lkft/linux-stable-rc-linux-6.14.y - v6.14.9-74-gd9764ae24926 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

June 2, 2025, 2:13 p.m.

Environment
qemu-arm64
qemu-x86_64

[   20.560476] ==================================================================
[   20.560912] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0
[   20.561629] Free of addr fff00000c3f2d700 by task kunit_try_catch/225
[   20.562257] 
[   20.562564] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G    B            N 6.14.10-rc1 #1
[   20.562671] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.562702] Hardware name: linux,dummy-virt (DT)
[   20.562741] Call trace:
[   20.562768]  show_stack+0x20/0x38 (C)
[   20.562839]  dump_stack_lvl+0x8c/0xd0
[   20.562892]  print_report+0x118/0x608
[   20.562949]  kasan_report_invalid_free+0xc0/0xe8
[   20.563007]  check_slab_allocation+0xd4/0x108
[   20.563061]  __kasan_mempool_poison_object+0x78/0x150
[   20.563245]  mempool_free+0x28c/0x328
[   20.563307]  mempool_double_free_helper+0x150/0x2e0
[   20.563362]  mempool_kmalloc_double_free+0xc0/0x118
[   20.563418]  kunit_try_run_case+0x170/0x3f0
[   20.563471]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.563528]  kthread+0x318/0x620
[   20.563579]  ret_from_fork+0x10/0x20
[   20.563632] 
[   20.567707] Allocated by task 225:
[   20.567915]  kasan_save_stack+0x3c/0x68
[   20.568133]  kasan_save_track+0x20/0x40
[   20.568354]  kasan_save_alloc_info+0x40/0x58
[   20.568565]  __kasan_mempool_unpoison_object+0x11c/0x180
[   20.568807]  remove_element+0x130/0x1f8
[   20.569004]  mempool_alloc_preallocated+0x58/0xc0
[   20.570632]  mempool_double_free_helper+0x94/0x2e0
[   20.570861]  mempool_kmalloc_double_free+0xc0/0x118
[   20.571409]  kunit_try_run_case+0x170/0x3f0
[   20.571703]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.572056]  kthread+0x318/0x620
[   20.572456]  ret_from_fork+0x10/0x20
[   20.572654] 
[   20.572776] Freed by task 225:
[   20.572941]  kasan_save_stack+0x3c/0x68
[   20.573148]  kasan_save_track+0x20/0x40
[   20.573378]  kasan_save_free_info+0x4c/0x78
[   20.573623]  __kasan_mempool_poison_object+0xc0/0x150
[   20.573893]  mempool_free+0x28c/0x328
[   20.575081]  mempool_double_free_helper+0x100/0x2e0
[   20.575512]  mempool_kmalloc_double_free+0xc0/0x118
[   20.575866]  kunit_try_run_case+0x170/0x3f0
[   20.576173]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.576532]  kthread+0x318/0x620
[   20.576802]  ret_from_fork+0x10/0x20
[   20.577070] 
[   20.577327] The buggy address belongs to the object at fff00000c3f2d700
[   20.577327]  which belongs to the cache kmalloc-128 of size 128
[   20.577988] The buggy address is located 0 bytes inside of
[   20.577988]  128-byte region [fff00000c3f2d700, fff00000c3f2d780)
[   20.578687] 
[   20.579051] The buggy address belongs to the physical page:
[   20.579381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f2d
[   20.579856] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.580264] page_type: f5(slab)
[   20.580531] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   20.581000] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   20.581498] page dumped because: kasan: bad access detected
[   20.581909] 
[   20.582409] Memory state around the buggy address:
[   20.582644]  fff00000c3f2d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.582862]  fff00000c3f2d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.583128] >fff00000c3f2d700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.583367]                    ^
[   20.583531]  fff00000c3f2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.583790]  fff00000c3f2d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.584038] ==================================================================
[   20.613115] ==================================================================
[   20.613679] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0
[   20.614218] Free of addr fff00000c6698000 by task kunit_try_catch/229
[   20.614725] 
[   20.615068] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G    B            N 6.14.10-rc1 #1
[   20.615203] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.615238] Hardware name: linux,dummy-virt (DT)
[   20.615276] Call trace:
[   20.615302]  show_stack+0x20/0x38 (C)
[   20.615367]  dump_stack_lvl+0x8c/0xd0
[   20.615422]  print_report+0x118/0x608
[   20.615475]  kasan_report_invalid_free+0xc0/0xe8
[   20.615530]  __kasan_mempool_poison_pages+0xe0/0xe8
[   20.615587]  mempool_free+0x24c/0x328
[   20.615638]  mempool_double_free_helper+0x150/0x2e0
[   20.615693]  mempool_page_alloc_double_free+0xbc/0x118
[   20.615748]  kunit_try_run_case+0x170/0x3f0
[   20.615804]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.615862]  kthread+0x318/0x620
[   20.615910]  ret_from_fork+0x10/0x20
[   20.615961] 
[   20.620330] The buggy address belongs to the physical page:
[   20.620630] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106698
[   20.621082] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.621562] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   20.621941] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.622436] page dumped because: kasan: bad access detected
[   20.622948] 
[   20.623085] Memory state around the buggy address:
[   20.623380]  fff00000c6697f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.623770]  fff00000c6697f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.624292] >fff00000c6698000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.624659]                    ^
[   20.624831]  fff00000c6698080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.625253]  fff00000c6698100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.625582] ==================================================================
[   20.592380] ==================================================================
[   20.592929] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0
[   20.593747] Free of addr fff00000c6698000 by task kunit_try_catch/227
[   20.594091] 
[   20.595038] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G    B            N 6.14.10-rc1 #1
[   20.595169] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.595205] Hardware name: linux,dummy-virt (DT)
[   20.595244] Call trace:
[   20.595272]  show_stack+0x20/0x38 (C)
[   20.595340]  dump_stack_lvl+0x8c/0xd0
[   20.595408]  print_report+0x118/0x608
[   20.595460]  kasan_report_invalid_free+0xc0/0xe8
[   20.595561]  __kasan_mempool_poison_object+0x14c/0x150
[   20.595620]  mempool_free+0x28c/0x328
[   20.595676]  mempool_double_free_helper+0x150/0x2e0
[   20.595731]  mempool_kmalloc_large_double_free+0xc0/0x118
[   20.595790]  kunit_try_run_case+0x170/0x3f0
[   20.595843]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.595901]  kthread+0x318/0x620
[   20.595951]  ret_from_fork+0x10/0x20
[   20.596010] 
[   20.600575] The buggy address belongs to the physical page:
[   20.600803] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106698
[   20.601098] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.601443] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.601801] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.603312] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.603578] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.604113] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.604351] head: 0bfffe0000000002 ffffc1ffc319a601 ffffffffffffffff 0000000000000000
[   20.604905] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   20.605173] page dumped because: kasan: bad access detected
[   20.605592] 
[   20.605788] Memory state around the buggy address:
[   20.606023]  fff00000c6697f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.606540]  fff00000c6697f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.606818] >fff00000c6698000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.607076]                    ^
[   20.607285]  fff00000c6698080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.607627]  fff00000c6698100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.607931] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2xxIrjnY3qrEVj7fL32ZBFnpdUJ

job_id

TEST:linaro@lkft#2xxIwXuNlIzxQj0IpkkVRHMEZcO

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxIwXuNlIzxQj0IpkkVRHMEZcO

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIt2FGzQnKvGggP0xsi4xIwvI/Image.gz
sha256sum	32a8b72922f193882a307c25103255c66d67e9f963c008702ba8ba647a4a98c3

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxIt2FGzQnKvGggP0xsi4xIwvI/modules.tar.xz
sha256sum	58cc75b6d61cea97f72b8fd292af11ead6934a75d8117cee65e72b5a129f94d4

durations

tests

boot	0
kunit	343.69

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.368270] ==================================================================
[   14.368701] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370
[   14.368942] Free of addr ffff888102898000 by task kunit_try_catch/247
[   14.369189] 
[   14.369624] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G    B            N 6.14.10-rc1 #1
[   14.369673] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.369686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.369707] Call Trace:
[   14.369720]  <TASK>
[   14.369743]  dump_stack_lvl+0x73/0xb0
[   14.369770]  print_report+0xd1/0x650
[   14.369791]  ? __virt_addr_valid+0x1db/0x2d0
[   14.369814]  ? kasan_addr_to_slab+0x11/0xa0
[   14.369833]  ? mempool_double_free_helper+0x185/0x370
[   14.369857]  kasan_report_invalid_free+0xfc/0x120
[   14.369879]  ? mempool_double_free_helper+0x185/0x370
[   14.369904]  ? mempool_double_free_helper+0x185/0x370
[   14.369927]  __kasan_mempool_poison_pages+0x115/0x130
[   14.369950]  mempool_free+0x290/0x380
[   14.369972]  mempool_double_free_helper+0x185/0x370
[   14.369994]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.370031]  ? finish_task_switch.isra.0+0x153/0x700
[   14.370059]  mempool_page_alloc_double_free+0xe9/0x140
[   14.370083]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   14.370110]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   14.370129]  ? __pfx_mempool_free_pages+0x10/0x10
[   14.370152]  ? __pfx_read_tsc+0x10/0x10
[   14.370173]  ? ktime_get_ts64+0x86/0x230
[   14.370198]  kunit_try_run_case+0x1a6/0x480
[   14.370222]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.370245]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   14.370271]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.370296]  ? __kthread_parkme+0x82/0x160
[   14.370319]  ? preempt_count_sub+0x50/0x80
[   14.370343]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.370366]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.370393]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.370418]  kthread+0x324/0x6e0
[   14.370440]  ? trace_preempt_on+0x20/0xc0
[   14.370463]  ? __pfx_kthread+0x10/0x10
[   14.370485]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.370507]  ? calculate_sigpending+0x7b/0xa0
[   14.370529]  ? __pfx_kthread+0x10/0x10
[   14.370559]  ret_from_fork+0x41/0x80
[   14.370579]  ? __pfx_kthread+0x10/0x10
[   14.370601]  ret_from_fork_asm+0x1a/0x30
[   14.370632]  </TASK>
[   14.370643] 
[   14.386985] The buggy address belongs to the physical page:
[   14.387471] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102898
[   14.388093] flags: 0x200000000000000(node=0|zone=2)
[   14.388587] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   14.389085] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   14.389526] page dumped because: kasan: bad access detected
[   14.389872] 
[   14.389945] Memory state around the buggy address:
[   14.390110]  ffff888102897f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.390316]  ffff888102897f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.390522] >ffff888102898000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.390821]                    ^
[   14.390990]  ffff888102898080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.391276]  ffff888102898100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.391555] ==================================================================
[   14.341052] ==================================================================
[   14.341372] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370
[   14.341783] Free of addr ffff888102898000 by task kunit_try_catch/245
[   14.342036] 
[   14.342121] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G    B            N 6.14.10-rc1 #1
[   14.342160] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.342171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.342191] Call Trace:
[   14.342205]  <TASK>
[   14.342220]  dump_stack_lvl+0x73/0xb0
[   14.342248]  print_report+0xd1/0x650
[   14.342270]  ? __virt_addr_valid+0x1db/0x2d0
[   14.342294]  ? kasan_addr_to_slab+0x11/0xa0
[   14.342314]  ? mempool_double_free_helper+0x185/0x370
[   14.342337]  kasan_report_invalid_free+0xfc/0x120
[   14.342360]  ? mempool_double_free_helper+0x185/0x370
[   14.342387]  ? mempool_double_free_helper+0x185/0x370
[   14.342409]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   14.342433]  mempool_free+0x2ec/0x380
[   14.342455]  mempool_double_free_helper+0x185/0x370
[   14.342479]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.342506]  ? finish_task_switch.isra.0+0x153/0x700
[   14.342534]  mempool_kmalloc_large_double_free+0xee/0x140
[   14.342559]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.342586]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.342605]  ? __pfx_mempool_kfree+0x10/0x10
[   14.342626]  ? __pfx_read_tsc+0x10/0x10
[   14.342646]  ? ktime_get_ts64+0x86/0x230
[   14.342682]  kunit_try_run_case+0x1a6/0x480
[   14.342704]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.342725]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   14.342749]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.342773]  ? __kthread_parkme+0x82/0x160
[   14.342794]  ? preempt_count_sub+0x50/0x80
[   14.342818]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.342841]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.342867]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.342893]  kthread+0x324/0x6e0
[   14.342913]  ? trace_preempt_on+0x20/0xc0
[   14.342936]  ? __pfx_kthread+0x10/0x10
[   14.342957]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.342979]  ? calculate_sigpending+0x7b/0xa0
[   14.343001]  ? __pfx_kthread+0x10/0x10
[   14.343035]  ret_from_fork+0x41/0x80
[   14.343052]  ? __pfx_kthread+0x10/0x10
[   14.343075]  ret_from_fork_asm+0x1a/0x30
[   14.343104]  </TASK>
[   14.343115] 
[   14.354487] The buggy address belongs to the physical page:
[   14.355303] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102898
[   14.355907] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.356357] flags: 0x200000000000040(head|node=0|zone=2)
[   14.357031] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.357366] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   14.357793] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.358107] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   14.358405] head: 0200000000000002 ffffea00040a2601 ffffffffffffffff 0000000000000000
[   14.359094] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   14.359725] page dumped because: kasan: bad access detected
[   14.360165] 
[   14.360388] Memory state around the buggy address:
[   14.361067]  ffff888102897f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.361455]  ffff888102897f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.362210] >ffff888102898000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.362687]                    ^
[   14.362970]  ffff888102898080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.363408]  ffff888102898100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.364131] ==================================================================
[   14.312936] ==================================================================
[   14.313437] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370
[   14.313910] Free of addr ffff888102a2cd00 by task kunit_try_catch/243
[   14.314202] 
[   14.314312] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G    B            N 6.14.10-rc1 #1
[   14.314378] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.314391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.314412] Call Trace:
[   14.314425]  <TASK>
[   14.314440]  dump_stack_lvl+0x73/0xb0
[   14.314471]  print_report+0xd1/0x650
[   14.314495]  ? __virt_addr_valid+0x1db/0x2d0
[   14.314541]  ? kasan_complete_mode_report_info+0x64/0x200
[   14.314654]  ? mempool_double_free_helper+0x185/0x370
[   14.314680]  kasan_report_invalid_free+0xfc/0x120
[   14.314708]  ? mempool_double_free_helper+0x185/0x370
[   14.314736]  ? mempool_double_free_helper+0x185/0x370
[   14.314760]  ? mempool_double_free_helper+0x185/0x370
[   14.314785]  check_slab_allocation+0x101/0x130
[   14.314809]  __kasan_mempool_poison_object+0x91/0x1d0
[   14.314835]  mempool_free+0x2ec/0x380
[   14.314857]  ? __wake_up+0x49/0x60
[   14.314884]  mempool_double_free_helper+0x185/0x370
[   14.314911]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.314959]  ? finish_task_switch.isra.0+0x153/0x700
[   14.314989]  mempool_kmalloc_double_free+0xee/0x140
[   14.315025]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   14.315054]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.315076]  ? __pfx_mempool_kfree+0x10/0x10
[   14.315100]  ? __pfx_read_tsc+0x10/0x10
[   14.315125]  ? ktime_get_ts64+0x86/0x230
[   14.315154]  kunit_try_run_case+0x1a6/0x480
[   14.315181]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.315205]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   14.315234]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.315260]  ? __kthread_parkme+0x82/0x160
[   14.315285]  ? preempt_count_sub+0x50/0x80
[   14.315312]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.315338]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.315367]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.315395]  kthread+0x324/0x6e0
[   14.315420]  ? trace_preempt_on+0x20/0xc0
[   14.315446]  ? __pfx_kthread+0x10/0x10
[   14.315471]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.315496]  ? calculate_sigpending+0x7b/0xa0
[   14.315521]  ? __pfx_kthread+0x10/0x10
[   14.315595]  ret_from_fork+0x41/0x80
[   14.315621]  ? __pfx_kthread+0x10/0x10
[   14.315646]  ret_from_fork_asm+0x1a/0x30
[   14.315681]  </TASK>
[   14.315691] 
[   14.324383] Allocated by task 243:
[   14.324565]  kasan_save_stack+0x45/0x70
[   14.324893]  kasan_save_track+0x18/0x40
[   14.325045]  kasan_save_alloc_info+0x3b/0x50
[   14.325267]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.325518]  remove_element+0x11e/0x190
[   14.325789]  mempool_alloc_preallocated+0x4d/0x90
[   14.326055]  mempool_double_free_helper+0x8b/0x370
[   14.326270]  mempool_kmalloc_double_free+0xee/0x140
[   14.326433]  kunit_try_run_case+0x1a6/0x480
[   14.326658]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.326855]  kthread+0x324/0x6e0
[   14.327064]  ret_from_fork+0x41/0x80
[   14.327267]  ret_from_fork_asm+0x1a/0x30
[   14.327414] 
[   14.327497] Freed by task 243:
[   14.327736]  kasan_save_stack+0x45/0x70
[   14.327938]  kasan_save_track+0x18/0x40
[   14.328098]  kasan_save_free_info+0x3f/0x60
[   14.328242]  __kasan_mempool_poison_object+0x131/0x1d0
[   14.328499]  mempool_free+0x2ec/0x380
[   14.328749]  mempool_double_free_helper+0x10a/0x370
[   14.328991]  mempool_kmalloc_double_free+0xee/0x140
[   14.329230]  kunit_try_run_case+0x1a6/0x480
[   14.329393]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.329833]  kthread+0x324/0x6e0
[   14.330030]  ret_from_fork+0x41/0x80
[   14.330233]  ret_from_fork_asm+0x1a/0x30
[   14.330401] 
[   14.330471] The buggy address belongs to the object at ffff888102a2cd00
[   14.330471]  which belongs to the cache kmalloc-128 of size 128
[   14.331033] The buggy address is located 0 bytes inside of
[   14.331033]  128-byte region [ffff888102a2cd00, ffff888102a2cd80)
[   14.331549] 
[   14.331714] The buggy address belongs to the physical page:
[   14.331957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c
[   14.332263] flags: 0x200000000000000(node=0|zone=2)
[   14.332511] page_type: f5(slab)
[   14.332738] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.333082] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.333411] page dumped because: kasan: bad access detected
[   14.333663] 
[   14.333782] Memory state around the buggy address:
[   14.333996]  ffff888102a2cc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.334265]  ffff888102a2cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.334545] >ffff888102a2cd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.335041]                    ^
[   14.335217]  ffff888102a2cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.335545]  ffff888102a2ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.335870] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2xxIrjnY3qrEVj7fL32ZBFnpdUJ

job_id

TEST:linaro@lkft#2xxIxn9sGUCjhYDADrJyFeeOXJo

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2xxIxn9sGUCjhYDADrJyFeeOXJo

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxItzMuImjAiaUtl4SAGohS14v/bzImage
sha256sum	a377c082a32d4d46ee2b75abc46da75add70fe012212fc2b65618c407015869d

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2xxItzMuImjAiaUtl4SAGohS14v/modules.tar.xz
sha256sum	7b365c5d60d997915f8a000edaa45aecbf60745fa7ace2e9d3d5e4c844fd9dc8

durations

tests

boot	0
kunit	193.97

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit