lkft/linux-next-master - next-20250603 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

June 3, 2025, 7:38 a.m.

Environment
qemu-arm64
qemu-x86_64

[   20.476454] ==================================================================
[   20.476524] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   20.476581] Free of addr fff00000c79b0000 by task kunit_try_catch/237
[   20.476641] 
[   20.476676] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250603 #1 PREEMPT 
[   20.476763] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.476791] Hardware name: linux,dummy-virt (DT)
[   20.476829] Call trace:
[   20.476851]  show_stack+0x20/0x38 (C)
[   20.476900]  dump_stack_lvl+0x8c/0xd0
[   20.476949]  print_report+0x118/0x608
[   20.476996]  kasan_report_invalid_free+0xc0/0xe8
[   20.477053]  __kasan_mempool_poison_object+0x14c/0x150
[   20.477142]  mempool_free+0x28c/0x328
[   20.477358]  mempool_double_free_helper+0x150/0x2e8
[   20.477548]  mempool_kmalloc_large_double_free+0xc0/0x118
[   20.477842]  kunit_try_run_case+0x170/0x3f0
[   20.477896]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.477955]  kthread+0x328/0x630
[   20.478005]  ret_from_fork+0x10/0x20
[   20.478252] 
[   20.478297] The buggy address belongs to the physical page:
[   20.478344] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b0
[   20.479174] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.479355] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.479431] page_type: f8(unknown)
[   20.479474] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.479523] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.479571] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.479619] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.479667] head: 0bfffe0000000002 ffffc1ffc31e6c01 00000000ffffffff 00000000ffffffff
[   20.479945] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   20.479988] page dumped because: kasan: bad access detected
[   20.480020] 
[   20.480038] Memory state around the buggy address:
[   20.480079]  fff00000c79aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.480123]  fff00000c79aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.480165] >fff00000c79b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.480203]                    ^
[   20.480231]  fff00000c79b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.480273]  fff00000c79b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.480311] ==================================================================
[   20.485761] ==================================================================
[   20.485822] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   20.485881] Free of addr fff00000c79b0000 by task kunit_try_catch/239
[   20.485926] 
[   20.485960] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250603 #1 PREEMPT 
[   20.486061] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.486088] Hardware name: linux,dummy-virt (DT)
[   20.486120] Call trace:
[   20.486141]  show_stack+0x20/0x38 (C)
[   20.486191]  dump_stack_lvl+0x8c/0xd0
[   20.486241]  print_report+0x118/0x608
[   20.486356]  kasan_report_invalid_free+0xc0/0xe8
[   20.486407]  __kasan_mempool_poison_pages+0xe0/0xe8
[   20.486657]  mempool_free+0x24c/0x328
[   20.486737]  mempool_double_free_helper+0x150/0x2e8
[   20.486981]  mempool_page_alloc_double_free+0xbc/0x118
[   20.487083]  kunit_try_run_case+0x170/0x3f0
[   20.487234]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.487436]  kthread+0x328/0x630
[   20.487521]  ret_from_fork+0x10/0x20
[   20.487588] 
[   20.487619] The buggy address belongs to the physical page:
[   20.487651] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b0
[   20.487704] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.487769] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   20.487818] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.487858] page dumped because: kasan: bad access detected
[   20.487888] 
[   20.487906] Memory state around the buggy address:
[   20.487938]  fff00000c79aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.487982]  fff00000c79aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.488024] >fff00000c79b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.488064]                    ^
[   20.488091]  fff00000c79b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.488132]  fff00000c79b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.488170] ==================================================================
[   20.461808] ==================================================================
[   20.461918] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   20.461976] Free of addr fff00000c65b1d00 by task kunit_try_catch/235
[   20.462044] 
[   20.462079] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250603 #1 PREEMPT 
[   20.462164] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.462191] Hardware name: linux,dummy-virt (DT)
[   20.462232] Call trace:
[   20.462273]  show_stack+0x20/0x38 (C)
[   20.462350]  dump_stack_lvl+0x8c/0xd0
[   20.462656]  print_report+0x118/0x608
[   20.462712]  kasan_report_invalid_free+0xc0/0xe8
[   20.462761]  check_slab_allocation+0xd4/0x108
[   20.462833]  __kasan_mempool_poison_object+0x78/0x150
[   20.462884]  mempool_free+0x28c/0x328
[   20.462932]  mempool_double_free_helper+0x150/0x2e8
[   20.462981]  mempool_kmalloc_double_free+0xc0/0x118
[   20.463060]  kunit_try_run_case+0x170/0x3f0
[   20.463150]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.463262]  kthread+0x328/0x630
[   20.463451]  ret_from_fork+0x10/0x20
[   20.463576] 
[   20.463837] Allocated by task 235:
[   20.463896]  kasan_save_stack+0x3c/0x68
[   20.464157]  kasan_save_track+0x20/0x40
[   20.464282]  kasan_save_alloc_info+0x40/0x58
[   20.464373]  __kasan_mempool_unpoison_object+0x11c/0x180
[   20.464465]  remove_element+0x130/0x1f8
[   20.464512]  mempool_alloc_preallocated+0x58/0xc0
[   20.464551]  mempool_double_free_helper+0x94/0x2e8
[   20.464590]  mempool_kmalloc_double_free+0xc0/0x118
[   20.464906]  kunit_try_run_case+0x170/0x3f0
[   20.464979]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.465058]  kthread+0x328/0x630
[   20.465114]  ret_from_fork+0x10/0x20
[   20.465200] 
[   20.465252] Freed by task 235:
[   20.465298]  kasan_save_stack+0x3c/0x68
[   20.465371]  kasan_save_track+0x20/0x40
[   20.465419]  kasan_save_free_info+0x4c/0x78
[   20.465482]  __kasan_mempool_poison_object+0xc0/0x150
[   20.465549]  mempool_free+0x28c/0x328
[   20.465608]  mempool_double_free_helper+0x100/0x2e8
[   20.465719]  mempool_kmalloc_double_free+0xc0/0x118
[   20.465821]  kunit_try_run_case+0x170/0x3f0
[   20.465913]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.465956]  kthread+0x328/0x630
[   20.466017]  ret_from_fork+0x10/0x20
[   20.466183] 
[   20.466294] The buggy address belongs to the object at fff00000c65b1d00
[   20.466294]  which belongs to the cache kmalloc-128 of size 128
[   20.466474] The buggy address is located 0 bytes inside of
[   20.466474]  128-byte region [fff00000c65b1d00, fff00000c65b1d80)
[   20.466558] 
[   20.466742] The buggy address belongs to the physical page:
[   20.466821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1
[   20.466974] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.467061] page_type: f5(slab)
[   20.467157] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   20.467248] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   20.467383] page dumped because: kasan: bad access detected
[   20.467485] 
[   20.467539] Memory state around the buggy address:
[   20.467628]  fff00000c65b1c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.467728]  fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.467848] >fff00000c65b1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.467951]                    ^
[   20.468031]  fff00000c65b1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.468122]  fff00000c65b1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.468194] ==================================================================

KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper: Failure

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2xzM3oRvKtIZJSjOMliP3GqGi7X

job_id

TEST:linaro@lkft#2xzM8XnnCGj8ubqXi8XliFPzzGU

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xzM8XnnCGj8ubqXi8XliFPzzGU

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xzM538mN80fADe1LXZyIEhRSTS/Image.gz
sha256sum	2c61ffcef56d12e7e85681be7d2e449dad72bb84fd1e724ba956398ec9f29815

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xzM538mN80fADe1LXZyIEhRSTS/modules.tar.xz
sha256sum	399b7e6ffb3d7e5b4689c9f8aaf903f837de7797423a8699dda2ca14b4cab306

durations

tests

boot	0
kunit	184.03

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   16.507065] ==================================================================
[   16.507796] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   16.508517] Free of addr ffff888103341400 by task kunit_try_catch/252
[   16.509299] 
[   16.509646] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250603 #1 PREEMPT(voluntary) 
[   16.509820] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.509840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.509868] Call Trace:
[   16.509889]  <TASK>
[   16.509919]  dump_stack_lvl+0x73/0xb0
[   16.509977]  print_report+0xd1/0x650
[   16.510010]  ? __virt_addr_valid+0x1db/0x2d0
[   16.510044]  ? kasan_complete_mode_report_info+0x64/0x200
[   16.510070]  ? mempool_double_free_helper+0x184/0x370
[   16.510097]  kasan_report_invalid_free+0x10a/0x130
[   16.510125]  ? mempool_double_free_helper+0x184/0x370
[   16.510154]  ? mempool_double_free_helper+0x184/0x370
[   16.510180]  ? mempool_double_free_helper+0x184/0x370
[   16.510207]  check_slab_allocation+0x101/0x130
[   16.510254]  __kasan_mempool_poison_object+0x91/0x1d0
[   16.510284]  mempool_free+0x2ec/0x380
[   16.510311]  ? __wake_up+0x49/0x60
[   16.510344]  mempool_double_free_helper+0x184/0x370
[   16.510370]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   16.510399]  ? __kasan_check_write+0x18/0x20
[   16.510424]  ? __pfx_sched_clock_cpu+0x10/0x10
[   16.510450]  ? finish_task_switch.isra.0+0x153/0x700
[   16.510510]  mempool_kmalloc_double_free+0xed/0x140
[   16.510539]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   16.510574]  ? __pfx_mempool_kmalloc+0x10/0x10
[   16.510597]  ? __pfx_mempool_kfree+0x10/0x10
[   16.510622]  ? __pfx_read_tsc+0x10/0x10
[   16.510650]  ? ktime_get_ts64+0x86/0x230
[   16.510680]  kunit_try_run_case+0x1a5/0x480
[   16.510724]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.510753]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.510784]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.510812]  ? __kthread_parkme+0x82/0x180
[   16.510837]  ? preempt_count_sub+0x50/0x80
[   16.510863]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.510887]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.510917]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.510946]  kthread+0x337/0x6f0
[   16.510969]  ? trace_preempt_on+0x20/0xc0
[   16.510998]  ? __pfx_kthread+0x10/0x10
[   16.511022]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.511047]  ? calculate_sigpending+0x7b/0xa0
[   16.511077]  ? __pfx_kthread+0x10/0x10
[   16.511102]  ret_from_fork+0x116/0x1d0
[   16.511125]  ? __pfx_kthread+0x10/0x10
[   16.511148]  ret_from_fork_asm+0x1a/0x30
[   16.511186]  </TASK>
[   16.511200] 
[   16.523966] Allocated by task 252:
[   16.524620]  kasan_save_stack+0x45/0x70
[   16.525100]  kasan_save_track+0x18/0x40
[   16.525257]  kasan_save_alloc_info+0x3b/0x50
[   16.525510]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   16.526189]  remove_element+0x11e/0x190
[   16.526429]  mempool_alloc_preallocated+0x4d/0x90
[   16.526765]  mempool_double_free_helper+0x8a/0x370
[   16.527095]  mempool_kmalloc_double_free+0xed/0x140
[   16.527589]  kunit_try_run_case+0x1a5/0x480
[   16.528158]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.528357]  kthread+0x337/0x6f0
[   16.528527]  ret_from_fork+0x116/0x1d0
[   16.528783]  ret_from_fork_asm+0x1a/0x30
[   16.529245] 
[   16.529363] Freed by task 252:
[   16.529479]  kasan_save_stack+0x45/0x70
[   16.530191]  kasan_save_track+0x18/0x40
[   16.530416]  kasan_save_free_info+0x3f/0x60
[   16.530764]  __kasan_mempool_poison_object+0x131/0x1d0
[   16.531055]  mempool_free+0x2ec/0x380
[   16.531317]  mempool_double_free_helper+0x109/0x370
[   16.531795]  mempool_kmalloc_double_free+0xed/0x140
[   16.532039]  kunit_try_run_case+0x1a5/0x480
[   16.532225]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.532594]  kthread+0x337/0x6f0
[   16.532849]  ret_from_fork+0x116/0x1d0
[   16.533091]  ret_from_fork_asm+0x1a/0x30
[   16.533386] 
[   16.533541] The buggy address belongs to the object at ffff888103341400
[   16.533541]  which belongs to the cache kmalloc-128 of size 128
[   16.534333] The buggy address is located 0 bytes inside of
[   16.534333]  128-byte region [ffff888103341400, ffff888103341480)
[   16.535033] 
[   16.535182] The buggy address belongs to the physical page:
[   16.535500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103341
[   16.536074] flags: 0x200000000000000(node=0|zone=2)
[   16.536490] page_type: f5(slab)
[   16.536706] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   16.537106] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   16.537555] page dumped because: kasan: bad access detected
[   16.537942] 
[   16.538133] Memory state around the buggy address:
[   16.538835]  ffff888103341300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   16.539105]  ffff888103341380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.539295] >ffff888103341400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   16.539526]                    ^
[   16.539810]  ffff888103341480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.540730]  ffff888103341500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.541573] ==================================================================
[   16.576321] ==================================================================
[   16.577705] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   16.578224] Free of addr ffff888102ad4000 by task kunit_try_catch/256
[   16.578420] 
[   16.578834] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250603 #1 PREEMPT(voluntary) 
[   16.578925] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.578940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.578967] Call Trace:
[   16.578985]  <TASK>
[   16.579011]  dump_stack_lvl+0x73/0xb0
[   16.579055]  print_report+0xd1/0x650
[   16.579082]  ? __virt_addr_valid+0x1db/0x2d0
[   16.579111]  ? kasan_addr_to_slab+0x11/0xa0
[   16.579135]  ? mempool_double_free_helper+0x184/0x370
[   16.579163]  kasan_report_invalid_free+0x10a/0x130
[   16.579190]  ? mempool_double_free_helper+0x184/0x370
[   16.579257]  ? mempool_double_free_helper+0x184/0x370
[   16.579312]  __kasan_mempool_poison_pages+0x115/0x130
[   16.579353]  mempool_free+0x290/0x380
[   16.579594]  mempool_double_free_helper+0x184/0x370
[   16.579660]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   16.579716]  ? __pfx_sched_clock_cpu+0x10/0x10
[   16.579749]  ? irqentry_exit+0x2a/0x60
[   16.579773]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   16.579805]  mempool_page_alloc_double_free+0xe8/0x140
[   16.579834]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   16.579867]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   16.579893]  ? __pfx_mempool_free_pages+0x10/0x10
[   16.579916]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   16.579947]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   16.579981]  kunit_try_run_case+0x1a5/0x480
[   16.580007]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.580029]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.580058]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.580087]  ? __kthread_parkme+0x82/0x180
[   16.580112]  ? preempt_count_sub+0x50/0x80
[   16.580139]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.580163]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.580191]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.580243]  kthread+0x337/0x6f0
[   16.580269]  ? trace_preempt_on+0x20/0xc0
[   16.580298]  ? __pfx_kthread+0x10/0x10
[   16.580323]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.580349]  ? calculate_sigpending+0x7b/0xa0
[   16.580378]  ? __pfx_kthread+0x10/0x10
[   16.580403]  ret_from_fork+0x116/0x1d0
[   16.580427]  ? __pfx_kthread+0x10/0x10
[   16.580452]  ret_from_fork_asm+0x1a/0x30
[   16.580512]  </TASK>
[   16.580527] 
[   16.589921] The buggy address belongs to the physical page:
[   16.590126] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4
[   16.590808] flags: 0x200000000000000(node=0|zone=2)
[   16.590982] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   16.591166] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   16.594312] page dumped because: kasan: bad access detected
[   16.594826] 
[   16.594979] Memory state around the buggy address:
[   16.595385]  ffff888102ad3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.595943]  ffff888102ad3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.596121] >ffff888102ad4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.596291]                    ^
[   16.597006]  ffff888102ad4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.597920]  ffff888102ad4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.598120] ==================================================================
[   16.546433] ==================================================================
[   16.546946] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   16.547485] Free of addr ffff888102ad4000 by task kunit_try_catch/254
[   16.548046] 
[   16.548244] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-next-20250603 #1 PREEMPT(voluntary) 
[   16.548336] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.548362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.548390] Call Trace:
[   16.548406]  <TASK>
[   16.548429]  dump_stack_lvl+0x73/0xb0
[   16.548474]  print_report+0xd1/0x650
[   16.548500]  ? __virt_addr_valid+0x1db/0x2d0
[   16.548529]  ? kasan_addr_to_slab+0x11/0xa0
[   16.548551]  ? mempool_double_free_helper+0x184/0x370
[   16.548578]  kasan_report_invalid_free+0x10a/0x130
[   16.548605]  ? mempool_double_free_helper+0x184/0x370
[   16.548660]  ? mempool_double_free_helper+0x184/0x370
[   16.548757]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   16.548790]  mempool_free+0x2ec/0x380
[   16.548909]  mempool_double_free_helper+0x184/0x370
[   16.549020]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   16.549052]  ? update_load_avg+0x1be/0x21b0
[   16.549085]  ? dequeue_entities+0x27e/0x1740
[   16.549113]  ? finish_task_switch.isra.0+0x153/0x700
[   16.549143]  mempool_kmalloc_large_double_free+0xed/0x140
[   16.549172]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   16.549215]  ? __pfx_mempool_kmalloc+0x10/0x10
[   16.549240]  ? __pfx_mempool_kfree+0x10/0x10
[   16.549263]  ? __pfx_read_tsc+0x10/0x10
[   16.549290]  ? ktime_get_ts64+0x86/0x230
[   16.549316]  kunit_try_run_case+0x1a5/0x480
[   16.549342]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.549363]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   16.549392]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.549421]  ? __kthread_parkme+0x82/0x180
[   16.549445]  ? preempt_count_sub+0x50/0x80
[   16.549493]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.549518]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.549547]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.549575]  kthread+0x337/0x6f0
[   16.549597]  ? trace_preempt_on+0x20/0xc0
[   16.549624]  ? __pfx_kthread+0x10/0x10
[   16.549647]  ? _raw_spin_unlock_irq+0x47/0x80
[   16.549674]  ? calculate_sigpending+0x7b/0xa0
[   16.549701]  ? __pfx_kthread+0x10/0x10
[   16.549736]  ret_from_fork+0x116/0x1d0
[   16.549758]  ? __pfx_kthread+0x10/0x10
[   16.549781]  ret_from_fork_asm+0x1a/0x30
[   16.549816]  </TASK>
[   16.549830] 
[   16.561912] The buggy address belongs to the physical page:
[   16.562366] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4
[   16.562822] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.563160] flags: 0x200000000000040(head|node=0|zone=2)
[   16.563450] page_type: f8(unknown)
[   16.563915] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.564488] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.564852] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.565032] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   16.565235] head: 0200000000000002 ffffea00040ab501 00000000ffffffff 00000000ffffffff
[   16.565675] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   16.566163] page dumped because: kasan: bad access detected
[   16.566679] 
[   16.566828] Memory state around the buggy address:
[   16.567168]  ffff888102ad3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.567737]  ffff888102ad3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.568170] >ffff888102ad4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.568573]                    ^
[   16.568799]  ffff888102ad4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.569366]  ffff888102ad4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   16.569789] ==================================================================

KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper: Failure

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2xzM3oRvKtIZJSjOMliP3GqGi7X

job_id

TEST:linaro@lkft#2xzM9Qt22UENjnCVe0KdGcM1XGh

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xzM9Qt22UENjnCVe0KdGcM1XGh

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xzM6ILkoImerzJwt3i36435Qgd/bzImage
sha256sum	41dbba498607ed9b3739ff9baa3c174d4b2923681d46cae35f52620dbf9cdbb6

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xzM6ILkoImerzJwt3i36435Qgd/modules.tar.xz
sha256sum	525634634ad19a8da44f4fdbde0b46fb2b603649630081a93b095b171d4e28c6

durations

tests

boot	0
kunit	370.29

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit KNOWN ISSUE Automatically assigned

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit KNOWN ISSUE Automatically assigned