lkft/linux-mainline-master - v6.16-rc5-193-g40f92e79b0aa - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 11, 2025, 11:09 p.m.

Environment
qemu-arm64
qemu-x86_64

[   18.837179] ==================================================================
[   18.837446] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.837855] Free of addr fff00000c7864000 by task kunit_try_catch/240
[   18.837958] 
[   18.838137] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   18.838246] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.838273] Hardware name: linux,dummy-virt (DT)
[   18.838323] Call trace:
[   18.838390]  show_stack+0x20/0x38 (C)
[   18.838762]  dump_stack_lvl+0x8c/0xd0
[   18.838892]  print_report+0x118/0x608
[   18.838984]  kasan_report_invalid_free+0xc0/0xe8
[   18.839127]  __kasan_mempool_poison_pages+0xe0/0xe8
[   18.839226]  mempool_free+0x24c/0x328
[   18.839273]  mempool_double_free_helper+0x150/0x2e8
[   18.839328]  mempool_page_alloc_double_free+0xbc/0x118
[   18.839594]  kunit_try_run_case+0x170/0x3f0
[   18.839770]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.839881]  kthread+0x328/0x630
[   18.839968]  ret_from_fork+0x10/0x20
[   18.840320] 
[   18.840363] The buggy address belongs to the physical page:
[   18.840460] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107864
[   18.840554] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.840992] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   18.841148] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   18.841546] page dumped because: kasan: bad access detected
[   18.841702] 
[   18.841770] Memory state around the buggy address:
[   18.841808]  fff00000c7863f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.842138]  fff00000c7863f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.842323] >fff00000c7864000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.842621]                    ^
[   18.842714]  fff00000c7864080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.843092]  fff00000c7864100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.843457] ==================================================================
[   18.804077] ==================================================================
[   18.804148] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.804207] Free of addr fff00000c5872f00 by task kunit_try_catch/236
[   18.804249] 
[   18.804283] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   18.804367] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.804392] Hardware name: linux,dummy-virt (DT)
[   18.804425] Call trace:
[   18.804448]  show_stack+0x20/0x38 (C)
[   18.804498]  dump_stack_lvl+0x8c/0xd0
[   18.804545]  print_report+0x118/0x608
[   18.804592]  kasan_report_invalid_free+0xc0/0xe8
[   18.804641]  check_slab_allocation+0xd4/0x108
[   18.804689]  __kasan_mempool_poison_object+0x78/0x150
[   18.804741]  mempool_free+0x28c/0x328
[   18.804786]  mempool_double_free_helper+0x150/0x2e8
[   18.804835]  mempool_kmalloc_double_free+0xc0/0x118
[   18.804900]  kunit_try_run_case+0x170/0x3f0
[   18.804948]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.805000]  kthread+0x328/0x630
[   18.805044]  ret_from_fork+0x10/0x20
[   18.805091] 
[   18.805109] Allocated by task 236:
[   18.805140]  kasan_save_stack+0x3c/0x68
[   18.805180]  kasan_save_track+0x20/0x40
[   18.805217]  kasan_save_alloc_info+0x40/0x58
[   18.805255]  __kasan_mempool_unpoison_object+0x11c/0x180
[   18.805298]  remove_element+0x130/0x1f8
[   18.805331]  mempool_alloc_preallocated+0x58/0xc0
[   18.805370]  mempool_double_free_helper+0x94/0x2e8
[   18.805407]  mempool_kmalloc_double_free+0xc0/0x118
[   18.805447]  kunit_try_run_case+0x170/0x3f0
[   18.805484]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.805527]  kthread+0x328/0x630
[   18.805558]  ret_from_fork+0x10/0x20
[   18.805595] 
[   18.805614] Freed by task 236:
[   18.805640]  kasan_save_stack+0x3c/0x68
[   18.805678]  kasan_save_track+0x20/0x40
[   18.805712]  kasan_save_free_info+0x4c/0x78
[   18.805751]  __kasan_mempool_poison_object+0xc0/0x150
[   18.805792]  mempool_free+0x28c/0x328
[   18.805826]  mempool_double_free_helper+0x100/0x2e8
[   18.805875]  mempool_kmalloc_double_free+0xc0/0x118
[   18.805914]  kunit_try_run_case+0x170/0x3f0
[   18.805952]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.805996]  kthread+0x328/0x630
[   18.806028]  ret_from_fork+0x10/0x20
[   18.806062] 
[   18.806080] The buggy address belongs to the object at fff00000c5872f00
[   18.806080]  which belongs to the cache kmalloc-128 of size 128
[   18.806138] The buggy address is located 0 bytes inside of
[   18.806138]  128-byte region [fff00000c5872f00, fff00000c5872f80)
[   18.806198] 
[   18.806218] The buggy address belongs to the physical page:
[   18.806249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105872
[   18.806300] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.806348] page_type: f5(slab)
[   18.806388] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   18.806438] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   18.806479] page dumped because: kasan: bad access detected
[   18.806508] 
[   18.806529] Memory state around the buggy address:
[   18.806560]  fff00000c5872e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.806605]  fff00000c5872e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.806647] >fff00000c5872f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.806685]                    ^
[   18.806711]  fff00000c5872f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.806971]  fff00000c5873000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.807014] ==================================================================
[   18.816365] ==================================================================
[   18.816423] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.816479] Free of addr fff00000c7864000 by task kunit_try_catch/238
[   18.816520] 
[   18.816553] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   18.816636] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.816665] Hardware name: linux,dummy-virt (DT)
[   18.816695] Call trace:
[   18.816715]  show_stack+0x20/0x38 (C)
[   18.816765]  dump_stack_lvl+0x8c/0xd0
[   18.816812]  print_report+0x118/0x608
[   18.817072]  kasan_report_invalid_free+0xc0/0xe8
[   18.817296]  __kasan_mempool_poison_object+0x14c/0x150
[   18.817583]  mempool_free+0x28c/0x328
[   18.817764]  mempool_double_free_helper+0x150/0x2e8
[   18.817868]  mempool_kmalloc_large_double_free+0xc0/0x118
[   18.817966]  kunit_try_run_case+0x170/0x3f0
[   18.818013]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.818066]  kthread+0x328/0x630
[   18.818315]  ret_from_fork+0x10/0x20
[   18.818467] 
[   18.818488] The buggy address belongs to the physical page:
[   18.818522] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107864
[   18.818638] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   18.818686] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   18.819180] page_type: f8(unknown)
[   18.819242] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.819294] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.819359] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.819547] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.819597] head: 0bfffe0000000002 ffffc1ffc31e1901 00000000ffffffff 00000000ffffffff
[   18.819645] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   18.819729] page dumped because: kasan: bad access detected
[   18.819871] 
[   18.819951] Memory state around the buggy address:
[   18.819983]  fff00000c7863f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.820135]  fff00000c7863f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.820211] >fff00000c7864000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.820276]                    ^
[   18.820304]  fff00000c7864080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.820381]  fff00000c7864100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.820441] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zkW2ND3P9jnCEoicJVrQGQQHjY

job_id

TEST:linaro@lkft#2zkW7UZxPiH1T464u20hwJIzMWq

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zkW7UZxPiH1T464u20hwJIzMWq

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zkW3wj806saKni9EMQhcTGaoE0/Image.gz
sha256sum	73455ba8c867cc31230938836185eba847c55da4ba6373a74526940ec423a2fc

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zkW3wj806saKni9EMQhcTGaoE0/modules.tar.xz
sha256sum	b3a38b7dc2158aa4df654dd76a8d8d3385fffbddc38ddea05f97ea9d33ec2580

durations

tests

boot	0
kunit	180.70

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.050216] ==================================================================
[   14.050702] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.051424] Free of addr ffff888102a58000 by task kunit_try_catch/254
[   14.052100] 
[   14.052285] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.052343] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.052355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.052377] Call Trace:
[   14.052389]  <TASK>
[   14.052404]  dump_stack_lvl+0x73/0xb0
[   14.052442]  print_report+0xd1/0x650
[   14.052464]  ? __virt_addr_valid+0x1db/0x2d0
[   14.052488]  ? kasan_addr_to_slab+0x11/0xa0
[   14.052520]  ? mempool_double_free_helper+0x184/0x370
[   14.052545]  kasan_report_invalid_free+0x10a/0x130
[   14.052571]  ? mempool_double_free_helper+0x184/0x370
[   14.052599]  ? mempool_double_free_helper+0x184/0x370
[   14.052624]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   14.052650]  mempool_free+0x2ec/0x380
[   14.052676]  mempool_double_free_helper+0x184/0x370
[   14.052702]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.052726]  ? update_load_avg+0x1be/0x21b0
[   14.052758]  ? update_load_avg+0x1be/0x21b0
[   14.052780]  ? update_curr+0x80/0x810
[   14.052802]  ? irqentry_exit+0x2a/0x60
[   14.052823]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.052851]  mempool_kmalloc_large_double_free+0xed/0x140
[   14.052878]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.052908]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.052942]  ? __pfx_mempool_kfree+0x10/0x10
[   14.052966]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.052996]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.053042]  kunit_try_run_case+0x1a5/0x480
[   14.053066]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.053090]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.053114]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.053140]  ? __kthread_parkme+0x82/0x180
[   14.053161]  ? preempt_count_sub+0x50/0x80
[   14.053185]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.053210]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.053236]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.053262]  kthread+0x337/0x6f0
[   14.053281]  ? trace_preempt_on+0x20/0xc0
[   14.053305]  ? __pfx_kthread+0x10/0x10
[   14.053326]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.053348]  ? calculate_sigpending+0x7b/0xa0
[   14.053372]  ? __pfx_kthread+0x10/0x10
[   14.053394]  ret_from_fork+0x116/0x1d0
[   14.053413]  ? __pfx_kthread+0x10/0x10
[   14.053434]  ret_from_fork_asm+0x1a/0x30
[   14.053466]  </TASK>
[   14.053476] 
[   14.063336] The buggy address belongs to the physical page:
[   14.063608] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58
[   14.064024] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.064312] flags: 0x200000000000040(head|node=0|zone=2)
[   14.064530] page_type: f8(unknown)
[   14.064707] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.065063] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.065301] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.065631] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.066101] head: 0200000000000002 ffffea00040a9601 00000000ffffffff 00000000ffffffff
[   14.066421] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.066653] page dumped because: kasan: bad access detected
[   14.067044] 
[   14.067177] Memory state around the buggy address:
[   14.067477]  ffff888102a57f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.067899]  ffff888102a57f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.068479] >ffff888102a58000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.068821]                    ^
[   14.068947]  ffff888102a58080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.069497]  ffff888102a58100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.069859] ==================================================================
[   14.075810] ==================================================================
[   14.076633] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.076881] Free of addr ffff8881039c4000 by task kunit_try_catch/256
[   14.077100] 
[   14.077188] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.077232] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.077243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.077262] Call Trace:
[   14.077274]  <TASK>
[   14.077288]  dump_stack_lvl+0x73/0xb0
[   14.077317]  print_report+0xd1/0x650
[   14.077339]  ? __virt_addr_valid+0x1db/0x2d0
[   14.077363]  ? kasan_addr_to_slab+0x11/0xa0
[   14.077382]  ? mempool_double_free_helper+0x184/0x370
[   14.077406]  kasan_report_invalid_free+0x10a/0x130
[   14.077432]  ? mempool_double_free_helper+0x184/0x370
[   14.077459]  ? mempool_double_free_helper+0x184/0x370
[   14.077483]  __kasan_mempool_poison_pages+0x115/0x130
[   14.077507]  mempool_free+0x290/0x380
[   14.077535]  mempool_double_free_helper+0x184/0x370
[   14.077561]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.077587]  ? __kasan_check_write+0x18/0x20
[   14.077607]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.078379]  ? finish_task_switch.isra.0+0x153/0x700
[   14.078413]  mempool_page_alloc_double_free+0xe8/0x140
[   14.078454]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   14.078485]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   14.078518]  ? __pfx_mempool_free_pages+0x10/0x10
[   14.078545]  ? __pfx_read_tsc+0x10/0x10
[   14.078567]  ? ktime_get_ts64+0x86/0x230
[   14.078592]  kunit_try_run_case+0x1a5/0x480
[   14.078617]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.078669]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.078694]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.078719]  ? __kthread_parkme+0x82/0x180
[   14.078986]  ? preempt_count_sub+0x50/0x80
[   14.079024]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.079049]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.079076]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.079102]  kthread+0x337/0x6f0
[   14.079121]  ? trace_preempt_on+0x20/0xc0
[   14.079146]  ? __pfx_kthread+0x10/0x10
[   14.079167]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.079189]  ? calculate_sigpending+0x7b/0xa0
[   14.079213]  ? __pfx_kthread+0x10/0x10
[   14.079235]  ret_from_fork+0x116/0x1d0
[   14.079254]  ? __pfx_kthread+0x10/0x10
[   14.079275]  ret_from_fork_asm+0x1a/0x30
[   14.079307]  </TASK>
[   14.079317] 
[   14.096707] The buggy address belongs to the physical page:
[   14.097191] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c4
[   14.098112] flags: 0x200000000000000(node=0|zone=2)
[   14.098407] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   14.098645] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   14.099136] page dumped because: kasan: bad access detected
[   14.099659] 
[   14.099831] Memory state around the buggy address:
[   14.100327]  ffff8881039c3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.100988]  ffff8881039c3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.101418] >ffff8881039c4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.101632]                    ^
[   14.101748]  ffff8881039c4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.101990]  ffff8881039c4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.102346] ==================================================================
[   14.010458] ==================================================================
[   14.011328] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.011684] Free of addr ffff888103953600 by task kunit_try_catch/252
[   14.012372] 
[   14.012592] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.012647] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.012659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.012681] Call Trace:
[   14.012694]  <TASK>
[   14.012711]  dump_stack_lvl+0x73/0xb0
[   14.012790]  print_report+0xd1/0x650
[   14.012814]  ? __virt_addr_valid+0x1db/0x2d0
[   14.012840]  ? kasan_complete_mode_report_info+0x64/0x200
[   14.012874]  ? mempool_double_free_helper+0x184/0x370
[   14.012899]  kasan_report_invalid_free+0x10a/0x130
[   14.012934]  ? mempool_double_free_helper+0x184/0x370
[   14.012960]  ? mempool_double_free_helper+0x184/0x370
[   14.012984]  ? mempool_double_free_helper+0x184/0x370
[   14.013033]  check_slab_allocation+0x101/0x130
[   14.013056]  __kasan_mempool_poison_object+0x91/0x1d0
[   14.013082]  mempool_free+0x2ec/0x380
[   14.013110]  mempool_double_free_helper+0x184/0x370
[   14.013134]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.013161]  ? __kasan_check_write+0x18/0x20
[   14.013180]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.013202]  ? finish_task_switch.isra.0+0x153/0x700
[   14.013230]  mempool_kmalloc_double_free+0xed/0x140
[   14.013254]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   14.013282]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.013304]  ? __pfx_mempool_kfree+0x10/0x10
[   14.013330]  ? __pfx_read_tsc+0x10/0x10
[   14.013352]  ? ktime_get_ts64+0x86/0x230
[   14.013378]  kunit_try_run_case+0x1a5/0x480
[   14.013404]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.013427]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.013451]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.013476]  ? __kthread_parkme+0x82/0x180
[   14.013497]  ? preempt_count_sub+0x50/0x80
[   14.013520]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.013545]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.013569]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.013594]  kthread+0x337/0x6f0
[   14.013613]  ? trace_preempt_on+0x20/0xc0
[   14.013637]  ? __pfx_kthread+0x10/0x10
[   14.013657]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.013679]  ? calculate_sigpending+0x7b/0xa0
[   14.013703]  ? __pfx_kthread+0x10/0x10
[   14.013724]  ret_from_fork+0x116/0x1d0
[   14.013759]  ? __pfx_kthread+0x10/0x10
[   14.013780]  ret_from_fork_asm+0x1a/0x30
[   14.013812]  </TASK>
[   14.013822] 
[   14.027278] Allocated by task 252:
[   14.027620]  kasan_save_stack+0x45/0x70
[   14.028102]  kasan_save_track+0x18/0x40
[   14.028580]  kasan_save_alloc_info+0x3b/0x50
[   14.029069]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.029546]  remove_element+0x11e/0x190
[   14.029937]  mempool_alloc_preallocated+0x4d/0x90
[   14.030557]  mempool_double_free_helper+0x8a/0x370
[   14.031016]  mempool_kmalloc_double_free+0xed/0x140
[   14.031495]  kunit_try_run_case+0x1a5/0x480
[   14.031898]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.032505]  kthread+0x337/0x6f0
[   14.032904]  ret_from_fork+0x116/0x1d0
[   14.033298]  ret_from_fork_asm+0x1a/0x30
[   14.033664] 
[   14.033841] Freed by task 252:
[   14.034213]  kasan_save_stack+0x45/0x70
[   14.034707]  kasan_save_track+0x18/0x40
[   14.035207]  kasan_save_free_info+0x3f/0x60
[   14.035597]  __kasan_mempool_poison_object+0x131/0x1d0
[   14.036154]  mempool_free+0x2ec/0x380
[   14.036505]  mempool_double_free_helper+0x109/0x370
[   14.036977]  mempool_kmalloc_double_free+0xed/0x140
[   14.037524]  kunit_try_run_case+0x1a5/0x480
[   14.038035]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.038664]  kthread+0x337/0x6f0
[   14.039051]  ret_from_fork+0x116/0x1d0
[   14.039356]  ret_from_fork_asm+0x1a/0x30
[   14.039494] 
[   14.039562] The buggy address belongs to the object at ffff888103953600
[   14.039562]  which belongs to the cache kmalloc-128 of size 128
[   14.039913] The buggy address is located 0 bytes inside of
[   14.039913]  128-byte region [ffff888103953600, ffff888103953680)
[   14.040540] 
[   14.040738] The buggy address belongs to the physical page:
[   14.041205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953
[   14.041439] flags: 0x200000000000000(node=0|zone=2)
[   14.041595] page_type: f5(slab)
[   14.041711] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.042492] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.043402] page dumped because: kasan: bad access detected
[   14.043937] 
[   14.044128] Memory state around the buggy address:
[   14.044542]  ffff888103953500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.044819]  ffff888103953580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.045509] >ffff888103953600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.045996]                    ^
[   14.046378]  ffff888103953680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.046829]  ffff888103953700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.047332] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zkW2ND3P9jnCEoicJVrQGQQHjY

job_id

TEST:linaro@lkft#2zkW8T0rf8x1xNcZqJ5ltfUVkWA

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zkW8T0rf8x1xNcZqJ5ltfUVkWA

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zkW5SdH8zGtoVoimUJeXjK1iDY/bzImage
sha256sum	7f21af14d55a2a6c00657897b5a61581bc03fb7498328917a2f2ae35737ec23d

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zkW5SdH8zGtoVoimUJeXjK1iDY/modules.tar.xz
sha256sum	390422b5b27780b5bdc518a6075ef4179367a706b7d88bc8e5416986229d72fd

durations

tests

boot	0
kunit	209.86

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit