lkft/linux-next-master - next-20250513 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

May 13, 2025, 12:07 p.m.

Environment
qemu-arm64
qemu-x86_64

[   21.217209] ==================================================================
[   21.217296] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   21.217435] Free of addr fff00000c78b8000 by task kunit_try_catch/237
[   21.217487] 
[   21.217535] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc6-next-20250513 #1 PREEMPT 
[   21.217654] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.217687] Hardware name: linux,dummy-virt (DT)
[   21.217726] Call trace:
[   21.217756]  show_stack+0x20/0x38 (C)
[   21.217831]  dump_stack_lvl+0x8c/0xd0
[   21.217918]  print_report+0x118/0x608
[   21.218361]  kasan_report_invalid_free+0xc0/0xe8
[   21.218429]  __kasan_mempool_poison_object+0x14c/0x150
[   21.218635]  mempool_free+0x28c/0x328
[   21.218792]  mempool_double_free_helper+0x150/0x2e8
[   21.218880]  mempool_kmalloc_large_double_free+0xc0/0x118
[   21.218944]  kunit_try_run_case+0x170/0x3f0
[   21.219015]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.219245]  kthread+0x328/0x630
[   21.219305]  ret_from_fork+0x10/0x20
[   21.219545] 
[   21.219587] The buggy address belongs to the physical page:
[   21.219629] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b8
[   21.219694] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.219750] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   21.219817] page_type: f8(unknown)
[   21.220131] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.220199] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.220285] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.220385] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.220449] head: 0bfffe0000000002 ffffc1ffc31e2e01 00000000ffffffff 00000000ffffffff
[   21.220556] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.220607] page dumped because: kasan: bad access detected
[   21.220646] 
[   21.220666] Memory state around the buggy address:
[   21.220708]  fff00000c78b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.220756]  fff00000c78b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.220804] >fff00000c78b8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.220845]                    ^
[   21.220928]  fff00000c78b8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.220990]  fff00000c78b8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.221035] ==================================================================
[   21.231735] ==================================================================
[   21.231829] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   21.231924] Free of addr fff00000c78b8000 by task kunit_try_catch/239
[   21.231987] 
[   21.232040] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc6-next-20250513 #1 PREEMPT 
[   21.232139] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.232171] Hardware name: linux,dummy-virt (DT)
[   21.232213] Call trace:
[   21.232241]  show_stack+0x20/0x38 (C)
[   21.232303]  dump_stack_lvl+0x8c/0xd0
[   21.232356]  print_report+0x118/0x608
[   21.232410]  kasan_report_invalid_free+0xc0/0xe8
[   21.232463]  __kasan_mempool_poison_pages+0xe0/0xe8
[   21.232520]  mempool_free+0x24c/0x328
[   21.232574]  mempool_double_free_helper+0x150/0x2e8
[   21.232628]  mempool_page_alloc_double_free+0xbc/0x118
[   21.232685]  kunit_try_run_case+0x170/0x3f0
[   21.232739]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.232795]  kthread+0x328/0x630
[   21.232847]  ret_from_fork+0x10/0x20
[   21.232901] 
[   21.232927] The buggy address belongs to the physical page:
[   21.232963] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b8
[   21.233119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.233241] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   21.233309] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   21.233376] page dumped because: kasan: bad access detected
[   21.233422] 
[   21.233442] Memory state around the buggy address:
[   21.233481]  fff00000c78b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.233529]  fff00000c78b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.233599] >fff00000c78b8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.233652]                    ^
[   21.233688]  fff00000c78b8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.233749]  fff00000c78b8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.233837] ==================================================================
[   21.201855] ==================================================================
[   21.201952] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   21.202056] Free of addr fff00000c6620300 by task kunit_try_catch/235
[   21.202106] 
[   21.202157] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc6-next-20250513 #1 PREEMPT 
[   21.202256] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.202286] Hardware name: linux,dummy-virt (DT)
[   21.202326] Call trace:
[   21.202354]  show_stack+0x20/0x38 (C)
[   21.203219]  dump_stack_lvl+0x8c/0xd0
[   21.203303]  print_report+0x118/0x608
[   21.203431]  kasan_report_invalid_free+0xc0/0xe8
[   21.203572]  check_slab_allocation+0xd4/0x108
[   21.203884]  __kasan_mempool_poison_object+0x78/0x150
[   21.203958]  mempool_free+0x28c/0x328
[   21.204282]  mempool_double_free_helper+0x150/0x2e8
[   21.204339]  mempool_kmalloc_double_free+0xc0/0x118
[   21.204853]  kunit_try_run_case+0x170/0x3f0
[   21.204950]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.205085]  kthread+0x328/0x630
[   21.205164]  ret_from_fork+0x10/0x20
[   21.205221] 
[   21.205263] Allocated by task 235:
[   21.205357]  kasan_save_stack+0x3c/0x68
[   21.205474]  kasan_save_track+0x20/0x40
[   21.205530]  kasan_save_alloc_info+0x40/0x58
[   21.205614]  __kasan_mempool_unpoison_object+0x11c/0x180
[   21.205871]  remove_element+0x130/0x1f8
[   21.205998]  mempool_alloc_preallocated+0x58/0xc0
[   21.206300]  mempool_double_free_helper+0x94/0x2e8
[   21.206359]  mempool_kmalloc_double_free+0xc0/0x118
[   21.206444]  kunit_try_run_case+0x170/0x3f0
[   21.206511]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.206561]  kthread+0x328/0x630
[   21.206602]  ret_from_fork+0x10/0x20
[   21.206662] 
[   21.206686] Freed by task 235:
[   21.206718]  kasan_save_stack+0x3c/0x68
[   21.206799]  kasan_save_track+0x20/0x40
[   21.206838]  kasan_save_free_info+0x4c/0x78
[   21.206884]  __kasan_mempool_poison_object+0xc0/0x150
[   21.206930]  mempool_free+0x28c/0x328
[   21.206980]  mempool_double_free_helper+0x100/0x2e8
[   21.207032]  mempool_kmalloc_double_free+0xc0/0x118
[   21.207355]  kunit_try_run_case+0x170/0x3f0
[   21.207427]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.207498]  kthread+0x328/0x630
[   21.207543]  ret_from_fork+0x10/0x20
[   21.207586] 
[   21.207609] The buggy address belongs to the object at fff00000c6620300
[   21.207609]  which belongs to the cache kmalloc-128 of size 128
[   21.207675] The buggy address is located 0 bytes inside of
[   21.207675]  128-byte region [fff00000c6620300, fff00000c6620380)
[   21.207743] 
[   21.207769] The buggy address belongs to the physical page:
[   21.207808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106620
[   21.207873] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.207932] page_type: f5(slab)
[   21.207991] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   21.208394] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.208458] page dumped because: kasan: bad access detected
[   21.208506] 
[   21.208531] Memory state around the buggy address:
[   21.208794]  fff00000c6620200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.209135]  fff00000c6620280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.209241] >fff00000c6620300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.209450]                    ^
[   21.209496]  fff00000c6620380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.209661]  fff00000c6620400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.209717] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2x2ZFae8Ls3qEfTe0PRCYFb5eF9

job_id

TEST:linaro@lkft#2x2ZJwMkybAJ0V3AdwW8YXrmLW4

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2x2ZJwMkybAJ0V3AdwW8YXrmLW4

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2x2ZGjWiQXEqdPbxYxRYAHypUXF/Image.gz
sha256sum	504e1d37524260fa95a6f6e6498e4daa3458f89c70f1974ff57f1740645ee541

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2x2ZGjWiQXEqdPbxYxRYAHypUXF/modules.tar.xz
sha256sum	a71187f290b93746206f2f75a3cb5731ed4583beeb2a9abe36ca5193decfd1c5

durations

tests

boot	0
kunit	376.47

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   12.784968] ==================================================================
[   12.785471] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   12.785804] Free of addr ffff888102ab8000 by task kunit_try_catch/254
[   12.786092] 
[   12.786199] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) 
[   12.786248] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.786260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.786282] Call Trace:
[   12.786296]  <TASK>
[   12.786312]  dump_stack_lvl+0x73/0xb0
[   12.786342]  print_report+0xd1/0x650
[   12.786364]  ? __virt_addr_valid+0x1db/0x2d0
[   12.786390]  ? kasan_addr_to_slab+0x11/0xa0
[   12.786410]  ? mempool_double_free_helper+0x184/0x370
[   12.786435]  kasan_report_invalid_free+0x10a/0x130
[   12.786461]  ? mempool_double_free_helper+0x184/0x370
[   12.786492]  ? mempool_double_free_helper+0x184/0x370
[   12.786923]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   12.786959]  mempool_free+0x2ec/0x380
[   12.786986]  mempool_double_free_helper+0x184/0x370
[   12.787012]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   12.787040]  ? __pfx_sched_clock_cpu+0x10/0x10
[   12.787065]  ? finish_task_switch.isra.0+0x153/0x700
[   12.787091]  mempool_kmalloc_large_double_free+0xed/0x140
[   12.787117]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   12.787145]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.787164]  ? __pfx_mempool_kfree+0x10/0x10
[   12.787201]  ? __pfx_read_tsc+0x10/0x10
[   12.787223]  ? ktime_get_ts64+0x86/0x230
[   12.787250]  kunit_try_run_case+0x1a5/0x480
[   12.787275]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.787297]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.787321]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.787344]  ? __kthread_parkme+0x82/0x180
[   12.787364]  ? preempt_count_sub+0x50/0x80
[   12.787389]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.787413]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.787436]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.787459]  kthread+0x337/0x6f0
[   12.787478]  ? trace_preempt_on+0x20/0xc0
[   12.787503]  ? __pfx_kthread+0x10/0x10
[   12.787584]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.787608]  ? calculate_sigpending+0x7b/0xa0
[   12.787647]  ? __pfx_kthread+0x10/0x10
[   12.787670]  ret_from_fork+0x116/0x1d0
[   12.787690]  ? __pfx_kthread+0x10/0x10
[   12.787711]  ret_from_fork_asm+0x1a/0x30
[   12.787743]  </TASK>
[   12.787756] 
[   12.802811] The buggy address belongs to the physical page:
[   12.803198] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8
[   12.803781] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.804270] flags: 0x200000000000040(head|node=0|zone=2)
[   12.804665] page_type: f8(unknown)
[   12.804858] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.805266] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.805806] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.806134] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.806492] head: 0200000000000002 ffffea00040aae01 00000000ffffffff 00000000ffffffff
[   12.807024] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.807459] page dumped because: kasan: bad access detected
[   12.807809] 
[   12.807912] Memory state around the buggy address:
[   12.808225]  ffff888102ab7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.808674]  ffff888102ab7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.809038] >ffff888102ab8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.809447]                    ^
[   12.809642]  ffff888102ab8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.810114]  ffff888102ab8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.810501] ==================================================================
[   12.813718] ==================================================================
[   12.814186] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   12.814429] Free of addr ffff88810397c000 by task kunit_try_catch/256
[   12.815160] 
[   12.815550] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) 
[   12.815606] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.815668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.815691] Call Trace:
[   12.815705]  <TASK>
[   12.815722]  dump_stack_lvl+0x73/0xb0
[   12.815754]  print_report+0xd1/0x650
[   12.815776]  ? __virt_addr_valid+0x1db/0x2d0
[   12.815802]  ? kasan_addr_to_slab+0x11/0xa0
[   12.815823]  ? mempool_double_free_helper+0x184/0x370
[   12.815847]  kasan_report_invalid_free+0x10a/0x130
[   12.815872]  ? mempool_double_free_helper+0x184/0x370
[   12.815899]  ? mempool_double_free_helper+0x184/0x370
[   12.815923]  __kasan_mempool_poison_pages+0x115/0x130
[   12.815948]  mempool_free+0x290/0x380
[   12.815971]  mempool_double_free_helper+0x184/0x370
[   12.815995]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   12.816028]  mempool_page_alloc_double_free+0xe8/0x140
[   12.816054]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   12.816082]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   12.816102]  ? __pfx_mempool_free_pages+0x10/0x10
[   12.816125]  ? __pfx_read_tsc+0x10/0x10
[   12.816145]  ? ktime_get_ts64+0x86/0x230
[   12.816170]  kunit_try_run_case+0x1a5/0x480
[   12.816196]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.816284]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.816309]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.816331]  ? __kthread_parkme+0x82/0x180
[   12.816353]  ? preempt_count_sub+0x50/0x80
[   12.816378]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.816401]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.816424]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.816447]  kthread+0x337/0x6f0
[   12.816467]  ? trace_preempt_on+0x20/0xc0
[   12.816490]  ? __pfx_kthread+0x10/0x10
[   12.816511]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.816574]  ? calculate_sigpending+0x7b/0xa0
[   12.816598]  ? __pfx_kthread+0x10/0x10
[   12.816631]  ret_from_fork+0x116/0x1d0
[   12.816650]  ? __pfx_kthread+0x10/0x10
[   12.816671]  ret_from_fork_asm+0x1a/0x30
[   12.816703]  </TASK>
[   12.816714] 
[   12.831956] The buggy address belongs to the physical page:
[   12.832483] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397c
[   12.833268] flags: 0x200000000000000(node=0|zone=2)
[   12.833810] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   12.834177] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   12.834943] page dumped because: kasan: bad access detected
[   12.835306] 
[   12.835378] Memory state around the buggy address:
[   12.835535]  ffff88810397bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.836237]  ffff88810397bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.837069] >ffff88810397c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.837526]                    ^
[   12.837949]  ffff88810397c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.838271]  ffff88810397c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.838488] ==================================================================
[   12.742805] ==================================================================
[   12.743912] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   12.745291] Free of addr ffff8881039e2600 by task kunit_try_catch/252
[   12.745924] 
[   12.746028] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) 
[   12.746078] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.746091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.746112] Call Trace:
[   12.746126]  <TASK>
[   12.746144]  dump_stack_lvl+0x73/0xb0
[   12.746174]  print_report+0xd1/0x650
[   12.746199]  ? __virt_addr_valid+0x1db/0x2d0
[   12.746225]  ? kasan_complete_mode_report_info+0x64/0x200
[   12.746248]  ? mempool_double_free_helper+0x184/0x370
[   12.746273]  kasan_report_invalid_free+0x10a/0x130
[   12.746299]  ? mempool_double_free_helper+0x184/0x370
[   12.746324]  ? mempool_double_free_helper+0x184/0x370
[   12.746348]  ? mempool_double_free_helper+0x184/0x370
[   12.746370]  check_slab_allocation+0x101/0x130
[   12.746392]  __kasan_mempool_poison_object+0x91/0x1d0
[   12.746417]  mempool_free+0x2ec/0x380
[   12.746441]  mempool_double_free_helper+0x184/0x370
[   12.746471]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   12.746496]  ? update_load_avg+0x1be/0x21b0
[   12.746525]  ? finish_task_switch.isra.0+0x153/0x700
[   12.746551]  mempool_kmalloc_double_free+0xed/0x140
[   12.746575]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   12.746602]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.746633]  ? __pfx_mempool_kfree+0x10/0x10
[   12.746655]  ? __pfx_read_tsc+0x10/0x10
[   12.746711]  ? ktime_get_ts64+0x86/0x230
[   12.746897]  kunit_try_run_case+0x1a5/0x480
[   12.746928]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.746950]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.746974]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.747012]  ? __kthread_parkme+0x82/0x180
[   12.747034]  ? preempt_count_sub+0x50/0x80
[   12.747058]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.747094]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.747117]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.747152]  kthread+0x337/0x6f0
[   12.747173]  ? trace_preempt_on+0x20/0xc0
[   12.747197]  ? __pfx_kthread+0x10/0x10
[   12.747230]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.747250]  ? calculate_sigpending+0x7b/0xa0
[   12.747275]  ? __pfx_kthread+0x10/0x10
[   12.747308]  ret_from_fork+0x116/0x1d0
[   12.747327]  ? __pfx_kthread+0x10/0x10
[   12.747348]  ret_from_fork_asm+0x1a/0x30
[   12.747392]  </TASK>
[   12.747403] 
[   12.765150] Allocated by task 252:
[   12.765311]  kasan_save_stack+0x45/0x70
[   12.765803]  kasan_save_track+0x18/0x40
[   12.765998]  kasan_save_alloc_info+0x3b/0x50
[   12.766433]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   12.766797]  remove_element+0x11e/0x190
[   12.766964]  mempool_alloc_preallocated+0x4d/0x90
[   12.767369]  mempool_double_free_helper+0x8a/0x370
[   12.767817]  mempool_kmalloc_double_free+0xed/0x140
[   12.768151]  kunit_try_run_case+0x1a5/0x480
[   12.768321]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.768770]  kthread+0x337/0x6f0
[   12.769052]  ret_from_fork+0x116/0x1d0
[   12.769342]  ret_from_fork_asm+0x1a/0x30
[   12.769605] 
[   12.769866] Freed by task 252:
[   12.770122]  kasan_save_stack+0x45/0x70
[   12.770271]  kasan_save_track+0x18/0x40
[   12.770677]  kasan_save_free_info+0x3f/0x60
[   12.770841]  __kasan_mempool_poison_object+0x131/0x1d0
[   12.771260]  mempool_free+0x2ec/0x380
[   12.771508]  mempool_double_free_helper+0x109/0x370
[   12.771955]  mempool_kmalloc_double_free+0xed/0x140
[   12.772262]  kunit_try_run_case+0x1a5/0x480
[   12.772526]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.773012]  kthread+0x337/0x6f0
[   12.773208]  ret_from_fork+0x116/0x1d0
[   12.773596]  ret_from_fork_asm+0x1a/0x30
[   12.773757] 
[   12.773878] The buggy address belongs to the object at ffff8881039e2600
[   12.773878]  which belongs to the cache kmalloc-128 of size 128
[   12.774370] The buggy address is located 0 bytes inside of
[   12.774370]  128-byte region [ffff8881039e2600, ffff8881039e2680)
[   12.775307] 
[   12.775640] The buggy address belongs to the physical page:
[   12.775895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e2
[   12.776456] flags: 0x200000000000000(node=0|zone=2)
[   12.776875] page_type: f5(slab)
[   12.777213] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   12.777779] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.778221] page dumped because: kasan: bad access detected
[   12.778574] 
[   12.778798] Memory state around the buggy address:
[   12.779178]  ffff8881039e2500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.779717]  ffff8881039e2580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.780181] >ffff8881039e2600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.780589]                    ^
[   12.780979]  ffff8881039e2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.781404]  ffff8881039e2700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.781904] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2x2ZFae8Ls3qEfTe0PRCYFb5eF9

job_id

TEST:linaro@lkft#2x2ZKfXq1x4rE5uAs6VLnxuNkCP

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2x2ZKfXq1x4rE5uAs6VLnxuNkCP

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2x2ZHlHBYbYCHYJaF5eD66G530I/bzImage
sha256sum	e89f03c19c78189cd68c59a16440604de847a1695c893a93d8173d838704e698

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2x2ZHlHBYbYCHYJaF5eD66G530I/modules.tar.xz
sha256sum	8a5955c9acfee51bf7a3c12d37a8784f27ef2d8796875e5fb6568a2ec65c0fa8

durations

tests

boot	0
kunit	206.87

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit