lkft/linux-next-master - next-20250529 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

May 29, 2025, 7:10 a.m.

Environment
qemu-arm64
qemu-x86_64

[   24.311566] ==================================================================
[   24.311755] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   24.312385] Free of addr fff00000c66ad700 by task kunit_try_catch/235
[   24.312695] 
[   24.312802] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250529 #1 PREEMPT 
[   24.313055] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.313134] Hardware name: linux,dummy-virt (DT)
[   24.313230] Call trace:
[   24.313286]  show_stack+0x20/0x38 (C)
[   24.313431]  dump_stack_lvl+0x8c/0xd0
[   24.313541]  print_report+0x118/0x608
[   24.313663]  kasan_report_invalid_free+0xc0/0xe8
[   24.313788]  check_slab_allocation+0xd4/0x108
[   24.313908]  __kasan_mempool_poison_object+0x78/0x150
[   24.314376]  mempool_free+0x28c/0x328
[   24.315063]  mempool_double_free_helper+0x150/0x2e8
[   24.315293]  mempool_kmalloc_double_free+0xc0/0x118
[   24.315735]  kunit_try_run_case+0x170/0x3f0
[   24.315918]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.316318]  kthread+0x328/0x630
[   24.316442]  ret_from_fork+0x10/0x20
[   24.316557] 
[   24.317091] Allocated by task 235:
[   24.317206]  kasan_save_stack+0x3c/0x68
[   24.317548]  kasan_save_track+0x20/0x40
[   24.317818]  kasan_save_alloc_info+0x40/0x58
[   24.317922]  __kasan_mempool_unpoison_object+0x11c/0x180
[   24.318025]  remove_element+0x130/0x1f8
[   24.318116]  mempool_alloc_preallocated+0x58/0xc0
[   24.318217]  mempool_double_free_helper+0x94/0x2e8
[   24.318313]  mempool_kmalloc_double_free+0xc0/0x118
[   24.318443]  kunit_try_run_case+0x170/0x3f0
[   24.318542]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.318648]  kthread+0x328/0x630
[   24.318730]  ret_from_fork+0x10/0x20
[   24.318822] 
[   24.318868] Freed by task 235:
[   24.318934]  kasan_save_stack+0x3c/0x68
[   24.319072]  kasan_save_track+0x20/0x40
[   24.319151]  kasan_save_free_info+0x4c/0x78
[   24.319229]  __kasan_mempool_poison_object+0xc0/0x150
[   24.319358]  mempool_free+0x28c/0x328
[   24.319459]  mempool_double_free_helper+0x100/0x2e8
[   24.319545]  mempool_kmalloc_double_free+0xc0/0x118
[   24.319628]  kunit_try_run_case+0x170/0x3f0
[   24.319710]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.319834]  kthread+0x328/0x630
[   24.319922]  ret_from_fork+0x10/0x20
[   24.319998] 
[   24.320053] The buggy address belongs to the object at fff00000c66ad700
[   24.320053]  which belongs to the cache kmalloc-128 of size 128
[   24.320201] The buggy address is located 0 bytes inside of
[   24.320201]  128-byte region [fff00000c66ad700, fff00000c66ad780)
[   24.320333] 
[   24.320390] The buggy address belongs to the physical page:
[   24.320496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ad
[   24.320637] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   24.320764] page_type: f5(slab)
[   24.320863] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   24.320996] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.321096] page dumped because: kasan: bad access detected
[   24.321160] 
[   24.321193] Memory state around the buggy address:
[   24.321250]  fff00000c66ad600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   24.321326]  fff00000c66ad680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.321454] >fff00000c66ad700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   24.321545]                    ^
[   24.321642]  fff00000c66ad780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.321730]  fff00000c66ad800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.321804] ==================================================================
[   24.349140] ==================================================================
[   24.349331] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   24.352089] Free of addr fff00000c78a4000 by task kunit_try_catch/237
[   24.352459] 
[   24.353071] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250529 #1 PREEMPT 
[   24.354147] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.354515] Hardware name: linux,dummy-virt (DT)
[   24.354603] Call trace:
[   24.354656]  show_stack+0x20/0x38 (C)
[   24.354782]  dump_stack_lvl+0x8c/0xd0
[   24.354897]  print_report+0x118/0x608
[   24.355009]  kasan_report_invalid_free+0xc0/0xe8
[   24.355124]  __kasan_mempool_poison_object+0x14c/0x150
[   24.355239]  mempool_free+0x28c/0x328
[   24.355346]  mempool_double_free_helper+0x150/0x2e8
[   24.357001]  mempool_kmalloc_large_double_free+0xc0/0x118
[   24.357854]  kunit_try_run_case+0x170/0x3f0
[   24.358441]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.358581]  kthread+0x328/0x630
[   24.358669]  ret_from_fork+0x10/0x20
[   24.358772] 
[   24.358837] The buggy address belongs to the physical page:
[   24.358914] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a4
[   24.359053] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.359185] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.359328] page_type: f8(unknown)
[   24.359441] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.359572] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.359704] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.359830] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.359957] head: 0bfffe0000000002 ffffc1ffc31e2901 00000000ffffffff 00000000ffffffff
[   24.360085] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   24.360569] page dumped because: kasan: bad access detected
[   24.360651] 
[   24.360694] Memory state around the buggy address:
[   24.360770]  fff00000c78a3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   24.360879]  fff00000c78a3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   24.361480] >fff00000c78a4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   24.361580]                    ^
[   24.361626]  fff00000c78a4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   24.361712]  fff00000c78a4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   24.361793] ==================================================================
[   24.385008] ==================================================================
[   24.385189] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   24.385346] Free of addr fff00000c78a4000 by task kunit_try_catch/239
[   24.385467] 
[   24.385559] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250529 #1 PREEMPT 
[   24.385775] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.385844] Hardware name: linux,dummy-virt (DT)
[   24.385924] Call trace:
[   24.385977]  show_stack+0x20/0x38 (C)
[   24.386101]  dump_stack_lvl+0x8c/0xd0
[   24.386224]  print_report+0x118/0x608
[   24.386339]  kasan_report_invalid_free+0xc0/0xe8
[   24.387231]  __kasan_mempool_poison_pages+0xe0/0xe8
[   24.387517]  mempool_free+0x24c/0x328
[   24.387796]  mempool_double_free_helper+0x150/0x2e8
[   24.387922]  mempool_page_alloc_double_free+0xbc/0x118
[   24.388104]  kunit_try_run_case+0x170/0x3f0
[   24.388334]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.388622]  kthread+0x328/0x630
[   24.389227]  ret_from_fork+0x10/0x20
[   24.389580] 
[   24.389694] The buggy address belongs to the physical page:
[   24.389774] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a4
[   24.390297] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   24.390526] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   24.391008] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   24.391272] page dumped because: kasan: bad access detected
[   24.391575] 
[   24.391642] Memory state around the buggy address:
[   24.391828]  fff00000c78a3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   24.391935]  fff00000c78a3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   24.392128] >fff00000c78a4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   24.392472]                    ^
[   24.392553]  fff00000c78a4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   24.393251]  fff00000c78a4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   24.393497] ==================================================================

KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper: Failure

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2xlB4GuTqktDwlee71Jnb1NJfRI

job_id

TEST:linaro@lkft#2xlB9kSwL581IJhu7BHNzCfQT8M

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xlB9kSwL581IJhu7BHNzCfQT8M

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xlB5itkvUcoORKx6U0GB9mAQ6f/Image.gz
sha256sum	27519c64f4a22ec72b96feedf830a0a926ae1ffcb90bd853992b3cfb83707592

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xlB5itkvUcoORKx6U0GB9mAQ6f/modules.tar.xz
sha256sum	b608f80e2ffe2d76ee59982bb5280be82af49763b122cef01f6e5492f96dd429

durations

tests

boot	0
kunit	310.48

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   12.555980] ==================================================================
[   12.556552] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   12.556933] Free of addr ffff888102a8c000 by task kunit_try_catch/256
[   12.557218] 
[   12.557351] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250529 #1 PREEMPT(voluntary) 
[   12.557413] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.557426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.557449] Call Trace:
[   12.557463]  <TASK>
[   12.557479]  dump_stack_lvl+0x73/0xb0
[   12.557538]  print_report+0xd1/0x650
[   12.557562]  ? __virt_addr_valid+0x1db/0x2d0
[   12.557598]  ? kasan_addr_to_slab+0x11/0xa0
[   12.557628]  ? mempool_double_free_helper+0x184/0x370
[   12.557655]  kasan_report_invalid_free+0x10a/0x130
[   12.557679]  ? mempool_double_free_helper+0x184/0x370
[   12.557705]  ? mempool_double_free_helper+0x184/0x370
[   12.557729]  __kasan_mempool_poison_pages+0x115/0x130
[   12.557767]  mempool_free+0x290/0x380
[   12.557792]  mempool_double_free_helper+0x184/0x370
[   12.557817]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   12.557851]  ? update_load_avg+0x1be/0x21b0
[   12.557876]  ? update_load_avg+0x1be/0x21b0
[   12.557897]  ? update_curr+0x80/0x810
[   12.557920]  ? finish_task_switch.isra.0+0x153/0x700
[   12.557977]  mempool_page_alloc_double_free+0xe8/0x140
[   12.558003]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   12.558043]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   12.558064]  ? __pfx_mempool_free_pages+0x10/0x10
[   12.558087]  ? __pfx_read_tsc+0x10/0x10
[   12.558108]  ? ktime_get_ts64+0x86/0x230
[   12.558132]  kunit_try_run_case+0x1a5/0x480
[   12.558155]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.558175]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.558201]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.558225]  ? __kthread_parkme+0x82/0x180
[   12.558246]  ? preempt_count_sub+0x50/0x80
[   12.558269]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.558291]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.558315]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.558340]  kthread+0x337/0x6f0
[   12.558359]  ? trace_preempt_on+0x20/0xc0
[   12.558382]  ? __pfx_kthread+0x10/0x10
[   12.558403]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.558426]  ? calculate_sigpending+0x7b/0xa0
[   12.558450]  ? __pfx_kthread+0x10/0x10
[   12.558472]  ret_from_fork+0x116/0x1d0
[   12.558491]  ? __pfx_kthread+0x10/0x10
[   12.558511]  ret_from_fork_asm+0x1a/0x30
[   12.558548]  </TASK>
[   12.558558] 
[   12.569138] The buggy address belongs to the physical page:
[   12.569392] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a8c
[   12.569815] flags: 0x200000000000000(node=0|zone=2)
[   12.570295] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   12.570683] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   12.571213] page dumped because: kasan: bad access detected
[   12.571396] 
[   12.571468] Memory state around the buggy address:
[   12.571714]  ffff888102a8bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.572089]  ffff888102a8bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.572500] >ffff888102a8c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.572997]                    ^
[   12.573205]  ffff888102a8c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.573478]  ffff888102a8c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.573937] ==================================================================
[   12.526514] ==================================================================
[   12.527221] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   12.527473] Free of addr ffff8881039d8000 by task kunit_try_catch/254
[   12.528085] 
[   12.528253] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250529 #1 PREEMPT(voluntary) 
[   12.528305] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.528319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.528340] Call Trace:
[   12.528354]  <TASK>
[   12.528369]  dump_stack_lvl+0x73/0xb0
[   12.528399]  print_report+0xd1/0x650
[   12.528423]  ? __virt_addr_valid+0x1db/0x2d0
[   12.528447]  ? kasan_addr_to_slab+0x11/0xa0
[   12.528469]  ? mempool_double_free_helper+0x184/0x370
[   12.528494]  kasan_report_invalid_free+0x10a/0x130
[   12.528520]  ? mempool_double_free_helper+0x184/0x370
[   12.528548]  ? mempool_double_free_helper+0x184/0x370
[   12.528571]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   12.528596]  mempool_free+0x2ec/0x380
[   12.528632]  mempool_double_free_helper+0x184/0x370
[   12.528657]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   12.528683]  ? __kasan_check_write+0x18/0x20
[   12.528703]  ? __pfx_sched_clock_cpu+0x10/0x10
[   12.528726]  ? finish_task_switch.isra.0+0x153/0x700
[   12.529126]  mempool_kmalloc_large_double_free+0xed/0x140
[   12.529167]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   12.529198]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.529220]  ? __pfx_mempool_kfree+0x10/0x10
[   12.529243]  ? __pfx_read_tsc+0x10/0x10
[   12.529266]  ? ktime_get_ts64+0x86/0x230
[   12.529293]  kunit_try_run_case+0x1a5/0x480
[   12.529316]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.529336]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.529362]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.529386]  ? __kthread_parkme+0x82/0x180
[   12.529407]  ? preempt_count_sub+0x50/0x80
[   12.529431]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.529453]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.529478]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.529503]  kthread+0x337/0x6f0
[   12.529523]  ? trace_preempt_on+0x20/0xc0
[   12.529546]  ? __pfx_kthread+0x10/0x10
[   12.529568]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.529591]  ? calculate_sigpending+0x7b/0xa0
[   12.529630]  ? __pfx_kthread+0x10/0x10
[   12.529653]  ret_from_fork+0x116/0x1d0
[   12.529672]  ? __pfx_kthread+0x10/0x10
[   12.529693]  ret_from_fork_asm+0x1a/0x30
[   12.529724]  </TASK>
[   12.529735] 
[   12.545858] The buggy address belongs to the physical page:
[   12.546078] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d8
[   12.546422] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.546998] flags: 0x200000000000040(head|node=0|zone=2)
[   12.547256] page_type: f8(unknown)
[   12.547414] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.547692] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.548203] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.549012] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.549389] head: 0200000000000002 ffffea00040e7601 00000000ffffffff 00000000ffffffff
[   12.549743] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.550180] page dumped because: kasan: bad access detected
[   12.550413] 
[   12.550527] Memory state around the buggy address:
[   12.550750]  ffff8881039d7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.551139]  ffff8881039d7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.551699] >ffff8881039d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.552273]                    ^
[   12.552494]  ffff8881039d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.552819]  ffff8881039d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.553134] ==================================================================
[   12.493418] ==================================================================
[   12.494246] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   12.494497] Free of addr ffff8881028b1400 by task kunit_try_catch/252
[   12.494716] 
[   12.494811] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250529 #1 PREEMPT(voluntary) 
[   12.494858] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.494870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.494893] Call Trace:
[   12.494904]  <TASK>
[   12.494920]  dump_stack_lvl+0x73/0xb0
[   12.494947]  print_report+0xd1/0x650
[   12.494969]  ? __virt_addr_valid+0x1db/0x2d0
[   12.494993]  ? kasan_complete_mode_report_info+0x64/0x200
[   12.495015]  ? mempool_double_free_helper+0x184/0x370
[   12.495041]  kasan_report_invalid_free+0x10a/0x130
[   12.495066]  ? mempool_double_free_helper+0x184/0x370
[   12.495133]  ? mempool_double_free_helper+0x184/0x370
[   12.495156]  ? mempool_double_free_helper+0x184/0x370
[   12.495191]  check_slab_allocation+0x101/0x130
[   12.495213]  __kasan_mempool_poison_object+0x91/0x1d0
[   12.495237]  mempool_free+0x2ec/0x380
[   12.495261]  mempool_double_free_helper+0x184/0x370
[   12.495285]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   12.495310]  ? __kasan_check_write+0x18/0x20
[   12.495330]  ? __pfx_sched_clock_cpu+0x10/0x10
[   12.495353]  ? finish_task_switch.isra.0+0x153/0x700
[   12.495379]  mempool_kmalloc_double_free+0xed/0x140
[   12.495403]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   12.495430]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.495470]  ? __pfx_mempool_kfree+0x10/0x10
[   12.495492]  ? __pfx_read_tsc+0x10/0x10
[   12.495514]  ? ktime_get_ts64+0x86/0x230
[   12.495561]  kunit_try_run_case+0x1a5/0x480
[   12.495583]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.495622]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.495647]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.495673]  ? __kthread_parkme+0x82/0x180
[   12.495693]  ? preempt_count_sub+0x50/0x80
[   12.495717]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.495738]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.495798]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.495823]  kthread+0x337/0x6f0
[   12.495843]  ? trace_preempt_on+0x20/0xc0
[   12.495866]  ? __pfx_kthread+0x10/0x10
[   12.495889]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.495914]  ? calculate_sigpending+0x7b/0xa0
[   12.495940]  ? __pfx_kthread+0x10/0x10
[   12.495963]  ret_from_fork+0x116/0x1d0
[   12.495982]  ? __pfx_kthread+0x10/0x10
[   12.496002]  ret_from_fork_asm+0x1a/0x30
[   12.496034]  </TASK>
[   12.496044] 
[   12.507665] Allocated by task 252:
[   12.507943]  kasan_save_stack+0x45/0x70
[   12.508153]  kasan_save_track+0x18/0x40
[   12.508352]  kasan_save_alloc_info+0x3b/0x50
[   12.508575]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   12.509113]  remove_element+0x11e/0x190
[   12.509271]  mempool_alloc_preallocated+0x4d/0x90
[   12.509577]  mempool_double_free_helper+0x8a/0x370
[   12.509835]  mempool_kmalloc_double_free+0xed/0x140
[   12.510213]  kunit_try_run_case+0x1a5/0x480
[   12.510419]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.510738]  kthread+0x337/0x6f0
[   12.510868]  ret_from_fork+0x116/0x1d0
[   12.511144]  ret_from_fork_asm+0x1a/0x30
[   12.511510] 
[   12.511617] Freed by task 252:
[   12.511845]  kasan_save_stack+0x45/0x70
[   12.512091]  kasan_save_track+0x18/0x40
[   12.512326]  kasan_save_free_info+0x3f/0x60
[   12.512537]  __kasan_mempool_poison_object+0x131/0x1d0
[   12.512787]  mempool_free+0x2ec/0x380
[   12.512979]  mempool_double_free_helper+0x109/0x370
[   12.513170]  mempool_kmalloc_double_free+0xed/0x140
[   12.513466]  kunit_try_run_case+0x1a5/0x480
[   12.513632]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.514118]  kthread+0x337/0x6f0
[   12.514308]  ret_from_fork+0x116/0x1d0
[   12.514513]  ret_from_fork_asm+0x1a/0x30
[   12.514855] 
[   12.515105] The buggy address belongs to the object at ffff8881028b1400
[   12.515105]  which belongs to the cache kmalloc-128 of size 128
[   12.515954] The buggy address is located 0 bytes inside of
[   12.515954]  128-byte region [ffff8881028b1400, ffff8881028b1480)
[   12.516683] 
[   12.516770] The buggy address belongs to the physical page:
[   12.517305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b1
[   12.517678] flags: 0x200000000000000(node=0|zone=2)
[   12.518127] page_type: f5(slab)
[   12.518405] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   12.518978] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.519432] page dumped because: kasan: bad access detected
[   12.519839] 
[   12.519957] Memory state around the buggy address:
[   12.520390]  ffff8881028b1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.520744]  ffff8881028b1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.521237] >ffff8881028b1400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.521545]                    ^
[   12.521706]  ffff8881028b1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.522308]  ffff8881028b1500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.522597] ==================================================================

KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper: Failure

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2xlB4GuTqktDwlee71Jnb1NJfRI

job_id

TEST:linaro@lkft#2xlBAyWnEAFxkkNPj7qJWrTtgaT

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xlBAyWnEAFxkkNPj7qJWrTtgaT

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xlB7JyggRDdiWlLTNR3RGHKw4x/bzImage
sha256sum	813ee3b065558370ed659c97e0f76fa13c53689c6a88e9ed6ce06540be4fba08

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xlB7JyggRDdiWlLTNR3RGHKw4x/modules.tar.xz
sha256sum	d821f741da2dacad362fb409ee36ce859b32a19bbacfcc6c2f316531b9b4ec5f

durations

tests

boot	0
kunit	207.34

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit KNOWN ISSUE Automatically assigned

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit KNOWN ISSUE Automatically assigned