lkft/linux-next-master - next-20250617 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

June 17, 2025, 6:35 a.m.

Environment
qemu-arm64
qemu-x86_64

[   19.113334] ==================================================================
[   19.113411] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   19.113478] Free of addr fff00000c5254000 by task kunit_try_catch/246
[   19.113705] 
[   19.113761] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250617 #1 PREEMPT 
[   19.113900] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.113957] Hardware name: linux,dummy-virt (DT)
[   19.113993] Call trace:
[   19.114074]  show_stack+0x20/0x38 (C)
[   19.114180]  dump_stack_lvl+0x8c/0xd0
[   19.114242]  print_report+0x118/0x608
[   19.114318]  kasan_report_invalid_free+0xc0/0xe8
[   19.114368]  __kasan_mempool_poison_object+0x14c/0x150
[   19.114421]  mempool_free+0x28c/0x328
[   19.114467]  mempool_double_free_helper+0x150/0x2e8
[   19.114515]  mempool_kmalloc_large_double_free+0xc0/0x118
[   19.114568]  kunit_try_run_case+0x170/0x3f0
[   19.114616]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.114669]  kthread+0x328/0x630
[   19.115125]  ret_from_fork+0x10/0x20
[   19.115214] 
[   19.115272] The buggy address belongs to the physical page:
[   19.115314] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105254
[   19.115391] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.115469] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.115560] page_type: f8(unknown)
[   19.115648] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.115762] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   19.115824] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.116123] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   19.116276] head: 0bfffe0000000002 ffffc1ffc3149501 00000000ffffffff 00000000ffffffff
[   19.116426] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   19.116551] page dumped because: kasan: bad access detected
[   19.116629] 
[   19.116713] Memory state around the buggy address:
[   19.116771]  fff00000c5253f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.116872]  fff00000c5253f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.116946] >fff00000c5254000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.116986]                    ^
[   19.117016]  fff00000c5254080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.117057]  fff00000c5254100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.117096] ==================================================================
[   19.099738] ==================================================================
[   19.099801] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   19.099860] Free of addr fff00000c4fd8700 by task kunit_try_catch/244
[   19.100112] 
[   19.100171] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250617 #1 PREEMPT 
[   19.100269] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.100318] Hardware name: linux,dummy-virt (DT)
[   19.100367] Call trace:
[   19.100392]  show_stack+0x20/0x38 (C)
[   19.100455]  dump_stack_lvl+0x8c/0xd0
[   19.100507]  print_report+0x118/0x608
[   19.100571]  kasan_report_invalid_free+0xc0/0xe8
[   19.100800]  check_slab_allocation+0xd4/0x108
[   19.100893]  __kasan_mempool_poison_object+0x78/0x150
[   19.100962]  mempool_free+0x28c/0x328
[   19.101011]  mempool_double_free_helper+0x150/0x2e8
[   19.101060]  mempool_kmalloc_double_free+0xc0/0x118
[   19.101243]  kunit_try_run_case+0x170/0x3f0
[   19.101360]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.101431]  kthread+0x328/0x630
[   19.101477]  ret_from_fork+0x10/0x20
[   19.101535] 
[   19.101562] Allocated by task 244:
[   19.101608]  kasan_save_stack+0x3c/0x68
[   19.101652]  kasan_save_track+0x20/0x40
[   19.101857]  kasan_save_alloc_info+0x40/0x58
[   19.101945]  __kasan_mempool_unpoison_object+0x11c/0x180
[   19.101993]  remove_element+0x130/0x1f8
[   19.102066]  mempool_alloc_preallocated+0x58/0xc0
[   19.102133]  mempool_double_free_helper+0x94/0x2e8
[   19.102187]  mempool_kmalloc_double_free+0xc0/0x118
[   19.102278]  kunit_try_run_case+0x170/0x3f0
[   19.102316]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.102360]  kthread+0x328/0x630
[   19.102394]  ret_from_fork+0x10/0x20
[   19.102431] 
[   19.102449] Freed by task 244:
[   19.102476]  kasan_save_stack+0x3c/0x68
[   19.102515]  kasan_save_track+0x20/0x40
[   19.102773]  kasan_save_free_info+0x4c/0x78
[   19.102910]  __kasan_mempool_poison_object+0xc0/0x150
[   19.103056]  mempool_free+0x28c/0x328
[   19.103117]  mempool_double_free_helper+0x100/0x2e8
[   19.103183]  mempool_kmalloc_double_free+0xc0/0x118
[   19.103224]  kunit_try_run_case+0x170/0x3f0
[   19.103535]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.103618]  kthread+0x328/0x630
[   19.103689]  ret_from_fork+0x10/0x20
[   19.103784] 
[   19.103824] The buggy address belongs to the object at fff00000c4fd8700
[   19.103824]  which belongs to the cache kmalloc-128 of size 128
[   19.103910] The buggy address is located 0 bytes inside of
[   19.103910]  128-byte region [fff00000c4fd8700, fff00000c4fd8780)
[   19.104134] 
[   19.104369] The buggy address belongs to the physical page:
[   19.104435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104fd8
[   19.104536] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   19.104628] page_type: f5(slab)
[   19.104683] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   19.104859] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   19.105047] page dumped because: kasan: bad access detected
[   19.105119] 
[   19.105186] Memory state around the buggy address:
[   19.105288]  fff00000c4fd8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   19.105375]  fff00000c4fd8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.105419] >fff00000c4fd8700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   19.105760]                    ^
[   19.105828]  fff00000c4fd8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.105913]  fff00000c4fd8800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.106003] ==================================================================
[   19.122809] ==================================================================
[   19.123025] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   19.123098] Free of addr fff00000c5254000 by task kunit_try_catch/248
[   19.123142] 
[   19.123199] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250617 #1 PREEMPT 
[   19.123298] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.123336] Hardware name: linux,dummy-virt (DT)
[   19.123371] Call trace:
[   19.123407]  show_stack+0x20/0x38 (C)
[   19.123487]  dump_stack_lvl+0x8c/0xd0
[   19.123551]  print_report+0x118/0x608
[   19.123628]  kasan_report_invalid_free+0xc0/0xe8
[   19.123724]  __kasan_mempool_poison_pages+0xe0/0xe8
[   19.123782]  mempool_free+0x24c/0x328
[   19.123827]  mempool_double_free_helper+0x150/0x2e8
[   19.124046]  mempool_page_alloc_double_free+0xbc/0x118
[   19.124121]  kunit_try_run_case+0x170/0x3f0
[   19.124270]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.124754]  kthread+0x328/0x630
[   19.124815]  ret_from_fork+0x10/0x20
[   19.124899] 
[   19.124936] The buggy address belongs to the physical page:
[   19.125019] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105254
[   19.125081] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   19.125355] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   19.125464] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.125510] page dumped because: kasan: bad access detected
[   19.125550] 
[   19.125596] Memory state around the buggy address:
[   19.125645]  fff00000c5253f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.125705]  fff00000c5253f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.125750] >fff00000c5254000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.125788]                    ^
[   19.125820]  fff00000c5254080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.125864]  fff00000c5254100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.125984] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2ycmAbKpM2fPU7JFlL3VFcggZyX

job_id

TEST:linaro@lkft#2ycmGBohWgwDt0q1MSJxRxJ46Gq

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2ycmGBohWgwDt0q1MSJxRxJ46Gq

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ycmC5EhW3BM1tkjhYaNQdm2b7j/Image.gz
sha256sum	0e75f247fcfca828bae2c74673e3187b2cb142639542a20241767255dd2a989b

rootfs

url	https://storage.tuxboot.com/debian/20250605/trixie/arm64/rootfs.ext4.xz
sha256sum	905f5619346e1db164ac162d2472afab1c1502c840ccd8eb365c2a644148903b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ycmC5EhW3BM1tkjhYaNQdm2b7j/modules.tar.xz
sha256sum	18ad61734b8ac92476de265f77917a21b448a5c78baec17abc62599dfb00aad0

durations

tests

boot	0
kunit	171.74

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   20.312696] ==================================================================
[   20.313558] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   20.314947] Free of addr ffff888100ab8c00 by task kunit_try_catch/262
[   20.315444] 
[   20.315897] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250617 #1 PREEMPT(voluntary) 
[   20.316091] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.316132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   20.316192] Call Trace:
[   20.316229]  <TASK>
[   20.316443]  dump_stack_lvl+0x73/0xb0
[   20.316530]  print_report+0xd1/0x650
[   20.316606]  ? __virt_addr_valid+0x1db/0x2d0
[   20.316653]  ? kasan_complete_mode_report_info+0x64/0x200
[   20.316688]  ? mempool_double_free_helper+0x184/0x370
[   20.316724]  kasan_report_invalid_free+0x10a/0x130
[   20.316759]  ? mempool_double_free_helper+0x184/0x370
[   20.316797]  ? mempool_double_free_helper+0x184/0x370
[   20.316848]  ? mempool_double_free_helper+0x184/0x370
[   20.316891]  check_slab_allocation+0x101/0x130
[   20.316925]  __kasan_mempool_poison_object+0x91/0x1d0
[   20.316959]  mempool_free+0x2ec/0x380
[   20.317001]  mempool_double_free_helper+0x184/0x370
[   20.317035]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   20.317070]  ? __kasan_check_write+0x18/0x20
[   20.317098]  ? __pfx_sched_clock_cpu+0x10/0x10
[   20.317130]  ? finish_task_switch.isra.0+0x153/0x700
[   20.317167]  mempool_kmalloc_double_free+0xed/0x140
[   20.317202]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   20.317242]  ? __pfx_mempool_kmalloc+0x10/0x10
[   20.317276]  ? __pfx_mempool_kfree+0x10/0x10
[   20.317312]  ? __pfx_read_tsc+0x10/0x10
[   20.317343]  ? ktime_get_ts64+0x86/0x230
[   20.317378]  kunit_try_run_case+0x1a5/0x480
[   20.317414]  ? __pfx_kunit_try_run_case+0x10/0x10
[   20.317448]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   20.317480]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   20.317590]  ? __kthread_parkme+0x82/0x180
[   20.317638]  ? preempt_count_sub+0x50/0x80
[   20.317674]  ? __pfx_kunit_try_run_case+0x10/0x10
[   20.317709]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   20.317744]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   20.317778]  kthread+0x337/0x6f0
[   20.317806]  ? trace_preempt_on+0x20/0xc0
[   20.317871]  ? __pfx_kthread+0x10/0x10
[   20.317903]  ? _raw_spin_unlock_irq+0x47/0x80
[   20.317938]  ? calculate_sigpending+0x7b/0xa0
[   20.317974]  ? __pfx_kthread+0x10/0x10
[   20.318005]  ret_from_fork+0x116/0x1d0
[   20.318034]  ? __pfx_kthread+0x10/0x10
[   20.318063]  ret_from_fork_asm+0x1a/0x30
[   20.318109]  </TASK>
[   20.318125] 
[   20.338961] Allocated by task 262:
[   20.339377]  kasan_save_stack+0x45/0x70
[   20.339803]  kasan_save_track+0x18/0x40
[   20.340499]  kasan_save_alloc_info+0x3b/0x50
[   20.340923]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   20.341478]  remove_element+0x11e/0x190
[   20.341774]  mempool_alloc_preallocated+0x4d/0x90
[   20.342453]  mempool_double_free_helper+0x8a/0x370
[   20.342949]  mempool_kmalloc_double_free+0xed/0x140
[   20.344001]  kunit_try_run_case+0x1a5/0x480
[   20.344478]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   20.345022]  kthread+0x337/0x6f0
[   20.345499]  ret_from_fork+0x116/0x1d0
[   20.345729]  ret_from_fork_asm+0x1a/0x30
[   20.346001] 
[   20.346358] Freed by task 262:
[   20.346602]  kasan_save_stack+0x45/0x70
[   20.346945]  kasan_save_track+0x18/0x40
[   20.347645]  kasan_save_free_info+0x3f/0x60
[   20.348611]  __kasan_mempool_poison_object+0x131/0x1d0
[   20.350480]  mempool_free+0x2ec/0x380
[   20.350706]  mempool_double_free_helper+0x109/0x370
[   20.351278]  mempool_kmalloc_double_free+0xed/0x140
[   20.352128]  kunit_try_run_case+0x1a5/0x480
[   20.353012]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   20.353517]  kthread+0x337/0x6f0
[   20.354074]  ret_from_fork+0x116/0x1d0
[   20.354650]  ret_from_fork_asm+0x1a/0x30
[   20.355038] 
[   20.355264] The buggy address belongs to the object at ffff888100ab8c00
[   20.355264]  which belongs to the cache kmalloc-128 of size 128
[   20.356591] The buggy address is located 0 bytes inside of
[   20.356591]  128-byte region [ffff888100ab8c00, ffff888100ab8c80)
[   20.357560] 
[   20.357759] The buggy address belongs to the physical page:
[   20.358193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab8
[   20.358744] flags: 0x200000000000000(node=0|zone=2)
[   20.359032] page_type: f5(slab)
[   20.359388] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   20.359855] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   20.360208] page dumped because: kasan: bad access detected
[   20.360460] 
[   20.360568] Memory state around the buggy address:
[   20.360795]  ffff888100ab8b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.361143]  ffff888100ab8b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.361461] >ffff888100ab8c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.361915]                    ^
[   20.362107]  ffff888100ab8c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.362827]  ffff888100ab8d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.363187] ==================================================================
[   20.428709] ==================================================================
[   20.429729] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   20.430414] Free of addr ffff888103970000 by task kunit_try_catch/266
[   20.431113] 
[   20.431600] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250617 #1 PREEMPT(voluntary) 
[   20.431766] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.431808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   20.431920] Call Trace:
[   20.432070]  <TASK>
[   20.432098]  dump_stack_lvl+0x73/0xb0
[   20.432144]  print_report+0xd1/0x650
[   20.432178]  ? __virt_addr_valid+0x1db/0x2d0
[   20.432213]  ? kasan_addr_to_slab+0x11/0xa0
[   20.432408]  ? mempool_double_free_helper+0x184/0x370
[   20.432497]  kasan_report_invalid_free+0x10a/0x130
[   20.432578]  ? mempool_double_free_helper+0x184/0x370
[   20.432662]  ? mempool_double_free_helper+0x184/0x370
[   20.432741]  __kasan_mempool_poison_pages+0x115/0x130
[   20.432824]  mempool_free+0x290/0x380
[   20.432930]  mempool_double_free_helper+0x184/0x370
[   20.432987]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   20.433045]  ? irqentry_exit+0x2a/0x60
[   20.433113]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   20.433148]  ? trace_hardirqs_on+0x37/0xe0
[   20.433182]  ? irqentry_exit+0x2a/0x60
[   20.433226]  mempool_page_alloc_double_free+0xe8/0x140
[   20.433339]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   20.433393]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   20.433429]  ? __pfx_mempool_free_pages+0x10/0x10
[   20.433466]  ? __pfx_read_tsc+0x10/0x10
[   20.433496]  ? ktime_get_ts64+0x86/0x230
[   20.433533]  kunit_try_run_case+0x1a5/0x480
[   20.433568]  ? __pfx_kunit_try_run_case+0x10/0x10
[   20.433600]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   20.433629]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   20.433665]  ? __kthread_parkme+0x82/0x180
[   20.433693]  ? preempt_count_sub+0x50/0x80
[   20.433725]  ? __pfx_kunit_try_run_case+0x10/0x10
[   20.433759]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   20.433791]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   20.433825]  kthread+0x337/0x6f0
[   20.433885]  ? trace_preempt_on+0x20/0xc0
[   20.433919]  ? __pfx_kthread+0x10/0x10
[   20.433948]  ? _raw_spin_unlock_irq+0x47/0x80
[   20.433982]  ? calculate_sigpending+0x7b/0xa0
[   20.434017]  ? __pfx_kthread+0x10/0x10
[   20.434047]  ret_from_fork+0x116/0x1d0
[   20.434073]  ? __pfx_kthread+0x10/0x10
[   20.434103]  ret_from_fork_asm+0x1a/0x30
[   20.434146]  </TASK>
[   20.434164] 
[   20.456453] The buggy address belongs to the physical page:
[   20.456829] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103970
[   20.458389] flags: 0x200000000000000(node=0|zone=2)
[   20.459029] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   20.460196] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.461101] page dumped because: kasan: bad access detected
[   20.461569] 
[   20.461751] Memory state around the buggy address:
[   20.462172]  ffff88810396ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.462792]  ffff88810396ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.463307] >ffff888103970000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.463850]                    ^
[   20.464155]  ffff888103970080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.464641]  ffff888103970100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.465138] ==================================================================
[   20.373467] ==================================================================
[   20.374521] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   20.374904] Free of addr ffff888103970000 by task kunit_try_catch/264
[   20.375193] 
[   20.375378] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250617 #1 PREEMPT(voluntary) 
[   20.375505] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.375549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   20.375601] Call Trace:
[   20.375634]  <TASK>
[   20.375674]  dump_stack_lvl+0x73/0xb0
[   20.375753]  print_report+0xd1/0x650
[   20.375851]  ? __virt_addr_valid+0x1db/0x2d0
[   20.375934]  ? kasan_addr_to_slab+0x11/0xa0
[   20.376654]  ? mempool_double_free_helper+0x184/0x370
[   20.376736]  kasan_report_invalid_free+0x10a/0x130
[   20.376818]  ? mempool_double_free_helper+0x184/0x370
[   20.376920]  ? mempool_double_free_helper+0x184/0x370
[   20.376973]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   20.377040]  mempool_free+0x2ec/0x380
[   20.377127]  mempool_double_free_helper+0x184/0x370
[   20.377207]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   20.377307]  ? __kasan_check_write+0x18/0x20
[   20.377462]  ? __pfx_sched_clock_cpu+0x10/0x10
[   20.377572]  ? finish_task_switch.isra.0+0x153/0x700
[   20.377657]  mempool_kmalloc_large_double_free+0xed/0x140
[   20.377741]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   20.377826]  ? __kasan_check_write+0x18/0x20
[   20.377917]  ? __pfx_mempool_kmalloc+0x10/0x10
[   20.377987]  ? __pfx_mempool_kfree+0x10/0x10
[   20.378057]  ? __pfx_read_tsc+0x10/0x10
[   20.378105]  ? ktime_get_ts64+0x86/0x230
[   20.378144]  kunit_try_run_case+0x1a5/0x480
[   20.378183]  ? __pfx_kunit_try_run_case+0x10/0x10
[   20.378239]  ? _raw_spin_lock_irqsave+0xf9/0x100
[   20.378318]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   20.378394]  ? __kthread_parkme+0x82/0x180
[   20.378427]  ? preempt_count_sub+0x50/0x80
[   20.378459]  ? __pfx_kunit_try_run_case+0x10/0x10
[   20.378492]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   20.378525]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   20.378559]  kthread+0x337/0x6f0
[   20.378586]  ? trace_preempt_on+0x20/0xc0
[   20.378630]  ? __pfx_kthread+0x10/0x10
[   20.378661]  ? _raw_spin_unlock_irq+0x47/0x80
[   20.378696]  ? calculate_sigpending+0x7b/0xa0
[   20.378732]  ? __pfx_kthread+0x10/0x10
[   20.378760]  ret_from_fork+0x116/0x1d0
[   20.378785]  ? __pfx_kthread+0x10/0x10
[   20.378819]  ret_from_fork_asm+0x1a/0x30
[   20.378898]  </TASK>
[   20.378917] 
[   20.403509] The buggy address belongs to the physical page:
[   20.403819] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103970
[   20.404223] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.404565] flags: 0x200000000000040(head|node=0|zone=2)
[   20.406709] page_type: f8(unknown)
[   20.407070] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   20.407689] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.408104] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   20.409197] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.411093] head: 0200000000000002 ffffea00040e5c01 00000000ffffffff 00000000ffffffff
[   20.411536] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   20.411986] page dumped because: kasan: bad access detected
[   20.412292] 
[   20.412423] Memory state around the buggy address:
[   20.412695]  ffff88810396ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.416031]  ffff88810396ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.417965] >ffff888103970000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.419531]                    ^
[   20.419926]  ffff888103970080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.420286]  ffff888103970100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.421691] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2ycmAbKpM2fPU7JFlL3VFcggZyX

job_id

TEST:linaro@lkft#2ycmHIv4OjqzuY4se718cLGQLXs

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2ycmHIv4OjqzuY4se718cLGQLXs

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ycmDNxoP9hdgB9eqatUl05sOIC/bzImage
sha256sum	e8ff53ed1294ecb6e3942f69c9702cf67245fcd535135359b70f78a45efa657a

rootfs

url	https://storage.tuxboot.com/debian/20250605/trixie/amd64/rootfs.ext4.xz
sha256sum	bb36936f45b20f4af35993e582d98e781104116519f71565c7a97bddc546f892

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ycmDNxoP9hdgB9eqatUl05sOIC/modules.tar.xz
sha256sum	4b7f7ee9385141e7d851b6b43f3ef6c0857845282181ddc6cfac1e13c3ff02a7

durations

tests

boot	0
kunit	223.55

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit