lkft/linux-next-master - next-20250626 - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper

Date

June 26, 2025, 9:10 a.m.

Environment
dragonboard-845c
qemu-arm64
qemu-x86_64

[   50.490530] ==================================================================
[   50.502705] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   50.510816] Free of addr ffff000096708001 by task kunit_try_catch/329
[   50.517342] 
[   50.518879] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250626 #1 PREEMPT 
[   50.518913] Tainted: [B]=BAD_PAGE, [N]=TEST
[   50.518925] Hardware name: Thundercomm Dragonboard 845c (DT)
[   50.518942] Call trace:
[   50.518951]  show_stack+0x20/0x38 (C)
[   50.518971]  dump_stack_lvl+0x8c/0xd0
[   50.518993]  print_report+0x118/0x608
[   50.519014]  kasan_report_invalid_free+0xc0/0xe8
[   50.519035]  __kasan_mempool_poison_object+0xfc/0x150
[   50.519058]  mempool_free+0x28c/0x328
[   50.519078]  mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   50.519099]  mempool_kmalloc_large_invalid_free+0xc0/0x118
[   50.519122]  kunit_try_run_case+0x170/0x3f0
[   50.519144]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   50.519169]  kthread+0x328/0x630
[   50.519185]  ret_from_fork+0x10/0x20
[   50.519205] 
[   50.596958] The buggy address belongs to the physical page:
[   50.602604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x116708
[   50.610710] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   50.618469] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   50.625530] page_type: f8(unknown)
[   50.629003] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   50.636852] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   50.644699] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   50.652634] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   50.660568] head: 0bfffe0000000002 fffffdffc259c201 00000000ffffffff 00000000ffffffff
[   50.668501] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   50.676431] page dumped because: kasan: bad access detected
[   50.682078] 
[   50.683607] Memory state around the buggy address:
[   50.688468]  ffff000096707f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   50.695783]  ffff000096707f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   50.703099] >ffff000096708000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   50.710412]                    ^
[   50.713695]  ffff000096708080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   50.721012]  ffff000096708100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   50.728325] ==================================================================
[   50.153810] ==================================================================
[   50.166168] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   50.174291] Free of addr ffff00008039fa01 by task kunit_try_catch/327
[   50.180824] 
[   50.182363] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250626 #1 PREEMPT 
[   50.182400] Tainted: [B]=BAD_PAGE, [N]=TEST
[   50.182410] Hardware name: Thundercomm Dragonboard 845c (DT)
[   50.182428] Call trace:
[   50.182438]  show_stack+0x20/0x38 (C)
[   50.182458]  dump_stack_lvl+0x8c/0xd0
[   50.182482]  print_report+0x118/0x608
[   50.182503]  kasan_report_invalid_free+0xc0/0xe8
[   50.182525]  check_slab_allocation+0xfc/0x108
[   50.182548]  __kasan_mempool_poison_object+0x78/0x150
[   50.182570]  mempool_free+0x28c/0x328
[   50.182590]  mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   50.182613]  mempool_kmalloc_invalid_free+0xc0/0x118
[   50.182633]  kunit_try_run_case+0x170/0x3f0
[   50.182656]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   50.182679]  kthread+0x328/0x630
[   50.182694]  ret_from_fork+0x10/0x20
[   50.182714] 
[   50.264370] Allocated by task 327:
[   50.267836]  kasan_save_stack+0x3c/0x68
[   50.271748]  kasan_save_track+0x20/0x40
[   50.275657]  kasan_save_alloc_info+0x40/0x58
[   50.280004]  __kasan_mempool_unpoison_object+0x11c/0x180
[   50.285405]  remove_element+0x130/0x1f8
[   50.289313]  mempool_alloc_preallocated+0x58/0xc0
[   50.294097]  mempool_kmalloc_invalid_free_helper+0x94/0x2a8
[   50.299753]  mempool_kmalloc_invalid_free+0xc0/0x118
[   50.304802]  kunit_try_run_case+0x170/0x3f0
[   50.309056]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   50.314629]  kthread+0x328/0x630
[   50.317920]  ret_from_fork+0x10/0x20
[   50.321569] 
[   50.323100] The buggy address belongs to the object at ffff00008039fa00
[   50.323100]  which belongs to the cache kmalloc-128 of size 128
[   50.335764] The buggy address is located 1 bytes inside of
[   50.335764]  128-byte region [ffff00008039fa00, ffff00008039fa80)
[   50.347458] 
[   50.348991] The buggy address belongs to the physical page:
[   50.354643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10039e
[   50.362755] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   50.370513] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   50.377571] page_type: f5(slab)
[   50.380778] raw: 0bfffe0000000040 ffff000080002a00 dead000000000122 0000000000000000
[   50.388624] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   50.396467] head: 0bfffe0000000040 ffff000080002a00 dead000000000122 0000000000000000
[   50.404398] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   50.412332] head: 0bfffe0000000001 fffffdffc200e781 00000000ffffffff 00000000ffffffff
[   50.420271] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   50.428205] page dumped because: kasan: bad access detected
[   50.433856] 
[   50.435384] Memory state around the buggy address:
[   50.440253]  ffff00008039f900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   50.447570]  ffff00008039f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.454895] >ffff00008039fa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   50.462217]                    ^
[   50.465503]  ffff00008039fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.472827]  ffff00008039fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   50.480148] ==================================================================

Metadata Full log Test run details

[   28.993425] ==================================================================
[   28.993508] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   28.993765] Free of addr fff00000c5773901 by task kunit_try_catch/253
[   28.994230] 
[   28.994386] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250626 #1 PREEMPT 
[   28.994546] Tainted: [B]=BAD_PAGE, [N]=TEST
[   28.994627] Hardware name: linux,dummy-virt (DT)
[   28.994732] Call trace:
[   28.994791]  show_stack+0x20/0x38 (C)
[   28.994874]  dump_stack_lvl+0x8c/0xd0
[   28.995136]  print_report+0x118/0x608
[   28.995203]  kasan_report_invalid_free+0xc0/0xe8
[   28.995256]  check_slab_allocation+0xfc/0x108
[   28.995312]  __kasan_mempool_poison_object+0x78/0x150
[   28.995367]  mempool_free+0x28c/0x328
[   28.995414]  mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   28.995467]  mempool_kmalloc_invalid_free+0xc0/0x118
[   28.995515]  kunit_try_run_case+0x170/0x3f0
[   28.995578]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   28.995633]  kthread+0x328/0x630
[   28.995676]  ret_from_fork+0x10/0x20
[   28.995729] 
[   28.995747] Allocated by task 253:
[   28.996113]  kasan_save_stack+0x3c/0x68
[   28.996275]  kasan_save_track+0x20/0x40
[   28.996381]  kasan_save_alloc_info+0x40/0x58
[   28.996437]  __kasan_mempool_unpoison_object+0x11c/0x180
[   28.996480]  remove_element+0x130/0x1f8
[   28.996548]  mempool_alloc_preallocated+0x58/0xc0
[   28.996613]  mempool_kmalloc_invalid_free_helper+0x94/0x2a8
[   28.996656]  mempool_kmalloc_invalid_free+0xc0/0x118
[   28.996695]  kunit_try_run_case+0x170/0x3f0
[   28.996843]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   28.996906]  kthread+0x328/0x630
[   28.996996]  ret_from_fork+0x10/0x20
[   28.997076] 
[   28.997146] The buggy address belongs to the object at fff00000c5773900
[   28.997146]  which belongs to the cache kmalloc-128 of size 128
[   28.997256] The buggy address is located 1 bytes inside of
[   28.997256]  128-byte region [fff00000c5773900, fff00000c5773980)
[   28.997512] 
[   28.997596] The buggy address belongs to the physical page:
[   28.997660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105773
[   28.997753] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   28.997910] page_type: f5(slab)
[   28.997948] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   28.998014] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   28.998362] page dumped because: kasan: bad access detected
[   28.998509] 
[   28.998590] Memory state around the buggy address:
[   28.998685]  fff00000c5773800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   28.998745]  fff00000c5773880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.998788] >fff00000c5773900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   28.998938]                    ^
[   28.999087]  fff00000c5773980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.999252]  fff00000c5773a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   28.999364] ==================================================================
[   29.005719] ==================================================================
[   29.005813] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   29.005876] Free of addr fff00000c6554001 by task kunit_try_catch/255
[   29.005920] 
[   29.005970] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250626 #1 PREEMPT 
[   29.006080] Tainted: [B]=BAD_PAGE, [N]=TEST
[   29.006107] Hardware name: linux,dummy-virt (DT)
[   29.006192] Call trace:
[   29.006215]  show_stack+0x20/0x38 (C)
[   29.006264]  dump_stack_lvl+0x8c/0xd0
[   29.006443]  print_report+0x118/0x608
[   29.006499]  kasan_report_invalid_free+0xc0/0xe8
[   29.006737]  __kasan_mempool_poison_object+0xfc/0x150
[   29.006812]  mempool_free+0x28c/0x328
[   29.006886]  mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   29.006941]  mempool_kmalloc_large_invalid_free+0xc0/0x118
[   29.006993]  kunit_try_run_case+0x170/0x3f0
[   29.007039]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   29.007105]  kthread+0x328/0x630
[   29.007330]  ret_from_fork+0x10/0x20
[   29.007386] 
[   29.007424] The buggy address belongs to the physical page:
[   29.007471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554
[   29.007544] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   29.007609] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   29.007661] page_type: f8(unknown)
[   29.007702] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   29.007752] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   29.007801] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   29.007861] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   29.007910] head: 0bfffe0000000002 ffffc1ffc3195501 00000000ffffffff 00000000ffffffff
[   29.008089] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   29.008168] page dumped because: kasan: bad access detected
[   29.008213] 
[   29.008237] Memory state around the buggy address:
[   29.008269]  fff00000c6553f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   29.008319]  fff00000c6553f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   29.008388] >fff00000c6554000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.008423]                    ^
[   29.008451]  fff00000c6554080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.008492]  fff00000c6554100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   29.008562] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2z2V64IZ5mZ4pqTgyDjND4po2p7

job_id

TEST:linaro@lkft#2z2VBWOwNE7tln7ibBWNJtNgCdd

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2z2VBWOwNE7tln7ibBWNJtNgCdd

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2z2V7USjjUTWqzxtyXvVloPZLjf/Image.gz
sha256sum	42e36f6e4a060d5f9a1060b857a02a69294fe7d2a27b0731adb370bcbc85f1e6

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2z2V7USjjUTWqzxtyXvVloPZLjf/modules.tar.xz
sha256sum	890b3fa8e09fb90f169b09d75de24714d8b16adf2b500a29a27124602d4970e9

durations

tests

boot	0
kunit	167.09

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   23.885702] ==================================================================
[   23.886326] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   23.886698] Free of addr ffff888102bd8001 by task kunit_try_catch/272
[   23.887198] 
[   23.887318] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250626 #1 PREEMPT(voluntary) 
[   23.887370] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.887384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.887407] Call Trace:
[   23.887421]  <TASK>
[   23.887439]  dump_stack_lvl+0x73/0xb0
[   23.887469]  print_report+0xd1/0x650
[   23.887492]  ? __virt_addr_valid+0x1db/0x2d0
[   23.887516]  ? kasan_addr_to_slab+0x11/0xa0
[   23.887536]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   23.887561]  kasan_report_invalid_free+0x10a/0x130
[   23.887584]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   23.887613]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   23.887636]  __kasan_mempool_poison_object+0x102/0x1d0
[   23.887659]  mempool_free+0x2ec/0x380
[   23.887685]  mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   23.887709]  ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10
[   23.887736]  ? __pfx_sched_clock_cpu+0x10/0x10
[   23.887758]  ? finish_task_switch.isra.0+0x153/0x700
[   23.887808]  mempool_kmalloc_large_invalid_free+0xed/0x140
[   23.887834]  ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10
[   23.887861]  ? __pfx_mempool_kmalloc+0x10/0x10
[   23.887884]  ? __pfx_mempool_kfree+0x10/0x10
[   23.887907]  ? __pfx_read_tsc+0x10/0x10
[   23.887930]  ? ktime_get_ts64+0x86/0x230
[   23.887954]  kunit_try_run_case+0x1a5/0x480
[   23.887980]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.888016]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.888043]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.888068]  ? __kthread_parkme+0x82/0x180
[   23.888089]  ? preempt_count_sub+0x50/0x80
[   23.888111]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.888135]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.888159]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.888183]  kthread+0x337/0x6f0
[   23.888202]  ? trace_preempt_on+0x20/0xc0
[   23.888234]  ? __pfx_kthread+0x10/0x10
[   23.888255]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.888278]  ? calculate_sigpending+0x7b/0xa0
[   23.888303]  ? __pfx_kthread+0x10/0x10
[   23.888323]  ret_from_fork+0x116/0x1d0
[   23.888342]  ? __pfx_kthread+0x10/0x10
[   23.888363]  ret_from_fork_asm+0x1a/0x30
[   23.888394]  </TASK>
[   23.888406] 
[   23.897766] The buggy address belongs to the physical page:
[   23.898619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd8
[   23.899057] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.899347] flags: 0x200000000000040(head|node=0|zone=2)
[   23.899615] page_type: f8(unknown)
[   23.899798] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.900129] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   23.900833] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.901184] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   23.901515] head: 0200000000000002 ffffea00040af601 00000000ffffffff 00000000ffffffff
[   23.901837] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.902085] page dumped because: kasan: bad access detected
[   23.902340] 
[   23.902409] Memory state around the buggy address:
[   23.902699]  ffff888102bd7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   23.903039]  ffff888102bd7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   23.903383] >ffff888102bd8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.903699]                    ^
[   23.903828]  ffff888102bd8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.904102]  ffff888102bd8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.904452] ==================================================================
[   23.851765] ==================================================================
[   23.852721] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   23.853415] Free of addr ffff8881024e1701 by task kunit_try_catch/270
[   23.854312] 
[   23.854498] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250626 #1 PREEMPT(voluntary) 
[   23.854554] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.854567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.854591] Call Trace:
[   23.854607]  <TASK>
[   23.854629]  dump_stack_lvl+0x73/0xb0
[   23.854661]  print_report+0xd1/0x650
[   23.854686]  ? __virt_addr_valid+0x1db/0x2d0
[   23.854711]  ? kasan_complete_mode_report_info+0x2a/0x200
[   23.854736]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   23.854762]  kasan_report_invalid_free+0x10a/0x130
[   23.854794]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   23.854820]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   23.854844]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   23.854866]  check_slab_allocation+0x11f/0x130
[   23.854887]  __kasan_mempool_poison_object+0x91/0x1d0
[   23.854911]  mempool_free+0x2ec/0x380
[   23.854938]  mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   23.854961]  ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10
[   23.854988]  ? __pfx_sched_clock_cpu+0x10/0x10
[   23.855009]  ? finish_task_switch.isra.0+0x153/0x700
[   23.855042]  mempool_kmalloc_invalid_free+0xed/0x140
[   23.855064]  ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10
[   23.855089]  ? __pfx_mempool_kmalloc+0x10/0x10
[   23.855111]  ? __pfx_mempool_kfree+0x10/0x10
[   23.855135]  ? __pfx_read_tsc+0x10/0x10
[   23.855157]  ? ktime_get_ts64+0x86/0x230
[   23.855181]  kunit_try_run_case+0x1a5/0x480
[   23.855206]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.855239]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.855265]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.855289]  ? __kthread_parkme+0x82/0x180
[   23.855309]  ? preempt_count_sub+0x50/0x80
[   23.855331]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.855354]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.855377]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.855401]  kthread+0x337/0x6f0
[   23.855419]  ? trace_preempt_on+0x20/0xc0
[   23.855443]  ? __pfx_kthread+0x10/0x10
[   23.855463]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.855487]  ? calculate_sigpending+0x7b/0xa0
[   23.855511]  ? __pfx_kthread+0x10/0x10
[   23.855532]  ret_from_fork+0x116/0x1d0
[   23.855551]  ? __pfx_kthread+0x10/0x10
[   23.855571]  ret_from_fork_asm+0x1a/0x30
[   23.855602]  </TASK>
[   23.855614] 
[   23.873309] Allocated by task 270:
[   23.873502]  kasan_save_stack+0x45/0x70
[   23.873682]  kasan_save_track+0x18/0x40
[   23.873853]  kasan_save_alloc_info+0x3b/0x50
[   23.873993]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   23.874157]  remove_element+0x11e/0x190
[   23.874382]  mempool_alloc_preallocated+0x4d/0x90
[   23.874720]  mempool_kmalloc_invalid_free_helper+0x83/0x2e0
[   23.874968]  mempool_kmalloc_invalid_free+0xed/0x140
[   23.875157]  kunit_try_run_case+0x1a5/0x480
[   23.875314]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.875817]  kthread+0x337/0x6f0
[   23.875988]  ret_from_fork+0x116/0x1d0
[   23.876192]  ret_from_fork_asm+0x1a/0x30
[   23.876363] 
[   23.876448] The buggy address belongs to the object at ffff8881024e1700
[   23.876448]  which belongs to the cache kmalloc-128 of size 128
[   23.876996] The buggy address is located 1 bytes inside of
[   23.876996]  128-byte region [ffff8881024e1700, ffff8881024e1780)
[   23.877438] 
[   23.877532] The buggy address belongs to the physical page:
[   23.877787] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e1
[   23.878080] flags: 0x200000000000000(node=0|zone=2)
[   23.878253] page_type: f5(slab)
[   23.878548] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   23.878957] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   23.879356] page dumped because: kasan: bad access detected
[   23.879524] 
[   23.879586] Memory state around the buggy address:
[   23.879736]  ffff8881024e1600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   23.880275]  ffff8881024e1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.880594] >ffff8881024e1700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.880909]                    ^
[   23.881106]  ffff8881024e1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.881492]  ffff8881024e1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.882258] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2z2V64IZ5mZ4pqTgyDjND4po2p7

job_id

TEST:linaro@lkft#2z2VCWzEgPcUDHhhw0N7L6OuTsi

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2z2VCWzEgPcUDHhhw0N7L6OuTsi

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2z2V8vW6OGUdLnT5KmRzpsRviaL/bzImage
sha256sum	af9e113be0609efaece1c192f6aceee5e71a8c7326695ad181171f155187f3ab

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2z2V8vW6OGUdLnT5KmRzpsRviaL/modules.tar.xz
sha256sum	eb3bf6ab4822a4ffbb4c6a0a8f2b0db2418a278c2192667f80b6a1aac6efaa14

durations

tests

boot	0
kunit	146.03

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - dragonboard-845c - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit