Date
July 23, 2025, 3:10 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 33.473249] ================================================================== [ 33.473338] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 33.473415] Read of size 4 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.473480] [ 33.473519] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.473610] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.473642] Hardware name: linux,dummy-virt (DT) [ 33.473746] Call trace: [ 33.473772] show_stack+0x20/0x38 (C) [ 33.473819] dump_stack_lvl+0x8c/0xd0 [ 33.473922] print_report+0x118/0x5e8 [ 33.473983] kasan_report+0xdc/0x128 [ 33.474030] __asan_report_load4_noabort+0x20/0x30 [ 33.474097] kasan_atomics_helper+0x3e04/0x4858 [ 33.474168] kasan_atomics+0x198/0x2e0 [ 33.474218] kunit_try_run_case+0x170/0x3f0 [ 33.474519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.474608] kthread+0x328/0x630 [ 33.474652] ret_from_fork+0x10/0x20 [ 33.474744] [ 33.474785] Allocated by task 298: [ 33.474844] kasan_save_stack+0x3c/0x68 [ 33.474917] kasan_save_track+0x20/0x40 [ 33.475150] kasan_save_alloc_info+0x40/0x58 [ 33.475213] __kasan_kmalloc+0xd4/0xd8 [ 33.475251] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.475430] kasan_atomics+0xb8/0x2e0 [ 33.475502] kunit_try_run_case+0x170/0x3f0 [ 33.475552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.475596] kthread+0x328/0x630 [ 33.475686] ret_from_fork+0x10/0x20 [ 33.475726] [ 33.475748] The buggy address belongs to the object at fff00000c9c2de00 [ 33.475748] which belongs to the cache kmalloc-64 of size 64 [ 33.475835] The buggy address is located 0 bytes to the right of [ 33.475835] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.476123] [ 33.476173] The buggy address belongs to the physical page: [ 33.476210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.476263] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.476339] page_type: f5(slab) [ 33.476541] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.477090] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.477195] page dumped because: kasan: bad access detected [ 33.477348] [ 33.477392] Memory state around the buggy address: [ 33.477428] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.477672] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.477770] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.477959] ^ [ 33.477998] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.478053] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.478093] ================================================================== [ 33.664837] ================================================================== [ 33.664891] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 33.665399] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.666569] [ 33.666686] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.666792] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.667043] Hardware name: linux,dummy-virt (DT) [ 33.667382] Call trace: [ 33.667440] show_stack+0x20/0x38 (C) [ 33.667735] dump_stack_lvl+0x8c/0xd0 [ 33.667827] print_report+0x118/0x5e8 [ 33.667882] kasan_report+0xdc/0x128 [ 33.667970] kasan_check_range+0x100/0x1a8 [ 33.668022] __kasan_check_write+0x20/0x30 [ 33.668070] kasan_atomics_helper+0x16d0/0x4858 [ 33.668147] kasan_atomics+0x198/0x2e0 [ 33.668196] kunit_try_run_case+0x170/0x3f0 [ 33.668243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.668296] kthread+0x328/0x630 [ 33.668339] ret_from_fork+0x10/0x20 [ 33.668387] [ 33.668408] Allocated by task 298: [ 33.668458] kasan_save_stack+0x3c/0x68 [ 33.668503] kasan_save_track+0x20/0x40 [ 33.668777] kasan_save_alloc_info+0x40/0x58 [ 33.668917] __kasan_kmalloc+0xd4/0xd8 [ 33.668981] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.669033] kasan_atomics+0xb8/0x2e0 [ 33.669073] kunit_try_run_case+0x170/0x3f0 [ 33.669113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.669331] kthread+0x328/0x630 [ 33.669507] ret_from_fork+0x10/0x20 [ 33.669586] [ 33.669654] The buggy address belongs to the object at fff00000c9c2de00 [ 33.669654] which belongs to the cache kmalloc-64 of size 64 [ 33.670008] The buggy address is located 0 bytes to the right of [ 33.670008] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.670123] [ 33.670178] The buggy address belongs to the physical page: [ 33.670214] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.670400] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.670627] page_type: f5(slab) [ 33.670889] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.671044] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.671131] page dumped because: kasan: bad access detected [ 33.671245] [ 33.671305] Memory state around the buggy address: [ 33.671417] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.671493] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.671808] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.671950] ^ [ 33.672043] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.672255] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.672427] ================================================================== [ 33.681605] ================================================================== [ 33.681660] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 33.681715] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.681768] [ 33.681800] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.681891] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.681937] Hardware name: linux,dummy-virt (DT) [ 33.681968] Call trace: [ 33.681993] show_stack+0x20/0x38 (C) [ 33.683628] dump_stack_lvl+0x8c/0xd0 [ 33.683719] print_report+0x118/0x5e8 [ 33.684191] kasan_report+0xdc/0x128 [ 33.684340] kasan_check_range+0x100/0x1a8 [ 33.684390] __kasan_check_write+0x20/0x30 [ 33.684730] kasan_atomics_helper+0x175c/0x4858 [ 33.685245] kasan_atomics+0x198/0x2e0 [ 33.685307] kunit_try_run_case+0x170/0x3f0 [ 33.685356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.685579] kthread+0x328/0x630 [ 33.685758] ret_from_fork+0x10/0x20 [ 33.686191] [ 33.686441] Allocated by task 298: [ 33.686673] kasan_save_stack+0x3c/0x68 [ 33.686872] kasan_save_track+0x20/0x40 [ 33.687144] kasan_save_alloc_info+0x40/0x58 [ 33.687454] __kasan_kmalloc+0xd4/0xd8 [ 33.687504] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.687876] kasan_atomics+0xb8/0x2e0 [ 33.688136] kunit_try_run_case+0x170/0x3f0 [ 33.688510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.688640] kthread+0x328/0x630 [ 33.688703] ret_from_fork+0x10/0x20 [ 33.688742] [ 33.688867] The buggy address belongs to the object at fff00000c9c2de00 [ 33.688867] which belongs to the cache kmalloc-64 of size 64 [ 33.689136] The buggy address is located 0 bytes to the right of [ 33.689136] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.689206] [ 33.689439] The buggy address belongs to the physical page: [ 33.689531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.689689] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.690281] page_type: f5(slab) [ 33.690592] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.691010] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.691358] page dumped because: kasan: bad access detected [ 33.691558] [ 33.691597] Memory state around the buggy address: [ 33.691756] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.692125] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.692176] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.692217] ^ [ 33.692654] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.692719] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.692767] ================================================================== [ 33.524244] ================================================================== [ 33.524341] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 33.524439] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.524494] [ 33.524533] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.524656] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.524748] Hardware name: linux,dummy-virt (DT) [ 33.524783] Call trace: [ 33.524809] show_stack+0x20/0x38 (C) [ 33.525040] dump_stack_lvl+0x8c/0xd0 [ 33.525265] print_report+0x118/0x5e8 [ 33.525510] kasan_report+0xdc/0x128 [ 33.525728] kasan_check_range+0x100/0x1a8 [ 33.525970] __kasan_check_write+0x20/0x30 [ 33.526177] kasan_atomics_helper+0x1058/0x4858 [ 33.526266] kasan_atomics+0x198/0x2e0 [ 33.526525] kunit_try_run_case+0x170/0x3f0 [ 33.526725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.527021] kthread+0x328/0x630 [ 33.527225] ret_from_fork+0x10/0x20 [ 33.527505] [ 33.527612] Allocated by task 298: [ 33.527652] kasan_save_stack+0x3c/0x68 [ 33.527698] kasan_save_track+0x20/0x40 [ 33.527945] kasan_save_alloc_info+0x40/0x58 [ 33.528330] __kasan_kmalloc+0xd4/0xd8 [ 33.528674] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.528741] kasan_atomics+0xb8/0x2e0 [ 33.528953] kunit_try_run_case+0x170/0x3f0 [ 33.529077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.529486] kthread+0x328/0x630 [ 33.529601] ret_from_fork+0x10/0x20 [ 33.529645] [ 33.529667] The buggy address belongs to the object at fff00000c9c2de00 [ 33.529667] which belongs to the cache kmalloc-64 of size 64 [ 33.529891] The buggy address is located 0 bytes to the right of [ 33.529891] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.530201] [ 33.530285] The buggy address belongs to the physical page: [ 33.530480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.530549] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.530601] page_type: f5(slab) [ 33.530641] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.530693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.530735] page dumped because: kasan: bad access detected [ 33.530770] [ 33.530790] Memory state around the buggy address: [ 33.530823] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.530876] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.530934] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.530985] ^ [ 33.531040] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.531120] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.531170] ================================================================== [ 33.508210] ================================================================== [ 33.508266] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 33.508319] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.508387] [ 33.508435] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.508528] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.508612] Hardware name: linux,dummy-virt (DT) [ 33.508684] Call trace: [ 33.508708] show_stack+0x20/0x38 (C) [ 33.508757] dump_stack_lvl+0x8c/0xd0 [ 33.508970] print_report+0x118/0x5e8 [ 33.509019] kasan_report+0xdc/0x128 [ 33.509064] kasan_check_range+0x100/0x1a8 [ 33.509344] __kasan_check_write+0x20/0x30 [ 33.509432] kasan_atomics_helper+0xf88/0x4858 [ 33.509824] kasan_atomics+0x198/0x2e0 [ 33.509953] kunit_try_run_case+0x170/0x3f0 [ 33.510100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.510194] kthread+0x328/0x630 [ 33.510299] ret_from_fork+0x10/0x20 [ 33.510415] [ 33.510439] Allocated by task 298: [ 33.510469] kasan_save_stack+0x3c/0x68 [ 33.510822] kasan_save_track+0x20/0x40 [ 33.510912] kasan_save_alloc_info+0x40/0x58 [ 33.510980] __kasan_kmalloc+0xd4/0xd8 [ 33.511040] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.511336] kasan_atomics+0xb8/0x2e0 [ 33.511429] kunit_try_run_case+0x170/0x3f0 [ 33.511487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.511534] kthread+0x328/0x630 [ 33.511574] ret_from_fork+0x10/0x20 [ 33.511621] [ 33.511652] The buggy address belongs to the object at fff00000c9c2de00 [ 33.511652] which belongs to the cache kmalloc-64 of size 64 [ 33.511803] The buggy address is located 0 bytes to the right of [ 33.511803] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.511872] [ 33.512128] The buggy address belongs to the physical page: [ 33.512391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.512466] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.512942] page_type: f5(slab) [ 33.513067] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.513144] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.513189] page dumped because: kasan: bad access detected [ 33.513588] [ 33.513688] Memory state around the buggy address: [ 33.514058] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.514196] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.514281] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.514419] ^ [ 33.514477] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.514552] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.514594] ================================================================== [ 33.633371] ================================================================== [ 33.633448] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 33.633501] Read of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.633797] [ 33.633851] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.634031] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.634068] Hardware name: linux,dummy-virt (DT) [ 33.634117] Call trace: [ 33.634143] show_stack+0x20/0x38 (C) [ 33.634225] dump_stack_lvl+0x8c/0xd0 [ 33.634302] print_report+0x118/0x5e8 [ 33.634360] kasan_report+0xdc/0x128 [ 33.634405] __asan_report_load8_noabort+0x20/0x30 [ 33.634480] kasan_atomics_helper+0x3db0/0x4858 [ 33.634534] kasan_atomics+0x198/0x2e0 [ 33.634600] kunit_try_run_case+0x170/0x3f0 [ 33.634839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.634914] kthread+0x328/0x630 [ 33.634959] ret_from_fork+0x10/0x20 [ 33.635042] [ 33.635083] Allocated by task 298: [ 33.635116] kasan_save_stack+0x3c/0x68 [ 33.635164] kasan_save_track+0x20/0x40 [ 33.635450] kasan_save_alloc_info+0x40/0x58 [ 33.635510] __kasan_kmalloc+0xd4/0xd8 [ 33.635556] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.635599] kasan_atomics+0xb8/0x2e0 [ 33.635666] kunit_try_run_case+0x170/0x3f0 [ 33.635714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.635760] kthread+0x328/0x630 [ 33.635796] ret_from_fork+0x10/0x20 [ 33.636084] [ 33.636152] The buggy address belongs to the object at fff00000c9c2de00 [ 33.636152] which belongs to the cache kmalloc-64 of size 64 [ 33.636218] The buggy address is located 0 bytes to the right of [ 33.636218] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.636283] [ 33.636304] The buggy address belongs to the physical page: [ 33.636340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.636395] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.636458] page_type: f5(slab) [ 33.636532] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.637007] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.637051] page dumped because: kasan: bad access detected [ 33.637260] [ 33.637283] Memory state around the buggy address: [ 33.637499] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.637572] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.637619] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.638219] ^ [ 33.638310] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.638366] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.638839] ================================================================== [ 33.565839] ================================================================== [ 33.565930] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 33.566165] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.566342] [ 33.566411] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.566510] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.566631] Hardware name: linux,dummy-virt (DT) [ 33.566687] Call trace: [ 33.566713] show_stack+0x20/0x38 (C) [ 33.566766] dump_stack_lvl+0x8c/0xd0 [ 33.567023] print_report+0x118/0x5e8 [ 33.567103] kasan_report+0xdc/0x128 [ 33.567257] kasan_check_range+0x100/0x1a8 [ 33.567318] __kasan_check_write+0x20/0x30 [ 33.567612] kasan_atomics_helper+0x126c/0x4858 [ 33.567833] kasan_atomics+0x198/0x2e0 [ 33.568079] kunit_try_run_case+0x170/0x3f0 [ 33.568147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.568201] kthread+0x328/0x630 [ 33.568511] ret_from_fork+0x10/0x20 [ 33.568805] [ 33.568995] Allocated by task 298: [ 33.569171] kasan_save_stack+0x3c/0x68 [ 33.569223] kasan_save_track+0x20/0x40 [ 33.569615] kasan_save_alloc_info+0x40/0x58 [ 33.569778] __kasan_kmalloc+0xd4/0xd8 [ 33.570123] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.570197] kasan_atomics+0xb8/0x2e0 [ 33.570240] kunit_try_run_case+0x170/0x3f0 [ 33.570299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.570345] kthread+0x328/0x630 [ 33.570402] ret_from_fork+0x10/0x20 [ 33.570453] [ 33.570485] The buggy address belongs to the object at fff00000c9c2de00 [ 33.570485] which belongs to the cache kmalloc-64 of size 64 [ 33.570546] The buggy address is located 0 bytes to the right of [ 33.570546] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.570623] [ 33.570645] The buggy address belongs to the physical page: [ 33.570682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.570746] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.570797] page_type: f5(slab) [ 33.570836] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.571507] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.571571] page dumped because: kasan: bad access detected [ 33.571630] [ 33.571678] Memory state around the buggy address: [ 33.571778] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.571825] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.571916] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.572320] ^ [ 33.572637] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.572891] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.572986] ================================================================== [ 33.693352] ================================================================== [ 33.693402] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 33.693454] Read of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.693506] [ 33.694367] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.694484] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.694516] Hardware name: linux,dummy-virt (DT) [ 33.694547] Call trace: [ 33.695194] show_stack+0x20/0x38 (C) [ 33.695264] dump_stack_lvl+0x8c/0xd0 [ 33.695314] print_report+0x118/0x5e8 [ 33.695362] kasan_report+0xdc/0x128 [ 33.695802] __asan_report_load8_noabort+0x20/0x30 [ 33.696042] kasan_atomics_helper+0x3e20/0x4858 [ 33.696094] kasan_atomics+0x198/0x2e0 [ 33.696143] kunit_try_run_case+0x170/0x3f0 [ 33.696191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.696246] kthread+0x328/0x630 [ 33.696289] ret_from_fork+0x10/0x20 [ 33.697088] [ 33.697139] Allocated by task 298: [ 33.697171] kasan_save_stack+0x3c/0x68 [ 33.697226] kasan_save_track+0x20/0x40 [ 33.697628] kasan_save_alloc_info+0x40/0x58 [ 33.697674] __kasan_kmalloc+0xd4/0xd8 [ 33.697711] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.697925] kasan_atomics+0xb8/0x2e0 [ 33.698190] kunit_try_run_case+0x170/0x3f0 [ 33.698239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.698515] kthread+0x328/0x630 [ 33.698750] ret_from_fork+0x10/0x20 [ 33.698877] [ 33.698950] The buggy address belongs to the object at fff00000c9c2de00 [ 33.698950] which belongs to the cache kmalloc-64 of size 64 [ 33.699041] The buggy address is located 0 bytes to the right of [ 33.699041] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.699107] [ 33.699428] The buggy address belongs to the physical page: [ 33.699554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.700199] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.700557] page_type: f5(slab) [ 33.700783] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.701009] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.701058] page dumped because: kasan: bad access detected [ 33.701092] [ 33.701119] Memory state around the buggy address: [ 33.701153] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.701200] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.701673] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.701807] ^ [ 33.702298] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.702814] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.703156] ================================================================== [ 33.389693] ================================================================== [ 33.389750] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 33.389806] Write of size 4 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.389858] [ 33.389983] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.391021] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.391172] Hardware name: linux,dummy-virt (DT) [ 33.391208] Call trace: [ 33.391646] show_stack+0x20/0x38 (C) [ 33.391703] dump_stack_lvl+0x8c/0xd0 [ 33.391753] print_report+0x118/0x5e8 [ 33.391800] kasan_report+0xdc/0x128 [ 33.392092] kasan_check_range+0x100/0x1a8 [ 33.392142] __kasan_check_write+0x20/0x30 [ 33.392192] kasan_atomics_helper+0xa6c/0x4858 [ 33.392805] kasan_atomics+0x198/0x2e0 [ 33.393090] kunit_try_run_case+0x170/0x3f0 [ 33.393440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.393538] kthread+0x328/0x630 [ 33.393585] ret_from_fork+0x10/0x20 [ 33.394153] [ 33.394191] Allocated by task 298: [ 33.394226] kasan_save_stack+0x3c/0x68 [ 33.394274] kasan_save_track+0x20/0x40 [ 33.394312] kasan_save_alloc_info+0x40/0x58 [ 33.394358] __kasan_kmalloc+0xd4/0xd8 [ 33.395146] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.395214] kasan_atomics+0xb8/0x2e0 [ 33.395258] kunit_try_run_case+0x170/0x3f0 [ 33.395297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.395343] kthread+0x328/0x630 [ 33.395376] ret_from_fork+0x10/0x20 [ 33.395415] [ 33.395437] The buggy address belongs to the object at fff00000c9c2de00 [ 33.395437] which belongs to the cache kmalloc-64 of size 64 [ 33.396691] The buggy address is located 0 bytes to the right of [ 33.396691] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.396801] [ 33.396826] The buggy address belongs to the physical page: [ 33.396863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.396977] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.397053] page_type: f5(slab) [ 33.397112] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.397189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.397231] page dumped because: kasan: bad access detected [ 33.397265] [ 33.397329] Memory state around the buggy address: [ 33.397420] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.397936] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.398270] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.398661] ^ [ 33.398731] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.399218] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.399322] ================================================================== [ 33.478559] ================================================================== [ 33.478626] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 33.478706] Read of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.478758] [ 33.478808] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.478913] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.478951] Hardware name: linux,dummy-virt (DT) [ 33.479001] Call trace: [ 33.479041] show_stack+0x20/0x38 (C) [ 33.479091] dump_stack_lvl+0x8c/0xd0 [ 33.479157] print_report+0x118/0x5e8 [ 33.479201] kasan_report+0xdc/0x128 [ 33.479246] kasan_check_range+0x100/0x1a8 [ 33.479309] __kasan_check_read+0x20/0x30 [ 33.479374] kasan_atomics_helper+0xdd4/0x4858 [ 33.479428] kasan_atomics+0x198/0x2e0 [ 33.479481] kunit_try_run_case+0x170/0x3f0 [ 33.479537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.479591] kthread+0x328/0x630 [ 33.479634] ret_from_fork+0x10/0x20 [ 33.479682] [ 33.479702] Allocated by task 298: [ 33.479732] kasan_save_stack+0x3c/0x68 [ 33.479771] kasan_save_track+0x20/0x40 [ 33.479809] kasan_save_alloc_info+0x40/0x58 [ 33.479849] __kasan_kmalloc+0xd4/0xd8 [ 33.479885] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.479937] kasan_atomics+0xb8/0x2e0 [ 33.480229] kunit_try_run_case+0x170/0x3f0 [ 33.480335] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.480392] kthread+0x328/0x630 [ 33.480430] ret_from_fork+0x10/0x20 [ 33.480468] [ 33.480498] The buggy address belongs to the object at fff00000c9c2de00 [ 33.480498] which belongs to the cache kmalloc-64 of size 64 [ 33.480576] The buggy address is located 0 bytes to the right of [ 33.480576] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.480653] [ 33.480865] The buggy address belongs to the physical page: [ 33.480941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.481046] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.481134] page_type: f5(slab) [ 33.481193] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.481245] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.481486] page dumped because: kasan: bad access detected [ 33.481524] [ 33.481544] Memory state around the buggy address: [ 33.481578] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.481681] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.481750] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.481801] ^ [ 33.481891] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.481964] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.482042] ================================================================== [ 33.531766] ================================================================== [ 33.532135] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 33.532208] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.532268] [ 33.532303] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.532394] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.532632] Hardware name: linux,dummy-virt (DT) [ 33.532727] Call trace: [ 33.532800] show_stack+0x20/0x38 (C) [ 33.532989] dump_stack_lvl+0x8c/0xd0 [ 33.533249] print_report+0x118/0x5e8 [ 33.533655] kasan_report+0xdc/0x128 [ 33.533742] kasan_check_range+0x100/0x1a8 [ 33.533885] __kasan_check_write+0x20/0x30 [ 33.533988] kasan_atomics_helper+0x10c0/0x4858 [ 33.534222] kasan_atomics+0x198/0x2e0 [ 33.534666] kunit_try_run_case+0x170/0x3f0 [ 33.535024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.535219] kthread+0x328/0x630 [ 33.535455] ret_from_fork+0x10/0x20 [ 33.535827] [ 33.535976] Allocated by task 298: [ 33.536231] kasan_save_stack+0x3c/0x68 [ 33.536462] kasan_save_track+0x20/0x40 [ 33.536982] kasan_save_alloc_info+0x40/0x58 [ 33.537196] __kasan_kmalloc+0xd4/0xd8 [ 33.537261] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.537375] kasan_atomics+0xb8/0x2e0 [ 33.537418] kunit_try_run_case+0x170/0x3f0 [ 33.537459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.537529] kthread+0x328/0x630 [ 33.537568] ret_from_fork+0x10/0x20 [ 33.537747] [ 33.537935] The buggy address belongs to the object at fff00000c9c2de00 [ 33.537935] which belongs to the cache kmalloc-64 of size 64 [ 33.538163] The buggy address is located 0 bytes to the right of [ 33.538163] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.538523] [ 33.538709] The buggy address belongs to the physical page: [ 33.539330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.539568] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.539675] page_type: f5(slab) [ 33.539743] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.539883] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.540172] page dumped because: kasan: bad access detected [ 33.540369] [ 33.540465] Memory state around the buggy address: [ 33.540662] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.540714] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.540758] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.540797] ^ [ 33.540835] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.541270] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.541329] ================================================================== [ 33.487153] ================================================================== [ 33.487202] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 33.487252] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.487314] [ 33.487344] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.487437] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.487479] Hardware name: linux,dummy-virt (DT) [ 33.487514] Call trace: [ 33.487539] show_stack+0x20/0x38 (C) [ 33.487586] dump_stack_lvl+0x8c/0xd0 [ 33.487643] print_report+0x118/0x5e8 [ 33.487689] kasan_report+0xdc/0x128 [ 33.487742] kasan_check_range+0x100/0x1a8 [ 33.487788] __kasan_check_write+0x20/0x30 [ 33.487845] kasan_atomics_helper+0xe44/0x4858 [ 33.488414] kasan_atomics+0x198/0x2e0 [ 33.488485] kunit_try_run_case+0x170/0x3f0 [ 33.488537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.488591] kthread+0x328/0x630 [ 33.488768] ret_from_fork+0x10/0x20 [ 33.488892] [ 33.488982] Allocated by task 298: [ 33.489059] kasan_save_stack+0x3c/0x68 [ 33.489155] kasan_save_track+0x20/0x40 [ 33.489242] kasan_save_alloc_info+0x40/0x58 [ 33.489570] __kasan_kmalloc+0xd4/0xd8 [ 33.489660] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.489715] kasan_atomics+0xb8/0x2e0 [ 33.489785] kunit_try_run_case+0x170/0x3f0 [ 33.489869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.489927] kthread+0x328/0x630 [ 33.489963] ret_from_fork+0x10/0x20 [ 33.490124] [ 33.490150] The buggy address belongs to the object at fff00000c9c2de00 [ 33.490150] which belongs to the cache kmalloc-64 of size 64 [ 33.490213] The buggy address is located 0 bytes to the right of [ 33.490213] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.490322] [ 33.490398] The buggy address belongs to the physical page: [ 33.490494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.490594] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.490719] page_type: f5(slab) [ 33.490925] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.491054] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.491223] page dumped because: kasan: bad access detected [ 33.491294] [ 33.491353] Memory state around the buggy address: [ 33.491431] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.491497] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.491583] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.491635] ^ [ 33.491714] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.491759] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.491797] ================================================================== [ 33.651509] ================================================================== [ 33.651705] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 33.652450] Read of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.652507] [ 33.652540] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.652631] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.652782] Hardware name: linux,dummy-virt (DT) [ 33.652820] Call trace: [ 33.652845] show_stack+0x20/0x38 (C) [ 33.653471] dump_stack_lvl+0x8c/0xd0 [ 33.653758] print_report+0x118/0x5e8 [ 33.653934] kasan_report+0xdc/0x128 [ 33.654041] __asan_report_load8_noabort+0x20/0x30 [ 33.654165] kasan_atomics_helper+0x3df4/0x4858 [ 33.654217] kasan_atomics+0x198/0x2e0 [ 33.654265] kunit_try_run_case+0x170/0x3f0 [ 33.654314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.655701] kthread+0x328/0x630 [ 33.655840] ret_from_fork+0x10/0x20 [ 33.656607] [ 33.656684] Allocated by task 298: [ 33.656764] kasan_save_stack+0x3c/0x68 [ 33.657004] kasan_save_track+0x20/0x40 [ 33.657158] kasan_save_alloc_info+0x40/0x58 [ 33.657489] __kasan_kmalloc+0xd4/0xd8 [ 33.657711] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.657832] kasan_atomics+0xb8/0x2e0 [ 33.658237] kunit_try_run_case+0x170/0x3f0 [ 33.658578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.658634] kthread+0x328/0x630 [ 33.658672] ret_from_fork+0x10/0x20 [ 33.659621] [ 33.659798] The buggy address belongs to the object at fff00000c9c2de00 [ 33.659798] which belongs to the cache kmalloc-64 of size 64 [ 33.660226] The buggy address is located 0 bytes to the right of [ 33.660226] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.660657] [ 33.660686] The buggy address belongs to the physical page: [ 33.660967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.661411] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.661588] page_type: f5(slab) [ 33.661631] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.661826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.661882] page dumped because: kasan: bad access detected [ 33.661923] [ 33.661945] Memory state around the buggy address: [ 33.662371] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.662668] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.662725] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.662767] ^ [ 33.663118] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.663261] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.663584] ================================================================== [ 33.704136] ================================================================== [ 33.704192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 33.704245] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.704297] [ 33.704787] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.705128] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.705429] Hardware name: linux,dummy-virt (DT) [ 33.705464] Call trace: [ 33.705502] show_stack+0x20/0x38 (C) [ 33.705782] dump_stack_lvl+0x8c/0xd0 [ 33.705921] print_report+0x118/0x5e8 [ 33.705967] kasan_report+0xdc/0x128 [ 33.706013] kasan_check_range+0x100/0x1a8 [ 33.706060] __kasan_check_write+0x20/0x30 [ 33.706107] kasan_atomics_helper+0x17ec/0x4858 [ 33.706159] kasan_atomics+0x198/0x2e0 [ 33.706206] kunit_try_run_case+0x170/0x3f0 [ 33.706255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.707222] kthread+0x328/0x630 [ 33.707714] ret_from_fork+0x10/0x20 [ 33.707965] [ 33.707991] Allocated by task 298: [ 33.708133] kasan_save_stack+0x3c/0x68 [ 33.708194] kasan_save_track+0x20/0x40 [ 33.708366] kasan_save_alloc_info+0x40/0x58 [ 33.708432] __kasan_kmalloc+0xd4/0xd8 [ 33.708619] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.709016] kasan_atomics+0xb8/0x2e0 [ 33.709134] kunit_try_run_case+0x170/0x3f0 [ 33.709237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.709393] kthread+0x328/0x630 [ 33.709573] ret_from_fork+0x10/0x20 [ 33.709665] [ 33.709689] The buggy address belongs to the object at fff00000c9c2de00 [ 33.709689] which belongs to the cache kmalloc-64 of size 64 [ 33.709954] The buggy address is located 0 bytes to the right of [ 33.709954] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.710281] [ 33.710306] The buggy address belongs to the physical page: [ 33.710343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.710923] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.711281] page_type: f5(slab) [ 33.711462] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.711517] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.711561] page dumped because: kasan: bad access detected [ 33.711595] [ 33.711615] Memory state around the buggy address: [ 33.711649] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.711696] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.712219] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.712691] ^ [ 33.712735] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.712820] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.712863] ================================================================== [ 33.361707] ================================================================== [ 33.361764] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 33.361818] Write of size 4 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.361869] [ 33.361917] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.363542] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.363591] Hardware name: linux,dummy-virt (DT) [ 33.363639] Call trace: [ 33.363663] show_stack+0x20/0x38 (C) [ 33.363765] dump_stack_lvl+0x8c/0xd0 [ 33.363860] print_report+0x118/0x5e8 [ 33.363916] kasan_report+0xdc/0x128 [ 33.363961] kasan_check_range+0x100/0x1a8 [ 33.364382] __kasan_check_write+0x20/0x30 [ 33.364785] kasan_atomics_helper+0x99c/0x4858 [ 33.364917] kasan_atomics+0x198/0x2e0 [ 33.365309] kunit_try_run_case+0x170/0x3f0 [ 33.365613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.365925] kthread+0x328/0x630 [ 33.366236] ret_from_fork+0x10/0x20 [ 33.366651] [ 33.366679] Allocated by task 298: [ 33.367110] kasan_save_stack+0x3c/0x68 [ 33.367211] kasan_save_track+0x20/0x40 [ 33.367593] kasan_save_alloc_info+0x40/0x58 [ 33.367646] __kasan_kmalloc+0xd4/0xd8 [ 33.368075] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.368286] kasan_atomics+0xb8/0x2e0 [ 33.368613] kunit_try_run_case+0x170/0x3f0 [ 33.368670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.368715] kthread+0x328/0x630 [ 33.368750] ret_from_fork+0x10/0x20 [ 33.368788] [ 33.369231] The buggy address belongs to the object at fff00000c9c2de00 [ 33.369231] which belongs to the cache kmalloc-64 of size 64 [ 33.369646] The buggy address is located 0 bytes to the right of [ 33.369646] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.369931] [ 33.370250] The buggy address belongs to the physical page: [ 33.370388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.370824] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.370984] page_type: f5(slab) [ 33.371332] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.371441] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.371801] page dumped because: kasan: bad access detected [ 33.372048] [ 33.372255] Memory state around the buggy address: [ 33.372509] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.372721] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.372821] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.372866] ^ [ 33.373199] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.373503] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.373626] ================================================================== [ 33.515659] ================================================================== [ 33.515978] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 33.516043] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.516153] [ 33.516378] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.516481] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.516514] Hardware name: linux,dummy-virt (DT) [ 33.516547] Call trace: [ 33.516571] show_stack+0x20/0x38 (C) [ 33.517385] dump_stack_lvl+0x8c/0xd0 [ 33.517449] print_report+0x118/0x5e8 [ 33.517496] kasan_report+0xdc/0x128 [ 33.517962] kasan_check_range+0x100/0x1a8 [ 33.518123] __kasan_check_write+0x20/0x30 [ 33.518272] kasan_atomics_helper+0xff0/0x4858 [ 33.518330] kasan_atomics+0x198/0x2e0 [ 33.518410] kunit_try_run_case+0x170/0x3f0 [ 33.518461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.518530] kthread+0x328/0x630 [ 33.518572] ret_from_fork+0x10/0x20 [ 33.518630] [ 33.518658] Allocated by task 298: [ 33.518692] kasan_save_stack+0x3c/0x68 [ 33.518735] kasan_save_track+0x20/0x40 [ 33.518772] kasan_save_alloc_info+0x40/0x58 [ 33.518820] __kasan_kmalloc+0xd4/0xd8 [ 33.518866] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.518920] kasan_atomics+0xb8/0x2e0 [ 33.519003] kunit_try_run_case+0x170/0x3f0 [ 33.519829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.519940] kthread+0x328/0x630 [ 33.520019] ret_from_fork+0x10/0x20 [ 33.520098] [ 33.520339] The buggy address belongs to the object at fff00000c9c2de00 [ 33.520339] which belongs to the cache kmalloc-64 of size 64 [ 33.520455] The buggy address is located 0 bytes to the right of [ 33.520455] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.520531] [ 33.520595] The buggy address belongs to the physical page: [ 33.520632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.520687] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.520738] page_type: f5(slab) [ 33.521329] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.521570] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.521692] page dumped because: kasan: bad access detected [ 33.521776] [ 33.521859] Memory state around the buggy address: [ 33.521998] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.522049] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.522111] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.522332] ^ [ 33.522730] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.522972] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.523087] ================================================================== [ 33.503702] ================================================================== [ 33.503974] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 33.504058] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.504109] [ 33.504181] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.504293] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.504338] Hardware name: linux,dummy-virt (DT) [ 33.504373] Call trace: [ 33.504416] show_stack+0x20/0x38 (C) [ 33.504472] dump_stack_lvl+0x8c/0xd0 [ 33.504563] print_report+0x118/0x5e8 [ 33.504661] kasan_report+0xdc/0x128 [ 33.504718] kasan_check_range+0x100/0x1a8 [ 33.504765] __kasan_check_write+0x20/0x30 [ 33.504813] kasan_atomics_helper+0xf20/0x4858 [ 33.504910] kasan_atomics+0x198/0x2e0 [ 33.504957] kunit_try_run_case+0x170/0x3f0 [ 33.505004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.505197] kthread+0x328/0x630 [ 33.505311] ret_from_fork+0x10/0x20 [ 33.505380] [ 33.505403] Allocated by task 298: [ 33.505442] kasan_save_stack+0x3c/0x68 [ 33.505507] kasan_save_track+0x20/0x40 [ 33.505555] kasan_save_alloc_info+0x40/0x58 [ 33.505605] __kasan_kmalloc+0xd4/0xd8 [ 33.505641] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.505685] kasan_atomics+0xb8/0x2e0 [ 33.505737] kunit_try_run_case+0x170/0x3f0 [ 33.505778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.505835] kthread+0x328/0x630 [ 33.505872] ret_from_fork+0x10/0x20 [ 33.505919] [ 33.505939] The buggy address belongs to the object at fff00000c9c2de00 [ 33.505939] which belongs to the cache kmalloc-64 of size 64 [ 33.505997] The buggy address is located 0 bytes to the right of [ 33.505997] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.506063] [ 33.506087] The buggy address belongs to the physical page: [ 33.506122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.506390] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.506478] page_type: f5(slab) [ 33.506519] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.506586] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.506702] page dumped because: kasan: bad access detected [ 33.506782] [ 33.506830] Memory state around the buggy address: [ 33.506863] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.506918] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.507007] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.507050] ^ [ 33.507241] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.507327] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.507460] ================================================================== [ 33.542164] ================================================================== [ 33.542218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 33.542271] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.542751] [ 33.542803] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.543065] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.543145] Hardware name: linux,dummy-virt (DT) [ 33.543193] Call trace: [ 33.543353] show_stack+0x20/0x38 (C) [ 33.543417] dump_stack_lvl+0x8c/0xd0 [ 33.543468] print_report+0x118/0x5e8 [ 33.543827] kasan_report+0xdc/0x128 [ 33.543911] kasan_check_range+0x100/0x1a8 [ 33.543964] __kasan_check_write+0x20/0x30 [ 33.544239] kasan_atomics_helper+0x1128/0x4858 [ 33.544354] kasan_atomics+0x198/0x2e0 [ 33.544408] kunit_try_run_case+0x170/0x3f0 [ 33.545002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.545122] kthread+0x328/0x630 [ 33.545179] ret_from_fork+0x10/0x20 [ 33.545229] [ 33.545250] Allocated by task 298: [ 33.545526] kasan_save_stack+0x3c/0x68 [ 33.545612] kasan_save_track+0x20/0x40 [ 33.545677] kasan_save_alloc_info+0x40/0x58 [ 33.545894] __kasan_kmalloc+0xd4/0xd8 [ 33.545962] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.546006] kasan_atomics+0xb8/0x2e0 [ 33.546488] kunit_try_run_case+0x170/0x3f0 [ 33.546877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.547184] kthread+0x328/0x630 [ 33.547397] ret_from_fork+0x10/0x20 [ 33.547650] [ 33.547700] The buggy address belongs to the object at fff00000c9c2de00 [ 33.547700] which belongs to the cache kmalloc-64 of size 64 [ 33.548021] The buggy address is located 0 bytes to the right of [ 33.548021] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.548232] [ 33.548452] The buggy address belongs to the physical page: [ 33.548546] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.548634] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.548731] page_type: f5(slab) [ 33.548785] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.548860] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.548939] page dumped because: kasan: bad access detected [ 33.549234] [ 33.549461] Memory state around the buggy address: [ 33.549779] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.549847] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.549984] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.550076] ^ [ 33.550459] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.550537] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.550637] ================================================================== [ 33.375221] ================================================================== [ 33.376159] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 33.376250] Write of size 4 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.376704] [ 33.377033] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.377956] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.378243] Hardware name: linux,dummy-virt (DT) [ 33.378399] Call trace: [ 33.378564] show_stack+0x20/0x38 (C) [ 33.378626] dump_stack_lvl+0x8c/0xd0 [ 33.378857] print_report+0x118/0x5e8 [ 33.379251] kasan_report+0xdc/0x128 [ 33.379365] kasan_check_range+0x100/0x1a8 [ 33.379971] __kasan_check_write+0x20/0x30 [ 33.380036] kasan_atomics_helper+0xa04/0x4858 [ 33.380098] kasan_atomics+0x198/0x2e0 [ 33.380144] kunit_try_run_case+0x170/0x3f0 [ 33.380610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.380675] kthread+0x328/0x630 [ 33.380719] ret_from_fork+0x10/0x20 [ 33.381162] [ 33.381201] Allocated by task 298: [ 33.381236] kasan_save_stack+0x3c/0x68 [ 33.381504] kasan_save_track+0x20/0x40 [ 33.381545] kasan_save_alloc_info+0x40/0x58 [ 33.381917] __kasan_kmalloc+0xd4/0xd8 [ 33.382173] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.382220] kasan_atomics+0xb8/0x2e0 [ 33.382597] kunit_try_run_case+0x170/0x3f0 [ 33.382649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.382696] kthread+0x328/0x630 [ 33.382733] ret_from_fork+0x10/0x20 [ 33.382770] [ 33.383352] The buggy address belongs to the object at fff00000c9c2de00 [ 33.383352] which belongs to the cache kmalloc-64 of size 64 [ 33.383694] The buggy address is located 0 bytes to the right of [ 33.383694] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.384174] [ 33.385142] The buggy address belongs to the physical page: [ 33.385422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.385558] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.385702] page_type: f5(slab) [ 33.385754] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.386066] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.386257] page dumped because: kasan: bad access detected [ 33.386330] [ 33.386374] Memory state around the buggy address: [ 33.386658] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.386796] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.386842] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.387163] ^ [ 33.387516] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.387568] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.387884] ================================================================== [ 33.338358] ================================================================== [ 33.338409] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 33.338465] Read of size 4 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.338517] [ 33.338550] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.338640] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.338673] Hardware name: linux,dummy-virt (DT) [ 33.338704] Call trace: [ 33.338727] show_stack+0x20/0x38 (C) [ 33.338775] dump_stack_lvl+0x8c/0xd0 [ 33.338825] print_report+0x118/0x5e8 [ 33.338870] kasan_report+0xdc/0x128 [ 33.339325] __asan_report_load4_noabort+0x20/0x30 [ 33.339400] kasan_atomics_helper+0x42d8/0x4858 [ 33.339540] kasan_atomics+0x198/0x2e0 [ 33.340014] kunit_try_run_case+0x170/0x3f0 [ 33.340509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.340585] kthread+0x328/0x630 [ 33.340944] ret_from_fork+0x10/0x20 [ 33.340998] [ 33.341019] Allocated by task 298: [ 33.341051] kasan_save_stack+0x3c/0x68 [ 33.341651] kasan_save_track+0x20/0x40 [ 33.341711] kasan_save_alloc_info+0x40/0x58 [ 33.341755] __kasan_kmalloc+0xd4/0xd8 [ 33.342380] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.342793] kasan_atomics+0xb8/0x2e0 [ 33.343037] kunit_try_run_case+0x170/0x3f0 [ 33.343082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.343129] kthread+0x328/0x630 [ 33.343165] ret_from_fork+0x10/0x20 [ 33.343204] [ 33.343226] The buggy address belongs to the object at fff00000c9c2de00 [ 33.343226] which belongs to the cache kmalloc-64 of size 64 [ 33.343288] The buggy address is located 0 bytes to the right of [ 33.343288] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.343355] [ 33.344463] The buggy address belongs to the physical page: [ 33.344506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.344843] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.344895] page_type: f5(slab) [ 33.344946] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.345000] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.345043] page dumped because: kasan: bad access detected [ 33.345074] [ 33.345624] Memory state around the buggy address: [ 33.345667] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.345717] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.346036] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.346080] ^ [ 33.346119] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.346701] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.346751] ================================================================== [ 33.600776] ================================================================== [ 33.601053] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 33.601125] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.602057] [ 33.602144] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.602303] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.602388] Hardware name: linux,dummy-virt (DT) [ 33.602424] Call trace: [ 33.602449] show_stack+0x20/0x38 (C) [ 33.602693] dump_stack_lvl+0x8c/0xd0 [ 33.602811] print_report+0x118/0x5e8 [ 33.603190] kasan_report+0xdc/0x128 [ 33.603373] kasan_check_range+0x100/0x1a8 [ 33.603589] __kasan_check_write+0x20/0x30 [ 33.604005] kasan_atomics_helper+0x1414/0x4858 [ 33.604561] kasan_atomics+0x198/0x2e0 [ 33.604766] kunit_try_run_case+0x170/0x3f0 [ 33.604876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.604945] kthread+0x328/0x630 [ 33.605126] ret_from_fork+0x10/0x20 [ 33.605344] [ 33.605537] Allocated by task 298: [ 33.605628] kasan_save_stack+0x3c/0x68 [ 33.605915] kasan_save_track+0x20/0x40 [ 33.606074] kasan_save_alloc_info+0x40/0x58 [ 33.606410] __kasan_kmalloc+0xd4/0xd8 [ 33.606643] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.606838] kasan_atomics+0xb8/0x2e0 [ 33.607224] kunit_try_run_case+0x170/0x3f0 [ 33.607333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.607382] kthread+0x328/0x630 [ 33.607548] ret_from_fork+0x10/0x20 [ 33.608023] [ 33.608076] The buggy address belongs to the object at fff00000c9c2de00 [ 33.608076] which belongs to the cache kmalloc-64 of size 64 [ 33.608421] The buggy address is located 0 bytes to the right of [ 33.608421] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.608540] [ 33.608609] The buggy address belongs to the physical page: [ 33.608867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.608950] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.609060] page_type: f5(slab) [ 33.609469] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.609572] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.610101] page dumped because: kasan: bad access detected [ 33.610187] [ 33.610365] Memory state around the buggy address: [ 33.610490] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.610729] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.611107] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.611321] ^ [ 33.611435] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.611530] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.611667] ================================================================== [ 33.090069] ================================================================== [ 33.090127] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 33.091032] Call trace: [ 33.091849] __kasan_check_read+0x20/0x30 [ 33.093200] kthread+0x328/0x630 [ 33.093736] [ 33.094631] kasan_save_alloc_info+0x40/0x58 [ 33.095325] kunit_try_run_case+0x170/0x3f0 [ 33.096337] [ 33.096876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.098128] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.099982] ================================================================== [ 33.412262] ================================================================== [ 33.412314] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 33.412366] Read of size 4 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.412418] [ 33.412449] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.413936] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.413990] Hardware name: linux,dummy-virt (DT) [ 33.414026] Call trace: [ 33.414638] show_stack+0x20/0x38 (C) [ 33.414865] dump_stack_lvl+0x8c/0xd0 [ 33.415218] print_report+0x118/0x5e8 [ 33.415563] kasan_report+0xdc/0x128 [ 33.416056] __asan_report_load4_noabort+0x20/0x30 [ 33.416439] kasan_atomics_helper+0x3dcc/0x4858 [ 33.416498] kasan_atomics+0x198/0x2e0 [ 33.416885] kunit_try_run_case+0x170/0x3f0 [ 33.417252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.417357] kthread+0x328/0x630 [ 33.418861] __kasan_kmalloc+0xd4/0xd8 [ 33.420660] ret_from_fork+0x10/0x20 [ 33.421243] [ 33.422042] page_type: f5(slab) [ 33.423659] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.424985] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.427161] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.427302] dump_stack_lvl+0x8c/0xd0 [ 33.429061] kasan_atomics_helper+0xb70/0x4858 [ 33.429367] kthread+0x328/0x630 [ 33.431029] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.432719] [ 33.433135] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.434449] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.434925] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.438817] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.439130] Hardware name: linux,dummy-virt (DT) [ 33.439328] Call trace: [ 33.439490] dump_stack_lvl+0x8c/0xd0 [ 33.439681] kasan_atomics_helper+0x3dbc/0x4858 [ 33.439939] ret_from_fork+0x10/0x20 [ 33.442674] kasan_atomics+0xb8/0x2e0 [ 33.444919] The buggy address is located 0 bytes to the right of [ 33.444919] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.447230] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.447695] ^ [ 33.451609] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc08/0x4858 [ 33.452066] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.452396] __kasan_check_write+0x20/0x30 [ 33.455984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.456307] __kasan_kmalloc+0xd4/0xd8 [ 33.456463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.457129] page dumped because: kasan: bad access detected [ 33.457292] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.458058] ================================================================== [ 33.557093] ================================================================== [ 33.557147] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 33.557501] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.557707] [ 33.557753] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.557847] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.557879] Hardware name: linux,dummy-virt (DT) [ 33.557923] Call trace: [ 33.557947] show_stack+0x20/0x38 (C) [ 33.558166] dump_stack_lvl+0x8c/0xd0 [ 33.558476] print_report+0x118/0x5e8 [ 33.558527] kasan_report+0xdc/0x128 [ 33.558571] kasan_check_range+0x100/0x1a8 [ 33.558618] __kasan_check_write+0x20/0x30 [ 33.559009] kasan_atomics_helper+0x11f8/0x4858 [ 33.559338] kasan_atomics+0x198/0x2e0 [ 33.559469] kunit_try_run_case+0x170/0x3f0 [ 33.559524] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.559607] kthread+0x328/0x630 [ 33.560026] ret_from_fork+0x10/0x20 [ 33.560257] [ 33.560298] Allocated by task 298: [ 33.560332] kasan_save_stack+0x3c/0x68 [ 33.560377] kasan_save_track+0x20/0x40 [ 33.560461] kasan_save_alloc_info+0x40/0x58 [ 33.560508] __kasan_kmalloc+0xd4/0xd8 [ 33.560546] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.560592] kasan_atomics+0xb8/0x2e0 [ 33.560963] kunit_try_run_case+0x170/0x3f0 [ 33.561046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.561284] kthread+0x328/0x630 [ 33.561475] ret_from_fork+0x10/0x20 [ 33.561537] [ 33.561561] The buggy address belongs to the object at fff00000c9c2de00 [ 33.561561] which belongs to the cache kmalloc-64 of size 64 [ 33.561871] The buggy address is located 0 bytes to the right of [ 33.561871] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.562259] [ 33.562469] The buggy address belongs to the physical page: [ 33.562699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.562789] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.563181] page_type: f5(slab) [ 33.563446] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.563649] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.563745] page dumped because: kasan: bad access detected [ 33.563880] [ 33.563960] Memory state around the buggy address: [ 33.564187] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.564395] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.564722] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.564794] ^ [ 33.564920] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.564987] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.565144] ================================================================== [ 33.616892] ================================================================== [ 33.616962] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 33.617016] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.617068] [ 33.617101] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.617190] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.617222] Hardware name: linux,dummy-virt (DT) [ 33.617255] Call trace: [ 33.617279] show_stack+0x20/0x38 (C) [ 33.617327] dump_stack_lvl+0x8c/0xd0 [ 33.617375] print_report+0x118/0x5e8 [ 33.617419] kasan_report+0xdc/0x128 [ 33.617463] kasan_check_range+0x100/0x1a8 [ 33.617510] __kasan_check_write+0x20/0x30 [ 33.617557] kasan_atomics_helper+0x14e4/0x4858 [ 33.617607] kasan_atomics+0x198/0x2e0 [ 33.617655] kunit_try_run_case+0x170/0x3f0 [ 33.617702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.617754] kthread+0x328/0x630 [ 33.617797] ret_from_fork+0x10/0x20 [ 33.617845] [ 33.617867] Allocated by task 298: [ 33.617905] kasan_save_stack+0x3c/0x68 [ 33.617946] kasan_save_track+0x20/0x40 [ 33.617984] kasan_save_alloc_info+0x40/0x58 [ 33.618086] __kasan_kmalloc+0xd4/0xd8 [ 33.618142] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.618186] kasan_atomics+0xb8/0x2e0 [ 33.618277] kunit_try_run_case+0x170/0x3f0 [ 33.618323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.618373] kthread+0x328/0x630 [ 33.618489] ret_from_fork+0x10/0x20 [ 33.618532] [ 33.618555] The buggy address belongs to the object at fff00000c9c2de00 [ 33.618555] which belongs to the cache kmalloc-64 of size 64 [ 33.618613] The buggy address is located 0 bytes to the right of [ 33.618613] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.618677] [ 33.618700] The buggy address belongs to the physical page: [ 33.618735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.618789] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.619157] page_type: f5(slab) [ 33.619224] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.619474] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.619560] page dumped because: kasan: bad access detected [ 33.619671] [ 33.619697] Memory state around the buggy address: [ 33.619733] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.619778] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.620067] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.620123] ^ [ 33.620217] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.620439] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.620503] ================================================================== [ 33.469381] ================================================================== [ 33.469451] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 33.469506] Write of size 4 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.469574] [ 33.469623] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.469735] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.469785] Hardware name: linux,dummy-virt (DT) [ 33.469834] Call trace: [ 33.469858] show_stack+0x20/0x38 (C) [ 33.469917] dump_stack_lvl+0x8c/0xd0 [ 33.469963] print_report+0x118/0x5e8 [ 33.470008] kasan_report+0xdc/0x128 [ 33.470052] kasan_check_range+0x100/0x1a8 [ 33.470119] __kasan_check_write+0x20/0x30 [ 33.470168] kasan_atomics_helper+0xd3c/0x4858 [ 33.470218] kasan_atomics+0x198/0x2e0 [ 33.470497] kunit_try_run_case+0x170/0x3f0 [ 33.470604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.470679] kthread+0x328/0x630 [ 33.470723] ret_from_fork+0x10/0x20 [ 33.470782] [ 33.470821] Allocated by task 298: [ 33.470870] kasan_save_stack+0x3c/0x68 [ 33.470922] kasan_save_track+0x20/0x40 [ 33.470977] kasan_save_alloc_info+0x40/0x58 [ 33.471037] __kasan_kmalloc+0xd4/0xd8 [ 33.471072] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.471115] kasan_atomics+0xb8/0x2e0 [ 33.471184] kunit_try_run_case+0x170/0x3f0 [ 33.471241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.471308] kthread+0x328/0x630 [ 33.471363] ret_from_fork+0x10/0x20 [ 33.471431] [ 33.471459] The buggy address belongs to the object at fff00000c9c2de00 [ 33.471459] which belongs to the cache kmalloc-64 of size 64 [ 33.471519] The buggy address is located 0 bytes to the right of [ 33.471519] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.471585] [ 33.471625] The buggy address belongs to the physical page: [ 33.471862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.471942] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.471993] page_type: f5(slab) [ 33.472030] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.472098] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.472140] page dumped because: kasan: bad access detected [ 33.472213] [ 33.472253] Memory state around the buggy address: [ 33.472288] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.472365] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.472409] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.472462] ^ [ 33.472498] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.472571] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.472657] ================================================================== [ 33.400626] ================================================================== [ 33.400681] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 33.400734] Write of size 4 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.400787] [ 33.400818] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.402424] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.402769] Hardware name: linux,dummy-virt (DT) [ 33.402810] Call trace: [ 33.403104] show_stack+0x20/0x38 (C) [ 33.403163] dump_stack_lvl+0x8c/0xd0 [ 33.403216] print_report+0x118/0x5e8 [ 33.403263] kasan_report+0xdc/0x128 [ 33.403309] kasan_check_range+0x100/0x1a8 [ 33.403357] __kasan_check_write+0x20/0x30 [ 33.404089] kasan_atomics_helper+0xad4/0x4858 [ 33.404577] kasan_atomics+0x198/0x2e0 [ 33.404703] kunit_try_run_case+0x170/0x3f0 [ 33.404753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.405202] kthread+0x328/0x630 [ 33.405478] ret_from_fork+0x10/0x20 [ 33.405580] [ 33.405601] Allocated by task 298: [ 33.406084] kasan_save_stack+0x3c/0x68 [ 33.406135] kasan_save_track+0x20/0x40 [ 33.406182] kasan_save_alloc_info+0x40/0x58 [ 33.406223] __kasan_kmalloc+0xd4/0xd8 [ 33.406259] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.406303] kasan_atomics+0xb8/0x2e0 [ 33.407105] kunit_try_run_case+0x170/0x3f0 [ 33.407388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.407773] kthread+0x328/0x630 [ 33.407985] ret_from_fork+0x10/0x20 [ 33.408110] [ 33.408133] The buggy address belongs to the object at fff00000c9c2de00 [ 33.408133] which belongs to the cache kmalloc-64 of size 64 [ 33.408724] The buggy address is located 0 bytes to the right of [ 33.408724] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.408930] [ 33.409042] The buggy address belongs to the physical page: [ 33.409081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.409415] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.409470] page_type: f5(slab) [ 33.409612] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.409828] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.409873] page dumped because: kasan: bad access detected [ 33.410545] [ 33.410936] Memory state around the buggy address: [ 33.411060] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.411330] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.411552] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.411719] ^ [ 33.411789] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.411835] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.411877] ================================================================== [ 33.466263] ================================================================== [ 33.466314] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 33.466373] Read of size 4 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.466425] [ 33.466456] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.466545] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.466577] Hardware name: linux,dummy-virt (DT) [ 33.466610] Call trace: [ 33.466633] show_stack+0x20/0x38 (C) [ 33.466684] dump_stack_lvl+0x8c/0xd0 [ 33.466732] print_report+0x118/0x5e8 [ 33.466778] kasan_report+0xdc/0x128 [ 33.466823] __asan_report_load4_noabort+0x20/0x30 [ 33.466873] kasan_atomics_helper+0x3dd8/0x4858 [ 33.466955] kasan_atomics+0x198/0x2e0 [ 33.467016] kunit_try_run_case+0x170/0x3f0 [ 33.467073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.467129] kthread+0x328/0x630 [ 33.467171] ret_from_fork+0x10/0x20 [ 33.467220] [ 33.467239] Allocated by task 298: [ 33.467269] kasan_save_stack+0x3c/0x68 [ 33.467315] kasan_save_track+0x20/0x40 [ 33.467365] kasan_save_alloc_info+0x40/0x58 [ 33.467413] __kasan_kmalloc+0xd4/0xd8 [ 33.467449] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.467492] kasan_atomics+0xb8/0x2e0 [ 33.467529] kunit_try_run_case+0x170/0x3f0 [ 33.467567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.467622] kthread+0x328/0x630 [ 33.467658] ret_from_fork+0x10/0x20 [ 33.467693] [ 33.467713] The buggy address belongs to the object at fff00000c9c2de00 [ 33.467713] which belongs to the cache kmalloc-64 of size 64 [ 33.467780] The buggy address is located 0 bytes to the right of [ 33.467780] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.467845] [ 33.467875] The buggy address belongs to the physical page: [ 33.467920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.467974] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.468022] page_type: f5(slab) [ 33.468060] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.468111] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.468153] page dumped because: kasan: bad access detected [ 33.468185] [ 33.468204] Memory state around the buggy address: [ 33.468237] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.468282] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.468662] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.468711] ^ [ 33.468749] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.468822] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.468888] ================================================================== [ 33.492596] ================================================================== [ 33.492797] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 33.492886] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.493012] [ 33.493080] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.493213] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.493282] Hardware name: linux,dummy-virt (DT) [ 33.493354] Call trace: [ 33.493419] show_stack+0x20/0x38 (C) [ 33.493505] dump_stack_lvl+0x8c/0xd0 [ 33.493552] print_report+0x118/0x5e8 [ 33.493842] kasan_report+0xdc/0x128 [ 33.493934] __asan_report_store8_noabort+0x20/0x30 [ 33.494089] kasan_atomics_helper+0x3e5c/0x4858 [ 33.494189] kasan_atomics+0x198/0x2e0 [ 33.494285] kunit_try_run_case+0x170/0x3f0 [ 33.494414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.494720] kthread+0x328/0x630 [ 33.494884] ret_from_fork+0x10/0x20 [ 33.495013] [ 33.495053] Allocated by task 298: [ 33.495084] kasan_save_stack+0x3c/0x68 [ 33.495136] kasan_save_track+0x20/0x40 [ 33.495353] kasan_save_alloc_info+0x40/0x58 [ 33.495509] __kasan_kmalloc+0xd4/0xd8 [ 33.495619] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.495706] kasan_atomics+0xb8/0x2e0 [ 33.496016] kunit_try_run_case+0x170/0x3f0 [ 33.496111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.496200] kthread+0x328/0x630 [ 33.496269] ret_from_fork+0x10/0x20 [ 33.496307] [ 33.496330] The buggy address belongs to the object at fff00000c9c2de00 [ 33.496330] which belongs to the cache kmalloc-64 of size 64 [ 33.496538] The buggy address is located 0 bytes to the right of [ 33.496538] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.496783] [ 33.496823] The buggy address belongs to the physical page: [ 33.496905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.497161] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.497368] page_type: f5(slab) [ 33.497459] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.497591] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.497678] page dumped because: kasan: bad access detected [ 33.497722] [ 33.497768] Memory state around the buggy address: [ 33.497809] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.497873] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.497932] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.497972] ^ [ 33.498368] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.498452] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.498493] ================================================================== [ 33.551623] ================================================================== [ 33.551731] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 33.551792] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.551933] [ 33.551990] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.552221] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.552255] Hardware name: linux,dummy-virt (DT) [ 33.552289] Call trace: [ 33.552349] show_stack+0x20/0x38 (C) [ 33.552404] dump_stack_lvl+0x8c/0xd0 [ 33.552477] print_report+0x118/0x5e8 [ 33.552526] kasan_report+0xdc/0x128 [ 33.552570] kasan_check_range+0x100/0x1a8 [ 33.552617] __kasan_check_write+0x20/0x30 [ 33.552665] kasan_atomics_helper+0x1190/0x4858 [ 33.552719] kasan_atomics+0x198/0x2e0 [ 33.552778] kunit_try_run_case+0x170/0x3f0 [ 33.552828] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.552887] kthread+0x328/0x630 [ 33.552950] ret_from_fork+0x10/0x20 [ 33.553000] [ 33.553021] Allocated by task 298: [ 33.553052] kasan_save_stack+0x3c/0x68 [ 33.553102] kasan_save_track+0x20/0x40 [ 33.553141] kasan_save_alloc_info+0x40/0x58 [ 33.553181] __kasan_kmalloc+0xd4/0xd8 [ 33.553217] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.553260] kasan_atomics+0xb8/0x2e0 [ 33.553300] kunit_try_run_case+0x170/0x3f0 [ 33.553339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.553383] kthread+0x328/0x630 [ 33.553419] ret_from_fork+0x10/0x20 [ 33.553457] [ 33.553478] The buggy address belongs to the object at fff00000c9c2de00 [ 33.553478] which belongs to the cache kmalloc-64 of size 64 [ 33.553547] The buggy address is located 0 bytes to the right of [ 33.553547] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.553611] [ 33.553634] The buggy address belongs to the physical page: [ 33.553686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.553750] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.553809] page_type: f5(slab) [ 33.553850] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.554434] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.554923] page dumped because: kasan: bad access detected [ 33.554998] [ 33.555060] Memory state around the buggy address: [ 33.555122] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.555210] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.555297] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.555517] ^ [ 33.555641] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.556204] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.556311] ================================================================== [ 33.612431] ================================================================== [ 33.612639] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 33.612724] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.612849] [ 33.612952] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.613046] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.613274] Hardware name: linux,dummy-virt (DT) [ 33.613330] Call trace: [ 33.613365] show_stack+0x20/0x38 (C) [ 33.613417] dump_stack_lvl+0x8c/0xd0 [ 33.613510] print_report+0x118/0x5e8 [ 33.613598] kasan_report+0xdc/0x128 [ 33.613844] kasan_check_range+0x100/0x1a8 [ 33.613938] __kasan_check_write+0x20/0x30 [ 33.613997] kasan_atomics_helper+0x147c/0x4858 [ 33.614049] kasan_atomics+0x198/0x2e0 [ 33.614097] kunit_try_run_case+0x170/0x3f0 [ 33.614145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.614244] kthread+0x328/0x630 [ 33.614303] ret_from_fork+0x10/0x20 [ 33.614364] [ 33.614406] Allocated by task 298: [ 33.614458] kasan_save_stack+0x3c/0x68 [ 33.614501] kasan_save_track+0x20/0x40 [ 33.614548] kasan_save_alloc_info+0x40/0x58 [ 33.614590] __kasan_kmalloc+0xd4/0xd8 [ 33.614627] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.614670] kasan_atomics+0xb8/0x2e0 [ 33.614710] kunit_try_run_case+0x170/0x3f0 [ 33.614758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.614812] kthread+0x328/0x630 [ 33.614848] ret_from_fork+0x10/0x20 [ 33.614906] [ 33.614929] The buggy address belongs to the object at fff00000c9c2de00 [ 33.614929] which belongs to the cache kmalloc-64 of size 64 [ 33.614997] The buggy address is located 0 bytes to the right of [ 33.614997] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.615062] [ 33.615097] The buggy address belongs to the physical page: [ 33.615134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.615189] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.615239] page_type: f5(slab) [ 33.615277] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.615330] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.615384] page dumped because: kasan: bad access detected [ 33.615426] [ 33.615457] Memory state around the buggy address: [ 33.615490] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.615540] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.615590] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.615640] ^ [ 33.615676] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.615719] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.615761] ================================================================== [ 33.639803] ================================================================== [ 33.640411] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 33.640485] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.641128] [ 33.641651] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.641857] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.642173] Hardware name: linux,dummy-virt (DT) [ 33.642639] Call trace: [ 33.642854] show_stack+0x20/0x38 (C) [ 33.642972] dump_stack_lvl+0x8c/0xd0 [ 33.643295] print_report+0x118/0x5e8 [ 33.643355] kasan_report+0xdc/0x128 [ 33.643401] kasan_check_range+0x100/0x1a8 [ 33.643449] __kasan_check_write+0x20/0x30 [ 33.644094] kasan_atomics_helper+0x1644/0x4858 [ 33.644426] kasan_atomics+0x198/0x2e0 [ 33.644490] kunit_try_run_case+0x170/0x3f0 [ 33.644540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.645248] kthread+0x328/0x630 [ 33.645582] ret_from_fork+0x10/0x20 [ 33.645777] [ 33.645927] Allocated by task 298: [ 33.645963] kasan_save_stack+0x3c/0x68 [ 33.646125] kasan_save_track+0x20/0x40 [ 33.646173] kasan_save_alloc_info+0x40/0x58 [ 33.646214] __kasan_kmalloc+0xd4/0xd8 [ 33.646250] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.646294] kasan_atomics+0xb8/0x2e0 [ 33.646335] kunit_try_run_case+0x170/0x3f0 [ 33.646577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.646780] kthread+0x328/0x630 [ 33.646828] ret_from_fork+0x10/0x20 [ 33.646929] [ 33.646952] The buggy address belongs to the object at fff00000c9c2de00 [ 33.646952] which belongs to the cache kmalloc-64 of size 64 [ 33.647105] The buggy address is located 0 bytes to the right of [ 33.647105] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.647427] [ 33.647600] The buggy address belongs to the physical page: [ 33.647641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.648040] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.648346] page_type: f5(slab) [ 33.648714] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.648806] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.648857] page dumped because: kasan: bad access detected [ 33.648890] [ 33.649093] Memory state around the buggy address: [ 33.649136] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.649196] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.649308] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.649722] ^ [ 33.649781] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.649926] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.650240] ================================================================== [ 33.672845] ================================================================== [ 33.672948] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 33.673002] Read of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.673081] [ 33.673112] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.673333] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.673400] Hardware name: linux,dummy-virt (DT) [ 33.673445] Call trace: [ 33.673470] show_stack+0x20/0x38 (C) [ 33.673565] dump_stack_lvl+0x8c/0xd0 [ 33.673646] print_report+0x118/0x5e8 [ 33.673954] kasan_report+0xdc/0x128 [ 33.674027] __asan_report_load8_noabort+0x20/0x30 [ 33.674080] kasan_atomics_helper+0x3e10/0x4858 [ 33.674170] kasan_atomics+0x198/0x2e0 [ 33.674223] kunit_try_run_case+0x170/0x3f0 [ 33.674272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.674326] kthread+0x328/0x630 [ 33.674378] ret_from_fork+0x10/0x20 [ 33.674428] [ 33.674448] Allocated by task 298: [ 33.674478] kasan_save_stack+0x3c/0x68 [ 33.674704] kasan_save_track+0x20/0x40 [ 33.674993] kasan_save_alloc_info+0x40/0x58 [ 33.675364] __kasan_kmalloc+0xd4/0xd8 [ 33.675410] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.675455] kasan_atomics+0xb8/0x2e0 [ 33.675494] kunit_try_run_case+0x170/0x3f0 [ 33.675937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.676081] kthread+0x328/0x630 [ 33.676119] ret_from_fork+0x10/0x20 [ 33.676158] [ 33.676923] The buggy address belongs to the object at fff00000c9c2de00 [ 33.676923] which belongs to the cache kmalloc-64 of size 64 [ 33.677055] The buggy address is located 0 bytes to the right of [ 33.677055] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.677360] [ 33.677387] The buggy address belongs to the physical page: [ 33.677422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.677478] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.677528] page_type: f5(slab) [ 33.677766] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.678194] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.678272] page dumped because: kasan: bad access detected [ 33.678306] [ 33.678334] Memory state around the buggy address: [ 33.678373] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.678420] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.679178] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.679230] ^ [ 33.679682] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.680047] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.680286] ================================================================== [ 33.498978] ================================================================== [ 33.499121] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 33.499216] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.499270] [ 33.499325] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.499436] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.499469] Hardware name: linux,dummy-virt (DT) [ 33.499549] Call trace: [ 33.499575] show_stack+0x20/0x38 (C) [ 33.499643] dump_stack_lvl+0x8c/0xd0 [ 33.499716] print_report+0x118/0x5e8 [ 33.499771] kasan_report+0xdc/0x128 [ 33.499819] kasan_check_range+0x100/0x1a8 [ 33.499868] __kasan_check_write+0x20/0x30 [ 33.499928] kasan_atomics_helper+0xeb8/0x4858 [ 33.500218] kasan_atomics+0x198/0x2e0 [ 33.500309] kunit_try_run_case+0x170/0x3f0 [ 33.500363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.500418] kthread+0x328/0x630 [ 33.500490] ret_from_fork+0x10/0x20 [ 33.500540] [ 33.500563] Allocated by task 298: [ 33.500593] kasan_save_stack+0x3c/0x68 [ 33.500634] kasan_save_track+0x20/0x40 [ 33.500705] kasan_save_alloc_info+0x40/0x58 [ 33.500747] __kasan_kmalloc+0xd4/0xd8 [ 33.500943] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.501066] kasan_atomics+0xb8/0x2e0 [ 33.501154] kunit_try_run_case+0x170/0x3f0 [ 33.501216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.501261] kthread+0x328/0x630 [ 33.501447] ret_from_fork+0x10/0x20 [ 33.501487] [ 33.501516] The buggy address belongs to the object at fff00000c9c2de00 [ 33.501516] which belongs to the cache kmalloc-64 of size 64 [ 33.501720] The buggy address is located 0 bytes to the right of [ 33.501720] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.501833] [ 33.501935] The buggy address belongs to the physical page: [ 33.501999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.502204] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.502257] page_type: f5(slab) [ 33.502295] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.502445] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.502535] page dumped because: kasan: bad access detected [ 33.502568] [ 33.502599] Memory state around the buggy address: [ 33.502632] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.502677] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.502738] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.502778] ^ [ 33.502813] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.502857] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.503067] ================================================================== [ 33.594122] ================================================================== [ 33.594371] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 33.594457] Read of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.594512] [ 33.595067] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.595310] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.595548] Hardware name: linux,dummy-virt (DT) [ 33.595594] Call trace: [ 33.595635] show_stack+0x20/0x38 (C) [ 33.595719] dump_stack_lvl+0x8c/0xd0 [ 33.595804] print_report+0x118/0x5e8 [ 33.595861] kasan_report+0xdc/0x128 [ 33.595949] __asan_report_load8_noabort+0x20/0x30 [ 33.596027] kasan_atomics_helper+0x3f04/0x4858 [ 33.596129] kasan_atomics+0x198/0x2e0 [ 33.596179] kunit_try_run_case+0x170/0x3f0 [ 33.596233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.596286] kthread+0x328/0x630 [ 33.596330] ret_from_fork+0x10/0x20 [ 33.596534] [ 33.596933] Allocated by task 298: [ 33.597005] kasan_save_stack+0x3c/0x68 [ 33.597106] kasan_save_track+0x20/0x40 [ 33.597198] kasan_save_alloc_info+0x40/0x58 [ 33.597287] __kasan_kmalloc+0xd4/0xd8 [ 33.597325] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.597394] kasan_atomics+0xb8/0x2e0 [ 33.597729] kunit_try_run_case+0x170/0x3f0 [ 33.597809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.598132] kthread+0x328/0x630 [ 33.598305] ret_from_fork+0x10/0x20 [ 33.598360] [ 33.598392] The buggy address belongs to the object at fff00000c9c2de00 [ 33.598392] which belongs to the cache kmalloc-64 of size 64 [ 33.598454] The buggy address is located 0 bytes to the right of [ 33.598454] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.598532] [ 33.598569] The buggy address belongs to the physical page: [ 33.598607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.598676] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.598745] page_type: f5(slab) [ 33.598785] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.598844] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.598913] page dumped because: kasan: bad access detected [ 33.598946] [ 33.598966] Memory state around the buggy address: [ 33.599011] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.599057] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.599101] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.599143] ^ [ 33.599204] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.599254] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.599303] ================================================================== [ 33.208017] ================================================================== [ 33.208271] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 33.209064] [ 33.209646] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.210142] Call trace: [ 33.211566] __kasan_check_write+0x20/0x30 [ 33.212117] kasan_atomics_helper+0x5b4/0x4858 [ 33.212523] kasan_atomics+0x198/0x2e0 [ 33.212751] kthread+0x328/0x630 [ 33.213562] ret_from_fork+0x10/0x20 [ 33.214188] [ 33.214269] Allocated by task 298: [ 33.216564] [ 33.217121] [ 33.218353] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.220650] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.221426] ================================================================== [ 33.583795] ================================================================== [ 33.583867] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 33.584230] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.584369] [ 33.584405] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.584499] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.584678] Hardware name: linux,dummy-virt (DT) [ 33.584718] Call trace: [ 33.585110] show_stack+0x20/0x38 (C) [ 33.585651] dump_stack_lvl+0x8c/0xd0 [ 33.585733] print_report+0x118/0x5e8 [ 33.585951] kasan_report+0xdc/0x128 [ 33.586472] kasan_check_range+0x100/0x1a8 [ 33.586563] __kasan_check_write+0x20/0x30 [ 33.587355] kasan_atomics_helper+0x1384/0x4858 [ 33.587554] kasan_atomics+0x198/0x2e0 [ 33.587638] kunit_try_run_case+0x170/0x3f0 [ 33.588005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.588348] kthread+0x328/0x630 [ 33.588506] ret_from_fork+0x10/0x20 [ 33.588666] [ 33.588715] Allocated by task 298: [ 33.588767] kasan_save_stack+0x3c/0x68 [ 33.588819] kasan_save_track+0x20/0x40 [ 33.588858] kasan_save_alloc_info+0x40/0x58 [ 33.588908] __kasan_kmalloc+0xd4/0xd8 [ 33.589219] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.589366] kasan_atomics+0xb8/0x2e0 [ 33.589534] kunit_try_run_case+0x170/0x3f0 [ 33.589576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.589623] kthread+0x328/0x630 [ 33.589807] ret_from_fork+0x10/0x20 [ 33.590117] [ 33.590379] The buggy address belongs to the object at fff00000c9c2de00 [ 33.590379] which belongs to the cache kmalloc-64 of size 64 [ 33.590713] The buggy address is located 0 bytes to the right of [ 33.590713] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.590890] [ 33.590965] The buggy address belongs to the physical page: [ 33.591414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.591574] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.591750] page_type: f5(slab) [ 33.591832] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.592065] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.592163] page dumped because: kasan: bad access detected [ 33.592236] [ 33.592416] Memory state around the buggy address: [ 33.592617] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.592677] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.592722] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.592807] ^ [ 33.592855] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.592918] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.592969] ================================================================== [ 33.574476] ================================================================== [ 33.574669] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 33.574872] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.574946] [ 33.574981] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.575180] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.575217] Hardware name: linux,dummy-virt (DT) [ 33.575251] Call trace: [ 33.575313] show_stack+0x20/0x38 (C) [ 33.575941] dump_stack_lvl+0x8c/0xd0 [ 33.576016] print_report+0x118/0x5e8 [ 33.576086] kasan_report+0xdc/0x128 [ 33.576134] kasan_check_range+0x100/0x1a8 [ 33.576181] __kasan_check_write+0x20/0x30 [ 33.576518] kasan_atomics_helper+0x12d8/0x4858 [ 33.576960] kasan_atomics+0x198/0x2e0 [ 33.577075] kunit_try_run_case+0x170/0x3f0 [ 33.577126] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.577481] kthread+0x328/0x630 [ 33.577650] ret_from_fork+0x10/0x20 [ 33.577925] [ 33.578004] Allocated by task 298: [ 33.578237] kasan_save_stack+0x3c/0x68 [ 33.578558] kasan_save_track+0x20/0x40 [ 33.578866] kasan_save_alloc_info+0x40/0x58 [ 33.579093] __kasan_kmalloc+0xd4/0xd8 [ 33.579166] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.579322] kasan_atomics+0xb8/0x2e0 [ 33.579508] kunit_try_run_case+0x170/0x3f0 [ 33.579864] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.580058] kthread+0x328/0x630 [ 33.580267] ret_from_fork+0x10/0x20 [ 33.580441] [ 33.580557] The buggy address belongs to the object at fff00000c9c2de00 [ 33.580557] which belongs to the cache kmalloc-64 of size 64 [ 33.580919] The buggy address is located 0 bytes to the right of [ 33.580919] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.581008] [ 33.581031] The buggy address belongs to the physical page: [ 33.581370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.581779] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.581887] page_type: f5(slab) [ 33.582012] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.582135] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.582182] page dumped because: kasan: bad access detected [ 33.582231] [ 33.582257] Memory state around the buggy address: [ 33.582292] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.582343] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.582396] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.582442] ^ [ 33.582485] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.582529] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.582575] ================================================================== [ 33.627119] ================================================================== [ 33.627262] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 33.627490] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.627573] [ 33.627617] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.627708] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.627818] Hardware name: linux,dummy-virt (DT) [ 33.627875] Call trace: [ 33.628186] show_stack+0x20/0x38 (C) [ 33.628256] dump_stack_lvl+0x8c/0xd0 [ 33.628307] print_report+0x118/0x5e8 [ 33.628361] kasan_report+0xdc/0x128 [ 33.628406] kasan_check_range+0x100/0x1a8 [ 33.628625] __kasan_check_write+0x20/0x30 [ 33.628819] kasan_atomics_helper+0x15b4/0x4858 [ 33.628918] kasan_atomics+0x198/0x2e0 [ 33.629201] kunit_try_run_case+0x170/0x3f0 [ 33.629306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.629519] kthread+0x328/0x630 [ 33.629635] ret_from_fork+0x10/0x20 [ 33.629693] [ 33.629716] Allocated by task 298: [ 33.629807] kasan_save_stack+0x3c/0x68 [ 33.629976] kasan_save_track+0x20/0x40 [ 33.630073] kasan_save_alloc_info+0x40/0x58 [ 33.630297] __kasan_kmalloc+0xd4/0xd8 [ 33.630435] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.630511] kasan_atomics+0xb8/0x2e0 [ 33.630614] kunit_try_run_case+0x170/0x3f0 [ 33.630654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.630851] kthread+0x328/0x630 [ 33.631003] ret_from_fork+0x10/0x20 [ 33.631082] [ 33.631286] The buggy address belongs to the object at fff00000c9c2de00 [ 33.631286] which belongs to the cache kmalloc-64 of size 64 [ 33.631414] The buggy address is located 0 bytes to the right of [ 33.631414] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.631520] [ 33.631584] The buggy address belongs to the physical page: [ 33.631622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.631711] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.631883] page_type: f5(slab) [ 33.632037] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.632212] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.632415] page dumped because: kasan: bad access detected [ 33.632482] [ 33.632569] Memory state around the buggy address: [ 33.632626] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.632706] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.632791] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.632860] ^ [ 33.633062] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.633121] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.633161] ================================================================== [ 33.347955] ================================================================== [ 33.348868] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x934/0x4858 [ 33.348969] Write of size 4 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.349319] [ 33.349354] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.350038] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.350074] Hardware name: linux,dummy-virt (DT) [ 33.350383] Call trace: [ 33.350496] show_stack+0x20/0x38 (C) [ 33.350686] dump_stack_lvl+0x8c/0xd0 [ 33.350990] print_report+0x118/0x5e8 [ 33.351348] kasan_report+0xdc/0x128 [ 33.351690] kasan_check_range+0x100/0x1a8 [ 33.351812] __kasan_check_write+0x20/0x30 [ 33.352245] kasan_atomics_helper+0x934/0x4858 [ 33.352616] kasan_atomics+0x198/0x2e0 [ 33.352671] kunit_try_run_case+0x170/0x3f0 [ 33.353017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.353148] kthread+0x328/0x630 [ 33.353400] ret_from_fork+0x10/0x20 [ 33.353594] [ 33.353981] Allocated by task 298: [ 33.354141] kasan_save_stack+0x3c/0x68 [ 33.354263] kasan_save_track+0x20/0x40 [ 33.356500] The buggy address belongs to the object at fff00000c9c2de00 [ 33.356500] which belongs to the cache kmalloc-64 of size 64 [ 33.356593] The buggy address is located 0 bytes to the right of [ 33.356593] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.356833] [ 33.357342] The buggy address belongs to the physical page: [ 33.357564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.357628] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.357843] page_type: f5(slab) [ 33.358201] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.358270] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.358315] page dumped because: kasan: bad access detected [ 33.358352] [ 33.358873] Memory state around the buggy address: [ 33.359564] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.359808] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.360159] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.360248] ^ [ 33.360289] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.360333] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.360777] ================================================================== [ 33.227432] ================================================================== [ 33.227488] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 33.230122] Call trace: [ 33.231799] print_report+0x118/0x5e8 [ 33.232477] kasan_atomics+0x198/0x2e0 [ 33.233415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.233471] kthread+0x328/0x630 [ 33.234340] ret_from_fork+0x10/0x20 [ 33.235442] kasan_save_stack+0x3c/0x68 [ 33.236349] kasan_save_alloc_info+0x40/0x58 [ 33.237190] kasan_atomics+0xb8/0x2e0 [ 33.237832] kthread+0x328/0x630 [ 33.237994] ret_from_fork+0x10/0x20 [ 33.238770] The buggy address is located 0 bytes to the right of [ 33.238770] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.241289] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.242745] ^ [ 33.248041] ================================================================== [ 33.621195] ================================================================== [ 33.621389] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 33.621452] Write of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.621505] [ 33.621537] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.621627] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.621750] Hardware name: linux,dummy-virt (DT) [ 33.621817] Call trace: [ 33.621844] show_stack+0x20/0x38 (C) [ 33.622074] dump_stack_lvl+0x8c/0xd0 [ 33.622259] print_report+0x118/0x5e8 [ 33.622312] kasan_report+0xdc/0x128 [ 33.622362] kasan_check_range+0x100/0x1a8 [ 33.622417] __kasan_check_write+0x20/0x30 [ 33.622533] kasan_atomics_helper+0x154c/0x4858 [ 33.622589] kasan_atomics+0x198/0x2e0 [ 33.622713] kunit_try_run_case+0x170/0x3f0 [ 33.622766] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.622889] kthread+0x328/0x630 [ 33.622966] ret_from_fork+0x10/0x20 [ 33.623096] [ 33.623121] Allocated by task 298: [ 33.623187] kasan_save_stack+0x3c/0x68 [ 33.623233] kasan_save_track+0x20/0x40 [ 33.623270] kasan_save_alloc_info+0x40/0x58 [ 33.623311] __kasan_kmalloc+0xd4/0xd8 [ 33.623655] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.623716] kasan_atomics+0xb8/0x2e0 [ 33.623774] kunit_try_run_case+0x170/0x3f0 [ 33.624062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.624213] kthread+0x328/0x630 [ 33.624283] ret_from_fork+0x10/0x20 [ 33.624323] [ 33.624346] The buggy address belongs to the object at fff00000c9c2de00 [ 33.624346] which belongs to the cache kmalloc-64 of size 64 [ 33.624552] The buggy address is located 0 bytes to the right of [ 33.624552] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.624630] [ 33.624747] The buggy address belongs to the physical page: [ 33.624803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.625139] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.625212] page_type: f5(slab) [ 33.625353] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.625490] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.625589] page dumped because: kasan: bad access detected [ 33.625677] [ 33.625893] Memory state around the buggy address: [ 33.625947] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.626107] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.626192] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.626368] ^ [ 33.626457] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.626605] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.626646] ================================================================== [ 33.482256] ================================================================== [ 33.482414] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 33.482466] Read of size 8 at addr fff00000c9c2de30 by task kunit_try_catch/298 [ 33.482555] [ 33.482593] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 33.482702] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 33.482740] Hardware name: linux,dummy-virt (DT) [ 33.482788] Call trace: [ 33.482829] show_stack+0x20/0x38 (C) [ 33.482889] dump_stack_lvl+0x8c/0xd0 [ 33.482967] print_report+0x118/0x5e8 [ 33.483035] kasan_report+0xdc/0x128 [ 33.483079] __asan_report_load8_noabort+0x20/0x30 [ 33.483151] kasan_atomics_helper+0x3f58/0x4858 [ 33.483204] kasan_atomics+0x198/0x2e0 [ 33.483253] kunit_try_run_case+0x170/0x3f0 [ 33.483308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.483607] kthread+0x328/0x630 [ 33.483669] ret_from_fork+0x10/0x20 [ 33.483738] [ 33.483764] Allocated by task 298: [ 33.483802] kasan_save_stack+0x3c/0x68 [ 33.483920] kasan_save_track+0x20/0x40 [ 33.483981] kasan_save_alloc_info+0x40/0x58 [ 33.484022] __kasan_kmalloc+0xd4/0xd8 [ 33.484148] __kmalloc_cache_noprof+0x16c/0x3c0 [ 33.484263] kasan_atomics+0xb8/0x2e0 [ 33.484331] kunit_try_run_case+0x170/0x3f0 [ 33.484386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.484433] kthread+0x328/0x630 [ 33.484466] ret_from_fork+0x10/0x20 [ 33.484620] [ 33.484852] The buggy address belongs to the object at fff00000c9c2de00 [ 33.484852] which belongs to the cache kmalloc-64 of size 64 [ 33.484954] The buggy address is located 0 bytes to the right of [ 33.484954] allocated 48-byte region [fff00000c9c2de00, fff00000c9c2de30) [ 33.485065] [ 33.485263] The buggy address belongs to the physical page: [ 33.485436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c2d [ 33.485693] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.485836] page_type: f5(slab) [ 33.485923] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.486010] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.486107] page dumped because: kasan: bad access detected [ 33.486195] [ 33.486253] Memory state around the buggy address: [ 33.486317] fff00000c9c2dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.486386] fff00000c9c2dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.486562] >fff00000c9c2de00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.486739] ^ [ 33.486822] fff00000c9c2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.486868] fff00000c9c2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.486917] ==================================================================
[ 28.887329] ================================================================== [ 28.887758] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 28.888155] Read of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.888536] [ 28.888662] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.888726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.888740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.888775] Call Trace: [ 28.888797] <TASK> [ 28.888820] dump_stack_lvl+0x73/0xb0 [ 28.888852] print_report+0xd1/0x640 [ 28.888885] ? __virt_addr_valid+0x1db/0x2d0 [ 28.888912] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.888958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.888986] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.889008] kasan_report+0x141/0x180 [ 28.889033] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.889061] __asan_report_load8_noabort+0x18/0x20 [ 28.889094] kasan_atomics_helper+0x4f30/0x5450 [ 28.889118] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.889141] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.889183] ? kasan_atomics+0x152/0x310 [ 28.889210] kasan_atomics+0x1dc/0x310 [ 28.889234] ? __pfx_kasan_atomics+0x10/0x10 [ 28.889268] ? __pfx_read_tsc+0x10/0x10 [ 28.889293] ? ktime_get_ts64+0x86/0x230 [ 28.889320] kunit_try_run_case+0x1a5/0x480 [ 28.889414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.889444] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.889472] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.889499] ? __kthread_parkme+0x82/0x180 [ 28.889521] ? preempt_count_sub+0x50/0x80 [ 28.889547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.889572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.889598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.889623] kthread+0x337/0x6f0 [ 28.889656] ? trace_preempt_on+0x20/0xc0 [ 28.889682] ? __pfx_kthread+0x10/0x10 [ 28.889705] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.889741] ? calculate_sigpending+0x7b/0xa0 [ 28.889767] ? __pfx_kthread+0x10/0x10 [ 28.889791] ret_from_fork+0x116/0x1d0 [ 28.889812] ? __pfx_kthread+0x10/0x10 [ 28.889834] ret_from_fork_asm+0x1a/0x30 [ 28.889867] </TASK> [ 28.889880] [ 28.898193] Allocated by task 314: [ 28.898454] kasan_save_stack+0x45/0x70 [ 28.898684] kasan_save_track+0x18/0x40 [ 28.898878] kasan_save_alloc_info+0x3b/0x50 [ 28.899085] __kasan_kmalloc+0xb7/0xc0 [ 28.899283] __kmalloc_cache_noprof+0x189/0x420 [ 28.899564] kasan_atomics+0x95/0x310 [ 28.899746] kunit_try_run_case+0x1a5/0x480 [ 28.899982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.900227] kthread+0x337/0x6f0 [ 28.900491] ret_from_fork+0x116/0x1d0 [ 28.900654] ret_from_fork_asm+0x1a/0x30 [ 28.900845] [ 28.900952] The buggy address belongs to the object at ffff888106118e00 [ 28.900952] which belongs to the cache kmalloc-64 of size 64 [ 28.901661] The buggy address is located 0 bytes to the right of [ 28.901661] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.902226] [ 28.902325] The buggy address belongs to the physical page: [ 28.902657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.903049] flags: 0x200000000000000(node=0|zone=2) [ 28.903324] page_type: f5(slab) [ 28.903565] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.903900] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.904152] page dumped because: kasan: bad access detected [ 28.904411] [ 28.904502] Memory state around the buggy address: [ 28.904723] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.905130] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.905496] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.905797] ^ [ 28.905978] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.906229] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.906889] ================================================================== [ 29.008464] ================================================================== [ 29.008856] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 29.009115] Read of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 29.009600] [ 29.009698] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 29.009751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.009766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.009790] Call Trace: [ 29.009810] <TASK> [ 29.009831] dump_stack_lvl+0x73/0xb0 [ 29.009862] print_report+0xd1/0x640 [ 29.009887] ? __virt_addr_valid+0x1db/0x2d0 [ 29.009913] ? kasan_atomics_helper+0x4f71/0x5450 [ 29.009936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.009963] ? kasan_atomics_helper+0x4f71/0x5450 [ 29.009987] kasan_report+0x141/0x180 [ 29.010011] ? kasan_atomics_helper+0x4f71/0x5450 [ 29.010039] __asan_report_load8_noabort+0x18/0x20 [ 29.010065] kasan_atomics_helper+0x4f71/0x5450 [ 29.010089] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.010113] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.010163] ? kasan_atomics+0x152/0x310 [ 29.010191] kasan_atomics+0x1dc/0x310 [ 29.010215] ? __pfx_kasan_atomics+0x10/0x10 [ 29.010241] ? __pfx_read_tsc+0x10/0x10 [ 29.010265] ? ktime_get_ts64+0x86/0x230 [ 29.010292] kunit_try_run_case+0x1a5/0x480 [ 29.010318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.010342] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.010369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.010396] ? __kthread_parkme+0x82/0x180 [ 29.010418] ? preempt_count_sub+0x50/0x80 [ 29.010443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.010468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.010493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.010517] kthread+0x337/0x6f0 [ 29.010540] ? trace_preempt_on+0x20/0xc0 [ 29.010566] ? __pfx_kthread+0x10/0x10 [ 29.010588] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.010613] ? calculate_sigpending+0x7b/0xa0 [ 29.010639] ? __pfx_kthread+0x10/0x10 [ 29.010662] ret_from_fork+0x116/0x1d0 [ 29.010684] ? __pfx_kthread+0x10/0x10 [ 29.010706] ret_from_fork_asm+0x1a/0x30 [ 29.010740] </TASK> [ 29.010753] [ 29.018116] Allocated by task 314: [ 29.018338] kasan_save_stack+0x45/0x70 [ 29.018515] kasan_save_track+0x18/0x40 [ 29.018691] kasan_save_alloc_info+0x3b/0x50 [ 29.018880] __kasan_kmalloc+0xb7/0xc0 [ 29.019023] __kmalloc_cache_noprof+0x189/0x420 [ 29.019186] kasan_atomics+0x95/0x310 [ 29.019317] kunit_try_run_case+0x1a5/0x480 [ 29.019460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.019634] kthread+0x337/0x6f0 [ 29.019753] ret_from_fork+0x116/0x1d0 [ 29.019883] ret_from_fork_asm+0x1a/0x30 [ 29.020050] [ 29.020140] The buggy address belongs to the object at ffff888106118e00 [ 29.020140] which belongs to the cache kmalloc-64 of size 64 [ 29.020678] The buggy address is located 0 bytes to the right of [ 29.020678] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 29.021467] [ 29.021537] The buggy address belongs to the physical page: [ 29.021712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 29.021951] flags: 0x200000000000000(node=0|zone=2) [ 29.022118] page_type: f5(slab) [ 29.022247] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.022711] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.023177] page dumped because: kasan: bad access detected [ 29.023427] [ 29.023516] Memory state around the buggy address: [ 29.023747] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.024062] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.024388] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.024715] ^ [ 29.024912] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.025228] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.025473] ================================================================== [ 27.973174] ================================================================== [ 27.973751] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 27.974270] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.974701] [ 27.974798] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.974851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.974864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.974889] Call Trace: [ 27.974906] <TASK> [ 27.974930] dump_stack_lvl+0x73/0xb0 [ 27.975201] print_report+0xd1/0x640 [ 27.975227] ? __virt_addr_valid+0x1db/0x2d0 [ 27.975253] ? kasan_atomics_helper+0x72f/0x5450 [ 27.975276] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.975304] ? kasan_atomics_helper+0x72f/0x5450 [ 27.975327] kasan_report+0x141/0x180 [ 27.975351] ? kasan_atomics_helper+0x72f/0x5450 [ 27.975378] kasan_check_range+0x10c/0x1c0 [ 27.975403] __kasan_check_write+0x18/0x20 [ 27.975428] kasan_atomics_helper+0x72f/0x5450 [ 27.975452] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.975489] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.975516] ? kasan_atomics+0x152/0x310 [ 27.975542] kasan_atomics+0x1dc/0x310 [ 27.975567] ? __pfx_kasan_atomics+0x10/0x10 [ 27.975592] ? __pfx_read_tsc+0x10/0x10 [ 27.975616] ? ktime_get_ts64+0x86/0x230 [ 27.975647] kunit_try_run_case+0x1a5/0x480 [ 27.975673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.975697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.975723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.975749] ? __kthread_parkme+0x82/0x180 [ 27.975771] ? preempt_count_sub+0x50/0x80 [ 27.975795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.975821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.975846] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.975871] kthread+0x337/0x6f0 [ 27.975892] ? trace_preempt_on+0x20/0xc0 [ 27.975918] ? __pfx_kthread+0x10/0x10 [ 27.975941] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.975966] ? calculate_sigpending+0x7b/0xa0 [ 27.975992] ? __pfx_kthread+0x10/0x10 [ 27.976016] ret_from_fork+0x116/0x1d0 [ 27.976037] ? __pfx_kthread+0x10/0x10 [ 27.976060] ret_from_fork_asm+0x1a/0x30 [ 27.976092] </TASK> [ 27.976105] [ 27.986521] Allocated by task 314: [ 27.986945] kasan_save_stack+0x45/0x70 [ 27.987286] kasan_save_track+0x18/0x40 [ 27.987501] kasan_save_alloc_info+0x3b/0x50 [ 27.987807] __kasan_kmalloc+0xb7/0xc0 [ 27.987956] __kmalloc_cache_noprof+0x189/0x420 [ 27.988176] kasan_atomics+0x95/0x310 [ 27.988379] kunit_try_run_case+0x1a5/0x480 [ 27.988824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.989135] kthread+0x337/0x6f0 [ 27.989421] ret_from_fork+0x116/0x1d0 [ 27.989793] ret_from_fork_asm+0x1a/0x30 [ 27.990069] [ 27.990179] The buggy address belongs to the object at ffff888106118e00 [ 27.990179] which belongs to the cache kmalloc-64 of size 64 [ 27.990950] The buggy address is located 0 bytes to the right of [ 27.990950] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 27.991602] [ 27.991784] The buggy address belongs to the physical page: [ 27.992122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 27.992857] flags: 0x200000000000000(node=0|zone=2) [ 27.993077] page_type: f5(slab) [ 27.993425] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.993661] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.994158] page dumped because: kasan: bad access detected [ 27.994350] [ 27.994440] Memory state around the buggy address: [ 27.994664] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.994934] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.995233] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.996054] ^ [ 27.996252] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.996782] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.997096] ================================================================== [ 27.715862] ================================================================== [ 27.716163] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 27.716670] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.716940] [ 27.717271] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.717321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.717334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.717355] Call Trace: [ 27.717421] <TASK> [ 27.717441] dump_stack_lvl+0x73/0xb0 [ 27.717471] print_report+0xd1/0x640 [ 27.717494] ? __virt_addr_valid+0x1db/0x2d0 [ 27.717518] ? kasan_atomics_helper+0x4ba2/0x5450 [ 27.717540] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.717567] ? kasan_atomics_helper+0x4ba2/0x5450 [ 27.717591] kasan_report+0x141/0x180 [ 27.717616] ? kasan_atomics_helper+0x4ba2/0x5450 [ 27.717642] __asan_report_store4_noabort+0x1b/0x30 [ 27.717666] kasan_atomics_helper+0x4ba2/0x5450 [ 27.717690] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.717712] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.717736] ? kasan_atomics+0x152/0x310 [ 27.717762] kasan_atomics+0x1dc/0x310 [ 27.717785] ? __pfx_kasan_atomics+0x10/0x10 [ 27.717808] ? __pfx_read_tsc+0x10/0x10 [ 27.717831] ? ktime_get_ts64+0x86/0x230 [ 27.717856] kunit_try_run_case+0x1a5/0x480 [ 27.717880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.717904] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.717930] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.717965] ? __kthread_parkme+0x82/0x180 [ 27.717986] ? preempt_count_sub+0x50/0x80 [ 27.718010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.718034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.718057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.718081] kthread+0x337/0x6f0 [ 27.718101] ? trace_preempt_on+0x20/0xc0 [ 27.718126] ? __pfx_kthread+0x10/0x10 [ 27.718159] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.718183] ? calculate_sigpending+0x7b/0xa0 [ 27.718207] ? __pfx_kthread+0x10/0x10 [ 27.718229] ret_from_fork+0x116/0x1d0 [ 27.718249] ? __pfx_kthread+0x10/0x10 [ 27.718270] ret_from_fork_asm+0x1a/0x30 [ 27.718303] </TASK> [ 27.718314] [ 27.726431] Allocated by task 314: [ 27.726633] kasan_save_stack+0x45/0x70 [ 27.726793] kasan_save_track+0x18/0x40 [ 27.727050] kasan_save_alloc_info+0x3b/0x50 [ 27.727257] __kasan_kmalloc+0xb7/0xc0 [ 27.727601] __kmalloc_cache_noprof+0x189/0x420 [ 27.727848] kasan_atomics+0x95/0x310 [ 27.728097] kunit_try_run_case+0x1a5/0x480 [ 27.728297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.728574] kthread+0x337/0x6f0 [ 27.728751] ret_from_fork+0x116/0x1d0 [ 27.728909] ret_from_fork_asm+0x1a/0x30 [ 27.729044] [ 27.729110] The buggy address belongs to the object at ffff888106118e00 [ 27.729110] which belongs to the cache kmalloc-64 of size 64 [ 27.729472] The buggy address is located 0 bytes to the right of [ 27.729472] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 27.729835] [ 27.729902] The buggy address belongs to the physical page: [ 27.730203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 27.730553] flags: 0x200000000000000(node=0|zone=2) [ 27.730776] page_type: f5(slab) [ 27.730937] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.731314] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.731726] page dumped because: kasan: bad access detected [ 27.731901] [ 27.732041] Memory state around the buggy address: [ 27.732272] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.732663] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.732880] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.733480] ^ [ 27.733847] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.734155] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.734482] ================================================================== [ 27.734924] ================================================================== [ 27.735275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 27.735833] Read of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.736139] [ 27.736253] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.736302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.736314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.736338] Call Trace: [ 27.736354] <TASK> [ 27.736371] dump_stack_lvl+0x73/0xb0 [ 27.736399] print_report+0xd1/0x640 [ 27.736421] ? __virt_addr_valid+0x1db/0x2d0 [ 27.736445] ? kasan_atomics_helper+0x4b88/0x5450 [ 27.736467] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.736493] ? kasan_atomics_helper+0x4b88/0x5450 [ 27.736515] kasan_report+0x141/0x180 [ 27.736537] ? kasan_atomics_helper+0x4b88/0x5450 [ 27.736563] __asan_report_load4_noabort+0x18/0x20 [ 27.736588] kasan_atomics_helper+0x4b88/0x5450 [ 27.736610] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.736632] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.736657] ? kasan_atomics+0x152/0x310 [ 27.736683] kasan_atomics+0x1dc/0x310 [ 27.736705] ? __pfx_kasan_atomics+0x10/0x10 [ 27.736729] ? __pfx_read_tsc+0x10/0x10 [ 27.736752] ? ktime_get_ts64+0x86/0x230 [ 27.736776] kunit_try_run_case+0x1a5/0x480 [ 27.736801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.736823] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.736849] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.736874] ? __kthread_parkme+0x82/0x180 [ 27.736895] ? preempt_count_sub+0x50/0x80 [ 27.736919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.736995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.737023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.737048] kthread+0x337/0x6f0 [ 27.737070] ? trace_preempt_on+0x20/0xc0 [ 27.737095] ? __pfx_kthread+0x10/0x10 [ 27.737118] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.737155] ? calculate_sigpending+0x7b/0xa0 [ 27.737181] ? __pfx_kthread+0x10/0x10 [ 27.737204] ret_from_fork+0x116/0x1d0 [ 27.737225] ? __pfx_kthread+0x10/0x10 [ 27.737248] ret_from_fork_asm+0x1a/0x30 [ 27.737281] </TASK> [ 27.737293] [ 27.745019] Allocated by task 314: [ 27.745219] kasan_save_stack+0x45/0x70 [ 27.745391] kasan_save_track+0x18/0x40 [ 27.745556] kasan_save_alloc_info+0x3b/0x50 [ 27.745701] __kasan_kmalloc+0xb7/0xc0 [ 27.745830] __kmalloc_cache_noprof+0x189/0x420 [ 27.745982] kasan_atomics+0x95/0x310 [ 27.746111] kunit_try_run_case+0x1a5/0x480 [ 27.746308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.746485] kthread+0x337/0x6f0 [ 27.746605] ret_from_fork+0x116/0x1d0 [ 27.746736] ret_from_fork_asm+0x1a/0x30 [ 27.746873] [ 27.746939] The buggy address belongs to the object at ffff888106118e00 [ 27.746939] which belongs to the cache kmalloc-64 of size 64 [ 27.747935] The buggy address is located 0 bytes to the right of [ 27.747935] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 27.748480] [ 27.748572] The buggy address belongs to the physical page: [ 27.748820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 27.749383] flags: 0x200000000000000(node=0|zone=2) [ 27.749623] page_type: f5(slab) [ 27.749787] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.750109] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.750346] page dumped because: kasan: bad access detected [ 27.750514] [ 27.750578] Memory state around the buggy address: [ 27.750730] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.750946] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.751188] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.751503] ^ [ 27.751730] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.752459] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.752808] ================================================================== [ 28.118396] ================================================================== [ 28.118885] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 28.119259] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.119690] [ 28.119812] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.120016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.120032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.120055] Call Trace: [ 28.120077] <TASK> [ 28.120097] dump_stack_lvl+0x73/0xb0 [ 28.120130] print_report+0xd1/0x640 [ 28.120168] ? __virt_addr_valid+0x1db/0x2d0 [ 28.120194] ? kasan_atomics_helper+0xac7/0x5450 [ 28.120217] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.120244] ? kasan_atomics_helper+0xac7/0x5450 [ 28.120266] kasan_report+0x141/0x180 [ 28.120290] ? kasan_atomics_helper+0xac7/0x5450 [ 28.120316] kasan_check_range+0x10c/0x1c0 [ 28.120341] __kasan_check_write+0x18/0x20 [ 28.120364] kasan_atomics_helper+0xac7/0x5450 [ 28.120493] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.120518] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.120597] ? kasan_atomics+0x152/0x310 [ 28.120625] kasan_atomics+0x1dc/0x310 [ 28.120649] ? __pfx_kasan_atomics+0x10/0x10 [ 28.120674] ? __pfx_read_tsc+0x10/0x10 [ 28.120749] ? ktime_get_ts64+0x86/0x230 [ 28.120775] kunit_try_run_case+0x1a5/0x480 [ 28.120802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.120827] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.120854] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.120881] ? __kthread_parkme+0x82/0x180 [ 28.120903] ? preempt_count_sub+0x50/0x80 [ 28.120927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.120968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.120993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.121018] kthread+0x337/0x6f0 [ 28.121040] ? trace_preempt_on+0x20/0xc0 [ 28.121065] ? __pfx_kthread+0x10/0x10 [ 28.121087] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.121112] ? calculate_sigpending+0x7b/0xa0 [ 28.121138] ? __pfx_kthread+0x10/0x10 [ 28.121171] ret_from_fork+0x116/0x1d0 [ 28.121192] ? __pfx_kthread+0x10/0x10 [ 28.121214] ret_from_fork_asm+0x1a/0x30 [ 28.121248] </TASK> [ 28.121260] [ 28.131818] Allocated by task 314: [ 28.131987] kasan_save_stack+0x45/0x70 [ 28.132186] kasan_save_track+0x18/0x40 [ 28.132324] kasan_save_alloc_info+0x3b/0x50 [ 28.132589] __kasan_kmalloc+0xb7/0xc0 [ 28.133197] __kmalloc_cache_noprof+0x189/0x420 [ 28.133635] kasan_atomics+0x95/0x310 [ 28.133872] kunit_try_run_case+0x1a5/0x480 [ 28.134053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.134518] kthread+0x337/0x6f0 [ 28.134736] ret_from_fork+0x116/0x1d0 [ 28.135030] ret_from_fork_asm+0x1a/0x30 [ 28.135200] [ 28.135297] The buggy address belongs to the object at ffff888106118e00 [ 28.135297] which belongs to the cache kmalloc-64 of size 64 [ 28.136069] The buggy address is located 0 bytes to the right of [ 28.136069] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.137036] [ 28.137128] The buggy address belongs to the physical page: [ 28.137363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.137913] flags: 0x200000000000000(node=0|zone=2) [ 28.138196] page_type: f5(slab) [ 28.138495] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.138784] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.139261] page dumped because: kasan: bad access detected [ 28.139546] [ 28.139727] Memory state around the buggy address: [ 28.139906] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.140226] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.140679] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.141227] ^ [ 28.141641] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.142038] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.142487] ================================================================== [ 28.242533] ================================================================== [ 28.242765] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 28.243100] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.243337] [ 28.243423] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.243471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.243485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.243506] Call Trace: [ 28.243527] <TASK> [ 28.243545] dump_stack_lvl+0x73/0xb0 [ 28.243573] print_report+0xd1/0x640 [ 28.243596] ? __virt_addr_valid+0x1db/0x2d0 [ 28.243626] ? kasan_atomics_helper+0xe78/0x5450 [ 28.243649] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.243676] ? kasan_atomics_helper+0xe78/0x5450 [ 28.243699] kasan_report+0x141/0x180 [ 28.243721] ? kasan_atomics_helper+0xe78/0x5450 [ 28.243747] kasan_check_range+0x10c/0x1c0 [ 28.243772] __kasan_check_write+0x18/0x20 [ 28.243796] kasan_atomics_helper+0xe78/0x5450 [ 28.243819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.243841] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.243866] ? kasan_atomics+0x152/0x310 [ 28.243893] kasan_atomics+0x1dc/0x310 [ 28.243915] ? __pfx_kasan_atomics+0x10/0x10 [ 28.243940] ? __pfx_read_tsc+0x10/0x10 [ 28.243962] ? ktime_get_ts64+0x86/0x230 [ 28.243988] kunit_try_run_case+0x1a5/0x480 [ 28.244012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.244035] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.244062] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.244088] ? __kthread_parkme+0x82/0x180 [ 28.244109] ? preempt_count_sub+0x50/0x80 [ 28.244134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.244169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.244194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.244218] kthread+0x337/0x6f0 [ 28.244240] ? trace_preempt_on+0x20/0xc0 [ 28.244265] ? __pfx_kthread+0x10/0x10 [ 28.244286] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.244312] ? calculate_sigpending+0x7b/0xa0 [ 28.244336] ? __pfx_kthread+0x10/0x10 [ 28.244359] ret_from_fork+0x116/0x1d0 [ 28.244378] ? __pfx_kthread+0x10/0x10 [ 28.244401] ret_from_fork_asm+0x1a/0x30 [ 28.244473] </TASK> [ 28.244488] [ 28.254275] Allocated by task 314: [ 28.254486] kasan_save_stack+0x45/0x70 [ 28.254873] kasan_save_track+0x18/0x40 [ 28.255022] kasan_save_alloc_info+0x3b/0x50 [ 28.255435] __kasan_kmalloc+0xb7/0xc0 [ 28.255577] __kmalloc_cache_noprof+0x189/0x420 [ 28.255796] kasan_atomics+0x95/0x310 [ 28.256045] kunit_try_run_case+0x1a5/0x480 [ 28.256207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.256386] kthread+0x337/0x6f0 [ 28.256555] ret_from_fork+0x116/0x1d0 [ 28.256864] ret_from_fork_asm+0x1a/0x30 [ 28.257218] [ 28.257355] The buggy address belongs to the object at ffff888106118e00 [ 28.257355] which belongs to the cache kmalloc-64 of size 64 [ 28.258040] The buggy address is located 0 bytes to the right of [ 28.258040] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.258481] [ 28.258572] The buggy address belongs to the physical page: [ 28.258913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.259257] flags: 0x200000000000000(node=0|zone=2) [ 28.259504] page_type: f5(slab) [ 28.259713] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.260037] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.260306] page dumped because: kasan: bad access detected [ 28.260645] [ 28.260736] Memory state around the buggy address: [ 28.260948] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.261170] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.261601] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.261804] ^ [ 28.262251] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.262607] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.262906] ================================================================== [ 28.767126] ================================================================== [ 28.767702] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 28.768089] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.768345] [ 28.768511] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.768564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.768579] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.768603] Call Trace: [ 28.768624] <TASK> [ 28.768645] dump_stack_lvl+0x73/0xb0 [ 28.768676] print_report+0xd1/0x640 [ 28.768701] ? __virt_addr_valid+0x1db/0x2d0 [ 28.768728] ? kasan_atomics_helper+0x18b1/0x5450 [ 28.768750] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.768777] ? kasan_atomics_helper+0x18b1/0x5450 [ 28.768800] kasan_report+0x141/0x180 [ 28.768823] ? kasan_atomics_helper+0x18b1/0x5450 [ 28.768851] kasan_check_range+0x10c/0x1c0 [ 28.768876] __kasan_check_write+0x18/0x20 [ 28.768901] kasan_atomics_helper+0x18b1/0x5450 [ 28.768946] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.768970] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.768997] ? kasan_atomics+0x152/0x310 [ 28.769025] kasan_atomics+0x1dc/0x310 [ 28.769048] ? __pfx_kasan_atomics+0x10/0x10 [ 28.769074] ? __pfx_read_tsc+0x10/0x10 [ 28.769097] ? ktime_get_ts64+0x86/0x230 [ 28.769124] kunit_try_run_case+0x1a5/0x480 [ 28.769159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.769193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.769221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.769249] ? __kthread_parkme+0x82/0x180 [ 28.769281] ? preempt_count_sub+0x50/0x80 [ 28.769307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.769332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.769417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.769447] kthread+0x337/0x6f0 [ 28.769471] ? trace_preempt_on+0x20/0xc0 [ 28.769496] ? __pfx_kthread+0x10/0x10 [ 28.769519] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.769544] ? calculate_sigpending+0x7b/0xa0 [ 28.769569] ? __pfx_kthread+0x10/0x10 [ 28.769592] ret_from_fork+0x116/0x1d0 [ 28.769614] ? __pfx_kthread+0x10/0x10 [ 28.769635] ret_from_fork_asm+0x1a/0x30 [ 28.769669] </TASK> [ 28.769682] [ 28.778111] Allocated by task 314: [ 28.778334] kasan_save_stack+0x45/0x70 [ 28.778598] kasan_save_track+0x18/0x40 [ 28.778787] kasan_save_alloc_info+0x3b/0x50 [ 28.779032] __kasan_kmalloc+0xb7/0xc0 [ 28.779207] __kmalloc_cache_noprof+0x189/0x420 [ 28.779462] kasan_atomics+0x95/0x310 [ 28.779674] kunit_try_run_case+0x1a5/0x480 [ 28.779896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.780173] kthread+0x337/0x6f0 [ 28.780337] ret_from_fork+0x116/0x1d0 [ 28.780527] ret_from_fork_asm+0x1a/0x30 [ 28.780668] [ 28.780734] The buggy address belongs to the object at ffff888106118e00 [ 28.780734] which belongs to the cache kmalloc-64 of size 64 [ 28.781094] The buggy address is located 0 bytes to the right of [ 28.781094] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.781749] [ 28.781849] The buggy address belongs to the physical page: [ 28.782161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.782712] flags: 0x200000000000000(node=0|zone=2) [ 28.783004] page_type: f5(slab) [ 28.783170] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.783464] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.783700] page dumped because: kasan: bad access detected [ 28.783870] [ 28.783983] Memory state around the buggy address: [ 28.784238] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.784641] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.785030] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.785435] ^ [ 28.785692] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.786032] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.786424] ================================================================== [ 29.046902] ================================================================== [ 29.048625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 29.049387] Read of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 29.050105] [ 29.050336] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 29.050391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.050405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.050429] Call Trace: [ 29.050451] <TASK> [ 29.050472] dump_stack_lvl+0x73/0xb0 [ 29.050538] print_report+0xd1/0x640 [ 29.050564] ? __virt_addr_valid+0x1db/0x2d0 [ 29.050601] ? kasan_atomics_helper+0x4f98/0x5450 [ 29.050624] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.050652] ? kasan_atomics_helper+0x4f98/0x5450 [ 29.050675] kasan_report+0x141/0x180 [ 29.050698] ? kasan_atomics_helper+0x4f98/0x5450 [ 29.050725] __asan_report_load8_noabort+0x18/0x20 [ 29.050751] kasan_atomics_helper+0x4f98/0x5450 [ 29.050775] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.050798] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.050825] ? kasan_atomics+0x152/0x310 [ 29.050852] kasan_atomics+0x1dc/0x310 [ 29.050876] ? __pfx_kasan_atomics+0x10/0x10 [ 29.050902] ? __pfx_read_tsc+0x10/0x10 [ 29.050925] ? ktime_get_ts64+0x86/0x230 [ 29.050963] kunit_try_run_case+0x1a5/0x480 [ 29.050990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.051013] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.051040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.051068] ? __kthread_parkme+0x82/0x180 [ 29.051089] ? preempt_count_sub+0x50/0x80 [ 29.051114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.051140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.051174] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.051200] kthread+0x337/0x6f0 [ 29.051221] ? trace_preempt_on+0x20/0xc0 [ 29.051247] ? __pfx_kthread+0x10/0x10 [ 29.051268] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.051293] ? calculate_sigpending+0x7b/0xa0 [ 29.051318] ? __pfx_kthread+0x10/0x10 [ 29.051340] ret_from_fork+0x116/0x1d0 [ 29.051362] ? __pfx_kthread+0x10/0x10 [ 29.051384] ret_from_fork_asm+0x1a/0x30 [ 29.051418] </TASK> [ 29.051431] [ 29.063721] Allocated by task 314: [ 29.063923] kasan_save_stack+0x45/0x70 [ 29.064315] kasan_save_track+0x18/0x40 [ 29.064606] kasan_save_alloc_info+0x3b/0x50 [ 29.064820] __kasan_kmalloc+0xb7/0xc0 [ 29.065150] __kmalloc_cache_noprof+0x189/0x420 [ 29.065467] kasan_atomics+0x95/0x310 [ 29.065653] kunit_try_run_case+0x1a5/0x480 [ 29.065845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.066273] kthread+0x337/0x6f0 [ 29.066439] ret_from_fork+0x116/0x1d0 [ 29.066764] ret_from_fork_asm+0x1a/0x30 [ 29.067060] [ 29.067164] The buggy address belongs to the object at ffff888106118e00 [ 29.067164] which belongs to the cache kmalloc-64 of size 64 [ 29.067749] The buggy address is located 0 bytes to the right of [ 29.067749] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 29.068547] [ 29.068718] The buggy address belongs to the physical page: [ 29.069024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 29.069473] flags: 0x200000000000000(node=0|zone=2) [ 29.069790] page_type: f5(slab) [ 29.069976] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.070372] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.070696] page dumped because: kasan: bad access detected [ 29.071139] [ 29.071271] Memory state around the buggy address: [ 29.071744] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.072225] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.072439] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.072646] ^ [ 29.072796] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.073015] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.073358] ================================================================== [ 28.991096] ================================================================== [ 28.991536] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 28.991880] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.992198] [ 28.992297] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.992351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.992365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.992621] Call Trace: [ 28.992644] <TASK> [ 28.992666] dump_stack_lvl+0x73/0xb0 [ 28.992698] print_report+0xd1/0x640 [ 28.992723] ? __virt_addr_valid+0x1db/0x2d0 [ 28.992749] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.992773] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.992801] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.992824] kasan_report+0x141/0x180 [ 28.992848] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.992875] kasan_check_range+0x10c/0x1c0 [ 28.992916] __kasan_check_write+0x18/0x20 [ 28.992947] kasan_atomics_helper+0x1f43/0x5450 [ 28.992972] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.992995] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.993022] ? kasan_atomics+0x152/0x310 [ 28.993049] kasan_atomics+0x1dc/0x310 [ 28.993073] ? __pfx_kasan_atomics+0x10/0x10 [ 28.993125] ? __pfx_read_tsc+0x10/0x10 [ 28.993160] ? ktime_get_ts64+0x86/0x230 [ 28.993187] kunit_try_run_case+0x1a5/0x480 [ 28.993214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.993240] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.993267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.993293] ? __kthread_parkme+0x82/0x180 [ 28.993315] ? preempt_count_sub+0x50/0x80 [ 28.993340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.993365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.993391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.993424] kthread+0x337/0x6f0 [ 28.993446] ? trace_preempt_on+0x20/0xc0 [ 28.993472] ? __pfx_kthread+0x10/0x10 [ 28.993495] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.993521] ? calculate_sigpending+0x7b/0xa0 [ 28.993546] ? __pfx_kthread+0x10/0x10 [ 28.993569] ret_from_fork+0x116/0x1d0 [ 28.993590] ? __pfx_kthread+0x10/0x10 [ 28.993612] ret_from_fork_asm+0x1a/0x30 [ 28.993646] </TASK> [ 28.993659] [ 29.000449] Allocated by task 314: [ 29.000664] kasan_save_stack+0x45/0x70 [ 29.000867] kasan_save_track+0x18/0x40 [ 29.001050] kasan_save_alloc_info+0x3b/0x50 [ 29.001344] __kasan_kmalloc+0xb7/0xc0 [ 29.001527] __kmalloc_cache_noprof+0x189/0x420 [ 29.001721] kasan_atomics+0x95/0x310 [ 29.001853] kunit_try_run_case+0x1a5/0x480 [ 29.002175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.002427] kthread+0x337/0x6f0 [ 29.002562] ret_from_fork+0x116/0x1d0 [ 29.002737] ret_from_fork_asm+0x1a/0x30 [ 29.002914] [ 29.003081] The buggy address belongs to the object at ffff888106118e00 [ 29.003081] which belongs to the cache kmalloc-64 of size 64 [ 29.003508] The buggy address is located 0 bytes to the right of [ 29.003508] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 29.003966] [ 29.004065] The buggy address belongs to the physical page: [ 29.004334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 29.004658] flags: 0x200000000000000(node=0|zone=2) [ 29.004850] page_type: f5(slab) [ 29.005081] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.005380] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.005619] page dumped because: kasan: bad access detected [ 29.005857] [ 29.005931] Memory state around the buggy address: [ 29.006123] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.006404] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.006675] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.007025] ^ [ 29.007233] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.007518] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.007797] ================================================================== [ 28.642856] ================================================================== [ 28.643578] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 28.643922] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.644233] [ 28.644325] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.644423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.644441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.644465] Call Trace: [ 28.644485] <TASK> [ 28.644504] dump_stack_lvl+0x73/0xb0 [ 28.644534] print_report+0xd1/0x640 [ 28.644558] ? __virt_addr_valid+0x1db/0x2d0 [ 28.644584] ? kasan_atomics_helper+0x15b6/0x5450 [ 28.644606] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.644633] ? kasan_atomics_helper+0x15b6/0x5450 [ 28.644656] kasan_report+0x141/0x180 [ 28.644679] ? kasan_atomics_helper+0x15b6/0x5450 [ 28.644706] kasan_check_range+0x10c/0x1c0 [ 28.644731] __kasan_check_write+0x18/0x20 [ 28.644757] kasan_atomics_helper+0x15b6/0x5450 [ 28.644781] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.644804] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.644831] ? kasan_atomics+0x152/0x310 [ 28.644858] kasan_atomics+0x1dc/0x310 [ 28.644882] ? __pfx_kasan_atomics+0x10/0x10 [ 28.644908] ? __pfx_read_tsc+0x10/0x10 [ 28.644932] ? ktime_get_ts64+0x86/0x230 [ 28.644959] kunit_try_run_case+0x1a5/0x480 [ 28.644986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.645010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.645037] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.645064] ? __kthread_parkme+0x82/0x180 [ 28.645086] ? preempt_count_sub+0x50/0x80 [ 28.645112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.645138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.645176] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.645201] kthread+0x337/0x6f0 [ 28.645223] ? trace_preempt_on+0x20/0xc0 [ 28.645249] ? __pfx_kthread+0x10/0x10 [ 28.645271] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.645297] ? calculate_sigpending+0x7b/0xa0 [ 28.645322] ? __pfx_kthread+0x10/0x10 [ 28.645345] ret_from_fork+0x116/0x1d0 [ 28.645367] ? __pfx_kthread+0x10/0x10 [ 28.645389] ret_from_fork_asm+0x1a/0x30 [ 28.645422] </TASK> [ 28.645435] [ 28.657505] Allocated by task 314: [ 28.657651] kasan_save_stack+0x45/0x70 [ 28.657801] kasan_save_track+0x18/0x40 [ 28.657933] kasan_save_alloc_info+0x3b/0x50 [ 28.658079] __kasan_kmalloc+0xb7/0xc0 [ 28.658517] __kmalloc_cache_noprof+0x189/0x420 [ 28.659012] kasan_atomics+0x95/0x310 [ 28.659537] kunit_try_run_case+0x1a5/0x480 [ 28.660022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.660645] kthread+0x337/0x6f0 [ 28.661011] ret_from_fork+0x116/0x1d0 [ 28.661420] ret_from_fork_asm+0x1a/0x30 [ 28.661797] [ 28.661981] The buggy address belongs to the object at ffff888106118e00 [ 28.661981] which belongs to the cache kmalloc-64 of size 64 [ 28.663131] The buggy address is located 0 bytes to the right of [ 28.663131] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.664203] [ 28.664373] The buggy address belongs to the physical page: [ 28.664796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.665445] flags: 0x200000000000000(node=0|zone=2) [ 28.665863] page_type: f5(slab) [ 28.666186] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.666897] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.667339] page dumped because: kasan: bad access detected [ 28.667840] [ 28.667918] Memory state around the buggy address: [ 28.668388] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.669078] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.669321] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.669540] ^ [ 28.669696] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.669910] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.670120] ================================================================== [ 28.746074] ================================================================== [ 28.746421] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 28.746667] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.746893] [ 28.747011] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.747067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.747082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.747106] Call Trace: [ 28.747130] <TASK> [ 28.747163] dump_stack_lvl+0x73/0xb0 [ 28.747197] print_report+0xd1/0x640 [ 28.747233] ? __virt_addr_valid+0x1db/0x2d0 [ 28.747259] ? kasan_atomics_helper+0x1818/0x5450 [ 28.747283] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.747321] ? kasan_atomics_helper+0x1818/0x5450 [ 28.747345] kasan_report+0x141/0x180 [ 28.747369] ? kasan_atomics_helper+0x1818/0x5450 [ 28.747397] kasan_check_range+0x10c/0x1c0 [ 28.747423] __kasan_check_write+0x18/0x20 [ 28.747448] kasan_atomics_helper+0x1818/0x5450 [ 28.747473] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.747497] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.747524] ? kasan_atomics+0x152/0x310 [ 28.747553] kasan_atomics+0x1dc/0x310 [ 28.747577] ? __pfx_kasan_atomics+0x10/0x10 [ 28.747603] ? __pfx_read_tsc+0x10/0x10 [ 28.747633] ? ktime_get_ts64+0x86/0x230 [ 28.747660] kunit_try_run_case+0x1a5/0x480 [ 28.747688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.747711] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.747739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.747767] ? __kthread_parkme+0x82/0x180 [ 28.747789] ? preempt_count_sub+0x50/0x80 [ 28.747813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.747840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.747866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.747891] kthread+0x337/0x6f0 [ 28.747914] ? trace_preempt_on+0x20/0xc0 [ 28.747960] ? __pfx_kthread+0x10/0x10 [ 28.747983] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.748008] ? calculate_sigpending+0x7b/0xa0 [ 28.748034] ? __pfx_kthread+0x10/0x10 [ 28.748057] ret_from_fork+0x116/0x1d0 [ 28.748079] ? __pfx_kthread+0x10/0x10 [ 28.748101] ret_from_fork_asm+0x1a/0x30 [ 28.748158] </TASK> [ 28.748171] [ 28.757213] Allocated by task 314: [ 28.757983] kasan_save_stack+0x45/0x70 [ 28.758271] kasan_save_track+0x18/0x40 [ 28.758644] kasan_save_alloc_info+0x3b/0x50 [ 28.759107] __kasan_kmalloc+0xb7/0xc0 [ 28.759339] __kmalloc_cache_noprof+0x189/0x420 [ 28.759713] kasan_atomics+0x95/0x310 [ 28.759907] kunit_try_run_case+0x1a5/0x480 [ 28.760157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.760343] kthread+0x337/0x6f0 [ 28.760603] ret_from_fork+0x116/0x1d0 [ 28.760794] ret_from_fork_asm+0x1a/0x30 [ 28.761007] [ 28.761103] The buggy address belongs to the object at ffff888106118e00 [ 28.761103] which belongs to the cache kmalloc-64 of size 64 [ 28.761615] The buggy address is located 0 bytes to the right of [ 28.761615] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.762178] [ 28.762265] The buggy address belongs to the physical page: [ 28.762574] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.762948] flags: 0x200000000000000(node=0|zone=2) [ 28.763139] page_type: f5(slab) [ 28.763269] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.763715] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.763979] page dumped because: kasan: bad access detected [ 28.764161] [ 28.764281] Memory state around the buggy address: [ 28.764529] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.764841] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.765165] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.765480] ^ [ 28.765798] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.766179] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.766575] ================================================================== [ 29.129042] ================================================================== [ 29.129433] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 29.129778] Read of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 29.130094] [ 29.130192] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 29.130243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.130256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.130279] Call Trace: [ 29.130300] <TASK> [ 29.130319] dump_stack_lvl+0x73/0xb0 [ 29.130348] print_report+0xd1/0x640 [ 29.130372] ? __virt_addr_valid+0x1db/0x2d0 [ 29.130398] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.130422] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.130451] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.130475] kasan_report+0x141/0x180 [ 29.130499] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.130526] __asan_report_load8_noabort+0x18/0x20 [ 29.130552] kasan_atomics_helper+0x4fa5/0x5450 [ 29.130577] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.130600] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.130626] ? kasan_atomics+0x152/0x310 [ 29.130654] kasan_atomics+0x1dc/0x310 [ 29.130678] ? __pfx_kasan_atomics+0x10/0x10 [ 29.130703] ? __pfx_read_tsc+0x10/0x10 [ 29.130728] ? ktime_get_ts64+0x86/0x230 [ 29.130755] kunit_try_run_case+0x1a5/0x480 [ 29.130781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.130806] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.130834] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.130860] ? __kthread_parkme+0x82/0x180 [ 29.130883] ? preempt_count_sub+0x50/0x80 [ 29.130909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.130934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.131374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.131403] kthread+0x337/0x6f0 [ 29.131426] ? trace_preempt_on+0x20/0xc0 [ 29.131453] ? __pfx_kthread+0x10/0x10 [ 29.131475] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.131502] ? calculate_sigpending+0x7b/0xa0 [ 29.131528] ? __pfx_kthread+0x10/0x10 [ 29.131551] ret_from_fork+0x116/0x1d0 [ 29.131573] ? __pfx_kthread+0x10/0x10 [ 29.131596] ret_from_fork_asm+0x1a/0x30 [ 29.131635] </TASK> [ 29.131648] [ 29.139020] Allocated by task 314: [ 29.139279] kasan_save_stack+0x45/0x70 [ 29.139487] kasan_save_track+0x18/0x40 [ 29.139651] kasan_save_alloc_info+0x3b/0x50 [ 29.139796] __kasan_kmalloc+0xb7/0xc0 [ 29.139926] __kmalloc_cache_noprof+0x189/0x420 [ 29.140078] kasan_atomics+0x95/0x310 [ 29.140219] kunit_try_run_case+0x1a5/0x480 [ 29.140369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.140549] kthread+0x337/0x6f0 [ 29.140669] ret_from_fork+0x116/0x1d0 [ 29.140801] ret_from_fork_asm+0x1a/0x30 [ 29.140955] [ 29.141047] The buggy address belongs to the object at ffff888106118e00 [ 29.141047] which belongs to the cache kmalloc-64 of size 64 [ 29.141570] The buggy address is located 0 bytes to the right of [ 29.141570] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 29.142447] [ 29.142544] The buggy address belongs to the physical page: [ 29.142818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 29.143176] flags: 0x200000000000000(node=0|zone=2) [ 29.143357] page_type: f5(slab) [ 29.143478] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.143718] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.144320] page dumped because: kasan: bad access detected [ 29.144566] [ 29.144654] Memory state around the buggy address: [ 29.144852] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.145261] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.145518] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.145721] ^ [ 29.145866] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.146140] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.146448] ================================================================== [ 28.604775] ================================================================== [ 28.605056] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 28.605445] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.605684] [ 28.605811] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.605862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.605876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.605899] Call Trace: [ 28.605921] <TASK> [ 28.605941] dump_stack_lvl+0x73/0xb0 [ 28.606197] print_report+0xd1/0x640 [ 28.606225] ? __virt_addr_valid+0x1db/0x2d0 [ 28.606252] ? kasan_atomics_helper+0x50d4/0x5450 [ 28.606273] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.606301] ? kasan_atomics_helper+0x50d4/0x5450 [ 28.606324] kasan_report+0x141/0x180 [ 28.606347] ? kasan_atomics_helper+0x50d4/0x5450 [ 28.606420] __asan_report_store8_noabort+0x1b/0x30 [ 28.606453] kasan_atomics_helper+0x50d4/0x5450 [ 28.606478] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.606501] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.606527] ? kasan_atomics+0x152/0x310 [ 28.606555] kasan_atomics+0x1dc/0x310 [ 28.606579] ? __pfx_kasan_atomics+0x10/0x10 [ 28.606604] ? __pfx_read_tsc+0x10/0x10 [ 28.606628] ? ktime_get_ts64+0x86/0x230 [ 28.606654] kunit_try_run_case+0x1a5/0x480 [ 28.606681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.606704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.606731] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.606758] ? __kthread_parkme+0x82/0x180 [ 28.606780] ? preempt_count_sub+0x50/0x80 [ 28.606805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.606830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.606855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.606881] kthread+0x337/0x6f0 [ 28.606902] ? trace_preempt_on+0x20/0xc0 [ 28.606928] ? __pfx_kthread+0x10/0x10 [ 28.606962] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.606988] ? calculate_sigpending+0x7b/0xa0 [ 28.607013] ? __pfx_kthread+0x10/0x10 [ 28.607036] ret_from_fork+0x116/0x1d0 [ 28.607057] ? __pfx_kthread+0x10/0x10 [ 28.607079] ret_from_fork_asm+0x1a/0x30 [ 28.607112] </TASK> [ 28.607125] [ 28.614778] Allocated by task 314: [ 28.614927] kasan_save_stack+0x45/0x70 [ 28.615075] kasan_save_track+0x18/0x40 [ 28.615256] kasan_save_alloc_info+0x3b/0x50 [ 28.615645] __kasan_kmalloc+0xb7/0xc0 [ 28.615823] __kmalloc_cache_noprof+0x189/0x420 [ 28.615973] kasan_atomics+0x95/0x310 [ 28.616101] kunit_try_run_case+0x1a5/0x480 [ 28.616256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.616961] kthread+0x337/0x6f0 [ 28.617170] ret_from_fork+0x116/0x1d0 [ 28.617361] ret_from_fork_asm+0x1a/0x30 [ 28.617618] [ 28.617710] The buggy address belongs to the object at ffff888106118e00 [ 28.617710] which belongs to the cache kmalloc-64 of size 64 [ 28.618220] The buggy address is located 0 bytes to the right of [ 28.618220] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.618773] [ 28.618873] The buggy address belongs to the physical page: [ 28.619115] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.619487] flags: 0x200000000000000(node=0|zone=2) [ 28.619697] page_type: f5(slab) [ 28.619865] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.620175] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.620545] page dumped because: kasan: bad access detected [ 28.620758] [ 28.620824] Memory state around the buggy address: [ 28.620976] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.621201] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.621417] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.621630] ^ [ 28.621785] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.622094] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.622453] ================================================================== [ 28.972711] ================================================================== [ 28.973238] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 28.973719] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.974931] [ 28.975101] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.975178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.975204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.975228] Call Trace: [ 28.975252] <TASK> [ 28.975276] dump_stack_lvl+0x73/0xb0 [ 28.975311] print_report+0xd1/0x640 [ 28.975343] ? __virt_addr_valid+0x1db/0x2d0 [ 28.975370] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.975394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.975421] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.975445] kasan_report+0x141/0x180 [ 28.975469] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.975496] kasan_check_range+0x10c/0x1c0 [ 28.975521] __kasan_check_write+0x18/0x20 [ 28.975546] kasan_atomics_helper+0x1eaa/0x5450 [ 28.975571] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.975594] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.975626] ? kasan_atomics+0x152/0x310 [ 28.975654] kasan_atomics+0x1dc/0x310 [ 28.975677] ? __pfx_kasan_atomics+0x10/0x10 [ 28.975703] ? __pfx_read_tsc+0x10/0x10 [ 28.975728] ? ktime_get_ts64+0x86/0x230 [ 28.975754] kunit_try_run_case+0x1a5/0x480 [ 28.975781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.975805] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.975832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.975859] ? __kthread_parkme+0x82/0x180 [ 28.975882] ? preempt_count_sub+0x50/0x80 [ 28.975912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.975956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.975981] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.976006] kthread+0x337/0x6f0 [ 28.976028] ? trace_preempt_on+0x20/0xc0 [ 28.976054] ? __pfx_kthread+0x10/0x10 [ 28.976076] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.976100] ? calculate_sigpending+0x7b/0xa0 [ 28.976126] ? __pfx_kthread+0x10/0x10 [ 28.976160] ret_from_fork+0x116/0x1d0 [ 28.976182] ? __pfx_kthread+0x10/0x10 [ 28.976205] ret_from_fork_asm+0x1a/0x30 [ 28.976238] </TASK> [ 28.976251] [ 28.983154] Allocated by task 314: [ 28.983341] kasan_save_stack+0x45/0x70 [ 28.983544] kasan_save_track+0x18/0x40 [ 28.983710] kasan_save_alloc_info+0x3b/0x50 [ 28.983891] __kasan_kmalloc+0xb7/0xc0 [ 28.984124] __kmalloc_cache_noprof+0x189/0x420 [ 28.984339] kasan_atomics+0x95/0x310 [ 28.984470] kunit_try_run_case+0x1a5/0x480 [ 28.984674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.984884] kthread+0x337/0x6f0 [ 28.985174] ret_from_fork+0x116/0x1d0 [ 28.985321] ret_from_fork_asm+0x1a/0x30 [ 28.985498] [ 28.985593] The buggy address belongs to the object at ffff888106118e00 [ 28.985593] which belongs to the cache kmalloc-64 of size 64 [ 28.986073] The buggy address is located 0 bytes to the right of [ 28.986073] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.986561] [ 28.986657] The buggy address belongs to the physical page: [ 28.986851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.987332] flags: 0x200000000000000(node=0|zone=2) [ 28.987521] page_type: f5(slab) [ 28.987695] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.988012] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.988324] page dumped because: kasan: bad access detected [ 28.988545] [ 28.988634] Memory state around the buggy address: [ 28.988831] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.989159] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.989400] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.989612] ^ [ 28.989767] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.990003] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.990370] ================================================================== [ 28.455790] ================================================================== [ 28.456349] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 28.456730] Read of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.457207] [ 28.457301] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.457352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.457366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.457435] Call Trace: [ 28.457459] <TASK> [ 28.457479] dump_stack_lvl+0x73/0xb0 [ 28.457510] print_report+0xd1/0x640 [ 28.457535] ? __virt_addr_valid+0x1db/0x2d0 [ 28.457561] ? kasan_atomics_helper+0x49e8/0x5450 [ 28.457585] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.457612] ? kasan_atomics_helper+0x49e8/0x5450 [ 28.457634] kasan_report+0x141/0x180 [ 28.457658] ? kasan_atomics_helper+0x49e8/0x5450 [ 28.457685] __asan_report_load4_noabort+0x18/0x20 [ 28.457711] kasan_atomics_helper+0x49e8/0x5450 [ 28.457735] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.457759] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.457785] ? kasan_atomics+0x152/0x310 [ 28.457812] kasan_atomics+0x1dc/0x310 [ 28.457836] ? __pfx_kasan_atomics+0x10/0x10 [ 28.457861] ? __pfx_read_tsc+0x10/0x10 [ 28.457884] ? ktime_get_ts64+0x86/0x230 [ 28.457910] kunit_try_run_case+0x1a5/0x480 [ 28.457937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.457971] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.457998] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.458024] ? __kthread_parkme+0x82/0x180 [ 28.458045] ? preempt_count_sub+0x50/0x80 [ 28.458071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.458097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.458121] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.458158] kthread+0x337/0x6f0 [ 28.458181] ? trace_preempt_on+0x20/0xc0 [ 28.458206] ? __pfx_kthread+0x10/0x10 [ 28.458228] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.458253] ? calculate_sigpending+0x7b/0xa0 [ 28.458280] ? __pfx_kthread+0x10/0x10 [ 28.458302] ret_from_fork+0x116/0x1d0 [ 28.458323] ? __pfx_kthread+0x10/0x10 [ 28.458345] ret_from_fork_asm+0x1a/0x30 [ 28.458379] </TASK> [ 28.458391] [ 28.466012] Allocated by task 314: [ 28.466563] kasan_save_stack+0x45/0x70 [ 28.466722] kasan_save_track+0x18/0x40 [ 28.466858] kasan_save_alloc_info+0x3b/0x50 [ 28.467215] __kasan_kmalloc+0xb7/0xc0 [ 28.467452] __kmalloc_cache_noprof+0x189/0x420 [ 28.467689] kasan_atomics+0x95/0x310 [ 28.467880] kunit_try_run_case+0x1a5/0x480 [ 28.468071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.468297] kthread+0x337/0x6f0 [ 28.468508] ret_from_fork+0x116/0x1d0 [ 28.468646] ret_from_fork_asm+0x1a/0x30 [ 28.468843] [ 28.468936] The buggy address belongs to the object at ffff888106118e00 [ 28.468936] which belongs to the cache kmalloc-64 of size 64 [ 28.469493] The buggy address is located 0 bytes to the right of [ 28.469493] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.469873] [ 28.469942] The buggy address belongs to the physical page: [ 28.470121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.470373] flags: 0x200000000000000(node=0|zone=2) [ 28.470533] page_type: f5(slab) [ 28.470654] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.470885] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.471161] page dumped because: kasan: bad access detected [ 28.471451] [ 28.471542] Memory state around the buggy address: [ 28.471770] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.472568] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.473386] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.473709] ^ [ 28.473919] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.474174] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.474426] ================================================================== [ 28.726556] ================================================================== [ 28.726912] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 28.727285] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.727662] [ 28.727809] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.727861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.727874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.727899] Call Trace: [ 28.727939] <TASK> [ 28.727961] dump_stack_lvl+0x73/0xb0 [ 28.727992] print_report+0xd1/0x640 [ 28.728017] ? __virt_addr_valid+0x1db/0x2d0 [ 28.728045] ? kasan_atomics_helper+0x177f/0x5450 [ 28.728068] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.728095] ? kasan_atomics_helper+0x177f/0x5450 [ 28.728118] kasan_report+0x141/0x180 [ 28.728156] ? kasan_atomics_helper+0x177f/0x5450 [ 28.728185] kasan_check_range+0x10c/0x1c0 [ 28.728211] __kasan_check_write+0x18/0x20 [ 28.728236] kasan_atomics_helper+0x177f/0x5450 [ 28.728260] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.728283] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.728310] ? kasan_atomics+0x152/0x310 [ 28.728337] kasan_atomics+0x1dc/0x310 [ 28.728378] ? __pfx_kasan_atomics+0x10/0x10 [ 28.728405] ? __pfx_read_tsc+0x10/0x10 [ 28.728430] ? ktime_get_ts64+0x86/0x230 [ 28.728456] kunit_try_run_case+0x1a5/0x480 [ 28.728484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.728508] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.728535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.728562] ? __kthread_parkme+0x82/0x180 [ 28.728583] ? preempt_count_sub+0x50/0x80 [ 28.728619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.728647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.728672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.728710] kthread+0x337/0x6f0 [ 28.728732] ? trace_preempt_on+0x20/0xc0 [ 28.728760] ? __pfx_kthread+0x10/0x10 [ 28.728782] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.728808] ? calculate_sigpending+0x7b/0xa0 [ 28.728836] ? __pfx_kthread+0x10/0x10 [ 28.728859] ret_from_fork+0x116/0x1d0 [ 28.728882] ? __pfx_kthread+0x10/0x10 [ 28.728904] ret_from_fork_asm+0x1a/0x30 [ 28.728952] </TASK> [ 28.728964] [ 28.737209] Allocated by task 314: [ 28.737427] kasan_save_stack+0x45/0x70 [ 28.737650] kasan_save_track+0x18/0x40 [ 28.737865] kasan_save_alloc_info+0x3b/0x50 [ 28.738073] __kasan_kmalloc+0xb7/0xc0 [ 28.738274] __kmalloc_cache_noprof+0x189/0x420 [ 28.738575] kasan_atomics+0x95/0x310 [ 28.738708] kunit_try_run_case+0x1a5/0x480 [ 28.738967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.739249] kthread+0x337/0x6f0 [ 28.739452] ret_from_fork+0x116/0x1d0 [ 28.739613] ret_from_fork_asm+0x1a/0x30 [ 28.739815] [ 28.739888] The buggy address belongs to the object at ffff888106118e00 [ 28.739888] which belongs to the cache kmalloc-64 of size 64 [ 28.740351] The buggy address is located 0 bytes to the right of [ 28.740351] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.740988] [ 28.741162] The buggy address belongs to the physical page: [ 28.741490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.741817] flags: 0x200000000000000(node=0|zone=2) [ 28.742066] page_type: f5(slab) [ 28.742218] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.742625] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.742865] page dumped because: kasan: bad access detected [ 28.743073] [ 28.743172] Memory state around the buggy address: [ 28.743430] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.743773] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.744096] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.744663] ^ [ 28.745002] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.745232] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.745536] ================================================================== [ 28.330089] ================================================================== [ 28.330427] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 28.331021] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.331482] [ 28.331574] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.331631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.331646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.331669] Call Trace: [ 28.331691] <TASK> [ 28.331710] dump_stack_lvl+0x73/0xb0 [ 28.331740] print_report+0xd1/0x640 [ 28.331765] ? __virt_addr_valid+0x1db/0x2d0 [ 28.331792] ? kasan_atomics_helper+0x1079/0x5450 [ 28.331815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.331842] ? kasan_atomics_helper+0x1079/0x5450 [ 28.331866] kasan_report+0x141/0x180 [ 28.331890] ? kasan_atomics_helper+0x1079/0x5450 [ 28.331918] kasan_check_range+0x10c/0x1c0 [ 28.331957] __kasan_check_write+0x18/0x20 [ 28.331982] kasan_atomics_helper+0x1079/0x5450 [ 28.332007] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.332029] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.332056] ? kasan_atomics+0x152/0x310 [ 28.332083] kasan_atomics+0x1dc/0x310 [ 28.332108] ? __pfx_kasan_atomics+0x10/0x10 [ 28.332132] ? __pfx_read_tsc+0x10/0x10 [ 28.332168] ? ktime_get_ts64+0x86/0x230 [ 28.332195] kunit_try_run_case+0x1a5/0x480 [ 28.332222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.332247] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.332274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.332301] ? __kthread_parkme+0x82/0x180 [ 28.332323] ? preempt_count_sub+0x50/0x80 [ 28.332348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.332413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.332441] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.332467] kthread+0x337/0x6f0 [ 28.332488] ? trace_preempt_on+0x20/0xc0 [ 28.332513] ? __pfx_kthread+0x10/0x10 [ 28.332536] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.332561] ? calculate_sigpending+0x7b/0xa0 [ 28.332587] ? __pfx_kthread+0x10/0x10 [ 28.332610] ret_from_fork+0x116/0x1d0 [ 28.332633] ? __pfx_kthread+0x10/0x10 [ 28.332655] ret_from_fork_asm+0x1a/0x30 [ 28.332689] </TASK> [ 28.332701] [ 28.340938] Allocated by task 314: [ 28.341138] kasan_save_stack+0x45/0x70 [ 28.341337] kasan_save_track+0x18/0x40 [ 28.341617] kasan_save_alloc_info+0x3b/0x50 [ 28.341831] __kasan_kmalloc+0xb7/0xc0 [ 28.342056] __kmalloc_cache_noprof+0x189/0x420 [ 28.342286] kasan_atomics+0x95/0x310 [ 28.342413] kunit_try_run_case+0x1a5/0x480 [ 28.342551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.342717] kthread+0x337/0x6f0 [ 28.342833] ret_from_fork+0x116/0x1d0 [ 28.342958] ret_from_fork_asm+0x1a/0x30 [ 28.343091] [ 28.343165] The buggy address belongs to the object at ffff888106118e00 [ 28.343165] which belongs to the cache kmalloc-64 of size 64 [ 28.343505] The buggy address is located 0 bytes to the right of [ 28.343505] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.343859] [ 28.343926] The buggy address belongs to the physical page: [ 28.344171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.344513] flags: 0x200000000000000(node=0|zone=2) [ 28.344737] page_type: f5(slab) [ 28.344897] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.345303] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.345641] page dumped because: kasan: bad access detected [ 28.345882] [ 28.345991] Memory state around the buggy address: [ 28.346221] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.346525] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.346729] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.346933] ^ [ 28.347606] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.347950] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.348283] ================================================================== [ 28.474947] ================================================================== [ 28.475295] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 28.475678] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.475911] [ 28.476071] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.476122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.476135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.476170] Call Trace: [ 28.476193] <TASK> [ 28.476214] dump_stack_lvl+0x73/0xb0 [ 28.476245] print_report+0xd1/0x640 [ 28.476269] ? __virt_addr_valid+0x1db/0x2d0 [ 28.476296] ? kasan_atomics_helper+0x12e6/0x5450 [ 28.476319] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.476346] ? kasan_atomics_helper+0x12e6/0x5450 [ 28.476382] kasan_report+0x141/0x180 [ 28.476406] ? kasan_atomics_helper+0x12e6/0x5450 [ 28.476433] kasan_check_range+0x10c/0x1c0 [ 28.476458] __kasan_check_write+0x18/0x20 [ 28.476482] kasan_atomics_helper+0x12e6/0x5450 [ 28.476508] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.476531] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.476557] ? kasan_atomics+0x152/0x310 [ 28.476586] kasan_atomics+0x1dc/0x310 [ 28.476609] ? __pfx_kasan_atomics+0x10/0x10 [ 28.476634] ? __pfx_read_tsc+0x10/0x10 [ 28.476657] ? ktime_get_ts64+0x86/0x230 [ 28.476684] kunit_try_run_case+0x1a5/0x480 [ 28.476710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.476734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.476761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.476787] ? __kthread_parkme+0x82/0x180 [ 28.476809] ? preempt_count_sub+0x50/0x80 [ 28.476834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.476859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.476884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.476909] kthread+0x337/0x6f0 [ 28.476930] ? trace_preempt_on+0x20/0xc0 [ 28.476971] ? __pfx_kthread+0x10/0x10 [ 28.476992] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.477018] ? calculate_sigpending+0x7b/0xa0 [ 28.477043] ? __pfx_kthread+0x10/0x10 [ 28.477065] ret_from_fork+0x116/0x1d0 [ 28.477087] ? __pfx_kthread+0x10/0x10 [ 28.477109] ret_from_fork_asm+0x1a/0x30 [ 28.477150] </TASK> [ 28.477164] [ 28.485453] Allocated by task 314: [ 28.485662] kasan_save_stack+0x45/0x70 [ 28.485873] kasan_save_track+0x18/0x40 [ 28.486241] kasan_save_alloc_info+0x3b/0x50 [ 28.486572] __kasan_kmalloc+0xb7/0xc0 [ 28.486730] __kmalloc_cache_noprof+0x189/0x420 [ 28.486930] kasan_atomics+0x95/0x310 [ 28.487097] kunit_try_run_case+0x1a5/0x480 [ 28.487272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.487782] kthread+0x337/0x6f0 [ 28.487971] ret_from_fork+0x116/0x1d0 [ 28.488125] ret_from_fork_asm+0x1a/0x30 [ 28.488330] [ 28.489799] The buggy address belongs to the object at ffff888106118e00 [ 28.489799] which belongs to the cache kmalloc-64 of size 64 [ 28.490265] The buggy address is located 0 bytes to the right of [ 28.490265] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.491894] [ 28.492023] The buggy address belongs to the physical page: [ 28.492216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.492944] flags: 0x200000000000000(node=0|zone=2) [ 28.493291] page_type: f5(slab) [ 28.493464] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.494229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.494732] page dumped because: kasan: bad access detected [ 28.495306] [ 28.495627] Memory state around the buggy address: [ 28.495853] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.496350] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.496668] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.497157] ^ [ 28.497690] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.498193] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.498667] ================================================================== [ 28.544107] ================================================================== [ 28.544821] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 28.545951] Read of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.546425] [ 28.546525] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.546578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.546593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.546616] Call Trace: [ 28.546638] <TASK> [ 28.546659] dump_stack_lvl+0x73/0xb0 [ 28.546691] print_report+0xd1/0x640 [ 28.546716] ? __virt_addr_valid+0x1db/0x2d0 [ 28.546742] ? kasan_atomics_helper+0x4eae/0x5450 [ 28.546764] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.546791] ? kasan_atomics_helper+0x4eae/0x5450 [ 28.546814] kasan_report+0x141/0x180 [ 28.546837] ? kasan_atomics_helper+0x4eae/0x5450 [ 28.546864] __asan_report_load8_noabort+0x18/0x20 [ 28.546889] kasan_atomics_helper+0x4eae/0x5450 [ 28.546913] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.546936] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.546963] ? kasan_atomics+0x152/0x310 [ 28.546989] kasan_atomics+0x1dc/0x310 [ 28.547013] ? __pfx_kasan_atomics+0x10/0x10 [ 28.547038] ? __pfx_read_tsc+0x10/0x10 [ 28.547061] ? ktime_get_ts64+0x86/0x230 [ 28.547086] kunit_try_run_case+0x1a5/0x480 [ 28.547113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.547136] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.547175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.547202] ? __kthread_parkme+0x82/0x180 [ 28.547224] ? preempt_count_sub+0x50/0x80 [ 28.547248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.547273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.547298] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.547521] kthread+0x337/0x6f0 [ 28.547556] ? trace_preempt_on+0x20/0xc0 [ 28.547583] ? __pfx_kthread+0x10/0x10 [ 28.547605] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.547638] ? calculate_sigpending+0x7b/0xa0 [ 28.547664] ? __pfx_kthread+0x10/0x10 [ 28.547687] ret_from_fork+0x116/0x1d0 [ 28.547708] ? __pfx_kthread+0x10/0x10 [ 28.547731] ret_from_fork_asm+0x1a/0x30 [ 28.547766] </TASK> [ 28.547779] [ 28.564237] Allocated by task 314: [ 28.564706] kasan_save_stack+0x45/0x70 [ 28.565262] kasan_save_track+0x18/0x40 [ 28.565750] kasan_save_alloc_info+0x3b/0x50 [ 28.566141] __kasan_kmalloc+0xb7/0xc0 [ 28.566516] __kmalloc_cache_noprof+0x189/0x420 [ 28.566679] kasan_atomics+0x95/0x310 [ 28.566810] kunit_try_run_case+0x1a5/0x480 [ 28.566967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.567532] kthread+0x337/0x6f0 [ 28.567969] ret_from_fork+0x116/0x1d0 [ 28.568430] ret_from_fork_asm+0x1a/0x30 [ 28.568883] [ 28.569084] The buggy address belongs to the object at ffff888106118e00 [ 28.569084] which belongs to the cache kmalloc-64 of size 64 [ 28.570530] The buggy address is located 0 bytes to the right of [ 28.570530] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.570903] [ 28.570993] The buggy address belongs to the physical page: [ 28.571206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.571870] flags: 0x200000000000000(node=0|zone=2) [ 28.572168] page_type: f5(slab) [ 28.572315] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.572629] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.573108] page dumped because: kasan: bad access detected [ 28.573292] [ 28.573404] Memory state around the buggy address: [ 28.573695] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.574256] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.574674] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.575019] ^ [ 28.575249] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.575544] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.576138] ================================================================== [ 27.797479] ================================================================== [ 27.798883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 27.799585] Read of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.800379] [ 27.800650] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.800717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.800733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.800759] Call Trace: [ 27.800781] <TASK> [ 27.800803] dump_stack_lvl+0x73/0xb0 [ 27.800837] print_report+0xd1/0x640 [ 27.800862] ? __virt_addr_valid+0x1db/0x2d0 [ 27.800888] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.800910] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.800938] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.801090] kasan_report+0x141/0x180 [ 27.801117] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.801200] __asan_report_load4_noabort+0x18/0x20 [ 27.801227] kasan_atomics_helper+0x4b54/0x5450 [ 27.801251] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.801274] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.801301] ? kasan_atomics+0x152/0x310 [ 27.801328] kasan_atomics+0x1dc/0x310 [ 27.801352] ? __pfx_kasan_atomics+0x10/0x10 [ 27.801387] ? __pfx_read_tsc+0x10/0x10 [ 27.801413] ? ktime_get_ts64+0x86/0x230 [ 27.801439] kunit_try_run_case+0x1a5/0x480 [ 27.801466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.801493] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.801522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.801547] ? __kthread_parkme+0x82/0x180 [ 27.801570] ? preempt_count_sub+0x50/0x80 [ 27.801594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.801618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.801643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.801667] kthread+0x337/0x6f0 [ 27.801689] ? trace_preempt_on+0x20/0xc0 [ 27.801715] ? __pfx_kthread+0x10/0x10 [ 27.801737] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.801762] ? calculate_sigpending+0x7b/0xa0 [ 27.801788] ? __pfx_kthread+0x10/0x10 [ 27.801811] ret_from_fork+0x116/0x1d0 [ 27.801832] ? __pfx_kthread+0x10/0x10 [ 27.801854] ret_from_fork_asm+0x1a/0x30 [ 27.801887] </TASK> [ 27.801900] [ 27.818818] Allocated by task 314: [ 27.819137] kasan_save_stack+0x45/0x70 [ 27.819460] kasan_save_track+0x18/0x40 [ 27.819898] kasan_save_alloc_info+0x3b/0x50 [ 27.820362] __kasan_kmalloc+0xb7/0xc0 [ 27.820679] __kmalloc_cache_noprof+0x189/0x420 [ 27.821151] kasan_atomics+0x95/0x310 [ 27.821362] kunit_try_run_case+0x1a5/0x480 [ 27.821777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.821963] kthread+0x337/0x6f0 [ 27.822293] ret_from_fork+0x116/0x1d0 [ 27.822712] ret_from_fork_asm+0x1a/0x30 [ 27.823156] [ 27.823324] The buggy address belongs to the object at ffff888106118e00 [ 27.823324] which belongs to the cache kmalloc-64 of size 64 [ 27.824068] The buggy address is located 0 bytes to the right of [ 27.824068] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 27.824455] [ 27.824667] The buggy address belongs to the physical page: [ 27.825233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 27.826062] flags: 0x200000000000000(node=0|zone=2) [ 27.826565] page_type: f5(slab) [ 27.826935] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.827709] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.827937] page dumped because: kasan: bad access detected [ 27.828106] [ 27.828183] Memory state around the buggy address: [ 27.828337] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.828560] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.829176] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.829929] ^ [ 27.830406] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.831085] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.831786] ================================================================== [ 27.773381] ================================================================== [ 27.773611] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 27.773835] Read of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.774053] [ 27.774135] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.774195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.774210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.774233] Call Trace: [ 27.774252] <TASK> [ 27.774269] dump_stack_lvl+0x73/0xb0 [ 27.774560] print_report+0xd1/0x640 [ 27.774585] ? __virt_addr_valid+0x1db/0x2d0 [ 27.774611] ? kasan_atomics_helper+0x3df/0x5450 [ 27.774634] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.774662] ? kasan_atomics_helper+0x3df/0x5450 [ 27.774685] kasan_report+0x141/0x180 [ 27.774711] ? kasan_atomics_helper+0x3df/0x5450 [ 27.774738] kasan_check_range+0x10c/0x1c0 [ 27.774764] __kasan_check_read+0x15/0x20 [ 27.774788] kasan_atomics_helper+0x3df/0x5450 [ 27.774813] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.774835] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.774862] ? kasan_atomics+0x152/0x310 [ 27.774889] kasan_atomics+0x1dc/0x310 [ 27.774914] ? __pfx_kasan_atomics+0x10/0x10 [ 27.774939] ? __pfx_read_tsc+0x10/0x10 [ 27.774963] ? ktime_get_ts64+0x86/0x230 [ 27.774990] kunit_try_run_case+0x1a5/0x480 [ 27.775016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.775040] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.775067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.775095] ? __kthread_parkme+0x82/0x180 [ 27.775116] ? preempt_count_sub+0x50/0x80 [ 27.775141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.775180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.775206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.775232] kthread+0x337/0x6f0 [ 27.775254] ? trace_preempt_on+0x20/0xc0 [ 27.775280] ? __pfx_kthread+0x10/0x10 [ 27.775302] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.775328] ? calculate_sigpending+0x7b/0xa0 [ 27.775353] ? __pfx_kthread+0x10/0x10 [ 27.775376] ret_from_fork+0x116/0x1d0 [ 27.775397] ? __pfx_kthread+0x10/0x10 [ 27.775474] ret_from_fork_asm+0x1a/0x30 [ 27.775508] </TASK> [ 27.775521] [ 27.783761] Allocated by task 314: [ 27.783900] kasan_save_stack+0x45/0x70 [ 27.784223] kasan_save_track+0x18/0x40 [ 27.784415] kasan_save_alloc_info+0x3b/0x50 [ 27.784599] __kasan_kmalloc+0xb7/0xc0 [ 27.784739] __kmalloc_cache_noprof+0x189/0x420 [ 27.784894] kasan_atomics+0x95/0x310 [ 27.785026] kunit_try_run_case+0x1a5/0x480 [ 27.785254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.785747] kthread+0x337/0x6f0 [ 27.785951] ret_from_fork+0x116/0x1d0 [ 27.786156] ret_from_fork_asm+0x1a/0x30 [ 27.786354] [ 27.786510] The buggy address belongs to the object at ffff888106118e00 [ 27.786510] which belongs to the cache kmalloc-64 of size 64 [ 27.787043] The buggy address is located 0 bytes to the right of [ 27.787043] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 27.787554] [ 27.787633] The buggy address belongs to the physical page: [ 27.787810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 27.788122] flags: 0x200000000000000(node=0|zone=2) [ 27.788384] page_type: f5(slab) [ 27.788552] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.788889] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.789113] page dumped because: kasan: bad access detected [ 27.790279] [ 27.790476] Memory state around the buggy address: [ 27.790751] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.793026] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.794049] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.794761] ^ [ 27.794933] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.795434] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.796319] ================================================================== [ 27.897213] ================================================================== [ 27.898128] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 27.899109] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.899602] [ 27.899933] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.900000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.900017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.900049] Call Trace: [ 27.900071] <TASK> [ 27.900093] dump_stack_lvl+0x73/0xb0 [ 27.900128] print_report+0xd1/0x640 [ 27.900166] ? __virt_addr_valid+0x1db/0x2d0 [ 27.900195] ? kasan_atomics_helper+0x565/0x5450 [ 27.900222] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.900254] ? kasan_atomics_helper+0x565/0x5450 [ 27.900280] kasan_report+0x141/0x180 [ 27.900306] ? kasan_atomics_helper+0x565/0x5450 [ 27.900337] kasan_check_range+0x10c/0x1c0 [ 27.900365] __kasan_check_write+0x18/0x20 [ 27.900541] kasan_atomics_helper+0x565/0x5450 [ 27.900570] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.900598] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.900628] ? kasan_atomics+0x152/0x310 [ 27.900658] kasan_atomics+0x1dc/0x310 [ 27.900683] ? __pfx_kasan_atomics+0x10/0x10 [ 27.900711] ? __pfx_read_tsc+0x10/0x10 [ 27.900738] ? ktime_get_ts64+0x86/0x230 [ 27.900767] kunit_try_run_case+0x1a5/0x480 [ 27.900797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.900827] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.900857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.900887] ? __kthread_parkme+0x82/0x180 [ 27.900911] ? preempt_count_sub+0x50/0x80 [ 27.900938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.900967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.900997] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.901026] kthread+0x337/0x6f0 [ 27.901050] ? trace_preempt_on+0x20/0xc0 [ 27.901079] ? __pfx_kthread+0x10/0x10 [ 27.901103] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.901131] ? calculate_sigpending+0x7b/0xa0 [ 27.901171] ? __pfx_kthread+0x10/0x10 [ 27.901196] ret_from_fork+0x116/0x1d0 [ 27.901220] ? __pfx_kthread+0x10/0x10 [ 27.901245] ret_from_fork_asm+0x1a/0x30 [ 27.901280] </TASK> [ 27.901293] [ 27.913946] Allocated by task 314: [ 27.914336] kasan_save_stack+0x45/0x70 [ 27.914673] kasan_save_track+0x18/0x40 [ 27.914853] kasan_save_alloc_info+0x3b/0x50 [ 27.915242] __kasan_kmalloc+0xb7/0xc0 [ 27.915452] __kmalloc_cache_noprof+0x189/0x420 [ 27.915727] kasan_atomics+0x95/0x310 [ 27.915979] kunit_try_run_case+0x1a5/0x480 [ 27.916187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.916593] kthread+0x337/0x6f0 [ 27.916760] ret_from_fork+0x116/0x1d0 [ 27.917159] ret_from_fork_asm+0x1a/0x30 [ 27.917333] [ 27.917408] The buggy address belongs to the object at ffff888106118e00 [ 27.917408] which belongs to the cache kmalloc-64 of size 64 [ 27.918285] The buggy address is located 0 bytes to the right of [ 27.918285] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 27.919177] [ 27.919273] The buggy address belongs to the physical page: [ 27.919690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 27.920108] flags: 0x200000000000000(node=0|zone=2) [ 27.920421] page_type: f5(slab) [ 27.920625] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.920984] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.921389] page dumped because: kasan: bad access detected [ 27.921778] [ 27.921879] Memory state around the buggy address: [ 27.922136] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.922577] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.922996] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.923301] ^ [ 27.923601] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.924024] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.924345] ================================================================== [ 28.070662] ================================================================== [ 28.070928] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 28.071258] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.071504] [ 28.071978] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.072034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.072048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.072073] Call Trace: [ 28.072094] <TASK> [ 28.072191] dump_stack_lvl+0x73/0xb0 [ 28.072281] print_report+0xd1/0x640 [ 28.072306] ? __virt_addr_valid+0x1db/0x2d0 [ 28.072332] ? kasan_atomics_helper+0x992/0x5450 [ 28.072411] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.072440] ? kasan_atomics_helper+0x992/0x5450 [ 28.072463] kasan_report+0x141/0x180 [ 28.072488] ? kasan_atomics_helper+0x992/0x5450 [ 28.072515] kasan_check_range+0x10c/0x1c0 [ 28.072540] __kasan_check_write+0x18/0x20 [ 28.072565] kasan_atomics_helper+0x992/0x5450 [ 28.072588] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.072611] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.072636] ? kasan_atomics+0x152/0x310 [ 28.072662] kasan_atomics+0x1dc/0x310 [ 28.072686] ? __pfx_kasan_atomics+0x10/0x10 [ 28.072712] ? __pfx_read_tsc+0x10/0x10 [ 28.072735] ? ktime_get_ts64+0x86/0x230 [ 28.072762] kunit_try_run_case+0x1a5/0x480 [ 28.072787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.072811] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.072839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.072865] ? __kthread_parkme+0x82/0x180 [ 28.072886] ? preempt_count_sub+0x50/0x80 [ 28.072911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.072937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.072962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.072988] kthread+0x337/0x6f0 [ 28.073011] ? trace_preempt_on+0x20/0xc0 [ 28.073036] ? __pfx_kthread+0x10/0x10 [ 28.073059] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.073084] ? calculate_sigpending+0x7b/0xa0 [ 28.073110] ? __pfx_kthread+0x10/0x10 [ 28.073133] ret_from_fork+0x116/0x1d0 [ 28.073165] ? __pfx_kthread+0x10/0x10 [ 28.073188] ret_from_fork_asm+0x1a/0x30 [ 28.073221] </TASK> [ 28.073234] [ 28.083132] Allocated by task 314: [ 28.083653] kasan_save_stack+0x45/0x70 [ 28.083964] kasan_save_track+0x18/0x40 [ 28.084234] kasan_save_alloc_info+0x3b/0x50 [ 28.084399] __kasan_kmalloc+0xb7/0xc0 [ 28.084550] __kmalloc_cache_noprof+0x189/0x420 [ 28.085125] kasan_atomics+0x95/0x310 [ 28.085313] kunit_try_run_case+0x1a5/0x480 [ 28.085515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.085999] kthread+0x337/0x6f0 [ 28.086134] ret_from_fork+0x116/0x1d0 [ 28.086346] ret_from_fork_asm+0x1a/0x30 [ 28.086571] [ 28.086768] The buggy address belongs to the object at ffff888106118e00 [ 28.086768] which belongs to the cache kmalloc-64 of size 64 [ 28.087425] The buggy address is located 0 bytes to the right of [ 28.087425] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.088190] [ 28.088354] The buggy address belongs to the physical page: [ 28.088619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.088920] flags: 0x200000000000000(node=0|zone=2) [ 28.089319] page_type: f5(slab) [ 28.089539] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.090048] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.090448] page dumped because: kasan: bad access detected [ 28.090815] [ 28.090956] Memory state around the buggy address: [ 28.091126] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.091658] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.091905] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.092300] ^ [ 28.092796] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.093081] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.093604] ================================================================== [ 29.092707] ================================================================== [ 29.093865] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 29.094353] Read of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 29.094657] [ 29.094774] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 29.094829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.094843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.094868] Call Trace: [ 29.094889] <TASK> [ 29.094910] dump_stack_lvl+0x73/0xb0 [ 29.094955] print_report+0xd1/0x640 [ 29.095004] ? __virt_addr_valid+0x1db/0x2d0 [ 29.095030] ? kasan_atomics_helper+0x4fb2/0x5450 [ 29.095054] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.095081] ? kasan_atomics_helper+0x4fb2/0x5450 [ 29.095122] kasan_report+0x141/0x180 [ 29.095157] ? kasan_atomics_helper+0x4fb2/0x5450 [ 29.095186] __asan_report_load8_noabort+0x18/0x20 [ 29.095212] kasan_atomics_helper+0x4fb2/0x5450 [ 29.095237] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.095261] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.095286] ? kasan_atomics+0x152/0x310 [ 29.095314] kasan_atomics+0x1dc/0x310 [ 29.095338] ? __pfx_kasan_atomics+0x10/0x10 [ 29.095364] ? __pfx_read_tsc+0x10/0x10 [ 29.095388] ? ktime_get_ts64+0x86/0x230 [ 29.095414] kunit_try_run_case+0x1a5/0x480 [ 29.095441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.095465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.095514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.095542] ? __kthread_parkme+0x82/0x180 [ 29.095564] ? preempt_count_sub+0x50/0x80 [ 29.095589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.095615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.095644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.095670] kthread+0x337/0x6f0 [ 29.095712] ? trace_preempt_on+0x20/0xc0 [ 29.095739] ? __pfx_kthread+0x10/0x10 [ 29.095761] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.095787] ? calculate_sigpending+0x7b/0xa0 [ 29.095813] ? __pfx_kthread+0x10/0x10 [ 29.095836] ret_from_fork+0x116/0x1d0 [ 29.095857] ? __pfx_kthread+0x10/0x10 [ 29.095879] ret_from_fork_asm+0x1a/0x30 [ 29.095912] </TASK> [ 29.095926] [ 29.103016] Allocated by task 314: [ 29.103208] kasan_save_stack+0x45/0x70 [ 29.103430] kasan_save_track+0x18/0x40 [ 29.103648] kasan_save_alloc_info+0x3b/0x50 [ 29.103859] __kasan_kmalloc+0xb7/0xc0 [ 29.104031] __kmalloc_cache_noprof+0x189/0x420 [ 29.104246] kasan_atomics+0x95/0x310 [ 29.104439] kunit_try_run_case+0x1a5/0x480 [ 29.104590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.104859] kthread+0x337/0x6f0 [ 29.105057] ret_from_fork+0x116/0x1d0 [ 29.105203] ret_from_fork_asm+0x1a/0x30 [ 29.105417] [ 29.105510] The buggy address belongs to the object at ffff888106118e00 [ 29.105510] which belongs to the cache kmalloc-64 of size 64 [ 29.105896] The buggy address is located 0 bytes to the right of [ 29.105896] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 29.106277] [ 29.106346] The buggy address belongs to the physical page: [ 29.106599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 29.106977] flags: 0x200000000000000(node=0|zone=2) [ 29.107230] page_type: f5(slab) [ 29.107395] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.107729] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.108207] page dumped because: kasan: bad access detected [ 29.108390] [ 29.108455] Memory state around the buggy address: [ 29.108608] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.108838] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.109417] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.109718] ^ [ 29.109933] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.110209] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.110523] ================================================================== [ 27.754532] ================================================================== [ 27.754887] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 27.755559] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.755885] [ 27.755993] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.756042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.756055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.756078] Call Trace: [ 27.756097] <TASK> [ 27.756114] dump_stack_lvl+0x73/0xb0 [ 27.756157] print_report+0xd1/0x640 [ 27.756181] ? __virt_addr_valid+0x1db/0x2d0 [ 27.756207] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.756230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.756257] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.756280] kasan_report+0x141/0x180 [ 27.756303] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.756331] __asan_report_store4_noabort+0x1b/0x30 [ 27.756356] kasan_atomics_helper+0x4b6e/0x5450 [ 27.756426] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.756451] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.756478] ? kasan_atomics+0x152/0x310 [ 27.756505] kasan_atomics+0x1dc/0x310 [ 27.756529] ? __pfx_kasan_atomics+0x10/0x10 [ 27.756556] ? __pfx_read_tsc+0x10/0x10 [ 27.756579] ? ktime_get_ts64+0x86/0x230 [ 27.756605] kunit_try_run_case+0x1a5/0x480 [ 27.756631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.756655] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.756682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.756709] ? __kthread_parkme+0x82/0x180 [ 27.756731] ? preempt_count_sub+0x50/0x80 [ 27.756755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.756781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.756806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.756832] kthread+0x337/0x6f0 [ 27.756854] ? trace_preempt_on+0x20/0xc0 [ 27.756879] ? __pfx_kthread+0x10/0x10 [ 27.756901] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.756926] ? calculate_sigpending+0x7b/0xa0 [ 27.756961] ? __pfx_kthread+0x10/0x10 [ 27.756984] ret_from_fork+0x116/0x1d0 [ 27.757005] ? __pfx_kthread+0x10/0x10 [ 27.757027] ret_from_fork_asm+0x1a/0x30 [ 27.757059] </TASK> [ 27.757072] [ 27.765299] Allocated by task 314: [ 27.765533] kasan_save_stack+0x45/0x70 [ 27.765681] kasan_save_track+0x18/0x40 [ 27.765814] kasan_save_alloc_info+0x3b/0x50 [ 27.765959] __kasan_kmalloc+0xb7/0xc0 [ 27.766088] __kmalloc_cache_noprof+0x189/0x420 [ 27.766322] kasan_atomics+0x95/0x310 [ 27.766593] kunit_try_run_case+0x1a5/0x480 [ 27.766802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.767045] kthread+0x337/0x6f0 [ 27.767223] ret_from_fork+0x116/0x1d0 [ 27.767408] ret_from_fork_asm+0x1a/0x30 [ 27.767593] [ 27.767666] The buggy address belongs to the object at ffff888106118e00 [ 27.767666] which belongs to the cache kmalloc-64 of size 64 [ 27.768017] The buggy address is located 0 bytes to the right of [ 27.768017] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 27.769081] [ 27.769190] The buggy address belongs to the physical page: [ 27.769423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 27.769715] flags: 0x200000000000000(node=0|zone=2) [ 27.769938] page_type: f5(slab) [ 27.770102] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.770401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.770719] page dumped because: kasan: bad access detected [ 27.770925] [ 27.771028] Memory state around the buggy address: [ 27.771229] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.771523] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.771799] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.772088] ^ [ 27.772358] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.772648] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.772921] ================================================================== [ 28.786949] ================================================================== [ 28.787297] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 28.787927] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.788250] [ 28.788424] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.788476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.788490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.788513] Call Trace: [ 28.788535] <TASK> [ 28.788555] dump_stack_lvl+0x73/0xb0 [ 28.788586] print_report+0xd1/0x640 [ 28.788611] ? __virt_addr_valid+0x1db/0x2d0 [ 28.788638] ? kasan_atomics_helper+0x194a/0x5450 [ 28.788661] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.788688] ? kasan_atomics_helper+0x194a/0x5450 [ 28.788712] kasan_report+0x141/0x180 [ 28.788735] ? kasan_atomics_helper+0x194a/0x5450 [ 28.788762] kasan_check_range+0x10c/0x1c0 [ 28.788788] __kasan_check_write+0x18/0x20 [ 28.788813] kasan_atomics_helper+0x194a/0x5450 [ 28.788837] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.788860] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.788887] ? kasan_atomics+0x152/0x310 [ 28.788915] kasan_atomics+0x1dc/0x310 [ 28.788948] ? __pfx_kasan_atomics+0x10/0x10 [ 28.788974] ? __pfx_read_tsc+0x10/0x10 [ 28.788997] ? ktime_get_ts64+0x86/0x230 [ 28.789023] kunit_try_run_case+0x1a5/0x480 [ 28.789050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.789074] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.789102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.789128] ? __kthread_parkme+0x82/0x180 [ 28.789159] ? preempt_count_sub+0x50/0x80 [ 28.789184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.789210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.789235] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.789260] kthread+0x337/0x6f0 [ 28.789281] ? trace_preempt_on+0x20/0xc0 [ 28.789307] ? __pfx_kthread+0x10/0x10 [ 28.789329] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.789355] ? calculate_sigpending+0x7b/0xa0 [ 28.789380] ? __pfx_kthread+0x10/0x10 [ 28.789403] ret_from_fork+0x116/0x1d0 [ 28.789423] ? __pfx_kthread+0x10/0x10 [ 28.789445] ret_from_fork_asm+0x1a/0x30 [ 28.789478] </TASK> [ 28.789491] [ 28.797744] Allocated by task 314: [ 28.797939] kasan_save_stack+0x45/0x70 [ 28.798175] kasan_save_track+0x18/0x40 [ 28.798605] kasan_save_alloc_info+0x3b/0x50 [ 28.798809] __kasan_kmalloc+0xb7/0xc0 [ 28.799009] __kmalloc_cache_noprof+0x189/0x420 [ 28.799248] kasan_atomics+0x95/0x310 [ 28.799507] kunit_try_run_case+0x1a5/0x480 [ 28.799738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.800012] kthread+0x337/0x6f0 [ 28.800186] ret_from_fork+0x116/0x1d0 [ 28.800436] ret_from_fork_asm+0x1a/0x30 [ 28.800630] [ 28.800700] The buggy address belongs to the object at ffff888106118e00 [ 28.800700] which belongs to the cache kmalloc-64 of size 64 [ 28.801248] The buggy address is located 0 bytes to the right of [ 28.801248] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.801867] [ 28.801981] The buggy address belongs to the physical page: [ 28.802231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.802535] flags: 0x200000000000000(node=0|zone=2) [ 28.802702] page_type: f5(slab) [ 28.802825] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.803053] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.803386] page dumped because: kasan: bad access detected [ 28.803656] [ 28.803747] Memory state around the buggy address: [ 28.804341] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.804789] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.805189] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.805570] ^ [ 28.805828] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.806179] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.806528] ================================================================== [ 27.925048] ================================================================== [ 27.925372] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 27.925887] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.926167] [ 27.926283] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.926335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.926348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.926372] Call Trace: [ 27.926395] <TASK> [ 27.926561] dump_stack_lvl+0x73/0xb0 [ 27.926597] print_report+0xd1/0x640 [ 27.926623] ? __virt_addr_valid+0x1db/0x2d0 [ 27.926650] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.926672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.926700] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.926723] kasan_report+0x141/0x180 [ 27.926747] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.926774] kasan_check_range+0x10c/0x1c0 [ 27.926800] __kasan_check_write+0x18/0x20 [ 27.926824] kasan_atomics_helper+0x5fe/0x5450 [ 27.926849] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.926872] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.926898] ? kasan_atomics+0x152/0x310 [ 27.926925] kasan_atomics+0x1dc/0x310 [ 27.927084] ? __pfx_kasan_atomics+0x10/0x10 [ 27.927112] ? __pfx_read_tsc+0x10/0x10 [ 27.927137] ? ktime_get_ts64+0x86/0x230 [ 27.927176] kunit_try_run_case+0x1a5/0x480 [ 27.927204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.927318] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.927348] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.927392] ? __kthread_parkme+0x82/0x180 [ 27.927422] ? preempt_count_sub+0x50/0x80 [ 27.927448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.927473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.927499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.927524] kthread+0x337/0x6f0 [ 27.927547] ? trace_preempt_on+0x20/0xc0 [ 27.927573] ? __pfx_kthread+0x10/0x10 [ 27.927594] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.927633] ? calculate_sigpending+0x7b/0xa0 [ 27.927658] ? __pfx_kthread+0x10/0x10 [ 27.927681] ret_from_fork+0x116/0x1d0 [ 27.927703] ? __pfx_kthread+0x10/0x10 [ 27.927725] ret_from_fork_asm+0x1a/0x30 [ 27.927758] </TASK> [ 27.927771] [ 27.937795] Allocated by task 314: [ 27.937965] kasan_save_stack+0x45/0x70 [ 27.938392] kasan_save_track+0x18/0x40 [ 27.938589] kasan_save_alloc_info+0x3b/0x50 [ 27.938768] __kasan_kmalloc+0xb7/0xc0 [ 27.939082] __kmalloc_cache_noprof+0x189/0x420 [ 27.939291] kasan_atomics+0x95/0x310 [ 27.939584] kunit_try_run_case+0x1a5/0x480 [ 27.939811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.940182] kthread+0x337/0x6f0 [ 27.940358] ret_from_fork+0x116/0x1d0 [ 27.940661] ret_from_fork_asm+0x1a/0x30 [ 27.940983] [ 27.941071] The buggy address belongs to the object at ffff888106118e00 [ 27.941071] which belongs to the cache kmalloc-64 of size 64 [ 27.941690] The buggy address is located 0 bytes to the right of [ 27.941690] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 27.942162] [ 27.942258] The buggy address belongs to the physical page: [ 27.942786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 27.943289] flags: 0x200000000000000(node=0|zone=2) [ 27.943711] page_type: f5(slab) [ 27.943854] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.944244] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.944803] page dumped because: kasan: bad access detected [ 27.945004] [ 27.945098] Memory state around the buggy address: [ 27.945482] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.945861] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.946193] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.946694] ^ [ 27.946931] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.947252] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.947634] ================================================================== [ 28.263532] ================================================================== [ 28.263946] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 28.264366] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.264807] [ 28.264992] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.265042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.265092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.265116] Call Trace: [ 28.265133] <TASK> [ 28.265163] dump_stack_lvl+0x73/0xb0 [ 28.265193] print_report+0xd1/0x640 [ 28.265217] ? __virt_addr_valid+0x1db/0x2d0 [ 28.265274] ? kasan_atomics_helper+0xf10/0x5450 [ 28.265297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.265324] ? kasan_atomics_helper+0xf10/0x5450 [ 28.265345] kasan_report+0x141/0x180 [ 28.265369] ? kasan_atomics_helper+0xf10/0x5450 [ 28.265396] kasan_check_range+0x10c/0x1c0 [ 28.265468] __kasan_check_write+0x18/0x20 [ 28.265493] kasan_atomics_helper+0xf10/0x5450 [ 28.265517] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.265540] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.265567] ? kasan_atomics+0x152/0x310 [ 28.265593] kasan_atomics+0x1dc/0x310 [ 28.265617] ? __pfx_kasan_atomics+0x10/0x10 [ 28.265642] ? __pfx_read_tsc+0x10/0x10 [ 28.265697] ? ktime_get_ts64+0x86/0x230 [ 28.265724] kunit_try_run_case+0x1a5/0x480 [ 28.265774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.265797] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.265824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.265851] ? __kthread_parkme+0x82/0x180 [ 28.265874] ? preempt_count_sub+0x50/0x80 [ 28.265899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.265952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.265978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.266003] kthread+0x337/0x6f0 [ 28.266025] ? trace_preempt_on+0x20/0xc0 [ 28.266050] ? __pfx_kthread+0x10/0x10 [ 28.266071] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.266097] ? calculate_sigpending+0x7b/0xa0 [ 28.266163] ? __pfx_kthread+0x10/0x10 [ 28.266186] ret_from_fork+0x116/0x1d0 [ 28.266207] ? __pfx_kthread+0x10/0x10 [ 28.266229] ret_from_fork_asm+0x1a/0x30 [ 28.266262] </TASK> [ 28.266305] [ 28.274785] Allocated by task 314: [ 28.274924] kasan_save_stack+0x45/0x70 [ 28.275129] kasan_save_track+0x18/0x40 [ 28.275465] kasan_save_alloc_info+0x3b/0x50 [ 28.275693] __kasan_kmalloc+0xb7/0xc0 [ 28.275876] __kmalloc_cache_noprof+0x189/0x420 [ 28.276118] kasan_atomics+0x95/0x310 [ 28.276256] kunit_try_run_case+0x1a5/0x480 [ 28.276759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.277520] kthread+0x337/0x6f0 [ 28.277810] ret_from_fork+0x116/0x1d0 [ 28.277996] ret_from_fork_asm+0x1a/0x30 [ 28.278744] [ 28.278834] The buggy address belongs to the object at ffff888106118e00 [ 28.278834] which belongs to the cache kmalloc-64 of size 64 [ 28.279585] The buggy address is located 0 bytes to the right of [ 28.279585] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.282109] [ 28.282562] The buggy address belongs to the physical page: [ 28.282826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.284592] flags: 0x200000000000000(node=0|zone=2) [ 28.284853] page_type: f5(slab) [ 28.285062] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.285470] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.285714] page dumped because: kasan: bad access detected [ 28.285884] [ 28.285949] Memory state around the buggy address: [ 28.286103] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.287121] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.288021] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.288647] ^ [ 28.289181] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.289746] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.290206] ================================================================== [ 28.162104] ================================================================== [ 28.162492] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 28.162825] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.163181] [ 28.163267] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.163316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.163329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.163353] Call Trace: [ 28.163372] <TASK> [ 28.163390] dump_stack_lvl+0x73/0xb0 [ 28.163418] print_report+0xd1/0x640 [ 28.163441] ? __virt_addr_valid+0x1db/0x2d0 [ 28.163468] ? kasan_atomics_helper+0xc70/0x5450 [ 28.163490] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.163517] ? kasan_atomics_helper+0xc70/0x5450 [ 28.163540] kasan_report+0x141/0x180 [ 28.163564] ? kasan_atomics_helper+0xc70/0x5450 [ 28.163591] kasan_check_range+0x10c/0x1c0 [ 28.163649] __kasan_check_write+0x18/0x20 [ 28.163675] kasan_atomics_helper+0xc70/0x5450 [ 28.163699] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.163721] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.163747] ? kasan_atomics+0x152/0x310 [ 28.163775] kasan_atomics+0x1dc/0x310 [ 28.163798] ? __pfx_kasan_atomics+0x10/0x10 [ 28.163824] ? __pfx_read_tsc+0x10/0x10 [ 28.163866] ? ktime_get_ts64+0x86/0x230 [ 28.163892] kunit_try_run_case+0x1a5/0x480 [ 28.163918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.163961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.163989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.164017] ? __kthread_parkme+0x82/0x180 [ 28.164038] ? preempt_count_sub+0x50/0x80 [ 28.164062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.164087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.164112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.164137] kthread+0x337/0x6f0 [ 28.164167] ? trace_preempt_on+0x20/0xc0 [ 28.164193] ? __pfx_kthread+0x10/0x10 [ 28.164215] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.164239] ? calculate_sigpending+0x7b/0xa0 [ 28.164264] ? __pfx_kthread+0x10/0x10 [ 28.164287] ret_from_fork+0x116/0x1d0 [ 28.164307] ? __pfx_kthread+0x10/0x10 [ 28.164351] ret_from_fork_asm+0x1a/0x30 [ 28.164415] </TASK> [ 28.164428] [ 28.172900] Allocated by task 314: [ 28.173100] kasan_save_stack+0x45/0x70 [ 28.173308] kasan_save_track+0x18/0x40 [ 28.173522] kasan_save_alloc_info+0x3b/0x50 [ 28.173665] __kasan_kmalloc+0xb7/0xc0 [ 28.173791] __kmalloc_cache_noprof+0x189/0x420 [ 28.173963] kasan_atomics+0x95/0x310 [ 28.174326] kunit_try_run_case+0x1a5/0x480 [ 28.174686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.175005] kthread+0x337/0x6f0 [ 28.175170] ret_from_fork+0x116/0x1d0 [ 28.175299] ret_from_fork_asm+0x1a/0x30 [ 28.175433] [ 28.175498] The buggy address belongs to the object at ffff888106118e00 [ 28.175498] which belongs to the cache kmalloc-64 of size 64 [ 28.175975] The buggy address is located 0 bytes to the right of [ 28.175975] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.176551] [ 28.176642] The buggy address belongs to the physical page: [ 28.176881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.177329] flags: 0x200000000000000(node=0|zone=2) [ 28.177594] page_type: f5(slab) [ 28.177752] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.178083] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.178314] page dumped because: kasan: bad access detected [ 28.178478] [ 28.178543] Memory state around the buggy address: [ 28.178714] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.178939] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.179428] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.179743] ^ [ 28.179988] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.180305] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.180609] ================================================================== [ 28.094219] ================================================================== [ 28.094732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 28.095174] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.095556] [ 28.095685] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.095736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.095751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.095774] Call Trace: [ 28.095943] <TASK> [ 28.095965] dump_stack_lvl+0x73/0xb0 [ 28.095998] print_report+0xd1/0x640 [ 28.096021] ? __virt_addr_valid+0x1db/0x2d0 [ 28.096047] ? kasan_atomics_helper+0xa2b/0x5450 [ 28.096070] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.096097] ? kasan_atomics_helper+0xa2b/0x5450 [ 28.096120] kasan_report+0x141/0x180 [ 28.096157] ? kasan_atomics_helper+0xa2b/0x5450 [ 28.096184] kasan_check_range+0x10c/0x1c0 [ 28.096209] __kasan_check_write+0x18/0x20 [ 28.096233] kasan_atomics_helper+0xa2b/0x5450 [ 28.096257] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.096280] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.096305] ? kasan_atomics+0x152/0x310 [ 28.096333] kasan_atomics+0x1dc/0x310 [ 28.096356] ? __pfx_kasan_atomics+0x10/0x10 [ 28.096453] ? __pfx_read_tsc+0x10/0x10 [ 28.096480] ? ktime_get_ts64+0x86/0x230 [ 28.096506] kunit_try_run_case+0x1a5/0x480 [ 28.096533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.096556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.096584] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.096611] ? __kthread_parkme+0x82/0x180 [ 28.096633] ? preempt_count_sub+0x50/0x80 [ 28.096658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.096683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.096707] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.096732] kthread+0x337/0x6f0 [ 28.096754] ? trace_preempt_on+0x20/0xc0 [ 28.096779] ? __pfx_kthread+0x10/0x10 [ 28.096801] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.096826] ? calculate_sigpending+0x7b/0xa0 [ 28.096851] ? __pfx_kthread+0x10/0x10 [ 28.096874] ret_from_fork+0x116/0x1d0 [ 28.096895] ? __pfx_kthread+0x10/0x10 [ 28.096917] ret_from_fork_asm+0x1a/0x30 [ 28.096949] </TASK> [ 28.096962] [ 28.107161] Allocated by task 314: [ 28.107341] kasan_save_stack+0x45/0x70 [ 28.107660] kasan_save_track+0x18/0x40 [ 28.107850] kasan_save_alloc_info+0x3b/0x50 [ 28.108327] __kasan_kmalloc+0xb7/0xc0 [ 28.108573] __kmalloc_cache_noprof+0x189/0x420 [ 28.108861] kasan_atomics+0x95/0x310 [ 28.109128] kunit_try_run_case+0x1a5/0x480 [ 28.109332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.109562] kthread+0x337/0x6f0 [ 28.109966] ret_from_fork+0x116/0x1d0 [ 28.110159] ret_from_fork_asm+0x1a/0x30 [ 28.110561] [ 28.110638] The buggy address belongs to the object at ffff888106118e00 [ 28.110638] which belongs to the cache kmalloc-64 of size 64 [ 28.111102] The buggy address is located 0 bytes to the right of [ 28.111102] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.112093] [ 28.112266] The buggy address belongs to the physical page: [ 28.112670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.113186] flags: 0x200000000000000(node=0|zone=2) [ 28.113452] page_type: f5(slab) [ 28.113579] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.114066] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.114396] page dumped because: kasan: bad access detected [ 28.114807] [ 28.114894] Memory state around the buggy address: [ 28.115112] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.115667] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.116101] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.116605] ^ [ 28.116803] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.117190] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.117659] ================================================================== [ 28.807080] ================================================================== [ 28.807333] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 28.807774] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.808130] [ 28.808288] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.808341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.808354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.808446] Call Trace: [ 28.808469] <TASK> [ 28.808490] dump_stack_lvl+0x73/0xb0 [ 28.808522] print_report+0xd1/0x640 [ 28.808545] ? __virt_addr_valid+0x1db/0x2d0 [ 28.808572] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.808595] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.808622] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.808645] kasan_report+0x141/0x180 [ 28.808668] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.808695] kasan_check_range+0x10c/0x1c0 [ 28.808719] __kasan_check_write+0x18/0x20 [ 28.808745] kasan_atomics_helper+0x19e3/0x5450 [ 28.808768] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.808791] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.808817] ? kasan_atomics+0x152/0x310 [ 28.808856] kasan_atomics+0x1dc/0x310 [ 28.808882] ? __pfx_kasan_atomics+0x10/0x10 [ 28.808907] ? __pfx_read_tsc+0x10/0x10 [ 28.808942] ? ktime_get_ts64+0x86/0x230 [ 28.808984] kunit_try_run_case+0x1a5/0x480 [ 28.809011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.809035] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.809063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.809091] ? __kthread_parkme+0x82/0x180 [ 28.809113] ? preempt_count_sub+0x50/0x80 [ 28.809138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.809172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.809197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.809222] kthread+0x337/0x6f0 [ 28.809245] ? trace_preempt_on+0x20/0xc0 [ 28.809272] ? __pfx_kthread+0x10/0x10 [ 28.809294] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.809319] ? calculate_sigpending+0x7b/0xa0 [ 28.809344] ? __pfx_kthread+0x10/0x10 [ 28.809423] ret_from_fork+0x116/0x1d0 [ 28.809448] ? __pfx_kthread+0x10/0x10 [ 28.809470] ret_from_fork_asm+0x1a/0x30 [ 28.809503] </TASK> [ 28.809515] [ 28.817534] Allocated by task 314: [ 28.817684] kasan_save_stack+0x45/0x70 [ 28.817836] kasan_save_track+0x18/0x40 [ 28.818074] kasan_save_alloc_info+0x3b/0x50 [ 28.818294] __kasan_kmalloc+0xb7/0xc0 [ 28.818761] __kmalloc_cache_noprof+0x189/0x420 [ 28.819030] kasan_atomics+0x95/0x310 [ 28.819242] kunit_try_run_case+0x1a5/0x480 [ 28.819546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.819835] kthread+0x337/0x6f0 [ 28.820011] ret_from_fork+0x116/0x1d0 [ 28.820199] ret_from_fork_asm+0x1a/0x30 [ 28.820437] [ 28.820559] The buggy address belongs to the object at ffff888106118e00 [ 28.820559] which belongs to the cache kmalloc-64 of size 64 [ 28.821082] The buggy address is located 0 bytes to the right of [ 28.821082] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.821668] [ 28.821783] The buggy address belongs to the physical page: [ 28.822043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.822486] flags: 0x200000000000000(node=0|zone=2) [ 28.822712] page_type: f5(slab) [ 28.822902] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.823231] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.823846] page dumped because: kasan: bad access detected [ 28.824089] [ 28.824220] Memory state around the buggy address: [ 28.824433] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.824793] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.825038] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.825331] ^ [ 28.825660] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.826025] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.826347] ================================================================== [ 28.046259] ================================================================== [ 28.046723] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 28.047009] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.047762] [ 28.047942] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.047995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.048009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.048033] Call Trace: [ 28.048055] <TASK> [ 28.048074] dump_stack_lvl+0x73/0xb0 [ 28.048105] print_report+0xd1/0x640 [ 28.048129] ? __virt_addr_valid+0x1db/0x2d0 [ 28.048167] ? kasan_atomics_helper+0x8f9/0x5450 [ 28.048190] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.048219] ? kasan_atomics_helper+0x8f9/0x5450 [ 28.048242] kasan_report+0x141/0x180 [ 28.048266] ? kasan_atomics_helper+0x8f9/0x5450 [ 28.048293] kasan_check_range+0x10c/0x1c0 [ 28.048318] __kasan_check_write+0x18/0x20 [ 28.048343] kasan_atomics_helper+0x8f9/0x5450 [ 28.048525] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.048610] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.048639] ? kasan_atomics+0x152/0x310 [ 28.048721] kasan_atomics+0x1dc/0x310 [ 28.048749] ? __pfx_kasan_atomics+0x10/0x10 [ 28.048775] ? __pfx_read_tsc+0x10/0x10 [ 28.048801] ? ktime_get_ts64+0x86/0x230 [ 28.048832] kunit_try_run_case+0x1a5/0x480 [ 28.048859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.048883] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.048911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.048946] ? __kthread_parkme+0x82/0x180 [ 28.048968] ? preempt_count_sub+0x50/0x80 [ 28.048994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.049019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.049044] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.049070] kthread+0x337/0x6f0 [ 28.049092] ? trace_preempt_on+0x20/0xc0 [ 28.049118] ? __pfx_kthread+0x10/0x10 [ 28.049141] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.049179] ? calculate_sigpending+0x7b/0xa0 [ 28.049205] ? __pfx_kthread+0x10/0x10 [ 28.049229] ret_from_fork+0x116/0x1d0 [ 28.049251] ? __pfx_kthread+0x10/0x10 [ 28.049273] ret_from_fork_asm+0x1a/0x30 [ 28.049305] </TASK> [ 28.049318] [ 28.059715] Allocated by task 314: [ 28.060121] kasan_save_stack+0x45/0x70 [ 28.060453] kasan_save_track+0x18/0x40 [ 28.060722] kasan_save_alloc_info+0x3b/0x50 [ 28.060899] __kasan_kmalloc+0xb7/0xc0 [ 28.061108] __kmalloc_cache_noprof+0x189/0x420 [ 28.061693] kasan_atomics+0x95/0x310 [ 28.061851] kunit_try_run_case+0x1a5/0x480 [ 28.062086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.062496] kthread+0x337/0x6f0 [ 28.062675] ret_from_fork+0x116/0x1d0 [ 28.062927] ret_from_fork_asm+0x1a/0x30 [ 28.063138] [ 28.063262] The buggy address belongs to the object at ffff888106118e00 [ 28.063262] which belongs to the cache kmalloc-64 of size 64 [ 28.064081] The buggy address is located 0 bytes to the right of [ 28.064081] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.064585] [ 28.064692] The buggy address belongs to the physical page: [ 28.064920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.065639] flags: 0x200000000000000(node=0|zone=2) [ 28.065981] page_type: f5(slab) [ 28.066259] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.066562] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.067073] page dumped because: kasan: bad access detected [ 28.067301] [ 28.067488] Memory state around the buggy address: [ 28.067766] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.068187] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.068503] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.068836] ^ [ 28.069023] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.069465] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.069954] ================================================================== [ 27.948554] ================================================================== [ 27.949158] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 27.949548] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.949936] [ 27.950063] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.950116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.950132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.950353] Call Trace: [ 27.950371] <TASK> [ 27.950460] dump_stack_lvl+0x73/0xb0 [ 27.950497] print_report+0xd1/0x640 [ 27.950522] ? __virt_addr_valid+0x1db/0x2d0 [ 27.950548] ? kasan_atomics_helper+0x697/0x5450 [ 27.950571] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.950599] ? kasan_atomics_helper+0x697/0x5450 [ 27.950622] kasan_report+0x141/0x180 [ 27.950647] ? kasan_atomics_helper+0x697/0x5450 [ 27.950674] kasan_check_range+0x10c/0x1c0 [ 27.950699] __kasan_check_write+0x18/0x20 [ 27.950724] kasan_atomics_helper+0x697/0x5450 [ 27.950749] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.950772] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.950798] ? kasan_atomics+0x152/0x310 [ 27.950825] kasan_atomics+0x1dc/0x310 [ 27.950848] ? __pfx_kasan_atomics+0x10/0x10 [ 27.950874] ? __pfx_read_tsc+0x10/0x10 [ 27.950899] ? ktime_get_ts64+0x86/0x230 [ 27.950925] kunit_try_run_case+0x1a5/0x480 [ 27.951042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.951066] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.951093] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.951119] ? __kthread_parkme+0x82/0x180 [ 27.951140] ? preempt_count_sub+0x50/0x80 [ 27.951179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.951205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.951229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.951254] kthread+0x337/0x6f0 [ 27.951277] ? trace_preempt_on+0x20/0xc0 [ 27.951302] ? __pfx_kthread+0x10/0x10 [ 27.951325] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.951349] ? calculate_sigpending+0x7b/0xa0 [ 27.951376] ? __pfx_kthread+0x10/0x10 [ 27.951407] ret_from_fork+0x116/0x1d0 [ 27.951430] ? __pfx_kthread+0x10/0x10 [ 27.951452] ret_from_fork_asm+0x1a/0x30 [ 27.951484] </TASK> [ 27.951497] [ 27.961827] Allocated by task 314: [ 27.962262] kasan_save_stack+0x45/0x70 [ 27.962576] kasan_save_track+0x18/0x40 [ 27.962818] kasan_save_alloc_info+0x3b/0x50 [ 27.963222] __kasan_kmalloc+0xb7/0xc0 [ 27.963464] __kmalloc_cache_noprof+0x189/0x420 [ 27.963745] kasan_atomics+0x95/0x310 [ 27.964021] kunit_try_run_case+0x1a5/0x480 [ 27.964229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.964457] kthread+0x337/0x6f0 [ 27.964815] ret_from_fork+0x116/0x1d0 [ 27.964991] ret_from_fork_asm+0x1a/0x30 [ 27.965283] [ 27.965471] The buggy address belongs to the object at ffff888106118e00 [ 27.965471] which belongs to the cache kmalloc-64 of size 64 [ 27.966123] The buggy address is located 0 bytes to the right of [ 27.966123] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 27.966705] [ 27.966800] The buggy address belongs to the physical page: [ 27.967194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 27.967708] flags: 0x200000000000000(node=0|zone=2) [ 27.967925] page_type: f5(slab) [ 27.968388] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.968764] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.969240] page dumped because: kasan: bad access detected [ 27.969433] [ 27.969525] Memory state around the buggy address: [ 27.969809] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.970234] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.970790] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.971062] ^ [ 27.971325] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.971895] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.972388] ================================================================== [ 28.499505] ================================================================== [ 28.499818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 28.500808] Read of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.501157] [ 28.501283] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.501336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.501352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.501376] Call Trace: [ 28.501397] <TASK> [ 28.501418] dump_stack_lvl+0x73/0xb0 [ 28.501450] print_report+0xd1/0x640 [ 28.501474] ? __virt_addr_valid+0x1db/0x2d0 [ 28.501500] ? kasan_atomics_helper+0x49ce/0x5450 [ 28.501523] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.501551] ? kasan_atomics_helper+0x49ce/0x5450 [ 28.501575] kasan_report+0x141/0x180 [ 28.501599] ? kasan_atomics_helper+0x49ce/0x5450 [ 28.501647] __asan_report_load4_noabort+0x18/0x20 [ 28.501674] kasan_atomics_helper+0x49ce/0x5450 [ 28.501697] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.501719] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.501746] ? kasan_atomics+0x152/0x310 [ 28.501772] kasan_atomics+0x1dc/0x310 [ 28.501796] ? __pfx_kasan_atomics+0x10/0x10 [ 28.501821] ? __pfx_read_tsc+0x10/0x10 [ 28.501844] ? ktime_get_ts64+0x86/0x230 [ 28.501870] kunit_try_run_case+0x1a5/0x480 [ 28.501896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.501920] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.501956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.501984] ? __kthread_parkme+0x82/0x180 [ 28.502005] ? preempt_count_sub+0x50/0x80 [ 28.502030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.502055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.502081] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.502105] kthread+0x337/0x6f0 [ 28.502127] ? trace_preempt_on+0x20/0xc0 [ 28.502162] ? __pfx_kthread+0x10/0x10 [ 28.502185] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.502209] ? calculate_sigpending+0x7b/0xa0 [ 28.502235] ? __pfx_kthread+0x10/0x10 [ 28.502257] ret_from_fork+0x116/0x1d0 [ 28.502279] ? __pfx_kthread+0x10/0x10 [ 28.502300] ret_from_fork_asm+0x1a/0x30 [ 28.502333] </TASK> [ 28.502345] [ 28.510540] Allocated by task 314: [ 28.510706] kasan_save_stack+0x45/0x70 [ 28.510879] kasan_save_track+0x18/0x40 [ 28.511010] kasan_save_alloc_info+0x3b/0x50 [ 28.511180] __kasan_kmalloc+0xb7/0xc0 [ 28.511386] __kmalloc_cache_noprof+0x189/0x420 [ 28.511843] kasan_atomics+0x95/0x310 [ 28.512031] kunit_try_run_case+0x1a5/0x480 [ 28.512185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.512356] kthread+0x337/0x6f0 [ 28.512588] ret_from_fork+0x116/0x1d0 [ 28.513098] ret_from_fork_asm+0x1a/0x30 [ 28.513505] [ 28.513590] The buggy address belongs to the object at ffff888106118e00 [ 28.513590] which belongs to the cache kmalloc-64 of size 64 [ 28.514076] The buggy address is located 0 bytes to the right of [ 28.514076] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.514557] [ 28.514649] The buggy address belongs to the physical page: [ 28.514943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.515292] flags: 0x200000000000000(node=0|zone=2) [ 28.515640] page_type: f5(slab) [ 28.515804] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.516042] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.516381] page dumped because: kasan: bad access detected [ 28.516585] [ 28.516652] Memory state around the buggy address: [ 28.516957] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.517310] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.517525] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.517735] ^ [ 28.517888] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.518100] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.518317] ================================================================== [ 28.622989] ================================================================== [ 28.623969] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 28.624335] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.624620] [ 28.624713] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.624764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.624779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.624802] Call Trace: [ 28.624824] <TASK> [ 28.624845] dump_stack_lvl+0x73/0xb0 [ 28.624875] print_report+0xd1/0x640 [ 28.624899] ? __virt_addr_valid+0x1db/0x2d0 [ 28.624926] ? kasan_atomics_helper+0x151d/0x5450 [ 28.624958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.624986] ? kasan_atomics_helper+0x151d/0x5450 [ 28.625010] kasan_report+0x141/0x180 [ 28.625034] ? kasan_atomics_helper+0x151d/0x5450 [ 28.625061] kasan_check_range+0x10c/0x1c0 [ 28.625087] __kasan_check_write+0x18/0x20 [ 28.625111] kasan_atomics_helper+0x151d/0x5450 [ 28.625136] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.625172] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.625198] ? kasan_atomics+0x152/0x310 [ 28.625226] kasan_atomics+0x1dc/0x310 [ 28.625250] ? __pfx_kasan_atomics+0x10/0x10 [ 28.625276] ? __pfx_read_tsc+0x10/0x10 [ 28.625300] ? ktime_get_ts64+0x86/0x230 [ 28.625326] kunit_try_run_case+0x1a5/0x480 [ 28.625353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.625377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.625455] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.625482] ? __kthread_parkme+0x82/0x180 [ 28.625504] ? preempt_count_sub+0x50/0x80 [ 28.625527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.625553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.625579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.625604] kthread+0x337/0x6f0 [ 28.625626] ? trace_preempt_on+0x20/0xc0 [ 28.625652] ? __pfx_kthread+0x10/0x10 [ 28.625674] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.625700] ? calculate_sigpending+0x7b/0xa0 [ 28.625726] ? __pfx_kthread+0x10/0x10 [ 28.625748] ret_from_fork+0x116/0x1d0 [ 28.625771] ? __pfx_kthread+0x10/0x10 [ 28.625793] ret_from_fork_asm+0x1a/0x30 [ 28.625826] </TASK> [ 28.625839] [ 28.633838] Allocated by task 314: [ 28.634080] kasan_save_stack+0x45/0x70 [ 28.634303] kasan_save_track+0x18/0x40 [ 28.634582] kasan_save_alloc_info+0x3b/0x50 [ 28.634773] __kasan_kmalloc+0xb7/0xc0 [ 28.634955] __kmalloc_cache_noprof+0x189/0x420 [ 28.635366] kasan_atomics+0x95/0x310 [ 28.635628] kunit_try_run_case+0x1a5/0x480 [ 28.635831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.636125] kthread+0x337/0x6f0 [ 28.636289] ret_from_fork+0x116/0x1d0 [ 28.636572] ret_from_fork_asm+0x1a/0x30 [ 28.636764] [ 28.636857] The buggy address belongs to the object at ffff888106118e00 [ 28.636857] which belongs to the cache kmalloc-64 of size 64 [ 28.637344] The buggy address is located 0 bytes to the right of [ 28.637344] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.637908] [ 28.638040] The buggy address belongs to the physical page: [ 28.638288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.638679] flags: 0x200000000000000(node=0|zone=2) [ 28.638846] page_type: f5(slab) [ 28.638967] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.639234] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.639810] page dumped because: kasan: bad access detected [ 28.640059] [ 28.640152] Memory state around the buggy address: [ 28.640307] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.640522] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.641161] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.641457] ^ [ 28.641638] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.641850] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.642058] ================================================================== [ 29.171592] ================================================================== [ 29.172269] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 29.172898] Read of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 29.173631] [ 29.173844] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 29.173898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.173912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.173935] Call Trace: [ 29.173969] <TASK> [ 29.173990] dump_stack_lvl+0x73/0xb0 [ 29.174021] print_report+0xd1/0x640 [ 29.174045] ? __virt_addr_valid+0x1db/0x2d0 [ 29.174071] ? kasan_atomics_helper+0x5115/0x5450 [ 29.174094] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.174120] ? kasan_atomics_helper+0x5115/0x5450 [ 29.174153] kasan_report+0x141/0x180 [ 29.174176] ? kasan_atomics_helper+0x5115/0x5450 [ 29.174204] __asan_report_load8_noabort+0x18/0x20 [ 29.174241] kasan_atomics_helper+0x5115/0x5450 [ 29.174265] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.174301] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.174327] ? kasan_atomics+0x152/0x310 [ 29.174354] kasan_atomics+0x1dc/0x310 [ 29.174378] ? __pfx_kasan_atomics+0x10/0x10 [ 29.174403] ? __pfx_read_tsc+0x10/0x10 [ 29.174437] ? ktime_get_ts64+0x86/0x230 [ 29.174464] kunit_try_run_case+0x1a5/0x480 [ 29.174501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.174525] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.174554] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.174580] ? __kthread_parkme+0x82/0x180 [ 29.174603] ? preempt_count_sub+0x50/0x80 [ 29.174627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.174653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.174678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.174703] kthread+0x337/0x6f0 [ 29.174725] ? trace_preempt_on+0x20/0xc0 [ 29.174752] ? __pfx_kthread+0x10/0x10 [ 29.174774] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.174798] ? calculate_sigpending+0x7b/0xa0 [ 29.174824] ? __pfx_kthread+0x10/0x10 [ 29.174847] ret_from_fork+0x116/0x1d0 [ 29.174868] ? __pfx_kthread+0x10/0x10 [ 29.174890] ret_from_fork_asm+0x1a/0x30 [ 29.174922] </TASK> [ 29.174944] [ 29.182466] Allocated by task 314: [ 29.182651] kasan_save_stack+0x45/0x70 [ 29.182842] kasan_save_track+0x18/0x40 [ 29.183043] kasan_save_alloc_info+0x3b/0x50 [ 29.183264] __kasan_kmalloc+0xb7/0xc0 [ 29.183426] __kmalloc_cache_noprof+0x189/0x420 [ 29.183636] kasan_atomics+0x95/0x310 [ 29.183841] kunit_try_run_case+0x1a5/0x480 [ 29.184026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.184269] kthread+0x337/0x6f0 [ 29.184422] ret_from_fork+0x116/0x1d0 [ 29.184609] ret_from_fork_asm+0x1a/0x30 [ 29.184793] [ 29.184889] The buggy address belongs to the object at ffff888106118e00 [ 29.184889] which belongs to the cache kmalloc-64 of size 64 [ 29.185424] The buggy address is located 0 bytes to the right of [ 29.185424] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 29.185775] [ 29.185842] The buggy address belongs to the physical page: [ 29.186187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 29.186555] flags: 0x200000000000000(node=0|zone=2) [ 29.186731] page_type: f5(slab) [ 29.186846] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.187276] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.187572] page dumped because: kasan: bad access detected [ 29.187840] [ 29.187929] Memory state around the buggy address: [ 29.188131] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.188368] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.188692] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.189090] ^ [ 29.189288] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.189618] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.189906] ================================================================== [ 28.931797] ================================================================== [ 28.932450] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 28.932786] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.933284] [ 28.933384] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.933440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.933454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.933479] Call Trace: [ 28.933500] <TASK> [ 28.933522] dump_stack_lvl+0x73/0xb0 [ 28.933553] print_report+0xd1/0x640 [ 28.933661] ? __virt_addr_valid+0x1db/0x2d0 [ 28.933692] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.933715] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.933744] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.933767] kasan_report+0x141/0x180 [ 28.933791] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.933819] kasan_check_range+0x10c/0x1c0 [ 28.933844] __kasan_check_write+0x18/0x20 [ 28.933869] kasan_atomics_helper+0x1d7a/0x5450 [ 28.933893] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.933917] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.934053] ? kasan_atomics+0x152/0x310 [ 28.934082] kasan_atomics+0x1dc/0x310 [ 28.934212] ? __pfx_kasan_atomics+0x10/0x10 [ 28.934239] ? __pfx_read_tsc+0x10/0x10 [ 28.934263] ? ktime_get_ts64+0x86/0x230 [ 28.934289] kunit_try_run_case+0x1a5/0x480 [ 28.934316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.934339] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.934368] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.934395] ? __kthread_parkme+0x82/0x180 [ 28.934418] ? preempt_count_sub+0x50/0x80 [ 28.934443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.934467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.934492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.934517] kthread+0x337/0x6f0 [ 28.934539] ? trace_preempt_on+0x20/0xc0 [ 28.934566] ? __pfx_kthread+0x10/0x10 [ 28.934588] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.934612] ? calculate_sigpending+0x7b/0xa0 [ 28.934638] ? __pfx_kthread+0x10/0x10 [ 28.934660] ret_from_fork+0x116/0x1d0 [ 28.934682] ? __pfx_kthread+0x10/0x10 [ 28.934705] ret_from_fork_asm+0x1a/0x30 [ 28.934738] </TASK> [ 28.934752] [ 28.946021] Allocated by task 314: [ 28.946185] kasan_save_stack+0x45/0x70 [ 28.946345] kasan_save_track+0x18/0x40 [ 28.946479] kasan_save_alloc_info+0x3b/0x50 [ 28.946625] __kasan_kmalloc+0xb7/0xc0 [ 28.946755] __kmalloc_cache_noprof+0x189/0x420 [ 28.946913] kasan_atomics+0x95/0x310 [ 28.947088] kunit_try_run_case+0x1a5/0x480 [ 28.947259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.947496] kthread+0x337/0x6f0 [ 28.947621] ret_from_fork+0x116/0x1d0 [ 28.947753] ret_from_fork_asm+0x1a/0x30 [ 28.947909] [ 28.948014] The buggy address belongs to the object at ffff888106118e00 [ 28.948014] which belongs to the cache kmalloc-64 of size 64 [ 28.948484] The buggy address is located 0 bytes to the right of [ 28.948484] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.948955] [ 28.949050] The buggy address belongs to the physical page: [ 28.949323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.949673] flags: 0x200000000000000(node=0|zone=2) [ 28.949886] page_type: f5(slab) [ 28.950114] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.950421] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.950716] page dumped because: kasan: bad access detected [ 28.950925] [ 28.951018] Memory state around the buggy address: [ 28.951235] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.951499] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.951782] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.952095] ^ [ 28.952276] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.952490] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.952761] ================================================================== [ 27.832703] ================================================================== [ 27.833428] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 27.834123] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.834837] [ 27.835059] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.835120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.835134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.835166] Call Trace: [ 27.835188] <TASK> [ 27.835209] dump_stack_lvl+0x73/0xb0 [ 27.835240] print_report+0xd1/0x640 [ 27.835263] ? __virt_addr_valid+0x1db/0x2d0 [ 27.835290] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.835314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.835351] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.835404] kasan_report+0x141/0x180 [ 27.835429] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.835456] kasan_check_range+0x10c/0x1c0 [ 27.835480] __kasan_check_write+0x18/0x20 [ 27.835505] kasan_atomics_helper+0x4a0/0x5450 [ 27.835529] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.835552] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.835579] ? kasan_atomics+0x152/0x310 [ 27.835606] kasan_atomics+0x1dc/0x310 [ 27.835634] ? __pfx_kasan_atomics+0x10/0x10 [ 27.835659] ? __pfx_read_tsc+0x10/0x10 [ 27.835682] ? ktime_get_ts64+0x86/0x230 [ 27.835709] kunit_try_run_case+0x1a5/0x480 [ 27.835735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.835759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.835786] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.835813] ? __kthread_parkme+0x82/0x180 [ 27.835834] ? preempt_count_sub+0x50/0x80 [ 27.835858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.835883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.835908] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.835933] kthread+0x337/0x6f0 [ 27.835963] ? trace_preempt_on+0x20/0xc0 [ 27.835990] ? __pfx_kthread+0x10/0x10 [ 27.836011] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.836037] ? calculate_sigpending+0x7b/0xa0 [ 27.836063] ? __pfx_kthread+0x10/0x10 [ 27.836086] ret_from_fork+0x116/0x1d0 [ 27.836107] ? __pfx_kthread+0x10/0x10 [ 27.836128] ret_from_fork_asm+0x1a/0x30 [ 27.836171] </TASK> [ 27.836183] [ 27.851064] Allocated by task 314: [ 27.851431] kasan_save_stack+0x45/0x70 [ 27.851846] kasan_save_track+0x18/0x40 [ 27.852259] kasan_save_alloc_info+0x3b/0x50 [ 27.852620] __kasan_kmalloc+0xb7/0xc0 [ 27.852970] __kmalloc_cache_noprof+0x189/0x420 [ 27.853159] kasan_atomics+0x95/0x310 [ 27.853314] kunit_try_run_case+0x1a5/0x480 [ 27.853779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.854354] kthread+0x337/0x6f0 [ 27.854680] ret_from_fork+0x116/0x1d0 [ 27.855061] ret_from_fork_asm+0x1a/0x30 [ 27.855472] [ 27.855680] The buggy address belongs to the object at ffff888106118e00 [ 27.855680] which belongs to the cache kmalloc-64 of size 64 [ 27.856053] The buggy address is located 0 bytes to the right of [ 27.856053] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 27.857094] [ 27.857279] The buggy address belongs to the physical page: [ 27.857816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 27.858334] flags: 0x200000000000000(node=0|zone=2) [ 27.858841] page_type: f5(slab) [ 27.859197] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.859598] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.860122] page dumped because: kasan: bad access detected [ 27.860422] [ 27.860612] Memory state around the buggy address: [ 27.861076] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.861766] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.862463] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.862730] ^ [ 27.862885] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.863550] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.864281] ================================================================== [ 28.143202] ================================================================== [ 28.143454] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 28.144361] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.144663] [ 28.144756] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.144809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.144823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.144846] Call Trace: [ 28.144866] <TASK> [ 28.144885] dump_stack_lvl+0x73/0xb0 [ 28.144915] print_report+0xd1/0x640 [ 28.144949] ? __virt_addr_valid+0x1db/0x2d0 [ 28.144975] ? kasan_atomics_helper+0xb6a/0x5450 [ 28.144998] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.145026] ? kasan_atomics_helper+0xb6a/0x5450 [ 28.145048] kasan_report+0x141/0x180 [ 28.145072] ? kasan_atomics_helper+0xb6a/0x5450 [ 28.145098] kasan_check_range+0x10c/0x1c0 [ 28.145123] __kasan_check_write+0x18/0x20 [ 28.145159] kasan_atomics_helper+0xb6a/0x5450 [ 28.145183] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.145206] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.145232] ? kasan_atomics+0x152/0x310 [ 28.145259] kasan_atomics+0x1dc/0x310 [ 28.145282] ? __pfx_kasan_atomics+0x10/0x10 [ 28.145308] ? __pfx_read_tsc+0x10/0x10 [ 28.145334] ? ktime_get_ts64+0x86/0x230 [ 28.145360] kunit_try_run_case+0x1a5/0x480 [ 28.145398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.145422] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.145449] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.145476] ? __kthread_parkme+0x82/0x180 [ 28.145496] ? preempt_count_sub+0x50/0x80 [ 28.145521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.145546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.145571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.145595] kthread+0x337/0x6f0 [ 28.145617] ? trace_preempt_on+0x20/0xc0 [ 28.145643] ? __pfx_kthread+0x10/0x10 [ 28.145665] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.145691] ? calculate_sigpending+0x7b/0xa0 [ 28.145715] ? __pfx_kthread+0x10/0x10 [ 28.145737] ret_from_fork+0x116/0x1d0 [ 28.145759] ? __pfx_kthread+0x10/0x10 [ 28.145781] ret_from_fork_asm+0x1a/0x30 [ 28.145813] </TASK> [ 28.145825] [ 28.153836] Allocated by task 314: [ 28.153992] kasan_save_stack+0x45/0x70 [ 28.154134] kasan_save_track+0x18/0x40 [ 28.154273] kasan_save_alloc_info+0x3b/0x50 [ 28.154413] __kasan_kmalloc+0xb7/0xc0 [ 28.154614] __kmalloc_cache_noprof+0x189/0x420 [ 28.154965] kasan_atomics+0x95/0x310 [ 28.155158] kunit_try_run_case+0x1a5/0x480 [ 28.155387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.155645] kthread+0x337/0x6f0 [ 28.155836] ret_from_fork+0x116/0x1d0 [ 28.156047] ret_from_fork_asm+0x1a/0x30 [ 28.156252] [ 28.156372] The buggy address belongs to the object at ffff888106118e00 [ 28.156372] which belongs to the cache kmalloc-64 of size 64 [ 28.156821] The buggy address is located 0 bytes to the right of [ 28.156821] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.157208] [ 28.157277] The buggy address belongs to the physical page: [ 28.157596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.158027] flags: 0x200000000000000(node=0|zone=2) [ 28.158267] page_type: f5(slab) [ 28.158496] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.158759] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.159000] page dumped because: kasan: bad access detected [ 28.159173] [ 28.159240] Memory state around the buggy address: [ 28.159386] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.160015] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.160386] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.160735] ^ [ 28.160983] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.161331] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.161573] ================================================================== [ 28.410919] ================================================================== [ 28.411471] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 28.412060] Read of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.412341] [ 28.412434] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.412531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.412544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.412568] Call Trace: [ 28.412590] <TASK> [ 28.412612] dump_stack_lvl+0x73/0xb0 [ 28.412642] print_report+0xd1/0x640 [ 28.412665] ? __virt_addr_valid+0x1db/0x2d0 [ 28.412691] ? kasan_atomics_helper+0x4a02/0x5450 [ 28.412715] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.412742] ? kasan_atomics_helper+0x4a02/0x5450 [ 28.412764] kasan_report+0x141/0x180 [ 28.412787] ? kasan_atomics_helper+0x4a02/0x5450 [ 28.412814] __asan_report_load4_noabort+0x18/0x20 [ 28.412839] kasan_atomics_helper+0x4a02/0x5450 [ 28.412864] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.412887] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.412913] ? kasan_atomics+0x152/0x310 [ 28.412950] kasan_atomics+0x1dc/0x310 [ 28.412976] ? __pfx_kasan_atomics+0x10/0x10 [ 28.413003] ? __pfx_read_tsc+0x10/0x10 [ 28.413029] ? ktime_get_ts64+0x86/0x230 [ 28.413056] kunit_try_run_case+0x1a5/0x480 [ 28.413082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.413105] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.413133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.413173] ? __kthread_parkme+0x82/0x180 [ 28.413194] ? preempt_count_sub+0x50/0x80 [ 28.413218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.413245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.413272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.413298] kthread+0x337/0x6f0 [ 28.413321] ? trace_preempt_on+0x20/0xc0 [ 28.413347] ? __pfx_kthread+0x10/0x10 [ 28.413418] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.413447] ? calculate_sigpending+0x7b/0xa0 [ 28.413473] ? __pfx_kthread+0x10/0x10 [ 28.413496] ret_from_fork+0x116/0x1d0 [ 28.413518] ? __pfx_kthread+0x10/0x10 [ 28.413540] ret_from_fork_asm+0x1a/0x30 [ 28.413573] </TASK> [ 28.413585] [ 28.426818] Allocated by task 314: [ 28.427170] kasan_save_stack+0x45/0x70 [ 28.427587] kasan_save_track+0x18/0x40 [ 28.427981] kasan_save_alloc_info+0x3b/0x50 [ 28.428234] __kasan_kmalloc+0xb7/0xc0 [ 28.428365] __kmalloc_cache_noprof+0x189/0x420 [ 28.428972] kasan_atomics+0x95/0x310 [ 28.429389] kunit_try_run_case+0x1a5/0x480 [ 28.429798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.430093] kthread+0x337/0x6f0 [ 28.430266] ret_from_fork+0x116/0x1d0 [ 28.430612] ret_from_fork_asm+0x1a/0x30 [ 28.430996] [ 28.431166] The buggy address belongs to the object at ffff888106118e00 [ 28.431166] which belongs to the cache kmalloc-64 of size 64 [ 28.431705] The buggy address is located 0 bytes to the right of [ 28.431705] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.432095] [ 28.432176] The buggy address belongs to the physical page: [ 28.432519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.432830] flags: 0x200000000000000(node=0|zone=2) [ 28.433054] page_type: f5(slab) [ 28.433207] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.433533] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.433823] page dumped because: kasan: bad access detected [ 28.434137] [ 28.434219] Memory state around the buggy address: [ 28.434373] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.434732] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.435113] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.435461] ^ [ 28.435673] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.435984] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.436276] ================================================================== [ 29.026178] ================================================================== [ 29.026779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 29.027019] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 29.027258] [ 29.027346] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 29.027397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.027411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.027435] Call Trace: [ 29.027455] <TASK> [ 29.027475] dump_stack_lvl+0x73/0xb0 [ 29.027505] print_report+0xd1/0x640 [ 29.027529] ? __virt_addr_valid+0x1db/0x2d0 [ 29.027555] ? kasan_atomics_helper+0x2006/0x5450 [ 29.027577] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.027605] ? kasan_atomics_helper+0x2006/0x5450 [ 29.027633] kasan_report+0x141/0x180 [ 29.027657] ? kasan_atomics_helper+0x2006/0x5450 [ 29.027684] kasan_check_range+0x10c/0x1c0 [ 29.027709] __kasan_check_write+0x18/0x20 [ 29.027734] kasan_atomics_helper+0x2006/0x5450 [ 29.027758] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.027782] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.027810] ? kasan_atomics+0x152/0x310 [ 29.027838] kasan_atomics+0x1dc/0x310 [ 29.027862] ? __pfx_kasan_atomics+0x10/0x10 [ 29.027888] ? __pfx_read_tsc+0x10/0x10 [ 29.027912] ? ktime_get_ts64+0x86/0x230 [ 29.027939] kunit_try_run_case+0x1a5/0x480 [ 29.027965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.027990] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.028017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.028044] ? __kthread_parkme+0x82/0x180 [ 29.028066] ? preempt_count_sub+0x50/0x80 [ 29.028091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.028117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.028152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.028177] kthread+0x337/0x6f0 [ 29.028199] ? trace_preempt_on+0x20/0xc0 [ 29.028225] ? __pfx_kthread+0x10/0x10 [ 29.028246] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.028272] ? calculate_sigpending+0x7b/0xa0 [ 29.028298] ? __pfx_kthread+0x10/0x10 [ 29.028321] ret_from_fork+0x116/0x1d0 [ 29.028341] ? __pfx_kthread+0x10/0x10 [ 29.028364] ret_from_fork_asm+0x1a/0x30 [ 29.028396] </TASK> [ 29.028409] [ 29.035945] Allocated by task 314: [ 29.036124] kasan_save_stack+0x45/0x70 [ 29.036334] kasan_save_track+0x18/0x40 [ 29.036521] kasan_save_alloc_info+0x3b/0x50 [ 29.036726] __kasan_kmalloc+0xb7/0xc0 [ 29.036889] __kmalloc_cache_noprof+0x189/0x420 [ 29.037174] kasan_atomics+0x95/0x310 [ 29.037306] kunit_try_run_case+0x1a5/0x480 [ 29.037450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.037622] kthread+0x337/0x6f0 [ 29.037738] ret_from_fork+0x116/0x1d0 [ 29.037869] ret_from_fork_asm+0x1a/0x30 [ 29.038005] [ 29.038072] The buggy address belongs to the object at ffff888106118e00 [ 29.038072] which belongs to the cache kmalloc-64 of size 64 [ 29.038592] The buggy address is located 0 bytes to the right of [ 29.038592] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 29.039217] [ 29.039319] The buggy address belongs to the physical page: [ 29.039580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 29.039953] flags: 0x200000000000000(node=0|zone=2) [ 29.040197] page_type: f5(slab) [ 29.040323] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.040544] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.040757] page dumped because: kasan: bad access detected [ 29.040931] [ 29.041012] Memory state around the buggy address: [ 29.042665] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.043041] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.043423] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.043747] ^ [ 29.044019] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.044424] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.045286] ================================================================== [ 28.291550] ================================================================== [ 28.291835] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 28.292195] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.292461] [ 28.292768] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.292828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.292843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.292867] Call Trace: [ 28.292881] <TASK> [ 28.292900] dump_stack_lvl+0x73/0xb0 [ 28.292933] print_report+0xd1/0x640 [ 28.292973] ? __virt_addr_valid+0x1db/0x2d0 [ 28.292999] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.293021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.293049] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.293071] kasan_report+0x141/0x180 [ 28.293094] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.293121] kasan_check_range+0x10c/0x1c0 [ 28.293159] __kasan_check_write+0x18/0x20 [ 28.293186] kasan_atomics_helper+0xfa9/0x5450 [ 28.293210] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.293233] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.293259] ? kasan_atomics+0x152/0x310 [ 28.293287] kasan_atomics+0x1dc/0x310 [ 28.293312] ? __pfx_kasan_atomics+0x10/0x10 [ 28.293337] ? __pfx_read_tsc+0x10/0x10 [ 28.293361] ? ktime_get_ts64+0x86/0x230 [ 28.293443] kunit_try_run_case+0x1a5/0x480 [ 28.293475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.293499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.293526] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.293553] ? __kthread_parkme+0x82/0x180 [ 28.293575] ? preempt_count_sub+0x50/0x80 [ 28.293599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.293625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.293651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.293675] kthread+0x337/0x6f0 [ 28.293697] ? trace_preempt_on+0x20/0xc0 [ 28.293723] ? __pfx_kthread+0x10/0x10 [ 28.293746] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.293770] ? calculate_sigpending+0x7b/0xa0 [ 28.293796] ? __pfx_kthread+0x10/0x10 [ 28.293819] ret_from_fork+0x116/0x1d0 [ 28.293840] ? __pfx_kthread+0x10/0x10 [ 28.293863] ret_from_fork_asm+0x1a/0x30 [ 28.293895] </TASK> [ 28.293909] [ 28.301986] Allocated by task 314: [ 28.302129] kasan_save_stack+0x45/0x70 [ 28.302287] kasan_save_track+0x18/0x40 [ 28.302465] kasan_save_alloc_info+0x3b/0x50 [ 28.302682] __kasan_kmalloc+0xb7/0xc0 [ 28.302864] __kmalloc_cache_noprof+0x189/0x420 [ 28.303206] kasan_atomics+0x95/0x310 [ 28.303653] kunit_try_run_case+0x1a5/0x480 [ 28.303888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.304381] kthread+0x337/0x6f0 [ 28.304531] ret_from_fork+0x116/0x1d0 [ 28.304756] ret_from_fork_asm+0x1a/0x30 [ 28.304935] [ 28.305072] The buggy address belongs to the object at ffff888106118e00 [ 28.305072] which belongs to the cache kmalloc-64 of size 64 [ 28.305573] The buggy address is located 0 bytes to the right of [ 28.305573] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.306217] [ 28.306310] The buggy address belongs to the physical page: [ 28.306543] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.306896] flags: 0x200000000000000(node=0|zone=2) [ 28.307079] page_type: f5(slab) [ 28.307254] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.307556] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.307870] page dumped because: kasan: bad access detected [ 28.308099] [ 28.308184] Memory state around the buggy address: [ 28.308432] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.308649] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.308861] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.309074] ^ [ 28.309281] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.309768] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.310498] ================================================================== [ 28.670979] ================================================================== [ 28.671754] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 28.672417] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.673124] [ 28.673326] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.673377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.673400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.673423] Call Trace: [ 28.673444] <TASK> [ 28.673462] dump_stack_lvl+0x73/0xb0 [ 28.673495] print_report+0xd1/0x640 [ 28.673521] ? __virt_addr_valid+0x1db/0x2d0 [ 28.673562] ? kasan_atomics_helper+0x164f/0x5450 [ 28.673585] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.673622] ? kasan_atomics_helper+0x164f/0x5450 [ 28.673644] kasan_report+0x141/0x180 [ 28.673667] ? kasan_atomics_helper+0x164f/0x5450 [ 28.673694] kasan_check_range+0x10c/0x1c0 [ 28.673719] __kasan_check_write+0x18/0x20 [ 28.673745] kasan_atomics_helper+0x164f/0x5450 [ 28.673768] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.673791] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.673818] ? kasan_atomics+0x152/0x310 [ 28.673846] kasan_atomics+0x1dc/0x310 [ 28.673869] ? __pfx_kasan_atomics+0x10/0x10 [ 28.673894] ? __pfx_read_tsc+0x10/0x10 [ 28.673918] ? ktime_get_ts64+0x86/0x230 [ 28.673962] kunit_try_run_case+0x1a5/0x480 [ 28.673988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.674012] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.674039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.674067] ? __kthread_parkme+0x82/0x180 [ 28.674089] ? preempt_count_sub+0x50/0x80 [ 28.674114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.674139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.674173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.674199] kthread+0x337/0x6f0 [ 28.674223] ? trace_preempt_on+0x20/0xc0 [ 28.674249] ? __pfx_kthread+0x10/0x10 [ 28.674272] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.674297] ? calculate_sigpending+0x7b/0xa0 [ 28.674322] ? __pfx_kthread+0x10/0x10 [ 28.674345] ret_from_fork+0x116/0x1d0 [ 28.674386] ? __pfx_kthread+0x10/0x10 [ 28.674410] ret_from_fork_asm+0x1a/0x30 [ 28.674442] </TASK> [ 28.674457] [ 28.685792] Allocated by task 314: [ 28.686248] kasan_save_stack+0x45/0x70 [ 28.686655] kasan_save_track+0x18/0x40 [ 28.687043] kasan_save_alloc_info+0x3b/0x50 [ 28.687527] __kasan_kmalloc+0xb7/0xc0 [ 28.687891] __kmalloc_cache_noprof+0x189/0x420 [ 28.688327] kasan_atomics+0x95/0x310 [ 28.688742] kunit_try_run_case+0x1a5/0x480 [ 28.689153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.689710] kthread+0x337/0x6f0 [ 28.690040] ret_from_fork+0x116/0x1d0 [ 28.690444] ret_from_fork_asm+0x1a/0x30 [ 28.690794] [ 28.690975] The buggy address belongs to the object at ffff888106118e00 [ 28.690975] which belongs to the cache kmalloc-64 of size 64 [ 28.692283] The buggy address is located 0 bytes to the right of [ 28.692283] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.693631] [ 28.693790] The buggy address belongs to the physical page: [ 28.694318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.695133] flags: 0x200000000000000(node=0|zone=2) [ 28.695643] page_type: f5(slab) [ 28.695941] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.696815] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.697221] page dumped because: kasan: bad access detected [ 28.697506] [ 28.697691] Memory state around the buggy address: [ 28.698246] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.698934] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.699550] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.699771] ^ [ 28.699949] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.700722] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.701519] ================================================================== [ 28.519189] ================================================================== [ 28.519900] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 28.520252] Read of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.521138] [ 28.521696] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.521761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.521778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.521802] Call Trace: [ 28.521819] <TASK> [ 28.522076] dump_stack_lvl+0x73/0xb0 [ 28.522121] print_report+0xd1/0x640 [ 28.522160] ? __virt_addr_valid+0x1db/0x2d0 [ 28.522188] ? kasan_atomics_helper+0x13b5/0x5450 [ 28.522213] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.522240] ? kasan_atomics_helper+0x13b5/0x5450 [ 28.522263] kasan_report+0x141/0x180 [ 28.522287] ? kasan_atomics_helper+0x13b5/0x5450 [ 28.522314] kasan_check_range+0x10c/0x1c0 [ 28.522340] __kasan_check_read+0x15/0x20 [ 28.522365] kasan_atomics_helper+0x13b5/0x5450 [ 28.522389] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.522412] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.522438] ? kasan_atomics+0x152/0x310 [ 28.522466] kasan_atomics+0x1dc/0x310 [ 28.522489] ? __pfx_kasan_atomics+0x10/0x10 [ 28.522515] ? __pfx_read_tsc+0x10/0x10 [ 28.522538] ? ktime_get_ts64+0x86/0x230 [ 28.522564] kunit_try_run_case+0x1a5/0x480 [ 28.522590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.522614] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.522640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.522667] ? __kthread_parkme+0x82/0x180 [ 28.522689] ? preempt_count_sub+0x50/0x80 [ 28.522727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.522753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.522777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.522802] kthread+0x337/0x6f0 [ 28.522823] ? trace_preempt_on+0x20/0xc0 [ 28.522849] ? __pfx_kthread+0x10/0x10 [ 28.522872] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.522896] ? calculate_sigpending+0x7b/0xa0 [ 28.522921] ? __pfx_kthread+0x10/0x10 [ 28.522952] ret_from_fork+0x116/0x1d0 [ 28.522972] ? __pfx_kthread+0x10/0x10 [ 28.522995] ret_from_fork_asm+0x1a/0x30 [ 28.523026] </TASK> [ 28.523040] [ 28.531038] Allocated by task 314: [ 28.531228] kasan_save_stack+0x45/0x70 [ 28.531500] kasan_save_track+0x18/0x40 [ 28.531867] kasan_save_alloc_info+0x3b/0x50 [ 28.532081] __kasan_kmalloc+0xb7/0xc0 [ 28.532255] __kmalloc_cache_noprof+0x189/0x420 [ 28.532470] kasan_atomics+0x95/0x310 [ 28.532601] kunit_try_run_case+0x1a5/0x480 [ 28.532744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.533040] kthread+0x337/0x6f0 [ 28.533228] ret_from_fork+0x116/0x1d0 [ 28.533625] ret_from_fork_asm+0x1a/0x30 [ 28.533766] [ 28.533834] The buggy address belongs to the object at ffff888106118e00 [ 28.533834] which belongs to the cache kmalloc-64 of size 64 [ 28.534626] The buggy address is located 0 bytes to the right of [ 28.534626] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.535179] [ 28.535277] The buggy address belongs to the physical page: [ 28.535481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.535930] flags: 0x200000000000000(node=0|zone=2) [ 28.537673] page_type: f5(slab) [ 28.537826] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.538306] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.538657] page dumped because: kasan: bad access detected [ 28.538828] [ 28.538894] Memory state around the buggy address: [ 28.539321] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.540431] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.540729] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.541402] ^ [ 28.541950] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.542439] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.542869] ================================================================== [ 28.576892] ================================================================== [ 28.577261] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 28.577574] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.577834] [ 28.578070] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.578123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.578137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.578171] Call Trace: [ 28.578193] <TASK> [ 28.578214] dump_stack_lvl+0x73/0xb0 [ 28.578259] print_report+0xd1/0x640 [ 28.578282] ? __virt_addr_valid+0x1db/0x2d0 [ 28.578308] ? kasan_atomics_helper+0x1467/0x5450 [ 28.578331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.578434] ? kasan_atomics_helper+0x1467/0x5450 [ 28.578462] kasan_report+0x141/0x180 [ 28.578517] ? kasan_atomics_helper+0x1467/0x5450 [ 28.578545] kasan_check_range+0x10c/0x1c0 [ 28.578581] __kasan_check_write+0x18/0x20 [ 28.578606] kasan_atomics_helper+0x1467/0x5450 [ 28.578633] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.578657] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.578701] ? kasan_atomics+0x152/0x310 [ 28.578737] kasan_atomics+0x1dc/0x310 [ 28.578761] ? __pfx_kasan_atomics+0x10/0x10 [ 28.578796] ? __pfx_read_tsc+0x10/0x10 [ 28.578821] ? ktime_get_ts64+0x86/0x230 [ 28.578847] kunit_try_run_case+0x1a5/0x480 [ 28.578872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.578896] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.578923] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.578958] ? __kthread_parkme+0x82/0x180 [ 28.579006] ? preempt_count_sub+0x50/0x80 [ 28.579031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.579057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.579094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.579119] kthread+0x337/0x6f0 [ 28.579176] ? trace_preempt_on+0x20/0xc0 [ 28.579203] ? __pfx_kthread+0x10/0x10 [ 28.579226] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.579262] ? calculate_sigpending+0x7b/0xa0 [ 28.579288] ? __pfx_kthread+0x10/0x10 [ 28.579310] ret_from_fork+0x116/0x1d0 [ 28.579332] ? __pfx_kthread+0x10/0x10 [ 28.579354] ret_from_fork_asm+0x1a/0x30 [ 28.579428] </TASK> [ 28.579443] [ 28.592860] Allocated by task 314: [ 28.593309] kasan_save_stack+0x45/0x70 [ 28.593762] kasan_save_track+0x18/0x40 [ 28.594364] kasan_save_alloc_info+0x3b/0x50 [ 28.594780] __kasan_kmalloc+0xb7/0xc0 [ 28.595076] __kmalloc_cache_noprof+0x189/0x420 [ 28.595245] kasan_atomics+0x95/0x310 [ 28.595416] kunit_try_run_case+0x1a5/0x480 [ 28.595795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.596308] kthread+0x337/0x6f0 [ 28.596641] ret_from_fork+0x116/0x1d0 [ 28.597042] ret_from_fork_asm+0x1a/0x30 [ 28.597489] [ 28.597681] The buggy address belongs to the object at ffff888106118e00 [ 28.597681] which belongs to the cache kmalloc-64 of size 64 [ 28.598190] The buggy address is located 0 bytes to the right of [ 28.598190] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.598767] [ 28.598929] The buggy address belongs to the physical page: [ 28.599489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.600436] flags: 0x200000000000000(node=0|zone=2) [ 28.600926] page_type: f5(slab) [ 28.601231] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.601714] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.601944] page dumped because: kasan: bad access detected [ 28.602115] [ 28.602200] Memory state around the buggy address: [ 28.602355] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.602747] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.603109] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.603358] ^ [ 28.603565] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.603838] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.604220] ================================================================== [ 29.147172] ================================================================== [ 29.148163] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 29.148509] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 29.148806] [ 29.148934] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 29.148987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.149001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.149025] Call Trace: [ 29.149047] <TASK> [ 29.149088] dump_stack_lvl+0x73/0xb0 [ 29.149119] print_report+0xd1/0x640 [ 29.149154] ? __virt_addr_valid+0x1db/0x2d0 [ 29.149180] ? kasan_atomics_helper+0x224c/0x5450 [ 29.149203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.149231] ? kasan_atomics_helper+0x224c/0x5450 [ 29.149272] kasan_report+0x141/0x180 [ 29.149297] ? kasan_atomics_helper+0x224c/0x5450 [ 29.149328] kasan_check_range+0x10c/0x1c0 [ 29.149356] __kasan_check_write+0x18/0x20 [ 29.149382] kasan_atomics_helper+0x224c/0x5450 [ 29.149406] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.149430] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.149457] ? kasan_atomics+0x152/0x310 [ 29.149484] kasan_atomics+0x1dc/0x310 [ 29.149508] ? __pfx_kasan_atomics+0x10/0x10 [ 29.149533] ? __pfx_read_tsc+0x10/0x10 [ 29.149557] ? ktime_get_ts64+0x86/0x230 [ 29.149583] kunit_try_run_case+0x1a5/0x480 [ 29.149609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.149633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.149661] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.149688] ? __kthread_parkme+0x82/0x180 [ 29.149710] ? preempt_count_sub+0x50/0x80 [ 29.149736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.149761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.149786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.149812] kthread+0x337/0x6f0 [ 29.149833] ? trace_preempt_on+0x20/0xc0 [ 29.149859] ? __pfx_kthread+0x10/0x10 [ 29.149882] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.149906] ? calculate_sigpending+0x7b/0xa0 [ 29.149932] ? __pfx_kthread+0x10/0x10 [ 29.149982] ret_from_fork+0x116/0x1d0 [ 29.150004] ? __pfx_kthread+0x10/0x10 [ 29.150026] ret_from_fork_asm+0x1a/0x30 [ 29.150059] </TASK> [ 29.150071] [ 29.157463] Allocated by task 314: [ 29.157650] kasan_save_stack+0x45/0x70 [ 29.157869] kasan_save_track+0x18/0x40 [ 29.158257] kasan_save_alloc_info+0x3b/0x50 [ 29.158472] __kasan_kmalloc+0xb7/0xc0 [ 29.158887] __kmalloc_cache_noprof+0x189/0x420 [ 29.159841] kasan_atomics+0x95/0x310 [ 29.160204] kunit_try_run_case+0x1a5/0x480 [ 29.160375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.161480] kthread+0x337/0x6f0 [ 29.161613] ret_from_fork+0x116/0x1d0 [ 29.161747] ret_from_fork_asm+0x1a/0x30 [ 29.161890] [ 29.161971] The buggy address belongs to the object at ffff888106118e00 [ 29.161971] which belongs to the cache kmalloc-64 of size 64 [ 29.162337] The buggy address is located 0 bytes to the right of [ 29.162337] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 29.162708] [ 29.162780] The buggy address belongs to the physical page: [ 29.162957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 29.163322] flags: 0x200000000000000(node=0|zone=2) [ 29.163909] page_type: f5(slab) [ 29.164236] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.164992] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.165663] page dumped because: kasan: bad access detected [ 29.166211] [ 29.166365] Memory state around the buggy address: [ 29.166802] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.167549] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.168246] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.168883] ^ [ 29.169344] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.169977] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.170595] ================================================================== [ 28.221857] ================================================================== [ 28.222549] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 28.222812] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.223111] [ 28.223230] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.223280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.223294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.223318] Call Trace: [ 28.223338] <TASK> [ 28.223419] dump_stack_lvl+0x73/0xb0 [ 28.223454] print_report+0xd1/0x640 [ 28.223478] ? __virt_addr_valid+0x1db/0x2d0 [ 28.223513] ? kasan_atomics_helper+0xde0/0x5450 [ 28.223536] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.223563] ? kasan_atomics_helper+0xde0/0x5450 [ 28.223587] kasan_report+0x141/0x180 [ 28.223651] ? kasan_atomics_helper+0xde0/0x5450 [ 28.223680] kasan_check_range+0x10c/0x1c0 [ 28.223705] __kasan_check_write+0x18/0x20 [ 28.223729] kasan_atomics_helper+0xde0/0x5450 [ 28.223752] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.223775] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.223833] ? kasan_atomics+0x152/0x310 [ 28.223859] kasan_atomics+0x1dc/0x310 [ 28.223883] ? __pfx_kasan_atomics+0x10/0x10 [ 28.223909] ? __pfx_read_tsc+0x10/0x10 [ 28.223949] ? ktime_get_ts64+0x86/0x230 [ 28.224009] kunit_try_run_case+0x1a5/0x480 [ 28.224036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.224060] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.224087] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.224114] ? __kthread_parkme+0x82/0x180 [ 28.224135] ? preempt_count_sub+0x50/0x80 [ 28.224203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.224228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.224253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.224278] kthread+0x337/0x6f0 [ 28.224300] ? trace_preempt_on+0x20/0xc0 [ 28.224356] ? __pfx_kthread+0x10/0x10 [ 28.224398] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.224423] ? calculate_sigpending+0x7b/0xa0 [ 28.224450] ? __pfx_kthread+0x10/0x10 [ 28.224473] ret_from_fork+0x116/0x1d0 [ 28.224495] ? __pfx_kthread+0x10/0x10 [ 28.224517] ret_from_fork_asm+0x1a/0x30 [ 28.224583] </TASK> [ 28.224595] [ 28.233844] Allocated by task 314: [ 28.234088] kasan_save_stack+0x45/0x70 [ 28.234318] kasan_save_track+0x18/0x40 [ 28.234571] kasan_save_alloc_info+0x3b/0x50 [ 28.234774] __kasan_kmalloc+0xb7/0xc0 [ 28.234953] __kmalloc_cache_noprof+0x189/0x420 [ 28.235186] kasan_atomics+0x95/0x310 [ 28.235430] kunit_try_run_case+0x1a5/0x480 [ 28.235656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.235889] kthread+0x337/0x6f0 [ 28.236192] ret_from_fork+0x116/0x1d0 [ 28.236410] ret_from_fork_asm+0x1a/0x30 [ 28.236618] [ 28.236743] The buggy address belongs to the object at ffff888106118e00 [ 28.236743] which belongs to the cache kmalloc-64 of size 64 [ 28.237292] The buggy address is located 0 bytes to the right of [ 28.237292] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.237789] [ 28.237993] The buggy address belongs to the physical page: [ 28.238260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.238583] flags: 0x200000000000000(node=0|zone=2) [ 28.238824] page_type: f5(slab) [ 28.238985] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.239359] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.239705] page dumped because: kasan: bad access detected [ 28.240090] [ 28.240180] Memory state around the buggy address: [ 28.240372] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.240686] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.241157] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.241523] ^ [ 28.241704] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.241919] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.242129] ================================================================== [ 28.022037] ================================================================== [ 28.022365] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 28.023000] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.023523] [ 28.023627] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.023680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.023694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.023718] Call Trace: [ 28.023740] <TASK> [ 28.023760] dump_stack_lvl+0x73/0xb0 [ 28.023790] print_report+0xd1/0x640 [ 28.023814] ? __virt_addr_valid+0x1db/0x2d0 [ 28.023840] ? kasan_atomics_helper+0x860/0x5450 [ 28.023863] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.023890] ? kasan_atomics_helper+0x860/0x5450 [ 28.024137] kasan_report+0x141/0x180 [ 28.024177] ? kasan_atomics_helper+0x860/0x5450 [ 28.024204] kasan_check_range+0x10c/0x1c0 [ 28.024230] __kasan_check_write+0x18/0x20 [ 28.024255] kasan_atomics_helper+0x860/0x5450 [ 28.024278] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.024302] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.024328] ? kasan_atomics+0x152/0x310 [ 28.024356] kasan_atomics+0x1dc/0x310 [ 28.024389] ? __pfx_kasan_atomics+0x10/0x10 [ 28.024415] ? __pfx_read_tsc+0x10/0x10 [ 28.024438] ? ktime_get_ts64+0x86/0x230 [ 28.024464] kunit_try_run_case+0x1a5/0x480 [ 28.024490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.024514] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.024541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.024568] ? __kthread_parkme+0x82/0x180 [ 28.024591] ? preempt_count_sub+0x50/0x80 [ 28.024615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.024641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.024666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.024691] kthread+0x337/0x6f0 [ 28.024713] ? trace_preempt_on+0x20/0xc0 [ 28.024739] ? __pfx_kthread+0x10/0x10 [ 28.024761] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.024786] ? calculate_sigpending+0x7b/0xa0 [ 28.024812] ? __pfx_kthread+0x10/0x10 [ 28.024834] ret_from_fork+0x116/0x1d0 [ 28.024854] ? __pfx_kthread+0x10/0x10 [ 28.024876] ret_from_fork_asm+0x1a/0x30 [ 28.024910] </TASK> [ 28.024922] [ 28.034803] Allocated by task 314: [ 28.034940] kasan_save_stack+0x45/0x70 [ 28.035169] kasan_save_track+0x18/0x40 [ 28.035717] kasan_save_alloc_info+0x3b/0x50 [ 28.036014] __kasan_kmalloc+0xb7/0xc0 [ 28.036209] __kmalloc_cache_noprof+0x189/0x420 [ 28.036532] kasan_atomics+0x95/0x310 [ 28.036705] kunit_try_run_case+0x1a5/0x480 [ 28.036890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.037444] kthread+0x337/0x6f0 [ 28.037640] ret_from_fork+0x116/0x1d0 [ 28.037812] ret_from_fork_asm+0x1a/0x30 [ 28.038122] [ 28.038336] The buggy address belongs to the object at ffff888106118e00 [ 28.038336] which belongs to the cache kmalloc-64 of size 64 [ 28.038995] The buggy address is located 0 bytes to the right of [ 28.038995] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.039671] [ 28.039839] The buggy address belongs to the physical page: [ 28.040159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.040586] flags: 0x200000000000000(node=0|zone=2) [ 28.041005] page_type: f5(slab) [ 28.041205] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.041800] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.042172] page dumped because: kasan: bad access detected [ 28.042549] [ 28.042673] Memory state around the buggy address: [ 28.043168] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.043571] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.043896] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.044282] ^ [ 28.044557] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.045105] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.045625] ================================================================== [ 28.867108] ================================================================== [ 28.867581] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 28.867834] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.868138] [ 28.868283] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.868344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.868431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.868458] Call Trace: [ 28.868482] <TASK> [ 28.868504] dump_stack_lvl+0x73/0xb0 [ 28.868537] print_report+0xd1/0x640 [ 28.868572] ? __virt_addr_valid+0x1db/0x2d0 [ 28.868599] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.868623] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.868663] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.868687] kasan_report+0x141/0x180 [ 28.868712] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.868740] kasan_check_range+0x10c/0x1c0 [ 28.868773] __kasan_check_write+0x18/0x20 [ 28.868797] kasan_atomics_helper+0x1c18/0x5450 [ 28.868822] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.868855] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.868883] ? kasan_atomics+0x152/0x310 [ 28.868910] kasan_atomics+0x1dc/0x310 [ 28.868941] ? __pfx_kasan_atomics+0x10/0x10 [ 28.868973] ? __pfx_read_tsc+0x10/0x10 [ 28.868997] ? ktime_get_ts64+0x86/0x230 [ 28.869024] kunit_try_run_case+0x1a5/0x480 [ 28.869051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.869075] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.869102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.869129] ? __kthread_parkme+0x82/0x180 [ 28.869159] ? preempt_count_sub+0x50/0x80 [ 28.869186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.869211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.869237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.869262] kthread+0x337/0x6f0 [ 28.869283] ? trace_preempt_on+0x20/0xc0 [ 28.869309] ? __pfx_kthread+0x10/0x10 [ 28.869331] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.869356] ? calculate_sigpending+0x7b/0xa0 [ 28.869383] ? __pfx_kthread+0x10/0x10 [ 28.869406] ret_from_fork+0x116/0x1d0 [ 28.869428] ? __pfx_kthread+0x10/0x10 [ 28.869450] ret_from_fork_asm+0x1a/0x30 [ 28.869483] </TASK> [ 28.869496] [ 28.878119] Allocated by task 314: [ 28.878453] kasan_save_stack+0x45/0x70 [ 28.878684] kasan_save_track+0x18/0x40 [ 28.878847] kasan_save_alloc_info+0x3b/0x50 [ 28.879101] __kasan_kmalloc+0xb7/0xc0 [ 28.879244] __kmalloc_cache_noprof+0x189/0x420 [ 28.879456] kasan_atomics+0x95/0x310 [ 28.879594] kunit_try_run_case+0x1a5/0x480 [ 28.879745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.880036] kthread+0x337/0x6f0 [ 28.880219] ret_from_fork+0x116/0x1d0 [ 28.880463] ret_from_fork_asm+0x1a/0x30 [ 28.880665] [ 28.880761] The buggy address belongs to the object at ffff888106118e00 [ 28.880761] which belongs to the cache kmalloc-64 of size 64 [ 28.881325] The buggy address is located 0 bytes to the right of [ 28.881325] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.881980] [ 28.882089] The buggy address belongs to the physical page: [ 28.882290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.882930] flags: 0x200000000000000(node=0|zone=2) [ 28.883220] page_type: f5(slab) [ 28.883492] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.883869] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.884232] page dumped because: kasan: bad access detected [ 28.884500] [ 28.884574] Memory state around the buggy address: [ 28.884733] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.884969] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.885287] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.885658] ^ [ 28.885887] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.886236] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.886574] ================================================================== [ 28.348714] ================================================================== [ 28.348935] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 28.349288] Read of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.349986] [ 28.350093] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.350154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.350168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.350191] Call Trace: [ 28.350211] <TASK> [ 28.350230] dump_stack_lvl+0x73/0xb0 [ 28.350260] print_report+0xd1/0x640 [ 28.350284] ? __virt_addr_valid+0x1db/0x2d0 [ 28.350309] ? kasan_atomics_helper+0x4a1c/0x5450 [ 28.350332] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.350358] ? kasan_atomics_helper+0x4a1c/0x5450 [ 28.350381] kasan_report+0x141/0x180 [ 28.350405] ? kasan_atomics_helper+0x4a1c/0x5450 [ 28.350432] __asan_report_load4_noabort+0x18/0x20 [ 28.350458] kasan_atomics_helper+0x4a1c/0x5450 [ 28.350482] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.350504] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.350530] ? kasan_atomics+0x152/0x310 [ 28.350558] kasan_atomics+0x1dc/0x310 [ 28.350581] ? __pfx_kasan_atomics+0x10/0x10 [ 28.350606] ? __pfx_read_tsc+0x10/0x10 [ 28.350629] ? ktime_get_ts64+0x86/0x230 [ 28.350656] kunit_try_run_case+0x1a5/0x480 [ 28.350682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.350706] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.350732] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.350758] ? __kthread_parkme+0x82/0x180 [ 28.350781] ? preempt_count_sub+0x50/0x80 [ 28.350806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.350831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.350857] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.350887] kthread+0x337/0x6f0 [ 28.350910] ? trace_preempt_on+0x20/0xc0 [ 28.350936] ? __pfx_kthread+0x10/0x10 [ 28.351204] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.351233] ? calculate_sigpending+0x7b/0xa0 [ 28.351261] ? __pfx_kthread+0x10/0x10 [ 28.351285] ret_from_fork+0x116/0x1d0 [ 28.351309] ? __pfx_kthread+0x10/0x10 [ 28.351332] ret_from_fork_asm+0x1a/0x30 [ 28.351364] </TASK> [ 28.351430] [ 28.359773] Allocated by task 314: [ 28.359909] kasan_save_stack+0x45/0x70 [ 28.360111] kasan_save_track+0x18/0x40 [ 28.360325] kasan_save_alloc_info+0x3b/0x50 [ 28.360773] __kasan_kmalloc+0xb7/0xc0 [ 28.361040] __kmalloc_cache_noprof+0x189/0x420 [ 28.361255] kasan_atomics+0x95/0x310 [ 28.361385] kunit_try_run_case+0x1a5/0x480 [ 28.361538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.361814] kthread+0x337/0x6f0 [ 28.362032] ret_from_fork+0x116/0x1d0 [ 28.362325] ret_from_fork_asm+0x1a/0x30 [ 28.362781] [ 28.362884] The buggy address belongs to the object at ffff888106118e00 [ 28.362884] which belongs to the cache kmalloc-64 of size 64 [ 28.363368] The buggy address is located 0 bytes to the right of [ 28.363368] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.363729] [ 28.363797] The buggy address belongs to the physical page: [ 28.363968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.364264] flags: 0x200000000000000(node=0|zone=2) [ 28.364581] page_type: f5(slab) [ 28.364771] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.365114] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.365468] page dumped because: kasan: bad access detected [ 28.365714] [ 28.365804] Memory state around the buggy address: [ 28.366027] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.368577] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.369714] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.370622] ^ [ 28.371492] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.372215] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.373282] ================================================================== [ 27.696890] ================================================================== [ 27.697484] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 27.698111] Read of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.698504] [ 27.698620] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.698673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.698687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.698709] Call Trace: [ 27.698723] <TASK> [ 27.698740] dump_stack_lvl+0x73/0xb0 [ 27.698772] print_report+0xd1/0x640 [ 27.698795] ? __virt_addr_valid+0x1db/0x2d0 [ 27.698820] ? kasan_atomics_helper+0x4bbc/0x5450 [ 27.698841] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.698868] ? kasan_atomics_helper+0x4bbc/0x5450 [ 27.698889] kasan_report+0x141/0x180 [ 27.698912] ? kasan_atomics_helper+0x4bbc/0x5450 [ 27.698938] __asan_report_load4_noabort+0x18/0x20 [ 27.698975] kasan_atomics_helper+0x4bbc/0x5450 [ 27.698999] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.699021] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.699046] ? kasan_atomics+0x152/0x310 [ 27.699072] kasan_atomics+0x1dc/0x310 [ 27.699095] ? __pfx_kasan_atomics+0x10/0x10 [ 27.699118] ? __pfx_read_tsc+0x10/0x10 [ 27.699140] ? ktime_get_ts64+0x86/0x230 [ 27.699178] kunit_try_run_case+0x1a5/0x480 [ 27.699204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.699227] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.699254] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.699280] ? __kthread_parkme+0x82/0x180 [ 27.699301] ? preempt_count_sub+0x50/0x80 [ 27.699324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.699349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.699372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.699448] kthread+0x337/0x6f0 [ 27.699470] ? trace_preempt_on+0x20/0xc0 [ 27.699495] ? __pfx_kthread+0x10/0x10 [ 27.699517] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.699542] ? calculate_sigpending+0x7b/0xa0 [ 27.699567] ? __pfx_kthread+0x10/0x10 [ 27.699589] ret_from_fork+0x116/0x1d0 [ 27.699608] ? __pfx_kthread+0x10/0x10 [ 27.699635] ret_from_fork_asm+0x1a/0x30 [ 27.699668] </TASK> [ 27.699679] [ 27.707100] Allocated by task 314: [ 27.707284] kasan_save_stack+0x45/0x70 [ 27.707646] kasan_save_track+0x18/0x40 [ 27.707810] kasan_save_alloc_info+0x3b/0x50 [ 27.707954] __kasan_kmalloc+0xb7/0xc0 [ 27.708082] __kmalloc_cache_noprof+0x189/0x420 [ 27.708243] kasan_atomics+0x95/0x310 [ 27.708469] kunit_try_run_case+0x1a5/0x480 [ 27.708681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.708928] kthread+0x337/0x6f0 [ 27.709103] ret_from_fork+0x116/0x1d0 [ 27.709298] ret_from_fork_asm+0x1a/0x30 [ 27.709668] [ 27.709768] The buggy address belongs to the object at ffff888106118e00 [ 27.709768] which belongs to the cache kmalloc-64 of size 64 [ 27.710649] The buggy address is located 0 bytes to the right of [ 27.710649] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 27.711027] [ 27.711097] The buggy address belongs to the physical page: [ 27.711288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 27.711640] flags: 0x200000000000000(node=0|zone=2) [ 27.711868] page_type: f5(slab) [ 27.712210] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.712472] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.712691] page dumped because: kasan: bad access detected [ 27.712856] [ 27.712919] Memory state around the buggy address: [ 27.713154] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.713476] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.713798] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.714400] ^ [ 27.714636] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.714963] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.715284] ================================================================== [ 28.827012] ================================================================== [ 28.827332] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 28.827807] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.828128] [ 28.828285] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.828339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.828353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.828451] Call Trace: [ 28.828473] <TASK> [ 28.828507] dump_stack_lvl+0x73/0xb0 [ 28.828541] print_report+0xd1/0x640 [ 28.828566] ? __virt_addr_valid+0x1db/0x2d0 [ 28.828594] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.828617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.828644] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.828668] kasan_report+0x141/0x180 [ 28.828691] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.828718] kasan_check_range+0x10c/0x1c0 [ 28.828742] __kasan_check_write+0x18/0x20 [ 28.828766] kasan_atomics_helper+0x1a7f/0x5450 [ 28.828791] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.828824] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.828850] ? kasan_atomics+0x152/0x310 [ 28.828888] kasan_atomics+0x1dc/0x310 [ 28.828912] ? __pfx_kasan_atomics+0x10/0x10 [ 28.828938] ? __pfx_read_tsc+0x10/0x10 [ 28.828961] ? ktime_get_ts64+0x86/0x230 [ 28.829004] kunit_try_run_case+0x1a5/0x480 [ 28.829031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.829056] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.829083] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.829110] ? __kthread_parkme+0x82/0x180 [ 28.829133] ? preempt_count_sub+0x50/0x80 [ 28.829166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.829191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.829216] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.829241] kthread+0x337/0x6f0 [ 28.829263] ? trace_preempt_on+0x20/0xc0 [ 28.829289] ? __pfx_kthread+0x10/0x10 [ 28.829312] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.829336] ? calculate_sigpending+0x7b/0xa0 [ 28.829395] ? __pfx_kthread+0x10/0x10 [ 28.829419] ret_from_fork+0x116/0x1d0 [ 28.829440] ? __pfx_kthread+0x10/0x10 [ 28.829473] ret_from_fork_asm+0x1a/0x30 [ 28.829506] </TASK> [ 28.829518] [ 28.837743] Allocated by task 314: [ 28.837977] kasan_save_stack+0x45/0x70 [ 28.838153] kasan_save_track+0x18/0x40 [ 28.838289] kasan_save_alloc_info+0x3b/0x50 [ 28.838788] __kasan_kmalloc+0xb7/0xc0 [ 28.839017] __kmalloc_cache_noprof+0x189/0x420 [ 28.839250] kasan_atomics+0x95/0x310 [ 28.839517] kunit_try_run_case+0x1a5/0x480 [ 28.839736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.839992] kthread+0x337/0x6f0 [ 28.840156] ret_from_fork+0x116/0x1d0 [ 28.840355] ret_from_fork_asm+0x1a/0x30 [ 28.840558] [ 28.840651] The buggy address belongs to the object at ffff888106118e00 [ 28.840651] which belongs to the cache kmalloc-64 of size 64 [ 28.841247] The buggy address is located 0 bytes to the right of [ 28.841247] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.841855] [ 28.841956] The buggy address belongs to the physical page: [ 28.842138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.842453] flags: 0x200000000000000(node=0|zone=2) [ 28.842677] page_type: f5(slab) [ 28.842858] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.843232] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.843883] page dumped because: kasan: bad access detected [ 28.844200] [ 28.844292] Memory state around the buggy address: [ 28.844611] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.844864] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.845102] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.845334] ^ [ 28.845638] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.846011] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.846414] ================================================================== [ 28.847006] ================================================================== [ 28.847339] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 28.847612] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.847944] [ 28.848057] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.848108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.848123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.848155] Call Trace: [ 28.848178] <TASK> [ 28.848199] dump_stack_lvl+0x73/0xb0 [ 28.848228] print_report+0xd1/0x640 [ 28.848252] ? __virt_addr_valid+0x1db/0x2d0 [ 28.848278] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.848301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.848328] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.848351] kasan_report+0x141/0x180 [ 28.848374] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.848401] kasan_check_range+0x10c/0x1c0 [ 28.848426] __kasan_check_write+0x18/0x20 [ 28.848451] kasan_atomics_helper+0x1b22/0x5450 [ 28.848475] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.848499] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.848526] ? kasan_atomics+0x152/0x310 [ 28.848552] kasan_atomics+0x1dc/0x310 [ 28.848575] ? __pfx_kasan_atomics+0x10/0x10 [ 28.848601] ? __pfx_read_tsc+0x10/0x10 [ 28.848625] ? ktime_get_ts64+0x86/0x230 [ 28.848651] kunit_try_run_case+0x1a5/0x480 [ 28.848676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.848700] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.848727] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.848754] ? __kthread_parkme+0x82/0x180 [ 28.848776] ? preempt_count_sub+0x50/0x80 [ 28.848801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.848826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.848850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.848875] kthread+0x337/0x6f0 [ 28.848897] ? trace_preempt_on+0x20/0xc0 [ 28.848923] ? __pfx_kthread+0x10/0x10 [ 28.848945] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.848969] ? calculate_sigpending+0x7b/0xa0 [ 28.848994] ? __pfx_kthread+0x10/0x10 [ 28.849018] ret_from_fork+0x116/0x1d0 [ 28.849039] ? __pfx_kthread+0x10/0x10 [ 28.849061] ret_from_fork_asm+0x1a/0x30 [ 28.849094] </TASK> [ 28.849107] [ 28.857578] Allocated by task 314: [ 28.857797] kasan_save_stack+0x45/0x70 [ 28.858049] kasan_save_track+0x18/0x40 [ 28.858258] kasan_save_alloc_info+0x3b/0x50 [ 28.858550] __kasan_kmalloc+0xb7/0xc0 [ 28.858734] __kmalloc_cache_noprof+0x189/0x420 [ 28.858933] kasan_atomics+0x95/0x310 [ 28.859121] kunit_try_run_case+0x1a5/0x480 [ 28.859354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.859903] kthread+0x337/0x6f0 [ 28.860192] ret_from_fork+0x116/0x1d0 [ 28.860364] ret_from_fork_asm+0x1a/0x30 [ 28.860643] [ 28.860744] The buggy address belongs to the object at ffff888106118e00 [ 28.860744] which belongs to the cache kmalloc-64 of size 64 [ 28.861289] The buggy address is located 0 bytes to the right of [ 28.861289] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.861858] [ 28.861957] The buggy address belongs to the physical page: [ 28.862138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.862453] flags: 0x200000000000000(node=0|zone=2) [ 28.862623] page_type: f5(slab) [ 28.862819] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.863190] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.863591] page dumped because: kasan: bad access detected [ 28.863881] [ 28.863995] Memory state around the buggy address: [ 28.864228] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.864956] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.865202] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.865552] ^ [ 28.865778] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.866177] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.866578] ================================================================== [ 29.075178] ================================================================== [ 29.075456] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 29.075816] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 29.076211] [ 29.076318] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 29.076371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.076385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.076409] Call Trace: [ 29.076430] <TASK> [ 29.076452] dump_stack_lvl+0x73/0xb0 [ 29.076484] print_report+0xd1/0x640 [ 29.076508] ? __virt_addr_valid+0x1db/0x2d0 [ 29.076534] ? kasan_atomics_helper+0x20c8/0x5450 [ 29.076557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.076604] ? kasan_atomics_helper+0x20c8/0x5450 [ 29.076627] kasan_report+0x141/0x180 [ 29.076650] ? kasan_atomics_helper+0x20c8/0x5450 [ 29.076677] kasan_check_range+0x10c/0x1c0 [ 29.076702] __kasan_check_write+0x18/0x20 [ 29.076727] kasan_atomics_helper+0x20c8/0x5450 [ 29.076750] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.076773] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.076800] ? kasan_atomics+0x152/0x310 [ 29.076827] kasan_atomics+0x1dc/0x310 [ 29.076851] ? __pfx_kasan_atomics+0x10/0x10 [ 29.076876] ? __pfx_read_tsc+0x10/0x10 [ 29.076900] ? ktime_get_ts64+0x86/0x230 [ 29.076926] kunit_try_run_case+0x1a5/0x480 [ 29.076978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.077002] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.077030] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.077056] ? __kthread_parkme+0x82/0x180 [ 29.077078] ? preempt_count_sub+0x50/0x80 [ 29.077103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.077127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.077164] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.077189] kthread+0x337/0x6f0 [ 29.077212] ? trace_preempt_on+0x20/0xc0 [ 29.077238] ? __pfx_kthread+0x10/0x10 [ 29.077260] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.077286] ? calculate_sigpending+0x7b/0xa0 [ 29.077311] ? __pfx_kthread+0x10/0x10 [ 29.077333] ret_from_fork+0x116/0x1d0 [ 29.077354] ? __pfx_kthread+0x10/0x10 [ 29.077376] ret_from_fork_asm+0x1a/0x30 [ 29.077408] </TASK> [ 29.077421] [ 29.084681] Allocated by task 314: [ 29.084859] kasan_save_stack+0x45/0x70 [ 29.085054] kasan_save_track+0x18/0x40 [ 29.085245] kasan_save_alloc_info+0x3b/0x50 [ 29.085446] __kasan_kmalloc+0xb7/0xc0 [ 29.085788] __kmalloc_cache_noprof+0x189/0x420 [ 29.086078] kasan_atomics+0x95/0x310 [ 29.086228] kunit_try_run_case+0x1a5/0x480 [ 29.086372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.086542] kthread+0x337/0x6f0 [ 29.086660] ret_from_fork+0x116/0x1d0 [ 29.086804] ret_from_fork_asm+0x1a/0x30 [ 29.086993] [ 29.087083] The buggy address belongs to the object at ffff888106118e00 [ 29.087083] which belongs to the cache kmalloc-64 of size 64 [ 29.087607] The buggy address is located 0 bytes to the right of [ 29.087607] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 29.088173] [ 29.088244] The buggy address belongs to the physical page: [ 29.088415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 29.088644] flags: 0x200000000000000(node=0|zone=2) [ 29.088873] page_type: f5(slab) [ 29.089134] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.089503] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.089835] page dumped because: kasan: bad access detected [ 29.090191] [ 29.090291] Memory state around the buggy address: [ 29.090468] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.090762] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.090987] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.091201] ^ [ 29.091350] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.091554] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.091885] ================================================================== [ 28.909271] ================================================================== [ 28.909616] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 28.909924] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.910259] [ 28.910428] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.910505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.910520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.910545] Call Trace: [ 28.910570] <TASK> [ 28.910594] dump_stack_lvl+0x73/0xb0 [ 28.910627] print_report+0xd1/0x640 [ 28.910653] ? __virt_addr_valid+0x1db/0x2d0 [ 28.910680] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.910703] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.910731] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.910758] kasan_report+0x141/0x180 [ 28.910783] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.910811] kasan_check_range+0x10c/0x1c0 [ 28.910837] __kasan_check_write+0x18/0x20 [ 28.910863] kasan_atomics_helper+0x1ce1/0x5450 [ 28.910888] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.910911] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.910937] ? kasan_atomics+0x152/0x310 [ 28.910983] kasan_atomics+0x1dc/0x310 [ 28.911007] ? __pfx_kasan_atomics+0x10/0x10 [ 28.911032] ? __pfx_read_tsc+0x10/0x10 [ 28.911057] ? ktime_get_ts64+0x86/0x230 [ 28.911083] kunit_try_run_case+0x1a5/0x480 [ 28.911110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.911134] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.911174] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.911201] ? __kthread_parkme+0x82/0x180 [ 28.911223] ? preempt_count_sub+0x50/0x80 [ 28.911248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.911274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.911299] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.911325] kthread+0x337/0x6f0 [ 28.911347] ? trace_preempt_on+0x20/0xc0 [ 28.911374] ? __pfx_kthread+0x10/0x10 [ 28.911396] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.911422] ? calculate_sigpending+0x7b/0xa0 [ 28.911447] ? __pfx_kthread+0x10/0x10 [ 28.911471] ret_from_fork+0x116/0x1d0 [ 28.911493] ? __pfx_kthread+0x10/0x10 [ 28.911515] ret_from_fork_asm+0x1a/0x30 [ 28.911549] </TASK> [ 28.911562] [ 28.921097] Allocated by task 314: [ 28.921294] kasan_save_stack+0x45/0x70 [ 28.921494] kasan_save_track+0x18/0x40 [ 28.921653] kasan_save_alloc_info+0x3b/0x50 [ 28.921863] __kasan_kmalloc+0xb7/0xc0 [ 28.922049] __kmalloc_cache_noprof+0x189/0x420 [ 28.922714] kasan_atomics+0x95/0x310 [ 28.922872] kunit_try_run_case+0x1a5/0x480 [ 28.923252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.923567] kthread+0x337/0x6f0 [ 28.923713] ret_from_fork+0x116/0x1d0 [ 28.923905] ret_from_fork_asm+0x1a/0x30 [ 28.924252] [ 28.924435] The buggy address belongs to the object at ffff888106118e00 [ 28.924435] which belongs to the cache kmalloc-64 of size 64 [ 28.925069] The buggy address is located 0 bytes to the right of [ 28.925069] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.925681] [ 28.925794] The buggy address belongs to the physical page: [ 28.926289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.926712] flags: 0x200000000000000(node=0|zone=2) [ 28.926916] page_type: f5(slab) [ 28.927234] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.927617] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.927932] page dumped because: kasan: bad access detected [ 28.928373] [ 28.928463] Memory state around the buggy address: [ 28.928647] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.929170] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.929619] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.929863] ^ [ 28.930179] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.930559] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.930867] ================================================================== [ 27.865161] ================================================================== [ 27.865850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 27.866287] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.866807] [ 27.866993] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.867056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.867071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.867094] Call Trace: [ 27.867115] <TASK> [ 27.867134] dump_stack_lvl+0x73/0xb0 [ 27.867185] print_report+0xd1/0x640 [ 27.867210] ? __virt_addr_valid+0x1db/0x2d0 [ 27.867236] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.867270] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.867306] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.867331] kasan_report+0x141/0x180 [ 27.867355] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.867393] __asan_report_store4_noabort+0x1b/0x30 [ 27.867419] kasan_atomics_helper+0x4b3a/0x5450 [ 27.867442] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.867466] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.867491] ? kasan_atomics+0x152/0x310 [ 27.867531] kasan_atomics+0x1dc/0x310 [ 27.867555] ? __pfx_kasan_atomics+0x10/0x10 [ 27.867581] ? __pfx_read_tsc+0x10/0x10 [ 27.867613] ? ktime_get_ts64+0x86/0x230 [ 27.867644] kunit_try_run_case+0x1a5/0x480 [ 27.867671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.867706] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.867733] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.867759] ? __kthread_parkme+0x82/0x180 [ 27.867781] ? preempt_count_sub+0x50/0x80 [ 27.867806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.867832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.867857] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.867882] kthread+0x337/0x6f0 [ 27.867904] ? trace_preempt_on+0x20/0xc0 [ 27.867931] ? __pfx_kthread+0x10/0x10 [ 27.867962] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.867988] ? calculate_sigpending+0x7b/0xa0 [ 27.868014] ? __pfx_kthread+0x10/0x10 [ 27.868037] ret_from_fork+0x116/0x1d0 [ 27.868059] ? __pfx_kthread+0x10/0x10 [ 27.868080] ret_from_fork_asm+0x1a/0x30 [ 27.868113] </TASK> [ 27.868125] [ 27.881801] Allocated by task 314: [ 27.882195] kasan_save_stack+0x45/0x70 [ 27.882891] kasan_save_track+0x18/0x40 [ 27.883134] kasan_save_alloc_info+0x3b/0x50 [ 27.883388] __kasan_kmalloc+0xb7/0xc0 [ 27.883600] __kmalloc_cache_noprof+0x189/0x420 [ 27.884040] kasan_atomics+0x95/0x310 [ 27.884366] kunit_try_run_case+0x1a5/0x480 [ 27.884554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.885016] kthread+0x337/0x6f0 [ 27.885335] ret_from_fork+0x116/0x1d0 [ 27.885765] ret_from_fork_asm+0x1a/0x30 [ 27.886263] [ 27.886417] The buggy address belongs to the object at ffff888106118e00 [ 27.886417] which belongs to the cache kmalloc-64 of size 64 [ 27.887271] The buggy address is located 0 bytes to the right of [ 27.887271] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 27.888607] [ 27.888786] The buggy address belongs to the physical page: [ 27.889096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 27.889885] flags: 0x200000000000000(node=0|zone=2) [ 27.890425] page_type: f5(slab) [ 27.890756] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.891509] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.891858] page dumped because: kasan: bad access detected [ 27.892138] [ 27.892478] Memory state around the buggy address: [ 27.893048] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.893814] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.894416] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.894638] ^ [ 27.894792] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.895168] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.896102] ================================================================== [ 28.374706] ================================================================== [ 28.375289] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 28.376360] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.377290] [ 28.377845] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.377913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.377928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.377952] Call Trace: [ 28.377976] <TASK> [ 28.377999] dump_stack_lvl+0x73/0xb0 [ 28.378034] print_report+0xd1/0x640 [ 28.378060] ? __virt_addr_valid+0x1db/0x2d0 [ 28.378088] ? kasan_atomics_helper+0x1148/0x5450 [ 28.378111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.378138] ? kasan_atomics_helper+0x1148/0x5450 [ 28.378170] kasan_report+0x141/0x180 [ 28.378194] ? kasan_atomics_helper+0x1148/0x5450 [ 28.378221] kasan_check_range+0x10c/0x1c0 [ 28.378246] __kasan_check_write+0x18/0x20 [ 28.378271] kasan_atomics_helper+0x1148/0x5450 [ 28.378294] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.378318] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.378343] ? kasan_atomics+0x152/0x310 [ 28.378499] kasan_atomics+0x1dc/0x310 [ 28.378539] ? __pfx_kasan_atomics+0x10/0x10 [ 28.378579] ? __pfx_read_tsc+0x10/0x10 [ 28.378605] ? ktime_get_ts64+0x86/0x230 [ 28.378670] kunit_try_run_case+0x1a5/0x480 [ 28.378699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.378724] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.378751] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.378778] ? __kthread_parkme+0x82/0x180 [ 28.378800] ? preempt_count_sub+0x50/0x80 [ 28.378823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.378848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.378873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.378898] kthread+0x337/0x6f0 [ 28.378920] ? trace_preempt_on+0x20/0xc0 [ 28.378947] ? __pfx_kthread+0x10/0x10 [ 28.378970] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.378995] ? calculate_sigpending+0x7b/0xa0 [ 28.379020] ? __pfx_kthread+0x10/0x10 [ 28.379043] ret_from_fork+0x116/0x1d0 [ 28.379064] ? __pfx_kthread+0x10/0x10 [ 28.379086] ret_from_fork_asm+0x1a/0x30 [ 28.379118] </TASK> [ 28.379131] [ 28.394867] Allocated by task 314: [ 28.395410] kasan_save_stack+0x45/0x70 [ 28.395896] kasan_save_track+0x18/0x40 [ 28.396350] kasan_save_alloc_info+0x3b/0x50 [ 28.396537] __kasan_kmalloc+0xb7/0xc0 [ 28.397056] __kmalloc_cache_noprof+0x189/0x420 [ 28.397639] kasan_atomics+0x95/0x310 [ 28.397783] kunit_try_run_case+0x1a5/0x480 [ 28.397930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.398629] kthread+0x337/0x6f0 [ 28.399026] ret_from_fork+0x116/0x1d0 [ 28.399526] ret_from_fork_asm+0x1a/0x30 [ 28.399920] [ 28.400168] The buggy address belongs to the object at ffff888106118e00 [ 28.400168] which belongs to the cache kmalloc-64 of size 64 [ 28.400879] The buggy address is located 0 bytes to the right of [ 28.400879] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.402254] [ 28.402448] The buggy address belongs to the physical page: [ 28.402995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.403605] flags: 0x200000000000000(node=0|zone=2) [ 28.403784] page_type: f5(slab) [ 28.403908] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.404776] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.405738] page dumped because: kasan: bad access detected [ 28.406587] [ 28.406764] Memory state around the buggy address: [ 28.407347] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.407588] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.407812] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.408029] ^ [ 28.408370] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.409118] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.409833] ================================================================== [ 28.702501] ================================================================== [ 28.703152] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 28.703494] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.704278] [ 28.704573] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.704627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.704641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.704664] Call Trace: [ 28.704687] <TASK> [ 28.704708] dump_stack_lvl+0x73/0xb0 [ 28.704741] print_report+0xd1/0x640 [ 28.704776] ? __virt_addr_valid+0x1db/0x2d0 [ 28.704804] ? kasan_atomics_helper+0x16e7/0x5450 [ 28.704839] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.704866] ? kasan_atomics_helper+0x16e7/0x5450 [ 28.704890] kasan_report+0x141/0x180 [ 28.704914] ? kasan_atomics_helper+0x16e7/0x5450 [ 28.704957] kasan_check_range+0x10c/0x1c0 [ 28.704982] __kasan_check_write+0x18/0x20 [ 28.705007] kasan_atomics_helper+0x16e7/0x5450 [ 28.705040] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.705064] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.705092] ? kasan_atomics+0x152/0x310 [ 28.705131] kasan_atomics+0x1dc/0x310 [ 28.705164] ? __pfx_kasan_atomics+0x10/0x10 [ 28.705191] ? __pfx_read_tsc+0x10/0x10 [ 28.705215] ? ktime_get_ts64+0x86/0x230 [ 28.705242] kunit_try_run_case+0x1a5/0x480 [ 28.705269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.705293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.705320] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.705347] ? __kthread_parkme+0x82/0x180 [ 28.705388] ? preempt_count_sub+0x50/0x80 [ 28.705414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.705440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.705465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.705491] kthread+0x337/0x6f0 [ 28.705513] ? trace_preempt_on+0x20/0xc0 [ 28.705540] ? __pfx_kthread+0x10/0x10 [ 28.705563] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.705590] ? calculate_sigpending+0x7b/0xa0 [ 28.705617] ? __pfx_kthread+0x10/0x10 [ 28.705640] ret_from_fork+0x116/0x1d0 [ 28.705662] ? __pfx_kthread+0x10/0x10 [ 28.705685] ret_from_fork_asm+0x1a/0x30 [ 28.705718] </TASK> [ 28.705731] [ 28.718350] Allocated by task 314: [ 28.718487] kasan_save_stack+0x45/0x70 [ 28.718639] kasan_save_track+0x18/0x40 [ 28.718774] kasan_save_alloc_info+0x3b/0x50 [ 28.718924] __kasan_kmalloc+0xb7/0xc0 [ 28.719054] __kmalloc_cache_noprof+0x189/0x420 [ 28.719243] kasan_atomics+0x95/0x310 [ 28.719381] kunit_try_run_case+0x1a5/0x480 [ 28.719527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.719707] kthread+0x337/0x6f0 [ 28.719828] ret_from_fork+0x116/0x1d0 [ 28.720162] ret_from_fork_asm+0x1a/0x30 [ 28.720469] [ 28.720564] The buggy address belongs to the object at ffff888106118e00 [ 28.720564] which belongs to the cache kmalloc-64 of size 64 [ 28.721049] The buggy address is located 0 bytes to the right of [ 28.721049] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.721650] [ 28.721745] The buggy address belongs to the physical page: [ 28.722024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.722428] flags: 0x200000000000000(node=0|zone=2) [ 28.722619] page_type: f5(slab) [ 28.722743] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.723003] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.723312] page dumped because: kasan: bad access detected [ 28.723687] [ 28.723788] Memory state around the buggy address: [ 28.724132] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.724471] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.724731] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.725106] ^ [ 28.725274] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.725512] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.725881] ================================================================== [ 28.200973] ================================================================== [ 28.201380] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 28.201815] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.202230] [ 28.202338] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.202394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.202408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.202481] Call Trace: [ 28.202501] <TASK> [ 28.202517] dump_stack_lvl+0x73/0xb0 [ 28.202548] print_report+0xd1/0x640 [ 28.202572] ? __virt_addr_valid+0x1db/0x2d0 [ 28.202598] ? kasan_atomics_helper+0xd47/0x5450 [ 28.202620] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.202682] ? kasan_atomics_helper+0xd47/0x5450 [ 28.202705] kasan_report+0x141/0x180 [ 28.202729] ? kasan_atomics_helper+0xd47/0x5450 [ 28.202756] kasan_check_range+0x10c/0x1c0 [ 28.202782] __kasan_check_write+0x18/0x20 [ 28.202837] kasan_atomics_helper+0xd47/0x5450 [ 28.202862] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.202885] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.202912] ? kasan_atomics+0x152/0x310 [ 28.202984] kasan_atomics+0x1dc/0x310 [ 28.203011] ? __pfx_kasan_atomics+0x10/0x10 [ 28.203036] ? __pfx_read_tsc+0x10/0x10 [ 28.203060] ? ktime_get_ts64+0x86/0x230 [ 28.203086] kunit_try_run_case+0x1a5/0x480 [ 28.203153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.203177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.203204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.203231] ? __kthread_parkme+0x82/0x180 [ 28.203283] ? preempt_count_sub+0x50/0x80 [ 28.203308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.203333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.203380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.203407] kthread+0x337/0x6f0 [ 28.203428] ? trace_preempt_on+0x20/0xc0 [ 28.203486] ? __pfx_kthread+0x10/0x10 [ 28.203509] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.203534] ? calculate_sigpending+0x7b/0xa0 [ 28.203560] ? __pfx_kthread+0x10/0x10 [ 28.203582] ret_from_fork+0x116/0x1d0 [ 28.203604] ? __pfx_kthread+0x10/0x10 [ 28.203657] ret_from_fork_asm+0x1a/0x30 [ 28.203690] </TASK> [ 28.203702] [ 28.211490] Allocated by task 314: [ 28.211668] kasan_save_stack+0x45/0x70 [ 28.211850] kasan_save_track+0x18/0x40 [ 28.212015] kasan_save_alloc_info+0x3b/0x50 [ 28.214183] __kasan_kmalloc+0xb7/0xc0 [ 28.214392] __kmalloc_cache_noprof+0x189/0x420 [ 28.214551] kasan_atomics+0x95/0x310 [ 28.214682] kunit_try_run_case+0x1a5/0x480 [ 28.214826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.215005] kthread+0x337/0x6f0 [ 28.215126] ret_from_fork+0x116/0x1d0 [ 28.215267] ret_from_fork_asm+0x1a/0x30 [ 28.215404] [ 28.215472] The buggy address belongs to the object at ffff888106118e00 [ 28.215472] which belongs to the cache kmalloc-64 of size 64 [ 28.215828] The buggy address is located 0 bytes to the right of [ 28.215828] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.216391] [ 28.216496] The buggy address belongs to the physical page: [ 28.216760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.217358] flags: 0x200000000000000(node=0|zone=2) [ 28.217591] page_type: f5(slab) [ 28.217803] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.218171] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.218550] page dumped because: kasan: bad access detected [ 28.218814] [ 28.218910] Memory state around the buggy address: [ 28.219185] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.219539] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.219897] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.220253] ^ [ 28.220540] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.220875] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.221308] ================================================================== [ 28.953502] ================================================================== [ 28.953825] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 28.954384] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.954611] [ 28.954699] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.954751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.954765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.954789] Call Trace: [ 28.954811] <TASK> [ 28.954832] dump_stack_lvl+0x73/0xb0 [ 28.954863] print_report+0xd1/0x640 [ 28.954888] ? __virt_addr_valid+0x1db/0x2d0 [ 28.954914] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.954947] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.954976] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.954999] kasan_report+0x141/0x180 [ 28.955023] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.955051] kasan_check_range+0x10c/0x1c0 [ 28.956759] __kasan_check_write+0x18/0x20 [ 28.956816] kasan_atomics_helper+0x1e12/0x5450 [ 28.956844] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.956869] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.956896] ? kasan_atomics+0x152/0x310 [ 28.956924] kasan_atomics+0x1dc/0x310 [ 28.956961] ? __pfx_kasan_atomics+0x10/0x10 [ 28.956989] ? __pfx_read_tsc+0x10/0x10 [ 28.957016] ? ktime_get_ts64+0x86/0x230 [ 28.957042] kunit_try_run_case+0x1a5/0x480 [ 28.957070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.957094] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.957122] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.957165] ? __kthread_parkme+0x82/0x180 [ 28.957188] ? preempt_count_sub+0x50/0x80 [ 28.957213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.957238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.957264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.957289] kthread+0x337/0x6f0 [ 28.957312] ? trace_preempt_on+0x20/0xc0 [ 28.957338] ? __pfx_kthread+0x10/0x10 [ 28.957360] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.957385] ? calculate_sigpending+0x7b/0xa0 [ 28.957411] ? __pfx_kthread+0x10/0x10 [ 28.957434] ret_from_fork+0x116/0x1d0 [ 28.957455] ? __pfx_kthread+0x10/0x10 [ 28.957504] ret_from_fork_asm+0x1a/0x30 [ 28.957538] </TASK> [ 28.957552] [ 28.964858] Allocated by task 314: [ 28.965084] kasan_save_stack+0x45/0x70 [ 28.965295] kasan_save_track+0x18/0x40 [ 28.965459] kasan_save_alloc_info+0x3b/0x50 [ 28.965639] __kasan_kmalloc+0xb7/0xc0 [ 28.965802] __kmalloc_cache_noprof+0x189/0x420 [ 28.966020] kasan_atomics+0x95/0x310 [ 28.966194] kunit_try_run_case+0x1a5/0x480 [ 28.966390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.966620] kthread+0x337/0x6f0 [ 28.966771] ret_from_fork+0x116/0x1d0 [ 28.966927] ret_from_fork_asm+0x1a/0x30 [ 28.967089] [ 28.967168] The buggy address belongs to the object at ffff888106118e00 [ 28.967168] which belongs to the cache kmalloc-64 of size 64 [ 28.967575] The buggy address is located 0 bytes to the right of [ 28.967575] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.968199] [ 28.968340] The buggy address belongs to the physical page: [ 28.968519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.968820] flags: 0x200000000000000(node=0|zone=2) [ 28.969202] page_type: f5(slab) [ 28.969376] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.969660] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.969966] page dumped because: kasan: bad access detected [ 28.970199] [ 28.970290] Memory state around the buggy address: [ 28.970472] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.970688] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.970900] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.971111] ^ [ 28.971277] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.971494] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.971815] ================================================================== [ 28.181230] ================================================================== [ 28.181620] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 28.181967] Read of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.182201] [ 28.182284] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.182332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.182346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.182369] Call Trace: [ 28.182385] <TASK> [ 28.182424] dump_stack_lvl+0x73/0xb0 [ 28.182454] print_report+0xd1/0x640 [ 28.182478] ? __virt_addr_valid+0x1db/0x2d0 [ 28.182503] ? kasan_atomics_helper+0x4a84/0x5450 [ 28.182526] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.182598] ? kasan_atomics_helper+0x4a84/0x5450 [ 28.182621] kasan_report+0x141/0x180 [ 28.182644] ? kasan_atomics_helper+0x4a84/0x5450 [ 28.182672] __asan_report_load4_noabort+0x18/0x20 [ 28.182697] kasan_atomics_helper+0x4a84/0x5450 [ 28.182753] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.182777] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.182804] ? kasan_atomics+0x152/0x310 [ 28.182830] kasan_atomics+0x1dc/0x310 [ 28.182853] ? __pfx_kasan_atomics+0x10/0x10 [ 28.182908] ? __pfx_read_tsc+0x10/0x10 [ 28.182949] ? ktime_get_ts64+0x86/0x230 [ 28.182976] kunit_try_run_case+0x1a5/0x480 [ 28.183002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.183026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.183085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.183115] ? __kthread_parkme+0x82/0x180 [ 28.183138] ? preempt_count_sub+0x50/0x80 [ 28.183172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.183229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.183253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.183278] kthread+0x337/0x6f0 [ 28.183302] ? trace_preempt_on+0x20/0xc0 [ 28.183327] ? __pfx_kthread+0x10/0x10 [ 28.183398] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.183426] ? calculate_sigpending+0x7b/0xa0 [ 28.183451] ? __pfx_kthread+0x10/0x10 [ 28.183483] ret_from_fork+0x116/0x1d0 [ 28.183505] ? __pfx_kthread+0x10/0x10 [ 28.183527] ret_from_fork_asm+0x1a/0x30 [ 28.183559] </TASK> [ 28.183571] [ 28.191417] Allocated by task 314: [ 28.191597] kasan_save_stack+0x45/0x70 [ 28.191794] kasan_save_track+0x18/0x40 [ 28.192039] kasan_save_alloc_info+0x3b/0x50 [ 28.192192] __kasan_kmalloc+0xb7/0xc0 [ 28.192319] __kmalloc_cache_noprof+0x189/0x420 [ 28.192688] kasan_atomics+0x95/0x310 [ 28.192891] kunit_try_run_case+0x1a5/0x480 [ 28.193154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.193403] kthread+0x337/0x6f0 [ 28.193589] ret_from_fork+0x116/0x1d0 [ 28.193772] ret_from_fork_asm+0x1a/0x30 [ 28.194059] [ 28.194200] The buggy address belongs to the object at ffff888106118e00 [ 28.194200] which belongs to the cache kmalloc-64 of size 64 [ 28.194676] The buggy address is located 0 bytes to the right of [ 28.194676] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.195316] [ 28.195419] The buggy address belongs to the physical page: [ 28.195676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.196112] flags: 0x200000000000000(node=0|zone=2) [ 28.196324] page_type: f5(slab) [ 28.196513] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.197067] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.197389] page dumped because: kasan: bad access detected [ 28.197718] [ 28.197809] Memory state around the buggy address: [ 28.198049] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.198430] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.198894] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.199235] ^ [ 28.199452] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.199977] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.200193] ================================================================== [ 28.311184] ================================================================== [ 28.311662] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 28.311971] Read of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.312215] [ 28.312304] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.312357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.312371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.312411] Call Trace: [ 28.312426] <TASK> [ 28.312445] dump_stack_lvl+0x73/0xb0 [ 28.312476] print_report+0xd1/0x640 [ 28.312499] ? __virt_addr_valid+0x1db/0x2d0 [ 28.312527] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.312549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.312576] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.312600] kasan_report+0x141/0x180 [ 28.312622] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.312649] __asan_report_load4_noabort+0x18/0x20 [ 28.312674] kasan_atomics_helper+0x4a36/0x5450 [ 28.312698] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.312721] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.312748] ? kasan_atomics+0x152/0x310 [ 28.312775] kasan_atomics+0x1dc/0x310 [ 28.312800] ? __pfx_kasan_atomics+0x10/0x10 [ 28.312826] ? __pfx_read_tsc+0x10/0x10 [ 28.312850] ? ktime_get_ts64+0x86/0x230 [ 28.312876] kunit_try_run_case+0x1a5/0x480 [ 28.312903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.312927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.312964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.312991] ? __kthread_parkme+0x82/0x180 [ 28.313012] ? preempt_count_sub+0x50/0x80 [ 28.313037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.313062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.313088] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.313114] kthread+0x337/0x6f0 [ 28.313134] ? trace_preempt_on+0x20/0xc0 [ 28.313172] ? __pfx_kthread+0x10/0x10 [ 28.313194] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.313219] ? calculate_sigpending+0x7b/0xa0 [ 28.313245] ? __pfx_kthread+0x10/0x10 [ 28.313267] ret_from_fork+0x116/0x1d0 [ 28.313288] ? __pfx_kthread+0x10/0x10 [ 28.313310] ret_from_fork_asm+0x1a/0x30 [ 28.313344] </TASK> [ 28.313356] [ 28.320919] Allocated by task 314: [ 28.321113] kasan_save_stack+0x45/0x70 [ 28.321321] kasan_save_track+0x18/0x40 [ 28.321620] kasan_save_alloc_info+0x3b/0x50 [ 28.321765] __kasan_kmalloc+0xb7/0xc0 [ 28.321891] __kmalloc_cache_noprof+0x189/0x420 [ 28.322268] kasan_atomics+0x95/0x310 [ 28.322455] kunit_try_run_case+0x1a5/0x480 [ 28.322660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.322909] kthread+0x337/0x6f0 [ 28.323492] ret_from_fork+0x116/0x1d0 [ 28.323654] ret_from_fork_asm+0x1a/0x30 [ 28.323854] [ 28.323960] The buggy address belongs to the object at ffff888106118e00 [ 28.323960] which belongs to the cache kmalloc-64 of size 64 [ 28.324560] The buggy address is located 0 bytes to the right of [ 28.324560] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.325077] [ 28.325182] The buggy address belongs to the physical page: [ 28.325444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.325803] flags: 0x200000000000000(node=0|zone=2) [ 28.326046] page_type: f5(slab) [ 28.326186] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.326532] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.326753] page dumped because: kasan: bad access detected [ 28.326921] [ 28.326986] Memory state around the buggy address: [ 28.327137] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.327483] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.327799] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.328299] ^ [ 28.329016] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.329333] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.329700] ================================================================== [ 27.997799] ================================================================== [ 27.998255] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 27.998606] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 27.998990] [ 27.999465] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.999521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.999535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.999559] Call Trace: [ 27.999580] <TASK> [ 27.999675] dump_stack_lvl+0x73/0xb0 [ 27.999711] print_report+0xd1/0x640 [ 27.999790] ? __virt_addr_valid+0x1db/0x2d0 [ 27.999818] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.999842] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.999869] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.999949] kasan_report+0x141/0x180 [ 27.999975] ? kasan_atomics_helper+0x7c7/0x5450 [ 28.000002] kasan_check_range+0x10c/0x1c0 [ 28.000027] __kasan_check_write+0x18/0x20 [ 28.000051] kasan_atomics_helper+0x7c7/0x5450 [ 28.000076] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.000099] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.000127] ? kasan_atomics+0x152/0x310 [ 28.000167] kasan_atomics+0x1dc/0x310 [ 28.000192] ? __pfx_kasan_atomics+0x10/0x10 [ 28.000217] ? __pfx_read_tsc+0x10/0x10 [ 28.000241] ? ktime_get_ts64+0x86/0x230 [ 28.000268] kunit_try_run_case+0x1a5/0x480 [ 28.000293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.000317] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.000345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.000383] ? __kthread_parkme+0x82/0x180 [ 28.000406] ? preempt_count_sub+0x50/0x80 [ 28.000431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.000457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.000483] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.000508] kthread+0x337/0x6f0 [ 28.000529] ? trace_preempt_on+0x20/0xc0 [ 28.000554] ? __pfx_kthread+0x10/0x10 [ 28.000576] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.000601] ? calculate_sigpending+0x7b/0xa0 [ 28.000627] ? __pfx_kthread+0x10/0x10 [ 28.000649] ret_from_fork+0x116/0x1d0 [ 28.000671] ? __pfx_kthread+0x10/0x10 [ 28.000693] ret_from_fork_asm+0x1a/0x30 [ 28.000726] </TASK> [ 28.000739] [ 28.010766] Allocated by task 314: [ 28.010937] kasan_save_stack+0x45/0x70 [ 28.011117] kasan_save_track+0x18/0x40 [ 28.011261] kasan_save_alloc_info+0x3b/0x50 [ 28.011924] __kasan_kmalloc+0xb7/0xc0 [ 28.012178] __kmalloc_cache_noprof+0x189/0x420 [ 28.012392] kasan_atomics+0x95/0x310 [ 28.012752] kunit_try_run_case+0x1a5/0x480 [ 28.013021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.013269] kthread+0x337/0x6f0 [ 28.013704] ret_from_fork+0x116/0x1d0 [ 28.013909] ret_from_fork_asm+0x1a/0x30 [ 28.014255] [ 28.014452] The buggy address belongs to the object at ffff888106118e00 [ 28.014452] which belongs to the cache kmalloc-64 of size 64 [ 28.014918] The buggy address is located 0 bytes to the right of [ 28.014918] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.015529] [ 28.015641] The buggy address belongs to the physical page: [ 28.015866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.016709] flags: 0x200000000000000(node=0|zone=2) [ 28.016975] page_type: f5(slab) [ 28.017250] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.017533] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.017977] page dumped because: kasan: bad access detected [ 28.018176] [ 28.018273] Memory state around the buggy address: [ 28.018524] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.019188] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.019542] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.019906] ^ [ 28.020310] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.020782] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.021152] ================================================================== [ 28.437160] ================================================================== [ 28.437473] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 28.437903] Write of size 4 at addr ffff888106118e30 by task kunit_try_catch/314 [ 28.438261] [ 28.438364] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 28.438459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.438473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.438497] Call Trace: [ 28.438519] <TASK> [ 28.438541] dump_stack_lvl+0x73/0xb0 [ 28.438572] print_report+0xd1/0x640 [ 28.438597] ? __virt_addr_valid+0x1db/0x2d0 [ 28.438624] ? kasan_atomics_helper+0x1217/0x5450 [ 28.438647] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.438675] ? kasan_atomics_helper+0x1217/0x5450 [ 28.438698] kasan_report+0x141/0x180 [ 28.438722] ? kasan_atomics_helper+0x1217/0x5450 [ 28.438750] kasan_check_range+0x10c/0x1c0 [ 28.438774] __kasan_check_write+0x18/0x20 [ 28.438799] kasan_atomics_helper+0x1217/0x5450 [ 28.438823] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.438845] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.438872] ? kasan_atomics+0x152/0x310 [ 28.438899] kasan_atomics+0x1dc/0x310 [ 28.438923] ? __pfx_kasan_atomics+0x10/0x10 [ 28.438948] ? __pfx_read_tsc+0x10/0x10 [ 28.438972] ? ktime_get_ts64+0x86/0x230 [ 28.438999] kunit_try_run_case+0x1a5/0x480 [ 28.439025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.439049] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.439076] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.439111] ? __kthread_parkme+0x82/0x180 [ 28.439132] ? preempt_count_sub+0x50/0x80 [ 28.439170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.439198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.439223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.439247] kthread+0x337/0x6f0 [ 28.439269] ? trace_preempt_on+0x20/0xc0 [ 28.439295] ? __pfx_kthread+0x10/0x10 [ 28.439317] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.439341] ? calculate_sigpending+0x7b/0xa0 [ 28.439368] ? __pfx_kthread+0x10/0x10 [ 28.439389] ret_from_fork+0x116/0x1d0 [ 28.439422] ? __pfx_kthread+0x10/0x10 [ 28.439444] ret_from_fork_asm+0x1a/0x30 [ 28.439477] </TASK> [ 28.439489] [ 28.447643] Allocated by task 314: [ 28.447815] kasan_save_stack+0x45/0x70 [ 28.448031] kasan_save_track+0x18/0x40 [ 28.448230] kasan_save_alloc_info+0x3b/0x50 [ 28.448506] __kasan_kmalloc+0xb7/0xc0 [ 28.448678] __kmalloc_cache_noprof+0x189/0x420 [ 28.448879] kasan_atomics+0x95/0x310 [ 28.449059] kunit_try_run_case+0x1a5/0x480 [ 28.449226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.449414] kthread+0x337/0x6f0 [ 28.449579] ret_from_fork+0x116/0x1d0 [ 28.449804] ret_from_fork_asm+0x1a/0x30 [ 28.450023] [ 28.450109] The buggy address belongs to the object at ffff888106118e00 [ 28.450109] which belongs to the cache kmalloc-64 of size 64 [ 28.450560] The buggy address is located 0 bytes to the right of [ 28.450560] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 28.451094] [ 28.451277] The buggy address belongs to the physical page: [ 28.451540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 28.451893] flags: 0x200000000000000(node=0|zone=2) [ 28.452265] page_type: f5(slab) [ 28.452421] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.452673] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.452897] page dumped because: kasan: bad access detected [ 28.453136] [ 28.453503] Memory state around the buggy address: [ 28.453919] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.454201] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.454419] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.454630] ^ [ 28.454784] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.454997] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.455314] ================================================================== [ 29.111492] ================================================================== [ 29.112026] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 29.112337] Write of size 8 at addr ffff888106118e30 by task kunit_try_catch/314 [ 29.112660] [ 29.112771] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 29.112823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.112837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.112861] Call Trace: [ 29.112881] <TASK> [ 29.112900] dump_stack_lvl+0x73/0xb0 [ 29.112955] print_report+0xd1/0x640 [ 29.112979] ? __virt_addr_valid+0x1db/0x2d0 [ 29.113005] ? kasan_atomics_helper+0x218a/0x5450 [ 29.113028] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.113055] ? kasan_atomics_helper+0x218a/0x5450 [ 29.113078] kasan_report+0x141/0x180 [ 29.113102] ? kasan_atomics_helper+0x218a/0x5450 [ 29.113129] kasan_check_range+0x10c/0x1c0 [ 29.113165] __kasan_check_write+0x18/0x20 [ 29.113190] kasan_atomics_helper+0x218a/0x5450 [ 29.113214] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.113238] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.113264] ? kasan_atomics+0x152/0x310 [ 29.113291] kasan_atomics+0x1dc/0x310 [ 29.113315] ? __pfx_kasan_atomics+0x10/0x10 [ 29.113340] ? __pfx_read_tsc+0x10/0x10 [ 29.113364] ? ktime_get_ts64+0x86/0x230 [ 29.113390] kunit_try_run_case+0x1a5/0x480 [ 29.113416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.113440] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.113468] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.113494] ? __kthread_parkme+0x82/0x180 [ 29.113516] ? preempt_count_sub+0x50/0x80 [ 29.113542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.113568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.113592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.113618] kthread+0x337/0x6f0 [ 29.113640] ? trace_preempt_on+0x20/0xc0 [ 29.113666] ? __pfx_kthread+0x10/0x10 [ 29.113688] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.113727] ? calculate_sigpending+0x7b/0xa0 [ 29.113753] ? __pfx_kthread+0x10/0x10 [ 29.113776] ret_from_fork+0x116/0x1d0 [ 29.113798] ? __pfx_kthread+0x10/0x10 [ 29.113820] ret_from_fork_asm+0x1a/0x30 [ 29.113853] </TASK> [ 29.113865] [ 29.121140] Allocated by task 314: [ 29.121344] kasan_save_stack+0x45/0x70 [ 29.121501] kasan_save_track+0x18/0x40 [ 29.121704] kasan_save_alloc_info+0x3b/0x50 [ 29.121849] __kasan_kmalloc+0xb7/0xc0 [ 29.121979] __kmalloc_cache_noprof+0x189/0x420 [ 29.122129] kasan_atomics+0x95/0x310 [ 29.122268] kunit_try_run_case+0x1a5/0x480 [ 29.122522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.122771] kthread+0x337/0x6f0 [ 29.122959] ret_from_fork+0x116/0x1d0 [ 29.123158] ret_from_fork_asm+0x1a/0x30 [ 29.123355] [ 29.123447] The buggy address belongs to the object at ffff888106118e00 [ 29.123447] which belongs to the cache kmalloc-64 of size 64 [ 29.124064] The buggy address is located 0 bytes to the right of [ 29.124064] allocated 48-byte region [ffff888106118e00, ffff888106118e30) [ 29.124488] [ 29.124560] The buggy address belongs to the physical page: [ 29.124741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106118 [ 29.124981] flags: 0x200000000000000(node=0|zone=2) [ 29.125175] page_type: f5(slab) [ 29.125360] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.125696] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.126020] page dumped because: kasan: bad access detected [ 29.126455] [ 29.126545] Memory state around the buggy address: [ 29.126764] ffff888106118d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.127214] ffff888106118d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.127491] >ffff888106118e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.127729] ^ [ 29.127880] ffff888106118e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.128095] ffff888106118f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.128319] ==================================================================