lkft/linux-mainline-master - v6.16-rc4-123-g4c06e63b9203 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 3, 2025, 11:10 p.m.

Environment
qemu-arm64
qemu-x86_64

[   22.315591] ==================================================================
[   22.315748] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   22.315881] Free of addr fff00000c7958000 by task kunit_try_catch/237
[   22.316346] 
[   22.316523] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   22.316741] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.316816] Hardware name: linux,dummy-virt (DT)
[   22.316896] Call trace:
[   22.316950]  show_stack+0x20/0x38 (C)
[   22.317400]  dump_stack_lvl+0x8c/0xd0
[   22.317613]  print_report+0x118/0x608
[   22.317873]  kasan_report_invalid_free+0xc0/0xe8
[   22.318006]  __kasan_mempool_poison_object+0x14c/0x150
[   22.318353]  mempool_free+0x28c/0x328
[   22.318543]  mempool_double_free_helper+0x150/0x2e8
[   22.318854]  mempool_kmalloc_large_double_free+0xc0/0x118
[   22.319115]  kunit_try_run_case+0x170/0x3f0
[   22.319318]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.319614]  kthread+0x328/0x630
[   22.319895]  ret_from_fork+0x10/0x20
[   22.320157] 
[   22.320204] The buggy address belongs to the physical page:
[   22.320294] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107958
[   22.320612] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.320946] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.321092] page_type: f8(unknown)
[   22.321186] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.321299] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.321408] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.321750] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.322180] head: 0bfffe0000000002 ffffc1ffc31e5601 00000000ffffffff 00000000ffffffff
[   22.322478] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   22.322811] page dumped because: kasan: bad access detected
[   22.322883] 
[   22.322931] Memory state around the buggy address:
[   22.323001]  fff00000c7957f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.323136]  fff00000c7957f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.323231] >fff00000c7958000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.323339]                    ^
[   22.323438]  fff00000c7958080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.323699]  fff00000c7958100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.323866] ==================================================================
[   22.333371] ==================================================================
[   22.333534] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   22.333718] Free of addr fff00000c7958000 by task kunit_try_catch/239
[   22.333882] 
[   22.333961] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   22.334156] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.334219] Hardware name: linux,dummy-virt (DT)
[   22.334293] Call trace:
[   22.334341]  show_stack+0x20/0x38 (C)
[   22.334455]  dump_stack_lvl+0x8c/0xd0
[   22.334550]  print_report+0x118/0x608
[   22.334657]  kasan_report_invalid_free+0xc0/0xe8
[   22.334760]  __kasan_mempool_poison_pages+0xe0/0xe8
[   22.334855]  mempool_free+0x24c/0x328
[   22.334945]  mempool_double_free_helper+0x150/0x2e8
[   22.335062]  mempool_page_alloc_double_free+0xbc/0x118
[   22.335161]  kunit_try_run_case+0x170/0x3f0
[   22.335262]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.335366]  kthread+0x328/0x630
[   22.335470]  ret_from_fork+0x10/0x20
[   22.335587] 
[   22.335630] The buggy address belongs to the physical page:
[   22.335703] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107958
[   22.335827] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   22.335962] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   22.336095] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   22.336188] page dumped because: kasan: bad access detected
[   22.336257] 
[   22.336294] Memory state around the buggy address:
[   22.336370]  fff00000c7957f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.336460]  fff00000c7957f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.336560] >fff00000c7958000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.336641]                    ^
[   22.336699]  fff00000c7958080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.336799]  fff00000c7958100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.336892] ==================================================================
[   22.283973] ==================================================================
[   22.284149] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   22.284290] Free of addr fff00000c77efa00 by task kunit_try_catch/235
[   22.284388] 
[   22.284478] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   22.284691] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.284760] Hardware name: linux,dummy-virt (DT)
[   22.284845] Call trace:
[   22.284907]  show_stack+0x20/0x38 (C)
[   22.285277]  dump_stack_lvl+0x8c/0xd0
[   22.285429]  print_report+0x118/0x608
[   22.285541]  kasan_report_invalid_free+0xc0/0xe8
[   22.285653]  check_slab_allocation+0xd4/0x108
[   22.286682]  __kasan_mempool_poison_object+0x78/0x150
[   22.286860]  mempool_free+0x28c/0x328
[   22.286974]  mempool_double_free_helper+0x150/0x2e8
[   22.287119]  mempool_kmalloc_double_free+0xc0/0x118
[   22.287259]  kunit_try_run_case+0x170/0x3f0
[   22.287424]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.287558]  kthread+0x328/0x630
[   22.287693]  ret_from_fork+0x10/0x20
[   22.287842] 
[   22.287888] Allocated by task 235:
[   22.287962]  kasan_save_stack+0x3c/0x68
[   22.288076]  kasan_save_track+0x20/0x40
[   22.288147]  kasan_save_alloc_info+0x40/0x58
[   22.288231]  __kasan_mempool_unpoison_object+0x11c/0x180
[   22.288331]  remove_element+0x130/0x1f8
[   22.288798]  mempool_alloc_preallocated+0x58/0xc0
[   22.289131]  mempool_double_free_helper+0x94/0x2e8
[   22.289223]  mempool_kmalloc_double_free+0xc0/0x118
[   22.289353]  kunit_try_run_case+0x170/0x3f0
[   22.289631]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.289786]  kthread+0x328/0x630
[   22.289940]  ret_from_fork+0x10/0x20
[   22.290247] 
[   22.290302] Freed by task 235:
[   22.290423]  kasan_save_stack+0x3c/0x68
[   22.290522]  kasan_save_track+0x20/0x40
[   22.290610]  kasan_save_free_info+0x4c/0x78
[   22.290729]  __kasan_mempool_poison_object+0xc0/0x150
[   22.290837]  mempool_free+0x28c/0x328
[   22.290981]  mempool_double_free_helper+0x100/0x2e8
[   22.291323]  mempool_kmalloc_double_free+0xc0/0x118
[   22.291438]  kunit_try_run_case+0x170/0x3f0
[   22.291532]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.291631]  kthread+0x328/0x630
[   22.291700]  ret_from_fork+0x10/0x20
[   22.291780] 
[   22.291828] The buggy address belongs to the object at fff00000c77efa00
[   22.291828]  which belongs to the cache kmalloc-128 of size 128
[   22.291969] The buggy address is located 0 bytes inside of
[   22.291969]  128-byte region [fff00000c77efa00, fff00000c77efa80)
[   22.292330] 
[   22.292378] The buggy address belongs to the physical page:
[   22.292452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ef
[   22.292614] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   22.292738] page_type: f5(slab)
[   22.292840] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   22.292982] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.293104] page dumped because: kasan: bad access detected
[   22.293186] 
[   22.293230] Memory state around the buggy address:
[   22.293312]  fff00000c77ef900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   22.293413]  fff00000c77ef980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.293509] >fff00000c77efa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   22.293597]                    ^
[   22.294831]  fff00000c77efa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.295104]  fff00000c77efb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.295213] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zNv5yvBPQPFs0AlDSVKFmCWGjk

job_id

TEST:linaro@lkft#2zNvAH2g4ermDeisaxH4EvgiTxa

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zNvAH2g4ermDeisaxH4EvgiTxa

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNv76IuwowkYB4Sjr8DEDXB6KX/Image.gz
sha256sum	90ec95b90bf87b5324c2dbcf89d31393975c6b7e5ec37927e4403529f8acf5c3

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNv76IuwowkYB4Sjr8DEDXB6KX/modules.tar.xz
sha256sum	f86904e93834acd0f5a270dfcf178475dde11d8026543e037dd3a943f3bfae11

durations

tests

boot	0
kunit	273.15

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   13.214066] ==================================================================
[   13.215734] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   13.216146] Free of addr ffff888103960000 by task kunit_try_catch/254
[   13.216563] 
[   13.217021] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   13.217071] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.217083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.217105] Call Trace:
[   13.217116]  <TASK>
[   13.217171]  dump_stack_lvl+0x73/0xb0
[   13.217201]  print_report+0xd1/0x650
[   13.217224]  ? __virt_addr_valid+0x1db/0x2d0
[   13.217247]  ? kasan_addr_to_slab+0x11/0xa0
[   13.217268]  ? mempool_double_free_helper+0x184/0x370
[   13.217291]  kasan_report_invalid_free+0x10a/0x130
[   13.217316]  ? mempool_double_free_helper+0x184/0x370
[   13.217342]  ? mempool_double_free_helper+0x184/0x370
[   13.217364]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   13.217387]  mempool_free+0x2ec/0x380
[   13.217409]  mempool_double_free_helper+0x184/0x370
[   13.217431]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   13.217477]  ? update_load_avg+0x1be/0x21b0
[   13.217504]  ? finish_task_switch.isra.0+0x153/0x700
[   13.217528]  mempool_kmalloc_large_double_free+0xed/0x140
[   13.217552]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   13.217579]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.217602]  ? __pfx_mempool_kfree+0x10/0x10
[   13.217626]  ? __pfx_read_tsc+0x10/0x10
[   13.217646]  ? ktime_get_ts64+0x86/0x230
[   13.217669]  kunit_try_run_case+0x1a5/0x480
[   13.217692]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.217714]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.217736]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.217758]  ? __kthread_parkme+0x82/0x180
[   13.217778]  ? preempt_count_sub+0x50/0x80
[   13.217800]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.217822]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.217845]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.217867]  kthread+0x337/0x6f0
[   13.217885]  ? trace_preempt_on+0x20/0xc0
[   13.217908]  ? __pfx_kthread+0x10/0x10
[   13.217928]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.217948]  ? calculate_sigpending+0x7b/0xa0
[   13.217972]  ? __pfx_kthread+0x10/0x10
[   13.217992]  ret_from_fork+0x116/0x1d0
[   13.218009]  ? __pfx_kthread+0x10/0x10
[   13.218028]  ret_from_fork_asm+0x1a/0x30
[   13.218057]  </TASK>
[   13.218067] 
[   13.233231] The buggy address belongs to the physical page:
[   13.233724] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103960
[   13.234225] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   13.234717] flags: 0x200000000000040(head|node=0|zone=2)
[   13.235259] page_type: f8(unknown)
[   13.235510] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.236182] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.236474] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.237255] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.237847] head: 0200000000000002 ffffea00040e5801 00000000ffffffff 00000000ffffffff
[   13.238089] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   13.238655] page dumped because: kasan: bad access detected
[   13.239255] 
[   13.239454] Memory state around the buggy address:
[   13.240151]  ffff88810395ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.240903]  ffff88810395ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.241533] >ffff888103960000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.241949]                    ^
[   13.242073]  ffff888103960080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.242394]  ffff888103960100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.243077] ==================================================================
[   13.247323] ==================================================================
[   13.247915] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   13.248609] Free of addr ffff888103964000 by task kunit_try_catch/256
[   13.249466] 
[   13.249657] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   13.249705] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.249718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.249739] Call Trace:
[   13.249753]  <TASK>
[   13.249768]  dump_stack_lvl+0x73/0xb0
[   13.249798]  print_report+0xd1/0x650
[   13.249819]  ? __virt_addr_valid+0x1db/0x2d0
[   13.249844]  ? kasan_addr_to_slab+0x11/0xa0
[   13.249863]  ? mempool_double_free_helper+0x184/0x370
[   13.249887]  kasan_report_invalid_free+0x10a/0x130
[   13.249911]  ? mempool_double_free_helper+0x184/0x370
[   13.249936]  ? mempool_double_free_helper+0x184/0x370
[   13.249958]  __kasan_mempool_poison_pages+0x115/0x130
[   13.249983]  mempool_free+0x290/0x380
[   13.250005]  mempool_double_free_helper+0x184/0x370
[   13.250028]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   13.250055]  ? finish_task_switch.isra.0+0x153/0x700
[   13.250079]  mempool_page_alloc_double_free+0xe8/0x140
[   13.250102]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   13.250140]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   13.250160]  ? __pfx_mempool_free_pages+0x10/0x10
[   13.250181]  ? __pfx_read_tsc+0x10/0x10
[   13.250201]  ? ktime_get_ts64+0x86/0x230
[   13.250224]  kunit_try_run_case+0x1a5/0x480
[   13.250247]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.250269]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.250292]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.250316]  ? __kthread_parkme+0x82/0x180
[   13.250338]  ? preempt_count_sub+0x50/0x80
[   13.250371]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.250394]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.250416]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.250449]  kthread+0x337/0x6f0
[   13.250468]  ? trace_preempt_on+0x20/0xc0
[   13.250490]  ? __pfx_kthread+0x10/0x10
[   13.250514]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.250534]  ? calculate_sigpending+0x7b/0xa0
[   13.250557]  ? __pfx_kthread+0x10/0x10
[   13.250578]  ret_from_fork+0x116/0x1d0
[   13.250597]  ? __pfx_kthread+0x10/0x10
[   13.250616]  ret_from_fork_asm+0x1a/0x30
[   13.250644]  </TASK>
[   13.250655] 
[   13.265790] The buggy address belongs to the physical page:
[   13.266140] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103964
[   13.266719] flags: 0x200000000000000(node=0|zone=2)
[   13.267073] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   13.267680] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   13.268438] page dumped because: kasan: bad access detected
[   13.268790] 
[   13.268863] Memory state around the buggy address:
[   13.269023]  ffff888103963f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.269298]  ffff888103963f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.269699] >ffff888103964000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.270027]                    ^
[   13.270247]  ffff888103964080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.270651]  ffff888103964100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.271237] ==================================================================
[   13.169488] ==================================================================
[   13.169941] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   13.170221] Free of addr ffff88810319a600 by task kunit_try_catch/252
[   13.170630] 
[   13.170750] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   13.170796] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.170809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.170829] Call Trace:
[   13.170841]  <TASK>
[   13.170898]  dump_stack_lvl+0x73/0xb0
[   13.170928]  print_report+0xd1/0x650
[   13.171289]  ? __virt_addr_valid+0x1db/0x2d0
[   13.171341]  ? kasan_complete_mode_report_info+0x64/0x200
[   13.171364]  ? mempool_double_free_helper+0x184/0x370
[   13.171388]  kasan_report_invalid_free+0x10a/0x130
[   13.171412]  ? mempool_double_free_helper+0x184/0x370
[   13.171437]  ? mempool_double_free_helper+0x184/0x370
[   13.171458]  ? mempool_double_free_helper+0x184/0x370
[   13.171481]  check_slab_allocation+0x101/0x130
[   13.171502]  __kasan_mempool_poison_object+0x91/0x1d0
[   13.171526]  mempool_free+0x2ec/0x380
[   13.171549]  mempool_double_free_helper+0x184/0x370
[   13.171572]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   13.171595]  ? __kasan_check_write+0x18/0x20
[   13.171615]  ? __pfx_sched_clock_cpu+0x10/0x10
[   13.171637]  ? finish_task_switch.isra.0+0x153/0x700
[   13.171662]  mempool_kmalloc_double_free+0xed/0x140
[   13.171685]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   13.171712]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.171735]  ? __pfx_mempool_kfree+0x10/0x10
[   13.171760]  ? __pfx_read_tsc+0x10/0x10
[   13.171782]  ? ktime_get_ts64+0x86/0x230
[   13.171806]  kunit_try_run_case+0x1a5/0x480
[   13.171829]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.171851]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.171873]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.171896]  ? __kthread_parkme+0x82/0x180
[   13.171917]  ? preempt_count_sub+0x50/0x80
[   13.171938]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.171961]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.171982]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.172006]  kthread+0x337/0x6f0
[   13.172026]  ? trace_preempt_on+0x20/0xc0
[   13.172048]  ? __pfx_kthread+0x10/0x10
[   13.172069]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.172089]  ? calculate_sigpending+0x7b/0xa0
[   13.172112]  ? __pfx_kthread+0x10/0x10
[   13.172161]  ret_from_fork+0x116/0x1d0
[   13.172179]  ? __pfx_kthread+0x10/0x10
[   13.172199]  ret_from_fork_asm+0x1a/0x30
[   13.172230]  </TASK>
[   13.172241] 
[   13.187107] Allocated by task 252:
[   13.188380]  kasan_save_stack+0x45/0x70
[   13.188973]  kasan_save_track+0x18/0x40
[   13.189719]  kasan_save_alloc_info+0x3b/0x50
[   13.190460]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   13.190900]  remove_element+0x11e/0x190
[   13.191049]  mempool_alloc_preallocated+0x4d/0x90
[   13.191225]  mempool_double_free_helper+0x8a/0x370
[   13.191886]  mempool_kmalloc_double_free+0xed/0x140
[   13.192544]  kunit_try_run_case+0x1a5/0x480
[   13.193115]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.194014]  kthread+0x337/0x6f0
[   13.194658]  ret_from_fork+0x116/0x1d0
[   13.194818]  ret_from_fork_asm+0x1a/0x30
[   13.194962] 
[   13.195033] Freed by task 252:
[   13.195231]  kasan_save_stack+0x45/0x70
[   13.195581]  kasan_save_track+0x18/0x40
[   13.196042]  kasan_save_free_info+0x3f/0x60
[   13.196538]  __kasan_mempool_poison_object+0x131/0x1d0
[   13.197075]  mempool_free+0x2ec/0x380
[   13.197521]  mempool_double_free_helper+0x109/0x370
[   13.197784]  mempool_kmalloc_double_free+0xed/0x140
[   13.197949]  kunit_try_run_case+0x1a5/0x480
[   13.198093]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.198617]  kthread+0x337/0x6f0
[   13.198911]  ret_from_fork+0x116/0x1d0
[   13.199302]  ret_from_fork_asm+0x1a/0x30
[   13.199823] 
[   13.199992] The buggy address belongs to the object at ffff88810319a600
[   13.199992]  which belongs to the cache kmalloc-128 of size 128
[   13.201099] The buggy address is located 0 bytes inside of
[   13.201099]  128-byte region [ffff88810319a600, ffff88810319a680)
[   13.202140] 
[   13.202238] The buggy address belongs to the physical page:
[   13.202812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10319a
[   13.203585] flags: 0x200000000000000(node=0|zone=2)
[   13.203763] page_type: f5(slab)
[   13.203889] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   13.204134] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   13.204769] page dumped because: kasan: bad access detected
[   13.205320] 
[   13.205712] Memory state around the buggy address:
[   13.206225]  ffff88810319a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.207005]  ffff88810319a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.207795] >ffff88810319a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.208521]                    ^
[   13.208840]  ffff88810319a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.209498]  ffff88810319a700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.210407] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zNv5yvBPQPFs0AlDSVKFmCWGjk

job_id

TEST:linaro@lkft#2zNvBO4D4nc0xKyTPLk608IUly0

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zNvBO4D4nc0xKyTPLk608IUly0

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNv836Th26QbKhGWrQRhDUjHyV/bzImage
sha256sum	48253da22fbaa889314b6cbcef930a574b8fb498c8287c6334dfcaaac35d2646

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNv836Th26QbKhGWrQRhDUjHyV/modules.tar.xz
sha256sum	ceda07de898d2f66eaee5047a2cf908012cff52074f56af21475cacb7f203cfd

durations

tests

boot	0
kunit	203.42

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit