Date
May 30, 2025, 4:14 a.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 | |
| x15 |
[ 38.293340] ================================================================== [ 38.303900] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 38.311012] Free of addr ffff000806014000 by task kunit_try_catch/283 [ 38.317435] [ 38.318920] CPU: 4 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT [ 38.318980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.318997] Hardware name: WinLink E850-96 board (DT) [ 38.319017] Call trace: [ 38.319033] show_stack+0x20/0x38 (C) [ 38.319068] dump_stack_lvl+0x8c/0xd0 [ 38.319105] print_report+0x118/0x608 [ 38.319141] kasan_report_invalid_free+0xc0/0xe8 [ 38.319176] __kasan_mempool_poison_pages+0xe0/0xe8 [ 38.319211] mempool_free+0x24c/0x328 [ 38.319242] mempool_double_free_helper+0x150/0x2e8 [ 38.319275] mempool_page_alloc_double_free+0xbc/0x118 [ 38.319311] kunit_try_run_case+0x170/0x3f0 [ 38.319347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.319386] kthread+0x328/0x630 [ 38.319416] ret_from_fork+0x10/0x20 [ 38.319450] [ 38.393218] The buggy address belongs to the physical page: [ 38.398775] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886014 [ 38.406759] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.413281] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 38.420999] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 38.428720] page dumped because: kasan: bad access detected [ 38.434275] [ 38.435749] Memory state around the buggy address: [ 38.440530] ffff000806013f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.447732] ffff000806013f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.454938] >ffff000806014000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.462138] ^ [ 38.465353] ffff000806014080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.472558] ffff000806014100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.479761] ================================================================== [ 37.680536] ================================================================== [ 37.690278] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 37.697393] Free of addr ffff000801e2a400 by task kunit_try_catch/279 [ 37.703816] [ 37.705301] CPU: 5 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT [ 37.705362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.705380] Hardware name: WinLink E850-96 board (DT) [ 37.705398] Call trace: [ 37.705416] show_stack+0x20/0x38 (C) [ 37.705449] dump_stack_lvl+0x8c/0xd0 [ 37.705491] print_report+0x118/0x608 [ 37.705528] kasan_report_invalid_free+0xc0/0xe8 [ 37.705561] check_slab_allocation+0xd4/0x108 [ 37.705599] __kasan_mempool_poison_object+0x78/0x150 [ 37.705635] mempool_free+0x28c/0x328 [ 37.705667] mempool_double_free_helper+0x150/0x2e8 [ 37.705701] mempool_kmalloc_double_free+0xc0/0x118 [ 37.705733] kunit_try_run_case+0x170/0x3f0 [ 37.705768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.705807] kthread+0x328/0x630 [ 37.705837] ret_from_fork+0x10/0x20 [ 37.705873] [ 37.783851] Allocated by task 279: [ 37.787239] kasan_save_stack+0x3c/0x68 [ 37.791054] kasan_save_track+0x20/0x40 [ 37.794873] kasan_save_alloc_info+0x40/0x58 [ 37.799127] __kasan_mempool_unpoison_object+0x11c/0x180 [ 37.804422] remove_element+0x130/0x1f8 [ 37.808241] mempool_alloc_preallocated+0x58/0xc0 [ 37.812930] mempool_double_free_helper+0x94/0x2e8 [ 37.817703] mempool_kmalloc_double_free+0xc0/0x118 [ 37.822564] kunit_try_run_case+0x170/0x3f0 [ 37.826730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.832199] kthread+0x328/0x630 [ 37.835411] ret_from_fork+0x10/0x20 [ 37.838970] [ 37.840447] Freed by task 279: [ 37.843484] kasan_save_stack+0x3c/0x68 [ 37.847303] kasan_save_track+0x20/0x40 [ 37.851123] kasan_save_free_info+0x4c/0x78 [ 37.855290] __kasan_mempool_poison_object+0xc0/0x150 [ 37.860324] mempool_free+0x28c/0x328 [ 37.863969] mempool_double_free_helper+0x100/0x2e8 [ 37.868832] mempool_kmalloc_double_free+0xc0/0x118 [ 37.873692] kunit_try_run_case+0x170/0x3f0 [ 37.877858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.883327] kthread+0x328/0x630 [ 37.886539] ret_from_fork+0x10/0x20 [ 37.890098] [ 37.891575] The buggy address belongs to the object at ffff000801e2a400 [ 37.891575] which belongs to the cache kmalloc-128 of size 128 [ 37.904075] The buggy address is located 0 bytes inside of [ 37.904075] 128-byte region [ffff000801e2a400, ffff000801e2a480) [ 37.915618] [ 37.917098] The buggy address belongs to the physical page: [ 37.922654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x881e2a [ 37.930639] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 37.938277] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 37.945220] page_type: f5(slab) [ 37.948355] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 37.956076] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.963804] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 37.971613] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 37.979427] head: 0bfffe0000000001 fffffdffe0078a81 00000000ffffffff 00000000ffffffff [ 37.987238] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 37.995044] page dumped because: kasan: bad access detected [ 38.000601] [ 38.002075] Memory state around the buggy address: [ 38.006857] ffff000801e2a300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 38.014058] ffff000801e2a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.021264] >ffff000801e2a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 38.028464] ^ [ 38.031679] ffff000801e2a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.038884] ffff000801e2a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.046085] ================================================================== [ 38.055224] ================================================================== [ 38.065185] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 38.072303] Free of addr ffff000804b14000 by task kunit_try_catch/281 [ 38.078723] [ 38.080210] CPU: 2 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT [ 38.080269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.080285] Hardware name: WinLink E850-96 board (DT) [ 38.080305] Call trace: [ 38.080321] show_stack+0x20/0x38 (C) [ 38.080357] dump_stack_lvl+0x8c/0xd0 [ 38.080397] print_report+0x118/0x608 [ 38.080434] kasan_report_invalid_free+0xc0/0xe8 [ 38.080470] __kasan_mempool_poison_object+0x14c/0x150 [ 38.080508] mempool_free+0x28c/0x328 [ 38.080543] mempool_double_free_helper+0x150/0x2e8 [ 38.080576] mempool_kmalloc_large_double_free+0xc0/0x118 [ 38.080612] kunit_try_run_case+0x170/0x3f0 [ 38.080646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.080685] kthread+0x328/0x630 [ 38.080715] ret_from_fork+0x10/0x20 [ 38.080751] [ 38.155026] The buggy address belongs to the physical page: [ 38.160584] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x884b14 [ 38.168569] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 38.176208] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 38.183150] page_type: f8(unknown) [ 38.186546] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 38.194266] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 38.201994] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 38.209804] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 38.217617] head: 0bfffe0000000002 fffffdffe012c501 00000000ffffffff 00000000ffffffff [ 38.225429] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 38.233235] page dumped because: kasan: bad access detected [ 38.238792] [ 38.240266] Memory state around the buggy address: [ 38.245047] ffff000804b13f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.252248] ffff000804b13f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.259456] >ffff000804b14000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.266655] ^ [ 38.269870] ffff000804b14080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.277075] ffff000804b14100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.284276] ==================================================================
[ 28.119737] ================================================================== [ 28.119873] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 28.120244] Free of addr fff00000c78d4000 by task kunit_try_catch/238 [ 28.120470] [ 28.120573] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT [ 28.120938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.121015] Hardware name: linux,dummy-virt (DT) [ 28.121483] Call trace: [ 28.121544] show_stack+0x20/0x38 (C) [ 28.121677] dump_stack_lvl+0x8c/0xd0 [ 28.121829] print_report+0x118/0x608 [ 28.121946] kasan_report_invalid_free+0xc0/0xe8 [ 28.122075] __kasan_mempool_poison_object+0x14c/0x150 [ 28.122929] mempool_free+0x28c/0x328 [ 28.123164] mempool_double_free_helper+0x150/0x2e8 [ 28.123845] mempool_kmalloc_large_double_free+0xc0/0x118 [ 28.124211] kunit_try_run_case+0x170/0x3f0 [ 28.124439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.124609] kthread+0x328/0x630 [ 28.124744] ret_from_fork+0x10/0x20 [ 28.125491] [ 28.125658] The buggy address belongs to the physical page: [ 28.126156] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d4 [ 28.126435] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 28.126851] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 28.126990] page_type: f8(unknown) [ 28.127128] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.127345] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 28.127467] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.127583] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 28.127724] head: 0bfffe0000000002 ffffc1ffc31e3501 00000000ffffffff 00000000ffffffff [ 28.127847] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 28.127973] page dumped because: kasan: bad access detected [ 28.128190] [ 28.128238] Memory state around the buggy address: [ 28.128315] fff00000c78d3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.128430] fff00000c78d3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.128709] >fff00000c78d4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.128806] ^ [ 28.129445] fff00000c78d4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.129824] fff00000c78d4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.129938] ================================================================== [ 28.148333] ================================================================== [ 28.148466] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 28.148613] Free of addr fff00000c78d4000 by task kunit_try_catch/240 [ 28.148752] [ 28.148846] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT [ 28.149050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.149536] Hardware name: linux,dummy-virt (DT) [ 28.149986] Call trace: [ 28.150100] show_stack+0x20/0x38 (C) [ 28.150386] dump_stack_lvl+0x8c/0xd0 [ 28.150671] print_report+0x118/0x608 [ 28.151054] kasan_report_invalid_free+0xc0/0xe8 [ 28.151190] __kasan_mempool_poison_pages+0xe0/0xe8 [ 28.151422] mempool_free+0x24c/0x328 [ 28.151540] mempool_double_free_helper+0x150/0x2e8 [ 28.151879] mempool_page_alloc_double_free+0xbc/0x118 [ 28.152146] kunit_try_run_case+0x170/0x3f0 [ 28.152283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.152627] kthread+0x328/0x630 [ 28.152969] ret_from_fork+0x10/0x20 [ 28.153114] [ 28.153168] The buggy address belongs to the physical page: [ 28.153243] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d4 [ 28.153388] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.153550] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 28.154408] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.154964] page dumped because: kasan: bad access detected [ 28.155045] [ 28.155278] Memory state around the buggy address: [ 28.155492] fff00000c78d3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.155704] fff00000c78d3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.156217] >fff00000c78d4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.156313] ^ [ 28.156875] fff00000c78d4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.157414] fff00000c78d4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.158103] ================================================================== [ 28.073221] ================================================================== [ 28.073393] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 28.073534] Free of addr fff00000c56e8700 by task kunit_try_catch/236 [ 28.073638] [ 28.074488] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT [ 28.074948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.075023] Hardware name: linux,dummy-virt (DT) [ 28.075186] Call trace: [ 28.075567] show_stack+0x20/0x38 (C) [ 28.076155] dump_stack_lvl+0x8c/0xd0 [ 28.076662] print_report+0x118/0x608 [ 28.076802] kasan_report_invalid_free+0xc0/0xe8 [ 28.076931] check_slab_allocation+0xd4/0x108 [ 28.077054] __kasan_mempool_poison_object+0x78/0x150 [ 28.077181] mempool_free+0x28c/0x328 [ 28.077323] mempool_double_free_helper+0x150/0x2e8 [ 28.077445] mempool_kmalloc_double_free+0xc0/0x118 [ 28.079063] kunit_try_run_case+0x170/0x3f0 [ 28.079215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.080550] kthread+0x328/0x630 [ 28.080948] ret_from_fork+0x10/0x20 [ 28.081173] [ 28.081347] Allocated by task 236: [ 28.081426] kasan_save_stack+0x3c/0x68 [ 28.082053] kasan_save_track+0x20/0x40 [ 28.082225] kasan_save_alloc_info+0x40/0x58 [ 28.082900] __kasan_mempool_unpoison_object+0x11c/0x180 [ 28.083338] remove_element+0x130/0x1f8 [ 28.083489] mempool_alloc_preallocated+0x58/0xc0 [ 28.083616] mempool_double_free_helper+0x94/0x2e8 [ 28.084266] mempool_kmalloc_double_free+0xc0/0x118 [ 28.084385] kunit_try_run_case+0x170/0x3f0 [ 28.084491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.085968] kthread+0x328/0x630 [ 28.086275] ret_from_fork+0x10/0x20 [ 28.086380] [ 28.086904] Freed by task 236: [ 28.087484] kasan_save_stack+0x3c/0x68 [ 28.087634] kasan_save_track+0x20/0x40 [ 28.087775] kasan_save_free_info+0x4c/0x78 [ 28.087887] __kasan_mempool_poison_object+0xc0/0x150 [ 28.088006] mempool_free+0x28c/0x328 [ 28.088254] mempool_double_free_helper+0x100/0x2e8 [ 28.088479] mempool_kmalloc_double_free+0xc0/0x118 [ 28.088648] kunit_try_run_case+0x170/0x3f0 [ 28.088945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.089191] kthread+0x328/0x630 [ 28.089289] ret_from_fork+0x10/0x20 [ 28.089382] [ 28.089444] The buggy address belongs to the object at fff00000c56e8700 [ 28.089444] which belongs to the cache kmalloc-128 of size 128 [ 28.089647] The buggy address is located 0 bytes inside of [ 28.089647] 128-byte region [fff00000c56e8700, fff00000c56e8780) [ 28.090322] [ 28.090580] The buggy address belongs to the physical page: [ 28.090708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e8 [ 28.091000] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.091172] page_type: f5(slab) [ 28.091409] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.091534] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.091630] page dumped because: kasan: bad access detected [ 28.091780] [ 28.091876] Memory state around the buggy address: [ 28.091991] fff00000c56e8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.092114] fff00000c56e8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.092225] >fff00000c56e8700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.092399] ^ [ 28.092587] fff00000c56e8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.092859] fff00000c56e8800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.093128] ==================================================================
[ 20.805171] ================================================================== [ 20.806675] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 20.807043] Free of addr ffff888103c28000 by task kunit_try_catch/254 [ 20.807649] [ 20.808979] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.809060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.809100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.809151] Call Trace: [ 20.809182] <TASK> [ 20.809224] dump_stack_lvl+0x73/0xb0 [ 20.809269] print_report+0xd1/0x650 [ 20.809304] ? __virt_addr_valid+0x1db/0x2d0 [ 20.809339] ? kasan_addr_to_slab+0x11/0xa0 [ 20.809369] ? mempool_double_free_helper+0x184/0x370 [ 20.809404] kasan_report_invalid_free+0x10a/0x130 [ 20.809440] ? mempool_double_free_helper+0x184/0x370 [ 20.809479] ? mempool_double_free_helper+0x184/0x370 [ 20.809513] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 20.809549] mempool_free+0x2ec/0x380 [ 20.809583] mempool_double_free_helper+0x184/0x370 [ 20.809619] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.809654] ? __kasan_check_write+0x18/0x20 [ 20.809899] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.809948] ? finish_task_switch.isra.0+0x153/0x700 [ 20.810012] mempool_kmalloc_large_double_free+0xed/0x140 [ 20.810053] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 20.810094] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.810120] ? __pfx_mempool_kfree+0x10/0x10 [ 20.810150] ? __pfx_read_tsc+0x10/0x10 [ 20.810274] ? ktime_get_ts64+0x86/0x230 [ 20.810321] kunit_try_run_case+0x1a5/0x480 [ 20.810355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.810384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.810420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.810456] ? __kthread_parkme+0x82/0x180 [ 20.810487] ? preempt_count_sub+0x50/0x80 [ 20.810520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.810548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.810584] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.810619] kthread+0x337/0x6f0 [ 20.810646] ? trace_preempt_on+0x20/0xc0 [ 20.810696] ? __pfx_kthread+0x10/0x10 [ 20.810741] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.810774] ? calculate_sigpending+0x7b/0xa0 [ 20.810812] ? __pfx_kthread+0x10/0x10 [ 20.810841] ret_from_fork+0x116/0x1d0 [ 20.810868] ? __pfx_kthread+0x10/0x10 [ 20.810896] ret_from_fork_asm+0x1a/0x30 [ 20.810939] </TASK> [ 20.810978] [ 20.834558] The buggy address belongs to the physical page: [ 20.835040] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c28 [ 20.835838] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.836927] flags: 0x200000000000040(head|node=0|zone=2) [ 20.837682] page_type: f8(unknown) [ 20.838163] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.839690] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.841314] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.842045] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.843031] head: 0200000000000002 ffffea00040f0a01 00000000ffffffff 00000000ffffffff [ 20.843924] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.844617] page dumped because: kasan: bad access detected [ 20.845361] [ 20.845540] Memory state around the buggy address: [ 20.846438] ffff888103c27f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.847359] ffff888103c27f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.847993] >ffff888103c28000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.848807] ^ [ 20.849064] ffff888103c28080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.850337] ffff888103c28100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.851044] ================================================================== [ 20.857232] ================================================================== [ 20.858124] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 20.859185] Free of addr ffff888103c60000 by task kunit_try_catch/256 [ 20.859902] [ 20.860253] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.860388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.860464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.860645] Call Trace: [ 20.860692] <TASK> [ 20.860743] dump_stack_lvl+0x73/0xb0 [ 20.860822] print_report+0xd1/0x650 [ 20.860899] ? __virt_addr_valid+0x1db/0x2d0 [ 20.860999] ? kasan_addr_to_slab+0x11/0xa0 [ 20.861070] ? mempool_double_free_helper+0x184/0x370 [ 20.861266] kasan_report_invalid_free+0x10a/0x130 [ 20.861361] ? mempool_double_free_helper+0x184/0x370 [ 20.861452] ? mempool_double_free_helper+0x184/0x370 [ 20.861511] __kasan_mempool_poison_pages+0x115/0x130 [ 20.861552] mempool_free+0x290/0x380 [ 20.861586] mempool_double_free_helper+0x184/0x370 [ 20.861624] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.861661] ? __kasan_check_write+0x18/0x20 [ 20.861726] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.861763] ? finish_task_switch.isra.0+0x153/0x700 [ 20.861800] mempool_page_alloc_double_free+0xe8/0x140 [ 20.861839] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 20.861880] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 20.861907] ? __pfx_mempool_free_pages+0x10/0x10 [ 20.861938] ? __pfx_read_tsc+0x10/0x10 [ 20.861997] ? ktime_get_ts64+0x86/0x230 [ 20.862033] kunit_try_run_case+0x1a5/0x480 [ 20.862067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.862095] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.862129] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.862175] ? __kthread_parkme+0x82/0x180 [ 20.862304] ? preempt_count_sub+0x50/0x80 [ 20.862339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.862369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.862407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.862443] kthread+0x337/0x6f0 [ 20.862471] ? trace_preempt_on+0x20/0xc0 [ 20.862503] ? __pfx_kthread+0x10/0x10 [ 20.862532] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.862565] ? calculate_sigpending+0x7b/0xa0 [ 20.862601] ? __pfx_kthread+0x10/0x10 [ 20.862632] ret_from_fork+0x116/0x1d0 [ 20.862657] ? __pfx_kthread+0x10/0x10 [ 20.862699] ret_from_fork_asm+0x1a/0x30 [ 20.862759] </TASK> [ 20.862775] [ 20.890004] The buggy address belongs to the physical page: [ 20.891118] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c60 [ 20.892403] flags: 0x200000000000000(node=0|zone=2) [ 20.892809] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.894010] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.894632] page dumped because: kasan: bad access detected [ 20.895131] [ 20.895349] Memory state around the buggy address: [ 20.895787] ffff888103c5ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.897210] ffff888103c5ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.897798] >ffff888103c60000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.898669] ^ [ 20.898993] ffff888103c60080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.899981] ffff888103c60100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.900991] ================================================================== [ 20.731068] ================================================================== [ 20.731918] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 20.732793] Free of addr ffff8881022e0500 by task kunit_try_catch/252 [ 20.734376] [ 20.735236] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.735310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.735329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.735363] Call Trace: [ 20.735383] <TASK> [ 20.735408] dump_stack_lvl+0x73/0xb0 [ 20.735450] print_report+0xd1/0x650 [ 20.735482] ? __virt_addr_valid+0x1db/0x2d0 [ 20.735518] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.735551] ? mempool_double_free_helper+0x184/0x370 [ 20.735587] kasan_report_invalid_free+0x10a/0x130 [ 20.735622] ? mempool_double_free_helper+0x184/0x370 [ 20.735660] ? mempool_double_free_helper+0x184/0x370 [ 20.735721] ? mempool_double_free_helper+0x184/0x370 [ 20.735760] check_slab_allocation+0x101/0x130 [ 20.735796] __kasan_mempool_poison_object+0x91/0x1d0 [ 20.735832] mempool_free+0x2ec/0x380 [ 20.735866] mempool_double_free_helper+0x184/0x370 [ 20.735902] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.735940] ? __kasan_check_write+0x18/0x20 [ 20.736029] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.736130] ? finish_task_switch.isra.0+0x153/0x700 [ 20.736239] mempool_kmalloc_double_free+0xed/0x140 [ 20.736280] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 20.736319] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.736346] ? __pfx_mempool_kfree+0x10/0x10 [ 20.736377] ? __pfx_read_tsc+0x10/0x10 [ 20.736408] ? ktime_get_ts64+0x86/0x230 [ 20.736442] kunit_try_run_case+0x1a5/0x480 [ 20.736474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.736502] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.736539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.736575] ? __kthread_parkme+0x82/0x180 [ 20.736605] ? preempt_count_sub+0x50/0x80 [ 20.736635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.736663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.736726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.736765] kthread+0x337/0x6f0 [ 20.736795] ? trace_preempt_on+0x20/0xc0 [ 20.736828] ? __pfx_kthread+0x10/0x10 [ 20.736857] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.736891] ? calculate_sigpending+0x7b/0xa0 [ 20.736926] ? __pfx_kthread+0x10/0x10 [ 20.736985] ret_from_fork+0x116/0x1d0 [ 20.737027] ? __pfx_kthread+0x10/0x10 [ 20.737059] ret_from_fork_asm+0x1a/0x30 [ 20.737104] </TASK> [ 20.737119] [ 20.765233] Allocated by task 252: [ 20.766107] kasan_save_stack+0x45/0x70 [ 20.766791] kasan_save_track+0x18/0x40 [ 20.767465] kasan_save_alloc_info+0x3b/0x50 [ 20.767818] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.768949] remove_element+0x11e/0x190 [ 20.769695] mempool_alloc_preallocated+0x4d/0x90 [ 20.770105] mempool_double_free_helper+0x8a/0x370 [ 20.771021] mempool_kmalloc_double_free+0xed/0x140 [ 20.771604] kunit_try_run_case+0x1a5/0x480 [ 20.772074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.773234] kthread+0x337/0x6f0 [ 20.773531] ret_from_fork+0x116/0x1d0 [ 20.774346] ret_from_fork_asm+0x1a/0x30 [ 20.774674] [ 20.775306] Freed by task 252: [ 20.775605] kasan_save_stack+0x45/0x70 [ 20.776500] kasan_save_track+0x18/0x40 [ 20.776768] kasan_save_free_info+0x3f/0x60 [ 20.777587] __kasan_mempool_poison_object+0x131/0x1d0 [ 20.778636] mempool_free+0x2ec/0x380 [ 20.779359] mempool_double_free_helper+0x109/0x370 [ 20.779982] mempool_kmalloc_double_free+0xed/0x140 [ 20.780666] kunit_try_run_case+0x1a5/0x480 [ 20.781117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.782026] kthread+0x337/0x6f0 [ 20.782993] ret_from_fork+0x116/0x1d0 [ 20.783393] ret_from_fork_asm+0x1a/0x30 [ 20.783571] [ 20.783660] The buggy address belongs to the object at ffff8881022e0500 [ 20.783660] which belongs to the cache kmalloc-128 of size 128 [ 20.784108] The buggy address is located 0 bytes inside of [ 20.784108] 128-byte region [ffff8881022e0500, ffff8881022e0580) [ 20.785835] [ 20.786342] The buggy address belongs to the physical page: [ 20.787155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e0 [ 20.788406] flags: 0x200000000000000(node=0|zone=2) [ 20.789089] page_type: f5(slab) [ 20.789567] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.790479] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.791591] page dumped because: kasan: bad access detected [ 20.792248] [ 20.792672] Memory state around the buggy address: [ 20.793164] ffff8881022e0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.794498] ffff8881022e0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.795280] >ffff8881022e0500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.795909] ^ [ 20.796278] ffff8881022e0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.797424] ffff8881022e0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.797893] ==================================================================
[ 64.487854] ================================================================== [ 64.499420] BUG: KASAN: double-free in mempool_double_free_helper+0x1c4/0x368 [ 64.506591] Free of addr cc893700 by task kunit_try_catch/287 [ 64.512390] [ 64.513885] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B W N 6.15.0-next-20250530 #1 NONE [ 64.513916] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 64.513946] Hardware name: Generic DRA74X (Flattened Device Tree) [ 64.513946] Call trace: [ 64.513946] unwind_backtrace from show_stack+0x18/0x1c [ 64.513977] show_stack from dump_stack_lvl+0x70/0x90 [ 64.514007] dump_stack_lvl from print_report+0x158/0x528 [ 64.514038] print_report from kasan_report_invalid_free+0xc0/0xf4 [ 64.514068] kasan_report_invalid_free from check_slab_allocation+0xb8/0xd8 [ 64.514068] check_slab_allocation from __kasan_mempool_poison_object+0x54/0x128 [ 64.514099] __kasan_mempool_poison_object from mempool_free+0x360/0x440 [ 64.514129] mempool_free from mempool_double_free_helper+0x1c4/0x368 [ 64.514160] mempool_double_free_helper from mempool_kmalloc_double_free+0xb8/0x104 [ 64.514190] mempool_kmalloc_double_free from kunit_try_run_case+0x22c/0x5a8 [ 64.514221] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 64.514251] kunit_generic_run_threadfn_adapter from kthread+0x464/0x810 [ 64.514251] kthread from ret_from_fork+0x14/0x20 [ 64.514282] Exception stack(0xf243bfb0 to 0xf243bff8) [ 64.514282] bfa0: 00000000 00000000 00000000 00000000 [ 64.514312] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 64.514343] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 64.514343] [ 64.651611] Allocated by task 287: [ 64.655059] kasan_save_track+0x30/0x5c [ 64.658905] remove_element+0x180/0x264 [ 64.662780] mempool_alloc_preallocated+0x60/0x9c [ 64.667510] mempool_double_free_helper+0x8c/0x368 [ 64.672363] mempool_kmalloc_double_free+0xb8/0x104 [ 64.677276] kunit_try_run_case+0x22c/0x5a8 [ 64.681488] kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 64.687011] kthread+0x464/0x810 [ 64.690277] ret_from_fork+0x14/0x20 [ 64.693878] [ 64.695373] Freed by task 287: [ 64.698455] kasan_save_track+0x30/0x5c [ 64.702331] kasan_save_free_info+0x3c/0x48 [ 64.706542] __kasan_mempool_poison_object+0x94/0x128 [ 64.711639] mempool_free+0x360/0x440 [ 64.715332] mempool_double_free_helper+0x13c/0x368 [ 64.720245] mempool_kmalloc_double_free+0xb8/0x104 [ 64.725158] kunit_try_run_case+0x22c/0x5a8 [ 64.729370] kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 64.734893] kthread+0x464/0x810 [ 64.738159] ret_from_fork+0x14/0x20 [ 64.741760] [ 64.743255] The buggy address belongs to the object at cc893700 [ 64.743255] which belongs to the cache kmalloc-128 of size 128 [ 64.755157] The buggy address is located 0 bytes inside of [ 64.755157] 128-byte region [cc893700, cc893780) [ 64.765411] [ 64.766906] The buggy address belongs to the physical page: [ 64.772521] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c893 [ 64.779785] flags: 0x0(zone=0) [ 64.782867] page_type: f5(slab) [ 64.786041] raw: 00000000 c7001400 00000122 00000000 00000000 80100010 f5000000 00000000 [ 64.794189] raw: 00000000 [ 64.796813] page dumped because: kasan: bad access detected [ 64.802429] [ 64.803924] Memory state around the buggy address: [ 64.808746] cc893600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.815307] cc893680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.821899] >cc893700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.828460] ^ [ 64.831024] cc893780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.837585] cc893800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.844146] ================================================================== [ 64.852233] ================================================================== [ 64.864227] BUG: KASAN: double-free in mempool_double_free_helper+0x1c4/0x368 [ 64.871398] Free of addr cc8fc000 by task kunit_try_catch/289 [ 64.877197] [ 64.878692] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B W N 6.15.0-next-20250530 #1 NONE [ 64.878723] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 64.878753] Hardware name: Generic DRA74X (Flattened Device Tree) [ 64.878753] Call trace: [ 64.878753] unwind_backtrace from show_stack+0x18/0x1c [ 64.878784] show_stack from dump_stack_lvl+0x70/0x90 [ 64.878814] dump_stack_lvl from print_report+0x158/0x528 [ 64.878845] print_report from kasan_report_invalid_free+0xc0/0xf4 [ 64.878875] kasan_report_invalid_free from __kasan_mempool_poison_object+0x124/0x128 [ 64.878875] __kasan_mempool_poison_object from mempool_free+0x360/0x440 [ 64.878906] mempool_free from mempool_double_free_helper+0x1c4/0x368 [ 64.878936] mempool_double_free_helper from mempool_kmalloc_large_double_free+0xb8/0x104 [ 64.878967] mempool_kmalloc_large_double_free from kunit_try_run_case+0x22c/0x5a8 [ 64.878997] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 64.879028] kunit_generic_run_threadfn_adapter from kthread+0x464/0x810 [ 64.879058] kthread from ret_from_fork+0x14/0x20 [ 64.879058] Exception stack(0xf1833fb0 to 0xf1833ff8) [ 64.879089] 3fa0: 00000000 00000000 00000000 00000000 [ 64.879089] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 64.879119] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 64.879119] [ 65.010894] The buggy address belongs to the physical page: [ 65.016510] page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c8fc [ 65.023773] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 65.031494] flags: 0x40(head|zone=0) [ 65.035095] page_type: f8(unknown) [ 65.038513] raw: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001 [ 65.046661] raw: 00000000 [ 65.049316] head: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001 [ 65.057556] head: 00000000 00000002 eebc3371 ffffffff 00000000 ffffffff 00000000 ffffffff [ 65.065795] head: 00000000 00000004 [ 65.069305] page dumped because: kasan: bad access detected [ 65.074890] [ 65.076416] Memory state around the buggy address: [ 65.081237] cc8fbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 65.087799] cc8fbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 65.094360] >cc8fc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 65.100952] ^ [ 65.103485] cc8fc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 65.110076] cc8fc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 65.116638] ================================================================== [ 65.124847] ================================================================== [ 65.137359] BUG: KASAN: double-free in mempool_double_free_helper+0x1c4/0x368 [ 65.144561] Free of addr cc8fc000 by task kunit_try_catch/291 [ 65.150329] [ 65.151855] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B W N 6.15.0-next-20250530 #1 NONE [ 65.151885] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 65.151885] Hardware name: Generic DRA74X (Flattened Device Tree) [ 65.151885] Call trace: [ 65.151916] unwind_backtrace from show_stack+0x18/0x1c [ 65.151916] show_stack from dump_stack_lvl+0x70/0x90 [ 65.151947] dump_stack_lvl from print_report+0x158/0x528 [ 65.151977] print_report from kasan_report_invalid_free+0xc0/0xf4 [ 65.152008] kasan_report_invalid_free from __kasan_mempool_poison_pages+0xdc/0xe0 [ 65.152038] __kasan_mempool_poison_pages from mempool_free+0x314/0x440 [ 65.152038] mempool_free from mempool_double_free_helper+0x1c4/0x368 [ 65.152069] mempool_double_free_helper from mempool_page_alloc_double_free+0xb4/0x100 [ 65.152099] mempool_page_alloc_double_free from kunit_try_run_case+0x22c/0x5a8 [ 65.152130] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 65.152160] kunit_generic_run_threadfn_adapter from kthread+0x464/0x810 [ 65.152191] kthread from ret_from_fork+0x14/0x20 [ 65.152221] Exception stack(0xf244bfb0 to 0xf244bff8) [ 65.152221] bfa0: 00000000 00000000 00000000 00000000 [ 65.152252] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 65.152252] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 65.152252] [ 65.283172] The buggy address belongs to the physical page: [ 65.288757] page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c8fc [ 65.296051] flags: 0x0(zone=0) [ 65.299133] raw: 00000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 65.307281] raw: 00000000 [ 65.309906] page dumped because: kasan: bad access detected [ 65.315521] [ 65.317016] Memory state around the buggy address: [ 65.321838] cc8fbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 65.328399] cc8fbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 65.334991] >cc8fc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 65.341552] ^ [ 65.344085] cc8fc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 65.350677] cc8fc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 65.357238] ==================================================================