[   10.619734][  T259] ip (259) used greatest stack depth: 23864 bytes left
[   10.706544][  T260] ip (260) used greatest stack depth: 23808 bytes left
[   19.132898][   T50] ==================================================================
[   19.133264][   T50] BUG: KASAN: use-after-free in page_pool_item_uninit+0x100/0x130
[   19.133458][   T50] Read of size 8 at addr ffff8880024c7008 by task kworker/1:1/50
[   19.133642][   T50] 
[   19.133708][   T50] CPU: 1 UID: 0 PID: 50 Comm: kworker/1:1 Not tainted 6.13.0-rc5-virtme #1
[   19.133938][   T50] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   19.134106][   T50] Workqueue: events page_pool_release_retry
[   19.134275][   T50] Call Trace:
[   19.134374][   T50]  <TASK>
[   19.134444][   T50]  dump_stack_lvl+0x82/0xd0
[   19.134578][   T50]  print_address_description.constprop.0+0x2c/0x3b0
[   19.134740][   T50]  ? page_pool_item_uninit+0x100/0x130
[   19.134873][   T50]  print_report+0xb4/0x270
[   19.135002][   T50]  ? kasan_addr_to_slab+0x25/0x80
[   19.135132][   T50]  kasan_report+0xbd/0xf0
[   19.135232][   T50]  ? page_pool_item_uninit+0x100/0x130
[   19.135365][   T50]  page_pool_item_uninit+0x100/0x130
[   19.135494][   T50]  page_pool_release+0x44a/0x5b0
[   19.135624][   T50]  ? __pfx_page_pool_release+0x10/0x10
[   19.135753][   T50]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   19.135888][   T50]  ? trace_lock_acquire+0x14c/0x1f0
[   19.136044][   T50]  ? trace_lock_acquire+0x14c/0x1f0
[   19.136173][   T50]  page_pool_release_retry+0x21/0x290
[   19.136299][   T50]  ? trace_workqueue_execute_start+0xe7/0x150
[   19.136458][   T50]  process_one_work+0xe55/0x16d0
[   19.136588][   T50]  ? __pfx___lock_release+0x10/0x10
[   19.136713][   T50]  ? __pfx_process_one_work+0x10/0x10
[   19.136841][   T50]  ? assign_work+0x16c/0x240
[   19.136969][   T50]  worker_thread+0x58c/0xce0
[   19.137098][   T50]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   19.137262][   T50]  ? __pfx_worker_thread+0x10/0x10
[   19.137389][   T50]  ? __pfx_worker_thread+0x10/0x10
[   19.137514][   T50]  kthread+0x28a/0x350
[   19.137613][   T50]  ? __pfx_kthread+0x10/0x10
[   19.137740][   T50]  ret_from_fork+0x31/0x70
[   19.137871][   T50]  ? __pfx_kthread+0x10/0x10
[   19.137996][   T50]  ret_from_fork_asm+0x1a/0x30
[   19.138131][   T50]  </TASK>
[   19.138228][   T50] 
[   19.138296][   T50] The buggy address belongs to the physical page:
[   19.138450][   T50] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880024c7f08 pfn:0x24c7
[   19.138703][   T50] flags: 0x80000000000000(node=0|zone=1)
[   19.138840][   T50] raw: 0080000000000000 ffffea00001433c8 ffff88806d0c2fa0 0000000000000000
[   19.139065][   T50] raw: ffff8880024c7f08 0000000000000000 00000000ffffffff 0000000000000000
[   19.139287][   T50] page dumped because: kasan: bad access detected
[   19.139446][   T50] 
[   19.139511][   T50] Memory state around the buggy address:
[   19.139637][   T50]  ffff8880024c6f00: fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb fb
[   19.139821][   T50]  ffff8880024c6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.140005][   T50] >ffff8880024c7000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.140191][   T50]                       ^
[   19.140288][   T50]  ffff8880024c7080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.140470][   T50]  ffff8880024c7100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.140663][   T50] ==================================================================
[   19.140864][   T50] Disabling lock debugging due to kernel taint