the buggy address: [ 33.194012] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.194100] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.194312] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.194569] ^ [ 33.194624] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.194669] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.195122] ================================================================== [ 32.870150] ================================================================== [ 32.870372] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 32.870746] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.871297] print_report+0x118/0x5e8 [ 32.871671] kasan_atomics_helper+0x3f94/0x4858 [ 32.872433] kthread+0x328/0x630 [ 32.872592] kasan_save_stack+0x3c/0x68 [ 32.873409] __kasan_kmalloc+0xd4/0xd8 [ 32.873991] kthread+0x328/0x630 [ 32.874496] The buggy address is located 0 bytes to the right of [ 32.874496] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 32.875969] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.876422] ================================================================== [ 33.008880] ================================================================== [ 33.008970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 33.009337] Write of size 4 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.009502] [ 33.009578] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.009734] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.009860] Hardware name: linux,dummy-virt (DT) [ 33.009895] Call trace: [ 33.009919] show_stack+0x20/0x38 (C) [ 33.010353] dump_stack_lvl+0x8c/0xd0 [ 33.010575] print_report+0x118/0x5e8 [ 33.010787] kasan_report+0xdc/0x128 [ 33.010862] kasan_check_range+0x100/0x1a8 [ 33.010948] __kasan_check_write+0x20/0x30 [ 33.011020] kasan_atomics_helper+0xad4/0x4858 [ 33.011078] kasan_atomics+0x198/0x2e0 [ 33.011124] kunit_try_run_case+0x170/0x3f0 [ 33.011176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.011241] kthread+0x328/0x630 [ 33.011314] ret_from_fork+0x10/0x20 [ 33.011362] [ 33.011385] Allocated by task 296: [ 33.011423] kasan_save_stack+0x3c/0x68 [ 33.011488] kasan_save_track+0x20/0x40 [ 33.011539] kasan_save_alloc_info+0x40/0x58 [ 33.011587] __kasan_kmalloc+0xd4/0xd8 [ 33.011626] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.011669] kasan_atomics+0xb8/0x2e0 [ 33.011717] kunit_try_run_case+0x170/0x3f0 [ 33.011766] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.011809] kthread+0x328/0x630 [ 33.011855] ret_from_fork+0x10/0x20 [ 33.011891] [ 33.011913] The buggy address belongs to the object at fff00000c9225780 [ 33.011913] which belongs to the cache kmalloc-64 of size 64 [ 33.011972] The buggy address is located 0 bytes to the right of [ 33.011972] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.012101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.012356] page dumped because: kasan: bad access detected [ 33.012389] [ 33.012411] Memory state around the buggy address: [ 33.012450] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.012509] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.012554] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.012605] ^ [ 33.012647] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.012691] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.012739] ================================================================== [ 33.144642] ================================================================== [ 33.144695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 33.144793] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.144875] [ 33.144930] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.145335] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.145389] Hardware name: linux,dummy-virt (DT) [ 33.145423] Call trace: [ 33.145447] show_stack+0x20/0x38 (C) [ 33.145862] dump_stack_lvl+0x8c/0xd0 [ 33.145949] print_report+0x118/0x5e8 [ 33.146034] kasan_report+0xdc/0x128 [ 33.146259] kasan_check_range+0x100/0x1a8 [ 33.146450] __kasan_check_write+0x20/0x30 [ 33.146531] kasan_atomics_helper+0xeb8/0x4858 [ 33.146771] kasan_atomics+0x198/0x2e0 [ 33.147274] kunit_try_run_case+0x170/0x3f0 [ 33.147369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.147586] kthread+0x328/0x630 [ 33.147972] ret_from_fork+0x10/0x20 [ 33.148152] [ 33.148219] Allocated by task 296: [ 33.148253] kasan_save_stack+0x3c/0x68 [ 33.148473] kasan_save_track+0x20/0x40 [ 33.148632] kasan_save_alloc_info+0x40/0x58 [ 33.148713] __kasan_kmalloc+0xd4/0xd8 [ 33.148762] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.149124] kasan_atomics+0xb8/0x2e0 [ 33.149178] kunit_try_run_case+0x170/0x3f0 [ 33.149218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.149263] kthread+0x328/0x630 [ 33.149298] ret_from_fork+0x10/0x20 [ 33.149336] [ 33.149360] The buggy address belongs to the object at fff00000c9225780 [ 33.149360] which belongs to the cache kmalloc-64 of size 64 [ 33.149652] The buggy address is located 0 bytes to the right of [ 33.149652] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.150085] [ 33.150186] The buggy address belongs to the physical page: [ 33.150285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.150434] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.150503] page_type: f5(slab) [ 33.150545] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.150647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.150690] page dumped because: kasan: bad access detected [ 33.150722] [ 33.150748] Memory state around the buggy address: [ 33.150784] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.150839] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.150893] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.150939] ^ [ 33.150981] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.151035] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.151073] ================================================================== [ 33.071843] ================================================================== [ 33.071919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 33.071980] Read of size 4 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.072241] [ 33.072311] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.072407] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.072803] Hardware name: linux,dummy-virt (DT) [ 33.072870] Call trace: [ 33.073075] show_stack+0x20/0x38 (C) [ 33.073146] dump_stack_lvl+0x8c/0xd0 [ 33.073289] print_report+0x118/0x5e8 [ 33.073361] kasan_report+0xdc/0x128 [ 33.073776] __asan_report_load4_noabort+0x20/0x30 [ 33.073868] kasan_atomics_helper+0x3dd8/0x4858 [ 33.073924] kasan_atomics+0x198/0x2e0 [ 33.074242] kunit_try_run_case+0x170/0x3f0 [ 33.074511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.074786] kthread+0x328/0x630 [ 33.074977] ret_from_fork+0x10/0x20 [ 33.075039] [ 33.075079] Allocated by task 296: [ 33.075112] kasan_save_stack+0x3c/0x68 [ 33.075166] kasan_save_track+0x20/0x40 [ 33.075211] kasan_save_alloc_info+0x40/0x58 [ 33.075253] __kasan_kmalloc+0xd4/0xd8 [ 33.075309] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.075364] kasan_atomics+0xb8/0x2e0 [ 33.075413] kunit_try_run_case+0x170/0x3f0 [ 33.075462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.075511] kthread+0x328/0x630 [ 33.075546] ret_from_fork+0x10/0x20 [ 33.075582] [ 33.075603] The buggy address belongs to the object at fff00000c9225780 [ 33.075603] which belongs to the cache kmalloc-64 of size 64 [ 33.075671] The buggy address is located 0 bytes to the right of [ 33.075671] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.075737] [ 33.075763] The buggy address belongs to the physical page: [ 33.076016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.076498] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.076562] page_type: f5(slab) [ 33.076966] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.077343] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.077511] page dumped because: kasan: bad access detected [ 33.077575] [ 33.077622] Memory state around the buggy address: [ 33.077759] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.077851] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.077897] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.077935] ^ [ 33.078614] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.078732] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.078909] ================================================================== [ 33.217960] ================================================================== [ 33.218081] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 33.218144] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.218202] [ 33.218466] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.218966] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.219028] Hardware name: linux,dummy-virt (DT) [ 33.219113] Call trace: [ 33.219141] show_stack+0x20/0x38 (C) [ 33.219382] dump_stack_lvl+0x8c/0xd0 [ 33.219453] print_report+0x118/0x5e8 [ 33.219807] kasan_report+0xdc/0x128 [ 33.219891] kasan_check_range+0x100/0x1a8 [ 33.219942] __kasan_check_write+0x20/0x30 [ 33.219991] kasan_atomics_helper+0x11f8/0x4858 [ 33.220043] kasan_atomics+0x198/0x2e0 [ 33.220090] kunit_try_run_case+0x170/0x3f0 [ 33.220163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.220219] kthread+0x328/0x630 [ 33.220271] ret_from_fork+0x10/0x20 [ 33.220322] [ 33.220346] Allocated by task 296: [ 33.220387] kasan_save_stack+0x3c/0x68 [ 33.220432] kasan_save_track+0x20/0x40 [ 33.220471] kasan_save_alloc_info+0x40/0x58 [ 33.220512] __kasan_kmalloc+0xd4/0xd8 [ 33.220549] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.220602] kasan_atomics+0xb8/0x2e0 [ 33.220641] kunit_try_run_case+0x170/0x3f0 [ 33.220682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.220728] kthread+0x328/0x630 [ 33.220762] ret_from_fork+0x10/0x20 [ 33.220807] [ 33.220844] The buggy address belongs to the object at fff00000c9225780 [ 33.220844] which belongs to the cache kmalloc-64 of size 64 [ 33.221659] The buggy address is located 0 bytes to the right of [ 33.221659] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.221769] [ 33.221821] The buggy address belongs to the physical page: [ 33.221889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.222059] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.222177] page_type: f5(slab) [ 33.222402] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.222637] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.222912] page dumped because: kasan: bad access detected [ 33.222990] [ 33.223290] Memory state around the buggy address: [ 33.223371] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.223464] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.223739] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.224245] ^ [ 33.224410] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.224555] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.224641] ================================================================== [ 33.226076] ================================================================== [ 33.226175] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 33.226263] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.226317] [ 33.226347] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.227500] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.227553] Hardware name: linux,dummy-virt (DT) [ 33.227588] Call trace: [ 33.227642] show_stack+0x20/0x38 (C) [ 33.227705] dump_stack_lvl+0x8c/0xd0 [ 33.227763] print_report+0x118/0x5e8 [ 33.227884] kasan_report+0xdc/0x128 [ 33.227941] kasan_check_range+0x100/0x1a8 [ 33.227990] __kasan_check_write+0x20/0x30 [ 33.228382] kasan_atomics_helper+0x126c/0x4858 [ 33.228474] kasan_atomics+0x198/0x2e0 [ 33.228525] kunit_try_run_case+0x170/0x3f0 [ 33.228579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.228632] kthread+0x328/0x630 [ 33.229058] ret_from_fork+0x10/0x20 [ 33.229347] [ 33.229581] Allocated by task 296: [ 33.229629] kasan_save_stack+0x3c/0x68 [ 33.229677] kasan_save_track+0x20/0x40 [ 33.229716] kasan_save_alloc_info+0x40/0x58 [ 33.229953] __kasan_kmalloc+0xd4/0xd8 [ 33.230100] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.230421] kasan_atomics+0xb8/0x2e0 [ 33.230559] kunit_try_run_case+0x170/0x3f0 [ 33.230605] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.231028] kthread+0x328/0x630 [ 33.231240] ret_from_fork+0x10/0x20 [ 33.231440] [ 33.231521] The buggy address belongs to the object at fff00000c9225780 [ 33.231521] which belongs to the cache kmalloc-64 of size 64 [ 33.231642] The buggy address is located 0 bytes to the right of [ 33.231642] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.231880] [ 33.232049] The buggy address belongs to the physical page: [ 33.232139] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.232606] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.232969] page_type: f5(slab) [ 33.233127] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.233263] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.233310] page dumped because: kasan: bad access detected [ 33.233343] [ 33.233730] Memory state around the buggy address: [ 33.233827] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.234070] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.234121] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.234561] ^ [ 33.234761] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.235033] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.235113] ================================================================== [ 33.244863] ================================================================== [ 33.245005] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 33.245345] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.245503] [ 33.245595] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.246150] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.246228] Hardware name: linux,dummy-virt (DT) [ 33.246289] Call trace: [ 33.246333] show_stack+0x20/0x38 (C) [ 33.246826] dump_stack_lvl+0x8c/0xd0 [ 33.246976] print_report+0x118/0x5e8 [ 33.247097] kasan_report+0xdc/0x128 [ 33.247150] kasan_check_range+0x100/0x1a8 [ 33.247402] __kasan_check_write+0x20/0x30 [ 33.247565] kasan_atomics_helper+0x1384/0x4858 [ 33.247625] kasan_atomics+0x198/0x2e0 [ 33.248074] kunit_try_run_case+0x170/0x3f0 [ 33.248347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.248612] kthread+0x328/0x630 [ 33.248705] ret_from_fork+0x10/0x20 [ 33.248974] [ 33.249426] Allocated by task 296: [ 33.249546] kasan_save_stack+0x3c/0x68 [ 33.249599] kasan_save_track+0x20/0x40 [ 33.249639] kasan_save_alloc_info+0x40/0x58 [ 33.249679] __kasan_kmalloc+0xd4/0xd8 [ 33.250032] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.250118] kasan_atomics+0xb8/0x2e0 [ 33.250540] kunit_try_run_case+0x170/0x3f0 [ 33.250589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.250904] kthread+0x328/0x630 [ 33.251285] ret_from_fork+0x10/0x20 [ 33.251379] [ 33.251419] The buggy address belongs to the object at fff00000c9225780 [ 33.251419] which belongs to the cache kmalloc-64 of size 64 [ 33.251478] The buggy address is located 0 bytes to the right of [ 33.251478] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.251543] [ 33.251566] The buggy address belongs to the physical page: [ 33.251611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.251675] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.251734] page_type: f5(slab) [ 33.251776] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.251845] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.251894] page dumped because: kasan: bad access detected [ 33.251938] [ 33.251960] Memory state around the buggy address: [ 33.251994] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.252039] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.252092] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.252131] ^ [ 33.252174] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.252216] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.252261] ================================================================== [ 32.999928] ================================================================== [ 32.999984] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 33.000040] Write of size 4 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.000092] [ 33.000123] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.000216] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.000247] Hardware name: linux,dummy-virt (DT) [ 33.000279] Call trace: [ 33.000302] show_stack+0x20/0x38 (C) [ 33.000655] dump_stack_lvl+0x8c/0xd0 [ 33.000961] print_report+0x118/0x5e8 [ 33.001248] kasan_report+0xdc/0x128 [ 33.001441] kasan_check_range+0x100/0x1a8 [ 33.001678] __kasan_check_write+0x20/0x30 [ 33.001803] kasan_atomics_helper+0xa6c/0x4858 [ 33.001990] kasan_atomics+0x198/0x2e0 [ 33.002359] kunit_try_run_case+0x170/0x3f0 [ 33.002473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.002594] kthread+0x328/0x630 [ 33.002679] ret_from_fork+0x10/0x20 [ 33.002807] [ 33.002840] Allocated by task 296: [ 33.003146] kasan_save_stack+0x3c/0x68 [ 33.003273] kasan_save_track+0x20/0x40 [ 33.003360] kasan_save_alloc_info+0x40/0x58 [ 33.003707] __kasan_kmalloc+0xd4/0xd8 [ 33.003757] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.003821] kasan_atomics+0xb8/0x2e0 [ 33.004319] kunit_try_run_case+0x170/0x3f0 [ 33.004414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.004507] kthread+0x328/0x630 [ 33.004637] ret_from_fork+0x10/0x20 [ 33.004780] [ 33.004939] The buggy address belongs to the object at fff00000c9225780 [ 33.004939] which belongs to the cache kmalloc-64 of size 64 [ 33.005327] The buggy address is located 0 bytes to the right of [ 33.005327] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.005469] [ 33.005537] The buggy address belongs to the physical page: [ 33.005739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.005952] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.006075] page_type: f5(slab) [ 33.006244] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.006369] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.006724] page dumped because: kasan: bad access detected [ 33.006785] [ 33.006927] Memory state around the buggy address: [ 33.007016] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.007151] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.007226] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.007440] ^ [ 33.007569] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.007642] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.007700] ================================================================== [ 33.275269] ================================================================== [ 33.275353] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 33.275414] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.275881] [ 33.275931] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.276422] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.276475] Hardware name: linux,dummy-virt (DT) [ 33.276510] Call trace: [ 33.276554] show_stack+0x20/0x38 (C) [ 33.276746] dump_stack_lvl+0x8c/0xd0 [ 33.276826] print_report+0x118/0x5e8 [ 33.276874] kasan_report+0xdc/0x128 [ 33.276920] kasan_check_range+0x100/0x1a8 [ 33.276967] __kasan_check_write+0x20/0x30 [ 33.277014] kasan_atomics_helper+0x147c/0x4858 [ 33.277065] kasan_atomics+0x198/0x2e0 [ 33.277113] kunit_try_run_case+0x170/0x3f0 [ 33.277162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.277214] kthread+0x328/0x630 [ 33.277383] ret_from_fork+0x10/0x20 [ 33.277450] [ 33.277474] Allocated by task 296: [ 33.277508] kasan_save_stack+0x3c/0x68 [ 33.277552] kasan_save_track+0x20/0x40 [ 33.277590] kasan_save_alloc_info+0x40/0x58 [ 33.277629] __kasan_kmalloc+0xd4/0xd8 [ 33.277666] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.277710] kasan_atomics+0xb8/0x2e0 [ 33.277750] kunit_try_run_case+0x170/0x3f0 [ 33.277789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.277848] kthread+0x328/0x630 [ 33.277886] ret_from_fork+0x10/0x20 [ 33.277936] [ 33.277959] The buggy address belongs to the object at fff00000c9225780 [ 33.277959] which belongs to the cache kmalloc-64 of size 64 [ 33.278025] The buggy address is located 0 bytes to the right of [ 33.278025] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.278090] [ 33.278112] The buggy address belongs to the physical page: [ 33.278147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.278208] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.278257] page_type: f5(slab) [ 33.278297] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.278349] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.278396] page dumped because: kasan: bad access detected [ 33.278429] [ 33.278450] Memory state around the buggy address: [ 33.278495] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.278539] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.278582] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.278621] ^ [ 33.278655] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.278698] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.278747] ================================================================== [ 32.831115] ================================================================== [ 32.831167] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ec/0x4858 [ 32.832007] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.832230] show_stack+0x20/0x38 (C) [ 32.833328] kasan_atomics+0x198/0x2e0 [ 32.834535] kasan_save_track+0x20/0x40 [ 32.836570] The buggy address is located 0 bytes to the right of [ 32.836570] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 32.837981] [ 32.838639] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.840081] ================================================================== [ 33.097957] ================================================================== [ 33.098221] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 33.098425] Read of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.098492] [ 33.098699] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.098804] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.099030] Hardware name: linux,dummy-virt (DT) [ 33.099080] Call trace: [ 33.099304] show_stack+0x20/0x38 (C) [ 33.099617] dump_stack_lvl+0x8c/0xd0 [ 33.099784] print_report+0x118/0x5e8 [ 33.099874] kasan_report+0xdc/0x128 [ 33.100134] kasan_check_range+0x100/0x1a8 [ 33.100292] __kasan_check_read+0x20/0x30 [ 33.100601] kasan_atomics_helper+0xdd4/0x4858 [ 33.100680] kasan_atomics+0x198/0x2e0 [ 33.100869] kunit_try_run_case+0x170/0x3f0 [ 33.101086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.101526] kthread+0x328/0x630 [ 33.101611] ret_from_fork+0x10/0x20 [ 33.102030] [ 33.102376] Allocated by task 296: [ 33.102488] kasan_save_stack+0x3c/0x68 [ 33.102772] kasan_save_track+0x20/0x40 [ 33.102963] kasan_save_alloc_info+0x40/0x58 [ 33.103034] __kasan_kmalloc+0xd4/0xd8 [ 33.103452] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.103543] kasan_atomics+0xb8/0x2e0 [ 33.103705] kunit_try_run_case+0x170/0x3f0 [ 33.103846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.103918] kthread+0x328/0x630 [ 33.104297] ret_from_fork+0x10/0x20 [ 33.104379] [ 33.104713] The buggy address belongs to the object at fff00000c9225780 [ 33.104713] which belongs to the cache kmalloc-64 of size 64 [ 33.105213] The buggy address is located 0 bytes to the right of [ 33.105213] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.105610] [ 33.105677] The buggy address belongs to the physical page: [ 33.105963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.106218] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.106277] page_type: f5(slab) [ 33.106318] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.106466] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.106522] page dumped because: kasan: bad access detected [ 33.106555] [ 33.106576] Memory state around the buggy address: [ 33.106609] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.106655] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.106699] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.106738] ^ [ 33.106774] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.106841] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.106893] ================================================================== [ 33.080393] ================================================================== [ 33.080669] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 33.080882] Write of size 4 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.081168] [ 33.081399] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.081521] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.081875] Hardware name: linux,dummy-virt (DT) [ 33.081937] Call trace: [ 33.082052] show_stack+0x20/0x38 (C) [ 33.082185] dump_stack_lvl+0x8c/0xd0 [ 33.082252] print_report+0x118/0x5e8 [ 33.082305] kasan_report+0xdc/0x128 [ 33.082691] kasan_check_range+0x100/0x1a8 [ 33.083217] __kasan_check_write+0x20/0x30 [ 33.083310] kasan_atomics_helper+0xd3c/0x4858 [ 33.083721] kasan_atomics+0x198/0x2e0 [ 33.083809] kunit_try_run_case+0x170/0x3f0 [ 33.084075] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.084285] kthread+0x328/0x630 [ 33.084522] ret_from_fork+0x10/0x20 [ 33.084786] [ 33.084851] Allocated by task 296: [ 33.084893] kasan_save_stack+0x3c/0x68 [ 33.085134] kasan_save_track+0x20/0x40 [ 33.085320] kasan_save_alloc_info+0x40/0x58 [ 33.085707] __kasan_kmalloc+0xd4/0xd8 [ 33.085872] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.085960] kasan_atomics+0xb8/0x2e0 [ 33.086069] kunit_try_run_case+0x170/0x3f0 [ 33.086222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.086269] kthread+0x328/0x630 [ 33.086320] ret_from_fork+0x10/0x20 [ 33.086359] [ 33.086536] The buggy address belongs to the object at fff00000c9225780 [ 33.086536] which belongs to the cache kmalloc-64 of size 64 [ 33.086795] The buggy address is located 0 bytes to the right of [ 33.086795] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.087106] [ 33.087212] The buggy address belongs to the physical page: [ 33.087270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.088020] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.088200] page_type: f5(slab) [ 33.088275] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.088367] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.088514] page dumped because: kasan: bad access detected [ 33.088549] [ 33.088569] Memory state around the buggy address: [ 33.088626] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.089252] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.089320] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.089363] ^ [ 33.089399] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.089445] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.089525] ================================================================== [ 33.122865] ================================================================== [ 33.122924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 33.122981] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.123246] [ 33.123419] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.123722] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.123967] Hardware name: linux,dummy-virt (DT) [ 33.124056] Call trace: [ 33.124086] show_stack+0x20/0x38 (C) [ 33.124234] dump_stack_lvl+0x8c/0xd0 [ 33.124293] print_report+0x118/0x5e8 [ 33.124341] kasan_report+0xdc/0x128 [ 33.124389] kasan_check_range+0x100/0x1a8 [ 33.124437] __kasan_check_write+0x20/0x30 [ 33.124597] kasan_atomics_helper+0xe44/0x4858 [ 33.124665] kasan_atomics+0x198/0x2e0 [ 33.124722] kunit_try_run_case+0x170/0x3f0 [ 33.124772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.124837] kthread+0x328/0x630 [ 33.125442] ret_from_fork+0x10/0x20 [ 33.126033] [ 33.126140] Allocated by task 296: [ 33.126192] kasan_save_stack+0x3c/0x68 [ 33.126365] kasan_save_track+0x20/0x40 [ 33.126427] kasan_save_alloc_info+0x40/0x58 [ 33.126775] __kasan_kmalloc+0xd4/0xd8 [ 33.126855] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.127281] kasan_atomics+0xb8/0x2e0 [ 33.127352] kunit_try_run_case+0x170/0x3f0 [ 33.127438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.127682] kthread+0x328/0x630 [ 33.127886] ret_from_fork+0x10/0x20 [ 33.127970] [ 33.128014] The buggy address belongs to the object at fff00000c9225780 [ 33.128014] which belongs to the cache kmalloc-64 of size 64 [ 33.128318] The buggy address is located 0 bytes to the right of [ 33.128318] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.128499] [ 33.128577] The buggy address belongs to the physical page: [ 33.128615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.129048] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.129178] page_type: f5(slab) [ 33.129225] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.129602] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.130247] page dumped because: kasan: bad access detected [ 33.130310] [ 33.130365] Memory state around the buggy address: [ 33.130442] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.130581] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.130929] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.131324] ^ [ 33.131496] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.131730] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.131849] ================================================================== [ 33.253746] ================================================================== [ 33.253800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 33.253872] Read of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.253923] [ 33.253956] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.254047] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.254350] Hardware name: linux,dummy-virt (DT) [ 33.254403] Call trace: [ 33.255291] show_stack+0x20/0x38 (C) [ 33.255368] dump_stack_lvl+0x8c/0xd0 [ 33.255421] print_report+0x118/0x5e8 [ 33.255504] kasan_report+0xdc/0x128 [ 33.255562] __asan_report_load8_noabort+0x20/0x30 [ 33.255616] kasan_atomics_helper+0x3f04/0x4858 [ 33.255936] kasan_atomics+0x198/0x2e0 [ 33.256051] kunit_try_run_case+0x170/0x3f0 [ 33.256111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.256498] kthread+0x328/0x630 [ 33.256568] ret_from_fork+0x10/0x20 [ 33.256621] [ 33.256643] Allocated by task 296: [ 33.257174] kasan_save_stack+0x3c/0x68 [ 33.257256] kasan_save_track+0x20/0x40 [ 33.257296] kasan_save_alloc_info+0x40/0x58 [ 33.257338] __kasan_kmalloc+0xd4/0xd8 [ 33.257373] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.257417] kasan_atomics+0xb8/0x2e0 [ 33.257456] kunit_try_run_case+0x170/0x3f0 [ 33.257877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.258210] kthread+0x328/0x630 [ 33.258304] ret_from_fork+0x10/0x20 [ 33.258346] [ 33.258640] The buggy address belongs to the object at fff00000c9225780 [ 33.258640] which belongs to the cache kmalloc-64 of size 64 [ 33.259083] The buggy address is located 0 bytes to the right of [ 33.259083] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.259451] [ 33.259598] The buggy address belongs to the physical page: [ 33.259692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.260021] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.260463] page_type: f5(slab) [ 33.260638] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.260855] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.260934] page dumped because: kasan: bad access detected [ 33.261021] [ 33.261059] Memory state around the buggy address: [ 33.261095] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.261338] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.261403] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.261558] ^ [ 33.261886] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.261982] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.262134] ================================================================== [ 33.353653] ================================================================== [ 33.353722] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 33.353777] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.353839] [ 33.353872] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.354164] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.354202] Hardware name: linux,dummy-virt (DT) [ 33.354368] Call trace: [ 33.354394] show_stack+0x20/0x38 (C) [ 33.354448] dump_stack_lvl+0x8c/0xd0 [ 33.354507] print_report+0x118/0x5e8 [ 33.354727] kasan_report+0xdc/0x128 [ 33.354779] kasan_check_range+0x100/0x1a8 [ 33.354871] __kasan_check_write+0x20/0x30 [ 33.355164] kasan_atomics_helper+0x17ec/0x4858 [ 33.355322] kasan_atomics+0x198/0x2e0 [ 33.355374] kunit_try_run_case+0x170/0x3f0 [ 33.355440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.355666] kthread+0x328/0x630 [ 33.355726] ret_from_fork+0x10/0x20 [ 33.355858] [ 33.355943] Allocated by task 296: [ 33.355977] kasan_save_stack+0x3c/0x68 [ 33.356021] kasan_save_track+0x20/0x40 [ 33.356059] kasan_save_alloc_info+0x40/0x58 [ 33.356129] __kasan_kmalloc+0xd4/0xd8 [ 33.356444] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.356554] kasan_atomics+0xb8/0x2e0 [ 33.356598] kunit_try_run_case+0x170/0x3f0 [ 33.356852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.356912] kthread+0x328/0x630 [ 33.356949] ret_from_fork+0x10/0x20 [ 33.357209] [ 33.357278] The buggy address belongs to the object at fff00000c9225780 [ 33.357278] which belongs to the cache kmalloc-64 of size 64 [ 33.357426] The buggy address is located 0 bytes to the right of [ 33.357426] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.357535] [ 33.357604] The buggy address belongs to the physical page: [ 33.357700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.357990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.358128] page_type: f5(slab) [ 33.358177] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.358563] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.358731] page dumped because: kasan: bad access detected [ 33.358820] [ 33.358888] Memory state around the buggy address: [ 33.359247] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.359357] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.359488] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.359527] ^ [ 33.359579] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.359945] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.360028] ================================================================== [ 33.207045] ================================================================== [ 33.207367] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 33.207525] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.207610] [ 33.207645] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.207774] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.207805] Hardware name: linux,dummy-virt (DT) [ 33.207848] Call trace: [ 33.208357] show_stack+0x20/0x38 (C) [ 33.208551] dump_stack_lvl+0x8c/0xd0 [ 33.208614] print_report+0x118/0x5e8 [ 33.208872] kasan_report+0xdc/0x128 [ 33.209066] kasan_check_range+0x100/0x1a8 [ 33.209480] __kasan_check_write+0x20/0x30 [ 33.209691] kasan_atomics_helper+0x1190/0x4858 [ 33.209907] kasan_atomics+0x198/0x2e0 [ 33.210078] kunit_try_run_case+0x170/0x3f0 [ 33.210177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.210544] kthread+0x328/0x630 [ 33.210648] ret_from_fork+0x10/0x20 [ 33.210702] [ 33.210748] Allocated by task 296: [ 33.211098] kasan_save_stack+0x3c/0x68 [ 33.211163] kasan_save_track+0x20/0x40 [ 33.211220] kasan_save_alloc_info+0x40/0x58 [ 33.211392] __kasan_kmalloc+0xd4/0xd8 [ 33.211439] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.211486] kasan_atomics+0xb8/0x2e0 [ 33.211525] kunit_try_run_case+0x170/0x3f0 [ 33.211923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.211994] kthread+0x328/0x630 [ 33.212360] ret_from_fork+0x10/0x20 [ 33.212567] [ 33.212644] The buggy address belongs to the object at fff00000c9225780 [ 33.212644] which belongs to the cache kmalloc-64 of size 64 [ 33.213145] The buggy address is located 0 bytes to the right of [ 33.213145] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.213373] [ 33.213534] The buggy address belongs to the physical page: [ 33.213605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.213801] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.213987] page_type: f5(slab) [ 33.214374] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.214501] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.214558] page dumped because: kasan: bad access detected [ 33.214639] [ 33.214719] Memory state around the buggy address: [ 33.214786] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.214844] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.215059] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.215268] ^ [ 33.215362] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.215837] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.215920] ================================================================== [ 33.311704] ================================================================== [ 33.311764] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 33.311832] Read of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.311900] [ 33.311933] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.312235] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.312280] Hardware name: linux,dummy-virt (DT) [ 33.312350] Call trace: [ 33.312376] show_stack+0x20/0x38 (C) [ 33.312431] dump_stack_lvl+0x8c/0xd0 [ 33.312481] print_report+0x118/0x5e8 [ 33.312556] kasan_report+0xdc/0x128 [ 33.312617] __asan_report_load8_noabort+0x20/0x30 [ 33.312669] kasan_atomics_helper+0x3db0/0x4858 [ 33.312721] kasan_atomics+0x198/0x2e0 [ 33.312788] kunit_try_run_case+0x170/0x3f0 [ 33.312880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.313019] kthread+0x328/0x630 [ 33.313082] ret_from_fork+0x10/0x20 [ 33.313133] [ 33.313161] Allocated by task 296: [ 33.313192] kasan_save_stack+0x3c/0x68 [ 33.313234] kasan_save_track+0x20/0x40 [ 33.313272] kasan_save_alloc_info+0x40/0x58 [ 33.313313] __kasan_kmalloc+0xd4/0xd8 [ 33.313348] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.313565] kasan_atomics+0xb8/0x2e0 [ 33.313635] kunit_try_run_case+0x170/0x3f0 [ 33.313709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.313805] kthread+0x328/0x630 [ 33.314167] ret_from_fork+0x10/0x20 [ 33.314256] [ 33.314324] The buggy address belongs to the object at fff00000c9225780 [ 33.314324] which belongs to the cache kmalloc-64 of size 64 [ 33.314431] The buggy address is located 0 bytes to the right of [ 33.314431] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.314515] [ 33.314537] The buggy address belongs to the physical page: [ 33.314735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.314961] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.315041] page_type: f5(slab) [ 33.315096] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.315322] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.315367] page dumped because: kasan: bad access detected [ 33.315533] [ 33.315877] Memory state around the buggy address: [ 33.316157] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.316332] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.316450] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.316518] ^ [ 33.316606] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.316704] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.316745] ================================================================== [ 33.263635] ================================================================== [ 33.263838] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 33.264046] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.264322] [ 33.264403] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.264503] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.264535] Hardware name: linux,dummy-virt (DT) [ 33.264951] Call trace: [ 33.265199] show_stack+0x20/0x38 (C) [ 33.265281] dump_stack_lvl+0x8c/0xd0 [ 33.265350] print_report+0x118/0x5e8 [ 33.265793] kasan_report+0xdc/0x128 [ 33.266252] kasan_check_range+0x100/0x1a8 [ 33.266315] __kasan_check_write+0x20/0x30 [ 33.266363] kasan_atomics_helper+0x1414/0x4858 [ 33.266447] kasan_atomics+0x198/0x2e0 [ 33.266774] kunit_try_run_case+0x170/0x3f0 [ 33.266873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.267468] kthread+0x328/0x630 [ 33.267645] ret_from_fork+0x10/0x20 [ 33.268077] [ 33.268135] Allocated by task 296: [ 33.268172] kasan_save_stack+0x3c/0x68 [ 33.268464] kasan_save_track+0x20/0x40 [ 33.268837] kasan_save_alloc_info+0x40/0x58 [ 33.269076] __kasan_kmalloc+0xd4/0xd8 [ 33.269187] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.269375] kasan_atomics+0xb8/0x2e0 [ 33.269634] kunit_try_run_case+0x170/0x3f0 [ 33.269791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.269885] kthread+0x328/0x630 [ 33.270099] ret_from_fork+0x10/0x20 [ 33.270304] [ 33.270479] The buggy address belongs to the object at fff00000c9225780 [ 33.270479] which belongs to the cache kmalloc-64 of size 64 [ 33.270550] The buggy address is located 0 bytes to the right of [ 33.270550] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.270615] [ 33.270909] The buggy address belongs to the physical page: [ 33.271310] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.271409] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.271517] page_type: f5(slab) [ 33.271850] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.271937] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.272044] page dumped because: kasan: bad access detected [ 33.272132] [ 33.272249] Memory state around the buggy address: [ 33.272305] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.272369] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.272413] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.272772] ^ [ 33.272891] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.273087] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.273304] ================================================================== [ 33.196646] ================================================================== [ 33.197104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 33.197190] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.197243] [ 33.197277] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.197610] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.198010] Hardware name: linux,dummy-virt (DT) [ 33.198090] Call trace: [ 33.198282] show_stack+0x20/0x38 (C) [ 33.198380] dump_stack_lvl+0x8c/0xd0 [ 33.198555] print_report+0x118/0x5e8 [ 33.198612] kasan_report+0xdc/0x128 [ 33.198659] kasan_check_range+0x100/0x1a8 [ 33.198708] __kasan_check_write+0x20/0x30 [ 33.199119] kasan_atomics_helper+0x1128/0x4858 [ 33.199620] kasan_atomics+0x198/0x2e0 [ 33.199915] kunit_try_run_case+0x170/0x3f0 [ 33.200175] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.200385] kthread+0x328/0x630 [ 33.200450] ret_from_fork+0x10/0x20 [ 33.200749] [ 33.200840] Allocated by task 296: [ 33.201236] kasan_save_stack+0x3c/0x68 [ 33.201297] kasan_save_track+0x20/0x40 [ 33.201623] kasan_save_alloc_info+0x40/0x58 [ 33.201712] __kasan_kmalloc+0xd4/0xd8 [ 33.202071] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.202191] kasan_atomics+0xb8/0x2e0 [ 33.202264] kunit_try_run_case+0x170/0x3f0 [ 33.202304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.202647] kthread+0x328/0x630 [ 33.202955] ret_from_fork+0x10/0x20 [ 33.203300] [ 33.203355] The buggy address belongs to the object at fff00000c9225780 [ 33.203355] which belongs to the cache kmalloc-64 of size 64 [ 33.203689] The buggy address is located 0 bytes to the right of [ 33.203689] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.203772] [ 33.203984] The buggy address belongs to the physical page: [ 33.204042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.204239] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.204565] page_type: f5(slab) [ 33.205145] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.205230] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.205303] page dumped because: kasan: bad access detected [ 33.205336] [ 33.205393] Memory state around the buggy address: [ 33.205429] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.205477] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.205530] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.205580] ^ [ 33.205618] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.205671] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.205712] ================================================================== [ 33.110430] ================================================================== [ 33.110802] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 33.110986] Read of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.111048] [ 33.111084] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.111580] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.111637] Hardware name: linux,dummy-virt (DT) [ 33.111673] Call trace: [ 33.111698] show_stack+0x20/0x38 (C) [ 33.112060] dump_stack_lvl+0x8c/0xd0 [ 33.112138] print_report+0x118/0x5e8 [ 33.112527] kasan_report+0xdc/0x128 [ 33.112852] __asan_report_load8_noabort+0x20/0x30 [ 33.113085] kasan_atomics_helper+0x3f58/0x4858 [ 33.113908] kasan_atomics+0x198/0x2e0 [ 33.113990] kunit_try_run_case+0x170/0x3f0 [ 33.114305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.114443] kthread+0x328/0x630 [ 33.114524] ret_from_fork+0x10/0x20 [ 33.114900] [ 33.115340] Allocated by task 296: [ 33.115384] kasan_save_stack+0x3c/0x68 [ 33.115624] kasan_save_track+0x20/0x40 [ 33.115856] kasan_save_alloc_info+0x40/0x58 [ 33.116289] __kasan_kmalloc+0xd4/0xd8 [ 33.116525] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.116640] kasan_atomics+0xb8/0x2e0 [ 33.116954] kunit_try_run_case+0x170/0x3f0 [ 33.117009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.117758] kthread+0x328/0x630 [ 33.117963] ret_from_fork+0x10/0x20 [ 33.118079] [ 33.118221] The buggy address belongs to the object at fff00000c9225780 [ 33.118221] which belongs to the cache kmalloc-64 of size 64 [ 33.118283] The buggy address is located 0 bytes to the right of [ 33.118283] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.118380] [ 33.118427] The buggy address belongs to the physical page: [ 33.118684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.119328] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.119562] page_type: f5(slab) [ 33.119607] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.119659] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.120254] page dumped because: kasan: bad access detected [ 33.120439] [ 33.120490] Memory state around the buggy address: [ 33.120544] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.120651] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.120712] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.120751] ^ [ 33.121042] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.121261] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.121340] ================================================================== [ 33.162187] ================================================================== [ 33.162254] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 33.162348] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.162432] [ 33.162467] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.162634] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.162668] Hardware name: linux,dummy-virt (DT) [ 33.162719] Call trace: [ 33.162800] show_stack+0x20/0x38 (C) [ 33.162884] dump_stack_lvl+0x8c/0xd0 [ 33.162994] print_report+0x118/0x5e8 [ 33.163041] kasan_report+0xdc/0x128 [ 33.163089] kasan_check_range+0x100/0x1a8 [ 33.163151] __kasan_check_write+0x20/0x30 [ 33.163348] kasan_atomics_helper+0xf88/0x4858 [ 33.163652] kasan_atomics+0x198/0x2e0 [ 33.163870] kunit_try_run_case+0x170/0x3f0 [ 33.163943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.163997] kthread+0x328/0x630 [ 33.164041] ret_from_fork+0x10/0x20 [ 33.164128] [ 33.164166] Allocated by task 296: [ 33.164204] kasan_save_stack+0x3c/0x68 [ 33.164640] kasan_save_track+0x20/0x40 [ 33.164730] kasan_save_alloc_info+0x40/0x58 [ 33.164774] __kasan_kmalloc+0xd4/0xd8 [ 33.165370] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.165531] kasan_atomics+0xb8/0x2e0 [ 33.165603] kunit_try_run_case+0x170/0x3f0 [ 33.165701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.165788] kthread+0x328/0x630 [ 33.165853] ret_from_fork+0x10/0x20 [ 33.165893] [ 33.166267] The buggy address belongs to the object at fff00000c9225780 [ 33.166267] which belongs to the cache kmalloc-64 of size 64 [ 33.166374] The buggy address is located 0 bytes to the right of [ 33.166374] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.166920] [ 33.166973] The buggy address belongs to the physical page: [ 33.167028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.167296] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.167410] page_type: f5(slab) [ 33.167639] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.168086] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.168176] page dumped because: kasan: bad access detected [ 33.168406] [ 33.168453] Memory state around the buggy address: [ 33.168599] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.168681] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.169054] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.169130] ^ [ 33.169410] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.169565] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.169729] ================================================================== [ 33.336690] ================================================================== [ 33.336849] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 33.336915] Read of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.336990] [ 33.337050] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.337142] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.337176] Hardware name: linux,dummy-virt (DT) [ 33.337209] Call trace: [ 33.337232] show_stack+0x20/0x38 (C) [ 33.337283] dump_stack_lvl+0x8c/0xd0 [ 33.337332] print_report+0x118/0x5e8 [ 33.337546] kasan_report+0xdc/0x128 [ 33.337694] __asan_report_load8_noabort+0x20/0x30 [ 33.337790] kasan_atomics_helper+0x3e10/0x4858 [ 33.337883] kasan_atomics+0x198/0x2e0 [ 33.337995] kunit_try_run_case+0x170/0x3f0 [ 33.338047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.338100] kthread+0x328/0x630 [ 33.338384] ret_from_fork+0x10/0x20 [ 33.338499] [ 33.338538] Allocated by task 296: [ 33.338570] kasan_save_stack+0x3c/0x68 [ 33.338980] kasan_save_track+0x20/0x40 [ 33.339106] kasan_save_alloc_info+0x40/0x58 [ 33.339371] __kasan_kmalloc+0xd4/0xd8 [ 33.339545] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.339722] kasan_atomics+0xb8/0x2e0 [ 33.339774] kunit_try_run_case+0x170/0x3f0 [ 33.339824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.340165] kthread+0x328/0x630 [ 33.340345] ret_from_fork+0x10/0x20 [ 33.340441] [ 33.340519] The buggy address belongs to the object at fff00000c9225780 [ 33.340519] which belongs to the cache kmalloc-64 of size 64 [ 33.340885] The buggy address is located 0 bytes to the right of [ 33.340885] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.340984] [ 33.341006] The buggy address belongs to the physical page: [ 33.341038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.341226] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.341276] page_type: f5(slab) [ 33.341550] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.341683] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.342016] page dumped because: kasan: bad access detected [ 33.342135] [ 33.342253] Memory state around the buggy address: [ 33.342334] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.342382] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.342435] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.342484] ^ [ 33.342519] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.342563] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.342612] ================================================================== [ 32.885450] ================================================================== [ 32.885508] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 32.885562] Write of size 4 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 32.885614] [ 32.885974] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 32.887319] kasan_atomics_helper+0x414/0x4858 [ 32.887798] kunit_try_run_case+0x170/0x3f0 [ 32.888132] [ 32.888537] kasan_save_track+0x20/0x40 [ 32.888884] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.889097] kunit_try_run_case+0x170/0x3f0 [ 32.889183] kthread+0x328/0x630 [ 32.889702] The buggy address belongs to the object at fff00000c9225780 [ 32.889702] which belongs to the cache kmalloc-64 of size 64 [ 32.891306] [ 32.891363] Memory state around the buggy address: [ 32.891968] ^ [ 32.892189] ================================================================== [ 32.981678] ================================================================== [ 32.981731] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 32.981787] Write of size 4 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 32.982109] [ 32.982310] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 32.982470] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.982506] Hardware name: linux,dummy-virt (DT) [ 32.982539] Call trace: [ 32.982564] show_stack+0x20/0x38 (C) [ 32.982823] dump_stack_lvl+0x8c/0xd0 [ 32.982884] print_report+0x118/0x5e8 [ 32.983019] kasan_report+0xdc/0x128 [ 32.983116] kasan_check_range+0x100/0x1a8 [ 32.983222] __kasan_check_write+0x20/0x30 [ 32.983288] kasan_atomics_helper+0x99c/0x4858 [ 32.983341] kasan_atomics+0x198/0x2e0 [ 32.983408] kunit_try_run_case+0x170/0x3f0 [ 32.983736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.983800] kthread+0x328/0x630 [ 32.983941] ret_from_fork+0x10/0x20 [ 32.983993] [ 32.984063] Allocated by task 296: [ 32.984151] kasan_save_stack+0x3c/0x68 [ 32.984268] kasan_save_track+0x20/0x40 [ 32.984367] kasan_save_alloc_info+0x40/0x58 [ 32.984423] __kasan_kmalloc+0xd4/0xd8 [ 32.984463] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.984506] kasan_atomics+0xb8/0x2e0 [ 32.984845] kunit_try_run_case+0x170/0x3f0 [ 32.985376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.985738] kthread+0x328/0x630 [ 32.985879] ret_from_fork+0x10/0x20 [ 32.986006] [ 32.986084] The buggy address belongs to the object at fff00000c9225780 [ 32.986084] which belongs to the cache kmalloc-64 of size 64 [ 32.986180] The buggy address is located 0 bytes to the right of [ 32.986180] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 32.986269] [ 32.986491] The buggy address belongs to the physical page: [ 32.986739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 32.986843] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.987146] page_type: f5(slab) [ 32.987198] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.987544] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.987664] page dumped because: kasan: bad access detected [ 32.987946] [ 32.988006] Memory state around the buggy address: [ 32.988253] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.988585] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 32.988865] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.989121] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.990901] [ 32.991146] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.991214] Call trace: [ 32.991564] kasan_report+0xdc/0x128 [ 32.992866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.994057] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.995060] ret_from_fork+0x10/0x20 [ 32.995508] [ 32.995744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 32.996268] page_type: f5(slab) [ 32.996349] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.996703] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.996845] page dumped because: kasan: bad access detected [ 32.996920] [ 32.997087] Memory state around the buggy address: [ 32.997180] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.997354] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 32.997522] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.997586] ^ [ 32.997874] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.997933] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.998093] ================================================================== [ 33.296983] ================================================================== [ 33.297105] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 33.297479] Write of size 8 at addr fff00000c92257b0 by task kunit_try_catch/296 [ 33.297557] [ 33.297601] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 33.298142] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.298573] Hardware name: linux,dummy-virt (DT) [ 33.298643] Call trace: [ 33.298688] show_stack+0x20/0x38 (C) [ 33.298791] dump_stack_lvl+0x8c/0xd0 [ 33.298903] print_report+0x118/0x5e8 [ 33.299068] kasan_report+0xdc/0x128 [ 33.299175] kasan_check_range+0x100/0x1a8 [ 33.299325] __kasan_check_write+0x20/0x30 [ 33.299837] kasan_atomics_helper+0x154c/0x4858 [ 33.300100] kasan_atomics+0x198/0x2e0 [ 33.300374] kunit_try_run_case+0x170/0x3f0 [ 33.301022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.301396] kthread+0x328/0x630 [ 33.301525] ret_from_fork+0x10/0x20 [ 33.301669] [ 33.301750] Allocated by task 296: [ 33.302167] kasan_save_stack+0x3c/0x68 [ 33.302248] kasan_save_track+0x20/0x40 [ 33.302521] kasan_save_alloc_info+0x40/0x58 [ 33.302604] __kasan_kmalloc+0xd4/0xd8 [ 33.302644] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.302988] kasan_atomics+0xb8/0x2e0 [ 33.303312] kunit_try_run_case+0x170/0x3f0 [ 33.303580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.303940] kthread+0x328/0x630 [ 33.304677] ret_from_fork+0x10/0x20 [ 33.305400] [ 33.305441] The buggy address belongs to the object at fff00000c9225780 [ 33.305441] which belongs to the cache kmalloc-64 of size 64 [ 33.305503] The buggy address is located 0 bytes to the right of [ 33.305503] allocated 48-byte region [fff00000c9225780, fff00000c92257b0) [ 33.305568] [ 33.305592] The buggy address belongs to the physical page: [ 33.305628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109225 [ 33.305686] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.305736] page_type: f5(slab) [ 33.305777] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.305840] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.305992] page dumped because: kasan: bad access detected [ 33.306100] [ 33.306177] Memory state around the buggy address: [ 33.306310] fff00000c9225680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.306427] fff00000c9225700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.306537] >fff00000c9225780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.306627] ^ [ 33.306712] fff00000c9225800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.306768] fff00000c9225880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.306807] ==================================================================
[ 28.243066] ================================================================== [ 28.243365] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 28.244069] Read of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.244416] [ 28.244643] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.244698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.244713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.244736] Call Trace: [ 28.244753] <TASK> [ 28.244768] dump_stack_lvl+0x73/0xb0 [ 28.244924] print_report+0xd1/0x640 [ 28.244951] ? __virt_addr_valid+0x1db/0x2d0 [ 28.244979] ? kasan_atomics_helper+0x4a02/0x5450 [ 28.245002] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.245030] ? kasan_atomics_helper+0x4a02/0x5450 [ 28.245054] kasan_report+0x141/0x180 [ 28.245078] ? kasan_atomics_helper+0x4a02/0x5450 [ 28.245107] __asan_report_load4_noabort+0x18/0x20 [ 28.245133] kasan_atomics_helper+0x4a02/0x5450 [ 28.245157] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.245181] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.245219] ? kasan_atomics+0x152/0x310 [ 28.245247] kasan_atomics+0x1dc/0x310 [ 28.245272] ? __pfx_kasan_atomics+0x10/0x10 [ 28.245299] ? __pfx_read_tsc+0x10/0x10 [ 28.245322] ? ktime_get_ts64+0x86/0x230 [ 28.245348] kunit_try_run_case+0x1a5/0x480 [ 28.245374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.245399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.245425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.245452] ? __kthread_parkme+0x82/0x180 [ 28.245495] ? preempt_count_sub+0x50/0x80 [ 28.245521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.245548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.245574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.245599] kthread+0x337/0x6f0 [ 28.245621] ? trace_preempt_on+0x20/0xc0 [ 28.245647] ? __pfx_kthread+0x10/0x10 [ 28.245669] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.245695] ? calculate_sigpending+0x7b/0xa0 [ 28.245720] ? __pfx_kthread+0x10/0x10 [ 28.245744] ret_from_fork+0x116/0x1d0 [ 28.245765] ? __pfx_kthread+0x10/0x10 [ 28.245788] ret_from_fork_asm+0x1a/0x30 [ 28.245821] </TASK> [ 28.245845] [ 28.256228] Allocated by task 313: [ 28.256732] kasan_save_stack+0x45/0x70 [ 28.256935] kasan_save_track+0x18/0x40 [ 28.257122] kasan_save_alloc_info+0x3b/0x50 [ 28.257722] __kasan_kmalloc+0xb7/0xc0 [ 28.257887] __kmalloc_cache_noprof+0x189/0x420 [ 28.258119] kasan_atomics+0x95/0x310 [ 28.258466] kunit_try_run_case+0x1a5/0x480 [ 28.258861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.259149] kthread+0x337/0x6f0 [ 28.259402] ret_from_fork+0x116/0x1d0 [ 28.259619] ret_from_fork_asm+0x1a/0x30 [ 28.259825] [ 28.259994] The buggy address belongs to the object at ffff8881058a7e80 [ 28.259994] which belongs to the cache kmalloc-64 of size 64 [ 28.260673] The buggy address is located 0 bytes to the right of [ 28.260673] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.261313] [ 28.261613] The buggy address belongs to the physical page: [ 28.261930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.262415] flags: 0x200000000000000(node=0|zone=2) [ 28.262666] page_type: f5(slab) [ 28.262921] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.263363] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.263720] page dumped because: kasan: bad access detected [ 28.264169] [ 28.264287] Memory state around the buggy address: [ 28.264503] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.265037] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.265338] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.265673] ^ [ 28.266122] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.266588] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.266854] ================================================================== [ 27.578145] ================================================================== [ 27.578553] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 27.578854] Read of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.579160] [ 27.579325] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.579377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.579391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.579414] Call Trace: [ 27.579432] <TASK> [ 27.579448] dump_stack_lvl+0x73/0xb0 [ 27.579477] print_report+0xd1/0x640 [ 27.579502] ? __virt_addr_valid+0x1db/0x2d0 [ 27.579528] ? kasan_atomics_helper+0x3df/0x5450 [ 27.579608] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.579640] ? kasan_atomics_helper+0x3df/0x5450 [ 27.579665] kasan_report+0x141/0x180 [ 27.579689] ? kasan_atomics_helper+0x3df/0x5450 [ 27.579717] kasan_check_range+0x10c/0x1c0 [ 27.579744] __kasan_check_read+0x15/0x20 [ 27.579770] kasan_atomics_helper+0x3df/0x5450 [ 27.579795] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.579819] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.579859] ? kasan_atomics+0x152/0x310 [ 27.579887] kasan_atomics+0x1dc/0x310 [ 27.579912] ? __pfx_kasan_atomics+0x10/0x10 [ 27.579938] ? __pfx_read_tsc+0x10/0x10 [ 27.579962] ? ktime_get_ts64+0x86/0x230 [ 27.579987] kunit_try_run_case+0x1a5/0x480 [ 27.580014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.580039] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.580067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.580094] ? __kthread_parkme+0x82/0x180 [ 27.580117] ? preempt_count_sub+0x50/0x80 [ 27.580142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.580169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.580208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.580234] kthread+0x337/0x6f0 [ 27.580256] ? trace_preempt_on+0x20/0xc0 [ 27.580282] ? __pfx_kthread+0x10/0x10 [ 27.580305] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.580331] ? calculate_sigpending+0x7b/0xa0 [ 27.580357] ? __pfx_kthread+0x10/0x10 [ 27.580381] ret_from_fork+0x116/0x1d0 [ 27.580402] ? __pfx_kthread+0x10/0x10 [ 27.580425] ret_from_fork_asm+0x1a/0x30 [ 27.580457] </TASK> [ 27.580481] [ 27.588636] Allocated by task 313: [ 27.588789] kasan_save_stack+0x45/0x70 [ 27.589013] kasan_save_track+0x18/0x40 [ 27.589191] kasan_save_alloc_info+0x3b/0x50 [ 27.589371] __kasan_kmalloc+0xb7/0xc0 [ 27.589610] __kmalloc_cache_noprof+0x189/0x420 [ 27.589871] kasan_atomics+0x95/0x310 [ 27.590014] kunit_try_run_case+0x1a5/0x480 [ 27.590166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.590396] kthread+0x337/0x6f0 [ 27.590563] ret_from_fork+0x116/0x1d0 [ 27.590928] ret_from_fork_asm+0x1a/0x30 [ 27.591107] [ 27.591213] The buggy address belongs to the object at ffff8881058a7e80 [ 27.591213] which belongs to the cache kmalloc-64 of size 64 [ 27.591766] The buggy address is located 0 bytes to the right of [ 27.591766] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.592307] [ 27.592403] The buggy address belongs to the physical page: [ 27.592709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.593072] flags: 0x200000000000000(node=0|zone=2) [ 27.593312] page_type: f5(slab) [ 27.593436] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.593674] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.593913] page dumped because: kasan: bad access detected [ 27.594088] [ 27.594157] Memory state around the buggy address: [ 27.594382] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.594715] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.595041] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.595613] ^ [ 27.595775] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.596008] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.596223] ================================================================== [ 27.708271] ================================================================== [ 27.708799] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 27.709119] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.709366] [ 27.709573] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.709628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.709827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.709869] Call Trace: [ 27.709888] <TASK> [ 27.709905] dump_stack_lvl+0x73/0xb0 [ 27.709937] print_report+0xd1/0x640 [ 27.709962] ? __virt_addr_valid+0x1db/0x2d0 [ 27.709987] ? kasan_atomics_helper+0x697/0x5450 [ 27.710010] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.710038] ? kasan_atomics_helper+0x697/0x5450 [ 27.710062] kasan_report+0x141/0x180 [ 27.710087] ? kasan_atomics_helper+0x697/0x5450 [ 27.710116] kasan_check_range+0x10c/0x1c0 [ 27.710142] __kasan_check_write+0x18/0x20 [ 27.710490] kasan_atomics_helper+0x697/0x5450 [ 27.710520] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.710558] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.710584] ? kasan_atomics+0x152/0x310 [ 27.710613] kasan_atomics+0x1dc/0x310 [ 27.710637] ? __pfx_kasan_atomics+0x10/0x10 [ 27.710663] ? __pfx_read_tsc+0x10/0x10 [ 27.710687] ? ktime_get_ts64+0x86/0x230 [ 27.710714] kunit_try_run_case+0x1a5/0x480 [ 27.710741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.710766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.710793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.710820] ? __kthread_parkme+0x82/0x180 [ 27.710854] ? preempt_count_sub+0x50/0x80 [ 27.710880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.710907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.710933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.710959] kthread+0x337/0x6f0 [ 27.710980] ? trace_preempt_on+0x20/0xc0 [ 27.711005] ? __pfx_kthread+0x10/0x10 [ 27.711028] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.711053] ? calculate_sigpending+0x7b/0xa0 [ 27.711078] ? __pfx_kthread+0x10/0x10 [ 27.711101] ret_from_fork+0x116/0x1d0 [ 27.711123] ? __pfx_kthread+0x10/0x10 [ 27.711145] ret_from_fork_asm+0x1a/0x30 [ 27.711178] </TASK> [ 27.711191] [ 27.723380] Allocated by task 313: [ 27.723934] kasan_save_stack+0x45/0x70 [ 27.724133] kasan_save_track+0x18/0x40 [ 27.724541] kasan_save_alloc_info+0x3b/0x50 [ 27.724907] __kasan_kmalloc+0xb7/0xc0 [ 27.725108] __kmalloc_cache_noprof+0x189/0x420 [ 27.725535] kasan_atomics+0x95/0x310 [ 27.725846] kunit_try_run_case+0x1a5/0x480 [ 27.726069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.726451] kthread+0x337/0x6f0 [ 27.726754] ret_from_fork+0x116/0x1d0 [ 27.726925] ret_from_fork_asm+0x1a/0x30 [ 27.727129] [ 27.727407] The buggy address belongs to the object at ffff8881058a7e80 [ 27.727407] which belongs to the cache kmalloc-64 of size 64 [ 27.728121] The buggy address is located 0 bytes to the right of [ 27.728121] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.729027] [ 27.729351] The buggy address belongs to the physical page: [ 27.729804] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.730242] flags: 0x200000000000000(node=0|zone=2) [ 27.730437] page_type: f5(slab) [ 27.730799] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.731243] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.731718] page dumped because: kasan: bad access detected [ 27.731972] [ 27.732072] Memory state around the buggy address: [ 27.732263] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.732893] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.733311] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.733958] ^ [ 27.734151] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.734743] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.735158] ================================================================== [ 27.889338] ================================================================== [ 27.889759] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 27.890080] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.890426] [ 27.890608] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.890659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.890674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.890706] Call Trace: [ 27.890722] <TASK> [ 27.890737] dump_stack_lvl+0x73/0xb0 [ 27.890776] print_report+0xd1/0x640 [ 27.890801] ? __virt_addr_valid+0x1db/0x2d0 [ 27.890826] ? kasan_atomics_helper+0xac7/0x5450 [ 27.890858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.890886] ? kasan_atomics_helper+0xac7/0x5450 [ 27.890909] kasan_report+0x141/0x180 [ 27.890933] ? kasan_atomics_helper+0xac7/0x5450 [ 27.890960] kasan_check_range+0x10c/0x1c0 [ 27.890985] __kasan_check_write+0x18/0x20 [ 27.891010] kasan_atomics_helper+0xac7/0x5450 [ 27.891034] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.891058] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.891083] ? kasan_atomics+0x152/0x310 [ 27.891111] kasan_atomics+0x1dc/0x310 [ 27.891142] ? __pfx_kasan_atomics+0x10/0x10 [ 27.891168] ? __pfx_read_tsc+0x10/0x10 [ 27.891215] ? ktime_get_ts64+0x86/0x230 [ 27.891240] kunit_try_run_case+0x1a5/0x480 [ 27.891267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.891292] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.891318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.891345] ? __kthread_parkme+0x82/0x180 [ 27.891367] ? preempt_count_sub+0x50/0x80 [ 27.891392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.891418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.891492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.891522] kthread+0x337/0x6f0 [ 27.891545] ? trace_preempt_on+0x20/0xc0 [ 27.891572] ? __pfx_kthread+0x10/0x10 [ 27.891598] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.891624] ? calculate_sigpending+0x7b/0xa0 [ 27.891660] ? __pfx_kthread+0x10/0x10 [ 27.891684] ret_from_fork+0x116/0x1d0 [ 27.891717] ? __pfx_kthread+0x10/0x10 [ 27.891739] ret_from_fork_asm+0x1a/0x30 [ 27.891772] </TASK> [ 27.891784] [ 27.900351] Allocated by task 313: [ 27.900612] kasan_save_stack+0x45/0x70 [ 27.900769] kasan_save_track+0x18/0x40 [ 27.900927] kasan_save_alloc_info+0x3b/0x50 [ 27.901187] __kasan_kmalloc+0xb7/0xc0 [ 27.901375] __kmalloc_cache_noprof+0x189/0x420 [ 27.901604] kasan_atomics+0x95/0x310 [ 27.901789] kunit_try_run_case+0x1a5/0x480 [ 27.902005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.902625] kthread+0x337/0x6f0 [ 27.902802] ret_from_fork+0x116/0x1d0 [ 27.902978] ret_from_fork_asm+0x1a/0x30 [ 27.903148] [ 27.903238] The buggy address belongs to the object at ffff8881058a7e80 [ 27.903238] which belongs to the cache kmalloc-64 of size 64 [ 27.904565] The buggy address is located 0 bytes to the right of [ 27.904565] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.905860] [ 27.905972] The buggy address belongs to the physical page: [ 27.906447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.906844] flags: 0x200000000000000(node=0|zone=2) [ 27.907061] page_type: f5(slab) [ 27.907442] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.907999] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.908735] page dumped because: kasan: bad access detected [ 27.909191] [ 27.909449] Memory state around the buggy address: [ 27.909923] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.910508] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.911015] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.911726] ^ [ 27.911974] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.912431] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.913061] ================================================================== [ 27.869624] ================================================================== [ 27.869980] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 27.870289] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.870827] [ 27.870943] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.871008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.871023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.871046] Call Trace: [ 27.871063] <TASK> [ 27.871090] dump_stack_lvl+0x73/0xb0 [ 27.871122] print_report+0xd1/0x640 [ 27.871166] ? __virt_addr_valid+0x1db/0x2d0 [ 27.871192] ? kasan_atomics_helper+0xa2b/0x5450 [ 27.871214] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.871244] ? kasan_atomics_helper+0xa2b/0x5450 [ 27.871267] kasan_report+0x141/0x180 [ 27.871291] ? kasan_atomics_helper+0xa2b/0x5450 [ 27.871319] kasan_check_range+0x10c/0x1c0 [ 27.871345] __kasan_check_write+0x18/0x20 [ 27.871370] kasan_atomics_helper+0xa2b/0x5450 [ 27.871401] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.871426] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.871523] ? kasan_atomics+0x152/0x310 [ 27.871553] kasan_atomics+0x1dc/0x310 [ 27.871579] ? __pfx_kasan_atomics+0x10/0x10 [ 27.871605] ? __pfx_read_tsc+0x10/0x10 [ 27.871628] ? ktime_get_ts64+0x86/0x230 [ 27.871655] kunit_try_run_case+0x1a5/0x480 [ 27.871683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.871707] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.871735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.871763] ? __kthread_parkme+0x82/0x180 [ 27.871785] ? preempt_count_sub+0x50/0x80 [ 27.871811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.871848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.871883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.871908] kthread+0x337/0x6f0 [ 27.871930] ? trace_preempt_on+0x20/0xc0 [ 27.871967] ? __pfx_kthread+0x10/0x10 [ 27.871989] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.872015] ? calculate_sigpending+0x7b/0xa0 [ 27.872040] ? __pfx_kthread+0x10/0x10 [ 27.872064] ret_from_fork+0x116/0x1d0 [ 27.872086] ? __pfx_kthread+0x10/0x10 [ 27.872108] ret_from_fork_asm+0x1a/0x30 [ 27.872140] </TASK> [ 27.872172] [ 27.880385] Allocated by task 313: [ 27.880591] kasan_save_stack+0x45/0x70 [ 27.880794] kasan_save_track+0x18/0x40 [ 27.881004] kasan_save_alloc_info+0x3b/0x50 [ 27.881211] __kasan_kmalloc+0xb7/0xc0 [ 27.881346] __kmalloc_cache_noprof+0x189/0x420 [ 27.881578] kasan_atomics+0x95/0x310 [ 27.881764] kunit_try_run_case+0x1a5/0x480 [ 27.882205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.882407] kthread+0x337/0x6f0 [ 27.882661] ret_from_fork+0x116/0x1d0 [ 27.882867] ret_from_fork_asm+0x1a/0x30 [ 27.883093] [ 27.883214] The buggy address belongs to the object at ffff8881058a7e80 [ 27.883214] which belongs to the cache kmalloc-64 of size 64 [ 27.883737] The buggy address is located 0 bytes to the right of [ 27.883737] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.884134] [ 27.884262] The buggy address belongs to the physical page: [ 27.884588] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.884971] flags: 0x200000000000000(node=0|zone=2) [ 27.885230] page_type: f5(slab) [ 27.885399] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.885798] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.886045] page dumped because: kasan: bad access detected [ 27.886312] [ 27.886429] Memory state around the buggy address: [ 27.886866] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.887238] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.887627] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.887931] ^ [ 27.888160] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.888569] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.888891] ================================================================== [ 28.885688] ================================================================== [ 28.885992] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 28.886536] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.886877] [ 28.886978] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.887064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.887080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.887115] Call Trace: [ 28.887133] <TASK> [ 28.887148] dump_stack_lvl+0x73/0xb0 [ 28.887177] print_report+0xd1/0x640 [ 28.887244] ? __virt_addr_valid+0x1db/0x2d0 [ 28.887281] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.887305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.887333] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.887357] kasan_report+0x141/0x180 [ 28.887381] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.887409] kasan_check_range+0x10c/0x1c0 [ 28.887434] __kasan_check_write+0x18/0x20 [ 28.887477] kasan_atomics_helper+0x1eaa/0x5450 [ 28.887504] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.887529] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.887558] ? kasan_atomics+0x152/0x310 [ 28.887617] kasan_atomics+0x1dc/0x310 [ 28.887642] ? __pfx_kasan_atomics+0x10/0x10 [ 28.887680] ? __pfx_read_tsc+0x10/0x10 [ 28.887703] ? ktime_get_ts64+0x86/0x230 [ 28.887728] kunit_try_run_case+0x1a5/0x480 [ 28.887755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.887781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.887811] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.887847] ? __kthread_parkme+0x82/0x180 [ 28.887870] ? preempt_count_sub+0x50/0x80 [ 28.887895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.887921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.887968] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.887993] kthread+0x337/0x6f0 [ 28.888038] ? trace_preempt_on+0x20/0xc0 [ 28.888063] ? __pfx_kthread+0x10/0x10 [ 28.888085] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.888121] ? calculate_sigpending+0x7b/0xa0 [ 28.888146] ? __pfx_kthread+0x10/0x10 [ 28.888169] ret_from_fork+0x116/0x1d0 [ 28.888190] ? __pfx_kthread+0x10/0x10 [ 28.888213] ret_from_fork_asm+0x1a/0x30 [ 28.888245] </TASK> [ 28.888257] [ 28.897312] Allocated by task 313: [ 28.897540] kasan_save_stack+0x45/0x70 [ 28.897738] kasan_save_track+0x18/0x40 [ 28.898074] kasan_save_alloc_info+0x3b/0x50 [ 28.898336] __kasan_kmalloc+0xb7/0xc0 [ 28.899275] __kmalloc_cache_noprof+0x189/0x420 [ 28.899477] kasan_atomics+0x95/0x310 [ 28.899618] kunit_try_run_case+0x1a5/0x480 [ 28.899769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.900021] kthread+0x337/0x6f0 [ 28.900193] ret_from_fork+0x116/0x1d0 [ 28.900382] ret_from_fork_asm+0x1a/0x30 [ 28.900579] [ 28.900675] The buggy address belongs to the object at ffff8881058a7e80 [ 28.900675] which belongs to the cache kmalloc-64 of size 64 [ 28.901850] The buggy address is located 0 bytes to the right of [ 28.901850] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.903142] [ 28.903228] The buggy address belongs to the physical page: [ 28.903415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.903658] flags: 0x200000000000000(node=0|zone=2) [ 28.903818] page_type: f5(slab) [ 28.903949] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.904192] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.904525] page dumped because: kasan: bad access detected [ 28.904775] [ 28.904965] Memory state around the buggy address: [ 28.905186] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.905518] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.905853] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.906103] ^ [ 28.906363] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.906730] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.907101] ================================================================== [ 28.964084] ================================================================== [ 28.964378] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 28.964807] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.965900] [ 28.966013] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.966066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.966251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.966277] Call Trace: [ 28.966297] <TASK> [ 28.966313] dump_stack_lvl+0x73/0xb0 [ 28.966347] print_report+0xd1/0x640 [ 28.966372] ? __virt_addr_valid+0x1db/0x2d0 [ 28.966398] ? kasan_atomics_helper+0x2006/0x5450 [ 28.966422] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.966450] ? kasan_atomics_helper+0x2006/0x5450 [ 28.966531] kasan_report+0x141/0x180 [ 28.966556] ? kasan_atomics_helper+0x2006/0x5450 [ 28.966585] kasan_check_range+0x10c/0x1c0 [ 28.966611] __kasan_check_write+0x18/0x20 [ 28.966636] kasan_atomics_helper+0x2006/0x5450 [ 28.966663] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.966688] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.966714] ? kasan_atomics+0x152/0x310 [ 28.966742] kasan_atomics+0x1dc/0x310 [ 28.966767] ? __pfx_kasan_atomics+0x10/0x10 [ 28.966793] ? __pfx_read_tsc+0x10/0x10 [ 28.966817] ? ktime_get_ts64+0x86/0x230 [ 28.966855] kunit_try_run_case+0x1a5/0x480 [ 28.966883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.966908] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.966936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.966964] ? __kthread_parkme+0x82/0x180 [ 28.966986] ? preempt_count_sub+0x50/0x80 [ 28.967011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.967037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.967061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.967088] kthread+0x337/0x6f0 [ 28.967110] ? trace_preempt_on+0x20/0xc0 [ 28.967135] ? __pfx_kthread+0x10/0x10 [ 28.967157] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.967184] ? calculate_sigpending+0x7b/0xa0 [ 28.967209] ? __pfx_kthread+0x10/0x10 [ 28.967232] ret_from_fork+0x116/0x1d0 [ 28.967254] ? __pfx_kthread+0x10/0x10 [ 28.967276] ret_from_fork_asm+0x1a/0x30 [ 28.967308] </TASK> [ 28.967321] [ 28.979150] Allocated by task 313: [ 28.979513] kasan_save_stack+0x45/0x70 [ 28.979759] kasan_save_track+0x18/0x40 [ 28.979961] kasan_save_alloc_info+0x3b/0x50 [ 28.980292] __kasan_kmalloc+0xb7/0xc0 [ 28.980550] __kmalloc_cache_noprof+0x189/0x420 [ 28.980969] kasan_atomics+0x95/0x310 [ 28.981272] kunit_try_run_case+0x1a5/0x480 [ 28.981435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.981949] kthread+0x337/0x6f0 [ 28.982125] ret_from_fork+0x116/0x1d0 [ 28.982446] ret_from_fork_asm+0x1a/0x30 [ 28.982859] [ 28.982955] The buggy address belongs to the object at ffff8881058a7e80 [ 28.982955] which belongs to the cache kmalloc-64 of size 64 [ 28.983905] The buggy address is located 0 bytes to the right of [ 28.983905] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.984710] [ 28.984847] The buggy address belongs to the physical page: [ 28.985397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.985784] flags: 0x200000000000000(node=0|zone=2) [ 28.986185] page_type: f5(slab) [ 28.986316] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.986997] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.987368] page dumped because: kasan: bad access detected [ 28.987788] [ 28.987903] Memory state around the buggy address: [ 28.988311] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.988858] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.989287] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.989823] ^ [ 28.990081] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.990383] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.991093] ================================================================== [ 29.119781] ================================================================== [ 29.120314] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 29.121012] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 29.121548] [ 29.121752] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 29.121805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.121820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.121854] Call Trace: [ 29.121873] <TASK> [ 29.121899] dump_stack_lvl+0x73/0xb0 [ 29.121931] print_report+0xd1/0x640 [ 29.121956] ? __virt_addr_valid+0x1db/0x2d0 [ 29.121993] ? kasan_atomics_helper+0x224c/0x5450 [ 29.122017] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.122045] ? kasan_atomics_helper+0x224c/0x5450 [ 29.122070] kasan_report+0x141/0x180 [ 29.122095] ? kasan_atomics_helper+0x224c/0x5450 [ 29.122123] kasan_check_range+0x10c/0x1c0 [ 29.122169] __kasan_check_write+0x18/0x20 [ 29.122195] kasan_atomics_helper+0x224c/0x5450 [ 29.122219] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.122243] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.122270] ? kasan_atomics+0x152/0x310 [ 29.122298] kasan_atomics+0x1dc/0x310 [ 29.122322] ? __pfx_kasan_atomics+0x10/0x10 [ 29.122349] ? __pfx_read_tsc+0x10/0x10 [ 29.122372] ? ktime_get_ts64+0x86/0x230 [ 29.122399] kunit_try_run_case+0x1a5/0x480 [ 29.122425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.122503] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.122535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.122563] ? __kthread_parkme+0x82/0x180 [ 29.122586] ? preempt_count_sub+0x50/0x80 [ 29.122612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.122641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.122669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.122696] kthread+0x337/0x6f0 [ 29.122718] ? trace_preempt_on+0x20/0xc0 [ 29.122744] ? __pfx_kthread+0x10/0x10 [ 29.122767] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.122792] ? calculate_sigpending+0x7b/0xa0 [ 29.122819] ? __pfx_kthread+0x10/0x10 [ 29.122854] ret_from_fork+0x116/0x1d0 [ 29.122876] ? __pfx_kthread+0x10/0x10 [ 29.122900] ret_from_fork_asm+0x1a/0x30 [ 29.122933] </TASK> [ 29.122947] [ 29.136481] Allocated by task 313: [ 29.136847] kasan_save_stack+0x45/0x70 [ 29.137353] kasan_save_track+0x18/0x40 [ 29.137828] kasan_save_alloc_info+0x3b/0x50 [ 29.138276] __kasan_kmalloc+0xb7/0xc0 [ 29.138849] __kmalloc_cache_noprof+0x189/0x420 [ 29.139303] kasan_atomics+0x95/0x310 [ 29.139699] kunit_try_run_case+0x1a5/0x480 [ 29.139989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.140173] kthread+0x337/0x6f0 [ 29.140486] ret_from_fork+0x116/0x1d0 [ 29.140884] ret_from_fork_asm+0x1a/0x30 [ 29.141257] [ 29.141412] The buggy address belongs to the object at ffff8881058a7e80 [ 29.141412] which belongs to the cache kmalloc-64 of size 64 [ 29.142227] The buggy address is located 0 bytes to the right of [ 29.142227] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 29.142771] [ 29.142867] The buggy address belongs to the physical page: [ 29.143358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 29.144069] flags: 0x200000000000000(node=0|zone=2) [ 29.144407] page_type: f5(slab) [ 29.144543] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.144789] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.145035] page dumped because: kasan: bad access detected [ 29.145223] [ 29.145294] Memory state around the buggy address: [ 29.145452] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.146188] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.146891] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.147625] ^ [ 29.147965] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.148204] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.149012] ================================================================== [ 28.054315] ================================================================== [ 28.054546] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 28.054816] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.055437] [ 28.055601] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.055655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.055670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.055693] Call Trace: [ 28.055709] <TASK> [ 28.055724] dump_stack_lvl+0x73/0xb0 [ 28.055753] print_report+0xd1/0x640 [ 28.055777] ? __virt_addr_valid+0x1db/0x2d0 [ 28.055802] ? kasan_atomics_helper+0xe78/0x5450 [ 28.055825] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.055869] ? kasan_atomics_helper+0xe78/0x5450 [ 28.055892] kasan_report+0x141/0x180 [ 28.055916] ? kasan_atomics_helper+0xe78/0x5450 [ 28.055944] kasan_check_range+0x10c/0x1c0 [ 28.055969] __kasan_check_write+0x18/0x20 [ 28.055995] kasan_atomics_helper+0xe78/0x5450 [ 28.056019] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.056043] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.056070] ? kasan_atomics+0x152/0x310 [ 28.056097] kasan_atomics+0x1dc/0x310 [ 28.056122] ? __pfx_kasan_atomics+0x10/0x10 [ 28.056148] ? __pfx_read_tsc+0x10/0x10 [ 28.056172] ? ktime_get_ts64+0x86/0x230 [ 28.056197] kunit_try_run_case+0x1a5/0x480 [ 28.056225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.056249] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.056276] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.056303] ? __kthread_parkme+0x82/0x180 [ 28.056325] ? preempt_count_sub+0x50/0x80 [ 28.056350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.056376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.056402] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.056428] kthread+0x337/0x6f0 [ 28.056449] ? trace_preempt_on+0x20/0xc0 [ 28.056473] ? __pfx_kthread+0x10/0x10 [ 28.056496] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.056522] ? calculate_sigpending+0x7b/0xa0 [ 28.056546] ? __pfx_kthread+0x10/0x10 [ 28.056571] ret_from_fork+0x116/0x1d0 [ 28.056593] ? __pfx_kthread+0x10/0x10 [ 28.056615] ret_from_fork_asm+0x1a/0x30 [ 28.056648] </TASK> [ 28.056660] [ 28.064784] Allocated by task 313: [ 28.064987] kasan_save_stack+0x45/0x70 [ 28.065206] kasan_save_track+0x18/0x40 [ 28.065356] kasan_save_alloc_info+0x3b/0x50 [ 28.065654] __kasan_kmalloc+0xb7/0xc0 [ 28.065824] __kmalloc_cache_noprof+0x189/0x420 [ 28.066040] kasan_atomics+0x95/0x310 [ 28.066268] kunit_try_run_case+0x1a5/0x480 [ 28.066454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.066880] kthread+0x337/0x6f0 [ 28.067040] ret_from_fork+0x116/0x1d0 [ 28.067236] ret_from_fork_asm+0x1a/0x30 [ 28.067430] [ 28.067571] The buggy address belongs to the object at ffff8881058a7e80 [ 28.067571] which belongs to the cache kmalloc-64 of size 64 [ 28.068065] The buggy address is located 0 bytes to the right of [ 28.068065] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.068666] [ 28.068767] The buggy address belongs to the physical page: [ 28.068997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.069293] flags: 0x200000000000000(node=0|zone=2) [ 28.069569] page_type: f5(slab) [ 28.069777] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.070102] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.070400] page dumped because: kasan: bad access detected [ 28.070729] [ 28.070827] Memory state around the buggy address: [ 28.071066] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.071403] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.071632] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.071871] ^ [ 28.072093] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.072631] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.072880] ================================================================== [ 29.046935] ================================================================== [ 29.047663] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 29.048109] Read of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 29.048529] [ 29.048807] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 29.049088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.049106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.049130] Call Trace: [ 29.049149] <TASK> [ 29.049175] dump_stack_lvl+0x73/0xb0 [ 29.049208] print_report+0xd1/0x640 [ 29.049233] ? __virt_addr_valid+0x1db/0x2d0 [ 29.049259] ? kasan_atomics_helper+0x4fb2/0x5450 [ 29.049282] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.049310] ? kasan_atomics_helper+0x4fb2/0x5450 [ 29.049333] kasan_report+0x141/0x180 [ 29.049358] ? kasan_atomics_helper+0x4fb2/0x5450 [ 29.049386] __asan_report_load8_noabort+0x18/0x20 [ 29.049413] kasan_atomics_helper+0x4fb2/0x5450 [ 29.049437] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.049472] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.049498] ? kasan_atomics+0x152/0x310 [ 29.049527] kasan_atomics+0x1dc/0x310 [ 29.049551] ? __pfx_kasan_atomics+0x10/0x10 [ 29.049578] ? __pfx_read_tsc+0x10/0x10 [ 29.049601] ? ktime_get_ts64+0x86/0x230 [ 29.049627] kunit_try_run_case+0x1a5/0x480 [ 29.049654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.049679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.049706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.049735] ? __kthread_parkme+0x82/0x180 [ 29.049757] ? preempt_count_sub+0x50/0x80 [ 29.049783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.049809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.049849] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.049875] kthread+0x337/0x6f0 [ 29.049897] ? trace_preempt_on+0x20/0xc0 [ 29.049922] ? __pfx_kthread+0x10/0x10 [ 29.049945] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.049970] ? calculate_sigpending+0x7b/0xa0 [ 29.049995] ? __pfx_kthread+0x10/0x10 [ 29.050020] ret_from_fork+0x116/0x1d0 [ 29.050041] ? __pfx_kthread+0x10/0x10 [ 29.050063] ret_from_fork_asm+0x1a/0x30 [ 29.050096] </TASK> [ 29.050108] [ 29.059320] Allocated by task 313: [ 29.059522] kasan_save_stack+0x45/0x70 [ 29.059729] kasan_save_track+0x18/0x40 [ 29.059931] kasan_save_alloc_info+0x3b/0x50 [ 29.060312] __kasan_kmalloc+0xb7/0xc0 [ 29.060448] __kmalloc_cache_noprof+0x189/0x420 [ 29.060607] kasan_atomics+0x95/0x310 [ 29.060761] kunit_try_run_case+0x1a5/0x480 [ 29.060986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.061299] kthread+0x337/0x6f0 [ 29.061560] ret_from_fork+0x116/0x1d0 [ 29.061747] ret_from_fork_asm+0x1a/0x30 [ 29.061953] [ 29.062049] The buggy address belongs to the object at ffff8881058a7e80 [ 29.062049] which belongs to the cache kmalloc-64 of size 64 [ 29.062753] The buggy address is located 0 bytes to the right of [ 29.062753] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 29.063137] [ 29.063296] The buggy address belongs to the physical page: [ 29.063570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 29.063924] flags: 0x200000000000000(node=0|zone=2) [ 29.064168] page_type: f5(slab) [ 29.064290] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.064858] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.065207] page dumped because: kasan: bad access detected [ 29.065375] [ 29.065499] Memory state around the buggy address: [ 29.065720] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.066048] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.066295] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.066505] ^ [ 29.066656] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.066982] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.067321] ================================================================== [ 27.767741] ================================================================== [ 27.768417] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 27.768695] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.769230] [ 27.769418] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.769483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.769499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.769523] Call Trace: [ 27.769543] <TASK> [ 27.769560] dump_stack_lvl+0x73/0xb0 [ 27.769590] print_report+0xd1/0x640 [ 27.769614] ? __virt_addr_valid+0x1db/0x2d0 [ 27.769710] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.769734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.769762] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.769786] kasan_report+0x141/0x180 [ 27.769811] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.769849] kasan_check_range+0x10c/0x1c0 [ 27.769875] __kasan_check_write+0x18/0x20 [ 27.769900] kasan_atomics_helper+0x7c7/0x5450 [ 27.769925] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.769949] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.769976] ? kasan_atomics+0x152/0x310 [ 27.770004] kasan_atomics+0x1dc/0x310 [ 27.770029] ? __pfx_kasan_atomics+0x10/0x10 [ 27.770056] ? __pfx_read_tsc+0x10/0x10 [ 27.770080] ? ktime_get_ts64+0x86/0x230 [ 27.770106] kunit_try_run_case+0x1a5/0x480 [ 27.770132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.770158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.770185] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.770213] ? __kthread_parkme+0x82/0x180 [ 27.770235] ? preempt_count_sub+0x50/0x80 [ 27.770260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.770286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.770312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.770338] kthread+0x337/0x6f0 [ 27.770359] ? trace_preempt_on+0x20/0xc0 [ 27.770384] ? __pfx_kthread+0x10/0x10 [ 27.770406] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.770431] ? calculate_sigpending+0x7b/0xa0 [ 27.770457] ? __pfx_kthread+0x10/0x10 [ 27.770481] ret_from_fork+0x116/0x1d0 [ 27.770502] ? __pfx_kthread+0x10/0x10 [ 27.770524] ret_from_fork_asm+0x1a/0x30 [ 27.770557] </TASK> [ 27.770569] [ 27.784818] Allocated by task 313: [ 27.785199] kasan_save_stack+0x45/0x70 [ 27.785640] kasan_save_track+0x18/0x40 [ 27.785881] kasan_save_alloc_info+0x3b/0x50 [ 27.786037] __kasan_kmalloc+0xb7/0xc0 [ 27.786184] __kmalloc_cache_noprof+0x189/0x420 [ 27.786650] kasan_atomics+0x95/0x310 [ 27.787033] kunit_try_run_case+0x1a5/0x480 [ 27.787449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.788122] kthread+0x337/0x6f0 [ 27.788541] ret_from_fork+0x116/0x1d0 [ 27.788821] ret_from_fork_asm+0x1a/0x30 [ 27.789132] [ 27.789216] The buggy address belongs to the object at ffff8881058a7e80 [ 27.789216] which belongs to the cache kmalloc-64 of size 64 [ 27.790181] The buggy address is located 0 bytes to the right of [ 27.790181] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.791048] [ 27.791127] The buggy address belongs to the physical page: [ 27.791568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.792345] flags: 0x200000000000000(node=0|zone=2) [ 27.793009] page_type: f5(slab) [ 27.793400] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.793876] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.794114] page dumped because: kasan: bad access detected [ 27.794602] [ 27.794797] Memory state around the buggy address: [ 27.795288] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.796024] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.796749] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.797145] ^ [ 27.797749] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.798251] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.798541] ================================================================== [ 28.591977] ================================================================== [ 28.592318] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 28.592633] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.592934] [ 28.593044] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.593095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.593111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.593134] Call Trace: [ 28.593152] <TASK> [ 28.593170] dump_stack_lvl+0x73/0xb0 [ 28.593197] print_report+0xd1/0x640 [ 28.593223] ? __virt_addr_valid+0x1db/0x2d0 [ 28.593249] ? kasan_atomics_helper+0x1818/0x5450 [ 28.593271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.593298] ? kasan_atomics_helper+0x1818/0x5450 [ 28.593321] kasan_report+0x141/0x180 [ 28.593344] ? kasan_atomics_helper+0x1818/0x5450 [ 28.593371] kasan_check_range+0x10c/0x1c0 [ 28.593396] __kasan_check_write+0x18/0x20 [ 28.593421] kasan_atomics_helper+0x1818/0x5450 [ 28.593444] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.593467] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.593492] ? kasan_atomics+0x152/0x310 [ 28.593520] kasan_atomics+0x1dc/0x310 [ 28.593543] ? __pfx_kasan_atomics+0x10/0x10 [ 28.593568] ? __pfx_read_tsc+0x10/0x10 [ 28.593591] ? ktime_get_ts64+0x86/0x230 [ 28.593617] kunit_try_run_case+0x1a5/0x480 [ 28.593642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.593667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.593694] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.593721] ? __kthread_parkme+0x82/0x180 [ 28.593742] ? preempt_count_sub+0x50/0x80 [ 28.593766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.593791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.593816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.593875] kthread+0x337/0x6f0 [ 28.593898] ? trace_preempt_on+0x20/0xc0 [ 28.593923] ? __pfx_kthread+0x10/0x10 [ 28.593945] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.593971] ? calculate_sigpending+0x7b/0xa0 [ 28.593997] ? __pfx_kthread+0x10/0x10 [ 28.594020] ret_from_fork+0x116/0x1d0 [ 28.594042] ? __pfx_kthread+0x10/0x10 [ 28.594077] ret_from_fork_asm+0x1a/0x30 [ 28.594110] </TASK> [ 28.594123] [ 28.605300] Allocated by task 313: [ 28.605788] kasan_save_stack+0x45/0x70 [ 28.606163] kasan_save_track+0x18/0x40 [ 28.606546] kasan_save_alloc_info+0x3b/0x50 [ 28.606889] __kasan_kmalloc+0xb7/0xc0 [ 28.607082] __kmalloc_cache_noprof+0x189/0x420 [ 28.607459] kasan_atomics+0x95/0x310 [ 28.607806] kunit_try_run_case+0x1a5/0x480 [ 28.608018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.608493] kthread+0x337/0x6f0 [ 28.608923] ret_from_fork+0x116/0x1d0 [ 28.609267] ret_from_fork_asm+0x1a/0x30 [ 28.609618] [ 28.609725] The buggy address belongs to the object at ffff8881058a7e80 [ 28.609725] which belongs to the cache kmalloc-64 of size 64 [ 28.610423] The buggy address is located 0 bytes to the right of [ 28.610423] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.611546] [ 28.611654] The buggy address belongs to the physical page: [ 28.611889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.612521] flags: 0x200000000000000(node=0|zone=2) [ 28.612960] page_type: f5(slab) [ 28.613138] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.613513] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.613813] page dumped because: kasan: bad access detected [ 28.614050] [ 28.614133] Memory state around the buggy address: [ 28.614843] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.615581] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.615899] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.616165] ^ [ 28.616358] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.616622] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.616900] ================================================================== [ 27.657645] ================================================================== [ 27.657991] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 27.658351] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.658852] [ 27.658996] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.659047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.659063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.659085] Call Trace: [ 27.659101] <TASK> [ 27.659117] dump_stack_lvl+0x73/0xb0 [ 27.659147] print_report+0xd1/0x640 [ 27.659172] ? __virt_addr_valid+0x1db/0x2d0 [ 27.659197] ? kasan_atomics_helper+0x565/0x5450 [ 27.659231] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.659259] ? kasan_atomics_helper+0x565/0x5450 [ 27.659311] kasan_report+0x141/0x180 [ 27.659336] ? kasan_atomics_helper+0x565/0x5450 [ 27.659364] kasan_check_range+0x10c/0x1c0 [ 27.659397] __kasan_check_write+0x18/0x20 [ 27.659421] kasan_atomics_helper+0x565/0x5450 [ 27.659467] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.659491] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.659517] ? kasan_atomics+0x152/0x310 [ 27.659546] kasan_atomics+0x1dc/0x310 [ 27.659571] ? __pfx_kasan_atomics+0x10/0x10 [ 27.659597] ? __pfx_read_tsc+0x10/0x10 [ 27.659620] ? ktime_get_ts64+0x86/0x230 [ 27.659645] kunit_try_run_case+0x1a5/0x480 [ 27.659672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.659696] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.659777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.659804] ? __kthread_parkme+0x82/0x180 [ 27.659842] ? preempt_count_sub+0x50/0x80 [ 27.659868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.659894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.659919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.659944] kthread+0x337/0x6f0 [ 27.659966] ? trace_preempt_on+0x20/0xc0 [ 27.659990] ? __pfx_kthread+0x10/0x10 [ 27.660013] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.660038] ? calculate_sigpending+0x7b/0xa0 [ 27.660062] ? __pfx_kthread+0x10/0x10 [ 27.660085] ret_from_fork+0x116/0x1d0 [ 27.660106] ? __pfx_kthread+0x10/0x10 [ 27.660128] ret_from_fork_asm+0x1a/0x30 [ 27.660177] </TASK> [ 27.660191] [ 27.668786] Allocated by task 313: [ 27.668992] kasan_save_stack+0x45/0x70 [ 27.669209] kasan_save_track+0x18/0x40 [ 27.669432] kasan_save_alloc_info+0x3b/0x50 [ 27.669637] __kasan_kmalloc+0xb7/0xc0 [ 27.669775] __kmalloc_cache_noprof+0x189/0x420 [ 27.669965] kasan_atomics+0x95/0x310 [ 27.670162] kunit_try_run_case+0x1a5/0x480 [ 27.670373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.670591] kthread+0x337/0x6f0 [ 27.670712] ret_from_fork+0x116/0x1d0 [ 27.670994] ret_from_fork_asm+0x1a/0x30 [ 27.671248] [ 27.671343] The buggy address belongs to the object at ffff8881058a7e80 [ 27.671343] which belongs to the cache kmalloc-64 of size 64 [ 27.671920] The buggy address is located 0 bytes to the right of [ 27.671920] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.672524] [ 27.672624] The buggy address belongs to the physical page: [ 27.672894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.673272] flags: 0x200000000000000(node=0|zone=2) [ 27.673575] page_type: f5(slab) [ 27.673751] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.674108] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.674394] page dumped because: kasan: bad access detected [ 27.674731] [ 27.674811] Memory state around the buggy address: [ 27.675085] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.675438] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.675838] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.676180] ^ [ 27.676426] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.676835] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.677067] ================================================================== [ 28.860785] ================================================================== [ 28.861108] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 28.861988] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.862722] [ 28.862859] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.862915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.862932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.862955] Call Trace: [ 28.862974] <TASK> [ 28.862991] dump_stack_lvl+0x73/0xb0 [ 28.863021] print_report+0xd1/0x640 [ 28.863046] ? __virt_addr_valid+0x1db/0x2d0 [ 28.863072] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.863095] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.863123] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.863148] kasan_report+0x141/0x180 [ 28.863175] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.863203] kasan_check_range+0x10c/0x1c0 [ 28.863228] __kasan_check_write+0x18/0x20 [ 28.863254] kasan_atomics_helper+0x1e12/0x5450 [ 28.863279] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.863304] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.863330] ? kasan_atomics+0x152/0x310 [ 28.863358] kasan_atomics+0x1dc/0x310 [ 28.863382] ? __pfx_kasan_atomics+0x10/0x10 [ 28.863408] ? __pfx_read_tsc+0x10/0x10 [ 28.863432] ? ktime_get_ts64+0x86/0x230 [ 28.863460] kunit_try_run_case+0x1a5/0x480 [ 28.863487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.863511] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.863537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.863565] ? __kthread_parkme+0x82/0x180 [ 28.863589] ? preempt_count_sub+0x50/0x80 [ 28.863614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.863651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.863677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.863703] kthread+0x337/0x6f0 [ 28.863735] ? trace_preempt_on+0x20/0xc0 [ 28.863761] ? __pfx_kthread+0x10/0x10 [ 28.863783] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.863809] ? calculate_sigpending+0x7b/0xa0 [ 28.863841] ? __pfx_kthread+0x10/0x10 [ 28.863865] ret_from_fork+0x116/0x1d0 [ 28.863886] ? __pfx_kthread+0x10/0x10 [ 28.863909] ret_from_fork_asm+0x1a/0x30 [ 28.863941] </TASK> [ 28.863953] [ 28.872507] Allocated by task 313: [ 28.872644] kasan_save_stack+0x45/0x70 [ 28.872789] kasan_save_track+0x18/0x40 [ 28.873091] kasan_save_alloc_info+0x3b/0x50 [ 28.873324] __kasan_kmalloc+0xb7/0xc0 [ 28.873642] __kmalloc_cache_noprof+0x189/0x420 [ 28.874553] kasan_atomics+0x95/0x310 [ 28.874819] kunit_try_run_case+0x1a5/0x480 [ 28.875727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.876231] kthread+0x337/0x6f0 [ 28.876400] ret_from_fork+0x116/0x1d0 [ 28.876761] ret_from_fork_asm+0x1a/0x30 [ 28.877256] [ 28.877378] The buggy address belongs to the object at ffff8881058a7e80 [ 28.877378] which belongs to the cache kmalloc-64 of size 64 [ 28.878194] The buggy address is located 0 bytes to the right of [ 28.878194] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.879114] [ 28.879277] The buggy address belongs to the physical page: [ 28.879795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.880279] flags: 0x200000000000000(node=0|zone=2) [ 28.880709] page_type: f5(slab) [ 28.880965] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.881660] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.882317] page dumped because: kasan: bad access detected [ 28.882509] [ 28.882633] Memory state around the buggy address: [ 28.882909] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.883188] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.883705] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.884032] ^ [ 28.884335] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.884630] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.885115] ================================================================== [ 27.849734] ================================================================== [ 27.850086] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 27.850433] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.850898] [ 27.851012] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.851063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.851110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.851134] Call Trace: [ 27.851152] <TASK> [ 27.851180] dump_stack_lvl+0x73/0xb0 [ 27.851229] print_report+0xd1/0x640 [ 27.851253] ? __virt_addr_valid+0x1db/0x2d0 [ 27.851277] ? kasan_atomics_helper+0x992/0x5450 [ 27.851331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.851371] ? kasan_atomics_helper+0x992/0x5450 [ 27.851406] kasan_report+0x141/0x180 [ 27.851431] ? kasan_atomics_helper+0x992/0x5450 [ 27.851521] kasan_check_range+0x10c/0x1c0 [ 27.851548] __kasan_check_write+0x18/0x20 [ 27.851574] kasan_atomics_helper+0x992/0x5450 [ 27.851598] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.851622] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.851664] ? kasan_atomics+0x152/0x310 [ 27.851691] kasan_atomics+0x1dc/0x310 [ 27.851716] ? __pfx_kasan_atomics+0x10/0x10 [ 27.851741] ? __pfx_read_tsc+0x10/0x10 [ 27.851764] ? ktime_get_ts64+0x86/0x230 [ 27.851791] kunit_try_run_case+0x1a5/0x480 [ 27.851818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.851853] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.851880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.851907] ? __kthread_parkme+0x82/0x180 [ 27.851929] ? preempt_count_sub+0x50/0x80 [ 27.851954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.851980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.852006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.852032] kthread+0x337/0x6f0 [ 27.852053] ? trace_preempt_on+0x20/0xc0 [ 27.852078] ? __pfx_kthread+0x10/0x10 [ 27.852100] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.852125] ? calculate_sigpending+0x7b/0xa0 [ 27.852150] ? __pfx_kthread+0x10/0x10 [ 27.852174] ret_from_fork+0x116/0x1d0 [ 27.852202] ? __pfx_kthread+0x10/0x10 [ 27.852224] ret_from_fork_asm+0x1a/0x30 [ 27.852257] </TASK> [ 27.852269] [ 27.860804] Allocated by task 313: [ 27.860976] kasan_save_stack+0x45/0x70 [ 27.861130] kasan_save_track+0x18/0x40 [ 27.861366] kasan_save_alloc_info+0x3b/0x50 [ 27.861607] __kasan_kmalloc+0xb7/0xc0 [ 27.861795] __kmalloc_cache_noprof+0x189/0x420 [ 27.862012] kasan_atomics+0x95/0x310 [ 27.862208] kunit_try_run_case+0x1a5/0x480 [ 27.862366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.862620] kthread+0x337/0x6f0 [ 27.862823] ret_from_fork+0x116/0x1d0 [ 27.863021] ret_from_fork_asm+0x1a/0x30 [ 27.863246] [ 27.863339] The buggy address belongs to the object at ffff8881058a7e80 [ 27.863339] which belongs to the cache kmalloc-64 of size 64 [ 27.863956] The buggy address is located 0 bytes to the right of [ 27.863956] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.864365] [ 27.864536] The buggy address belongs to the physical page: [ 27.864843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.865226] flags: 0x200000000000000(node=0|zone=2) [ 27.865662] page_type: f5(slab) [ 27.865868] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.866242] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.866669] page dumped because: kasan: bad access detected [ 27.866925] [ 27.867029] Memory state around the buggy address: [ 27.867270] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.867620] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.867978] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.868314] ^ [ 27.868599] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.868854] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.869075] ================================================================== [ 28.375109] ================================================================== [ 28.375465] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 28.375725] Read of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.376097] [ 28.376266] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.376316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.376331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.376355] Call Trace: [ 28.376374] <TASK> [ 28.376391] dump_stack_lvl+0x73/0xb0 [ 28.376421] print_report+0xd1/0x640 [ 28.376448] ? __virt_addr_valid+0x1db/0x2d0 [ 28.376474] ? kasan_atomics_helper+0x13b5/0x5450 [ 28.376497] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.376525] ? kasan_atomics_helper+0x13b5/0x5450 [ 28.376550] kasan_report+0x141/0x180 [ 28.376574] ? kasan_atomics_helper+0x13b5/0x5450 [ 28.376601] kasan_check_range+0x10c/0x1c0 [ 28.376627] __kasan_check_read+0x15/0x20 [ 28.376652] kasan_atomics_helper+0x13b5/0x5450 [ 28.376677] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.376704] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.376730] ? kasan_atomics+0x152/0x310 [ 28.376758] kasan_atomics+0x1dc/0x310 [ 28.376783] ? __pfx_kasan_atomics+0x10/0x10 [ 28.376810] ? __pfx_read_tsc+0x10/0x10 [ 28.376845] ? ktime_get_ts64+0x86/0x230 [ 28.376876] kunit_try_run_case+0x1a5/0x480 [ 28.376904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.376927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.376955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.376982] ? __kthread_parkme+0x82/0x180 [ 28.377004] ? preempt_count_sub+0x50/0x80 [ 28.377030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.377055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.377080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.377106] kthread+0x337/0x6f0 [ 28.377128] ? trace_preempt_on+0x20/0xc0 [ 28.377152] ? __pfx_kthread+0x10/0x10 [ 28.377187] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.377212] ? calculate_sigpending+0x7b/0xa0 [ 28.377238] ? __pfx_kthread+0x10/0x10 [ 28.377261] ret_from_fork+0x116/0x1d0 [ 28.377283] ? __pfx_kthread+0x10/0x10 [ 28.377305] ret_from_fork_asm+0x1a/0x30 [ 28.377338] </TASK> [ 28.377350] [ 28.385427] Allocated by task 313: [ 28.385636] kasan_save_stack+0x45/0x70 [ 28.385847] kasan_save_track+0x18/0x40 [ 28.386120] kasan_save_alloc_info+0x3b/0x50 [ 28.386553] __kasan_kmalloc+0xb7/0xc0 [ 28.386705] __kmalloc_cache_noprof+0x189/0x420 [ 28.386956] kasan_atomics+0x95/0x310 [ 28.387096] kunit_try_run_case+0x1a5/0x480 [ 28.387245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.387423] kthread+0x337/0x6f0 [ 28.387616] ret_from_fork+0x116/0x1d0 [ 28.387996] ret_from_fork_asm+0x1a/0x30 [ 28.388232] [ 28.388326] The buggy address belongs to the object at ffff8881058a7e80 [ 28.388326] which belongs to the cache kmalloc-64 of size 64 [ 28.389102] The buggy address is located 0 bytes to the right of [ 28.389102] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.389809] [ 28.389980] The buggy address belongs to the physical page: [ 28.390185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.390636] flags: 0x200000000000000(node=0|zone=2) [ 28.390827] page_type: f5(slab) [ 28.390958] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.391440] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.391794] page dumped because: kasan: bad access detected [ 28.392040] [ 28.392121] Memory state around the buggy address: [ 28.392342] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.392744] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.393091] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.393391] ^ [ 28.393585] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.393863] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.394240] ================================================================== [ 28.991851] ================================================================== [ 28.992091] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 28.992564] Read of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.993568] [ 28.993813] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.993995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.994011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.994034] Call Trace: [ 28.994052] <TASK> [ 28.994069] dump_stack_lvl+0x73/0xb0 [ 28.994101] print_report+0xd1/0x640 [ 28.994125] ? __virt_addr_valid+0x1db/0x2d0 [ 28.994152] ? kasan_atomics_helper+0x4f98/0x5450 [ 28.994185] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.994214] ? kasan_atomics_helper+0x4f98/0x5450 [ 28.994239] kasan_report+0x141/0x180 [ 28.994263] ? kasan_atomics_helper+0x4f98/0x5450 [ 28.994292] __asan_report_load8_noabort+0x18/0x20 [ 28.994319] kasan_atomics_helper+0x4f98/0x5450 [ 28.994346] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.994370] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.994397] ? kasan_atomics+0x152/0x310 [ 28.994424] kasan_atomics+0x1dc/0x310 [ 28.994450] ? __pfx_kasan_atomics+0x10/0x10 [ 28.994478] ? __pfx_read_tsc+0x10/0x10 [ 28.994504] ? ktime_get_ts64+0x86/0x230 [ 28.994529] kunit_try_run_case+0x1a5/0x480 [ 28.994556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.994580] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.994608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.994635] ? __kthread_parkme+0x82/0x180 [ 28.994656] ? preempt_count_sub+0x50/0x80 [ 28.994681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.994707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.994733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.994758] kthread+0x337/0x6f0 [ 28.994780] ? trace_preempt_on+0x20/0xc0 [ 28.994804] ? __pfx_kthread+0x10/0x10 [ 28.994826] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.994866] ? calculate_sigpending+0x7b/0xa0 [ 28.994890] ? __pfx_kthread+0x10/0x10 [ 28.994914] ret_from_fork+0x116/0x1d0 [ 28.994935] ? __pfx_kthread+0x10/0x10 [ 28.994957] ret_from_fork_asm+0x1a/0x30 [ 28.994990] </TASK> [ 28.995002] [ 29.006858] Allocated by task 313: [ 29.007310] kasan_save_stack+0x45/0x70 [ 29.007608] kasan_save_track+0x18/0x40 [ 29.007779] kasan_save_alloc_info+0x3b/0x50 [ 29.008012] __kasan_kmalloc+0xb7/0xc0 [ 29.008433] __kmalloc_cache_noprof+0x189/0x420 [ 29.008634] kasan_atomics+0x95/0x310 [ 29.008827] kunit_try_run_case+0x1a5/0x480 [ 29.009098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.009840] kthread+0x337/0x6f0 [ 29.010100] ret_from_fork+0x116/0x1d0 [ 29.010410] ret_from_fork_asm+0x1a/0x30 [ 29.010733] [ 29.010946] The buggy address belongs to the object at ffff8881058a7e80 [ 29.010946] which belongs to the cache kmalloc-64 of size 64 [ 29.011612] The buggy address is located 0 bytes to the right of [ 29.011612] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 29.012467] [ 29.012553] The buggy address belongs to the physical page: [ 29.013136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 29.013492] flags: 0x200000000000000(node=0|zone=2) [ 29.013934] page_type: f5(slab) [ 29.014196] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.014639] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.015026] page dumped because: kasan: bad access detected [ 29.015361] [ 29.015563] Memory state around the buggy address: [ 29.016040] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.016617] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.017032] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.017475] ^ [ 29.017937] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.018353] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.018917] ================================================================== [ 29.090154] ================================================================== [ 29.090395] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 29.090636] Read of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 29.090874] [ 29.090961] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 29.091014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.091028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.091051] Call Trace: [ 29.091069] <TASK> [ 29.091086] dump_stack_lvl+0x73/0xb0 [ 29.091113] print_report+0xd1/0x640 [ 29.091138] ? __virt_addr_valid+0x1db/0x2d0 [ 29.091162] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.091186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.091215] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.091239] kasan_report+0x141/0x180 [ 29.091263] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.091291] __asan_report_load8_noabort+0x18/0x20 [ 29.091317] kasan_atomics_helper+0x4fa5/0x5450 [ 29.091341] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.091365] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.091391] ? kasan_atomics+0x152/0x310 [ 29.091418] kasan_atomics+0x1dc/0x310 [ 29.091443] ? __pfx_kasan_atomics+0x10/0x10 [ 29.091470] ? __pfx_read_tsc+0x10/0x10 [ 29.091493] ? ktime_get_ts64+0x86/0x230 [ 29.091520] kunit_try_run_case+0x1a5/0x480 [ 29.091546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.091570] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.091597] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.091624] ? __kthread_parkme+0x82/0x180 [ 29.091645] ? preempt_count_sub+0x50/0x80 [ 29.091670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.091696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.091721] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.091747] kthread+0x337/0x6f0 [ 29.091767] ? trace_preempt_on+0x20/0xc0 [ 29.091792] ? __pfx_kthread+0x10/0x10 [ 29.091815] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.091923] ? calculate_sigpending+0x7b/0xa0 [ 29.091951] ? __pfx_kthread+0x10/0x10 [ 29.091976] ret_from_fork+0x116/0x1d0 [ 29.091998] ? __pfx_kthread+0x10/0x10 [ 29.092021] ret_from_fork_asm+0x1a/0x30 [ 29.092053] </TASK> [ 29.092066] [ 29.105262] Allocated by task 313: [ 29.105670] kasan_save_stack+0x45/0x70 [ 29.106040] kasan_save_track+0x18/0x40 [ 29.106425] kasan_save_alloc_info+0x3b/0x50 [ 29.107033] __kasan_kmalloc+0xb7/0xc0 [ 29.107431] __kmalloc_cache_noprof+0x189/0x420 [ 29.107929] kasan_atomics+0x95/0x310 [ 29.108263] kunit_try_run_case+0x1a5/0x480 [ 29.108435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.109007] kthread+0x337/0x6f0 [ 29.109300] ret_from_fork+0x116/0x1d0 [ 29.109437] ret_from_fork_asm+0x1a/0x30 [ 29.109586] [ 29.109657] The buggy address belongs to the object at ffff8881058a7e80 [ 29.109657] which belongs to the cache kmalloc-64 of size 64 [ 29.110536] The buggy address is located 0 bytes to the right of [ 29.110536] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 29.111798] [ 29.111995] The buggy address belongs to the physical page: [ 29.112583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 29.113057] flags: 0x200000000000000(node=0|zone=2) [ 29.113340] page_type: f5(slab) [ 29.113735] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.114433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.114860] page dumped because: kasan: bad access detected [ 29.115038] [ 29.115107] Memory state around the buggy address: [ 29.115519] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.116156] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.117015] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.117707] ^ [ 29.118023] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.118249] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.118900] ================================================================== [ 28.476298] ================================================================== [ 28.476539] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 28.477051] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.477385] [ 28.477805] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.477876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.477892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.477915] Call Trace: [ 28.477939] <TASK> [ 28.477955] dump_stack_lvl+0x73/0xb0 [ 28.477986] print_report+0xd1/0x640 [ 28.478010] ? __virt_addr_valid+0x1db/0x2d0 [ 28.478035] ? kasan_atomics_helper+0x151d/0x5450 [ 28.478058] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.478086] ? kasan_atomics_helper+0x151d/0x5450 [ 28.478110] kasan_report+0x141/0x180 [ 28.478135] ? kasan_atomics_helper+0x151d/0x5450 [ 28.478162] kasan_check_range+0x10c/0x1c0 [ 28.478188] __kasan_check_write+0x18/0x20 [ 28.478213] kasan_atomics_helper+0x151d/0x5450 [ 28.478238] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.478263] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.478289] ? kasan_atomics+0x152/0x310 [ 28.478316] kasan_atomics+0x1dc/0x310 [ 28.478341] ? __pfx_kasan_atomics+0x10/0x10 [ 28.478367] ? __pfx_read_tsc+0x10/0x10 [ 28.478391] ? ktime_get_ts64+0x86/0x230 [ 28.478416] kunit_try_run_case+0x1a5/0x480 [ 28.478443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.478469] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.478497] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.478524] ? __kthread_parkme+0x82/0x180 [ 28.478547] ? preempt_count_sub+0x50/0x80 [ 28.478571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.478596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.478622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.478646] kthread+0x337/0x6f0 [ 28.478668] ? trace_preempt_on+0x20/0xc0 [ 28.478693] ? __pfx_kthread+0x10/0x10 [ 28.478715] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.478740] ? calculate_sigpending+0x7b/0xa0 [ 28.478768] ? __pfx_kthread+0x10/0x10 [ 28.478793] ret_from_fork+0x116/0x1d0 [ 28.478814] ? __pfx_kthread+0x10/0x10 [ 28.478845] ret_from_fork_asm+0x1a/0x30 [ 28.478878] </TASK> [ 28.478890] [ 28.487074] Allocated by task 313: [ 28.487437] kasan_save_stack+0x45/0x70 [ 28.487667] kasan_save_track+0x18/0x40 [ 28.487804] kasan_save_alloc_info+0x3b/0x50 [ 28.487963] __kasan_kmalloc+0xb7/0xc0 [ 28.488092] __kmalloc_cache_noprof+0x189/0x420 [ 28.488598] kasan_atomics+0x95/0x310 [ 28.488796] kunit_try_run_case+0x1a5/0x480 [ 28.488998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.489353] kthread+0x337/0x6f0 [ 28.490260] ret_from_fork+0x116/0x1d0 [ 28.490482] ret_from_fork_asm+0x1a/0x30 [ 28.490640] [ 28.490732] The buggy address belongs to the object at ffff8881058a7e80 [ 28.490732] which belongs to the cache kmalloc-64 of size 64 [ 28.491742] The buggy address is located 0 bytes to the right of [ 28.491742] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.492748] [ 28.492870] The buggy address belongs to the physical page: [ 28.493116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.493372] flags: 0x200000000000000(node=0|zone=2) [ 28.493673] page_type: f5(slab) [ 28.493858] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.494178] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.494622] page dumped because: kasan: bad access detected [ 28.494885] [ 28.494960] Memory state around the buggy address: [ 28.495150] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.495537] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.495819] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.496158] ^ [ 28.496397] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.496722] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.497036] ================================================================== [ 28.313733] ================================================================== [ 28.314310] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 28.314605] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.315084] [ 28.315172] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.315245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.315260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.315283] Call Trace: [ 28.315325] <TASK> [ 28.315341] dump_stack_lvl+0x73/0xb0 [ 28.315385] print_report+0xd1/0x640 [ 28.315409] ? __virt_addr_valid+0x1db/0x2d0 [ 28.315435] ? kasan_atomics_helper+0x12e6/0x5450 [ 28.315458] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.315487] ? kasan_atomics_helper+0x12e6/0x5450 [ 28.315511] kasan_report+0x141/0x180 [ 28.315535] ? kasan_atomics_helper+0x12e6/0x5450 [ 28.315562] kasan_check_range+0x10c/0x1c0 [ 28.315588] __kasan_check_write+0x18/0x20 [ 28.315613] kasan_atomics_helper+0x12e6/0x5450 [ 28.315637] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.315661] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.315686] ? kasan_atomics+0x152/0x310 [ 28.315714] kasan_atomics+0x1dc/0x310 [ 28.315738] ? __pfx_kasan_atomics+0x10/0x10 [ 28.315765] ? __pfx_read_tsc+0x10/0x10 [ 28.315787] ? ktime_get_ts64+0x86/0x230 [ 28.315812] kunit_try_run_case+0x1a5/0x480 [ 28.315850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.315875] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.315913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.315940] ? __kthread_parkme+0x82/0x180 [ 28.315962] ? preempt_count_sub+0x50/0x80 [ 28.315986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.316014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.316042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.316096] kthread+0x337/0x6f0 [ 28.316118] ? trace_preempt_on+0x20/0xc0 [ 28.316143] ? __pfx_kthread+0x10/0x10 [ 28.316166] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.316190] ? calculate_sigpending+0x7b/0xa0 [ 28.316216] ? __pfx_kthread+0x10/0x10 [ 28.316241] ret_from_fork+0x116/0x1d0 [ 28.316263] ? __pfx_kthread+0x10/0x10 [ 28.316286] ret_from_fork_asm+0x1a/0x30 [ 28.316318] </TASK> [ 28.316332] [ 28.324912] Allocated by task 313: [ 28.325090] kasan_save_stack+0x45/0x70 [ 28.325494] kasan_save_track+0x18/0x40 [ 28.325679] kasan_save_alloc_info+0x3b/0x50 [ 28.325890] __kasan_kmalloc+0xb7/0xc0 [ 28.326103] __kmalloc_cache_noprof+0x189/0x420 [ 28.326296] kasan_atomics+0x95/0x310 [ 28.326480] kunit_try_run_case+0x1a5/0x480 [ 28.326801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.327100] kthread+0x337/0x6f0 [ 28.327264] ret_from_fork+0x116/0x1d0 [ 28.327419] ret_from_fork_asm+0x1a/0x30 [ 28.327627] [ 28.327699] The buggy address belongs to the object at ffff8881058a7e80 [ 28.327699] which belongs to the cache kmalloc-64 of size 64 [ 28.328077] The buggy address is located 0 bytes to the right of [ 28.328077] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.328462] [ 28.328535] The buggy address belongs to the physical page: [ 28.328711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.329292] flags: 0x200000000000000(node=0|zone=2) [ 28.330530] page_type: f5(slab) [ 28.331197] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.331943] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.332757] page dumped because: kasan: bad access detected [ 28.332978] [ 28.333057] Memory state around the buggy address: [ 28.333225] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.333449] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.333673] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.334518] ^ [ 28.335364] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.336407] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.337431] ================================================================== [ 28.805065] ================================================================== [ 28.805599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 28.806272] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.806896] [ 28.807168] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.807240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.807256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.807280] Call Trace: [ 28.807305] <TASK> [ 28.807323] dump_stack_lvl+0x73/0xb0 [ 28.807353] print_report+0xd1/0x640 [ 28.807377] ? __virt_addr_valid+0x1db/0x2d0 [ 28.807402] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.807425] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.807452] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.807506] kasan_report+0x141/0x180 [ 28.807531] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.807558] kasan_check_range+0x10c/0x1c0 [ 28.807583] __kasan_check_write+0x18/0x20 [ 28.807609] kasan_atomics_helper+0x1ce1/0x5450 [ 28.807634] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.807658] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.807684] ? kasan_atomics+0x152/0x310 [ 28.807712] kasan_atomics+0x1dc/0x310 [ 28.807736] ? __pfx_kasan_atomics+0x10/0x10 [ 28.807763] ? __pfx_read_tsc+0x10/0x10 [ 28.807786] ? ktime_get_ts64+0x86/0x230 [ 28.807811] kunit_try_run_case+0x1a5/0x480 [ 28.807849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.807873] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.807901] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.807928] ? __kthread_parkme+0x82/0x180 [ 28.807950] ? preempt_count_sub+0x50/0x80 [ 28.807974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.808000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.808025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.808051] kthread+0x337/0x6f0 [ 28.808072] ? trace_preempt_on+0x20/0xc0 [ 28.808097] ? __pfx_kthread+0x10/0x10 [ 28.808119] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.808144] ? calculate_sigpending+0x7b/0xa0 [ 28.808179] ? __pfx_kthread+0x10/0x10 [ 28.808202] ret_from_fork+0x116/0x1d0 [ 28.808224] ? __pfx_kthread+0x10/0x10 [ 28.808246] ret_from_fork_asm+0x1a/0x30 [ 28.808278] </TASK> [ 28.808291] [ 28.821777] Allocated by task 313: [ 28.822088] kasan_save_stack+0x45/0x70 [ 28.822444] kasan_save_track+0x18/0x40 [ 28.822819] kasan_save_alloc_info+0x3b/0x50 [ 28.823043] __kasan_kmalloc+0xb7/0xc0 [ 28.823472] __kmalloc_cache_noprof+0x189/0x420 [ 28.823759] kasan_atomics+0x95/0x310 [ 28.824070] kunit_try_run_case+0x1a5/0x480 [ 28.824425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.824949] kthread+0x337/0x6f0 [ 28.825269] ret_from_fork+0x116/0x1d0 [ 28.825472] ret_from_fork_asm+0x1a/0x30 [ 28.825974] [ 28.826085] The buggy address belongs to the object at ffff8881058a7e80 [ 28.826085] which belongs to the cache kmalloc-64 of size 64 [ 28.827014] The buggy address is located 0 bytes to the right of [ 28.827014] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.827955] [ 28.828213] The buggy address belongs to the physical page: [ 28.828715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.829074] flags: 0x200000000000000(node=0|zone=2) [ 28.829532] page_type: f5(slab) [ 28.829977] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.830596] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.830931] page dumped because: kasan: bad access detected [ 28.831152] [ 28.831436] Memory state around the buggy address: [ 28.831941] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.832536] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.832778] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.833268] ^ [ 28.833453] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.833785] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.834110] ================================================================== [ 27.679321] ================================================================== [ 27.680255] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 27.680608] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.680950] [ 27.681043] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.681094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.681109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.681133] Call Trace: [ 27.681150] <TASK> [ 27.681167] dump_stack_lvl+0x73/0xb0 [ 27.681194] print_report+0xd1/0x640 [ 27.681218] ? __virt_addr_valid+0x1db/0x2d0 [ 27.681242] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.681265] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.681293] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.681316] kasan_report+0x141/0x180 [ 27.681340] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.681367] kasan_check_range+0x10c/0x1c0 [ 27.681393] __kasan_check_write+0x18/0x20 [ 27.681417] kasan_atomics_helper+0x5fe/0x5450 [ 27.681440] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.681463] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.681488] ? kasan_atomics+0x152/0x310 [ 27.681517] kasan_atomics+0x1dc/0x310 [ 27.681540] ? __pfx_kasan_atomics+0x10/0x10 [ 27.681566] ? __pfx_read_tsc+0x10/0x10 [ 27.681588] ? ktime_get_ts64+0x86/0x230 [ 27.681861] kunit_try_run_case+0x1a5/0x480 [ 27.681890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.681915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.681942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.681982] ? __kthread_parkme+0x82/0x180 [ 27.682005] ? preempt_count_sub+0x50/0x80 [ 27.682041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.682068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.682094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.682120] kthread+0x337/0x6f0 [ 27.682141] ? trace_preempt_on+0x20/0xc0 [ 27.682174] ? __pfx_kthread+0x10/0x10 [ 27.682196] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.682221] ? calculate_sigpending+0x7b/0xa0 [ 27.682247] ? __pfx_kthread+0x10/0x10 [ 27.682270] ret_from_fork+0x116/0x1d0 [ 27.682291] ? __pfx_kthread+0x10/0x10 [ 27.682313] ret_from_fork_asm+0x1a/0x30 [ 27.682346] </TASK> [ 27.682358] [ 27.695569] Allocated by task 313: [ 27.695976] kasan_save_stack+0x45/0x70 [ 27.696393] kasan_save_track+0x18/0x40 [ 27.696770] kasan_save_alloc_info+0x3b/0x50 [ 27.697202] __kasan_kmalloc+0xb7/0xc0 [ 27.697550] __kmalloc_cache_noprof+0x189/0x420 [ 27.697774] kasan_atomics+0x95/0x310 [ 27.697950] kunit_try_run_case+0x1a5/0x480 [ 27.698138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.698370] kthread+0x337/0x6f0 [ 27.698927] ret_from_fork+0x116/0x1d0 [ 27.699324] ret_from_fork_asm+0x1a/0x30 [ 27.699671] [ 27.699912] The buggy address belongs to the object at ffff8881058a7e80 [ 27.699912] which belongs to the cache kmalloc-64 of size 64 [ 27.700920] The buggy address is located 0 bytes to the right of [ 27.700920] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.702056] [ 27.702271] The buggy address belongs to the physical page: [ 27.702782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.703461] flags: 0x200000000000000(node=0|zone=2) [ 27.703682] page_type: f5(slab) [ 27.703849] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.704219] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.704665] page dumped because: kasan: bad access detected [ 27.704949] [ 27.705046] Memory state around the buggy address: [ 27.705237] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.705745] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.706153] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.706578] ^ [ 27.706809] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.707094] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.707395] ================================================================== [ 27.799366] ================================================================== [ 27.800073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 27.800757] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.801125] [ 27.801319] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.801380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.801405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.801430] Call Trace: [ 27.801455] <TASK> [ 27.801471] dump_stack_lvl+0x73/0xb0 [ 27.801501] print_report+0xd1/0x640 [ 27.801526] ? __virt_addr_valid+0x1db/0x2d0 [ 27.801551] ? kasan_atomics_helper+0x860/0x5450 [ 27.801574] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.801603] ? kasan_atomics_helper+0x860/0x5450 [ 27.801667] kasan_report+0x141/0x180 [ 27.801694] ? kasan_atomics_helper+0x860/0x5450 [ 27.801722] kasan_check_range+0x10c/0x1c0 [ 27.801747] __kasan_check_write+0x18/0x20 [ 27.801773] kasan_atomics_helper+0x860/0x5450 [ 27.801798] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.801822] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.801861] ? kasan_atomics+0x152/0x310 [ 27.801890] kasan_atomics+0x1dc/0x310 [ 27.801914] ? __pfx_kasan_atomics+0x10/0x10 [ 27.801941] ? __pfx_read_tsc+0x10/0x10 [ 27.801964] ? ktime_get_ts64+0x86/0x230 [ 27.801990] kunit_try_run_case+0x1a5/0x480 [ 27.802016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.802041] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.802069] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.802095] ? __kthread_parkme+0x82/0x180 [ 27.802117] ? preempt_count_sub+0x50/0x80 [ 27.802141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.802166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.802192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.802218] kthread+0x337/0x6f0 [ 27.802239] ? trace_preempt_on+0x20/0xc0 [ 27.802265] ? __pfx_kthread+0x10/0x10 [ 27.802287] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.802313] ? calculate_sigpending+0x7b/0xa0 [ 27.802337] ? __pfx_kthread+0x10/0x10 [ 27.802361] ret_from_fork+0x116/0x1d0 [ 27.802383] ? __pfx_kthread+0x10/0x10 [ 27.802405] ret_from_fork_asm+0x1a/0x30 [ 27.802437] </TASK> [ 27.802451] [ 27.815852] Allocated by task 313: [ 27.816199] kasan_save_stack+0x45/0x70 [ 27.816662] kasan_save_track+0x18/0x40 [ 27.817122] kasan_save_alloc_info+0x3b/0x50 [ 27.817283] __kasan_kmalloc+0xb7/0xc0 [ 27.817416] __kmalloc_cache_noprof+0x189/0x420 [ 27.817893] kasan_atomics+0x95/0x310 [ 27.818274] kunit_try_run_case+0x1a5/0x480 [ 27.818786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.819305] kthread+0x337/0x6f0 [ 27.819825] ret_from_fork+0x116/0x1d0 [ 27.820040] ret_from_fork_asm+0x1a/0x30 [ 27.820215] [ 27.820373] The buggy address belongs to the object at ffff8881058a7e80 [ 27.820373] which belongs to the cache kmalloc-64 of size 64 [ 27.821559] The buggy address is located 0 bytes to the right of [ 27.821559] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.821955] [ 27.822029] The buggy address belongs to the physical page: [ 27.822234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.822636] flags: 0x200000000000000(node=0|zone=2) [ 27.822872] page_type: f5(slab) [ 27.823016] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.823364] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.823709] page dumped because: kasan: bad access detected [ 27.823947] [ 27.824018] Memory state around the buggy address: [ 27.824176] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.824498] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.824988] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.825335] ^ [ 27.825574] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.826058] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.826418] ================================================================== [ 27.974798] ================================================================== [ 27.975454] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 27.976272] Read of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.976989] [ 27.977169] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.977220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.977236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.977260] Call Trace: [ 27.977277] <TASK> [ 27.977294] dump_stack_lvl+0x73/0xb0 [ 27.977323] print_report+0xd1/0x640 [ 27.977349] ? __virt_addr_valid+0x1db/0x2d0 [ 27.977373] ? kasan_atomics_helper+0x4a84/0x5450 [ 27.977397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.977424] ? kasan_atomics_helper+0x4a84/0x5450 [ 27.977448] kasan_report+0x141/0x180 [ 27.977521] ? kasan_atomics_helper+0x4a84/0x5450 [ 27.977549] __asan_report_load4_noabort+0x18/0x20 [ 27.977576] kasan_atomics_helper+0x4a84/0x5450 [ 27.977601] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.977624] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.977650] ? kasan_atomics+0x152/0x310 [ 27.977679] kasan_atomics+0x1dc/0x310 [ 27.977704] ? __pfx_kasan_atomics+0x10/0x10 [ 27.977729] ? __pfx_read_tsc+0x10/0x10 [ 27.977753] ? ktime_get_ts64+0x86/0x230 [ 27.977778] kunit_try_run_case+0x1a5/0x480 [ 27.977804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.977850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.977878] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.977905] ? __kthread_parkme+0x82/0x180 [ 27.977927] ? preempt_count_sub+0x50/0x80 [ 27.977952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.977979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.978005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.978031] kthread+0x337/0x6f0 [ 27.978053] ? trace_preempt_on+0x20/0xc0 [ 27.978078] ? __pfx_kthread+0x10/0x10 [ 27.978100] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.978125] ? calculate_sigpending+0x7b/0xa0 [ 27.978150] ? __pfx_kthread+0x10/0x10 [ 27.978173] ret_from_fork+0x116/0x1d0 [ 27.978194] ? __pfx_kthread+0x10/0x10 [ 27.978217] ret_from_fork_asm+0x1a/0x30 [ 27.978249] </TASK> [ 27.978262] [ 27.992026] Allocated by task 313: [ 27.992372] kasan_save_stack+0x45/0x70 [ 27.992772] kasan_save_track+0x18/0x40 [ 27.993334] kasan_save_alloc_info+0x3b/0x50 [ 27.993784] __kasan_kmalloc+0xb7/0xc0 [ 27.994133] __kmalloc_cache_noprof+0x189/0x420 [ 27.994631] kasan_atomics+0x95/0x310 [ 27.994958] kunit_try_run_case+0x1a5/0x480 [ 27.995109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.995565] kthread+0x337/0x6f0 [ 27.995928] ret_from_fork+0x116/0x1d0 [ 27.996306] ret_from_fork_asm+0x1a/0x30 [ 27.996730] [ 27.996815] The buggy address belongs to the object at ffff8881058a7e80 [ 27.996815] which belongs to the cache kmalloc-64 of size 64 [ 27.997221] The buggy address is located 0 bytes to the right of [ 27.997221] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.998657] [ 27.998849] The buggy address belongs to the physical page: [ 27.999494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.000244] flags: 0x200000000000000(node=0|zone=2) [ 28.000504] page_type: f5(slab) [ 28.000872] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.001401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.001983] page dumped because: kasan: bad access detected [ 28.002660] [ 28.002826] Memory state around the buggy address: [ 28.003027] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.003278] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.003614] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.004224] ^ [ 28.004749] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.005232] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.005454] ================================================================== [ 28.267596] ================================================================== [ 28.268182] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 28.268671] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.269105] [ 28.269222] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.269274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.269289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.269311] Call Trace: [ 28.269330] <TASK> [ 28.269348] dump_stack_lvl+0x73/0xb0 [ 28.269614] print_report+0xd1/0x640 [ 28.269642] ? __virt_addr_valid+0x1db/0x2d0 [ 28.269668] ? kasan_atomics_helper+0x1217/0x5450 [ 28.269691] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.269719] ? kasan_atomics_helper+0x1217/0x5450 [ 28.269743] kasan_report+0x141/0x180 [ 28.269767] ? kasan_atomics_helper+0x1217/0x5450 [ 28.269794] kasan_check_range+0x10c/0x1c0 [ 28.269820] __kasan_check_write+0x18/0x20 [ 28.269859] kasan_atomics_helper+0x1217/0x5450 [ 28.269884] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.269909] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.269935] ? kasan_atomics+0x152/0x310 [ 28.269962] kasan_atomics+0x1dc/0x310 [ 28.269988] ? __pfx_kasan_atomics+0x10/0x10 [ 28.270015] ? __pfx_read_tsc+0x10/0x10 [ 28.270038] ? ktime_get_ts64+0x86/0x230 [ 28.270065] kunit_try_run_case+0x1a5/0x480 [ 28.270091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.270116] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.270145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.270173] ? __kthread_parkme+0x82/0x180 [ 28.270195] ? preempt_count_sub+0x50/0x80 [ 28.270219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.270245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.270271] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.270297] kthread+0x337/0x6f0 [ 28.270320] ? trace_preempt_on+0x20/0xc0 [ 28.270345] ? __pfx_kthread+0x10/0x10 [ 28.270367] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.270392] ? calculate_sigpending+0x7b/0xa0 [ 28.270418] ? __pfx_kthread+0x10/0x10 [ 28.270441] ret_from_fork+0x116/0x1d0 [ 28.270463] ? __pfx_kthread+0x10/0x10 [ 28.270487] ret_from_fork_asm+0x1a/0x30 [ 28.270520] </TASK> [ 28.270533] [ 28.281880] Allocated by task 313: [ 28.282169] kasan_save_stack+0x45/0x70 [ 28.282540] kasan_save_track+0x18/0x40 [ 28.282727] kasan_save_alloc_info+0x3b/0x50 [ 28.282937] __kasan_kmalloc+0xb7/0xc0 [ 28.283117] __kmalloc_cache_noprof+0x189/0x420 [ 28.283495] kasan_atomics+0x95/0x310 [ 28.283937] kunit_try_run_case+0x1a5/0x480 [ 28.284228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.284580] kthread+0x337/0x6f0 [ 28.284730] ret_from_fork+0x116/0x1d0 [ 28.285095] ret_from_fork_asm+0x1a/0x30 [ 28.285392] [ 28.285569] The buggy address belongs to the object at ffff8881058a7e80 [ 28.285569] which belongs to the cache kmalloc-64 of size 64 [ 28.286234] The buggy address is located 0 bytes to the right of [ 28.286234] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.287015] [ 28.287167] The buggy address belongs to the physical page: [ 28.287484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.287914] flags: 0x200000000000000(node=0|zone=2) [ 28.288114] page_type: f5(slab) [ 28.288376] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.288920] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.289352] page dumped because: kasan: bad access detected [ 28.289649] [ 28.289811] Memory state around the buggy address: [ 28.290327] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.290770] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.291156] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.291449] ^ [ 28.291871] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.292321] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.292784] ================================================================== [ 28.555956] ================================================================== [ 28.556430] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 28.557005] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.557341] [ 28.557465] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.557516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.557530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.557553] Call Trace: [ 28.557570] <TASK> [ 28.557645] dump_stack_lvl+0x73/0xb0 [ 28.557676] print_report+0xd1/0x640 [ 28.557701] ? __virt_addr_valid+0x1db/0x2d0 [ 28.557726] ? kasan_atomics_helper+0x177f/0x5450 [ 28.557749] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.557778] ? kasan_atomics_helper+0x177f/0x5450 [ 28.557801] kasan_report+0x141/0x180 [ 28.557825] ? kasan_atomics_helper+0x177f/0x5450 [ 28.557868] kasan_check_range+0x10c/0x1c0 [ 28.557893] __kasan_check_write+0x18/0x20 [ 28.557953] kasan_atomics_helper+0x177f/0x5450 [ 28.557979] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.558004] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.558030] ? kasan_atomics+0x152/0x310 [ 28.558058] kasan_atomics+0x1dc/0x310 [ 28.558083] ? __pfx_kasan_atomics+0x10/0x10 [ 28.558110] ? __pfx_read_tsc+0x10/0x10 [ 28.558133] ? ktime_get_ts64+0x86/0x230 [ 28.558159] kunit_try_run_case+0x1a5/0x480 [ 28.558188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.558214] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.558241] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.558269] ? __kthread_parkme+0x82/0x180 [ 28.558291] ? preempt_count_sub+0x50/0x80 [ 28.558316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.558342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.558368] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.558394] kthread+0x337/0x6f0 [ 28.558416] ? trace_preempt_on+0x20/0xc0 [ 28.558441] ? __pfx_kthread+0x10/0x10 [ 28.558463] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.558489] ? calculate_sigpending+0x7b/0xa0 [ 28.558514] ? __pfx_kthread+0x10/0x10 [ 28.558585] ret_from_fork+0x116/0x1d0 [ 28.558609] ? __pfx_kthread+0x10/0x10 [ 28.558632] ret_from_fork_asm+0x1a/0x30 [ 28.558665] </TASK> [ 28.558678] [ 28.576882] Allocated by task 313: [ 28.577551] kasan_save_stack+0x45/0x70 [ 28.578151] kasan_save_track+0x18/0x40 [ 28.578717] kasan_save_alloc_info+0x3b/0x50 [ 28.579343] __kasan_kmalloc+0xb7/0xc0 [ 28.579916] __kmalloc_cache_noprof+0x189/0x420 [ 28.580441] kasan_atomics+0x95/0x310 [ 28.580671] kunit_try_run_case+0x1a5/0x480 [ 28.580826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.581026] kthread+0x337/0x6f0 [ 28.581152] ret_from_fork+0x116/0x1d0 [ 28.581985] ret_from_fork_asm+0x1a/0x30 [ 28.583918] [ 28.584006] The buggy address belongs to the object at ffff8881058a7e80 [ 28.584006] which belongs to the cache kmalloc-64 of size 64 [ 28.585058] The buggy address is located 0 bytes to the right of [ 28.585058] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.585876] [ 28.585963] The buggy address belongs to the physical page: [ 28.586171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.586930] flags: 0x200000000000000(node=0|zone=2) [ 28.587403] page_type: f5(slab) [ 28.587964] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.588693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.589337] page dumped because: kasan: bad access detected [ 28.589519] [ 28.589589] Memory state around the buggy address: [ 28.589756] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.589993] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.590288] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.590579] ^ [ 28.590786] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.591118] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.591469] ================================================================== [ 28.779717] ================================================================== [ 28.780046] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 28.780561] Read of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.780797] [ 28.780981] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.781061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.781077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.781099] Call Trace: [ 28.781117] <TASK> [ 28.781134] dump_stack_lvl+0x73/0xb0 [ 28.781164] print_report+0xd1/0x640 [ 28.781189] ? __virt_addr_valid+0x1db/0x2d0 [ 28.781216] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.781240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.781267] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.781290] kasan_report+0x141/0x180 [ 28.781335] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.781365] __asan_report_load8_noabort+0x18/0x20 [ 28.781392] kasan_atomics_helper+0x4f30/0x5450 [ 28.781416] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.781440] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.781512] ? kasan_atomics+0x152/0x310 [ 28.781541] kasan_atomics+0x1dc/0x310 [ 28.781567] ? __pfx_kasan_atomics+0x10/0x10 [ 28.781592] ? __pfx_read_tsc+0x10/0x10 [ 28.781616] ? ktime_get_ts64+0x86/0x230 [ 28.781642] kunit_try_run_case+0x1a5/0x480 [ 28.781669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.781693] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.781720] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.781747] ? __kthread_parkme+0x82/0x180 [ 28.781768] ? preempt_count_sub+0x50/0x80 [ 28.781794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.781819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.781855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.781881] kthread+0x337/0x6f0 [ 28.781902] ? trace_preempt_on+0x20/0xc0 [ 28.781927] ? __pfx_kthread+0x10/0x10 [ 28.781949] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.781975] ? calculate_sigpending+0x7b/0xa0 [ 28.782000] ? __pfx_kthread+0x10/0x10 [ 28.782024] ret_from_fork+0x116/0x1d0 [ 28.782045] ? __pfx_kthread+0x10/0x10 [ 28.782068] ret_from_fork_asm+0x1a/0x30 [ 28.782100] </TASK> [ 28.782112] [ 28.791574] Allocated by task 313: [ 28.791930] kasan_save_stack+0x45/0x70 [ 28.792090] kasan_save_track+0x18/0x40 [ 28.792590] kasan_save_alloc_info+0x3b/0x50 [ 28.793026] __kasan_kmalloc+0xb7/0xc0 [ 28.793392] __kmalloc_cache_noprof+0x189/0x420 [ 28.793843] kasan_atomics+0x95/0x310 [ 28.794026] kunit_try_run_case+0x1a5/0x480 [ 28.794218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.794694] kthread+0x337/0x6f0 [ 28.795006] ret_from_fork+0x116/0x1d0 [ 28.795487] ret_from_fork_asm+0x1a/0x30 [ 28.795819] [ 28.795920] The buggy address belongs to the object at ffff8881058a7e80 [ 28.795920] which belongs to the cache kmalloc-64 of size 64 [ 28.796774] The buggy address is located 0 bytes to the right of [ 28.796774] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.797827] [ 28.797942] The buggy address belongs to the physical page: [ 28.798180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.798848] flags: 0x200000000000000(node=0|zone=2) [ 28.799317] page_type: f5(slab) [ 28.799704] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.800019] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.800628] page dumped because: kasan: bad access detected [ 28.800969] [ 28.801196] Memory state around the buggy address: [ 28.801421] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.801897] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.802439] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.802947] ^ [ 28.803161] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.803460] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.803741] ================================================================== [ 28.219183] ================================================================== [ 28.219604] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 28.219890] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.220403] [ 28.220589] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.220643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.220659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.220683] Call Trace: [ 28.220701] <TASK> [ 28.220717] dump_stack_lvl+0x73/0xb0 [ 28.220747] print_report+0xd1/0x640 [ 28.220772] ? __virt_addr_valid+0x1db/0x2d0 [ 28.220796] ? kasan_atomics_helper+0x1148/0x5450 [ 28.220819] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.220862] ? kasan_atomics_helper+0x1148/0x5450 [ 28.220892] kasan_report+0x141/0x180 [ 28.220918] ? kasan_atomics_helper+0x1148/0x5450 [ 28.220947] kasan_check_range+0x10c/0x1c0 [ 28.220973] __kasan_check_write+0x18/0x20 [ 28.221001] kasan_atomics_helper+0x1148/0x5450 [ 28.221026] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.221049] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.221076] ? kasan_atomics+0x152/0x310 [ 28.221104] kasan_atomics+0x1dc/0x310 [ 28.221129] ? __pfx_kasan_atomics+0x10/0x10 [ 28.221156] ? __pfx_read_tsc+0x10/0x10 [ 28.221501] ? ktime_get_ts64+0x86/0x230 [ 28.221528] kunit_try_run_case+0x1a5/0x480 [ 28.221556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.221581] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.221608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.221636] ? __kthread_parkme+0x82/0x180 [ 28.221658] ? preempt_count_sub+0x50/0x80 [ 28.221682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.221708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.221734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.221759] kthread+0x337/0x6f0 [ 28.221781] ? trace_preempt_on+0x20/0xc0 [ 28.221806] ? __pfx_kthread+0x10/0x10 [ 28.221840] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.221868] ? calculate_sigpending+0x7b/0xa0 [ 28.221893] ? __pfx_kthread+0x10/0x10 [ 28.221918] ret_from_fork+0x116/0x1d0 [ 28.221938] ? __pfx_kthread+0x10/0x10 [ 28.221961] ret_from_fork_asm+0x1a/0x30 [ 28.221994] </TASK> [ 28.222007] [ 28.232422] Allocated by task 313: [ 28.232643] kasan_save_stack+0x45/0x70 [ 28.232850] kasan_save_track+0x18/0x40 [ 28.232993] kasan_save_alloc_info+0x3b/0x50 [ 28.233243] __kasan_kmalloc+0xb7/0xc0 [ 28.233878] __kmalloc_cache_noprof+0x189/0x420 [ 28.234122] kasan_atomics+0x95/0x310 [ 28.234327] kunit_try_run_case+0x1a5/0x480 [ 28.234611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.235034] kthread+0x337/0x6f0 [ 28.235354] ret_from_fork+0x116/0x1d0 [ 28.235544] ret_from_fork_asm+0x1a/0x30 [ 28.235735] [ 28.235869] The buggy address belongs to the object at ffff8881058a7e80 [ 28.235869] which belongs to the cache kmalloc-64 of size 64 [ 28.236325] The buggy address is located 0 bytes to the right of [ 28.236325] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.237295] [ 28.237397] The buggy address belongs to the physical page: [ 28.237597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.238125] flags: 0x200000000000000(node=0|zone=2) [ 28.238358] page_type: f5(slab) [ 28.238681] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.239144] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.239426] page dumped because: kasan: bad access detected [ 28.239877] [ 28.239975] Memory state around the buggy address: [ 28.240161] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.240692] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.241006] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.241401] ^ [ 28.241776] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.242040] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.242499] ================================================================== [ 27.473954] ================================================================== [ 27.475688] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 27.476847] Read of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.477249] [ 27.477386] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.477439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.477452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.477526] Call Trace: [ 27.477579] <TASK> [ 27.477597] dump_stack_lvl+0x73/0xb0 [ 27.477632] print_report+0xd1/0x640 [ 27.477655] ? __virt_addr_valid+0x1db/0x2d0 [ 27.477681] ? kasan_atomics_helper+0x4bbc/0x5450 [ 27.477703] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.477760] ? kasan_atomics_helper+0x4bbc/0x5450 [ 27.477784] kasan_report+0x141/0x180 [ 27.477807] ? kasan_atomics_helper+0x4bbc/0x5450 [ 27.477845] __asan_report_load4_noabort+0x18/0x20 [ 27.477870] kasan_atomics_helper+0x4bbc/0x5450 [ 27.477894] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.477918] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.477976] ? kasan_atomics+0x152/0x310 [ 27.478004] kasan_atomics+0x1dc/0x310 [ 27.478027] ? __pfx_kasan_atomics+0x10/0x10 [ 27.478052] ? __pfx_read_tsc+0x10/0x10 [ 27.478075] ? ktime_get_ts64+0x86/0x230 [ 27.478129] kunit_try_run_case+0x1a5/0x480 [ 27.478180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.478227] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.478265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.478291] ? __kthread_parkme+0x82/0x180 [ 27.478312] ? preempt_count_sub+0x50/0x80 [ 27.478336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.478360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.478385] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.478409] kthread+0x337/0x6f0 [ 27.478430] ? trace_preempt_on+0x20/0xc0 [ 27.478453] ? __pfx_kthread+0x10/0x10 [ 27.478492] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.478516] ? calculate_sigpending+0x7b/0xa0 [ 27.478541] ? __pfx_kthread+0x10/0x10 [ 27.478563] ret_from_fork+0x116/0x1d0 [ 27.478583] ? __pfx_kthread+0x10/0x10 [ 27.478604] ret_from_fork_asm+0x1a/0x30 [ 27.478635] </TASK> [ 27.478647] [ 27.489311] Allocated by task 313: [ 27.489517] kasan_save_stack+0x45/0x70 [ 27.489824] kasan_save_track+0x18/0x40 [ 27.489977] kasan_save_alloc_info+0x3b/0x50 [ 27.490123] __kasan_kmalloc+0xb7/0xc0 [ 27.490402] __kmalloc_cache_noprof+0x189/0x420 [ 27.491005] kasan_atomics+0x95/0x310 [ 27.491219] kunit_try_run_case+0x1a5/0x480 [ 27.491552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.491862] kthread+0x337/0x6f0 [ 27.492048] ret_from_fork+0x116/0x1d0 [ 27.492241] ret_from_fork_asm+0x1a/0x30 [ 27.492525] [ 27.492636] The buggy address belongs to the object at ffff8881058a7e80 [ 27.492636] which belongs to the cache kmalloc-64 of size 64 [ 27.493336] The buggy address is located 0 bytes to the right of [ 27.493336] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.494046] [ 27.494154] The buggy address belongs to the physical page: [ 27.494455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.495042] flags: 0x200000000000000(node=0|zone=2) [ 27.495383] page_type: f5(slab) [ 27.495512] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.496091] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.496529] page dumped because: kasan: bad access detected [ 27.496732] [ 27.496886] Memory state around the buggy address: [ 27.497111] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.497439] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.497846] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.498200] ^ [ 27.498429] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.498893] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.499280] ================================================================== [ 29.149998] ================================================================== [ 29.150502] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 29.151073] Read of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 29.151583] [ 29.151791] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 29.151851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.151867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.151891] Call Trace: [ 29.151908] <TASK> [ 29.151925] dump_stack_lvl+0x73/0xb0 [ 29.151954] print_report+0xd1/0x640 [ 29.151979] ? __virt_addr_valid+0x1db/0x2d0 [ 29.152004] ? kasan_atomics_helper+0x5115/0x5450 [ 29.152027] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.152055] ? kasan_atomics_helper+0x5115/0x5450 [ 29.152103] kasan_report+0x141/0x180 [ 29.152127] ? kasan_atomics_helper+0x5115/0x5450 [ 29.152156] __asan_report_load8_noabort+0x18/0x20 [ 29.152194] kasan_atomics_helper+0x5115/0x5450 [ 29.152218] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.152242] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.152269] ? kasan_atomics+0x152/0x310 [ 29.152298] kasan_atomics+0x1dc/0x310 [ 29.152323] ? __pfx_kasan_atomics+0x10/0x10 [ 29.152350] ? __pfx_read_tsc+0x10/0x10 [ 29.152375] ? ktime_get_ts64+0x86/0x230 [ 29.152401] kunit_try_run_case+0x1a5/0x480 [ 29.152429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.152454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.152496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.152525] ? __kthread_parkme+0x82/0x180 [ 29.152547] ? preempt_count_sub+0x50/0x80 [ 29.152572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.152599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.152625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.152651] kthread+0x337/0x6f0 [ 29.152672] ? trace_preempt_on+0x20/0xc0 [ 29.152697] ? __pfx_kthread+0x10/0x10 [ 29.152720] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.152746] ? calculate_sigpending+0x7b/0xa0 [ 29.152772] ? __pfx_kthread+0x10/0x10 [ 29.152796] ret_from_fork+0x116/0x1d0 [ 29.152817] ? __pfx_kthread+0x10/0x10 [ 29.152850] ret_from_fork_asm+0x1a/0x30 [ 29.152888] </TASK> [ 29.152900] [ 29.164759] Allocated by task 313: [ 29.164922] kasan_save_stack+0x45/0x70 [ 29.165067] kasan_save_track+0x18/0x40 [ 29.165298] kasan_save_alloc_info+0x3b/0x50 [ 29.165671] __kasan_kmalloc+0xb7/0xc0 [ 29.166084] __kmalloc_cache_noprof+0x189/0x420 [ 29.166590] kasan_atomics+0x95/0x310 [ 29.166990] kunit_try_run_case+0x1a5/0x480 [ 29.167448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.167965] kthread+0x337/0x6f0 [ 29.168284] ret_from_fork+0x116/0x1d0 [ 29.168667] ret_from_fork_asm+0x1a/0x30 [ 29.169083] [ 29.169241] The buggy address belongs to the object at ffff8881058a7e80 [ 29.169241] which belongs to the cache kmalloc-64 of size 64 [ 29.170008] The buggy address is located 0 bytes to the right of [ 29.170008] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 29.170411] [ 29.170483] The buggy address belongs to the physical page: [ 29.170686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 29.171358] flags: 0x200000000000000(node=0|zone=2) [ 29.171781] page_type: f5(slab) [ 29.172298] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.172708] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.173438] page dumped because: kasan: bad access detected [ 29.173999] [ 29.174076] Memory state around the buggy address: [ 29.174353] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.175036] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.175535] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.176151] ^ [ 29.176385] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.176900] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.177688] ================================================================== [ 28.694579] ================================================================== [ 28.694874] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 28.695402] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.696036] [ 28.696141] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.696192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.696208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.696230] Call Trace: [ 28.696247] <TASK> [ 28.696265] dump_stack_lvl+0x73/0xb0 [ 28.696295] print_report+0xd1/0x640 [ 28.696319] ? __virt_addr_valid+0x1db/0x2d0 [ 28.696346] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.696368] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.696397] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.696422] kasan_report+0x141/0x180 [ 28.696446] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.696487] kasan_check_range+0x10c/0x1c0 [ 28.696513] __kasan_check_write+0x18/0x20 [ 28.696539] kasan_atomics_helper+0x1a7f/0x5450 [ 28.696564] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.696588] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.696616] ? kasan_atomics+0x152/0x310 [ 28.696645] kasan_atomics+0x1dc/0x310 [ 28.696670] ? __pfx_kasan_atomics+0x10/0x10 [ 28.696696] ? __pfx_read_tsc+0x10/0x10 [ 28.696719] ? ktime_get_ts64+0x86/0x230 [ 28.696745] kunit_try_run_case+0x1a5/0x480 [ 28.696771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.696796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.696823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.696862] ? __kthread_parkme+0x82/0x180 [ 28.696890] ? preempt_count_sub+0x50/0x80 [ 28.696915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.696941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.696967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.696996] kthread+0x337/0x6f0 [ 28.697018] ? trace_preempt_on+0x20/0xc0 [ 28.697045] ? __pfx_kthread+0x10/0x10 [ 28.697067] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.697093] ? calculate_sigpending+0x7b/0xa0 [ 28.697118] ? __pfx_kthread+0x10/0x10 [ 28.697142] ret_from_fork+0x116/0x1d0 [ 28.697385] ? __pfx_kthread+0x10/0x10 [ 28.697417] ret_from_fork_asm+0x1a/0x30 [ 28.697452] </TASK> [ 28.697464] [ 28.713903] Allocated by task 313: [ 28.714044] kasan_save_stack+0x45/0x70 [ 28.714213] kasan_save_track+0x18/0x40 [ 28.714618] kasan_save_alloc_info+0x3b/0x50 [ 28.715067] __kasan_kmalloc+0xb7/0xc0 [ 28.715494] __kmalloc_cache_noprof+0x189/0x420 [ 28.715948] kasan_atomics+0x95/0x310 [ 28.716342] kunit_try_run_case+0x1a5/0x480 [ 28.716739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.717020] kthread+0x337/0x6f0 [ 28.717348] ret_from_fork+0x116/0x1d0 [ 28.717742] ret_from_fork_asm+0x1a/0x30 [ 28.718173] [ 28.718283] The buggy address belongs to the object at ffff8881058a7e80 [ 28.718283] which belongs to the cache kmalloc-64 of size 64 [ 28.719234] The buggy address is located 0 bytes to the right of [ 28.719234] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.720401] [ 28.720654] The buggy address belongs to the physical page: [ 28.720842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.721129] flags: 0x200000000000000(node=0|zone=2) [ 28.721614] page_type: f5(slab) [ 28.722014] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.722843] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.723615] page dumped because: kasan: bad access detected [ 28.724198] [ 28.724352] Memory state around the buggy address: [ 28.724855] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.725411] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.725712] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.725939] ^ [ 28.726091] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.726355] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.726631] ================================================================== [ 27.638233] ================================================================== [ 27.638610] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 27.638963] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.639294] [ 27.639380] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.639439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.639519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.639542] Call Trace: [ 27.639558] <TASK> [ 27.639584] dump_stack_lvl+0x73/0xb0 [ 27.639613] print_report+0xd1/0x640 [ 27.639637] ? __virt_addr_valid+0x1db/0x2d0 [ 27.639674] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.639697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.639724] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.639748] kasan_report+0x141/0x180 [ 27.639772] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.639800] __asan_report_store4_noabort+0x1b/0x30 [ 27.639827] kasan_atomics_helper+0x4b3a/0x5450 [ 27.639863] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.639888] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.639917] ? kasan_atomics+0x152/0x310 [ 27.639946] kasan_atomics+0x1dc/0x310 [ 27.639971] ? __pfx_kasan_atomics+0x10/0x10 [ 27.639996] ? __pfx_read_tsc+0x10/0x10 [ 27.640020] ? ktime_get_ts64+0x86/0x230 [ 27.640053] kunit_try_run_case+0x1a5/0x480 [ 27.640080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.640104] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.640142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.640170] ? __kthread_parkme+0x82/0x180 [ 27.640211] ? preempt_count_sub+0x50/0x80 [ 27.640235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.640261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.640287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.640313] kthread+0x337/0x6f0 [ 27.640334] ? trace_preempt_on+0x20/0xc0 [ 27.640359] ? __pfx_kthread+0x10/0x10 [ 27.640381] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.640407] ? calculate_sigpending+0x7b/0xa0 [ 27.640431] ? __pfx_kthread+0x10/0x10 [ 27.640510] ret_from_fork+0x116/0x1d0 [ 27.640533] ? __pfx_kthread+0x10/0x10 [ 27.640555] ret_from_fork_asm+0x1a/0x30 [ 27.640598] </TASK> [ 27.640611] [ 27.648884] Allocated by task 313: [ 27.649040] kasan_save_stack+0x45/0x70 [ 27.649283] kasan_save_track+0x18/0x40 [ 27.649548] kasan_save_alloc_info+0x3b/0x50 [ 27.649785] __kasan_kmalloc+0xb7/0xc0 [ 27.649972] __kmalloc_cache_noprof+0x189/0x420 [ 27.650189] kasan_atomics+0x95/0x310 [ 27.650394] kunit_try_run_case+0x1a5/0x480 [ 27.650620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.650896] kthread+0x337/0x6f0 [ 27.651067] ret_from_fork+0x116/0x1d0 [ 27.651256] ret_from_fork_asm+0x1a/0x30 [ 27.651500] [ 27.651628] The buggy address belongs to the object at ffff8881058a7e80 [ 27.651628] which belongs to the cache kmalloc-64 of size 64 [ 27.652060] The buggy address is located 0 bytes to the right of [ 27.652060] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.652450] [ 27.652519] The buggy address belongs to the physical page: [ 27.652856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.653247] flags: 0x200000000000000(node=0|zone=2) [ 27.653635] page_type: f5(slab) [ 27.653814] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.654137] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.654546] page dumped because: kasan: bad access detected [ 27.654774] [ 27.654880] Memory state around the buggy address: [ 27.655111] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.655357] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.655771] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.656102] ^ [ 27.656359] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.656741] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.657069] ================================================================== [ 27.553308] ================================================================== [ 27.553789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 27.554126] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.554559] [ 27.554674] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.554725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.554740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.554828] Call Trace: [ 27.554857] <TASK> [ 27.554874] dump_stack_lvl+0x73/0xb0 [ 27.554904] print_report+0xd1/0x640 [ 27.554929] ? __virt_addr_valid+0x1db/0x2d0 [ 27.554954] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.554978] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.555007] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.555031] kasan_report+0x141/0x180 [ 27.555055] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.555082] __asan_report_store4_noabort+0x1b/0x30 [ 27.555110] kasan_atomics_helper+0x4b6e/0x5450 [ 27.555135] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.555160] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.555223] ? kasan_atomics+0x152/0x310 [ 27.555253] kasan_atomics+0x1dc/0x310 [ 27.555278] ? __pfx_kasan_atomics+0x10/0x10 [ 27.555304] ? __pfx_read_tsc+0x10/0x10 [ 27.555328] ? ktime_get_ts64+0x86/0x230 [ 27.555354] kunit_try_run_case+0x1a5/0x480 [ 27.555381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.555422] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.555449] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.555477] ? __kthread_parkme+0x82/0x180 [ 27.555499] ? preempt_count_sub+0x50/0x80 [ 27.555567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.555594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.555620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.555645] kthread+0x337/0x6f0 [ 27.555667] ? trace_preempt_on+0x20/0xc0 [ 27.555692] ? __pfx_kthread+0x10/0x10 [ 27.555715] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.555740] ? calculate_sigpending+0x7b/0xa0 [ 27.555765] ? __pfx_kthread+0x10/0x10 [ 27.555789] ret_from_fork+0x116/0x1d0 [ 27.555810] ? __pfx_kthread+0x10/0x10 [ 27.555846] ret_from_fork_asm+0x1a/0x30 [ 27.555879] </TASK> [ 27.555893] [ 27.564078] Allocated by task 313: [ 27.564214] kasan_save_stack+0x45/0x70 [ 27.564586] kasan_save_track+0x18/0x40 [ 27.564807] kasan_save_alloc_info+0x3b/0x50 [ 27.565040] __kasan_kmalloc+0xb7/0xc0 [ 27.565282] __kmalloc_cache_noprof+0x189/0x420 [ 27.565446] kasan_atomics+0x95/0x310 [ 27.565583] kunit_try_run_case+0x1a5/0x480 [ 27.565730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.565956] kthread+0x337/0x6f0 [ 27.566124] ret_from_fork+0x116/0x1d0 [ 27.566384] ret_from_fork_asm+0x1a/0x30 [ 27.566582] [ 27.566675] The buggy address belongs to the object at ffff8881058a7e80 [ 27.566675] which belongs to the cache kmalloc-64 of size 64 [ 27.567958] The buggy address is located 0 bytes to the right of [ 27.567958] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.569285] [ 27.569378] The buggy address belongs to the physical page: [ 27.570087] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.570768] flags: 0x200000000000000(node=0|zone=2) [ 27.571242] page_type: f5(slab) [ 27.571410] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.572061] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.572877] page dumped because: kasan: bad access detected [ 27.573282] [ 27.573498] Memory state around the buggy address: [ 27.573724] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.574022] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.574696] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.575399] ^ [ 27.575933] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.576392] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.576888] ================================================================== [ 27.826975] ================================================================== [ 27.827284] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 27.827732] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.828064] [ 27.828177] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.828229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.828244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.828267] Call Trace: [ 27.828284] <TASK> [ 27.828300] dump_stack_lvl+0x73/0xb0 [ 27.828331] print_report+0xd1/0x640 [ 27.828356] ? __virt_addr_valid+0x1db/0x2d0 [ 27.828381] ? kasan_atomics_helper+0x8f9/0x5450 [ 27.828405] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.828434] ? kasan_atomics_helper+0x8f9/0x5450 [ 27.828512] kasan_report+0x141/0x180 [ 27.828540] ? kasan_atomics_helper+0x8f9/0x5450 [ 27.828568] kasan_check_range+0x10c/0x1c0 [ 27.828595] __kasan_check_write+0x18/0x20 [ 27.828620] kasan_atomics_helper+0x8f9/0x5450 [ 27.828645] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.828669] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.828696] ? kasan_atomics+0x152/0x310 [ 27.828725] kasan_atomics+0x1dc/0x310 [ 27.828750] ? __pfx_kasan_atomics+0x10/0x10 [ 27.828776] ? __pfx_read_tsc+0x10/0x10 [ 27.828800] ? ktime_get_ts64+0x86/0x230 [ 27.828826] kunit_try_run_case+0x1a5/0x480 [ 27.828873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.828898] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.828926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.828952] ? __kthread_parkme+0x82/0x180 [ 27.828974] ? preempt_count_sub+0x50/0x80 [ 27.828999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.829025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.829050] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.829076] kthread+0x337/0x6f0 [ 27.829097] ? trace_preempt_on+0x20/0xc0 [ 27.829121] ? __pfx_kthread+0x10/0x10 [ 27.829144] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.829182] ? calculate_sigpending+0x7b/0xa0 [ 27.829209] ? __pfx_kthread+0x10/0x10 [ 27.829235] ret_from_fork+0x116/0x1d0 [ 27.829259] ? __pfx_kthread+0x10/0x10 [ 27.829282] ret_from_fork_asm+0x1a/0x30 [ 27.829315] </TASK> [ 27.829328] [ 27.839277] Allocated by task 313: [ 27.839899] kasan_save_stack+0x45/0x70 [ 27.840140] kasan_save_track+0x18/0x40 [ 27.840343] kasan_save_alloc_info+0x3b/0x50 [ 27.840558] __kasan_kmalloc+0xb7/0xc0 [ 27.840751] __kmalloc_cache_noprof+0x189/0x420 [ 27.840996] kasan_atomics+0x95/0x310 [ 27.841175] kunit_try_run_case+0x1a5/0x480 [ 27.841375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.841633] kthread+0x337/0x6f0 [ 27.841792] ret_from_fork+0x116/0x1d0 [ 27.842228] ret_from_fork_asm+0x1a/0x30 [ 27.842400] [ 27.842566] The buggy address belongs to the object at ffff8881058a7e80 [ 27.842566] which belongs to the cache kmalloc-64 of size 64 [ 27.843269] The buggy address is located 0 bytes to the right of [ 27.843269] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.843909] [ 27.844043] The buggy address belongs to the physical page: [ 27.844358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.844849] flags: 0x200000000000000(node=0|zone=2) [ 27.845096] page_type: f5(slab) [ 27.845291] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.845730] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.846119] page dumped because: kasan: bad access detected [ 27.846664] [ 27.846795] Memory state around the buggy address: [ 27.847031] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.847423] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.847807] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.848161] ^ [ 27.848354] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.848807] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.849147] ================================================================== [ 28.907726] ================================================================== [ 28.908066] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 28.908429] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.908775] [ 28.908893] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.908943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.908959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.908982] Call Trace: [ 28.908999] <TASK> [ 28.909015] dump_stack_lvl+0x73/0xb0 [ 28.909044] print_report+0xd1/0x640 [ 28.909069] ? __virt_addr_valid+0x1db/0x2d0 [ 28.909095] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.909118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.909186] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.909226] kasan_report+0x141/0x180 [ 28.909264] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.909293] kasan_check_range+0x10c/0x1c0 [ 28.909319] __kasan_check_write+0x18/0x20 [ 28.909344] kasan_atomics_helper+0x1f43/0x5450 [ 28.909368] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.909393] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.909419] ? kasan_atomics+0x152/0x310 [ 28.909465] kasan_atomics+0x1dc/0x310 [ 28.909491] ? __pfx_kasan_atomics+0x10/0x10 [ 28.909517] ? __pfx_read_tsc+0x10/0x10 [ 28.909541] ? ktime_get_ts64+0x86/0x230 [ 28.909566] kunit_try_run_case+0x1a5/0x480 [ 28.909592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.909617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.909644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.909670] ? __kthread_parkme+0x82/0x180 [ 28.909692] ? preempt_count_sub+0x50/0x80 [ 28.909717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.909742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.909768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.909794] kthread+0x337/0x6f0 [ 28.909815] ? trace_preempt_on+0x20/0xc0 [ 28.909850] ? __pfx_kthread+0x10/0x10 [ 28.909873] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.909899] ? calculate_sigpending+0x7b/0xa0 [ 28.909924] ? __pfx_kthread+0x10/0x10 [ 28.909947] ret_from_fork+0x116/0x1d0 [ 28.909987] ? __pfx_kthread+0x10/0x10 [ 28.910010] ret_from_fork_asm+0x1a/0x30 [ 28.910042] </TASK> [ 28.910054] [ 28.918272] Allocated by task 313: [ 28.918398] kasan_save_stack+0x45/0x70 [ 28.918792] kasan_save_track+0x18/0x40 [ 28.919204] kasan_save_alloc_info+0x3b/0x50 [ 28.919435] __kasan_kmalloc+0xb7/0xc0 [ 28.919670] __kmalloc_cache_noprof+0x189/0x420 [ 28.919952] kasan_atomics+0x95/0x310 [ 28.920177] kunit_try_run_case+0x1a5/0x480 [ 28.920411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.921027] kthread+0x337/0x6f0 [ 28.921710] ret_from_fork+0x116/0x1d0 [ 28.921920] ret_from_fork_asm+0x1a/0x30 [ 28.922182] [ 28.922302] The buggy address belongs to the object at ffff8881058a7e80 [ 28.922302] which belongs to the cache kmalloc-64 of size 64 [ 28.924243] The buggy address is located 0 bytes to the right of [ 28.924243] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.925773] [ 28.925875] The buggy address belongs to the physical page: [ 28.926061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.926328] flags: 0x200000000000000(node=0|zone=2) [ 28.926843] page_type: f5(slab) [ 28.927243] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.928127] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.928931] page dumped because: kasan: bad access detected [ 28.929327] [ 28.929399] Memory state around the buggy address: [ 28.929843] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.930487] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.930954] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.931202] ^ [ 28.931692] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.932430] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.933108] ================================================================== [ 28.338566] ================================================================== [ 28.339959] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 28.341204] Read of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.341452] [ 28.341897] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.341953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.341967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.342126] Call Trace: [ 28.342145] <TASK> [ 28.342187] dump_stack_lvl+0x73/0xb0 [ 28.342220] print_report+0xd1/0x640 [ 28.342247] ? __virt_addr_valid+0x1db/0x2d0 [ 28.342272] ? kasan_atomics_helper+0x49ce/0x5450 [ 28.342296] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.342323] ? kasan_atomics_helper+0x49ce/0x5450 [ 28.342353] kasan_report+0x141/0x180 [ 28.342377] ? kasan_atomics_helper+0x49ce/0x5450 [ 28.342406] __asan_report_load4_noabort+0x18/0x20 [ 28.342432] kasan_atomics_helper+0x49ce/0x5450 [ 28.342483] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.342508] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.342535] ? kasan_atomics+0x152/0x310 [ 28.342562] kasan_atomics+0x1dc/0x310 [ 28.342587] ? __pfx_kasan_atomics+0x10/0x10 [ 28.342613] ? __pfx_read_tsc+0x10/0x10 [ 28.342636] ? ktime_get_ts64+0x86/0x230 [ 28.342662] kunit_try_run_case+0x1a5/0x480 [ 28.342689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.342714] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.342741] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.342767] ? __kthread_parkme+0x82/0x180 [ 28.342788] ? preempt_count_sub+0x50/0x80 [ 28.342813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.342849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.342874] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.342900] kthread+0x337/0x6f0 [ 28.342921] ? trace_preempt_on+0x20/0xc0 [ 28.342945] ? __pfx_kthread+0x10/0x10 [ 28.342968] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.342993] ? calculate_sigpending+0x7b/0xa0 [ 28.343018] ? __pfx_kthread+0x10/0x10 [ 28.343041] ret_from_fork+0x116/0x1d0 [ 28.343064] ? __pfx_kthread+0x10/0x10 [ 28.343086] ret_from_fork_asm+0x1a/0x30 [ 28.343119] </TASK> [ 28.343132] [ 28.360456] Allocated by task 313: [ 28.361081] kasan_save_stack+0x45/0x70 [ 28.361308] kasan_save_track+0x18/0x40 [ 28.361452] kasan_save_alloc_info+0x3b/0x50 [ 28.361612] __kasan_kmalloc+0xb7/0xc0 [ 28.362313] __kmalloc_cache_noprof+0x189/0x420 [ 28.362916] kasan_atomics+0x95/0x310 [ 28.363418] kunit_try_run_case+0x1a5/0x480 [ 28.364062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.364512] kthread+0x337/0x6f0 [ 28.364649] ret_from_fork+0x116/0x1d0 [ 28.364788] ret_from_fork_asm+0x1a/0x30 [ 28.364946] [ 28.365020] The buggy address belongs to the object at ffff8881058a7e80 [ 28.365020] which belongs to the cache kmalloc-64 of size 64 [ 28.365933] The buggy address is located 0 bytes to the right of [ 28.365933] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.366855] [ 28.366966] The buggy address belongs to the physical page: [ 28.367432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.367923] flags: 0x200000000000000(node=0|zone=2) [ 28.368325] page_type: f5(slab) [ 28.368648] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.369001] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.369748] page dumped because: kasan: bad access detected [ 28.370055] [ 28.370301] Memory state around the buggy address: [ 28.370780] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.371283] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.371927] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.372394] ^ [ 28.373040] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.373756] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.374351] ================================================================== [ 28.751258] ================================================================== [ 28.751673] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 28.752290] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.752823] [ 28.753001] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.753091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.753106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.753129] Call Trace: [ 28.753148] <TASK> [ 28.753165] dump_stack_lvl+0x73/0xb0 [ 28.753195] print_report+0xd1/0x640 [ 28.753220] ? __virt_addr_valid+0x1db/0x2d0 [ 28.753281] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.753307] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.753337] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.753361] kasan_report+0x141/0x180 [ 28.753387] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.753444] kasan_check_range+0x10c/0x1c0 [ 28.753471] __kasan_check_write+0x18/0x20 [ 28.753496] kasan_atomics_helper+0x1c18/0x5450 [ 28.753590] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.753615] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.753681] ? kasan_atomics+0x152/0x310 [ 28.753710] kasan_atomics+0x1dc/0x310 [ 28.753736] ? __pfx_kasan_atomics+0x10/0x10 [ 28.753763] ? __pfx_read_tsc+0x10/0x10 [ 28.753788] ? ktime_get_ts64+0x86/0x230 [ 28.753814] kunit_try_run_case+0x1a5/0x480 [ 28.753886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.753911] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.753939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.753965] ? __kthread_parkme+0x82/0x180 [ 28.753987] ? preempt_count_sub+0x50/0x80 [ 28.754043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.754068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.754094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.754120] kthread+0x337/0x6f0 [ 28.754141] ? trace_preempt_on+0x20/0xc0 [ 28.754178] ? __pfx_kthread+0x10/0x10 [ 28.754228] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.754256] ? calculate_sigpending+0x7b/0xa0 [ 28.754281] ? __pfx_kthread+0x10/0x10 [ 28.754304] ret_from_fork+0x116/0x1d0 [ 28.754326] ? __pfx_kthread+0x10/0x10 [ 28.754349] ret_from_fork_asm+0x1a/0x30 [ 28.754383] </TASK> [ 28.754396] [ 28.766733] Allocated by task 313: [ 28.767091] kasan_save_stack+0x45/0x70 [ 28.767395] kasan_save_track+0x18/0x40 [ 28.767747] kasan_save_alloc_info+0x3b/0x50 [ 28.768145] __kasan_kmalloc+0xb7/0xc0 [ 28.768354] __kmalloc_cache_noprof+0x189/0x420 [ 28.768534] kasan_atomics+0x95/0x310 [ 28.768728] kunit_try_run_case+0x1a5/0x480 [ 28.768960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.769762] kthread+0x337/0x6f0 [ 28.769965] ret_from_fork+0x116/0x1d0 [ 28.770116] ret_from_fork_asm+0x1a/0x30 [ 28.770534] [ 28.770962] The buggy address belongs to the object at ffff8881058a7e80 [ 28.770962] which belongs to the cache kmalloc-64 of size 64 [ 28.771677] The buggy address is located 0 bytes to the right of [ 28.771677] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.772403] [ 28.772851] The buggy address belongs to the physical page: [ 28.773114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.773664] flags: 0x200000000000000(node=0|zone=2) [ 28.774020] page_type: f5(slab) [ 28.774347] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.775007] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.775473] page dumped because: kasan: bad access detected [ 28.775819] [ 28.775909] Memory state around the buggy address: [ 28.776460] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.776961] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.777484] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.777802] ^ [ 28.778021] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.778584] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.778982] ================================================================== [ 28.834632] ================================================================== [ 28.834965] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 28.835283] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.835573] [ 28.835681] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.835732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.835747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.835771] Call Trace: [ 28.835799] <TASK> [ 28.835815] dump_stack_lvl+0x73/0xb0 [ 28.835858] print_report+0xd1/0x640 [ 28.835886] ? __virt_addr_valid+0x1db/0x2d0 [ 28.835913] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.835936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.835963] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.835988] kasan_report+0x141/0x180 [ 28.836013] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.836043] kasan_check_range+0x10c/0x1c0 [ 28.836071] __kasan_check_write+0x18/0x20 [ 28.836103] kasan_atomics_helper+0x1d7a/0x5450 [ 28.836137] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.836171] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.836197] ? kasan_atomics+0x152/0x310 [ 28.836225] kasan_atomics+0x1dc/0x310 [ 28.836251] ? __pfx_kasan_atomics+0x10/0x10 [ 28.836277] ? __pfx_read_tsc+0x10/0x10 [ 28.836300] ? ktime_get_ts64+0x86/0x230 [ 28.836326] kunit_try_run_case+0x1a5/0x480 [ 28.836353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.836380] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.836408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.836435] ? __kthread_parkme+0x82/0x180 [ 28.836456] ? preempt_count_sub+0x50/0x80 [ 28.836487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.836512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.836540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.836565] kthread+0x337/0x6f0 [ 28.836587] ? trace_preempt_on+0x20/0xc0 [ 28.836612] ? __pfx_kthread+0x10/0x10 [ 28.836634] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.836659] ? calculate_sigpending+0x7b/0xa0 [ 28.836683] ? __pfx_kthread+0x10/0x10 [ 28.836706] ret_from_fork+0x116/0x1d0 [ 28.836727] ? __pfx_kthread+0x10/0x10 [ 28.836749] ret_from_fork_asm+0x1a/0x30 [ 28.836781] </TASK> [ 28.836793] [ 28.847426] Allocated by task 313: [ 28.847745] kasan_save_stack+0x45/0x70 [ 28.848138] kasan_save_track+0x18/0x40 [ 28.848655] kasan_save_alloc_info+0x3b/0x50 [ 28.848913] __kasan_kmalloc+0xb7/0xc0 [ 28.849093] __kmalloc_cache_noprof+0x189/0x420 [ 28.849553] kasan_atomics+0x95/0x310 [ 28.849917] kunit_try_run_case+0x1a5/0x480 [ 28.850129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.850354] kthread+0x337/0x6f0 [ 28.850749] ret_from_fork+0x116/0x1d0 [ 28.851102] ret_from_fork_asm+0x1a/0x30 [ 28.851448] [ 28.851608] The buggy address belongs to the object at ffff8881058a7e80 [ 28.851608] which belongs to the cache kmalloc-64 of size 64 [ 28.852070] The buggy address is located 0 bytes to the right of [ 28.852070] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.853133] [ 28.853481] The buggy address belongs to the physical page: [ 28.853891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.854369] flags: 0x200000000000000(node=0|zone=2) [ 28.854819] page_type: f5(slab) [ 28.855232] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.855916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.856395] page dumped because: kasan: bad access detected [ 28.856851] [ 28.857112] Memory state around the buggy address: [ 28.857344] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.857867] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.858157] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.858431] ^ [ 28.858940] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.859425] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.859883] ================================================================== [ 27.596748] ================================================================== [ 27.597107] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 27.597666] Read of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.598030] [ 27.598142] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.598192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.598206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.598230] Call Trace: [ 27.598248] <TASK> [ 27.598263] dump_stack_lvl+0x73/0xb0 [ 27.598291] print_report+0xd1/0x640 [ 27.598316] ? __virt_addr_valid+0x1db/0x2d0 [ 27.598341] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.598363] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.598391] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.598414] kasan_report+0x141/0x180 [ 27.598438] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.598466] __asan_report_load4_noabort+0x18/0x20 [ 27.598491] kasan_atomics_helper+0x4b54/0x5450 [ 27.598517] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.598540] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.598565] ? kasan_atomics+0x152/0x310 [ 27.598593] kasan_atomics+0x1dc/0x310 [ 27.598618] ? __pfx_kasan_atomics+0x10/0x10 [ 27.598643] ? __pfx_read_tsc+0x10/0x10 [ 27.598667] ? ktime_get_ts64+0x86/0x230 [ 27.598693] kunit_try_run_case+0x1a5/0x480 [ 27.598720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.598744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.598771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.598798] ? __kthread_parkme+0x82/0x180 [ 27.598820] ? preempt_count_sub+0x50/0x80 [ 27.598856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.598883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.598909] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.598935] kthread+0x337/0x6f0 [ 27.598956] ? trace_preempt_on+0x20/0xc0 [ 27.598982] ? __pfx_kthread+0x10/0x10 [ 27.599004] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.599030] ? calculate_sigpending+0x7b/0xa0 [ 27.599056] ? __pfx_kthread+0x10/0x10 [ 27.599079] ret_from_fork+0x116/0x1d0 [ 27.599100] ? __pfx_kthread+0x10/0x10 [ 27.599123] ret_from_fork_asm+0x1a/0x30 [ 27.599156] </TASK> [ 27.599168] [ 27.609195] Allocated by task 313: [ 27.609531] kasan_save_stack+0x45/0x70 [ 27.609762] kasan_save_track+0x18/0x40 [ 27.609997] kasan_save_alloc_info+0x3b/0x50 [ 27.610213] __kasan_kmalloc+0xb7/0xc0 [ 27.610507] __kmalloc_cache_noprof+0x189/0x420 [ 27.610769] kasan_atomics+0x95/0x310 [ 27.610985] kunit_try_run_case+0x1a5/0x480 [ 27.611244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.611549] kthread+0x337/0x6f0 [ 27.611816] ret_from_fork+0x116/0x1d0 [ 27.612014] ret_from_fork_asm+0x1a/0x30 [ 27.612164] [ 27.612237] The buggy address belongs to the object at ffff8881058a7e80 [ 27.612237] which belongs to the cache kmalloc-64 of size 64 [ 27.612820] The buggy address is located 0 bytes to the right of [ 27.612820] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.613294] [ 27.613394] The buggy address belongs to the physical page: [ 27.613861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.614292] flags: 0x200000000000000(node=0|zone=2) [ 27.614547] page_type: f5(slab) [ 27.614750] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.615079] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.615374] page dumped because: kasan: bad access detected [ 27.615713] [ 27.615810] Memory state around the buggy address: [ 27.616010] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.616302] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.616698] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.617003] ^ [ 27.617251] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.617637] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.617966] ================================================================== [ 28.446550] ================================================================== [ 28.447251] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 28.447909] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.448770] [ 28.448995] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.449048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.449073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.449097] Call Trace: [ 28.449114] <TASK> [ 28.449152] dump_stack_lvl+0x73/0xb0 [ 28.449184] print_report+0xd1/0x640 [ 28.449210] ? __virt_addr_valid+0x1db/0x2d0 [ 28.449238] ? kasan_atomics_helper+0x50d4/0x5450 [ 28.449263] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.449291] ? kasan_atomics_helper+0x50d4/0x5450 [ 28.449314] kasan_report+0x141/0x180 [ 28.449339] ? kasan_atomics_helper+0x50d4/0x5450 [ 28.449367] __asan_report_store8_noabort+0x1b/0x30 [ 28.449395] kasan_atomics_helper+0x50d4/0x5450 [ 28.449429] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.449453] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.449479] ? kasan_atomics+0x152/0x310 [ 28.449518] kasan_atomics+0x1dc/0x310 [ 28.449542] ? __pfx_kasan_atomics+0x10/0x10 [ 28.449583] ? __pfx_read_tsc+0x10/0x10 [ 28.449606] ? ktime_get_ts64+0x86/0x230 [ 28.449633] kunit_try_run_case+0x1a5/0x480 [ 28.449659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.449685] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.449712] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.449740] ? __kthread_parkme+0x82/0x180 [ 28.449762] ? preempt_count_sub+0x50/0x80 [ 28.449788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.449814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.449850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.449876] kthread+0x337/0x6f0 [ 28.449898] ? trace_preempt_on+0x20/0xc0 [ 28.449924] ? __pfx_kthread+0x10/0x10 [ 28.449946] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.449971] ? calculate_sigpending+0x7b/0xa0 [ 28.449997] ? __pfx_kthread+0x10/0x10 [ 28.450020] ret_from_fork+0x116/0x1d0 [ 28.450041] ? __pfx_kthread+0x10/0x10 [ 28.450063] ret_from_fork_asm+0x1a/0x30 [ 28.450096] </TASK> [ 28.450108] [ 28.464501] Allocated by task 313: [ 28.464749] kasan_save_stack+0x45/0x70 [ 28.465045] kasan_save_track+0x18/0x40 [ 28.465477] kasan_save_alloc_info+0x3b/0x50 [ 28.465959] __kasan_kmalloc+0xb7/0xc0 [ 28.466342] __kmalloc_cache_noprof+0x189/0x420 [ 28.466775] kasan_atomics+0x95/0x310 [ 28.467112] kunit_try_run_case+0x1a5/0x480 [ 28.467418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.467764] kthread+0x337/0x6f0 [ 28.468183] ret_from_fork+0x116/0x1d0 [ 28.468408] ret_from_fork_asm+0x1a/0x30 [ 28.468552] [ 28.468622] The buggy address belongs to the object at ffff8881058a7e80 [ 28.468622] which belongs to the cache kmalloc-64 of size 64 [ 28.469055] The buggy address is located 0 bytes to the right of [ 28.469055] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.469730] [ 28.469802] The buggy address belongs to the physical page: [ 28.470067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.470385] flags: 0x200000000000000(node=0|zone=2) [ 28.470718] page_type: f5(slab) [ 28.470905] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.471196] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.471899] page dumped because: kasan: bad access detected [ 28.472074] [ 28.472141] Memory state around the buggy address: [ 28.472345] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.473317] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.474050] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.474557] ^ [ 28.475046] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.475558] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.475862] ================================================================== [ 28.293211] ================================================================== [ 28.293848] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 28.294518] Read of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.294823] [ 28.294948] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.294999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.295014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.295037] Call Trace: [ 28.295053] <TASK> [ 28.295070] dump_stack_lvl+0x73/0xb0 [ 28.295100] print_report+0xd1/0x640 [ 28.295124] ? __virt_addr_valid+0x1db/0x2d0 [ 28.295150] ? kasan_atomics_helper+0x49e8/0x5450 [ 28.295173] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.295200] ? kasan_atomics_helper+0x49e8/0x5450 [ 28.295225] kasan_report+0x141/0x180 [ 28.295250] ? kasan_atomics_helper+0x49e8/0x5450 [ 28.295278] __asan_report_load4_noabort+0x18/0x20 [ 28.295337] kasan_atomics_helper+0x49e8/0x5450 [ 28.295361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.295385] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.295411] ? kasan_atomics+0x152/0x310 [ 28.295439] kasan_atomics+0x1dc/0x310 [ 28.295463] ? __pfx_kasan_atomics+0x10/0x10 [ 28.295489] ? __pfx_read_tsc+0x10/0x10 [ 28.295512] ? ktime_get_ts64+0x86/0x230 [ 28.295552] kunit_try_run_case+0x1a5/0x480 [ 28.295581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.295605] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.295632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.295660] ? __kthread_parkme+0x82/0x180 [ 28.295682] ? preempt_count_sub+0x50/0x80 [ 28.295706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.295733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.295759] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.295785] kthread+0x337/0x6f0 [ 28.295807] ? trace_preempt_on+0x20/0xc0 [ 28.295845] ? __pfx_kthread+0x10/0x10 [ 28.295869] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.295896] ? calculate_sigpending+0x7b/0xa0 [ 28.295922] ? __pfx_kthread+0x10/0x10 [ 28.295946] ret_from_fork+0x116/0x1d0 [ 28.295969] ? __pfx_kthread+0x10/0x10 [ 28.295993] ret_from_fork_asm+0x1a/0x30 [ 28.296027] </TASK> [ 28.296040] [ 28.304712] Allocated by task 313: [ 28.304854] kasan_save_stack+0x45/0x70 [ 28.305002] kasan_save_track+0x18/0x40 [ 28.305302] kasan_save_alloc_info+0x3b/0x50 [ 28.305524] __kasan_kmalloc+0xb7/0xc0 [ 28.305710] __kmalloc_cache_noprof+0x189/0x420 [ 28.306042] kasan_atomics+0x95/0x310 [ 28.306226] kunit_try_run_case+0x1a5/0x480 [ 28.306430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.306654] kthread+0x337/0x6f0 [ 28.306775] ret_from_fork+0x116/0x1d0 [ 28.306916] ret_from_fork_asm+0x1a/0x30 [ 28.307053] [ 28.307124] The buggy address belongs to the object at ffff8881058a7e80 [ 28.307124] which belongs to the cache kmalloc-64 of size 64 [ 28.307634] The buggy address is located 0 bytes to the right of [ 28.307634] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.308240] [ 28.308334] The buggy address belongs to the physical page: [ 28.308701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.308960] flags: 0x200000000000000(node=0|zone=2) [ 28.309121] page_type: f5(slab) [ 28.309237] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.309602] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.310328] page dumped because: kasan: bad access detected [ 28.310649] [ 28.310722] Memory state around the buggy address: [ 28.310956] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.311179] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.311397] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.311660] ^ [ 28.312112] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.312786] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.313115] ================================================================== [ 27.500197] ================================================================== [ 27.500779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 27.501095] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.501375] [ 27.501482] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.501600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.501700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.501722] Call Trace: [ 27.501735] <TASK> [ 27.501749] dump_stack_lvl+0x73/0xb0 [ 27.501778] print_report+0xd1/0x640 [ 27.501802] ? __virt_addr_valid+0x1db/0x2d0 [ 27.501826] ? kasan_atomics_helper+0x4ba2/0x5450 [ 27.501859] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.501886] ? kasan_atomics_helper+0x4ba2/0x5450 [ 27.501908] kasan_report+0x141/0x180 [ 27.501932] ? kasan_atomics_helper+0x4ba2/0x5450 [ 27.501959] __asan_report_store4_noabort+0x1b/0x30 [ 27.501986] kasan_atomics_helper+0x4ba2/0x5450 [ 27.502010] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.502032] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.502057] ? kasan_atomics+0x152/0x310 [ 27.502084] kasan_atomics+0x1dc/0x310 [ 27.502107] ? __pfx_kasan_atomics+0x10/0x10 [ 27.502131] ? __pfx_read_tsc+0x10/0x10 [ 27.502154] ? ktime_get_ts64+0x86/0x230 [ 27.502227] kunit_try_run_case+0x1a5/0x480 [ 27.502254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.502278] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.502304] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.502330] ? __kthread_parkme+0x82/0x180 [ 27.502350] ? preempt_count_sub+0x50/0x80 [ 27.502373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.502397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.502421] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.502447] kthread+0x337/0x6f0 [ 27.502507] ? trace_preempt_on+0x20/0xc0 [ 27.502532] ? __pfx_kthread+0x10/0x10 [ 27.502553] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.502578] ? calculate_sigpending+0x7b/0xa0 [ 27.502602] ? __pfx_kthread+0x10/0x10 [ 27.502624] ret_from_fork+0x116/0x1d0 [ 27.502645] ? __pfx_kthread+0x10/0x10 [ 27.502665] ret_from_fork_asm+0x1a/0x30 [ 27.502697] </TASK> [ 27.502709] [ 27.513689] Allocated by task 313: [ 27.513844] kasan_save_stack+0x45/0x70 [ 27.514324] kasan_save_track+0x18/0x40 [ 27.514921] kasan_save_alloc_info+0x3b/0x50 [ 27.515140] __kasan_kmalloc+0xb7/0xc0 [ 27.515294] __kmalloc_cache_noprof+0x189/0x420 [ 27.515760] kasan_atomics+0x95/0x310 [ 27.516048] kunit_try_run_case+0x1a5/0x480 [ 27.516356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.516555] kthread+0x337/0x6f0 [ 27.516926] ret_from_fork+0x116/0x1d0 [ 27.517284] ret_from_fork_asm+0x1a/0x30 [ 27.517632] [ 27.517866] The buggy address belongs to the object at ffff8881058a7e80 [ 27.517866] which belongs to the cache kmalloc-64 of size 64 [ 27.518612] The buggy address is located 0 bytes to the right of [ 27.518612] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.519314] [ 27.519404] The buggy address belongs to the physical page: [ 27.519779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.520273] flags: 0x200000000000000(node=0|zone=2) [ 27.520512] page_type: f5(slab) [ 27.520668] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.521043] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.521760] page dumped because: kasan: bad access detected [ 27.522175] [ 27.522366] Memory state around the buggy address: [ 27.522803] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.523236] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.523736] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.524140] ^ [ 27.524441] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.524980] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.525451] ================================================================== [ 28.536616] ================================================================== [ 28.536894] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 28.537501] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.537754] [ 28.537856] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.537905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.537920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.537942] Call Trace: [ 28.537959] <TASK> [ 28.537976] dump_stack_lvl+0x73/0xb0 [ 28.538006] print_report+0xd1/0x640 [ 28.538032] ? __virt_addr_valid+0x1db/0x2d0 [ 28.538058] ? kasan_atomics_helper+0x16e7/0x5450 [ 28.538082] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.538110] ? kasan_atomics_helper+0x16e7/0x5450 [ 28.538134] kasan_report+0x141/0x180 [ 28.538158] ? kasan_atomics_helper+0x16e7/0x5450 [ 28.538197] kasan_check_range+0x10c/0x1c0 [ 28.538223] __kasan_check_write+0x18/0x20 [ 28.538249] kasan_atomics_helper+0x16e7/0x5450 [ 28.538274] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.538298] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.538325] ? kasan_atomics+0x152/0x310 [ 28.538353] kasan_atomics+0x1dc/0x310 [ 28.538378] ? __pfx_kasan_atomics+0x10/0x10 [ 28.538404] ? __pfx_read_tsc+0x10/0x10 [ 28.538427] ? ktime_get_ts64+0x86/0x230 [ 28.538453] kunit_try_run_case+0x1a5/0x480 [ 28.538525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.538550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.538578] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.538605] ? __kthread_parkme+0x82/0x180 [ 28.538627] ? preempt_count_sub+0x50/0x80 [ 28.538653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.538679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.538705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.538731] kthread+0x337/0x6f0 [ 28.538753] ? trace_preempt_on+0x20/0xc0 [ 28.538778] ? __pfx_kthread+0x10/0x10 [ 28.538801] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.538827] ? calculate_sigpending+0x7b/0xa0 [ 28.538865] ? __pfx_kthread+0x10/0x10 [ 28.538889] ret_from_fork+0x116/0x1d0 [ 28.538910] ? __pfx_kthread+0x10/0x10 [ 28.538933] ret_from_fork_asm+0x1a/0x30 [ 28.538966] </TASK> [ 28.538979] [ 28.547441] Allocated by task 313: [ 28.547627] kasan_save_stack+0x45/0x70 [ 28.547779] kasan_save_track+0x18/0x40 [ 28.547931] kasan_save_alloc_info+0x3b/0x50 [ 28.548084] __kasan_kmalloc+0xb7/0xc0 [ 28.548249] __kmalloc_cache_noprof+0x189/0x420 [ 28.548624] kasan_atomics+0x95/0x310 [ 28.548820] kunit_try_run_case+0x1a5/0x480 [ 28.549044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.549296] kthread+0x337/0x6f0 [ 28.549504] ret_from_fork+0x116/0x1d0 [ 28.549649] ret_from_fork_asm+0x1a/0x30 [ 28.549848] [ 28.549944] The buggy address belongs to the object at ffff8881058a7e80 [ 28.549944] which belongs to the cache kmalloc-64 of size 64 [ 28.550451] The buggy address is located 0 bytes to the right of [ 28.550451] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.551005] [ 28.551100] The buggy address belongs to the physical page: [ 28.551404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.551963] flags: 0x200000000000000(node=0|zone=2) [ 28.552240] page_type: f5(slab) [ 28.552402] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.552723] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.552977] page dumped because: kasan: bad access detected [ 28.553158] [ 28.553226] Memory state around the buggy address: [ 28.553386] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.553791] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.554139] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.554454] ^ [ 28.554679] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.555051] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.555582] ================================================================== [ 27.945286] ================================================================== [ 27.945760] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 27.946024] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.946403] [ 27.946566] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.946632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.946647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.946682] Call Trace: [ 27.946701] <TASK> [ 27.946717] dump_stack_lvl+0x73/0xb0 [ 27.946747] print_report+0xd1/0x640 [ 27.946772] ? __virt_addr_valid+0x1db/0x2d0 [ 27.946798] ? kasan_atomics_helper+0xc70/0x5450 [ 27.946820] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.946860] ? kasan_atomics_helper+0xc70/0x5450 [ 27.946883] kasan_report+0x141/0x180 [ 27.946908] ? kasan_atomics_helper+0xc70/0x5450 [ 27.946945] kasan_check_range+0x10c/0x1c0 [ 27.946971] __kasan_check_write+0x18/0x20 [ 27.947007] kasan_atomics_helper+0xc70/0x5450 [ 27.947041] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.947065] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.947091] ? kasan_atomics+0x152/0x310 [ 27.947130] kasan_atomics+0x1dc/0x310 [ 27.947155] ? __pfx_kasan_atomics+0x10/0x10 [ 27.947181] ? __pfx_read_tsc+0x10/0x10 [ 27.947204] ? ktime_get_ts64+0x86/0x230 [ 27.947231] kunit_try_run_case+0x1a5/0x480 [ 27.947258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.947282] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.947318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.947345] ? __kthread_parkme+0x82/0x180 [ 27.947377] ? preempt_count_sub+0x50/0x80 [ 27.947403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.947429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.947455] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.947480] kthread+0x337/0x6f0 [ 27.947502] ? trace_preempt_on+0x20/0xc0 [ 27.947528] ? __pfx_kthread+0x10/0x10 [ 27.947551] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.947576] ? calculate_sigpending+0x7b/0xa0 [ 27.947602] ? __pfx_kthread+0x10/0x10 [ 27.947669] ret_from_fork+0x116/0x1d0 [ 27.947691] ? __pfx_kthread+0x10/0x10 [ 27.947732] ret_from_fork_asm+0x1a/0x30 [ 27.947765] </TASK> [ 27.947777] [ 27.959587] Allocated by task 313: [ 27.959809] kasan_save_stack+0x45/0x70 [ 27.960082] kasan_save_track+0x18/0x40 [ 27.960796] kasan_save_alloc_info+0x3b/0x50 [ 27.961678] __kasan_kmalloc+0xb7/0xc0 [ 27.961985] __kmalloc_cache_noprof+0x189/0x420 [ 27.962151] kasan_atomics+0x95/0x310 [ 27.962283] kunit_try_run_case+0x1a5/0x480 [ 27.962445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.963316] kthread+0x337/0x6f0 [ 27.963484] ret_from_fork+0x116/0x1d0 [ 27.963807] ret_from_fork_asm+0x1a/0x30 [ 27.964178] [ 27.964343] The buggy address belongs to the object at ffff8881058a7e80 [ 27.964343] which belongs to the cache kmalloc-64 of size 64 [ 27.964997] The buggy address is located 0 bytes to the right of [ 27.964997] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.965876] [ 27.966080] The buggy address belongs to the physical page: [ 27.966613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.967657] flags: 0x200000000000000(node=0|zone=2) [ 27.968325] page_type: f5(slab) [ 27.968643] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.968907] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.969139] page dumped because: kasan: bad access detected [ 27.969610] [ 27.969811] Memory state around the buggy address: [ 27.970285] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.971007] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.971642] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.972331] ^ [ 27.972963] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.973364] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.973957] ================================================================== [ 28.617326] ================================================================== [ 28.618494] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 28.618983] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.619779] [ 28.620022] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.620192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.620215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.620240] Call Trace: [ 28.620259] <TASK> [ 28.620277] dump_stack_lvl+0x73/0xb0 [ 28.620308] print_report+0xd1/0x640 [ 28.620333] ? __virt_addr_valid+0x1db/0x2d0 [ 28.620397] ? kasan_atomics_helper+0x18b1/0x5450 [ 28.620420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.620448] ? kasan_atomics_helper+0x18b1/0x5450 [ 28.620472] kasan_report+0x141/0x180 [ 28.620497] ? kasan_atomics_helper+0x18b1/0x5450 [ 28.620524] kasan_check_range+0x10c/0x1c0 [ 28.620552] __kasan_check_write+0x18/0x20 [ 28.620576] kasan_atomics_helper+0x18b1/0x5450 [ 28.620601] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.620625] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.620651] ? kasan_atomics+0x152/0x310 [ 28.620695] kasan_atomics+0x1dc/0x310 [ 28.620719] ? __pfx_kasan_atomics+0x10/0x10 [ 28.620745] ? __pfx_read_tsc+0x10/0x10 [ 28.620768] ? ktime_get_ts64+0x86/0x230 [ 28.620794] kunit_try_run_case+0x1a5/0x480 [ 28.620820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.620855] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.620889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.620915] ? __kthread_parkme+0x82/0x180 [ 28.620938] ? preempt_count_sub+0x50/0x80 [ 28.620963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.620990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.621015] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.621040] kthread+0x337/0x6f0 [ 28.621062] ? trace_preempt_on+0x20/0xc0 [ 28.621087] ? __pfx_kthread+0x10/0x10 [ 28.621109] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.621134] ? calculate_sigpending+0x7b/0xa0 [ 28.621167] ? __pfx_kthread+0x10/0x10 [ 28.621190] ret_from_fork+0x116/0x1d0 [ 28.621211] ? __pfx_kthread+0x10/0x10 [ 28.621233] ret_from_fork_asm+0x1a/0x30 [ 28.621266] </TASK> [ 28.621278] [ 28.634350] Allocated by task 313: [ 28.634744] kasan_save_stack+0x45/0x70 [ 28.634949] kasan_save_track+0x18/0x40 [ 28.635541] kasan_save_alloc_info+0x3b/0x50 [ 28.635805] __kasan_kmalloc+0xb7/0xc0 [ 28.636176] __kmalloc_cache_noprof+0x189/0x420 [ 28.636584] kasan_atomics+0x95/0x310 [ 28.636985] kunit_try_run_case+0x1a5/0x480 [ 28.637175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.637391] kthread+0x337/0x6f0 [ 28.637539] ret_from_fork+0x116/0x1d0 [ 28.637798] ret_from_fork_asm+0x1a/0x30 [ 28.638015] [ 28.638134] The buggy address belongs to the object at ffff8881058a7e80 [ 28.638134] which belongs to the cache kmalloc-64 of size 64 [ 28.638737] The buggy address is located 0 bytes to the right of [ 28.638737] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.639288] [ 28.639586] The buggy address belongs to the physical page: [ 28.639874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.640248] flags: 0x200000000000000(node=0|zone=2) [ 28.641045] page_type: f5(slab) [ 28.641187] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.641480] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.641936] page dumped because: kasan: bad access detected [ 28.642332] [ 28.642442] Memory state around the buggy address: [ 28.642746] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.643611] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.644052] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.644599] ^ [ 28.644804] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.645125] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.645665] ================================================================== [ 28.646393] ================================================================== [ 28.647134] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 28.647602] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.647967] [ 28.648089] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.648141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.648156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.648179] Call Trace: [ 28.648196] <TASK> [ 28.648211] dump_stack_lvl+0x73/0xb0 [ 28.648241] print_report+0xd1/0x640 [ 28.648265] ? __virt_addr_valid+0x1db/0x2d0 [ 28.648290] ? kasan_atomics_helper+0x194a/0x5450 [ 28.648315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.648345] ? kasan_atomics_helper+0x194a/0x5450 [ 28.648370] kasan_report+0x141/0x180 [ 28.648394] ? kasan_atomics_helper+0x194a/0x5450 [ 28.648423] kasan_check_range+0x10c/0x1c0 [ 28.648448] __kasan_check_write+0x18/0x20 [ 28.648666] kasan_atomics_helper+0x194a/0x5450 [ 28.648692] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.648716] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.648742] ? kasan_atomics+0x152/0x310 [ 28.648770] kasan_atomics+0x1dc/0x310 [ 28.648795] ? __pfx_kasan_atomics+0x10/0x10 [ 28.648821] ? __pfx_read_tsc+0x10/0x10 [ 28.648857] ? ktime_get_ts64+0x86/0x230 [ 28.648887] kunit_try_run_case+0x1a5/0x480 [ 28.648915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.648939] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.648966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.648993] ? __kthread_parkme+0x82/0x180 [ 28.649015] ? preempt_count_sub+0x50/0x80 [ 28.649039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.649067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.649095] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.649121] kthread+0x337/0x6f0 [ 28.649142] ? trace_preempt_on+0x20/0xc0 [ 28.649176] ? __pfx_kthread+0x10/0x10 [ 28.649198] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.649224] ? calculate_sigpending+0x7b/0xa0 [ 28.649248] ? __pfx_kthread+0x10/0x10 [ 28.649272] ret_from_fork+0x116/0x1d0 [ 28.649293] ? __pfx_kthread+0x10/0x10 [ 28.649316] ret_from_fork_asm+0x1a/0x30 [ 28.649349] </TASK> [ 28.649362] [ 28.659963] Allocated by task 313: [ 28.660131] kasan_save_stack+0x45/0x70 [ 28.660281] kasan_save_track+0x18/0x40 [ 28.660785] kasan_save_alloc_info+0x3b/0x50 [ 28.661123] __kasan_kmalloc+0xb7/0xc0 [ 28.661292] __kmalloc_cache_noprof+0x189/0x420 [ 28.661789] kasan_atomics+0x95/0x310 [ 28.661975] kunit_try_run_case+0x1a5/0x480 [ 28.662181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.662622] kthread+0x337/0x6f0 [ 28.662755] ret_from_fork+0x116/0x1d0 [ 28.662960] ret_from_fork_asm+0x1a/0x30 [ 28.663136] [ 28.663228] The buggy address belongs to the object at ffff8881058a7e80 [ 28.663228] which belongs to the cache kmalloc-64 of size 64 [ 28.664066] The buggy address is located 0 bytes to the right of [ 28.664066] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.664898] [ 28.664983] The buggy address belongs to the physical page: [ 28.665234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.665798] flags: 0x200000000000000(node=0|zone=2) [ 28.665996] page_type: f5(slab) [ 28.666169] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.666788] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.667091] page dumped because: kasan: bad access detected [ 28.667322] [ 28.667444] Memory state around the buggy address: [ 28.667824] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.668126] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.668736] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.669133] ^ [ 28.669325] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.669749] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.670247] ================================================================== [ 29.019624] ================================================================== [ 29.020187] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 29.020700] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 29.021252] [ 29.021488] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 29.021647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.021666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.021689] Call Trace: [ 29.021709] <TASK> [ 29.021726] dump_stack_lvl+0x73/0xb0 [ 29.021758] print_report+0xd1/0x640 [ 29.021783] ? __virt_addr_valid+0x1db/0x2d0 [ 29.021809] ? kasan_atomics_helper+0x20c8/0x5450 [ 29.021847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.021877] ? kasan_atomics_helper+0x20c8/0x5450 [ 29.021902] kasan_report+0x141/0x180 [ 29.021927] ? kasan_atomics_helper+0x20c8/0x5450 [ 29.021955] kasan_check_range+0x10c/0x1c0 [ 29.021981] __kasan_check_write+0x18/0x20 [ 29.022006] kasan_atomics_helper+0x20c8/0x5450 [ 29.022031] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.022055] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.022081] ? kasan_atomics+0x152/0x310 [ 29.022109] kasan_atomics+0x1dc/0x310 [ 29.022133] ? __pfx_kasan_atomics+0x10/0x10 [ 29.022160] ? __pfx_read_tsc+0x10/0x10 [ 29.022185] ? ktime_get_ts64+0x86/0x230 [ 29.022212] kunit_try_run_case+0x1a5/0x480 [ 29.022239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.022263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.022291] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.022319] ? __kthread_parkme+0x82/0x180 [ 29.022341] ? preempt_count_sub+0x50/0x80 [ 29.022365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.022391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.022416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.022442] kthread+0x337/0x6f0 [ 29.022464] ? trace_preempt_on+0x20/0xc0 [ 29.022489] ? __pfx_kthread+0x10/0x10 [ 29.022511] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.022536] ? calculate_sigpending+0x7b/0xa0 [ 29.022561] ? __pfx_kthread+0x10/0x10 [ 29.022584] ret_from_fork+0x116/0x1d0 [ 29.022605] ? __pfx_kthread+0x10/0x10 [ 29.022628] ret_from_fork_asm+0x1a/0x30 [ 29.022661] </TASK> [ 29.022673] [ 29.034273] Allocated by task 313: [ 29.034804] kasan_save_stack+0x45/0x70 [ 29.034994] kasan_save_track+0x18/0x40 [ 29.035193] kasan_save_alloc_info+0x3b/0x50 [ 29.035667] __kasan_kmalloc+0xb7/0xc0 [ 29.035954] __kmalloc_cache_noprof+0x189/0x420 [ 29.036401] kasan_atomics+0x95/0x310 [ 29.036575] kunit_try_run_case+0x1a5/0x480 [ 29.036988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.037380] kthread+0x337/0x6f0 [ 29.037624] ret_from_fork+0x116/0x1d0 [ 29.038044] ret_from_fork_asm+0x1a/0x30 [ 29.038266] [ 29.038590] The buggy address belongs to the object at ffff8881058a7e80 [ 29.038590] which belongs to the cache kmalloc-64 of size 64 [ 29.039212] The buggy address is located 0 bytes to the right of [ 29.039212] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 29.040113] [ 29.040301] The buggy address belongs to the physical page: [ 29.040711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 29.041344] flags: 0x200000000000000(node=0|zone=2) [ 29.041717] page_type: f5(slab) [ 29.041886] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.042532] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.043195] page dumped because: kasan: bad access detected [ 29.043412] [ 29.043674] Memory state around the buggy address: [ 29.043960] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.044311] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.044759] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.045077] ^ [ 29.045467] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.045855] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.046183] ================================================================== [ 29.067846] ================================================================== [ 29.068427] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 29.069035] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 29.069430] [ 29.069634] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 29.069686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.069701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.069724] Call Trace: [ 29.069740] <TASK> [ 29.069755] dump_stack_lvl+0x73/0xb0 [ 29.069784] print_report+0xd1/0x640 [ 29.069857] ? __virt_addr_valid+0x1db/0x2d0 [ 29.069883] ? kasan_atomics_helper+0x218a/0x5450 [ 29.069906] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.069934] ? kasan_atomics_helper+0x218a/0x5450 [ 29.069958] kasan_report+0x141/0x180 [ 29.069983] ? kasan_atomics_helper+0x218a/0x5450 [ 29.070011] kasan_check_range+0x10c/0x1c0 [ 29.070038] __kasan_check_write+0x18/0x20 [ 29.070064] kasan_atomics_helper+0x218a/0x5450 [ 29.070089] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.070113] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.070139] ? kasan_atomics+0x152/0x310 [ 29.070186] kasan_atomics+0x1dc/0x310 [ 29.070211] ? __pfx_kasan_atomics+0x10/0x10 [ 29.070238] ? __pfx_read_tsc+0x10/0x10 [ 29.070261] ? ktime_get_ts64+0x86/0x230 [ 29.070288] kunit_try_run_case+0x1a5/0x480 [ 29.070315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.070374] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.070402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.070429] ? __kthread_parkme+0x82/0x180 [ 29.070472] ? preempt_count_sub+0x50/0x80 [ 29.070508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.070566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.070594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.070620] kthread+0x337/0x6f0 [ 29.070641] ? trace_preempt_on+0x20/0xc0 [ 29.070667] ? __pfx_kthread+0x10/0x10 [ 29.070689] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.070715] ? calculate_sigpending+0x7b/0xa0 [ 29.070771] ? __pfx_kthread+0x10/0x10 [ 29.070795] ret_from_fork+0x116/0x1d0 [ 29.070817] ? __pfx_kthread+0x10/0x10 [ 29.070849] ret_from_fork_asm+0x1a/0x30 [ 29.070912] </TASK> [ 29.070925] [ 29.078906] Allocated by task 313: [ 29.079155] kasan_save_stack+0x45/0x70 [ 29.079518] kasan_save_track+0x18/0x40 [ 29.079709] kasan_save_alloc_info+0x3b/0x50 [ 29.079976] __kasan_kmalloc+0xb7/0xc0 [ 29.080107] __kmalloc_cache_noprof+0x189/0x420 [ 29.080257] kasan_atomics+0x95/0x310 [ 29.080383] kunit_try_run_case+0x1a5/0x480 [ 29.080524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.080693] kthread+0x337/0x6f0 [ 29.080808] ret_from_fork+0x116/0x1d0 [ 29.081232] ret_from_fork_asm+0x1a/0x30 [ 29.081447] [ 29.081541] The buggy address belongs to the object at ffff8881058a7e80 [ 29.081541] which belongs to the cache kmalloc-64 of size 64 [ 29.082081] The buggy address is located 0 bytes to the right of [ 29.082081] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 29.082884] [ 29.083053] The buggy address belongs to the physical page: [ 29.083669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 29.084046] flags: 0x200000000000000(node=0|zone=2) [ 29.084318] page_type: f5(slab) [ 29.084583] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.084856] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.085083] page dumped because: kasan: bad access detected [ 29.085263] [ 29.085359] Memory state around the buggy address: [ 29.085661] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.086023] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.086431] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.086930] ^ [ 29.087089] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.089006] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.089779] ================================================================== [ 27.735964] ================================================================== [ 27.736349] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 27.737109] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.737788] [ 27.737912] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.737967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.737984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.738007] Call Trace: [ 27.738025] <TASK> [ 27.738040] dump_stack_lvl+0x73/0xb0 [ 27.738071] print_report+0xd1/0x640 [ 27.738096] ? __virt_addr_valid+0x1db/0x2d0 [ 27.738122] ? kasan_atomics_helper+0x72f/0x5450 [ 27.738145] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.738310] ? kasan_atomics_helper+0x72f/0x5450 [ 27.738340] kasan_report+0x141/0x180 [ 27.738365] ? kasan_atomics_helper+0x72f/0x5450 [ 27.738393] kasan_check_range+0x10c/0x1c0 [ 27.738419] __kasan_check_write+0x18/0x20 [ 27.738444] kasan_atomics_helper+0x72f/0x5450 [ 27.738520] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.738545] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.738572] ? kasan_atomics+0x152/0x310 [ 27.738600] kasan_atomics+0x1dc/0x310 [ 27.738624] ? __pfx_kasan_atomics+0x10/0x10 [ 27.738651] ? __pfx_read_tsc+0x10/0x10 [ 27.738673] ? ktime_get_ts64+0x86/0x230 [ 27.738699] kunit_try_run_case+0x1a5/0x480 [ 27.738727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.738752] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.738779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.738806] ? __kthread_parkme+0x82/0x180 [ 27.738839] ? preempt_count_sub+0x50/0x80 [ 27.738865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.738892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.738919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.738945] kthread+0x337/0x6f0 [ 27.738966] ? trace_preempt_on+0x20/0xc0 [ 27.738991] ? __pfx_kthread+0x10/0x10 [ 27.739013] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.739038] ? calculate_sigpending+0x7b/0xa0 [ 27.739064] ? __pfx_kthread+0x10/0x10 [ 27.739088] ret_from_fork+0x116/0x1d0 [ 27.739109] ? __pfx_kthread+0x10/0x10 [ 27.739131] ret_from_fork_asm+0x1a/0x30 [ 27.739164] </TASK> [ 27.739176] [ 27.752666] Allocated by task 313: [ 27.753124] kasan_save_stack+0x45/0x70 [ 27.753419] kasan_save_track+0x18/0x40 [ 27.753886] kasan_save_alloc_info+0x3b/0x50 [ 27.754208] __kasan_kmalloc+0xb7/0xc0 [ 27.754529] __kmalloc_cache_noprof+0x189/0x420 [ 27.754912] kasan_atomics+0x95/0x310 [ 27.755054] kunit_try_run_case+0x1a5/0x480 [ 27.755240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.755813] kthread+0x337/0x6f0 [ 27.756145] ret_from_fork+0x116/0x1d0 [ 27.756682] ret_from_fork_asm+0x1a/0x30 [ 27.757097] [ 27.757295] The buggy address belongs to the object at ffff8881058a7e80 [ 27.757295] which belongs to the cache kmalloc-64 of size 64 [ 27.758025] The buggy address is located 0 bytes to the right of [ 27.758025] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.759084] [ 27.759257] The buggy address belongs to the physical page: [ 27.759918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.760412] flags: 0x200000000000000(node=0|zone=2) [ 27.760931] page_type: f5(slab) [ 27.761247] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.761909] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.762153] page dumped because: kasan: bad access detected [ 27.762329] [ 27.762398] Memory state around the buggy address: [ 27.762842] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.763506] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.764219] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.765055] ^ [ 27.765605] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.766228] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.767003] ================================================================== [ 28.171043] ================================================================== [ 28.171293] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 28.171792] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.172193] [ 28.172288] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.172340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.172355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.172379] Call Trace: [ 28.172394] <TASK> [ 28.172410] dump_stack_lvl+0x73/0xb0 [ 28.172440] print_report+0xd1/0x640 [ 28.172464] ? __virt_addr_valid+0x1db/0x2d0 [ 28.172490] ? kasan_atomics_helper+0x1079/0x5450 [ 28.172513] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.172541] ? kasan_atomics_helper+0x1079/0x5450 [ 28.172565] kasan_report+0x141/0x180 [ 28.172589] ? kasan_atomics_helper+0x1079/0x5450 [ 28.172617] kasan_check_range+0x10c/0x1c0 [ 28.172643] __kasan_check_write+0x18/0x20 [ 28.172669] kasan_atomics_helper+0x1079/0x5450 [ 28.172693] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.172717] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.172743] ? kasan_atomics+0x152/0x310 [ 28.172771] kasan_atomics+0x1dc/0x310 [ 28.172796] ? __pfx_kasan_atomics+0x10/0x10 [ 28.172822] ? __pfx_read_tsc+0x10/0x10 [ 28.172858] ? ktime_get_ts64+0x86/0x230 [ 28.172888] kunit_try_run_case+0x1a5/0x480 [ 28.172923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.172960] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.172987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.173016] ? __kthread_parkme+0x82/0x180 [ 28.173039] ? preempt_count_sub+0x50/0x80 [ 28.173064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.173090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.173116] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.173143] kthread+0x337/0x6f0 [ 28.173172] ? trace_preempt_on+0x20/0xc0 [ 28.173198] ? __pfx_kthread+0x10/0x10 [ 28.173220] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.173246] ? calculate_sigpending+0x7b/0xa0 [ 28.173271] ? __pfx_kthread+0x10/0x10 [ 28.173295] ret_from_fork+0x116/0x1d0 [ 28.173318] ? __pfx_kthread+0x10/0x10 [ 28.173340] ret_from_fork_asm+0x1a/0x30 [ 28.173372] </TASK> [ 28.173385] [ 28.184078] Allocated by task 313: [ 28.184224] kasan_save_stack+0x45/0x70 [ 28.184377] kasan_save_track+0x18/0x40 [ 28.185118] kasan_save_alloc_info+0x3b/0x50 [ 28.185352] __kasan_kmalloc+0xb7/0xc0 [ 28.185525] __kmalloc_cache_noprof+0x189/0x420 [ 28.185864] kasan_atomics+0x95/0x310 [ 28.186043] kunit_try_run_case+0x1a5/0x480 [ 28.186228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.186779] kthread+0x337/0x6f0 [ 28.186947] ret_from_fork+0x116/0x1d0 [ 28.187249] ret_from_fork_asm+0x1a/0x30 [ 28.187596] [ 28.187676] The buggy address belongs to the object at ffff8881058a7e80 [ 28.187676] which belongs to the cache kmalloc-64 of size 64 [ 28.188170] The buggy address is located 0 bytes to the right of [ 28.188170] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.189092] [ 28.189243] The buggy address belongs to the physical page: [ 28.189581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.190122] flags: 0x200000000000000(node=0|zone=2) [ 28.190345] page_type: f5(slab) [ 28.190582] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.190892] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.191195] page dumped because: kasan: bad access detected [ 28.191409] [ 28.191500] Memory state around the buggy address: [ 28.191680] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.192001] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.192650] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.192984] ^ [ 28.193297] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.193569] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.194069] ================================================================== [ 28.035154] ================================================================== [ 28.035501] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 28.035909] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.036334] [ 28.036449] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.036500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.036515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.036538] Call Trace: [ 28.036556] <TASK> [ 28.036572] dump_stack_lvl+0x73/0xb0 [ 28.036603] print_report+0xd1/0x640 [ 28.036628] ? __virt_addr_valid+0x1db/0x2d0 [ 28.036655] ? kasan_atomics_helper+0xde0/0x5450 [ 28.036678] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.036706] ? kasan_atomics_helper+0xde0/0x5450 [ 28.036731] kasan_report+0x141/0x180 [ 28.036755] ? kasan_atomics_helper+0xde0/0x5450 [ 28.036783] kasan_check_range+0x10c/0x1c0 [ 28.036809] __kasan_check_write+0x18/0x20 [ 28.036847] kasan_atomics_helper+0xde0/0x5450 [ 28.036876] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.036901] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.036927] ? kasan_atomics+0x152/0x310 [ 28.036955] kasan_atomics+0x1dc/0x310 [ 28.036980] ? __pfx_kasan_atomics+0x10/0x10 [ 28.037006] ? __pfx_read_tsc+0x10/0x10 [ 28.037029] ? ktime_get_ts64+0x86/0x230 [ 28.037055] kunit_try_run_case+0x1a5/0x480 [ 28.037082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.037107] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.037136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.037163] ? __kthread_parkme+0x82/0x180 [ 28.037185] ? preempt_count_sub+0x50/0x80 [ 28.037211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.037238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.037263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.037289] kthread+0x337/0x6f0 [ 28.037311] ? trace_preempt_on+0x20/0xc0 [ 28.037337] ? __pfx_kthread+0x10/0x10 [ 28.037360] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.037385] ? calculate_sigpending+0x7b/0xa0 [ 28.037411] ? __pfx_kthread+0x10/0x10 [ 28.037434] ret_from_fork+0x116/0x1d0 [ 28.037456] ? __pfx_kthread+0x10/0x10 [ 28.037478] ret_from_fork_asm+0x1a/0x30 [ 28.037513] </TASK> [ 28.037526] [ 28.045289] Allocated by task 313: [ 28.045423] kasan_save_stack+0x45/0x70 [ 28.045571] kasan_save_track+0x18/0x40 [ 28.045716] kasan_save_alloc_info+0x3b/0x50 [ 28.045945] __kasan_kmalloc+0xb7/0xc0 [ 28.046222] __kmalloc_cache_noprof+0x189/0x420 [ 28.046439] kasan_atomics+0x95/0x310 [ 28.046622] kunit_try_run_case+0x1a5/0x480 [ 28.046837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.047145] kthread+0x337/0x6f0 [ 28.047322] ret_from_fork+0x116/0x1d0 [ 28.047546] ret_from_fork_asm+0x1a/0x30 [ 28.047692] [ 28.047761] The buggy address belongs to the object at ffff8881058a7e80 [ 28.047761] which belongs to the cache kmalloc-64 of size 64 [ 28.048395] The buggy address is located 0 bytes to the right of [ 28.048395] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.049208] [ 28.049316] The buggy address belongs to the physical page: [ 28.049627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.049944] flags: 0x200000000000000(node=0|zone=2) [ 28.050114] page_type: f5(slab) [ 28.050402] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.051014] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.051430] page dumped because: kasan: bad access detected [ 28.051700] [ 28.051778] Memory state around the buggy address: [ 28.051990] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.052315] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.052587] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.052804] ^ [ 28.053014] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.053340] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.053886] ================================================================== [ 28.108942] ================================================================== [ 28.109210] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 28.109935] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.110668] [ 28.110808] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.110869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.110884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.110908] Call Trace: [ 28.110927] <TASK> [ 28.110945] dump_stack_lvl+0x73/0xb0 [ 28.110992] print_report+0xd1/0x640 [ 28.111018] ? __virt_addr_valid+0x1db/0x2d0 [ 28.111057] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.111091] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.111119] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.111153] kasan_report+0x141/0x180 [ 28.111178] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.111206] kasan_check_range+0x10c/0x1c0 [ 28.111232] __kasan_check_write+0x18/0x20 [ 28.111257] kasan_atomics_helper+0xfa9/0x5450 [ 28.111282] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.111306] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.111333] ? kasan_atomics+0x152/0x310 [ 28.111360] kasan_atomics+0x1dc/0x310 [ 28.111385] ? __pfx_kasan_atomics+0x10/0x10 [ 28.111411] ? __pfx_read_tsc+0x10/0x10 [ 28.111435] ? ktime_get_ts64+0x86/0x230 [ 28.111476] kunit_try_run_case+0x1a5/0x480 [ 28.111504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.111529] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.111556] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.111583] ? __kthread_parkme+0x82/0x180 [ 28.111605] ? preempt_count_sub+0x50/0x80 [ 28.111631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.111657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.111682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.111710] kthread+0x337/0x6f0 [ 28.111732] ? trace_preempt_on+0x20/0xc0 [ 28.111758] ? __pfx_kthread+0x10/0x10 [ 28.111780] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.111806] ? calculate_sigpending+0x7b/0xa0 [ 28.111841] ? __pfx_kthread+0x10/0x10 [ 28.111865] ret_from_fork+0x116/0x1d0 [ 28.111886] ? __pfx_kthread+0x10/0x10 [ 28.111909] ret_from_fork_asm+0x1a/0x30 [ 28.111942] </TASK> [ 28.111954] [ 28.126657] Allocated by task 313: [ 28.126936] kasan_save_stack+0x45/0x70 [ 28.127496] kasan_save_track+0x18/0x40 [ 28.127700] kasan_save_alloc_info+0x3b/0x50 [ 28.127900] __kasan_kmalloc+0xb7/0xc0 [ 28.128070] __kmalloc_cache_noprof+0x189/0x420 [ 28.128273] kasan_atomics+0x95/0x310 [ 28.128437] kunit_try_run_case+0x1a5/0x480 [ 28.128629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.129323] kthread+0x337/0x6f0 [ 28.129826] ret_from_fork+0x116/0x1d0 [ 28.130219] ret_from_fork_asm+0x1a/0x30 [ 28.130764] [ 28.130882] The buggy address belongs to the object at ffff8881058a7e80 [ 28.130882] which belongs to the cache kmalloc-64 of size 64 [ 28.131892] The buggy address is located 0 bytes to the right of [ 28.131892] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.132955] [ 28.133065] The buggy address belongs to the physical page: [ 28.133781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.134461] flags: 0x200000000000000(node=0|zone=2) [ 28.134910] page_type: f5(slab) [ 28.135064] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.136057] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.136549] page dumped because: kasan: bad access detected [ 28.136781] [ 28.136883] Memory state around the buggy address: [ 28.137080] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.137993] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.138513] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.138998] ^ [ 28.139511] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.140224] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.140538] ================================================================== [ 27.526100] ================================================================== [ 27.526562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 27.527340] Read of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.527585] [ 27.527946] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.528003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.528019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.528042] Call Trace: [ 27.528061] <TASK> [ 27.528077] dump_stack_lvl+0x73/0xb0 [ 27.528109] print_report+0xd1/0x640 [ 27.528134] ? __virt_addr_valid+0x1db/0x2d0 [ 27.528289] ? kasan_atomics_helper+0x4b88/0x5450 [ 27.528321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.528350] ? kasan_atomics_helper+0x4b88/0x5450 [ 27.528375] kasan_report+0x141/0x180 [ 27.528401] ? kasan_atomics_helper+0x4b88/0x5450 [ 27.528430] __asan_report_load4_noabort+0x18/0x20 [ 27.528506] kasan_atomics_helper+0x4b88/0x5450 [ 27.528537] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.528561] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.528589] ? kasan_atomics+0x152/0x310 [ 27.528617] kasan_atomics+0x1dc/0x310 [ 27.528641] ? __pfx_kasan_atomics+0x10/0x10 [ 27.528667] ? __pfx_read_tsc+0x10/0x10 [ 27.528690] ? ktime_get_ts64+0x86/0x230 [ 27.528717] kunit_try_run_case+0x1a5/0x480 [ 27.528743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.528768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.528797] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.528825] ? __kthread_parkme+0x82/0x180 [ 27.528860] ? preempt_count_sub+0x50/0x80 [ 27.528892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.528918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.528943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.528969] kthread+0x337/0x6f0 [ 27.528992] ? trace_preempt_on+0x20/0xc0 [ 27.529017] ? __pfx_kthread+0x10/0x10 [ 27.529041] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.529067] ? calculate_sigpending+0x7b/0xa0 [ 27.529093] ? __pfx_kthread+0x10/0x10 [ 27.529117] ret_from_fork+0x116/0x1d0 [ 27.529139] ? __pfx_kthread+0x10/0x10 [ 27.529162] ret_from_fork_asm+0x1a/0x30 [ 27.529194] </TASK> [ 27.529206] [ 27.540234] Allocated by task 313: [ 27.541005] kasan_save_stack+0x45/0x70 [ 27.541210] kasan_save_track+0x18/0x40 [ 27.541745] kasan_save_alloc_info+0x3b/0x50 [ 27.541990] __kasan_kmalloc+0xb7/0xc0 [ 27.542308] __kmalloc_cache_noprof+0x189/0x420 [ 27.542655] kasan_atomics+0x95/0x310 [ 27.542841] kunit_try_run_case+0x1a5/0x480 [ 27.543053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.543497] kthread+0x337/0x6f0 [ 27.543856] ret_from_fork+0x116/0x1d0 [ 27.544062] ret_from_fork_asm+0x1a/0x30 [ 27.544395] [ 27.544497] The buggy address belongs to the object at ffff8881058a7e80 [ 27.544497] which belongs to the cache kmalloc-64 of size 64 [ 27.545378] The buggy address is located 0 bytes to the right of [ 27.545378] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.546267] [ 27.546394] The buggy address belongs to the physical page: [ 27.546974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.547411] flags: 0x200000000000000(node=0|zone=2) [ 27.547774] page_type: f5(slab) [ 27.547969] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.548477] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.548871] page dumped because: kasan: bad access detected [ 27.549123] [ 27.549395] Memory state around the buggy address: [ 27.549621] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.549941] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.550654] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.550939] ^ [ 27.551469] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.551961] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.552525] ================================================================== [ 28.194675] ================================================================== [ 28.195067] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 28.195632] Read of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.196274] [ 28.196385] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.196436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.196452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.196475] Call Trace: [ 28.196558] <TASK> [ 28.196576] dump_stack_lvl+0x73/0xb0 [ 28.196608] print_report+0xd1/0x640 [ 28.196633] ? __virt_addr_valid+0x1db/0x2d0 [ 28.196660] ? kasan_atomics_helper+0x4a1c/0x5450 [ 28.196683] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.196711] ? kasan_atomics_helper+0x4a1c/0x5450 [ 28.196894] kasan_report+0x141/0x180 [ 28.196921] ? kasan_atomics_helper+0x4a1c/0x5450 [ 28.196950] __asan_report_load4_noabort+0x18/0x20 [ 28.196978] kasan_atomics_helper+0x4a1c/0x5450 [ 28.197004] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.197029] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.197056] ? kasan_atomics+0x152/0x310 [ 28.197083] kasan_atomics+0x1dc/0x310 [ 28.197108] ? __pfx_kasan_atomics+0x10/0x10 [ 28.197134] ? __pfx_read_tsc+0x10/0x10 [ 28.197166] ? ktime_get_ts64+0x86/0x230 [ 28.197193] kunit_try_run_case+0x1a5/0x480 [ 28.197220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.197246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.197272] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.197299] ? __kthread_parkme+0x82/0x180 [ 28.197321] ? preempt_count_sub+0x50/0x80 [ 28.197346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.197372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.197398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.197423] kthread+0x337/0x6f0 [ 28.197445] ? trace_preempt_on+0x20/0xc0 [ 28.197485] ? __pfx_kthread+0x10/0x10 [ 28.197508] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.197533] ? calculate_sigpending+0x7b/0xa0 [ 28.197559] ? __pfx_kthread+0x10/0x10 [ 28.197582] ret_from_fork+0x116/0x1d0 [ 28.197603] ? __pfx_kthread+0x10/0x10 [ 28.197626] ret_from_fork_asm+0x1a/0x30 [ 28.197658] </TASK> [ 28.197671] [ 28.207693] Allocated by task 313: [ 28.207880] kasan_save_stack+0x45/0x70 [ 28.208225] kasan_save_track+0x18/0x40 [ 28.208487] kasan_save_alloc_info+0x3b/0x50 [ 28.208769] __kasan_kmalloc+0xb7/0xc0 [ 28.209183] __kmalloc_cache_noprof+0x189/0x420 [ 28.209471] kasan_atomics+0x95/0x310 [ 28.209756] kunit_try_run_case+0x1a5/0x480 [ 28.210041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.210403] kthread+0x337/0x6f0 [ 28.210573] ret_from_fork+0x116/0x1d0 [ 28.210948] ret_from_fork_asm+0x1a/0x30 [ 28.211253] [ 28.211332] The buggy address belongs to the object at ffff8881058a7e80 [ 28.211332] which belongs to the cache kmalloc-64 of size 64 [ 28.212167] The buggy address is located 0 bytes to the right of [ 28.212167] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.212718] [ 28.212859] The buggy address belongs to the physical page: [ 28.213057] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.213378] flags: 0x200000000000000(node=0|zone=2) [ 28.214073] page_type: f5(slab) [ 28.214297] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.214844] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.215309] page dumped because: kasan: bad access detected [ 28.215513] [ 28.215711] Memory state around the buggy address: [ 28.215999] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.216618] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.216960] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.217448] ^ [ 28.217628] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.218140] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.218478] ================================================================== [ 28.670782] ================================================================== [ 28.671107] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 28.671639] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.672080] [ 28.672271] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.672389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.672406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.672430] Call Trace: [ 28.672448] <TASK> [ 28.672476] dump_stack_lvl+0x73/0xb0 [ 28.672507] print_report+0xd1/0x640 [ 28.672629] ? __virt_addr_valid+0x1db/0x2d0 [ 28.672660] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.672684] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.672712] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.672737] kasan_report+0x141/0x180 [ 28.672762] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.672790] kasan_check_range+0x10c/0x1c0 [ 28.672927] __kasan_check_write+0x18/0x20 [ 28.672954] kasan_atomics_helper+0x19e3/0x5450 [ 28.672979] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.673003] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.673029] ? kasan_atomics+0x152/0x310 [ 28.673057] kasan_atomics+0x1dc/0x310 [ 28.673081] ? __pfx_kasan_atomics+0x10/0x10 [ 28.673107] ? __pfx_read_tsc+0x10/0x10 [ 28.673130] ? ktime_get_ts64+0x86/0x230 [ 28.673156] kunit_try_run_case+0x1a5/0x480 [ 28.673190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.673215] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.673244] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.673270] ? __kthread_parkme+0x82/0x180 [ 28.673291] ? preempt_count_sub+0x50/0x80 [ 28.673315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.673342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.673366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.673393] kthread+0x337/0x6f0 [ 28.673415] ? trace_preempt_on+0x20/0xc0 [ 28.673439] ? __pfx_kthread+0x10/0x10 [ 28.673470] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.673495] ? calculate_sigpending+0x7b/0xa0 [ 28.673520] ? __pfx_kthread+0x10/0x10 [ 28.673543] ret_from_fork+0x116/0x1d0 [ 28.673564] ? __pfx_kthread+0x10/0x10 [ 28.673587] ret_from_fork_asm+0x1a/0x30 [ 28.673620] </TASK> [ 28.673632] [ 28.683690] Allocated by task 313: [ 28.683901] kasan_save_stack+0x45/0x70 [ 28.684333] kasan_save_track+0x18/0x40 [ 28.684703] kasan_save_alloc_info+0x3b/0x50 [ 28.684958] __kasan_kmalloc+0xb7/0xc0 [ 28.685122] __kmalloc_cache_noprof+0x189/0x420 [ 28.685497] kasan_atomics+0x95/0x310 [ 28.685704] kunit_try_run_case+0x1a5/0x480 [ 28.685995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.686191] kthread+0x337/0x6f0 [ 28.686413] ret_from_fork+0x116/0x1d0 [ 28.686698] ret_from_fork_asm+0x1a/0x30 [ 28.686910] [ 28.687006] The buggy address belongs to the object at ffff8881058a7e80 [ 28.687006] which belongs to the cache kmalloc-64 of size 64 [ 28.687866] The buggy address is located 0 bytes to the right of [ 28.687866] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.688678] [ 28.688885] The buggy address belongs to the physical page: [ 28.689078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.689635] flags: 0x200000000000000(node=0|zone=2) [ 28.689996] page_type: f5(slab) [ 28.690150] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.690626] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.690955] page dumped because: kasan: bad access detected [ 28.691204] [ 28.691286] Memory state around the buggy address: [ 28.691681] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.692094] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.692600] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.692883] ^ [ 28.693202] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.693508] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.693983] ================================================================== [ 28.934189] ================================================================== [ 28.934779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 28.935359] Read of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.935895] [ 28.936093] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.936144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.936159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.936182] Call Trace: [ 28.936202] <TASK> [ 28.936219] dump_stack_lvl+0x73/0xb0 [ 28.936249] print_report+0xd1/0x640 [ 28.936286] ? __virt_addr_valid+0x1db/0x2d0 [ 28.936311] ? kasan_atomics_helper+0x4f71/0x5450 [ 28.936335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.936377] ? kasan_atomics_helper+0x4f71/0x5450 [ 28.936401] kasan_report+0x141/0x180 [ 28.936426] ? kasan_atomics_helper+0x4f71/0x5450 [ 28.936454] __asan_report_load8_noabort+0x18/0x20 [ 28.936529] kasan_atomics_helper+0x4f71/0x5450 [ 28.936556] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.936580] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.936607] ? kasan_atomics+0x152/0x310 [ 28.936636] kasan_atomics+0x1dc/0x310 [ 28.936661] ? __pfx_kasan_atomics+0x10/0x10 [ 28.936687] ? __pfx_read_tsc+0x10/0x10 [ 28.936711] ? ktime_get_ts64+0x86/0x230 [ 28.936738] kunit_try_run_case+0x1a5/0x480 [ 28.936765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.936789] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.936816] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.936853] ? __kthread_parkme+0x82/0x180 [ 28.936881] ? preempt_count_sub+0x50/0x80 [ 28.936906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.936932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.936956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.936982] kthread+0x337/0x6f0 [ 28.937004] ? trace_preempt_on+0x20/0xc0 [ 28.937028] ? __pfx_kthread+0x10/0x10 [ 28.937051] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.937076] ? calculate_sigpending+0x7b/0xa0 [ 28.937101] ? __pfx_kthread+0x10/0x10 [ 28.937124] ret_from_fork+0x116/0x1d0 [ 28.937147] ? __pfx_kthread+0x10/0x10 [ 28.937180] ret_from_fork_asm+0x1a/0x30 [ 28.937214] </TASK> [ 28.937227] [ 28.950791] Allocated by task 313: [ 28.951142] kasan_save_stack+0x45/0x70 [ 28.951365] kasan_save_track+0x18/0x40 [ 28.951860] kasan_save_alloc_info+0x3b/0x50 [ 28.952253] __kasan_kmalloc+0xb7/0xc0 [ 28.952606] __kmalloc_cache_noprof+0x189/0x420 [ 28.952816] kasan_atomics+0x95/0x310 [ 28.953032] kunit_try_run_case+0x1a5/0x480 [ 28.953439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.953907] kthread+0x337/0x6f0 [ 28.954286] ret_from_fork+0x116/0x1d0 [ 28.954476] ret_from_fork_asm+0x1a/0x30 [ 28.954821] [ 28.954953] The buggy address belongs to the object at ffff8881058a7e80 [ 28.954953] which belongs to the cache kmalloc-64 of size 64 [ 28.955787] The buggy address is located 0 bytes to the right of [ 28.955787] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.956638] [ 28.956789] The buggy address belongs to the physical page: [ 28.956988] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.957569] flags: 0x200000000000000(node=0|zone=2) [ 28.958175] page_type: f5(slab) [ 28.958477] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.958968] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.959528] page dumped because: kasan: bad access detected [ 28.959864] [ 28.959969] Memory state around the buggy address: [ 28.960401] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.960824] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.961382] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.961909] ^ [ 28.962257] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.962751] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.963387] ================================================================== [ 28.006314] ================================================================== [ 28.006955] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 28.007582] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.007818] [ 28.007921] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.007973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.007988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.008012] Call Trace: [ 28.008029] <TASK> [ 28.008047] dump_stack_lvl+0x73/0xb0 [ 28.008076] print_report+0xd1/0x640 [ 28.008101] ? __virt_addr_valid+0x1db/0x2d0 [ 28.008127] ? kasan_atomics_helper+0xd47/0x5450 [ 28.008150] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.008178] ? kasan_atomics_helper+0xd47/0x5450 [ 28.008201] kasan_report+0x141/0x180 [ 28.008226] ? kasan_atomics_helper+0xd47/0x5450 [ 28.008253] kasan_check_range+0x10c/0x1c0 [ 28.008279] __kasan_check_write+0x18/0x20 [ 28.008305] kasan_atomics_helper+0xd47/0x5450 [ 28.008329] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.008353] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.008381] ? kasan_atomics+0x152/0x310 [ 28.008410] kasan_atomics+0x1dc/0x310 [ 28.008436] ? __pfx_kasan_atomics+0x10/0x10 [ 28.008463] ? __pfx_read_tsc+0x10/0x10 [ 28.008487] ? ktime_get_ts64+0x86/0x230 [ 28.008514] kunit_try_run_case+0x1a5/0x480 [ 28.008552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.008577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.008607] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.008634] ? __kthread_parkme+0x82/0x180 [ 28.008657] ? preempt_count_sub+0x50/0x80 [ 28.008681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.008708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.008734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.008759] kthread+0x337/0x6f0 [ 28.008782] ? trace_preempt_on+0x20/0xc0 [ 28.008806] ? __pfx_kthread+0x10/0x10 [ 28.008838] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.008863] ? calculate_sigpending+0x7b/0xa0 [ 28.008894] ? __pfx_kthread+0x10/0x10 [ 28.008918] ret_from_fork+0x116/0x1d0 [ 28.008940] ? __pfx_kthread+0x10/0x10 [ 28.008962] ret_from_fork_asm+0x1a/0x30 [ 28.008996] </TASK> [ 28.009008] [ 28.023287] Allocated by task 313: [ 28.023426] kasan_save_stack+0x45/0x70 [ 28.023823] kasan_save_track+0x18/0x40 [ 28.024193] kasan_save_alloc_info+0x3b/0x50 [ 28.024794] __kasan_kmalloc+0xb7/0xc0 [ 28.025172] __kmalloc_cache_noprof+0x189/0x420 [ 28.025681] kasan_atomics+0x95/0x310 [ 28.025853] kunit_try_run_case+0x1a5/0x480 [ 28.026008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.026233] kthread+0x337/0x6f0 [ 28.026531] ret_from_fork+0x116/0x1d0 [ 28.026954] ret_from_fork_asm+0x1a/0x30 [ 28.027358] [ 28.027532] The buggy address belongs to the object at ffff8881058a7e80 [ 28.027532] which belongs to the cache kmalloc-64 of size 64 [ 28.028744] The buggy address is located 0 bytes to the right of [ 28.028744] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.029845] [ 28.030018] The buggy address belongs to the physical page: [ 28.030545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.030796] flags: 0x200000000000000(node=0|zone=2) [ 28.030980] page_type: f5(slab) [ 28.031103] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.031354] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.031811] page dumped because: kasan: bad access detected [ 28.032032] [ 28.032114] Memory state around the buggy address: [ 28.032552] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.032854] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.033141] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.033468] ^ [ 28.033674] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.033951] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.034271] ================================================================== [ 28.419886] ================================================================== [ 28.420121] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 28.420377] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.420753] [ 28.420894] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.420958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.420972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.421006] Call Trace: [ 28.421024] <TASK> [ 28.421041] dump_stack_lvl+0x73/0xb0 [ 28.421070] print_report+0xd1/0x640 [ 28.421094] ? __virt_addr_valid+0x1db/0x2d0 [ 28.421118] ? kasan_atomics_helper+0x1467/0x5450 [ 28.421141] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.421169] ? kasan_atomics_helper+0x1467/0x5450 [ 28.421363] kasan_report+0x141/0x180 [ 28.421405] ? kasan_atomics_helper+0x1467/0x5450 [ 28.421435] kasan_check_range+0x10c/0x1c0 [ 28.421462] __kasan_check_write+0x18/0x20 [ 28.421487] kasan_atomics_helper+0x1467/0x5450 [ 28.421514] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.421538] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.421565] ? kasan_atomics+0x152/0x310 [ 28.421593] kasan_atomics+0x1dc/0x310 [ 28.421617] ? __pfx_kasan_atomics+0x10/0x10 [ 28.421643] ? __pfx_read_tsc+0x10/0x10 [ 28.421667] ? ktime_get_ts64+0x86/0x230 [ 28.421693] kunit_try_run_case+0x1a5/0x480 [ 28.421720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.421744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.421772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.421799] ? __kthread_parkme+0x82/0x180 [ 28.421821] ? preempt_count_sub+0x50/0x80 [ 28.421858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.421884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.421910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.421936] kthread+0x337/0x6f0 [ 28.421967] ? trace_preempt_on+0x20/0xc0 [ 28.421992] ? __pfx_kthread+0x10/0x10 [ 28.422014] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.422136] ? calculate_sigpending+0x7b/0xa0 [ 28.422179] ? __pfx_kthread+0x10/0x10 [ 28.422220] ret_from_fork+0x116/0x1d0 [ 28.422243] ? __pfx_kthread+0x10/0x10 [ 28.422277] ret_from_fork_asm+0x1a/0x30 [ 28.422310] </TASK> [ 28.422323] [ 28.434210] Allocated by task 313: [ 28.434383] kasan_save_stack+0x45/0x70 [ 28.434793] kasan_save_track+0x18/0x40 [ 28.435000] kasan_save_alloc_info+0x3b/0x50 [ 28.435429] __kasan_kmalloc+0xb7/0xc0 [ 28.435741] __kmalloc_cache_noprof+0x189/0x420 [ 28.435958] kasan_atomics+0x95/0x310 [ 28.436113] kunit_try_run_case+0x1a5/0x480 [ 28.436535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.437120] kthread+0x337/0x6f0 [ 28.437301] ret_from_fork+0x116/0x1d0 [ 28.437699] ret_from_fork_asm+0x1a/0x30 [ 28.438054] [ 28.438163] The buggy address belongs to the object at ffff8881058a7e80 [ 28.438163] which belongs to the cache kmalloc-64 of size 64 [ 28.438884] The buggy address is located 0 bytes to the right of [ 28.438884] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.439722] [ 28.439821] The buggy address belongs to the physical page: [ 28.440054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.440793] flags: 0x200000000000000(node=0|zone=2) [ 28.441417] page_type: f5(slab) [ 28.441760] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.442074] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.442802] page dumped because: kasan: bad access detected [ 28.443044] [ 28.443131] Memory state around the buggy address: [ 28.443582] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.443893] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.444396] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.444894] ^ [ 28.445582] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.445905] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.446127] ================================================================== [ 28.394593] ================================================================== [ 28.394823] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 28.395076] Read of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.395303] [ 28.395385] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.395434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.395449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.395470] Call Trace: [ 28.395486] <TASK> [ 28.395501] dump_stack_lvl+0x73/0xb0 [ 28.395527] print_report+0xd1/0x640 [ 28.395550] ? __virt_addr_valid+0x1db/0x2d0 [ 28.395575] ? kasan_atomics_helper+0x4eae/0x5450 [ 28.395598] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.395626] ? kasan_atomics_helper+0x4eae/0x5450 [ 28.395649] kasan_report+0x141/0x180 [ 28.395673] ? kasan_atomics_helper+0x4eae/0x5450 [ 28.395701] __asan_report_load8_noabort+0x18/0x20 [ 28.395740] kasan_atomics_helper+0x4eae/0x5450 [ 28.395766] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.395790] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.395816] ? kasan_atomics+0x152/0x310 [ 28.395853] kasan_atomics+0x1dc/0x310 [ 28.395878] ? __pfx_kasan_atomics+0x10/0x10 [ 28.395905] ? __pfx_read_tsc+0x10/0x10 [ 28.395929] ? ktime_get_ts64+0x86/0x230 [ 28.395954] kunit_try_run_case+0x1a5/0x480 [ 28.395981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.396006] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.396033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.396060] ? __kthread_parkme+0x82/0x180 [ 28.396082] ? preempt_count_sub+0x50/0x80 [ 28.396107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.396133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.396159] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.396185] kthread+0x337/0x6f0 [ 28.396207] ? trace_preempt_on+0x20/0xc0 [ 28.396231] ? __pfx_kthread+0x10/0x10 [ 28.396254] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.396279] ? calculate_sigpending+0x7b/0xa0 [ 28.396305] ? __pfx_kthread+0x10/0x10 [ 28.396327] ret_from_fork+0x116/0x1d0 [ 28.396349] ? __pfx_kthread+0x10/0x10 [ 28.396372] ret_from_fork_asm+0x1a/0x30 [ 28.396404] </TASK> [ 28.396416] [ 28.405328] Allocated by task 313: [ 28.405460] kasan_save_stack+0x45/0x70 [ 28.405604] kasan_save_track+0x18/0x40 [ 28.405740] kasan_save_alloc_info+0x3b/0x50 [ 28.405902] __kasan_kmalloc+0xb7/0xc0 [ 28.406036] __kmalloc_cache_noprof+0x189/0x420 [ 28.406193] kasan_atomics+0x95/0x310 [ 28.406326] kunit_try_run_case+0x1a5/0x480 [ 28.406719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.406985] kthread+0x337/0x6f0 [ 28.407155] ret_from_fork+0x116/0x1d0 [ 28.407347] ret_from_fork_asm+0x1a/0x30 [ 28.407540] [ 28.407633] The buggy address belongs to the object at ffff8881058a7e80 [ 28.407633] which belongs to the cache kmalloc-64 of size 64 [ 28.408179] The buggy address is located 0 bytes to the right of [ 28.408179] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.408742] [ 28.408934] The buggy address belongs to the physical page: [ 28.409192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.411753] flags: 0x200000000000000(node=0|zone=2) [ 28.412601] page_type: f5(slab) [ 28.413078] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.413863] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.414108] page dumped because: kasan: bad access detected [ 28.414887] [ 28.415377] Memory state around the buggy address: [ 28.416332] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.417646] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.417913] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.418145] ^ [ 28.418312] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.418863] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.419481] ================================================================== [ 28.517076] ================================================================== [ 28.517383] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 28.517763] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.518048] [ 28.518135] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.518186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.518201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.518225] Call Trace: [ 28.518244] <TASK> [ 28.518260] dump_stack_lvl+0x73/0xb0 [ 28.518288] print_report+0xd1/0x640 [ 28.518313] ? __virt_addr_valid+0x1db/0x2d0 [ 28.518338] ? kasan_atomics_helper+0x164f/0x5450 [ 28.518362] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.518390] ? kasan_atomics_helper+0x164f/0x5450 [ 28.518413] kasan_report+0x141/0x180 [ 28.518438] ? kasan_atomics_helper+0x164f/0x5450 [ 28.518466] kasan_check_range+0x10c/0x1c0 [ 28.518492] __kasan_check_write+0x18/0x20 [ 28.518517] kasan_atomics_helper+0x164f/0x5450 [ 28.518543] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.518567] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.518593] ? kasan_atomics+0x152/0x310 [ 28.518621] kasan_atomics+0x1dc/0x310 [ 28.518645] ? __pfx_kasan_atomics+0x10/0x10 [ 28.518672] ? __pfx_read_tsc+0x10/0x10 [ 28.518695] ? ktime_get_ts64+0x86/0x230 [ 28.518722] kunit_try_run_case+0x1a5/0x480 [ 28.518748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.518773] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.518799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.518827] ? __kthread_parkme+0x82/0x180 [ 28.518861] ? preempt_count_sub+0x50/0x80 [ 28.518886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.518912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.518938] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.518964] kthread+0x337/0x6f0 [ 28.518987] ? trace_preempt_on+0x20/0xc0 [ 28.519013] ? __pfx_kthread+0x10/0x10 [ 28.519036] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.519061] ? calculate_sigpending+0x7b/0xa0 [ 28.519087] ? __pfx_kthread+0x10/0x10 [ 28.519110] ret_from_fork+0x116/0x1d0 [ 28.519132] ? __pfx_kthread+0x10/0x10 [ 28.519154] ret_from_fork_asm+0x1a/0x30 [ 28.519242] </TASK> [ 28.519255] [ 28.528222] Allocated by task 313: [ 28.528365] kasan_save_stack+0x45/0x70 [ 28.528540] kasan_save_track+0x18/0x40 [ 28.528738] kasan_save_alloc_info+0x3b/0x50 [ 28.529209] __kasan_kmalloc+0xb7/0xc0 [ 28.529389] __kmalloc_cache_noprof+0x189/0x420 [ 28.529749] kasan_atomics+0x95/0x310 [ 28.529954] kunit_try_run_case+0x1a5/0x480 [ 28.530134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.530325] kthread+0x337/0x6f0 [ 28.530448] ret_from_fork+0x116/0x1d0 [ 28.530581] ret_from_fork_asm+0x1a/0x30 [ 28.530722] [ 28.530793] The buggy address belongs to the object at ffff8881058a7e80 [ 28.530793] which belongs to the cache kmalloc-64 of size 64 [ 28.531168] The buggy address is located 0 bytes to the right of [ 28.531168] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.531739] [ 28.531841] The buggy address belongs to the physical page: [ 28.532092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.532444] flags: 0x200000000000000(node=0|zone=2) [ 28.532725] page_type: f5(slab) [ 28.532862] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.533104] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.533334] page dumped because: kasan: bad access detected [ 28.533512] [ 28.533650] Memory state around the buggy address: [ 28.533889] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.534268] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.534784] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.535120] ^ [ 28.535592] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.535872] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.536157] ================================================================== [ 28.497478] ================================================================== [ 28.497789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 28.498101] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.498491] [ 28.498601] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.498652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.498667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.498689] Call Trace: [ 28.498706] <TASK> [ 28.498723] dump_stack_lvl+0x73/0xb0 [ 28.498751] print_report+0xd1/0x640 [ 28.498776] ? __virt_addr_valid+0x1db/0x2d0 [ 28.498802] ? kasan_atomics_helper+0x15b6/0x5450 [ 28.498825] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.498864] ? kasan_atomics_helper+0x15b6/0x5450 [ 28.498888] kasan_report+0x141/0x180 [ 28.498912] ? kasan_atomics_helper+0x15b6/0x5450 [ 28.498942] kasan_check_range+0x10c/0x1c0 [ 28.498969] __kasan_check_write+0x18/0x20 [ 28.498994] kasan_atomics_helper+0x15b6/0x5450 [ 28.499019] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.499043] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.499070] ? kasan_atomics+0x152/0x310 [ 28.499098] kasan_atomics+0x1dc/0x310 [ 28.499122] ? __pfx_kasan_atomics+0x10/0x10 [ 28.499149] ? __pfx_read_tsc+0x10/0x10 [ 28.499172] ? ktime_get_ts64+0x86/0x230 [ 28.499198] kunit_try_run_case+0x1a5/0x480 [ 28.499225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.499251] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.499280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.499307] ? __kthread_parkme+0x82/0x180 [ 28.499329] ? preempt_count_sub+0x50/0x80 [ 28.499354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.499381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.499406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.499433] kthread+0x337/0x6f0 [ 28.499454] ? trace_preempt_on+0x20/0xc0 [ 28.499479] ? __pfx_kthread+0x10/0x10 [ 28.499502] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.499528] ? calculate_sigpending+0x7b/0xa0 [ 28.499554] ? __pfx_kthread+0x10/0x10 [ 28.499578] ret_from_fork+0x116/0x1d0 [ 28.499599] ? __pfx_kthread+0x10/0x10 [ 28.499622] ret_from_fork_asm+0x1a/0x30 [ 28.499654] </TASK> [ 28.499667] [ 28.507775] Allocated by task 313: [ 28.507929] kasan_save_stack+0x45/0x70 [ 28.508099] kasan_save_track+0x18/0x40 [ 28.508445] kasan_save_alloc_info+0x3b/0x50 [ 28.508705] __kasan_kmalloc+0xb7/0xc0 [ 28.508915] __kmalloc_cache_noprof+0x189/0x420 [ 28.509140] kasan_atomics+0x95/0x310 [ 28.509343] kunit_try_run_case+0x1a5/0x480 [ 28.509703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.509946] kthread+0x337/0x6f0 [ 28.510120] ret_from_fork+0x116/0x1d0 [ 28.510346] ret_from_fork_asm+0x1a/0x30 [ 28.510610] [ 28.510689] The buggy address belongs to the object at ffff8881058a7e80 [ 28.510689] which belongs to the cache kmalloc-64 of size 64 [ 28.511210] The buggy address is located 0 bytes to the right of [ 28.511210] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.511851] [ 28.511938] The buggy address belongs to the physical page: [ 28.512188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.512577] flags: 0x200000000000000(node=0|zone=2) [ 28.512785] page_type: f5(slab) [ 28.512964] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.513205] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.513435] page dumped because: kasan: bad access detected [ 28.513608] [ 28.513676] Memory state around the buggy address: [ 28.513840] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.514159] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.514820] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.515155] ^ [ 28.515327] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.515957] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.516344] ================================================================== [ 28.073725] ================================================================== [ 28.073998] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 28.074231] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.074523] [ 28.075642] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.075695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.075710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.075732] Call Trace: [ 28.075749] <TASK> [ 28.075764] dump_stack_lvl+0x73/0xb0 [ 28.075794] print_report+0xd1/0x640 [ 28.075820] ? __virt_addr_valid+0x1db/0x2d0 [ 28.075860] ? kasan_atomics_helper+0xf10/0x5450 [ 28.075885] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.075914] ? kasan_atomics_helper+0xf10/0x5450 [ 28.075938] kasan_report+0x141/0x180 [ 28.075962] ? kasan_atomics_helper+0xf10/0x5450 [ 28.075990] kasan_check_range+0x10c/0x1c0 [ 28.076016] __kasan_check_write+0x18/0x20 [ 28.076042] kasan_atomics_helper+0xf10/0x5450 [ 28.076067] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.076091] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.076117] ? kasan_atomics+0x152/0x310 [ 28.076145] kasan_atomics+0x1dc/0x310 [ 28.076801] ? __pfx_kasan_atomics+0x10/0x10 [ 28.076850] ? __pfx_read_tsc+0x10/0x10 [ 28.076880] ? ktime_get_ts64+0x86/0x230 [ 28.076908] kunit_try_run_case+0x1a5/0x480 [ 28.076936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.076961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.076988] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.077016] ? __kthread_parkme+0x82/0x180 [ 28.077037] ? preempt_count_sub+0x50/0x80 [ 28.077062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.077088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.077114] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.077139] kthread+0x337/0x6f0 [ 28.077409] ? trace_preempt_on+0x20/0xc0 [ 28.077437] ? __pfx_kthread+0x10/0x10 [ 28.077508] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.077537] ? calculate_sigpending+0x7b/0xa0 [ 28.077563] ? __pfx_kthread+0x10/0x10 [ 28.077586] ret_from_fork+0x116/0x1d0 [ 28.077607] ? __pfx_kthread+0x10/0x10 [ 28.077630] ret_from_fork_asm+0x1a/0x30 [ 28.077663] </TASK> [ 28.077676] [ 28.087655] Allocated by task 313: [ 28.088433] kasan_save_stack+0x45/0x70 [ 28.088951] kasan_save_track+0x18/0x40 [ 28.089617] kasan_save_alloc_info+0x3b/0x50 [ 28.090255] __kasan_kmalloc+0xb7/0xc0 [ 28.090923] __kmalloc_cache_noprof+0x189/0x420 [ 28.091651] kasan_atomics+0x95/0x310 [ 28.092304] kunit_try_run_case+0x1a5/0x480 [ 28.093092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.093951] kthread+0x337/0x6f0 [ 28.094559] ret_from_fork+0x116/0x1d0 [ 28.095257] ret_from_fork_asm+0x1a/0x30 [ 28.095905] [ 28.096308] The buggy address belongs to the object at ffff8881058a7e80 [ 28.096308] which belongs to the cache kmalloc-64 of size 64 [ 28.098153] The buggy address is located 0 bytes to the right of [ 28.098153] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.099925] [ 28.100397] The buggy address belongs to the physical page: [ 28.101041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.101838] flags: 0x200000000000000(node=0|zone=2) [ 28.102514] page_type: f5(slab) [ 28.102652] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.102904] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.103138] page dumped because: kasan: bad access detected [ 28.103625] [ 28.103872] Memory state around the buggy address: [ 28.104281] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.105119] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.105885] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.106640] ^ [ 28.107096] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.107708] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.108239] ================================================================== [ 28.727087] ================================================================== [ 28.727475] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 28.727794] Write of size 8 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.728093] [ 28.728197] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.728246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.728261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.728285] Call Trace: [ 28.728303] <TASK> [ 28.728318] dump_stack_lvl+0x73/0xb0 [ 28.728348] print_report+0xd1/0x640 [ 28.728373] ? __virt_addr_valid+0x1db/0x2d0 [ 28.728399] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.728422] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.728450] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.728473] kasan_report+0x141/0x180 [ 28.728497] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.728525] kasan_check_range+0x10c/0x1c0 [ 28.728551] __kasan_check_write+0x18/0x20 [ 28.728575] kasan_atomics_helper+0x1b22/0x5450 [ 28.728600] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.728623] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.728649] ? kasan_atomics+0x152/0x310 [ 28.728677] kasan_atomics+0x1dc/0x310 [ 28.728702] ? __pfx_kasan_atomics+0x10/0x10 [ 28.728727] ? __pfx_read_tsc+0x10/0x10 [ 28.728751] ? ktime_get_ts64+0x86/0x230 [ 28.728777] kunit_try_run_case+0x1a5/0x480 [ 28.728803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.728828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.728874] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.728902] ? __kthread_parkme+0x82/0x180 [ 28.728923] ? preempt_count_sub+0x50/0x80 [ 28.728948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.728974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.728999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.729024] kthread+0x337/0x6f0 [ 28.729046] ? trace_preempt_on+0x20/0xc0 [ 28.729071] ? __pfx_kthread+0x10/0x10 [ 28.729093] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.729118] ? calculate_sigpending+0x7b/0xa0 [ 28.729144] ? __pfx_kthread+0x10/0x10 [ 28.729167] ret_from_fork+0x116/0x1d0 [ 28.729189] ? __pfx_kthread+0x10/0x10 [ 28.729211] ret_from_fork_asm+0x1a/0x30 [ 28.729243] </TASK> [ 28.729255] [ 28.736770] Allocated by task 313: [ 28.736926] kasan_save_stack+0x45/0x70 [ 28.737946] kasan_save_track+0x18/0x40 [ 28.738132] kasan_save_alloc_info+0x3b/0x50 [ 28.738282] __kasan_kmalloc+0xb7/0xc0 [ 28.738412] __kmalloc_cache_noprof+0x189/0x420 [ 28.738914] kasan_atomics+0x95/0x310 [ 28.739229] kunit_try_run_case+0x1a5/0x480 [ 28.739425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.739691] kthread+0x337/0x6f0 [ 28.739811] ret_from_fork+0x116/0x1d0 [ 28.739949] ret_from_fork_asm+0x1a/0x30 [ 28.740179] [ 28.740276] The buggy address belongs to the object at ffff8881058a7e80 [ 28.740276] which belongs to the cache kmalloc-64 of size 64 [ 28.740892] The buggy address is located 0 bytes to the right of [ 28.740892] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.741880] [ 28.741992] The buggy address belongs to the physical page: [ 28.742210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.743356] flags: 0x200000000000000(node=0|zone=2) [ 28.744128] page_type: f5(slab) [ 28.744368] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.744619] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.744872] page dumped because: kasan: bad access detected [ 28.745051] [ 28.745121] Memory state around the buggy address: [ 28.745280] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.745502] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.745723] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.746983] ^ [ 28.747960] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.749073] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.750212] ================================================================== [ 27.914296] ================================================================== [ 27.915128] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 27.915624] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.916234] [ 27.916491] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.916554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.916569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.916594] Call Trace: [ 27.916614] <TASK> [ 27.916632] dump_stack_lvl+0x73/0xb0 [ 27.916662] print_report+0xd1/0x640 [ 27.916687] ? __virt_addr_valid+0x1db/0x2d0 [ 27.916712] ? kasan_atomics_helper+0xb6a/0x5450 [ 27.916737] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.916767] ? kasan_atomics_helper+0xb6a/0x5450 [ 27.916791] kasan_report+0x141/0x180 [ 27.916816] ? kasan_atomics_helper+0xb6a/0x5450 [ 27.916855] kasan_check_range+0x10c/0x1c0 [ 27.916885] __kasan_check_write+0x18/0x20 [ 27.916911] kasan_atomics_helper+0xb6a/0x5450 [ 27.916936] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.916960] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.916987] ? kasan_atomics+0x152/0x310 [ 27.917015] kasan_atomics+0x1dc/0x310 [ 27.917040] ? __pfx_kasan_atomics+0x10/0x10 [ 27.917067] ? __pfx_read_tsc+0x10/0x10 [ 27.917091] ? ktime_get_ts64+0x86/0x230 [ 27.917117] kunit_try_run_case+0x1a5/0x480 [ 27.917144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.917303] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.917341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.917385] ? __kthread_parkme+0x82/0x180 [ 27.917409] ? preempt_count_sub+0x50/0x80 [ 27.917478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.917506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.917533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.917558] kthread+0x337/0x6f0 [ 27.917580] ? trace_preempt_on+0x20/0xc0 [ 27.917607] ? __pfx_kthread+0x10/0x10 [ 27.917630] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.917655] ? calculate_sigpending+0x7b/0xa0 [ 27.917680] ? __pfx_kthread+0x10/0x10 [ 27.917703] ret_from_fork+0x116/0x1d0 [ 27.917725] ? __pfx_kthread+0x10/0x10 [ 27.917747] ret_from_fork_asm+0x1a/0x30 [ 27.917779] </TASK> [ 27.917792] [ 27.931307] Allocated by task 313: [ 27.931663] kasan_save_stack+0x45/0x70 [ 27.931868] kasan_save_track+0x18/0x40 [ 27.932053] kasan_save_alloc_info+0x3b/0x50 [ 27.932654] __kasan_kmalloc+0xb7/0xc0 [ 27.933084] __kmalloc_cache_noprof+0x189/0x420 [ 27.933374] kasan_atomics+0x95/0x310 [ 27.933752] kunit_try_run_case+0x1a5/0x480 [ 27.933976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.934502] kthread+0x337/0x6f0 [ 27.934956] ret_from_fork+0x116/0x1d0 [ 27.935326] ret_from_fork_asm+0x1a/0x30 [ 27.935809] [ 27.935936] The buggy address belongs to the object at ffff8881058a7e80 [ 27.935936] which belongs to the cache kmalloc-64 of size 64 [ 27.937000] The buggy address is located 0 bytes to the right of [ 27.937000] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.937758] [ 27.937869] The buggy address belongs to the physical page: [ 27.938091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.939060] flags: 0x200000000000000(node=0|zone=2) [ 27.939354] page_type: f5(slab) [ 27.939871] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.940599] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.940921] page dumped because: kasan: bad access detected [ 27.941148] [ 27.941497] Memory state around the buggy address: [ 27.941726] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.942022] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.942677] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.942984] ^ [ 27.943474] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.943998] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.944697] ================================================================== [ 28.141846] ================================================================== [ 28.142206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 28.142693] Read of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 28.143037] [ 28.143134] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 28.143186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.143203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.143230] Call Trace: [ 28.143245] <TASK> [ 28.143262] dump_stack_lvl+0x73/0xb0 [ 28.143292] print_report+0xd1/0x640 [ 28.143316] ? __virt_addr_valid+0x1db/0x2d0 [ 28.143342] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.143365] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.143394] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.143418] kasan_report+0x141/0x180 [ 28.143442] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.143483] __asan_report_load4_noabort+0x18/0x20 [ 28.143510] kasan_atomics_helper+0x4a36/0x5450 [ 28.143535] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.143560] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.143587] ? kasan_atomics+0x152/0x310 [ 28.143615] kasan_atomics+0x1dc/0x310 [ 28.143641] ? __pfx_kasan_atomics+0x10/0x10 [ 28.143667] ? __pfx_read_tsc+0x10/0x10 [ 28.143691] ? ktime_get_ts64+0x86/0x230 [ 28.143716] kunit_try_run_case+0x1a5/0x480 [ 28.143743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.143768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.143796] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.143823] ? __kthread_parkme+0x82/0x180 [ 28.143855] ? preempt_count_sub+0x50/0x80 [ 28.143880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.143907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.143933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.143960] kthread+0x337/0x6f0 [ 28.143981] ? trace_preempt_on+0x20/0xc0 [ 28.144006] ? __pfx_kthread+0x10/0x10 [ 28.144029] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.144055] ? calculate_sigpending+0x7b/0xa0 [ 28.144080] ? __pfx_kthread+0x10/0x10 [ 28.144103] ret_from_fork+0x116/0x1d0 [ 28.144124] ? __pfx_kthread+0x10/0x10 [ 28.144147] ret_from_fork_asm+0x1a/0x30 [ 28.144179] </TASK> [ 28.144193] [ 28.157189] Allocated by task 313: [ 28.157372] kasan_save_stack+0x45/0x70 [ 28.157616] kasan_save_track+0x18/0x40 [ 28.157785] kasan_save_alloc_info+0x3b/0x50 [ 28.157974] __kasan_kmalloc+0xb7/0xc0 [ 28.158134] __kmalloc_cache_noprof+0x189/0x420 [ 28.158816] kasan_atomics+0x95/0x310 [ 28.159365] kunit_try_run_case+0x1a5/0x480 [ 28.159972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.160408] kthread+0x337/0x6f0 [ 28.160751] ret_from_fork+0x116/0x1d0 [ 28.160963] ret_from_fork_asm+0x1a/0x30 [ 28.161137] [ 28.161609] The buggy address belongs to the object at ffff8881058a7e80 [ 28.161609] which belongs to the cache kmalloc-64 of size 64 [ 28.162363] The buggy address is located 0 bytes to the right of [ 28.162363] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 28.163427] [ 28.163710] The buggy address belongs to the physical page: [ 28.163966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 28.164525] flags: 0x200000000000000(node=0|zone=2) [ 28.164988] page_type: f5(slab) [ 28.165345] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.165962] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.166580] page dumped because: kasan: bad access detected [ 28.166838] [ 28.166930] Memory state around the buggy address: [ 28.167138] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.167419] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.168135] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.168741] ^ [ 28.169157] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.169646] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.170098] ================================================================== [ 27.618473] ================================================================== [ 27.618995] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 27.619374] Write of size 4 at addr ffff8881058a7eb0 by task kunit_try_catch/313 [ 27.619799] [ 27.619922] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.619972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.619989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.620011] Call Trace: [ 27.620028] <TASK> [ 27.620044] dump_stack_lvl+0x73/0xb0 [ 27.620074] print_report+0xd1/0x640 [ 27.620099] ? __virt_addr_valid+0x1db/0x2d0 [ 27.620125] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.620176] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.620204] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.620228] kasan_report+0x141/0x180 [ 27.620263] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.620290] kasan_check_range+0x10c/0x1c0 [ 27.620316] __kasan_check_write+0x18/0x20 [ 27.620341] kasan_atomics_helper+0x4a0/0x5450 [ 27.620375] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.620399] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.620424] ? kasan_atomics+0x152/0x310 [ 27.620518] kasan_atomics+0x1dc/0x310 [ 27.620549] ? __pfx_kasan_atomics+0x10/0x10 [ 27.620574] ? __pfx_read_tsc+0x10/0x10 [ 27.620598] ? ktime_get_ts64+0x86/0x230 [ 27.620623] kunit_try_run_case+0x1a5/0x480 [ 27.620651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.620675] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.620702] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.620730] ? __kthread_parkme+0x82/0x180 [ 27.620751] ? preempt_count_sub+0x50/0x80 [ 27.620776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.620802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.620839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.620869] kthread+0x337/0x6f0 [ 27.620891] ? trace_preempt_on+0x20/0xc0 [ 27.620917] ? __pfx_kthread+0x10/0x10 [ 27.620939] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.620964] ? calculate_sigpending+0x7b/0xa0 [ 27.620990] ? __pfx_kthread+0x10/0x10 [ 27.621012] ret_from_fork+0x116/0x1d0 [ 27.621034] ? __pfx_kthread+0x10/0x10 [ 27.621056] ret_from_fork_asm+0x1a/0x30 [ 27.621089] </TASK> [ 27.621103] [ 27.629376] Allocated by task 313: [ 27.629521] kasan_save_stack+0x45/0x70 [ 27.629672] kasan_save_track+0x18/0x40 [ 27.629813] kasan_save_alloc_info+0x3b/0x50 [ 27.630219] __kasan_kmalloc+0xb7/0xc0 [ 27.630524] __kmalloc_cache_noprof+0x189/0x420 [ 27.630757] kasan_atomics+0x95/0x310 [ 27.630960] kunit_try_run_case+0x1a5/0x480 [ 27.631172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.631463] kthread+0x337/0x6f0 [ 27.631668] ret_from_fork+0x116/0x1d0 [ 27.631871] ret_from_fork_asm+0x1a/0x30 [ 27.632071] [ 27.632185] The buggy address belongs to the object at ffff8881058a7e80 [ 27.632185] which belongs to the cache kmalloc-64 of size 64 [ 27.632742] The buggy address is located 0 bytes to the right of [ 27.632742] allocated 48-byte region [ffff8881058a7e80, ffff8881058a7eb0) [ 27.633303] [ 27.633379] The buggy address belongs to the physical page: [ 27.633622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a7 [ 27.633901] flags: 0x200000000000000(node=0|zone=2) [ 27.634148] page_type: f5(slab) [ 27.634339] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.634869] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.635214] page dumped because: kasan: bad access detected [ 27.635460] [ 27.635543] Memory state around the buggy address: [ 27.635702] ffff8881058a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.636034] ffff8881058a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.636522] >ffff8881058a7e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.636842] ^ [ 27.637088] ffff8881058a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.637422] ffff8881058a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.637779] ==================================================================