lkft/linux-next-master - next-20241205 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

Dec. 5, 2024, 2:07 p.m.

Environment
qemu-arm64
qemu-x86_64

[   32.600271] ==================================================================
[   32.601506] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0
[   32.602168] Free of addr fff00000c6567300 by task kunit_try_catch/224
[   32.603023] 
[   32.603850] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   32.604995] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.605620] Hardware name: linux,dummy-virt (DT)
[   32.606221] Call trace:
[   32.606631]  show_stack+0x20/0x38 (C)
[   32.607147]  dump_stack_lvl+0x8c/0xd0
[   32.608014]  print_report+0x118/0x5e0
[   32.608515]  kasan_report_invalid_free+0xb0/0xd8
[   32.609282]  check_slab_allocation+0xd4/0x108
[   32.609949]  __kasan_mempool_poison_object+0x78/0x150
[   32.610735]  mempool_free+0x28c/0x328
[   32.611411]  mempool_double_free_helper+0x150/0x2e0
[   32.612072]  mempool_kmalloc_double_free+0xb8/0x110
[   32.612808]  kunit_try_run_case+0x14c/0x3d0
[   32.613481]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.614285]  kthread+0x24c/0x2d0
[   32.614763]  ret_from_fork+0x10/0x20
[   32.615475] 
[   32.615841] Allocated by task 224:
[   32.616300]  kasan_save_stack+0x3c/0x68
[   32.617175]  kasan_save_track+0x20/0x40
[   32.617652]  kasan_save_alloc_info+0x40/0x58
[   32.618300]  __kasan_mempool_unpoison_object+0x11c/0x180
[   32.619073]  remove_element+0x130/0x1f8
[   32.619639]  mempool_alloc_preallocated+0x58/0xc0
[   32.620275]  mempool_double_free_helper+0x94/0x2e0
[   32.621387]  mempool_kmalloc_double_free+0xb8/0x110
[   32.622193]  kunit_try_run_case+0x14c/0x3d0
[   32.622861]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.623489]  kthread+0x24c/0x2d0
[   32.624385]  ret_from_fork+0x10/0x20
[   32.624912] 
[   32.625232] Freed by task 224:
[   32.625727]  kasan_save_stack+0x3c/0x68
[   32.626295]  kasan_save_track+0x20/0x40
[   32.626855]  kasan_save_free_info+0x4c/0x78
[   32.627679]  __kasan_mempool_poison_object+0xc0/0x150
[   32.628535]  mempool_free+0x28c/0x328
[   32.628986]  mempool_double_free_helper+0x100/0x2e0
[   32.629722]  mempool_kmalloc_double_free+0xb8/0x110
[   32.630469]  kunit_try_run_case+0x14c/0x3d0
[   32.631090]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.632142]  kthread+0x24c/0x2d0
[   32.633063]  ret_from_fork+0x10/0x20
[   32.633531] 
[   32.633812] The buggy address belongs to the object at fff00000c6567300
[   32.633812]  which belongs to the cache kmalloc-128 of size 128
[   32.635550] The buggy address is located 0 bytes inside of
[   32.635550]  128-byte region [fff00000c6567300, fff00000c6567380)
[   32.637010] 
[   32.637355] The buggy address belongs to the physical page:
[   32.638025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106567
[   32.639010] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   32.640360] page_type: f5(slab)
[   32.640915] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   32.642146] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   32.643476] page dumped because: kasan: bad access detected
[   32.644258] 
[   32.644601] Memory state around the buggy address:
[   32.645412]  fff00000c6567200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   32.646463]  fff00000c6567280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.647687] >fff00000c6567300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   32.648771]                    ^
[   32.649488]  fff00000c6567380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.650524]  fff00000c6567400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.651347] ==================================================================
[   32.661507] ==================================================================
[   32.662682] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0
[   32.663823] Free of addr fff00000c660c000 by task kunit_try_catch/226
[   32.665355] 
[   32.666005] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   32.667277] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.667867] Hardware name: linux,dummy-virt (DT)
[   32.668746] Call trace:
[   32.669271]  show_stack+0x20/0x38 (C)
[   32.670002]  dump_stack_lvl+0x8c/0xd0
[   32.670700]  print_report+0x118/0x5e0
[   32.671137]  kasan_report_invalid_free+0xb0/0xd8
[   32.672418]  __kasan_mempool_poison_object+0x14c/0x150
[   32.673114]  mempool_free+0x28c/0x328
[   32.673664]  mempool_double_free_helper+0x150/0x2e0
[   32.674620]  mempool_kmalloc_large_double_free+0xb8/0x110
[   32.675625]  kunit_try_run_case+0x14c/0x3d0
[   32.676172]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.676926]  kthread+0x24c/0x2d0
[   32.677407]  ret_from_fork+0x10/0x20
[   32.678055] 
[   32.678438] The buggy address belongs to the physical page:
[   32.679018] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10660c
[   32.680642] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   32.681727] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   32.682764] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   32.683829] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   32.684796] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   32.685688] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   32.686626] head: 0bfffe0000000002 ffffc1ffc3198301 ffffffffffffffff 0000000000000000
[   32.688343] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   32.689029] page dumped because: kasan: bad access detected
[   32.689591] 
[   32.689977] Memory state around the buggy address:
[   32.690544]  fff00000c660bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   32.691422]  fff00000c660bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   32.692428] >fff00000c660c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   32.693454]                    ^
[   32.693907]  fff00000c660c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   32.694732]  fff00000c660c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   32.695765] ==================================================================
[   32.705798] ==================================================================
[   32.707028] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0
[   32.707863] Free of addr fff00000c65d0000 by task kunit_try_catch/228
[   32.708551] 
[   32.709027] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   32.709982] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.710644] Hardware name: linux,dummy-virt (DT)
[   32.711804] Call trace:
[   32.712230]  show_stack+0x20/0x38 (C)
[   32.712954]  dump_stack_lvl+0x8c/0xd0
[   32.713591]  print_report+0x118/0x5e0
[   32.714310]  kasan_report_invalid_free+0xb0/0xd8
[   32.715004]  __kasan_mempool_poison_pages+0xe0/0xe8
[   32.715951]  mempool_free+0x24c/0x328
[   32.716460]  mempool_double_free_helper+0x150/0x2e0
[   32.717266]  mempool_page_alloc_double_free+0xb4/0x110
[   32.717999]  kunit_try_run_case+0x14c/0x3d0
[   32.718555]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.719476]  kthread+0x24c/0x2d0
[   32.720054]  ret_from_fork+0x10/0x20
[   32.720669] 
[   32.721272] The buggy address belongs to the physical page:
[   32.721982] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065d0
[   32.723010] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   32.724220] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   32.725154] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   32.726042] page dumped because: kasan: bad access detected
[   32.726671] 
[   32.727038] Memory state around the buggy address:
[   32.727972]  fff00000c65cff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.728888]  fff00000c65cff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.729753] >fff00000c65d0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   32.730637]                    ^
[   32.731125]  fff00000c65d0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   32.732141]  fff00000c65d0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   32.732548] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2pnhC7sMGO3mZSKEpi2hQOshVKK

job_id

TEST:linaro@lkft#2pnhGOQkwFo1HvTfLArQnxPtO0I

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pnhGOQkwFo1HvTfLArQnxPtO0I

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pnhDDDmMVdXLj6DmVWKmIo5UuB/Image.gz
sha256sum	a3a8ddbb98eb5f4750cc8f3a81da5ad969a6f518cf5722d432de7312e72d1e19

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	f592205e64add7389d8a1055c235aa3685e13c7cfdfdbe5f212ab22afdbeb656

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pnhDDDmMVdXLj6DmVWKmIo5UuB/modules.tar.xz
sha256sum	bf63a42a45d4c5a423fba686bca6ce06daee4626a049ed0143a18a7fdc0aa05b

durations

tests

boot	368.30
kunit	453.57

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

[   30.377914] ==================================================================
[   30.378792] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370
[   30.380111] Free of addr ffff888102a0f400 by task kunit_try_catch/242
[   30.380650] 
[   30.380903] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   30.382908] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.383662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   30.384824] Call Trace:
[   30.385180]  <TASK>
[   30.385565]  dump_stack_lvl+0x73/0xb0
[   30.386091]  print_report+0xd1/0x640
[   30.386732]  ? __virt_addr_valid+0x1db/0x2d0
[   30.387492]  ? mempool_double_free_helper+0x185/0x370
[   30.388510]  ? kasan_complete_mode_report_info+0x64/0x200
[   30.389285]  ? mempool_double_free_helper+0x185/0x370
[   30.389921]  kasan_report_invalid_free+0xc0/0xf0
[   30.390622]  ? mempool_double_free_helper+0x185/0x370
[   30.391067]  ? mempool_double_free_helper+0x185/0x370
[   30.391883]  ? mempool_double_free_helper+0x185/0x370
[   30.392719]  check_slab_allocation+0x101/0x130
[   30.393322]  __kasan_mempool_poison_object+0x91/0x1d0
[   30.394145]  mempool_free+0x2ec/0x380
[   30.394506]  mempool_double_free_helper+0x185/0x370
[   30.395058]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   30.395819]  ? finish_task_switch.isra.0+0x153/0x700
[   30.396457]  mempool_kmalloc_double_free+0xb1/0x100
[   30.397014]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   30.397637]  ? __switch_to+0x5d9/0xf60
[   30.398360]  ? __pfx_mempool_kmalloc+0x10/0x10
[   30.398766]  ? __pfx_mempool_kfree+0x10/0x10
[   30.399297]  ? __pfx_read_tsc+0x10/0x10
[   30.399932]  ? ktime_get_ts64+0x86/0x230
[   30.400434]  kunit_try_run_case+0x1b3/0x490
[   30.401224]  ? __pfx_kunit_try_run_case+0x10/0x10
[   30.401623]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   30.402529]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   30.403142]  ? __kthread_parkme+0x82/0x160
[   30.403633]  ? preempt_count_sub+0x50/0x80
[   30.404297]  ? __pfx_kunit_try_run_case+0x10/0x10
[   30.404770]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   30.405600]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   30.406251]  kthread+0x257/0x310
[   30.406809]  ? __pfx_kthread+0x10/0x10
[   30.407485]  ret_from_fork+0x41/0x80
[   30.407894]  ? __pfx_kthread+0x10/0x10
[   30.408432]  ret_from_fork_asm+0x1a/0x30
[   30.409087]  </TASK>
[   30.409561] 
[   30.409805] Allocated by task 242:
[   30.410286]  kasan_save_stack+0x3d/0x60
[   30.410742]  kasan_save_track+0x18/0x40
[   30.411287]  kasan_save_alloc_info+0x3b/0x50
[   30.412047]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   30.412484]  remove_element+0x11e/0x190
[   30.413270]  mempool_alloc_preallocated+0x4d/0x90
[   30.413803]  mempool_double_free_helper+0x8b/0x370
[   30.414429]  mempool_kmalloc_double_free+0xb1/0x100
[   30.415166]  kunit_try_run_case+0x1b3/0x490
[   30.415572]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   30.416289]  kthread+0x257/0x310
[   30.416768]  ret_from_fork+0x41/0x80
[   30.417329]  ret_from_fork_asm+0x1a/0x30
[   30.417802] 
[   30.418201] Freed by task 242:
[   30.418465]  kasan_save_stack+0x3d/0x60
[   30.419015]  kasan_save_track+0x18/0x40
[   30.419531]  kasan_save_free_info+0x3f/0x60
[   30.420848]  __kasan_mempool_poison_object+0x131/0x1d0
[   30.422304]  mempool_free+0x2ec/0x380
[   30.422727]  mempool_double_free_helper+0x10a/0x370
[   30.423476]  mempool_kmalloc_double_free+0xb1/0x100
[   30.424325]  kunit_try_run_case+0x1b3/0x490
[   30.424986]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   30.425697]  kthread+0x257/0x310
[   30.426111]  ret_from_fork+0x41/0x80
[   30.426926]  ret_from_fork_asm+0x1a/0x30
[   30.427448] 
[   30.427743] The buggy address belongs to the object at ffff888102a0f400
[   30.427743]  which belongs to the cache kmalloc-128 of size 128
[   30.429217] The buggy address is located 0 bytes inside of
[   30.429217]  128-byte region [ffff888102a0f400, ffff888102a0f480)
[   30.431229] 
[   30.431340] The buggy address belongs to the physical page:
[   30.431563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0f
[   30.432010] flags: 0x200000000000000(node=0|zone=2)
[   30.433560] page_type: f5(slab)
[   30.434002] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   30.434769] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   30.435658] page dumped because: kasan: bad access detected
[   30.436274] 
[   30.436528] Memory state around the buggy address:
[   30.437235]  ffff888102a0f300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   30.438078]  ffff888102a0f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.438739] >ffff888102a0f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   30.439945]                    ^
[   30.440180]  ffff888102a0f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.441178]  ffff888102a0f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.441894] ==================================================================
[   30.450540] ==================================================================
[   30.451739] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370
[   30.452654] Free of addr ffff888102d60000 by task kunit_try_catch/244
[   30.453262] 
[   30.453447] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   30.455573] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.456056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   30.457245] Call Trace:
[   30.457582]  <TASK>
[   30.457818]  dump_stack_lvl+0x73/0xb0
[   30.458485]  print_report+0xd1/0x640
[   30.458829]  ? __virt_addr_valid+0x1db/0x2d0
[   30.459443]  ? mempool_double_free_helper+0x185/0x370
[   30.460120]  ? kasan_addr_to_slab+0x11/0xa0
[   30.460624]  ? mempool_double_free_helper+0x185/0x370
[   30.461276]  kasan_report_invalid_free+0xc0/0xf0
[   30.461708]  ? mempool_double_free_helper+0x185/0x370
[   30.462421]  ? mempool_double_free_helper+0x185/0x370
[   30.462959]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   30.463771]  mempool_free+0x2ec/0x380
[   30.464150]  mempool_double_free_helper+0x185/0x370
[   30.464672]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   30.465216]  ? finish_task_switch.isra.0+0x153/0x700
[   30.465634]  mempool_kmalloc_large_double_free+0xb1/0x100
[   30.466271]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   30.467117]  ? __switch_to+0x5d9/0xf60
[   30.467581]  ? __pfx_mempool_kmalloc+0x10/0x10
[   30.468210]  ? __pfx_mempool_kfree+0x10/0x10
[   30.468544]  ? __pfx_read_tsc+0x10/0x10
[   30.469174]  ? ktime_get_ts64+0x86/0x230
[   30.469630]  kunit_try_run_case+0x1b3/0x490
[   30.470500]  ? __pfx_kunit_try_run_case+0x10/0x10
[   30.470875]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   30.471548]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   30.472193]  ? __kthread_parkme+0x82/0x160
[   30.472615]  ? preempt_count_sub+0x50/0x80
[   30.473143]  ? __pfx_kunit_try_run_case+0x10/0x10
[   30.473598]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   30.474275]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   30.474906]  kthread+0x257/0x310
[   30.475550]  ? __pfx_kthread+0x10/0x10
[   30.476225]  ret_from_fork+0x41/0x80
[   30.476565]  ? __pfx_kthread+0x10/0x10
[   30.477316]  ret_from_fork_asm+0x1a/0x30
[   30.477979]  </TASK>
[   30.478218] 
[   30.478663] The buggy address belongs to the physical page:
[   30.478946] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d60
[   30.480535] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   30.481417] flags: 0x200000000000040(head|node=0|zone=2)
[   30.481928] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   30.482631] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   30.483853] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   30.484745] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   30.486483] head: 0200000000000002 ffffea00040b5801 ffffffffffffffff 0000000000000000
[   30.487416] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   30.487757] page dumped because: kasan: bad access detected
[   30.488644] 
[   30.489219] Memory state around the buggy address:
[   30.489713]  ffff888102d5ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.490501]  ffff888102d5ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.491270] >ffff888102d60000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.491939]                    ^
[   30.492611]  ffff888102d60080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.493395]  ffff888102d60100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.494352] ==================================================================
[   30.500317] ==================================================================
[   30.501579] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370
[   30.502627] Free of addr ffff888102d60000 by task kunit_try_catch/246
[   30.503339] 
[   30.503562] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241205 #1
[   30.505472] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.506283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   30.507279] Call Trace:
[   30.507510]  <TASK>
[   30.508215]  dump_stack_lvl+0x73/0xb0
[   30.508507]  print_report+0xd1/0x640
[   30.509003]  ? __virt_addr_valid+0x1db/0x2d0
[   30.509803]  ? mempool_double_free_helper+0x185/0x370
[   30.510371]  ? kasan_addr_to_slab+0x11/0xa0
[   30.511379]  ? mempool_double_free_helper+0x185/0x370
[   30.512195]  kasan_report_invalid_free+0xc0/0xf0
[   30.512629]  ? mempool_double_free_helper+0x185/0x370
[   30.513343]  ? mempool_double_free_helper+0x185/0x370
[   30.514355]  __kasan_mempool_poison_pages+0x115/0x130
[   30.514830]  mempool_free+0x290/0x380
[   30.515543]  mempool_double_free_helper+0x185/0x370
[   30.516742]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   30.517296]  mempool_page_alloc_double_free+0xac/0x100
[   30.518006]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   30.518673]  ? __switch_to+0x5d9/0xf60
[   30.519224]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   30.520290]  ? __pfx_mempool_free_pages+0x10/0x10
[   30.520783]  ? __pfx_read_tsc+0x10/0x10
[   30.521451]  ? ktime_get_ts64+0x86/0x230
[   30.522251]  kunit_try_run_case+0x1b3/0x490
[   30.523208]  ? __pfx_kunit_try_run_case+0x10/0x10
[   30.523715]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   30.524411]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   30.525411]  ? __kthread_parkme+0x82/0x160
[   30.525925]  ? preempt_count_sub+0x50/0x80
[   30.526306]  ? __pfx_kunit_try_run_case+0x10/0x10
[   30.526758]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   30.527207]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   30.528280]  kthread+0x257/0x310
[   30.528709]  ? __pfx_kthread+0x10/0x10
[   30.529319]  ret_from_fork+0x41/0x80
[   30.529735]  ? __pfx_kthread+0x10/0x10
[   30.530717]  ret_from_fork_asm+0x1a/0x30
[   30.531210]  </TASK>
[   30.531562] 
[   30.531813] The buggy address belongs to the physical page:
[   30.532766] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d60
[   30.533971] flags: 0x200000000000000(node=0|zone=2)
[   30.534496] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   30.535749] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   30.536557] page dumped because: kasan: bad access detected
[   30.537429] 
[   30.537937] Memory state around the buggy address:
[   30.538398]  ffff888102d5ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.539542]  ffff888102d5ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.540807] >ffff888102d60000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.541338]                    ^
[   30.542197]  ffff888102d60080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.542774]  ffff888102d60100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.543475] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2pnhC7sMGO3mZSKEpi2hQOshVKK

job_id

TEST:linaro@lkft#2pnhHWFSK1dbZV5zleHb3KImSng

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pnhHWFSK1dbZV5zleHb3KImSng

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pnhEAoCkYWTiA52ztrhR2JrW2j/bzImage
sha256sum	6ac9a7b09124b3be18977719b6c42062081e4fc708754316fb00f1284d0ffbdc

rootfs

url	https://storage.tuxboot.com/debian/trixie/amd64/rootfs.ext4.xz
sha256sum	c6ceed53712217894b72c37cdc18ddb1157eb9bca95bb5bb312b9c30db3bb83b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pnhEAoCkYWTiA52ztrhR2JrW2j/modules.tar.xz
sha256sum	d3ec141e466e48bcd82ed4ba800c23ee25b64ee01ab02d8038ff3f8c6fd7ed6d

durations

tests

boot	336.99
kunit	512.65

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit