lkft/linux-mainline-master - v6.16-rc6-121-g6832a9317eee - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 17, 2025, 11:11 p.m.

Environment
qemu-arm64
qemu-x86_64

[   18.762740] ==================================================================
[   18.762804] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.763350] Free of addr fff00000c656aa00 by task kunit_try_catch/235
[   18.763414] 
[   18.763573] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   18.763666] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.763967] Hardware name: linux,dummy-virt (DT)
[   18.764020] Call trace:
[   18.764228]  show_stack+0x20/0x38 (C)
[   18.764705]  dump_stack_lvl+0x8c/0xd0
[   18.764801]  print_report+0x118/0x5d0
[   18.764896]  kasan_report_invalid_free+0xc0/0xe8
[   18.764946]  check_slab_allocation+0xd4/0x108
[   18.764995]  __kasan_mempool_poison_object+0x78/0x150
[   18.765045]  mempool_free+0x28c/0x328
[   18.765106]  mempool_double_free_helper+0x150/0x2e8
[   18.765155]  mempool_kmalloc_double_free+0xc0/0x118
[   18.765203]  kunit_try_run_case+0x170/0x3f0
[   18.765260]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.765329]  kthread+0x328/0x630
[   18.765372]  ret_from_fork+0x10/0x20
[   18.765428] 
[   18.765447] Allocated by task 235:
[   18.765487]  kasan_save_stack+0x3c/0x68
[   18.765528]  kasan_save_track+0x20/0x40
[   18.765576]  kasan_save_alloc_info+0x40/0x58
[   18.765614]  __kasan_mempool_unpoison_object+0x11c/0x180
[   18.765656]  remove_element+0x130/0x1f8
[   18.765700]  mempool_alloc_preallocated+0x58/0xc0
[   18.765748]  mempool_double_free_helper+0x94/0x2e8
[   18.765796]  mempool_kmalloc_double_free+0xc0/0x118
[   18.765836]  kunit_try_run_case+0x170/0x3f0
[   18.765884]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.765927]  kthread+0x328/0x630
[   18.765959]  ret_from_fork+0x10/0x20
[   18.766005] 
[   18.766034] Freed by task 235:
[   18.766060]  kasan_save_stack+0x3c/0x68
[   18.766111]  kasan_save_track+0x20/0x40
[   18.766159]  kasan_save_free_info+0x4c/0x78
[   18.766198]  __kasan_mempool_poison_object+0xc0/0x150
[   18.766239]  mempool_free+0x28c/0x328
[   18.766288]  mempool_double_free_helper+0x100/0x2e8
[   18.766329]  mempool_kmalloc_double_free+0xc0/0x118
[   18.766389]  kunit_try_run_case+0x170/0x3f0
[   18.766427]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.766477]  kthread+0x328/0x630
[   18.766515]  ret_from_fork+0x10/0x20
[   18.766549] 
[   18.766567] The buggy address belongs to the object at fff00000c656aa00
[   18.766567]  which belongs to the cache kmalloc-128 of size 128
[   18.766626] The buggy address is located 0 bytes inside of
[   18.766626]  128-byte region [fff00000c656aa00, fff00000c656aa80)
[   18.766685] 
[   18.766711] The buggy address belongs to the physical page:
[   18.766763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656a
[   18.766819] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.767857] page_type: f5(slab)
[   18.767943] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   18.767997] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   18.768037] page dumped because: kasan: bad access detected
[   18.768179] 
[   18.768410] Memory state around the buggy address:
[   18.768526]  fff00000c656a900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.768706]  fff00000c656a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.769239] >fff00000c656aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.769503]                    ^
[   18.769640]  fff00000c656aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.769800]  fff00000c656ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.770013] ==================================================================
[   18.781441] ==================================================================
[   18.781502] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.781918] Free of addr fff00000c79b4000 by task kunit_try_catch/237
[   18.782228] 
[   18.782282] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   18.782593] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.782978] Hardware name: linux,dummy-virt (DT)
[   18.783034] Call trace:
[   18.783128]  show_stack+0x20/0x38 (C)
[   18.783408]  dump_stack_lvl+0x8c/0xd0
[   18.783549]  print_report+0x118/0x5d0
[   18.783774]  kasan_report_invalid_free+0xc0/0xe8
[   18.783942]  __kasan_mempool_poison_object+0x14c/0x150
[   18.783999]  mempool_free+0x28c/0x328
[   18.784044]  mempool_double_free_helper+0x150/0x2e8
[   18.784240]  mempool_kmalloc_large_double_free+0xc0/0x118
[   18.784515]  kunit_try_run_case+0x170/0x3f0
[   18.784905]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.785112]  kthread+0x328/0x630
[   18.785311]  ret_from_fork+0x10/0x20
[   18.785455] 
[   18.785577] The buggy address belongs to the physical page:
[   18.785651] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b4
[   18.785970] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   18.786347] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   18.786550] page_type: f8(unknown)
[   18.786606] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.786809] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.787064] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.787132] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.787488] head: 0bfffe0000000002 ffffc1ffc31e6d01 00000000ffffffff 00000000ffffffff
[   18.787588] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   18.787656] page dumped because: kasan: bad access detected
[   18.787837] 
[   18.788175] Memory state around the buggy address:
[   18.788329]  fff00000c79b3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.788478]  fff00000c79b3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.788532] >fff00000c79b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.788571]                    ^
[   18.788609]  fff00000c79b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.788651]  fff00000c79b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.788829] ==================================================================
[   18.797916] ==================================================================
[   18.798076] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.798139] Free of addr fff00000c79b4000 by task kunit_try_catch/239
[   18.798304] 
[   18.798348] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   18.798577] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.798608] Hardware name: linux,dummy-virt (DT)
[   18.798645] Call trace:
[   18.798685]  show_stack+0x20/0x38 (C)
[   18.798745]  dump_stack_lvl+0x8c/0xd0
[   18.799003]  print_report+0x118/0x5d0
[   18.799273]  kasan_report_invalid_free+0xc0/0xe8
[   18.799343]  __kasan_mempool_poison_pages+0xe0/0xe8
[   18.799783]  mempool_free+0x24c/0x328
[   18.799845]  mempool_double_free_helper+0x150/0x2e8
[   18.799911]  mempool_page_alloc_double_free+0xbc/0x118
[   18.799962]  kunit_try_run_case+0x170/0x3f0
[   18.800013]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.800067]  kthread+0x328/0x630
[   18.800120]  ret_from_fork+0x10/0x20
[   18.800169] 
[   18.800192] The buggy address belongs to the physical page:
[   18.800225] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b4
[   18.800278] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.800341] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   18.800390] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   18.800432] page dumped because: kasan: bad access detected
[   18.800472] 
[   18.800490] Memory state around the buggy address:
[   18.800535]  fff00000c79b3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.800587]  fff00000c79b3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.800635] >fff00000c79b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.800674]                    ^
[   18.800703]  fff00000c79b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.800743]  fff00000c79b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.800787] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

301T1hhn39ydHFy5rptQHsDW0S9

job_id

TEST:linaro@lkft#301T6gpYLeLGmQWpD00AWQfumjV

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/301T6gpYLeLGmQWpD00AWQfumjV

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/301T39wHoz6bxp2ayFJ1MYtxW4T/Image.gz
sha256sum	1e8a96425b394266b80f5a87f3e4c17a0920d75b386a58c4ea821fbec08b62cd

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/301T39wHoz6bxp2ayFJ1MYtxW4T/modules.tar.xz
sha256sum	2d1b6550fa3f9a7bcd72ff05007bba0c70779bc2a8f1888e75b7d4efc5d9e554

durations

tests

boot	0
kunit	176.79

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.028686] ==================================================================
[   14.029289] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.029590] Free of addr ffff888102b48000 by task kunit_try_catch/256
[   14.029890] 
[   14.030117] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.030167] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.030178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.030201] Call Trace:
[   14.030217]  <TASK>
[   14.030234]  dump_stack_lvl+0x73/0xb0
[   14.030265]  print_report+0xd1/0x610
[   14.030288]  ? __virt_addr_valid+0x1db/0x2d0
[   14.030313]  ? kasan_addr_to_slab+0x11/0xa0
[   14.030333]  ? mempool_double_free_helper+0x184/0x370
[   14.030358]  kasan_report_invalid_free+0x10a/0x130
[   14.030382]  ? mempool_double_free_helper+0x184/0x370
[   14.030409]  ? mempool_double_free_helper+0x184/0x370
[   14.030432]  __kasan_mempool_poison_pages+0x115/0x130
[   14.030456]  mempool_free+0x290/0x380
[   14.030484]  mempool_double_free_helper+0x184/0x370
[   14.030507]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.030532]  ? __kasan_check_write+0x18/0x20
[   14.030552]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.030573]  ? finish_task_switch.isra.0+0x153/0x700
[   14.030611]  mempool_page_alloc_double_free+0xe8/0x140
[   14.030637]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   14.030666]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   14.030690]  ? __pfx_mempool_free_pages+0x10/0x10
[   14.030715]  ? __pfx_read_tsc+0x10/0x10
[   14.030736]  ? ktime_get_ts64+0x86/0x230
[   14.030761]  kunit_try_run_case+0x1a5/0x480
[   14.030789]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.030811]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.030836]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.030859]  ? __kthread_parkme+0x82/0x180
[   14.030879]  ? preempt_count_sub+0x50/0x80
[   14.030953]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.030980]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.031005]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.031029]  kthread+0x337/0x6f0
[   14.031048]  ? trace_preempt_on+0x20/0xc0
[   14.031084]  ? __pfx_kthread+0x10/0x10
[   14.031104]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.031126]  ? calculate_sigpending+0x7b/0xa0
[   14.031151]  ? __pfx_kthread+0x10/0x10
[   14.031172]  ret_from_fork+0x116/0x1d0
[   14.031191]  ? __pfx_kthread+0x10/0x10
[   14.031210]  ret_from_fork_asm+0x1a/0x30
[   14.031244]  </TASK>
[   14.031255] 
[   14.043215] The buggy address belongs to the physical page:
[   14.043667] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b48
[   14.044135] flags: 0x200000000000000(node=0|zone=2)
[   14.044376] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   14.045040] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   14.045388] page dumped because: kasan: bad access detected
[   14.045726] 
[   14.045931] Memory state around the buggy address:
[   14.046245]  ffff888102b47f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.046536]  ffff888102b47f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.047107] >ffff888102b48000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.047494]                    ^
[   14.047662]  ffff888102b48080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.048175]  ffff888102b48100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.048482] ==================================================================
[   14.002617] ==================================================================
[   14.003417] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.003751] Free of addr ffff888103ab8000 by task kunit_try_catch/254
[   14.004009] 
[   14.004127] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.004174] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.004186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.004209] Call Trace:
[   14.004224]  <TASK>
[   14.004242]  dump_stack_lvl+0x73/0xb0
[   14.004270]  print_report+0xd1/0x610
[   14.004292]  ? __virt_addr_valid+0x1db/0x2d0
[   14.004316]  ? kasan_addr_to_slab+0x11/0xa0
[   14.004336]  ? mempool_double_free_helper+0x184/0x370
[   14.004361]  kasan_report_invalid_free+0x10a/0x130
[   14.004386]  ? mempool_double_free_helper+0x184/0x370
[   14.004413]  ? mempool_double_free_helper+0x184/0x370
[   14.004435]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   14.004460]  mempool_free+0x2ec/0x380
[   14.004486]  mempool_double_free_helper+0x184/0x370
[   14.004510]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.004535]  ? __kasan_check_write+0x18/0x20
[   14.004554]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.004576]  ? finish_task_switch.isra.0+0x153/0x700
[   14.004602]  mempool_kmalloc_large_double_free+0xed/0x140
[   14.004627]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.004655]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.004678]  ? __pfx_mempool_kfree+0x10/0x10
[   14.004703]  ? __pfx_read_tsc+0x10/0x10
[   14.004724]  ? ktime_get_ts64+0x86/0x230
[   14.004749]  kunit_try_run_case+0x1a5/0x480
[   14.004776]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.004798]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.004822]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.004846]  ? __kthread_parkme+0x82/0x180
[   14.004866]  ? preempt_count_sub+0x50/0x80
[   14.004890]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.004914]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.004937]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.004961]  kthread+0x337/0x6f0
[   14.005080]  ? trace_preempt_on+0x20/0xc0
[   14.005108]  ? __pfx_kthread+0x10/0x10
[   14.005129]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.005151]  ? calculate_sigpending+0x7b/0xa0
[   14.005175]  ? __pfx_kthread+0x10/0x10
[   14.005195]  ret_from_fork+0x116/0x1d0
[   14.005213]  ? __pfx_kthread+0x10/0x10
[   14.005234]  ret_from_fork_asm+0x1a/0x30
[   14.005266]  </TASK>
[   14.005276] 
[   14.017466] The buggy address belongs to the physical page:
[   14.018019] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab8
[   14.018460] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.019122] flags: 0x200000000000040(head|node=0|zone=2)
[   14.019447] page_type: f8(unknown)
[   14.019619] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.020177] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.020515] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.021033] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.021449] head: 0200000000000002 ffffea00040eae01 00000000ffffffff 00000000ffffffff
[   14.021939] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.022384] page dumped because: kasan: bad access detected
[   14.022587] 
[   14.022697] Memory state around the buggy address:
[   14.022920]  ffff888103ab7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.023790]  ffff888103ab7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.024305] >ffff888103ab8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.024586]                    ^
[   14.024739]  ffff888103ab8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.025284]  ffff888103ab8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.025702] ==================================================================
[   13.971985] ==================================================================
[   13.972429] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   13.973139] Free of addr ffff888102f42800 by task kunit_try_catch/252
[   13.974019] 
[   13.974245] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   13.974295] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.974307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.974330] Call Trace:
[   13.974343]  <TASK>
[   13.974360]  dump_stack_lvl+0x73/0xb0
[   13.974392]  print_report+0xd1/0x610
[   13.974416]  ? __virt_addr_valid+0x1db/0x2d0
[   13.974441]  ? kasan_complete_mode_report_info+0x64/0x200
[   13.974464]  ? mempool_double_free_helper+0x184/0x370
[   13.974491]  kasan_report_invalid_free+0x10a/0x130
[   13.974516]  ? mempool_double_free_helper+0x184/0x370
[   13.974543]  ? mempool_double_free_helper+0x184/0x370
[   13.974566]  ? mempool_double_free_helper+0x184/0x370
[   13.974597]  check_slab_allocation+0x101/0x130
[   13.974618]  __kasan_mempool_poison_object+0x91/0x1d0
[   13.974644]  mempool_free+0x2ec/0x380
[   13.974672]  mempool_double_free_helper+0x184/0x370
[   13.974695]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   13.974721]  ? ret_from_fork+0x116/0x1d0
[   13.974740]  ? kthread+0x337/0x6f0
[   13.974761]  ? ret_from_fork_asm+0x1a/0x30
[   13.974788]  mempool_kmalloc_double_free+0xed/0x140
[   13.974813]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   13.974840]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.974862]  ? __pfx_mempool_kfree+0x10/0x10
[   13.974886]  ? __pfx_read_tsc+0x10/0x10
[   13.974906]  ? ktime_get_ts64+0x86/0x230
[   13.974930]  kunit_try_run_case+0x1a5/0x480
[   13.974956]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.974978]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.975002]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.975026]  ? __kthread_parkme+0x82/0x180
[   13.975045]  ? preempt_count_sub+0x50/0x80
[   13.975079]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.975103]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.975127]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.975150]  kthread+0x337/0x6f0
[   13.975168]  ? trace_preempt_on+0x20/0xc0
[   13.975191]  ? __pfx_kthread+0x10/0x10
[   13.975211]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.975232]  ? calculate_sigpending+0x7b/0xa0
[   13.975256]  ? __pfx_kthread+0x10/0x10
[   13.975277]  ret_from_fork+0x116/0x1d0
[   13.975295]  ? __pfx_kthread+0x10/0x10
[   13.975314]  ret_from_fork_asm+0x1a/0x30
[   13.975346]  </TASK>
[   13.975357] 
[   13.986706] Allocated by task 252:
[   13.986959]  kasan_save_stack+0x45/0x70
[   13.987167]  kasan_save_track+0x18/0x40
[   13.987346]  kasan_save_alloc_info+0x3b/0x50
[   13.987499]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   13.987702]  remove_element+0x11e/0x190
[   13.988035]  mempool_alloc_preallocated+0x4d/0x90
[   13.988293]  mempool_double_free_helper+0x8a/0x370
[   13.988533]  mempool_kmalloc_double_free+0xed/0x140
[   13.988859]  kunit_try_run_case+0x1a5/0x480
[   13.989094]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.989355]  kthread+0x337/0x6f0
[   13.989524]  ret_from_fork+0x116/0x1d0
[   13.989741]  ret_from_fork_asm+0x1a/0x30
[   13.990001] 
[   13.990093] Freed by task 252:
[   13.990207]  kasan_save_stack+0x45/0x70
[   13.990413]  kasan_save_track+0x18/0x40
[   13.990604]  kasan_save_free_info+0x3f/0x60
[   13.990910]  __kasan_mempool_poison_object+0x131/0x1d0
[   13.991172]  mempool_free+0x2ec/0x380
[   13.991319]  mempool_double_free_helper+0x109/0x370
[   13.991482]  mempool_kmalloc_double_free+0xed/0x140
[   13.991746]  kunit_try_run_case+0x1a5/0x480
[   13.992126]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.992395]  kthread+0x337/0x6f0
[   13.992566]  ret_from_fork+0x116/0x1d0
[   13.992754]  ret_from_fork_asm+0x1a/0x30
[   13.993019] 
[   13.993135] The buggy address belongs to the object at ffff888102f42800
[   13.993135]  which belongs to the cache kmalloc-128 of size 128
[   13.993698] The buggy address is located 0 bytes inside of
[   13.993698]  128-byte region [ffff888102f42800, ffff888102f42880)
[   13.994259] 
[   13.994361] The buggy address belongs to the physical page:
[   13.994587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f42
[   13.994976] flags: 0x200000000000000(node=0|zone=2)
[   13.995163] page_type: f5(slab)
[   13.995288] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   13.995661] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   13.996188] page dumped because: kasan: bad access detected
[   13.996394] 
[   13.996491] Memory state around the buggy address:
[   13.996734]  ffff888102f42700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.997106]  ffff888102f42780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.997373] >ffff888102f42800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.997654]                    ^
[   13.997907]  ffff888102f42880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.998249]  ffff888102f42900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.998543] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

301T1hhn39ydHFy5rptQHsDW0S9

job_id

TEST:linaro@lkft#301T7xoEYOckNLikE6jjEAHHRA9

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/301T7xoEYOckNLikE6jjEAHHRA9

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/301T4likwvozYziJtzNCf8nqDOS/bzImage
sha256sum	d878b5e59deae208baa4e6d482e984445ae0ec4af3b5020650447f9d4a2c4b26

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/301T4likwvozYziJtzNCf8nqDOS/modules.tar.xz
sha256sum	291fe06cceb324f9770dcb63da3c986fce8e7a389aa66d36243b066e98ed6839

durations

tests

boot	0
kunit	276.12

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit