Date
July 6, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 | |
| x86 |
[ 17.581863] ================================================================== [ 17.582656] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.582733] Free of addr fff00000c77a5000 by task kunit_try_catch/210 [ 17.582776] [ 17.582818] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.582902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.583572] Hardware name: linux,dummy-virt (DT) [ 17.583616] Call trace: [ 17.583897] show_stack+0x20/0x38 (C) [ 17.584151] dump_stack_lvl+0x8c/0xd0 [ 17.584204] print_report+0x118/0x608 [ 17.584251] kasan_report_invalid_free+0xc0/0xe8 [ 17.584663] check_slab_allocation+0xd4/0x108 [ 17.584726] __kasan_slab_pre_free+0x2c/0x48 [ 17.584805] kmem_cache_free+0xf0/0x468 [ 17.584855] kmem_cache_double_free+0x190/0x3c8 [ 17.584901] kunit_try_run_case+0x170/0x3f0 [ 17.584958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.585073] kthread+0x328/0x630 [ 17.585183] ret_from_fork+0x10/0x20 [ 17.585343] [ 17.585450] Allocated by task 210: [ 17.585607] kasan_save_stack+0x3c/0x68 [ 17.585683] kasan_save_track+0x20/0x40 [ 17.585826] kasan_save_alloc_info+0x40/0x58 [ 17.585865] __kasan_slab_alloc+0xa8/0xb0 [ 17.585903] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.586225] kmem_cache_double_free+0x12c/0x3c8 [ 17.586475] kunit_try_run_case+0x170/0x3f0 [ 17.586551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.586595] kthread+0x328/0x630 [ 17.586631] ret_from_fork+0x10/0x20 [ 17.586669] [ 17.586732] Freed by task 210: [ 17.586819] kasan_save_stack+0x3c/0x68 [ 17.586991] kasan_save_track+0x20/0x40 [ 17.587032] kasan_save_free_info+0x4c/0x78 [ 17.587073] __kasan_slab_free+0x6c/0x98 [ 17.587110] kmem_cache_free+0x260/0x468 [ 17.587716] kmem_cache_double_free+0x140/0x3c8 [ 17.587763] kunit_try_run_case+0x170/0x3f0 [ 17.587829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.587873] kthread+0x328/0x630 [ 17.587903] ret_from_fork+0x10/0x20 [ 17.587939] [ 17.587960] The buggy address belongs to the object at fff00000c77a5000 [ 17.587960] which belongs to the cache test_cache of size 200 [ 17.588032] The buggy address is located 0 bytes inside of [ 17.588032] 200-byte region [fff00000c77a5000, fff00000c77a50c8) [ 17.588489] [ 17.588617] The buggy address belongs to the physical page: [ 17.588845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077a5 [ 17.588953] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.589022] page_type: f5(slab) [ 17.589063] raw: 0bfffe0000000000 fff00000c5d09280 dead000000000122 0000000000000000 [ 17.589114] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.589435] page dumped because: kasan: bad access detected [ 17.589525] [ 17.589589] Memory state around the buggy address: [ 17.589672] fff00000c77a4f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.589747] fff00000c77a4f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.589867] >fff00000c77a5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.589907] ^ [ 17.589972] fff00000c77a5080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.590034] fff00000c77a5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.590348] ==================================================================
[ 17.380738] ================================================================== [ 17.380867] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.381532] Free of addr fff00000c77dd000 by task kunit_try_catch/210 [ 17.381632] [ 17.381677] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.381764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.381791] Hardware name: linux,dummy-virt (DT) [ 17.381826] Call trace: [ 17.381849] show_stack+0x20/0x38 (C) [ 17.381903] dump_stack_lvl+0x8c/0xd0 [ 17.381963] print_report+0x118/0x608 [ 17.382011] kasan_report_invalid_free+0xc0/0xe8 [ 17.383206] check_slab_allocation+0xd4/0x108 [ 17.383320] __kasan_slab_pre_free+0x2c/0x48 [ 17.383593] kmem_cache_free+0xf0/0x468 [ 17.383688] kmem_cache_double_free+0x190/0x3c8 [ 17.383752] kunit_try_run_case+0x170/0x3f0 [ 17.384076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.384590] kthread+0x328/0x630 [ 17.384829] ret_from_fork+0x10/0x20 [ 17.385134] [ 17.385372] Allocated by task 210: [ 17.385476] kasan_save_stack+0x3c/0x68 [ 17.385814] kasan_save_track+0x20/0x40 [ 17.386039] kasan_save_alloc_info+0x40/0x58 [ 17.386082] __kasan_slab_alloc+0xa8/0xb0 [ 17.386118] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.386313] kmem_cache_double_free+0x12c/0x3c8 [ 17.386359] kunit_try_run_case+0x170/0x3f0 [ 17.386549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.386793] kthread+0x328/0x630 [ 17.386833] ret_from_fork+0x10/0x20 [ 17.387174] [ 17.387418] Freed by task 210: [ 17.387558] kasan_save_stack+0x3c/0x68 [ 17.388162] kasan_save_track+0x20/0x40 [ 17.388319] kasan_save_free_info+0x4c/0x78 [ 17.388639] __kasan_slab_free+0x6c/0x98 [ 17.388679] kmem_cache_free+0x260/0x468 [ 17.388717] kmem_cache_double_free+0x140/0x3c8 [ 17.388755] kunit_try_run_case+0x170/0x3f0 [ 17.388793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.388835] kthread+0x328/0x630 [ 17.389503] ret_from_fork+0x10/0x20 [ 17.389990] [ 17.390106] The buggy address belongs to the object at fff00000c77dd000 [ 17.390106] which belongs to the cache test_cache of size 200 [ 17.390169] The buggy address is located 0 bytes inside of [ 17.390169] 200-byte region [fff00000c77dd000, fff00000c77dd0c8) [ 17.390229] [ 17.390251] The buggy address belongs to the physical page: [ 17.390546] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077dd [ 17.390745] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.390801] page_type: f5(slab) [ 17.391308] raw: 0bfffe0000000000 fff00000c77d9140 dead000000000122 0000000000000000 [ 17.391529] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.391572] page dumped because: kasan: bad access detected [ 17.391846] [ 17.391870] Memory state around the buggy address: [ 17.392150] fff00000c77dcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.392270] fff00000c77dcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.392317] >fff00000c77dd000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.392738] ^ [ 17.392777] fff00000c77dd080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.392934] fff00000c77dd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.393347] ==================================================================
[ 14.139094] ================================================================== [ 14.139542] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 14.140000] Free of addr ffff888102567000 by task kunit_try_catch/227 [ 14.140381] [ 14.140574] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.140670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.140692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.140749] Call Trace: [ 14.140775] <TASK> [ 14.140806] dump_stack_lvl+0x73/0xb0 [ 14.140969] print_report+0xd1/0x650 [ 14.141013] ? __virt_addr_valid+0x1db/0x2d0 [ 14.141056] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.141119] ? kmem_cache_double_free+0x1e5/0x480 [ 14.141160] kasan_report_invalid_free+0x10a/0x130 [ 14.141202] ? kmem_cache_double_free+0x1e5/0x480 [ 14.141242] ? kmem_cache_double_free+0x1e5/0x480 [ 14.141282] check_slab_allocation+0x101/0x130 [ 14.141317] __kasan_slab_pre_free+0x28/0x40 [ 14.141368] kmem_cache_free+0xed/0x420 [ 14.141405] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.141442] ? kmem_cache_double_free+0x1e5/0x480 [ 14.141486] kmem_cache_double_free+0x1e5/0x480 [ 14.141519] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 14.141549] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 14.141572] ? kmem_cache_double_free+0x29/0x480 [ 14.141594] kunit_try_run_case+0x1a5/0x480 [ 14.141635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.141667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.141707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.141744] ? __kthread_parkme+0x82/0x180 [ 14.141917] ? preempt_count_sub+0x50/0x80 [ 14.141963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.142001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.142040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.142079] kthread+0x337/0x6f0 [ 14.142113] ? trace_preempt_on+0x20/0xc0 [ 14.142157] ? __pfx_kthread+0x10/0x10 [ 14.142189] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.142208] ? calculate_sigpending+0x7b/0xa0 [ 14.142231] ? __pfx_kthread+0x10/0x10 [ 14.142249] ret_from_fork+0x116/0x1d0 [ 14.142266] ? __pfx_kthread+0x10/0x10 [ 14.142314] ret_from_fork_asm+0x1a/0x30 [ 14.142343] </TASK> [ 14.142355] [ 14.154066] Allocated by task 227: [ 14.154343] kasan_save_stack+0x45/0x70 [ 14.154614] kasan_save_track+0x18/0x40 [ 14.154796] kasan_save_alloc_info+0x3b/0x50 [ 14.155109] __kasan_slab_alloc+0x91/0xa0 [ 14.155312] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.155872] kmem_cache_double_free+0x14f/0x480 [ 14.156239] kunit_try_run_case+0x1a5/0x480 [ 14.156476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.156818] kthread+0x337/0x6f0 [ 14.156972] ret_from_fork+0x116/0x1d0 [ 14.157149] ret_from_fork_asm+0x1a/0x30 [ 14.157434] [ 14.157856] Freed by task 227: [ 14.158140] kasan_save_stack+0x45/0x70 [ 14.158701] kasan_save_track+0x18/0x40 [ 14.159040] kasan_save_free_info+0x3f/0x60 [ 14.159441] __kasan_slab_free+0x56/0x70 [ 14.160237] kmem_cache_free+0x249/0x420 [ 14.160717] kmem_cache_double_free+0x16a/0x480 [ 14.161086] kunit_try_run_case+0x1a5/0x480 [ 14.161536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.162146] kthread+0x337/0x6f0 [ 14.162331] ret_from_fork+0x116/0x1d0 [ 14.162772] ret_from_fork_asm+0x1a/0x30 [ 14.162991] [ 14.163158] The buggy address belongs to the object at ffff888102567000 [ 14.163158] which belongs to the cache test_cache of size 200 [ 14.164236] The buggy address is located 0 bytes inside of [ 14.164236] 200-byte region [ffff888102567000, ffff8881025670c8) [ 14.164975] [ 14.165724] The buggy address belongs to the physical page: [ 14.166071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102567 [ 14.166291] flags: 0x200000000000000(node=0|zone=2) [ 14.166397] page_type: f5(slab) [ 14.166478] raw: 0200000000000000 ffff888101f27c80 dead000000000122 0000000000000000 [ 14.167037] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.167449] page dumped because: kasan: bad access detected [ 14.167765] [ 14.167886] Memory state around the buggy address: [ 14.168146] ffff888102566f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.168539] ffff888102566f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.168796] >ffff888102567000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.169022] ^ [ 14.169263] ffff888102567080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 14.169883] ffff888102567100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.170380] ==================================================================
[ 14.293078] ================================================================== [ 14.293642] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 14.293947] Free of addr ffff888102c53000 by task kunit_try_catch/226 [ 14.294706] [ 14.295036] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.295123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.295136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.295160] Call Trace: [ 14.295175] <TASK> [ 14.295194] dump_stack_lvl+0x73/0xb0 [ 14.295231] print_report+0xd1/0x650 [ 14.295256] ? __virt_addr_valid+0x1db/0x2d0 [ 14.295285] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.295313] ? kmem_cache_double_free+0x1e5/0x480 [ 14.295341] kasan_report_invalid_free+0x10a/0x130 [ 14.295367] ? kmem_cache_double_free+0x1e5/0x480 [ 14.295396] ? kmem_cache_double_free+0x1e5/0x480 [ 14.295423] check_slab_allocation+0x101/0x130 [ 14.295447] __kasan_slab_pre_free+0x28/0x40 [ 14.295470] kmem_cache_free+0xed/0x420 [ 14.295492] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.295515] ? kmem_cache_double_free+0x1e5/0x480 [ 14.295545] kmem_cache_double_free+0x1e5/0x480 [ 14.295571] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 14.295598] ? finish_task_switch.isra.0+0x153/0x700 [ 14.295625] ? __switch_to+0x47/0xf50 [ 14.295658] ? __pfx_read_tsc+0x10/0x10 [ 14.295682] ? ktime_get_ts64+0x86/0x230 [ 14.295709] kunit_try_run_case+0x1a5/0x480 [ 14.295739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.295954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.295990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.296016] ? __kthread_parkme+0x82/0x180 [ 14.296040] ? preempt_count_sub+0x50/0x80 [ 14.296080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.296106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.296131] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.296156] kthread+0x337/0x6f0 [ 14.296178] ? trace_preempt_on+0x20/0xc0 [ 14.296205] ? __pfx_kthread+0x10/0x10 [ 14.296228] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.296252] ? calculate_sigpending+0x7b/0xa0 [ 14.296279] ? __pfx_kthread+0x10/0x10 [ 14.296303] ret_from_fork+0x116/0x1d0 [ 14.296323] ? __pfx_kthread+0x10/0x10 [ 14.296346] ret_from_fork_asm+0x1a/0x30 [ 14.296380] </TASK> [ 14.296393] [ 14.309771] Allocated by task 226: [ 14.309950] kasan_save_stack+0x45/0x70 [ 14.310458] kasan_save_track+0x18/0x40 [ 14.310649] kasan_save_alloc_info+0x3b/0x50 [ 14.310912] __kasan_slab_alloc+0x91/0xa0 [ 14.311343] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.311632] kmem_cache_double_free+0x14f/0x480 [ 14.311818] kunit_try_run_case+0x1a5/0x480 [ 14.312063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.312295] kthread+0x337/0x6f0 [ 14.312464] ret_from_fork+0x116/0x1d0 [ 14.312641] ret_from_fork_asm+0x1a/0x30 [ 14.313140] [ 14.313249] Freed by task 226: [ 14.313400] kasan_save_stack+0x45/0x70 [ 14.313815] kasan_save_track+0x18/0x40 [ 14.314257] kasan_save_free_info+0x3f/0x60 [ 14.314520] __kasan_slab_free+0x56/0x70 [ 14.314727] kmem_cache_free+0x249/0x420 [ 14.315000] kmem_cache_double_free+0x16a/0x480 [ 14.315346] kunit_try_run_case+0x1a5/0x480 [ 14.315548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.315963] kthread+0x337/0x6f0 [ 14.316137] ret_from_fork+0x116/0x1d0 [ 14.316493] ret_from_fork_asm+0x1a/0x30 [ 14.316848] [ 14.316953] The buggy address belongs to the object at ffff888102c53000 [ 14.316953] which belongs to the cache test_cache of size 200 [ 14.317645] The buggy address is located 0 bytes inside of [ 14.317645] 200-byte region [ffff888102c53000, ffff888102c530c8) [ 14.318411] [ 14.318503] The buggy address belongs to the physical page: [ 14.318738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c53 [ 14.319302] flags: 0x200000000000000(node=0|zone=2) [ 14.319514] page_type: f5(slab) [ 14.319830] raw: 0200000000000000 ffff8881016013c0 dead000000000122 0000000000000000 [ 14.320253] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.320735] page dumped because: kasan: bad access detected [ 14.321022] [ 14.321211] Memory state around the buggy address: [ 14.321439] ffff888102c52f00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 14.321746] ffff888102c52f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.322332] >ffff888102c53000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.322740] ^ [ 14.322916] ffff888102c53080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 14.323347] ffff888102c53100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.323811] ==================================================================
[ 33.173001] ================================================================== [ 33.183810] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 33.190613] Free of addr ffff888103816000 by task kunit_try_catch/250 [ 33.197059] [ 33.198562] CPU: 3 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G S B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 33.198572] Tainted: [S]=CPU_OUT_OF_SPEC, [B]=BAD_PAGE, [N]=TEST [ 33.198575] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 33.198579] Call Trace: [ 33.198580] <TASK> [ 33.198583] dump_stack_lvl+0x73/0xb0 [ 33.198589] print_report+0xd1/0x650 [ 33.198593] ? __virt_addr_valid+0x1db/0x2d0 [ 33.198598] ? kasan_complete_mode_report_info+0x64/0x200 [ 33.198603] ? kmem_cache_double_free+0x1e5/0x480 [ 33.198608] kasan_report_invalid_free+0x10a/0x130 [ 33.198613] ? kmem_cache_double_free+0x1e5/0x480 [ 33.198618] ? kmem_cache_double_free+0x1e5/0x480 [ 33.198622] check_slab_allocation+0x101/0x130 [ 33.198626] __kasan_slab_pre_free+0x28/0x40 [ 33.198630] kmem_cache_free+0xed/0x420 [ 33.198634] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 33.198638] ? kmem_cache_double_free+0x1e5/0x480 [ 33.198643] kmem_cache_double_free+0x1e5/0x480 [ 33.198648] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 33.198652] ? finish_task_switch.isra.0+0x153/0x700 [ 33.198657] ? __switch_to+0x544/0xf50 [ 33.198663] ? ktime_get_ts64+0x83/0x230 [ 33.198668] kunit_try_run_case+0x1a2/0x480 [ 33.198673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.198677] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 33.198682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.198687] ? __kthread_parkme+0x82/0x180 [ 33.198690] ? preempt_count_sub+0x50/0x80 [ 33.198695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.198699] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 33.198703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.198708] kthread+0x334/0x6f0 [ 33.198711] ? trace_preempt_on+0x20/0xc0 [ 33.198716] ? __pfx_kthread+0x10/0x10 [ 33.198720] ? _raw_spin_unlock_irq+0x47/0x80 [ 33.198723] ? calculate_sigpending+0x7b/0xa0 [ 33.198729] ? __pfx_kthread+0x10/0x10 [ 33.198732] ret_from_fork+0x113/0x1d0 [ 33.198736] ? __pfx_kthread+0x10/0x10 [ 33.198740] ret_from_fork_asm+0x1a/0x30 [ 33.198746] </TASK> [ 33.198748] [ 33.388989] Allocated by task 250: [ 33.392410] kasan_save_stack+0x45/0x70 [ 33.396255] kasan_save_track+0x18/0x40 [ 33.400101] kasan_save_alloc_info+0x3b/0x50 [ 33.404375] __kasan_slab_alloc+0x91/0xa0 [ 33.408414] kmem_cache_alloc_noprof+0x123/0x3f0 [ 33.413031] kmem_cache_double_free+0x14f/0x480 [ 33.417565] kunit_try_run_case+0x1a2/0x480 [ 33.421751] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 33.427149] kthread+0x334/0x6f0 [ 33.430406] ret_from_fork+0x113/0x1d0 [ 33.434161] ret_from_fork_asm+0x1a/0x30 [ 33.438086] [ 33.439585] Freed by task 250: [ 33.442644] kasan_save_stack+0x45/0x70 [ 33.446485] kasan_save_track+0x18/0x40 [ 33.450324] kasan_save_free_info+0x3f/0x60 [ 33.454537] __kasan_slab_free+0x56/0x70 [ 33.458461] kmem_cache_free+0x249/0x420 [ 33.462405] kmem_cache_double_free+0x16a/0x480 [ 33.466938] kunit_try_run_case+0x1a2/0x480 [ 33.471124] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 33.476523] kthread+0x334/0x6f0 [ 33.479755] ret_from_fork+0x113/0x1d0 [ 33.483509] ret_from_fork_asm+0x1a/0x30 [ 33.487436] [ 33.488933] The buggy address belongs to the object at ffff888103816000 [ 33.488933] which belongs to the cache test_cache of size 200 [ 33.501368] The buggy address is located 0 bytes inside of [ 33.501368] 200-byte region [ffff888103816000, ffff8881038160c8) [ 33.512951] [ 33.514465] The buggy address belongs to the physical page: [ 33.520041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103816 [ 33.528048] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.535708] flags: 0x200000000000040(head|node=0|zone=2) [ 33.541030] page_type: f5(slab) [ 33.544176] raw: 0200000000000040 ffff888103804dc0 dead000000000122 0000000000000000 [ 33.551923] raw: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 33.559662] head: 0200000000000040 ffff888103804dc0 dead000000000122 0000000000000000 [ 33.567489] head: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 33.575315] head: 0200000000000001 ffffea00040e0581 00000000ffffffff 00000000ffffffff [ 33.583140] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 33.590966] page dumped because: kasan: bad access detected [ 33.596539] [ 33.598038] Memory state around the buggy address: [ 33.602830] ffff888103815f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.610050] ffff888103815f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.617270] >ffff888103816000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.624488] ^ [ 33.627723] ffff888103816080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 33.634949] ffff888103816100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.642169] ==================================================================