lkft/linux-next-master - next-20250709 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 9, 2025, 1:08 p.m.

Environment
qemu-arm64
qemu-x86_64

[   31.514933] ==================================================================
[   31.514999] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   31.515072] Free of addr fff00000c9ad4000 by task kunit_try_catch/271
[   31.515120] 
[   31.515164] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250709 #1 PREEMPT 
[   31.515261] Tainted: [B]=BAD_PAGE, [N]=TEST
[   31.515353] Hardware name: linux,dummy-virt (DT)
[   31.515703] Call trace:
[   31.515726]  show_stack+0x20/0x38 (C)
[   31.515807]  dump_stack_lvl+0x8c/0xd0
[   31.516237]  print_report+0x118/0x5d0
[   31.516422]  kasan_report_invalid_free+0xc0/0xe8
[   31.516476]  __kasan_mempool_poison_pages+0xe0/0xe8
[   31.516533]  mempool_free+0x24c/0x328
[   31.516581]  mempool_double_free_helper+0x150/0x2e8
[   31.516635]  mempool_page_alloc_double_free+0xbc/0x118
[   31.516691]  kunit_try_run_case+0x170/0x3f0
[   31.516741]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.517286]  kthread+0x328/0x630
[   31.517372]  ret_from_fork+0x10/0x20
[   31.517481] 
[   31.517502] The buggy address belongs to the physical page:
[   31.517650] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109ad4
[   31.517715] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   31.517783] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   31.517836] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   31.517882] page dumped because: kasan: bad access detected
[   31.517917] 
[   31.517937] Memory state around the buggy address:
[   31.517970]  fff00000c9ad3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   31.518021]  fff00000c9ad3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   31.518081] >fff00000c9ad4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   31.518126]                    ^
[   31.518157]  fff00000c9ad4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   31.518206]  fff00000c9ad4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   31.518251] ==================================================================
[   31.488536] ==================================================================
[   31.488644] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   31.488909] Free of addr fff00000c7d40a00 by task kunit_try_catch/267
[   31.489092] 
[   31.489133] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250709 #1 PREEMPT 
[   31.489222] Tainted: [B]=BAD_PAGE, [N]=TEST
[   31.489389] Hardware name: linux,dummy-virt (DT)
[   31.489427] Call trace:
[   31.489460]  show_stack+0x20/0x38 (C)
[   31.489532]  dump_stack_lvl+0x8c/0xd0
[   31.489584]  print_report+0x118/0x5d0
[   31.489683]  kasan_report_invalid_free+0xc0/0xe8
[   31.489736]  check_slab_allocation+0xd4/0x108
[   31.489795]  __kasan_mempool_poison_object+0x78/0x150
[   31.489989]  mempool_free+0x28c/0x328
[   31.490044]  mempool_double_free_helper+0x150/0x2e8
[   31.490109]  mempool_kmalloc_double_free+0xc0/0x118
[   31.490160]  kunit_try_run_case+0x170/0x3f0
[   31.490350]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.490513]  kthread+0x328/0x630
[   31.490568]  ret_from_fork+0x10/0x20
[   31.490770] 
[   31.490801] Allocated by task 267:
[   31.490860]  kasan_save_stack+0x3c/0x68
[   31.490913]  kasan_save_track+0x20/0x40
[   31.490974]  kasan_save_alloc_info+0x40/0x58
[   31.491066]  __kasan_mempool_unpoison_object+0x11c/0x180
[   31.491116]  remove_element+0x130/0x1f8
[   31.491192]  mempool_alloc_preallocated+0x58/0xc0
[   31.491276]  mempool_double_free_helper+0x94/0x2e8
[   31.491405]  mempool_kmalloc_double_free+0xc0/0x118
[   31.491620]  kunit_try_run_case+0x170/0x3f0
[   31.491748]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.491865]  kthread+0x328/0x630
[   31.491933]  ret_from_fork+0x10/0x20
[   31.491970] 
[   31.492014] Freed by task 267:
[   31.492041]  kasan_save_stack+0x3c/0x68
[   31.492500]  kasan_save_track+0x20/0x40
[   31.492629]  kasan_save_free_info+0x4c/0x78
[   31.492713]  __kasan_mempool_poison_object+0xc0/0x150
[   31.492764]  mempool_free+0x28c/0x328
[   31.492950]  mempool_double_free_helper+0x100/0x2e8
[   31.493001]  mempool_kmalloc_double_free+0xc0/0x118
[   31.493199]  kunit_try_run_case+0x170/0x3f0
[   31.493285]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.493428]  kthread+0x328/0x630
[   31.493494]  ret_from_fork+0x10/0x20
[   31.493531] 
[   31.493569] The buggy address belongs to the object at fff00000c7d40a00
[   31.493569]  which belongs to the cache kmalloc-128 of size 128
[   31.493778] The buggy address is located 0 bytes inside of
[   31.493778]  128-byte region [fff00000c7d40a00, fff00000c7d40a80)
[   31.494039] 
[   31.494085] The buggy address belongs to the physical page:
[   31.494120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107d40
[   31.494367] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   31.494592] page_type: f5(slab)
[   31.494691] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   31.494782] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   31.495123] page dumped because: kasan: bad access detected
[   31.495199] 
[   31.495302] Memory state around the buggy address:
[   31.495514]  fff00000c7d40900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   31.495748]  fff00000c7d40980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.495827] >fff00000c7d40a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   31.495942]                    ^
[   31.496128]  fff00000c7d40a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.496174]  fff00000c7d40b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.496213] ==================================================================
[   31.502566] ==================================================================
[   31.502627] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   31.502681] Free of addr fff00000c9ad4000 by task kunit_try_catch/269
[   31.502908] 
[   31.502952] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250709 #1 PREEMPT 
[   31.503065] Tainted: [B]=BAD_PAGE, [N]=TEST
[   31.503104] Hardware name: linux,dummy-virt (DT)
[   31.503138] Call trace:
[   31.503170]  show_stack+0x20/0x38 (C)
[   31.503222]  dump_stack_lvl+0x8c/0xd0
[   31.503369]  print_report+0x118/0x5d0
[   31.503417]  kasan_report_invalid_free+0xc0/0xe8
[   31.503639]  __kasan_mempool_poison_object+0x14c/0x150
[   31.503739]  mempool_free+0x28c/0x328
[   31.503828]  mempool_double_free_helper+0x150/0x2e8
[   31.503905]  mempool_kmalloc_large_double_free+0xc0/0x118
[   31.504092]  kunit_try_run_case+0x170/0x3f0
[   31.504190]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.504254]  kthread+0x328/0x630
[   31.504363]  ret_from_fork+0x10/0x20
[   31.504517] 
[   31.504559] The buggy address belongs to the physical page:
[   31.504703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109ad4
[   31.504885] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   31.504969] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   31.505050] page_type: f8(unknown)
[   31.505197] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   31.505401] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   31.505487] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   31.505559] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   31.505644] head: 0bfffe0000000002 ffffc1ffc326b501 00000000ffffffff 00000000ffffffff
[   31.505756] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   31.505879] page dumped because: kasan: bad access detected
[   31.506028] 
[   31.506141] Memory state around the buggy address:
[   31.506275]  fff00000c9ad3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   31.506351]  fff00000c9ad3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   31.506562] >fff00000c9ad4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   31.506754]                    ^
[   31.506873]  fff00000c9ad4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   31.507035]  fff00000c9ad4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   31.507267] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zdgcq9j1ujmXwxUxAtmoX2JeBw

job_id

TEST:linaro@lkft#2zdghTlh69PR1QDjNegFtBHq55A

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zdghTlh69PR1QDjNegFtBHq55A

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zdgdlpB9JiVBKeSwABXYd80ypl/Image.gz
sha256sum	9f5eee9957545548ea4e1a38f001ee4d49216581a9ba43dfa3ccfa9e44a80665

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zdgdlpB9JiVBKeSwABXYd80ypl/modules.tar.xz
sha256sum	a00a8fd80d7c3e7553673b7b34ffa080501292edf8c4877ba00c110d5f08ed8f

durations

tests

boot	0
kunit	163.99

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   25.782735] ==================================================================
[   25.784124] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   25.784369] Free of addr ffff888106234000 by task kunit_try_catch/287
[   25.784566] 
[   25.784656] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) 
[   25.784753] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   25.784784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.784829] Call Trace:
[   25.784844]  <TASK>
[   25.784866]  dump_stack_lvl+0x73/0xb0
[   25.784901]  print_report+0xd1/0x610
[   25.784925]  ? __virt_addr_valid+0x1db/0x2d0
[   25.784952]  ? kasan_addr_to_slab+0x11/0xa0
[   25.784972]  ? mempool_double_free_helper+0x184/0x370
[   25.784996]  kasan_report_invalid_free+0x10a/0x130
[   25.785021]  ? mempool_double_free_helper+0x184/0x370
[   25.785049]  ? mempool_double_free_helper+0x184/0x370
[   25.785073]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   25.785097]  mempool_free+0x2ec/0x380
[   25.785123]  mempool_double_free_helper+0x184/0x370
[   25.785146]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   25.785171]  ? __kasan_check_write+0x18/0x20
[   25.785239]  ? __pfx_sched_clock_cpu+0x10/0x10
[   25.785263]  ? finish_task_switch.isra.0+0x153/0x700
[   25.785314]  mempool_kmalloc_large_double_free+0xed/0x140
[   25.785359]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   25.785394]  ? __pfx_mempool_kmalloc+0x10/0x10
[   25.785417]  ? __pfx_mempool_kfree+0x10/0x10
[   25.785442]  ? __pfx_read_tsc+0x10/0x10
[   25.785463]  ? ktime_get_ts64+0x86/0x230
[   25.785489]  kunit_try_run_case+0x1a5/0x480
[   25.785512]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.785533]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.785559]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.785583]  ? __kthread_parkme+0x82/0x180
[   25.785603]  ? preempt_count_sub+0x50/0x80
[   25.785626]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.785647]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.785672]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.785707]  kthread+0x337/0x6f0
[   25.785728]  ? trace_preempt_on+0x20/0xc0
[   25.785751]  ? __pfx_kthread+0x10/0x10
[   25.785788]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.785810]  ? calculate_sigpending+0x7b/0xa0
[   25.785835]  ? __pfx_kthread+0x10/0x10
[   25.785905]  ret_from_fork+0x116/0x1d0
[   25.785926]  ? __pfx_kthread+0x10/0x10
[   25.785948]  ret_from_fork_asm+0x1a/0x30
[   25.785992]  </TASK>
[   25.786006] 
[   25.802053] The buggy address belongs to the physical page:
[   25.802578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106234
[   25.803079] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   25.803620] flags: 0x200000000000040(head|node=0|zone=2)
[   25.803839] page_type: f8(unknown)
[   25.804215] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   25.805033] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   25.805743] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   25.806153] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   25.806935] head: 0200000000000002 ffffea0004188d01 00000000ffffffff 00000000ffffffff
[   25.807531] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   25.808166] page dumped because: kasan: bad access detected
[   25.808429] 
[   25.808494] Memory state around the buggy address:
[   25.808646]  ffff888106233f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   25.808892]  ffff888106233f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   25.809214] >ffff888106234000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   25.809811]                    ^
[   25.809965]  ffff888106234080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   25.810480]  ffff888106234100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   25.811098] ==================================================================
[   25.815113] ==================================================================
[   25.816444] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   25.817528] Free of addr ffff888106234000 by task kunit_try_catch/289
[   25.818187] 
[   25.818394] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) 
[   25.818453] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   25.818468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.818492] Call Trace:
[   25.818507]  <TASK>
[   25.818529]  dump_stack_lvl+0x73/0xb0
[   25.818587]  print_report+0xd1/0x610
[   25.818612]  ? __virt_addr_valid+0x1db/0x2d0
[   25.818640]  ? kasan_addr_to_slab+0x11/0xa0
[   25.818660]  ? mempool_double_free_helper+0x184/0x370
[   25.818685]  kasan_report_invalid_free+0x10a/0x130
[   25.818721]  ? mempool_double_free_helper+0x184/0x370
[   25.818747]  ? mempool_double_free_helper+0x184/0x370
[   25.818770]  __kasan_mempool_poison_pages+0x115/0x130
[   25.818805]  mempool_free+0x290/0x380
[   25.818833]  mempool_double_free_helper+0x184/0x370
[   25.818856]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   25.818924]  ? __pfx_sched_clock_cpu+0x10/0x10
[   25.818950]  ? irqentry_exit+0x2a/0x60
[   25.818974]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   25.819002]  mempool_page_alloc_double_free+0xe8/0x140
[   25.819027]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   25.819053]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   25.819076]  ? __pfx_mempool_free_pages+0x10/0x10
[   25.819101]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   25.819128]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   25.819156]  kunit_try_run_case+0x1a5/0x480
[   25.819181]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.819201]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.819225]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.819248]  ? __kthread_parkme+0x82/0x180
[   25.819272]  ? preempt_count_sub+0x50/0x80
[   25.819295]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.819317]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.819343]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.819370]  kthread+0x337/0x6f0
[   25.819391]  ? trace_preempt_on+0x20/0xc0
[   25.819417]  ? __pfx_kthread+0x10/0x10
[   25.819437]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.819460]  ? calculate_sigpending+0x7b/0xa0
[   25.819485]  ? __pfx_kthread+0x10/0x10
[   25.819507]  ret_from_fork+0x116/0x1d0
[   25.819529]  ? __pfx_kthread+0x10/0x10
[   25.819549]  ret_from_fork_asm+0x1a/0x30
[   25.819581]  </TASK>
[   25.819595] 
[   25.831184] The buggy address belongs to the physical page:
[   25.831429] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106234
[   25.831767] flags: 0x200000000000000(node=0|zone=2)
[   25.832231] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   25.832681] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   25.833224] page dumped because: kasan: bad access detected
[   25.833654] 
[   25.833901] Memory state around the buggy address:
[   25.834340]  ffff888106233f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   25.834636]  ffff888106233f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   25.835277] >ffff888106234000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   25.835734]                    ^
[   25.836029]  ffff888106234080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   25.836470]  ffff888106234100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   25.836769] ==================================================================
[   25.746712] ==================================================================
[   25.747935] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   25.748657] Free of addr ffff8881058c1f00 by task kunit_try_catch/285
[   25.749409] 
[   25.749623] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) 
[   25.749706] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   25.749721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.749745] Call Trace:
[   25.749759]  <TASK>
[   25.749781]  dump_stack_lvl+0x73/0xb0
[   25.749848]  print_report+0xd1/0x610
[   25.749873]  ? __virt_addr_valid+0x1db/0x2d0
[   25.749912]  ? kasan_complete_mode_report_info+0x64/0x200
[   25.749938]  ? mempool_double_free_helper+0x184/0x370
[   25.749962]  kasan_report_invalid_free+0x10a/0x130
[   25.749986]  ? mempool_double_free_helper+0x184/0x370
[   25.750012]  ? mempool_double_free_helper+0x184/0x370
[   25.750034]  ? mempool_double_free_helper+0x184/0x370
[   25.750056]  check_slab_allocation+0x101/0x130
[   25.750079]  __kasan_mempool_poison_object+0x91/0x1d0
[   25.750102]  mempool_free+0x2ec/0x380
[   25.750131]  mempool_double_free_helper+0x184/0x370
[   25.750154]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   25.750176]  ? update_load_avg+0x1be/0x21b0
[   25.750204]  ? finish_task_switch.isra.0+0x153/0x700
[   25.750231]  mempool_kmalloc_double_free+0xed/0x140
[   25.750254]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   25.750280]  ? __pfx_mempool_kmalloc+0x10/0x10
[   25.750302]  ? __pfx_mempool_kfree+0x10/0x10
[   25.750327]  ? __pfx_read_tsc+0x10/0x10
[   25.750350]  ? ktime_get_ts64+0x86/0x230
[   25.750376]  kunit_try_run_case+0x1a5/0x480
[   25.750400]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.750420]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.750446]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.750470]  ? __kthread_parkme+0x82/0x180
[   25.750491]  ? preempt_count_sub+0x50/0x80
[   25.750568]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.750590]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.750617]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.750642]  kthread+0x337/0x6f0
[   25.750662]  ? trace_preempt_on+0x20/0xc0
[   25.750686]  ? __pfx_kthread+0x10/0x10
[   25.750721]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.750744]  ? calculate_sigpending+0x7b/0xa0
[   25.750769]  ? __pfx_kthread+0x10/0x10
[   25.750801]  ret_from_fork+0x116/0x1d0
[   25.750821]  ? __pfx_kthread+0x10/0x10
[   25.750841]  ret_from_fork_asm+0x1a/0x30
[   25.750874]  </TASK>
[   25.750920] 
[   25.764823] Allocated by task 285:
[   25.765146]  kasan_save_stack+0x45/0x70
[   25.765430]  kasan_save_track+0x18/0x40
[   25.765681]  kasan_save_alloc_info+0x3b/0x50
[   25.765907]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   25.766183]  remove_element+0x11e/0x190
[   25.766347]  mempool_alloc_preallocated+0x4d/0x90
[   25.766620]  mempool_double_free_helper+0x8a/0x370
[   25.766970]  mempool_kmalloc_double_free+0xed/0x140
[   25.767408]  kunit_try_run_case+0x1a5/0x480
[   25.767632]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.768036]  kthread+0x337/0x6f0
[   25.768228]  ret_from_fork+0x116/0x1d0
[   25.768435]  ret_from_fork_asm+0x1a/0x30
[   25.768655] 
[   25.768745] Freed by task 285:
[   25.768912]  kasan_save_stack+0x45/0x70
[   25.769115]  kasan_save_track+0x18/0x40
[   25.769356]  kasan_save_free_info+0x3f/0x60
[   25.769489]  __kasan_mempool_poison_object+0x131/0x1d0
[   25.769758]  mempool_free+0x2ec/0x380
[   25.770106]  mempool_double_free_helper+0x109/0x370
[   25.770469]  mempool_kmalloc_double_free+0xed/0x140
[   25.770765]  kunit_try_run_case+0x1a5/0x480
[   25.770968]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.771138]  kthread+0x337/0x6f0
[   25.771419]  ret_from_fork+0x116/0x1d0
[   25.771707]  ret_from_fork_asm+0x1a/0x30
[   25.771975] 
[   25.772046] The buggy address belongs to the object at ffff8881058c1f00
[   25.772046]  which belongs to the cache kmalloc-128 of size 128
[   25.773064] The buggy address is located 0 bytes inside of
[   25.773064]  128-byte region [ffff8881058c1f00, ffff8881058c1f80)
[   25.773541] 
[   25.773616] The buggy address belongs to the physical page:
[   25.774059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058c1
[   25.774381] flags: 0x200000000000000(node=0|zone=2)
[   25.774614] page_type: f5(slab)
[   25.774797] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   25.775230] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   25.775539] page dumped because: kasan: bad access detected
[   25.775762] 
[   25.775855] Memory state around the buggy address:
[   25.776146]  ffff8881058c1e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   25.776455]  ffff8881058c1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.776803] >ffff8881058c1f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   25.777113]                    ^
[   25.777447]  ffff8881058c1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.777763]  ffff8881058c2000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   25.778083] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zdgcq9j1ujmXwxUxAtmoX2JeBw

job_id

TEST:linaro@lkft#2zdgiR4lYmFolv6VtPNpXUv6c4T

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zdgiR4lYmFolv6VtPNpXUv6c4T

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zdgeyu2bhhwOi5HT3qnlyin7Ms/bzImage
sha256sum	f7e62367d136756fd78b141e5190ae396942c5b5fabd4fda00971c136430b59f

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zdgeyu2bhhwOi5HT3qnlyin7Ms/modules.tar.xz
sha256sum	4b09f4cdde291b6f441ef91e7389f5ff9bff86967f27fcee3276d7367dea1cc6

durations

tests

boot	0
kunit	223.70

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit