Date
July 23, 2025, 2:10 a.m.
Environment | |
---|---|
qemu-arm64 | |
qemu-x86_64 |
[ 17.512292] ================================================================== [ 17.512351] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.512436] Free of addr fff00000c644bc00 by task kunit_try_catch/235 [ 17.512532] [ 17.512562] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.512662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.512946] Hardware name: linux,dummy-virt (DT) [ 17.512990] Call trace: [ 17.513039] show_stack+0x20/0x38 (C) [ 17.513094] dump_stack_lvl+0x8c/0xd0 [ 17.513202] print_report+0x118/0x5d0 [ 17.513277] kasan_report_invalid_free+0xc0/0xe8 [ 17.513331] check_slab_allocation+0xd4/0x108 [ 17.513419] __kasan_mempool_poison_object+0x78/0x150 [ 17.513471] mempool_free+0x28c/0x328 [ 17.513517] mempool_double_free_helper+0x150/0x2e8 [ 17.513566] mempool_kmalloc_double_free+0xc0/0x118 [ 17.513678] kunit_try_run_case+0x170/0x3f0 [ 17.513734] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.513788] kthread+0x328/0x630 [ 17.513832] ret_from_fork+0x10/0x20 [ 17.514109] [ 17.514137] Allocated by task 235: [ 17.514170] kasan_save_stack+0x3c/0x68 [ 17.514214] kasan_save_track+0x20/0x40 [ 17.514252] kasan_save_alloc_info+0x40/0x58 [ 17.514415] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.514474] remove_element+0x130/0x1f8 [ 17.514510] mempool_alloc_preallocated+0x58/0xc0 [ 17.514578] mempool_double_free_helper+0x94/0x2e8 [ 17.514709] mempool_kmalloc_double_free+0xc0/0x118 [ 17.514832] kunit_try_run_case+0x170/0x3f0 [ 17.514964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.515011] kthread+0x328/0x630 [ 17.515065] ret_from_fork+0x10/0x20 [ 17.515101] [ 17.515120] Freed by task 235: [ 17.515513] kasan_save_stack+0x3c/0x68 [ 17.515611] kasan_save_track+0x20/0x40 [ 17.515703] kasan_save_free_info+0x4c/0x78 [ 17.515782] __kasan_mempool_poison_object+0xc0/0x150 [ 17.515962] mempool_free+0x28c/0x328 [ 17.516039] mempool_double_free_helper+0x100/0x2e8 [ 17.516164] mempool_kmalloc_double_free+0xc0/0x118 [ 17.516283] kunit_try_run_case+0x170/0x3f0 [ 17.516344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.516667] kthread+0x328/0x630 [ 17.516718] ret_from_fork+0x10/0x20 [ 17.516894] [ 17.516996] The buggy address belongs to the object at fff00000c644bc00 [ 17.516996] which belongs to the cache kmalloc-128 of size 128 [ 17.517085] The buggy address is located 0 bytes inside of [ 17.517085] 128-byte region [fff00000c644bc00, fff00000c644bc80) [ 17.517527] [ 17.517596] The buggy address belongs to the physical page: [ 17.517717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10644b [ 17.517822] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.517992] page_type: f5(slab) [ 17.518107] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.518268] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.518313] page dumped because: kasan: bad access detected [ 17.518358] [ 17.518426] Memory state around the buggy address: [ 17.518653] fff00000c644bb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.519185] fff00000c644bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.519251] >fff00000c644bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.519482] ^ [ 17.519541] fff00000c644bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.519599] fff00000c644bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.519639] ================================================================== [ 17.535629] ================================================================== [ 17.535685] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.535986] Free of addr fff00000c77b0000 by task kunit_try_catch/239 [ 17.536102] [ 17.536138] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.536232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.536259] Hardware name: linux,dummy-virt (DT) [ 17.536298] Call trace: [ 17.536322] show_stack+0x20/0x38 (C) [ 17.536372] dump_stack_lvl+0x8c/0xd0 [ 17.536479] print_report+0x118/0x5d0 [ 17.536565] kasan_report_invalid_free+0xc0/0xe8 [ 17.536617] __kasan_mempool_poison_pages+0xe0/0xe8 [ 17.536673] mempool_free+0x24c/0x328 [ 17.536717] mempool_double_free_helper+0x150/0x2e8 [ 17.537438] mempool_page_alloc_double_free+0xbc/0x118 [ 17.537576] kunit_try_run_case+0x170/0x3f0 [ 17.537627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.538611] kthread+0x328/0x630 [ 17.538740] ret_from_fork+0x10/0x20 [ 17.539313] [ 17.539604] The buggy address belongs to the physical page: [ 17.539644] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b0 [ 17.539706] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.539769] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.539821] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.541429] page dumped because: kasan: bad access detected [ 17.541938] [ 17.542020] Memory state around the buggy address: [ 17.542156] fff00000c77aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.542638] fff00000c77aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.542686] >fff00000c77b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.542726] ^ [ 17.542755] fff00000c77b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.543800] fff00000c77b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.543991] ================================================================== [ 17.525448] ================================================================== [ 17.525515] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.525566] Free of addr fff00000c77b0000 by task kunit_try_catch/237 [ 17.525610] [ 17.525641] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.525723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.525891] Hardware name: linux,dummy-virt (DT) [ 17.525986] Call trace: [ 17.526014] show_stack+0x20/0x38 (C) [ 17.526088] dump_stack_lvl+0x8c/0xd0 [ 17.526162] print_report+0x118/0x5d0 [ 17.526212] kasan_report_invalid_free+0xc0/0xe8 [ 17.526281] __kasan_mempool_poison_object+0x14c/0x150 [ 17.526336] mempool_free+0x28c/0x328 [ 17.526529] mempool_double_free_helper+0x150/0x2e8 [ 17.526643] mempool_kmalloc_large_double_free+0xc0/0x118 [ 17.526728] kunit_try_run_case+0x170/0x3f0 [ 17.526824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.526940] kthread+0x328/0x630 [ 17.527005] ret_from_fork+0x10/0x20 [ 17.527054] [ 17.527074] The buggy address belongs to the physical page: [ 17.527110] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b0 [ 17.527293] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.527420] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.527578] page_type: f8(unknown) [ 17.527665] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.527770] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.527880] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.527953] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.528016] head: 0bfffe0000000002 ffffc1ffc31dec01 00000000ffffffff 00000000ffffffff [ 17.528391] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.528462] page dumped because: kasan: bad access detected [ 17.528514] [ 17.528583] Memory state around the buggy address: [ 17.528693] fff00000c77aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.528776] fff00000c77aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.528820] >fff00000c77b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.528869] ^ [ 17.528897] fff00000c77b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.528940] fff00000c77b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.529202] ==================================================================
[ 14.229800] ================================================================== [ 14.230598] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.230880] Free of addr ffff888102b16100 by task kunit_try_catch/252 [ 14.231140] [ 14.231254] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 14.231299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.231311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.231334] Call Trace: [ 14.231347] <TASK> [ 14.231362] dump_stack_lvl+0x73/0xb0 [ 14.231392] print_report+0xd1/0x610 [ 14.231414] ? __virt_addr_valid+0x1db/0x2d0 [ 14.231438] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.231461] ? mempool_double_free_helper+0x184/0x370 [ 14.231485] kasan_report_invalid_free+0x10a/0x130 [ 14.231509] ? mempool_double_free_helper+0x184/0x370 [ 14.231535] ? mempool_double_free_helper+0x184/0x370 [ 14.231557] ? mempool_double_free_helper+0x184/0x370 [ 14.231580] check_slab_allocation+0x101/0x130 [ 14.231601] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.231626] mempool_free+0x2ec/0x380 [ 14.231652] mempool_double_free_helper+0x184/0x370 [ 14.231676] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.231699] ? update_load_avg+0x1be/0x21b0 [ 14.231722] ? update_load_avg+0x1be/0x21b0 [ 14.231742] ? update_curr+0x80/0x810 [ 14.231764] ? irqentry_exit+0x2a/0x60 [ 14.231785] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.231823] mempool_kmalloc_double_free+0xed/0x140 [ 14.231847] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.231873] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.231896] ? __pfx_mempool_kfree+0x10/0x10 [ 14.231920] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.231945] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.231970] kunit_try_run_case+0x1a5/0x480 [ 14.231996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.232018] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.232041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.232064] ? __kthread_parkme+0x82/0x180 [ 14.232084] ? preempt_count_sub+0x50/0x80 [ 14.232116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.232140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.232163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.232187] kthread+0x337/0x6f0 [ 14.232205] ? trace_preempt_on+0x20/0xc0 [ 14.232228] ? __pfx_kthread+0x10/0x10 [ 14.232248] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.232280] ? calculate_sigpending+0x7b/0xa0 [ 14.232305] ? __pfx_kthread+0x10/0x10 [ 14.232326] ret_from_fork+0x116/0x1d0 [ 14.232344] ? __pfx_kthread+0x10/0x10 [ 14.232366] ret_from_fork_asm+0x1a/0x30 [ 14.232396] </TASK> [ 14.232407] [ 14.242123] Allocated by task 252: [ 14.242360] kasan_save_stack+0x45/0x70 [ 14.242608] kasan_save_track+0x18/0x40 [ 14.242857] kasan_save_alloc_info+0x3b/0x50 [ 14.243047] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.243347] remove_element+0x11e/0x190 [ 14.243676] mempool_alloc_preallocated+0x4d/0x90 [ 14.243891] mempool_double_free_helper+0x8a/0x370 [ 14.244380] mempool_kmalloc_double_free+0xed/0x140 [ 14.244569] kunit_try_run_case+0x1a5/0x480 [ 14.244779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.245028] kthread+0x337/0x6f0 [ 14.245201] ret_from_fork+0x116/0x1d0 [ 14.245335] ret_from_fork_asm+0x1a/0x30 [ 14.245600] [ 14.245702] Freed by task 252: [ 14.245878] kasan_save_stack+0x45/0x70 [ 14.246074] kasan_save_track+0x18/0x40 [ 14.246255] kasan_save_free_info+0x3f/0x60 [ 14.246462] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.246633] mempool_free+0x2ec/0x380 [ 14.246770] mempool_double_free_helper+0x109/0x370 [ 14.246944] mempool_kmalloc_double_free+0xed/0x140 [ 14.247115] kunit_try_run_case+0x1a5/0x480 [ 14.247299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.247550] kthread+0x337/0x6f0 [ 14.247716] ret_from_fork+0x116/0x1d0 [ 14.248057] ret_from_fork_asm+0x1a/0x30 [ 14.248464] [ 14.248563] The buggy address belongs to the object at ffff888102b16100 [ 14.248563] which belongs to the cache kmalloc-128 of size 128 [ 14.249033] The buggy address is located 0 bytes inside of [ 14.249033] 128-byte region [ffff888102b16100, ffff888102b16180) [ 14.249702] [ 14.249803] The buggy address belongs to the physical page: [ 14.250029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b16 [ 14.250615] flags: 0x200000000000000(node=0|zone=2) [ 14.250835] page_type: f5(slab) [ 14.250982] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.251217] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.251661] page dumped because: kasan: bad access detected [ 14.252057] [ 14.252161] Memory state around the buggy address: [ 14.252443] ffff888102b16000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.252780] ffff888102b16080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.253105] >ffff888102b16100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.253471] ^ [ 14.253633] ffff888102b16180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.253947] ffff888102b16200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.254205] ================================================================== [ 14.258513] ================================================================== [ 14.259059] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.259371] Free of addr ffff888103ab0000 by task kunit_try_catch/254 [ 14.259711] [ 14.259835] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 14.259878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.259890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.259911] Call Trace: [ 14.259923] <TASK> [ 14.259938] dump_stack_lvl+0x73/0xb0 [ 14.259965] print_report+0xd1/0x610 [ 14.259987] ? __virt_addr_valid+0x1db/0x2d0 [ 14.260009] ? kasan_addr_to_slab+0x11/0xa0 [ 14.260029] ? mempool_double_free_helper+0x184/0x370 [ 14.260054] kasan_report_invalid_free+0x10a/0x130 [ 14.260077] ? mempool_double_free_helper+0x184/0x370 [ 14.260104] ? mempool_double_free_helper+0x184/0x370 [ 14.260126] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.260150] mempool_free+0x2ec/0x380 [ 14.260177] mempool_double_free_helper+0x184/0x370 [ 14.260200] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.260227] ? irqentry_exit+0x2a/0x60 [ 14.260248] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.260274] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.260298] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.260341] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.260365] ? __pfx_mempool_kfree+0x10/0x10 [ 14.260388] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.260415] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.260442] kunit_try_run_case+0x1a5/0x480 [ 14.260466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.260489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.260513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.260537] ? __kthread_parkme+0x82/0x180 [ 14.260557] ? preempt_count_sub+0x50/0x80 [ 14.260581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.260605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.260628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.260652] kthread+0x337/0x6f0 [ 14.260670] ? trace_preempt_on+0x20/0xc0 [ 14.260694] ? __pfx_kthread+0x10/0x10 [ 14.260714] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.260735] ? calculate_sigpending+0x7b/0xa0 [ 14.260759] ? __pfx_kthread+0x10/0x10 [ 14.260780] ret_from_fork+0x116/0x1d0 [ 14.260799] ? __pfx_kthread+0x10/0x10 [ 14.260830] ret_from_fork_asm+0x1a/0x30 [ 14.260866] </TASK> [ 14.260876] [ 14.269286] The buggy address belongs to the physical page: [ 14.269475] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab0 [ 14.269890] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.270344] flags: 0x200000000000040(head|node=0|zone=2) [ 14.270687] page_type: f8(unknown) [ 14.270881] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.271196] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.271516] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.271774] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.272022] head: 0200000000000002 ffffea00040eac01 00000000ffffffff 00000000ffffffff [ 14.272259] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.272596] page dumped because: kasan: bad access detected [ 14.273001] [ 14.273099] Memory state around the buggy address: [ 14.273323] ffff888103aaff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.273686] ffff888103aaff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.273985] >ffff888103ab0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.274512] ^ [ 14.274660] ffff888103ab0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.274935] ffff888103ab0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.275407] ================================================================== [ 14.279300] ================================================================== [ 14.279837] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.280196] Free of addr ffff888103a74000 by task kunit_try_catch/256 [ 14.280460] [ 14.280783] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 14.280855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.280867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.280889] Call Trace: [ 14.280904] <TASK> [ 14.280920] dump_stack_lvl+0x73/0xb0 [ 14.280951] print_report+0xd1/0x610 [ 14.280973] ? __virt_addr_valid+0x1db/0x2d0 [ 14.280998] ? kasan_addr_to_slab+0x11/0xa0 [ 14.281017] ? mempool_double_free_helper+0x184/0x370 [ 14.281041] kasan_report_invalid_free+0x10a/0x130 [ 14.281066] ? mempool_double_free_helper+0x184/0x370 [ 14.281092] ? mempool_double_free_helper+0x184/0x370 [ 14.281114] __kasan_mempool_poison_pages+0x115/0x130 [ 14.281138] mempool_free+0x290/0x380 [ 14.281165] mempool_double_free_helper+0x184/0x370 [ 14.281189] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.281422] ? update_load_avg+0x1be/0x21b0 [ 14.281450] ? dequeue_entities+0x27e/0x1740 [ 14.281475] ? finish_task_switch.isra.0+0x153/0x700 [ 14.281500] mempool_page_alloc_double_free+0xe8/0x140 [ 14.281525] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.281552] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.281576] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.281602] ? __pfx_read_tsc+0x10/0x10 [ 14.281624] ? ktime_get_ts64+0x86/0x230 [ 14.281648] kunit_try_run_case+0x1a5/0x480 [ 14.281673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.281696] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.281720] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.281742] ? __kthread_parkme+0x82/0x180 [ 14.281763] ? preempt_count_sub+0x50/0x80 [ 14.281786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.281809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.281847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.281871] kthread+0x337/0x6f0 [ 14.281891] ? trace_preempt_on+0x20/0xc0 [ 14.281914] ? __pfx_kthread+0x10/0x10 [ 14.281935] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.281955] ? calculate_sigpending+0x7b/0xa0 [ 14.281979] ? __pfx_kthread+0x10/0x10 [ 14.282000] ret_from_fork+0x116/0x1d0 [ 14.282019] ? __pfx_kthread+0x10/0x10 [ 14.282040] ret_from_fork_asm+0x1a/0x30 [ 14.282070] </TASK> [ 14.282081] [ 14.291466] The buggy address belongs to the physical page: [ 14.291700] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a74 [ 14.292035] flags: 0x200000000000000(node=0|zone=2) [ 14.292372] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.292638] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.292894] page dumped because: kasan: bad access detected [ 14.293070] [ 14.293141] Memory state around the buggy address: [ 14.293372] ffff888103a73f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.293691] ffff888103a73f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.294093] >ffff888103a74000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.294500] ^ [ 14.294640] ffff888103a74080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.294977] ffff888103a74100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.295419] ==================================================================