lkft/linux-next-master - next-20250724 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 24, 2025, 4:41 a.m.

Environment
qemu-arm64
qemu-x86_64

[   34.671081] ==================================================================
[   34.671190] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   34.671408] Free of addr fff00000c9bac000 by task kunit_try_catch/270
[   34.671458] 
[   34.671556] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250724 #1 PREEMPT 
[   34.671779] Tainted: [B]=BAD_PAGE, [N]=TEST
[   34.671885] Hardware name: linux,dummy-virt (DT)
[   34.671985] Call trace:
[   34.672055]  show_stack+0x20/0x38 (C)
[   34.672155]  dump_stack_lvl+0x8c/0xd0
[   34.672241]  print_report+0x118/0x5e8
[   34.672457]  kasan_report_invalid_free+0xc0/0xe8
[   34.672515]  __kasan_mempool_poison_pages+0xe0/0xe8
[   34.672620]  mempool_free+0x3ac/0x5f0
[   34.672800]  mempool_double_free_helper+0x150/0x2e8
[   34.672858]  mempool_page_alloc_double_free+0xbc/0x118
[   34.672928]  kunit_try_run_case+0x170/0x3f0
[   34.672988]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.673055]  kthread+0x328/0x630
[   34.673097]  ret_from_fork+0x10/0x20
[   34.673153] 
[   34.673177] The buggy address belongs to the physical page:
[   34.673215] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bac
[   34.673273] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   34.673352] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   34.673402] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   34.673457] page dumped because: kasan: bad access detected
[   34.673488] 
[   34.673509] Memory state around the buggy address:
[   34.673544]  fff00000c9babf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   34.673597]  fff00000c9babf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   34.673656] >fff00000c9bac000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   34.673695]                    ^
[   34.673739]  fff00000c9bac080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   34.673792]  fff00000c9bac100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   34.674140] ==================================================================
[   34.633059] ==================================================================
[   34.633202] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   34.633273] Free of addr fff00000c4564b00 by task kunit_try_catch/266
[   34.633379] 
[   34.633421] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250724 #1 PREEMPT 
[   34.633692] Tainted: [B]=BAD_PAGE, [N]=TEST
[   34.633741] Hardware name: linux,dummy-virt (DT)
[   34.633901] Call trace:
[   34.633938]  show_stack+0x20/0x38 (C)
[   34.633992]  dump_stack_lvl+0x8c/0xd0
[   34.634061]  print_report+0x118/0x5e8
[   34.634106]  kasan_report_invalid_free+0xc0/0xe8
[   34.634249]  check_slab_allocation+0xd4/0x108
[   34.634326]  __kasan_mempool_poison_object+0x78/0x150
[   34.634378]  mempool_free+0x3f4/0x5f0
[   34.634588]  mempool_double_free_helper+0x150/0x2e8
[   34.634689]  mempool_kmalloc_double_free+0xc0/0x118
[   34.634832]  kunit_try_run_case+0x170/0x3f0
[   34.634887]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.635134]  kthread+0x328/0x630
[   34.635188]  ret_from_fork+0x10/0x20
[   34.635363] 
[   34.635464] Allocated by task 266:
[   34.635525]  kasan_save_stack+0x3c/0x68
[   34.635592]  kasan_save_track+0x20/0x40
[   34.635840]  kasan_save_alloc_info+0x40/0x58
[   34.635888]  __kasan_mempool_unpoison_object+0x11c/0x180
[   34.635939]  remove_element+0x130/0x1f8
[   34.635979]  mempool_alloc_preallocated+0x58/0xc0
[   34.636047]  mempool_double_free_helper+0x94/0x2e8
[   34.636110]  mempool_kmalloc_double_free+0xc0/0x118
[   34.636283]  kunit_try_run_case+0x170/0x3f0
[   34.636467]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.636559]  kthread+0x328/0x630
[   34.636601]  ret_from_fork+0x10/0x20
[   34.636639] 
[   34.636708] Freed by task 266:
[   34.636738]  kasan_save_stack+0x3c/0x68
[   34.636806]  kasan_save_track+0x20/0x40
[   34.636848]  kasan_save_free_info+0x4c/0x78
[   34.636897]  __kasan_mempool_poison_object+0xc0/0x150
[   34.636944]  mempool_free+0x3f4/0x5f0
[   34.636982]  mempool_double_free_helper+0x100/0x2e8
[   34.637038]  mempool_kmalloc_double_free+0xc0/0x118
[   34.637090]  kunit_try_run_case+0x170/0x3f0
[   34.637127]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.637172]  kthread+0x328/0x630
[   34.637204]  ret_from_fork+0x10/0x20
[   34.637241] 
[   34.637260] The buggy address belongs to the object at fff00000c4564b00
[   34.637260]  which belongs to the cache kmalloc-128 of size 128
[   34.637329] The buggy address is located 0 bytes inside of
[   34.637329]  128-byte region [fff00000c4564b00, fff00000c4564b80)
[   34.637390] 
[   34.637412] The buggy address belongs to the physical page:
[   34.637452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104564
[   34.637519] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   34.637581] page_type: f5(slab)
[   34.637626] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000100 dead000000000122
[   34.637677] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   34.637727] page dumped because: kasan: bad access detected
[   34.637805] 
[   34.638225] Memory state around the buggy address:
[   34.638875]  fff00000c4564a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   34.639240]  fff00000c4564a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.639419] >fff00000c4564b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   34.639503]                    ^
[   34.639538]  fff00000c4564b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.639582]  fff00000c4564c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   34.639620] ==================================================================
[   34.652875] ==================================================================
[   34.652959] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   34.653030] Free of addr fff00000c9bac000 by task kunit_try_catch/268
[   34.653075] 
[   34.653117] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250724 #1 PREEMPT 
[   34.653208] Tainted: [B]=BAD_PAGE, [N]=TEST
[   34.653234] Hardware name: linux,dummy-virt (DT)
[   34.653338] Call trace:
[   34.653367]  show_stack+0x20/0x38 (C)
[   34.653443]  dump_stack_lvl+0x8c/0xd0
[   34.653492]  print_report+0x118/0x5e8
[   34.653537]  kasan_report_invalid_free+0xc0/0xe8
[   34.653583]  __kasan_mempool_poison_object+0x14c/0x150
[   34.653643]  mempool_free+0x3f4/0x5f0
[   34.653699]  mempool_double_free_helper+0x150/0x2e8
[   34.654441]  mempool_kmalloc_large_double_free+0xc0/0x118
[   34.654761]  kunit_try_run_case+0x170/0x3f0
[   34.654981]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.655360]  kthread+0x328/0x630
[   34.655426]  ret_from_fork+0x10/0x20
[   34.655524] 
[   34.655610] The buggy address belongs to the physical page:
[   34.655666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bac
[   34.655804] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   34.655876] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   34.655937] page_type: f8(unknown)
[   34.656005] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   34.656380] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   34.656506] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   34.656624] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   34.656771] head: 0bfffe0000000002 ffffc1ffc326eb01 00000000ffffffff 00000000ffffffff
[   34.656870] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   34.656980] page dumped because: kasan: bad access detected
[   34.657026] 
[   34.657045] Memory state around the buggy address:
[   34.657389]  fff00000c9babf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   34.657610]  fff00000c9babf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   34.657677] >fff00000c9bac000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   34.657836]                    ^
[   34.657902]  fff00000c9bac080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   34.657980]  fff00000c9bac100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   34.658340] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

30J3nY7QtuR6zFySSP24ERynb1Z

job_id

TEST:linaro@lkft#30J3tHAcCAzoumluJGVN0kuxFDU

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30J3tHAcCAzoumluJGVN0kuxFDU

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30J3pDsC9KNl7rr3iXBXH40Gq9W/Image.gz
sha256sum	544207c1b5a9d2840223bd62064127622ccefa2f812415650f45a51bca8475e6

rootfs

url	https://storage.tuxboot.com/debian/20250722/trixie/arm64/rootfs.ext4.xz
sha256sum	4416595f610fe19a3fb374a6dd0942354bf27ddb827c7f1e8e5524ec95492466

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30J3pDsC9KNl7rr3iXBXH40Gq9W/modules.tar.xz
sha256sum	ae69e33cdc746370be45d97b12d0ee81e77ef54ca003ba881eec2f93d7e2865c

durations

tests

boot	0
kunit	170.41

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   28.573050] ==================================================================
[   28.573448] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   28.574121] Free of addr ffff88810614c000 by task kunit_try_catch/285
[   28.574758] 
[   28.575039] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) 
[   28.575105] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   28.575119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   28.575145] Call Trace:
[   28.575158]  <TASK>
[   28.575181]  dump_stack_lvl+0x73/0xb0
[   28.575214]  print_report+0xd1/0x640
[   28.575238]  ? __virt_addr_valid+0x1db/0x2d0
[   28.575271]  ? kasan_addr_to_slab+0x11/0xa0
[   28.575291]  ? mempool_double_free_helper+0x184/0x370
[   28.575316]  kasan_report_invalid_free+0x10a/0x130
[   28.575341]  ? mempool_double_free_helper+0x184/0x370
[   28.575369]  ? mempool_double_free_helper+0x184/0x370
[   28.575390]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   28.575414]  mempool_free+0x490/0x640
[   28.575442]  mempool_double_free_helper+0x184/0x370
[   28.575466]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   28.575490]  ? dequeue_entities+0x23f/0x1630
[   28.575515]  ? __kasan_check_write+0x18/0x20
[   28.575537]  ? __pfx_sched_clock_cpu+0x10/0x10
[   28.575557]  ? irqentry_exit+0x2a/0x60
[   28.575590]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   28.575615]  mempool_kmalloc_large_double_free+0xed/0x140
[   28.575642]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   28.575669]  ? __pfx_mempool_kmalloc+0x10/0x10
[   28.575691]  ? __pfx_mempool_kfree+0x10/0x10
[   28.575714]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   28.575740]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   28.575766]  kunit_try_run_case+0x1a5/0x480
[   28.575848]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.575873]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   28.575899]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   28.575923]  ? __kthread_parkme+0x82/0x180
[   28.575945]  ? preempt_count_sub+0x50/0x80
[   28.575969]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.575991]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.576015]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   28.576038]  kthread+0x337/0x6f0
[   28.576057]  ? trace_preempt_on+0x20/0xc0
[   28.576082]  ? __pfx_kthread+0x10/0x10
[   28.576102]  ? _raw_spin_unlock_irq+0x47/0x80
[   28.576126]  ? calculate_sigpending+0x7b/0xa0
[   28.576150]  ? __pfx_kthread+0x10/0x10
[   28.576172]  ret_from_fork+0x116/0x1d0
[   28.576193]  ? __pfx_kthread+0x10/0x10
[   28.576213]  ret_from_fork_asm+0x1a/0x30
[   28.576246]  </TASK>
[   28.576258] 
[   28.589184] The buggy address belongs to the physical page:
[   28.589478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10614c
[   28.590647] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   28.591118] flags: 0x200000000000040(head|node=0|zone=2)
[   28.591465] page_type: f8(unknown)
[   28.591616] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   28.592169] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   28.592556] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   28.593042] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   28.593486] head: 0200000000000002 ffffea0004185301 00000000ffffffff 00000000ffffffff
[   28.594054] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   28.594436] page dumped because: kasan: bad access detected
[   28.594705] 
[   28.594863] Memory state around the buggy address:
[   28.595218]  ffff88810614bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   28.595631]  ffff88810614bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   28.596094] >ffff88810614c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   28.596425]                    ^
[   28.596715]  ffff88810614c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   28.597207]  ffff88810614c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   28.597604] ==================================================================
[   28.601372] ==================================================================
[   28.601982] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   28.602281] Free of addr ffff888104980000 by task kunit_try_catch/287
[   28.602567] 
[   28.602670] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) 
[   28.602725] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   28.602738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   28.602762] Call Trace:
[   28.602774]  <TASK>
[   28.602838]  dump_stack_lvl+0x73/0xb0
[   28.602874]  print_report+0xd1/0x640
[   28.602898]  ? __virt_addr_valid+0x1db/0x2d0
[   28.602940]  ? kasan_addr_to_slab+0x11/0xa0
[   28.602960]  ? mempool_double_free_helper+0x184/0x370
[   28.602985]  kasan_report_invalid_free+0x10a/0x130
[   28.603008]  ? mempool_double_free_helper+0x184/0x370
[   28.603034]  ? mempool_double_free_helper+0x184/0x370
[   28.603057]  __kasan_mempool_poison_pages+0x115/0x130
[   28.603080]  mempool_free+0x430/0x640
[   28.603108]  mempool_double_free_helper+0x184/0x370
[   28.603131]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   28.603155]  ? dequeue_entities+0x23f/0x1630
[   28.603180]  ? __kasan_check_write+0x18/0x20
[   28.603203]  ? __pfx_sched_clock_cpu+0x10/0x10
[   28.603224]  ? finish_task_switch.isra.0+0x153/0x700
[   28.603257]  mempool_page_alloc_double_free+0xe8/0x140
[   28.603282]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   28.603309]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   28.603333]  ? __pfx_mempool_free_pages+0x10/0x10
[   28.603358]  ? __pfx_read_tsc+0x10/0x10
[   28.603380]  ? ktime_get_ts64+0x86/0x230
[   28.603405]  kunit_try_run_case+0x1a5/0x480
[   28.603431]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.603453]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   28.603478]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   28.603503]  ? __kthread_parkme+0x82/0x180
[   28.603523]  ? preempt_count_sub+0x50/0x80
[   28.603545]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.603569]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.603602]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   28.603625]  kthread+0x337/0x6f0
[   28.603644]  ? trace_preempt_on+0x20/0xc0
[   28.603668]  ? __pfx_kthread+0x10/0x10
[   28.603688]  ? _raw_spin_unlock_irq+0x47/0x80
[   28.603710]  ? calculate_sigpending+0x7b/0xa0
[   28.603734]  ? __pfx_kthread+0x10/0x10
[   28.603755]  ret_from_fork+0x116/0x1d0
[   28.603774]  ? __pfx_kthread+0x10/0x10
[   28.603873]  ret_from_fork_asm+0x1a/0x30
[   28.603907]  </TASK>
[   28.603930] 
[   28.615671] The buggy address belongs to the physical page:
[   28.615899] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104980
[   28.616343] flags: 0x200000000000000(node=0|zone=2)
[   28.616571] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   28.617264] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   28.617543] page dumped because: kasan: bad access detected
[   28.617883] 
[   28.618144] Memory state around the buggy address:
[   28.618348]  ffff88810497ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.618672]  ffff88810497ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.619215] >ffff888104980000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   28.619525]                    ^
[   28.619671]  ffff888104980080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   28.620255]  ffff888104980100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   28.620555] ==================================================================
[   28.534130] ==================================================================
[   28.534570] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   28.534901] Free of addr ffff88810604d000 by task kunit_try_catch/283
[   28.535795] 
[   28.535979] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) 
[   28.536039] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   28.536052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   28.536076] Call Trace:
[   28.536090]  <TASK>
[   28.536130]  dump_stack_lvl+0x73/0xb0
[   28.536167]  print_report+0xd1/0x640
[   28.536191]  ? __virt_addr_valid+0x1db/0x2d0
[   28.536219]  ? kasan_complete_mode_report_info+0x64/0x200
[   28.536244]  ? mempool_double_free_helper+0x184/0x370
[   28.536268]  kasan_report_invalid_free+0x10a/0x130
[   28.536292]  ? mempool_double_free_helper+0x184/0x370
[   28.536317]  ? mempool_double_free_helper+0x184/0x370
[   28.536340]  ? mempool_double_free_helper+0x184/0x370
[   28.536363]  check_slab_allocation+0x101/0x130
[   28.536384]  __kasan_mempool_poison_object+0x91/0x1d0
[   28.536408]  mempool_free+0x490/0x640
[   28.536436]  mempool_double_free_helper+0x184/0x370
[   28.536460]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   28.536484]  ? dequeue_entities+0x23f/0x1630
[   28.536509]  ? __kasan_check_write+0x18/0x20
[   28.536532]  ? __pfx_sched_clock_cpu+0x10/0x10
[   28.536553]  ? finish_task_switch.isra.0+0x153/0x700
[   28.536594]  mempool_kmalloc_double_free+0xed/0x140
[   28.536617]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   28.536644]  ? __pfx_mempool_kmalloc+0x10/0x10
[   28.536666]  ? __pfx_mempool_kfree+0x10/0x10
[   28.536691]  ? __pfx_read_tsc+0x10/0x10
[   28.536712]  ? ktime_get_ts64+0x86/0x230
[   28.536738]  kunit_try_run_case+0x1a5/0x480
[   28.536765]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.536787]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   28.536813]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   28.536838]  ? __kthread_parkme+0x82/0x180
[   28.536859]  ? preempt_count_sub+0x50/0x80
[   28.536883]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.536906]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.537024]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   28.537052]  kthread+0x337/0x6f0
[   28.537073]  ? trace_preempt_on+0x20/0xc0
[   28.537098]  ? __pfx_kthread+0x10/0x10
[   28.537119]  ? _raw_spin_unlock_irq+0x47/0x80
[   28.537143]  ? calculate_sigpending+0x7b/0xa0
[   28.537167]  ? __pfx_kthread+0x10/0x10
[   28.537188]  ret_from_fork+0x116/0x1d0
[   28.537208]  ? __pfx_kthread+0x10/0x10
[   28.537229]  ret_from_fork_asm+0x1a/0x30
[   28.537260]  </TASK>
[   28.537271] 
[   28.551061] Allocated by task 283:
[   28.551213]  kasan_save_stack+0x45/0x70
[   28.551410]  kasan_save_track+0x18/0x40
[   28.551595]  kasan_save_alloc_info+0x3b/0x50
[   28.551766]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   28.552020]  remove_element+0x11e/0x190
[   28.552341]  mempool_alloc_preallocated+0x4d/0x90
[   28.552557]  mempool_double_free_helper+0x8a/0x370
[   28.553491]  mempool_kmalloc_double_free+0xed/0x140
[   28.553741]  kunit_try_run_case+0x1a5/0x480
[   28.553884]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.554733]  kthread+0x337/0x6f0
[   28.555087]  ret_from_fork+0x116/0x1d0
[   28.555258]  ret_from_fork_asm+0x1a/0x30
[   28.555431] 
[   28.555511] Freed by task 283:
[   28.555659]  kasan_save_stack+0x45/0x70
[   28.555877]  kasan_save_track+0x18/0x40
[   28.556211]  kasan_save_free_info+0x3f/0x60
[   28.556394]  __kasan_mempool_poison_object+0x131/0x1d0
[   28.556619]  mempool_free+0x490/0x640
[   28.557361]  mempool_double_free_helper+0x109/0x370
[   28.557652]  mempool_kmalloc_double_free+0xed/0x140
[   28.558436]  kunit_try_run_case+0x1a5/0x480
[   28.558726]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.559238]  kthread+0x337/0x6f0
[   28.559547]  ret_from_fork+0x116/0x1d0
[   28.559743]  ret_from_fork_asm+0x1a/0x30
[   28.560374] 
[   28.560503] The buggy address belongs to the object at ffff88810604d000
[   28.560503]  which belongs to the cache kmalloc-128 of size 128
[   28.561498] The buggy address is located 0 bytes inside of
[   28.561498]  128-byte region [ffff88810604d000, ffff88810604d080)
[   28.562225] 
[   28.562328] The buggy address belongs to the physical page:
[   28.562562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10604d
[   28.563448] flags: 0x200000000000000(node=0|zone=2)
[   28.563778] page_type: f5(slab)
[   28.564248] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   28.564774] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   28.565254] page dumped because: kasan: bad access detected
[   28.565487] 
[   28.565580] Memory state around the buggy address:
[   28.566463]  ffff88810604cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.567119]  ffff88810604cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.567419] >ffff88810604d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   28.567711]                    ^
[   28.567939]  ffff88810604d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.568225]  ffff88810604d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   28.568502] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

30J3nY7QtuR6zFySSP24ERynb1Z

job_id

TEST:linaro@lkft#30J3uLzhpviDmlOWY3P9BXfcBAH

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30J3uLzhpviDmlOWY3P9BXfcBAH

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30J3qksL4GBwzrde5mtPKhFeFEL/bzImage
sha256sum	af4ccad1f72d598f267023cce1cb43d5ed4bda226a707e01686be85dd90634f7

rootfs

url	https://storage.tuxboot.com/debian/20250722/trixie/amd64/rootfs.ext4.xz
sha256sum	f011d4ee6daca8ff6eb107b3ab1eb085d1f77f9019361779f04403719dd7a135

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30J3qksL4GBwzrde5mtPKhFeFEL/modules.tar.xz
sha256sum	7c95098d7c3fc4ab7a627a48c0cdbf1fa3d50531e33653f38a4f14abeedf82da

durations

tests

boot	0
kunit	254.60

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit