Date
July 24, 2025, 4:41 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 35.140472] ================================================================== [ 35.140574] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 35.140627] Read of size 4 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.140680] [ 35.140712] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.140933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.140998] Hardware name: linux,dummy-virt (DT) [ 35.141033] Call trace: [ 35.141072] show_stack+0x20/0x38 (C) [ 35.141124] dump_stack_lvl+0x8c/0xd0 [ 35.141198] print_report+0x118/0x5e8 [ 35.141262] kasan_report+0xdc/0x128 [ 35.141307] __asan_report_load4_noabort+0x20/0x30 [ 35.141358] kasan_atomics_helper+0x3e04/0x4858 [ 35.141408] kasan_atomics+0x198/0x2e0 [ 35.141458] kunit_try_run_case+0x170/0x3f0 [ 35.141625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.141683] kthread+0x328/0x630 [ 35.141728] ret_from_fork+0x10/0x20 [ 35.141791] [ 35.141811] Allocated by task 296: [ 35.141842] kasan_save_stack+0x3c/0x68 [ 35.141883] kasan_save_track+0x20/0x40 [ 35.141920] kasan_save_alloc_info+0x40/0x58 [ 35.142116] __kasan_kmalloc+0xd4/0xd8 [ 35.142168] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.142228] kasan_atomics+0xb8/0x2e0 [ 35.142304] kunit_try_run_case+0x170/0x3f0 [ 35.142361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.142409] kthread+0x328/0x630 [ 35.142443] ret_from_fork+0x10/0x20 [ 35.142479] [ 35.142505] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.142505] which belongs to the cache kmalloc-64 of size 64 [ 35.142671] The buggy address is located 0 bytes to the right of [ 35.142671] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.142807] [ 35.142836] The buggy address belongs to the physical page: [ 35.142902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.143001] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.143091] page_type: f5(slab) [ 35.143159] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.143211] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.143255] page dumped because: kasan: bad access detected [ 35.143287] [ 35.143309] Memory state around the buggy address: [ 35.143340] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.143691] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.143842] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.143923] ^ [ 35.143992] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.144310] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.144418] ================================================================== [ 35.278182] ================================================================== [ 35.278257] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 35.278349] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.278401] [ 35.278459] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.278547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.278578] Hardware name: linux,dummy-virt (DT) [ 35.278610] Call trace: [ 35.278674] show_stack+0x20/0x38 (C) [ 35.278833] dump_stack_lvl+0x8c/0xd0 [ 35.278896] print_report+0x118/0x5e8 [ 35.278941] kasan_report+0xdc/0x128 [ 35.279000] kasan_check_range+0x100/0x1a8 [ 35.279094] __kasan_check_write+0x20/0x30 [ 35.279268] kasan_atomics_helper+0x16d0/0x4858 [ 35.279344] kasan_atomics+0x198/0x2e0 [ 35.279698] kunit_try_run_case+0x170/0x3f0 [ 35.279824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.279919] kthread+0x328/0x630 [ 35.280008] ret_from_fork+0x10/0x20 [ 35.280156] [ 35.280216] Allocated by task 296: [ 35.280352] kasan_save_stack+0x3c/0x68 [ 35.280413] kasan_save_track+0x20/0x40 [ 35.280450] kasan_save_alloc_info+0x40/0x58 [ 35.280491] __kasan_kmalloc+0xd4/0xd8 [ 35.280706] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.280769] kasan_atomics+0xb8/0x2e0 [ 35.280810] kunit_try_run_case+0x170/0x3f0 [ 35.281041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.281164] kthread+0x328/0x630 [ 35.281473] ret_from_fork+0x10/0x20 [ 35.281568] [ 35.281639] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.281639] which belongs to the cache kmalloc-64 of size 64 [ 35.281828] The buggy address is located 0 bytes to the right of [ 35.281828] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.281908] [ 35.281932] The buggy address belongs to the physical page: [ 35.282213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.282277] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.282391] page_type: f5(slab) [ 35.282432] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.282486] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.282530] page dumped because: kasan: bad access detected [ 35.282764] [ 35.282845] Memory state around the buggy address: [ 35.282893] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.282956] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.283058] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.283101] ^ [ 35.283137] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.283182] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.283261] ================================================================== [ 35.283513] ================================================================== [ 35.283562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 35.283627] Read of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.283712] [ 35.283793] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.283883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.283918] Hardware name: linux,dummy-virt (DT) [ 35.283955] Call trace: [ 35.283982] show_stack+0x20/0x38 (C) [ 35.284041] dump_stack_lvl+0x8c/0xd0 [ 35.284091] print_report+0x118/0x5e8 [ 35.284137] kasan_report+0xdc/0x128 [ 35.284182] __asan_report_load8_noabort+0x20/0x30 [ 35.284247] kasan_atomics_helper+0x3e10/0x4858 [ 35.284307] kasan_atomics+0x198/0x2e0 [ 35.284357] kunit_try_run_case+0x170/0x3f0 [ 35.284406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.284461] kthread+0x328/0x630 [ 35.284525] ret_from_fork+0x10/0x20 [ 35.284584] [ 35.284607] Allocated by task 296: [ 35.284637] kasan_save_stack+0x3c/0x68 [ 35.284687] kasan_save_track+0x20/0x40 [ 35.284725] kasan_save_alloc_info+0x40/0x58 [ 35.284776] __kasan_kmalloc+0xd4/0xd8 [ 35.284811] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.284855] kasan_atomics+0xb8/0x2e0 [ 35.284893] kunit_try_run_case+0x170/0x3f0 [ 35.284932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.284977] kthread+0x328/0x630 [ 35.285011] ret_from_fork+0x10/0x20 [ 35.285050] [ 35.285070] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.285070] which belongs to the cache kmalloc-64 of size 64 [ 35.285401] The buggy address is located 0 bytes to the right of [ 35.285401] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.285510] [ 35.285535] The buggy address belongs to the physical page: [ 35.285592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.285929] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.286003] page_type: f5(slab) [ 35.286054] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.286113] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.286172] page dumped because: kasan: bad access detected [ 35.286208] [ 35.286247] Memory state around the buggy address: [ 35.286282] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.286355] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.286403] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.286444] ^ [ 35.286477] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.286522] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.286565] ================================================================== [ 35.160647] ================================================================== [ 35.160695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 35.160772] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.160823] [ 35.160855] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.160940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.160970] Hardware name: linux,dummy-virt (DT) [ 35.161056] Call trace: [ 35.161082] show_stack+0x20/0x38 (C) [ 35.161133] dump_stack_lvl+0x8c/0xd0 [ 35.161300] print_report+0x118/0x5e8 [ 35.161390] kasan_report+0xdc/0x128 [ 35.161480] __asan_report_store8_noabort+0x20/0x30 [ 35.161534] kasan_atomics_helper+0x3e5c/0x4858 [ 35.161587] kasan_atomics+0x198/0x2e0 [ 35.161655] kunit_try_run_case+0x170/0x3f0 [ 35.161811] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.161872] kthread+0x328/0x630 [ 35.161918] ret_from_fork+0x10/0x20 [ 35.162040] [ 35.162068] Allocated by task 296: [ 35.162101] kasan_save_stack+0x3c/0x68 [ 35.162150] kasan_save_track+0x20/0x40 [ 35.162187] kasan_save_alloc_info+0x40/0x58 [ 35.162227] __kasan_kmalloc+0xd4/0xd8 [ 35.162264] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.162443] kasan_atomics+0xb8/0x2e0 [ 35.162501] kunit_try_run_case+0x170/0x3f0 [ 35.162577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.162644] kthread+0x328/0x630 [ 35.162679] ret_from_fork+0x10/0x20 [ 35.162918] [ 35.162989] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.162989] which belongs to the cache kmalloc-64 of size 64 [ 35.163095] The buggy address is located 0 bytes to the right of [ 35.163095] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.163175] [ 35.163215] The buggy address belongs to the physical page: [ 35.163271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.163328] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.163594] page_type: f5(slab) [ 35.163644] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.163697] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.163740] page dumped because: kasan: bad access detected [ 35.163784] [ 35.163899] Memory state around the buggy address: [ 35.163965] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.164013] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.164068] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.164152] ^ [ 35.164259] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.164342] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.164384] ================================================================== [ 35.206807] ================================================================== [ 35.207100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 35.207166] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.207490] [ 35.207561] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.207714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.207742] Hardware name: linux,dummy-virt (DT) [ 35.207789] Call trace: [ 35.207822] show_stack+0x20/0x38 (C) [ 35.207875] dump_stack_lvl+0x8c/0xd0 [ 35.207947] print_report+0x118/0x5e8 [ 35.207994] kasan_report+0xdc/0x128 [ 35.208039] kasan_check_range+0x100/0x1a8 [ 35.208085] __kasan_check_write+0x20/0x30 [ 35.208133] kasan_atomics_helper+0x11f8/0x4858 [ 35.208348] kasan_atomics+0x198/0x2e0 [ 35.208445] kunit_try_run_case+0x170/0x3f0 [ 35.208597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.208701] kthread+0x328/0x630 [ 35.209039] ret_from_fork+0x10/0x20 [ 35.209140] [ 35.209201] Allocated by task 296: [ 35.209279] kasan_save_stack+0x3c/0x68 [ 35.209396] kasan_save_track+0x20/0x40 [ 35.209452] kasan_save_alloc_info+0x40/0x58 [ 35.209493] __kasan_kmalloc+0xd4/0xd8 [ 35.209531] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.209584] kasan_atomics+0xb8/0x2e0 [ 35.209624] kunit_try_run_case+0x170/0x3f0 [ 35.209675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.209721] kthread+0x328/0x630 [ 35.209767] ret_from_fork+0x10/0x20 [ 35.209806] [ 35.209828] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.209828] which belongs to the cache kmalloc-64 of size 64 [ 35.209915] The buggy address is located 0 bytes to the right of [ 35.209915] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.209981] [ 35.210011] The buggy address belongs to the physical page: [ 35.210065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.210148] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.210205] page_type: f5(slab) [ 35.210246] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.210297] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.210342] page dumped because: kasan: bad access detected [ 35.210375] [ 35.210396] Memory state around the buggy address: [ 35.210444] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.210491] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.210535] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.210576] ^ [ 35.210619] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.210682] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.210725] ================================================================== [ 35.150464] ================================================================== [ 35.150518] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 35.150573] Read of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.150623] [ 35.150928] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.151103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.151388] Hardware name: linux,dummy-virt (DT) [ 35.151458] Call trace: [ 35.151530] show_stack+0x20/0x38 (C) [ 35.151595] dump_stack_lvl+0x8c/0xd0 [ 35.151646] print_report+0x118/0x5e8 [ 35.151694] kasan_report+0xdc/0x128 [ 35.151741] __asan_report_load8_noabort+0x20/0x30 [ 35.151840] kasan_atomics_helper+0x3f58/0x4858 [ 35.151894] kasan_atomics+0x198/0x2e0 [ 35.152054] kunit_try_run_case+0x170/0x3f0 [ 35.152140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.152217] kthread+0x328/0x630 [ 35.152352] ret_from_fork+0x10/0x20 [ 35.152469] [ 35.152492] Allocated by task 296: [ 35.152523] kasan_save_stack+0x3c/0x68 [ 35.152565] kasan_save_track+0x20/0x40 [ 35.152741] kasan_save_alloc_info+0x40/0x58 [ 35.152840] __kasan_kmalloc+0xd4/0xd8 [ 35.152890] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.152947] kasan_atomics+0xb8/0x2e0 [ 35.153026] kunit_try_run_case+0x170/0x3f0 [ 35.153119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.153176] kthread+0x328/0x630 [ 35.153210] ret_from_fork+0x10/0x20 [ 35.153249] [ 35.153271] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.153271] which belongs to the cache kmalloc-64 of size 64 [ 35.153370] The buggy address is located 0 bytes to the right of [ 35.153370] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.153534] [ 35.153585] The buggy address belongs to the physical page: [ 35.153642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.153722] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.153850] page_type: f5(slab) [ 35.153908] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.153960] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.154002] page dumped because: kasan: bad access detected [ 35.154162] [ 35.154186] Memory state around the buggy address: [ 35.154222] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.154271] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.154483] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.154542] ^ [ 35.154609] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.154689] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.154997] ================================================================== [ 35.259976] ================================================================== [ 35.260095] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 35.260149] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.260201] [ 35.260238] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.260450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.260485] Hardware name: linux,dummy-virt (DT) [ 35.260614] Call trace: [ 35.260649] show_stack+0x20/0x38 (C) [ 35.260771] dump_stack_lvl+0x8c/0xd0 [ 35.260849] print_report+0x118/0x5e8 [ 35.260915] kasan_report+0xdc/0x128 [ 35.261265] kasan_check_range+0x100/0x1a8 [ 35.261329] __kasan_check_write+0x20/0x30 [ 35.261379] kasan_atomics_helper+0x15b4/0x4858 [ 35.261494] kasan_atomics+0x198/0x2e0 [ 35.261546] kunit_try_run_case+0x170/0x3f0 [ 35.261601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.261720] kthread+0x328/0x630 [ 35.261802] ret_from_fork+0x10/0x20 [ 35.261861] [ 35.261901] Allocated by task 296: [ 35.261960] kasan_save_stack+0x3c/0x68 [ 35.262003] kasan_save_track+0x20/0x40 [ 35.262041] kasan_save_alloc_info+0x40/0x58 [ 35.262081] __kasan_kmalloc+0xd4/0xd8 [ 35.262123] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.262166] kasan_atomics+0xb8/0x2e0 [ 35.262315] kunit_try_run_case+0x170/0x3f0 [ 35.262453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.262528] kthread+0x328/0x630 [ 35.262565] ret_from_fork+0x10/0x20 [ 35.262604] [ 35.262626] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.262626] which belongs to the cache kmalloc-64 of size 64 [ 35.262705] The buggy address is located 0 bytes to the right of [ 35.262705] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.262792] [ 35.262815] The buggy address belongs to the physical page: [ 35.262861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.262916] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.262967] page_type: f5(slab) [ 35.263005] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.263059] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.263101] page dumped because: kasan: bad access detected [ 35.263140] [ 35.263161] Memory state around the buggy address: [ 35.263196] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.263242] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.263289] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.263329] ^ [ 35.263366] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.263418] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.263459] ================================================================== [ 35.243449] ================================================================== [ 35.243502] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 35.243559] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.243611] [ 35.243665] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.243766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.243819] Hardware name: linux,dummy-virt (DT) [ 35.243893] Call trace: [ 35.243952] show_stack+0x20/0x38 (C) [ 35.244003] dump_stack_lvl+0x8c/0xd0 [ 35.244081] print_report+0x118/0x5e8 [ 35.244148] kasan_report+0xdc/0x128 [ 35.244193] kasan_check_range+0x100/0x1a8 [ 35.244259] __kasan_check_write+0x20/0x30 [ 35.244317] kasan_atomics_helper+0x147c/0x4858 [ 35.244369] kasan_atomics+0x198/0x2e0 [ 35.244438] kunit_try_run_case+0x170/0x3f0 [ 35.244487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.244542] kthread+0x328/0x630 [ 35.244601] ret_from_fork+0x10/0x20 [ 35.244678] [ 35.244702] Allocated by task 296: [ 35.244732] kasan_save_stack+0x3c/0x68 [ 35.244782] kasan_save_track+0x20/0x40 [ 35.244843] kasan_save_alloc_info+0x40/0x58 [ 35.244884] __kasan_kmalloc+0xd4/0xd8 [ 35.244921] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.244965] kasan_atomics+0xb8/0x2e0 [ 35.245004] kunit_try_run_case+0x170/0x3f0 [ 35.245266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.245331] kthread+0x328/0x630 [ 35.245725] ret_from_fork+0x10/0x20 [ 35.245803] [ 35.245881] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.245881] which belongs to the cache kmalloc-64 of size 64 [ 35.245962] The buggy address is located 0 bytes to the right of [ 35.245962] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.246032] [ 35.246332] The buggy address belongs to the physical page: [ 35.246394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.246452] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.246506] page_type: f5(slab) [ 35.247004] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.247246] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.247324] page dumped because: kasan: bad access detected [ 35.247362] [ 35.247413] Memory state around the buggy address: [ 35.247459] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.247517] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.247563] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.247605] ^ [ 35.247821] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.248781] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.248832] ================================================================== [ 35.286899] ================================================================== [ 35.287014] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 35.287121] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.287268] [ 35.287650] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.287862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.287941] Hardware name: linux,dummy-virt (DT) [ 35.288015] Call trace: [ 35.288116] show_stack+0x20/0x38 (C) [ 35.288224] dump_stack_lvl+0x8c/0xd0 [ 35.288329] print_report+0x118/0x5e8 [ 35.289690] kasan_report+0xdc/0x128 [ 35.290794] kasan_check_range+0x100/0x1a8 [ 35.290864] __kasan_check_write+0x20/0x30 [ 35.291007] kasan_atomics_helper+0x175c/0x4858 [ 35.291175] kasan_atomics+0x198/0x2e0 [ 35.291229] kunit_try_run_case+0x170/0x3f0 [ 35.291329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.291445] kthread+0x328/0x630 [ 35.291589] ret_from_fork+0x10/0x20 [ 35.291713] [ 35.291937] Allocated by task 296: [ 35.291972] kasan_save_stack+0x3c/0x68 [ 35.292017] kasan_save_track+0x20/0x40 [ 35.292104] kasan_save_alloc_info+0x40/0x58 [ 35.292207] __kasan_kmalloc+0xd4/0xd8 [ 35.292371] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.292470] kasan_atomics+0xb8/0x2e0 [ 35.292520] kunit_try_run_case+0x170/0x3f0 [ 35.292560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.292801] kthread+0x328/0x630 [ 35.292839] ret_from_fork+0x10/0x20 [ 35.292892] [ 35.292914] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.292914] which belongs to the cache kmalloc-64 of size 64 [ 35.292977] The buggy address is located 0 bytes to the right of [ 35.292977] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.293135] [ 35.293216] The buggy address belongs to the physical page: [ 35.293271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.293342] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.293401] page_type: f5(slab) [ 35.293442] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.293501] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.293543] page dumped because: kasan: bad access detected [ 35.293583] [ 35.293603] Memory state around the buggy address: [ 35.293639] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.293684] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.293732] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.293783] ^ [ 35.293817] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.293861] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.293905] ================================================================== [ 35.294455] ================================================================== [ 35.294507] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 35.294724] Read of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.294792] [ 35.294828] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.294958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.295046] Hardware name: linux,dummy-virt (DT) [ 35.295170] Call trace: [ 35.295232] show_stack+0x20/0x38 (C) [ 35.295373] dump_stack_lvl+0x8c/0xd0 [ 35.295451] print_report+0x118/0x5e8 [ 35.295578] kasan_report+0xdc/0x128 [ 35.295739] __asan_report_load8_noabort+0x20/0x30 [ 35.295836] kasan_atomics_helper+0x3e20/0x4858 [ 35.296073] kasan_atomics+0x198/0x2e0 [ 35.296123] kunit_try_run_case+0x170/0x3f0 [ 35.296171] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.296281] kthread+0x328/0x630 [ 35.296326] ret_from_fork+0x10/0x20 [ 35.296400] [ 35.296507] Allocated by task 296: [ 35.296575] kasan_save_stack+0x3c/0x68 [ 35.296720] kasan_save_track+0x20/0x40 [ 35.296803] kasan_save_alloc_info+0x40/0x58 [ 35.297049] __kasan_kmalloc+0xd4/0xd8 [ 35.297090] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.297133] kasan_atomics+0xb8/0x2e0 [ 35.297204] kunit_try_run_case+0x170/0x3f0 [ 35.298139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.298217] kthread+0x328/0x630 [ 35.298255] ret_from_fork+0x10/0x20 [ 35.298318] [ 35.298391] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.298391] which belongs to the cache kmalloc-64 of size 64 [ 35.298821] The buggy address is located 0 bytes to the right of [ 35.298821] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.298974] [ 35.299074] The buggy address belongs to the physical page: [ 35.299165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.299268] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.299322] page_type: f5(slab) [ 35.299522] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.299575] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.299618] page dumped because: kasan: bad access detected [ 35.299652] [ 35.299673] Memory state around the buggy address: [ 35.299708] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.299775] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.299820] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.299905] ^ [ 35.299973] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.300113] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.300155] ================================================================== [ 35.181761] ================================================================== [ 35.182052] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 35.182148] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.182203] [ 35.182235] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.182322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.182351] Hardware name: linux,dummy-virt (DT) [ 35.182384] Call trace: [ 35.182429] show_stack+0x20/0x38 (C) [ 35.182478] dump_stack_lvl+0x8c/0xd0 [ 35.182525] print_report+0x118/0x5e8 [ 35.182570] kasan_report+0xdc/0x128 [ 35.182634] kasan_check_range+0x100/0x1a8 [ 35.182682] __kasan_check_write+0x20/0x30 [ 35.182730] kasan_atomics_helper+0xff0/0x4858 [ 35.182792] kasan_atomics+0x198/0x2e0 [ 35.182850] kunit_try_run_case+0x170/0x3f0 [ 35.182909] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.182972] kthread+0x328/0x630 [ 35.183018] ret_from_fork+0x10/0x20 [ 35.183064] [ 35.183094] Allocated by task 296: [ 35.183124] kasan_save_stack+0x3c/0x68 [ 35.183164] kasan_save_track+0x20/0x40 [ 35.183202] kasan_save_alloc_info+0x40/0x58 [ 35.183249] __kasan_kmalloc+0xd4/0xd8 [ 35.183303] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.183347] kasan_atomics+0xb8/0x2e0 [ 35.183401] kunit_try_run_case+0x170/0x3f0 [ 35.183442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.183488] kthread+0x328/0x630 [ 35.183531] ret_from_fork+0x10/0x20 [ 35.183570] [ 35.183591] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.183591] which belongs to the cache kmalloc-64 of size 64 [ 35.183651] The buggy address is located 0 bytes to the right of [ 35.183651] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.183723] [ 35.183756] The buggy address belongs to the physical page: [ 35.183792] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.183846] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.183894] page_type: f5(slab) [ 35.183933] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.183987] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.184029] page dumped because: kasan: bad access detected [ 35.184062] [ 35.184082] Memory state around the buggy address: [ 35.184665] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.184777] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.184873] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.185041] ^ [ 35.185080] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.185125] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.185166] ================================================================== [ 35.176596] ================================================================== [ 35.176671] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 35.176741] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.176806] [ 35.177054] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.177267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.177297] Hardware name: linux,dummy-virt (DT) [ 35.177437] Call trace: [ 35.177466] show_stack+0x20/0x38 (C) [ 35.177520] dump_stack_lvl+0x8c/0xd0 [ 35.177649] print_report+0x118/0x5e8 [ 35.177773] kasan_report+0xdc/0x128 [ 35.177839] kasan_check_range+0x100/0x1a8 [ 35.177890] __kasan_check_write+0x20/0x30 [ 35.178096] kasan_atomics_helper+0xf88/0x4858 [ 35.178358] kasan_atomics+0x198/0x2e0 [ 35.178423] kunit_try_run_case+0x170/0x3f0 [ 35.178473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.178539] kthread+0x328/0x630 [ 35.178583] ret_from_fork+0x10/0x20 [ 35.178641] [ 35.178664] Allocated by task 296: [ 35.178700] kasan_save_stack+0x3c/0x68 [ 35.178741] kasan_save_track+0x20/0x40 [ 35.178790] kasan_save_alloc_info+0x40/0x58 [ 35.178831] __kasan_kmalloc+0xd4/0xd8 [ 35.178910] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.179159] kasan_atomics+0xb8/0x2e0 [ 35.179290] kunit_try_run_case+0x170/0x3f0 [ 35.179391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.179479] kthread+0x328/0x630 [ 35.179558] ret_from_fork+0x10/0x20 [ 35.179650] [ 35.179710] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.179710] which belongs to the cache kmalloc-64 of size 64 [ 35.179786] The buggy address is located 0 bytes to the right of [ 35.179786] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.179891] [ 35.179914] The buggy address belongs to the physical page: [ 35.179954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.180008] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.180061] page_type: f5(slab) [ 35.180099] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.180255] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.180369] page dumped because: kasan: bad access detected [ 35.180427] [ 35.180491] Memory state around the buggy address: [ 35.180739] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.180848] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.180925] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.180994] ^ [ 35.181068] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.181131] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.181199] ================================================================== [ 35.145071] ================================================================== [ 35.145144] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 35.145206] Read of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.145256] [ 35.145296] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.145393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.145433] Hardware name: linux,dummy-virt (DT) [ 35.145467] Call trace: [ 35.145492] show_stack+0x20/0x38 (C) [ 35.145541] dump_stack_lvl+0x8c/0xd0 [ 35.145588] print_report+0x118/0x5e8 [ 35.145633] kasan_report+0xdc/0x128 [ 35.145678] kasan_check_range+0x100/0x1a8 [ 35.145735] __kasan_check_read+0x20/0x30 [ 35.145796] kasan_atomics_helper+0xdd4/0x4858 [ 35.145845] kasan_atomics+0x198/0x2e0 [ 35.145893] kunit_try_run_case+0x170/0x3f0 [ 35.145942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.146005] kthread+0x328/0x630 [ 35.146057] ret_from_fork+0x10/0x20 [ 35.146112] [ 35.146140] Allocated by task 296: [ 35.146178] kasan_save_stack+0x3c/0x68 [ 35.146220] kasan_save_track+0x20/0x40 [ 35.146258] kasan_save_alloc_info+0x40/0x58 [ 35.146298] __kasan_kmalloc+0xd4/0xd8 [ 35.146333] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.146387] kasan_atomics+0xb8/0x2e0 [ 35.146436] kunit_try_run_case+0x170/0x3f0 [ 35.146477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.146522] kthread+0x328/0x630 [ 35.146564] ret_from_fork+0x10/0x20 [ 35.146601] [ 35.146624] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.146624] which belongs to the cache kmalloc-64 of size 64 [ 35.146682] The buggy address is located 0 bytes to the right of [ 35.146682] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.147442] [ 35.147493] The buggy address belongs to the physical page: [ 35.147543] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.147602] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.147652] page_type: f5(slab) [ 35.147691] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.147994] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.148287] page dumped because: kasan: bad access detected [ 35.148391] [ 35.148451] Memory state around the buggy address: [ 35.148766] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.148887] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.149048] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.149143] ^ [ 35.149272] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.149318] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.149359] ================================================================== [ 35.223744] ================================================================== [ 35.224072] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 35.224303] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.224385] [ 35.224420] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.224776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.224834] Hardware name: linux,dummy-virt (DT) [ 35.225052] Call trace: [ 35.225147] show_stack+0x20/0x38 (C) [ 35.225206] dump_stack_lvl+0x8c/0xd0 [ 35.225403] print_report+0x118/0x5e8 [ 35.225451] kasan_report+0xdc/0x128 [ 35.225496] kasan_check_range+0x100/0x1a8 [ 35.225543] __kasan_check_write+0x20/0x30 [ 35.225593] kasan_atomics_helper+0x1384/0x4858 [ 35.225645] kasan_atomics+0x198/0x2e0 [ 35.225692] kunit_try_run_case+0x170/0x3f0 [ 35.225741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.225829] kthread+0x328/0x630 [ 35.225875] ret_from_fork+0x10/0x20 [ 35.225925] [ 35.225948] Allocated by task 296: [ 35.225978] kasan_save_stack+0x3c/0x68 [ 35.226019] kasan_save_track+0x20/0x40 [ 35.226056] kasan_save_alloc_info+0x40/0x58 [ 35.226097] __kasan_kmalloc+0xd4/0xd8 [ 35.226139] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.226191] kasan_atomics+0xb8/0x2e0 [ 35.226231] kunit_try_run_case+0x170/0x3f0 [ 35.226272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.226317] kthread+0x328/0x630 [ 35.226362] ret_from_fork+0x10/0x20 [ 35.226409] [ 35.226452] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.226452] which belongs to the cache kmalloc-64 of size 64 [ 35.226514] The buggy address is located 0 bytes to the right of [ 35.226514] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.226580] [ 35.226602] The buggy address belongs to the physical page: [ 35.226643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.226695] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.226754] page_type: f5(slab) [ 35.227177] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.227248] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.227292] page dumped because: kasan: bad access detected [ 35.227335] [ 35.227378] Memory state around the buggy address: [ 35.227416] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.227858] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.227955] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.228596] ^ [ 35.228646] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.228694] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.228735] ================================================================== [ 35.196738] ================================================================== [ 35.196802] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 35.196879] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.196950] [ 35.196981] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.197070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.197097] Hardware name: linux,dummy-virt (DT) [ 35.197130] Call trace: [ 35.197155] show_stack+0x20/0x38 (C) [ 35.197366] dump_stack_lvl+0x8c/0xd0 [ 35.197425] print_report+0x118/0x5e8 [ 35.197499] kasan_report+0xdc/0x128 [ 35.197544] kasan_check_range+0x100/0x1a8 [ 35.197610] __kasan_check_write+0x20/0x30 [ 35.197676] kasan_atomics_helper+0x1128/0x4858 [ 35.197731] kasan_atomics+0x198/0x2e0 [ 35.197794] kunit_try_run_case+0x170/0x3f0 [ 35.197842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.197896] kthread+0x328/0x630 [ 35.197958] ret_from_fork+0x10/0x20 [ 35.198010] [ 35.198168] Allocated by task 296: [ 35.198227] kasan_save_stack+0x3c/0x68 [ 35.198272] kasan_save_track+0x20/0x40 [ 35.198308] kasan_save_alloc_info+0x40/0x58 [ 35.198349] __kasan_kmalloc+0xd4/0xd8 [ 35.198387] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.198429] kasan_atomics+0xb8/0x2e0 [ 35.198586] kunit_try_run_case+0x170/0x3f0 [ 35.198782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.198853] kthread+0x328/0x630 [ 35.198892] ret_from_fork+0x10/0x20 [ 35.198930] [ 35.198953] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.198953] which belongs to the cache kmalloc-64 of size 64 [ 35.199026] The buggy address is located 0 bytes to the right of [ 35.199026] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.199093] [ 35.199116] The buggy address belongs to the physical page: [ 35.199306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.199405] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.199473] page_type: f5(slab) [ 35.199549] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.199809] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.199941] page dumped because: kasan: bad access detected [ 35.200030] [ 35.200066] Memory state around the buggy address: [ 35.200103] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.200149] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.200337] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.200384] ^ [ 35.200420] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.200589] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.200674] ================================================================== [ 35.253637] ================================================================== [ 35.253686] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 35.253736] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.253908] [ 35.254166] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.254371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.254429] Hardware name: linux,dummy-virt (DT) [ 35.254464] Call trace: [ 35.254533] show_stack+0x20/0x38 (C) [ 35.254601] dump_stack_lvl+0x8c/0xd0 [ 35.254654] print_report+0x118/0x5e8 [ 35.254713] kasan_report+0xdc/0x128 [ 35.254779] kasan_check_range+0x100/0x1a8 [ 35.254826] __kasan_check_write+0x20/0x30 [ 35.254874] kasan_atomics_helper+0x154c/0x4858 [ 35.254925] kasan_atomics+0x198/0x2e0 [ 35.254987] kunit_try_run_case+0x170/0x3f0 [ 35.255035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.255228] kthread+0x328/0x630 [ 35.255326] ret_from_fork+0x10/0x20 [ 35.255463] [ 35.255519] Allocated by task 296: [ 35.255587] kasan_save_stack+0x3c/0x68 [ 35.255859] kasan_save_track+0x20/0x40 [ 35.255977] kasan_save_alloc_info+0x40/0x58 [ 35.256060] __kasan_kmalloc+0xd4/0xd8 [ 35.256172] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.256218] kasan_atomics+0xb8/0x2e0 [ 35.256274] kunit_try_run_case+0x170/0x3f0 [ 35.256321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.256366] kthread+0x328/0x630 [ 35.256709] ret_from_fork+0x10/0x20 [ 35.256842] [ 35.256894] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.256894] which belongs to the cache kmalloc-64 of size 64 [ 35.257125] The buggy address is located 0 bytes to the right of [ 35.257125] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.257296] [ 35.257391] The buggy address belongs to the physical page: [ 35.257495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.257606] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.257678] page_type: f5(slab) [ 35.257868] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.258022] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.258178] page dumped because: kasan: bad access detected [ 35.258270] [ 35.258446] Memory state around the buggy address: [ 35.258597] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.258649] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.258695] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.258738] ^ [ 35.258807] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.258863] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.258904] ================================================================== [ 35.136198] ================================================================== [ 35.136281] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 35.136372] Write of size 4 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.136424] [ 35.136485] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.136594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.136639] Hardware name: linux,dummy-virt (DT) [ 35.136674] Call trace: [ 35.136698] show_stack+0x20/0x38 (C) [ 35.136759] dump_stack_lvl+0x8c/0xd0 [ 35.136810] print_report+0x118/0x5e8 [ 35.136854] kasan_report+0xdc/0x128 [ 35.137031] kasan_check_range+0x100/0x1a8 [ 35.137082] __kasan_check_write+0x20/0x30 [ 35.137133] kasan_atomics_helper+0xd3c/0x4858 [ 35.137207] kasan_atomics+0x198/0x2e0 [ 35.137264] kunit_try_run_case+0x170/0x3f0 [ 35.137327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.137382] kthread+0x328/0x630 [ 35.137440] ret_from_fork+0x10/0x20 [ 35.137521] [ 35.137544] Allocated by task 296: [ 35.137594] kasan_save_stack+0x3c/0x68 [ 35.137650] kasan_save_track+0x20/0x40 [ 35.137847] kasan_save_alloc_info+0x40/0x58 [ 35.138069] __kasan_kmalloc+0xd4/0xd8 [ 35.138159] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.138251] kasan_atomics+0xb8/0x2e0 [ 35.138320] kunit_try_run_case+0x170/0x3f0 [ 35.138361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.138405] kthread+0x328/0x630 [ 35.138441] ret_from_fork+0x10/0x20 [ 35.138478] [ 35.138499] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.138499] which belongs to the cache kmalloc-64 of size 64 [ 35.138561] The buggy address is located 0 bytes to the right of [ 35.138561] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.138626] [ 35.138785] The buggy address belongs to the physical page: [ 35.138861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.138941] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.139011] page_type: f5(slab) [ 35.139239] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.139382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.139440] page dumped because: kasan: bad access detected [ 35.139513] [ 35.139659] Memory state around the buggy address: [ 35.139730] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.139851] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.140012] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.140092] ^ [ 35.140167] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.140218] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.140281] ================================================================== [ 35.170998] ================================================================== [ 35.171341] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 35.171448] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.171744] [ 35.171823] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.171941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.172018] Hardware name: linux,dummy-virt (DT) [ 35.172070] Call trace: [ 35.172132] show_stack+0x20/0x38 (C) [ 35.172192] dump_stack_lvl+0x8c/0xd0 [ 35.172263] print_report+0x118/0x5e8 [ 35.172319] kasan_report+0xdc/0x128 [ 35.172365] kasan_check_range+0x100/0x1a8 [ 35.172413] __kasan_check_write+0x20/0x30 [ 35.172461] kasan_atomics_helper+0xf20/0x4858 [ 35.172515] kasan_atomics+0x198/0x2e0 [ 35.172561] kunit_try_run_case+0x170/0x3f0 [ 35.172620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.172684] kthread+0x328/0x630 [ 35.172735] ret_from_fork+0x10/0x20 [ 35.172797] [ 35.172817] Allocated by task 296: [ 35.172848] kasan_save_stack+0x3c/0x68 [ 35.172887] kasan_save_track+0x20/0x40 [ 35.172926] kasan_save_alloc_info+0x40/0x58 [ 35.173002] __kasan_kmalloc+0xd4/0xd8 [ 35.173212] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.173329] kasan_atomics+0xb8/0x2e0 [ 35.173405] kunit_try_run_case+0x170/0x3f0 [ 35.173490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.173547] kthread+0x328/0x630 [ 35.173583] ret_from_fork+0x10/0x20 [ 35.173620] [ 35.173644] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.173644] which belongs to the cache kmalloc-64 of size 64 [ 35.173756] The buggy address is located 0 bytes to the right of [ 35.173756] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.173964] [ 35.174072] The buggy address belongs to the physical page: [ 35.174145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.174459] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.174557] page_type: f5(slab) [ 35.174682] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.174765] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.174840] page dumped because: kasan: bad access detected [ 35.174988] [ 35.175009] Memory state around the buggy address: [ 35.175042] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.175148] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.175195] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.175236] ^ [ 35.175360] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.175474] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.175543] ================================================================== [ 35.300482] ================================================================== [ 35.300534] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 35.300689] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.300780] [ 35.300816] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.300911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.300970] Hardware name: linux,dummy-virt (DT) [ 35.301019] Call trace: [ 35.301047] show_stack+0x20/0x38 (C) [ 35.301122] dump_stack_lvl+0x8c/0xd0 [ 35.301172] print_report+0x118/0x5e8 [ 35.301222] kasan_report+0xdc/0x128 [ 35.301267] kasan_check_range+0x100/0x1a8 [ 35.301313] __kasan_check_write+0x20/0x30 [ 35.301362] kasan_atomics_helper+0x17ec/0x4858 [ 35.301418] kasan_atomics+0x198/0x2e0 [ 35.301466] kunit_try_run_case+0x170/0x3f0 [ 35.301515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.301573] kthread+0x328/0x630 [ 35.301617] ret_from_fork+0x10/0x20 [ 35.301666] [ 35.301689] Allocated by task 296: [ 35.301725] kasan_save_stack+0x3c/0x68 [ 35.302025] kasan_save_track+0x20/0x40 [ 35.302079] kasan_save_alloc_info+0x40/0x58 [ 35.302316] __kasan_kmalloc+0xd4/0xd8 [ 35.302371] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.302582] kasan_atomics+0xb8/0x2e0 [ 35.302636] kunit_try_run_case+0x170/0x3f0 [ 35.302677] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.302721] kthread+0x328/0x630 [ 35.302768] ret_from_fork+0x10/0x20 [ 35.302832] [ 35.302858] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.302858] which belongs to the cache kmalloc-64 of size 64 [ 35.302923] The buggy address is located 0 bytes to the right of [ 35.302923] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.303043] [ 35.303068] The buggy address belongs to the physical page: [ 35.303129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.303299] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.303424] page_type: f5(slab) [ 35.303545] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.303628] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.303720] page dumped because: kasan: bad access detected [ 35.304125] [ 35.304185] Memory state around the buggy address: [ 35.304221] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.304451] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.304642] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.304773] ^ [ 35.304851] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.304944] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.305314] ================================================================== [ 35.190922] ================================================================== [ 35.190983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 35.191078] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.191183] [ 35.191254] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.191361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.191389] Hardware name: linux,dummy-virt (DT) [ 35.191462] Call trace: [ 35.191595] show_stack+0x20/0x38 (C) [ 35.191649] dump_stack_lvl+0x8c/0xd0 [ 35.191730] print_report+0x118/0x5e8 [ 35.191873] kasan_report+0xdc/0x128 [ 35.191940] kasan_check_range+0x100/0x1a8 [ 35.192055] __kasan_check_write+0x20/0x30 [ 35.192137] kasan_atomics_helper+0x10c0/0x4858 [ 35.192328] kasan_atomics+0x198/0x2e0 [ 35.192466] kunit_try_run_case+0x170/0x3f0 [ 35.192728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.193221] kthread+0x328/0x630 [ 35.193311] ret_from_fork+0x10/0x20 [ 35.193429] [ 35.193502] Allocated by task 296: [ 35.193576] kasan_save_stack+0x3c/0x68 [ 35.193765] kasan_save_track+0x20/0x40 [ 35.193945] kasan_save_alloc_info+0x40/0x58 [ 35.194077] __kasan_kmalloc+0xd4/0xd8 [ 35.194408] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.194511] kasan_atomics+0xb8/0x2e0 [ 35.194607] kunit_try_run_case+0x170/0x3f0 [ 35.194697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.194794] kthread+0x328/0x630 [ 35.194882] ret_from_fork+0x10/0x20 [ 35.194920] [ 35.194944] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.194944] which belongs to the cache kmalloc-64 of size 64 [ 35.195007] The buggy address is located 0 bytes to the right of [ 35.195007] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.195074] [ 35.195133] The buggy address belongs to the physical page: [ 35.195293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.195418] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.195502] page_type: f5(slab) [ 35.195557] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.195820] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.195892] page dumped because: kasan: bad access detected [ 35.195951] [ 35.196004] Memory state around the buggy address: [ 35.196051] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.196116] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.196166] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.196207] ^ [ 35.196242] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.196320] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.196442] ================================================================== [ 35.076505] ================================================================== [ 35.076553] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 35.076602] Write of size 4 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.076653] [ 35.076684] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.076839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.076898] Hardware name: linux,dummy-virt (DT) [ 35.076957] Call trace: [ 35.077058] dump_stack_lvl+0x8c/0xd0 [ 35.078317] kasan_save_alloc_info+0x40/0x58 [ 35.079109] The buggy address is located 0 bytes to the right of [ 35.079109] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.080032] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.082368] print_report+0x118/0x5e8 [ 35.084262] kasan_atomics+0xb8/0x2e0 [ 35.084981] [ 35.085053] The buggy address belongs to the physical page: [ 35.085245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.085445] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.085570] page_type: f5(slab) [ 35.085649] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.085766] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.085862] page dumped because: kasan: bad access detected [ 35.085936] [ 35.086008] Memory state around the buggy address: [ 35.086074] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.086150] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.086196] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.086239] ^ [ 35.086403] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.086548] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.086593] ================================================================== [ 35.263538] ================================================================== [ 35.263580] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 35.263625] Read of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.263676] [ 35.263708] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.263806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.263836] Hardware name: linux,dummy-virt (DT) [ 35.263868] Call trace: [ 35.263932] show_stack+0x20/0x38 (C) [ 35.263984] dump_stack_lvl+0x8c/0xd0 [ 35.264295] print_report+0x118/0x5e8 [ 35.264378] kasan_report+0xdc/0x128 [ 35.264466] __asan_report_load8_noabort+0x20/0x30 [ 35.264522] kasan_atomics_helper+0x3db0/0x4858 [ 35.264575] kasan_atomics+0x198/0x2e0 [ 35.264701] kunit_try_run_case+0x170/0x3f0 [ 35.264857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.264943] kthread+0x328/0x630 [ 35.264993] ret_from_fork+0x10/0x20 [ 35.265109] [ 35.265213] Allocated by task 296: [ 35.265282] kasan_save_stack+0x3c/0x68 [ 35.265601] kasan_save_track+0x20/0x40 [ 35.265651] kasan_save_alloc_info+0x40/0x58 [ 35.265728] __kasan_kmalloc+0xd4/0xd8 [ 35.265778] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.265821] kasan_atomics+0xb8/0x2e0 [ 35.265862] kunit_try_run_case+0x170/0x3f0 [ 35.265902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.265948] kthread+0x328/0x630 [ 35.266136] ret_from_fork+0x10/0x20 [ 35.266300] [ 35.266370] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.266370] which belongs to the cache kmalloc-64 of size 64 [ 35.266624] The buggy address is located 0 bytes to the right of [ 35.266624] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.266788] [ 35.266849] The buggy address belongs to the physical page: [ 35.266975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.267079] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.267210] page_type: f5(slab) [ 35.267270] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.267321] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.267364] page dumped because: kasan: bad access detected [ 35.267397] [ 35.267418] Memory state around the buggy address: [ 35.267452] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.267500] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.267547] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.267707] ^ [ 35.267784] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.267844] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.267912] ================================================================== [ 35.086833] ================================================================== [ 35.087158] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 35.087273] Write of size 4 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.087573] [ 35.087652] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.088348] __kasan_check_write+0x20/0x30 [ 35.090467] The buggy address is located 0 bytes to the right of [ 35.090467] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.090630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.090687] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.090737] page_type: f5(slab) [ 35.090806] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.091093] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.092929] [ 35.093535] print_report+0x118/0x5e8 [ 35.096068] [ 35.096301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.096394] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.096447] page_type: f5(slab) [ 35.096612] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.096841] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.098585] ================================================================== [ 35.066538] ================================================================== [ 35.066584] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 35.066632] Read of size 4 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.066683] [ 35.066715] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.067137] Call trace: [ 35.068255] Allocated by task 296: [ 35.069537] [ 35.070094] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.070819] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.072307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.073611] kasan_save_track+0x20/0x40 [ 35.073711] __kasan_kmalloc+0xd4/0xd8 [ 35.073762] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.074018] kasan_atomics+0xb8/0x2e0 [ 35.074091] kunit_try_run_case+0x170/0x3f0 [ 35.074146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.074204] kthread+0x328/0x630 [ 35.074254] ret_from_fork+0x10/0x20 [ 35.074293] [ 35.074354] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.074354] which belongs to the cache kmalloc-64 of size 64 [ 35.074438] The buggy address is located 0 bytes to the right of [ 35.074438] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.074730] [ 35.074809] The buggy address belongs to the physical page: [ 35.074868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.074996] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.075053] page_type: f5(slab) [ 35.075093] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.075351] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.075445] page dumped because: kasan: bad access detected [ 35.075526] [ 35.075587] Memory state around the buggy address: [ 35.075677] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.075770] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.075815] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.075866] ^ [ 35.075902] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.076235] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.076282] ================================================================== [ 35.155713] ================================================================== [ 35.155808] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 35.155861] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.156035] [ 35.156072] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.156160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.156189] Hardware name: linux,dummy-virt (DT) [ 35.156223] Call trace: [ 35.156249] show_stack+0x20/0x38 (C) [ 35.156298] dump_stack_lvl+0x8c/0xd0 [ 35.156346] print_report+0x118/0x5e8 [ 35.156392] kasan_report+0xdc/0x128 [ 35.156438] kasan_check_range+0x100/0x1a8 [ 35.156623] __kasan_check_write+0x20/0x30 [ 35.156714] kasan_atomics_helper+0xe44/0x4858 [ 35.156806] kasan_atomics+0x198/0x2e0 [ 35.156861] kunit_try_run_case+0x170/0x3f0 [ 35.157076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.157189] kthread+0x328/0x630 [ 35.157255] ret_from_fork+0x10/0x20 [ 35.157317] [ 35.157357] Allocated by task 296: [ 35.157389] kasan_save_stack+0x3c/0x68 [ 35.157430] kasan_save_track+0x20/0x40 [ 35.157708] kasan_save_alloc_info+0x40/0x58 [ 35.157776] __kasan_kmalloc+0xd4/0xd8 [ 35.157816] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.157859] kasan_atomics+0xb8/0x2e0 [ 35.157952] kunit_try_run_case+0x170/0x3f0 [ 35.157994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.158040] kthread+0x328/0x630 [ 35.158082] ret_from_fork+0x10/0x20 [ 35.158206] [ 35.158245] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.158245] which belongs to the cache kmalloc-64 of size 64 [ 35.158434] The buggy address is located 0 bytes to the right of [ 35.158434] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.158558] [ 35.158599] The buggy address belongs to the physical page: [ 35.158656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.158712] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.158774] page_type: f5(slab) [ 35.159009] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.159105] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.159189] page dumped because: kasan: bad access detected [ 35.159257] [ 35.159324] Memory state around the buggy address: [ 35.159414] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.159500] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.159901] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.159997] ^ [ 35.160070] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.160173] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.160243] ================================================================== [ 35.249062] ================================================================== [ 35.249115] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 35.249166] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.249216] [ 35.249251] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.249338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.249367] Hardware name: linux,dummy-virt (DT) [ 35.249400] Call trace: [ 35.249426] show_stack+0x20/0x38 (C) [ 35.249473] dump_stack_lvl+0x8c/0xd0 [ 35.249522] print_report+0x118/0x5e8 [ 35.249568] kasan_report+0xdc/0x128 [ 35.249611] kasan_check_range+0x100/0x1a8 [ 35.249657] __kasan_check_write+0x20/0x30 [ 35.249705] kasan_atomics_helper+0x14e4/0x4858 [ 35.249789] kasan_atomics+0x198/0x2e0 [ 35.249873] kunit_try_run_case+0x170/0x3f0 [ 35.249941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.250025] kthread+0x328/0x630 [ 35.250069] ret_from_fork+0x10/0x20 [ 35.250159] [ 35.250240] Allocated by task 296: [ 35.250300] kasan_save_stack+0x3c/0x68 [ 35.250369] kasan_save_track+0x20/0x40 [ 35.250425] kasan_save_alloc_info+0x40/0x58 [ 35.250485] __kasan_kmalloc+0xd4/0xd8 [ 35.250543] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.250588] kasan_atomics+0xb8/0x2e0 [ 35.250628] kunit_try_run_case+0x170/0x3f0 [ 35.250668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.250879] kthread+0x328/0x630 [ 35.250967] ret_from_fork+0x10/0x20 [ 35.251029] [ 35.251196] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.251196] which belongs to the cache kmalloc-64 of size 64 [ 35.251332] The buggy address is located 0 bytes to the right of [ 35.251332] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.251454] [ 35.251622] The buggy address belongs to the physical page: [ 35.251675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.251951] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.252190] page_type: f5(slab) [ 35.252232] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.252286] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.252487] page dumped because: kasan: bad access detected [ 35.252629] [ 35.252707] Memory state around the buggy address: [ 35.252826] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.253032] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.253159] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.253235] ^ [ 35.253285] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.253331] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.253372] ================================================================== [ 35.185393] ================================================================== [ 35.185542] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 35.185599] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.185665] [ 35.185724] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.185842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.185890] Hardware name: linux,dummy-virt (DT) [ 35.185924] Call trace: [ 35.186172] show_stack+0x20/0x38 (C) [ 35.186255] dump_stack_lvl+0x8c/0xd0 [ 35.186308] print_report+0x118/0x5e8 [ 35.186353] kasan_report+0xdc/0x128 [ 35.186418] kasan_check_range+0x100/0x1a8 [ 35.186483] __kasan_check_write+0x20/0x30 [ 35.186574] kasan_atomics_helper+0x1058/0x4858 [ 35.186627] kasan_atomics+0x198/0x2e0 [ 35.186694] kunit_try_run_case+0x170/0x3f0 [ 35.186787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.186862] kthread+0x328/0x630 [ 35.187100] ret_from_fork+0x10/0x20 [ 35.187266] [ 35.187324] Allocated by task 296: [ 35.187422] kasan_save_stack+0x3c/0x68 [ 35.187500] kasan_save_track+0x20/0x40 [ 35.187829] kasan_save_alloc_info+0x40/0x58 [ 35.187919] __kasan_kmalloc+0xd4/0xd8 [ 35.187994] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.188061] kasan_atomics+0xb8/0x2e0 [ 35.188139] kunit_try_run_case+0x170/0x3f0 [ 35.188219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.188318] kthread+0x328/0x630 [ 35.188412] ret_from_fork+0x10/0x20 [ 35.188499] [ 35.188532] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.188532] which belongs to the cache kmalloc-64 of size 64 [ 35.188594] The buggy address is located 0 bytes to the right of [ 35.188594] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.188773] [ 35.188798] The buggy address belongs to the physical page: [ 35.188838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.189003] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.189107] page_type: f5(slab) [ 35.189194] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.189262] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.189342] page dumped because: kasan: bad access detected [ 35.189594] [ 35.189660] Memory state around the buggy address: [ 35.189727] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.189832] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.189917] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.190003] ^ [ 35.190093] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.190179] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.190478] ================================================================== [ 35.234768] ================================================================== [ 35.234821] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 35.234891] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.234953] [ 35.234985] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.235157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.235315] Hardware name: linux,dummy-virt (DT) [ 35.235409] Call trace: [ 35.235480] show_stack+0x20/0x38 (C) [ 35.235569] dump_stack_lvl+0x8c/0xd0 [ 35.235806] print_report+0x118/0x5e8 [ 35.236057] kasan_report+0xdc/0x128 [ 35.236159] kasan_check_range+0x100/0x1a8 [ 35.236278] __kasan_check_write+0x20/0x30 [ 35.236365] kasan_atomics_helper+0x1414/0x4858 [ 35.236472] kasan_atomics+0x198/0x2e0 [ 35.236548] kunit_try_run_case+0x170/0x3f0 [ 35.236615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.236673] kthread+0x328/0x630 [ 35.236715] ret_from_fork+0x10/0x20 [ 35.236774] [ 35.236798] Allocated by task 296: [ 35.236827] kasan_save_stack+0x3c/0x68 [ 35.237144] kasan_save_track+0x20/0x40 [ 35.237252] kasan_save_alloc_info+0x40/0x58 [ 35.237320] __kasan_kmalloc+0xd4/0xd8 [ 35.237380] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.237457] kasan_atomics+0xb8/0x2e0 [ 35.237508] kunit_try_run_case+0x170/0x3f0 [ 35.237549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.237769] kthread+0x328/0x630 [ 35.237866] ret_from_fork+0x10/0x20 [ 35.237943] [ 35.238000] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.238000] which belongs to the cache kmalloc-64 of size 64 [ 35.238113] The buggy address is located 0 bytes to the right of [ 35.238113] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.238180] [ 35.238434] The buggy address belongs to the physical page: [ 35.238591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.238692] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.238779] page_type: f5(slab) [ 35.238963] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.239253] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.239314] page dumped because: kasan: bad access detected [ 35.239349] [ 35.239369] Memory state around the buggy address: [ 35.239404] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.239450] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.241116] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.242978] ^ [ 35.243044] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.243092] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.243135] ================================================================== [ 35.165483] ================================================================== [ 35.165539] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 35.165590] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.165679] [ 35.165938] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.166069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.166122] Hardware name: linux,dummy-virt (DT) [ 35.166157] Call trace: [ 35.166184] show_stack+0x20/0x38 (C) [ 35.166241] dump_stack_lvl+0x8c/0xd0 [ 35.166317] print_report+0x118/0x5e8 [ 35.166383] kasan_report+0xdc/0x128 [ 35.166430] kasan_check_range+0x100/0x1a8 [ 35.166477] __kasan_check_write+0x20/0x30 [ 35.166535] kasan_atomics_helper+0xeb8/0x4858 [ 35.166586] kasan_atomics+0x198/0x2e0 [ 35.166635] kunit_try_run_case+0x170/0x3f0 [ 35.166681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.166735] kthread+0x328/0x630 [ 35.166790] ret_from_fork+0x10/0x20 [ 35.166839] [ 35.166859] Allocated by task 296: [ 35.167516] kasan_save_stack+0x3c/0x68 [ 35.167823] kasan_save_track+0x20/0x40 [ 35.167931] kasan_save_alloc_info+0x40/0x58 [ 35.168042] __kasan_kmalloc+0xd4/0xd8 [ 35.168141] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.168241] kasan_atomics+0xb8/0x2e0 [ 35.168312] kunit_try_run_case+0x170/0x3f0 [ 35.168352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.168549] kthread+0x328/0x630 [ 35.168589] ret_from_fork+0x10/0x20 [ 35.168628] [ 35.168651] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.168651] which belongs to the cache kmalloc-64 of size 64 [ 35.168716] The buggy address is located 0 bytes to the right of [ 35.168716] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.168929] [ 35.168992] The buggy address belongs to the physical page: [ 35.169051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.169141] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.169389] page_type: f5(slab) [ 35.169484] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.169602] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.169680] page dumped because: kasan: bad access detected [ 35.169732] [ 35.169818] Memory state around the buggy address: [ 35.169883] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.169973] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.170055] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.170323] ^ [ 35.170403] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.170461] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.170503] ================================================================== [ 35.129649] ================================================================== [ 35.129700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 35.129770] Read of size 4 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.129849] [ 35.129885] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.129991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.130023] Hardware name: linux,dummy-virt (DT) [ 35.130058] Call trace: [ 35.130084] show_stack+0x20/0x38 (C) [ 35.130141] dump_stack_lvl+0x8c/0xd0 [ 35.130191] print_report+0x118/0x5e8 [ 35.130237] kasan_report+0xdc/0x128 [ 35.130406] __asan_report_load4_noabort+0x20/0x30 [ 35.130539] kasan_atomics_helper+0x3dd8/0x4858 [ 35.130594] kasan_atomics+0x198/0x2e0 [ 35.130670] kunit_try_run_case+0x170/0x3f0 [ 35.130721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.130992] kthread+0x328/0x630 [ 35.131138] ret_from_fork+0x10/0x20 [ 35.131308] [ 35.131369] Allocated by task 296: [ 35.131427] kasan_save_stack+0x3c/0x68 [ 35.131469] kasan_save_track+0x20/0x40 [ 35.131716] kasan_save_alloc_info+0x40/0x58 [ 35.131780] __kasan_kmalloc+0xd4/0xd8 [ 35.131910] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.132007] kasan_atomics+0xb8/0x2e0 [ 35.132097] kunit_try_run_case+0x170/0x3f0 [ 35.132203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.132278] kthread+0x328/0x630 [ 35.132357] ret_from_fork+0x10/0x20 [ 35.132588] [ 35.132717] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.132717] which belongs to the cache kmalloc-64 of size 64 [ 35.132881] The buggy address is located 0 bytes to the right of [ 35.132881] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.132960] [ 35.132983] The buggy address belongs to the physical page: [ 35.133035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.133363] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.133519] page_type: f5(slab) [ 35.133724] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.133933] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.134067] page dumped because: kasan: bad access detected [ 35.134160] [ 35.134217] Memory state around the buggy address: [ 35.134333] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.134409] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.134492] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.134613] ^ [ 35.134700] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.134767] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.134806] ================================================================== [ 35.217383] ================================================================== [ 35.217437] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 35.217490] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.217638] [ 35.217704] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.217808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.217837] Hardware name: linux,dummy-virt (DT) [ 35.217871] Call trace: [ 35.217895] show_stack+0x20/0x38 (C) [ 35.217945] dump_stack_lvl+0x8c/0xd0 [ 35.218327] print_report+0x118/0x5e8 [ 35.218389] kasan_report+0xdc/0x128 [ 35.218435] kasan_check_range+0x100/0x1a8 [ 35.218524] __kasan_check_write+0x20/0x30 [ 35.218575] kasan_atomics_helper+0x12d8/0x4858 [ 35.218665] kasan_atomics+0x198/0x2e0 [ 35.218715] kunit_try_run_case+0x170/0x3f0 [ 35.218877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.218932] kthread+0x328/0x630 [ 35.219206] ret_from_fork+0x10/0x20 [ 35.219566] [ 35.219638] Allocated by task 296: [ 35.219852] kasan_save_stack+0x3c/0x68 [ 35.220004] kasan_save_track+0x20/0x40 [ 35.220125] kasan_save_alloc_info+0x40/0x58 [ 35.220243] __kasan_kmalloc+0xd4/0xd8 [ 35.220282] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.220348] kasan_atomics+0xb8/0x2e0 [ 35.220389] kunit_try_run_case+0x170/0x3f0 [ 35.220625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.220817] kthread+0x328/0x630 [ 35.220957] ret_from_fork+0x10/0x20 [ 35.221044] [ 35.221088] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.221088] which belongs to the cache kmalloc-64 of size 64 [ 35.221246] The buggy address is located 0 bytes to the right of [ 35.221246] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.221428] [ 35.221470] The buggy address belongs to the physical page: [ 35.221583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.221642] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.221692] page_type: f5(slab) [ 35.221774] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.222099] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.222193] page dumped because: kasan: bad access detected [ 35.222381] [ 35.222516] Memory state around the buggy address: [ 35.222589] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.222659] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.222706] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.222774] ^ [ 35.222809] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.222856] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.222976] ================================================================== [ 35.210977] ================================================================== [ 35.211029] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 35.211079] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.211135] [ 35.211167] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.211618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.211663] Hardware name: linux,dummy-virt (DT) [ 35.211699] Call trace: [ 35.211724] show_stack+0x20/0x38 (C) [ 35.211789] dump_stack_lvl+0x8c/0xd0 [ 35.211838] print_report+0x118/0x5e8 [ 35.211897] kasan_report+0xdc/0x128 [ 35.211975] kasan_check_range+0x100/0x1a8 [ 35.212022] __kasan_check_write+0x20/0x30 [ 35.212069] kasan_atomics_helper+0x126c/0x4858 [ 35.212250] kasan_atomics+0x198/0x2e0 [ 35.212349] kunit_try_run_case+0x170/0x3f0 [ 35.212462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.212599] kthread+0x328/0x630 [ 35.212949] ret_from_fork+0x10/0x20 [ 35.213098] [ 35.213161] Allocated by task 296: [ 35.213204] kasan_save_stack+0x3c/0x68 [ 35.213275] kasan_save_track+0x20/0x40 [ 35.213345] kasan_save_alloc_info+0x40/0x58 [ 35.213437] __kasan_kmalloc+0xd4/0xd8 [ 35.213474] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.213529] kasan_atomics+0xb8/0x2e0 [ 35.213870] kunit_try_run_case+0x170/0x3f0 [ 35.213982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.214096] kthread+0x328/0x630 [ 35.214353] ret_from_fork+0x10/0x20 [ 35.214460] [ 35.214529] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.214529] which belongs to the cache kmalloc-64 of size 64 [ 35.214653] The buggy address is located 0 bytes to the right of [ 35.214653] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.214784] [ 35.214884] The buggy address belongs to the physical page: [ 35.214981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.215043] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.215397] page_type: f5(slab) [ 35.215465] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.215616] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.215691] page dumped because: kasan: bad access detected [ 35.216027] [ 35.216072] Memory state around the buggy address: [ 35.216162] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.216258] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.216382] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.216450] ^ [ 35.216535] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.216627] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.216734] ================================================================== [ 35.273842] ================================================================== [ 35.273895] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 35.273989] Read of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.274043] [ 35.274099] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.274192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.274221] Hardware name: linux,dummy-virt (DT) [ 35.274275] Call trace: [ 35.274300] show_stack+0x20/0x38 (C) [ 35.274374] dump_stack_lvl+0x8c/0xd0 [ 35.274423] print_report+0x118/0x5e8 [ 35.274470] kasan_report+0xdc/0x128 [ 35.274521] __asan_report_load8_noabort+0x20/0x30 [ 35.274982] kasan_atomics_helper+0x3df4/0x4858 [ 35.275086] kasan_atomics+0x198/0x2e0 [ 35.275151] kunit_try_run_case+0x170/0x3f0 [ 35.275520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.275629] kthread+0x328/0x630 [ 35.275734] ret_from_fork+0x10/0x20 [ 35.275857] [ 35.275880] Allocated by task 296: [ 35.275937] kasan_save_stack+0x3c/0x68 [ 35.275980] kasan_save_track+0x20/0x40 [ 35.276018] kasan_save_alloc_info+0x40/0x58 [ 35.276058] __kasan_kmalloc+0xd4/0xd8 [ 35.276095] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.276177] kasan_atomics+0xb8/0x2e0 [ 35.276256] kunit_try_run_case+0x170/0x3f0 [ 35.276296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.276364] kthread+0x328/0x630 [ 35.276422] ret_from_fork+0x10/0x20 [ 35.276547] [ 35.276605] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.276605] which belongs to the cache kmalloc-64 of size 64 [ 35.276733] The buggy address is located 0 bytes to the right of [ 35.276733] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.276825] [ 35.276849] The buggy address belongs to the physical page: [ 35.276888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.276944] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.276994] page_type: f5(slab) [ 35.277032] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.277125] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.277170] page dumped because: kasan: bad access detected [ 35.277203] [ 35.277224] Memory state around the buggy address: [ 35.277404] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.277487] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.277561] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.277611] ^ [ 35.277647] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.277693] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.277742] ================================================================== [ 35.229083] ================================================================== [ 35.229159] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 35.229213] Read of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.229264] [ 35.229297] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.229384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.229413] Hardware name: linux,dummy-virt (DT) [ 35.229446] Call trace: [ 35.229471] show_stack+0x20/0x38 (C) [ 35.229561] dump_stack_lvl+0x8c/0xd0 [ 35.229721] print_report+0x118/0x5e8 [ 35.229853] kasan_report+0xdc/0x128 [ 35.229910] __asan_report_load8_noabort+0x20/0x30 [ 35.229970] kasan_atomics_helper+0x3f04/0x4858 [ 35.230023] kasan_atomics+0x198/0x2e0 [ 35.230145] kunit_try_run_case+0x170/0x3f0 [ 35.230406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.230494] kthread+0x328/0x630 [ 35.230538] ret_from_fork+0x10/0x20 [ 35.230606] [ 35.230667] Allocated by task 296: [ 35.230705] kasan_save_stack+0x3c/0x68 [ 35.230783] kasan_save_track+0x20/0x40 [ 35.230822] kasan_save_alloc_info+0x40/0x58 [ 35.230862] __kasan_kmalloc+0xd4/0xd8 [ 35.230898] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.231176] kasan_atomics+0xb8/0x2e0 [ 35.231299] kunit_try_run_case+0x170/0x3f0 [ 35.231425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.231512] kthread+0x328/0x630 [ 35.231822] ret_from_fork+0x10/0x20 [ 35.231944] [ 35.232006] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.232006] which belongs to the cache kmalloc-64 of size 64 [ 35.232154] The buggy address is located 0 bytes to the right of [ 35.232154] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.232250] [ 35.232353] The buggy address belongs to the physical page: [ 35.232405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.232461] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.232530] page_type: f5(slab) [ 35.232570] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.232870] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.232993] page dumped because: kasan: bad access detected [ 35.233065] [ 35.233209] Memory state around the buggy address: [ 35.233419] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.233473] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.233518] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.233775] ^ [ 35.233895] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.233984] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.234171] ================================================================== [ 35.268707] ================================================================== [ 35.268812] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 35.268886] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.268956] [ 35.268990] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.269080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.269140] Hardware name: linux,dummy-virt (DT) [ 35.269174] Call trace: [ 35.269199] show_stack+0x20/0x38 (C) [ 35.269248] dump_stack_lvl+0x8c/0xd0 [ 35.269294] print_report+0x118/0x5e8 [ 35.269340] kasan_report+0xdc/0x128 [ 35.269385] kasan_check_range+0x100/0x1a8 [ 35.269483] __kasan_check_write+0x20/0x30 [ 35.269536] kasan_atomics_helper+0x1644/0x4858 [ 35.269699] kasan_atomics+0x198/0x2e0 [ 35.269770] kunit_try_run_case+0x170/0x3f0 [ 35.269826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.269900] kthread+0x328/0x630 [ 35.269943] ret_from_fork+0x10/0x20 [ 35.269993] [ 35.270015] Allocated by task 296: [ 35.270046] kasan_save_stack+0x3c/0x68 [ 35.270085] kasan_save_track+0x20/0x40 [ 35.270127] kasan_save_alloc_info+0x40/0x58 [ 35.270168] __kasan_kmalloc+0xd4/0xd8 [ 35.270205] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.270248] kasan_atomics+0xb8/0x2e0 [ 35.270418] kunit_try_run_case+0x170/0x3f0 [ 35.270556] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.270680] kthread+0x328/0x630 [ 35.270760] ret_from_fork+0x10/0x20 [ 35.270808] [ 35.270995] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.270995] which belongs to the cache kmalloc-64 of size 64 [ 35.271193] The buggy address is located 0 bytes to the right of [ 35.271193] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.271318] [ 35.271386] The buggy address belongs to the physical page: [ 35.271426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.271483] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.271738] page_type: f5(slab) [ 35.271831] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.271981] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.272067] page dumped because: kasan: bad access detected [ 35.272200] [ 35.272258] Memory state around the buggy address: [ 35.272354] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.272666] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.272780] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.272900] ^ [ 35.272965] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.273033] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.273170] ================================================================== [ 35.201347] ================================================================== [ 35.201400] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 35.201676] Write of size 8 at addr fff00000c9b8ffb0 by task kunit_try_catch/296 [ 35.201765] [ 35.201809] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250724 #1 PREEMPT [ 35.201898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.201937] Hardware name: linux,dummy-virt (DT) [ 35.201969] Call trace: [ 35.201995] show_stack+0x20/0x38 (C) [ 35.202121] dump_stack_lvl+0x8c/0xd0 [ 35.202178] print_report+0x118/0x5e8 [ 35.202222] kasan_report+0xdc/0x128 [ 35.202309] kasan_check_range+0x100/0x1a8 [ 35.202614] __kasan_check_write+0x20/0x30 [ 35.202679] kasan_atomics_helper+0x1190/0x4858 [ 35.202734] kasan_atomics+0x198/0x2e0 [ 35.203025] kunit_try_run_case+0x170/0x3f0 [ 35.203171] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.203360] kthread+0x328/0x630 [ 35.203989] ret_from_fork+0x10/0x20 [ 35.204248] [ 35.204289] Allocated by task 296: [ 35.204322] kasan_save_stack+0x3c/0x68 [ 35.204393] kasan_save_track+0x20/0x40 [ 35.205079] kasan_save_alloc_info+0x40/0x58 [ 35.205211] __kasan_kmalloc+0xd4/0xd8 [ 35.205456] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.205528] kasan_atomics+0xb8/0x2e0 [ 35.205571] kunit_try_run_case+0x170/0x3f0 [ 35.205611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.205658] kthread+0x328/0x630 [ 35.205694] ret_from_fork+0x10/0x20 [ 35.205733] [ 35.205765] The buggy address belongs to the object at fff00000c9b8ff80 [ 35.205765] which belongs to the cache kmalloc-64 of size 64 [ 35.205830] The buggy address is located 0 bytes to the right of [ 35.205830] allocated 48-byte region [fff00000c9b8ff80, fff00000c9b8ffb0) [ 35.205896] [ 35.205918] The buggy address belongs to the physical page: [ 35.205958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b8f [ 35.206015] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.206064] page_type: f5(slab) [ 35.206105] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.206160] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.206204] page dumped because: kasan: bad access detected [ 35.206238] [ 35.206260] Memory state around the buggy address: [ 35.206295] fff00000c9b8fe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.206342] fff00000c9b8ff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.206388] >fff00000c9b8ff80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.206428] ^ [ 35.206462] fff00000c9b90000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.206508] fff00000c9b90080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.206549] ==================================================================
[ 29.986034] ================================================================== [ 29.986525] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 29.987263] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.987742] [ 29.987871] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.987940] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.987957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.987982] Call Trace: [ 29.988002] <TASK> [ 29.988021] dump_stack_lvl+0x73/0xb0 [ 29.988052] print_report+0xd1/0x640 [ 29.988075] ? __virt_addr_valid+0x1db/0x2d0 [ 29.988101] ? kasan_atomics_helper+0x1079/0x5450 [ 29.988123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.988149] ? kasan_atomics_helper+0x1079/0x5450 [ 29.988172] kasan_report+0x141/0x180 [ 29.988194] ? kasan_atomics_helper+0x1079/0x5450 [ 29.988221] kasan_check_range+0x10c/0x1c0 [ 29.988246] __kasan_check_write+0x18/0x20 [ 29.988271] kasan_atomics_helper+0x1079/0x5450 [ 29.988295] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.988318] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.988345] ? kasan_atomics+0x152/0x310 [ 29.988372] kasan_atomics+0x1dc/0x310 [ 29.988395] ? __pfx_kasan_atomics+0x10/0x10 [ 29.988419] ? __pfx_read_tsc+0x10/0x10 [ 29.988445] ? ktime_get_ts64+0x86/0x230 [ 29.988471] kunit_try_run_case+0x1a5/0x480 [ 29.988497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.988520] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.988547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.988583] ? __kthread_parkme+0x82/0x180 [ 29.988603] ? preempt_count_sub+0x50/0x80 [ 29.988628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.988653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.988677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.988702] kthread+0x337/0x6f0 [ 29.988721] ? trace_preempt_on+0x20/0xc0 [ 29.988747] ? __pfx_kthread+0x10/0x10 [ 29.988768] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.988892] ? calculate_sigpending+0x7b/0xa0 [ 29.988919] ? __pfx_kthread+0x10/0x10 [ 29.988941] ret_from_fork+0x116/0x1d0 [ 29.988962] ? __pfx_kthread+0x10/0x10 [ 29.988982] ret_from_fork_asm+0x1a/0x30 [ 29.989015] </TASK> [ 29.989027] [ 30.001649] Allocated by task 313: [ 30.002176] kasan_save_stack+0x45/0x70 [ 30.002460] kasan_save_track+0x18/0x40 [ 30.002775] kasan_save_alloc_info+0x3b/0x50 [ 30.003153] __kasan_kmalloc+0xb7/0xc0 [ 30.003329] __kmalloc_cache_noprof+0x189/0x420 [ 30.003909] kasan_atomics+0x95/0x310 [ 30.004197] kunit_try_run_case+0x1a5/0x480 [ 30.004517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.004779] kthread+0x337/0x6f0 [ 30.005106] ret_from_fork+0x116/0x1d0 [ 30.005476] ret_from_fork_asm+0x1a/0x30 [ 30.005676] [ 30.005771] The buggy address belongs to the object at ffff888106038600 [ 30.005771] which belongs to the cache kmalloc-64 of size 64 [ 30.006680] The buggy address is located 0 bytes to the right of [ 30.006680] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.007633] [ 30.007738] The buggy address belongs to the physical page: [ 30.008263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.008743] flags: 0x200000000000000(node=0|zone=2) [ 30.009193] page_type: f5(slab) [ 30.009492] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.009991] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.010540] page dumped because: kasan: bad access detected [ 30.010970] [ 30.011104] Memory state around the buggy address: [ 30.011449] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.011753] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.012318] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.012818] ^ [ 30.013299] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.013634] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.014311] ================================================================== [ 30.696819] ================================================================== [ 30.697496] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 30.698041] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.698334] [ 30.698686] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.698909] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.699027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.699052] Call Trace: [ 30.699074] <TASK> [ 30.699193] dump_stack_lvl+0x73/0xb0 [ 30.699225] print_report+0xd1/0x640 [ 30.699249] ? __virt_addr_valid+0x1db/0x2d0 [ 30.699280] ? kasan_atomics_helper+0x1e12/0x5450 [ 30.699303] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.699329] ? kasan_atomics_helper+0x1e12/0x5450 [ 30.699352] kasan_report+0x141/0x180 [ 30.699375] ? kasan_atomics_helper+0x1e12/0x5450 [ 30.699402] kasan_check_range+0x10c/0x1c0 [ 30.699426] __kasan_check_write+0x18/0x20 [ 30.699450] kasan_atomics_helper+0x1e12/0x5450 [ 30.699474] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.699497] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.699524] ? kasan_atomics+0x152/0x310 [ 30.699550] kasan_atomics+0x1dc/0x310 [ 30.699584] ? __pfx_kasan_atomics+0x10/0x10 [ 30.699609] ? __pfx_read_tsc+0x10/0x10 [ 30.699633] ? ktime_get_ts64+0x86/0x230 [ 30.699658] kunit_try_run_case+0x1a5/0x480 [ 30.699684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.699708] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.699734] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.699759] ? __kthread_parkme+0x82/0x180 [ 30.699791] ? preempt_count_sub+0x50/0x80 [ 30.699817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.699841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.699865] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.699891] kthread+0x337/0x6f0 [ 30.699911] ? trace_preempt_on+0x20/0xc0 [ 30.699947] ? __pfx_kthread+0x10/0x10 [ 30.699968] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.699992] ? calculate_sigpending+0x7b/0xa0 [ 30.700017] ? __pfx_kthread+0x10/0x10 [ 30.700038] ret_from_fork+0x116/0x1d0 [ 30.700059] ? __pfx_kthread+0x10/0x10 [ 30.700079] ret_from_fork_asm+0x1a/0x30 [ 30.700113] </TASK> [ 30.700125] [ 30.712276] Allocated by task 313: [ 30.712502] kasan_save_stack+0x45/0x70 [ 30.712958] kasan_save_track+0x18/0x40 [ 30.713207] kasan_save_alloc_info+0x3b/0x50 [ 30.713671] __kasan_kmalloc+0xb7/0xc0 [ 30.714026] __kmalloc_cache_noprof+0x189/0x420 [ 30.714329] kasan_atomics+0x95/0x310 [ 30.714518] kunit_try_run_case+0x1a5/0x480 [ 30.714701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.714996] kthread+0x337/0x6f0 [ 30.715505] ret_from_fork+0x116/0x1d0 [ 30.715669] ret_from_fork_asm+0x1a/0x30 [ 30.716199] [ 30.716360] The buggy address belongs to the object at ffff888106038600 [ 30.716360] which belongs to the cache kmalloc-64 of size 64 [ 30.716858] The buggy address is located 0 bytes to the right of [ 30.716858] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.717757] [ 30.717878] The buggy address belongs to the physical page: [ 30.718345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.718911] flags: 0x200000000000000(node=0|zone=2) [ 30.719258] page_type: f5(slab) [ 30.719428] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.719813] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.720166] page dumped because: kasan: bad access detected [ 30.720505] [ 30.720584] Memory state around the buggy address: [ 30.720797] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.721188] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.721601] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.721894] ^ [ 30.722072] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.722511] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.722988] ================================================================== [ 29.346478] ================================================================== [ 29.347092] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 29.347480] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.347818] [ 29.347948] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.348033] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.348048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.348071] Call Trace: [ 29.348089] <TASK> [ 29.348109] dump_stack_lvl+0x73/0xb0 [ 29.348137] print_report+0xd1/0x640 [ 29.348160] ? __virt_addr_valid+0x1db/0x2d0 [ 29.348185] ? kasan_atomics_helper+0x4ba2/0x5450 [ 29.348208] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.348236] ? kasan_atomics_helper+0x4ba2/0x5450 [ 29.348258] kasan_report+0x141/0x180 [ 29.348281] ? kasan_atomics_helper+0x4ba2/0x5450 [ 29.348309] __asan_report_store4_noabort+0x1b/0x30 [ 29.348334] kasan_atomics_helper+0x4ba2/0x5450 [ 29.348358] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.348381] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.348407] ? kasan_atomics+0x152/0x310 [ 29.348433] kasan_atomics+0x1dc/0x310 [ 29.348456] ? __pfx_kasan_atomics+0x10/0x10 [ 29.348481] ? __pfx_read_tsc+0x10/0x10 [ 29.348504] ? ktime_get_ts64+0x86/0x230 [ 29.348529] kunit_try_run_case+0x1a5/0x480 [ 29.348555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.348589] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.348616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.348641] ? __kthread_parkme+0x82/0x180 [ 29.348663] ? preempt_count_sub+0x50/0x80 [ 29.348689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.348713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.348738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.348762] kthread+0x337/0x6f0 [ 29.348783] ? trace_preempt_on+0x20/0xc0 [ 29.348807] ? __pfx_kthread+0x10/0x10 [ 29.348829] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.348852] ? calculate_sigpending+0x7b/0xa0 [ 29.348877] ? __pfx_kthread+0x10/0x10 [ 29.348899] ret_from_fork+0x116/0x1d0 [ 29.348956] ? __pfx_kthread+0x10/0x10 [ 29.348978] ret_from_fork_asm+0x1a/0x30 [ 29.349012] </TASK> [ 29.349024] [ 29.357437] Allocated by task 313: [ 29.357623] kasan_save_stack+0x45/0x70 [ 29.357855] kasan_save_track+0x18/0x40 [ 29.358119] kasan_save_alloc_info+0x3b/0x50 [ 29.358280] __kasan_kmalloc+0xb7/0xc0 [ 29.358409] __kmalloc_cache_noprof+0x189/0x420 [ 29.358561] kasan_atomics+0x95/0x310 [ 29.358702] kunit_try_run_case+0x1a5/0x480 [ 29.359022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.359274] kthread+0x337/0x6f0 [ 29.359439] ret_from_fork+0x116/0x1d0 [ 29.359634] ret_from_fork_asm+0x1a/0x30 [ 29.359775] [ 29.359842] The buggy address belongs to the object at ffff888106038600 [ 29.359842] which belongs to the cache kmalloc-64 of size 64 [ 29.360456] The buggy address is located 0 bytes to the right of [ 29.360456] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.361154] [ 29.361284] The buggy address belongs to the physical page: [ 29.361599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.362011] flags: 0x200000000000000(node=0|zone=2) [ 29.362169] page_type: f5(slab) [ 29.362420] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.362774] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.363360] page dumped because: kasan: bad access detected [ 29.363526] [ 29.363607] Memory state around the buggy address: [ 29.364106] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.365004] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.365419] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.365770] ^ [ 29.366037] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.366330] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.366536] ================================================================== [ 29.545674] ================================================================== [ 29.545922] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 29.546632] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.547078] [ 29.547236] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.547311] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.547327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.547350] Call Trace: [ 29.547370] <TASK> [ 29.547390] dump_stack_lvl+0x73/0xb0 [ 29.547419] print_report+0xd1/0x640 [ 29.547471] ? __virt_addr_valid+0x1db/0x2d0 [ 29.547496] ? kasan_atomics_helper+0x5fe/0x5450 [ 29.547517] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.547545] ? kasan_atomics_helper+0x5fe/0x5450 [ 29.547566] kasan_report+0x141/0x180 [ 29.547601] ? kasan_atomics_helper+0x5fe/0x5450 [ 29.547627] kasan_check_range+0x10c/0x1c0 [ 29.547651] __kasan_check_write+0x18/0x20 [ 29.547676] kasan_atomics_helper+0x5fe/0x5450 [ 29.547699] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.547723] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.547748] ? kasan_atomics+0x152/0x310 [ 29.547774] kasan_atomics+0x1dc/0x310 [ 29.547797] ? __pfx_kasan_atomics+0x10/0x10 [ 29.547850] ? __pfx_read_tsc+0x10/0x10 [ 29.547873] ? ktime_get_ts64+0x86/0x230 [ 29.547898] kunit_try_run_case+0x1a5/0x480 [ 29.547936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.547961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.547988] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.548015] ? __kthread_parkme+0x82/0x180 [ 29.548036] ? preempt_count_sub+0x50/0x80 [ 29.548060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.548101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.548127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.548151] kthread+0x337/0x6f0 [ 29.548172] ? trace_preempt_on+0x20/0xc0 [ 29.548197] ? __pfx_kthread+0x10/0x10 [ 29.548218] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.548241] ? calculate_sigpending+0x7b/0xa0 [ 29.548266] ? __pfx_kthread+0x10/0x10 [ 29.548289] ret_from_fork+0x116/0x1d0 [ 29.548310] ? __pfx_kthread+0x10/0x10 [ 29.548331] ret_from_fork_asm+0x1a/0x30 [ 29.548364] </TASK> [ 29.548376] [ 29.556275] Allocated by task 313: [ 29.556462] kasan_save_stack+0x45/0x70 [ 29.556666] kasan_save_track+0x18/0x40 [ 29.556800] kasan_save_alloc_info+0x3b/0x50 [ 29.556972] __kasan_kmalloc+0xb7/0xc0 [ 29.557102] __kmalloc_cache_noprof+0x189/0x420 [ 29.557323] kasan_atomics+0x95/0x310 [ 29.557529] kunit_try_run_case+0x1a5/0x480 [ 29.557748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.558057] kthread+0x337/0x6f0 [ 29.558230] ret_from_fork+0x116/0x1d0 [ 29.558375] ret_from_fork_asm+0x1a/0x30 [ 29.558510] [ 29.558633] The buggy address belongs to the object at ffff888106038600 [ 29.558633] which belongs to the cache kmalloc-64 of size 64 [ 29.559008] The buggy address is located 0 bytes to the right of [ 29.559008] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.559374] [ 29.559442] The buggy address belongs to the physical page: [ 29.559643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.560001] flags: 0x200000000000000(node=0|zone=2) [ 29.560234] page_type: f5(slab) [ 29.560399] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.560864] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.561228] page dumped because: kasan: bad access detected [ 29.561487] [ 29.561584] Memory state around the buggy address: [ 29.561802] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.562140] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.562368] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.562584] ^ [ 29.562740] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.562980] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.563522] ================================================================== [ 30.357007] ================================================================== [ 30.357260] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 30.357775] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.358091] [ 30.358510] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.358567] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.358594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.358618] Call Trace: [ 30.358633] <TASK> [ 30.358652] dump_stack_lvl+0x73/0xb0 [ 30.358683] print_report+0xd1/0x640 [ 30.358708] ? __virt_addr_valid+0x1db/0x2d0 [ 30.358733] ? kasan_atomics_helper+0x16e7/0x5450 [ 30.358755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.358900] ? kasan_atomics_helper+0x16e7/0x5450 [ 30.358945] kasan_report+0x141/0x180 [ 30.359025] ? kasan_atomics_helper+0x16e7/0x5450 [ 30.359053] kasan_check_range+0x10c/0x1c0 [ 30.359078] __kasan_check_write+0x18/0x20 [ 30.359102] kasan_atomics_helper+0x16e7/0x5450 [ 30.359126] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.359149] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.359175] ? kasan_atomics+0x152/0x310 [ 30.359203] kasan_atomics+0x1dc/0x310 [ 30.359226] ? __pfx_kasan_atomics+0x10/0x10 [ 30.359259] ? __pfx_read_tsc+0x10/0x10 [ 30.359281] ? ktime_get_ts64+0x86/0x230 [ 30.359307] kunit_try_run_case+0x1a5/0x480 [ 30.359334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.359357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.359383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.359409] ? __kthread_parkme+0x82/0x180 [ 30.359431] ? preempt_count_sub+0x50/0x80 [ 30.359456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.359481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.359505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.359530] kthread+0x337/0x6f0 [ 30.359551] ? trace_preempt_on+0x20/0xc0 [ 30.359586] ? __pfx_kthread+0x10/0x10 [ 30.359610] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.359635] ? calculate_sigpending+0x7b/0xa0 [ 30.359660] ? __pfx_kthread+0x10/0x10 [ 30.359683] ret_from_fork+0x116/0x1d0 [ 30.359704] ? __pfx_kthread+0x10/0x10 [ 30.359726] ret_from_fork_asm+0x1a/0x30 [ 30.359758] </TASK> [ 30.359771] [ 30.368199] Allocated by task 313: [ 30.368390] kasan_save_stack+0x45/0x70 [ 30.368558] kasan_save_track+0x18/0x40 [ 30.368760] kasan_save_alloc_info+0x3b/0x50 [ 30.368944] __kasan_kmalloc+0xb7/0xc0 [ 30.369167] __kmalloc_cache_noprof+0x189/0x420 [ 30.369354] kasan_atomics+0x95/0x310 [ 30.370006] kunit_try_run_case+0x1a5/0x480 [ 30.370150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.370319] kthread+0x337/0x6f0 [ 30.370431] ret_from_fork+0x116/0x1d0 [ 30.370556] ret_from_fork_asm+0x1a/0x30 [ 30.370756] [ 30.370847] The buggy address belongs to the object at ffff888106038600 [ 30.370847] which belongs to the cache kmalloc-64 of size 64 [ 30.371372] The buggy address is located 0 bytes to the right of [ 30.371372] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.373303] [ 30.373394] The buggy address belongs to the physical page: [ 30.373585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.373827] flags: 0x200000000000000(node=0|zone=2) [ 30.374065] page_type: f5(slab) [ 30.374232] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.375260] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.376247] page dumped because: kasan: bad access detected [ 30.376533] [ 30.376614] Memory state around the buggy address: [ 30.377480] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.378033] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.378657] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.379387] ^ [ 30.379627] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.380064] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.381159] ================================================================== [ 30.723569] ================================================================== [ 30.723847] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 30.724352] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.724730] [ 30.724933] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.724987] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.725003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.725026] Call Trace: [ 30.725044] <TASK> [ 30.725061] dump_stack_lvl+0x73/0xb0 [ 30.725159] print_report+0xd1/0x640 [ 30.725229] ? __virt_addr_valid+0x1db/0x2d0 [ 30.725255] ? kasan_atomics_helper+0x1eaa/0x5450 [ 30.725276] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.725353] ? kasan_atomics_helper+0x1eaa/0x5450 [ 30.725376] kasan_report+0x141/0x180 [ 30.725463] ? kasan_atomics_helper+0x1eaa/0x5450 [ 30.725502] kasan_check_range+0x10c/0x1c0 [ 30.725538] __kasan_check_write+0x18/0x20 [ 30.725563] kasan_atomics_helper+0x1eaa/0x5450 [ 30.725595] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.725618] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.725644] ? kasan_atomics+0x152/0x310 [ 30.725671] kasan_atomics+0x1dc/0x310 [ 30.725695] ? __pfx_kasan_atomics+0x10/0x10 [ 30.725720] ? __pfx_read_tsc+0x10/0x10 [ 30.725743] ? ktime_get_ts64+0x86/0x230 [ 30.725769] kunit_try_run_case+0x1a5/0x480 [ 30.725795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.725818] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.725845] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.725887] ? __kthread_parkme+0x82/0x180 [ 30.725909] ? preempt_count_sub+0x50/0x80 [ 30.725940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.725965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.725990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.726014] kthread+0x337/0x6f0 [ 30.726080] ? trace_preempt_on+0x20/0xc0 [ 30.726106] ? __pfx_kthread+0x10/0x10 [ 30.726126] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.726162] ? calculate_sigpending+0x7b/0xa0 [ 30.726229] ? __pfx_kthread+0x10/0x10 [ 30.726253] ret_from_fork+0x116/0x1d0 [ 30.726273] ? __pfx_kthread+0x10/0x10 [ 30.726306] ret_from_fork_asm+0x1a/0x30 [ 30.726339] </TASK> [ 30.726350] [ 30.738781] Allocated by task 313: [ 30.738996] kasan_save_stack+0x45/0x70 [ 30.739321] kasan_save_track+0x18/0x40 [ 30.739491] kasan_save_alloc_info+0x3b/0x50 [ 30.739696] __kasan_kmalloc+0xb7/0xc0 [ 30.740198] __kmalloc_cache_noprof+0x189/0x420 [ 30.740678] kasan_atomics+0x95/0x310 [ 30.741101] kunit_try_run_case+0x1a5/0x480 [ 30.741458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.741734] kthread+0x337/0x6f0 [ 30.742108] ret_from_fork+0x116/0x1d0 [ 30.742445] ret_from_fork_asm+0x1a/0x30 [ 30.742637] [ 30.742724] The buggy address belongs to the object at ffff888106038600 [ 30.742724] which belongs to the cache kmalloc-64 of size 64 [ 30.743691] The buggy address is located 0 bytes to the right of [ 30.743691] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.744817] [ 30.745094] The buggy address belongs to the physical page: [ 30.745723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.746310] flags: 0x200000000000000(node=0|zone=2) [ 30.746769] page_type: f5(slab) [ 30.747228] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.747641] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.748435] page dumped because: kasan: bad access detected [ 30.748922] [ 30.749086] Memory state around the buggy address: [ 30.749534] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.749835] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.750533] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.751225] ^ [ 30.751661] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.752294] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.752800] ================================================================== [ 29.729174] ================================================================== [ 29.729487] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 29.729775] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.730231] [ 29.730318] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.730380] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.730394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.730419] Call Trace: [ 29.730434] <TASK> [ 29.730454] dump_stack_lvl+0x73/0xb0 [ 29.730485] print_report+0xd1/0x640 [ 29.730510] ? __virt_addr_valid+0x1db/0x2d0 [ 29.730535] ? kasan_atomics_helper+0xac7/0x5450 [ 29.730557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.730598] ? kasan_atomics_helper+0xac7/0x5450 [ 29.730629] kasan_report+0x141/0x180 [ 29.730663] ? kasan_atomics_helper+0xac7/0x5450 [ 29.730690] kasan_check_range+0x10c/0x1c0 [ 29.730728] __kasan_check_write+0x18/0x20 [ 29.730753] kasan_atomics_helper+0xac7/0x5450 [ 29.730777] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.730801] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.730831] ? kasan_atomics+0x152/0x310 [ 29.730857] kasan_atomics+0x1dc/0x310 [ 29.730881] ? __pfx_kasan_atomics+0x10/0x10 [ 29.730906] ? __pfx_read_tsc+0x10/0x10 [ 29.730928] ? ktime_get_ts64+0x86/0x230 [ 29.730972] kunit_try_run_case+0x1a5/0x480 [ 29.730999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.731033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.731060] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.731097] ? __kthread_parkme+0x82/0x180 [ 29.731119] ? preempt_count_sub+0x50/0x80 [ 29.731168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.731193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.731218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.731242] kthread+0x337/0x6f0 [ 29.731268] ? trace_preempt_on+0x20/0xc0 [ 29.731293] ? __pfx_kthread+0x10/0x10 [ 29.731314] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.731347] ? calculate_sigpending+0x7b/0xa0 [ 29.731372] ? __pfx_kthread+0x10/0x10 [ 29.731395] ret_from_fork+0x116/0x1d0 [ 29.731427] ? __pfx_kthread+0x10/0x10 [ 29.731449] ret_from_fork_asm+0x1a/0x30 [ 29.731493] </TASK> [ 29.731505] [ 29.740342] Allocated by task 313: [ 29.740599] kasan_save_stack+0x45/0x70 [ 29.740813] kasan_save_track+0x18/0x40 [ 29.741051] kasan_save_alloc_info+0x3b/0x50 [ 29.741438] __kasan_kmalloc+0xb7/0xc0 [ 29.741757] __kmalloc_cache_noprof+0x189/0x420 [ 29.742097] kasan_atomics+0x95/0x310 [ 29.742420] kunit_try_run_case+0x1a5/0x480 [ 29.742622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.742794] kthread+0x337/0x6f0 [ 29.743029] ret_from_fork+0x116/0x1d0 [ 29.743404] ret_from_fork_asm+0x1a/0x30 [ 29.743599] [ 29.743665] The buggy address belongs to the object at ffff888106038600 [ 29.743665] which belongs to the cache kmalloc-64 of size 64 [ 29.744328] The buggy address is located 0 bytes to the right of [ 29.744328] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.745061] [ 29.745310] The buggy address belongs to the physical page: [ 29.745506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.745932] flags: 0x200000000000000(node=0|zone=2) [ 29.746199] page_type: f5(slab) [ 29.746331] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.746664] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.746931] page dumped because: kasan: bad access detected [ 29.747095] [ 29.747157] Memory state around the buggy address: [ 29.747313] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.747520] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.747745] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.747954] ^ [ 29.748307] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.748876] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.749455] ================================================================== [ 29.564269] ================================================================== [ 29.564650] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 29.565226] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.565501] [ 29.565615] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.565666] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.565681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.565706] Call Trace: [ 29.565724] <TASK> [ 29.565741] dump_stack_lvl+0x73/0xb0 [ 29.565771] print_report+0xd1/0x640 [ 29.565794] ? __virt_addr_valid+0x1db/0x2d0 [ 29.565820] ? kasan_atomics_helper+0x697/0x5450 [ 29.565841] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.565868] ? kasan_atomics_helper+0x697/0x5450 [ 29.565891] kasan_report+0x141/0x180 [ 29.565934] ? kasan_atomics_helper+0x697/0x5450 [ 29.565961] kasan_check_range+0x10c/0x1c0 [ 29.565985] __kasan_check_write+0x18/0x20 [ 29.566009] kasan_atomics_helper+0x697/0x5450 [ 29.566051] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.566076] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.566120] ? kasan_atomics+0x152/0x310 [ 29.566170] kasan_atomics+0x1dc/0x310 [ 29.566193] ? __pfx_kasan_atomics+0x10/0x10 [ 29.566218] ? __pfx_read_tsc+0x10/0x10 [ 29.566241] ? ktime_get_ts64+0x86/0x230 [ 29.566266] kunit_try_run_case+0x1a5/0x480 [ 29.566292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.566316] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.566343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.566368] ? __kthread_parkme+0x82/0x180 [ 29.566389] ? preempt_count_sub+0x50/0x80 [ 29.566414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.566439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.566463] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.566488] kthread+0x337/0x6f0 [ 29.566508] ? trace_preempt_on+0x20/0xc0 [ 29.566533] ? __pfx_kthread+0x10/0x10 [ 29.566554] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.566587] ? calculate_sigpending+0x7b/0xa0 [ 29.566612] ? __pfx_kthread+0x10/0x10 [ 29.566633] ret_from_fork+0x116/0x1d0 [ 29.566653] ? __pfx_kthread+0x10/0x10 [ 29.566674] ret_from_fork_asm+0x1a/0x30 [ 29.566708] </TASK> [ 29.566719] [ 29.574629] Allocated by task 313: [ 29.574762] kasan_save_stack+0x45/0x70 [ 29.574906] kasan_save_track+0x18/0x40 [ 29.575037] kasan_save_alloc_info+0x3b/0x50 [ 29.575178] __kasan_kmalloc+0xb7/0xc0 [ 29.575312] __kmalloc_cache_noprof+0x189/0x420 [ 29.575531] kasan_atomics+0x95/0x310 [ 29.575932] kunit_try_run_case+0x1a5/0x480 [ 29.576159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.576432] kthread+0x337/0x6f0 [ 29.576623] ret_from_fork+0x116/0x1d0 [ 29.576873] ret_from_fork_asm+0x1a/0x30 [ 29.577081] [ 29.577175] The buggy address belongs to the object at ffff888106038600 [ 29.577175] which belongs to the cache kmalloc-64 of size 64 [ 29.577718] The buggy address is located 0 bytes to the right of [ 29.577718] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.578318] [ 29.578411] The buggy address belongs to the physical page: [ 29.580739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.581011] flags: 0x200000000000000(node=0|zone=2) [ 29.581177] page_type: f5(slab) [ 29.581332] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.581685] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.582022] page dumped because: kasan: bad access detected [ 29.582273] [ 29.582363] Memory state around the buggy address: [ 29.582626] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.582915] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.583229] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.583487] ^ [ 29.583703] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.583912] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.584118] ================================================================== [ 29.526565] ================================================================== [ 29.527263] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 29.527753] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.528182] [ 29.528285] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.528338] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.528354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.528376] Call Trace: [ 29.528395] <TASK> [ 29.528438] dump_stack_lvl+0x73/0xb0 [ 29.528467] print_report+0xd1/0x640 [ 29.528490] ? __virt_addr_valid+0x1db/0x2d0 [ 29.528515] ? kasan_atomics_helper+0x565/0x5450 [ 29.528537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.528565] ? kasan_atomics_helper+0x565/0x5450 [ 29.528598] kasan_report+0x141/0x180 [ 29.528621] ? kasan_atomics_helper+0x565/0x5450 [ 29.528652] kasan_check_range+0x10c/0x1c0 [ 29.528678] __kasan_check_write+0x18/0x20 [ 29.528703] kasan_atomics_helper+0x565/0x5450 [ 29.528728] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.528751] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.528777] ? kasan_atomics+0x152/0x310 [ 29.528804] kasan_atomics+0x1dc/0x310 [ 29.528827] ? __pfx_kasan_atomics+0x10/0x10 [ 29.528870] ? __pfx_read_tsc+0x10/0x10 [ 29.528892] ? ktime_get_ts64+0x86/0x230 [ 29.528918] kunit_try_run_case+0x1a5/0x480 [ 29.528957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.528981] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.529007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.529058] ? __kthread_parkme+0x82/0x180 [ 29.529089] ? preempt_count_sub+0x50/0x80 [ 29.529121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.529146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.529170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.529195] kthread+0x337/0x6f0 [ 29.529215] ? trace_preempt_on+0x20/0xc0 [ 29.529240] ? __pfx_kthread+0x10/0x10 [ 29.529261] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.529285] ? calculate_sigpending+0x7b/0xa0 [ 29.529310] ? __pfx_kthread+0x10/0x10 [ 29.529333] ret_from_fork+0x116/0x1d0 [ 29.529352] ? __pfx_kthread+0x10/0x10 [ 29.529374] ret_from_fork_asm+0x1a/0x30 [ 29.529407] </TASK> [ 29.529419] [ 29.537109] Allocated by task 313: [ 29.537306] kasan_save_stack+0x45/0x70 [ 29.537517] kasan_save_track+0x18/0x40 [ 29.537741] kasan_save_alloc_info+0x3b/0x50 [ 29.538123] __kasan_kmalloc+0xb7/0xc0 [ 29.538396] __kmalloc_cache_noprof+0x189/0x420 [ 29.538701] kasan_atomics+0x95/0x310 [ 29.539003] kunit_try_run_case+0x1a5/0x480 [ 29.539199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.539424] kthread+0x337/0x6f0 [ 29.539539] ret_from_fork+0x116/0x1d0 [ 29.539731] ret_from_fork_asm+0x1a/0x30 [ 29.540084] [ 29.540246] The buggy address belongs to the object at ffff888106038600 [ 29.540246] which belongs to the cache kmalloc-64 of size 64 [ 29.540881] The buggy address is located 0 bytes to the right of [ 29.540881] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.541406] [ 29.541480] The buggy address belongs to the physical page: [ 29.541768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.542161] flags: 0x200000000000000(node=0|zone=2) [ 29.542379] page_type: f5(slab) [ 29.542498] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.542733] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.542953] page dumped because: kasan: bad access detected [ 29.543117] [ 29.543180] Memory state around the buggy address: [ 29.543334] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.543615] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.543921] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.544609] ^ [ 29.544829] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.545039] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.545246] ================================================================== [ 30.923748] ================================================================== [ 30.924084] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 30.924424] Read of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.924738] [ 30.924841] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.924897] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.924912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.924936] Call Trace: [ 30.924959] <TASK> [ 30.924980] dump_stack_lvl+0x73/0xb0 [ 30.925010] print_report+0xd1/0x640 [ 30.925036] ? __virt_addr_valid+0x1db/0x2d0 [ 30.925063] ? kasan_atomics_helper+0x4fa5/0x5450 [ 30.925087] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.925115] ? kasan_atomics_helper+0x4fa5/0x5450 [ 30.925137] kasan_report+0x141/0x180 [ 30.925161] ? kasan_atomics_helper+0x4fa5/0x5450 [ 30.925190] __asan_report_load8_noabort+0x18/0x20 [ 30.925217] kasan_atomics_helper+0x4fa5/0x5450 [ 30.925243] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.925277] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.925304] ? kasan_atomics+0x152/0x310 [ 30.925333] kasan_atomics+0x1dc/0x310 [ 30.925357] ? __pfx_kasan_atomics+0x10/0x10 [ 30.925382] ? __pfx_read_tsc+0x10/0x10 [ 30.925405] ? ktime_get_ts64+0x86/0x230 [ 30.925431] kunit_try_run_case+0x1a5/0x480 [ 30.925458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.925482] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.925508] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.925534] ? __kthread_parkme+0x82/0x180 [ 30.925555] ? preempt_count_sub+0x50/0x80 [ 30.925592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.925616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.925641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.925664] kthread+0x337/0x6f0 [ 30.925684] ? trace_preempt_on+0x20/0xc0 [ 30.925710] ? __pfx_kthread+0x10/0x10 [ 30.925730] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.925755] ? calculate_sigpending+0x7b/0xa0 [ 30.925780] ? __pfx_kthread+0x10/0x10 [ 30.925801] ret_from_fork+0x116/0x1d0 [ 30.925822] ? __pfx_kthread+0x10/0x10 [ 30.925843] ret_from_fork_asm+0x1a/0x30 [ 30.925876] </TASK> [ 30.925889] [ 30.932955] Allocated by task 313: [ 30.933143] kasan_save_stack+0x45/0x70 [ 30.933361] kasan_save_track+0x18/0x40 [ 30.933505] kasan_save_alloc_info+0x3b/0x50 [ 30.933703] __kasan_kmalloc+0xb7/0xc0 [ 30.933893] __kmalloc_cache_noprof+0x189/0x420 [ 30.934103] kasan_atomics+0x95/0x310 [ 30.934234] kunit_try_run_case+0x1a5/0x480 [ 30.934374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.934634] kthread+0x337/0x6f0 [ 30.934796] ret_from_fork+0x116/0x1d0 [ 30.934976] ret_from_fork_asm+0x1a/0x30 [ 30.935169] [ 30.935235] The buggy address belongs to the object at ffff888106038600 [ 30.935235] which belongs to the cache kmalloc-64 of size 64 [ 30.935595] The buggy address is located 0 bytes to the right of [ 30.935595] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.936324] [ 30.936418] The buggy address belongs to the physical page: [ 30.936684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.937033] flags: 0x200000000000000(node=0|zone=2) [ 30.937269] page_type: f5(slab) [ 30.937438] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.937721] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.937942] page dumped because: kasan: bad access detected [ 30.938105] [ 30.938169] Memory state around the buggy address: [ 30.938319] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.938528] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.938906] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.939253] ^ [ 30.939744] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.940011] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.940217] ================================================================== [ 30.063206] ================================================================== [ 30.063547] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 30.064129] Read of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.064392] [ 30.064506] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.064591] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.064606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.064630] Call Trace: [ 30.064648] <TASK> [ 30.064667] dump_stack_lvl+0x73/0xb0 [ 30.064717] print_report+0xd1/0x640 [ 30.064742] ? __virt_addr_valid+0x1db/0x2d0 [ 30.064785] ? kasan_atomics_helper+0x4a02/0x5450 [ 30.064869] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.064897] ? kasan_atomics_helper+0x4a02/0x5450 [ 30.064919] kasan_report+0x141/0x180 [ 30.064943] ? kasan_atomics_helper+0x4a02/0x5450 [ 30.064981] __asan_report_load4_noabort+0x18/0x20 [ 30.065006] kasan_atomics_helper+0x4a02/0x5450 [ 30.065029] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.065052] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.065078] ? kasan_atomics+0x152/0x310 [ 30.065105] kasan_atomics+0x1dc/0x310 [ 30.065129] ? __pfx_kasan_atomics+0x10/0x10 [ 30.065153] ? __pfx_read_tsc+0x10/0x10 [ 30.065176] ? ktime_get_ts64+0x86/0x230 [ 30.065202] kunit_try_run_case+0x1a5/0x480 [ 30.065228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.065252] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.065300] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.065326] ? __kthread_parkme+0x82/0x180 [ 30.065349] ? preempt_count_sub+0x50/0x80 [ 30.065373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.065398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.065422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.065447] kthread+0x337/0x6f0 [ 30.065484] ? trace_preempt_on+0x20/0xc0 [ 30.065509] ? __pfx_kthread+0x10/0x10 [ 30.065544] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.065592] ? calculate_sigpending+0x7b/0xa0 [ 30.065618] ? __pfx_kthread+0x10/0x10 [ 30.065640] ret_from_fork+0x116/0x1d0 [ 30.065660] ? __pfx_kthread+0x10/0x10 [ 30.065696] ret_from_fork_asm+0x1a/0x30 [ 30.065742] </TASK> [ 30.065755] [ 30.074924] Allocated by task 313: [ 30.075188] kasan_save_stack+0x45/0x70 [ 30.075461] kasan_save_track+0x18/0x40 [ 30.075675] kasan_save_alloc_info+0x3b/0x50 [ 30.075936] __kasan_kmalloc+0xb7/0xc0 [ 30.076107] __kmalloc_cache_noprof+0x189/0x420 [ 30.076355] kasan_atomics+0x95/0x310 [ 30.076546] kunit_try_run_case+0x1a5/0x480 [ 30.076856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.077382] kthread+0x337/0x6f0 [ 30.077505] ret_from_fork+0x116/0x1d0 [ 30.077699] ret_from_fork_asm+0x1a/0x30 [ 30.077908] [ 30.078019] The buggy address belongs to the object at ffff888106038600 [ 30.078019] which belongs to the cache kmalloc-64 of size 64 [ 30.078560] The buggy address is located 0 bytes to the right of [ 30.078560] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.079122] [ 30.079567] The buggy address belongs to the physical page: [ 30.079791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.080214] flags: 0x200000000000000(node=0|zone=2) [ 30.080385] page_type: f5(slab) [ 30.080593] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.081161] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.081409] page dumped because: kasan: bad access detected [ 30.081651] [ 30.081714] Memory state around the buggy address: [ 30.081860] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.082517] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.083054] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.083432] ^ [ 30.083673] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.084159] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.084409] ================================================================== [ 30.200915] ================================================================== [ 30.201352] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 30.201813] Read of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.202554] [ 30.202741] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.202795] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.202810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.202833] Call Trace: [ 30.202855] <TASK> [ 30.202876] dump_stack_lvl+0x73/0xb0 [ 30.202907] print_report+0xd1/0x640 [ 30.202944] ? __virt_addr_valid+0x1db/0x2d0 [ 30.202970] ? kasan_atomics_helper+0x4eae/0x5450 [ 30.202995] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.203022] ? kasan_atomics_helper+0x4eae/0x5450 [ 30.203045] kasan_report+0x141/0x180 [ 30.203068] ? kasan_atomics_helper+0x4eae/0x5450 [ 30.203095] __asan_report_load8_noabort+0x18/0x20 [ 30.203120] kasan_atomics_helper+0x4eae/0x5450 [ 30.203144] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.203167] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.203193] ? kasan_atomics+0x152/0x310 [ 30.203220] kasan_atomics+0x1dc/0x310 [ 30.203244] ? __pfx_kasan_atomics+0x10/0x10 [ 30.203278] ? __pfx_read_tsc+0x10/0x10 [ 30.203302] ? ktime_get_ts64+0x86/0x230 [ 30.203328] kunit_try_run_case+0x1a5/0x480 [ 30.203355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.203379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.203405] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.203431] ? __kthread_parkme+0x82/0x180 [ 30.203453] ? preempt_count_sub+0x50/0x80 [ 30.203501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.203543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.203568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.203602] kthread+0x337/0x6f0 [ 30.203623] ? trace_preempt_on+0x20/0xc0 [ 30.203648] ? __pfx_kthread+0x10/0x10 [ 30.203669] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.203694] ? calculate_sigpending+0x7b/0xa0 [ 30.203719] ? __pfx_kthread+0x10/0x10 [ 30.203742] ret_from_fork+0x116/0x1d0 [ 30.203763] ? __pfx_kthread+0x10/0x10 [ 30.203796] ret_from_fork_asm+0x1a/0x30 [ 30.203830] </TASK> [ 30.203842] [ 30.215932] Allocated by task 313: [ 30.216105] kasan_save_stack+0x45/0x70 [ 30.216269] kasan_save_track+0x18/0x40 [ 30.217008] kasan_save_alloc_info+0x3b/0x50 [ 30.217461] __kasan_kmalloc+0xb7/0xc0 [ 30.217822] __kmalloc_cache_noprof+0x189/0x420 [ 30.218299] kasan_atomics+0x95/0x310 [ 30.218491] kunit_try_run_case+0x1a5/0x480 [ 30.218673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.219177] kthread+0x337/0x6f0 [ 30.219562] ret_from_fork+0x116/0x1d0 [ 30.219933] ret_from_fork_asm+0x1a/0x30 [ 30.220285] [ 30.220435] The buggy address belongs to the object at ffff888106038600 [ 30.220435] which belongs to the cache kmalloc-64 of size 64 [ 30.221221] The buggy address is located 0 bytes to the right of [ 30.221221] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.221596] [ 30.221675] The buggy address belongs to the physical page: [ 30.221928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.222250] flags: 0x200000000000000(node=0|zone=2) [ 30.222412] page_type: f5(slab) [ 30.222583] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.222976] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.223279] page dumped because: kasan: bad access detected [ 30.223683] [ 30.223768] Memory state around the buggy address: [ 30.224020] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.224297] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.224543] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.224980] ^ [ 30.225139] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.225346] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.226038] ================================================================== [ 30.226539] ================================================================== [ 30.226939] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 30.227224] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.227529] [ 30.227652] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.227705] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.227720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.227743] Call Trace: [ 30.227763] <TASK> [ 30.227783] dump_stack_lvl+0x73/0xb0 [ 30.227815] print_report+0xd1/0x640 [ 30.227840] ? __virt_addr_valid+0x1db/0x2d0 [ 30.227865] ? kasan_atomics_helper+0x1467/0x5450 [ 30.227888] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.227914] ? kasan_atomics_helper+0x1467/0x5450 [ 30.227937] kasan_report+0x141/0x180 [ 30.227960] ? kasan_atomics_helper+0x1467/0x5450 [ 30.227988] kasan_check_range+0x10c/0x1c0 [ 30.228012] __kasan_check_write+0x18/0x20 [ 30.228036] kasan_atomics_helper+0x1467/0x5450 [ 30.228059] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.228082] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.228108] ? kasan_atomics+0x152/0x310 [ 30.228134] kasan_atomics+0x1dc/0x310 [ 30.228158] ? __pfx_kasan_atomics+0x10/0x10 [ 30.228183] ? __pfx_read_tsc+0x10/0x10 [ 30.228225] ? ktime_get_ts64+0x86/0x230 [ 30.228261] kunit_try_run_case+0x1a5/0x480 [ 30.228293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.228317] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.228354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.228380] ? __kthread_parkme+0x82/0x180 [ 30.228403] ? preempt_count_sub+0x50/0x80 [ 30.228428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.228453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.228477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.228502] kthread+0x337/0x6f0 [ 30.228522] ? trace_preempt_on+0x20/0xc0 [ 30.228547] ? __pfx_kthread+0x10/0x10 [ 30.228567] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.228601] ? calculate_sigpending+0x7b/0xa0 [ 30.228626] ? __pfx_kthread+0x10/0x10 [ 30.228648] ret_from_fork+0x116/0x1d0 [ 30.228668] ? __pfx_kthread+0x10/0x10 [ 30.228689] ret_from_fork_asm+0x1a/0x30 [ 30.228722] </TASK> [ 30.228734] [ 30.236853] Allocated by task 313: [ 30.236986] kasan_save_stack+0x45/0x70 [ 30.237284] kasan_save_track+0x18/0x40 [ 30.237475] kasan_save_alloc_info+0x3b/0x50 [ 30.237678] __kasan_kmalloc+0xb7/0xc0 [ 30.237870] __kmalloc_cache_noprof+0x189/0x420 [ 30.238043] kasan_atomics+0x95/0x310 [ 30.238170] kunit_try_run_case+0x1a5/0x480 [ 30.238310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.238477] kthread+0x337/0x6f0 [ 30.238648] ret_from_fork+0x116/0x1d0 [ 30.238834] ret_from_fork_asm+0x1a/0x30 [ 30.239146] [ 30.239238] The buggy address belongs to the object at ffff888106038600 [ 30.239238] which belongs to the cache kmalloc-64 of size 64 [ 30.239842] The buggy address is located 0 bytes to the right of [ 30.239842] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.240425] [ 30.240498] The buggy address belongs to the physical page: [ 30.240757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.241149] flags: 0x200000000000000(node=0|zone=2) [ 30.241377] page_type: f5(slab) [ 30.241504] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.241816] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.242195] page dumped because: kasan: bad access detected [ 30.242491] [ 30.242565] Memory state around the buggy address: [ 30.242788] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.243130] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.243474] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.243752] ^ [ 30.244162] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.244392] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.244779] ================================================================== [ 30.128195] ================================================================== [ 30.128543] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 30.129086] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.129415] [ 30.129523] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.129867] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.129885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.129908] Call Trace: [ 30.129922] <TASK> [ 30.129940] dump_stack_lvl+0x73/0xb0 [ 30.129972] print_report+0xd1/0x640 [ 30.129996] ? __virt_addr_valid+0x1db/0x2d0 [ 30.130021] ? kasan_atomics_helper+0x12e6/0x5450 [ 30.130044] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.130096] ? kasan_atomics_helper+0x12e6/0x5450 [ 30.130119] kasan_report+0x141/0x180 [ 30.130141] ? kasan_atomics_helper+0x12e6/0x5450 [ 30.130169] kasan_check_range+0x10c/0x1c0 [ 30.130193] __kasan_check_write+0x18/0x20 [ 30.130217] kasan_atomics_helper+0x12e6/0x5450 [ 30.130241] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.130263] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.130290] ? kasan_atomics+0x152/0x310 [ 30.130317] kasan_atomics+0x1dc/0x310 [ 30.130341] ? __pfx_kasan_atomics+0x10/0x10 [ 30.130385] ? __pfx_read_tsc+0x10/0x10 [ 30.130407] ? ktime_get_ts64+0x86/0x230 [ 30.130433] kunit_try_run_case+0x1a5/0x480 [ 30.130460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.130483] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.130510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.130553] ? __kthread_parkme+0x82/0x180 [ 30.130585] ? preempt_count_sub+0x50/0x80 [ 30.130610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.130634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.130659] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.130684] kthread+0x337/0x6f0 [ 30.130703] ? trace_preempt_on+0x20/0xc0 [ 30.130746] ? __pfx_kthread+0x10/0x10 [ 30.130767] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.130850] ? calculate_sigpending+0x7b/0xa0 [ 30.130877] ? __pfx_kthread+0x10/0x10 [ 30.130899] ret_from_fork+0x116/0x1d0 [ 30.130941] ? __pfx_kthread+0x10/0x10 [ 30.130963] ret_from_fork_asm+0x1a/0x30 [ 30.130995] </TASK> [ 30.131007] [ 30.139271] Allocated by task 313: [ 30.139546] kasan_save_stack+0x45/0x70 [ 30.139871] kasan_save_track+0x18/0x40 [ 30.140147] kasan_save_alloc_info+0x3b/0x50 [ 30.140339] __kasan_kmalloc+0xb7/0xc0 [ 30.140517] __kmalloc_cache_noprof+0x189/0x420 [ 30.140763] kasan_atomics+0x95/0x310 [ 30.141027] kunit_try_run_case+0x1a5/0x480 [ 30.141454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.141718] kthread+0x337/0x6f0 [ 30.141877] ret_from_fork+0x116/0x1d0 [ 30.142080] ret_from_fork_asm+0x1a/0x30 [ 30.142332] [ 30.142427] The buggy address belongs to the object at ffff888106038600 [ 30.142427] which belongs to the cache kmalloc-64 of size 64 [ 30.142906] The buggy address is located 0 bytes to the right of [ 30.142906] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.143470] [ 30.143589] The buggy address belongs to the physical page: [ 30.143844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.144185] flags: 0x200000000000000(node=0|zone=2) [ 30.144438] page_type: f5(slab) [ 30.144612] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.144937] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.145257] page dumped because: kasan: bad access detected [ 30.145464] [ 30.145528] Memory state around the buggy address: [ 30.145678] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.145879] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.146358] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.146695] ^ [ 30.147090] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.147417] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.147665] ================================================================== [ 29.750013] ================================================================== [ 29.750495] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 29.750745] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.751423] [ 29.751604] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.751671] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.751687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.751710] Call Trace: [ 29.751730] <TASK> [ 29.751774] dump_stack_lvl+0x73/0xb0 [ 29.751814] print_report+0xd1/0x640 [ 29.751850] ? __virt_addr_valid+0x1db/0x2d0 [ 29.751875] ? kasan_atomics_helper+0xb6a/0x5450 [ 29.751897] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.751923] ? kasan_atomics_helper+0xb6a/0x5450 [ 29.751946] kasan_report+0x141/0x180 [ 29.751970] ? kasan_atomics_helper+0xb6a/0x5450 [ 29.751996] kasan_check_range+0x10c/0x1c0 [ 29.752021] __kasan_check_write+0x18/0x20 [ 29.752045] kasan_atomics_helper+0xb6a/0x5450 [ 29.752069] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.752092] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.752119] ? kasan_atomics+0x152/0x310 [ 29.752146] kasan_atomics+0x1dc/0x310 [ 29.752169] ? __pfx_kasan_atomics+0x10/0x10 [ 29.752194] ? __pfx_read_tsc+0x10/0x10 [ 29.752217] ? ktime_get_ts64+0x86/0x230 [ 29.752243] kunit_try_run_case+0x1a5/0x480 [ 29.752269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.752292] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.752319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.752344] ? __kthread_parkme+0x82/0x180 [ 29.752366] ? preempt_count_sub+0x50/0x80 [ 29.752390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.752415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.752440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.752464] kthread+0x337/0x6f0 [ 29.752484] ? trace_preempt_on+0x20/0xc0 [ 29.752508] ? __pfx_kthread+0x10/0x10 [ 29.752530] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.752554] ? calculate_sigpending+0x7b/0xa0 [ 29.752589] ? __pfx_kthread+0x10/0x10 [ 29.752611] ret_from_fork+0x116/0x1d0 [ 29.752631] ? __pfx_kthread+0x10/0x10 [ 29.752653] ret_from_fork_asm+0x1a/0x30 [ 29.752686] </TASK> [ 29.752698] [ 29.761509] Allocated by task 313: [ 29.762513] kasan_save_stack+0x45/0x70 [ 29.763054] kasan_save_track+0x18/0x40 [ 29.763699] kasan_save_alloc_info+0x3b/0x50 [ 29.764185] __kasan_kmalloc+0xb7/0xc0 [ 29.764376] __kmalloc_cache_noprof+0x189/0x420 [ 29.764595] kasan_atomics+0x95/0x310 [ 29.764743] kunit_try_run_case+0x1a5/0x480 [ 29.765606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.766317] kthread+0x337/0x6f0 [ 29.766475] ret_from_fork+0x116/0x1d0 [ 29.766644] ret_from_fork_asm+0x1a/0x30 [ 29.766780] [ 29.767468] The buggy address belongs to the object at ffff888106038600 [ 29.767468] which belongs to the cache kmalloc-64 of size 64 [ 29.768722] The buggy address is located 0 bytes to the right of [ 29.768722] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.769644] [ 29.769754] The buggy address belongs to the physical page: [ 29.770014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.770678] flags: 0x200000000000000(node=0|zone=2) [ 29.771185] page_type: f5(slab) [ 29.771371] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.771980] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.772427] page dumped because: kasan: bad access detected [ 29.772774] [ 29.773134] Memory state around the buggy address: [ 29.773314] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.773740] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.774439] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.775053] ^ [ 29.775296] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.775616] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.776168] ================================================================== [ 29.855092] ================================================================== [ 29.855450] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 29.855725] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.856679] [ 29.856832] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.856888] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.856904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.856928] Call Trace: [ 29.856949] <TASK> [ 29.856970] dump_stack_lvl+0x73/0xb0 [ 29.857013] print_report+0xd1/0x640 [ 29.857037] ? __virt_addr_valid+0x1db/0x2d0 [ 29.857062] ? kasan_atomics_helper+0xde0/0x5450 [ 29.857084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.857311] ? kasan_atomics_helper+0xde0/0x5450 [ 29.857339] kasan_report+0x141/0x180 [ 29.857364] ? kasan_atomics_helper+0xde0/0x5450 [ 29.857391] kasan_check_range+0x10c/0x1c0 [ 29.857417] __kasan_check_write+0x18/0x20 [ 29.857441] kasan_atomics_helper+0xde0/0x5450 [ 29.857465] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.857487] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.857513] ? kasan_atomics+0x152/0x310 [ 29.857541] kasan_atomics+0x1dc/0x310 [ 29.857564] ? __pfx_kasan_atomics+0x10/0x10 [ 29.857603] ? __pfx_read_tsc+0x10/0x10 [ 29.857626] ? ktime_get_ts64+0x86/0x230 [ 29.857652] kunit_try_run_case+0x1a5/0x480 [ 29.857677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.857700] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.857727] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.857753] ? __kthread_parkme+0x82/0x180 [ 29.857775] ? preempt_count_sub+0x50/0x80 [ 29.857809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.857835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.857860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.857885] kthread+0x337/0x6f0 [ 29.857905] ? trace_preempt_on+0x20/0xc0 [ 29.857942] ? __pfx_kthread+0x10/0x10 [ 29.857963] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.857989] ? calculate_sigpending+0x7b/0xa0 [ 29.858015] ? __pfx_kthread+0x10/0x10 [ 29.858039] ret_from_fork+0x116/0x1d0 [ 29.858061] ? __pfx_kthread+0x10/0x10 [ 29.858082] ret_from_fork_asm+0x1a/0x30 [ 29.858116] </TASK> [ 29.858127] [ 29.870346] Allocated by task 313: [ 29.870529] kasan_save_stack+0x45/0x70 [ 29.870757] kasan_save_track+0x18/0x40 [ 29.870977] kasan_save_alloc_info+0x3b/0x50 [ 29.871433] __kasan_kmalloc+0xb7/0xc0 [ 29.872037] __kmalloc_cache_noprof+0x189/0x420 [ 29.872468] kasan_atomics+0x95/0x310 [ 29.872685] kunit_try_run_case+0x1a5/0x480 [ 29.873069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.873430] kthread+0x337/0x6f0 [ 29.873635] ret_from_fork+0x116/0x1d0 [ 29.874050] ret_from_fork_asm+0x1a/0x30 [ 29.874250] [ 29.874340] The buggy address belongs to the object at ffff888106038600 [ 29.874340] which belongs to the cache kmalloc-64 of size 64 [ 29.875202] The buggy address is located 0 bytes to the right of [ 29.875202] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.876026] [ 29.876107] The buggy address belongs to the physical page: [ 29.876373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.877303] flags: 0x200000000000000(node=0|zone=2) [ 29.877486] page_type: f5(slab) [ 29.877697] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.878314] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.878684] page dumped because: kasan: bad access detected [ 29.879049] [ 29.879150] Memory state around the buggy address: [ 29.879490] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.879794] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.880321] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.880656] ^ [ 29.881009] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.881367] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.881807] ================================================================== [ 30.382041] ================================================================== [ 30.382358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 30.382689] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.383652] [ 30.383761] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.383829] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.383846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.383869] Call Trace: [ 30.383891] <TASK> [ 30.383915] dump_stack_lvl+0x73/0xb0 [ 30.384131] print_report+0xd1/0x640 [ 30.384204] ? __virt_addr_valid+0x1db/0x2d0 [ 30.384231] ? kasan_atomics_helper+0x177f/0x5450 [ 30.384265] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.384293] ? kasan_atomics_helper+0x177f/0x5450 [ 30.384316] kasan_report+0x141/0x180 [ 30.384339] ? kasan_atomics_helper+0x177f/0x5450 [ 30.384366] kasan_check_range+0x10c/0x1c0 [ 30.384390] __kasan_check_write+0x18/0x20 [ 30.384415] kasan_atomics_helper+0x177f/0x5450 [ 30.384439] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.384461] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.384488] ? kasan_atomics+0x152/0x310 [ 30.384515] kasan_atomics+0x1dc/0x310 [ 30.384538] ? __pfx_kasan_atomics+0x10/0x10 [ 30.384563] ? __pfx_read_tsc+0x10/0x10 [ 30.384596] ? ktime_get_ts64+0x86/0x230 [ 30.384622] kunit_try_run_case+0x1a5/0x480 [ 30.384649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.384672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.384699] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.384725] ? __kthread_parkme+0x82/0x180 [ 30.384746] ? preempt_count_sub+0x50/0x80 [ 30.384771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.385018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.385047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.385072] kthread+0x337/0x6f0 [ 30.385095] ? trace_preempt_on+0x20/0xc0 [ 30.385120] ? __pfx_kthread+0x10/0x10 [ 30.385142] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.385167] ? calculate_sigpending+0x7b/0xa0 [ 30.385192] ? __pfx_kthread+0x10/0x10 [ 30.385214] ret_from_fork+0x116/0x1d0 [ 30.385235] ? __pfx_kthread+0x10/0x10 [ 30.385257] ret_from_fork_asm+0x1a/0x30 [ 30.385292] </TASK> [ 30.385305] [ 30.397219] Allocated by task 313: [ 30.397453] kasan_save_stack+0x45/0x70 [ 30.397702] kasan_save_track+0x18/0x40 [ 30.397953] kasan_save_alloc_info+0x3b/0x50 [ 30.398148] __kasan_kmalloc+0xb7/0xc0 [ 30.398321] __kmalloc_cache_noprof+0x189/0x420 [ 30.398510] kasan_atomics+0x95/0x310 [ 30.398680] kunit_try_run_case+0x1a5/0x480 [ 30.398951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.399199] kthread+0x337/0x6f0 [ 30.399453] ret_from_fork+0x116/0x1d0 [ 30.399591] ret_from_fork_asm+0x1a/0x30 [ 30.399724] [ 30.399790] The buggy address belongs to the object at ffff888106038600 [ 30.399790] which belongs to the cache kmalloc-64 of size 64 [ 30.400359] The buggy address is located 0 bytes to the right of [ 30.400359] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.400977] [ 30.401071] The buggy address belongs to the physical page: [ 30.401244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.401609] flags: 0x200000000000000(node=0|zone=2) [ 30.401838] page_type: f5(slab) [ 30.402299] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.402550] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.403047] page dumped because: kasan: bad access detected [ 30.403329] [ 30.403420] Memory state around the buggy address: [ 30.403652] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.404094] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.404389] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.404705] ^ [ 30.404948] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.405426] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.405639] ================================================================== [ 30.459462] ================================================================== [ 30.460323] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 30.460671] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.461253] [ 30.461433] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.461489] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.461504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.461528] Call Trace: [ 30.461549] <TASK> [ 30.461570] dump_stack_lvl+0x73/0xb0 [ 30.461613] print_report+0xd1/0x640 [ 30.461637] ? __virt_addr_valid+0x1db/0x2d0 [ 30.461663] ? kasan_atomics_helper+0x194a/0x5450 [ 30.461685] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.461711] ? kasan_atomics_helper+0x194a/0x5450 [ 30.461734] kasan_report+0x141/0x180 [ 30.461756] ? kasan_atomics_helper+0x194a/0x5450 [ 30.461861] kasan_check_range+0x10c/0x1c0 [ 30.461893] __kasan_check_write+0x18/0x20 [ 30.461916] kasan_atomics_helper+0x194a/0x5450 [ 30.461941] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.461973] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.461998] ? kasan_atomics+0x152/0x310 [ 30.462025] kasan_atomics+0x1dc/0x310 [ 30.462049] ? __pfx_kasan_atomics+0x10/0x10 [ 30.462075] ? __pfx_read_tsc+0x10/0x10 [ 30.462098] ? ktime_get_ts64+0x86/0x230 [ 30.462126] kunit_try_run_case+0x1a5/0x480 [ 30.462154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.462177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.462204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.462230] ? __kthread_parkme+0x82/0x180 [ 30.462252] ? preempt_count_sub+0x50/0x80 [ 30.462276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.462301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.462326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.462350] kthread+0x337/0x6f0 [ 30.462371] ? trace_preempt_on+0x20/0xc0 [ 30.462396] ? __pfx_kthread+0x10/0x10 [ 30.462417] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.462441] ? calculate_sigpending+0x7b/0xa0 [ 30.462466] ? __pfx_kthread+0x10/0x10 [ 30.462488] ret_from_fork+0x116/0x1d0 [ 30.462508] ? __pfx_kthread+0x10/0x10 [ 30.462530] ret_from_fork_asm+0x1a/0x30 [ 30.462563] </TASK> [ 30.462588] [ 30.475406] Allocated by task 313: [ 30.475551] kasan_save_stack+0x45/0x70 [ 30.475731] kasan_save_track+0x18/0x40 [ 30.476339] kasan_save_alloc_info+0x3b/0x50 [ 30.476537] __kasan_kmalloc+0xb7/0xc0 [ 30.476720] __kmalloc_cache_noprof+0x189/0x420 [ 30.476921] kasan_atomics+0x95/0x310 [ 30.477271] kunit_try_run_case+0x1a5/0x480 [ 30.477460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.477684] kthread+0x337/0x6f0 [ 30.477962] ret_from_fork+0x116/0x1d0 [ 30.478100] ret_from_fork_asm+0x1a/0x30 [ 30.478292] [ 30.478376] The buggy address belongs to the object at ffff888106038600 [ 30.478376] which belongs to the cache kmalloc-64 of size 64 [ 30.478738] The buggy address is located 0 bytes to the right of [ 30.478738] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.479285] [ 30.479385] The buggy address belongs to the physical page: [ 30.479695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.480374] flags: 0x200000000000000(node=0|zone=2) [ 30.480608] page_type: f5(slab) [ 30.480772] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.481557] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.482507] page dumped because: kasan: bad access detected [ 30.482699] [ 30.482768] Memory state around the buggy address: [ 30.482932] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.483143] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.483360] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.483566] ^ [ 30.484690] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.485782] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.486788] ================================================================== [ 30.106903] ================================================================== [ 30.107528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 30.108009] Read of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.108316] [ 30.108403] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.108637] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.108652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.108695] Call Trace: [ 30.108708] <TASK> [ 30.108727] dump_stack_lvl+0x73/0xb0 [ 30.108934] print_report+0xd1/0x640 [ 30.108962] ? __virt_addr_valid+0x1db/0x2d0 [ 30.108989] ? kasan_atomics_helper+0x49e8/0x5450 [ 30.109011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.109038] ? kasan_atomics_helper+0x49e8/0x5450 [ 30.109061] kasan_report+0x141/0x180 [ 30.109106] ? kasan_atomics_helper+0x49e8/0x5450 [ 30.109134] __asan_report_load4_noabort+0x18/0x20 [ 30.109158] kasan_atomics_helper+0x49e8/0x5450 [ 30.109181] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.109204] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.109230] ? kasan_atomics+0x152/0x310 [ 30.109257] kasan_atomics+0x1dc/0x310 [ 30.109282] ? __pfx_kasan_atomics+0x10/0x10 [ 30.109308] ? __pfx_read_tsc+0x10/0x10 [ 30.109331] ? ktime_get_ts64+0x86/0x230 [ 30.109375] kunit_try_run_case+0x1a5/0x480 [ 30.109401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.109425] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.109452] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.109479] ? __kthread_parkme+0x82/0x180 [ 30.109501] ? preempt_count_sub+0x50/0x80 [ 30.109525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.109565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.109601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.109641] kthread+0x337/0x6f0 [ 30.109663] ? trace_preempt_on+0x20/0xc0 [ 30.109703] ? __pfx_kthread+0x10/0x10 [ 30.109727] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.109753] ? calculate_sigpending+0x7b/0xa0 [ 30.109880] ? __pfx_kthread+0x10/0x10 [ 30.109906] ret_from_fork+0x116/0x1d0 [ 30.109927] ? __pfx_kthread+0x10/0x10 [ 30.109950] ret_from_fork_asm+0x1a/0x30 [ 30.109984] </TASK> [ 30.109996] [ 30.118702] Allocated by task 313: [ 30.118859] kasan_save_stack+0x45/0x70 [ 30.119184] kasan_save_track+0x18/0x40 [ 30.119608] kasan_save_alloc_info+0x3b/0x50 [ 30.119811] __kasan_kmalloc+0xb7/0xc0 [ 30.120076] __kmalloc_cache_noprof+0x189/0x420 [ 30.120302] kasan_atomics+0x95/0x310 [ 30.120485] kunit_try_run_case+0x1a5/0x480 [ 30.120700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.120946] kthread+0x337/0x6f0 [ 30.121160] ret_from_fork+0x116/0x1d0 [ 30.121288] ret_from_fork_asm+0x1a/0x30 [ 30.121587] [ 30.121704] The buggy address belongs to the object at ffff888106038600 [ 30.121704] which belongs to the cache kmalloc-64 of size 64 [ 30.122507] The buggy address is located 0 bytes to the right of [ 30.122507] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.123233] [ 30.123338] The buggy address belongs to the physical page: [ 30.123608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.124056] flags: 0x200000000000000(node=0|zone=2) [ 30.124285] page_type: f5(slab) [ 30.124420] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.124755] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.125205] page dumped because: kasan: bad access detected [ 30.125443] [ 30.125530] Memory state around the buggy address: [ 30.125739] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.126040] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.126337] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.126649] ^ [ 30.126998] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.127277] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.127474] ================================================================== [ 29.475009] ================================================================== [ 29.475274] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 29.476114] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.476665] [ 29.476874] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.477007] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.477023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.477048] Call Trace: [ 29.477068] <TASK> [ 29.477089] dump_stack_lvl+0x73/0xb0 [ 29.477120] print_report+0xd1/0x640 [ 29.477143] ? __virt_addr_valid+0x1db/0x2d0 [ 29.477169] ? kasan_atomics_helper+0x4a0/0x5450 [ 29.477191] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.477219] ? kasan_atomics_helper+0x4a0/0x5450 [ 29.477242] kasan_report+0x141/0x180 [ 29.477266] ? kasan_atomics_helper+0x4a0/0x5450 [ 29.477295] kasan_check_range+0x10c/0x1c0 [ 29.477321] __kasan_check_write+0x18/0x20 [ 29.477349] kasan_atomics_helper+0x4a0/0x5450 [ 29.477373] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.477397] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.477424] ? kasan_atomics+0x152/0x310 [ 29.477452] kasan_atomics+0x1dc/0x310 [ 29.477476] ? __pfx_kasan_atomics+0x10/0x10 [ 29.477501] ? __pfx_read_tsc+0x10/0x10 [ 29.477525] ? ktime_get_ts64+0x86/0x230 [ 29.477552] kunit_try_run_case+0x1a5/0x480 [ 29.477594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.477620] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.477680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.477707] ? __kthread_parkme+0x82/0x180 [ 29.477728] ? preempt_count_sub+0x50/0x80 [ 29.477753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.477794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.477820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.477846] kthread+0x337/0x6f0 [ 29.477868] ? trace_preempt_on+0x20/0xc0 [ 29.477893] ? __pfx_kthread+0x10/0x10 [ 29.477914] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.477940] ? calculate_sigpending+0x7b/0xa0 [ 29.477971] ? __pfx_kthread+0x10/0x10 [ 29.477993] ret_from_fork+0x116/0x1d0 [ 29.478014] ? __pfx_kthread+0x10/0x10 [ 29.478035] ret_from_fork_asm+0x1a/0x30 [ 29.478068] </TASK> [ 29.478079] [ 29.489338] Allocated by task 313: [ 29.489687] kasan_save_stack+0x45/0x70 [ 29.490070] kasan_save_track+0x18/0x40 [ 29.490219] kasan_save_alloc_info+0x3b/0x50 [ 29.490493] __kasan_kmalloc+0xb7/0xc0 [ 29.490803] __kmalloc_cache_noprof+0x189/0x420 [ 29.491181] kasan_atomics+0x95/0x310 [ 29.491398] kunit_try_run_case+0x1a5/0x480 [ 29.491547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.491810] kthread+0x337/0x6f0 [ 29.492309] ret_from_fork+0x116/0x1d0 [ 29.492584] ret_from_fork_asm+0x1a/0x30 [ 29.492752] [ 29.493010] The buggy address belongs to the object at ffff888106038600 [ 29.493010] which belongs to the cache kmalloc-64 of size 64 [ 29.493728] The buggy address is located 0 bytes to the right of [ 29.493728] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.494243] [ 29.494339] The buggy address belongs to the physical page: [ 29.494595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.495444] flags: 0x200000000000000(node=0|zone=2) [ 29.495780] page_type: f5(slab) [ 29.496151] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.496533] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.497012] page dumped because: kasan: bad access detected [ 29.497187] [ 29.497435] Memory state around the buggy address: [ 29.497638] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.498133] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.498380] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.498859] ^ [ 29.499354] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.499767] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.500035] ================================================================== [ 29.776808] ================================================================== [ 29.777694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 29.778146] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.778727] [ 29.778855] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.778910] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.778927] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.778950] Call Trace: [ 29.778971] <TASK> [ 29.778993] dump_stack_lvl+0x73/0xb0 [ 29.779022] print_report+0xd1/0x640 [ 29.779047] ? __virt_addr_valid+0x1db/0x2d0 [ 29.779072] ? kasan_atomics_helper+0xc70/0x5450 [ 29.779093] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.779120] ? kasan_atomics_helper+0xc70/0x5450 [ 29.779142] kasan_report+0x141/0x180 [ 29.779166] ? kasan_atomics_helper+0xc70/0x5450 [ 29.779192] kasan_check_range+0x10c/0x1c0 [ 29.779216] __kasan_check_write+0x18/0x20 [ 29.779240] kasan_atomics_helper+0xc70/0x5450 [ 29.779270] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.779292] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.779318] ? kasan_atomics+0x152/0x310 [ 29.779345] kasan_atomics+0x1dc/0x310 [ 29.779369] ? __pfx_kasan_atomics+0x10/0x10 [ 29.779393] ? __pfx_read_tsc+0x10/0x10 [ 29.779416] ? ktime_get_ts64+0x86/0x230 [ 29.779442] kunit_try_run_case+0x1a5/0x480 [ 29.779468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.779491] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.779517] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.779544] ? __kthread_parkme+0x82/0x180 [ 29.779566] ? preempt_count_sub+0x50/0x80 [ 29.779792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.779824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.779851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.779875] kthread+0x337/0x6f0 [ 29.779897] ? trace_preempt_on+0x20/0xc0 [ 29.779937] ? __pfx_kthread+0x10/0x10 [ 29.779958] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.779984] ? calculate_sigpending+0x7b/0xa0 [ 29.780009] ? __pfx_kthread+0x10/0x10 [ 29.780031] ret_from_fork+0x116/0x1d0 [ 29.780052] ? __pfx_kthread+0x10/0x10 [ 29.780073] ret_from_fork_asm+0x1a/0x30 [ 29.780106] </TASK> [ 29.780119] [ 29.790960] Allocated by task 313: [ 29.791347] kasan_save_stack+0x45/0x70 [ 29.791501] kasan_save_track+0x18/0x40 [ 29.791676] kasan_save_alloc_info+0x3b/0x50 [ 29.792092] __kasan_kmalloc+0xb7/0xc0 [ 29.792267] __kmalloc_cache_noprof+0x189/0x420 [ 29.792521] kasan_atomics+0x95/0x310 [ 29.792713] kunit_try_run_case+0x1a5/0x480 [ 29.792891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.793366] kthread+0x337/0x6f0 [ 29.793607] ret_from_fork+0x116/0x1d0 [ 29.793936] ret_from_fork_asm+0x1a/0x30 [ 29.794296] [ 29.794402] The buggy address belongs to the object at ffff888106038600 [ 29.794402] which belongs to the cache kmalloc-64 of size 64 [ 29.794967] The buggy address is located 0 bytes to the right of [ 29.794967] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.795775] [ 29.796029] The buggy address belongs to the physical page: [ 29.796287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.796621] flags: 0x200000000000000(node=0|zone=2) [ 29.797016] page_type: f5(slab) [ 29.797287] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.797723] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.798202] page dumped because: kasan: bad access detected [ 29.798420] [ 29.798515] Memory state around the buggy address: [ 29.798817] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.799260] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.799506] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.800025] ^ [ 29.800211] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.800659] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.801055] ================================================================== [ 30.488079] ================================================================== [ 30.489557] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 30.490790] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.491724] [ 30.492031] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.492092] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.492108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.492246] Call Trace: [ 30.492286] <TASK> [ 30.492309] dump_stack_lvl+0x73/0xb0 [ 30.492391] print_report+0xd1/0x640 [ 30.492418] ? __virt_addr_valid+0x1db/0x2d0 [ 30.492444] ? kasan_atomics_helper+0x19e3/0x5450 [ 30.492468] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.492496] ? kasan_atomics_helper+0x19e3/0x5450 [ 30.492519] kasan_report+0x141/0x180 [ 30.492542] ? kasan_atomics_helper+0x19e3/0x5450 [ 30.492569] kasan_check_range+0x10c/0x1c0 [ 30.492605] __kasan_check_write+0x18/0x20 [ 30.492631] kasan_atomics_helper+0x19e3/0x5450 [ 30.492654] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.492676] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.492702] ? kasan_atomics+0x152/0x310 [ 30.492730] kasan_atomics+0x1dc/0x310 [ 30.492753] ? __pfx_kasan_atomics+0x10/0x10 [ 30.492777] ? __pfx_read_tsc+0x10/0x10 [ 30.492807] ? ktime_get_ts64+0x86/0x230 [ 30.492834] kunit_try_run_case+0x1a5/0x480 [ 30.492860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.492885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.492911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.492937] ? __kthread_parkme+0x82/0x180 [ 30.492959] ? preempt_count_sub+0x50/0x80 [ 30.492984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.493009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.493034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.493059] kthread+0x337/0x6f0 [ 30.493080] ? trace_preempt_on+0x20/0xc0 [ 30.493105] ? __pfx_kthread+0x10/0x10 [ 30.493127] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.493151] ? calculate_sigpending+0x7b/0xa0 [ 30.493176] ? __pfx_kthread+0x10/0x10 [ 30.493198] ret_from_fork+0x116/0x1d0 [ 30.493219] ? __pfx_kthread+0x10/0x10 [ 30.493240] ret_from_fork_asm+0x1a/0x30 [ 30.493274] </TASK> [ 30.493286] [ 30.510645] Allocated by task 313: [ 30.510806] kasan_save_stack+0x45/0x70 [ 30.510965] kasan_save_track+0x18/0x40 [ 30.511830] kasan_save_alloc_info+0x3b/0x50 [ 30.512527] __kasan_kmalloc+0xb7/0xc0 [ 30.512992] __kmalloc_cache_noprof+0x189/0x420 [ 30.513659] kasan_atomics+0x95/0x310 [ 30.514222] kunit_try_run_case+0x1a5/0x480 [ 30.514830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.515479] kthread+0x337/0x6f0 [ 30.516017] ret_from_fork+0x116/0x1d0 [ 30.516193] ret_from_fork_asm+0x1a/0x30 [ 30.516334] [ 30.516403] The buggy address belongs to the object at ffff888106038600 [ 30.516403] which belongs to the cache kmalloc-64 of size 64 [ 30.516771] The buggy address is located 0 bytes to the right of [ 30.516771] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.517593] [ 30.517666] The buggy address belongs to the physical page: [ 30.517880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.518374] flags: 0x200000000000000(node=0|zone=2) [ 30.518880] page_type: f5(slab) [ 30.519032] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.519789] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.520334] page dumped because: kasan: bad access detected [ 30.520692] [ 30.520907] Memory state around the buggy address: [ 30.521247] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.521680] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.521934] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.522659] ^ [ 30.522821] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.523371] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.524042] ================================================================== [ 30.879021] ================================================================== [ 30.879303] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 30.880014] Read of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.880284] [ 30.880674] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.880735] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.880752] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.880776] Call Trace: [ 30.880797] <TASK> [ 30.880926] dump_stack_lvl+0x73/0xb0 [ 30.880966] print_report+0xd1/0x640 [ 30.880990] ? __virt_addr_valid+0x1db/0x2d0 [ 30.881017] ? kasan_atomics_helper+0x4fb2/0x5450 [ 30.881039] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.881065] ? kasan_atomics_helper+0x4fb2/0x5450 [ 30.881088] kasan_report+0x141/0x180 [ 30.881111] ? kasan_atomics_helper+0x4fb2/0x5450 [ 30.881138] __asan_report_load8_noabort+0x18/0x20 [ 30.881163] kasan_atomics_helper+0x4fb2/0x5450 [ 30.881188] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.881210] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.881237] ? kasan_atomics+0x152/0x310 [ 30.881264] kasan_atomics+0x1dc/0x310 [ 30.881287] ? __pfx_kasan_atomics+0x10/0x10 [ 30.881312] ? __pfx_read_tsc+0x10/0x10 [ 30.881335] ? ktime_get_ts64+0x86/0x230 [ 30.881361] kunit_try_run_case+0x1a5/0x480 [ 30.881388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.881412] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.881439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.881465] ? __kthread_parkme+0x82/0x180 [ 30.881486] ? preempt_count_sub+0x50/0x80 [ 30.881510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.881537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.881561] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.881595] kthread+0x337/0x6f0 [ 30.881616] ? trace_preempt_on+0x20/0xc0 [ 30.881641] ? __pfx_kthread+0x10/0x10 [ 30.881662] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.881686] ? calculate_sigpending+0x7b/0xa0 [ 30.881711] ? __pfx_kthread+0x10/0x10 [ 30.881733] ret_from_fork+0x116/0x1d0 [ 30.881752] ? __pfx_kthread+0x10/0x10 [ 30.881774] ret_from_fork_asm+0x1a/0x30 [ 30.881807] </TASK> [ 30.881820] [ 30.892469] Allocated by task 313: [ 30.892791] kasan_save_stack+0x45/0x70 [ 30.893234] kasan_save_track+0x18/0x40 [ 30.893560] kasan_save_alloc_info+0x3b/0x50 [ 30.893765] __kasan_kmalloc+0xb7/0xc0 [ 30.894127] __kmalloc_cache_noprof+0x189/0x420 [ 30.894357] kasan_atomics+0x95/0x310 [ 30.894677] kunit_try_run_case+0x1a5/0x480 [ 30.894962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.895316] kthread+0x337/0x6f0 [ 30.895449] ret_from_fork+0x116/0x1d0 [ 30.895668] ret_from_fork_asm+0x1a/0x30 [ 30.896054] [ 30.896145] The buggy address belongs to the object at ffff888106038600 [ 30.896145] which belongs to the cache kmalloc-64 of size 64 [ 30.896835] The buggy address is located 0 bytes to the right of [ 30.896835] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.897237] [ 30.897312] The buggy address belongs to the physical page: [ 30.897490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.897742] flags: 0x200000000000000(node=0|zone=2) [ 30.897904] page_type: f5(slab) [ 30.898024] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.898249] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.898471] page dumped because: kasan: bad access detected [ 30.898781] [ 30.898934] Memory state around the buggy address: [ 30.899359] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.899988] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.900828] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.901617] ^ [ 30.902073] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.902706] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.903391] ================================================================== [ 30.958610] ================================================================== [ 30.959023] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 30.959312] Read of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.959648] [ 30.959739] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.959792] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.959806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.959830] Call Trace: [ 30.959850] <TASK> [ 30.959872] dump_stack_lvl+0x73/0xb0 [ 30.959900] print_report+0xd1/0x640 [ 30.959925] ? __virt_addr_valid+0x1db/0x2d0 [ 30.959951] ? kasan_atomics_helper+0x5115/0x5450 [ 30.959973] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.960000] ? kasan_atomics_helper+0x5115/0x5450 [ 30.960023] kasan_report+0x141/0x180 [ 30.960046] ? kasan_atomics_helper+0x5115/0x5450 [ 30.960073] __asan_report_load8_noabort+0x18/0x20 [ 30.960098] kasan_atomics_helper+0x5115/0x5450 [ 30.960122] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.960145] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.960171] ? kasan_atomics+0x152/0x310 [ 30.960198] kasan_atomics+0x1dc/0x310 [ 30.960221] ? __pfx_kasan_atomics+0x10/0x10 [ 30.960246] ? __pfx_read_tsc+0x10/0x10 [ 30.960269] ? ktime_get_ts64+0x86/0x230 [ 30.960296] kunit_try_run_case+0x1a5/0x480 [ 30.960322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.960345] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.960374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.960399] ? __kthread_parkme+0x82/0x180 [ 30.960421] ? preempt_count_sub+0x50/0x80 [ 30.960445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.960469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.960493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.960517] kthread+0x337/0x6f0 [ 30.960539] ? trace_preempt_on+0x20/0xc0 [ 30.960563] ? __pfx_kthread+0x10/0x10 [ 30.960596] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.960619] ? calculate_sigpending+0x7b/0xa0 [ 30.960644] ? __pfx_kthread+0x10/0x10 [ 30.960667] ret_from_fork+0x116/0x1d0 [ 30.960699] ? __pfx_kthread+0x10/0x10 [ 30.960720] ret_from_fork_asm+0x1a/0x30 [ 30.960755] </TASK> [ 30.960767] [ 30.968188] Allocated by task 313: [ 30.968357] kasan_save_stack+0x45/0x70 [ 30.968548] kasan_save_track+0x18/0x40 [ 30.968719] kasan_save_alloc_info+0x3b/0x50 [ 30.968909] __kasan_kmalloc+0xb7/0xc0 [ 30.969083] __kmalloc_cache_noprof+0x189/0x420 [ 30.969284] kasan_atomics+0x95/0x310 [ 30.969462] kunit_try_run_case+0x1a5/0x480 [ 30.969641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.969880] kthread+0x337/0x6f0 [ 30.970047] ret_from_fork+0x116/0x1d0 [ 30.970208] ret_from_fork_asm+0x1a/0x30 [ 30.970370] [ 30.970460] The buggy address belongs to the object at ffff888106038600 [ 30.970460] which belongs to the cache kmalloc-64 of size 64 [ 30.970884] The buggy address is located 0 bytes to the right of [ 30.970884] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.971241] [ 30.971316] The buggy address belongs to the physical page: [ 30.971488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.971816] flags: 0x200000000000000(node=0|zone=2) [ 30.972219] page_type: f5(slab) [ 30.972384] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.972722] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.973070] page dumped because: kasan: bad access detected [ 30.973237] [ 30.973300] Memory state around the buggy address: [ 30.973450] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.973668] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.973991] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.974303] ^ [ 30.974523] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.974838] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.975475] ================================================================== [ 29.678988] ================================================================== [ 29.679294] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 29.679524] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.679754] [ 29.679898] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.679976] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.680015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.680061] Call Trace: [ 29.680102] <TASK> [ 29.680142] dump_stack_lvl+0x73/0xb0 [ 29.680193] print_report+0xd1/0x640 [ 29.680258] ? __virt_addr_valid+0x1db/0x2d0 [ 29.680284] ? kasan_atomics_helper+0x992/0x5450 [ 29.680522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.680555] ? kasan_atomics_helper+0x992/0x5450 [ 29.680591] kasan_report+0x141/0x180 [ 29.680615] ? kasan_atomics_helper+0x992/0x5450 [ 29.680642] kasan_check_range+0x10c/0x1c0 [ 29.680667] __kasan_check_write+0x18/0x20 [ 29.680692] kasan_atomics_helper+0x992/0x5450 [ 29.680715] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.680739] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.680766] ? kasan_atomics+0x152/0x310 [ 29.680793] kasan_atomics+0x1dc/0x310 [ 29.680866] ? __pfx_kasan_atomics+0x10/0x10 [ 29.680893] ? __pfx_read_tsc+0x10/0x10 [ 29.680925] ? ktime_get_ts64+0x86/0x230 [ 29.680951] kunit_try_run_case+0x1a5/0x480 [ 29.680977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.681042] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.681070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.681096] ? __kthread_parkme+0x82/0x180 [ 29.681119] ? preempt_count_sub+0x50/0x80 [ 29.681144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.681169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.681194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.681218] kthread+0x337/0x6f0 [ 29.681238] ? trace_preempt_on+0x20/0xc0 [ 29.681264] ? __pfx_kthread+0x10/0x10 [ 29.681285] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.681309] ? calculate_sigpending+0x7b/0xa0 [ 29.681333] ? __pfx_kthread+0x10/0x10 [ 29.681355] ret_from_fork+0x116/0x1d0 [ 29.681375] ? __pfx_kthread+0x10/0x10 [ 29.681396] ret_from_fork_asm+0x1a/0x30 [ 29.681428] </TASK> [ 29.681441] [ 29.689029] Allocated by task 313: [ 29.689208] kasan_save_stack+0x45/0x70 [ 29.689474] kasan_save_track+0x18/0x40 [ 29.689673] kasan_save_alloc_info+0x3b/0x50 [ 29.689873] __kasan_kmalloc+0xb7/0xc0 [ 29.690259] __kmalloc_cache_noprof+0x189/0x420 [ 29.690592] kasan_atomics+0x95/0x310 [ 29.690729] kunit_try_run_case+0x1a5/0x480 [ 29.691194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.691466] kthread+0x337/0x6f0 [ 29.691651] ret_from_fork+0x116/0x1d0 [ 29.691984] ret_from_fork_asm+0x1a/0x30 [ 29.692198] [ 29.692264] The buggy address belongs to the object at ffff888106038600 [ 29.692264] which belongs to the cache kmalloc-64 of size 64 [ 29.692796] The buggy address is located 0 bytes to the right of [ 29.692796] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.693371] [ 29.693444] The buggy address belongs to the physical page: [ 29.693625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.693855] flags: 0x200000000000000(node=0|zone=2) [ 29.694008] page_type: f5(slab) [ 29.694233] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.694762] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.695217] page dumped because: kasan: bad access detected [ 29.695380] [ 29.695442] Memory state around the buggy address: [ 29.695599] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.695797] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.696507] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.696831] ^ [ 29.697374] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.697729] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.698145] ================================================================== [ 29.367128] ================================================================== [ 29.367559] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 29.368270] Read of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.368979] [ 29.369170] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.369223] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.369238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.369261] Call Trace: [ 29.369276] <TASK> [ 29.369294] dump_stack_lvl+0x73/0xb0 [ 29.369323] print_report+0xd1/0x640 [ 29.369347] ? __virt_addr_valid+0x1db/0x2d0 [ 29.369372] ? kasan_atomics_helper+0x4b88/0x5450 [ 29.369397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.369424] ? kasan_atomics_helper+0x4b88/0x5450 [ 29.369695] kasan_report+0x141/0x180 [ 29.369724] ? kasan_atomics_helper+0x4b88/0x5450 [ 29.369756] __asan_report_load4_noabort+0x18/0x20 [ 29.369794] kasan_atomics_helper+0x4b88/0x5450 [ 29.369820] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.369844] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.369872] ? kasan_atomics+0x152/0x310 [ 29.369899] kasan_atomics+0x1dc/0x310 [ 29.370091] ? __pfx_kasan_atomics+0x10/0x10 [ 29.370126] ? __pfx_read_tsc+0x10/0x10 [ 29.370152] ? ktime_get_ts64+0x86/0x230 [ 29.370179] kunit_try_run_case+0x1a5/0x480 [ 29.370206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.370230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.370256] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.370284] ? __kthread_parkme+0x82/0x180 [ 29.370305] ? preempt_count_sub+0x50/0x80 [ 29.370329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.370354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.370379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.370404] kthread+0x337/0x6f0 [ 29.370424] ? trace_preempt_on+0x20/0xc0 [ 29.370449] ? __pfx_kthread+0x10/0x10 [ 29.370470] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.370494] ? calculate_sigpending+0x7b/0xa0 [ 29.370518] ? __pfx_kthread+0x10/0x10 [ 29.370540] ret_from_fork+0x116/0x1d0 [ 29.370560] ? __pfx_kthread+0x10/0x10 [ 29.370594] ret_from_fork_asm+0x1a/0x30 [ 29.370626] </TASK> [ 29.370638] [ 29.385005] Allocated by task 313: [ 29.385417] kasan_save_stack+0x45/0x70 [ 29.385754] kasan_save_track+0x18/0x40 [ 29.386087] kasan_save_alloc_info+0x3b/0x50 [ 29.386304] __kasan_kmalloc+0xb7/0xc0 [ 29.386480] __kmalloc_cache_noprof+0x189/0x420 [ 29.386689] kasan_atomics+0x95/0x310 [ 29.387217] kunit_try_run_case+0x1a5/0x480 [ 29.387493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.387960] kthread+0x337/0x6f0 [ 29.388294] ret_from_fork+0x116/0x1d0 [ 29.388647] ret_from_fork_asm+0x1a/0x30 [ 29.389008] [ 29.389125] The buggy address belongs to the object at ffff888106038600 [ 29.389125] which belongs to the cache kmalloc-64 of size 64 [ 29.389614] The buggy address is located 0 bytes to the right of [ 29.389614] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.390543] [ 29.390788] The buggy address belongs to the physical page: [ 29.391343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.391697] flags: 0x200000000000000(node=0|zone=2) [ 29.392121] page_type: f5(slab) [ 29.392432] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.393213] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.393525] page dumped because: kasan: bad access detected [ 29.393773] [ 29.393859] Memory state around the buggy address: [ 29.394425] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.395112] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.395635] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.396291] ^ [ 29.396516] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.397014] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.397479] ================================================================== [ 29.422183] ================================================================== [ 29.423134] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 29.423432] Read of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.423750] [ 29.423938] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.423991] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.424007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.424031] Call Trace: [ 29.424052] <TASK> [ 29.424072] dump_stack_lvl+0x73/0xb0 [ 29.424102] print_report+0xd1/0x640 [ 29.424127] ? __virt_addr_valid+0x1db/0x2d0 [ 29.424152] ? kasan_atomics_helper+0x3df/0x5450 [ 29.424174] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.424201] ? kasan_atomics_helper+0x3df/0x5450 [ 29.424223] kasan_report+0x141/0x180 [ 29.424246] ? kasan_atomics_helper+0x3df/0x5450 [ 29.424272] kasan_check_range+0x10c/0x1c0 [ 29.424297] __kasan_check_read+0x15/0x20 [ 29.424321] kasan_atomics_helper+0x3df/0x5450 [ 29.424344] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.424367] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.424394] ? kasan_atomics+0x152/0x310 [ 29.424421] kasan_atomics+0x1dc/0x310 [ 29.424444] ? __pfx_kasan_atomics+0x10/0x10 [ 29.424470] ? __pfx_read_tsc+0x10/0x10 [ 29.424492] ? ktime_get_ts64+0x86/0x230 [ 29.424518] kunit_try_run_case+0x1a5/0x480 [ 29.424544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.424568] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.424605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.424631] ? __kthread_parkme+0x82/0x180 [ 29.424653] ? preempt_count_sub+0x50/0x80 [ 29.424678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.424703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.424727] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.424752] kthread+0x337/0x6f0 [ 29.424772] ? trace_preempt_on+0x20/0xc0 [ 29.424797] ? __pfx_kthread+0x10/0x10 [ 29.424818] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.424842] ? calculate_sigpending+0x7b/0xa0 [ 29.424867] ? __pfx_kthread+0x10/0x10 [ 29.424889] ret_from_fork+0x116/0x1d0 [ 29.424910] ? __pfx_kthread+0x10/0x10 [ 29.424931] ret_from_fork_asm+0x1a/0x30 [ 29.424963] </TASK> [ 29.424975] [ 29.436668] Allocated by task 313: [ 29.436810] kasan_save_stack+0x45/0x70 [ 29.437089] kasan_save_track+0x18/0x40 [ 29.437280] kasan_save_alloc_info+0x3b/0x50 [ 29.437470] __kasan_kmalloc+0xb7/0xc0 [ 29.437634] __kmalloc_cache_noprof+0x189/0x420 [ 29.438273] kasan_atomics+0x95/0x310 [ 29.438427] kunit_try_run_case+0x1a5/0x480 [ 29.438780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.439185] kthread+0x337/0x6f0 [ 29.439659] ret_from_fork+0x116/0x1d0 [ 29.439843] ret_from_fork_asm+0x1a/0x30 [ 29.440328] [ 29.440439] The buggy address belongs to the object at ffff888106038600 [ 29.440439] which belongs to the cache kmalloc-64 of size 64 [ 29.441348] The buggy address is located 0 bytes to the right of [ 29.441348] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.442146] [ 29.442273] The buggy address belongs to the physical page: [ 29.442560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.443036] flags: 0x200000000000000(node=0|zone=2) [ 29.443538] page_type: f5(slab) [ 29.443680] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.444298] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.444660] page dumped because: kasan: bad access detected [ 29.444981] [ 29.445052] Memory state around the buggy address: [ 29.445449] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.445971] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.446476] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.446865] ^ [ 29.447059] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.447591] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.448022] ================================================================== [ 29.584647] ================================================================== [ 29.585236] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 29.585596] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.585847] [ 29.585999] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.586075] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.586091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.586117] Call Trace: [ 29.586137] <TASK> [ 29.586158] dump_stack_lvl+0x73/0xb0 [ 29.586188] print_report+0xd1/0x640 [ 29.586212] ? __virt_addr_valid+0x1db/0x2d0 [ 29.586238] ? kasan_atomics_helper+0x72f/0x5450 [ 29.586260] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.586286] ? kasan_atomics_helper+0x72f/0x5450 [ 29.586308] kasan_report+0x141/0x180 [ 29.586332] ? kasan_atomics_helper+0x72f/0x5450 [ 29.586361] kasan_check_range+0x10c/0x1c0 [ 29.586385] __kasan_check_write+0x18/0x20 [ 29.586409] kasan_atomics_helper+0x72f/0x5450 [ 29.586433] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.586455] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.586481] ? kasan_atomics+0x152/0x310 [ 29.586508] kasan_atomics+0x1dc/0x310 [ 29.586532] ? __pfx_kasan_atomics+0x10/0x10 [ 29.586556] ? __pfx_read_tsc+0x10/0x10 [ 29.586588] ? ktime_get_ts64+0x86/0x230 [ 29.586614] kunit_try_run_case+0x1a5/0x480 [ 29.586640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.586662] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.586689] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.586716] ? __kthread_parkme+0x82/0x180 [ 29.586737] ? preempt_count_sub+0x50/0x80 [ 29.586761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.586809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.586932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.586959] kthread+0x337/0x6f0 [ 29.586979] ? trace_preempt_on+0x20/0xc0 [ 29.587005] ? __pfx_kthread+0x10/0x10 [ 29.587025] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.587050] ? calculate_sigpending+0x7b/0xa0 [ 29.587076] ? __pfx_kthread+0x10/0x10 [ 29.587098] ret_from_fork+0x116/0x1d0 [ 29.587118] ? __pfx_kthread+0x10/0x10 [ 29.587139] ret_from_fork_asm+0x1a/0x30 [ 29.587173] </TASK> [ 29.587185] [ 29.601794] Allocated by task 313: [ 29.602064] kasan_save_stack+0x45/0x70 [ 29.602475] kasan_save_track+0x18/0x40 [ 29.602769] kasan_save_alloc_info+0x3b/0x50 [ 29.603248] __kasan_kmalloc+0xb7/0xc0 [ 29.603386] __kmalloc_cache_noprof+0x189/0x420 [ 29.603533] kasan_atomics+0x95/0x310 [ 29.603670] kunit_try_run_case+0x1a5/0x480 [ 29.603812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.603978] kthread+0x337/0x6f0 [ 29.604090] ret_from_fork+0x116/0x1d0 [ 29.604438] ret_from_fork_asm+0x1a/0x30 [ 29.604662] [ 29.604770] The buggy address belongs to the object at ffff888106038600 [ 29.604770] which belongs to the cache kmalloc-64 of size 64 [ 29.605251] The buggy address is located 0 bytes to the right of [ 29.605251] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.606072] [ 29.606205] The buggy address belongs to the physical page: [ 29.606653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.606897] flags: 0x200000000000000(node=0|zone=2) [ 29.607188] page_type: f5(slab) [ 29.607517] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.607752] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.608205] page dumped because: kasan: bad access detected [ 29.608504] [ 29.608639] Memory state around the buggy address: [ 29.608969] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.609234] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.610317] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.610634] ^ [ 29.611111] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.611596] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.612555] ================================================================== [ 29.882472] ================================================================== [ 29.882969] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 29.883614] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.884034] [ 29.884337] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.884397] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.884412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.884435] Call Trace: [ 29.884456] <TASK> [ 29.884478] dump_stack_lvl+0x73/0xb0 [ 29.884511] print_report+0xd1/0x640 [ 29.884549] ? __virt_addr_valid+0x1db/0x2d0 [ 29.884587] ? kasan_atomics_helper+0xe78/0x5450 [ 29.884612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.884638] ? kasan_atomics_helper+0xe78/0x5450 [ 29.884679] kasan_report+0x141/0x180 [ 29.884703] ? kasan_atomics_helper+0xe78/0x5450 [ 29.884730] kasan_check_range+0x10c/0x1c0 [ 29.884755] __kasan_check_write+0x18/0x20 [ 29.884779] kasan_atomics_helper+0xe78/0x5450 [ 29.884803] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.884826] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.884978] ? kasan_atomics+0x152/0x310 [ 29.885007] kasan_atomics+0x1dc/0x310 [ 29.885030] ? __pfx_kasan_atomics+0x10/0x10 [ 29.885056] ? __pfx_read_tsc+0x10/0x10 [ 29.885079] ? ktime_get_ts64+0x86/0x230 [ 29.885105] kunit_try_run_case+0x1a5/0x480 [ 29.885132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.885155] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.885184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.885209] ? __kthread_parkme+0x82/0x180 [ 29.885230] ? preempt_count_sub+0x50/0x80 [ 29.885256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.885280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.885305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.885330] kthread+0x337/0x6f0 [ 29.885350] ? trace_preempt_on+0x20/0xc0 [ 29.885375] ? __pfx_kthread+0x10/0x10 [ 29.885396] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.885421] ? calculate_sigpending+0x7b/0xa0 [ 29.885445] ? __pfx_kthread+0x10/0x10 [ 29.885468] ret_from_fork+0x116/0x1d0 [ 29.885488] ? __pfx_kthread+0x10/0x10 [ 29.885509] ret_from_fork_asm+0x1a/0x30 [ 29.885542] </TASK> [ 29.885555] [ 29.896979] Allocated by task 313: [ 29.897342] kasan_save_stack+0x45/0x70 [ 29.897921] kasan_save_track+0x18/0x40 [ 29.898156] kasan_save_alloc_info+0x3b/0x50 [ 29.898509] __kasan_kmalloc+0xb7/0xc0 [ 29.898877] __kmalloc_cache_noprof+0x189/0x420 [ 29.899127] kasan_atomics+0x95/0x310 [ 29.899350] kunit_try_run_case+0x1a5/0x480 [ 29.899746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.900250] kthread+0x337/0x6f0 [ 29.900392] ret_from_fork+0x116/0x1d0 [ 29.900652] ret_from_fork_asm+0x1a/0x30 [ 29.900846] [ 29.900920] The buggy address belongs to the object at ffff888106038600 [ 29.900920] which belongs to the cache kmalloc-64 of size 64 [ 29.901810] The buggy address is located 0 bytes to the right of [ 29.901810] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.902643] [ 29.902853] The buggy address belongs to the physical page: [ 29.903149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.903711] flags: 0x200000000000000(node=0|zone=2) [ 29.903879] page_type: f5(slab) [ 29.904047] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.904357] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.905130] page dumped because: kasan: bad access detected [ 29.905337] [ 29.905428] Memory state around the buggy address: [ 29.905761] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.906057] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.906431] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.906986] ^ [ 29.907219] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.907507] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.908087] ================================================================== [ 30.639033] ================================================================== [ 30.639658] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 30.640427] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.641361] [ 30.641544] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.641610] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.641626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.641649] Call Trace: [ 30.641671] <TASK> [ 30.641691] dump_stack_lvl+0x73/0xb0 [ 30.641721] print_report+0xd1/0x640 [ 30.641745] ? __virt_addr_valid+0x1db/0x2d0 [ 30.641770] ? kasan_atomics_helper+0x1ce1/0x5450 [ 30.641793] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.641819] ? kasan_atomics_helper+0x1ce1/0x5450 [ 30.641926] kasan_report+0x141/0x180 [ 30.641953] ? kasan_atomics_helper+0x1ce1/0x5450 [ 30.641980] kasan_check_range+0x10c/0x1c0 [ 30.642004] __kasan_check_write+0x18/0x20 [ 30.642029] kasan_atomics_helper+0x1ce1/0x5450 [ 30.642053] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.642076] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.642101] ? kasan_atomics+0x152/0x310 [ 30.642129] kasan_atomics+0x1dc/0x310 [ 30.642151] ? __pfx_kasan_atomics+0x10/0x10 [ 30.642176] ? __pfx_read_tsc+0x10/0x10 [ 30.642199] ? ktime_get_ts64+0x86/0x230 [ 30.642224] kunit_try_run_case+0x1a5/0x480 [ 30.642250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.642273] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.642299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.642325] ? __kthread_parkme+0x82/0x180 [ 30.642347] ? preempt_count_sub+0x50/0x80 [ 30.642370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.642394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.642419] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.642443] kthread+0x337/0x6f0 [ 30.642463] ? trace_preempt_on+0x20/0xc0 [ 30.642488] ? __pfx_kthread+0x10/0x10 [ 30.642509] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.642534] ? calculate_sigpending+0x7b/0xa0 [ 30.642558] ? __pfx_kthread+0x10/0x10 [ 30.642594] ret_from_fork+0x116/0x1d0 [ 30.642615] ? __pfx_kthread+0x10/0x10 [ 30.642639] ret_from_fork_asm+0x1a/0x30 [ 30.642673] </TASK> [ 30.642684] [ 30.655953] Allocated by task 313: [ 30.656400] kasan_save_stack+0x45/0x70 [ 30.656800] kasan_save_track+0x18/0x40 [ 30.657496] kasan_save_alloc_info+0x3b/0x50 [ 30.657959] __kasan_kmalloc+0xb7/0xc0 [ 30.658487] __kmalloc_cache_noprof+0x189/0x420 [ 30.658787] kasan_atomics+0x95/0x310 [ 30.658927] kunit_try_run_case+0x1a5/0x480 [ 30.659069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.659239] kthread+0x337/0x6f0 [ 30.659363] ret_from_fork+0x116/0x1d0 [ 30.659493] ret_from_fork_asm+0x1a/0x30 [ 30.659645] [ 30.659713] The buggy address belongs to the object at ffff888106038600 [ 30.659713] which belongs to the cache kmalloc-64 of size 64 [ 30.660502] The buggy address is located 0 bytes to the right of [ 30.660502] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.661636] [ 30.661743] The buggy address belongs to the physical page: [ 30.661996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.662298] flags: 0x200000000000000(node=0|zone=2) [ 30.662647] page_type: f5(slab) [ 30.662981] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.663232] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.664031] page dumped because: kasan: bad access detected [ 30.664284] [ 30.664403] Memory state around the buggy address: [ 30.664635] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.665062] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.665725] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.666232] ^ [ 30.666613] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.666859] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.667167] ================================================================== [ 30.753957] ================================================================== [ 30.754529] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 30.755267] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.755607] [ 30.755715] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.755769] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.755785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.755809] Call Trace: [ 30.755824] <TASK> [ 30.755845] dump_stack_lvl+0x73/0xb0 [ 30.755877] print_report+0xd1/0x640 [ 30.755902] ? __virt_addr_valid+0x1db/0x2d0 [ 30.756269] ? kasan_atomics_helper+0x1f43/0x5450 [ 30.756316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.756343] ? kasan_atomics_helper+0x1f43/0x5450 [ 30.756367] kasan_report+0x141/0x180 [ 30.756431] ? kasan_atomics_helper+0x1f43/0x5450 [ 30.756462] kasan_check_range+0x10c/0x1c0 [ 30.756488] __kasan_check_write+0x18/0x20 [ 30.756513] kasan_atomics_helper+0x1f43/0x5450 [ 30.756536] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.756559] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.756595] ? kasan_atomics+0x152/0x310 [ 30.756622] kasan_atomics+0x1dc/0x310 [ 30.756645] ? __pfx_kasan_atomics+0x10/0x10 [ 30.756670] ? __pfx_read_tsc+0x10/0x10 [ 30.756692] ? ktime_get_ts64+0x86/0x230 [ 30.756718] kunit_try_run_case+0x1a5/0x480 [ 30.756743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.756767] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.756795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.756821] ? __kthread_parkme+0x82/0x180 [ 30.756842] ? preempt_count_sub+0x50/0x80 [ 30.756866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.756891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.756915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.756951] kthread+0x337/0x6f0 [ 30.756971] ? trace_preempt_on+0x20/0xc0 [ 30.756996] ? __pfx_kthread+0x10/0x10 [ 30.757017] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.757041] ? calculate_sigpending+0x7b/0xa0 [ 30.757065] ? __pfx_kthread+0x10/0x10 [ 30.757087] ret_from_fork+0x116/0x1d0 [ 30.757106] ? __pfx_kthread+0x10/0x10 [ 30.757127] ret_from_fork_asm+0x1a/0x30 [ 30.757160] </TASK> [ 30.757173] [ 30.767565] Allocated by task 313: [ 30.767925] kasan_save_stack+0x45/0x70 [ 30.768129] kasan_save_track+0x18/0x40 [ 30.768444] kasan_save_alloc_info+0x3b/0x50 [ 30.768665] __kasan_kmalloc+0xb7/0xc0 [ 30.769045] __kmalloc_cache_noprof+0x189/0x420 [ 30.769336] kasan_atomics+0x95/0x310 [ 30.769484] kunit_try_run_case+0x1a5/0x480 [ 30.769840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.770204] kthread+0x337/0x6f0 [ 30.770343] ret_from_fork+0x116/0x1d0 [ 30.770658] ret_from_fork_asm+0x1a/0x30 [ 30.770857] [ 30.770926] The buggy address belongs to the object at ffff888106038600 [ 30.770926] which belongs to the cache kmalloc-64 of size 64 [ 30.771523] The buggy address is located 0 bytes to the right of [ 30.771523] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.772253] [ 30.772340] The buggy address belongs to the physical page: [ 30.772735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.773084] flags: 0x200000000000000(node=0|zone=2) [ 30.773440] page_type: f5(slab) [ 30.773568] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.774071] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.774454] page dumped because: kasan: bad access detected [ 30.774717] [ 30.774784] Memory state around the buggy address: [ 30.775162] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.775473] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.775873] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.776167] ^ [ 30.776528] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.776957] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.777268] ================================================================== [ 30.085029] ================================================================== [ 30.085720] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 30.086197] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.086485] [ 30.086585] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.086661] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.086677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.086701] Call Trace: [ 30.086740] <TASK> [ 30.086763] dump_stack_lvl+0x73/0xb0 [ 30.086891] print_report+0xd1/0x640 [ 30.086919] ? __virt_addr_valid+0x1db/0x2d0 [ 30.086960] ? kasan_atomics_helper+0x1217/0x5450 [ 30.087041] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.087069] ? kasan_atomics_helper+0x1217/0x5450 [ 30.087092] kasan_report+0x141/0x180 [ 30.087116] ? kasan_atomics_helper+0x1217/0x5450 [ 30.087142] kasan_check_range+0x10c/0x1c0 [ 30.087166] __kasan_check_write+0x18/0x20 [ 30.087190] kasan_atomics_helper+0x1217/0x5450 [ 30.087214] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.087236] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.087271] ? kasan_atomics+0x152/0x310 [ 30.087298] kasan_atomics+0x1dc/0x310 [ 30.087321] ? __pfx_kasan_atomics+0x10/0x10 [ 30.087347] ? __pfx_read_tsc+0x10/0x10 [ 30.087369] ? ktime_get_ts64+0x86/0x230 [ 30.087395] kunit_try_run_case+0x1a5/0x480 [ 30.087423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.087446] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.087473] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.087499] ? __kthread_parkme+0x82/0x180 [ 30.087521] ? preempt_count_sub+0x50/0x80 [ 30.087545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.087570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.087744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.087769] kthread+0x337/0x6f0 [ 30.087791] ? trace_preempt_on+0x20/0xc0 [ 30.087840] ? __pfx_kthread+0x10/0x10 [ 30.087862] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.087887] ? calculate_sigpending+0x7b/0xa0 [ 30.087912] ? __pfx_kthread+0x10/0x10 [ 30.087992] ret_from_fork+0x116/0x1d0 [ 30.088018] ? __pfx_kthread+0x10/0x10 [ 30.088058] ret_from_fork_asm+0x1a/0x30 [ 30.088107] </TASK> [ 30.088119] [ 30.096601] Allocated by task 313: [ 30.096787] kasan_save_stack+0x45/0x70 [ 30.096993] kasan_save_track+0x18/0x40 [ 30.097280] kasan_save_alloc_info+0x3b/0x50 [ 30.097607] __kasan_kmalloc+0xb7/0xc0 [ 30.097746] __kmalloc_cache_noprof+0x189/0x420 [ 30.098014] kasan_atomics+0x95/0x310 [ 30.098280] kunit_try_run_case+0x1a5/0x480 [ 30.098513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.098750] kthread+0x337/0x6f0 [ 30.098925] ret_from_fork+0x116/0x1d0 [ 30.099125] ret_from_fork_asm+0x1a/0x30 [ 30.099347] [ 30.099438] The buggy address belongs to the object at ffff888106038600 [ 30.099438] which belongs to the cache kmalloc-64 of size 64 [ 30.100150] The buggy address is located 0 bytes to the right of [ 30.100150] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.100651] [ 30.100719] The buggy address belongs to the physical page: [ 30.100891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.101125] flags: 0x200000000000000(node=0|zone=2) [ 30.101750] page_type: f5(slab) [ 30.101946] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.102923] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.103358] page dumped because: kasan: bad access detected [ 30.103675] [ 30.103768] Memory state around the buggy address: [ 30.104196] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.104449] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.104668] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.104874] ^ [ 30.105190] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.105771] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.106163] ================================================================== [ 29.908837] ================================================================== [ 29.909495] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 29.910191] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.910719] [ 29.911104] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.911300] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.911320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.911344] Call Trace: [ 29.911364] <TASK> [ 29.911383] dump_stack_lvl+0x73/0xb0 [ 29.911412] print_report+0xd1/0x640 [ 29.911436] ? __virt_addr_valid+0x1db/0x2d0 [ 29.911461] ? kasan_atomics_helper+0xf10/0x5450 [ 29.911482] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.911510] ? kasan_atomics_helper+0xf10/0x5450 [ 29.911532] kasan_report+0x141/0x180 [ 29.911555] ? kasan_atomics_helper+0xf10/0x5450 [ 29.911594] kasan_check_range+0x10c/0x1c0 [ 29.911619] __kasan_check_write+0x18/0x20 [ 29.911643] kasan_atomics_helper+0xf10/0x5450 [ 29.911667] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.911690] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.911717] ? kasan_atomics+0x152/0x310 [ 29.911744] kasan_atomics+0x1dc/0x310 [ 29.911774] ? __pfx_kasan_atomics+0x10/0x10 [ 29.911800] ? __pfx_read_tsc+0x10/0x10 [ 29.911823] ? ktime_get_ts64+0x86/0x230 [ 29.911848] kunit_try_run_case+0x1a5/0x480 [ 29.911874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.911897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.911924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.911950] ? __kthread_parkme+0x82/0x180 [ 29.911972] ? preempt_count_sub+0x50/0x80 [ 29.911996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.912021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.912045] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.912069] kthread+0x337/0x6f0 [ 29.912089] ? trace_preempt_on+0x20/0xc0 [ 29.912114] ? __pfx_kthread+0x10/0x10 [ 29.912135] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.912159] ? calculate_sigpending+0x7b/0xa0 [ 29.912183] ? __pfx_kthread+0x10/0x10 [ 29.912205] ret_from_fork+0x116/0x1d0 [ 29.912225] ? __pfx_kthread+0x10/0x10 [ 29.912247] ret_from_fork_asm+0x1a/0x30 [ 29.912280] </TASK> [ 29.912292] [ 29.923843] Allocated by task 313: [ 29.924478] kasan_save_stack+0x45/0x70 [ 29.924725] kasan_save_track+0x18/0x40 [ 29.925127] kasan_save_alloc_info+0x3b/0x50 [ 29.925328] __kasan_kmalloc+0xb7/0xc0 [ 29.925537] __kmalloc_cache_noprof+0x189/0x420 [ 29.925833] kasan_atomics+0x95/0x310 [ 29.926083] kunit_try_run_case+0x1a5/0x480 [ 29.926481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.926951] kthread+0x337/0x6f0 [ 29.927288] ret_from_fork+0x116/0x1d0 [ 29.927477] ret_from_fork_asm+0x1a/0x30 [ 29.927725] [ 29.927823] The buggy address belongs to the object at ffff888106038600 [ 29.927823] which belongs to the cache kmalloc-64 of size 64 [ 29.928689] The buggy address is located 0 bytes to the right of [ 29.928689] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.929539] [ 29.929661] The buggy address belongs to the physical page: [ 29.929958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.930303] flags: 0x200000000000000(node=0|zone=2) [ 29.930914] page_type: f5(slab) [ 29.931065] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.931382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.931923] page dumped because: kasan: bad access detected [ 29.932118] [ 29.932214] Memory state around the buggy address: [ 29.932536] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.933153] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.933527] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.934014] ^ [ 29.934210] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.934753] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.935096] ================================================================== [ 30.304770] ================================================================== [ 30.305684] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 30.306530] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.307214] [ 30.307320] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.307542] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.307561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.307597] Call Trace: [ 30.307619] <TASK> [ 30.307641] dump_stack_lvl+0x73/0xb0 [ 30.307679] print_report+0xd1/0x640 [ 30.307705] ? __virt_addr_valid+0x1db/0x2d0 [ 30.307731] ? kasan_atomics_helper+0x15b6/0x5450 [ 30.307755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.307816] ? kasan_atomics_helper+0x15b6/0x5450 [ 30.307841] kasan_report+0x141/0x180 [ 30.307866] ? kasan_atomics_helper+0x15b6/0x5450 [ 30.307893] kasan_check_range+0x10c/0x1c0 [ 30.307925] __kasan_check_write+0x18/0x20 [ 30.307949] kasan_atomics_helper+0x15b6/0x5450 [ 30.307974] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.307997] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.308023] ? kasan_atomics+0x152/0x310 [ 30.308050] kasan_atomics+0x1dc/0x310 [ 30.308074] ? __pfx_kasan_atomics+0x10/0x10 [ 30.308099] ? __pfx_read_tsc+0x10/0x10 [ 30.308122] ? ktime_get_ts64+0x86/0x230 [ 30.308148] kunit_try_run_case+0x1a5/0x480 [ 30.308173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.308196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.308223] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.308250] ? __kthread_parkme+0x82/0x180 [ 30.308271] ? preempt_count_sub+0x50/0x80 [ 30.308296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.308320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.308345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.308370] kthread+0x337/0x6f0 [ 30.308390] ? trace_preempt_on+0x20/0xc0 [ 30.308415] ? __pfx_kthread+0x10/0x10 [ 30.308437] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.308461] ? calculate_sigpending+0x7b/0xa0 [ 30.308486] ? __pfx_kthread+0x10/0x10 [ 30.308508] ret_from_fork+0x116/0x1d0 [ 30.308527] ? __pfx_kthread+0x10/0x10 [ 30.308548] ret_from_fork_asm+0x1a/0x30 [ 30.308592] </TASK> [ 30.308606] [ 30.320564] Allocated by task 313: [ 30.320947] kasan_save_stack+0x45/0x70 [ 30.321299] kasan_save_track+0x18/0x40 [ 30.321482] kasan_save_alloc_info+0x3b/0x50 [ 30.321684] __kasan_kmalloc+0xb7/0xc0 [ 30.322166] __kmalloc_cache_noprof+0x189/0x420 [ 30.322409] kasan_atomics+0x95/0x310 [ 30.322725] kunit_try_run_case+0x1a5/0x480 [ 30.323115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.323581] kthread+0x337/0x6f0 [ 30.323754] ret_from_fork+0x116/0x1d0 [ 30.324199] ret_from_fork_asm+0x1a/0x30 [ 30.324401] [ 30.324492] The buggy address belongs to the object at ffff888106038600 [ 30.324492] which belongs to the cache kmalloc-64 of size 64 [ 30.325272] The buggy address is located 0 bytes to the right of [ 30.325272] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.326171] [ 30.326413] The buggy address belongs to the physical page: [ 30.326647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.326997] flags: 0x200000000000000(node=0|zone=2) [ 30.327287] page_type: f5(slab) [ 30.327422] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.327739] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.328043] page dumped because: kasan: bad access detected [ 30.328376] [ 30.328439] Memory state around the buggy address: [ 30.328680] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.329059] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.329510] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.329765] ^ [ 30.330035] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.330245] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.330663] ================================================================== [ 30.169547] ================================================================== [ 30.170088] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 30.170449] Read of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.170674] [ 30.170757] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.170812] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.170826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.170850] Call Trace: [ 30.170871] <TASK> [ 30.170890] dump_stack_lvl+0x73/0xb0 [ 30.171216] print_report+0xd1/0x640 [ 30.171261] ? __virt_addr_valid+0x1db/0x2d0 [ 30.171286] ? kasan_atomics_helper+0x13b5/0x5450 [ 30.171308] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.171335] ? kasan_atomics_helper+0x13b5/0x5450 [ 30.171358] kasan_report+0x141/0x180 [ 30.171382] ? kasan_atomics_helper+0x13b5/0x5450 [ 30.171409] kasan_check_range+0x10c/0x1c0 [ 30.171433] __kasan_check_read+0x15/0x20 [ 30.171458] kasan_atomics_helper+0x13b5/0x5450 [ 30.171481] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.171505] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.171531] ? kasan_atomics+0x152/0x310 [ 30.171557] kasan_atomics+0x1dc/0x310 [ 30.171631] ? __pfx_kasan_atomics+0x10/0x10 [ 30.171657] ? __pfx_read_tsc+0x10/0x10 [ 30.171680] ? ktime_get_ts64+0x86/0x230 [ 30.171706] kunit_try_run_case+0x1a5/0x480 [ 30.171732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.171787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.171815] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.171841] ? __kthread_parkme+0x82/0x180 [ 30.171941] ? preempt_count_sub+0x50/0x80 [ 30.172006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.172032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.172057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.172082] kthread+0x337/0x6f0 [ 30.172134] ? trace_preempt_on+0x20/0xc0 [ 30.172160] ? __pfx_kthread+0x10/0x10 [ 30.172182] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.172206] ? calculate_sigpending+0x7b/0xa0 [ 30.172231] ? __pfx_kthread+0x10/0x10 [ 30.172283] ret_from_fork+0x116/0x1d0 [ 30.172304] ? __pfx_kthread+0x10/0x10 [ 30.172326] ret_from_fork_asm+0x1a/0x30 [ 30.172358] </TASK> [ 30.172370] [ 30.185880] Allocated by task 313: [ 30.186198] kasan_save_stack+0x45/0x70 [ 30.186563] kasan_save_track+0x18/0x40 [ 30.186903] kasan_save_alloc_info+0x3b/0x50 [ 30.187271] __kasan_kmalloc+0xb7/0xc0 [ 30.187660] __kmalloc_cache_noprof+0x189/0x420 [ 30.188144] kasan_atomics+0x95/0x310 [ 30.188538] kunit_try_run_case+0x1a5/0x480 [ 30.189011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.189533] kthread+0x337/0x6f0 [ 30.189899] ret_from_fork+0x116/0x1d0 [ 30.190232] ret_from_fork_asm+0x1a/0x30 [ 30.190595] [ 30.190797] The buggy address belongs to the object at ffff888106038600 [ 30.190797] which belongs to the cache kmalloc-64 of size 64 [ 30.191984] The buggy address is located 0 bytes to the right of [ 30.191984] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.193143] [ 30.193320] The buggy address belongs to the physical page: [ 30.193833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.194688] flags: 0x200000000000000(node=0|zone=2) [ 30.195214] page_type: f5(slab) [ 30.195384] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.195698] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.195996] page dumped because: kasan: bad access detected [ 30.196267] [ 30.196425] Memory state around the buggy address: [ 30.196840] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.197504] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.197966] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.198355] ^ [ 30.198817] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.199487] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.200166] ================================================================== [ 30.040977] ================================================================== [ 30.041602] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 30.041942] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.042190] [ 30.042285] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.042337] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.042351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.042375] Call Trace: [ 30.042395] <TASK> [ 30.042416] dump_stack_lvl+0x73/0xb0 [ 30.042444] print_report+0xd1/0x640 [ 30.042487] ? __virt_addr_valid+0x1db/0x2d0 [ 30.042512] ? kasan_atomics_helper+0x1148/0x5450 [ 30.042534] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.042561] ? kasan_atomics_helper+0x1148/0x5450 [ 30.042595] kasan_report+0x141/0x180 [ 30.042618] ? kasan_atomics_helper+0x1148/0x5450 [ 30.042644] kasan_check_range+0x10c/0x1c0 [ 30.042670] __kasan_check_write+0x18/0x20 [ 30.042695] kasan_atomics_helper+0x1148/0x5450 [ 30.042719] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.042743] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.042769] ? kasan_atomics+0x152/0x310 [ 30.042796] kasan_atomics+0x1dc/0x310 [ 30.042819] ? __pfx_kasan_atomics+0x10/0x10 [ 30.042845] ? __pfx_read_tsc+0x10/0x10 [ 30.042868] ? ktime_get_ts64+0x86/0x230 [ 30.042895] kunit_try_run_case+0x1a5/0x480 [ 30.042921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.042945] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.042971] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.042997] ? __kthread_parkme+0x82/0x180 [ 30.043019] ? preempt_count_sub+0x50/0x80 [ 30.043043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.043071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.043095] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.043120] kthread+0x337/0x6f0 [ 30.043169] ? trace_preempt_on+0x20/0xc0 [ 30.043426] ? __pfx_kthread+0x10/0x10 [ 30.043448] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.043483] ? calculate_sigpending+0x7b/0xa0 [ 30.043508] ? __pfx_kthread+0x10/0x10 [ 30.043530] ret_from_fork+0x116/0x1d0 [ 30.043551] ? __pfx_kthread+0x10/0x10 [ 30.043582] ret_from_fork_asm+0x1a/0x30 [ 30.043615] </TASK> [ 30.043627] [ 30.053153] Allocated by task 313: [ 30.053347] kasan_save_stack+0x45/0x70 [ 30.053551] kasan_save_track+0x18/0x40 [ 30.053770] kasan_save_alloc_info+0x3b/0x50 [ 30.054057] __kasan_kmalloc+0xb7/0xc0 [ 30.054198] __kmalloc_cache_noprof+0x189/0x420 [ 30.054442] kasan_atomics+0x95/0x310 [ 30.054666] kunit_try_run_case+0x1a5/0x480 [ 30.055043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.055284] kthread+0x337/0x6f0 [ 30.055474] ret_from_fork+0x116/0x1d0 [ 30.055643] ret_from_fork_asm+0x1a/0x30 [ 30.055922] [ 30.056012] The buggy address belongs to the object at ffff888106038600 [ 30.056012] which belongs to the cache kmalloc-64 of size 64 [ 30.056546] The buggy address is located 0 bytes to the right of [ 30.056546] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.057179] [ 30.057250] The buggy address belongs to the physical page: [ 30.057983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.058713] flags: 0x200000000000000(node=0|zone=2) [ 30.059155] page_type: f5(slab) [ 30.059358] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.059668] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.060063] page dumped because: kasan: bad access detected [ 30.060509] [ 30.060612] Memory state around the buggy address: [ 30.060833] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.061183] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.061544] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.061788] ^ [ 30.062068] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.062482] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.062742] ================================================================== [ 30.608453] ================================================================== [ 30.609070] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 30.609909] Read of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.610419] [ 30.610513] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.610567] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.610594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.610617] Call Trace: [ 30.610638] <TASK> [ 30.610657] dump_stack_lvl+0x73/0xb0 [ 30.610688] print_report+0xd1/0x640 [ 30.610713] ? __virt_addr_valid+0x1db/0x2d0 [ 30.610738] ? kasan_atomics_helper+0x4f30/0x5450 [ 30.610761] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.610799] ? kasan_atomics_helper+0x4f30/0x5450 [ 30.610821] kasan_report+0x141/0x180 [ 30.610845] ? kasan_atomics_helper+0x4f30/0x5450 [ 30.610872] __asan_report_load8_noabort+0x18/0x20 [ 30.610897] kasan_atomics_helper+0x4f30/0x5450 [ 30.610919] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.610959] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.610985] ? kasan_atomics+0x152/0x310 [ 30.611012] kasan_atomics+0x1dc/0x310 [ 30.611035] ? __pfx_kasan_atomics+0x10/0x10 [ 30.611059] ? __pfx_read_tsc+0x10/0x10 [ 30.611082] ? ktime_get_ts64+0x86/0x230 [ 30.611108] kunit_try_run_case+0x1a5/0x480 [ 30.611135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.611158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.611185] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.611211] ? __kthread_parkme+0x82/0x180 [ 30.611232] ? preempt_count_sub+0x50/0x80 [ 30.611260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.611285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.611310] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.611334] kthread+0x337/0x6f0 [ 30.611355] ? trace_preempt_on+0x20/0xc0 [ 30.611380] ? __pfx_kthread+0x10/0x10 [ 30.611402] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.611426] ? calculate_sigpending+0x7b/0xa0 [ 30.611452] ? __pfx_kthread+0x10/0x10 [ 30.611475] ret_from_fork+0x116/0x1d0 [ 30.611495] ? __pfx_kthread+0x10/0x10 [ 30.611516] ret_from_fork_asm+0x1a/0x30 [ 30.611549] </TASK> [ 30.611561] [ 30.626462] Allocated by task 313: [ 30.626853] kasan_save_stack+0x45/0x70 [ 30.627274] kasan_save_track+0x18/0x40 [ 30.627439] kasan_save_alloc_info+0x3b/0x50 [ 30.627605] __kasan_kmalloc+0xb7/0xc0 [ 30.627731] __kmalloc_cache_noprof+0x189/0x420 [ 30.628140] kasan_atomics+0x95/0x310 [ 30.628534] kunit_try_run_case+0x1a5/0x480 [ 30.628968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.629579] kthread+0x337/0x6f0 [ 30.629922] ret_from_fork+0x116/0x1d0 [ 30.630269] ret_from_fork_asm+0x1a/0x30 [ 30.630402] [ 30.630469] The buggy address belongs to the object at ffff888106038600 [ 30.630469] which belongs to the cache kmalloc-64 of size 64 [ 30.630812] The buggy address is located 0 bytes to the right of [ 30.630812] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.631166] [ 30.631323] The buggy address belongs to the physical page: [ 30.631951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.632739] flags: 0x200000000000000(node=0|zone=2) [ 30.633277] page_type: f5(slab) [ 30.633536] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.634047] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.634262] page dumped because: kasan: bad access detected [ 30.634810] [ 30.634985] Memory state around the buggy address: [ 30.635506] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.636236] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.637064] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.637299] ^ [ 30.637450] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.637661] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.638064] ================================================================== [ 30.904607] ================================================================== [ 30.905346] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 30.906024] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.906689] [ 30.906862] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.906930] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.906945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.906968] Call Trace: [ 30.906992] <TASK> [ 30.907014] dump_stack_lvl+0x73/0xb0 [ 30.907046] print_report+0xd1/0x640 [ 30.907071] ? __virt_addr_valid+0x1db/0x2d0 [ 30.907097] ? kasan_atomics_helper+0x218a/0x5450 [ 30.907119] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.907147] ? kasan_atomics_helper+0x218a/0x5450 [ 30.907169] kasan_report+0x141/0x180 [ 30.907192] ? kasan_atomics_helper+0x218a/0x5450 [ 30.907219] kasan_check_range+0x10c/0x1c0 [ 30.907244] __kasan_check_write+0x18/0x20 [ 30.907277] kasan_atomics_helper+0x218a/0x5450 [ 30.907305] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.907328] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.907356] ? kasan_atomics+0x152/0x310 [ 30.907383] kasan_atomics+0x1dc/0x310 [ 30.907407] ? __pfx_kasan_atomics+0x10/0x10 [ 30.907432] ? __pfx_read_tsc+0x10/0x10 [ 30.907455] ? ktime_get_ts64+0x86/0x230 [ 30.907482] kunit_try_run_case+0x1a5/0x480 [ 30.907508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.907532] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.907558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.907595] ? __kthread_parkme+0x82/0x180 [ 30.907617] ? preempt_count_sub+0x50/0x80 [ 30.907642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.907666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.907690] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.907714] kthread+0x337/0x6f0 [ 30.907734] ? trace_preempt_on+0x20/0xc0 [ 30.907760] ? __pfx_kthread+0x10/0x10 [ 30.907781] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.907805] ? calculate_sigpending+0x7b/0xa0 [ 30.907830] ? __pfx_kthread+0x10/0x10 [ 30.907852] ret_from_fork+0x116/0x1d0 [ 30.907873] ? __pfx_kthread+0x10/0x10 [ 30.907894] ret_from_fork_asm+0x1a/0x30 [ 30.907937] </TASK> [ 30.907950] [ 30.915453] Allocated by task 313: [ 30.915653] kasan_save_stack+0x45/0x70 [ 30.915858] kasan_save_track+0x18/0x40 [ 30.916033] kasan_save_alloc_info+0x3b/0x50 [ 30.916224] __kasan_kmalloc+0xb7/0xc0 [ 30.916393] __kmalloc_cache_noprof+0x189/0x420 [ 30.916556] kasan_atomics+0x95/0x310 [ 30.916747] kunit_try_run_case+0x1a5/0x480 [ 30.916921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.917129] kthread+0x337/0x6f0 [ 30.917244] ret_from_fork+0x116/0x1d0 [ 30.917402] ret_from_fork_asm+0x1a/0x30 [ 30.917605] [ 30.917701] The buggy address belongs to the object at ffff888106038600 [ 30.917701] which belongs to the cache kmalloc-64 of size 64 [ 30.918233] The buggy address is located 0 bytes to the right of [ 30.918233] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.918703] [ 30.918773] The buggy address belongs to the physical page: [ 30.919099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.919443] flags: 0x200000000000000(node=0|zone=2) [ 30.919632] page_type: f5(slab) [ 30.919751] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.919975] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.920195] page dumped because: kasan: bad access detected [ 30.920436] [ 30.920524] Memory state around the buggy address: [ 30.920832] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.921279] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.921485] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.921698] ^ [ 30.921856] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.922514] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.922839] ================================================================== [ 30.245241] ================================================================== [ 30.245598] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 30.245893] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.246194] [ 30.246280] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.246332] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.246347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.246370] Call Trace: [ 30.246392] <TASK> [ 30.246412] dump_stack_lvl+0x73/0xb0 [ 30.246440] print_report+0xd1/0x640 [ 30.246465] ? __virt_addr_valid+0x1db/0x2d0 [ 30.246490] ? kasan_atomics_helper+0x50d4/0x5450 [ 30.246513] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.246540] ? kasan_atomics_helper+0x50d4/0x5450 [ 30.246562] kasan_report+0x141/0x180 [ 30.246596] ? kasan_atomics_helper+0x50d4/0x5450 [ 30.246623] __asan_report_store8_noabort+0x1b/0x30 [ 30.246649] kasan_atomics_helper+0x50d4/0x5450 [ 30.246673] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.246696] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.246722] ? kasan_atomics+0x152/0x310 [ 30.246749] kasan_atomics+0x1dc/0x310 [ 30.246772] ? __pfx_kasan_atomics+0x10/0x10 [ 30.246797] ? __pfx_read_tsc+0x10/0x10 [ 30.246820] ? ktime_get_ts64+0x86/0x230 [ 30.246845] kunit_try_run_case+0x1a5/0x480 [ 30.246871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.246894] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.246920] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.246946] ? __kthread_parkme+0x82/0x180 [ 30.246968] ? preempt_count_sub+0x50/0x80 [ 30.246992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.247017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.247041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.247066] kthread+0x337/0x6f0 [ 30.247087] ? trace_preempt_on+0x20/0xc0 [ 30.247112] ? __pfx_kthread+0x10/0x10 [ 30.247133] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.247157] ? calculate_sigpending+0x7b/0xa0 [ 30.247181] ? __pfx_kthread+0x10/0x10 [ 30.247203] ret_from_fork+0x116/0x1d0 [ 30.247223] ? __pfx_kthread+0x10/0x10 [ 30.247245] ret_from_fork_asm+0x1a/0x30 [ 30.247283] </TASK> [ 30.247296] [ 30.257004] Allocated by task 313: [ 30.257203] kasan_save_stack+0x45/0x70 [ 30.257421] kasan_save_track+0x18/0x40 [ 30.258796] kasan_save_alloc_info+0x3b/0x50 [ 30.259689] __kasan_kmalloc+0xb7/0xc0 [ 30.260249] __kmalloc_cache_noprof+0x189/0x420 [ 30.260671] kasan_atomics+0x95/0x310 [ 30.261331] kunit_try_run_case+0x1a5/0x480 [ 30.261504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.261689] kthread+0x337/0x6f0 [ 30.261809] ret_from_fork+0x116/0x1d0 [ 30.262551] ret_from_fork_asm+0x1a/0x30 [ 30.263396] [ 30.263735] The buggy address belongs to the object at ffff888106038600 [ 30.263735] which belongs to the cache kmalloc-64 of size 64 [ 30.265259] The buggy address is located 0 bytes to the right of [ 30.265259] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.266843] [ 30.266935] The buggy address belongs to the physical page: [ 30.267427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.268404] flags: 0x200000000000000(node=0|zone=2) [ 30.269097] page_type: f5(slab) [ 30.269281] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.269511] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.269744] page dumped because: kasan: bad access detected [ 30.270146] [ 30.270223] Memory state around the buggy address: [ 30.270381] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.270609] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.271138] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.271755] ^ [ 30.272247] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.272947] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.273601] ================================================================== [ 30.427731] ================================================================== [ 30.428487] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 30.429538] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.429937] [ 30.430028] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.430085] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.430101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.430124] Call Trace: [ 30.430146] <TASK> [ 30.430167] dump_stack_lvl+0x73/0xb0 [ 30.430197] print_report+0xd1/0x640 [ 30.430221] ? __virt_addr_valid+0x1db/0x2d0 [ 30.430246] ? kasan_atomics_helper+0x18b1/0x5450 [ 30.430268] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.430294] ? kasan_atomics_helper+0x18b1/0x5450 [ 30.430317] kasan_report+0x141/0x180 [ 30.430340] ? kasan_atomics_helper+0x18b1/0x5450 [ 30.430366] kasan_check_range+0x10c/0x1c0 [ 30.430392] __kasan_check_write+0x18/0x20 [ 30.430417] kasan_atomics_helper+0x18b1/0x5450 [ 30.430440] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.430464] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.430491] ? kasan_atomics+0x152/0x310 [ 30.430518] kasan_atomics+0x1dc/0x310 [ 30.430541] ? __pfx_kasan_atomics+0x10/0x10 [ 30.430566] ? __pfx_read_tsc+0x10/0x10 [ 30.430599] ? ktime_get_ts64+0x86/0x230 [ 30.430625] kunit_try_run_case+0x1a5/0x480 [ 30.430651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.430674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.430701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.430727] ? __kthread_parkme+0x82/0x180 [ 30.430749] ? preempt_count_sub+0x50/0x80 [ 30.430774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.430799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.430823] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.430848] kthread+0x337/0x6f0 [ 30.431288] ? trace_preempt_on+0x20/0xc0 [ 30.431315] ? __pfx_kthread+0x10/0x10 [ 30.431348] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.431373] ? calculate_sigpending+0x7b/0xa0 [ 30.431398] ? __pfx_kthread+0x10/0x10 [ 30.431420] ret_from_fork+0x116/0x1d0 [ 30.431441] ? __pfx_kthread+0x10/0x10 [ 30.431463] ret_from_fork_asm+0x1a/0x30 [ 30.431496] </TASK> [ 30.431508] [ 30.445367] Allocated by task 313: [ 30.445924] kasan_save_stack+0x45/0x70 [ 30.446179] kasan_save_track+0x18/0x40 [ 30.446598] kasan_save_alloc_info+0x3b/0x50 [ 30.446918] __kasan_kmalloc+0xb7/0xc0 [ 30.447105] __kmalloc_cache_noprof+0x189/0x420 [ 30.447461] kasan_atomics+0x95/0x310 [ 30.447857] kunit_try_run_case+0x1a5/0x480 [ 30.448322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.448677] kthread+0x337/0x6f0 [ 30.448923] ret_from_fork+0x116/0x1d0 [ 30.449358] ret_from_fork_asm+0x1a/0x30 [ 30.449744] [ 30.449952] The buggy address belongs to the object at ffff888106038600 [ 30.449952] which belongs to the cache kmalloc-64 of size 64 [ 30.450325] The buggy address is located 0 bytes to the right of [ 30.450325] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.451634] [ 30.451803] The buggy address belongs to the physical page: [ 30.452440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.453224] flags: 0x200000000000000(node=0|zone=2) [ 30.453699] page_type: f5(slab) [ 30.454062] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.454403] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.454642] page dumped because: kasan: bad access detected [ 30.454843] [ 30.454991] Memory state around the buggy address: [ 30.455450] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.455816] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.456546] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.457214] ^ [ 30.457637] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.457986] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.458542] ================================================================== [ 30.331679] ================================================================== [ 30.331990] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 30.332315] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.333368] [ 30.333475] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.333529] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.333544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.333568] Call Trace: [ 30.333678] <TASK> [ 30.333756] dump_stack_lvl+0x73/0xb0 [ 30.333790] print_report+0xd1/0x640 [ 30.333814] ? __virt_addr_valid+0x1db/0x2d0 [ 30.333900] ? kasan_atomics_helper+0x164f/0x5450 [ 30.333926] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.333955] ? kasan_atomics_helper+0x164f/0x5450 [ 30.333978] kasan_report+0x141/0x180 [ 30.334002] ? kasan_atomics_helper+0x164f/0x5450 [ 30.334029] kasan_check_range+0x10c/0x1c0 [ 30.334054] __kasan_check_write+0x18/0x20 [ 30.334078] kasan_atomics_helper+0x164f/0x5450 [ 30.334101] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.334125] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.334151] ? kasan_atomics+0x152/0x310 [ 30.334178] kasan_atomics+0x1dc/0x310 [ 30.334202] ? __pfx_kasan_atomics+0x10/0x10 [ 30.334227] ? __pfx_read_tsc+0x10/0x10 [ 30.334250] ? ktime_get_ts64+0x86/0x230 [ 30.334330] kunit_try_run_case+0x1a5/0x480 [ 30.334361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.334385] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.334425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.334451] ? __kthread_parkme+0x82/0x180 [ 30.334473] ? preempt_count_sub+0x50/0x80 [ 30.334498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.334522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.334547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.334582] kthread+0x337/0x6f0 [ 30.334603] ? trace_preempt_on+0x20/0xc0 [ 30.334627] ? __pfx_kthread+0x10/0x10 [ 30.334650] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.334674] ? calculate_sigpending+0x7b/0xa0 [ 30.334699] ? __pfx_kthread+0x10/0x10 [ 30.334721] ret_from_fork+0x116/0x1d0 [ 30.334741] ? __pfx_kthread+0x10/0x10 [ 30.334764] ret_from_fork_asm+0x1a/0x30 [ 30.334807] </TASK> [ 30.334819] [ 30.345450] Allocated by task 313: [ 30.345798] kasan_save_stack+0x45/0x70 [ 30.346092] kasan_save_track+0x18/0x40 [ 30.346236] kasan_save_alloc_info+0x3b/0x50 [ 30.346425] __kasan_kmalloc+0xb7/0xc0 [ 30.346655] __kmalloc_cache_noprof+0x189/0x420 [ 30.346874] kasan_atomics+0x95/0x310 [ 30.347376] kunit_try_run_case+0x1a5/0x480 [ 30.347724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.348114] kthread+0x337/0x6f0 [ 30.348294] ret_from_fork+0x116/0x1d0 [ 30.348479] ret_from_fork_asm+0x1a/0x30 [ 30.348683] [ 30.348754] The buggy address belongs to the object at ffff888106038600 [ 30.348754] which belongs to the cache kmalloc-64 of size 64 [ 30.349660] The buggy address is located 0 bytes to the right of [ 30.349660] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.350456] [ 30.350653] The buggy address belongs to the physical page: [ 30.350988] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.351630] flags: 0x200000000000000(node=0|zone=2) [ 30.351931] page_type: f5(slab) [ 30.352051] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.352436] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.352813] page dumped because: kasan: bad access detected [ 30.353226] [ 30.353389] Memory state around the buggy address: [ 30.353705] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.354193] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.354483] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.354781] ^ [ 30.355245] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.355648] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.356134] ================================================================== [ 30.668237] ================================================================== [ 30.668768] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 30.669398] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.670112] [ 30.670216] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.670294] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.670309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.670333] Call Trace: [ 30.670353] <TASK> [ 30.670375] dump_stack_lvl+0x73/0xb0 [ 30.670407] print_report+0xd1/0x640 [ 30.670432] ? __virt_addr_valid+0x1db/0x2d0 [ 30.670673] ? kasan_atomics_helper+0x1d7a/0x5450 [ 30.670699] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.670726] ? kasan_atomics_helper+0x1d7a/0x5450 [ 30.670748] kasan_report+0x141/0x180 [ 30.670772] ? kasan_atomics_helper+0x1d7a/0x5450 [ 30.670810] kasan_check_range+0x10c/0x1c0 [ 30.670836] __kasan_check_write+0x18/0x20 [ 30.670861] kasan_atomics_helper+0x1d7a/0x5450 [ 30.670884] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.670907] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.670940] ? kasan_atomics+0x152/0x310 [ 30.670967] kasan_atomics+0x1dc/0x310 [ 30.670990] ? __pfx_kasan_atomics+0x10/0x10 [ 30.671015] ? __pfx_read_tsc+0x10/0x10 [ 30.671037] ? ktime_get_ts64+0x86/0x230 [ 30.671064] kunit_try_run_case+0x1a5/0x480 [ 30.671089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.671112] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.671139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.671165] ? __kthread_parkme+0x82/0x180 [ 30.671186] ? preempt_count_sub+0x50/0x80 [ 30.671210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.671235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.671266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.671290] kthread+0x337/0x6f0 [ 30.671310] ? trace_preempt_on+0x20/0xc0 [ 30.671335] ? __pfx_kthread+0x10/0x10 [ 30.671356] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.671380] ? calculate_sigpending+0x7b/0xa0 [ 30.671405] ? __pfx_kthread+0x10/0x10 [ 30.671428] ret_from_fork+0x116/0x1d0 [ 30.671448] ? __pfx_kthread+0x10/0x10 [ 30.671469] ret_from_fork_asm+0x1a/0x30 [ 30.671503] </TASK> [ 30.671515] [ 30.684179] Allocated by task 313: [ 30.684617] kasan_save_stack+0x45/0x70 [ 30.684999] kasan_save_track+0x18/0x40 [ 30.685228] kasan_save_alloc_info+0x3b/0x50 [ 30.685443] __kasan_kmalloc+0xb7/0xc0 [ 30.685634] __kmalloc_cache_noprof+0x189/0x420 [ 30.686110] kasan_atomics+0x95/0x310 [ 30.686254] kunit_try_run_case+0x1a5/0x480 [ 30.686556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.687070] kthread+0x337/0x6f0 [ 30.687239] ret_from_fork+0x116/0x1d0 [ 30.687432] ret_from_fork_asm+0x1a/0x30 [ 30.687744] [ 30.687843] The buggy address belongs to the object at ffff888106038600 [ 30.687843] which belongs to the cache kmalloc-64 of size 64 [ 30.688826] The buggy address is located 0 bytes to the right of [ 30.688826] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.689544] [ 30.689661] The buggy address belongs to the physical page: [ 30.690219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.690890] flags: 0x200000000000000(node=0|zone=2) [ 30.691160] page_type: f5(slab) [ 30.691464] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.691782] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.692379] page dumped because: kasan: bad access detected [ 30.692739] [ 30.692837] Memory state around the buggy address: [ 30.693311] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.693718] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.694512] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.694976] ^ [ 30.695155] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.695504] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.696104] ================================================================== [ 30.827053] ================================================================== [ 30.827447] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 30.828237] Read of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.828647] [ 30.829030] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.829200] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.829219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.829244] Call Trace: [ 30.829267] <TASK> [ 30.829290] dump_stack_lvl+0x73/0xb0 [ 30.829324] print_report+0xd1/0x640 [ 30.829349] ? __virt_addr_valid+0x1db/0x2d0 [ 30.829376] ? kasan_atomics_helper+0x4f98/0x5450 [ 30.829399] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.829426] ? kasan_atomics_helper+0x4f98/0x5450 [ 30.829449] kasan_report+0x141/0x180 [ 30.829472] ? kasan_atomics_helper+0x4f98/0x5450 [ 30.829498] __asan_report_load8_noabort+0x18/0x20 [ 30.829523] kasan_atomics_helper+0x4f98/0x5450 [ 30.829547] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.829571] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.829609] ? kasan_atomics+0x152/0x310 [ 30.829636] kasan_atomics+0x1dc/0x310 [ 30.829659] ? __pfx_kasan_atomics+0x10/0x10 [ 30.829684] ? __pfx_read_tsc+0x10/0x10 [ 30.829707] ? ktime_get_ts64+0x86/0x230 [ 30.829732] kunit_try_run_case+0x1a5/0x480 [ 30.829759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.829781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.829808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.829834] ? __kthread_parkme+0x82/0x180 [ 30.829855] ? preempt_count_sub+0x50/0x80 [ 30.829879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.829904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.829943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.829968] kthread+0x337/0x6f0 [ 30.829987] ? trace_preempt_on+0x20/0xc0 [ 30.830012] ? __pfx_kthread+0x10/0x10 [ 30.830033] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.830058] ? calculate_sigpending+0x7b/0xa0 [ 30.830084] ? __pfx_kthread+0x10/0x10 [ 30.830106] ret_from_fork+0x116/0x1d0 [ 30.830129] ? __pfx_kthread+0x10/0x10 [ 30.830151] ret_from_fork_asm+0x1a/0x30 [ 30.830187] </TASK> [ 30.830200] [ 30.840921] Allocated by task 313: [ 30.841349] kasan_save_stack+0x45/0x70 [ 30.841567] kasan_save_track+0x18/0x40 [ 30.841756] kasan_save_alloc_info+0x3b/0x50 [ 30.842202] __kasan_kmalloc+0xb7/0xc0 [ 30.842474] __kmalloc_cache_noprof+0x189/0x420 [ 30.842795] kasan_atomics+0x95/0x310 [ 30.843124] kunit_try_run_case+0x1a5/0x480 [ 30.843443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.843745] kthread+0x337/0x6f0 [ 30.844079] ret_from_fork+0x116/0x1d0 [ 30.844367] ret_from_fork_asm+0x1a/0x30 [ 30.844559] [ 30.844671] The buggy address belongs to the object at ffff888106038600 [ 30.844671] which belongs to the cache kmalloc-64 of size 64 [ 30.845489] The buggy address is located 0 bytes to the right of [ 30.845489] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.846115] [ 30.846402] The buggy address belongs to the physical page: [ 30.846709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.847269] flags: 0x200000000000000(node=0|zone=2) [ 30.847606] page_type: f5(slab) [ 30.847897] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.848308] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.848728] page dumped because: kasan: bad access detected [ 30.848955] [ 30.849047] Memory state around the buggy address: [ 30.849242] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.849550] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.849853] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.850499] ^ [ 30.850815] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.851275] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.851641] ================================================================== [ 29.448444] ================================================================== [ 29.448694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 29.449532] Read of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.450156] [ 29.450276] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.450341] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.450356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.450380] Call Trace: [ 29.450398] <TASK> [ 29.450418] dump_stack_lvl+0x73/0xb0 [ 29.450449] print_report+0xd1/0x640 [ 29.450473] ? __virt_addr_valid+0x1db/0x2d0 [ 29.450498] ? kasan_atomics_helper+0x4b54/0x5450 [ 29.450739] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.450772] ? kasan_atomics_helper+0x4b54/0x5450 [ 29.450818] kasan_report+0x141/0x180 [ 29.450848] ? kasan_atomics_helper+0x4b54/0x5450 [ 29.450876] __asan_report_load4_noabort+0x18/0x20 [ 29.450901] kasan_atomics_helper+0x4b54/0x5450 [ 29.450932] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.450955] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.450984] ? kasan_atomics+0x152/0x310 [ 29.451012] kasan_atomics+0x1dc/0x310 [ 29.451036] ? __pfx_kasan_atomics+0x10/0x10 [ 29.451061] ? __pfx_read_tsc+0x10/0x10 [ 29.451084] ? ktime_get_ts64+0x86/0x230 [ 29.451110] kunit_try_run_case+0x1a5/0x480 [ 29.451136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.451159] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.451186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.451213] ? __kthread_parkme+0x82/0x180 [ 29.451234] ? preempt_count_sub+0x50/0x80 [ 29.451264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.451289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.451314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.451339] kthread+0x337/0x6f0 [ 29.451359] ? trace_preempt_on+0x20/0xc0 [ 29.451383] ? __pfx_kthread+0x10/0x10 [ 29.451405] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.451429] ? calculate_sigpending+0x7b/0xa0 [ 29.451454] ? __pfx_kthread+0x10/0x10 [ 29.451476] ret_from_fork+0x116/0x1d0 [ 29.451496] ? __pfx_kthread+0x10/0x10 [ 29.451518] ret_from_fork_asm+0x1a/0x30 [ 29.451550] </TASK> [ 29.451562] [ 29.462910] Allocated by task 313: [ 29.463190] kasan_save_stack+0x45/0x70 [ 29.463674] kasan_save_track+0x18/0x40 [ 29.464094] kasan_save_alloc_info+0x3b/0x50 [ 29.464295] __kasan_kmalloc+0xb7/0xc0 [ 29.464569] __kmalloc_cache_noprof+0x189/0x420 [ 29.464773] kasan_atomics+0x95/0x310 [ 29.465200] kunit_try_run_case+0x1a5/0x480 [ 29.465442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.465769] kthread+0x337/0x6f0 [ 29.466026] ret_from_fork+0x116/0x1d0 [ 29.466430] ret_from_fork_asm+0x1a/0x30 [ 29.466608] [ 29.466704] The buggy address belongs to the object at ffff888106038600 [ 29.466704] which belongs to the cache kmalloc-64 of size 64 [ 29.467607] The buggy address is located 0 bytes to the right of [ 29.467607] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.468377] [ 29.468588] The buggy address belongs to the physical page: [ 29.469177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.469600] flags: 0x200000000000000(node=0|zone=2) [ 29.469904] page_type: f5(slab) [ 29.470232] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.470562] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.471062] page dumped because: kasan: bad access detected [ 29.471305] [ 29.471393] Memory state around the buggy address: [ 29.471784] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.472365] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.472665] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.473126] ^ [ 29.473445] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.474073] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.474366] ================================================================== [ 30.778265] ================================================================== [ 30.778943] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 30.779184] Read of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.779481] [ 30.779854] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.779982] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.779998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.780022] Call Trace: [ 30.780042] <TASK> [ 30.780062] dump_stack_lvl+0x73/0xb0 [ 30.780092] print_report+0xd1/0x640 [ 30.780116] ? __virt_addr_valid+0x1db/0x2d0 [ 30.780141] ? kasan_atomics_helper+0x4f71/0x5450 [ 30.780164] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.780191] ? kasan_atomics_helper+0x4f71/0x5450 [ 30.780214] kasan_report+0x141/0x180 [ 30.780358] ? kasan_atomics_helper+0x4f71/0x5450 [ 30.780386] __asan_report_load8_noabort+0x18/0x20 [ 30.780412] kasan_atomics_helper+0x4f71/0x5450 [ 30.780435] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.780457] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.780485] ? kasan_atomics+0x152/0x310 [ 30.780512] kasan_atomics+0x1dc/0x310 [ 30.780535] ? __pfx_kasan_atomics+0x10/0x10 [ 30.780560] ? __pfx_read_tsc+0x10/0x10 [ 30.780592] ? ktime_get_ts64+0x86/0x230 [ 30.780619] kunit_try_run_case+0x1a5/0x480 [ 30.780645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.780669] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.780696] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.780722] ? __kthread_parkme+0x82/0x180 [ 30.780744] ? preempt_count_sub+0x50/0x80 [ 30.780770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.780797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.780822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.780847] kthread+0x337/0x6f0 [ 30.780867] ? trace_preempt_on+0x20/0xc0 [ 30.780893] ? __pfx_kthread+0x10/0x10 [ 30.780928] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.780953] ? calculate_sigpending+0x7b/0xa0 [ 30.780978] ? __pfx_kthread+0x10/0x10 [ 30.781000] ret_from_fork+0x116/0x1d0 [ 30.781020] ? __pfx_kthread+0x10/0x10 [ 30.781041] ret_from_fork_asm+0x1a/0x30 [ 30.781076] </TASK> [ 30.781088] [ 30.791027] Allocated by task 313: [ 30.791371] kasan_save_stack+0x45/0x70 [ 30.791549] kasan_save_track+0x18/0x40 [ 30.791723] kasan_save_alloc_info+0x3b/0x50 [ 30.791920] __kasan_kmalloc+0xb7/0xc0 [ 30.792358] __kmalloc_cache_noprof+0x189/0x420 [ 30.792533] kasan_atomics+0x95/0x310 [ 30.792877] kunit_try_run_case+0x1a5/0x480 [ 30.793095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.793490] kthread+0x337/0x6f0 [ 30.793748] ret_from_fork+0x116/0x1d0 [ 30.793896] ret_from_fork_asm+0x1a/0x30 [ 30.794243] [ 30.794364] The buggy address belongs to the object at ffff888106038600 [ 30.794364] which belongs to the cache kmalloc-64 of size 64 [ 30.795068] The buggy address is located 0 bytes to the right of [ 30.795068] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.795772] [ 30.795867] The buggy address belongs to the physical page: [ 30.796058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.796537] flags: 0x200000000000000(node=0|zone=2) [ 30.796859] page_type: f5(slab) [ 30.797036] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.797529] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.797959] page dumped because: kasan: bad access detected [ 30.798200] [ 30.798444] Memory state around the buggy address: [ 30.798622] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.799116] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.799418] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.799721] ^ [ 30.799924] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.800459] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.800859] ================================================================== [ 30.940821] ================================================================== [ 30.941144] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 30.941490] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.941833] [ 30.941953] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.942008] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.942023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.942046] Call Trace: [ 30.942067] <TASK> [ 30.942088] dump_stack_lvl+0x73/0xb0 [ 30.942117] print_report+0xd1/0x640 [ 30.942141] ? __virt_addr_valid+0x1db/0x2d0 [ 30.942166] ? kasan_atomics_helper+0x224c/0x5450 [ 30.942188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.942216] ? kasan_atomics_helper+0x224c/0x5450 [ 30.942238] kasan_report+0x141/0x180 [ 30.942261] ? kasan_atomics_helper+0x224c/0x5450 [ 30.942288] kasan_check_range+0x10c/0x1c0 [ 30.942313] __kasan_check_write+0x18/0x20 [ 30.942337] kasan_atomics_helper+0x224c/0x5450 [ 30.942361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.942384] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.942411] ? kasan_atomics+0x152/0x310 [ 30.942438] kasan_atomics+0x1dc/0x310 [ 30.942461] ? __pfx_kasan_atomics+0x10/0x10 [ 30.942486] ? __pfx_read_tsc+0x10/0x10 [ 30.942509] ? ktime_get_ts64+0x86/0x230 [ 30.942535] kunit_try_run_case+0x1a5/0x480 [ 30.942561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.942596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.942623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.942650] ? __kthread_parkme+0x82/0x180 [ 30.942672] ? preempt_count_sub+0x50/0x80 [ 30.942695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.942720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.942744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.942768] kthread+0x337/0x6f0 [ 30.942789] ? trace_preempt_on+0x20/0xc0 [ 30.942813] ? __pfx_kthread+0x10/0x10 [ 30.942834] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.942858] ? calculate_sigpending+0x7b/0xa0 [ 30.942883] ? __pfx_kthread+0x10/0x10 [ 30.942905] ret_from_fork+0x116/0x1d0 [ 30.942925] ? __pfx_kthread+0x10/0x10 [ 30.942946] ret_from_fork_asm+0x1a/0x30 [ 30.942980] </TASK> [ 30.942991] [ 30.950946] Allocated by task 313: [ 30.951092] kasan_save_stack+0x45/0x70 [ 30.951236] kasan_save_track+0x18/0x40 [ 30.951372] kasan_save_alloc_info+0x3b/0x50 [ 30.951514] __kasan_kmalloc+0xb7/0xc0 [ 30.951685] __kmalloc_cache_noprof+0x189/0x420 [ 30.951904] kasan_atomics+0x95/0x310 [ 30.952096] kunit_try_run_case+0x1a5/0x480 [ 30.952296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.952541] kthread+0x337/0x6f0 [ 30.952710] ret_from_fork+0x116/0x1d0 [ 30.952890] ret_from_fork_asm+0x1a/0x30 [ 30.953049] [ 30.953115] The buggy address belongs to the object at ffff888106038600 [ 30.953115] which belongs to the cache kmalloc-64 of size 64 [ 30.953586] The buggy address is located 0 bytes to the right of [ 30.953586] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.954182] [ 30.954275] The buggy address belongs to the physical page: [ 30.954480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.954823] flags: 0x200000000000000(node=0|zone=2) [ 30.955058] page_type: f5(slab) [ 30.955194] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.955501] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.955790] page dumped because: kasan: bad access detected [ 30.956051] [ 30.956116] Memory state around the buggy address: [ 30.956322] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.956618] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.956899] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.957175] ^ [ 30.957379] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.957632] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.957837] ================================================================== [ 29.698691] ================================================================== [ 29.699080] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 29.699320] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.699683] [ 29.699792] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.699844] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.699859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.699882] Call Trace: [ 29.699902] <TASK> [ 29.699986] dump_stack_lvl+0x73/0xb0 [ 29.700541] print_report+0xd1/0x640 [ 29.700566] ? __virt_addr_valid+0x1db/0x2d0 [ 29.700604] ? kasan_atomics_helper+0xa2b/0x5450 [ 29.700626] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.700652] ? kasan_atomics_helper+0xa2b/0x5450 [ 29.700675] kasan_report+0x141/0x180 [ 29.700698] ? kasan_atomics_helper+0xa2b/0x5450 [ 29.700725] kasan_check_range+0x10c/0x1c0 [ 29.700750] __kasan_check_write+0x18/0x20 [ 29.700774] kasan_atomics_helper+0xa2b/0x5450 [ 29.700797] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.700820] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.700847] ? kasan_atomics+0x152/0x310 [ 29.700874] kasan_atomics+0x1dc/0x310 [ 29.700897] ? __pfx_kasan_atomics+0x10/0x10 [ 29.700923] ? __pfx_read_tsc+0x10/0x10 [ 29.700946] ? ktime_get_ts64+0x86/0x230 [ 29.700971] kunit_try_run_case+0x1a5/0x480 [ 29.700998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.701022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.701048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.701074] ? __kthread_parkme+0x82/0x180 [ 29.701095] ? preempt_count_sub+0x50/0x80 [ 29.701119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.701144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.701169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.701194] kthread+0x337/0x6f0 [ 29.701213] ? trace_preempt_on+0x20/0xc0 [ 29.701238] ? __pfx_kthread+0x10/0x10 [ 29.701259] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.701548] ? calculate_sigpending+0x7b/0xa0 [ 29.701595] ? __pfx_kthread+0x10/0x10 [ 29.701619] ret_from_fork+0x116/0x1d0 [ 29.701641] ? __pfx_kthread+0x10/0x10 [ 29.701662] ret_from_fork_asm+0x1a/0x30 [ 29.701696] </TASK> [ 29.701708] [ 29.714665] Allocated by task 313: [ 29.715272] kasan_save_stack+0x45/0x70 [ 29.715533] kasan_save_track+0x18/0x40 [ 29.715842] kasan_save_alloc_info+0x3b/0x50 [ 29.716228] __kasan_kmalloc+0xb7/0xc0 [ 29.716516] __kmalloc_cache_noprof+0x189/0x420 [ 29.716754] kasan_atomics+0x95/0x310 [ 29.717191] kunit_try_run_case+0x1a5/0x480 [ 29.717379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.717621] kthread+0x337/0x6f0 [ 29.717773] ret_from_fork+0x116/0x1d0 [ 29.718263] ret_from_fork_asm+0x1a/0x30 [ 29.718599] [ 29.718883] The buggy address belongs to the object at ffff888106038600 [ 29.718883] which belongs to the cache kmalloc-64 of size 64 [ 29.719641] The buggy address is located 0 bytes to the right of [ 29.719641] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.720599] [ 29.720949] The buggy address belongs to the physical page: [ 29.721450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.722163] flags: 0x200000000000000(node=0|zone=2) [ 29.722400] page_type: f5(slab) [ 29.722555] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.722870] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.723491] page dumped because: kasan: bad access detected [ 29.724016] [ 29.724285] Memory state around the buggy address: [ 29.724508] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.725070] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.725560] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.726445] ^ [ 29.726750] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.727352] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.727669] ================================================================== [ 30.555615] ================================================================== [ 30.556245] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 30.556698] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.557264] [ 30.557360] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.557414] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.557428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.557452] Call Trace: [ 30.557473] <TASK> [ 30.557493] dump_stack_lvl+0x73/0xb0 [ 30.557525] print_report+0xd1/0x640 [ 30.557848] ? __virt_addr_valid+0x1db/0x2d0 [ 30.557889] ? kasan_atomics_helper+0x1b22/0x5450 [ 30.557913] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.557949] ? kasan_atomics_helper+0x1b22/0x5450 [ 30.557972] kasan_report+0x141/0x180 [ 30.557995] ? kasan_atomics_helper+0x1b22/0x5450 [ 30.558022] kasan_check_range+0x10c/0x1c0 [ 30.558047] __kasan_check_write+0x18/0x20 [ 30.558071] kasan_atomics_helper+0x1b22/0x5450 [ 30.558096] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.558119] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.558145] ? kasan_atomics+0x152/0x310 [ 30.558171] kasan_atomics+0x1dc/0x310 [ 30.558195] ? __pfx_kasan_atomics+0x10/0x10 [ 30.558220] ? __pfx_read_tsc+0x10/0x10 [ 30.558242] ? ktime_get_ts64+0x86/0x230 [ 30.558268] kunit_try_run_case+0x1a5/0x480 [ 30.558294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.558316] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.558343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.558370] ? __kthread_parkme+0x82/0x180 [ 30.558391] ? preempt_count_sub+0x50/0x80 [ 30.558416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.558440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.558465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.558489] kthread+0x337/0x6f0 [ 30.558509] ? trace_preempt_on+0x20/0xc0 [ 30.558534] ? __pfx_kthread+0x10/0x10 [ 30.558554] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.558588] ? calculate_sigpending+0x7b/0xa0 [ 30.558643] ? __pfx_kthread+0x10/0x10 [ 30.558666] ret_from_fork+0x116/0x1d0 [ 30.558687] ? __pfx_kthread+0x10/0x10 [ 30.558718] ret_from_fork_asm+0x1a/0x30 [ 30.558751] </TASK> [ 30.558763] [ 30.567398] Allocated by task 313: [ 30.567629] kasan_save_stack+0x45/0x70 [ 30.567869] kasan_save_track+0x18/0x40 [ 30.568130] kasan_save_alloc_info+0x3b/0x50 [ 30.568334] __kasan_kmalloc+0xb7/0xc0 [ 30.568559] __kmalloc_cache_noprof+0x189/0x420 [ 30.568747] kasan_atomics+0x95/0x310 [ 30.569069] kunit_try_run_case+0x1a5/0x480 [ 30.569294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.569601] kthread+0x337/0x6f0 [ 30.569776] ret_from_fork+0x116/0x1d0 [ 30.570142] ret_from_fork_asm+0x1a/0x30 [ 30.570470] [ 30.570593] The buggy address belongs to the object at ffff888106038600 [ 30.570593] which belongs to the cache kmalloc-64 of size 64 [ 30.570968] The buggy address is located 0 bytes to the right of [ 30.570968] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.571604] [ 30.571700] The buggy address belongs to the physical page: [ 30.572005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.572388] flags: 0x200000000000000(node=0|zone=2) [ 30.572597] page_type: f5(slab) [ 30.572763] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.573017] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.573441] page dumped because: kasan: bad access detected [ 30.573840] [ 30.573969] Memory state around the buggy address: [ 30.574251] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.574632] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.574970] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.575460] ^ [ 30.575783] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.576390] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.576727] ================================================================== [ 29.398391] ================================================================== [ 29.398723] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 29.399613] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.400463] [ 29.400652] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.400710] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.400727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.400751] Call Trace: [ 29.400884] <TASK> [ 29.400909] dump_stack_lvl+0x73/0xb0 [ 29.400943] print_report+0xd1/0x640 [ 29.400971] ? __virt_addr_valid+0x1db/0x2d0 [ 29.400998] ? kasan_atomics_helper+0x4b6e/0x5450 [ 29.401067] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.401098] ? kasan_atomics_helper+0x4b6e/0x5450 [ 29.401122] kasan_report+0x141/0x180 [ 29.401146] ? kasan_atomics_helper+0x4b6e/0x5450 [ 29.401173] __asan_report_store4_noabort+0x1b/0x30 [ 29.401198] kasan_atomics_helper+0x4b6e/0x5450 [ 29.401223] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.401246] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.401272] ? kasan_atomics+0x152/0x310 [ 29.401300] kasan_atomics+0x1dc/0x310 [ 29.401323] ? __pfx_kasan_atomics+0x10/0x10 [ 29.401349] ? __pfx_read_tsc+0x10/0x10 [ 29.401371] ? ktime_get_ts64+0x86/0x230 [ 29.401397] kunit_try_run_case+0x1a5/0x480 [ 29.401426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.401452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.401479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.401506] ? __kthread_parkme+0x82/0x180 [ 29.401528] ? preempt_count_sub+0x50/0x80 [ 29.401553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.401589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.401615] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.401639] kthread+0x337/0x6f0 [ 29.401660] ? trace_preempt_on+0x20/0xc0 [ 29.401684] ? __pfx_kthread+0x10/0x10 [ 29.401705] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.401730] ? calculate_sigpending+0x7b/0xa0 [ 29.401755] ? __pfx_kthread+0x10/0x10 [ 29.401777] ret_from_fork+0x116/0x1d0 [ 29.401810] ? __pfx_kthread+0x10/0x10 [ 29.401832] ret_from_fork_asm+0x1a/0x30 [ 29.401865] </TASK> [ 29.401876] [ 29.412992] Allocated by task 313: [ 29.413256] kasan_save_stack+0x45/0x70 [ 29.413436] kasan_save_track+0x18/0x40 [ 29.413625] kasan_save_alloc_info+0x3b/0x50 [ 29.413837] __kasan_kmalloc+0xb7/0xc0 [ 29.414041] __kmalloc_cache_noprof+0x189/0x420 [ 29.414233] kasan_atomics+0x95/0x310 [ 29.414431] kunit_try_run_case+0x1a5/0x480 [ 29.414620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.414819] kthread+0x337/0x6f0 [ 29.414935] ret_from_fork+0x116/0x1d0 [ 29.415064] ret_from_fork_asm+0x1a/0x30 [ 29.415203] [ 29.415282] The buggy address belongs to the object at ffff888106038600 [ 29.415282] which belongs to the cache kmalloc-64 of size 64 [ 29.416144] The buggy address is located 0 bytes to the right of [ 29.416144] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.416534] [ 29.416614] The buggy address belongs to the physical page: [ 29.416832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.417220] flags: 0x200000000000000(node=0|zone=2) [ 29.417674] page_type: f5(slab) [ 29.417900] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.418219] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.418524] page dumped because: kasan: bad access detected [ 29.418768] [ 29.418924] Memory state around the buggy address: [ 29.419137] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.419536] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.419868] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.420246] ^ [ 29.420486] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.420844] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.421146] ================================================================== [ 30.852993] ================================================================== [ 30.853311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 30.853787] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.854266] [ 30.854672] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.854739] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.854756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.854779] Call Trace: [ 30.854802] <TASK> [ 30.854823] dump_stack_lvl+0x73/0xb0 [ 30.854856] print_report+0xd1/0x640 [ 30.854883] ? __virt_addr_valid+0x1db/0x2d0 [ 30.854909] ? kasan_atomics_helper+0x20c8/0x5450 [ 30.854942] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.854969] ? kasan_atomics_helper+0x20c8/0x5450 [ 30.854992] kasan_report+0x141/0x180 [ 30.855016] ? kasan_atomics_helper+0x20c8/0x5450 [ 30.855044] kasan_check_range+0x10c/0x1c0 [ 30.855068] __kasan_check_write+0x18/0x20 [ 30.855094] kasan_atomics_helper+0x20c8/0x5450 [ 30.855118] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.855141] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.855167] ? kasan_atomics+0x152/0x310 [ 30.855194] kasan_atomics+0x1dc/0x310 [ 30.855217] ? __pfx_kasan_atomics+0x10/0x10 [ 30.855242] ? __pfx_read_tsc+0x10/0x10 [ 30.855290] ? ktime_get_ts64+0x86/0x230 [ 30.855316] kunit_try_run_case+0x1a5/0x480 [ 30.855343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.855377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.855404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.855442] ? __kthread_parkme+0x82/0x180 [ 30.855463] ? preempt_count_sub+0x50/0x80 [ 30.855488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.855522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.855546] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.855588] kthread+0x337/0x6f0 [ 30.855609] ? trace_preempt_on+0x20/0xc0 [ 30.855635] ? __pfx_kthread+0x10/0x10 [ 30.855666] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.855691] ? calculate_sigpending+0x7b/0xa0 [ 30.855716] ? __pfx_kthread+0x10/0x10 [ 30.855738] ret_from_fork+0x116/0x1d0 [ 30.855758] ? __pfx_kthread+0x10/0x10 [ 30.855780] ret_from_fork_asm+0x1a/0x30 [ 30.855813] </TASK> [ 30.855825] [ 30.867023] Allocated by task 313: [ 30.867255] kasan_save_stack+0x45/0x70 [ 30.867456] kasan_save_track+0x18/0x40 [ 30.867631] kasan_save_alloc_info+0x3b/0x50 [ 30.867829] __kasan_kmalloc+0xb7/0xc0 [ 30.868473] __kmalloc_cache_noprof+0x189/0x420 [ 30.868731] kasan_atomics+0x95/0x310 [ 30.869032] kunit_try_run_case+0x1a5/0x480 [ 30.869253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.869673] kthread+0x337/0x6f0 [ 30.869950] ret_from_fork+0x116/0x1d0 [ 30.870261] ret_from_fork_asm+0x1a/0x30 [ 30.870416] [ 30.870688] The buggy address belongs to the object at ffff888106038600 [ 30.870688] which belongs to the cache kmalloc-64 of size 64 [ 30.871494] The buggy address is located 0 bytes to the right of [ 30.871494] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.872212] [ 30.872301] The buggy address belongs to the physical page: [ 30.872710] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.873235] flags: 0x200000000000000(node=0|zone=2) [ 30.873561] page_type: f5(slab) [ 30.873865] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.874391] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.874822] page dumped because: kasan: bad access detected [ 30.875221] [ 30.875312] Memory state around the buggy address: [ 30.875691] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.876178] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.876568] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.877009] ^ [ 30.877255] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.877633] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.878099] ================================================================== [ 29.801653] ================================================================== [ 29.802073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 29.802314] Read of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.803287] [ 29.803387] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.803439] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.803455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.803477] Call Trace: [ 29.803493] <TASK> [ 29.803509] dump_stack_lvl+0x73/0xb0 [ 29.803538] print_report+0xd1/0x640 [ 29.803563] ? __virt_addr_valid+0x1db/0x2d0 [ 29.803600] ? kasan_atomics_helper+0x4a84/0x5450 [ 29.803657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.803685] ? kasan_atomics_helper+0x4a84/0x5450 [ 29.803706] kasan_report+0x141/0x180 [ 29.803730] ? kasan_atomics_helper+0x4a84/0x5450 [ 29.803757] __asan_report_load4_noabort+0x18/0x20 [ 29.803782] kasan_atomics_helper+0x4a84/0x5450 [ 29.804042] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.804070] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.804096] ? kasan_atomics+0x152/0x310 [ 29.804124] kasan_atomics+0x1dc/0x310 [ 29.804147] ? __pfx_kasan_atomics+0x10/0x10 [ 29.804173] ? __pfx_read_tsc+0x10/0x10 [ 29.804197] ? ktime_get_ts64+0x86/0x230 [ 29.804223] kunit_try_run_case+0x1a5/0x480 [ 29.804249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.804272] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.804298] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.804324] ? __kthread_parkme+0x82/0x180 [ 29.804346] ? preempt_count_sub+0x50/0x80 [ 29.804370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.804395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.804419] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.804443] kthread+0x337/0x6f0 [ 29.804464] ? trace_preempt_on+0x20/0xc0 [ 29.804488] ? __pfx_kthread+0x10/0x10 [ 29.804509] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.804534] ? calculate_sigpending+0x7b/0xa0 [ 29.804559] ? __pfx_kthread+0x10/0x10 [ 29.804594] ret_from_fork+0x116/0x1d0 [ 29.804614] ? __pfx_kthread+0x10/0x10 [ 29.804636] ret_from_fork_asm+0x1a/0x30 [ 29.804669] </TASK> [ 29.804681] [ 29.815156] Allocated by task 313: [ 29.815434] kasan_save_stack+0x45/0x70 [ 29.815761] kasan_save_track+0x18/0x40 [ 29.815995] kasan_save_alloc_info+0x3b/0x50 [ 29.816514] __kasan_kmalloc+0xb7/0xc0 [ 29.816694] __kmalloc_cache_noprof+0x189/0x420 [ 29.817188] kasan_atomics+0x95/0x310 [ 29.817361] kunit_try_run_case+0x1a5/0x480 [ 29.817513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.818021] kthread+0x337/0x6f0 [ 29.818398] ret_from_fork+0x116/0x1d0 [ 29.818544] ret_from_fork_asm+0x1a/0x30 [ 29.818756] [ 29.818847] The buggy address belongs to the object at ffff888106038600 [ 29.818847] which belongs to the cache kmalloc-64 of size 64 [ 29.819693] The buggy address is located 0 bytes to the right of [ 29.819693] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.820490] [ 29.820601] The buggy address belongs to the physical page: [ 29.820856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.821379] flags: 0x200000000000000(node=0|zone=2) [ 29.821560] page_type: f5(slab) [ 29.821739] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.822310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.822645] page dumped because: kasan: bad access detected [ 29.823042] [ 29.823168] Memory state around the buggy address: [ 29.823543] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.823888] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.824554] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.825109] ^ [ 29.825395] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.825987] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.826472] ================================================================== [ 29.962235] ================================================================== [ 29.962551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 29.963260] Read of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.963728] [ 29.963846] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.964037] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.964085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.964109] Call Trace: [ 29.964130] <TASK> [ 29.964213] dump_stack_lvl+0x73/0xb0 [ 29.964248] print_report+0xd1/0x640 [ 29.964272] ? __virt_addr_valid+0x1db/0x2d0 [ 29.964297] ? kasan_atomics_helper+0x4a36/0x5450 [ 29.964319] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.964346] ? kasan_atomics_helper+0x4a36/0x5450 [ 29.964368] kasan_report+0x141/0x180 [ 29.964391] ? kasan_atomics_helper+0x4a36/0x5450 [ 29.964418] __asan_report_load4_noabort+0x18/0x20 [ 29.964443] kasan_atomics_helper+0x4a36/0x5450 [ 29.964467] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.964491] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.964517] ? kasan_atomics+0x152/0x310 [ 29.964544] kasan_atomics+0x1dc/0x310 [ 29.964568] ? __pfx_kasan_atomics+0x10/0x10 [ 29.964606] ? __pfx_read_tsc+0x10/0x10 [ 29.964629] ? ktime_get_ts64+0x86/0x230 [ 29.964655] kunit_try_run_case+0x1a5/0x480 [ 29.964681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.964704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.964731] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.964757] ? __kthread_parkme+0x82/0x180 [ 29.964779] ? preempt_count_sub+0x50/0x80 [ 29.964812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.964837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.964863] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.964888] kthread+0x337/0x6f0 [ 29.964909] ? trace_preempt_on+0x20/0xc0 [ 29.964941] ? __pfx_kthread+0x10/0x10 [ 29.964962] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.964988] ? calculate_sigpending+0x7b/0xa0 [ 29.965012] ? __pfx_kthread+0x10/0x10 [ 29.965034] ret_from_fork+0x116/0x1d0 [ 29.965055] ? __pfx_kthread+0x10/0x10 [ 29.965078] ret_from_fork_asm+0x1a/0x30 [ 29.965111] </TASK> [ 29.965123] [ 29.975477] Allocated by task 313: [ 29.975689] kasan_save_stack+0x45/0x70 [ 29.975862] kasan_save_track+0x18/0x40 [ 29.976322] kasan_save_alloc_info+0x3b/0x50 [ 29.976653] __kasan_kmalloc+0xb7/0xc0 [ 29.977031] __kmalloc_cache_noprof+0x189/0x420 [ 29.977225] kasan_atomics+0x95/0x310 [ 29.977518] kunit_try_run_case+0x1a5/0x480 [ 29.977906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.978116] kthread+0x337/0x6f0 [ 29.978300] ret_from_fork+0x116/0x1d0 [ 29.978597] ret_from_fork_asm+0x1a/0x30 [ 29.978773] [ 29.979058] The buggy address belongs to the object at ffff888106038600 [ 29.979058] which belongs to the cache kmalloc-64 of size 64 [ 29.979627] The buggy address is located 0 bytes to the right of [ 29.979627] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.980197] [ 29.980455] The buggy address belongs to the physical page: [ 29.980790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.981097] flags: 0x200000000000000(node=0|zone=2) [ 29.981408] page_type: f5(slab) [ 29.981678] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.982044] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.982416] page dumped because: kasan: bad access detected [ 29.982722] [ 29.982893] Memory state around the buggy address: [ 29.983164] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.983549] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.983875] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.984410] ^ [ 29.984642] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.985025] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.985505] ================================================================== [ 30.274553] ================================================================== [ 30.275483] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 30.276077] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.276310] [ 30.276398] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.276457] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.276472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.276496] Call Trace: [ 30.276518] <TASK> [ 30.276541] dump_stack_lvl+0x73/0xb0 [ 30.276586] print_report+0xd1/0x640 [ 30.276616] ? __virt_addr_valid+0x1db/0x2d0 [ 30.276644] ? kasan_atomics_helper+0x151d/0x5450 [ 30.276667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.276696] ? kasan_atomics_helper+0x151d/0x5450 [ 30.276719] kasan_report+0x141/0x180 [ 30.276743] ? kasan_atomics_helper+0x151d/0x5450 [ 30.276770] kasan_check_range+0x10c/0x1c0 [ 30.276795] __kasan_check_write+0x18/0x20 [ 30.276924] kasan_atomics_helper+0x151d/0x5450 [ 30.276960] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.276985] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.277014] ? kasan_atomics+0x152/0x310 [ 30.277042] kasan_atomics+0x1dc/0x310 [ 30.277066] ? __pfx_kasan_atomics+0x10/0x10 [ 30.277091] ? __pfx_read_tsc+0x10/0x10 [ 30.277113] ? ktime_get_ts64+0x86/0x230 [ 30.277159] kunit_try_run_case+0x1a5/0x480 [ 30.277187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.277211] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.277238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.277265] ? __kthread_parkme+0x82/0x180 [ 30.277289] ? preempt_count_sub+0x50/0x80 [ 30.277313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.277339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.277363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.277388] kthread+0x337/0x6f0 [ 30.277409] ? trace_preempt_on+0x20/0xc0 [ 30.277436] ? __pfx_kthread+0x10/0x10 [ 30.277458] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.277484] ? calculate_sigpending+0x7b/0xa0 [ 30.277510] ? __pfx_kthread+0x10/0x10 [ 30.277532] ret_from_fork+0x116/0x1d0 [ 30.277553] ? __pfx_kthread+0x10/0x10 [ 30.277587] ret_from_fork_asm+0x1a/0x30 [ 30.277621] </TASK> [ 30.277634] [ 30.293276] Allocated by task 313: [ 30.293454] kasan_save_stack+0x45/0x70 [ 30.293939] kasan_save_track+0x18/0x40 [ 30.294275] kasan_save_alloc_info+0x3b/0x50 [ 30.294555] __kasan_kmalloc+0xb7/0xc0 [ 30.294735] __kmalloc_cache_noprof+0x189/0x420 [ 30.295449] kasan_atomics+0x95/0x310 [ 30.295661] kunit_try_run_case+0x1a5/0x480 [ 30.295954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.296218] kthread+0x337/0x6f0 [ 30.296368] ret_from_fork+0x116/0x1d0 [ 30.296555] ret_from_fork_asm+0x1a/0x30 [ 30.296755] [ 30.296828] The buggy address belongs to the object at ffff888106038600 [ 30.296828] which belongs to the cache kmalloc-64 of size 64 [ 30.297916] The buggy address is located 0 bytes to the right of [ 30.297916] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.298492] [ 30.298610] The buggy address belongs to the physical page: [ 30.299255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.299614] flags: 0x200000000000000(node=0|zone=2) [ 30.299873] page_type: f5(slab) [ 30.300066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.300467] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.300938] page dumped because: kasan: bad access detected [ 30.301369] [ 30.301471] Memory state around the buggy address: [ 30.301712] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.302025] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.302434] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.302722] ^ [ 30.303072] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.303661] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.304264] ================================================================== [ 30.525018] ================================================================== [ 30.525411] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 30.525662] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.526191] [ 30.526384] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.526438] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.526454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.526477] Call Trace: [ 30.526498] <TASK> [ 30.526518] dump_stack_lvl+0x73/0xb0 [ 30.526556] print_report+0xd1/0x640 [ 30.526601] ? __virt_addr_valid+0x1db/0x2d0 [ 30.526629] ? kasan_atomics_helper+0x1a7f/0x5450 [ 30.526660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.526686] ? kasan_atomics_helper+0x1a7f/0x5450 [ 30.526709] kasan_report+0x141/0x180 [ 30.526743] ? kasan_atomics_helper+0x1a7f/0x5450 [ 30.526769] kasan_check_range+0x10c/0x1c0 [ 30.526794] __kasan_check_write+0x18/0x20 [ 30.526818] kasan_atomics_helper+0x1a7f/0x5450 [ 30.526841] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.526864] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.526890] ? kasan_atomics+0x152/0x310 [ 30.526925] kasan_atomics+0x1dc/0x310 [ 30.526947] ? __pfx_kasan_atomics+0x10/0x10 [ 30.526972] ? __pfx_read_tsc+0x10/0x10 [ 30.527031] ? ktime_get_ts64+0x86/0x230 [ 30.527081] kunit_try_run_case+0x1a5/0x480 [ 30.527109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.527132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.527159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.527185] ? __kthread_parkme+0x82/0x180 [ 30.527207] ? preempt_count_sub+0x50/0x80 [ 30.527232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.527263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.527288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.527312] kthread+0x337/0x6f0 [ 30.527343] ? trace_preempt_on+0x20/0xc0 [ 30.527369] ? __pfx_kthread+0x10/0x10 [ 30.527401] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.527426] ? calculate_sigpending+0x7b/0xa0 [ 30.527451] ? __pfx_kthread+0x10/0x10 [ 30.527473] ret_from_fork+0x116/0x1d0 [ 30.527494] ? __pfx_kthread+0x10/0x10 [ 30.527516] ret_from_fork_asm+0x1a/0x30 [ 30.527549] </TASK> [ 30.527562] [ 30.543466] Allocated by task 313: [ 30.543787] kasan_save_stack+0x45/0x70 [ 30.544493] kasan_save_track+0x18/0x40 [ 30.544694] kasan_save_alloc_info+0x3b/0x50 [ 30.544839] __kasan_kmalloc+0xb7/0xc0 [ 30.545121] __kmalloc_cache_noprof+0x189/0x420 [ 30.545644] kasan_atomics+0x95/0x310 [ 30.546235] kunit_try_run_case+0x1a5/0x480 [ 30.546725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.547263] kthread+0x337/0x6f0 [ 30.547619] ret_from_fork+0x116/0x1d0 [ 30.547784] ret_from_fork_asm+0x1a/0x30 [ 30.548258] [ 30.548426] The buggy address belongs to the object at ffff888106038600 [ 30.548426] which belongs to the cache kmalloc-64 of size 64 [ 30.549135] The buggy address is located 0 bytes to the right of [ 30.549135] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.550510] [ 30.550681] The buggy address belongs to the physical page: [ 30.551052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.551594] flags: 0x200000000000000(node=0|zone=2) [ 30.552060] page_type: f5(slab) [ 30.552203] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.552446] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.552680] page dumped because: kasan: bad access detected [ 30.552873] [ 30.552980] Memory state around the buggy address: [ 30.553236] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.553558] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.553878] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.554090] ^ [ 30.554311] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.554607] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.555030] ================================================================== [ 29.324558] ================================================================== [ 29.325400] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 29.325950] Read of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.326288] [ 29.326404] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.326461] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.326475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.326497] Call Trace: [ 29.326510] <TASK> [ 29.326529] dump_stack_lvl+0x73/0xb0 [ 29.326559] print_report+0xd1/0x640 [ 29.326596] ? __virt_addr_valid+0x1db/0x2d0 [ 29.326620] ? kasan_atomics_helper+0x4bbc/0x5450 [ 29.326641] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.326688] ? kasan_atomics_helper+0x4bbc/0x5450 [ 29.326710] kasan_report+0x141/0x180 [ 29.326732] ? kasan_atomics_helper+0x4bbc/0x5450 [ 29.326758] __asan_report_load4_noabort+0x18/0x20 [ 29.326783] kasan_atomics_helper+0x4bbc/0x5450 [ 29.326805] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.326826] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.326852] ? kasan_atomics+0x152/0x310 [ 29.326878] kasan_atomics+0x1dc/0x310 [ 29.326964] ? __pfx_kasan_atomics+0x10/0x10 [ 29.326996] ? __pfx_read_tsc+0x10/0x10 [ 29.327018] ? ktime_get_ts64+0x86/0x230 [ 29.327044] kunit_try_run_case+0x1a5/0x480 [ 29.327071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.327094] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.327119] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.327143] ? __kthread_parkme+0x82/0x180 [ 29.327168] ? preempt_count_sub+0x50/0x80 [ 29.327192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.327218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.327244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.327275] kthread+0x337/0x6f0 [ 29.327296] ? trace_preempt_on+0x20/0xc0 [ 29.327321] ? __pfx_kthread+0x10/0x10 [ 29.327343] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.327366] ? calculate_sigpending+0x7b/0xa0 [ 29.327391] ? __pfx_kthread+0x10/0x10 [ 29.327413] ret_from_fork+0x116/0x1d0 [ 29.327434] ? __pfx_kthread+0x10/0x10 [ 29.327455] ret_from_fork_asm+0x1a/0x30 [ 29.327488] </TASK> [ 29.327500] [ 29.336218] Allocated by task 313: [ 29.336451] kasan_save_stack+0x45/0x70 [ 29.336665] kasan_save_track+0x18/0x40 [ 29.336868] kasan_save_alloc_info+0x3b/0x50 [ 29.337139] __kasan_kmalloc+0xb7/0xc0 [ 29.337352] __kmalloc_cache_noprof+0x189/0x420 [ 29.337537] kasan_atomics+0x95/0x310 [ 29.337672] kunit_try_run_case+0x1a5/0x480 [ 29.337976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.338257] kthread+0x337/0x6f0 [ 29.338424] ret_from_fork+0x116/0x1d0 [ 29.338645] ret_from_fork_asm+0x1a/0x30 [ 29.338945] [ 29.339038] The buggy address belongs to the object at ffff888106038600 [ 29.339038] which belongs to the cache kmalloc-64 of size 64 [ 29.339497] The buggy address is located 0 bytes to the right of [ 29.339497] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.340204] [ 29.340282] The buggy address belongs to the physical page: [ 29.340560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.340928] flags: 0x200000000000000(node=0|zone=2) [ 29.341255] page_type: f5(slab) [ 29.341409] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.341778] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.342081] page dumped because: kasan: bad access detected [ 29.342243] [ 29.342305] Memory state around the buggy address: [ 29.342451] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.342665] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.343335] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.343704] ^ [ 29.344034] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.344386] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.344704] ================================================================== [ 29.935954] ================================================================== [ 29.936310] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 29.936813] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.937536] [ 29.937665] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.937721] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.937737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.937761] Call Trace: [ 29.937782] <TASK> [ 29.937803] dump_stack_lvl+0x73/0xb0 [ 29.937834] print_report+0xd1/0x640 [ 29.937859] ? __virt_addr_valid+0x1db/0x2d0 [ 29.937884] ? kasan_atomics_helper+0xfa9/0x5450 [ 29.937907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.938190] ? kasan_atomics_helper+0xfa9/0x5450 [ 29.938216] kasan_report+0x141/0x180 [ 29.938240] ? kasan_atomics_helper+0xfa9/0x5450 [ 29.938267] kasan_check_range+0x10c/0x1c0 [ 29.938292] __kasan_check_write+0x18/0x20 [ 29.938316] kasan_atomics_helper+0xfa9/0x5450 [ 29.938340] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.938364] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.938390] ? kasan_atomics+0x152/0x310 [ 29.938418] kasan_atomics+0x1dc/0x310 [ 29.938440] ? __pfx_kasan_atomics+0x10/0x10 [ 29.938466] ? __pfx_read_tsc+0x10/0x10 [ 29.938488] ? ktime_get_ts64+0x86/0x230 [ 29.938514] kunit_try_run_case+0x1a5/0x480 [ 29.938542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.938566] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.938605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.938632] ? __kthread_parkme+0x82/0x180 [ 29.938654] ? preempt_count_sub+0x50/0x80 [ 29.938679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.938703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.938727] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.938751] kthread+0x337/0x6f0 [ 29.938771] ? trace_preempt_on+0x20/0xc0 [ 29.938814] ? __pfx_kthread+0x10/0x10 [ 29.938835] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.938859] ? calculate_sigpending+0x7b/0xa0 [ 29.938884] ? __pfx_kthread+0x10/0x10 [ 29.938906] ret_from_fork+0x116/0x1d0 [ 29.938937] ? __pfx_kthread+0x10/0x10 [ 29.938959] ret_from_fork_asm+0x1a/0x30 [ 29.938991] </TASK> [ 29.939003] [ 29.950487] Allocated by task 313: [ 29.950766] kasan_save_stack+0x45/0x70 [ 29.951144] kasan_save_track+0x18/0x40 [ 29.951481] kasan_save_alloc_info+0x3b/0x50 [ 29.951754] __kasan_kmalloc+0xb7/0xc0 [ 29.952128] __kmalloc_cache_noprof+0x189/0x420 [ 29.952340] kasan_atomics+0x95/0x310 [ 29.952553] kunit_try_run_case+0x1a5/0x480 [ 29.952778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.953243] kthread+0x337/0x6f0 [ 29.953431] ret_from_fork+0x116/0x1d0 [ 29.953630] ret_from_fork_asm+0x1a/0x30 [ 29.953895] [ 29.954157] The buggy address belongs to the object at ffff888106038600 [ 29.954157] which belongs to the cache kmalloc-64 of size 64 [ 29.954847] The buggy address is located 0 bytes to the right of [ 29.954847] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.955570] [ 29.956092] The buggy address belongs to the physical page: [ 29.956377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.956712] flags: 0x200000000000000(node=0|zone=2) [ 29.957179] page_type: f5(slab) [ 29.957509] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.957960] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.958351] page dumped because: kasan: bad access detected [ 29.958636] [ 29.958896] Memory state around the buggy address: [ 29.959090] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.959671] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.959937] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.960441] ^ [ 29.960892] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.961173] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.961474] ================================================================== [ 30.148366] ================================================================== [ 30.148693] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 30.149235] Read of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.149594] [ 30.149705] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.149770] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.149787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.149811] Call Trace: [ 30.149830] <TASK> [ 30.149849] dump_stack_lvl+0x73/0xb0 [ 30.149878] print_report+0xd1/0x640 [ 30.149902] ? __virt_addr_valid+0x1db/0x2d0 [ 30.149928] ? kasan_atomics_helper+0x49ce/0x5450 [ 30.149950] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.149976] ? kasan_atomics_helper+0x49ce/0x5450 [ 30.149998] kasan_report+0x141/0x180 [ 30.150022] ? kasan_atomics_helper+0x49ce/0x5450 [ 30.150048] __asan_report_load4_noabort+0x18/0x20 [ 30.150075] kasan_atomics_helper+0x49ce/0x5450 [ 30.150099] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.150121] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.150148] ? kasan_atomics+0x152/0x310 [ 30.150176] kasan_atomics+0x1dc/0x310 [ 30.150199] ? __pfx_kasan_atomics+0x10/0x10 [ 30.150225] ? __pfx_read_tsc+0x10/0x10 [ 30.150251] ? ktime_get_ts64+0x86/0x230 [ 30.150278] kunit_try_run_case+0x1a5/0x480 [ 30.150304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.150328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.150355] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.150475] ? __kthread_parkme+0x82/0x180 [ 30.150500] ? preempt_count_sub+0x50/0x80 [ 30.150524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.150549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.150610] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.150636] kthread+0x337/0x6f0 [ 30.150656] ? trace_preempt_on+0x20/0xc0 [ 30.150681] ? __pfx_kthread+0x10/0x10 [ 30.150702] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.150727] ? calculate_sigpending+0x7b/0xa0 [ 30.150752] ? __pfx_kthread+0x10/0x10 [ 30.150840] ret_from_fork+0x116/0x1d0 [ 30.150862] ? __pfx_kthread+0x10/0x10 [ 30.150884] ret_from_fork_asm+0x1a/0x30 [ 30.150918] </TASK> [ 30.150930] [ 30.159622] Allocated by task 313: [ 30.159773] kasan_save_stack+0x45/0x70 [ 30.160321] kasan_save_track+0x18/0x40 [ 30.160548] kasan_save_alloc_info+0x3b/0x50 [ 30.160784] __kasan_kmalloc+0xb7/0xc0 [ 30.161252] __kmalloc_cache_noprof+0x189/0x420 [ 30.161422] kasan_atomics+0x95/0x310 [ 30.161632] kunit_try_run_case+0x1a5/0x480 [ 30.162026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.162299] kthread+0x337/0x6f0 [ 30.162450] ret_from_fork+0x116/0x1d0 [ 30.162583] ret_from_fork_asm+0x1a/0x30 [ 30.162777] [ 30.162964] The buggy address belongs to the object at ffff888106038600 [ 30.162964] which belongs to the cache kmalloc-64 of size 64 [ 30.163662] The buggy address is located 0 bytes to the right of [ 30.163662] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.164013] [ 30.164090] The buggy address belongs to the physical page: [ 30.164333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.164678] flags: 0x200000000000000(node=0|zone=2) [ 30.164902] page_type: f5(slab) [ 30.165067] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.165389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.165648] page dumped because: kasan: bad access detected [ 30.165812] [ 30.165875] Memory state around the buggy address: [ 30.166017] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.166591] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.167244] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.167569] ^ [ 30.167805] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.168536] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.169033] ================================================================== [ 30.406099] ================================================================== [ 30.406988] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 30.407440] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.407778] [ 30.407991] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.408046] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.408062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.408086] Call Trace: [ 30.408108] <TASK> [ 30.408129] dump_stack_lvl+0x73/0xb0 [ 30.408160] print_report+0xd1/0x640 [ 30.408186] ? __virt_addr_valid+0x1db/0x2d0 [ 30.408211] ? kasan_atomics_helper+0x1818/0x5450 [ 30.408234] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.408260] ? kasan_atomics_helper+0x1818/0x5450 [ 30.408283] kasan_report+0x141/0x180 [ 30.408399] ? kasan_atomics_helper+0x1818/0x5450 [ 30.408433] kasan_check_range+0x10c/0x1c0 [ 30.408458] __kasan_check_write+0x18/0x20 [ 30.408483] kasan_atomics_helper+0x1818/0x5450 [ 30.408507] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.408530] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.408557] ? kasan_atomics+0x152/0x310 [ 30.408600] kasan_atomics+0x1dc/0x310 [ 30.408624] ? __pfx_kasan_atomics+0x10/0x10 [ 30.408661] ? __pfx_read_tsc+0x10/0x10 [ 30.408685] ? ktime_get_ts64+0x86/0x230 [ 30.408711] kunit_try_run_case+0x1a5/0x480 [ 30.408737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.408760] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.408830] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.408859] ? __kthread_parkme+0x82/0x180 [ 30.408882] ? preempt_count_sub+0x50/0x80 [ 30.408932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.408958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.408983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.409008] kthread+0x337/0x6f0 [ 30.409029] ? trace_preempt_on+0x20/0xc0 [ 30.409054] ? __pfx_kthread+0x10/0x10 [ 30.409076] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.409100] ? calculate_sigpending+0x7b/0xa0 [ 30.409124] ? __pfx_kthread+0x10/0x10 [ 30.409147] ret_from_fork+0x116/0x1d0 [ 30.409168] ? __pfx_kthread+0x10/0x10 [ 30.409189] ret_from_fork_asm+0x1a/0x30 [ 30.409231] </TASK> [ 30.409243] [ 30.417406] Allocated by task 313: [ 30.417605] kasan_save_stack+0x45/0x70 [ 30.418011] kasan_save_track+0x18/0x40 [ 30.418188] kasan_save_alloc_info+0x3b/0x50 [ 30.418401] __kasan_kmalloc+0xb7/0xc0 [ 30.418554] __kmalloc_cache_noprof+0x189/0x420 [ 30.418763] kasan_atomics+0x95/0x310 [ 30.418994] kunit_try_run_case+0x1a5/0x480 [ 30.419240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.419516] kthread+0x337/0x6f0 [ 30.419673] ret_from_fork+0x116/0x1d0 [ 30.419915] ret_from_fork_asm+0x1a/0x30 [ 30.420123] [ 30.420216] The buggy address belongs to the object at ffff888106038600 [ 30.420216] which belongs to the cache kmalloc-64 of size 64 [ 30.420676] The buggy address is located 0 bytes to the right of [ 30.420676] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.421332] [ 30.421400] The buggy address belongs to the physical page: [ 30.422038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.422353] flags: 0x200000000000000(node=0|zone=2) [ 30.422552] page_type: f5(slab) [ 30.422737] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.422967] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.423219] page dumped because: kasan: bad access detected [ 30.423665] [ 30.423758] Memory state around the buggy address: [ 30.424209] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.424554] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.424968] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.425179] ^ [ 30.425330] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.425533] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.425875] ================================================================== [ 29.500520] ================================================================== [ 29.500774] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 29.501683] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.502216] [ 29.502328] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.502385] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.502401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.502426] Call Trace: [ 29.502448] <TASK> [ 29.502627] dump_stack_lvl+0x73/0xb0 [ 29.502668] print_report+0xd1/0x640 [ 29.502693] ? __virt_addr_valid+0x1db/0x2d0 [ 29.502719] ? kasan_atomics_helper+0x4b3a/0x5450 [ 29.502741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.502768] ? kasan_atomics_helper+0x4b3a/0x5450 [ 29.502803] kasan_report+0x141/0x180 [ 29.502829] ? kasan_atomics_helper+0x4b3a/0x5450 [ 29.502856] __asan_report_store4_noabort+0x1b/0x30 [ 29.502882] kasan_atomics_helper+0x4b3a/0x5450 [ 29.502905] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.502934] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.502961] ? kasan_atomics+0x152/0x310 [ 29.502988] kasan_atomics+0x1dc/0x310 [ 29.503012] ? __pfx_kasan_atomics+0x10/0x10 [ 29.503037] ? __pfx_read_tsc+0x10/0x10 [ 29.503060] ? ktime_get_ts64+0x86/0x230 [ 29.503086] kunit_try_run_case+0x1a5/0x480 [ 29.503113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.503137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.503164] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.503190] ? __kthread_parkme+0x82/0x180 [ 29.503211] ? preempt_count_sub+0x50/0x80 [ 29.503236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.503267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.503292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.503316] kthread+0x337/0x6f0 [ 29.503337] ? trace_preempt_on+0x20/0xc0 [ 29.503361] ? __pfx_kthread+0x10/0x10 [ 29.503382] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.503406] ? calculate_sigpending+0x7b/0xa0 [ 29.503432] ? __pfx_kthread+0x10/0x10 [ 29.503454] ret_from_fork+0x116/0x1d0 [ 29.503474] ? __pfx_kthread+0x10/0x10 [ 29.503496] ret_from_fork_asm+0x1a/0x30 [ 29.503530] </TASK> [ 29.503543] [ 29.514061] Allocated by task 313: [ 29.514204] kasan_save_stack+0x45/0x70 [ 29.514465] kasan_save_track+0x18/0x40 [ 29.515028] kasan_save_alloc_info+0x3b/0x50 [ 29.515213] __kasan_kmalloc+0xb7/0xc0 [ 29.515409] __kmalloc_cache_noprof+0x189/0x420 [ 29.515642] kasan_atomics+0x95/0x310 [ 29.516158] kunit_try_run_case+0x1a5/0x480 [ 29.516351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.516728] kthread+0x337/0x6f0 [ 29.517136] ret_from_fork+0x116/0x1d0 [ 29.517311] ret_from_fork_asm+0x1a/0x30 [ 29.517666] [ 29.517773] The buggy address belongs to the object at ffff888106038600 [ 29.517773] which belongs to the cache kmalloc-64 of size 64 [ 29.518517] The buggy address is located 0 bytes to the right of [ 29.518517] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.519364] [ 29.519471] The buggy address belongs to the physical page: [ 29.519938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.520401] flags: 0x200000000000000(node=0|zone=2) [ 29.520781] page_type: f5(slab) [ 29.521032] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.521484] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.521983] page dumped because: kasan: bad access detected [ 29.522384] [ 29.522547] Memory state around the buggy address: [ 29.523032] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.523492] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.524217] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.524518] ^ [ 29.524747] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.525283] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.525807] ================================================================== [ 29.827312] ================================================================== [ 29.827763] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 29.828378] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.828804] [ 29.828968] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.829021] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.829038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.829060] Call Trace: [ 29.829081] <TASK> [ 29.829099] dump_stack_lvl+0x73/0xb0 [ 29.829365] print_report+0xd1/0x640 [ 29.829391] ? __virt_addr_valid+0x1db/0x2d0 [ 29.829416] ? kasan_atomics_helper+0xd47/0x5450 [ 29.829437] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.829464] ? kasan_atomics_helper+0xd47/0x5450 [ 29.829486] kasan_report+0x141/0x180 [ 29.829509] ? kasan_atomics_helper+0xd47/0x5450 [ 29.829535] kasan_check_range+0x10c/0x1c0 [ 29.829560] __kasan_check_write+0x18/0x20 [ 29.829597] kasan_atomics_helper+0xd47/0x5450 [ 29.829620] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.829642] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.829668] ? kasan_atomics+0x152/0x310 [ 29.829695] kasan_atomics+0x1dc/0x310 [ 29.829718] ? __pfx_kasan_atomics+0x10/0x10 [ 29.829742] ? __pfx_read_tsc+0x10/0x10 [ 29.829765] ? ktime_get_ts64+0x86/0x230 [ 29.829801] kunit_try_run_case+0x1a5/0x480 [ 29.829827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.829850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.829876] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.829902] ? __kthread_parkme+0x82/0x180 [ 29.829941] ? preempt_count_sub+0x50/0x80 [ 29.829964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.829989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.830013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.830037] kthread+0x337/0x6f0 [ 29.830058] ? trace_preempt_on+0x20/0xc0 [ 29.830081] ? __pfx_kthread+0x10/0x10 [ 29.830102] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.830126] ? calculate_sigpending+0x7b/0xa0 [ 29.830150] ? __pfx_kthread+0x10/0x10 [ 29.830172] ret_from_fork+0x116/0x1d0 [ 29.830191] ? __pfx_kthread+0x10/0x10 [ 29.830213] ret_from_fork_asm+0x1a/0x30 [ 29.830246] </TASK> [ 29.830258] [ 29.842562] Allocated by task 313: [ 29.842973] kasan_save_stack+0x45/0x70 [ 29.843176] kasan_save_track+0x18/0x40 [ 29.843475] kasan_save_alloc_info+0x3b/0x50 [ 29.843699] __kasan_kmalloc+0xb7/0xc0 [ 29.844163] __kmalloc_cache_noprof+0x189/0x420 [ 29.844382] kasan_atomics+0x95/0x310 [ 29.844523] kunit_try_run_case+0x1a5/0x480 [ 29.844944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.845319] kthread+0x337/0x6f0 [ 29.845672] ret_from_fork+0x116/0x1d0 [ 29.845993] ret_from_fork_asm+0x1a/0x30 [ 29.846338] [ 29.846431] The buggy address belongs to the object at ffff888106038600 [ 29.846431] which belongs to the cache kmalloc-64 of size 64 [ 29.847055] The buggy address is located 0 bytes to the right of [ 29.847055] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.847748] [ 29.847926] The buggy address belongs to the physical page: [ 29.848350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.848684] flags: 0x200000000000000(node=0|zone=2) [ 29.849233] page_type: f5(slab) [ 29.849538] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.849944] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.850517] page dumped because: kasan: bad access detected [ 29.851016] [ 29.851147] Memory state around the buggy address: [ 29.851651] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.852206] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.852470] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.853043] ^ [ 29.853312] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.853951] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.854413] ================================================================== [ 29.614310] ================================================================== [ 29.614637] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 29.615560] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.615824] [ 29.615912] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.615966] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.615982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.616007] Call Trace: [ 29.616028] <TASK> [ 29.616048] dump_stack_lvl+0x73/0xb0 [ 29.616080] print_report+0xd1/0x640 [ 29.616106] ? __virt_addr_valid+0x1db/0x2d0 [ 29.616132] ? kasan_atomics_helper+0x7c7/0x5450 [ 29.616155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.616182] ? kasan_atomics_helper+0x7c7/0x5450 [ 29.616204] kasan_report+0x141/0x180 [ 29.616227] ? kasan_atomics_helper+0x7c7/0x5450 [ 29.616254] kasan_check_range+0x10c/0x1c0 [ 29.616277] __kasan_check_write+0x18/0x20 [ 29.616302] kasan_atomics_helper+0x7c7/0x5450 [ 29.616325] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.616348] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.616375] ? kasan_atomics+0x152/0x310 [ 29.616400] kasan_atomics+0x1dc/0x310 [ 29.616425] ? __pfx_kasan_atomics+0x10/0x10 [ 29.616449] ? __pfx_read_tsc+0x10/0x10 [ 29.616472] ? ktime_get_ts64+0x86/0x230 [ 29.616498] kunit_try_run_case+0x1a5/0x480 [ 29.616526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.616550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.616587] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.616613] ? __kthread_parkme+0x82/0x180 [ 29.616634] ? preempt_count_sub+0x50/0x80 [ 29.616658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.616683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.616707] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.616733] kthread+0x337/0x6f0 [ 29.616753] ? trace_preempt_on+0x20/0xc0 [ 29.616778] ? __pfx_kthread+0x10/0x10 [ 29.616800] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.617040] ? calculate_sigpending+0x7b/0xa0 [ 29.617072] ? __pfx_kthread+0x10/0x10 [ 29.617096] ret_from_fork+0x116/0x1d0 [ 29.617118] ? __pfx_kthread+0x10/0x10 [ 29.617141] ret_from_fork_asm+0x1a/0x30 [ 29.617175] </TASK> [ 29.617187] [ 29.625542] Allocated by task 313: [ 29.625690] kasan_save_stack+0x45/0x70 [ 29.625968] kasan_save_track+0x18/0x40 [ 29.626128] kasan_save_alloc_info+0x3b/0x50 [ 29.626270] __kasan_kmalloc+0xb7/0xc0 [ 29.626393] __kmalloc_cache_noprof+0x189/0x420 [ 29.626538] kasan_atomics+0x95/0x310 [ 29.627068] kunit_try_run_case+0x1a5/0x480 [ 29.627349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.627650] kthread+0x337/0x6f0 [ 29.627783] ret_from_fork+0x116/0x1d0 [ 29.628130] ret_from_fork_asm+0x1a/0x30 [ 29.628394] [ 29.628471] The buggy address belongs to the object at ffff888106038600 [ 29.628471] which belongs to the cache kmalloc-64 of size 64 [ 29.629070] The buggy address is located 0 bytes to the right of [ 29.629070] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.629619] [ 29.630103] The buggy address belongs to the physical page: [ 29.630379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.630728] flags: 0x200000000000000(node=0|zone=2) [ 29.631603] page_type: f5(slab) [ 29.631773] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.632442] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.632759] page dumped because: kasan: bad access detected [ 29.633138] [ 29.633237] Memory state around the buggy address: [ 29.633464] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.633772] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.634233] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.634511] ^ [ 29.634748] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.635279] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.635615] ================================================================== [ 29.657015] ================================================================== [ 29.657362] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 29.657743] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.658227] [ 29.658330] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.658424] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.658441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.658464] Call Trace: [ 29.658483] <TASK> [ 29.658501] dump_stack_lvl+0x73/0xb0 [ 29.658563] print_report+0xd1/0x640 [ 29.658601] ? __virt_addr_valid+0x1db/0x2d0 [ 29.658625] ? kasan_atomics_helper+0x8f9/0x5450 [ 29.658647] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.658706] ? kasan_atomics_helper+0x8f9/0x5450 [ 29.658731] kasan_report+0x141/0x180 [ 29.658755] ? kasan_atomics_helper+0x8f9/0x5450 [ 29.658781] kasan_check_range+0x10c/0x1c0 [ 29.658903] __kasan_check_write+0x18/0x20 [ 29.658937] kasan_atomics_helper+0x8f9/0x5450 [ 29.658961] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.658984] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.659010] ? kasan_atomics+0x152/0x310 [ 29.659037] kasan_atomics+0x1dc/0x310 [ 29.659061] ? __pfx_kasan_atomics+0x10/0x10 [ 29.659085] ? __pfx_read_tsc+0x10/0x10 [ 29.659108] ? ktime_get_ts64+0x86/0x230 [ 29.659133] kunit_try_run_case+0x1a5/0x480 [ 29.659190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.659214] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.659240] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.659273] ? __kthread_parkme+0x82/0x180 [ 29.659293] ? preempt_count_sub+0x50/0x80 [ 29.659344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.659369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.659418] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.659466] kthread+0x337/0x6f0 [ 29.659486] ? trace_preempt_on+0x20/0xc0 [ 29.659534] ? __pfx_kthread+0x10/0x10 [ 29.659557] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.659619] ? calculate_sigpending+0x7b/0xa0 [ 29.659643] ? __pfx_kthread+0x10/0x10 [ 29.659666] ret_from_fork+0x116/0x1d0 [ 29.659686] ? __pfx_kthread+0x10/0x10 [ 29.659707] ret_from_fork_asm+0x1a/0x30 [ 29.659740] </TASK> [ 29.659751] [ 29.668945] Allocated by task 313: [ 29.669167] kasan_save_stack+0x45/0x70 [ 29.669383] kasan_save_track+0x18/0x40 [ 29.669586] kasan_save_alloc_info+0x3b/0x50 [ 29.669898] __kasan_kmalloc+0xb7/0xc0 [ 29.670119] __kmalloc_cache_noprof+0x189/0x420 [ 29.670335] kasan_atomics+0x95/0x310 [ 29.670521] kunit_try_run_case+0x1a5/0x480 [ 29.670685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.670850] kthread+0x337/0x6f0 [ 29.671101] ret_from_fork+0x116/0x1d0 [ 29.671426] ret_from_fork_asm+0x1a/0x30 [ 29.671759] [ 29.671924] The buggy address belongs to the object at ffff888106038600 [ 29.671924] which belongs to the cache kmalloc-64 of size 64 [ 29.672706] The buggy address is located 0 bytes to the right of [ 29.672706] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.673431] [ 29.673566] The buggy address belongs to the physical page: [ 29.673865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.674462] flags: 0x200000000000000(node=0|zone=2) [ 29.674758] page_type: f5(slab) [ 29.674898] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.675424] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.675786] page dumped because: kasan: bad access detected [ 29.675988] [ 29.676292] Memory state around the buggy address: [ 29.676508] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.676772] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.677126] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.677324] ^ [ 29.677469] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.678051] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.678408] ================================================================== [ 30.015108] ================================================================== [ 30.015782] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 30.016466] Read of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.016885] [ 30.017021] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.017087] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.017202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.017232] Call Trace: [ 30.017255] <TASK> [ 30.017277] dump_stack_lvl+0x73/0xb0 [ 30.017310] print_report+0xd1/0x640 [ 30.017334] ? __virt_addr_valid+0x1db/0x2d0 [ 30.017369] ? kasan_atomics_helper+0x4a1c/0x5450 [ 30.017392] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.017419] ? kasan_atomics_helper+0x4a1c/0x5450 [ 30.017441] kasan_report+0x141/0x180 [ 30.017464] ? kasan_atomics_helper+0x4a1c/0x5450 [ 30.017491] __asan_report_load4_noabort+0x18/0x20 [ 30.017517] kasan_atomics_helper+0x4a1c/0x5450 [ 30.017540] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.017563] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.017599] ? kasan_atomics+0x152/0x310 [ 30.017626] kasan_atomics+0x1dc/0x310 [ 30.017650] ? __pfx_kasan_atomics+0x10/0x10 [ 30.017675] ? __pfx_read_tsc+0x10/0x10 [ 30.017698] ? ktime_get_ts64+0x86/0x230 [ 30.017725] kunit_try_run_case+0x1a5/0x480 [ 30.017753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.017776] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.017843] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.017869] ? __kthread_parkme+0x82/0x180 [ 30.017891] ? preempt_count_sub+0x50/0x80 [ 30.017915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.017940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.017965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.017990] kthread+0x337/0x6f0 [ 30.018012] ? trace_preempt_on+0x20/0xc0 [ 30.018038] ? __pfx_kthread+0x10/0x10 [ 30.018058] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.018083] ? calculate_sigpending+0x7b/0xa0 [ 30.018108] ? __pfx_kthread+0x10/0x10 [ 30.018130] ret_from_fork+0x116/0x1d0 [ 30.018150] ? __pfx_kthread+0x10/0x10 [ 30.018171] ret_from_fork_asm+0x1a/0x30 [ 30.018205] </TASK> [ 30.018218] [ 30.030365] Allocated by task 313: [ 30.030606] kasan_save_stack+0x45/0x70 [ 30.031046] kasan_save_track+0x18/0x40 [ 30.031271] kasan_save_alloc_info+0x3b/0x50 [ 30.031469] __kasan_kmalloc+0xb7/0xc0 [ 30.031652] __kmalloc_cache_noprof+0x189/0x420 [ 30.032081] kasan_atomics+0x95/0x310 [ 30.032384] kunit_try_run_case+0x1a5/0x480 [ 30.032792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.033241] kthread+0x337/0x6f0 [ 30.033430] ret_from_fork+0x116/0x1d0 [ 30.033618] ret_from_fork_asm+0x1a/0x30 [ 30.034020] [ 30.034116] The buggy address belongs to the object at ffff888106038600 [ 30.034116] which belongs to the cache kmalloc-64 of size 64 [ 30.034999] The buggy address is located 0 bytes to the right of [ 30.034999] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.035662] [ 30.035760] The buggy address belongs to the physical page: [ 30.036230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.036737] flags: 0x200000000000000(node=0|zone=2) [ 30.036963] page_type: f5(slab) [ 30.037225] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.037538] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.037801] page dumped because: kasan: bad access detected [ 30.038114] [ 30.038235] Memory state around the buggy address: [ 30.038426] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.038769] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.039040] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.039246] ^ [ 30.039483] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.039758] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.040226] ================================================================== [ 30.577184] ================================================================== [ 30.577535] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 30.577902] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.578124] [ 30.578208] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.578261] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.578276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.578300] Call Trace: [ 30.578321] <TASK> [ 30.578342] dump_stack_lvl+0x73/0xb0 [ 30.578370] print_report+0xd1/0x640 [ 30.578393] ? __virt_addr_valid+0x1db/0x2d0 [ 30.578418] ? kasan_atomics_helper+0x1c18/0x5450 [ 30.578440] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.578466] ? kasan_atomics_helper+0x1c18/0x5450 [ 30.578491] kasan_report+0x141/0x180 [ 30.578515] ? kasan_atomics_helper+0x1c18/0x5450 [ 30.578543] kasan_check_range+0x10c/0x1c0 [ 30.578567] __kasan_check_write+0x18/0x20 [ 30.578602] kasan_atomics_helper+0x1c18/0x5450 [ 30.578625] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.578694] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.578741] ? kasan_atomics+0x152/0x310 [ 30.578776] kasan_atomics+0x1dc/0x310 [ 30.578801] ? __pfx_kasan_atomics+0x10/0x10 [ 30.578825] ? __pfx_read_tsc+0x10/0x10 [ 30.578850] ? ktime_get_ts64+0x86/0x230 [ 30.578876] kunit_try_run_case+0x1a5/0x480 [ 30.578901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.578925] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.578951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.578977] ? __kthread_parkme+0x82/0x180 [ 30.578998] ? preempt_count_sub+0x50/0x80 [ 30.579023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.579048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.579073] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.579097] kthread+0x337/0x6f0 [ 30.579118] ? trace_preempt_on+0x20/0xc0 [ 30.579143] ? __pfx_kthread+0x10/0x10 [ 30.579164] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.579188] ? calculate_sigpending+0x7b/0xa0 [ 30.579213] ? __pfx_kthread+0x10/0x10 [ 30.579235] ret_from_fork+0x116/0x1d0 [ 30.579263] ? __pfx_kthread+0x10/0x10 [ 30.579285] ret_from_fork_asm+0x1a/0x30 [ 30.579318] </TASK> [ 30.579331] [ 30.594561] Allocated by task 313: [ 30.594734] kasan_save_stack+0x45/0x70 [ 30.595091] kasan_save_track+0x18/0x40 [ 30.595282] kasan_save_alloc_info+0x3b/0x50 [ 30.595493] __kasan_kmalloc+0xb7/0xc0 [ 30.595690] __kmalloc_cache_noprof+0x189/0x420 [ 30.595868] kasan_atomics+0x95/0x310 [ 30.595997] kunit_try_run_case+0x1a5/0x480 [ 30.596197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.596686] kthread+0x337/0x6f0 [ 30.596864] ret_from_fork+0x116/0x1d0 [ 30.597601] ret_from_fork_asm+0x1a/0x30 [ 30.598099] [ 30.598280] The buggy address belongs to the object at ffff888106038600 [ 30.598280] which belongs to the cache kmalloc-64 of size 64 [ 30.599311] The buggy address is located 0 bytes to the right of [ 30.599311] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.600392] [ 30.600563] The buggy address belongs to the physical page: [ 30.601067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.601321] flags: 0x200000000000000(node=0|zone=2) [ 30.601906] page_type: f5(slab) [ 30.602325] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.603098] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.603727] page dumped because: kasan: bad access detected [ 30.604277] [ 30.604423] Memory state around the buggy address: [ 30.604586] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.604961] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.605613] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.606307] ^ [ 30.606853] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.607479] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.607701] ================================================================== [ 30.801755] ================================================================== [ 30.802378] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 30.802711] Write of size 8 at addr ffff888106038630 by task kunit_try_catch/313 [ 30.803205] [ 30.803402] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 30.803743] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 30.803761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.803796] Call Trace: [ 30.803815] <TASK> [ 30.803834] dump_stack_lvl+0x73/0xb0 [ 30.803865] print_report+0xd1/0x640 [ 30.803955] ? __virt_addr_valid+0x1db/0x2d0 [ 30.804055] ? kasan_atomics_helper+0x2006/0x5450 [ 30.804092] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.804119] ? kasan_atomics_helper+0x2006/0x5450 [ 30.804142] kasan_report+0x141/0x180 [ 30.804166] ? kasan_atomics_helper+0x2006/0x5450 [ 30.804193] kasan_check_range+0x10c/0x1c0 [ 30.804218] __kasan_check_write+0x18/0x20 [ 30.804242] kasan_atomics_helper+0x2006/0x5450 [ 30.804266] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.804288] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.804313] ? kasan_atomics+0x152/0x310 [ 30.804340] kasan_atomics+0x1dc/0x310 [ 30.804362] ? __pfx_kasan_atomics+0x10/0x10 [ 30.804387] ? __pfx_read_tsc+0x10/0x10 [ 30.804410] ? ktime_get_ts64+0x86/0x230 [ 30.804436] kunit_try_run_case+0x1a5/0x480 [ 30.804461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.804484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.804510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.804536] ? __kthread_parkme+0x82/0x180 [ 30.804557] ? preempt_count_sub+0x50/0x80 [ 30.804590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.804615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.804639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.804665] kthread+0x337/0x6f0 [ 30.804685] ? trace_preempt_on+0x20/0xc0 [ 30.804709] ? __pfx_kthread+0x10/0x10 [ 30.804731] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.804755] ? calculate_sigpending+0x7b/0xa0 [ 30.804779] ? __pfx_kthread+0x10/0x10 [ 30.804801] ret_from_fork+0x116/0x1d0 [ 30.804822] ? __pfx_kthread+0x10/0x10 [ 30.804843] ret_from_fork_asm+0x1a/0x30 [ 30.804875] </TASK> [ 30.804886] [ 30.815421] Allocated by task 313: [ 30.815636] kasan_save_stack+0x45/0x70 [ 30.815839] kasan_save_track+0x18/0x40 [ 30.816334] kasan_save_alloc_info+0x3b/0x50 [ 30.816558] __kasan_kmalloc+0xb7/0xc0 [ 30.816713] __kmalloc_cache_noprof+0x189/0x420 [ 30.817199] kasan_atomics+0x95/0x310 [ 30.817346] kunit_try_run_case+0x1a5/0x480 [ 30.817753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.818103] kthread+0x337/0x6f0 [ 30.818280] ret_from_fork+0x116/0x1d0 [ 30.818585] ret_from_fork_asm+0x1a/0x30 [ 30.818777] [ 30.818872] The buggy address belongs to the object at ffff888106038600 [ 30.818872] which belongs to the cache kmalloc-64 of size 64 [ 30.819881] The buggy address is located 0 bytes to the right of [ 30.819881] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 30.820715] [ 30.820800] The buggy address belongs to the physical page: [ 30.821228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 30.821696] flags: 0x200000000000000(node=0|zone=2) [ 30.821932] page_type: f5(slab) [ 30.822313] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.822752] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.823326] page dumped because: kasan: bad access detected [ 30.823590] [ 30.823662] Memory state around the buggy address: [ 30.823891] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.824450] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.824760] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.825223] ^ [ 30.825448] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.825896] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.826287] ================================================================== [ 29.636276] ================================================================== [ 29.636602] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 29.636936] Write of size 4 at addr ffff888106038630 by task kunit_try_catch/313 [ 29.637409] [ 29.637513] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.637611] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.637628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.637650] Call Trace: [ 29.637669] <TASK> [ 29.637686] dump_stack_lvl+0x73/0xb0 [ 29.637715] print_report+0xd1/0x640 [ 29.637772] ? __virt_addr_valid+0x1db/0x2d0 [ 29.637798] ? kasan_atomics_helper+0x860/0x5450 [ 29.637822] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.638042] ? kasan_atomics_helper+0x860/0x5450 [ 29.638068] kasan_report+0x141/0x180 [ 29.638092] ? kasan_atomics_helper+0x860/0x5450 [ 29.638120] kasan_check_range+0x10c/0x1c0 [ 29.638176] __kasan_check_write+0x18/0x20 [ 29.638199] kasan_atomics_helper+0x860/0x5450 [ 29.638223] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.638246] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.638271] ? kasan_atomics+0x152/0x310 [ 29.638329] kasan_atomics+0x1dc/0x310 [ 29.638353] ? __pfx_kasan_atomics+0x10/0x10 [ 29.638377] ? __pfx_read_tsc+0x10/0x10 [ 29.638400] ? ktime_get_ts64+0x86/0x230 [ 29.638425] kunit_try_run_case+0x1a5/0x480 [ 29.638478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.638503] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.638529] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.638557] ? __kthread_parkme+0x82/0x180 [ 29.638591] ? preempt_count_sub+0x50/0x80 [ 29.638615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.638641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.638665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.638720] kthread+0x337/0x6f0 [ 29.638766] ? trace_preempt_on+0x20/0xc0 [ 29.638806] ? __pfx_kthread+0x10/0x10 [ 29.638828] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.638853] ? calculate_sigpending+0x7b/0xa0 [ 29.638877] ? __pfx_kthread+0x10/0x10 [ 29.638899] ret_from_fork+0x116/0x1d0 [ 29.638920] ? __pfx_kthread+0x10/0x10 [ 29.638993] ret_from_fork_asm+0x1a/0x30 [ 29.639027] </TASK> [ 29.639039] [ 29.647518] Allocated by task 313: [ 29.647717] kasan_save_stack+0x45/0x70 [ 29.648145] kasan_save_track+0x18/0x40 [ 29.648314] kasan_save_alloc_info+0x3b/0x50 [ 29.648596] __kasan_kmalloc+0xb7/0xc0 [ 29.648830] __kmalloc_cache_noprof+0x189/0x420 [ 29.649288] kasan_atomics+0x95/0x310 [ 29.649638] kunit_try_run_case+0x1a5/0x480 [ 29.649827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.650131] kthread+0x337/0x6f0 [ 29.650254] ret_from_fork+0x116/0x1d0 [ 29.650381] ret_from_fork_asm+0x1a/0x30 [ 29.650552] [ 29.650653] The buggy address belongs to the object at ffff888106038600 [ 29.650653] which belongs to the cache kmalloc-64 of size 64 [ 29.651365] The buggy address is located 0 bytes to the right of [ 29.651365] allocated 48-byte region [ffff888106038600, ffff888106038630) [ 29.652164] [ 29.652303] The buggy address belongs to the physical page: [ 29.652559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 29.653040] flags: 0x200000000000000(node=0|zone=2) [ 29.653204] page_type: f5(slab) [ 29.653321] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.653569] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.653913] page dumped because: kasan: bad access detected [ 29.654157] [ 29.654246] Memory state around the buggy address: [ 29.654448] ffff888106038500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.654795] ffff888106038580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.655007] >ffff888106038600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.655207] ^ [ 29.655360] ffff888106038680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.656046] ffff888106038700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.656448] ==================================================================