lkft/linux-mainline-master - v6.16-rc5-53-g8c2e52ebbe88 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 9, 2025, 11:07 p.m.

Environment
qemu-arm64
qemu-x86_64

[   18.635473] ==================================================================
[   18.635552] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.635616] Free of addr fff00000c76af600 by task kunit_try_catch/235
[   18.635976] 
[   18.636125] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   18.636436] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.636492] Hardware name: linux,dummy-virt (DT)
[   18.636625] Call trace:
[   18.636971]  show_stack+0x20/0x38 (C)
[   18.637103]  dump_stack_lvl+0x8c/0xd0
[   18.637170]  print_report+0x118/0x608
[   18.637430]  kasan_report_invalid_free+0xc0/0xe8
[   18.637631]  check_slab_allocation+0xd4/0x108
[   18.637756]  __kasan_mempool_poison_object+0x78/0x150
[   18.638077]  mempool_free+0x28c/0x328
[   18.638168]  mempool_double_free_helper+0x150/0x2e8
[   18.638221]  mempool_kmalloc_double_free+0xc0/0x118
[   18.638272]  kunit_try_run_case+0x170/0x3f0
[   18.638342]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.638397]  kthread+0x328/0x630
[   18.638440]  ret_from_fork+0x10/0x20
[   18.638510] 
[   18.638530] Allocated by task 235:
[   18.638562]  kasan_save_stack+0x3c/0x68
[   18.638604]  kasan_save_track+0x20/0x40
[   18.638641]  kasan_save_alloc_info+0x40/0x58
[   18.638687]  __kasan_mempool_unpoison_object+0x11c/0x180
[   18.638730]  remove_element+0x130/0x1f8
[   18.638774]  mempool_alloc_preallocated+0x58/0xc0
[   18.638822]  mempool_double_free_helper+0x94/0x2e8
[   18.638870]  mempool_kmalloc_double_free+0xc0/0x118
[   18.638912]  kunit_try_run_case+0x170/0x3f0
[   18.638949]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.638992]  kthread+0x328/0x630
[   18.639024]  ret_from_fork+0x10/0x20
[   18.639060] 
[   18.639080] Freed by task 235:
[   18.639107]  kasan_save_stack+0x3c/0x68
[   18.639715]  kasan_save_track+0x20/0x40
[   18.639785]  kasan_save_free_info+0x4c/0x78
[   18.639863]  __kasan_mempool_poison_object+0xc0/0x150
[   18.640040]  mempool_free+0x28c/0x328
[   18.640090]  mempool_double_free_helper+0x100/0x2e8
[   18.640142]  mempool_kmalloc_double_free+0xc0/0x118
[   18.640488]  kunit_try_run_case+0x170/0x3f0
[   18.640682]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.641032]  kthread+0x328/0x630
[   18.641189]  ret_from_fork+0x10/0x20
[   18.641264] 
[   18.641634] The buggy address belongs to the object at fff00000c76af600
[   18.641634]  which belongs to the cache kmalloc-128 of size 128
[   18.641766] The buggy address is located 0 bytes inside of
[   18.641766]  128-byte region [fff00000c76af600, fff00000c76af680)
[   18.641828] 
[   18.642146] The buggy address belongs to the physical page:
[   18.642229] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af
[   18.642542] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.642629] page_type: f5(slab)
[   18.642739] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   18.642836] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   18.643109] page dumped because: kasan: bad access detected
[   18.643276] 
[   18.643323] Memory state around the buggy address:
[   18.643443]  fff00000c76af500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.643510]  fff00000c76af580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.643602] >fff00000c76af600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.643641]                    ^
[   18.643668]  fff00000c76af680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.643992]  fff00000c76af700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.644140] ==================================================================
[   18.671321] ==================================================================
[   18.671383] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.671445] Free of addr fff00000c640c000 by task kunit_try_catch/239
[   18.671488] 
[   18.671526] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   18.671904] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.672125] Hardware name: linux,dummy-virt (DT)
[   18.672162] Call trace:
[   18.672214]  show_stack+0x20/0x38 (C)
[   18.672270]  dump_stack_lvl+0x8c/0xd0
[   18.672325]  print_report+0x118/0x608
[   18.672375]  kasan_report_invalid_free+0xc0/0xe8
[   18.672425]  __kasan_mempool_poison_pages+0xe0/0xe8
[   18.672489]  mempool_free+0x24c/0x328
[   18.672535]  mempool_double_free_helper+0x150/0x2e8
[   18.672598]  mempool_page_alloc_double_free+0xbc/0x118
[   18.672648]  kunit_try_run_case+0x170/0x3f0
[   18.672698]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.672750]  kthread+0x328/0x630
[   18.672809]  ret_from_fork+0x10/0x20
[   18.672861] 
[   18.672884] The buggy address belongs to the physical page:
[   18.672917] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10640c
[   18.672983] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.673049] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   18.673099] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   18.673151] page dumped because: kasan: bad access detected
[   18.673183] 
[   18.673201] Memory state around the buggy address:
[   18.673241]  fff00000c640bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.673294]  fff00000c640bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.673336] >fff00000c640c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.673384]                    ^
[   18.673423]  fff00000c640c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.673465]  fff00000c640c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.673510] ==================================================================
[   18.653880] ==================================================================
[   18.654037] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.654152] Free of addr fff00000c640c000 by task kunit_try_catch/237
[   18.654258] 
[   18.654294] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   18.654383] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.654411] Hardware name: linux,dummy-virt (DT)
[   18.654629] Call trace:
[   18.654845]  show_stack+0x20/0x38 (C)
[   18.654916]  dump_stack_lvl+0x8c/0xd0
[   18.654975]  print_report+0x118/0x608
[   18.655022]  kasan_report_invalid_free+0xc0/0xe8
[   18.655499]  __kasan_mempool_poison_object+0x14c/0x150
[   18.655698]  mempool_free+0x28c/0x328
[   18.655844]  mempool_double_free_helper+0x150/0x2e8
[   18.655932]  mempool_kmalloc_large_double_free+0xc0/0x118
[   18.655985]  kunit_try_run_case+0x170/0x3f0
[   18.656044]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.656504]  kthread+0x328/0x630
[   18.656655]  ret_from_fork+0x10/0x20
[   18.656851] 
[   18.656972] The buggy address belongs to the physical page:
[   18.657008] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10640c
[   18.657112] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   18.657580] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   18.657785] page_type: f8(unknown)
[   18.658078] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.658335] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.658468] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.659320] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.659416] head: 0bfffe0000000002 ffffc1ffc3190301 00000000ffffffff 00000000ffffffff
[   18.659476] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   18.659520] page dumped because: kasan: bad access detected
[   18.659551] 
[   18.659580] Memory state around the buggy address:
[   18.659922]  fff00000c640bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.659982]  fff00000c640bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.660032] >fff00000c640c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.660074]                    ^
[   18.660105]  fff00000c640c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.660663]  fff00000c640c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.660732] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zerZPZczpDOYcefs6dALqh6Fpn

job_id

TEST:linaro@lkft#2zerdbOsDmJGhDOOfcn5MGLINr4

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zerdbOsDmJGhDOOfcn5MGLINr4

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zeraWtQXXUq7AGlGnaJOh4wfW1/Image.gz
sha256sum	89f9acb15fbf6e84801bacbda6894745389368cc1918c11b82840929e5945e84

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zeraWtQXXUq7AGlGnaJOh4wfW1/modules.tar.xz
sha256sum	5b8f2c09ed37ecf5f0d0ccdea1b4979c0eea6c192632c1613f6c12550875e5c5

durations

tests

boot	0
kunit	180.51

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.226325] ==================================================================
[   14.226807] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.227322] Free of addr ffff888103990000 by task kunit_try_catch/254
[   14.227584] 
[   14.227681] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.227739] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.227751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.227773] Call Trace:
[   14.227784]  <TASK>
[   14.227800]  dump_stack_lvl+0x73/0xb0
[   14.227830]  print_report+0xd1/0x650
[   14.227852]  ? __virt_addr_valid+0x1db/0x2d0
[   14.227877]  ? kasan_addr_to_slab+0x11/0xa0
[   14.227897]  ? mempool_double_free_helper+0x184/0x370
[   14.227923]  kasan_report_invalid_free+0x10a/0x130
[   14.227948]  ? mempool_double_free_helper+0x184/0x370
[   14.227975]  ? mempool_double_free_helper+0x184/0x370
[   14.227999]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   14.228024]  mempool_free+0x2ec/0x380
[   14.228064]  mempool_double_free_helper+0x184/0x370
[   14.228088]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.228114]  ? __kasan_check_write+0x18/0x20
[   14.228134]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.228156]  ? finish_task_switch.isra.0+0x153/0x700
[   14.228183]  mempool_kmalloc_large_double_free+0xed/0x140
[   14.228208]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.228238]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.228261]  ? __pfx_mempool_kfree+0x10/0x10
[   14.228286]  ? __pfx_read_tsc+0x10/0x10
[   14.228307]  ? ktime_get_ts64+0x86/0x230
[   14.228335]  kunit_try_run_case+0x1a5/0x480
[   14.228359]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.228381]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.228407]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.228431]  ? __kthread_parkme+0x82/0x180
[   14.228451]  ? preempt_count_sub+0x50/0x80
[   14.228476]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.228500]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.228525]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.228551]  kthread+0x337/0x6f0
[   14.228570]  ? trace_preempt_on+0x20/0xc0
[   14.228594]  ? __pfx_kthread+0x10/0x10
[   14.228615]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.228636]  ? calculate_sigpending+0x7b/0xa0
[   14.228661]  ? __pfx_kthread+0x10/0x10
[   14.228683]  ret_from_fork+0x116/0x1d0
[   14.228711]  ? __pfx_kthread+0x10/0x10
[   14.228742]  ret_from_fork_asm+0x1a/0x30
[   14.228791]  </TASK>
[   14.228802] 
[   14.237563] The buggy address belongs to the physical page:
[   14.237839] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103990
[   14.238215] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.238518] flags: 0x200000000000040(head|node=0|zone=2)
[   14.238773] page_type: f8(unknown)
[   14.238958] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.239281] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.239629] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.239878] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.240115] head: 0200000000000002 ffffea00040e6401 00000000ffffffff 00000000ffffffff
[   14.240412] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.240777] page dumped because: kasan: bad access detected
[   14.241030] 
[   14.241226] Memory state around the buggy address:
[   14.241394]  ffff88810398ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.241609]  ffff88810398ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.241889] >ffff888103990000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.242481]                    ^
[   14.242649]  ffff888103990080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.242979]  ffff888103990100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.243459] ==================================================================
[   14.247859] ==================================================================
[   14.248462] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.248786] Free of addr ffff888102a44000 by task kunit_try_catch/256
[   14.249168] 
[   14.249268] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.249311] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.249323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.249343] Call Trace:
[   14.249354]  <TASK>
[   14.249369]  dump_stack_lvl+0x73/0xb0
[   14.249397]  print_report+0xd1/0x650
[   14.249418]  ? __virt_addr_valid+0x1db/0x2d0
[   14.249442]  ? kasan_addr_to_slab+0x11/0xa0
[   14.249462]  ? mempool_double_free_helper+0x184/0x370
[   14.249487]  kasan_report_invalid_free+0x10a/0x130
[   14.249512]  ? mempool_double_free_helper+0x184/0x370
[   14.249540]  ? mempool_double_free_helper+0x184/0x370
[   14.249563]  __kasan_mempool_poison_pages+0x115/0x130
[   14.249588]  mempool_free+0x290/0x380
[   14.249613]  mempool_double_free_helper+0x184/0x370
[   14.249638]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.249664]  ? __kasan_check_write+0x18/0x20
[   14.249684]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.249720]  ? finish_task_switch.isra.0+0x153/0x700
[   14.249747]  mempool_page_alloc_double_free+0xe8/0x140
[   14.249772]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   14.249801]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   14.249826]  ? __pfx_mempool_free_pages+0x10/0x10
[   14.249852]  ? __pfx_read_tsc+0x10/0x10
[   14.249872]  ? ktime_get_ts64+0x86/0x230
[   14.249896]  kunit_try_run_case+0x1a5/0x480
[   14.249919]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.249942]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.249966]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.249990]  ? __kthread_parkme+0x82/0x180
[   14.250011]  ? preempt_count_sub+0x50/0x80
[   14.250178]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.250205]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.250231]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.250256]  kthread+0x337/0x6f0
[   14.250275]  ? trace_preempt_on+0x20/0xc0
[   14.250299]  ? __pfx_kthread+0x10/0x10
[   14.250320]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.250341]  ? calculate_sigpending+0x7b/0xa0
[   14.250365]  ? __pfx_kthread+0x10/0x10
[   14.250387]  ret_from_fork+0x116/0x1d0
[   14.250406]  ? __pfx_kthread+0x10/0x10
[   14.250426]  ret_from_fork_asm+0x1a/0x30
[   14.250457]  </TASK>
[   14.250468] 
[   14.258749] The buggy address belongs to the physical page:
[   14.259010] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a44
[   14.260217] flags: 0x200000000000000(node=0|zone=2)
[   14.260406] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   14.260880] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   14.261220] page dumped because: kasan: bad access detected
[   14.261538] 
[   14.261636] Memory state around the buggy address:
[   14.261824]  ffff888102a43f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.262127]  ffff888102a43f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.262457] >ffff888102a44000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.262790]                    ^
[   14.263195]  ffff888102a44080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.263486]  ffff888102a44100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.263766] ==================================================================
[   14.187042] ==================================================================
[   14.187448] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.187692] Free of addr ffff88810291d900 by task kunit_try_catch/252
[   14.187905] 
[   14.187996] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.188039] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.188050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.188071] Call Trace:
[   14.188084]  <TASK>
[   14.188101]  dump_stack_lvl+0x73/0xb0
[   14.188130]  print_report+0xd1/0x650
[   14.188151]  ? __virt_addr_valid+0x1db/0x2d0
[   14.188176]  ? kasan_complete_mode_report_info+0x64/0x200
[   14.188198]  ? mempool_double_free_helper+0x184/0x370
[   14.188222]  kasan_report_invalid_free+0x10a/0x130
[   14.188246]  ? mempool_double_free_helper+0x184/0x370
[   14.188271]  ? mempool_double_free_helper+0x184/0x370
[   14.188294]  ? mempool_double_free_helper+0x184/0x370
[   14.188323]  check_slab_allocation+0x101/0x130
[   14.188344]  __kasan_mempool_poison_object+0x91/0x1d0
[   14.188367]  mempool_free+0x2ec/0x380
[   14.188394]  mempool_double_free_helper+0x184/0x370
[   14.188417]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.188443]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.188464]  ? finish_task_switch.isra.0+0x153/0x700
[   14.188490]  mempool_kmalloc_double_free+0xed/0x140
[   14.188512]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   14.188537]  ? __kasan_check_write+0x18/0x20
[   14.188556]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.188577]  ? __pfx_mempool_kfree+0x10/0x10
[   14.188602]  ? __pfx_read_tsc+0x10/0x10
[   14.188622]  ? ktime_get_ts64+0x86/0x230
[   14.188643]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.188669]  kunit_try_run_case+0x1a5/0x480
[   14.188694]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.189032]  ? queued_spin_lock_slowpath+0x116/0xb40
[   14.189061]  ? __kthread_parkme+0x82/0x180
[   14.189084]  ? preempt_count_sub+0x50/0x80
[   14.189107]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.189131]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.189326]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.189353]  kthread+0x337/0x6f0
[   14.189374]  ? trace_preempt_on+0x20/0xc0
[   14.189399]  ? __pfx_kthread+0x10/0x10
[   14.189628]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.189651]  ? calculate_sigpending+0x7b/0xa0
[   14.189677]  ? __pfx_kthread+0x10/0x10
[   14.189699]  ret_from_fork+0x116/0x1d0
[   14.189732]  ? __pfx_kthread+0x10/0x10
[   14.189752]  ret_from_fork_asm+0x1a/0x30
[   14.189785]  </TASK>
[   14.189795] 
[   14.204836] Allocated by task 252:
[   14.205001]  kasan_save_stack+0x45/0x70
[   14.205685]  kasan_save_track+0x18/0x40
[   14.206029]  kasan_save_alloc_info+0x3b/0x50
[   14.206587]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.207123]  remove_element+0x11e/0x190
[   14.207401]  mempool_alloc_preallocated+0x4d/0x90
[   14.207840]  mempool_double_free_helper+0x8a/0x370
[   14.208284]  mempool_kmalloc_double_free+0xed/0x140
[   14.208523]  kunit_try_run_case+0x1a5/0x480
[   14.208728]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.208963]  kthread+0x337/0x6f0
[   14.209526]  ret_from_fork+0x116/0x1d0
[   14.209845]  ret_from_fork_asm+0x1a/0x30
[   14.210197] 
[   14.210301] Freed by task 252:
[   14.210445]  kasan_save_stack+0x45/0x70
[   14.210622]  kasan_save_track+0x18/0x40
[   14.210807]  kasan_save_free_info+0x3f/0x60
[   14.210993]  __kasan_mempool_poison_object+0x131/0x1d0
[   14.211686]  mempool_free+0x2ec/0x380
[   14.212004]  mempool_double_free_helper+0x109/0x370
[   14.212310]  mempool_kmalloc_double_free+0xed/0x140
[   14.212532]  kunit_try_run_case+0x1a5/0x480
[   14.212731]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.212959]  kthread+0x337/0x6f0
[   14.213451]  ret_from_fork+0x116/0x1d0
[   14.213838]  ret_from_fork_asm+0x1a/0x30
[   14.214215] 
[   14.214314] The buggy address belongs to the object at ffff88810291d900
[   14.214314]  which belongs to the cache kmalloc-128 of size 128
[   14.214819] The buggy address is located 0 bytes inside of
[   14.214819]  128-byte region [ffff88810291d900, ffff88810291d980)
[   14.215770] 
[   14.216012] The buggy address belongs to the physical page:
[   14.216567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291d
[   14.217287] flags: 0x200000000000000(node=0|zone=2)
[   14.217647] page_type: f5(slab)
[   14.217841] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.218555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.218881] page dumped because: kasan: bad access detected
[   14.219557] 
[   14.219669] Memory state around the buggy address:
[   14.219903]  ffff88810291d800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.220682]  ffff88810291d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.221128] >ffff88810291d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.221427]                    ^
[   14.221580]  ffff88810291d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.221880]  ffff88810291da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.222558] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zerZPZczpDOYcefs6dALqh6Fpn

job_id

TEST:linaro@lkft#2zereWNnRLZAeOdMUNpobIiLjyq

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zereWNnRLZAeOdMUNpobIiLjyq

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zerbWFzcqSAFp8nphuQhLi402X/bzImage
sha256sum	268854fffad98cae17f08a82775371eb2820b0ac8cc4163845be9ad2651ac2eb

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zerbWFzcqSAFp8nphuQhLi402X/modules.tar.xz
sha256sum	3fdcd4639617aa7b9c8fff27fe84557c223c48cd8b5930857481938554180465

durations

tests

boot	0
kunit	211.36

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit