lkft/linux-mainline-master - v6.16-rc5-224-g379f604cc3dc - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 12, 2025, 11:09 a.m.

Environment
qemu-arm64
qemu-x86_64

[   22.078589] ==================================================================
[   22.078728] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   22.078852] Free of addr fff00000c79b8000 by task kunit_try_catch/240
[   22.078951] 
[   22.079021] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   22.079207] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.079272] Hardware name: linux,dummy-virt (DT)
[   22.079346] Call trace:
[   22.079397]  show_stack+0x20/0x38 (C)
[   22.079506]  dump_stack_lvl+0x8c/0xd0
[   22.079617]  print_report+0x118/0x608
[   22.079726]  kasan_report_invalid_free+0xc0/0xe8
[   22.080715]  __kasan_mempool_poison_pages+0xe0/0xe8
[   22.080875]  mempool_free+0x24c/0x328
[   22.080976]  mempool_double_free_helper+0x150/0x2e8
[   22.081088]  mempool_page_alloc_double_free+0xbc/0x118
[   22.081240]  kunit_try_run_case+0x170/0x3f0
[   22.081599]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.081707]  kthread+0x328/0x630
[   22.081813]  ret_from_fork+0x10/0x20
[   22.081920] 
[   22.081962] The buggy address belongs to the physical page:
[   22.082023] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8
[   22.082347] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   22.082532] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   22.082690] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   22.082799] page dumped because: kasan: bad access detected
[   22.082900] 
[   22.082951] Memory state around the buggy address:
[   22.083028]  fff00000c79b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.083318]  fff00000c79b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.083468] >fff00000c79b8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.083584]                    ^
[   22.083673]  fff00000c79b8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.083805]  fff00000c79b8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.083941] ==================================================================
[   22.016391] ==================================================================
[   22.016526] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   22.016647] Free of addr fff00000c5942100 by task kunit_try_catch/236
[   22.016741] 
[   22.016813] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   22.019359] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.020056] Hardware name: linux,dummy-virt (DT)
[   22.020528] Call trace:
[   22.020779]  show_stack+0x20/0x38 (C)
[   22.021431]  dump_stack_lvl+0x8c/0xd0
[   22.021948]  print_report+0x118/0x608
[   22.022178]  kasan_report_invalid_free+0xc0/0xe8
[   22.022891]  check_slab_allocation+0xd4/0x108
[   22.023145]  __kasan_mempool_poison_object+0x78/0x150
[   22.023394]  mempool_free+0x28c/0x328
[   22.024013]  mempool_double_free_helper+0x150/0x2e8
[   22.024711]  mempool_kmalloc_double_free+0xc0/0x118
[   22.025356]  kunit_try_run_case+0x170/0x3f0
[   22.025535]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.025645]  kthread+0x328/0x630
[   22.025738]  ret_from_fork+0x10/0x20
[   22.026724] 
[   22.026773] Allocated by task 236:
[   22.027389]  kasan_save_stack+0x3c/0x68
[   22.027512]  kasan_save_track+0x20/0x40
[   22.027609]  kasan_save_alloc_info+0x40/0x58
[   22.027703]  __kasan_mempool_unpoison_object+0x11c/0x180
[   22.027803]  remove_element+0x130/0x1f8
[   22.029469]  mempool_alloc_preallocated+0x58/0xc0
[   22.029570]  mempool_double_free_helper+0x94/0x2e8
[   22.030150]  mempool_kmalloc_double_free+0xc0/0x118
[   22.030466]  kunit_try_run_case+0x170/0x3f0
[   22.030640]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.030764]  kthread+0x328/0x630
[   22.030854]  ret_from_fork+0x10/0x20
[   22.030945] 
[   22.030991] Freed by task 236:
[   22.031412]  kasan_save_stack+0x3c/0x68
[   22.031667]  kasan_save_track+0x20/0x40
[   22.032310]  kasan_save_free_info+0x4c/0x78
[   22.032480]  __kasan_mempool_poison_object+0xc0/0x150
[   22.033258]  mempool_free+0x28c/0x328
[   22.033849]  mempool_double_free_helper+0x100/0x2e8
[   22.034028]  mempool_kmalloc_double_free+0xc0/0x118
[   22.034247]  kunit_try_run_case+0x170/0x3f0
[   22.034341]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.034440]  kthread+0x328/0x630
[   22.034509]  ret_from_fork+0x10/0x20
[   22.034604] 
[   22.034649] The buggy address belongs to the object at fff00000c5942100
[   22.034649]  which belongs to the cache kmalloc-128 of size 128
[   22.034793] The buggy address is located 0 bytes inside of
[   22.034793]  128-byte region [fff00000c5942100, fff00000c5942180)
[   22.036912] 
[   22.037190] The buggy address belongs to the physical page:
[   22.037274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942
[   22.037408] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   22.037525] page_type: f5(slab)
[   22.037615] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   22.037727] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.037785] page dumped because: kasan: bad access detected
[   22.037833] 
[   22.037908] Memory state around the buggy address:
[   22.037994]  fff00000c5942000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   22.038093]  fff00000c5942080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.038172] >fff00000c5942100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   22.038649]                    ^
[   22.038796]  fff00000c5942180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.038929]  fff00000c5942200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.039024] ==================================================================
[   22.051529] ==================================================================
[   22.051661] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   22.051781] Free of addr fff00000c79b8000 by task kunit_try_catch/238
[   22.052484] 
[   22.052596] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   22.052935] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.053006] Hardware name: linux,dummy-virt (DT)
[   22.053078] Call trace:
[   22.053129]  show_stack+0x20/0x38 (C)
[   22.053247]  dump_stack_lvl+0x8c/0xd0
[   22.053580]  print_report+0x118/0x608
[   22.053722]  kasan_report_invalid_free+0xc0/0xe8
[   22.053857]  __kasan_mempool_poison_object+0x14c/0x150
[   22.053986]  mempool_free+0x28c/0x328
[   22.054092]  mempool_double_free_helper+0x150/0x2e8
[   22.054210]  mempool_kmalloc_large_double_free+0xc0/0x118
[   22.054334]  kunit_try_run_case+0x170/0x3f0
[   22.054446]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.054818]  kthread+0x328/0x630
[   22.054918]  ret_from_fork+0x10/0x20
[   22.054975] 
[   22.055000] The buggy address belongs to the physical page:
[   22.055037] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8
[   22.055105] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.055158] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.055220] page_type: f8(unknown)
[   22.055268] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.055327] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.055382] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.055435] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.055489] head: 0bfffe0000000002 ffffc1ffc31e6e01 00000000ffffffff 00000000ffffffff
[   22.055542] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   22.055585] page dumped because: kasan: bad access detected
[   22.055620] 
[   22.055640] Memory state around the buggy address:
[   22.055677]  fff00000c79b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.055727]  fff00000c79b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.055774] >fff00000c79b8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.055815]                    ^
[   22.055891]  fff00000c79b8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.055977]  fff00000c79b8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   22.056065] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zlvaLrZSqyxKLgkP1ikhX5yASN

job_id

TEST:linaro@lkft#2zlverRb5fPdptEkZ6zMvlyzm1I

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zlverRb5fPdptEkZ6zMvlyzm1I

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zlvbiPPzjbfulszSj1CbdZDBg5/Image.gz
sha256sum	c9e48236e89d2de4ae2e1bd084878fc8548c676082f395c1121631c860b60412

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zlvbiPPzjbfulszSj1CbdZDBg5/modules.tar.xz
sha256sum	e24d92e515f54e515d26355283c0915768fc78096b724afb30cb660de602c681

durations

tests

boot	0
kunit	290.68

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.269244] ==================================================================
[   14.270479] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.271204] Free of addr ffff888102655c00 by task kunit_try_catch/253
[   14.272080] 
[   14.272338] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.272384] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.272396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.272417] Call Trace:
[   14.272430]  <TASK>
[   14.272450]  dump_stack_lvl+0x73/0xb0
[   14.272483]  print_report+0xd1/0x650
[   14.272507]  ? __virt_addr_valid+0x1db/0x2d0
[   14.272533]  ? kasan_complete_mode_report_info+0x64/0x200
[   14.272557]  ? mempool_double_free_helper+0x184/0x370
[   14.272583]  kasan_report_invalid_free+0x10a/0x130
[   14.272609]  ? mempool_double_free_helper+0x184/0x370
[   14.272636]  ? mempool_double_free_helper+0x184/0x370
[   14.272672]  ? mempool_double_free_helper+0x184/0x370
[   14.272697]  check_slab_allocation+0x101/0x130
[   14.272721]  __kasan_mempool_poison_object+0x91/0x1d0
[   14.272812]  mempool_free+0x2ec/0x380
[   14.272842]  mempool_double_free_helper+0x184/0x370
[   14.272867]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.272892]  ? update_load_avg+0x1be/0x21b0
[   14.272922]  ? finish_task_switch.isra.0+0x153/0x700
[   14.272950]  mempool_kmalloc_double_free+0xed/0x140
[   14.272975]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   14.273004]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.273027]  ? __pfx_mempool_kfree+0x10/0x10
[   14.273053]  ? __pfx_read_tsc+0x10/0x10
[   14.273076]  ? ktime_get_ts64+0x86/0x230
[   14.273102]  kunit_try_run_case+0x1a5/0x480
[   14.273129]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.273152]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.273178]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.273203]  ? __kthread_parkme+0x82/0x180
[   14.273225]  ? preempt_count_sub+0x50/0x80
[   14.273249]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.273277]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.273303]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.273331]  kthread+0x337/0x6f0
[   14.273350]  ? trace_preempt_on+0x20/0xc0
[   14.273374]  ? __pfx_kthread+0x10/0x10
[   14.273395]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.273418]  ? calculate_sigpending+0x7b/0xa0
[   14.273443]  ? __pfx_kthread+0x10/0x10
[   14.273466]  ret_from_fork+0x116/0x1d0
[   14.273485]  ? __pfx_kthread+0x10/0x10
[   14.273506]  ret_from_fork_asm+0x1a/0x30
[   14.273540]  </TASK>
[   14.273551] 
[   14.288896] Allocated by task 253:
[   14.289350]  kasan_save_stack+0x45/0x70
[   14.289783]  kasan_save_track+0x18/0x40
[   14.290165]  kasan_save_alloc_info+0x3b/0x50
[   14.290519]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.290710]  remove_element+0x11e/0x190
[   14.291237]  mempool_alloc_preallocated+0x4d/0x90
[   14.291535]  mempool_double_free_helper+0x8a/0x370
[   14.291880]  mempool_kmalloc_double_free+0xed/0x140
[   14.292119]  kunit_try_run_case+0x1a5/0x480
[   14.292268]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.292445]  kthread+0x337/0x6f0
[   14.292565]  ret_from_fork+0x116/0x1d0
[   14.292812]  ret_from_fork_asm+0x1a/0x30
[   14.293186] 
[   14.293419] Freed by task 253:
[   14.293801]  kasan_save_stack+0x45/0x70
[   14.294176]  kasan_save_track+0x18/0x40
[   14.294540]  kasan_save_free_info+0x3f/0x60
[   14.294997]  __kasan_mempool_poison_object+0x131/0x1d0
[   14.295543]  mempool_free+0x2ec/0x380
[   14.296935]  mempool_double_free_helper+0x109/0x370
[   14.297199]  mempool_kmalloc_double_free+0xed/0x140
[   14.297440]  kunit_try_run_case+0x1a5/0x480
[   14.297641]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.297830]  kthread+0x337/0x6f0
[   14.297950]  ret_from_fork+0x116/0x1d0
[   14.298081]  ret_from_fork_asm+0x1a/0x30
[   14.298219] 
[   14.298292] The buggy address belongs to the object at ffff888102655c00
[   14.298292]  which belongs to the cache kmalloc-128 of size 128
[   14.298667] The buggy address is located 0 bytes inside of
[   14.298667]  128-byte region [ffff888102655c00, ffff888102655c80)
[   14.301284] 
[   14.301874] The buggy address belongs to the physical page:
[   14.302592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102655
[   14.303579] flags: 0x200000000000000(node=0|zone=2)
[   14.304384] page_type: f5(slab)
[   14.304592] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.305509] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.306042] page dumped because: kasan: bad access detected
[   14.306224] 
[   14.306295] Memory state around the buggy address:
[   14.306458]  ffff888102655b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.306691]  ffff888102655b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.307280] >ffff888102655c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.308044]                    ^
[   14.308360]  ffff888102655c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.309154]  ffff888102655d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.309458] ==================================================================
[   14.338802] ==================================================================
[   14.340068] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.340488] Free of addr ffff888102bd0000 by task kunit_try_catch/257
[   14.340927] 
[   14.341049] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.341094] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.341106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.341127] Call Trace:
[   14.341140]  <TASK>
[   14.341180]  dump_stack_lvl+0x73/0xb0
[   14.341213]  print_report+0xd1/0x650
[   14.341236]  ? __virt_addr_valid+0x1db/0x2d0
[   14.341280]  ? kasan_addr_to_slab+0x11/0xa0
[   14.341301]  ? mempool_double_free_helper+0x184/0x370
[   14.341326]  kasan_report_invalid_free+0x10a/0x130
[   14.341351]  ? mempool_double_free_helper+0x184/0x370
[   14.341378]  ? mempool_double_free_helper+0x184/0x370
[   14.341403]  __kasan_mempool_poison_pages+0x115/0x130
[   14.341428]  mempool_free+0x290/0x380
[   14.341456]  mempool_double_free_helper+0x184/0x370
[   14.341482]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.341509]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.341533]  ? finish_task_switch.isra.0+0x153/0x700
[   14.341559]  mempool_page_alloc_double_free+0xe8/0x140
[   14.341585]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   14.341615]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   14.341639]  ? __pfx_mempool_free_pages+0x10/0x10
[   14.341683]  ? __pfx_read_tsc+0x10/0x10
[   14.341706]  ? ktime_get_ts64+0x86/0x230
[   14.341731]  kunit_try_run_case+0x1a5/0x480
[   14.341789]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.341989]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.342018]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.342043]  ? __kthread_parkme+0x82/0x180
[   14.342065]  ? preempt_count_sub+0x50/0x80
[   14.342088]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.342113]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.342140]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.342165]  kthread+0x337/0x6f0
[   14.342184]  ? trace_preempt_on+0x20/0xc0
[   14.342209]  ? __pfx_kthread+0x10/0x10
[   14.342230]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.342251]  ? calculate_sigpending+0x7b/0xa0
[   14.342276]  ? __pfx_kthread+0x10/0x10
[   14.342297]  ret_from_fork+0x116/0x1d0
[   14.342316]  ? __pfx_kthread+0x10/0x10
[   14.342336]  ret_from_fork_asm+0x1a/0x30
[   14.342374]  </TASK>
[   14.342385] 
[   14.352779] The buggy address belongs to the physical page:
[   14.353041] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd0
[   14.353434] flags: 0x200000000000000(node=0|zone=2)
[   14.353679] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   14.354517] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   14.355077] page dumped because: kasan: bad access detected
[   14.355318] 
[   14.355386] Memory state around the buggy address:
[   14.355609]  ffff888102bcff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.356018]  ffff888102bcff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.356324] >ffff888102bd0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.356649]                    ^
[   14.356920]  ffff888102bd0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.357298]  ffff888102bd0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.357771] ==================================================================
[   14.312603] ==================================================================
[   14.313862] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.314560] Free of addr ffff888103b74000 by task kunit_try_catch/255
[   14.315012] 
[   14.315106] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.315149] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.315161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.315182] Call Trace:
[   14.315196]  <TASK>
[   14.315211]  dump_stack_lvl+0x73/0xb0
[   14.315241]  print_report+0xd1/0x650
[   14.315264]  ? __virt_addr_valid+0x1db/0x2d0
[   14.315288]  ? kasan_addr_to_slab+0x11/0xa0
[   14.315308]  ? mempool_double_free_helper+0x184/0x370
[   14.315334]  kasan_report_invalid_free+0x10a/0x130
[   14.315359]  ? mempool_double_free_helper+0x184/0x370
[   14.315386]  ? mempool_double_free_helper+0x184/0x370
[   14.315410]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   14.315435]  mempool_free+0x2ec/0x380
[   14.315462]  mempool_double_free_helper+0x184/0x370
[   14.315487]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.315515]  ? finish_task_switch.isra.0+0x153/0x700
[   14.315542]  mempool_kmalloc_large_double_free+0xed/0x140
[   14.315567]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.315597]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.315620]  ? __pfx_mempool_kfree+0x10/0x10
[   14.315693]  ? __pfx_read_tsc+0x10/0x10
[   14.315717]  ? ktime_get_ts64+0x86/0x230
[   14.315776]  kunit_try_run_case+0x1a5/0x480
[   14.315802]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.315825]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.315884]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.315907]  ? __kthread_parkme+0x82/0x180
[   14.315928]  ? preempt_count_sub+0x50/0x80
[   14.315952]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.315977]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.316001]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.316026]  kthread+0x337/0x6f0
[   14.316045]  ? trace_preempt_on+0x20/0xc0
[   14.316069]  ? __pfx_kthread+0x10/0x10
[   14.316090]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.316112]  ? calculate_sigpending+0x7b/0xa0
[   14.316136]  ? __pfx_kthread+0x10/0x10
[   14.316158]  ret_from_fork+0x116/0x1d0
[   14.316176]  ? __pfx_kthread+0x10/0x10
[   14.316197]  ret_from_fork_asm+0x1a/0x30
[   14.316227]  </TASK>
[   14.316237] 
[   14.328476] The buggy address belongs to the physical page:
[   14.328663] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b74
[   14.329269] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.329613] flags: 0x200000000000040(head|node=0|zone=2)
[   14.330002] page_type: f8(unknown)
[   14.330131] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.330521] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.330859] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.331203] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.331496] head: 0200000000000002 ffffea00040edd01 00000000ffffffff 00000000ffffffff
[   14.331981] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.332346] page dumped because: kasan: bad access detected
[   14.332546] 
[   14.332640] Memory state around the buggy address:
[   14.333051]  ffff888103b73f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.333472]  ffff888103b73f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.333938] >ffff888103b74000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.334295]                    ^
[   14.334449]  ffff888103b74080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.334926]  ffff888103b74100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.335260] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zlvaLrZSqyxKLgkP1ikhX5yASN

job_id

TEST:linaro@lkft#2zlvfyTmTyminRKXkr1Gwqf6AqT

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zlvfyTmTyminRKXkr1Gwqf6AqT

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zlvdC7xMQ1AuKzcmJ9sl7lyJZU/bzImage
sha256sum	f2525a42db3db7704392b60a0a7b6300b86c21d1b4e3f0c9a4ee165428e9e2ac

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zlvdC7xMQ1AuKzcmJ9sl7lyJZU/modules.tar.xz
sha256sum	3e7e7b5cd868a19ceea397cd34a8ca08bcda09aac07bf76e95a38de35372b59a

durations

tests

boot	0
kunit	211.02

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit