Date
July 25, 2025, 3:13 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 35.161971] ================================================================== [ 35.162024] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 35.162489] Read of size 4 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.162786] [ 35.162823] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.162994] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.163085] Hardware name: linux,dummy-virt (DT) [ 35.163435] Call trace: [ 35.163497] show_stack+0x20/0x38 (C) [ 35.163625] dump_stack_lvl+0x8c/0xd0 [ 35.163743] print_report+0x118/0x5e8 [ 35.163849] kasan_report+0xdc/0x128 [ 35.164231] __asan_report_load4_noabort+0x20/0x30 [ 35.164318] kasan_atomics_helper+0x3dd8/0x4858 [ 35.164631] kasan_atomics+0x198/0x2e0 [ 35.164756] kunit_try_run_case+0x170/0x3f0 [ 35.164871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.165032] kthread+0x328/0x630 [ 35.165268] ret_from_fork+0x10/0x20 [ 35.165502] [ 35.165555] Allocated by task 297: [ 35.165605] kasan_save_stack+0x3c/0x68 [ 35.166010] kasan_save_track+0x20/0x40 [ 35.166250] kasan_save_alloc_info+0x40/0x58 [ 35.166406] __kasan_kmalloc+0xd4/0xd8 [ 35.166714] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.166842] kasan_atomics+0xb8/0x2e0 [ 35.167020] kunit_try_run_case+0x170/0x3f0 [ 35.167159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.167274] kthread+0x328/0x630 [ 35.167531] ret_from_fork+0x10/0x20 [ 35.167775] [ 35.167820] The buggy address belongs to the object at fff00000c9a5e780 [ 35.167820] which belongs to the cache kmalloc-64 of size 64 [ 35.167910] The buggy address is located 0 bytes to the right of [ 35.167910] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.167979] [ 35.168016] The buggy address belongs to the physical page: [ 35.168193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.168261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.168313] page_type: f5(slab) [ 35.168652] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.168784] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.169286] page dumped because: kasan: bad access detected [ 35.169403] [ 35.169424] Memory state around the buggy address: [ 35.169461] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.169515] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.169989] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.170282] ^ [ 35.170378] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.170540] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.170589] ================================================================== [ 35.052836] ================================================================== [ 35.052902] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 35.052959] Read of size 4 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.053137] [ 35.053298] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.053694] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.053893] Hardware name: linux,dummy-virt (DT) [ 35.054061] Call trace: [ 35.054091] show_stack+0x20/0x38 (C) [ 35.054147] dump_stack_lvl+0x8c/0xd0 [ 35.054477] print_report+0x118/0x5e8 [ 35.054551] kasan_report+0xdc/0x128 [ 35.055004] __asan_report_load4_noabort+0x20/0x30 [ 35.055241] kasan_atomics_helper+0x42d8/0x4858 [ 35.055442] kasan_atomics+0x198/0x2e0 [ 35.055565] kunit_try_run_case+0x170/0x3f0 [ 35.055658] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.055726] kthread+0x328/0x630 [ 35.055769] ret_from_fork+0x10/0x20 [ 35.055820] [ 35.055845] Allocated by task 297: [ 35.055888] kasan_save_stack+0x3c/0x68 [ 35.055931] kasan_save_track+0x20/0x40 [ 35.055967] kasan_save_alloc_info+0x40/0x58 [ 35.056008] __kasan_kmalloc+0xd4/0xd8 [ 35.056045] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.056089] kasan_atomics+0xb8/0x2e0 [ 35.056126] kunit_try_run_case+0x170/0x3f0 [ 35.056177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.056222] kthread+0x328/0x630 [ 35.056255] ret_from_fork+0x10/0x20 [ 35.056300] [ 35.056324] The buggy address belongs to the object at fff00000c9a5e780 [ 35.056324] which belongs to the cache kmalloc-64 of size 64 [ 35.056383] The buggy address is located 0 bytes to the right of [ 35.056383] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.057505] page dumped because: kasan: bad access detected [ 35.057671] [ 35.057870] Memory state around the buggy address: [ 35.058090] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.059104] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.061600] [ 35.062438] Hardware name: linux,dummy-virt (DT) [ 35.063850] kasan_atomics+0x198/0x2e0 [ 35.066600] [ 35.066658] The buggy address belongs to the object at fff00000c9a5e780 [ 35.066658] which belongs to the cache kmalloc-64 of size 64 [ 35.067036] The buggy address is located 0 bytes to the right of [ 35.067036] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.067314] [ 35.067532] The buggy address belongs to the physical page: [ 35.067727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.067870] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.068008] page_type: f5(slab) [ 35.068083] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.068170] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.068259] page dumped because: kasan: bad access detected [ 35.068406] [ 35.068442] Memory state around the buggy address: [ 35.068670] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.068735] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.068805] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.068846] ^ [ 35.068895] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.068942] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.068982] ================================================================== [ 35.381588] ================================================================== [ 35.381769] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 35.381855] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.381908] [ 35.382227] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.382344] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.382379] Hardware name: linux,dummy-virt (DT) [ 35.382872] Call trace: [ 35.383219] show_stack+0x20/0x38 (C) [ 35.383288] dump_stack_lvl+0x8c/0xd0 [ 35.383374] print_report+0x118/0x5e8 [ 35.383458] kasan_report+0xdc/0x128 [ 35.383540] kasan_check_range+0x100/0x1a8 [ 35.383628] __kasan_check_write+0x20/0x30 [ 35.384013] kasan_atomics_helper+0x147c/0x4858 [ 35.384538] kasan_atomics+0x198/0x2e0 [ 35.384649] kunit_try_run_case+0x170/0x3f0 [ 35.384734] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.384909] kthread+0x328/0x630 [ 35.384984] ret_from_fork+0x10/0x20 [ 35.385063] [ 35.385107] Allocated by task 297: [ 35.385164] kasan_save_stack+0x3c/0x68 [ 35.385208] kasan_save_track+0x20/0x40 [ 35.385254] kasan_save_alloc_info+0x40/0x58 [ 35.385295] __kasan_kmalloc+0xd4/0xd8 [ 35.385332] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.385376] kasan_atomics+0xb8/0x2e0 [ 35.385437] kunit_try_run_case+0x170/0x3f0 [ 35.385478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.385523] kthread+0x328/0x630 [ 35.385559] ret_from_fork+0x10/0x20 [ 35.385597] [ 35.385628] The buggy address belongs to the object at fff00000c9a5e780 [ 35.385628] which belongs to the cache kmalloc-64 of size 64 [ 35.385702] The buggy address is located 0 bytes to the right of [ 35.385702] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.385777] [ 35.385800] The buggy address belongs to the physical page: [ 35.385845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.385903] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.385952] page_type: f5(slab) [ 35.385993] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.386043] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.386085] page dumped because: kasan: bad access detected [ 35.386118] [ 35.386141] Memory state around the buggy address: [ 35.386175] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.386235] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.386281] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.386330] ^ [ 35.386387] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.386435] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.386475] ================================================================== [ 35.287024] ================================================================== [ 35.287142] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 35.287229] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.287290] [ 35.287557] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.287997] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.288433] Hardware name: linux,dummy-virt (DT) [ 35.288908] Call trace: [ 35.288965] show_stack+0x20/0x38 (C) [ 35.289144] dump_stack_lvl+0x8c/0xd0 [ 35.289742] print_report+0x118/0x5e8 [ 35.289950] kasan_report+0xdc/0x128 [ 35.290004] kasan_check_range+0x100/0x1a8 [ 35.290052] __kasan_check_write+0x20/0x30 [ 35.290692] kasan_atomics_helper+0x10c0/0x4858 [ 35.290784] kasan_atomics+0x198/0x2e0 [ 35.290925] kunit_try_run_case+0x170/0x3f0 [ 35.291031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.291181] kthread+0x328/0x630 [ 35.291229] ret_from_fork+0x10/0x20 [ 35.291280] [ 35.291312] Allocated by task 297: [ 35.291668] kasan_save_stack+0x3c/0x68 [ 35.291938] kasan_save_track+0x20/0x40 [ 35.292189] kasan_save_alloc_info+0x40/0x58 [ 35.292281] __kasan_kmalloc+0xd4/0xd8 [ 35.292353] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.292683] kasan_atomics+0xb8/0x2e0 [ 35.292770] kunit_try_run_case+0x170/0x3f0 [ 35.292813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.293175] kthread+0x328/0x630 [ 35.293605] ret_from_fork+0x10/0x20 [ 35.293744] [ 35.293791] The buggy address belongs to the object at fff00000c9a5e780 [ 35.293791] which belongs to the cache kmalloc-64 of size 64 [ 35.294055] The buggy address is located 0 bytes to the right of [ 35.294055] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.294254] [ 35.294292] The buggy address belongs to the physical page: [ 35.294560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.294801] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.294932] page_type: f5(slab) [ 35.295446] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.295573] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.295704] page dumped because: kasan: bad access detected [ 35.295780] [ 35.295905] Memory state around the buggy address: [ 35.295942] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.295988] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.296033] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.296502] ^ [ 35.296572] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.297073] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.297217] ================================================================== [ 35.239848] ================================================================== [ 35.240290] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 35.241249] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.241322] [ 35.241396] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.241499] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.241533] Hardware name: linux,dummy-virt (DT) [ 35.241575] Call trace: [ 35.241614] show_stack+0x20/0x38 (C) [ 35.241789] dump_stack_lvl+0x8c/0xd0 [ 35.242038] print_report+0x118/0x5e8 [ 35.242111] kasan_report+0xdc/0x128 [ 35.242201] kasan_check_range+0x100/0x1a8 [ 35.242278] __kasan_check_write+0x20/0x30 [ 35.242328] kasan_atomics_helper+0xeb8/0x4858 [ 35.242695] kasan_atomics+0x198/0x2e0 [ 35.242926] kunit_try_run_case+0x170/0x3f0 [ 35.243307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.243443] kthread+0x328/0x630 [ 35.243493] ret_from_fork+0x10/0x20 [ 35.243565] [ 35.243589] Allocated by task 297: [ 35.243623] kasan_save_stack+0x3c/0x68 [ 35.243986] kasan_save_track+0x20/0x40 [ 35.244218] kasan_save_alloc_info+0x40/0x58 [ 35.244352] __kasan_kmalloc+0xd4/0xd8 [ 35.244922] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.245129] kasan_atomics+0xb8/0x2e0 [ 35.245354] kunit_try_run_case+0x170/0x3f0 [ 35.245409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.245837] kthread+0x328/0x630 [ 35.246061] ret_from_fork+0x10/0x20 [ 35.246340] [ 35.246578] The buggy address belongs to the object at fff00000c9a5e780 [ 35.246578] which belongs to the cache kmalloc-64 of size 64 [ 35.246903] The buggy address is located 0 bytes to the right of [ 35.246903] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.247074] [ 35.247294] The buggy address belongs to the physical page: [ 35.247364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.247442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.247504] page_type: f5(slab) [ 35.247552] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.247603] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.247658] page dumped because: kasan: bad access detected [ 35.247701] [ 35.247725] Memory state around the buggy address: [ 35.247768] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.247839] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.247886] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.247927] ^ [ 35.247962] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.248016] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.248065] ================================================================== [ 35.229295] ================================================================== [ 35.229378] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 35.229437] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.229707] [ 35.229994] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.230099] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.230134] Hardware name: linux,dummy-virt (DT) [ 35.230353] Call trace: [ 35.230805] show_stack+0x20/0x38 (C) [ 35.230988] dump_stack_lvl+0x8c/0xd0 [ 35.231276] print_report+0x118/0x5e8 [ 35.231358] kasan_report+0xdc/0x128 [ 35.231599] __asan_report_store8_noabort+0x20/0x30 [ 35.231913] kasan_atomics_helper+0x3e5c/0x4858 [ 35.232329] kasan_atomics+0x198/0x2e0 [ 35.232605] kunit_try_run_case+0x170/0x3f0 [ 35.232809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.233190] kthread+0x328/0x630 [ 35.233305] ret_from_fork+0x10/0x20 [ 35.233715] [ 35.233748] Allocated by task 297: [ 35.233798] kasan_save_stack+0x3c/0x68 [ 35.234215] kasan_save_track+0x20/0x40 [ 35.234279] kasan_save_alloc_info+0x40/0x58 [ 35.234322] __kasan_kmalloc+0xd4/0xd8 [ 35.234360] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.234407] kasan_atomics+0xb8/0x2e0 [ 35.234999] kunit_try_run_case+0x170/0x3f0 [ 35.235082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.235247] kthread+0x328/0x630 [ 35.235632] ret_from_fork+0x10/0x20 [ 35.235839] [ 35.235921] The buggy address belongs to the object at fff00000c9a5e780 [ 35.235921] which belongs to the cache kmalloc-64 of size 64 [ 35.236048] The buggy address is located 0 bytes to the right of [ 35.236048] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.236505] [ 35.236560] The buggy address belongs to the physical page: [ 35.236928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.237329] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.237764] page_type: f5(slab) [ 35.237903] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.237966] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.238025] page dumped because: kasan: bad access detected [ 35.238069] [ 35.238092] Memory state around the buggy address: [ 35.238136] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.238200] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.238265] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.238307] ^ [ 35.238343] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.238387] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.238437] ================================================================== [ 35.361401] ================================================================== [ 35.361485] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 35.361624] Read of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.361694] [ 35.361737] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.362164] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.362222] Hardware name: linux,dummy-virt (DT) [ 35.362269] Call trace: [ 35.362295] show_stack+0x20/0x38 (C) [ 35.363232] dump_stack_lvl+0x8c/0xd0 [ 35.363327] print_report+0x118/0x5e8 [ 35.363404] kasan_report+0xdc/0x128 [ 35.363480] __asan_report_load8_noabort+0x20/0x30 [ 35.363797] kasan_atomics_helper+0x3f04/0x4858 [ 35.364234] kasan_atomics+0x198/0x2e0 [ 35.364346] kunit_try_run_case+0x170/0x3f0 [ 35.365039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.365627] kthread+0x328/0x630 [ 35.366276] ret_from_fork+0x10/0x20 [ 35.366976] [ 35.367049] Allocated by task 297: [ 35.367123] kasan_save_stack+0x3c/0x68 [ 35.367172] kasan_save_track+0x20/0x40 [ 35.367211] kasan_save_alloc_info+0x40/0x58 [ 35.367251] __kasan_kmalloc+0xd4/0xd8 [ 35.367674] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.368107] kasan_atomics+0xb8/0x2e0 [ 35.368172] kunit_try_run_case+0x170/0x3f0 [ 35.368215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.368569] kthread+0x328/0x630 [ 35.368799] ret_from_fork+0x10/0x20 [ 35.368946] [ 35.369066] The buggy address belongs to the object at fff00000c9a5e780 [ 35.369066] which belongs to the cache kmalloc-64 of size 64 [ 35.369134] The buggy address is located 0 bytes to the right of [ 35.369134] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.369199] [ 35.369251] The buggy address belongs to the physical page: [ 35.369290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.369358] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.369426] page_type: f5(slab) [ 35.369480] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.369539] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.369580] page dumped because: kasan: bad access detected [ 35.369614] [ 35.369667] Memory state around the buggy address: [ 35.369710] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.369777] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.369831] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.369879] ^ [ 35.369930] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.369984] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.370033] ================================================================== [ 35.426281] ================================================================== [ 35.426806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 35.426887] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.426940] [ 35.427059] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.427278] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.427333] Hardware name: linux,dummy-virt (DT) [ 35.427384] Call trace: [ 35.427440] show_stack+0x20/0x38 (C) [ 35.427753] dump_stack_lvl+0x8c/0xd0 [ 35.428360] print_report+0x118/0x5e8 [ 35.428446] kasan_report+0xdc/0x128 [ 35.428655] kasan_check_range+0x100/0x1a8 [ 35.428987] __kasan_check_write+0x20/0x30 [ 35.429219] kasan_atomics_helper+0x1644/0x4858 [ 35.429282] kasan_atomics+0x198/0x2e0 [ 35.429358] kunit_try_run_case+0x170/0x3f0 [ 35.429409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.429480] kthread+0x328/0x630 [ 35.429534] ret_from_fork+0x10/0x20 [ 35.429584] [ 35.429609] Allocated by task 297: [ 35.430077] kasan_save_stack+0x3c/0x68 [ 35.430150] kasan_save_track+0x20/0x40 [ 35.430672] kasan_save_alloc_info+0x40/0x58 [ 35.430979] __kasan_kmalloc+0xd4/0xd8 [ 35.431177] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.431530] kasan_atomics+0xb8/0x2e0 [ 35.431693] kunit_try_run_case+0x170/0x3f0 [ 35.431822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.431872] kthread+0x328/0x630 [ 35.431909] ret_from_fork+0x10/0x20 [ 35.431955] [ 35.431979] The buggy address belongs to the object at fff00000c9a5e780 [ 35.431979] which belongs to the cache kmalloc-64 of size 64 [ 35.432625] The buggy address is located 0 bytes to the right of [ 35.432625] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.432745] [ 35.432799] The buggy address belongs to the physical page: [ 35.433097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.433495] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.433720] page_type: f5(slab) [ 35.433845] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.434078] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.434415] page dumped because: kasan: bad access detected [ 35.434494] [ 35.434564] Memory state around the buggy address: [ 35.434912] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.435102] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.435150] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.435526] ^ [ 35.435619] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.435725] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.435785] ================================================================== [ 35.417405] ================================================================== [ 35.417691] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 35.417824] Read of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.417913] [ 35.417950] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.418037] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.418071] Hardware name: linux,dummy-virt (DT) [ 35.418104] Call trace: [ 35.418130] show_stack+0x20/0x38 (C) [ 35.418182] dump_stack_lvl+0x8c/0xd0 [ 35.418231] print_report+0x118/0x5e8 [ 35.418279] kasan_report+0xdc/0x128 [ 35.418324] __asan_report_load8_noabort+0x20/0x30 [ 35.418374] kasan_atomics_helper+0x3db0/0x4858 [ 35.418535] kasan_atomics+0x198/0x2e0 [ 35.418595] kunit_try_run_case+0x170/0x3f0 [ 35.418659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.418714] kthread+0x328/0x630 [ 35.418779] ret_from_fork+0x10/0x20 [ 35.418842] [ 35.418876] Allocated by task 297: [ 35.418909] kasan_save_stack+0x3c/0x68 [ 35.419886] kasan_save_track+0x20/0x40 [ 35.419974] kasan_save_alloc_info+0x40/0x58 [ 35.420570] __kasan_kmalloc+0xd4/0xd8 [ 35.420792] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.421219] kasan_atomics+0xb8/0x2e0 [ 35.421327] kunit_try_run_case+0x170/0x3f0 [ 35.421431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.421523] kthread+0x328/0x630 [ 35.421869] ret_from_fork+0x10/0x20 [ 35.422200] [ 35.422400] The buggy address belongs to the object at fff00000c9a5e780 [ 35.422400] which belongs to the cache kmalloc-64 of size 64 [ 35.422469] The buggy address is located 0 bytes to the right of [ 35.422469] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.422786] [ 35.423119] The buggy address belongs to the physical page: [ 35.423204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.423324] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.423470] page_type: f5(slab) [ 35.423605] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.423735] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.424090] page dumped because: kasan: bad access detected [ 35.424160] [ 35.424208] Memory state around the buggy address: [ 35.424339] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.424426] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.424479] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.424519] ^ [ 35.424715] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.424783] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.424942] ================================================================== [ 34.903792] ================================================================== [ 34.903861] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858 [ 34.903917] Read of size 4 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 34.904342] [ 34.904394] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 34.905922] kasan_atomics+0x198/0x2e0 [ 34.906925] kasan_save_track+0x20/0x40 [ 34.909004] The buggy address is located 0 bytes to the right of [ 34.909004] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 34.909634] [ 34.909759] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.912867] ================================================================== [ 35.248996] ================================================================== [ 35.249050] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 35.249608] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.249705] [ 35.249888] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.250242] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.250333] Hardware name: linux,dummy-virt (DT) [ 35.250371] Call trace: [ 35.250397] show_stack+0x20/0x38 (C) [ 35.250470] dump_stack_lvl+0x8c/0xd0 [ 35.250631] print_report+0x118/0x5e8 [ 35.250799] kasan_report+0xdc/0x128 [ 35.250852] kasan_check_range+0x100/0x1a8 [ 35.251024] __kasan_check_write+0x20/0x30 [ 35.251323] kasan_atomics_helper+0xf20/0x4858 [ 35.251452] kasan_atomics+0x198/0x2e0 [ 35.251542] kunit_try_run_case+0x170/0x3f0 [ 35.251917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.252312] kthread+0x328/0x630 [ 35.252525] ret_from_fork+0x10/0x20 [ 35.252776] [ 35.252827] Allocated by task 297: [ 35.252864] kasan_save_stack+0x3c/0x68 [ 35.253332] kasan_save_track+0x20/0x40 [ 35.253537] kasan_save_alloc_info+0x40/0x58 [ 35.253979] __kasan_kmalloc+0xd4/0xd8 [ 35.254150] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.254319] kasan_atomics+0xb8/0x2e0 [ 35.254517] kunit_try_run_case+0x170/0x3f0 [ 35.254665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.254925] kthread+0x328/0x630 [ 35.254991] ret_from_fork+0x10/0x20 [ 35.255170] [ 35.255487] The buggy address belongs to the object at fff00000c9a5e780 [ 35.255487] which belongs to the cache kmalloc-64 of size 64 [ 35.255589] The buggy address is located 0 bytes to the right of [ 35.255589] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.255666] [ 35.255689] The buggy address belongs to the physical page: [ 35.255887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.256376] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.256471] page_type: f5(slab) [ 35.256527] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.256622] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.256705] page dumped because: kasan: bad access detected [ 35.256741] [ 35.256787] Memory state around the buggy address: [ 35.256824] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.256870] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.256914] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.256964] ^ [ 35.257000] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.257044] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.257085] ================================================================== [ 35.407891] ================================================================== [ 35.407958] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 35.408092] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.408317] [ 35.408493] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.408775] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.408986] Hardware name: linux,dummy-virt (DT) [ 35.409062] Call trace: [ 35.409119] show_stack+0x20/0x38 (C) [ 35.409494] dump_stack_lvl+0x8c/0xd0 [ 35.409570] print_report+0x118/0x5e8 [ 35.409700] kasan_report+0xdc/0x128 [ 35.409754] kasan_check_range+0x100/0x1a8 [ 35.409804] __kasan_check_write+0x20/0x30 [ 35.410377] kasan_atomics_helper+0x15b4/0x4858 [ 35.410466] kasan_atomics+0x198/0x2e0 [ 35.410517] kunit_try_run_case+0x170/0x3f0 [ 35.410603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.410683] kthread+0x328/0x630 [ 35.410741] ret_from_fork+0x10/0x20 [ 35.410793] [ 35.410822] Allocated by task 297: [ 35.410865] kasan_save_stack+0x3c/0x68 [ 35.410908] kasan_save_track+0x20/0x40 [ 35.411313] kasan_save_alloc_info+0x40/0x58 [ 35.411392] __kasan_kmalloc+0xd4/0xd8 [ 35.411455] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.411653] kasan_atomics+0xb8/0x2e0 [ 35.411876] kunit_try_run_case+0x170/0x3f0 [ 35.412112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.412247] kthread+0x328/0x630 [ 35.412470] ret_from_fork+0x10/0x20 [ 35.412519] [ 35.412727] The buggy address belongs to the object at fff00000c9a5e780 [ 35.412727] which belongs to the cache kmalloc-64 of size 64 [ 35.412926] The buggy address is located 0 bytes to the right of [ 35.412926] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.413029] [ 35.413502] The buggy address belongs to the physical page: [ 35.413705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.414146] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.414264] page_type: f5(slab) [ 35.414311] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.414717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.414779] page dumped because: kasan: bad access detected [ 35.415155] [ 35.415265] Memory state around the buggy address: [ 35.415345] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.415490] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.415537] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.415600] ^ [ 35.415637] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.416031] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.416118] ================================================================== [ 35.108888] ================================================================== [ 35.109118] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 35.109301] Read of size 4 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.109404] [ 35.109446] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.109546] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.109580] Hardware name: linux,dummy-virt (DT) [ 35.110256] kasan_report+0xdc/0x128 [ 35.112931] kasan_atomics+0xb8/0x2e0 [ 35.114541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.115307] [ 35.115375] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.119564] ================================================================== [ 35.258686] ================================================================== [ 35.258869] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 35.258979] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.259414] [ 35.259623] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.259779] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.260232] Hardware name: linux,dummy-virt (DT) [ 35.260364] Call trace: [ 35.260514] show_stack+0x20/0x38 (C) [ 35.260572] dump_stack_lvl+0x8c/0xd0 [ 35.260915] print_report+0x118/0x5e8 [ 35.261280] kasan_report+0xdc/0x128 [ 35.261425] kasan_check_range+0x100/0x1a8 [ 35.261499] __kasan_check_write+0x20/0x30 [ 35.262237] kasan_atomics_helper+0xf88/0x4858 [ 35.262351] kasan_atomics+0x198/0x2e0 [ 35.262528] kunit_try_run_case+0x170/0x3f0 [ 35.263043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.263453] kthread+0x328/0x630 [ 35.263549] ret_from_fork+0x10/0x20 [ 35.263605] [ 35.263631] Allocated by task 297: [ 35.263679] kasan_save_stack+0x3c/0x68 [ 35.263960] kasan_save_track+0x20/0x40 [ 35.264274] kasan_save_alloc_info+0x40/0x58 [ 35.264422] __kasan_kmalloc+0xd4/0xd8 [ 35.264502] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.264551] kasan_atomics+0xb8/0x2e0 [ 35.264938] kunit_try_run_case+0x170/0x3f0 [ 35.265097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.265189] kthread+0x328/0x630 [ 35.265228] ret_from_fork+0x10/0x20 [ 35.265293] [ 35.265318] The buggy address belongs to the object at fff00000c9a5e780 [ 35.265318] which belongs to the cache kmalloc-64 of size 64 [ 35.265378] The buggy address is located 0 bytes to the right of [ 35.265378] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.265451] [ 35.265483] The buggy address belongs to the physical page: [ 35.265520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.265578] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.265658] page_type: f5(slab) [ 35.265700] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.265760] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.265803] page dumped because: kasan: bad access detected [ 35.265847] [ 35.265876] Memory state around the buggy address: [ 35.265930] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.265989] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.266044] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.266085] ^ [ 35.266120] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.266164] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.266205] ================================================================== [ 35.477980] ================================================================== [ 35.478519] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 35.478600] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.478664] [ 35.478929] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.479270] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.479352] Hardware name: linux,dummy-virt (DT) [ 35.479704] Call trace: [ 35.479912] show_stack+0x20/0x38 (C) [ 35.480052] dump_stack_lvl+0x8c/0xd0 [ 35.480281] print_report+0x118/0x5e8 [ 35.480557] kasan_report+0xdc/0x128 [ 35.480651] kasan_check_range+0x100/0x1a8 [ 35.481149] __kasan_check_write+0x20/0x30 [ 35.481253] kasan_atomics_helper+0x17ec/0x4858 [ 35.481309] kasan_atomics+0x198/0x2e0 [ 35.481358] kunit_try_run_case+0x170/0x3f0 [ 35.482069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.482159] kthread+0x328/0x630 [ 35.482371] ret_from_fork+0x10/0x20 [ 35.482616] [ 35.482687] Allocated by task 297: [ 35.482939] kasan_save_stack+0x3c/0x68 [ 35.483045] kasan_save_track+0x20/0x40 [ 35.483319] kasan_save_alloc_info+0x40/0x58 [ 35.483567] __kasan_kmalloc+0xd4/0xd8 [ 35.483749] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.483878] kasan_atomics+0xb8/0x2e0 [ 35.484481] kunit_try_run_case+0x170/0x3f0 [ 35.484736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.484827] kthread+0x328/0x630 [ 35.485168] ret_from_fork+0x10/0x20 [ 35.485352] [ 35.485492] The buggy address belongs to the object at fff00000c9a5e780 [ 35.485492] which belongs to the cache kmalloc-64 of size 64 [ 35.485735] The buggy address is located 0 bytes to the right of [ 35.485735] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.485810] [ 35.485833] The buggy address belongs to the physical page: [ 35.485869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.485926] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.485977] page_type: f5(slab) [ 35.486017] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.486068] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.486111] page dumped because: kasan: bad access detected [ 35.486229] [ 35.486253] Memory state around the buggy address: [ 35.486290] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.486345] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.486396] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.486436] ^ [ 35.486480] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.486534] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.486583] ================================================================== [ 35.091907] ================================================================== [ 35.092143] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 35.092275] Write of size 4 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.092363] [ 35.092684] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.092795] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.092831] Hardware name: linux,dummy-virt (DT) [ 35.092895] Call trace: [ 35.092927] show_stack+0x20/0x38 (C) [ 35.092985] dump_stack_lvl+0x8c/0xd0 [ 35.093037] print_report+0x118/0x5e8 [ 35.093099] kasan_report+0xdc/0x128 [ 35.093147] kasan_check_range+0x100/0x1a8 [ 35.093195] __kasan_check_write+0x20/0x30 [ 35.093242] kasan_atomics_helper+0xa6c/0x4858 [ 35.093291] kasan_atomics+0x198/0x2e0 [ 35.093340] kunit_try_run_case+0x170/0x3f0 [ 35.093388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.093439] kthread+0x328/0x630 [ 35.093485] ret_from_fork+0x10/0x20 [ 35.093542] [ 35.093566] Allocated by task 297: [ 35.093599] kasan_save_stack+0x3c/0x68 [ 35.093658] kasan_save_track+0x20/0x40 [ 35.093698] kasan_save_alloc_info+0x40/0x58 [ 35.093748] __kasan_kmalloc+0xd4/0xd8 [ 35.093785] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.093828] kasan_atomics+0xb8/0x2e0 [ 35.093869] kunit_try_run_case+0x170/0x3f0 [ 35.093908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.093953] kthread+0x328/0x630 [ 35.093997] ret_from_fork+0x10/0x20 [ 35.094046] [ 35.094068] The buggy address belongs to the object at fff00000c9a5e780 [ 35.094068] which belongs to the cache kmalloc-64 of size 64 [ 35.094136] The buggy address is located 0 bytes to the right of [ 35.094136] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.094210] [ 35.094233] The buggy address belongs to the physical page: [ 35.094281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.094348] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.094409] page_type: f5(slab) [ 35.094451] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.094505] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.094556] page dumped because: kasan: bad access detected [ 35.094590] [ 35.094612] Memory state around the buggy address: [ 35.095164] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.096037] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.096134] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.096280] ^ [ 35.096606] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.096910] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.097310] ================================================================== [ 35.454438] ================================================================== [ 35.454491] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 35.454545] Read of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.454596] [ 35.454628] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.454742] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.454774] Hardware name: linux,dummy-virt (DT) [ 35.454807] Call trace: [ 35.454831] show_stack+0x20/0x38 (C) [ 35.454881] dump_stack_lvl+0x8c/0xd0 [ 35.454931] print_report+0x118/0x5e8 [ 35.454992] kasan_report+0xdc/0x128 [ 35.455039] __asan_report_load8_noabort+0x20/0x30 [ 35.455090] kasan_atomics_helper+0x3e10/0x4858 [ 35.455729] kasan_atomics+0x198/0x2e0 [ 35.455807] kunit_try_run_case+0x170/0x3f0 [ 35.455888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.456398] kthread+0x328/0x630 [ 35.456478] ret_from_fork+0x10/0x20 [ 35.457037] [ 35.457220] Allocated by task 297: [ 35.457278] kasan_save_stack+0x3c/0x68 [ 35.457357] kasan_save_track+0x20/0x40 [ 35.457689] kasan_save_alloc_info+0x40/0x58 [ 35.457754] __kasan_kmalloc+0xd4/0xd8 [ 35.458085] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.458487] kasan_atomics+0xb8/0x2e0 [ 35.458560] kunit_try_run_case+0x170/0x3f0 [ 35.458635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.458692] kthread+0x328/0x630 [ 35.458902] ret_from_fork+0x10/0x20 [ 35.459087] [ 35.459278] The buggy address belongs to the object at fff00000c9a5e780 [ 35.459278] which belongs to the cache kmalloc-64 of size 64 [ 35.459714] The buggy address is located 0 bytes to the right of [ 35.459714] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.459965] [ 35.460003] The buggy address belongs to the physical page: [ 35.460056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.460413] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.460660] page_type: f5(slab) [ 35.460729] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.460880] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.460970] page dumped because: kasan: bad access detected [ 35.461045] [ 35.461436] Memory state around the buggy address: [ 35.461614] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.461707] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.461761] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.462053] ^ [ 35.462197] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.462267] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.462563] ================================================================== [ 35.388330] ================================================================== [ 35.388700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 35.388770] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.388822] [ 35.389228] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.389352] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.389450] Hardware name: linux,dummy-virt (DT) [ 35.389517] Call trace: [ 35.389555] show_stack+0x20/0x38 (C) [ 35.389762] dump_stack_lvl+0x8c/0xd0 [ 35.389851] print_report+0x118/0x5e8 [ 35.389905] kasan_report+0xdc/0x128 [ 35.390299] kasan_check_range+0x100/0x1a8 [ 35.390436] __kasan_check_write+0x20/0x30 [ 35.390774] kasan_atomics_helper+0x14e4/0x4858 [ 35.390861] kasan_atomics+0x198/0x2e0 [ 35.390946] kunit_try_run_case+0x170/0x3f0 [ 35.391038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.391348] kthread+0x328/0x630 [ 35.391513] ret_from_fork+0x10/0x20 [ 35.391568] [ 35.391606] Allocated by task 297: [ 35.391655] kasan_save_stack+0x3c/0x68 [ 35.391947] kasan_save_track+0x20/0x40 [ 35.392385] kasan_save_alloc_info+0x40/0x58 [ 35.392460] __kasan_kmalloc+0xd4/0xd8 [ 35.392521] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.392586] kasan_atomics+0xb8/0x2e0 [ 35.392939] kunit_try_run_case+0x170/0x3f0 [ 35.393289] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.393370] kthread+0x328/0x630 [ 35.393485] ret_from_fork+0x10/0x20 [ 35.393525] [ 35.394138] The buggy address belongs to the object at fff00000c9a5e780 [ 35.394138] which belongs to the cache kmalloc-64 of size 64 [ 35.394512] The buggy address is located 0 bytes to the right of [ 35.394512] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.394685] [ 35.394732] The buggy address belongs to the physical page: [ 35.394778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.394923] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.395021] page_type: f5(slab) [ 35.395314] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.395551] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.395637] page dumped because: kasan: bad access detected [ 35.395745] [ 35.395768] Memory state around the buggy address: [ 35.395804] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.395872] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.395918] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.396076] ^ [ 35.396277] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.396732] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.396803] ================================================================== [ 35.436976] ================================================================== [ 35.437113] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 35.437173] Read of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.437231] [ 35.437266] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.437355] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.437388] Hardware name: linux,dummy-virt (DT) [ 35.437420] Call trace: [ 35.437445] show_stack+0x20/0x38 (C) [ 35.437495] dump_stack_lvl+0x8c/0xd0 [ 35.437545] print_report+0x118/0x5e8 [ 35.437591] kasan_report+0xdc/0x128 [ 35.437637] __asan_report_load8_noabort+0x20/0x30 [ 35.437766] kasan_atomics_helper+0x3df4/0x4858 [ 35.437829] kasan_atomics+0x198/0x2e0 [ 35.437878] kunit_try_run_case+0x170/0x3f0 [ 35.437927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.437982] kthread+0x328/0x630 [ 35.438027] ret_from_fork+0x10/0x20 [ 35.438074] [ 35.438095] Allocated by task 297: [ 35.438126] kasan_save_stack+0x3c/0x68 [ 35.438166] kasan_save_track+0x20/0x40 [ 35.438203] kasan_save_alloc_info+0x40/0x58 [ 35.438242] __kasan_kmalloc+0xd4/0xd8 [ 35.438287] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.438329] kasan_atomics+0xb8/0x2e0 [ 35.438368] kunit_try_run_case+0x170/0x3f0 [ 35.438416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.438462] kthread+0x328/0x630 [ 35.438495] ret_from_fork+0x10/0x20 [ 35.438533] [ 35.438553] The buggy address belongs to the object at fff00000c9a5e780 [ 35.438553] which belongs to the cache kmalloc-64 of size 64 [ 35.438619] The buggy address is located 0 bytes to the right of [ 35.438619] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.439814] [ 35.439944] The buggy address belongs to the physical page: [ 35.440050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.440350] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.440715] page_type: f5(slab) [ 35.441155] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.441292] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.441451] page dumped because: kasan: bad access detected [ 35.441526] [ 35.441571] Memory state around the buggy address: [ 35.442041] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.442185] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.442662] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.443045] ^ [ 35.443117] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.443223] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.443305] ================================================================== [ 34.942887] ================================================================== [ 34.942952] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 34.943264] Write of size 4 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 34.944658] dump_stack_lvl+0x8c/0xd0 [ 34.945588] kasan_atomics_helper+0x414/0x4858 [ 34.947223] kasan_save_stack+0x3c/0x68 [ 34.947946] kasan_atomics+0xb8/0x2e0 [ 34.948486] [ 34.948765] The buggy address belongs to the object at fff00000c9a5e780 [ 34.948765] which belongs to the cache kmalloc-64 of size 64 [ 34.950818] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.954493] ================================================================== [ 35.463423] ================================================================== [ 35.463477] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 35.463533] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.463584] [ 35.463617] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.463721] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.463753] Hardware name: linux,dummy-virt (DT) [ 35.463785] Call trace: [ 35.463809] show_stack+0x20/0x38 (C) [ 35.463859] dump_stack_lvl+0x8c/0xd0 [ 35.463909] print_report+0x118/0x5e8 [ 35.464137] kasan_report+0xdc/0x128 [ 35.464201] kasan_check_range+0x100/0x1a8 [ 35.464249] __kasan_check_write+0x20/0x30 [ 35.464298] kasan_atomics_helper+0x175c/0x4858 [ 35.464350] kasan_atomics+0x198/0x2e0 [ 35.464398] kunit_try_run_case+0x170/0x3f0 [ 35.464447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.464501] kthread+0x328/0x630 [ 35.464544] ret_from_fork+0x10/0x20 [ 35.464602] [ 35.464624] Allocated by task 297: [ 35.465412] kasan_save_stack+0x3c/0x68 [ 35.465634] kasan_save_track+0x20/0x40 [ 35.465704] kasan_save_alloc_info+0x40/0x58 [ 35.465943] __kasan_kmalloc+0xd4/0xd8 [ 35.466005] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.466059] kasan_atomics+0xb8/0x2e0 [ 35.466437] kunit_try_run_case+0x170/0x3f0 [ 35.466881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.467157] kthread+0x328/0x630 [ 35.467200] ret_from_fork+0x10/0x20 [ 35.467262] [ 35.467460] The buggy address belongs to the object at fff00000c9a5e780 [ 35.467460] which belongs to the cache kmalloc-64 of size 64 [ 35.467610] The buggy address is located 0 bytes to the right of [ 35.467610] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.468422] [ 35.468472] The buggy address belongs to the physical page: [ 35.468549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.468934] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.469151] page_type: f5(slab) [ 35.469489] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.469606] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.469811] page dumped because: kasan: bad access detected [ 35.469913] [ 35.470010] Memory state around the buggy address: [ 35.470087] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.470146] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.470197] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.470587] ^ [ 35.470669] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.470881] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.470928] ================================================================== [ 35.098304] ================================================================== [ 35.098591] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 35.098844] Write of size 4 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.098904] [ 35.098980] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.099467] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.099593] Hardware name: linux,dummy-virt (DT) [ 35.099722] Call trace: [ 35.099770] show_stack+0x20/0x38 (C) [ 35.099827] dump_stack_lvl+0x8c/0xd0 [ 35.099879] print_report+0x118/0x5e8 [ 35.100281] kasan_report+0xdc/0x128 [ 35.100429] kasan_check_range+0x100/0x1a8 [ 35.100533] __kasan_check_write+0x20/0x30 [ 35.100989] kasan_atomics_helper+0xad4/0x4858 [ 35.102073] [ 35.102170] Allocated by task 297: [ 35.102707] __kasan_kmalloc+0xd4/0xd8 [ 35.104585] [ 35.105261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.106050] page dumped because: kasan: bad access detected [ 35.106177] [ 35.106300] Memory state around the buggy address: [ 35.106485] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.106551] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.106663] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.106739] ^ [ 35.106815] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.107217] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.107328] ================================================================== [ 35.353823] ================================================================== [ 35.353886] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 35.354253] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.354335] [ 35.354535] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.354701] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.354758] Hardware name: linux,dummy-virt (DT) [ 35.354793] Call trace: [ 35.354820] show_stack+0x20/0x38 (C) [ 35.354932] dump_stack_lvl+0x8c/0xd0 [ 35.355172] print_report+0x118/0x5e8 [ 35.355248] kasan_report+0xdc/0x128 [ 35.355362] kasan_check_range+0x100/0x1a8 [ 35.355412] __kasan_check_write+0x20/0x30 [ 35.355460] kasan_atomics_helper+0x1384/0x4858 [ 35.355551] kasan_atomics+0x198/0x2e0 [ 35.355600] kunit_try_run_case+0x170/0x3f0 [ 35.355670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.355725] kthread+0x328/0x630 [ 35.355770] ret_from_fork+0x10/0x20 [ 35.355828] [ 35.355852] Allocated by task 297: [ 35.355894] kasan_save_stack+0x3c/0x68 [ 35.355938] kasan_save_track+0x20/0x40 [ 35.355976] kasan_save_alloc_info+0x40/0x58 [ 35.356026] __kasan_kmalloc+0xd4/0xd8 [ 35.356063] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.356106] kasan_atomics+0xb8/0x2e0 [ 35.356146] kunit_try_run_case+0x170/0x3f0 [ 35.356205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.356250] kthread+0x328/0x630 [ 35.356291] ret_from_fork+0x10/0x20 [ 35.356329] [ 35.356357] The buggy address belongs to the object at fff00000c9a5e780 [ 35.356357] which belongs to the cache kmalloc-64 of size 64 [ 35.356415] The buggy address is located 0 bytes to the right of [ 35.356415] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.356487] [ 35.356511] The buggy address belongs to the physical page: [ 35.356563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.356627] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.357237] page_type: f5(slab) [ 35.358031] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.358102] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.358218] page dumped because: kasan: bad access detected [ 35.358255] [ 35.358278] Memory state around the buggy address: [ 35.358861] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.359189] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.359364] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.359442] ^ [ 35.359774] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.359866] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.359963] ================================================================== [ 35.204950] ================================================================== [ 35.205098] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 35.205182] Read of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.205519] [ 35.205713] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.206338] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.206449] Hardware name: linux,dummy-virt (DT) [ 35.206495] Call trace: [ 35.206522] show_stack+0x20/0x38 (C) [ 35.206770] dump_stack_lvl+0x8c/0xd0 [ 35.206827] print_report+0x118/0x5e8 [ 35.206874] kasan_report+0xdc/0x128 [ 35.206921] __asan_report_load8_noabort+0x20/0x30 [ 35.207387] kasan_atomics_helper+0x3f58/0x4858 [ 35.207720] kasan_atomics+0x198/0x2e0 [ 35.208023] kunit_try_run_case+0x170/0x3f0 [ 35.208226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.208506] kthread+0x328/0x630 [ 35.208843] ret_from_fork+0x10/0x20 [ 35.209239] [ 35.209308] Allocated by task 297: [ 35.209370] kasan_save_stack+0x3c/0x68 [ 35.209950] kasan_save_track+0x20/0x40 [ 35.210004] kasan_save_alloc_info+0x40/0x58 [ 35.210071] __kasan_kmalloc+0xd4/0xd8 [ 35.210192] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.210583] kasan_atomics+0xb8/0x2e0 [ 35.210853] kunit_try_run_case+0x170/0x3f0 [ 35.211004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.211056] kthread+0x328/0x630 [ 35.211091] ret_from_fork+0x10/0x20 [ 35.211128] [ 35.211401] The buggy address belongs to the object at fff00000c9a5e780 [ 35.211401] which belongs to the cache kmalloc-64 of size 64 [ 35.211677] The buggy address is located 0 bytes to the right of [ 35.211677] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.211751] [ 35.211825] The buggy address belongs to the physical page: [ 35.211888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.211979] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.212038] page_type: f5(slab) [ 35.212084] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.212136] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.212188] page dumped because: kasan: bad access detected [ 35.212219] [ 35.212251] Memory state around the buggy address: [ 35.212287] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.212333] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.212379] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.212428] ^ [ 35.212463] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.212508] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.212557] ================================================================== [ 35.443997] ================================================================== [ 35.444100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 35.444168] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.444540] [ 35.444608] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.444770] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.444804] Hardware name: linux,dummy-virt (DT) [ 35.444864] Call trace: [ 35.444990] show_stack+0x20/0x38 (C) [ 35.445048] dump_stack_lvl+0x8c/0xd0 [ 35.445683] print_report+0x118/0x5e8 [ 35.445761] kasan_report+0xdc/0x128 [ 35.445809] kasan_check_range+0x100/0x1a8 [ 35.446028] __kasan_check_write+0x20/0x30 [ 35.446169] kasan_atomics_helper+0x16d0/0x4858 [ 35.446476] kasan_atomics+0x198/0x2e0 [ 35.446653] kunit_try_run_case+0x170/0x3f0 [ 35.446740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.446977] kthread+0x328/0x630 [ 35.447456] ret_from_fork+0x10/0x20 [ 35.447547] [ 35.447573] Allocated by task 297: [ 35.447607] kasan_save_stack+0x3c/0x68 [ 35.447661] kasan_save_track+0x20/0x40 [ 35.447701] kasan_save_alloc_info+0x40/0x58 [ 35.447742] __kasan_kmalloc+0xd4/0xd8 [ 35.448092] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.448434] kasan_atomics+0xb8/0x2e0 [ 35.448620] kunit_try_run_case+0x170/0x3f0 [ 35.448828] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.449007] kthread+0x328/0x630 [ 35.449066] ret_from_fork+0x10/0x20 [ 35.449621] [ 35.449663] The buggy address belongs to the object at fff00000c9a5e780 [ 35.449663] which belongs to the cache kmalloc-64 of size 64 [ 35.449993] The buggy address is located 0 bytes to the right of [ 35.449993] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.450382] [ 35.450491] The buggy address belongs to the physical page: [ 35.450715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.450920] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.451243] page_type: f5(slab) [ 35.451532] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.451621] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.451688] page dumped because: kasan: bad access detected [ 35.451950] [ 35.452185] Memory state around the buggy address: [ 35.452264] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.452361] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.452816] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.453298] ^ [ 35.453462] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.453634] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.453744] ================================================================== [ 35.268448] ================================================================== [ 35.269003] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 35.269262] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.269887] [ 35.269941] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.270035] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.270068] Hardware name: linux,dummy-virt (DT) [ 35.270409] Call trace: [ 35.270454] show_stack+0x20/0x38 (C) [ 35.270714] dump_stack_lvl+0x8c/0xd0 [ 35.270775] print_report+0x118/0x5e8 [ 35.270822] kasan_report+0xdc/0x128 [ 35.271238] kasan_check_range+0x100/0x1a8 [ 35.271449] __kasan_check_write+0x20/0x30 [ 35.271673] kasan_atomics_helper+0xff0/0x4858 [ 35.271734] kasan_atomics+0x198/0x2e0 [ 35.271813] kunit_try_run_case+0x170/0x3f0 [ 35.272129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.272614] kthread+0x328/0x630 [ 35.272756] ret_from_fork+0x10/0x20 [ 35.272809] [ 35.273476] Allocated by task 297: [ 35.273582] kasan_save_stack+0x3c/0x68 [ 35.273951] kasan_save_track+0x20/0x40 [ 35.274026] kasan_save_alloc_info+0x40/0x58 [ 35.274201] __kasan_kmalloc+0xd4/0xd8 [ 35.274377] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.274777] kasan_atomics+0xb8/0x2e0 [ 35.275156] kunit_try_run_case+0x170/0x3f0 [ 35.275264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.275380] kthread+0x328/0x630 [ 35.275758] ret_from_fork+0x10/0x20 [ 35.275853] [ 35.275877] The buggy address belongs to the object at fff00000c9a5e780 [ 35.275877] which belongs to the cache kmalloc-64 of size 64 [ 35.275938] The buggy address is located 0 bytes to the right of [ 35.275938] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.276303] [ 35.276344] The buggy address belongs to the physical page: [ 35.276657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.277055] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.277500] page_type: f5(slab) [ 35.277613] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.277771] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.277855] page dumped because: kasan: bad access detected [ 35.277928] [ 35.277996] Memory state around the buggy address: [ 35.278041] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.278418] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.278492] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.278813] ^ [ 35.278906] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.279102] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.279172] ================================================================== [ 35.194298] ================================================================== [ 35.194359] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 35.194577] Read of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.194635] [ 35.195008] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.195193] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.195594] Hardware name: linux,dummy-virt (DT) [ 35.195661] Call trace: [ 35.195688] show_stack+0x20/0x38 (C) [ 35.195744] dump_stack_lvl+0x8c/0xd0 [ 35.195795] print_report+0x118/0x5e8 [ 35.195989] kasan_report+0xdc/0x128 [ 35.196354] kasan_check_range+0x100/0x1a8 [ 35.196499] __kasan_check_read+0x20/0x30 [ 35.196770] kasan_atomics_helper+0xdd4/0x4858 [ 35.196837] kasan_atomics+0x198/0x2e0 [ 35.196889] kunit_try_run_case+0x170/0x3f0 [ 35.197069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.197138] kthread+0x328/0x630 [ 35.197181] ret_from_fork+0x10/0x20 [ 35.197231] [ 35.197283] Allocated by task 297: [ 35.197333] kasan_save_stack+0x3c/0x68 [ 35.197375] kasan_save_track+0x20/0x40 [ 35.197413] kasan_save_alloc_info+0x40/0x58 [ 35.197454] __kasan_kmalloc+0xd4/0xd8 [ 35.197497] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.197542] kasan_atomics+0xb8/0x2e0 [ 35.197582] kunit_try_run_case+0x170/0x3f0 [ 35.197626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.198552] kthread+0x328/0x630 [ 35.199088] ret_from_fork+0x10/0x20 [ 35.199162] [ 35.199285] The buggy address belongs to the object at fff00000c9a5e780 [ 35.199285] which belongs to the cache kmalloc-64 of size 64 [ 35.199357] The buggy address is located 0 bytes to the right of [ 35.199357] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.199429] [ 35.199452] The buggy address belongs to the physical page: [ 35.199489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.199548] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.199940] page_type: f5(slab) [ 35.200283] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.200418] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.200564] page dumped because: kasan: bad access detected [ 35.200599] [ 35.200779] Memory state around the buggy address: [ 35.201285] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.201430] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.201562] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.201788] ^ [ 35.201830] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.201892] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.202160] ================================================================== [ 35.340727] ================================================================== [ 35.340783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 35.341008] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.341075] [ 35.341309] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.341633] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.341696] Hardware name: linux,dummy-virt (DT) [ 35.341817] Call trace: [ 35.341879] show_stack+0x20/0x38 (C) [ 35.341963] dump_stack_lvl+0x8c/0xd0 [ 35.342014] print_report+0x118/0x5e8 [ 35.342342] kasan_report+0xdc/0x128 [ 35.342708] kasan_check_range+0x100/0x1a8 [ 35.342815] __kasan_check_write+0x20/0x30 [ 35.343184] kasan_atomics_helper+0x12d8/0x4858 [ 35.343265] kasan_atomics+0x198/0x2e0 [ 35.343810] kunit_try_run_case+0x170/0x3f0 [ 35.343890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.343947] kthread+0x328/0x630 [ 35.343991] ret_from_fork+0x10/0x20 [ 35.344046] [ 35.344505] Allocated by task 297: [ 35.344856] kasan_save_stack+0x3c/0x68 [ 35.344915] kasan_save_track+0x20/0x40 [ 35.345116] kasan_save_alloc_info+0x40/0x58 [ 35.345628] __kasan_kmalloc+0xd4/0xd8 [ 35.345705] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.346088] kasan_atomics+0xb8/0x2e0 [ 35.346480] kunit_try_run_case+0x170/0x3f0 [ 35.346547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.346622] kthread+0x328/0x630 [ 35.346765] ret_from_fork+0x10/0x20 [ 35.346809] [ 35.347008] The buggy address belongs to the object at fff00000c9a5e780 [ 35.347008] which belongs to the cache kmalloc-64 of size 64 [ 35.347265] The buggy address is located 0 bytes to the right of [ 35.347265] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.347513] [ 35.348021] The buggy address belongs to the physical page: [ 35.348179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.348328] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.348612] page_type: f5(slab) [ 35.348863] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.348937] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.349119] page dumped because: kasan: bad access detected [ 35.349160] [ 35.349220] Memory state around the buggy address: [ 35.349268] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.349315] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.349371] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.349411] ^ [ 35.349447] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.349490] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.349540] ================================================================== [ 35.217020] ================================================================== [ 35.217100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 35.217177] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.217237] [ 35.217273] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.217699] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.217883] Hardware name: linux,dummy-virt (DT) [ 35.218169] Call trace: [ 35.218345] show_stack+0x20/0x38 (C) [ 35.218413] dump_stack_lvl+0x8c/0xd0 [ 35.218695] print_report+0x118/0x5e8 [ 35.219072] kasan_report+0xdc/0x128 [ 35.219144] kasan_check_range+0x100/0x1a8 [ 35.219390] __kasan_check_write+0x20/0x30 [ 35.219498] kasan_atomics_helper+0xe44/0x4858 [ 35.219786] kasan_atomics+0x198/0x2e0 [ 35.220279] kunit_try_run_case+0x170/0x3f0 [ 35.220377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.220436] kthread+0x328/0x630 [ 35.220957] ret_from_fork+0x10/0x20 [ 35.221173] [ 35.221225] Allocated by task 297: [ 35.221262] kasan_save_stack+0x3c/0x68 [ 35.221583] kasan_save_track+0x20/0x40 [ 35.221673] kasan_save_alloc_info+0x40/0x58 [ 35.222068] __kasan_kmalloc+0xd4/0xd8 [ 35.222182] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.222446] kasan_atomics+0xb8/0x2e0 [ 35.222612] kunit_try_run_case+0x170/0x3f0 [ 35.222860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.223658] kthread+0x328/0x630 [ 35.223867] ret_from_fork+0x10/0x20 [ 35.224030] [ 35.224492] The buggy address belongs to the object at fff00000c9a5e780 [ 35.224492] which belongs to the cache kmalloc-64 of size 64 [ 35.224569] The buggy address is located 0 bytes to the right of [ 35.224569] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.224635] [ 35.224676] The buggy address belongs to the physical page: [ 35.225204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.225895] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.226182] page_type: f5(slab) [ 35.226401] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.226536] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.226774] page dumped because: kasan: bad access detected [ 35.227245] [ 35.227490] Memory state around the buggy address: [ 35.227691] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.227803] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.227949] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.227991] ^ [ 35.228028] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.228073] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.228131] ================================================================== [ 35.471515] ================================================================== [ 35.471568] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 35.471622] Read of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.471686] [ 35.471717] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.471805] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.472028] Hardware name: linux,dummy-virt (DT) [ 35.472109] Call trace: [ 35.472136] show_stack+0x20/0x38 (C) [ 35.472594] dump_stack_lvl+0x8c/0xd0 [ 35.472703] print_report+0x118/0x5e8 [ 35.472851] kasan_report+0xdc/0x128 [ 35.472949] __asan_report_load8_noabort+0x20/0x30 [ 35.473011] kasan_atomics_helper+0x3e20/0x4858 [ 35.473064] kasan_atomics+0x198/0x2e0 [ 35.473303] kunit_try_run_case+0x170/0x3f0 [ 35.473371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.473696] kthread+0x328/0x630 [ 35.473767] ret_from_fork+0x10/0x20 [ 35.473936] [ 35.473966] Allocated by task 297: [ 35.474000] kasan_save_stack+0x3c/0x68 [ 35.474042] kasan_save_track+0x20/0x40 [ 35.474288] kasan_save_alloc_info+0x40/0x58 [ 35.474598] __kasan_kmalloc+0xd4/0xd8 [ 35.474839] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.474912] kasan_atomics+0xb8/0x2e0 [ 35.474972] kunit_try_run_case+0x170/0x3f0 [ 35.475338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.475419] kthread+0x328/0x630 [ 35.475717] ret_from_fork+0x10/0x20 [ 35.475768] [ 35.476046] The buggy address belongs to the object at fff00000c9a5e780 [ 35.476046] which belongs to the cache kmalloc-64 of size 64 [ 35.476375] The buggy address is located 0 bytes to the right of [ 35.476375] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.476558] [ 35.476615] The buggy address belongs to the physical page: [ 35.476751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.476846] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.476910] page_type: f5(slab) [ 35.476951] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.477068] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.477110] page dumped because: kasan: bad access detected [ 35.477142] [ 35.477184] Memory state around the buggy address: [ 35.477228] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.477277] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.477323] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.477364] ^ [ 35.477400] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.477455] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.477506] ================================================================== [ 35.299539] ================================================================== [ 35.299634] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 35.300016] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.300086] [ 35.300121] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.300361] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.300637] Hardware name: linux,dummy-virt (DT) [ 35.300702] Call trace: [ 35.300728] show_stack+0x20/0x38 (C) [ 35.300821] dump_stack_lvl+0x8c/0xd0 [ 35.300875] print_report+0x118/0x5e8 [ 35.300922] kasan_report+0xdc/0x128 [ 35.300967] kasan_check_range+0x100/0x1a8 [ 35.301014] __kasan_check_write+0x20/0x30 [ 35.301063] kasan_atomics_helper+0x1128/0x4858 [ 35.301123] kasan_atomics+0x198/0x2e0 [ 35.301179] kunit_try_run_case+0x170/0x3f0 [ 35.301236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.301291] kthread+0x328/0x630 [ 35.301335] ret_from_fork+0x10/0x20 [ 35.301381] [ 35.301403] Allocated by task 297: [ 35.301436] kasan_save_stack+0x3c/0x68 [ 35.301478] kasan_save_track+0x20/0x40 [ 35.301515] kasan_save_alloc_info+0x40/0x58 [ 35.301555] __kasan_kmalloc+0xd4/0xd8 [ 35.301602] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.301658] kasan_atomics+0xb8/0x2e0 [ 35.301745] kunit_try_run_case+0x170/0x3f0 [ 35.301790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.302055] kthread+0x328/0x630 [ 35.302651] ret_from_fork+0x10/0x20 [ 35.302922] [ 35.302993] The buggy address belongs to the object at fff00000c9a5e780 [ 35.302993] which belongs to the cache kmalloc-64 of size 64 [ 35.303496] The buggy address is located 0 bytes to the right of [ 35.303496] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.304124] [ 35.304226] The buggy address belongs to the physical page: [ 35.304983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.305115] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.305182] page_type: f5(slab) [ 35.305224] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.305956] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.306058] page dumped because: kasan: bad access detected [ 35.306323] [ 35.306872] Memory state around the buggy address: [ 35.306932] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.307102] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.307206] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.307331] ^ [ 35.307408] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.307577] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.307816] ================================================================== [ 35.180627] ================================================================== [ 35.180717] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 35.181143] Read of size 4 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.181330] [ 35.181451] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.182004] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.182195] Hardware name: linux,dummy-virt (DT) [ 35.182293] Call trace: [ 35.182319] show_stack+0x20/0x38 (C) [ 35.182901] dump_stack_lvl+0x8c/0xd0 [ 35.183307] print_report+0x118/0x5e8 [ 35.183436] kasan_report+0xdc/0x128 [ 35.183486] __asan_report_load4_noabort+0x20/0x30 [ 35.183536] kasan_atomics_helper+0x3e04/0x4858 [ 35.183589] kasan_atomics+0x198/0x2e0 [ 35.184175] kunit_try_run_case+0x170/0x3f0 [ 35.184383] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.184597] kthread+0x328/0x630 [ 35.184868] ret_from_fork+0x10/0x20 [ 35.185108] [ 35.185158] Allocated by task 297: [ 35.185434] kasan_save_stack+0x3c/0x68 [ 35.185730] kasan_save_track+0x20/0x40 [ 35.185967] kasan_save_alloc_info+0x40/0x58 [ 35.186404] __kasan_kmalloc+0xd4/0xd8 [ 35.186466] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.186925] kasan_atomics+0xb8/0x2e0 [ 35.187291] kunit_try_run_case+0x170/0x3f0 [ 35.187368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.187415] kthread+0x328/0x630 [ 35.187726] ret_from_fork+0x10/0x20 [ 35.188128] [ 35.188179] The buggy address belongs to the object at fff00000c9a5e780 [ 35.188179] which belongs to the cache kmalloc-64 of size 64 [ 35.188382] The buggy address is located 0 bytes to the right of [ 35.188382] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.188502] [ 35.188714] The buggy address belongs to the physical page: [ 35.189032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.189152] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.189344] page_type: f5(slab) [ 35.189388] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.189771] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.190357] page dumped because: kasan: bad access detected [ 35.190419] [ 35.190588] Memory state around the buggy address: [ 35.190961] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.191070] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.191205] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.191292] ^ [ 35.191330] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.191657] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.191742] ================================================================== [ 35.309091] ================================================================== [ 35.309406] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 35.309636] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.309830] [ 35.310021] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.310138] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.310172] Hardware name: linux,dummy-virt (DT) [ 35.310207] Call trace: [ 35.310231] show_stack+0x20/0x38 (C) [ 35.310526] dump_stack_lvl+0x8c/0xd0 [ 35.311260] print_report+0x118/0x5e8 [ 35.311442] kasan_report+0xdc/0x128 [ 35.311523] kasan_check_range+0x100/0x1a8 [ 35.311973] __kasan_check_write+0x20/0x30 [ 35.312450] kasan_atomics_helper+0x1190/0x4858 [ 35.312677] kasan_atomics+0x198/0x2e0 [ 35.312786] kunit_try_run_case+0x170/0x3f0 [ 35.313207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.313421] kthread+0x328/0x630 [ 35.313715] ret_from_fork+0x10/0x20 [ 35.313871] [ 35.314180] Allocated by task 297: [ 35.314227] kasan_save_stack+0x3c/0x68 [ 35.314777] kasan_save_track+0x20/0x40 [ 35.315237] kasan_save_alloc_info+0x40/0x58 [ 35.315346] __kasan_kmalloc+0xd4/0xd8 [ 35.315849] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.315919] kasan_atomics+0xb8/0x2e0 [ 35.315975] kunit_try_run_case+0x170/0x3f0 [ 35.316025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.316774] kthread+0x328/0x630 [ 35.316922] ret_from_fork+0x10/0x20 [ 35.316964] [ 35.317020] The buggy address belongs to the object at fff00000c9a5e780 [ 35.317020] which belongs to the cache kmalloc-64 of size 64 [ 35.317088] The buggy address is located 0 bytes to the right of [ 35.317088] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.317349] [ 35.317402] The buggy address belongs to the physical page: [ 35.317834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.317941] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.317993] page_type: f5(slab) [ 35.318032] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.318094] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.318152] page dumped because: kasan: bad access detected [ 35.318196] [ 35.318224] Memory state around the buggy address: [ 35.318261] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.318316] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.318362] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.318403] ^ [ 35.318440] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.318484] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.318523] ================================================================== [ 35.330301] ================================================================== [ 35.330739] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 35.330851] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.331229] [ 35.331273] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.331598] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.331884] Hardware name: linux,dummy-virt (DT) [ 35.332172] Call trace: [ 35.332674] show_stack+0x20/0x38 (C) [ 35.332749] dump_stack_lvl+0x8c/0xd0 [ 35.332800] print_report+0x118/0x5e8 [ 35.333174] kasan_report+0xdc/0x128 [ 35.333258] kasan_check_range+0x100/0x1a8 [ 35.333598] __kasan_check_write+0x20/0x30 [ 35.333683] kasan_atomics_helper+0x126c/0x4858 [ 35.334050] kasan_atomics+0x198/0x2e0 [ 35.334608] kunit_try_run_case+0x170/0x3f0 [ 35.334694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.334824] kthread+0x328/0x630 [ 35.334870] ret_from_fork+0x10/0x20 [ 35.334930] [ 35.334980] Allocated by task 297: [ 35.335382] kasan_save_stack+0x3c/0x68 [ 35.335470] kasan_save_track+0x20/0x40 [ 35.335673] kasan_save_alloc_info+0x40/0x58 [ 35.335891] __kasan_kmalloc+0xd4/0xd8 [ 35.335974] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.336273] kasan_atomics+0xb8/0x2e0 [ 35.336327] kunit_try_run_case+0x170/0x3f0 [ 35.336783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.336860] kthread+0x328/0x630 [ 35.337216] ret_from_fork+0x10/0x20 [ 35.337949] [ 35.338087] The buggy address belongs to the object at fff00000c9a5e780 [ 35.338087] which belongs to the cache kmalloc-64 of size 64 [ 35.338298] The buggy address is located 0 bytes to the right of [ 35.338298] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.338487] [ 35.338561] The buggy address belongs to the physical page: [ 35.338601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.338689] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.338752] page_type: f5(slab) [ 35.338814] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.338877] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.338919] page dumped because: kasan: bad access detected [ 35.338952] [ 35.338983] Memory state around the buggy address: [ 35.339030] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.339083] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.339151] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.339200] ^ [ 35.339241] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.339286] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.339349] ================================================================== [ 35.398250] ================================================================== [ 35.398392] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 35.398453] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.398506] [ 35.398690] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.398790] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.398824] Hardware name: linux,dummy-virt (DT) [ 35.399006] Call trace: [ 35.399353] show_stack+0x20/0x38 (C) [ 35.399835] dump_stack_lvl+0x8c/0xd0 [ 35.400125] print_report+0x118/0x5e8 [ 35.400241] kasan_report+0xdc/0x128 [ 35.400365] kasan_check_range+0x100/0x1a8 [ 35.400415] __kasan_check_write+0x20/0x30 [ 35.400464] kasan_atomics_helper+0x154c/0x4858 [ 35.400800] kasan_atomics+0x198/0x2e0 [ 35.401039] kunit_try_run_case+0x170/0x3f0 [ 35.401370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.401475] kthread+0x328/0x630 [ 35.401522] ret_from_fork+0x10/0x20 [ 35.402098] [ 35.402297] Allocated by task 297: [ 35.402356] kasan_save_stack+0x3c/0x68 [ 35.402411] kasan_save_track+0x20/0x40 [ 35.402459] kasan_save_alloc_info+0x40/0x58 [ 35.402800] __kasan_kmalloc+0xd4/0xd8 [ 35.403127] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.403213] kasan_atomics+0xb8/0x2e0 [ 35.403322] kunit_try_run_case+0x170/0x3f0 [ 35.403388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.403441] kthread+0x328/0x630 [ 35.403477] ret_from_fork+0x10/0x20 [ 35.403515] [ 35.403870] The buggy address belongs to the object at fff00000c9a5e780 [ 35.403870] which belongs to the cache kmalloc-64 of size 64 [ 35.404169] The buggy address is located 0 bytes to the right of [ 35.404169] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.404467] [ 35.404605] The buggy address belongs to the physical page: [ 35.404660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.405000] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.405129] page_type: f5(slab) [ 35.405219] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.405653] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.405768] page dumped because: kasan: bad access detected [ 35.405857] [ 35.406028] Memory state around the buggy address: [ 35.406072] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.406126] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.406171] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.406210] ^ [ 35.406272] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.406316] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.406362] ================================================================== [ 35.280502] ================================================================== [ 35.280593] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 35.280698] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.280922] [ 35.280987] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.281090] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.281124] Hardware name: linux,dummy-virt (DT) [ 35.281443] Call trace: [ 35.281606] show_stack+0x20/0x38 (C) [ 35.281689] dump_stack_lvl+0x8c/0xd0 [ 35.281742] print_report+0x118/0x5e8 [ 35.281922] kasan_report+0xdc/0x128 [ 35.281986] kasan_check_range+0x100/0x1a8 [ 35.282034] __kasan_check_write+0x20/0x30 [ 35.282389] kasan_atomics_helper+0x1058/0x4858 [ 35.282468] kasan_atomics+0x198/0x2e0 [ 35.282658] kunit_try_run_case+0x170/0x3f0 [ 35.282799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.282861] kthread+0x328/0x630 [ 35.282906] ret_from_fork+0x10/0x20 [ 35.282962] [ 35.283337] Allocated by task 297: [ 35.283565] kasan_save_stack+0x3c/0x68 [ 35.283617] kasan_save_track+0x20/0x40 [ 35.283956] kasan_save_alloc_info+0x40/0x58 [ 35.284181] __kasan_kmalloc+0xd4/0xd8 [ 35.284239] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.284292] kasan_atomics+0xb8/0x2e0 [ 35.284333] kunit_try_run_case+0x170/0x3f0 [ 35.284386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.284432] kthread+0x328/0x630 [ 35.284469] ret_from_fork+0x10/0x20 [ 35.284509] [ 35.284540] The buggy address belongs to the object at fff00000c9a5e780 [ 35.284540] which belongs to the cache kmalloc-64 of size 64 [ 35.284601] The buggy address is located 0 bytes to the right of [ 35.284601] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.284679] [ 35.284702] The buggy address belongs to the physical page: [ 35.284740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.284795] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.284854] page_type: f5(slab) [ 35.284894] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.284955] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.285003] page dumped because: kasan: bad access detected [ 35.285046] [ 35.285067] Memory state around the buggy address: [ 35.285112] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.285157] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.285202] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.285256] ^ [ 35.285293] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.285352] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.285401] ================================================================== [ 35.370984] ================================================================== [ 35.371326] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 35.371801] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.371937] [ 35.372002] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.372754] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.373043] Hardware name: linux,dummy-virt (DT) [ 35.373118] Call trace: [ 35.373208] show_stack+0x20/0x38 (C) [ 35.373334] dump_stack_lvl+0x8c/0xd0 [ 35.373385] print_report+0x118/0x5e8 [ 35.373432] kasan_report+0xdc/0x128 [ 35.373782] kasan_check_range+0x100/0x1a8 [ 35.374005] __kasan_check_write+0x20/0x30 [ 35.374198] kasan_atomics_helper+0x1414/0x4858 [ 35.374290] kasan_atomics+0x198/0x2e0 [ 35.374698] kunit_try_run_case+0x170/0x3f0 [ 35.374799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.375151] kthread+0x328/0x630 [ 35.375233] ret_from_fork+0x10/0x20 [ 35.375434] [ 35.375474] Allocated by task 297: [ 35.375738] kasan_save_stack+0x3c/0x68 [ 35.376018] kasan_save_track+0x20/0x40 [ 35.376069] kasan_save_alloc_info+0x40/0x58 [ 35.376378] __kasan_kmalloc+0xd4/0xd8 [ 35.376734] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.376901] kasan_atomics+0xb8/0x2e0 [ 35.377011] kunit_try_run_case+0x170/0x3f0 [ 35.377062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.377389] kthread+0x328/0x630 [ 35.377479] ret_from_fork+0x10/0x20 [ 35.377676] [ 35.377731] The buggy address belongs to the object at fff00000c9a5e780 [ 35.377731] which belongs to the cache kmalloc-64 of size 64 [ 35.377951] The buggy address is located 0 bytes to the right of [ 35.377951] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.378120] [ 35.378147] The buggy address belongs to the physical page: [ 35.378213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.378570] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.378673] page_type: f5(slab) [ 35.379072] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.379144] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.379329] page dumped because: kasan: bad access detected [ 35.379377] [ 35.379544] Memory state around the buggy address: [ 35.379600] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.379737] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.379816] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.380063] ^ [ 35.380129] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.380199] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.380254] ================================================================== [ 35.080329] ================================================================== [ 35.080389] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 35.081271] Write of size 4 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.081357] [ 35.081406] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.081502] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.081625] Hardware name: linux,dummy-virt (DT) [ 35.081678] Call trace: [ 35.082012] show_stack+0x20/0x38 (C) [ 35.082161] dump_stack_lvl+0x8c/0xd0 [ 35.082442] print_report+0x118/0x5e8 [ 35.082619] kasan_report+0xdc/0x128 [ 35.082701] kasan_check_range+0x100/0x1a8 [ 35.083047] __kasan_check_write+0x20/0x30 [ 35.083379] kasan_atomics_helper+0xa04/0x4858 [ 35.083468] kasan_atomics+0x198/0x2e0 [ 35.083540] kunit_try_run_case+0x170/0x3f0 [ 35.083616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.083696] kthread+0x328/0x630 [ 35.083857] ret_from_fork+0x10/0x20 [ 35.083993] [ 35.084051] Allocated by task 297: [ 35.084181] kasan_save_stack+0x3c/0x68 [ 35.084314] kasan_save_track+0x20/0x40 [ 35.084411] kasan_save_alloc_info+0x40/0x58 [ 35.085111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.087091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.087282] page_type: f5(slab) [ 35.087328] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.087394] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.087797] page dumped because: kasan: bad access detected [ 35.087899] [ 35.087957] Memory state around the buggy address: [ 35.087997] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.088472] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.088559] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.089062] ^ [ 35.089120] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.089337] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.089612] ================================================================== [ 35.070637] ================================================================== [ 35.070715] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 35.070779] Write of size 4 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.071188] [ 35.071304] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.071407] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.071616] Hardware name: linux,dummy-virt (DT) [ 35.071860] Call trace: [ 35.071913] show_stack+0x20/0x38 (C) [ 35.072017] dump_stack_lvl+0x8c/0xd0 [ 35.072214] print_report+0x118/0x5e8 [ 35.072348] kasan_report+0xdc/0x128 [ 35.072444] kasan_check_range+0x100/0x1a8 [ 35.072683] __kasan_check_write+0x20/0x30 [ 35.072927] kasan_atomics_helper+0x99c/0x4858 [ 35.073050] kasan_atomics+0x198/0x2e0 [ 35.073188] kunit_try_run_case+0x170/0x3f0 [ 35.073311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.073556] kthread+0x328/0x630 [ 35.073679] ret_from_fork+0x10/0x20 [ 35.073985] [ 35.074041] Allocated by task 297: [ 35.074418] kasan_save_stack+0x3c/0x68 [ 35.074498] kasan_save_track+0x20/0x40 [ 35.074871] kasan_save_alloc_info+0x40/0x58 [ 35.074944] __kasan_kmalloc+0xd4/0xd8 [ 35.075122] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.075208] kasan_atomics+0xb8/0x2e0 [ 35.075351] kunit_try_run_case+0x170/0x3f0 [ 35.075397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.075575] kthread+0x328/0x630 [ 35.075634] ret_from_fork+0x10/0x20 [ 35.075688] [ 35.075711] The buggy address belongs to the object at fff00000c9a5e780 [ 35.075711] which belongs to the cache kmalloc-64 of size 64 [ 35.075788] The buggy address is located 0 bytes to the right of [ 35.075788] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.075868] [ 35.075896] The buggy address belongs to the physical page: [ 35.075942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.076000] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.076050] page_type: f5(slab) [ 35.076106] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.076159] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.076211] page dumped because: kasan: bad access detected [ 35.076256] [ 35.076278] Memory state around the buggy address: [ 35.076314] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.076361] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.076407] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.076463] ^ [ 35.076507] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.076552] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.076603] ================================================================== [ 35.319860] ================================================================== [ 35.320083] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 35.320309] Write of size 8 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.320372] [ 35.320408] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.320717] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.320958] Hardware name: linux,dummy-virt (DT) [ 35.321221] Call trace: [ 35.321265] show_stack+0x20/0x38 (C) [ 35.321424] dump_stack_lvl+0x8c/0xd0 [ 35.321649] print_report+0x118/0x5e8 [ 35.321730] kasan_report+0xdc/0x128 [ 35.321778] kasan_check_range+0x100/0x1a8 [ 35.322119] __kasan_check_write+0x20/0x30 [ 35.322206] kasan_atomics_helper+0x11f8/0x4858 [ 35.322260] kasan_atomics+0x198/0x2e0 [ 35.322561] kunit_try_run_case+0x170/0x3f0 [ 35.322944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.323032] kthread+0x328/0x630 [ 35.323400] ret_from_fork+0x10/0x20 [ 35.323517] [ 35.323606] Allocated by task 297: [ 35.323653] kasan_save_stack+0x3c/0x68 [ 35.324036] kasan_save_track+0x20/0x40 [ 35.324111] kasan_save_alloc_info+0x40/0x58 [ 35.324436] __kasan_kmalloc+0xd4/0xd8 [ 35.324576] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.324693] kasan_atomics+0xb8/0x2e0 [ 35.325502] kunit_try_run_case+0x170/0x3f0 [ 35.325677] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.326049] kthread+0x328/0x630 [ 35.326405] ret_from_fork+0x10/0x20 [ 35.326482] [ 35.326551] The buggy address belongs to the object at fff00000c9a5e780 [ 35.326551] which belongs to the cache kmalloc-64 of size 64 [ 35.326806] The buggy address is located 0 bytes to the right of [ 35.326806] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.327039] [ 35.327141] The buggy address belongs to the physical page: [ 35.327491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.327612] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.327679] page_type: f5(slab) [ 35.327731] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.327794] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.327846] page dumped because: kasan: bad access detected [ 35.327889] [ 35.327919] Memory state around the buggy address: [ 35.327967] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.328039] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.328093] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.328134] ^ [ 35.328170] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.328676] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.328849] ================================================================== [ 34.924968] ================================================================== [ 34.925287] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 34.925958] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 34.926621] print_report+0x118/0x5e8 [ 34.927730] kasan_atomics+0x198/0x2e0 [ 34.928343] [ 34.928483] kasan_save_alloc_info+0x40/0x58 [ 34.928737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.929076] The buggy address belongs to the physical page: [ 34.929434] [ 34.929652] ^ [ 34.931802] ================================================================== [ 35.172434] ================================================================== [ 35.172704] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 35.172914] Write of size 4 at addr fff00000c9a5e7b0 by task kunit_try_catch/297 [ 35.172974] [ 35.173308] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 35.173559] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 35.173605] Hardware name: linux,dummy-virt (DT) [ 35.173679] Call trace: [ 35.173838] show_stack+0x20/0x38 (C) [ 35.174128] dump_stack_lvl+0x8c/0xd0 [ 35.174280] print_report+0x118/0x5e8 [ 35.174339] kasan_report+0xdc/0x128 [ 35.174424] kasan_check_range+0x100/0x1a8 [ 35.174630] __kasan_check_write+0x20/0x30 [ 35.174985] kasan_atomics_helper+0xd3c/0x4858 [ 35.175171] kasan_atomics+0x198/0x2e0 [ 35.175309] kunit_try_run_case+0x170/0x3f0 [ 35.175370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.175428] kthread+0x328/0x630 [ 35.175479] ret_from_fork+0x10/0x20 [ 35.175529] [ 35.175550] Allocated by task 297: [ 35.175584] kasan_save_stack+0x3c/0x68 [ 35.175964] kasan_save_track+0x20/0x40 [ 35.176285] kasan_save_alloc_info+0x40/0x58 [ 35.176439] __kasan_kmalloc+0xd4/0xd8 [ 35.176484] __kmalloc_cache_noprof+0x16c/0x3c0 [ 35.176553] kasan_atomics+0xb8/0x2e0 [ 35.176592] kunit_try_run_case+0x170/0x3f0 [ 35.176631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.176696] kthread+0x328/0x630 [ 35.176741] ret_from_fork+0x10/0x20 [ 35.176778] [ 35.176809] The buggy address belongs to the object at fff00000c9a5e780 [ 35.176809] which belongs to the cache kmalloc-64 of size 64 [ 35.176871] The buggy address is located 0 bytes to the right of [ 35.176871] allocated 48-byte region [fff00000c9a5e780, fff00000c9a5e7b0) [ 35.176947] [ 35.176979] The buggy address belongs to the physical page: [ 35.177016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a5e [ 35.177072] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.177122] page_type: f5(slab) [ 35.177164] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.177216] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 35.177268] page dumped because: kasan: bad access detected [ 35.177311] [ 35.177347] Memory state around the buggy address: [ 35.177391] fff00000c9a5e680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.177438] fff00000c9a5e700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.177491] >fff00000c9a5e780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.177540] ^ [ 35.177576] fff00000c9a5e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.177619] fff00000c9a5e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.177678] ==================================================================
[ 28.471578] ================================================================== [ 28.472032] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 28.472342] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.472633] [ 28.472736] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.472784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.472796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.472860] Call Trace: [ 28.472877] <TASK> [ 28.472892] dump_stack_lvl+0x73/0xb0 [ 28.472921] print_report+0xd1/0x640 [ 28.472957] ? __virt_addr_valid+0x1db/0x2d0 [ 28.472982] ? kasan_atomics_helper+0x4a0/0x5450 [ 28.473004] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.473033] ? kasan_atomics_helper+0x4a0/0x5450 [ 28.473056] kasan_report+0x141/0x180 [ 28.473089] ? kasan_atomics_helper+0x4a0/0x5450 [ 28.473117] kasan_check_range+0x10c/0x1c0 [ 28.473147] __kasan_check_write+0x18/0x20 [ 28.473171] kasan_atomics_helper+0x4a0/0x5450 [ 28.473196] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.473220] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.473246] ? kasan_atomics+0x152/0x310 [ 28.473273] kasan_atomics+0x1dc/0x310 [ 28.473297] ? __pfx_kasan_atomics+0x10/0x10 [ 28.473322] ? __pfx_read_tsc+0x10/0x10 [ 28.473346] ? ktime_get_ts64+0x86/0x230 [ 28.473372] kunit_try_run_case+0x1a5/0x480 [ 28.473397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.473421] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.473446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.473475] ? __kthread_parkme+0x82/0x180 [ 28.473498] ? preempt_count_sub+0x50/0x80 [ 28.473523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.473549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.473574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.473600] kthread+0x337/0x6f0 [ 28.473621] ? trace_preempt_on+0x20/0xc0 [ 28.473645] ? __pfx_kthread+0x10/0x10 [ 28.473667] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.473694] ? calculate_sigpending+0x7b/0xa0 [ 28.473719] ? __pfx_kthread+0x10/0x10 [ 28.473743] ret_from_fork+0x116/0x1d0 [ 28.473764] ? __pfx_kthread+0x10/0x10 [ 28.473905] ret_from_fork_asm+0x1a/0x30 [ 28.473962] </TASK> [ 28.473976] [ 28.482403] Allocated by task 314: [ 28.482563] kasan_save_stack+0x45/0x70 [ 28.482756] kasan_save_track+0x18/0x40 [ 28.482979] kasan_save_alloc_info+0x3b/0x50 [ 28.483248] __kasan_kmalloc+0xb7/0xc0 [ 28.483381] __kmalloc_cache_noprof+0x189/0x420 [ 28.483538] kasan_atomics+0x95/0x310 [ 28.483727] kunit_try_run_case+0x1a5/0x480 [ 28.484064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.484409] kthread+0x337/0x6f0 [ 28.484529] ret_from_fork+0x116/0x1d0 [ 28.484661] ret_from_fork_asm+0x1a/0x30 [ 28.484800] [ 28.484866] The buggy address belongs to the object at ffff888106266f00 [ 28.484866] which belongs to the cache kmalloc-64 of size 64 [ 28.485386] The buggy address is located 0 bytes to the right of [ 28.485386] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.486026] [ 28.486302] The buggy address belongs to the physical page: [ 28.486533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.486783] flags: 0x200000000000000(node=0|zone=2) [ 28.486960] page_type: f5(slab) [ 28.487116] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.487466] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.487809] page dumped because: kasan: bad access detected [ 28.488038] [ 28.488134] Memory state around the buggy address: [ 28.488342] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.488641] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.488863] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.489113] ^ [ 28.489344] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.489664] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.489992] ================================================================== [ 29.726367] ================================================================== [ 29.727069] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 29.727782] Read of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.728405] [ 29.728583] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.728634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.728647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.728670] Call Trace: [ 29.728687] <TASK> [ 29.728704] dump_stack_lvl+0x73/0xb0 [ 29.728735] print_report+0xd1/0x640 [ 29.728794] ? __virt_addr_valid+0x1db/0x2d0 [ 29.728820] ? kasan_atomics_helper+0x4f71/0x5450 [ 29.728856] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.728885] ? kasan_atomics_helper+0x4f71/0x5450 [ 29.728910] kasan_report+0x141/0x180 [ 29.728956] ? kasan_atomics_helper+0x4f71/0x5450 [ 29.728985] __asan_report_load8_noabort+0x18/0x20 [ 29.729012] kasan_atomics_helper+0x4f71/0x5450 [ 29.729039] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.729064] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.729092] ? kasan_atomics+0x152/0x310 [ 29.729121] kasan_atomics+0x1dc/0x310 [ 29.729153] ? __pfx_kasan_atomics+0x10/0x10 [ 29.729179] ? __pfx_read_tsc+0x10/0x10 [ 29.729216] ? ktime_get_ts64+0x86/0x230 [ 29.729243] kunit_try_run_case+0x1a5/0x480 [ 29.729270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.729296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.729320] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.729350] ? __kthread_parkme+0x82/0x180 [ 29.729372] ? preempt_count_sub+0x50/0x80 [ 29.729398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.729425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.729452] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.729479] kthread+0x337/0x6f0 [ 29.729502] ? trace_preempt_on+0x20/0xc0 [ 29.729527] ? __pfx_kthread+0x10/0x10 [ 29.729550] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.729578] ? calculate_sigpending+0x7b/0xa0 [ 29.729604] ? __pfx_kthread+0x10/0x10 [ 29.729628] ret_from_fork+0x116/0x1d0 [ 29.729650] ? __pfx_kthread+0x10/0x10 [ 29.729673] ret_from_fork_asm+0x1a/0x30 [ 29.729708] </TASK> [ 29.729720] [ 29.743410] Allocated by task 314: [ 29.743546] kasan_save_stack+0x45/0x70 [ 29.743691] kasan_save_track+0x18/0x40 [ 29.743829] kasan_save_alloc_info+0x3b/0x50 [ 29.744015] __kasan_kmalloc+0xb7/0xc0 [ 29.744213] __kmalloc_cache_noprof+0x189/0x420 [ 29.744589] kasan_atomics+0x95/0x310 [ 29.744828] kunit_try_run_case+0x1a5/0x480 [ 29.745022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.745264] kthread+0x337/0x6f0 [ 29.745434] ret_from_fork+0x116/0x1d0 [ 29.745585] ret_from_fork_asm+0x1a/0x30 [ 29.745872] [ 29.745967] The buggy address belongs to the object at ffff888106266f00 [ 29.745967] which belongs to the cache kmalloc-64 of size 64 [ 29.746621] The buggy address is located 0 bytes to the right of [ 29.746621] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.747264] [ 29.747361] The buggy address belongs to the physical page: [ 29.747633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.748202] flags: 0x200000000000000(node=0|zone=2) [ 29.748445] page_type: f5(slab) [ 29.748647] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.749235] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.749662] page dumped because: kasan: bad access detected [ 29.750117] [ 29.750251] Memory state around the buggy address: [ 29.750479] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.750856] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.751321] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.751705] ^ [ 29.752174] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.752450] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.752748] ================================================================== [ 29.796186] ================================================================== [ 29.796504] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 29.797137] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.797384] [ 29.797469] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.797518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.797532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.797555] Call Trace: [ 29.797568] <TASK> [ 29.797584] dump_stack_lvl+0x73/0xb0 [ 29.797614] print_report+0xd1/0x640 [ 29.797638] ? __virt_addr_valid+0x1db/0x2d0 [ 29.797665] ? kasan_atomics_helper+0x20c8/0x5450 [ 29.797689] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.797717] ? kasan_atomics_helper+0x20c8/0x5450 [ 29.797741] kasan_report+0x141/0x180 [ 29.797780] ? kasan_atomics_helper+0x20c8/0x5450 [ 29.797809] kasan_check_range+0x10c/0x1c0 [ 29.797848] __kasan_check_write+0x18/0x20 [ 29.797874] kasan_atomics_helper+0x20c8/0x5450 [ 29.797900] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.797925] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.797961] ? kasan_atomics+0x152/0x310 [ 29.797990] kasan_atomics+0x1dc/0x310 [ 29.798015] ? __pfx_kasan_atomics+0x10/0x10 [ 29.798042] ? __pfx_read_tsc+0x10/0x10 [ 29.798074] ? ktime_get_ts64+0x86/0x230 [ 29.798101] kunit_try_run_case+0x1a5/0x480 [ 29.798127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.798153] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.798176] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.798205] ? __kthread_parkme+0x82/0x180 [ 29.798227] ? preempt_count_sub+0x50/0x80 [ 29.798253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.798279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.798305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.798331] kthread+0x337/0x6f0 [ 29.798353] ? trace_preempt_on+0x20/0xc0 [ 29.798378] ? __pfx_kthread+0x10/0x10 [ 29.798401] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.798426] ? calculate_sigpending+0x7b/0xa0 [ 29.798451] ? __pfx_kthread+0x10/0x10 [ 29.798486] ret_from_fork+0x116/0x1d0 [ 29.798507] ? __pfx_kthread+0x10/0x10 [ 29.798529] ret_from_fork_asm+0x1a/0x30 [ 29.798576] </TASK> [ 29.798588] [ 29.806640] Allocated by task 314: [ 29.806815] kasan_save_stack+0x45/0x70 [ 29.807029] kasan_save_track+0x18/0x40 [ 29.807238] kasan_save_alloc_info+0x3b/0x50 [ 29.807451] __kasan_kmalloc+0xb7/0xc0 [ 29.807637] __kmalloc_cache_noprof+0x189/0x420 [ 29.807843] kasan_atomics+0x95/0x310 [ 29.808051] kunit_try_run_case+0x1a5/0x480 [ 29.808297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.808558] kthread+0x337/0x6f0 [ 29.808723] ret_from_fork+0x116/0x1d0 [ 29.808925] ret_from_fork_asm+0x1a/0x30 [ 29.809140] [ 29.809223] The buggy address belongs to the object at ffff888106266f00 [ 29.809223] which belongs to the cache kmalloc-64 of size 64 [ 29.809652] The buggy address is located 0 bytes to the right of [ 29.809652] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.810309] [ 29.810467] The buggy address belongs to the physical page: [ 29.811018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.811927] flags: 0x200000000000000(node=0|zone=2) [ 29.812355] page_type: f5(slab) [ 29.812643] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.813241] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.813473] page dumped because: kasan: bad access detected [ 29.813640] [ 29.813706] Memory state around the buggy address: [ 29.813856] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.814149] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.814488] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.814823] ^ [ 29.815085] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.815437] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.815773] ================================================================== [ 29.855127] ================================================================== [ 29.855425] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 29.855734] Read of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.856190] [ 29.856320] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.856383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.856396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.856419] Call Trace: [ 29.856436] <TASK> [ 29.856451] dump_stack_lvl+0x73/0xb0 [ 29.856483] print_report+0xd1/0x640 [ 29.856508] ? __virt_addr_valid+0x1db/0x2d0 [ 29.856533] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.856557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.856596] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.856620] kasan_report+0x141/0x180 [ 29.856644] ? kasan_atomics_helper+0x4fa5/0x5450 [ 29.856683] __asan_report_load8_noabort+0x18/0x20 [ 29.856710] kasan_atomics_helper+0x4fa5/0x5450 [ 29.856735] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.856759] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.856786] ? kasan_atomics+0x152/0x310 [ 29.856814] kasan_atomics+0x1dc/0x310 [ 29.856838] ? __pfx_kasan_atomics+0x10/0x10 [ 29.856864] ? __pfx_read_tsc+0x10/0x10 [ 29.856888] ? ktime_get_ts64+0x86/0x230 [ 29.856913] kunit_try_run_case+0x1a5/0x480 [ 29.856940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.856973] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.856997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.857026] ? __kthread_parkme+0x82/0x180 [ 29.857047] ? preempt_count_sub+0x50/0x80 [ 29.857084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.857119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.857149] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.857187] kthread+0x337/0x6f0 [ 29.857210] ? trace_preempt_on+0x20/0xc0 [ 29.857234] ? __pfx_kthread+0x10/0x10 [ 29.857269] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.857295] ? calculate_sigpending+0x7b/0xa0 [ 29.857320] ? __pfx_kthread+0x10/0x10 [ 29.857355] ret_from_fork+0x116/0x1d0 [ 29.857377] ? __pfx_kthread+0x10/0x10 [ 29.857400] ret_from_fork_asm+0x1a/0x30 [ 29.857445] </TASK> [ 29.857456] [ 29.865289] Allocated by task 314: [ 29.865476] kasan_save_stack+0x45/0x70 [ 29.865665] kasan_save_track+0x18/0x40 [ 29.865846] kasan_save_alloc_info+0x3b/0x50 [ 29.866049] __kasan_kmalloc+0xb7/0xc0 [ 29.866281] __kmalloc_cache_noprof+0x189/0x420 [ 29.866512] kasan_atomics+0x95/0x310 [ 29.866660] kunit_try_run_case+0x1a5/0x480 [ 29.866807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.866996] kthread+0x337/0x6f0 [ 29.867245] ret_from_fork+0x116/0x1d0 [ 29.867470] ret_from_fork_asm+0x1a/0x30 [ 29.867670] [ 29.867762] The buggy address belongs to the object at ffff888106266f00 [ 29.867762] which belongs to the cache kmalloc-64 of size 64 [ 29.868486] The buggy address is located 0 bytes to the right of [ 29.868486] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.868999] [ 29.869130] The buggy address belongs to the physical page: [ 29.869370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.869706] flags: 0x200000000000000(node=0|zone=2) [ 29.869917] page_type: f5(slab) [ 29.870115] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.870444] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.870761] page dumped because: kasan: bad access detected [ 29.871008] [ 29.871149] Memory state around the buggy address: [ 29.871330] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.871550] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.871771] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.872178] ^ [ 29.872617] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.873286] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.874157] ================================================================== [ 29.178157] ================================================================== [ 29.178651] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 29.179021] Read of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.179364] [ 29.179723] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.179773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.179846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.179872] Call Trace: [ 29.179887] <TASK> [ 29.179927] dump_stack_lvl+0x73/0xb0 [ 29.179972] print_report+0xd1/0x640 [ 29.179997] ? __virt_addr_valid+0x1db/0x2d0 [ 29.180022] ? kasan_atomics_helper+0x4eae/0x5450 [ 29.180045] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.180082] ? kasan_atomics_helper+0x4eae/0x5450 [ 29.180105] kasan_report+0x141/0x180 [ 29.180129] ? kasan_atomics_helper+0x4eae/0x5450 [ 29.180157] __asan_report_load8_noabort+0x18/0x20 [ 29.180183] kasan_atomics_helper+0x4eae/0x5450 [ 29.180207] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.180232] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.180258] ? kasan_atomics+0x152/0x310 [ 29.180286] kasan_atomics+0x1dc/0x310 [ 29.180310] ? __pfx_kasan_atomics+0x10/0x10 [ 29.180336] ? __pfx_read_tsc+0x10/0x10 [ 29.180359] ? ktime_get_ts64+0x86/0x230 [ 29.180386] kunit_try_run_case+0x1a5/0x480 [ 29.180412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.180437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.180461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.180489] ? __kthread_parkme+0x82/0x180 [ 29.180532] ? preempt_count_sub+0x50/0x80 [ 29.180557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.180585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.180611] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.180638] kthread+0x337/0x6f0 [ 29.180660] ? trace_preempt_on+0x20/0xc0 [ 29.180685] ? __pfx_kthread+0x10/0x10 [ 29.180707] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.180734] ? calculate_sigpending+0x7b/0xa0 [ 29.180759] ? __pfx_kthread+0x10/0x10 [ 29.180827] ret_from_fork+0x116/0x1d0 [ 29.180853] ? __pfx_kthread+0x10/0x10 [ 29.180876] ret_from_fork_asm+0x1a/0x30 [ 29.180909] </TASK> [ 29.180921] [ 29.189583] Allocated by task 314: [ 29.190381] kasan_save_stack+0x45/0x70 [ 29.190548] kasan_save_track+0x18/0x40 [ 29.190688] kasan_save_alloc_info+0x3b/0x50 [ 29.191666] __kasan_kmalloc+0xb7/0xc0 [ 29.191939] __kmalloc_cache_noprof+0x189/0x420 [ 29.192327] kasan_atomics+0x95/0x310 [ 29.192527] kunit_try_run_case+0x1a5/0x480 [ 29.192955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.193323] kthread+0x337/0x6f0 [ 29.193499] ret_from_fork+0x116/0x1d0 [ 29.193822] ret_from_fork_asm+0x1a/0x30 [ 29.194308] [ 29.194394] The buggy address belongs to the object at ffff888106266f00 [ 29.194394] which belongs to the cache kmalloc-64 of size 64 [ 29.195285] The buggy address is located 0 bytes to the right of [ 29.195285] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.195893] [ 29.195993] The buggy address belongs to the physical page: [ 29.196533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.197159] flags: 0x200000000000000(node=0|zone=2) [ 29.197354] page_type: f5(slab) [ 29.197665] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.198356] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.198766] page dumped because: kasan: bad access detected [ 29.199221] [ 29.199324] Memory state around the buggy address: [ 29.199526] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.200110] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.200468] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.201025] ^ [ 29.201377] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.201691] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.202232] ================================================================== [ 28.663519] ================================================================== [ 28.663933] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 28.664453] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.665198] [ 28.665444] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.665503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.665518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.665543] Call Trace: [ 28.665567] <TASK> [ 28.665586] dump_stack_lvl+0x73/0xb0 [ 28.665618] print_report+0xd1/0x640 [ 28.665643] ? __virt_addr_valid+0x1db/0x2d0 [ 28.665670] ? kasan_atomics_helper+0x992/0x5450 [ 28.665692] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.665720] ? kasan_atomics_helper+0x992/0x5450 [ 28.665744] kasan_report+0x141/0x180 [ 28.665768] ? kasan_atomics_helper+0x992/0x5450 [ 28.665852] kasan_check_range+0x10c/0x1c0 [ 28.665885] __kasan_check_write+0x18/0x20 [ 28.665910] kasan_atomics_helper+0x992/0x5450 [ 28.665937] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.665972] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.666000] ? kasan_atomics+0x152/0x310 [ 28.666029] kasan_atomics+0x1dc/0x310 [ 28.666066] ? __pfx_kasan_atomics+0x10/0x10 [ 28.666094] ? __pfx_read_tsc+0x10/0x10 [ 28.666118] ? ktime_get_ts64+0x86/0x230 [ 28.666146] kunit_try_run_case+0x1a5/0x480 [ 28.666174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.666200] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.666226] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.666255] ? __kthread_parkme+0x82/0x180 [ 28.666278] ? preempt_count_sub+0x50/0x80 [ 28.666304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.666331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.666357] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.666385] kthread+0x337/0x6f0 [ 28.666407] ? trace_preempt_on+0x20/0xc0 [ 28.666432] ? __pfx_kthread+0x10/0x10 [ 28.666455] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.666482] ? calculate_sigpending+0x7b/0xa0 [ 28.666509] ? __pfx_kthread+0x10/0x10 [ 28.666532] ret_from_fork+0x116/0x1d0 [ 28.666554] ? __pfx_kthread+0x10/0x10 [ 28.666577] ret_from_fork_asm+0x1a/0x30 [ 28.666611] </TASK> [ 28.666624] [ 28.681210] Allocated by task 314: [ 28.681536] kasan_save_stack+0x45/0x70 [ 28.681935] kasan_save_track+0x18/0x40 [ 28.682357] kasan_save_alloc_info+0x3b/0x50 [ 28.682745] __kasan_kmalloc+0xb7/0xc0 [ 28.683305] __kmalloc_cache_noprof+0x189/0x420 [ 28.683483] kasan_atomics+0x95/0x310 [ 28.683618] kunit_try_run_case+0x1a5/0x480 [ 28.683767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.684294] kthread+0x337/0x6f0 [ 28.684665] ret_from_fork+0x116/0x1d0 [ 28.685075] ret_from_fork_asm+0x1a/0x30 [ 28.685481] [ 28.685653] The buggy address belongs to the object at ffff888106266f00 [ 28.685653] which belongs to the cache kmalloc-64 of size 64 [ 28.686961] The buggy address is located 0 bytes to the right of [ 28.686961] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.688078] [ 28.688162] The buggy address belongs to the physical page: [ 28.688345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.688594] flags: 0x200000000000000(node=0|zone=2) [ 28.688761] page_type: f5(slab) [ 28.689114] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.689780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.690528] page dumped because: kasan: bad access detected [ 28.691142] [ 28.691333] Memory state around the buggy address: [ 28.691910] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.692659] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.693348] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.694017] ^ [ 28.694580] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.695239] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.695751] ================================================================== [ 29.510855] ================================================================== [ 29.511387] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 29.511880] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.512601] [ 29.512720] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.512772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.512785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.512807] Call Trace: [ 29.512823] <TASK> [ 29.512839] dump_stack_lvl+0x73/0xb0 [ 29.512870] print_report+0xd1/0x640 [ 29.512894] ? __virt_addr_valid+0x1db/0x2d0 [ 29.512920] ? kasan_atomics_helper+0x1c18/0x5450 [ 29.512954] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.512983] ? kasan_atomics_helper+0x1c18/0x5450 [ 29.513006] kasan_report+0x141/0x180 [ 29.513030] ? kasan_atomics_helper+0x1c18/0x5450 [ 29.513058] kasan_check_range+0x10c/0x1c0 [ 29.513085] __kasan_check_write+0x18/0x20 [ 29.513294] kasan_atomics_helper+0x1c18/0x5450 [ 29.513325] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.513351] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.513377] ? kasan_atomics+0x152/0x310 [ 29.513405] kasan_atomics+0x1dc/0x310 [ 29.513429] ? __pfx_kasan_atomics+0x10/0x10 [ 29.513455] ? __pfx_read_tsc+0x10/0x10 [ 29.513479] ? ktime_get_ts64+0x86/0x230 [ 29.513505] kunit_try_run_case+0x1a5/0x480 [ 29.513531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.513556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.513580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.513608] ? __kthread_parkme+0x82/0x180 [ 29.513630] ? preempt_count_sub+0x50/0x80 [ 29.513656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.513682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.513708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.513733] kthread+0x337/0x6f0 [ 29.513756] ? trace_preempt_on+0x20/0xc0 [ 29.513789] ? __pfx_kthread+0x10/0x10 [ 29.513818] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.513844] ? calculate_sigpending+0x7b/0xa0 [ 29.513870] ? __pfx_kthread+0x10/0x10 [ 29.513893] ret_from_fork+0x116/0x1d0 [ 29.513914] ? __pfx_kthread+0x10/0x10 [ 29.513937] ret_from_fork_asm+0x1a/0x30 [ 29.513983] </TASK> [ 29.513996] [ 29.526557] Allocated by task 314: [ 29.526765] kasan_save_stack+0x45/0x70 [ 29.527184] kasan_save_track+0x18/0x40 [ 29.527335] kasan_save_alloc_info+0x3b/0x50 [ 29.527610] __kasan_kmalloc+0xb7/0xc0 [ 29.528072] __kmalloc_cache_noprof+0x189/0x420 [ 29.528397] kasan_atomics+0x95/0x310 [ 29.528575] kunit_try_run_case+0x1a5/0x480 [ 29.528766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.529281] kthread+0x337/0x6f0 [ 29.529417] ret_from_fork+0x116/0x1d0 [ 29.529771] ret_from_fork_asm+0x1a/0x30 [ 29.530182] [ 29.530281] The buggy address belongs to the object at ffff888106266f00 [ 29.530281] which belongs to the cache kmalloc-64 of size 64 [ 29.531197] The buggy address is located 0 bytes to the right of [ 29.531197] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.531750] [ 29.532104] The buggy address belongs to the physical page: [ 29.532487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.533034] flags: 0x200000000000000(node=0|zone=2) [ 29.533295] page_type: f5(slab) [ 29.533560] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.534174] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.534452] page dumped because: kasan: bad access detected [ 29.534850] [ 29.534955] Memory state around the buggy address: [ 29.535525] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.535847] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.536384] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.536725] ^ [ 29.537205] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.537545] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.538080] ================================================================== [ 29.594421] ================================================================== [ 29.594668] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 29.595666] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.596328] [ 29.596424] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.596477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.596491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.596513] Call Trace: [ 29.596529] <TASK> [ 29.596545] dump_stack_lvl+0x73/0xb0 [ 29.596576] print_report+0xd1/0x640 [ 29.596600] ? __virt_addr_valid+0x1db/0x2d0 [ 29.596625] ? kasan_atomics_helper+0x1d7a/0x5450 [ 29.596648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.596676] ? kasan_atomics_helper+0x1d7a/0x5450 [ 29.596699] kasan_report+0x141/0x180 [ 29.596724] ? kasan_atomics_helper+0x1d7a/0x5450 [ 29.596752] kasan_check_range+0x10c/0x1c0 [ 29.596778] __kasan_check_write+0x18/0x20 [ 29.596804] kasan_atomics_helper+0x1d7a/0x5450 [ 29.596829] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.596853] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.596879] ? kasan_atomics+0x152/0x310 [ 29.596907] kasan_atomics+0x1dc/0x310 [ 29.596931] ? __pfx_kasan_atomics+0x10/0x10 [ 29.596966] ? __pfx_read_tsc+0x10/0x10 [ 29.596990] ? ktime_get_ts64+0x86/0x230 [ 29.597021] kunit_try_run_case+0x1a5/0x480 [ 29.597047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.597073] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.597096] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.597129] ? __kthread_parkme+0x82/0x180 [ 29.597151] ? preempt_count_sub+0x50/0x80 [ 29.597176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.597202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.597228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.597253] kthread+0x337/0x6f0 [ 29.597275] ? trace_preempt_on+0x20/0xc0 [ 29.597299] ? __pfx_kthread+0x10/0x10 [ 29.597322] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.597347] ? calculate_sigpending+0x7b/0xa0 [ 29.597373] ? __pfx_kthread+0x10/0x10 [ 29.597396] ret_from_fork+0x116/0x1d0 [ 29.597417] ? __pfx_kthread+0x10/0x10 [ 29.597439] ret_from_fork_asm+0x1a/0x30 [ 29.597472] </TASK> [ 29.597484] [ 29.608906] Allocated by task 314: [ 29.609277] kasan_save_stack+0x45/0x70 [ 29.609715] kasan_save_track+0x18/0x40 [ 29.610270] kasan_save_alloc_info+0x3b/0x50 [ 29.610829] __kasan_kmalloc+0xb7/0xc0 [ 29.611243] __kmalloc_cache_noprof+0x189/0x420 [ 29.611779] kasan_atomics+0x95/0x310 [ 29.612141] kunit_try_run_case+0x1a5/0x480 [ 29.612542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.613147] kthread+0x337/0x6f0 [ 29.613530] ret_from_fork+0x116/0x1d0 [ 29.613951] ret_from_fork_asm+0x1a/0x30 [ 29.614496] [ 29.614671] The buggy address belongs to the object at ffff888106266f00 [ 29.614671] which belongs to the cache kmalloc-64 of size 64 [ 29.615917] The buggy address is located 0 bytes to the right of [ 29.615917] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.617293] [ 29.617489] The buggy address belongs to the physical page: [ 29.618114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.618964] flags: 0x200000000000000(node=0|zone=2) [ 29.619422] page_type: f5(slab) [ 29.619739] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.620689] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.621479] page dumped because: kasan: bad access detected [ 29.622002] [ 29.622185] Memory state around the buggy address: [ 29.622581] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.622811] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.623350] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.623572] ^ [ 29.623730] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.624037] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.624648] ================================================================== [ 29.056743] ================================================================== [ 29.057259] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 29.057637] Read of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.058092] [ 29.058250] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.058298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.058311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.058332] Call Trace: [ 29.058348] <TASK> [ 29.058362] dump_stack_lvl+0x73/0xb0 [ 29.058392] print_report+0xd1/0x640 [ 29.058417] ? __virt_addr_valid+0x1db/0x2d0 [ 29.058441] ? kasan_atomics_helper+0x4a02/0x5450 [ 29.058465] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.058493] ? kasan_atomics_helper+0x4a02/0x5450 [ 29.058517] kasan_report+0x141/0x180 [ 29.058541] ? kasan_atomics_helper+0x4a02/0x5450 [ 29.058568] __asan_report_load4_noabort+0x18/0x20 [ 29.058595] kasan_atomics_helper+0x4a02/0x5450 [ 29.058621] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.058644] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.058671] ? kasan_atomics+0x152/0x310 [ 29.058698] kasan_atomics+0x1dc/0x310 [ 29.058722] ? __pfx_kasan_atomics+0x10/0x10 [ 29.058750] ? __pfx_read_tsc+0x10/0x10 [ 29.058774] ? ktime_get_ts64+0x86/0x230 [ 29.058799] kunit_try_run_case+0x1a5/0x480 [ 29.058825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.058851] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.058875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.058903] ? __kthread_parkme+0x82/0x180 [ 29.058925] ? preempt_count_sub+0x50/0x80 [ 29.058968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.058995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.059020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.059047] kthread+0x337/0x6f0 [ 29.059069] ? trace_preempt_on+0x20/0xc0 [ 29.059094] ? __pfx_kthread+0x10/0x10 [ 29.059117] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.059143] ? calculate_sigpending+0x7b/0xa0 [ 29.059168] ? __pfx_kthread+0x10/0x10 [ 29.059192] ret_from_fork+0x116/0x1d0 [ 29.059214] ? __pfx_kthread+0x10/0x10 [ 29.059236] ret_from_fork_asm+0x1a/0x30 [ 29.059270] </TASK> [ 29.059282] [ 29.067538] Allocated by task 314: [ 29.067719] kasan_save_stack+0x45/0x70 [ 29.068000] kasan_save_track+0x18/0x40 [ 29.068228] kasan_save_alloc_info+0x3b/0x50 [ 29.068442] __kasan_kmalloc+0xb7/0xc0 [ 29.068632] __kmalloc_cache_noprof+0x189/0x420 [ 29.068891] kasan_atomics+0x95/0x310 [ 29.069112] kunit_try_run_case+0x1a5/0x480 [ 29.069354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.069634] kthread+0x337/0x6f0 [ 29.070022] ret_from_fork+0x116/0x1d0 [ 29.070272] ret_from_fork_asm+0x1a/0x30 [ 29.070424] [ 29.070493] The buggy address belongs to the object at ffff888106266f00 [ 29.070493] which belongs to the cache kmalloc-64 of size 64 [ 29.070953] The buggy address is located 0 bytes to the right of [ 29.070953] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.071571] [ 29.071663] The buggy address belongs to the physical page: [ 29.072002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.072395] flags: 0x200000000000000(node=0|zone=2) [ 29.072589] page_type: f5(slab) [ 29.072711] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.073120] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.073499] page dumped because: kasan: bad access detected [ 29.073817] [ 29.073912] Memory state around the buggy address: [ 29.074321] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.074603] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.075081] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.075381] ^ [ 29.075575] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.075905] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.076141] ================================================================== [ 29.342749] ================================================================== [ 29.343294] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 29.343562] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.343803] [ 29.343904] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.343963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.343976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.343998] Call Trace: [ 29.344011] <TASK> [ 29.344026] dump_stack_lvl+0x73/0xb0 [ 29.344054] print_report+0xd1/0x640 [ 29.344077] ? __virt_addr_valid+0x1db/0x2d0 [ 29.344102] ? kasan_atomics_helper+0x177f/0x5450 [ 29.344139] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.344167] ? kasan_atomics_helper+0x177f/0x5450 [ 29.344191] kasan_report+0x141/0x180 [ 29.344215] ? kasan_atomics_helper+0x177f/0x5450 [ 29.344243] kasan_check_range+0x10c/0x1c0 [ 29.344268] __kasan_check_write+0x18/0x20 [ 29.344294] kasan_atomics_helper+0x177f/0x5450 [ 29.344318] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.344342] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.344369] ? kasan_atomics+0x152/0x310 [ 29.344397] kasan_atomics+0x1dc/0x310 [ 29.344421] ? __pfx_kasan_atomics+0x10/0x10 [ 29.344448] ? __pfx_read_tsc+0x10/0x10 [ 29.344470] ? ktime_get_ts64+0x86/0x230 [ 29.344497] kunit_try_run_case+0x1a5/0x480 [ 29.344523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.344548] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.344572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.344600] ? __kthread_parkme+0x82/0x180 [ 29.344623] ? preempt_count_sub+0x50/0x80 [ 29.344648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.344674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.344700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.344726] kthread+0x337/0x6f0 [ 29.344748] ? trace_preempt_on+0x20/0xc0 [ 29.344772] ? __pfx_kthread+0x10/0x10 [ 29.344795] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.344821] ? calculate_sigpending+0x7b/0xa0 [ 29.344846] ? __pfx_kthread+0x10/0x10 [ 29.344869] ret_from_fork+0x116/0x1d0 [ 29.344890] ? __pfx_kthread+0x10/0x10 [ 29.344912] ret_from_fork_asm+0x1a/0x30 [ 29.344954] </TASK> [ 29.344966] [ 29.353255] Allocated by task 314: [ 29.353443] kasan_save_stack+0x45/0x70 [ 29.353608] kasan_save_track+0x18/0x40 [ 29.353747] kasan_save_alloc_info+0x3b/0x50 [ 29.354232] __kasan_kmalloc+0xb7/0xc0 [ 29.354403] __kmalloc_cache_noprof+0x189/0x420 [ 29.354601] kasan_atomics+0x95/0x310 [ 29.354769] kunit_try_run_case+0x1a5/0x480 [ 29.354961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.355397] kthread+0x337/0x6f0 [ 29.355586] ret_from_fork+0x116/0x1d0 [ 29.355733] ret_from_fork_asm+0x1a/0x30 [ 29.356096] [ 29.356178] The buggy address belongs to the object at ffff888106266f00 [ 29.356178] which belongs to the cache kmalloc-64 of size 64 [ 29.356637] The buggy address is located 0 bytes to the right of [ 29.356637] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.357031] [ 29.357100] The buggy address belongs to the physical page: [ 29.357625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.358005] flags: 0x200000000000000(node=0|zone=2) [ 29.358241] page_type: f5(slab) [ 29.358417] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.358760] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.359075] page dumped because: kasan: bad access detected [ 29.359250] [ 29.359316] Memory state around the buggy address: [ 29.359473] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.359694] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.360126] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.360461] ^ [ 29.360684] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.361012] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.361296] ================================================================== [ 28.725598] ================================================================== [ 28.725999] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 28.726245] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.726674] [ 28.726758] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.726928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.726959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.726981] Call Trace: [ 28.726998] <TASK> [ 28.727014] dump_stack_lvl+0x73/0xb0 [ 28.727045] print_report+0xd1/0x640 [ 28.727078] ? __virt_addr_valid+0x1db/0x2d0 [ 28.727103] ? kasan_atomics_helper+0xac7/0x5450 [ 28.727127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.727156] ? kasan_atomics_helper+0xac7/0x5450 [ 28.727180] kasan_report+0x141/0x180 [ 28.727203] ? kasan_atomics_helper+0xac7/0x5450 [ 28.727231] kasan_check_range+0x10c/0x1c0 [ 28.727256] __kasan_check_write+0x18/0x20 [ 28.727282] kasan_atomics_helper+0xac7/0x5450 [ 28.727306] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.727331] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.727356] ? kasan_atomics+0x152/0x310 [ 28.727385] kasan_atomics+0x1dc/0x310 [ 28.727409] ? __pfx_kasan_atomics+0x10/0x10 [ 28.727437] ? __pfx_read_tsc+0x10/0x10 [ 28.727461] ? ktime_get_ts64+0x86/0x230 [ 28.727487] kunit_try_run_case+0x1a5/0x480 [ 28.727512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.727537] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.727560] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.727588] ? __kthread_parkme+0x82/0x180 [ 28.727611] ? preempt_count_sub+0x50/0x80 [ 28.727636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.727662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.727688] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.727714] kthread+0x337/0x6f0 [ 28.727735] ? trace_preempt_on+0x20/0xc0 [ 28.727761] ? __pfx_kthread+0x10/0x10 [ 28.727796] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.727824] ? calculate_sigpending+0x7b/0xa0 [ 28.727849] ? __pfx_kthread+0x10/0x10 [ 28.727873] ret_from_fork+0x116/0x1d0 [ 28.727894] ? __pfx_kthread+0x10/0x10 [ 28.727917] ret_from_fork_asm+0x1a/0x30 [ 28.727960] </TASK> [ 28.727972] [ 28.735704] Allocated by task 314: [ 28.735856] kasan_save_stack+0x45/0x70 [ 28.736066] kasan_save_track+0x18/0x40 [ 28.736260] kasan_save_alloc_info+0x3b/0x50 [ 28.736469] __kasan_kmalloc+0xb7/0xc0 [ 28.736656] __kmalloc_cache_noprof+0x189/0x420 [ 28.736875] kasan_atomics+0x95/0x310 [ 28.737324] kunit_try_run_case+0x1a5/0x480 [ 28.737487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.737692] kthread+0x337/0x6f0 [ 28.737999] ret_from_fork+0x116/0x1d0 [ 28.738376] ret_from_fork_asm+0x1a/0x30 [ 28.738577] [ 28.738671] The buggy address belongs to the object at ffff888106266f00 [ 28.738671] which belongs to the cache kmalloc-64 of size 64 [ 28.739349] The buggy address is located 0 bytes to the right of [ 28.739349] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.739738] [ 28.740516] The buggy address belongs to the physical page: [ 28.740884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.741262] flags: 0x200000000000000(node=0|zone=2) [ 28.741499] page_type: f5(slab) [ 28.742219] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.742997] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.743705] page dumped because: kasan: bad access detected [ 28.744859] [ 28.745359] Memory state around the buggy address: [ 28.746375] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.747031] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.747620] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.748239] ^ [ 28.748925] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.749767] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.750542] ================================================================== [ 29.203072] ================================================================== [ 29.203800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 29.204742] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.205267] [ 29.205371] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.205423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.205589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.205614] Call Trace: [ 29.205628] <TASK> [ 29.205646] dump_stack_lvl+0x73/0xb0 [ 29.205677] print_report+0xd1/0x640 [ 29.205702] ? __virt_addr_valid+0x1db/0x2d0 [ 29.205728] ? kasan_atomics_helper+0x1467/0x5450 [ 29.205750] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.205779] ? kasan_atomics_helper+0x1467/0x5450 [ 29.205908] kasan_report+0x141/0x180 [ 29.205936] ? kasan_atomics_helper+0x1467/0x5450 [ 29.205980] kasan_check_range+0x10c/0x1c0 [ 29.206006] __kasan_check_write+0x18/0x20 [ 29.206032] kasan_atomics_helper+0x1467/0x5450 [ 29.206056] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.206081] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.206107] ? kasan_atomics+0x152/0x310 [ 29.206135] kasan_atomics+0x1dc/0x310 [ 29.206160] ? __pfx_kasan_atomics+0x10/0x10 [ 29.206185] ? __pfx_read_tsc+0x10/0x10 [ 29.206210] ? ktime_get_ts64+0x86/0x230 [ 29.206236] kunit_try_run_case+0x1a5/0x480 [ 29.206262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.206287] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.206310] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.206339] ? __kthread_parkme+0x82/0x180 [ 29.206361] ? preempt_count_sub+0x50/0x80 [ 29.206385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.206412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.206438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.206464] kthread+0x337/0x6f0 [ 29.206486] ? trace_preempt_on+0x20/0xc0 [ 29.206512] ? __pfx_kthread+0x10/0x10 [ 29.206534] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.206560] ? calculate_sigpending+0x7b/0xa0 [ 29.206585] ? __pfx_kthread+0x10/0x10 [ 29.206609] ret_from_fork+0x116/0x1d0 [ 29.206630] ? __pfx_kthread+0x10/0x10 [ 29.206653] ret_from_fork_asm+0x1a/0x30 [ 29.206686] </TASK> [ 29.206698] [ 29.218761] Allocated by task 314: [ 29.219271] kasan_save_stack+0x45/0x70 [ 29.219556] kasan_save_track+0x18/0x40 [ 29.219725] kasan_save_alloc_info+0x3b/0x50 [ 29.220130] __kasan_kmalloc+0xb7/0xc0 [ 29.220304] __kmalloc_cache_noprof+0x189/0x420 [ 29.220518] kasan_atomics+0x95/0x310 [ 29.220700] kunit_try_run_case+0x1a5/0x480 [ 29.220902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.221635] kthread+0x337/0x6f0 [ 29.221794] ret_from_fork+0x116/0x1d0 [ 29.222319] ret_from_fork_asm+0x1a/0x30 [ 29.222668] [ 29.222763] The buggy address belongs to the object at ffff888106266f00 [ 29.222763] which belongs to the cache kmalloc-64 of size 64 [ 29.223839] The buggy address is located 0 bytes to the right of [ 29.223839] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.224530] [ 29.224640] The buggy address belongs to the physical page: [ 29.225307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.225650] flags: 0x200000000000000(node=0|zone=2) [ 29.226019] page_type: f5(slab) [ 29.226266] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.226757] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.227320] page dumped because: kasan: bad access detected [ 29.227649] [ 29.227725] Memory state around the buggy address: [ 29.228017] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.228610] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.229241] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.229649] ^ [ 29.230066] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.230545] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.231040] ================================================================== [ 29.566089] ================================================================== [ 29.566772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 29.567337] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.568007] [ 29.568175] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.568226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.568240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.568263] Call Trace: [ 29.568280] <TASK> [ 29.568297] dump_stack_lvl+0x73/0xb0 [ 29.568329] print_report+0xd1/0x640 [ 29.568354] ? __virt_addr_valid+0x1db/0x2d0 [ 29.568377] ? kasan_atomics_helper+0x1ce1/0x5450 [ 29.568400] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.568536] ? kasan_atomics_helper+0x1ce1/0x5450 [ 29.568570] kasan_report+0x141/0x180 [ 29.568596] ? kasan_atomics_helper+0x1ce1/0x5450 [ 29.568625] kasan_check_range+0x10c/0x1c0 [ 29.568651] __kasan_check_write+0x18/0x20 [ 29.568677] kasan_atomics_helper+0x1ce1/0x5450 [ 29.568703] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.568726] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.568753] ? kasan_atomics+0x152/0x310 [ 29.568780] kasan_atomics+0x1dc/0x310 [ 29.568805] ? __pfx_kasan_atomics+0x10/0x10 [ 29.568831] ? __pfx_read_tsc+0x10/0x10 [ 29.568855] ? ktime_get_ts64+0x86/0x230 [ 29.568881] kunit_try_run_case+0x1a5/0x480 [ 29.568906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.568930] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.568966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.569070] ? __kthread_parkme+0x82/0x180 [ 29.569095] ? preempt_count_sub+0x50/0x80 [ 29.569121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.569152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.569178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.569204] kthread+0x337/0x6f0 [ 29.569226] ? trace_preempt_on+0x20/0xc0 [ 29.569250] ? __pfx_kthread+0x10/0x10 [ 29.569273] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.569298] ? calculate_sigpending+0x7b/0xa0 [ 29.569324] ? __pfx_kthread+0x10/0x10 [ 29.569347] ret_from_fork+0x116/0x1d0 [ 29.569368] ? __pfx_kthread+0x10/0x10 [ 29.569390] ret_from_fork_asm+0x1a/0x30 [ 29.569423] </TASK> [ 29.569435] [ 29.581798] Allocated by task 314: [ 29.581971] kasan_save_stack+0x45/0x70 [ 29.582582] kasan_save_track+0x18/0x40 [ 29.582804] kasan_save_alloc_info+0x3b/0x50 [ 29.583138] __kasan_kmalloc+0xb7/0xc0 [ 29.583604] __kmalloc_cache_noprof+0x189/0x420 [ 29.583996] kasan_atomics+0x95/0x310 [ 29.584206] kunit_try_run_case+0x1a5/0x480 [ 29.584406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.585107] kthread+0x337/0x6f0 [ 29.585596] ret_from_fork+0x116/0x1d0 [ 29.585780] ret_from_fork_asm+0x1a/0x30 [ 29.586019] [ 29.586257] The buggy address belongs to the object at ffff888106266f00 [ 29.586257] which belongs to the cache kmalloc-64 of size 64 [ 29.587167] The buggy address is located 0 bytes to the right of [ 29.587167] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.587831] [ 29.587978] The buggy address belongs to the physical page: [ 29.588231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.588840] flags: 0x200000000000000(node=0|zone=2) [ 29.589145] page_type: f5(slab) [ 29.589495] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.589876] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.590482] page dumped because: kasan: bad access detected [ 29.590689] [ 29.591023] Memory state around the buggy address: [ 29.591270] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.591671] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.592156] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.592568] ^ [ 29.592777] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.593348] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.593758] ================================================================== [ 29.694752] ================================================================== [ 29.695641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 29.696377] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.697092] [ 29.697342] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.697428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.697443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.697466] Call Trace: [ 29.697487] <TASK> [ 29.697518] dump_stack_lvl+0x73/0xb0 [ 29.697550] print_report+0xd1/0x640 [ 29.697575] ? __virt_addr_valid+0x1db/0x2d0 [ 29.697601] ? kasan_atomics_helper+0x1f43/0x5450 [ 29.697625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.697654] ? kasan_atomics_helper+0x1f43/0x5450 [ 29.697678] kasan_report+0x141/0x180 [ 29.697702] ? kasan_atomics_helper+0x1f43/0x5450 [ 29.697730] kasan_check_range+0x10c/0x1c0 [ 29.697756] __kasan_check_write+0x18/0x20 [ 29.697782] kasan_atomics_helper+0x1f43/0x5450 [ 29.697806] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.697849] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.697878] ? kasan_atomics+0x152/0x310 [ 29.697907] kasan_atomics+0x1dc/0x310 [ 29.697932] ? __pfx_kasan_atomics+0x10/0x10 [ 29.697967] ? __pfx_read_tsc+0x10/0x10 [ 29.697991] ? ktime_get_ts64+0x86/0x230 [ 29.698018] kunit_try_run_case+0x1a5/0x480 [ 29.698044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.698078] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.698102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.698131] ? __kthread_parkme+0x82/0x180 [ 29.698153] ? preempt_count_sub+0x50/0x80 [ 29.698180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.698208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.698234] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.698261] kthread+0x337/0x6f0 [ 29.698284] ? trace_preempt_on+0x20/0xc0 [ 29.698310] ? __pfx_kthread+0x10/0x10 [ 29.698334] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.698361] ? calculate_sigpending+0x7b/0xa0 [ 29.698387] ? __pfx_kthread+0x10/0x10 [ 29.698412] ret_from_fork+0x116/0x1d0 [ 29.698433] ? __pfx_kthread+0x10/0x10 [ 29.698457] ret_from_fork_asm+0x1a/0x30 [ 29.698491] </TASK> [ 29.698504] [ 29.711151] Allocated by task 314: [ 29.711551] kasan_save_stack+0x45/0x70 [ 29.711953] kasan_save_track+0x18/0x40 [ 29.712256] kasan_save_alloc_info+0x3b/0x50 [ 29.712780] __kasan_kmalloc+0xb7/0xc0 [ 29.713173] __kmalloc_cache_noprof+0x189/0x420 [ 29.713350] kasan_atomics+0x95/0x310 [ 29.713491] kunit_try_run_case+0x1a5/0x480 [ 29.713641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.713821] kthread+0x337/0x6f0 [ 29.714229] ret_from_fork+0x116/0x1d0 [ 29.714685] ret_from_fork_asm+0x1a/0x30 [ 29.715129] [ 29.715458] The buggy address belongs to the object at ffff888106266f00 [ 29.715458] which belongs to the cache kmalloc-64 of size 64 [ 29.716734] The buggy address is located 0 bytes to the right of [ 29.716734] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.718142] [ 29.718269] The buggy address belongs to the physical page: [ 29.718467] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.718724] flags: 0x200000000000000(node=0|zone=2) [ 29.719078] page_type: f5(slab) [ 29.719395] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.720094] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.720852] page dumped because: kasan: bad access detected [ 29.721490] [ 29.721656] Memory state around the buggy address: [ 29.721975] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.722627] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.723336] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.723959] ^ [ 29.724338] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.725032] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.725396] ================================================================== [ 29.258918] ================================================================== [ 29.259218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 29.259565] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.259938] [ 29.260082] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.260132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.260145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.260168] Call Trace: [ 29.260183] <TASK> [ 29.260198] dump_stack_lvl+0x73/0xb0 [ 29.260249] print_report+0xd1/0x640 [ 29.260274] ? __virt_addr_valid+0x1db/0x2d0 [ 29.260298] ? kasan_atomics_helper+0x151d/0x5450 [ 29.260321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.260349] ? kasan_atomics_helper+0x151d/0x5450 [ 29.260373] kasan_report+0x141/0x180 [ 29.260413] ? kasan_atomics_helper+0x151d/0x5450 [ 29.260441] kasan_check_range+0x10c/0x1c0 [ 29.260467] __kasan_check_write+0x18/0x20 [ 29.260506] kasan_atomics_helper+0x151d/0x5450 [ 29.260544] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.260568] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.260608] ? kasan_atomics+0x152/0x310 [ 29.260650] kasan_atomics+0x1dc/0x310 [ 29.260675] ? __pfx_kasan_atomics+0x10/0x10 [ 29.260701] ? __pfx_read_tsc+0x10/0x10 [ 29.260724] ? ktime_get_ts64+0x86/0x230 [ 29.260750] kunit_try_run_case+0x1a5/0x480 [ 29.260776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.260988] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.261015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.261043] ? __kthread_parkme+0x82/0x180 [ 29.261080] ? preempt_count_sub+0x50/0x80 [ 29.261135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.261162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.261204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.261229] kthread+0x337/0x6f0 [ 29.261251] ? trace_preempt_on+0x20/0xc0 [ 29.261276] ? __pfx_kthread+0x10/0x10 [ 29.261298] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.261325] ? calculate_sigpending+0x7b/0xa0 [ 29.261349] ? __pfx_kthread+0x10/0x10 [ 29.261373] ret_from_fork+0x116/0x1d0 [ 29.261393] ? __pfx_kthread+0x10/0x10 [ 29.261416] ret_from_fork_asm+0x1a/0x30 [ 29.261449] </TASK> [ 29.261462] [ 29.270398] Allocated by task 314: [ 29.270546] kasan_save_stack+0x45/0x70 [ 29.270762] kasan_save_track+0x18/0x40 [ 29.270931] kasan_save_alloc_info+0x3b/0x50 [ 29.271239] __kasan_kmalloc+0xb7/0xc0 [ 29.271428] __kmalloc_cache_noprof+0x189/0x420 [ 29.271628] kasan_atomics+0x95/0x310 [ 29.271807] kunit_try_run_case+0x1a5/0x480 [ 29.272121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.272445] kthread+0x337/0x6f0 [ 29.272561] ret_from_fork+0x116/0x1d0 [ 29.272856] ret_from_fork_asm+0x1a/0x30 [ 29.273186] [ 29.273274] The buggy address belongs to the object at ffff888106266f00 [ 29.273274] which belongs to the cache kmalloc-64 of size 64 [ 29.273775] The buggy address is located 0 bytes to the right of [ 29.273775] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.274435] [ 29.274542] The buggy address belongs to the physical page: [ 29.274811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.275182] flags: 0x200000000000000(node=0|zone=2) [ 29.275425] page_type: f5(slab) [ 29.275629] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.275988] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.276310] page dumped because: kasan: bad access detected [ 29.276552] [ 29.276638] Memory state around the buggy address: [ 29.276852] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.277466] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.277700] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.278400] ^ [ 29.278634] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.279027] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.279405] ================================================================== [ 29.436364] ================================================================== [ 29.436653] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 29.436929] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.437622] [ 29.437721] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.437771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.438221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.438258] Call Trace: [ 29.438274] <TASK> [ 29.438413] dump_stack_lvl+0x73/0xb0 [ 29.438453] print_report+0xd1/0x640 [ 29.438602] ? __virt_addr_valid+0x1db/0x2d0 [ 29.438641] ? kasan_atomics_helper+0x19e3/0x5450 [ 29.438665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.438699] ? kasan_atomics_helper+0x19e3/0x5450 [ 29.438723] kasan_report+0x141/0x180 [ 29.438747] ? kasan_atomics_helper+0x19e3/0x5450 [ 29.438775] kasan_check_range+0x10c/0x1c0 [ 29.438801] __kasan_check_write+0x18/0x20 [ 29.438828] kasan_atomics_helper+0x19e3/0x5450 [ 29.438854] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.438878] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.438974] ? kasan_atomics+0x152/0x310 [ 29.439008] kasan_atomics+0x1dc/0x310 [ 29.439104] ? __pfx_kasan_atomics+0x10/0x10 [ 29.439138] ? __pfx_read_tsc+0x10/0x10 [ 29.439163] ? ktime_get_ts64+0x86/0x230 [ 29.439190] kunit_try_run_case+0x1a5/0x480 [ 29.439215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.439240] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.439264] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.439293] ? __kthread_parkme+0x82/0x180 [ 29.439315] ? preempt_count_sub+0x50/0x80 [ 29.439339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.439365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.439391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.439418] kthread+0x337/0x6f0 [ 29.439440] ? trace_preempt_on+0x20/0xc0 [ 29.439466] ? __pfx_kthread+0x10/0x10 [ 29.439489] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.439515] ? calculate_sigpending+0x7b/0xa0 [ 29.439541] ? __pfx_kthread+0x10/0x10 [ 29.439564] ret_from_fork+0x116/0x1d0 [ 29.439585] ? __pfx_kthread+0x10/0x10 [ 29.439608] ret_from_fork_asm+0x1a/0x30 [ 29.439641] </TASK> [ 29.439654] [ 29.448984] Allocated by task 314: [ 29.449120] kasan_save_stack+0x45/0x70 [ 29.449407] kasan_save_track+0x18/0x40 [ 29.449861] kasan_save_alloc_info+0x3b/0x50 [ 29.450118] __kasan_kmalloc+0xb7/0xc0 [ 29.450292] __kmalloc_cache_noprof+0x189/0x420 [ 29.450451] kasan_atomics+0x95/0x310 [ 29.450586] kunit_try_run_case+0x1a5/0x480 [ 29.450734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.451305] kthread+0x337/0x6f0 [ 29.451576] ret_from_fork+0x116/0x1d0 [ 29.451763] ret_from_fork_asm+0x1a/0x30 [ 29.452087] [ 29.452186] The buggy address belongs to the object at ffff888106266f00 [ 29.452186] which belongs to the cache kmalloc-64 of size 64 [ 29.452714] The buggy address is located 0 bytes to the right of [ 29.452714] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.453354] [ 29.453498] The buggy address belongs to the physical page: [ 29.453753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.454097] flags: 0x200000000000000(node=0|zone=2) [ 29.454333] page_type: f5(slab) [ 29.454455] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.454929] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.455255] page dumped because: kasan: bad access detected [ 29.455433] [ 29.455501] Memory state around the buggy address: [ 29.455659] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.455880] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.456406] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.456723] ^ [ 29.456953] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.457278] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.457898] ================================================================== [ 28.490633] ================================================================== [ 28.490860] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 28.491659] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.492218] [ 28.492331] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.492380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.492393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.492414] Call Trace: [ 28.492430] <TASK> [ 28.492446] dump_stack_lvl+0x73/0xb0 [ 28.492474] print_report+0xd1/0x640 [ 28.492497] ? __virt_addr_valid+0x1db/0x2d0 [ 28.492522] ? kasan_atomics_helper+0x4b3a/0x5450 [ 28.492545] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.492573] ? kasan_atomics_helper+0x4b3a/0x5450 [ 28.492597] kasan_report+0x141/0x180 [ 28.492621] ? kasan_atomics_helper+0x4b3a/0x5450 [ 28.492648] __asan_report_store4_noabort+0x1b/0x30 [ 28.492674] kasan_atomics_helper+0x4b3a/0x5450 [ 28.492699] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.492723] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.492750] ? kasan_atomics+0x152/0x310 [ 28.492778] kasan_atomics+0x1dc/0x310 [ 28.492853] ? __pfx_kasan_atomics+0x10/0x10 [ 28.492880] ? __pfx_read_tsc+0x10/0x10 [ 28.492904] ? ktime_get_ts64+0x86/0x230 [ 28.492930] kunit_try_run_case+0x1a5/0x480 [ 28.492967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.492992] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.493015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.493043] ? __kthread_parkme+0x82/0x180 [ 28.493074] ? preempt_count_sub+0x50/0x80 [ 28.493099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.493129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.493155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.493180] kthread+0x337/0x6f0 [ 28.493202] ? trace_preempt_on+0x20/0xc0 [ 28.493227] ? __pfx_kthread+0x10/0x10 [ 28.493249] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.493275] ? calculate_sigpending+0x7b/0xa0 [ 28.493300] ? __pfx_kthread+0x10/0x10 [ 28.493322] ret_from_fork+0x116/0x1d0 [ 28.493344] ? __pfx_kthread+0x10/0x10 [ 28.493365] ret_from_fork_asm+0x1a/0x30 [ 28.493397] </TASK> [ 28.493409] [ 28.502118] Allocated by task 314: [ 28.502248] kasan_save_stack+0x45/0x70 [ 28.502392] kasan_save_track+0x18/0x40 [ 28.502527] kasan_save_alloc_info+0x3b/0x50 [ 28.502678] __kasan_kmalloc+0xb7/0xc0 [ 28.502865] __kmalloc_cache_noprof+0x189/0x420 [ 28.503093] kasan_atomics+0x95/0x310 [ 28.503279] kunit_try_run_case+0x1a5/0x480 [ 28.503647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.504074] kthread+0x337/0x6f0 [ 28.504253] ret_from_fork+0x116/0x1d0 [ 28.504439] ret_from_fork_asm+0x1a/0x30 [ 28.504581] [ 28.504650] The buggy address belongs to the object at ffff888106266f00 [ 28.504650] which belongs to the cache kmalloc-64 of size 64 [ 28.505607] The buggy address is located 0 bytes to the right of [ 28.505607] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.506238] [ 28.506316] The buggy address belongs to the physical page: [ 28.506495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.506742] flags: 0x200000000000000(node=0|zone=2) [ 28.506986] page_type: f5(slab) [ 28.507160] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.508119] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.508373] page dumped because: kasan: bad access detected [ 28.508552] [ 28.508643] Memory state around the buggy address: [ 28.509038] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.509376] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.509692] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.510044] ^ [ 28.510205] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.510426] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.511117] ================================================================== [ 28.447897] ================================================================== [ 28.448363] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 28.448604] Read of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.449086] [ 28.449237] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.449285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.449299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.449320] Call Trace: [ 28.449335] <TASK> [ 28.449351] dump_stack_lvl+0x73/0xb0 [ 28.449379] print_report+0xd1/0x640 [ 28.449403] ? __virt_addr_valid+0x1db/0x2d0 [ 28.449428] ? kasan_atomics_helper+0x4b54/0x5450 [ 28.449451] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.449479] ? kasan_atomics_helper+0x4b54/0x5450 [ 28.449503] kasan_report+0x141/0x180 [ 28.449526] ? kasan_atomics_helper+0x4b54/0x5450 [ 28.449554] __asan_report_load4_noabort+0x18/0x20 [ 28.449580] kasan_atomics_helper+0x4b54/0x5450 [ 28.449604] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.449628] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.449654] ? kasan_atomics+0x152/0x310 [ 28.449682] kasan_atomics+0x1dc/0x310 [ 28.449706] ? __pfx_kasan_atomics+0x10/0x10 [ 28.449731] ? __pfx_read_tsc+0x10/0x10 [ 28.449754] ? ktime_get_ts64+0x86/0x230 [ 28.449780] kunit_try_run_case+0x1a5/0x480 [ 28.449805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.449829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.449853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.449881] ? __kthread_parkme+0x82/0x180 [ 28.449903] ? preempt_count_sub+0x50/0x80 [ 28.449928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.449976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.450003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.450029] kthread+0x337/0x6f0 [ 28.450051] ? trace_preempt_on+0x20/0xc0 [ 28.450444] ? __pfx_kthread+0x10/0x10 [ 28.450472] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.450499] ? calculate_sigpending+0x7b/0xa0 [ 28.450526] ? __pfx_kthread+0x10/0x10 [ 28.450550] ret_from_fork+0x116/0x1d0 [ 28.450581] ? __pfx_kthread+0x10/0x10 [ 28.450604] ret_from_fork_asm+0x1a/0x30 [ 28.450637] </TASK> [ 28.450650] [ 28.462197] Allocated by task 314: [ 28.462373] kasan_save_stack+0x45/0x70 [ 28.462545] kasan_save_track+0x18/0x40 [ 28.462713] kasan_save_alloc_info+0x3b/0x50 [ 28.463460] __kasan_kmalloc+0xb7/0xc0 [ 28.463668] __kmalloc_cache_noprof+0x189/0x420 [ 28.464272] kasan_atomics+0x95/0x310 [ 28.464504] kunit_try_run_case+0x1a5/0x480 [ 28.464666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.464924] kthread+0x337/0x6f0 [ 28.465122] ret_from_fork+0x116/0x1d0 [ 28.465265] ret_from_fork_asm+0x1a/0x30 [ 28.465464] [ 28.465559] The buggy address belongs to the object at ffff888106266f00 [ 28.465559] which belongs to the cache kmalloc-64 of size 64 [ 28.466002] The buggy address is located 0 bytes to the right of [ 28.466002] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.466544] [ 28.466734] The buggy address belongs to the physical page: [ 28.466920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.467291] flags: 0x200000000000000(node=0|zone=2) [ 28.467684] page_type: f5(slab) [ 28.467825] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.468197] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.468593] page dumped because: kasan: bad access detected [ 28.468811] [ 28.468901] Memory state around the buggy address: [ 28.469148] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.469445] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.469716] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.470008] ^ [ 28.470237] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.470837] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.471189] ================================================================== [ 28.791273] ================================================================== [ 28.791967] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 28.792544] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.792788] [ 28.792870] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.792919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.792933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.793029] Call Trace: [ 28.793066] <TASK> [ 28.793084] dump_stack_lvl+0x73/0xb0 [ 28.793115] print_report+0xd1/0x640 [ 28.793145] ? __virt_addr_valid+0x1db/0x2d0 [ 28.793170] ? kasan_atomics_helper+0xc70/0x5450 [ 28.793193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.793221] ? kasan_atomics_helper+0xc70/0x5450 [ 28.793245] kasan_report+0x141/0x180 [ 28.793269] ? kasan_atomics_helper+0xc70/0x5450 [ 28.793297] kasan_check_range+0x10c/0x1c0 [ 28.793322] __kasan_check_write+0x18/0x20 [ 28.793347] kasan_atomics_helper+0xc70/0x5450 [ 28.793372] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.793396] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.793423] ? kasan_atomics+0x152/0x310 [ 28.793451] kasan_atomics+0x1dc/0x310 [ 28.793475] ? __pfx_kasan_atomics+0x10/0x10 [ 28.793501] ? __pfx_read_tsc+0x10/0x10 [ 28.793525] ? ktime_get_ts64+0x86/0x230 [ 28.793550] kunit_try_run_case+0x1a5/0x480 [ 28.793577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.793602] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.793625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.793653] ? __kthread_parkme+0x82/0x180 [ 28.793677] ? preempt_count_sub+0x50/0x80 [ 28.793702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.793728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.793753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.793962] kthread+0x337/0x6f0 [ 28.793993] ? trace_preempt_on+0x20/0xc0 [ 28.794020] ? __pfx_kthread+0x10/0x10 [ 28.794063] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.794091] ? calculate_sigpending+0x7b/0xa0 [ 28.794117] ? __pfx_kthread+0x10/0x10 [ 28.794141] ret_from_fork+0x116/0x1d0 [ 28.794162] ? __pfx_kthread+0x10/0x10 [ 28.794185] ret_from_fork_asm+0x1a/0x30 [ 28.794219] </TASK> [ 28.794231] [ 28.807173] Allocated by task 314: [ 28.807329] kasan_save_stack+0x45/0x70 [ 28.807479] kasan_save_track+0x18/0x40 [ 28.807617] kasan_save_alloc_info+0x3b/0x50 [ 28.807767] __kasan_kmalloc+0xb7/0xc0 [ 28.807901] __kmalloc_cache_noprof+0x189/0x420 [ 28.808377] kasan_atomics+0x95/0x310 [ 28.808746] kunit_try_run_case+0x1a5/0x480 [ 28.809162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.809691] kthread+0x337/0x6f0 [ 28.810023] ret_from_fork+0x116/0x1d0 [ 28.810405] ret_from_fork_asm+0x1a/0x30 [ 28.810755] [ 28.810974] The buggy address belongs to the object at ffff888106266f00 [ 28.810974] which belongs to the cache kmalloc-64 of size 64 [ 28.812192] The buggy address is located 0 bytes to the right of [ 28.812192] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.813257] [ 28.813415] The buggy address belongs to the physical page: [ 28.813750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.814399] flags: 0x200000000000000(node=0|zone=2) [ 28.814713] page_type: f5(slab) [ 28.814858] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.815114] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.815370] page dumped because: kasan: bad access detected [ 28.815547] [ 28.815613] Memory state around the buggy address: [ 28.815769] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.816442] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.817188] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.817910] ^ [ 28.818398] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.819024] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.819662] ================================================================== [ 29.774835] ================================================================== [ 29.775195] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 29.775531] Read of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.775814] [ 29.775892] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.775940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.775981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.776002] Call Trace: [ 29.776018] <TASK> [ 29.776033] dump_stack_lvl+0x73/0xb0 [ 29.776139] print_report+0xd1/0x640 [ 29.776167] ? __virt_addr_valid+0x1db/0x2d0 [ 29.776192] ? kasan_atomics_helper+0x4f98/0x5450 [ 29.776215] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.776244] ? kasan_atomics_helper+0x4f98/0x5450 [ 29.776268] kasan_report+0x141/0x180 [ 29.776292] ? kasan_atomics_helper+0x4f98/0x5450 [ 29.776321] __asan_report_load8_noabort+0x18/0x20 [ 29.776347] kasan_atomics_helper+0x4f98/0x5450 [ 29.776371] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.776396] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.776422] ? kasan_atomics+0x152/0x310 [ 29.776451] kasan_atomics+0x1dc/0x310 [ 29.776476] ? __pfx_kasan_atomics+0x10/0x10 [ 29.776504] ? __pfx_read_tsc+0x10/0x10 [ 29.776527] ? ktime_get_ts64+0x86/0x230 [ 29.776565] kunit_try_run_case+0x1a5/0x480 [ 29.776592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.776617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.776653] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.776681] ? __kthread_parkme+0x82/0x180 [ 29.776703] ? preempt_count_sub+0x50/0x80 [ 29.776728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.776754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.776780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.776806] kthread+0x337/0x6f0 [ 29.776827] ? trace_preempt_on+0x20/0xc0 [ 29.776852] ? __pfx_kthread+0x10/0x10 [ 29.776874] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.776899] ? calculate_sigpending+0x7b/0xa0 [ 29.776925] ? __pfx_kthread+0x10/0x10 [ 29.776956] ret_from_fork+0x116/0x1d0 [ 29.776977] ? __pfx_kthread+0x10/0x10 [ 29.776999] ret_from_fork_asm+0x1a/0x30 [ 29.777033] </TASK> [ 29.777044] [ 29.786162] Allocated by task 314: [ 29.786367] kasan_save_stack+0x45/0x70 [ 29.786591] kasan_save_track+0x18/0x40 [ 29.786817] kasan_save_alloc_info+0x3b/0x50 [ 29.787179] __kasan_kmalloc+0xb7/0xc0 [ 29.787370] __kmalloc_cache_noprof+0x189/0x420 [ 29.787523] kasan_atomics+0x95/0x310 [ 29.787698] kunit_try_run_case+0x1a5/0x480 [ 29.787983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.788402] kthread+0x337/0x6f0 [ 29.788527] ret_from_fork+0x116/0x1d0 [ 29.788787] ret_from_fork_asm+0x1a/0x30 [ 29.789018] [ 29.789101] The buggy address belongs to the object at ffff888106266f00 [ 29.789101] which belongs to the cache kmalloc-64 of size 64 [ 29.790020] The buggy address is located 0 bytes to the right of [ 29.790020] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.790564] [ 29.790659] The buggy address belongs to the physical page: [ 29.790980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.791362] flags: 0x200000000000000(node=0|zone=2) [ 29.791653] page_type: f5(slab) [ 29.791840] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.792261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.792495] page dumped because: kasan: bad access detected [ 29.792664] [ 29.792728] Memory state around the buggy address: [ 29.792880] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.793233] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.793547] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.793851] ^ [ 29.794217] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.794885] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.795376] ================================================================== [ 29.875481] ================================================================== [ 29.876358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 29.877026] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.877263] [ 29.877344] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.877393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.877405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.877427] Call Trace: [ 29.877442] <TASK> [ 29.877457] dump_stack_lvl+0x73/0xb0 [ 29.877486] print_report+0xd1/0x640 [ 29.877510] ? __virt_addr_valid+0x1db/0x2d0 [ 29.877536] ? kasan_atomics_helper+0x224c/0x5450 [ 29.877559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.877587] ? kasan_atomics_helper+0x224c/0x5450 [ 29.877611] kasan_report+0x141/0x180 [ 29.877636] ? kasan_atomics_helper+0x224c/0x5450 [ 29.877664] kasan_check_range+0x10c/0x1c0 [ 29.877689] __kasan_check_write+0x18/0x20 [ 29.877715] kasan_atomics_helper+0x224c/0x5450 [ 29.877739] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.877763] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.877790] ? kasan_atomics+0x152/0x310 [ 29.877817] kasan_atomics+0x1dc/0x310 [ 29.877842] ? __pfx_kasan_atomics+0x10/0x10 [ 29.877868] ? __pfx_read_tsc+0x10/0x10 [ 29.877891] ? ktime_get_ts64+0x86/0x230 [ 29.877917] kunit_try_run_case+0x1a5/0x480 [ 29.877953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.877978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.878002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.878031] ? __kthread_parkme+0x82/0x180 [ 29.878083] ? preempt_count_sub+0x50/0x80 [ 29.878120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.878147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.878184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.878211] kthread+0x337/0x6f0 [ 29.878233] ? trace_preempt_on+0x20/0xc0 [ 29.878258] ? __pfx_kthread+0x10/0x10 [ 29.878281] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.878306] ? calculate_sigpending+0x7b/0xa0 [ 29.878332] ? __pfx_kthread+0x10/0x10 [ 29.878383] ret_from_fork+0x116/0x1d0 [ 29.878405] ? __pfx_kthread+0x10/0x10 [ 29.878427] ret_from_fork_asm+0x1a/0x30 [ 29.878471] </TASK> [ 29.878482] [ 29.890252] Allocated by task 314: [ 29.890470] kasan_save_stack+0x45/0x70 [ 29.890696] kasan_save_track+0x18/0x40 [ 29.890904] kasan_save_alloc_info+0x3b/0x50 [ 29.891156] __kasan_kmalloc+0xb7/0xc0 [ 29.891373] __kmalloc_cache_noprof+0x189/0x420 [ 29.891598] kasan_atomics+0x95/0x310 [ 29.891776] kunit_try_run_case+0x1a5/0x480 [ 29.892021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.892296] kthread+0x337/0x6f0 [ 29.892502] ret_from_fork+0x116/0x1d0 [ 29.892687] ret_from_fork_asm+0x1a/0x30 [ 29.892890] [ 29.893009] The buggy address belongs to the object at ffff888106266f00 [ 29.893009] which belongs to the cache kmalloc-64 of size 64 [ 29.893576] The buggy address is located 0 bytes to the right of [ 29.893576] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.894186] [ 29.894323] The buggy address belongs to the physical page: [ 29.894558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.894935] flags: 0x200000000000000(node=0|zone=2) [ 29.895174] page_type: f5(slab) [ 29.895368] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.895716] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.896055] page dumped because: kasan: bad access detected [ 29.896376] [ 29.896441] Memory state around the buggy address: [ 29.896592] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.896923] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.897430] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.897733] ^ [ 29.897960] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.898375] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.898784] ================================================================== [ 29.011554] ================================================================== [ 29.011923] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 29.012279] Read of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.012510] [ 29.012591] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.012638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.012651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.012674] Call Trace: [ 29.012688] <TASK> [ 29.012703] dump_stack_lvl+0x73/0xb0 [ 29.012776] print_report+0xd1/0x640 [ 29.012827] ? __virt_addr_valid+0x1db/0x2d0 [ 29.012854] ? kasan_atomics_helper+0x4a1c/0x5450 [ 29.012878] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.012907] ? kasan_atomics_helper+0x4a1c/0x5450 [ 29.012930] kasan_report+0x141/0x180 [ 29.012966] ? kasan_atomics_helper+0x4a1c/0x5450 [ 29.012994] __asan_report_load4_noabort+0x18/0x20 [ 29.013021] kasan_atomics_helper+0x4a1c/0x5450 [ 29.013046] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.013070] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.013096] ? kasan_atomics+0x152/0x310 [ 29.013133] kasan_atomics+0x1dc/0x310 [ 29.013278] ? __pfx_kasan_atomics+0x10/0x10 [ 29.013311] ? __pfx_read_tsc+0x10/0x10 [ 29.013337] ? ktime_get_ts64+0x86/0x230 [ 29.013364] kunit_try_run_case+0x1a5/0x480 [ 29.013392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.013417] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.013441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.013471] ? __kthread_parkme+0x82/0x180 [ 29.013492] ? preempt_count_sub+0x50/0x80 [ 29.013518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.013544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.013570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.013596] kthread+0x337/0x6f0 [ 29.013618] ? trace_preempt_on+0x20/0xc0 [ 29.013643] ? __pfx_kthread+0x10/0x10 [ 29.013700] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.013728] ? calculate_sigpending+0x7b/0xa0 [ 29.013754] ? __pfx_kthread+0x10/0x10 [ 29.013822] ret_from_fork+0x116/0x1d0 [ 29.013887] ? __pfx_kthread+0x10/0x10 [ 29.013912] ret_from_fork_asm+0x1a/0x30 [ 29.013957] </TASK> [ 29.013970] [ 29.023579] Allocated by task 314: [ 29.023901] kasan_save_stack+0x45/0x70 [ 29.024193] kasan_save_track+0x18/0x40 [ 29.024412] kasan_save_alloc_info+0x3b/0x50 [ 29.024634] __kasan_kmalloc+0xb7/0xc0 [ 29.024769] __kmalloc_cache_noprof+0x189/0x420 [ 29.024927] kasan_atomics+0x95/0x310 [ 29.025385] kunit_try_run_case+0x1a5/0x480 [ 29.025647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.025902] kthread+0x337/0x6f0 [ 29.026090] ret_from_fork+0x116/0x1d0 [ 29.026250] ret_from_fork_asm+0x1a/0x30 [ 29.026392] [ 29.026460] The buggy address belongs to the object at ffff888106266f00 [ 29.026460] which belongs to the cache kmalloc-64 of size 64 [ 29.027215] The buggy address is located 0 bytes to the right of [ 29.027215] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.027610] [ 29.027680] The buggy address belongs to the physical page: [ 29.028379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.028726] flags: 0x200000000000000(node=0|zone=2) [ 29.028956] page_type: f5(slab) [ 29.029486] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.029839] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.030287] page dumped because: kasan: bad access detected [ 29.030853] [ 29.030930] Memory state around the buggy address: [ 29.031201] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.031546] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.031955] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.032271] ^ [ 29.032436] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.032764] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.033422] ================================================================== [ 29.156354] ================================================================== [ 29.156693] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 29.157108] Read of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.157408] [ 29.157511] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.157558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.157593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.157615] Call Trace: [ 29.157630] <TASK> [ 29.157644] dump_stack_lvl+0x73/0xb0 [ 29.157673] print_report+0xd1/0x640 [ 29.157697] ? __virt_addr_valid+0x1db/0x2d0 [ 29.157721] ? kasan_atomics_helper+0x13b5/0x5450 [ 29.157744] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.157966] ? kasan_atomics_helper+0x13b5/0x5450 [ 29.158026] kasan_report+0x141/0x180 [ 29.158071] ? kasan_atomics_helper+0x13b5/0x5450 [ 29.158101] kasan_check_range+0x10c/0x1c0 [ 29.158127] __kasan_check_read+0x15/0x20 [ 29.158152] kasan_atomics_helper+0x13b5/0x5450 [ 29.158176] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.158201] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.158227] ? kasan_atomics+0x152/0x310 [ 29.158255] kasan_atomics+0x1dc/0x310 [ 29.158279] ? __pfx_kasan_atomics+0x10/0x10 [ 29.158305] ? __pfx_read_tsc+0x10/0x10 [ 29.158330] ? ktime_get_ts64+0x86/0x230 [ 29.158355] kunit_try_run_case+0x1a5/0x480 [ 29.158402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.158428] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.158452] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.158480] ? __kthread_parkme+0x82/0x180 [ 29.158502] ? preempt_count_sub+0x50/0x80 [ 29.158527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.158553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.158598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.158625] kthread+0x337/0x6f0 [ 29.158647] ? trace_preempt_on+0x20/0xc0 [ 29.158672] ? __pfx_kthread+0x10/0x10 [ 29.158695] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.158721] ? calculate_sigpending+0x7b/0xa0 [ 29.158746] ? __pfx_kthread+0x10/0x10 [ 29.158833] ret_from_fork+0x116/0x1d0 [ 29.158860] ? __pfx_kthread+0x10/0x10 [ 29.158883] ret_from_fork_asm+0x1a/0x30 [ 29.158917] </TASK> [ 29.158930] [ 29.167494] Allocated by task 314: [ 29.167693] kasan_save_stack+0x45/0x70 [ 29.167923] kasan_save_track+0x18/0x40 [ 29.168094] kasan_save_alloc_info+0x3b/0x50 [ 29.168420] __kasan_kmalloc+0xb7/0xc0 [ 29.168604] __kmalloc_cache_noprof+0x189/0x420 [ 29.170109] kasan_atomics+0x95/0x310 [ 29.170283] kunit_try_run_case+0x1a5/0x480 [ 29.170702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.171272] kthread+0x337/0x6f0 [ 29.171483] ret_from_fork+0x116/0x1d0 [ 29.171622] ret_from_fork_asm+0x1a/0x30 [ 29.171764] [ 29.171833] The buggy address belongs to the object at ffff888106266f00 [ 29.171833] which belongs to the cache kmalloc-64 of size 64 [ 29.172400] The buggy address is located 0 bytes to the right of [ 29.172400] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.172865] [ 29.173044] The buggy address belongs to the physical page: [ 29.173332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.173750] flags: 0x200000000000000(node=0|zone=2) [ 29.173915] page_type: f5(slab) [ 29.174049] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.174622] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.175151] page dumped because: kasan: bad access detected [ 29.175336] [ 29.175418] Memory state around the buggy address: [ 29.175671] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.176005] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.176351] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.176767] ^ [ 29.177001] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.177486] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.177813] ================================================================== [ 29.538719] ================================================================== [ 29.539103] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 29.539706] Read of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.540640] [ 29.540910] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.540988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.541003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.541025] Call Trace: [ 29.541042] <TASK> [ 29.541059] dump_stack_lvl+0x73/0xb0 [ 29.541092] print_report+0xd1/0x640 [ 29.541116] ? __virt_addr_valid+0x1db/0x2d0 [ 29.541146] ? kasan_atomics_helper+0x4f30/0x5450 [ 29.541170] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.541198] ? kasan_atomics_helper+0x4f30/0x5450 [ 29.541223] kasan_report+0x141/0x180 [ 29.541246] ? kasan_atomics_helper+0x4f30/0x5450 [ 29.541275] __asan_report_load8_noabort+0x18/0x20 [ 29.541301] kasan_atomics_helper+0x4f30/0x5450 [ 29.541325] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.541349] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.541375] ? kasan_atomics+0x152/0x310 [ 29.541404] kasan_atomics+0x1dc/0x310 [ 29.541427] ? __pfx_kasan_atomics+0x10/0x10 [ 29.541453] ? __pfx_read_tsc+0x10/0x10 [ 29.541477] ? ktime_get_ts64+0x86/0x230 [ 29.541502] kunit_try_run_case+0x1a5/0x480 [ 29.541528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.541552] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.541576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.541603] ? __kthread_parkme+0x82/0x180 [ 29.541625] ? preempt_count_sub+0x50/0x80 [ 29.541650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.541676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.541702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.541728] kthread+0x337/0x6f0 [ 29.541750] ? trace_preempt_on+0x20/0xc0 [ 29.541775] ? __pfx_kthread+0x10/0x10 [ 29.541814] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.541840] ? calculate_sigpending+0x7b/0xa0 [ 29.541867] ? __pfx_kthread+0x10/0x10 [ 29.541890] ret_from_fork+0x116/0x1d0 [ 29.541911] ? __pfx_kthread+0x10/0x10 [ 29.541934] ret_from_fork_asm+0x1a/0x30 [ 29.541977] </TASK> [ 29.541989] [ 29.553896] Allocated by task 314: [ 29.554157] kasan_save_stack+0x45/0x70 [ 29.554580] kasan_save_track+0x18/0x40 [ 29.554777] kasan_save_alloc_info+0x3b/0x50 [ 29.555270] __kasan_kmalloc+0xb7/0xc0 [ 29.555469] __kmalloc_cache_noprof+0x189/0x420 [ 29.555654] kasan_atomics+0x95/0x310 [ 29.555930] kunit_try_run_case+0x1a5/0x480 [ 29.556377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.556720] kthread+0x337/0x6f0 [ 29.556993] ret_from_fork+0x116/0x1d0 [ 29.557236] ret_from_fork_asm+0x1a/0x30 [ 29.557629] [ 29.557734] The buggy address belongs to the object at ffff888106266f00 [ 29.557734] which belongs to the cache kmalloc-64 of size 64 [ 29.558418] The buggy address is located 0 bytes to the right of [ 29.558418] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.559253] [ 29.559336] The buggy address belongs to the physical page: [ 29.559775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.560291] flags: 0x200000000000000(node=0|zone=2) [ 29.560511] page_type: f5(slab) [ 29.560677] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.561391] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.561744] page dumped because: kasan: bad access detected [ 29.562047] [ 29.562441] Memory state around the buggy address: [ 29.562650] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.563202] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.563836] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.564104] ^ [ 29.564340] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.564646] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.565412] ================================================================== [ 28.964600] ================================================================== [ 28.965098] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 28.965490] Read of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.965875] [ 28.965983] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.966030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.966043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.966065] Call Trace: [ 28.966079] <TASK> [ 28.966182] dump_stack_lvl+0x73/0xb0 [ 28.966242] print_report+0xd1/0x640 [ 28.966267] ? __virt_addr_valid+0x1db/0x2d0 [ 28.966292] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.966316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.966343] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.966368] kasan_report+0x141/0x180 [ 28.966392] ? kasan_atomics_helper+0x4a36/0x5450 [ 28.966421] __asan_report_load4_noabort+0x18/0x20 [ 28.966447] kasan_atomics_helper+0x4a36/0x5450 [ 28.966472] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.966496] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.966556] ? kasan_atomics+0x152/0x310 [ 28.966584] kasan_atomics+0x1dc/0x310 [ 28.966609] ? __pfx_kasan_atomics+0x10/0x10 [ 28.966635] ? __pfx_read_tsc+0x10/0x10 [ 28.966660] ? ktime_get_ts64+0x86/0x230 [ 28.966685] kunit_try_run_case+0x1a5/0x480 [ 28.966711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.966736] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.966760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.966788] ? __kthread_parkme+0x82/0x180 [ 28.966839] ? preempt_count_sub+0x50/0x80 [ 28.966866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.966916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.966978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.967005] kthread+0x337/0x6f0 [ 28.967052] ? trace_preempt_on+0x20/0xc0 [ 28.967253] ? __pfx_kthread+0x10/0x10 [ 28.967289] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.967316] ? calculate_sigpending+0x7b/0xa0 [ 28.967342] ? __pfx_kthread+0x10/0x10 [ 28.967381] ret_from_fork+0x116/0x1d0 [ 28.967404] ? __pfx_kthread+0x10/0x10 [ 28.967427] ret_from_fork_asm+0x1a/0x30 [ 28.967461] </TASK> [ 28.967473] [ 28.977046] Allocated by task 314: [ 28.977191] kasan_save_stack+0x45/0x70 [ 28.977338] kasan_save_track+0x18/0x40 [ 28.977551] kasan_save_alloc_info+0x3b/0x50 [ 28.977760] __kasan_kmalloc+0xb7/0xc0 [ 28.977956] __kmalloc_cache_noprof+0x189/0x420 [ 28.978289] kasan_atomics+0x95/0x310 [ 28.978483] kunit_try_run_case+0x1a5/0x480 [ 28.978683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.979231] kthread+0x337/0x6f0 [ 28.979421] ret_from_fork+0x116/0x1d0 [ 28.979615] ret_from_fork_asm+0x1a/0x30 [ 28.979814] [ 28.979939] The buggy address belongs to the object at ffff888106266f00 [ 28.979939] which belongs to the cache kmalloc-64 of size 64 [ 28.980529] The buggy address is located 0 bytes to the right of [ 28.980529] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.981373] [ 28.981493] The buggy address belongs to the physical page: [ 28.981773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.982301] flags: 0x200000000000000(node=0|zone=2) [ 28.982581] page_type: f5(slab) [ 28.982767] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.983352] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.983699] page dumped because: kasan: bad access detected [ 28.984077] [ 28.984255] Memory state around the buggy address: [ 28.984471] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.984696] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.985300] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.985795] ^ [ 28.986017] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.986241] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.986838] ================================================================== [ 29.413905] ================================================================== [ 29.414501] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 29.414912] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.415193] [ 29.415458] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.415665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.415681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.415703] Call Trace: [ 29.415727] <TASK> [ 29.415745] dump_stack_lvl+0x73/0xb0 [ 29.415775] print_report+0xd1/0x640 [ 29.415877] ? __virt_addr_valid+0x1db/0x2d0 [ 29.415904] ? kasan_atomics_helper+0x194a/0x5450 [ 29.415927] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.416005] ? kasan_atomics_helper+0x194a/0x5450 [ 29.416032] kasan_report+0x141/0x180 [ 29.416092] ? kasan_atomics_helper+0x194a/0x5450 [ 29.416122] kasan_check_range+0x10c/0x1c0 [ 29.416149] __kasan_check_write+0x18/0x20 [ 29.416185] kasan_atomics_helper+0x194a/0x5450 [ 29.416210] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.416235] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.416262] ? kasan_atomics+0x152/0x310 [ 29.416290] kasan_atomics+0x1dc/0x310 [ 29.416315] ? __pfx_kasan_atomics+0x10/0x10 [ 29.416341] ? __pfx_read_tsc+0x10/0x10 [ 29.416364] ? ktime_get_ts64+0x86/0x230 [ 29.416391] kunit_try_run_case+0x1a5/0x480 [ 29.416417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.416443] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.416466] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.416494] ? __kthread_parkme+0x82/0x180 [ 29.416517] ? preempt_count_sub+0x50/0x80 [ 29.416541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.416568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.416594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.416621] kthread+0x337/0x6f0 [ 29.416642] ? trace_preempt_on+0x20/0xc0 [ 29.416668] ? __pfx_kthread+0x10/0x10 [ 29.416691] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.416717] ? calculate_sigpending+0x7b/0xa0 [ 29.416742] ? __pfx_kthread+0x10/0x10 [ 29.416766] ret_from_fork+0x116/0x1d0 [ 29.416798] ? __pfx_kthread+0x10/0x10 [ 29.416822] ret_from_fork_asm+0x1a/0x30 [ 29.416854] </TASK> [ 29.416868] [ 29.426471] Allocated by task 314: [ 29.426913] kasan_save_stack+0x45/0x70 [ 29.427084] kasan_save_track+0x18/0x40 [ 29.427514] kasan_save_alloc_info+0x3b/0x50 [ 29.427926] __kasan_kmalloc+0xb7/0xc0 [ 29.428087] __kmalloc_cache_noprof+0x189/0x420 [ 29.428313] kasan_atomics+0x95/0x310 [ 29.428553] kunit_try_run_case+0x1a5/0x480 [ 29.428752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.428931] kthread+0x337/0x6f0 [ 29.429136] ret_from_fork+0x116/0x1d0 [ 29.429345] ret_from_fork_asm+0x1a/0x30 [ 29.429546] [ 29.429639] The buggy address belongs to the object at ffff888106266f00 [ 29.429639] which belongs to the cache kmalloc-64 of size 64 [ 29.430319] The buggy address is located 0 bytes to the right of [ 29.430319] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.431060] [ 29.431157] The buggy address belongs to the physical page: [ 29.431441] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.431692] flags: 0x200000000000000(node=0|zone=2) [ 29.432119] page_type: f5(slab) [ 29.432294] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.432617] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.432931] page dumped because: kasan: bad access detected [ 29.433301] [ 29.433377] Memory state around the buggy address: [ 29.433643] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.433923] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.434153] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.434609] ^ [ 29.434875] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.435360] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.435694] ================================================================== [ 28.372368] ================================================================== [ 28.372963] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 28.373786] Read of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.374610] [ 28.374808] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.374917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.374932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.375053] Call Trace: [ 28.375073] <TASK> [ 28.375092] dump_stack_lvl+0x73/0xb0 [ 28.375134] print_report+0xd1/0x640 [ 28.375159] ? __virt_addr_valid+0x1db/0x2d0 [ 28.375184] ? kasan_atomics_helper+0x4b88/0x5450 [ 28.375209] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.375236] ? kasan_atomics_helper+0x4b88/0x5450 [ 28.375260] kasan_report+0x141/0x180 [ 28.375285] ? kasan_atomics_helper+0x4b88/0x5450 [ 28.375315] __asan_report_load4_noabort+0x18/0x20 [ 28.375342] kasan_atomics_helper+0x4b88/0x5450 [ 28.375368] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.375393] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.375420] ? kasan_atomics+0x152/0x310 [ 28.375449] kasan_atomics+0x1dc/0x310 [ 28.375474] ? __pfx_kasan_atomics+0x10/0x10 [ 28.375502] ? __pfx_read_tsc+0x10/0x10 [ 28.375528] ? ktime_get_ts64+0x86/0x230 [ 28.375555] kunit_try_run_case+0x1a5/0x480 [ 28.375581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.375609] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.375634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.375663] ? __kthread_parkme+0x82/0x180 [ 28.375686] ? preempt_count_sub+0x50/0x80 [ 28.375712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.375738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.375764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.375792] kthread+0x337/0x6f0 [ 28.375821] ? trace_preempt_on+0x20/0xc0 [ 28.375847] ? __pfx_kthread+0x10/0x10 [ 28.375869] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.375895] ? calculate_sigpending+0x7b/0xa0 [ 28.375920] ? __pfx_kthread+0x10/0x10 [ 28.375957] ret_from_fork+0x116/0x1d0 [ 28.375979] ? __pfx_kthread+0x10/0x10 [ 28.376002] ret_from_fork_asm+0x1a/0x30 [ 28.376036] </TASK> [ 28.376049] [ 28.388773] Allocated by task 314: [ 28.389329] kasan_save_stack+0x45/0x70 [ 28.389636] kasan_save_track+0x18/0x40 [ 28.389784] kasan_save_alloc_info+0x3b/0x50 [ 28.390244] __kasan_kmalloc+0xb7/0xc0 [ 28.390433] __kmalloc_cache_noprof+0x189/0x420 [ 28.390789] kasan_atomics+0x95/0x310 [ 28.391255] kunit_try_run_case+0x1a5/0x480 [ 28.391424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.391752] kthread+0x337/0x6f0 [ 28.392206] ret_from_fork+0x116/0x1d0 [ 28.392403] ret_from_fork_asm+0x1a/0x30 [ 28.393066] [ 28.393218] The buggy address belongs to the object at ffff888106266f00 [ 28.393218] which belongs to the cache kmalloc-64 of size 64 [ 28.393734] The buggy address is located 0 bytes to the right of [ 28.393734] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.394655] [ 28.394770] The buggy address belongs to the physical page: [ 28.395273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.395701] flags: 0x200000000000000(node=0|zone=2) [ 28.396138] page_type: f5(slab) [ 28.396316] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.396763] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.397326] page dumped because: kasan: bad access detected [ 28.397570] [ 28.397875] Memory state around the buggy address: [ 28.398259] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.398567] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.398902] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.399528] ^ [ 28.399758] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.400418] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.400805] ================================================================== [ 28.820465] ================================================================== [ 28.821074] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 28.821777] Read of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.822567] [ 28.822742] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.822790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.822804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.822825] Call Trace: [ 28.822851] <TASK> [ 28.822868] dump_stack_lvl+0x73/0xb0 [ 28.822896] print_report+0xd1/0x640 [ 28.822920] ? __virt_addr_valid+0x1db/0x2d0 [ 28.822956] ? kasan_atomics_helper+0x4a84/0x5450 [ 28.822980] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.823008] ? kasan_atomics_helper+0x4a84/0x5450 [ 28.823031] kasan_report+0x141/0x180 [ 28.823056] ? kasan_atomics_helper+0x4a84/0x5450 [ 28.823083] __asan_report_load4_noabort+0x18/0x20 [ 28.823133] kasan_atomics_helper+0x4a84/0x5450 [ 28.823274] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.823298] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.823325] ? kasan_atomics+0x152/0x310 [ 28.823353] kasan_atomics+0x1dc/0x310 [ 28.823378] ? __pfx_kasan_atomics+0x10/0x10 [ 28.823414] ? __pfx_read_tsc+0x10/0x10 [ 28.823437] ? ktime_get_ts64+0x86/0x230 [ 28.823462] kunit_try_run_case+0x1a5/0x480 [ 28.823489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.823513] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.823537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.823566] ? __kthread_parkme+0x82/0x180 [ 28.823587] ? preempt_count_sub+0x50/0x80 [ 28.823612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.823637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.823663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.823689] kthread+0x337/0x6f0 [ 28.823711] ? trace_preempt_on+0x20/0xc0 [ 28.823735] ? __pfx_kthread+0x10/0x10 [ 28.823758] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.823783] ? calculate_sigpending+0x7b/0xa0 [ 28.823820] ? __pfx_kthread+0x10/0x10 [ 28.823844] ret_from_fork+0x116/0x1d0 [ 28.823864] ? __pfx_kthread+0x10/0x10 [ 28.823887] ret_from_fork_asm+0x1a/0x30 [ 28.823919] </TASK> [ 28.823932] [ 28.836894] Allocated by task 314: [ 28.837259] kasan_save_stack+0x45/0x70 [ 28.837680] kasan_save_track+0x18/0x40 [ 28.837933] kasan_save_alloc_info+0x3b/0x50 [ 28.838283] __kasan_kmalloc+0xb7/0xc0 [ 28.838418] __kmalloc_cache_noprof+0x189/0x420 [ 28.838576] kasan_atomics+0x95/0x310 [ 28.838931] kunit_try_run_case+0x1a5/0x480 [ 28.839158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.839357] kthread+0x337/0x6f0 [ 28.839480] ret_from_fork+0x116/0x1d0 [ 28.839615] ret_from_fork_asm+0x1a/0x30 [ 28.839755] [ 28.839833] The buggy address belongs to the object at ffff888106266f00 [ 28.839833] which belongs to the cache kmalloc-64 of size 64 [ 28.840986] The buggy address is located 0 bytes to the right of [ 28.840986] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.842202] [ 28.842373] The buggy address belongs to the physical page: [ 28.842930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.843716] flags: 0x200000000000000(node=0|zone=2) [ 28.844207] page_type: f5(slab) [ 28.844427] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.844739] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.845473] page dumped because: kasan: bad access detected [ 28.845957] [ 28.846258] Memory state around the buggy address: [ 28.846443] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.846665] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.846885] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.847137] ^ [ 28.847478] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.847816] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.848158] ================================================================== [ 29.385511] ================================================================== [ 29.386239] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 29.387170] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.387665] [ 29.387755] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.387915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.387931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.387962] Call Trace: [ 29.387981] <TASK> [ 29.387997] dump_stack_lvl+0x73/0xb0 [ 29.388029] print_report+0xd1/0x640 [ 29.388273] ? __virt_addr_valid+0x1db/0x2d0 [ 29.388313] ? kasan_atomics_helper+0x18b1/0x5450 [ 29.388337] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.388365] ? kasan_atomics_helper+0x18b1/0x5450 [ 29.388389] kasan_report+0x141/0x180 [ 29.388414] ? kasan_atomics_helper+0x18b1/0x5450 [ 29.388442] kasan_check_range+0x10c/0x1c0 [ 29.388468] __kasan_check_write+0x18/0x20 [ 29.388494] kasan_atomics_helper+0x18b1/0x5450 [ 29.388518] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.388543] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.388569] ? kasan_atomics+0x152/0x310 [ 29.388597] kasan_atomics+0x1dc/0x310 [ 29.388621] ? __pfx_kasan_atomics+0x10/0x10 [ 29.388647] ? __pfx_read_tsc+0x10/0x10 [ 29.388673] ? ktime_get_ts64+0x86/0x230 [ 29.388699] kunit_try_run_case+0x1a5/0x480 [ 29.388725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.388749] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.388773] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.388812] ? __kthread_parkme+0x82/0x180 [ 29.388838] ? preempt_count_sub+0x50/0x80 [ 29.388865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.388891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.388918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.388957] kthread+0x337/0x6f0 [ 29.388979] ? trace_preempt_on+0x20/0xc0 [ 29.389004] ? __pfx_kthread+0x10/0x10 [ 29.389026] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.389060] ? calculate_sigpending+0x7b/0xa0 [ 29.389085] ? __pfx_kthread+0x10/0x10 [ 29.389108] ret_from_fork+0x116/0x1d0 [ 29.389134] ? __pfx_kthread+0x10/0x10 [ 29.389157] ret_from_fork_asm+0x1a/0x30 [ 29.389190] </TASK> [ 29.389202] [ 29.401998] Allocated by task 314: [ 29.402162] kasan_save_stack+0x45/0x70 [ 29.402380] kasan_save_track+0x18/0x40 [ 29.402935] kasan_save_alloc_info+0x3b/0x50 [ 29.403310] __kasan_kmalloc+0xb7/0xc0 [ 29.403603] __kmalloc_cache_noprof+0x189/0x420 [ 29.403991] kasan_atomics+0x95/0x310 [ 29.404226] kunit_try_run_case+0x1a5/0x480 [ 29.404597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.404896] kthread+0x337/0x6f0 [ 29.405038] ret_from_fork+0x116/0x1d0 [ 29.405362] ret_from_fork_asm+0x1a/0x30 [ 29.405625] [ 29.405721] The buggy address belongs to the object at ffff888106266f00 [ 29.405721] which belongs to the cache kmalloc-64 of size 64 [ 29.406656] The buggy address is located 0 bytes to the right of [ 29.406656] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.407681] [ 29.407780] The buggy address belongs to the physical page: [ 29.408453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.409018] flags: 0x200000000000000(node=0|zone=2) [ 29.409321] page_type: f5(slab) [ 29.409464] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.409796] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.410214] page dumped because: kasan: bad access detected [ 29.410495] [ 29.410612] Memory state around the buggy address: [ 29.410893] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.411407] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.411738] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.412185] ^ [ 29.412465] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.412748] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.413365] ================================================================== [ 29.076683] ================================================================== [ 29.077135] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 29.077485] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.077756] [ 29.078102] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.078157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.078171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.078193] Call Trace: [ 29.078207] <TASK> [ 29.078224] dump_stack_lvl+0x73/0xb0 [ 29.078254] print_report+0xd1/0x640 [ 29.078277] ? __virt_addr_valid+0x1db/0x2d0 [ 29.078328] ? kasan_atomics_helper+0x1217/0x5450 [ 29.078352] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.078380] ? kasan_atomics_helper+0x1217/0x5450 [ 29.078404] kasan_report+0x141/0x180 [ 29.078429] ? kasan_atomics_helper+0x1217/0x5450 [ 29.078458] kasan_check_range+0x10c/0x1c0 [ 29.078503] __kasan_check_write+0x18/0x20 [ 29.078529] kasan_atomics_helper+0x1217/0x5450 [ 29.078553] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.078578] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.078604] ? kasan_atomics+0x152/0x310 [ 29.078632] kasan_atomics+0x1dc/0x310 [ 29.078656] ? __pfx_kasan_atomics+0x10/0x10 [ 29.078682] ? __pfx_read_tsc+0x10/0x10 [ 29.078706] ? ktime_get_ts64+0x86/0x230 [ 29.078731] kunit_try_run_case+0x1a5/0x480 [ 29.078757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.078788] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.078812] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.078840] ? __kthread_parkme+0x82/0x180 [ 29.078863] ? preempt_count_sub+0x50/0x80 [ 29.078888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.078913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.079023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.079075] kthread+0x337/0x6f0 [ 29.079099] ? trace_preempt_on+0x20/0xc0 [ 29.079124] ? __pfx_kthread+0x10/0x10 [ 29.079147] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.079173] ? calculate_sigpending+0x7b/0xa0 [ 29.079199] ? __pfx_kthread+0x10/0x10 [ 29.079223] ret_from_fork+0x116/0x1d0 [ 29.079244] ? __pfx_kthread+0x10/0x10 [ 29.079266] ret_from_fork_asm+0x1a/0x30 [ 29.079299] </TASK> [ 29.079312] [ 29.087319] Allocated by task 314: [ 29.087503] kasan_save_stack+0x45/0x70 [ 29.087704] kasan_save_track+0x18/0x40 [ 29.087991] kasan_save_alloc_info+0x3b/0x50 [ 29.088265] __kasan_kmalloc+0xb7/0xc0 [ 29.088454] __kmalloc_cache_noprof+0x189/0x420 [ 29.088675] kasan_atomics+0x95/0x310 [ 29.088909] kunit_try_run_case+0x1a5/0x480 [ 29.089091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.089375] kthread+0x337/0x6f0 [ 29.089547] ret_from_fork+0x116/0x1d0 [ 29.089755] ret_from_fork_asm+0x1a/0x30 [ 29.090115] [ 29.090260] The buggy address belongs to the object at ffff888106266f00 [ 29.090260] which belongs to the cache kmalloc-64 of size 64 [ 29.090732] The buggy address is located 0 bytes to the right of [ 29.090732] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.091367] [ 29.091466] The buggy address belongs to the physical page: [ 29.091722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.092059] flags: 0x200000000000000(node=0|zone=2) [ 29.092235] page_type: f5(slab) [ 29.092355] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.092757] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.093198] page dumped because: kasan: bad access detected [ 29.093458] [ 29.093550] Memory state around the buggy address: [ 29.093767] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.094337] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.094603] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.095065] ^ [ 29.095270] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.095532] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.095934] ================================================================== [ 29.836233] ================================================================== [ 29.836685] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 29.837052] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.837413] [ 29.837529] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.837605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.837620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.837641] Call Trace: [ 29.837667] <TASK> [ 29.837687] dump_stack_lvl+0x73/0xb0 [ 29.837717] print_report+0xd1/0x640 [ 29.837742] ? __virt_addr_valid+0x1db/0x2d0 [ 29.837767] ? kasan_atomics_helper+0x218a/0x5450 [ 29.837791] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.837820] ? kasan_atomics_helper+0x218a/0x5450 [ 29.837844] kasan_report+0x141/0x180 [ 29.837886] ? kasan_atomics_helper+0x218a/0x5450 [ 29.837928] kasan_check_range+0x10c/0x1c0 [ 29.837963] __kasan_check_write+0x18/0x20 [ 29.838003] kasan_atomics_helper+0x218a/0x5450 [ 29.838042] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.838086] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.838114] ? kasan_atomics+0x152/0x310 [ 29.838142] kasan_atomics+0x1dc/0x310 [ 29.838177] ? __pfx_kasan_atomics+0x10/0x10 [ 29.838204] ? __pfx_read_tsc+0x10/0x10 [ 29.838227] ? ktime_get_ts64+0x86/0x230 [ 29.838253] kunit_try_run_case+0x1a5/0x480 [ 29.838280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.838304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.838356] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.838385] ? __kthread_parkme+0x82/0x180 [ 29.838407] ? preempt_count_sub+0x50/0x80 [ 29.838461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.838488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.838526] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.838553] kthread+0x337/0x6f0 [ 29.838575] ? trace_preempt_on+0x20/0xc0 [ 29.838600] ? __pfx_kthread+0x10/0x10 [ 29.838649] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.838677] ? calculate_sigpending+0x7b/0xa0 [ 29.838713] ? __pfx_kthread+0x10/0x10 [ 29.838737] ret_from_fork+0x116/0x1d0 [ 29.838784] ? __pfx_kthread+0x10/0x10 [ 29.838807] ret_from_fork_asm+0x1a/0x30 [ 29.838840] </TASK> [ 29.838863] [ 29.847042] Allocated by task 314: [ 29.847167] kasan_save_stack+0x45/0x70 [ 29.847306] kasan_save_track+0x18/0x40 [ 29.847436] kasan_save_alloc_info+0x3b/0x50 [ 29.847580] __kasan_kmalloc+0xb7/0xc0 [ 29.847711] __kmalloc_cache_noprof+0x189/0x420 [ 29.847887] kasan_atomics+0x95/0x310 [ 29.848105] kunit_try_run_case+0x1a5/0x480 [ 29.848309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.848558] kthread+0x337/0x6f0 [ 29.848720] ret_from_fork+0x116/0x1d0 [ 29.848902] ret_from_fork_asm+0x1a/0x30 [ 29.849252] [ 29.849324] The buggy address belongs to the object at ffff888106266f00 [ 29.849324] which belongs to the cache kmalloc-64 of size 64 [ 29.849673] The buggy address is located 0 bytes to the right of [ 29.849673] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.850190] [ 29.850287] The buggy address belongs to the physical page: [ 29.850557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.850922] flags: 0x200000000000000(node=0|zone=2) [ 29.851295] page_type: f5(slab) [ 29.851488] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.851801] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.852147] page dumped because: kasan: bad access detected [ 29.852396] [ 29.852464] Memory state around the buggy address: [ 29.852690] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.852988] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.853378] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.853686] ^ [ 29.853887] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.854276] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.854590] ================================================================== [ 28.609117] ================================================================== [ 28.609495] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 28.609913] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.610291] [ 28.610401] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.610450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.610463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.610486] Call Trace: [ 28.610501] <TASK> [ 28.610518] dump_stack_lvl+0x73/0xb0 [ 28.610548] print_report+0xd1/0x640 [ 28.610573] ? __virt_addr_valid+0x1db/0x2d0 [ 28.610598] ? kasan_atomics_helper+0x860/0x5450 [ 28.610621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.610650] ? kasan_atomics_helper+0x860/0x5450 [ 28.610674] kasan_report+0x141/0x180 [ 28.610699] ? kasan_atomics_helper+0x860/0x5450 [ 28.610728] kasan_check_range+0x10c/0x1c0 [ 28.610753] __kasan_check_write+0x18/0x20 [ 28.610847] kasan_atomics_helper+0x860/0x5450 [ 28.610875] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.610900] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.610927] ? kasan_atomics+0x152/0x310 [ 28.610966] kasan_atomics+0x1dc/0x310 [ 28.610990] ? __pfx_kasan_atomics+0x10/0x10 [ 28.611017] ? __pfx_read_tsc+0x10/0x10 [ 28.611042] ? ktime_get_ts64+0x86/0x230 [ 28.611068] kunit_try_run_case+0x1a5/0x480 [ 28.611112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.611137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.611162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.611191] ? __kthread_parkme+0x82/0x180 [ 28.611213] ? preempt_count_sub+0x50/0x80 [ 28.611238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.611264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.611289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.611342] kthread+0x337/0x6f0 [ 28.611364] ? trace_preempt_on+0x20/0xc0 [ 28.611390] ? __pfx_kthread+0x10/0x10 [ 28.611412] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.611438] ? calculate_sigpending+0x7b/0xa0 [ 28.611464] ? __pfx_kthread+0x10/0x10 [ 28.611488] ret_from_fork+0x116/0x1d0 [ 28.611528] ? __pfx_kthread+0x10/0x10 [ 28.611551] ret_from_fork_asm+0x1a/0x30 [ 28.611584] </TASK> [ 28.611596] [ 28.620678] Allocated by task 314: [ 28.620816] kasan_save_stack+0x45/0x70 [ 28.620972] kasan_save_track+0x18/0x40 [ 28.621166] kasan_save_alloc_info+0x3b/0x50 [ 28.621374] __kasan_kmalloc+0xb7/0xc0 [ 28.621558] __kmalloc_cache_noprof+0x189/0x420 [ 28.621780] kasan_atomics+0x95/0x310 [ 28.621969] kunit_try_run_case+0x1a5/0x480 [ 28.622180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.622434] kthread+0x337/0x6f0 [ 28.622601] ret_from_fork+0x116/0x1d0 [ 28.622759] ret_from_fork_asm+0x1a/0x30 [ 28.622895] [ 28.623246] The buggy address belongs to the object at ffff888106266f00 [ 28.623246] which belongs to the cache kmalloc-64 of size 64 [ 28.623890] The buggy address is located 0 bytes to the right of [ 28.623890] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.624497] [ 28.624593] The buggy address belongs to the physical page: [ 28.624915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.625270] flags: 0x200000000000000(node=0|zone=2) [ 28.625434] page_type: f5(slab) [ 28.625552] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.625856] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.626224] page dumped because: kasan: bad access detected [ 28.626504] [ 28.626613] Memory state around the buggy address: [ 28.627044] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.627454] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.627905] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.628266] ^ [ 28.628517] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.628903] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.629167] ================================================================== [ 29.280155] ================================================================== [ 29.280627] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 29.281361] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.281955] [ 29.282068] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.282118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.282131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.282153] Call Trace: [ 29.282177] <TASK> [ 29.282192] dump_stack_lvl+0x73/0xb0 [ 29.282222] print_report+0xd1/0x640 [ 29.282246] ? __virt_addr_valid+0x1db/0x2d0 [ 29.282271] ? kasan_atomics_helper+0x15b6/0x5450 [ 29.282294] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.282323] ? kasan_atomics_helper+0x15b6/0x5450 [ 29.282367] kasan_report+0x141/0x180 [ 29.282391] ? kasan_atomics_helper+0x15b6/0x5450 [ 29.282420] kasan_check_range+0x10c/0x1c0 [ 29.282445] __kasan_check_write+0x18/0x20 [ 29.282471] kasan_atomics_helper+0x15b6/0x5450 [ 29.282495] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.282535] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.282561] ? kasan_atomics+0x152/0x310 [ 29.282604] kasan_atomics+0x1dc/0x310 [ 29.282641] ? __pfx_kasan_atomics+0x10/0x10 [ 29.282680] ? __pfx_read_tsc+0x10/0x10 [ 29.282717] ? ktime_get_ts64+0x86/0x230 [ 29.282743] kunit_try_run_case+0x1a5/0x480 [ 29.282783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.282885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.282910] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.282939] ? __kthread_parkme+0x82/0x180 [ 29.282974] ? preempt_count_sub+0x50/0x80 [ 29.282999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.283026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.283052] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.283078] kthread+0x337/0x6f0 [ 29.283100] ? trace_preempt_on+0x20/0xc0 [ 29.283125] ? __pfx_kthread+0x10/0x10 [ 29.283155] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.283182] ? calculate_sigpending+0x7b/0xa0 [ 29.283207] ? __pfx_kthread+0x10/0x10 [ 29.283231] ret_from_fork+0x116/0x1d0 [ 29.283253] ? __pfx_kthread+0x10/0x10 [ 29.283276] ret_from_fork_asm+0x1a/0x30 [ 29.283309] </TASK> [ 29.283322] [ 29.293804] Allocated by task 314: [ 29.294112] kasan_save_stack+0x45/0x70 [ 29.294378] kasan_save_track+0x18/0x40 [ 29.294617] kasan_save_alloc_info+0x3b/0x50 [ 29.294824] __kasan_kmalloc+0xb7/0xc0 [ 29.295049] __kmalloc_cache_noprof+0x189/0x420 [ 29.295273] kasan_atomics+0x95/0x310 [ 29.295455] kunit_try_run_case+0x1a5/0x480 [ 29.295656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.296248] kthread+0x337/0x6f0 [ 29.296440] ret_from_fork+0x116/0x1d0 [ 29.296627] ret_from_fork_asm+0x1a/0x30 [ 29.296778] [ 29.296952] The buggy address belongs to the object at ffff888106266f00 [ 29.296952] which belongs to the cache kmalloc-64 of size 64 [ 29.297484] The buggy address is located 0 bytes to the right of [ 29.297484] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.298059] [ 29.298184] The buggy address belongs to the physical page: [ 29.298413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.298770] flags: 0x200000000000000(node=0|zone=2) [ 29.298994] page_type: f5(slab) [ 29.299266] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.299511] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.299763] page dumped because: kasan: bad access detected [ 29.300014] [ 29.300330] Memory state around the buggy address: [ 29.300604] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.301010] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.301265] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.301476] ^ [ 29.301630] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.301974] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.302832] ================================================================== [ 29.664269] ================================================================== [ 29.665230] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 29.665918] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.666642] [ 29.666863] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.666921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.667057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.667084] Call Trace: [ 29.667103] <TASK> [ 29.667121] dump_stack_lvl+0x73/0xb0 [ 29.667154] print_report+0xd1/0x640 [ 29.667180] ? __virt_addr_valid+0x1db/0x2d0 [ 29.667245] ? kasan_atomics_helper+0x1eaa/0x5450 [ 29.667268] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.667297] ? kasan_atomics_helper+0x1eaa/0x5450 [ 29.667320] kasan_report+0x141/0x180 [ 29.667345] ? kasan_atomics_helper+0x1eaa/0x5450 [ 29.667373] kasan_check_range+0x10c/0x1c0 [ 29.667399] __kasan_check_write+0x18/0x20 [ 29.667424] kasan_atomics_helper+0x1eaa/0x5450 [ 29.667449] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.667473] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.667499] ? kasan_atomics+0x152/0x310 [ 29.667527] kasan_atomics+0x1dc/0x310 [ 29.667551] ? __pfx_kasan_atomics+0x10/0x10 [ 29.667576] ? __pfx_read_tsc+0x10/0x10 [ 29.667601] ? ktime_get_ts64+0x86/0x230 [ 29.667627] kunit_try_run_case+0x1a5/0x480 [ 29.667654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.667679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.667703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.667731] ? __kthread_parkme+0x82/0x180 [ 29.667753] ? preempt_count_sub+0x50/0x80 [ 29.667779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.667818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.667844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.667870] kthread+0x337/0x6f0 [ 29.667891] ? trace_preempt_on+0x20/0xc0 [ 29.667916] ? __pfx_kthread+0x10/0x10 [ 29.667938] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.667975] ? calculate_sigpending+0x7b/0xa0 [ 29.667999] ? __pfx_kthread+0x10/0x10 [ 29.668023] ret_from_fork+0x116/0x1d0 [ 29.668044] ? __pfx_kthread+0x10/0x10 [ 29.668076] ret_from_fork_asm+0x1a/0x30 [ 29.668109] </TASK> [ 29.668122] [ 29.680631] Allocated by task 314: [ 29.680858] kasan_save_stack+0x45/0x70 [ 29.681033] kasan_save_track+0x18/0x40 [ 29.681210] kasan_save_alloc_info+0x3b/0x50 [ 29.681396] __kasan_kmalloc+0xb7/0xc0 [ 29.681562] __kmalloc_cache_noprof+0x189/0x420 [ 29.681758] kasan_atomics+0x95/0x310 [ 29.682418] kunit_try_run_case+0x1a5/0x480 [ 29.682833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.683333] kthread+0x337/0x6f0 [ 29.683622] ret_from_fork+0x116/0x1d0 [ 29.683969] ret_from_fork_asm+0x1a/0x30 [ 29.684369] [ 29.684468] The buggy address belongs to the object at ffff888106266f00 [ 29.684468] which belongs to the cache kmalloc-64 of size 64 [ 29.685477] The buggy address is located 0 bytes to the right of [ 29.685477] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.686382] [ 29.686477] The buggy address belongs to the physical page: [ 29.686668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.687455] flags: 0x200000000000000(node=0|zone=2) [ 29.688086] page_type: f5(slab) [ 29.688442] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.688851] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.689619] page dumped because: kasan: bad access detected [ 29.690190] [ 29.690328] Memory state around the buggy address: [ 29.690777] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.691361] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.691669] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.692231] ^ [ 29.692759] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.693492] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.694176] ================================================================== [ 29.816351] ================================================================== [ 29.816618] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 29.817216] Read of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.817477] [ 29.817604] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.817666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.817679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.817715] Call Trace: [ 29.817731] <TASK> [ 29.817746] dump_stack_lvl+0x73/0xb0 [ 29.817800] print_report+0xd1/0x640 [ 29.817825] ? __virt_addr_valid+0x1db/0x2d0 [ 29.817862] ? kasan_atomics_helper+0x4fb2/0x5450 [ 29.817885] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.817913] ? kasan_atomics_helper+0x4fb2/0x5450 [ 29.817937] kasan_report+0x141/0x180 [ 29.817970] ? kasan_atomics_helper+0x4fb2/0x5450 [ 29.817998] __asan_report_load8_noabort+0x18/0x20 [ 29.818025] kasan_atomics_helper+0x4fb2/0x5450 [ 29.818049] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.818084] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.818111] ? kasan_atomics+0x152/0x310 [ 29.818139] kasan_atomics+0x1dc/0x310 [ 29.818163] ? __pfx_kasan_atomics+0x10/0x10 [ 29.818218] ? __pfx_read_tsc+0x10/0x10 [ 29.818243] ? ktime_get_ts64+0x86/0x230 [ 29.818269] kunit_try_run_case+0x1a5/0x480 [ 29.818305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.818330] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.818371] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.818409] ? __kthread_parkme+0x82/0x180 [ 29.818431] ? preempt_count_sub+0x50/0x80 [ 29.818484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.818511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.818536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.818563] kthread+0x337/0x6f0 [ 29.818584] ? trace_preempt_on+0x20/0xc0 [ 29.818609] ? __pfx_kthread+0x10/0x10 [ 29.818631] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.818684] ? calculate_sigpending+0x7b/0xa0 [ 29.818710] ? __pfx_kthread+0x10/0x10 [ 29.818769] ret_from_fork+0x116/0x1d0 [ 29.818791] ? __pfx_kthread+0x10/0x10 [ 29.818813] ret_from_fork_asm+0x1a/0x30 [ 29.818856] </TASK> [ 29.818868] [ 29.827178] Allocated by task 314: [ 29.827327] kasan_save_stack+0x45/0x70 [ 29.827524] kasan_save_track+0x18/0x40 [ 29.827763] kasan_save_alloc_info+0x3b/0x50 [ 29.827994] __kasan_kmalloc+0xb7/0xc0 [ 29.828164] __kmalloc_cache_noprof+0x189/0x420 [ 29.828400] kasan_atomics+0x95/0x310 [ 29.828622] kunit_try_run_case+0x1a5/0x480 [ 29.828826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.829147] kthread+0x337/0x6f0 [ 29.829307] ret_from_fork+0x116/0x1d0 [ 29.829541] ret_from_fork_asm+0x1a/0x30 [ 29.829739] [ 29.829816] The buggy address belongs to the object at ffff888106266f00 [ 29.829816] which belongs to the cache kmalloc-64 of size 64 [ 29.830456] The buggy address is located 0 bytes to the right of [ 29.830456] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.830986] [ 29.831056] The buggy address belongs to the physical page: [ 29.831228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.831520] flags: 0x200000000000000(node=0|zone=2) [ 29.831749] page_type: f5(slab) [ 29.832062] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.832400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.832728] page dumped because: kasan: bad access detected [ 29.832983] [ 29.833081] Memory state around the buggy address: [ 29.833285] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.833501] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.833738] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.834074] ^ [ 29.834348] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.834709] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.835018] ================================================================== [ 28.867493] ================================================================== [ 28.867915] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 28.868521] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.868861] [ 28.868970] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.869017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.869030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.869051] Call Trace: [ 28.869065] <TASK> [ 28.869080] dump_stack_lvl+0x73/0xb0 [ 28.869106] print_report+0xd1/0x640 [ 28.869137] ? __virt_addr_valid+0x1db/0x2d0 [ 28.869162] ? kasan_atomics_helper+0xde0/0x5450 [ 28.869184] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.869212] ? kasan_atomics_helper+0xde0/0x5450 [ 28.869236] kasan_report+0x141/0x180 [ 28.869260] ? kasan_atomics_helper+0xde0/0x5450 [ 28.869288] kasan_check_range+0x10c/0x1c0 [ 28.869324] __kasan_check_write+0x18/0x20 [ 28.869351] kasan_atomics_helper+0xde0/0x5450 [ 28.869383] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.869407] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.869434] ? kasan_atomics+0x152/0x310 [ 28.869462] kasan_atomics+0x1dc/0x310 [ 28.869486] ? __pfx_kasan_atomics+0x10/0x10 [ 28.869513] ? __pfx_read_tsc+0x10/0x10 [ 28.869536] ? ktime_get_ts64+0x86/0x230 [ 28.869562] kunit_try_run_case+0x1a5/0x480 [ 28.869588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.869612] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.869636] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.869673] ? __kthread_parkme+0x82/0x180 [ 28.869696] ? preempt_count_sub+0x50/0x80 [ 28.869721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.869748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.869773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.869799] kthread+0x337/0x6f0 [ 28.869821] ? trace_preempt_on+0x20/0xc0 [ 28.869845] ? __pfx_kthread+0x10/0x10 [ 28.869868] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.869894] ? calculate_sigpending+0x7b/0xa0 [ 28.869920] ? __pfx_kthread+0x10/0x10 [ 28.869955] ret_from_fork+0x116/0x1d0 [ 28.869978] ? __pfx_kthread+0x10/0x10 [ 28.870017] ret_from_fork_asm+0x1a/0x30 [ 28.870059] </TASK> [ 28.870071] [ 28.878685] Allocated by task 314: [ 28.878849] kasan_save_stack+0x45/0x70 [ 28.879101] kasan_save_track+0x18/0x40 [ 28.879999] kasan_save_alloc_info+0x3b/0x50 [ 28.880155] __kasan_kmalloc+0xb7/0xc0 [ 28.880287] __kmalloc_cache_noprof+0x189/0x420 [ 28.880442] kasan_atomics+0x95/0x310 [ 28.880576] kunit_try_run_case+0x1a5/0x480 [ 28.880722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.880960] kthread+0x337/0x6f0 [ 28.881135] ret_from_fork+0x116/0x1d0 [ 28.881322] ret_from_fork_asm+0x1a/0x30 [ 28.881529] [ 28.881617] The buggy address belongs to the object at ffff888106266f00 [ 28.881617] which belongs to the cache kmalloc-64 of size 64 [ 28.882764] The buggy address is located 0 bytes to the right of [ 28.882764] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.883277] [ 28.883347] The buggy address belongs to the physical page: [ 28.883525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.883772] flags: 0x200000000000000(node=0|zone=2) [ 28.883936] page_type: f5(slab) [ 28.884171] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.884970] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.885453] page dumped because: kasan: bad access detected [ 28.885714] [ 28.885782] Memory state around the buggy address: [ 28.885939] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.886170] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.886390] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.886651] ^ [ 28.887062] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.887726] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.888106] ================================================================== [ 28.629571] ================================================================== [ 28.630019] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 28.630396] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.630722] [ 28.631018] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.631070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.631106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.631128] Call Trace: [ 28.631145] <TASK> [ 28.631160] dump_stack_lvl+0x73/0xb0 [ 28.631211] print_report+0xd1/0x640 [ 28.631236] ? __virt_addr_valid+0x1db/0x2d0 [ 28.631262] ? kasan_atomics_helper+0x8f9/0x5450 [ 28.631303] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.631333] ? kasan_atomics_helper+0x8f9/0x5450 [ 28.631356] kasan_report+0x141/0x180 [ 28.631381] ? kasan_atomics_helper+0x8f9/0x5450 [ 28.631409] kasan_check_range+0x10c/0x1c0 [ 28.631436] __kasan_check_write+0x18/0x20 [ 28.631462] kasan_atomics_helper+0x8f9/0x5450 [ 28.631487] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.631529] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.631556] ? kasan_atomics+0x152/0x310 [ 28.631584] kasan_atomics+0x1dc/0x310 [ 28.631609] ? __pfx_kasan_atomics+0x10/0x10 [ 28.631636] ? __pfx_read_tsc+0x10/0x10 [ 28.631660] ? ktime_get_ts64+0x86/0x230 [ 28.631700] kunit_try_run_case+0x1a5/0x480 [ 28.631727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.631752] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.631860] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.631908] ? __kthread_parkme+0x82/0x180 [ 28.631954] ? preempt_count_sub+0x50/0x80 [ 28.631994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.632034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.632103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.632142] kthread+0x337/0x6f0 [ 28.632178] ? trace_preempt_on+0x20/0xc0 [ 28.632216] ? __pfx_kthread+0x10/0x10 [ 28.632252] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.632291] ? calculate_sigpending+0x7b/0xa0 [ 28.632330] ? __pfx_kthread+0x10/0x10 [ 28.632367] ret_from_fork+0x116/0x1d0 [ 28.632401] ? __pfx_kthread+0x10/0x10 [ 28.632436] ret_from_fork_asm+0x1a/0x30 [ 28.632497] </TASK> [ 28.632509] [ 28.645172] Allocated by task 314: [ 28.645894] kasan_save_stack+0x45/0x70 [ 28.646431] kasan_save_track+0x18/0x40 [ 28.646895] kasan_save_alloc_info+0x3b/0x50 [ 28.647573] __kasan_kmalloc+0xb7/0xc0 [ 28.648143] __kmalloc_cache_noprof+0x189/0x420 [ 28.648796] kasan_atomics+0x95/0x310 [ 28.649346] kunit_try_run_case+0x1a5/0x480 [ 28.649509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.649686] kthread+0x337/0x6f0 [ 28.650084] ret_from_fork+0x116/0x1d0 [ 28.650582] ret_from_fork_asm+0x1a/0x30 [ 28.651088] [ 28.651527] The buggy address belongs to the object at ffff888106266f00 [ 28.651527] which belongs to the cache kmalloc-64 of size 64 [ 28.652925] The buggy address is located 0 bytes to the right of [ 28.652925] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.654057] [ 28.654139] The buggy address belongs to the physical page: [ 28.654325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.654579] flags: 0x200000000000000(node=0|zone=2) [ 28.654748] page_type: f5(slab) [ 28.655324] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.656497] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.657411] page dumped because: kasan: bad access detected [ 28.658163] [ 28.658462] Memory state around the buggy address: [ 28.659070] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.659683] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.660234] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.660907] ^ [ 28.661426] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.661746] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.662517] ================================================================== [ 28.696412] ================================================================== [ 28.697040] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 28.697467] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.697707] [ 28.697828] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.697879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.697893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.697915] Call Trace: [ 28.697932] <TASK> [ 28.697960] dump_stack_lvl+0x73/0xb0 [ 28.697991] print_report+0xd1/0x640 [ 28.698015] ? __virt_addr_valid+0x1db/0x2d0 [ 28.698040] ? kasan_atomics_helper+0xa2b/0x5450 [ 28.698064] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.698092] ? kasan_atomics_helper+0xa2b/0x5450 [ 28.698116] kasan_report+0x141/0x180 [ 28.698139] ? kasan_atomics_helper+0xa2b/0x5450 [ 28.698167] kasan_check_range+0x10c/0x1c0 [ 28.698193] __kasan_check_write+0x18/0x20 [ 28.698218] kasan_atomics_helper+0xa2b/0x5450 [ 28.698242] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.698267] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.698294] ? kasan_atomics+0x152/0x310 [ 28.698323] kasan_atomics+0x1dc/0x310 [ 28.698347] ? __pfx_kasan_atomics+0x10/0x10 [ 28.698384] ? __pfx_read_tsc+0x10/0x10 [ 28.698408] ? ktime_get_ts64+0x86/0x230 [ 28.698435] kunit_try_run_case+0x1a5/0x480 [ 28.698461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.698487] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.698510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.698539] ? __kthread_parkme+0x82/0x180 [ 28.698561] ? preempt_count_sub+0x50/0x80 [ 28.698586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.698613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.698639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.698665] kthread+0x337/0x6f0 [ 28.698687] ? trace_preempt_on+0x20/0xc0 [ 28.698712] ? __pfx_kthread+0x10/0x10 [ 28.698734] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.698761] ? calculate_sigpending+0x7b/0xa0 [ 28.698925] ? __pfx_kthread+0x10/0x10 [ 28.698971] ret_from_fork+0x116/0x1d0 [ 28.698994] ? __pfx_kthread+0x10/0x10 [ 28.699016] ret_from_fork_asm+0x1a/0x30 [ 28.699050] </TASK> [ 28.699075] [ 28.713712] Allocated by task 314: [ 28.714135] kasan_save_stack+0x45/0x70 [ 28.714555] kasan_save_track+0x18/0x40 [ 28.714965] kasan_save_alloc_info+0x3b/0x50 [ 28.715473] __kasan_kmalloc+0xb7/0xc0 [ 28.715850] __kmalloc_cache_noprof+0x189/0x420 [ 28.716480] kasan_atomics+0x95/0x310 [ 28.716864] kunit_try_run_case+0x1a5/0x480 [ 28.717068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.717633] kthread+0x337/0x6f0 [ 28.717899] ret_from_fork+0x116/0x1d0 [ 28.718298] ret_from_fork_asm+0x1a/0x30 [ 28.718545] [ 28.718614] The buggy address belongs to the object at ffff888106266f00 [ 28.718614] which belongs to the cache kmalloc-64 of size 64 [ 28.719565] The buggy address is located 0 bytes to the right of [ 28.719565] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.720753] [ 28.720925] The buggy address belongs to the physical page: [ 28.721272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.721525] flags: 0x200000000000000(node=0|zone=2) [ 28.721691] page_type: f5(slab) [ 28.721828] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.722145] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.722519] page dumped because: kasan: bad access detected [ 28.722740] [ 28.722806] Memory state around the buggy address: [ 28.723198] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.723509] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.723890] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.724128] ^ [ 28.724371] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.724638] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.725178] ================================================================== [ 29.899567] ================================================================== [ 29.900306] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 29.900546] Read of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.900894] [ 29.901024] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.901072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.901086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.901107] Call Trace: [ 29.901128] <TASK> [ 29.901173] dump_stack_lvl+0x73/0xb0 [ 29.901203] print_report+0xd1/0x640 [ 29.901227] ? __virt_addr_valid+0x1db/0x2d0 [ 29.901265] ? kasan_atomics_helper+0x5115/0x5450 [ 29.901288] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.901343] ? kasan_atomics_helper+0x5115/0x5450 [ 29.901368] kasan_report+0x141/0x180 [ 29.901392] ? kasan_atomics_helper+0x5115/0x5450 [ 29.901431] __asan_report_load8_noabort+0x18/0x20 [ 29.901458] kasan_atomics_helper+0x5115/0x5450 [ 29.901509] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.901534] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.901571] ? kasan_atomics+0x152/0x310 [ 29.901599] kasan_atomics+0x1dc/0x310 [ 29.901624] ? __pfx_kasan_atomics+0x10/0x10 [ 29.901676] ? __pfx_read_tsc+0x10/0x10 [ 29.901700] ? ktime_get_ts64+0x86/0x230 [ 29.901727] kunit_try_run_case+0x1a5/0x480 [ 29.901763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.901788] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.901838] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.901867] ? __kthread_parkme+0x82/0x180 [ 29.901900] ? preempt_count_sub+0x50/0x80 [ 29.901925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.901977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.902003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.902042] kthread+0x337/0x6f0 [ 29.902075] ? trace_preempt_on+0x20/0xc0 [ 29.902100] ? __pfx_kthread+0x10/0x10 [ 29.902134] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.902160] ? calculate_sigpending+0x7b/0xa0 [ 29.902186] ? __pfx_kthread+0x10/0x10 [ 29.902210] ret_from_fork+0x116/0x1d0 [ 29.902231] ? __pfx_kthread+0x10/0x10 [ 29.902254] ret_from_fork_asm+0x1a/0x30 [ 29.902286] </TASK> [ 29.902298] [ 29.910595] Allocated by task 314: [ 29.910774] kasan_save_stack+0x45/0x70 [ 29.910990] kasan_save_track+0x18/0x40 [ 29.911242] kasan_save_alloc_info+0x3b/0x50 [ 29.911473] __kasan_kmalloc+0xb7/0xc0 [ 29.911686] __kmalloc_cache_noprof+0x189/0x420 [ 29.911961] kasan_atomics+0x95/0x310 [ 29.912194] kunit_try_run_case+0x1a5/0x480 [ 29.912432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.912704] kthread+0x337/0x6f0 [ 29.912873] ret_from_fork+0x116/0x1d0 [ 29.913066] ret_from_fork_asm+0x1a/0x30 [ 29.913224] [ 29.913291] The buggy address belongs to the object at ffff888106266f00 [ 29.913291] which belongs to the cache kmalloc-64 of size 64 [ 29.913824] The buggy address is located 0 bytes to the right of [ 29.913824] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.914408] [ 29.914509] The buggy address belongs to the physical page: [ 29.914810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.915215] flags: 0x200000000000000(node=0|zone=2) [ 29.915471] page_type: f5(slab) [ 29.915642] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.915995] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.916387] page dumped because: kasan: bad access detected [ 29.916639] [ 29.916771] Memory state around the buggy address: [ 29.916985] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.917314] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.917643] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.917995] ^ [ 29.918404] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.918718] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.919036] ================================================================== [ 29.322373] ================================================================== [ 29.322593] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 29.322822] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.323057] [ 29.323310] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.323363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.323377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.323398] Call Trace: [ 29.323415] <TASK> [ 29.323431] dump_stack_lvl+0x73/0xb0 [ 29.323462] print_report+0xd1/0x640 [ 29.323485] ? __virt_addr_valid+0x1db/0x2d0 [ 29.323510] ? kasan_atomics_helper+0x16e7/0x5450 [ 29.323533] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.323562] ? kasan_atomics_helper+0x16e7/0x5450 [ 29.323586] kasan_report+0x141/0x180 [ 29.323611] ? kasan_atomics_helper+0x16e7/0x5450 [ 29.323640] kasan_check_range+0x10c/0x1c0 [ 29.323665] __kasan_check_write+0x18/0x20 [ 29.323691] kasan_atomics_helper+0x16e7/0x5450 [ 29.323715] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.323739] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.323766] ? kasan_atomics+0x152/0x310 [ 29.323794] kasan_atomics+0x1dc/0x310 [ 29.323818] ? __pfx_kasan_atomics+0x10/0x10 [ 29.323844] ? __pfx_read_tsc+0x10/0x10 [ 29.323868] ? ktime_get_ts64+0x86/0x230 [ 29.323893] kunit_try_run_case+0x1a5/0x480 [ 29.323920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.323959] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.323983] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.324011] ? __kthread_parkme+0x82/0x180 [ 29.324053] ? preempt_count_sub+0x50/0x80 [ 29.324080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.324106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.324132] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.324158] kthread+0x337/0x6f0 [ 29.324180] ? trace_preempt_on+0x20/0xc0 [ 29.324206] ? __pfx_kthread+0x10/0x10 [ 29.324228] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.324254] ? calculate_sigpending+0x7b/0xa0 [ 29.324280] ? __pfx_kthread+0x10/0x10 [ 29.324304] ret_from_fork+0x116/0x1d0 [ 29.324325] ? __pfx_kthread+0x10/0x10 [ 29.324348] ret_from_fork_asm+0x1a/0x30 [ 29.324380] </TASK> [ 29.324393] [ 29.333580] Allocated by task 314: [ 29.333712] kasan_save_stack+0x45/0x70 [ 29.333857] kasan_save_track+0x18/0x40 [ 29.334006] kasan_save_alloc_info+0x3b/0x50 [ 29.334214] __kasan_kmalloc+0xb7/0xc0 [ 29.334534] __kmalloc_cache_noprof+0x189/0x420 [ 29.334753] kasan_atomics+0x95/0x310 [ 29.334934] kunit_try_run_case+0x1a5/0x480 [ 29.335154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.335611] kthread+0x337/0x6f0 [ 29.335925] ret_from_fork+0x116/0x1d0 [ 29.336157] ret_from_fork_asm+0x1a/0x30 [ 29.336338] [ 29.336424] The buggy address belongs to the object at ffff888106266f00 [ 29.336424] which belongs to the cache kmalloc-64 of size 64 [ 29.336798] The buggy address is located 0 bytes to the right of [ 29.336798] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.337653] [ 29.337750] The buggy address belongs to the physical page: [ 29.338006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.338254] flags: 0x200000000000000(node=0|zone=2) [ 29.338417] page_type: f5(slab) [ 29.338536] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.338773] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.339027] page dumped because: kasan: bad access detected [ 29.339528] [ 29.339616] Memory state around the buggy address: [ 29.339834] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.340550] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.341179] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.341449] ^ [ 29.341652] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.342044] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.342346] ================================================================== [ 28.908312] ================================================================== [ 28.908692] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 28.909097] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.909433] [ 28.909540] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.909588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.909601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.909621] Call Trace: [ 28.909637] <TASK> [ 28.909652] dump_stack_lvl+0x73/0xb0 [ 28.909682] print_report+0xd1/0x640 [ 28.909707] ? __virt_addr_valid+0x1db/0x2d0 [ 28.909731] ? kasan_atomics_helper+0xf10/0x5450 [ 28.909755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.909783] ? kasan_atomics_helper+0xf10/0x5450 [ 28.909816] kasan_report+0x141/0x180 [ 28.909840] ? kasan_atomics_helper+0xf10/0x5450 [ 28.909868] kasan_check_range+0x10c/0x1c0 [ 28.909894] __kasan_check_write+0x18/0x20 [ 28.909919] kasan_atomics_helper+0xf10/0x5450 [ 28.909955] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.909979] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.910006] ? kasan_atomics+0x152/0x310 [ 28.910034] kasan_atomics+0x1dc/0x310 [ 28.910058] ? __pfx_kasan_atomics+0x10/0x10 [ 28.910084] ? __pfx_read_tsc+0x10/0x10 [ 28.910108] ? ktime_get_ts64+0x86/0x230 [ 28.910133] kunit_try_run_case+0x1a5/0x480 [ 28.910159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.910184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.910207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.910235] ? __kthread_parkme+0x82/0x180 [ 28.910258] ? preempt_count_sub+0x50/0x80 [ 28.910283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.910310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.910335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.910363] kthread+0x337/0x6f0 [ 28.910384] ? trace_preempt_on+0x20/0xc0 [ 28.910410] ? __pfx_kthread+0x10/0x10 [ 28.910433] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.910459] ? calculate_sigpending+0x7b/0xa0 [ 28.910484] ? __pfx_kthread+0x10/0x10 [ 28.910507] ret_from_fork+0x116/0x1d0 [ 28.910528] ? __pfx_kthread+0x10/0x10 [ 28.910551] ret_from_fork_asm+0x1a/0x30 [ 28.910583] </TASK> [ 28.910595] [ 28.926410] Allocated by task 314: [ 28.926546] kasan_save_stack+0x45/0x70 [ 28.926696] kasan_save_track+0x18/0x40 [ 28.926846] kasan_save_alloc_info+0x3b/0x50 [ 28.927014] __kasan_kmalloc+0xb7/0xc0 [ 28.927149] __kmalloc_cache_noprof+0x189/0x420 [ 28.927306] kasan_atomics+0x95/0x310 [ 28.927439] kunit_try_run_case+0x1a5/0x480 [ 28.927586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.927762] kthread+0x337/0x6f0 [ 28.927881] ret_from_fork+0x116/0x1d0 [ 28.929010] ret_from_fork_asm+0x1a/0x30 [ 28.929652] [ 28.930085] The buggy address belongs to the object at ffff888106266f00 [ 28.930085] which belongs to the cache kmalloc-64 of size 64 [ 28.931746] The buggy address is located 0 bytes to the right of [ 28.931746] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.933592] [ 28.933939] The buggy address belongs to the physical page: [ 28.934790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.935744] flags: 0x200000000000000(node=0|zone=2) [ 28.936066] page_type: f5(slab) [ 28.936244] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.936602] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.937138] page dumped because: kasan: bad access detected [ 28.937415] [ 28.937544] Memory state around the buggy address: [ 28.937776] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.938373] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.938715] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.939323] ^ [ 28.939504] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.939985] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.940297] ================================================================== [ 29.458259] ================================================================== [ 29.458482] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 29.458825] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.459447] [ 29.459626] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.459674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.459688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.459709] Call Trace: [ 29.459724] <TASK> [ 29.459739] dump_stack_lvl+0x73/0xb0 [ 29.459811] print_report+0xd1/0x640 [ 29.459837] ? __virt_addr_valid+0x1db/0x2d0 [ 29.459874] ? kasan_atomics_helper+0x1a7f/0x5450 [ 29.459898] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.459926] ? kasan_atomics_helper+0x1a7f/0x5450 [ 29.459961] kasan_report+0x141/0x180 [ 29.459986] ? kasan_atomics_helper+0x1a7f/0x5450 [ 29.460024] kasan_check_range+0x10c/0x1c0 [ 29.460050] __kasan_check_write+0x18/0x20 [ 29.460075] kasan_atomics_helper+0x1a7f/0x5450 [ 29.460126] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.460150] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.460177] ? kasan_atomics+0x152/0x310 [ 29.460205] kasan_atomics+0x1dc/0x310 [ 29.460229] ? __pfx_kasan_atomics+0x10/0x10 [ 29.460255] ? __pfx_read_tsc+0x10/0x10 [ 29.460279] ? ktime_get_ts64+0x86/0x230 [ 29.460304] kunit_try_run_case+0x1a5/0x480 [ 29.460330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.460355] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.460378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.460406] ? __kthread_parkme+0x82/0x180 [ 29.460427] ? preempt_count_sub+0x50/0x80 [ 29.460453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.460479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.460504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.460531] kthread+0x337/0x6f0 [ 29.460552] ? trace_preempt_on+0x20/0xc0 [ 29.460576] ? __pfx_kthread+0x10/0x10 [ 29.460599] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.460625] ? calculate_sigpending+0x7b/0xa0 [ 29.460651] ? __pfx_kthread+0x10/0x10 [ 29.460675] ret_from_fork+0x116/0x1d0 [ 29.460696] ? __pfx_kthread+0x10/0x10 [ 29.460719] ret_from_fork_asm+0x1a/0x30 [ 29.460751] </TASK> [ 29.460764] [ 29.471279] Allocated by task 314: [ 29.471505] kasan_save_stack+0x45/0x70 [ 29.471731] kasan_save_track+0x18/0x40 [ 29.472356] kasan_save_alloc_info+0x3b/0x50 [ 29.473010] __kasan_kmalloc+0xb7/0xc0 [ 29.473318] __kmalloc_cache_noprof+0x189/0x420 [ 29.473794] kasan_atomics+0x95/0x310 [ 29.474010] kunit_try_run_case+0x1a5/0x480 [ 29.474453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.474669] kthread+0x337/0x6f0 [ 29.475019] ret_from_fork+0x116/0x1d0 [ 29.475174] ret_from_fork_asm+0x1a/0x30 [ 29.475388] [ 29.475542] The buggy address belongs to the object at ffff888106266f00 [ 29.475542] which belongs to the cache kmalloc-64 of size 64 [ 29.476415] The buggy address is located 0 bytes to the right of [ 29.476415] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.477064] [ 29.477178] The buggy address belongs to the physical page: [ 29.477621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.478161] flags: 0x200000000000000(node=0|zone=2) [ 29.478403] page_type: f5(slab) [ 29.478707] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.479209] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.479540] page dumped because: kasan: bad access detected [ 29.479909] [ 29.480033] Memory state around the buggy address: [ 29.480456] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.480920] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.481254] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.481731] ^ [ 29.482100] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.482587] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.482914] ================================================================== [ 28.401968] ================================================================== [ 28.402591] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 28.403013] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.403346] [ 28.403431] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.403970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.403986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.404009] Call Trace: [ 28.404028] <TASK> [ 28.404044] dump_stack_lvl+0x73/0xb0 [ 28.404089] print_report+0xd1/0x640 [ 28.404114] ? __virt_addr_valid+0x1db/0x2d0 [ 28.404140] ? kasan_atomics_helper+0x4b6e/0x5450 [ 28.404163] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.404191] ? kasan_atomics_helper+0x4b6e/0x5450 [ 28.404215] kasan_report+0x141/0x180 [ 28.404240] ? kasan_atomics_helper+0x4b6e/0x5450 [ 28.404268] __asan_report_store4_noabort+0x1b/0x30 [ 28.404295] kasan_atomics_helper+0x4b6e/0x5450 [ 28.404319] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.404343] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.404371] ? kasan_atomics+0x152/0x310 [ 28.404399] kasan_atomics+0x1dc/0x310 [ 28.404423] ? __pfx_kasan_atomics+0x10/0x10 [ 28.404449] ? __pfx_read_tsc+0x10/0x10 [ 28.404472] ? ktime_get_ts64+0x86/0x230 [ 28.404498] kunit_try_run_case+0x1a5/0x480 [ 28.404525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.404550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.404574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.404602] ? __kthread_parkme+0x82/0x180 [ 28.404624] ? preempt_count_sub+0x50/0x80 [ 28.404649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.404675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.404700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.404726] kthread+0x337/0x6f0 [ 28.404748] ? trace_preempt_on+0x20/0xc0 [ 28.404772] ? __pfx_kthread+0x10/0x10 [ 28.404865] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.404894] ? calculate_sigpending+0x7b/0xa0 [ 28.404921] ? __pfx_kthread+0x10/0x10 [ 28.404956] ret_from_fork+0x116/0x1d0 [ 28.404978] ? __pfx_kthread+0x10/0x10 [ 28.405001] ret_from_fork_asm+0x1a/0x30 [ 28.405034] </TASK> [ 28.405047] [ 28.417233] Allocated by task 314: [ 28.417568] kasan_save_stack+0x45/0x70 [ 28.417782] kasan_save_track+0x18/0x40 [ 28.418042] kasan_save_alloc_info+0x3b/0x50 [ 28.418487] __kasan_kmalloc+0xb7/0xc0 [ 28.418659] __kmalloc_cache_noprof+0x189/0x420 [ 28.419267] kasan_atomics+0x95/0x310 [ 28.419428] kunit_try_run_case+0x1a5/0x480 [ 28.419583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.419763] kthread+0x337/0x6f0 [ 28.419894] ret_from_fork+0x116/0x1d0 [ 28.420266] ret_from_fork_asm+0x1a/0x30 [ 28.420741] [ 28.421216] The buggy address belongs to the object at ffff888106266f00 [ 28.421216] which belongs to the cache kmalloc-64 of size 64 [ 28.421810] The buggy address is located 0 bytes to the right of [ 28.421810] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.422834] [ 28.423155] The buggy address belongs to the physical page: [ 28.423717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.424337] flags: 0x200000000000000(node=0|zone=2) [ 28.424512] page_type: f5(slab) [ 28.424635] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.424886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.425361] page dumped because: kasan: bad access detected [ 28.425579] [ 28.425647] Memory state around the buggy address: [ 28.425873] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.426297] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.426610] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.426894] ^ [ 28.427138] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.427554] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.427956] ================================================================== [ 28.334993] ================================================================== [ 28.335894] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 28.336853] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.337662] [ 28.337940] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.338003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.338016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.338037] Call Trace: [ 28.338049] <TASK> [ 28.338064] dump_stack_lvl+0x73/0xb0 [ 28.338104] print_report+0xd1/0x640 [ 28.338219] ? __virt_addr_valid+0x1db/0x2d0 [ 28.338249] ? kasan_atomics_helper+0x4ba2/0x5450 [ 28.338270] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.338297] ? kasan_atomics_helper+0x4ba2/0x5450 [ 28.338321] kasan_report+0x141/0x180 [ 28.338344] ? kasan_atomics_helper+0x4ba2/0x5450 [ 28.338371] __asan_report_store4_noabort+0x1b/0x30 [ 28.338397] kasan_atomics_helper+0x4ba2/0x5450 [ 28.338421] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.338444] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.338471] ? kasan_atomics+0x152/0x310 [ 28.338499] kasan_atomics+0x1dc/0x310 [ 28.338523] ? __pfx_kasan_atomics+0x10/0x10 [ 28.338548] ? __pfx_read_tsc+0x10/0x10 [ 28.338571] ? ktime_get_ts64+0x86/0x230 [ 28.338595] kunit_try_run_case+0x1a5/0x480 [ 28.338620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.338644] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.338667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.338694] ? __kthread_parkme+0x82/0x180 [ 28.338715] ? preempt_count_sub+0x50/0x80 [ 28.338740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.338765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.338812] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.338838] kthread+0x337/0x6f0 [ 28.338860] ? trace_preempt_on+0x20/0xc0 [ 28.338884] ? __pfx_kthread+0x10/0x10 [ 28.338907] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.338932] ? calculate_sigpending+0x7b/0xa0 [ 28.338966] ? __pfx_kthread+0x10/0x10 [ 28.338988] ret_from_fork+0x116/0x1d0 [ 28.339008] ? __pfx_kthread+0x10/0x10 [ 28.339030] ret_from_fork_asm+0x1a/0x30 [ 28.339063] </TASK> [ 28.339074] [ 28.355004] Allocated by task 314: [ 28.355578] kasan_save_stack+0x45/0x70 [ 28.356005] kasan_save_track+0x18/0x40 [ 28.356528] kasan_save_alloc_info+0x3b/0x50 [ 28.357096] __kasan_kmalloc+0xb7/0xc0 [ 28.357478] __kmalloc_cache_noprof+0x189/0x420 [ 28.357780] kasan_atomics+0x95/0x310 [ 28.358328] kunit_try_run_case+0x1a5/0x480 [ 28.358549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.359320] kthread+0x337/0x6f0 [ 28.359459] ret_from_fork+0x116/0x1d0 [ 28.359595] ret_from_fork_asm+0x1a/0x30 [ 28.359734] [ 28.359879] The buggy address belongs to the object at ffff888106266f00 [ 28.359879] which belongs to the cache kmalloc-64 of size 64 [ 28.361566] The buggy address is located 0 bytes to the right of [ 28.361566] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.362921] [ 28.363308] The buggy address belongs to the physical page: [ 28.363504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.363764] flags: 0x200000000000000(node=0|zone=2) [ 28.364548] page_type: f5(slab) [ 28.365011] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.365864] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.366541] page dumped because: kasan: bad access detected [ 28.366731] [ 28.366930] Memory state around the buggy address: [ 28.367643] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.368453] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.369016] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.369744] ^ [ 28.370166] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.370718] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.371580] ================================================================== [ 29.116173] ================================================================== [ 29.116514] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 29.116895] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.117280] [ 29.117390] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.117438] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.117451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.117472] Call Trace: [ 29.117486] <TASK> [ 29.117501] dump_stack_lvl+0x73/0xb0 [ 29.117531] print_report+0xd1/0x640 [ 29.117577] ? __virt_addr_valid+0x1db/0x2d0 [ 29.117604] ? kasan_atomics_helper+0x12e6/0x5450 [ 29.117627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.117656] ? kasan_atomics_helper+0x12e6/0x5450 [ 29.117679] kasan_report+0x141/0x180 [ 29.117703] ? kasan_atomics_helper+0x12e6/0x5450 [ 29.117731] kasan_check_range+0x10c/0x1c0 [ 29.117979] __kasan_check_write+0x18/0x20 [ 29.118012] kasan_atomics_helper+0x12e6/0x5450 [ 29.118038] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.118084] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.118112] ? kasan_atomics+0x152/0x310 [ 29.118140] kasan_atomics+0x1dc/0x310 [ 29.118166] ? __pfx_kasan_atomics+0x10/0x10 [ 29.118191] ? __pfx_read_tsc+0x10/0x10 [ 29.118215] ? ktime_get_ts64+0x86/0x230 [ 29.118240] kunit_try_run_case+0x1a5/0x480 [ 29.118267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.118291] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.118314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.118342] ? __kthread_parkme+0x82/0x180 [ 29.118364] ? preempt_count_sub+0x50/0x80 [ 29.118389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.118416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.118442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.118468] kthread+0x337/0x6f0 [ 29.118490] ? trace_preempt_on+0x20/0xc0 [ 29.118533] ? __pfx_kthread+0x10/0x10 [ 29.118556] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.118582] ? calculate_sigpending+0x7b/0xa0 [ 29.118608] ? __pfx_kthread+0x10/0x10 [ 29.118631] ret_from_fork+0x116/0x1d0 [ 29.118653] ? __pfx_kthread+0x10/0x10 [ 29.118676] ret_from_fork_asm+0x1a/0x30 [ 29.118708] </TASK> [ 29.118721] [ 29.127232] Allocated by task 314: [ 29.127397] kasan_save_stack+0x45/0x70 [ 29.127545] kasan_save_track+0x18/0x40 [ 29.127681] kasan_save_alloc_info+0x3b/0x50 [ 29.127894] __kasan_kmalloc+0xb7/0xc0 [ 29.128249] __kmalloc_cache_noprof+0x189/0x420 [ 29.128505] kasan_atomics+0x95/0x310 [ 29.128663] kunit_try_run_case+0x1a5/0x480 [ 29.128951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.129164] kthread+0x337/0x6f0 [ 29.129290] ret_from_fork+0x116/0x1d0 [ 29.129425] ret_from_fork_asm+0x1a/0x30 [ 29.129566] [ 29.129662] The buggy address belongs to the object at ffff888106266f00 [ 29.129662] which belongs to the cache kmalloc-64 of size 64 [ 29.130500] The buggy address is located 0 bytes to the right of [ 29.130500] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.131212] [ 29.131319] The buggy address belongs to the physical page: [ 29.131580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.132137] flags: 0x200000000000000(node=0|zone=2) [ 29.132340] page_type: f5(slab) [ 29.132497] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.132977] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.133291] page dumped because: kasan: bad access detected [ 29.133530] [ 29.133623] Memory state around the buggy address: [ 29.134012] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.134352] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.134629] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.135098] ^ [ 29.135293] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.135630] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.135972] ================================================================== [ 28.751463] ================================================================== [ 28.751703] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 28.752856] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.754070] [ 28.754412] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.754470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.754484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.754505] Call Trace: [ 28.754522] <TASK> [ 28.754539] dump_stack_lvl+0x73/0xb0 [ 28.754570] print_report+0xd1/0x640 [ 28.754595] ? __virt_addr_valid+0x1db/0x2d0 [ 28.754621] ? kasan_atomics_helper+0xb6a/0x5450 [ 28.754644] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.754672] ? kasan_atomics_helper+0xb6a/0x5450 [ 28.754696] kasan_report+0x141/0x180 [ 28.754719] ? kasan_atomics_helper+0xb6a/0x5450 [ 28.754747] kasan_check_range+0x10c/0x1c0 [ 28.754772] __kasan_check_write+0x18/0x20 [ 28.754927] kasan_atomics_helper+0xb6a/0x5450 [ 28.754980] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.755005] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.755033] ? kasan_atomics+0x152/0x310 [ 28.755094] kasan_atomics+0x1dc/0x310 [ 28.755119] ? __pfx_kasan_atomics+0x10/0x10 [ 28.755145] ? __pfx_read_tsc+0x10/0x10 [ 28.755170] ? ktime_get_ts64+0x86/0x230 [ 28.755196] kunit_try_run_case+0x1a5/0x480 [ 28.755223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.755248] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.755271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.755300] ? __kthread_parkme+0x82/0x180 [ 28.755322] ? preempt_count_sub+0x50/0x80 [ 28.755346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.755372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.755398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.755424] kthread+0x337/0x6f0 [ 28.755446] ? trace_preempt_on+0x20/0xc0 [ 28.755472] ? __pfx_kthread+0x10/0x10 [ 28.755494] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.755521] ? calculate_sigpending+0x7b/0xa0 [ 28.755546] ? __pfx_kthread+0x10/0x10 [ 28.755570] ret_from_fork+0x116/0x1d0 [ 28.755591] ? __pfx_kthread+0x10/0x10 [ 28.755614] ret_from_fork_asm+0x1a/0x30 [ 28.755647] </TASK> [ 28.755660] [ 28.773528] Allocated by task 314: [ 28.773673] kasan_save_stack+0x45/0x70 [ 28.774141] kasan_save_track+0x18/0x40 [ 28.774717] kasan_save_alloc_info+0x3b/0x50 [ 28.775459] __kasan_kmalloc+0xb7/0xc0 [ 28.775906] __kmalloc_cache_noprof+0x189/0x420 [ 28.776545] kasan_atomics+0x95/0x310 [ 28.776706] kunit_try_run_case+0x1a5/0x480 [ 28.777242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.777935] kthread+0x337/0x6f0 [ 28.778489] ret_from_fork+0x116/0x1d0 [ 28.779019] ret_from_fork_asm+0x1a/0x30 [ 28.779219] [ 28.779292] The buggy address belongs to the object at ffff888106266f00 [ 28.779292] which belongs to the cache kmalloc-64 of size 64 [ 28.779659] The buggy address is located 0 bytes to the right of [ 28.779659] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.781339] [ 28.781559] The buggy address belongs to the physical page: [ 28.782292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.783411] flags: 0x200000000000000(node=0|zone=2) [ 28.784100] page_type: f5(slab) [ 28.784277] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.784517] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.784751] page dumped because: kasan: bad access detected [ 28.785729] [ 28.785919] Memory state around the buggy address: [ 28.786635] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.787496] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.788180] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.788999] ^ [ 28.789413] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.789647] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.790298] ================================================================== [ 28.531517] ================================================================== [ 28.531897] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 28.532279] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.532589] [ 28.532680] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.532727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.532741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.532763] Call Trace: [ 28.532779] <TASK> [ 28.532935] dump_stack_lvl+0x73/0xb0 [ 28.532983] print_report+0xd1/0x640 [ 28.533009] ? __virt_addr_valid+0x1db/0x2d0 [ 28.533035] ? kasan_atomics_helper+0x5fe/0x5450 [ 28.533068] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.533097] ? kasan_atomics_helper+0x5fe/0x5450 [ 28.533121] kasan_report+0x141/0x180 [ 28.533149] ? kasan_atomics_helper+0x5fe/0x5450 [ 28.533177] kasan_check_range+0x10c/0x1c0 [ 28.533203] __kasan_check_write+0x18/0x20 [ 28.533228] kasan_atomics_helper+0x5fe/0x5450 [ 28.533253] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.533276] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.533302] ? kasan_atomics+0x152/0x310 [ 28.533330] kasan_atomics+0x1dc/0x310 [ 28.533354] ? __pfx_kasan_atomics+0x10/0x10 [ 28.533379] ? __pfx_read_tsc+0x10/0x10 [ 28.533404] ? ktime_get_ts64+0x86/0x230 [ 28.533429] kunit_try_run_case+0x1a5/0x480 [ 28.533455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.533480] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.533503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.533531] ? __kthread_parkme+0x82/0x180 [ 28.533553] ? preempt_count_sub+0x50/0x80 [ 28.533578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.533604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.533630] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.533656] kthread+0x337/0x6f0 [ 28.533677] ? trace_preempt_on+0x20/0xc0 [ 28.533702] ? __pfx_kthread+0x10/0x10 [ 28.533724] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.533750] ? calculate_sigpending+0x7b/0xa0 [ 28.533775] ? __pfx_kthread+0x10/0x10 [ 28.533852] ret_from_fork+0x116/0x1d0 [ 28.533873] ? __pfx_kthread+0x10/0x10 [ 28.533897] ret_from_fork_asm+0x1a/0x30 [ 28.533929] </TASK> [ 28.533942] [ 28.542372] Allocated by task 314: [ 28.542504] kasan_save_stack+0x45/0x70 [ 28.542650] kasan_save_track+0x18/0x40 [ 28.542927] kasan_save_alloc_info+0x3b/0x50 [ 28.543310] __kasan_kmalloc+0xb7/0xc0 [ 28.543513] __kmalloc_cache_noprof+0x189/0x420 [ 28.543691] kasan_atomics+0x95/0x310 [ 28.543824] kunit_try_run_case+0x1a5/0x480 [ 28.543984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.544165] kthread+0x337/0x6f0 [ 28.544286] ret_from_fork+0x116/0x1d0 [ 28.544418] ret_from_fork_asm+0x1a/0x30 [ 28.544558] [ 28.544625] The buggy address belongs to the object at ffff888106266f00 [ 28.544625] which belongs to the cache kmalloc-64 of size 64 [ 28.545231] The buggy address is located 0 bytes to the right of [ 28.545231] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.545868] [ 28.545982] The buggy address belongs to the physical page: [ 28.546483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.546940] flags: 0x200000000000000(node=0|zone=2) [ 28.547191] page_type: f5(slab) [ 28.547505] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.548253] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.548508] page dumped because: kasan: bad access detected [ 28.548684] [ 28.548752] Memory state around the buggy address: [ 28.549357] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.549710] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.550261] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.550519] ^ [ 28.550680] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.550981] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.551370] ================================================================== [ 29.361652] ================================================================== [ 29.361876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 29.362394] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.362741] [ 29.362850] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.362898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.362912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.362933] Call Trace: [ 29.362958] <TASK> [ 29.362973] dump_stack_lvl+0x73/0xb0 [ 29.363002] print_report+0xd1/0x640 [ 29.363027] ? __virt_addr_valid+0x1db/0x2d0 [ 29.363052] ? kasan_atomics_helper+0x1818/0x5450 [ 29.363170] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.363198] ? kasan_atomics_helper+0x1818/0x5450 [ 29.363221] kasan_report+0x141/0x180 [ 29.363246] ? kasan_atomics_helper+0x1818/0x5450 [ 29.363275] kasan_check_range+0x10c/0x1c0 [ 29.363301] __kasan_check_write+0x18/0x20 [ 29.363326] kasan_atomics_helper+0x1818/0x5450 [ 29.363351] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.363374] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.363400] ? kasan_atomics+0x152/0x310 [ 29.363428] kasan_atomics+0x1dc/0x310 [ 29.363453] ? __pfx_kasan_atomics+0x10/0x10 [ 29.363478] ? __pfx_read_tsc+0x10/0x10 [ 29.363502] ? ktime_get_ts64+0x86/0x230 [ 29.363528] kunit_try_run_case+0x1a5/0x480 [ 29.363553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.363577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.363601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.363630] ? __kthread_parkme+0x82/0x180 [ 29.363652] ? preempt_count_sub+0x50/0x80 [ 29.363677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.363702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.363728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.363754] kthread+0x337/0x6f0 [ 29.363776] ? trace_preempt_on+0x20/0xc0 [ 29.363957] ? __pfx_kthread+0x10/0x10 [ 29.363985] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.364012] ? calculate_sigpending+0x7b/0xa0 [ 29.364038] ? __pfx_kthread+0x10/0x10 [ 29.364061] ret_from_fork+0x116/0x1d0 [ 29.364083] ? __pfx_kthread+0x10/0x10 [ 29.364106] ret_from_fork_asm+0x1a/0x30 [ 29.364138] </TASK> [ 29.364151] [ 29.373955] Allocated by task 314: [ 29.374606] kasan_save_stack+0x45/0x70 [ 29.374828] kasan_save_track+0x18/0x40 [ 29.374978] kasan_save_alloc_info+0x3b/0x50 [ 29.375699] __kasan_kmalloc+0xb7/0xc0 [ 29.376013] __kmalloc_cache_noprof+0x189/0x420 [ 29.376463] kasan_atomics+0x95/0x310 [ 29.376643] kunit_try_run_case+0x1a5/0x480 [ 29.377021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.377257] kthread+0x337/0x6f0 [ 29.377404] ret_from_fork+0x116/0x1d0 [ 29.377571] ret_from_fork_asm+0x1a/0x30 [ 29.377755] [ 29.378331] The buggy address belongs to the object at ffff888106266f00 [ 29.378331] which belongs to the cache kmalloc-64 of size 64 [ 29.378777] The buggy address is located 0 bytes to the right of [ 29.378777] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.379398] [ 29.379485] The buggy address belongs to the physical page: [ 29.379704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.380542] flags: 0x200000000000000(node=0|zone=2) [ 29.380781] page_type: f5(slab) [ 29.381391] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.381767] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.382219] page dumped because: kasan: bad access detected [ 29.382408] [ 29.382478] Memory state around the buggy address: [ 29.382640] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.382866] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.383696] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.384394] ^ [ 29.384570] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.384805] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.385037] ================================================================== [ 28.428554] ================================================================== [ 28.428985] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 28.429296] Read of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.429613] [ 28.429719] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.429767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.429780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.429802] Call Trace: [ 28.429818] <TASK> [ 28.429833] dump_stack_lvl+0x73/0xb0 [ 28.429862] print_report+0xd1/0x640 [ 28.429886] ? __virt_addr_valid+0x1db/0x2d0 [ 28.429911] ? kasan_atomics_helper+0x3df/0x5450 [ 28.429934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.430055] ? kasan_atomics_helper+0x3df/0x5450 [ 28.430082] kasan_report+0x141/0x180 [ 28.430107] ? kasan_atomics_helper+0x3df/0x5450 [ 28.430135] kasan_check_range+0x10c/0x1c0 [ 28.430159] __kasan_check_read+0x15/0x20 [ 28.430184] kasan_atomics_helper+0x3df/0x5450 [ 28.430209] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.430232] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.430260] ? kasan_atomics+0x152/0x310 [ 28.430302] kasan_atomics+0x1dc/0x310 [ 28.430328] ? __pfx_kasan_atomics+0x10/0x10 [ 28.430354] ? __pfx_read_tsc+0x10/0x10 [ 28.430379] ? ktime_get_ts64+0x86/0x230 [ 28.430405] kunit_try_run_case+0x1a5/0x480 [ 28.430430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.430455] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.430480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.430508] ? __kthread_parkme+0x82/0x180 [ 28.430530] ? preempt_count_sub+0x50/0x80 [ 28.430554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.430580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.430606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.430632] kthread+0x337/0x6f0 [ 28.430654] ? trace_preempt_on+0x20/0xc0 [ 28.430678] ? __pfx_kthread+0x10/0x10 [ 28.430701] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.430727] ? calculate_sigpending+0x7b/0xa0 [ 28.430752] ? __pfx_kthread+0x10/0x10 [ 28.430776] ret_from_fork+0x116/0x1d0 [ 28.430921] ? __pfx_kthread+0x10/0x10 [ 28.430960] ret_from_fork_asm+0x1a/0x30 [ 28.430994] </TASK> [ 28.431005] [ 28.438874] Allocated by task 314: [ 28.439199] kasan_save_stack+0x45/0x70 [ 28.439427] kasan_save_track+0x18/0x40 [ 28.439621] kasan_save_alloc_info+0x3b/0x50 [ 28.439926] __kasan_kmalloc+0xb7/0xc0 [ 28.440190] __kmalloc_cache_noprof+0x189/0x420 [ 28.440369] kasan_atomics+0x95/0x310 [ 28.440543] kunit_try_run_case+0x1a5/0x480 [ 28.440689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.441133] kthread+0x337/0x6f0 [ 28.441312] ret_from_fork+0x116/0x1d0 [ 28.441568] ret_from_fork_asm+0x1a/0x30 [ 28.441746] [ 28.441837] The buggy address belongs to the object at ffff888106266f00 [ 28.441837] which belongs to the cache kmalloc-64 of size 64 [ 28.442340] The buggy address is located 0 bytes to the right of [ 28.442340] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.443052] [ 28.443165] The buggy address belongs to the physical page: [ 28.443375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.443708] flags: 0x200000000000000(node=0|zone=2) [ 28.443875] page_type: f5(slab) [ 28.444009] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.444248] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.444485] page dumped because: kasan: bad access detected [ 28.444922] [ 28.445023] Memory state around the buggy address: [ 28.445323] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.445722] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.446242] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.446510] ^ [ 28.446667] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.447157] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.447477] ================================================================== [ 28.570426] ================================================================== [ 28.570884] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 28.571403] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.571650] [ 28.571730] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.571777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.571840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.571864] Call Trace: [ 28.571879] <TASK> [ 28.571895] dump_stack_lvl+0x73/0xb0 [ 28.571924] print_report+0xd1/0x640 [ 28.571962] ? __virt_addr_valid+0x1db/0x2d0 [ 28.571988] ? kasan_atomics_helper+0x72f/0x5450 [ 28.572011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.572039] ? kasan_atomics_helper+0x72f/0x5450 [ 28.572074] kasan_report+0x141/0x180 [ 28.572099] ? kasan_atomics_helper+0x72f/0x5450 [ 28.572127] kasan_check_range+0x10c/0x1c0 [ 28.572152] __kasan_check_write+0x18/0x20 [ 28.572178] kasan_atomics_helper+0x72f/0x5450 [ 28.572202] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.572227] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.572253] ? kasan_atomics+0x152/0x310 [ 28.572280] kasan_atomics+0x1dc/0x310 [ 28.572305] ? __pfx_kasan_atomics+0x10/0x10 [ 28.572331] ? __pfx_read_tsc+0x10/0x10 [ 28.572354] ? ktime_get_ts64+0x86/0x230 [ 28.572379] kunit_try_run_case+0x1a5/0x480 [ 28.572406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.572431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.572455] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.572482] ? __kthread_parkme+0x82/0x180 [ 28.572504] ? preempt_count_sub+0x50/0x80 [ 28.572529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.572555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.572582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.572608] kthread+0x337/0x6f0 [ 28.572630] ? trace_preempt_on+0x20/0xc0 [ 28.572654] ? __pfx_kthread+0x10/0x10 [ 28.572677] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.572703] ? calculate_sigpending+0x7b/0xa0 [ 28.572728] ? __pfx_kthread+0x10/0x10 [ 28.572751] ret_from_fork+0x116/0x1d0 [ 28.572772] ? __pfx_kthread+0x10/0x10 [ 28.572847] ret_from_fork_asm+0x1a/0x30 [ 28.572881] </TASK> [ 28.572893] [ 28.581570] Allocated by task 314: [ 28.581716] kasan_save_stack+0x45/0x70 [ 28.582050] kasan_save_track+0x18/0x40 [ 28.582229] kasan_save_alloc_info+0x3b/0x50 [ 28.582387] __kasan_kmalloc+0xb7/0xc0 [ 28.582520] __kmalloc_cache_noprof+0x189/0x420 [ 28.582692] kasan_atomics+0x95/0x310 [ 28.582999] kunit_try_run_case+0x1a5/0x480 [ 28.583401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.583599] kthread+0x337/0x6f0 [ 28.583719] ret_from_fork+0x116/0x1d0 [ 28.583856] ret_from_fork_asm+0x1a/0x30 [ 28.584069] [ 28.584289] The buggy address belongs to the object at ffff888106266f00 [ 28.584289] which belongs to the cache kmalloc-64 of size 64 [ 28.584830] The buggy address is located 0 bytes to the right of [ 28.584830] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.585373] [ 28.585475] The buggy address belongs to the physical page: [ 28.585712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.585974] flags: 0x200000000000000(node=0|zone=2) [ 28.586141] page_type: f5(slab) [ 28.586263] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.586499] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.586731] page dumped because: kasan: bad access detected [ 28.586906] [ 28.586996] Memory state around the buggy address: [ 28.587222] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.587567] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.587892] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.588427] ^ [ 28.588654] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.589131] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.589461] ================================================================== [ 28.987578] ================================================================== [ 28.987918] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 28.988571] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.989108] [ 28.989268] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.989319] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.989333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.989355] Call Trace: [ 28.989407] <TASK> [ 28.989423] dump_stack_lvl+0x73/0xb0 [ 28.989452] print_report+0xd1/0x640 [ 28.989476] ? __virt_addr_valid+0x1db/0x2d0 [ 28.989501] ? kasan_atomics_helper+0x1079/0x5450 [ 28.989556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.989585] ? kasan_atomics_helper+0x1079/0x5450 [ 28.989609] kasan_report+0x141/0x180 [ 28.989633] ? kasan_atomics_helper+0x1079/0x5450 [ 28.989686] kasan_check_range+0x10c/0x1c0 [ 28.989712] __kasan_check_write+0x18/0x20 [ 28.989738] kasan_atomics_helper+0x1079/0x5450 [ 28.989763] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.989841] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.989906] ? kasan_atomics+0x152/0x310 [ 28.989935] kasan_atomics+0x1dc/0x310 [ 28.989972] ? __pfx_kasan_atomics+0x10/0x10 [ 28.989998] ? __pfx_read_tsc+0x10/0x10 [ 28.990068] ? ktime_get_ts64+0x86/0x230 [ 28.990095] kunit_try_run_case+0x1a5/0x480 [ 28.990122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.990146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.990170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.990233] ? __kthread_parkme+0x82/0x180 [ 28.990256] ? preempt_count_sub+0x50/0x80 [ 28.990282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.990309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.990335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.990362] kthread+0x337/0x6f0 [ 28.990383] ? trace_preempt_on+0x20/0xc0 [ 28.990409] ? __pfx_kthread+0x10/0x10 [ 28.990431] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.990458] ? calculate_sigpending+0x7b/0xa0 [ 28.990484] ? __pfx_kthread+0x10/0x10 [ 28.990507] ret_from_fork+0x116/0x1d0 [ 28.990528] ? __pfx_kthread+0x10/0x10 [ 28.990551] ret_from_fork_asm+0x1a/0x30 [ 28.990584] </TASK> [ 28.990597] [ 29.001036] Allocated by task 314: [ 29.001237] kasan_save_stack+0x45/0x70 [ 29.001440] kasan_save_track+0x18/0x40 [ 29.001663] kasan_save_alloc_info+0x3b/0x50 [ 29.002013] __kasan_kmalloc+0xb7/0xc0 [ 29.002241] __kmalloc_cache_noprof+0x189/0x420 [ 29.002449] kasan_atomics+0x95/0x310 [ 29.002613] kunit_try_run_case+0x1a5/0x480 [ 29.003029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.003341] kthread+0x337/0x6f0 [ 29.003532] ret_from_fork+0x116/0x1d0 [ 29.003763] ret_from_fork_asm+0x1a/0x30 [ 29.004098] [ 29.004176] The buggy address belongs to the object at ffff888106266f00 [ 29.004176] which belongs to the cache kmalloc-64 of size 64 [ 29.004678] The buggy address is located 0 bytes to the right of [ 29.004678] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.005211] [ 29.005282] The buggy address belongs to the physical page: [ 29.005460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.006191] flags: 0x200000000000000(node=0|zone=2) [ 29.006433] page_type: f5(slab) [ 29.006638] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.007340] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.007601] page dumped because: kasan: bad access detected [ 29.007778] [ 29.007845] Memory state around the buggy address: [ 29.008084] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.008510] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.009455] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.009856] ^ [ 29.010219] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.010557] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.011034] ================================================================== [ 28.298506] ================================================================== [ 28.299301] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 28.299865] Read of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.300678] [ 28.300983] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.301038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.301077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.301099] Call Trace: [ 28.301112] <TASK> [ 28.301136] dump_stack_lvl+0x73/0xb0 [ 28.301170] print_report+0xd1/0x640 [ 28.301197] ? __virt_addr_valid+0x1db/0x2d0 [ 28.301328] ? kasan_atomics_helper+0x4bbc/0x5450 [ 28.301350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.301378] ? kasan_atomics_helper+0x4bbc/0x5450 [ 28.301401] kasan_report+0x141/0x180 [ 28.301424] ? kasan_atomics_helper+0x4bbc/0x5450 [ 28.301453] __asan_report_load4_noabort+0x18/0x20 [ 28.301479] kasan_atomics_helper+0x4bbc/0x5450 [ 28.301502] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.301526] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.301551] ? kasan_atomics+0x152/0x310 [ 28.301579] kasan_atomics+0x1dc/0x310 [ 28.301602] ? __pfx_kasan_atomics+0x10/0x10 [ 28.301627] ? __pfx_read_tsc+0x10/0x10 [ 28.301651] ? ktime_get_ts64+0x86/0x230 [ 28.301676] kunit_try_run_case+0x1a5/0x480 [ 28.301703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.301726] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.301750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.301797] ? __kthread_parkme+0x82/0x180 [ 28.301822] ? preempt_count_sub+0x50/0x80 [ 28.301848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.301873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.301898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.301923] kthread+0x337/0x6f0 [ 28.301952] ? trace_preempt_on+0x20/0xc0 [ 28.301977] ? __pfx_kthread+0x10/0x10 [ 28.301998] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.302023] ? calculate_sigpending+0x7b/0xa0 [ 28.302064] ? __pfx_kthread+0x10/0x10 [ 28.302086] ret_from_fork+0x116/0x1d0 [ 28.302107] ? __pfx_kthread+0x10/0x10 [ 28.302128] ret_from_fork_asm+0x1a/0x30 [ 28.302162] </TASK> [ 28.302173] [ 28.318587] Allocated by task 314: [ 28.319010] kasan_save_stack+0x45/0x70 [ 28.319540] kasan_save_track+0x18/0x40 [ 28.320019] kasan_save_alloc_info+0x3b/0x50 [ 28.320429] __kasan_kmalloc+0xb7/0xc0 [ 28.320572] __kmalloc_cache_noprof+0x189/0x420 [ 28.320730] kasan_atomics+0x95/0x310 [ 28.321014] kunit_try_run_case+0x1a5/0x480 [ 28.321651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.322251] kthread+0x337/0x6f0 [ 28.322662] ret_from_fork+0x116/0x1d0 [ 28.323144] ret_from_fork_asm+0x1a/0x30 [ 28.323593] [ 28.323752] The buggy address belongs to the object at ffff888106266f00 [ 28.323752] which belongs to the cache kmalloc-64 of size 64 [ 28.324593] The buggy address is located 0 bytes to the right of [ 28.324593] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.324997] [ 28.325100] The buggy address belongs to the physical page: [ 28.325891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.326892] flags: 0x200000000000000(node=0|zone=2) [ 28.327462] page_type: f5(slab) [ 28.327913] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.328791] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.329698] page dumped because: kasan: bad access detected [ 28.330358] [ 28.330623] Memory state around the buggy address: [ 28.331195] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.331633] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.332457] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.333114] ^ [ 28.333570] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.334308] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.334535] ================================================================== [ 28.551724] ================================================================== [ 28.552148] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 28.552557] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.552853] [ 28.552966] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.553014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.553027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.553049] Call Trace: [ 28.553079] <TASK> [ 28.553095] dump_stack_lvl+0x73/0xb0 [ 28.553129] print_report+0xd1/0x640 [ 28.553153] ? __virt_addr_valid+0x1db/0x2d0 [ 28.553178] ? kasan_atomics_helper+0x697/0x5450 [ 28.553201] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.553229] ? kasan_atomics_helper+0x697/0x5450 [ 28.553253] kasan_report+0x141/0x180 [ 28.553277] ? kasan_atomics_helper+0x697/0x5450 [ 28.553305] kasan_check_range+0x10c/0x1c0 [ 28.553331] __kasan_check_write+0x18/0x20 [ 28.553357] kasan_atomics_helper+0x697/0x5450 [ 28.553382] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.553406] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.553432] ? kasan_atomics+0x152/0x310 [ 28.553459] kasan_atomics+0x1dc/0x310 [ 28.553483] ? __pfx_kasan_atomics+0x10/0x10 [ 28.553510] ? __pfx_read_tsc+0x10/0x10 [ 28.553533] ? ktime_get_ts64+0x86/0x230 [ 28.553559] kunit_try_run_case+0x1a5/0x480 [ 28.553585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.553609] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.553634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.553662] ? __kthread_parkme+0x82/0x180 [ 28.553684] ? preempt_count_sub+0x50/0x80 [ 28.553708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.553735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.553761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.553787] kthread+0x337/0x6f0 [ 28.553808] ? trace_preempt_on+0x20/0xc0 [ 28.553832] ? __pfx_kthread+0x10/0x10 [ 28.553854] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.553880] ? calculate_sigpending+0x7b/0xa0 [ 28.553906] ? __pfx_kthread+0x10/0x10 [ 28.553929] ret_from_fork+0x116/0x1d0 [ 28.553959] ? __pfx_kthread+0x10/0x10 [ 28.553981] ret_from_fork_asm+0x1a/0x30 [ 28.554014] </TASK> [ 28.554026] [ 28.562388] Allocated by task 314: [ 28.562569] kasan_save_stack+0x45/0x70 [ 28.562740] kasan_save_track+0x18/0x40 [ 28.563056] kasan_save_alloc_info+0x3b/0x50 [ 28.563339] __kasan_kmalloc+0xb7/0xc0 [ 28.563480] __kmalloc_cache_noprof+0x189/0x420 [ 28.563636] kasan_atomics+0x95/0x310 [ 28.563769] kunit_try_run_case+0x1a5/0x480 [ 28.564075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.564335] kthread+0x337/0x6f0 [ 28.564502] ret_from_fork+0x116/0x1d0 [ 28.564688] ret_from_fork_asm+0x1a/0x30 [ 28.564856] [ 28.564952] The buggy address belongs to the object at ffff888106266f00 [ 28.564952] which belongs to the cache kmalloc-64 of size 64 [ 28.565508] The buggy address is located 0 bytes to the right of [ 28.565508] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.565895] [ 28.565990] The buggy address belongs to the physical page: [ 28.566344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.566961] flags: 0x200000000000000(node=0|zone=2) [ 28.567268] page_type: f5(slab) [ 28.567427] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.567695] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.568035] page dumped because: kasan: bad access detected [ 28.568317] [ 28.568383] Memory state around the buggy address: [ 28.568539] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.568758] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.568989] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.569212] ^ [ 28.569368] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.569672] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.569994] ================================================================== [ 28.589963] ================================================================== [ 28.590634] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 28.591043] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.591323] [ 28.591407] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.591454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.591468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.591490] Call Trace: [ 28.591505] <TASK> [ 28.591521] dump_stack_lvl+0x73/0xb0 [ 28.591549] print_report+0xd1/0x640 [ 28.591573] ? __virt_addr_valid+0x1db/0x2d0 [ 28.591598] ? kasan_atomics_helper+0x7c7/0x5450 [ 28.591621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.591650] ? kasan_atomics_helper+0x7c7/0x5450 [ 28.591674] kasan_report+0x141/0x180 [ 28.591699] ? kasan_atomics_helper+0x7c7/0x5450 [ 28.591728] kasan_check_range+0x10c/0x1c0 [ 28.591754] __kasan_check_write+0x18/0x20 [ 28.591780] kasan_atomics_helper+0x7c7/0x5450 [ 28.591862] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.591887] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.591914] ? kasan_atomics+0x152/0x310 [ 28.591953] kasan_atomics+0x1dc/0x310 [ 28.591979] ? __pfx_kasan_atomics+0x10/0x10 [ 28.592005] ? __pfx_read_tsc+0x10/0x10 [ 28.592029] ? ktime_get_ts64+0x86/0x230 [ 28.592063] kunit_try_run_case+0x1a5/0x480 [ 28.592088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.592113] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.592136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.592164] ? __kthread_parkme+0x82/0x180 [ 28.592187] ? preempt_count_sub+0x50/0x80 [ 28.592212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.592239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.592265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.592291] kthread+0x337/0x6f0 [ 28.592313] ? trace_preempt_on+0x20/0xc0 [ 28.592337] ? __pfx_kthread+0x10/0x10 [ 28.592360] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.592385] ? calculate_sigpending+0x7b/0xa0 [ 28.592411] ? __pfx_kthread+0x10/0x10 [ 28.592434] ret_from_fork+0x116/0x1d0 [ 28.592456] ? __pfx_kthread+0x10/0x10 [ 28.592479] ret_from_fork_asm+0x1a/0x30 [ 28.592512] </TASK> [ 28.592524] [ 28.600459] Allocated by task 314: [ 28.600614] kasan_save_stack+0x45/0x70 [ 28.600772] kasan_save_track+0x18/0x40 [ 28.600907] kasan_save_alloc_info+0x3b/0x50 [ 28.601129] __kasan_kmalloc+0xb7/0xc0 [ 28.601332] __kmalloc_cache_noprof+0x189/0x420 [ 28.601554] kasan_atomics+0x95/0x310 [ 28.601705] kunit_try_run_case+0x1a5/0x480 [ 28.601916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.602233] kthread+0x337/0x6f0 [ 28.602361] ret_from_fork+0x116/0x1d0 [ 28.602504] ret_from_fork_asm+0x1a/0x30 [ 28.602705] [ 28.602797] The buggy address belongs to the object at ffff888106266f00 [ 28.602797] which belongs to the cache kmalloc-64 of size 64 [ 28.603307] The buggy address is located 0 bytes to the right of [ 28.603307] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.603788] [ 28.603884] The buggy address belongs to the physical page: [ 28.604173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.604495] flags: 0x200000000000000(node=0|zone=2) [ 28.604710] page_type: f5(slab) [ 28.604844] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.605390] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.605634] page dumped because: kasan: bad access detected [ 28.605824] [ 28.605914] Memory state around the buggy address: [ 28.606290] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.606621] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.607031] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.607403] ^ [ 28.607619] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.608061] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.608451] ================================================================== [ 28.888484] ================================================================== [ 28.888715] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 28.889331] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.889691] [ 28.889793] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.889840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.889860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.889881] Call Trace: [ 28.889895] <TASK> [ 28.889910] dump_stack_lvl+0x73/0xb0 [ 28.889939] print_report+0xd1/0x640 [ 28.889974] ? __virt_addr_valid+0x1db/0x2d0 [ 28.889999] ? kasan_atomics_helper+0xe78/0x5450 [ 28.890021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.890049] ? kasan_atomics_helper+0xe78/0x5450 [ 28.890082] kasan_report+0x141/0x180 [ 28.890106] ? kasan_atomics_helper+0xe78/0x5450 [ 28.890134] kasan_check_range+0x10c/0x1c0 [ 28.890160] __kasan_check_write+0x18/0x20 [ 28.890185] kasan_atomics_helper+0xe78/0x5450 [ 28.890210] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.890234] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.890260] ? kasan_atomics+0x152/0x310 [ 28.890288] kasan_atomics+0x1dc/0x310 [ 28.890312] ? __pfx_kasan_atomics+0x10/0x10 [ 28.890338] ? __pfx_read_tsc+0x10/0x10 [ 28.890362] ? ktime_get_ts64+0x86/0x230 [ 28.890388] kunit_try_run_case+0x1a5/0x480 [ 28.890414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.890438] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.890463] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.890491] ? __kthread_parkme+0x82/0x180 [ 28.890513] ? preempt_count_sub+0x50/0x80 [ 28.890538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.890564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.890589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.890615] kthread+0x337/0x6f0 [ 28.890637] ? trace_preempt_on+0x20/0xc0 [ 28.890662] ? __pfx_kthread+0x10/0x10 [ 28.890686] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.890712] ? calculate_sigpending+0x7b/0xa0 [ 28.890737] ? __pfx_kthread+0x10/0x10 [ 28.890760] ret_from_fork+0x116/0x1d0 [ 28.890781] ? __pfx_kthread+0x10/0x10 [ 28.890815] ret_from_fork_asm+0x1a/0x30 [ 28.890848] </TASK> [ 28.890862] [ 28.899378] Allocated by task 314: [ 28.899559] kasan_save_stack+0x45/0x70 [ 28.899804] kasan_save_track+0x18/0x40 [ 28.900179] kasan_save_alloc_info+0x3b/0x50 [ 28.900334] __kasan_kmalloc+0xb7/0xc0 [ 28.900466] __kmalloc_cache_noprof+0x189/0x420 [ 28.900622] kasan_atomics+0x95/0x310 [ 28.900831] kunit_try_run_case+0x1a5/0x480 [ 28.901055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.901368] kthread+0x337/0x6f0 [ 28.901536] ret_from_fork+0x116/0x1d0 [ 28.901724] ret_from_fork_asm+0x1a/0x30 [ 28.901988] [ 28.902080] The buggy address belongs to the object at ffff888106266f00 [ 28.902080] which belongs to the cache kmalloc-64 of size 64 [ 28.902557] The buggy address is located 0 bytes to the right of [ 28.902557] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.903246] [ 28.903344] The buggy address belongs to the physical page: [ 28.903553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.903897] flags: 0x200000000000000(node=0|zone=2) [ 28.904293] page_type: f5(slab) [ 28.904421] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.904735] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.905199] page dumped because: kasan: bad access detected [ 28.905467] [ 28.905559] Memory state around the buggy address: [ 28.905774] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.906229] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.906514] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.906730] ^ [ 28.907120] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.907477] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.907754] ================================================================== [ 28.941176] ================================================================== [ 28.941524] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 28.942039] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.942564] [ 28.942675] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.942724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.942738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.942760] Call Trace: [ 28.942889] <TASK> [ 28.942905] dump_stack_lvl+0x73/0xb0 [ 28.942937] print_report+0xd1/0x640 [ 28.943017] ? __virt_addr_valid+0x1db/0x2d0 [ 28.943043] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.943081] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.943111] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.943136] kasan_report+0x141/0x180 [ 28.943161] ? kasan_atomics_helper+0xfa9/0x5450 [ 28.943190] kasan_check_range+0x10c/0x1c0 [ 28.943249] __kasan_check_write+0x18/0x20 [ 28.943276] kasan_atomics_helper+0xfa9/0x5450 [ 28.943301] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.943325] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.943352] ? kasan_atomics+0x152/0x310 [ 28.943412] kasan_atomics+0x1dc/0x310 [ 28.943438] ? __pfx_kasan_atomics+0x10/0x10 [ 28.943465] ? __pfx_read_tsc+0x10/0x10 [ 28.943490] ? ktime_get_ts64+0x86/0x230 [ 28.943515] kunit_try_run_case+0x1a5/0x480 [ 28.943542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.943568] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.943592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.943620] ? __kthread_parkme+0x82/0x180 [ 28.943642] ? preempt_count_sub+0x50/0x80 [ 28.943667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.943695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.943720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.943746] kthread+0x337/0x6f0 [ 28.943768] ? trace_preempt_on+0x20/0xc0 [ 28.943847] ? __pfx_kthread+0x10/0x10 [ 28.943873] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.943900] ? calculate_sigpending+0x7b/0xa0 [ 28.943926] ? __pfx_kthread+0x10/0x10 [ 28.943963] ret_from_fork+0x116/0x1d0 [ 28.943986] ? __pfx_kthread+0x10/0x10 [ 28.944008] ret_from_fork_asm+0x1a/0x30 [ 28.944042] </TASK> [ 28.944055] [ 28.953641] Allocated by task 314: [ 28.953998] kasan_save_stack+0x45/0x70 [ 28.954282] kasan_save_track+0x18/0x40 [ 28.954462] kasan_save_alloc_info+0x3b/0x50 [ 28.954693] __kasan_kmalloc+0xb7/0xc0 [ 28.955003] __kmalloc_cache_noprof+0x189/0x420 [ 28.955256] kasan_atomics+0x95/0x310 [ 28.955476] kunit_try_run_case+0x1a5/0x480 [ 28.955686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.956021] kthread+0x337/0x6f0 [ 28.956144] ret_from_fork+0x116/0x1d0 [ 28.956277] ret_from_fork_asm+0x1a/0x30 [ 28.956695] [ 28.956893] The buggy address belongs to the object at ffff888106266f00 [ 28.956893] which belongs to the cache kmalloc-64 of size 64 [ 28.957619] The buggy address is located 0 bytes to the right of [ 28.957619] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.958016] [ 28.958088] The buggy address belongs to the physical page: [ 28.958313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.958768] flags: 0x200000000000000(node=0|zone=2) [ 28.959108] page_type: f5(slab) [ 28.959646] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.960291] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.960549] page dumped because: kasan: bad access detected [ 28.960725] [ 28.960909] Memory state around the buggy address: [ 28.961371] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.961736] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.962290] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.962610] ^ [ 28.962964] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.963476] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.963822] ================================================================== [ 28.848618] ================================================================== [ 28.848982] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 28.849331] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.849586] [ 28.849670] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.849717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.849730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.849752] Call Trace: [ 28.849767] <TASK> [ 28.849783] dump_stack_lvl+0x73/0xb0 [ 28.849812] print_report+0xd1/0x640 [ 28.849837] ? __virt_addr_valid+0x1db/0x2d0 [ 28.849863] ? kasan_atomics_helper+0xd47/0x5450 [ 28.849886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.849914] ? kasan_atomics_helper+0xd47/0x5450 [ 28.849938] kasan_report+0x141/0x180 [ 28.849974] ? kasan_atomics_helper+0xd47/0x5450 [ 28.850003] kasan_check_range+0x10c/0x1c0 [ 28.850038] __kasan_check_write+0x18/0x20 [ 28.850077] kasan_atomics_helper+0xd47/0x5450 [ 28.850102] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.850126] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.850152] ? kasan_atomics+0x152/0x310 [ 28.850180] kasan_atomics+0x1dc/0x310 [ 28.850205] ? __pfx_kasan_atomics+0x10/0x10 [ 28.850247] ? __pfx_read_tsc+0x10/0x10 [ 28.850276] ? ktime_get_ts64+0x86/0x230 [ 28.850302] kunit_try_run_case+0x1a5/0x480 [ 28.850328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.850353] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.850376] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.850404] ? __kthread_parkme+0x82/0x180 [ 28.850427] ? preempt_count_sub+0x50/0x80 [ 28.850451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.850478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.850503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.850529] kthread+0x337/0x6f0 [ 28.850551] ? trace_preempt_on+0x20/0xc0 [ 28.850575] ? __pfx_kthread+0x10/0x10 [ 28.850598] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.850624] ? calculate_sigpending+0x7b/0xa0 [ 28.850649] ? __pfx_kthread+0x10/0x10 [ 28.850672] ret_from_fork+0x116/0x1d0 [ 28.850694] ? __pfx_kthread+0x10/0x10 [ 28.850716] ret_from_fork_asm+0x1a/0x30 [ 28.850750] </TASK> [ 28.850762] [ 28.859197] Allocated by task 314: [ 28.859359] kasan_save_stack+0x45/0x70 [ 28.859537] kasan_save_track+0x18/0x40 [ 28.859673] kasan_save_alloc_info+0x3b/0x50 [ 28.859822] __kasan_kmalloc+0xb7/0xc0 [ 28.859963] __kmalloc_cache_noprof+0x189/0x420 [ 28.860165] kasan_atomics+0x95/0x310 [ 28.860484] kunit_try_run_case+0x1a5/0x480 [ 28.860701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.860960] kthread+0x337/0x6f0 [ 28.861286] ret_from_fork+0x116/0x1d0 [ 28.861484] ret_from_fork_asm+0x1a/0x30 [ 28.861625] [ 28.861692] The buggy address belongs to the object at ffff888106266f00 [ 28.861692] which belongs to the cache kmalloc-64 of size 64 [ 28.862314] The buggy address is located 0 bytes to the right of [ 28.862314] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.863008] [ 28.863119] The buggy address belongs to the physical page: [ 28.863406] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.863698] flags: 0x200000000000000(node=0|zone=2) [ 28.863863] page_type: f5(slab) [ 28.863992] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.864228] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.864460] page dumped because: kasan: bad access detected [ 28.864685] [ 28.864777] Memory state around the buggy address: [ 28.865020] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.865642] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.865882] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.866107] ^ [ 28.866264] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.866482] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.866696] ================================================================== [ 29.136411] ================================================================== [ 29.136927] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 29.137300] Read of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.137624] [ 29.137747] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.137958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.137974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.137997] Call Trace: [ 29.138037] <TASK> [ 29.138060] dump_stack_lvl+0x73/0xb0 [ 29.138092] print_report+0xd1/0x640 [ 29.138116] ? __virt_addr_valid+0x1db/0x2d0 [ 29.138142] ? kasan_atomics_helper+0x49ce/0x5450 [ 29.138165] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.138193] ? kasan_atomics_helper+0x49ce/0x5450 [ 29.138217] kasan_report+0x141/0x180 [ 29.138241] ? kasan_atomics_helper+0x49ce/0x5450 [ 29.138269] __asan_report_load4_noabort+0x18/0x20 [ 29.138296] kasan_atomics_helper+0x49ce/0x5450 [ 29.138321] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.138345] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.138372] ? kasan_atomics+0x152/0x310 [ 29.138399] kasan_atomics+0x1dc/0x310 [ 29.138424] ? __pfx_kasan_atomics+0x10/0x10 [ 29.138449] ? __pfx_read_tsc+0x10/0x10 [ 29.138474] ? ktime_get_ts64+0x86/0x230 [ 29.138499] kunit_try_run_case+0x1a5/0x480 [ 29.138525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.138549] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.138572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.138601] ? __kthread_parkme+0x82/0x180 [ 29.138658] ? preempt_count_sub+0x50/0x80 [ 29.138683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.138709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.138735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.138761] kthread+0x337/0x6f0 [ 29.138872] ? trace_preempt_on+0x20/0xc0 [ 29.138898] ? __pfx_kthread+0x10/0x10 [ 29.138921] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.138959] ? calculate_sigpending+0x7b/0xa0 [ 29.138984] ? __pfx_kthread+0x10/0x10 [ 29.139008] ret_from_fork+0x116/0x1d0 [ 29.139028] ? __pfx_kthread+0x10/0x10 [ 29.139071] ret_from_fork_asm+0x1a/0x30 [ 29.139104] </TASK> [ 29.139117] [ 29.147345] Allocated by task 314: [ 29.147488] kasan_save_stack+0x45/0x70 [ 29.147711] kasan_save_track+0x18/0x40 [ 29.147975] kasan_save_alloc_info+0x3b/0x50 [ 29.148223] __kasan_kmalloc+0xb7/0xc0 [ 29.148372] __kmalloc_cache_noprof+0x189/0x420 [ 29.148530] kasan_atomics+0x95/0x310 [ 29.148663] kunit_try_run_case+0x1a5/0x480 [ 29.148961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.149275] kthread+0x337/0x6f0 [ 29.149448] ret_from_fork+0x116/0x1d0 [ 29.149634] ret_from_fork_asm+0x1a/0x30 [ 29.150019] [ 29.150123] The buggy address belongs to the object at ffff888106266f00 [ 29.150123] which belongs to the cache kmalloc-64 of size 64 [ 29.150637] The buggy address is located 0 bytes to the right of [ 29.150637] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.151242] [ 29.151345] The buggy address belongs to the physical page: [ 29.151640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.152113] flags: 0x200000000000000(node=0|zone=2) [ 29.152333] page_type: f5(slab) [ 29.152511] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.152929] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.153235] page dumped because: kasan: bad access detected [ 29.153460] [ 29.153554] Memory state around the buggy address: [ 29.153938] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.154326] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.154576] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.154921] ^ [ 29.155134] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.155397] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.155702] ================================================================== [ 29.231477] ================================================================== [ 29.231805] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 29.232462] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.233331] [ 29.233546] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.233602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.233616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.233639] Call Trace: [ 29.233657] <TASK> [ 29.233673] dump_stack_lvl+0x73/0xb0 [ 29.233704] print_report+0xd1/0x640 [ 29.233728] ? __virt_addr_valid+0x1db/0x2d0 [ 29.233753] ? kasan_atomics_helper+0x50d4/0x5450 [ 29.233776] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.233936] ? kasan_atomics_helper+0x50d4/0x5450 [ 29.233976] kasan_report+0x141/0x180 [ 29.234001] ? kasan_atomics_helper+0x50d4/0x5450 [ 29.234030] __asan_report_store8_noabort+0x1b/0x30 [ 29.234071] kasan_atomics_helper+0x50d4/0x5450 [ 29.234097] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.234123] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.234150] ? kasan_atomics+0x152/0x310 [ 29.234178] kasan_atomics+0x1dc/0x310 [ 29.234203] ? __pfx_kasan_atomics+0x10/0x10 [ 29.234229] ? __pfx_read_tsc+0x10/0x10 [ 29.234253] ? ktime_get_ts64+0x86/0x230 [ 29.234279] kunit_try_run_case+0x1a5/0x480 [ 29.234306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.234331] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.234355] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.234384] ? __kthread_parkme+0x82/0x180 [ 29.234406] ? preempt_count_sub+0x50/0x80 [ 29.234431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.234457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.234483] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.234509] kthread+0x337/0x6f0 [ 29.234532] ? trace_preempt_on+0x20/0xc0 [ 29.234557] ? __pfx_kthread+0x10/0x10 [ 29.234579] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.234604] ? calculate_sigpending+0x7b/0xa0 [ 29.234630] ? __pfx_kthread+0x10/0x10 [ 29.234655] ret_from_fork+0x116/0x1d0 [ 29.234676] ? __pfx_kthread+0x10/0x10 [ 29.234700] ret_from_fork_asm+0x1a/0x30 [ 29.234733] </TASK> [ 29.234745] [ 29.247211] Allocated by task 314: [ 29.247349] kasan_save_stack+0x45/0x70 [ 29.247496] kasan_save_track+0x18/0x40 [ 29.247631] kasan_save_alloc_info+0x3b/0x50 [ 29.247778] __kasan_kmalloc+0xb7/0xc0 [ 29.247907] __kmalloc_cache_noprof+0x189/0x420 [ 29.248648] kasan_atomics+0x95/0x310 [ 29.248923] kunit_try_run_case+0x1a5/0x480 [ 29.249629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.250219] kthread+0x337/0x6f0 [ 29.250545] ret_from_fork+0x116/0x1d0 [ 29.250737] ret_from_fork_asm+0x1a/0x30 [ 29.251264] [ 29.251371] The buggy address belongs to the object at ffff888106266f00 [ 29.251371] which belongs to the cache kmalloc-64 of size 64 [ 29.252233] The buggy address is located 0 bytes to the right of [ 29.252233] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.252729] [ 29.252853] The buggy address belongs to the physical page: [ 29.253620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.254717] flags: 0x200000000000000(node=0|zone=2) [ 29.255031] page_type: f5(slab) [ 29.255195] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.255503] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.255825] page dumped because: kasan: bad access detected [ 29.256035] [ 29.256102] Memory state around the buggy address: [ 29.256255] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.256569] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.256884] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.257365] ^ [ 29.257572] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.257793] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.258271] ================================================================== [ 29.483617] ================================================================== [ 29.483984] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 29.484416] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.485174] [ 29.485287] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.485335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.485348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.485370] Call Trace: [ 29.485386] <TASK> [ 29.485402] dump_stack_lvl+0x73/0xb0 [ 29.485431] print_report+0xd1/0x640 [ 29.485456] ? __virt_addr_valid+0x1db/0x2d0 [ 29.485480] ? kasan_atomics_helper+0x1b22/0x5450 [ 29.485727] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.485762] ? kasan_atomics_helper+0x1b22/0x5450 [ 29.485787] kasan_report+0x141/0x180 [ 29.485812] ? kasan_atomics_helper+0x1b22/0x5450 [ 29.485840] kasan_check_range+0x10c/0x1c0 [ 29.485867] __kasan_check_write+0x18/0x20 [ 29.485893] kasan_atomics_helper+0x1b22/0x5450 [ 29.485918] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.485954] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.485980] ? kasan_atomics+0x152/0x310 [ 29.486008] kasan_atomics+0x1dc/0x310 [ 29.486033] ? __pfx_kasan_atomics+0x10/0x10 [ 29.486059] ? __pfx_read_tsc+0x10/0x10 [ 29.486098] ? ktime_get_ts64+0x86/0x230 [ 29.486126] kunit_try_run_case+0x1a5/0x480 [ 29.486169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.486193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.486217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.486245] ? __kthread_parkme+0x82/0x180 [ 29.486267] ? preempt_count_sub+0x50/0x80 [ 29.486291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.486318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.486345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.486371] kthread+0x337/0x6f0 [ 29.486392] ? trace_preempt_on+0x20/0xc0 [ 29.486417] ? __pfx_kthread+0x10/0x10 [ 29.486441] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.486467] ? calculate_sigpending+0x7b/0xa0 [ 29.486492] ? __pfx_kthread+0x10/0x10 [ 29.486516] ret_from_fork+0x116/0x1d0 [ 29.486538] ? __pfx_kthread+0x10/0x10 [ 29.486560] ret_from_fork_asm+0x1a/0x30 [ 29.486594] </TASK> [ 29.486607] [ 29.498416] Allocated by task 314: [ 29.498841] kasan_save_stack+0x45/0x70 [ 29.499083] kasan_save_track+0x18/0x40 [ 29.499497] kasan_save_alloc_info+0x3b/0x50 [ 29.499690] __kasan_kmalloc+0xb7/0xc0 [ 29.500101] __kmalloc_cache_noprof+0x189/0x420 [ 29.500319] kasan_atomics+0x95/0x310 [ 29.500495] kunit_try_run_case+0x1a5/0x480 [ 29.500677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.501223] kthread+0x337/0x6f0 [ 29.501380] ret_from_fork+0x116/0x1d0 [ 29.501546] ret_from_fork_asm+0x1a/0x30 [ 29.501734] [ 29.501822] The buggy address belongs to the object at ffff888106266f00 [ 29.501822] which belongs to the cache kmalloc-64 of size 64 [ 29.502730] The buggy address is located 0 bytes to the right of [ 29.502730] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.503640] [ 29.503795] The buggy address belongs to the physical page: [ 29.504215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.504717] flags: 0x200000000000000(node=0|zone=2) [ 29.505113] page_type: f5(slab) [ 29.505348] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.505893] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.506421] page dumped because: kasan: bad access detected [ 29.506778] [ 29.506911] Memory state around the buggy address: [ 29.507210] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.507611] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.508321] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.508631] ^ [ 29.509024] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.509610] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.510090] ================================================================== [ 28.511608] ================================================================== [ 28.511981] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 28.513096] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 28.513409] [ 28.513510] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.513559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.513572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.513594] Call Trace: [ 28.513608] <TASK> [ 28.513624] dump_stack_lvl+0x73/0xb0 [ 28.513654] print_report+0xd1/0x640 [ 28.513678] ? __virt_addr_valid+0x1db/0x2d0 [ 28.513703] ? kasan_atomics_helper+0x565/0x5450 [ 28.513725] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.513754] ? kasan_atomics_helper+0x565/0x5450 [ 28.513777] kasan_report+0x141/0x180 [ 28.513856] ? kasan_atomics_helper+0x565/0x5450 [ 28.513886] kasan_check_range+0x10c/0x1c0 [ 28.513912] __kasan_check_write+0x18/0x20 [ 28.513937] kasan_atomics_helper+0x565/0x5450 [ 28.513973] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.513997] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.514023] ? kasan_atomics+0x152/0x310 [ 28.514051] kasan_atomics+0x1dc/0x310 [ 28.514086] ? __pfx_kasan_atomics+0x10/0x10 [ 28.514113] ? __pfx_read_tsc+0x10/0x10 [ 28.514137] ? ktime_get_ts64+0x86/0x230 [ 28.514163] kunit_try_run_case+0x1a5/0x480 [ 28.514189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.514215] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.514239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.514267] ? __kthread_parkme+0x82/0x180 [ 28.514288] ? preempt_count_sub+0x50/0x80 [ 28.514313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.514339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.514365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.514391] kthread+0x337/0x6f0 [ 28.514413] ? trace_preempt_on+0x20/0xc0 [ 28.514438] ? __pfx_kthread+0x10/0x10 [ 28.514460] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.514486] ? calculate_sigpending+0x7b/0xa0 [ 28.514511] ? __pfx_kthread+0x10/0x10 [ 28.514534] ret_from_fork+0x116/0x1d0 [ 28.514555] ? __pfx_kthread+0x10/0x10 [ 28.514577] ret_from_fork_asm+0x1a/0x30 [ 28.514611] </TASK> [ 28.514623] [ 28.523036] Allocated by task 314: [ 28.523186] kasan_save_stack+0x45/0x70 [ 28.523337] kasan_save_track+0x18/0x40 [ 28.523474] kasan_save_alloc_info+0x3b/0x50 [ 28.523655] __kasan_kmalloc+0xb7/0xc0 [ 28.524057] __kmalloc_cache_noprof+0x189/0x420 [ 28.524313] kasan_atomics+0x95/0x310 [ 28.524505] kunit_try_run_case+0x1a5/0x480 [ 28.524714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.525063] kthread+0x337/0x6f0 [ 28.525263] ret_from_fork+0x116/0x1d0 [ 28.525447] ret_from_fork_asm+0x1a/0x30 [ 28.525616] [ 28.525706] The buggy address belongs to the object at ffff888106266f00 [ 28.525706] which belongs to the cache kmalloc-64 of size 64 [ 28.526290] The buggy address is located 0 bytes to the right of [ 28.526290] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 28.526846] [ 28.526933] The buggy address belongs to the physical page: [ 28.527154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 28.527400] flags: 0x200000000000000(node=0|zone=2) [ 28.527565] page_type: f5(slab) [ 28.527685] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.527920] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.528213] page dumped because: kasan: bad access detected [ 28.528471] [ 28.528560] Memory state around the buggy address: [ 28.528786] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.529302] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.529653] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.530126] ^ [ 28.530323] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.530591] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.530886] ================================================================== [ 29.034052] ================================================================== [ 29.034426] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 29.034772] Write of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.035221] [ 29.035370] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.035420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.035433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.035456] Call Trace: [ 29.035471] <TASK> [ 29.035488] dump_stack_lvl+0x73/0xb0 [ 29.035554] print_report+0xd1/0x640 [ 29.035579] ? __virt_addr_valid+0x1db/0x2d0 [ 29.035605] ? kasan_atomics_helper+0x1148/0x5450 [ 29.035627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.035687] ? kasan_atomics_helper+0x1148/0x5450 [ 29.035712] kasan_report+0x141/0x180 [ 29.035736] ? kasan_atomics_helper+0x1148/0x5450 [ 29.035765] kasan_check_range+0x10c/0x1c0 [ 29.035842] __kasan_check_write+0x18/0x20 [ 29.035870] kasan_atomics_helper+0x1148/0x5450 [ 29.035895] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.035919] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.036022] ? kasan_atomics+0x152/0x310 [ 29.036076] kasan_atomics+0x1dc/0x310 [ 29.036126] ? __pfx_kasan_atomics+0x10/0x10 [ 29.036153] ? __pfx_read_tsc+0x10/0x10 [ 29.036178] ? ktime_get_ts64+0x86/0x230 [ 29.036252] kunit_try_run_case+0x1a5/0x480 [ 29.036279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.036304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.036328] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.036356] ? __kthread_parkme+0x82/0x180 [ 29.036378] ? preempt_count_sub+0x50/0x80 [ 29.036404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.036429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.036455] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.036481] kthread+0x337/0x6f0 [ 29.036503] ? trace_preempt_on+0x20/0xc0 [ 29.036528] ? __pfx_kthread+0x10/0x10 [ 29.036550] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.036585] ? calculate_sigpending+0x7b/0xa0 [ 29.036612] ? __pfx_kthread+0x10/0x10 [ 29.036636] ret_from_fork+0x116/0x1d0 [ 29.036657] ? __pfx_kthread+0x10/0x10 [ 29.036680] ret_from_fork_asm+0x1a/0x30 [ 29.036713] </TASK> [ 29.036725] [ 29.046663] Allocated by task 314: [ 29.046800] kasan_save_stack+0x45/0x70 [ 29.046981] kasan_save_track+0x18/0x40 [ 29.047416] kasan_save_alloc_info+0x3b/0x50 [ 29.047848] __kasan_kmalloc+0xb7/0xc0 [ 29.048015] __kmalloc_cache_noprof+0x189/0x420 [ 29.048252] kasan_atomics+0x95/0x310 [ 29.048470] kunit_try_run_case+0x1a5/0x480 [ 29.048670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.049017] kthread+0x337/0x6f0 [ 29.049208] ret_from_fork+0x116/0x1d0 [ 29.049431] ret_from_fork_asm+0x1a/0x30 [ 29.049646] [ 29.049741] The buggy address belongs to the object at ffff888106266f00 [ 29.049741] which belongs to the cache kmalloc-64 of size 64 [ 29.050512] The buggy address is located 0 bytes to the right of [ 29.050512] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.051273] [ 29.051377] The buggy address belongs to the physical page: [ 29.051650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.052152] flags: 0x200000000000000(node=0|zone=2) [ 29.052401] page_type: f5(slab) [ 29.052564] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.053031] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.053338] page dumped because: kasan: bad access detected [ 29.053519] [ 29.053586] Memory state around the buggy address: [ 29.053784] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.054341] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.054688] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.055283] ^ [ 29.055552] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.056001] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.056360] ================================================================== [ 29.625078] ================================================================== [ 29.625317] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 29.625552] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.626186] [ 29.626368] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.626416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.626429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.626451] Call Trace: [ 29.626467] <TASK> [ 29.626484] dump_stack_lvl+0x73/0xb0 [ 29.626512] print_report+0xd1/0x640 [ 29.626536] ? __virt_addr_valid+0x1db/0x2d0 [ 29.626561] ? kasan_atomics_helper+0x1e12/0x5450 [ 29.626584] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.626612] ? kasan_atomics_helper+0x1e12/0x5450 [ 29.626635] kasan_report+0x141/0x180 [ 29.626659] ? kasan_atomics_helper+0x1e12/0x5450 [ 29.626710] kasan_check_range+0x10c/0x1c0 [ 29.626750] __kasan_check_write+0x18/0x20 [ 29.626774] kasan_atomics_helper+0x1e12/0x5450 [ 29.626813] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.626851] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.626878] ? kasan_atomics+0x152/0x310 [ 29.626905] kasan_atomics+0x1dc/0x310 [ 29.626955] ? __pfx_kasan_atomics+0x10/0x10 [ 29.626994] ? __pfx_read_tsc+0x10/0x10 [ 29.627018] ? ktime_get_ts64+0x86/0x230 [ 29.627044] kunit_try_run_case+0x1a5/0x480 [ 29.627083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.627122] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.627147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.627175] ? __kthread_parkme+0x82/0x180 [ 29.627197] ? preempt_count_sub+0x50/0x80 [ 29.627222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.627259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.627285] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.627311] kthread+0x337/0x6f0 [ 29.627333] ? trace_preempt_on+0x20/0xc0 [ 29.627357] ? __pfx_kthread+0x10/0x10 [ 29.627380] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.627406] ? calculate_sigpending+0x7b/0xa0 [ 29.627431] ? __pfx_kthread+0x10/0x10 [ 29.627454] ret_from_fork+0x116/0x1d0 [ 29.627475] ? __pfx_kthread+0x10/0x10 [ 29.627497] ret_from_fork_asm+0x1a/0x30 [ 29.627530] </TASK> [ 29.627542] [ 29.644173] Allocated by task 314: [ 29.644636] kasan_save_stack+0x45/0x70 [ 29.645177] kasan_save_track+0x18/0x40 [ 29.645761] kasan_save_alloc_info+0x3b/0x50 [ 29.646398] __kasan_kmalloc+0xb7/0xc0 [ 29.646901] __kmalloc_cache_noprof+0x189/0x420 [ 29.647533] kasan_atomics+0x95/0x310 [ 29.648050] kunit_try_run_case+0x1a5/0x480 [ 29.648675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.649491] kthread+0x337/0x6f0 [ 29.649653] ret_from_fork+0x116/0x1d0 [ 29.650106] ret_from_fork_asm+0x1a/0x30 [ 29.650625] [ 29.651021] The buggy address belongs to the object at ffff888106266f00 [ 29.651021] which belongs to the cache kmalloc-64 of size 64 [ 29.651758] The buggy address is located 0 bytes to the right of [ 29.651758] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.653515] [ 29.653743] The buggy address belongs to the physical page: [ 29.654367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.655201] flags: 0x200000000000000(node=0|zone=2) [ 29.655588] page_type: f5(slab) [ 29.655724] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.656667] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.657673] page dumped because: kasan: bad access detected [ 29.658352] [ 29.658593] Memory state around the buggy address: [ 29.658774] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.659692] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.660586] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.661301] ^ [ 29.661751] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.662597] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.663095] ================================================================== [ 29.303374] ================================================================== [ 29.304059] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 29.304367] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.304652] [ 29.304755] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.304802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.304816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.304837] Call Trace: [ 29.304852] <TASK> [ 29.304867] dump_stack_lvl+0x73/0xb0 [ 29.304895] print_report+0xd1/0x640 [ 29.304920] ? __virt_addr_valid+0x1db/0x2d0 [ 29.304958] ? kasan_atomics_helper+0x164f/0x5450 [ 29.304981] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.305010] ? kasan_atomics_helper+0x164f/0x5450 [ 29.305034] kasan_report+0x141/0x180 [ 29.305113] ? kasan_atomics_helper+0x164f/0x5450 [ 29.305152] kasan_check_range+0x10c/0x1c0 [ 29.305178] __kasan_check_write+0x18/0x20 [ 29.305203] kasan_atomics_helper+0x164f/0x5450 [ 29.305228] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.305253] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.305279] ? kasan_atomics+0x152/0x310 [ 29.305307] kasan_atomics+0x1dc/0x310 [ 29.305331] ? __pfx_kasan_atomics+0x10/0x10 [ 29.305357] ? __pfx_read_tsc+0x10/0x10 [ 29.305381] ? ktime_get_ts64+0x86/0x230 [ 29.305407] kunit_try_run_case+0x1a5/0x480 [ 29.305433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.305458] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.305481] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.305509] ? __kthread_parkme+0x82/0x180 [ 29.305531] ? preempt_count_sub+0x50/0x80 [ 29.305557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.305582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.305608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.305634] kthread+0x337/0x6f0 [ 29.305656] ? trace_preempt_on+0x20/0xc0 [ 29.305682] ? __pfx_kthread+0x10/0x10 [ 29.305705] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.305731] ? calculate_sigpending+0x7b/0xa0 [ 29.305757] ? __pfx_kthread+0x10/0x10 [ 29.305780] ret_from_fork+0x116/0x1d0 [ 29.305880] ? __pfx_kthread+0x10/0x10 [ 29.305905] ret_from_fork_asm+0x1a/0x30 [ 29.305939] </TASK> [ 29.305962] [ 29.313703] Allocated by task 314: [ 29.313885] kasan_save_stack+0x45/0x70 [ 29.314146] kasan_save_track+0x18/0x40 [ 29.314318] kasan_save_alloc_info+0x3b/0x50 [ 29.314502] __kasan_kmalloc+0xb7/0xc0 [ 29.314669] __kmalloc_cache_noprof+0x189/0x420 [ 29.314861] kasan_atomics+0x95/0x310 [ 29.315031] kunit_try_run_case+0x1a5/0x480 [ 29.315225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.315404] kthread+0x337/0x6f0 [ 29.315524] ret_from_fork+0x116/0x1d0 [ 29.315657] ret_from_fork_asm+0x1a/0x30 [ 29.315853] [ 29.315953] The buggy address belongs to the object at ffff888106266f00 [ 29.315953] which belongs to the cache kmalloc-64 of size 64 [ 29.316484] The buggy address is located 0 bytes to the right of [ 29.316484] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.317234] [ 29.317324] The buggy address belongs to the physical page: [ 29.317578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.318004] flags: 0x200000000000000(node=0|zone=2) [ 29.318502] page_type: f5(slab) [ 29.318723] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.319020] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.319475] page dumped because: kasan: bad access detected [ 29.319716] [ 29.319855] Memory state around the buggy address: [ 29.320064] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.320288] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.320510] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.320727] ^ [ 29.320884] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.321197] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.321864] ================================================================== [ 29.753431] ================================================================== [ 29.753725] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 29.754225] Write of size 8 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.754645] [ 29.754753] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.754879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.754896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.754918] Call Trace: [ 29.754957] <TASK> [ 29.754977] dump_stack_lvl+0x73/0xb0 [ 29.755007] print_report+0xd1/0x640 [ 29.755033] ? __virt_addr_valid+0x1db/0x2d0 [ 29.755059] ? kasan_atomics_helper+0x2006/0x5450 [ 29.755083] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.755113] ? kasan_atomics_helper+0x2006/0x5450 [ 29.755149] kasan_report+0x141/0x180 [ 29.755173] ? kasan_atomics_helper+0x2006/0x5450 [ 29.755214] kasan_check_range+0x10c/0x1c0 [ 29.755242] __kasan_check_write+0x18/0x20 [ 29.755268] kasan_atomics_helper+0x2006/0x5450 [ 29.755294] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.755319] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.755348] ? kasan_atomics+0x152/0x310 [ 29.755377] kasan_atomics+0x1dc/0x310 [ 29.755402] ? __pfx_kasan_atomics+0x10/0x10 [ 29.755440] ? __pfx_read_tsc+0x10/0x10 [ 29.755465] ? ktime_get_ts64+0x86/0x230 [ 29.755491] kunit_try_run_case+0x1a5/0x480 [ 29.755519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.755545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.755569] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.755609] ? __kthread_parkme+0x82/0x180 [ 29.755632] ? preempt_count_sub+0x50/0x80 [ 29.755668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.755694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.755730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.755757] kthread+0x337/0x6f0 [ 29.755779] ? trace_preempt_on+0x20/0xc0 [ 29.756006] ? __pfx_kthread+0x10/0x10 [ 29.756031] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.756072] ? calculate_sigpending+0x7b/0xa0 [ 29.756099] ? __pfx_kthread+0x10/0x10 [ 29.756124] ret_from_fork+0x116/0x1d0 [ 29.756147] ? __pfx_kthread+0x10/0x10 [ 29.756170] ret_from_fork_asm+0x1a/0x30 [ 29.756204] </TASK> [ 29.756218] [ 29.765431] Allocated by task 314: [ 29.765615] kasan_save_stack+0x45/0x70 [ 29.765867] kasan_save_track+0x18/0x40 [ 29.766066] kasan_save_alloc_info+0x3b/0x50 [ 29.766290] __kasan_kmalloc+0xb7/0xc0 [ 29.766497] __kmalloc_cache_noprof+0x189/0x420 [ 29.766673] kasan_atomics+0x95/0x310 [ 29.766879] kunit_try_run_case+0x1a5/0x480 [ 29.767221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.767418] kthread+0x337/0x6f0 [ 29.767539] ret_from_fork+0x116/0x1d0 [ 29.767672] ret_from_fork_asm+0x1a/0x30 [ 29.767828] [ 29.767919] The buggy address belongs to the object at ffff888106266f00 [ 29.767919] which belongs to the cache kmalloc-64 of size 64 [ 29.768611] The buggy address is located 0 bytes to the right of [ 29.768611] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.769477] [ 29.769559] The buggy address belongs to the physical page: [ 29.769807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.770511] flags: 0x200000000000000(node=0|zone=2) [ 29.770729] page_type: f5(slab) [ 29.770896] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.771403] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.771742] page dumped because: kasan: bad access detected [ 29.771995] [ 29.772228] Memory state around the buggy address: [ 29.772464] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.772782] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.773269] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.773607] ^ [ 29.773819] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.774298] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.774528] ================================================================== [ 29.096412] ================================================================== [ 29.096665] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 29.097031] Read of size 4 at addr ffff888106266f30 by task kunit_try_catch/314 [ 29.097351] [ 29.097434] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 29.097572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.097588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.097610] Call Trace: [ 29.097625] <TASK> [ 29.097640] dump_stack_lvl+0x73/0xb0 [ 29.097692] print_report+0xd1/0x640 [ 29.097718] ? __virt_addr_valid+0x1db/0x2d0 [ 29.097741] ? kasan_atomics_helper+0x49e8/0x5450 [ 29.097765] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.098009] ? kasan_atomics_helper+0x49e8/0x5450 [ 29.098034] kasan_report+0x141/0x180 [ 29.098084] ? kasan_atomics_helper+0x49e8/0x5450 [ 29.098112] __asan_report_load4_noabort+0x18/0x20 [ 29.098139] kasan_atomics_helper+0x49e8/0x5450 [ 29.098163] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.098188] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.098234] ? kasan_atomics+0x152/0x310 [ 29.098262] kasan_atomics+0x1dc/0x310 [ 29.098288] ? __pfx_kasan_atomics+0x10/0x10 [ 29.098314] ? __pfx_read_tsc+0x10/0x10 [ 29.098338] ? ktime_get_ts64+0x86/0x230 [ 29.098364] kunit_try_run_case+0x1a5/0x480 [ 29.098389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.098414] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.098438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.098466] ? __kthread_parkme+0x82/0x180 [ 29.098488] ? preempt_count_sub+0x50/0x80 [ 29.098513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.098539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.098565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.098612] kthread+0x337/0x6f0 [ 29.098635] ? trace_preempt_on+0x20/0xc0 [ 29.098660] ? __pfx_kthread+0x10/0x10 [ 29.098682] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.098708] ? calculate_sigpending+0x7b/0xa0 [ 29.098733] ? __pfx_kthread+0x10/0x10 [ 29.098757] ret_from_fork+0x116/0x1d0 [ 29.098784] ? __pfx_kthread+0x10/0x10 [ 29.098806] ret_from_fork_asm+0x1a/0x30 [ 29.098839] </TASK> [ 29.098851] [ 29.107187] Allocated by task 314: [ 29.107366] kasan_save_stack+0x45/0x70 [ 29.107562] kasan_save_track+0x18/0x40 [ 29.107758] kasan_save_alloc_info+0x3b/0x50 [ 29.108072] __kasan_kmalloc+0xb7/0xc0 [ 29.108292] __kmalloc_cache_noprof+0x189/0x420 [ 29.108514] kasan_atomics+0x95/0x310 [ 29.108651] kunit_try_run_case+0x1a5/0x480 [ 29.108937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.109241] kthread+0x337/0x6f0 [ 29.109376] ret_from_fork+0x116/0x1d0 [ 29.109525] ret_from_fork_asm+0x1a/0x30 [ 29.109723] [ 29.110026] The buggy address belongs to the object at ffff888106266f00 [ 29.110026] which belongs to the cache kmalloc-64 of size 64 [ 29.110549] The buggy address is located 0 bytes to the right of [ 29.110549] allocated 48-byte region [ffff888106266f00, ffff888106266f30) [ 29.111056] [ 29.111183] The buggy address belongs to the physical page: [ 29.111443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106266 [ 29.111864] flags: 0x200000000000000(node=0|zone=2) [ 29.112163] page_type: f5(slab) [ 29.112317] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.112556] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.112985] page dumped because: kasan: bad access detected [ 29.113287] [ 29.113380] Memory state around the buggy address: [ 29.113617] ffff888106266e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.114031] ffff888106266e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.114419] >ffff888106266f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.114738] ^ [ 29.114990] ffff888106266f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.115213] ffff888106267000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.115628] ==================================================================