lkft/linux-next-master - next-20250623 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

June 23, 2025, 7:07 a.m.

Environment
qemu-arm64
qemu-x86_64

[   35.729808] ==================================================================
[   35.729940] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   35.730112] Free of addr fff00000c77b0000 by task kunit_try_catch/249
[   35.730216] 
[   35.730294] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT 
[   35.730490] Tainted: [B]=BAD_PAGE, [N]=TEST
[   35.730596] Hardware name: linux,dummy-virt (DT)
[   35.730764] Call trace:
[   35.730835]  show_stack+0x20/0x38 (C)
[   35.730988]  dump_stack_lvl+0x8c/0xd0
[   35.731144]  print_report+0x118/0x608
[   35.731282]  kasan_report_invalid_free+0xc0/0xe8
[   35.731452]  __kasan_mempool_poison_object+0x14c/0x150
[   35.731684]  mempool_free+0x28c/0x328
[   35.731819]  mempool_double_free_helper+0x150/0x2e8
[   35.731942]  mempool_kmalloc_large_double_free+0xc0/0x118
[   35.732096]  kunit_try_run_case+0x170/0x3f0
[   35.732291]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.732427]  kthread+0x328/0x630
[   35.732596]  ret_from_fork+0x10/0x20
[   35.732806] 
[   35.732860] The buggy address belongs to the physical page:
[   35.732935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b0
[   35.733086] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   35.733274] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   35.733465] page_type: f8(unknown)
[   35.733572] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   35.733707] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   35.733889] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   35.734104] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   35.734321] head: 0bfffe0000000002 ffffc1ffc31dec01 00000000ffffffff 00000000ffffffff
[   35.734442] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   35.734535] page dumped because: kasan: bad access detected
[   35.734866] 
[   35.735557] Memory state around the buggy address:
[   35.735624]  fff00000c77aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   35.735679]  fff00000c77aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   35.735744] >fff00000c77b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   35.735822]                    ^
[   35.735864]  fff00000c77b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   35.735916]  fff00000c77b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   35.735961] ==================================================================
[   35.755618] ==================================================================
[   35.755704] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   35.755835] Free of addr fff00000c77b0000 by task kunit_try_catch/251
[   35.755934] 
[   35.756005] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT 
[   35.756223] Tainted: [B]=BAD_PAGE, [N]=TEST
[   35.756289] Hardware name: linux,dummy-virt (DT)
[   35.756357] Call trace:
[   35.756407]  show_stack+0x20/0x38 (C)
[   35.756545]  dump_stack_lvl+0x8c/0xd0
[   35.756664]  print_report+0x118/0x608
[   35.756785]  kasan_report_invalid_free+0xc0/0xe8
[   35.756908]  __kasan_mempool_poison_pages+0xe0/0xe8
[   35.757045]  mempool_free+0x24c/0x328
[   35.757163]  mempool_double_free_helper+0x150/0x2e8
[   35.757280]  mempool_page_alloc_double_free+0xbc/0x118
[   35.757405]  kunit_try_run_case+0x170/0x3f0
[   35.757523]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.757661]  kthread+0x328/0x630
[   35.757915]  ret_from_fork+0x10/0x20
[   35.758076] 
[   35.758140] The buggy address belongs to the physical page:
[   35.758276] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b0
[   35.758425] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   35.759131] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   35.759623] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   35.759766] page dumped because: kasan: bad access detected
[   35.759848] 
[   35.759896] Memory state around the buggy address:
[   35.760051]  fff00000c77aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   35.760176]  fff00000c77aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   35.760329] >fff00000c77b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   35.760744]                    ^
[   35.760836]  fff00000c77b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   35.761002]  fff00000c77b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   35.761095] ==================================================================
[   35.693015] ==================================================================
[   35.693650] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   35.694297] Free of addr fff00000c76da400 by task kunit_try_catch/247
[   35.694403] 
[   35.695529] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT 
[   35.695856] Tainted: [B]=BAD_PAGE, [N]=TEST
[   35.695969] Hardware name: linux,dummy-virt (DT)
[   35.696067] Call trace:
[   35.696164]  show_stack+0x20/0x38 (C)
[   35.696296]  dump_stack_lvl+0x8c/0xd0
[   35.696416]  print_report+0x118/0x608
[   35.696767]  kasan_report_invalid_free+0xc0/0xe8
[   35.697157]  check_slab_allocation+0xd4/0x108
[   35.697521]  __kasan_mempool_poison_object+0x78/0x150
[   35.697747]  mempool_free+0x28c/0x328
[   35.698041]  mempool_double_free_helper+0x150/0x2e8
[   35.698188]  mempool_kmalloc_double_free+0xc0/0x118
[   35.698331]  kunit_try_run_case+0x170/0x3f0
[   35.698454]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.698668]  kthread+0x328/0x630
[   35.698852]  ret_from_fork+0x10/0x20
[   35.698987] 
[   35.699061] Allocated by task 247:
[   35.699209]  kasan_save_stack+0x3c/0x68
[   35.699364]  kasan_save_track+0x20/0x40
[   35.699622]  kasan_save_alloc_info+0x40/0x58
[   35.699730]  __kasan_mempool_unpoison_object+0x11c/0x180
[   35.700387]  remove_element+0x130/0x1f8
[   35.700846]  mempool_alloc_preallocated+0x58/0xc0
[   35.701731]  mempool_double_free_helper+0x94/0x2e8
[   35.702045]  mempool_kmalloc_double_free+0xc0/0x118
[   35.702153]  kunit_try_run_case+0x170/0x3f0
[   35.702249]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.702896]  kthread+0x328/0x630
[   35.703564]  ret_from_fork+0x10/0x20
[   35.703926] 
[   35.704055] Freed by task 247:
[   35.704176]  kasan_save_stack+0x3c/0x68
[   35.704423]  kasan_save_track+0x20/0x40
[   35.704999]  kasan_save_free_info+0x4c/0x78
[   35.705128]  __kasan_mempool_poison_object+0xc0/0x150
[   35.705337]  mempool_free+0x28c/0x328
[   35.705458]  mempool_double_free_helper+0x100/0x2e8
[   35.705562]  mempool_kmalloc_double_free+0xc0/0x118
[   35.705710]  kunit_try_run_case+0x170/0x3f0
[   35.705940]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.706100]  kthread+0x328/0x630
[   35.706333]  ret_from_fork+0x10/0x20
[   35.706437] 
[   35.706620] The buggy address belongs to the object at fff00000c76da400
[   35.706620]  which belongs to the cache kmalloc-128 of size 128
[   35.706785] The buggy address is located 0 bytes inside of
[   35.706785]  128-byte region [fff00000c76da400, fff00000c76da480)
[   35.707061] 
[   35.707159] The buggy address belongs to the physical page:
[   35.707289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da
[   35.707504] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   35.707631] page_type: f5(slab)
[   35.707733] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   35.707946] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   35.708100] page dumped because: kasan: bad access detected
[   35.708210] 
[   35.708259] Memory state around the buggy address:
[   35.708414]  fff00000c76da300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   35.708520]  fff00000c76da380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.708618] >fff00000c76da400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   35.708765]                    ^
[   35.708970]  fff00000c76da480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.709163]  fff00000c76da500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.709350] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2ytmowJu277AggRMV0akIntCcBb

job_id

TEST:linaro@lkft#2ytmtaMTLcPEn4w4FcozR6WSC8v

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2ytmtaMTLcPEn4w4FcozR6WSC8v

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ytmq2ZJyYwoO1zRFnnOdOncGpy/Image.gz
sha256sum	8babb9b25d008158739b204767b25f2683bd6714a94fb69277dbb95712e03026

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ytmq2ZJyYwoO1zRFnnOdOncGpy/modules.tar.xz
sha256sum	6a716a814d9729621b3aef13f694d9d6b53e23d3c12c6a026a54d81f80d3f12c

durations

tests

boot	0
kunit	290.50

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   23.563952] ==================================================================
[   23.564655] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   23.565582] Free of addr ffff88810381c000 by task kunit_try_catch/266
[   23.566100] 
[   23.566222] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) 
[   23.566306] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.566324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.566354] Call Trace:
[   23.566375]  <TASK>
[   23.566413]  dump_stack_lvl+0x73/0xb0
[   23.566457]  print_report+0xd1/0x650
[   23.566488]  ? __virt_addr_valid+0x1db/0x2d0
[   23.566520]  ? kasan_addr_to_slab+0x11/0xa0
[   23.566548]  ? mempool_double_free_helper+0x184/0x370
[   23.566579]  kasan_report_invalid_free+0x10a/0x130
[   23.566609]  ? mempool_double_free_helper+0x184/0x370
[   23.566646]  ? mempool_double_free_helper+0x184/0x370
[   23.566671]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   23.566698]  mempool_free+0x2ec/0x380
[   23.566728]  mempool_double_free_helper+0x184/0x370
[   23.566753]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   23.566780]  ? __kasan_check_write+0x18/0x20
[   23.566808]  ? __pfx_sched_clock_cpu+0x10/0x10
[   23.566834]  ? finish_task_switch.isra.0+0x153/0x700
[   23.566861]  mempool_kmalloc_large_double_free+0xed/0x140
[   23.566881]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   23.566903]  ? __pfx_mempool_kmalloc+0x10/0x10
[   23.566921]  ? __pfx_mempool_kfree+0x10/0x10
[   23.566941]  ? __pfx_read_tsc+0x10/0x10
[   23.566959]  ? ktime_get_ts64+0x86/0x230
[   23.566979]  kunit_try_run_case+0x1a5/0x480
[   23.566998]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.567017]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.567035]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.567054]  ? __kthread_parkme+0x82/0x180
[   23.567074]  ? preempt_count_sub+0x50/0x80
[   23.567107]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.567138]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.567159]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.567178]  kthread+0x337/0x6f0
[   23.567194]  ? trace_preempt_on+0x20/0xc0
[   23.567213]  ? __pfx_kthread+0x10/0x10
[   23.567231]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.567248]  ? calculate_sigpending+0x7b/0xa0
[   23.567268]  ? __pfx_kthread+0x10/0x10
[   23.567286]  ret_from_fork+0x116/0x1d0
[   23.567301]  ? __pfx_kthread+0x10/0x10
[   23.567318]  ret_from_fork_asm+0x1a/0x30
[   23.567344]  </TASK>
[   23.567355] 
[   23.577567] The buggy address belongs to the physical page:
[   23.577909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10381c
[   23.578294] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.578541] flags: 0x200000000000040(head|node=0|zone=2)
[   23.578733] page_type: f8(unknown)
[   23.578896] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.579190] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   23.579588] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.580228] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   23.580640] head: 0200000000000002 ffffea00040e0701 00000000ffffffff 00000000ffffffff
[   23.580900] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.581563] page dumped because: kasan: bad access detected
[   23.581747] 
[   23.581870] Memory state around the buggy address:
[   23.582328]  ffff88810381bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   23.582597]  ffff88810381bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   23.583043] >ffff88810381c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   23.583622]                    ^
[   23.583769]  ffff88810381c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   23.583982]  ffff88810381c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   23.584348] ==================================================================
[   23.594114] ==================================================================
[   23.594499] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   23.594886] Free of addr ffff888103a94000 by task kunit_try_catch/268
[   23.595090] 
[   23.595472] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) 
[   23.595556] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.595578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.595613] Call Trace:
[   23.595637]  <TASK>
[   23.596100]  dump_stack_lvl+0x73/0xb0
[   23.596173]  print_report+0xd1/0x650
[   23.596210]  ? __virt_addr_valid+0x1db/0x2d0
[   23.596245]  ? kasan_addr_to_slab+0x11/0xa0
[   23.596276]  ? mempool_double_free_helper+0x184/0x370
[   23.596315]  kasan_report_invalid_free+0x10a/0x130
[   23.596357]  ? mempool_double_free_helper+0x184/0x370
[   23.596414]  ? mempool_double_free_helper+0x184/0x370
[   23.596757]  __kasan_mempool_poison_pages+0x115/0x130
[   23.596791]  mempool_free+0x290/0x380
[   23.596818]  mempool_double_free_helper+0x184/0x370
[   23.596854]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   23.596881]  ? __pfx_sched_clock_cpu+0x10/0x10
[   23.596900]  ? finish_task_switch.isra.0+0x153/0x700
[   23.596923]  mempool_page_alloc_double_free+0xe8/0x140
[   23.596945]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   23.596969]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   23.596989]  ? __pfx_mempool_free_pages+0x10/0x10
[   23.597011]  ? __pfx_read_tsc+0x10/0x10
[   23.597030]  ? ktime_get_ts64+0x86/0x230
[   23.597052]  kunit_try_run_case+0x1a5/0x480
[   23.597088]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.597142]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.597180]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.597204]  ? __kthread_parkme+0x82/0x180
[   23.597223]  ? preempt_count_sub+0x50/0x80
[   23.597243]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.597264]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.597285]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.597308]  kthread+0x337/0x6f0
[   23.597324]  ? trace_preempt_on+0x20/0xc0
[   23.597344]  ? __pfx_kthread+0x10/0x10
[   23.597361]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.597396]  ? calculate_sigpending+0x7b/0xa0
[   23.597419]  ? __pfx_kthread+0x10/0x10
[   23.597439]  ret_from_fork+0x116/0x1d0
[   23.597454]  ? __pfx_kthread+0x10/0x10
[   23.597472]  ret_from_fork_asm+0x1a/0x30
[   23.597505]  </TASK>
[   23.597516] 
[   23.606888] The buggy address belongs to the physical page:
[   23.607430] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a94
[   23.607851] flags: 0x200000000000000(node=0|zone=2)
[   23.608213] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   23.608689] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   23.609325] page dumped because: kasan: bad access detected
[   23.609692] 
[   23.609828] Memory state around the buggy address:
[   23.610190]  ffff888103a93f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   23.610645]  ffff888103a93f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   23.610931] >ffff888103a94000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   23.611154]                    ^
[   23.611280]  ffff888103a94080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   23.611805]  ffff888103a94100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   23.612421] ==================================================================
[   23.522576] ==================================================================
[   23.523013] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   23.523695] Free of addr ffff8881023acd00 by task kunit_try_catch/264
[   23.523958] 
[   23.524112] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) 
[   23.524344] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.524370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.524420] Call Trace:
[   23.524444]  <TASK>
[   23.524476]  dump_stack_lvl+0x73/0xb0
[   23.524535]  print_report+0xd1/0x650
[   23.524575]  ? __virt_addr_valid+0x1db/0x2d0
[   23.524622]  ? kasan_complete_mode_report_info+0x64/0x200
[   23.524667]  ? mempool_double_free_helper+0x184/0x370
[   23.524711]  kasan_report_invalid_free+0x10a/0x130
[   23.524755]  ? mempool_double_free_helper+0x184/0x370
[   23.524801]  ? mempool_double_free_helper+0x184/0x370
[   23.524838]  ? mempool_double_free_helper+0x184/0x370
[   23.524906]  check_slab_allocation+0x101/0x130
[   23.524928]  __kasan_mempool_poison_object+0x91/0x1d0
[   23.524950]  mempool_free+0x2ec/0x380
[   23.524974]  mempool_double_free_helper+0x184/0x370
[   23.524995]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   23.525017]  ? __kasan_check_write+0x18/0x20
[   23.525038]  ? __pfx_sched_clock_cpu+0x10/0x10
[   23.525056]  ? irqentry_exit+0x2a/0x60
[   23.525167]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   23.525197]  mempool_kmalloc_double_free+0xed/0x140
[   23.525219]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   23.525242]  ? __pfx_mempool_kmalloc+0x10/0x10
[   23.525262]  ? __pfx_mempool_kfree+0x10/0x10
[   23.525283]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   23.525306]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   23.525328]  kunit_try_run_case+0x1a5/0x480
[   23.525350]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.525370]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.525409]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.525434]  ? __kthread_parkme+0x82/0x180
[   23.525460]  ? preempt_count_sub+0x50/0x80
[   23.525480]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.525501]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.525521]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.525542]  kthread+0x337/0x6f0
[   23.525558]  ? trace_preempt_on+0x20/0xc0
[   23.525578]  ? __pfx_kthread+0x10/0x10
[   23.525596]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.525614]  ? calculate_sigpending+0x7b/0xa0
[   23.525636]  ? __pfx_kthread+0x10/0x10
[   23.525655]  ret_from_fork+0x116/0x1d0
[   23.525672]  ? __pfx_kthread+0x10/0x10
[   23.525689]  ret_from_fork_asm+0x1a/0x30
[   23.525717]  </TASK>
[   23.525729] 
[   23.539884] Allocated by task 264:
[   23.540346]  kasan_save_stack+0x45/0x70
[   23.540617]  kasan_save_track+0x18/0x40
[   23.541363]  kasan_save_alloc_info+0x3b/0x50
[   23.541871]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   23.542313]  remove_element+0x11e/0x190
[   23.542593]  mempool_alloc_preallocated+0x4d/0x90
[   23.543073]  mempool_double_free_helper+0x8a/0x370
[   23.543435]  mempool_kmalloc_double_free+0xed/0x140
[   23.543769]  kunit_try_run_case+0x1a5/0x480
[   23.544179]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.544373]  kthread+0x337/0x6f0
[   23.544514]  ret_from_fork+0x116/0x1d0
[   23.544656]  ret_from_fork_asm+0x1a/0x30
[   23.544937] 
[   23.545535] Freed by task 264:
[   23.545700]  kasan_save_stack+0x45/0x70
[   23.546024]  kasan_save_track+0x18/0x40
[   23.546419]  kasan_save_free_info+0x3f/0x60
[   23.546612]  __kasan_mempool_poison_object+0x131/0x1d0
[   23.546793]  mempool_free+0x2ec/0x380
[   23.546920]  mempool_double_free_helper+0x109/0x370
[   23.547053]  mempool_kmalloc_double_free+0xed/0x140
[   23.547202]  kunit_try_run_case+0x1a5/0x480
[   23.547347]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.547937]  kthread+0x337/0x6f0
[   23.548169]  ret_from_fork+0x116/0x1d0
[   23.548488]  ret_from_fork_asm+0x1a/0x30
[   23.548770] 
[   23.548849] The buggy address belongs to the object at ffff8881023acd00
[   23.548849]  which belongs to the cache kmalloc-128 of size 128
[   23.550133] The buggy address is located 0 bytes inside of
[   23.550133]  128-byte region [ffff8881023acd00, ffff8881023acd80)
[   23.550470] 
[   23.550563] The buggy address belongs to the physical page:
[   23.550793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023ac
[   23.551093] flags: 0x200000000000000(node=0|zone=2)
[   23.551292] page_type: f5(slab)
[   23.551444] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   23.552051] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   23.552695] page dumped because: kasan: bad access detected
[   23.553764] 
[   23.554797] Memory state around the buggy address:
[   23.555004]  ffff8881023acc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   23.555212]  ffff8881023acc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.555591] >ffff8881023acd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   23.556109]                    ^
[   23.556624]  ffff8881023acd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.557015]  ffff8881023ace00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.557423] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2ytmowJu277AggRMV0akIntCcBb

job_id

TEST:linaro@lkft#2ytmubRIV1JPUllhZ47JmxJvXDc

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2ytmubRIV1JPUllhZ47JmxJvXDc

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ytmr5So17mjebl2Ct1tTXuuGxA/bzImage
sha256sum	b03452fcb75b3b14cf8383cc19f407b3f7a1f0ee70432185dec0e489b10cb3a4

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ytmr5So17mjebl2Ct1tTXuuGxA/modules.tar.xz
sha256sum	e4532e2fb00e2e4b26601276ccbbe81c48edd0570f10fd066f50509a42a73673

durations

tests

boot	0
kunit	172.25

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit