lkft/linux-stable-rc-linux-6.15.y - v6.15.3-589-g0e4c88a0cd37 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

June 24, 2025, 12:47 p.m.

Environment
qemu-arm64
qemu-x86_64

[   27.057640] ==================================================================
[   27.057787] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   27.057927] Free of addr fff00000c5a7b200 by task kunit_try_catch/237
[   27.058029] 
[   27.058105] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc2 #1 PREEMPT 
[   27.058301] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.058371] Hardware name: linux,dummy-virt (DT)
[   27.058517] Call trace:
[   27.059302]  show_stack+0x20/0x38 (C)
[   27.059721]  dump_stack_lvl+0x8c/0xd0
[   27.059982]  print_report+0x118/0x608
[   27.060186]  kasan_report_invalid_free+0xc0/0xe8
[   27.060813]  check_slab_allocation+0xd4/0x108
[   27.060971]  __kasan_mempool_poison_object+0x78/0x150
[   27.061194]  mempool_free+0x28c/0x328
[   27.061593]  mempool_double_free_helper+0x150/0x2e8
[   27.061810]  mempool_kmalloc_double_free+0xc0/0x118
[   27.061936]  kunit_try_run_case+0x170/0x3f0
[   27.062218]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   27.062765]  kthread+0x328/0x630
[   27.062888]  ret_from_fork+0x10/0x20
[   27.063440] 
[   27.063505] Allocated by task 237:
[   27.063736]  kasan_save_stack+0x3c/0x68
[   27.064185]  kasan_save_track+0x20/0x40
[   27.064403]  kasan_save_alloc_info+0x40/0x58
[   27.064530]  __kasan_mempool_unpoison_object+0x11c/0x180
[   27.065243]  remove_element+0x130/0x1f8
[   27.065453]  mempool_alloc_preallocated+0x58/0xc0
[   27.065684]  mempool_double_free_helper+0x94/0x2e8
[   27.066211]  mempool_kmalloc_double_free+0xc0/0x118
[   27.066325]  kunit_try_run_case+0x170/0x3f0
[   27.066441]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   27.066551]  kthread+0x328/0x630
[   27.067114]  ret_from_fork+0x10/0x20
[   27.067620] 
[   27.067690] Freed by task 237:
[   27.068209]  kasan_save_stack+0x3c/0x68
[   27.068360]  kasan_save_track+0x20/0x40
[   27.068489]  kasan_save_free_info+0x4c/0x78
[   27.068593]  __kasan_mempool_poison_object+0xc0/0x150
[   27.068768]  mempool_free+0x28c/0x328
[   27.069169]  mempool_double_free_helper+0x100/0x2e8
[   27.069287]  mempool_kmalloc_double_free+0xc0/0x118
[   27.069602]  kunit_try_run_case+0x170/0x3f0
[   27.069770]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   27.069900]  kthread+0x328/0x630
[   27.070288]  ret_from_fork+0x10/0x20
[   27.070493] 
[   27.070578] The buggy address belongs to the object at fff00000c5a7b200
[   27.070578]  which belongs to the cache kmalloc-128 of size 128
[   27.071403] The buggy address is located 0 bytes inside of
[   27.071403]  128-byte region [fff00000c5a7b200, fff00000c5a7b280)
[   27.071568] 
[   27.071618] The buggy address belongs to the physical page:
[   27.073023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b
[   27.073170] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   27.073331] page_type: f5(slab)
[   27.073544] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   27.073745] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.074036] page dumped because: kasan: bad access detected
[   27.074117] 
[   27.074185] Memory state around the buggy address:
[   27.074266]  fff00000c5a7b100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.074981]  fff00000c5a7b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.075134] >fff00000c5a7b200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.075292]                    ^
[   27.075368]  fff00000c5a7b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.075505]  fff00000c5a7b300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.075628] ==================================================================
[   27.092266] ==================================================================
[   27.092408] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   27.092566] Free of addr fff00000c78b0000 by task kunit_try_catch/239
[   27.092685] 
[   27.092775] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc2 #1 PREEMPT 
[   27.093406] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.093674] Hardware name: linux,dummy-virt (DT)
[   27.093871] Call trace:
[   27.093932]  show_stack+0x20/0x38 (C)
[   27.094426]  dump_stack_lvl+0x8c/0xd0
[   27.094660]  print_report+0x118/0x608
[   27.094788]  kasan_report_invalid_free+0xc0/0xe8
[   27.094969]  __kasan_mempool_poison_object+0x14c/0x150
[   27.095106]  mempool_free+0x28c/0x328
[   27.095253]  mempool_double_free_helper+0x150/0x2e8
[   27.095641]  mempool_kmalloc_large_double_free+0xc0/0x118
[   27.095818]  kunit_try_run_case+0x170/0x3f0
[   27.096163]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   27.096504]  kthread+0x328/0x630
[   27.096924]  ret_from_fork+0x10/0x20
[   27.097110] 
[   27.097184] The buggy address belongs to the physical page:
[   27.097261] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b0
[   27.097414] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.097580] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   27.097720] page_type: f8(unknown)
[   27.097819] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   27.098001] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   27.098252] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   27.098495] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   27.098867] head: 0bfffe0000000002 ffffc1ffc31e2c01 00000000ffffffff 00000000ffffffff
[   27.099297] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   27.099628] page dumped because: kasan: bad access detected
[   27.100039] 
[   27.100133] Memory state around the buggy address:
[   27.100366]  fff00000c78aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.100520]  fff00000c78aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.100721] >fff00000c78b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.100994]                    ^
[   27.101250]  fff00000c78b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.101507]  fff00000c78b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.101624] ==================================================================
[   27.120008] ==================================================================
[   27.120130] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   27.120327] Free of addr fff00000c78b0000 by task kunit_try_catch/241
[   27.120561] 
[   27.120687] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc2 #1 PREEMPT 
[   27.120913] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.120987] Hardware name: linux,dummy-virt (DT)
[   27.121248] Call trace:
[   27.121368]  show_stack+0x20/0x38 (C)
[   27.121524]  dump_stack_lvl+0x8c/0xd0
[   27.121773]  print_report+0x118/0x608
[   27.121959]  kasan_report_invalid_free+0xc0/0xe8
[   27.122131]  __kasan_mempool_poison_pages+0xe0/0xe8
[   27.122308]  mempool_free+0x24c/0x328
[   27.122456]  mempool_double_free_helper+0x150/0x2e8
[   27.122589]  mempool_page_alloc_double_free+0xbc/0x118
[   27.122722]  kunit_try_run_case+0x170/0x3f0
[   27.123081]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   27.123375]  kthread+0x328/0x630
[   27.123585]  ret_from_fork+0x10/0x20
[   27.123760] 
[   27.123816] The buggy address belongs to the physical page:
[   27.123933] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b0
[   27.124072] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   27.124234] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   27.124362] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.124512] page dumped because: kasan: bad access detected
[   27.124657] 
[   27.124712] Memory state around the buggy address:
[   27.124802]  fff00000c78aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.125009]  fff00000c78aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.125131] >fff00000c78b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.125238]                    ^
[   27.125311]  fff00000c78b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.125501]  fff00000c78b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.125696] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2yxHFATOg4xd5cOk7A6Oo5SQLFr

job_id

TEST:linaro@lkft#2yxHLQauKmmDRvn1GR1ZUkvl3N9

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yxHLQauKmmDRvn1GR1ZUkvl3N9

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yxHGGlBBGXGFUnJJh2INKpzdu4/Image.gz
sha256sum	5f569b7032e517b4206d440631e131cb31d81d7f365d610fec12fc249e3ecc88

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yxHGGlBBGXGFUnJJh2INKpzdu4/modules.tar.xz
sha256sum	9a32a6e401d68f3ff82d0c47495efa6c9203238907e9ea48aee314ec659ae3fc

durations

tests

boot	0
kunit	329.09

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   13.612452] ==================================================================
[   13.613009] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   13.613447] Free of addr ffff8881029dab00 by task kunit_try_catch/255
[   13.613684] 
[   13.613881] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc2 #1 PREEMPT(voluntary) 
[   13.614036] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.614058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.614099] Call Trace:
[   13.614122]  <TASK>
[   13.614158]  dump_stack_lvl+0x73/0xb0
[   13.614232]  print_report+0xd1/0x650
[   13.614281]  ? __virt_addr_valid+0x1db/0x2d0
[   13.614329]  ? kasan_complete_mode_report_info+0x64/0x200
[   13.614398]  ? mempool_double_free_helper+0x184/0x370
[   13.614434]  kasan_report_invalid_free+0x10a/0x130
[   13.614477]  ? mempool_double_free_helper+0x184/0x370
[   13.614523]  ? mempool_double_free_helper+0x184/0x370
[   13.614596]  ? mempool_double_free_helper+0x184/0x370
[   13.614652]  check_slab_allocation+0x101/0x130
[   13.614689]  __kasan_mempool_poison_object+0x91/0x1d0
[   13.614729]  mempool_free+0x2ec/0x380
[   13.614767]  ? __wake_up+0x49/0x60
[   13.614809]  mempool_double_free_helper+0x184/0x370
[   13.614853]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   13.614900]  ? dequeue_entities+0x852/0x1740
[   13.614951]  ? finish_task_switch.isra.0+0x153/0x700
[   13.615007]  mempool_kmalloc_double_free+0xed/0x140
[   13.615046]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   13.615086]  ? dequeue_task_fair+0x166/0x4e0
[   13.615130]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.615169]  ? __pfx_mempool_kfree+0x10/0x10
[   13.615213]  ? __pfx_read_tsc+0x10/0x10
[   13.615254]  ? ktime_get_ts64+0x86/0x230
[   13.615303]  kunit_try_run_case+0x1a5/0x480
[   13.615355]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.615388]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.615424]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.615457]  ? __kthread_parkme+0x82/0x180
[   13.615486]  ? preempt_count_sub+0x50/0x80
[   13.615517]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.615580]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.615613]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.615670]  kthread+0x337/0x6f0
[   13.615700]  ? trace_preempt_on+0x20/0xc0
[   13.615743]  ? __pfx_kthread+0x10/0x10
[   13.615770]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.615803]  ? calculate_sigpending+0x7b/0xa0
[   13.615841]  ? __pfx_kthread+0x10/0x10
[   13.615869]  ret_from_fork+0x41/0x80
[   13.615899]  ? __pfx_kthread+0x10/0x10
[   13.615927]  ret_from_fork_asm+0x1a/0x30
[   13.615981]  </TASK>
[   13.616006] 
[   13.630944] Allocated by task 255:
[   13.631369]  kasan_save_stack+0x45/0x70
[   13.631820]  kasan_save_track+0x18/0x40
[   13.631994]  kasan_save_alloc_info+0x3b/0x50
[   13.632614]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   13.632883]  remove_element+0x11e/0x190
[   13.633050]  mempool_alloc_preallocated+0x4d/0x90
[   13.633483]  mempool_double_free_helper+0x8a/0x370
[   13.633923]  mempool_kmalloc_double_free+0xed/0x140
[   13.634732]  kunit_try_run_case+0x1a5/0x480
[   13.634913]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.635088]  kthread+0x337/0x6f0
[   13.635345]  ret_from_fork+0x41/0x80
[   13.635508]  ret_from_fork_asm+0x1a/0x30
[   13.635770] 
[   13.635905] Freed by task 255:
[   13.636127]  kasan_save_stack+0x45/0x70
[   13.636303]  kasan_save_track+0x18/0x40
[   13.636563]  kasan_save_free_info+0x3f/0x60
[   13.636778]  __kasan_mempool_poison_object+0x131/0x1d0
[   13.637135]  mempool_free+0x2ec/0x380
[   13.637423]  mempool_double_free_helper+0x109/0x370
[   13.637595]  mempool_kmalloc_double_free+0xed/0x140
[   13.637938]  kunit_try_run_case+0x1a5/0x480
[   13.638215]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.638456]  kthread+0x337/0x6f0
[   13.638647]  ret_from_fork+0x41/0x80
[   13.638952]  ret_from_fork_asm+0x1a/0x30
[   13.639719] 
[   13.639880] The buggy address belongs to the object at ffff8881029dab00
[   13.639880]  which belongs to the cache kmalloc-128 of size 128
[   13.641114] The buggy address is located 0 bytes inside of
[   13.641114]  128-byte region [ffff8881029dab00, ffff8881029dab80)
[   13.641982] 
[   13.642147] The buggy address belongs to the physical page:
[   13.642596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029da
[   13.643112] flags: 0x200000000000000(node=0|zone=2)
[   13.643990] page_type: f5(slab)
[   13.644210] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   13.644788] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   13.645226] page dumped because: kasan: bad access detected
[   13.645882] 
[   13.646013] Memory state around the buggy address:
[   13.646500]  ffff8881029daa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.646905]  ffff8881029daa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.647185] >ffff8881029dab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.648038]                    ^
[   13.648323]  ffff8881029dab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.648743]  ffff8881029dac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.649179] ==================================================================
[   13.683868] ==================================================================
[   13.684385] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   13.684772] Free of addr ffff888103b6c000 by task kunit_try_catch/259
[   13.685003] 
[   13.685129] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc2 #1 PREEMPT(voluntary) 
[   13.685220] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.685237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.685268] Call Trace:
[   13.685289]  <TASK>
[   13.685318]  dump_stack_lvl+0x73/0xb0
[   13.685360]  print_report+0xd1/0x650
[   13.685391]  ? __virt_addr_valid+0x1db/0x2d0
[   13.685420]  ? kasan_addr_to_slab+0x11/0xa0
[   13.685446]  ? mempool_double_free_helper+0x184/0x370
[   13.685477]  kasan_report_invalid_free+0x10a/0x130
[   13.685507]  ? mempool_double_free_helper+0x184/0x370
[   13.685540]  ? mempool_double_free_helper+0x184/0x370
[   13.685573]  __kasan_mempool_poison_pages+0x115/0x130
[   13.685609]  mempool_free+0x290/0x380
[   13.685664]  mempool_double_free_helper+0x184/0x370
[   13.685707]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   13.685745]  ? dequeue_entities+0x852/0x1740
[   13.685787]  ? finish_task_switch.isra.0+0x153/0x700
[   13.685834]  mempool_page_alloc_double_free+0xe8/0x140
[   13.685876]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   13.685917]  ? dequeue_task_fair+0x166/0x4e0
[   13.685971]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   13.686012]  ? __pfx_mempool_free_pages+0x10/0x10
[   13.686049]  ? __pfx_read_tsc+0x10/0x10
[   13.686080]  ? ktime_get_ts64+0x86/0x230
[   13.686159]  kunit_try_run_case+0x1a5/0x480
[   13.686206]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.686242]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.686286]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.686345]  ? __kthread_parkme+0x82/0x180
[   13.686386]  ? preempt_count_sub+0x50/0x80
[   13.686432]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.686485]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.686524]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.686559]  kthread+0x337/0x6f0
[   13.686586]  ? trace_preempt_on+0x20/0xc0
[   13.686643]  ? __pfx_kthread+0x10/0x10
[   13.686679]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.686720]  ? calculate_sigpending+0x7b/0xa0
[   13.686766]  ? __pfx_kthread+0x10/0x10
[   13.686806]  ret_from_fork+0x41/0x80
[   13.686848]  ? __pfx_kthread+0x10/0x10
[   13.686887]  ret_from_fork_asm+0x1a/0x30
[   13.686951]  </TASK>
[   13.686975] 
[   13.700341] The buggy address belongs to the physical page:
[   13.700614] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b6c
[   13.701812] flags: 0x200000000000000(node=0|zone=2)
[   13.702230] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   13.702863] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   13.703261] page dumped because: kasan: bad access detected
[   13.703811] 
[   13.704020] Memory state around the buggy address:
[   13.704269]  ffff888103b6bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.704981]  ffff888103b6bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.705423] >ffff888103b6c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.705831]                    ^
[   13.706148]  ffff888103b6c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.706734]  ffff888103b6c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.707113] ==================================================================
[   13.654880] ==================================================================
[   13.655363] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   13.655836] Free of addr ffff888103b04000 by task kunit_try_catch/257
[   13.656160] 
[   13.656344] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc2 #1 PREEMPT(voluntary) 
[   13.656440] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.656465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.656505] Call Trace:
[   13.656531]  <TASK>
[   13.656563]  dump_stack_lvl+0x73/0xb0
[   13.656664]  print_report+0xd1/0x650
[   13.656716]  ? __virt_addr_valid+0x1db/0x2d0
[   13.656762]  ? kasan_addr_to_slab+0x11/0xa0
[   13.656798]  ? mempool_double_free_helper+0x184/0x370
[   13.656838]  kasan_report_invalid_free+0x10a/0x130
[   13.656881]  ? mempool_double_free_helper+0x184/0x370
[   13.656926]  ? mempool_double_free_helper+0x184/0x370
[   13.656968]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   13.657013]  mempool_free+0x2ec/0x380
[   13.657059]  mempool_double_free_helper+0x184/0x370
[   13.657097]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   13.657138]  ? dequeue_entities+0x852/0x1740
[   13.657186]  ? finish_task_switch.isra.0+0x153/0x700
[   13.657225]  mempool_kmalloc_large_double_free+0xed/0x140
[   13.657261]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   13.657298]  ? dequeue_task_fair+0x166/0x4e0
[   13.657337]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.657372]  ? __pfx_mempool_kfree+0x10/0x10
[   13.657410]  ? __pfx_read_tsc+0x10/0x10
[   13.657443]  ? ktime_get_ts64+0x86/0x230
[   13.657482]  kunit_try_run_case+0x1a5/0x480
[   13.657525]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.657596]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.657652]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.657688]  ? __kthread_parkme+0x82/0x180
[   13.657727]  ? preempt_count_sub+0x50/0x80
[   13.657769]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.657813]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.657854]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.657876]  kthread+0x337/0x6f0
[   13.657894]  ? trace_preempt_on+0x20/0xc0
[   13.657918]  ? __pfx_kthread+0x10/0x10
[   13.657936]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.657970]  ? calculate_sigpending+0x7b/0xa0
[   13.657993]  ? __pfx_kthread+0x10/0x10
[   13.658011]  ret_from_fork+0x41/0x80
[   13.658032]  ? __pfx_kthread+0x10/0x10
[   13.658050]  ret_from_fork_asm+0x1a/0x30
[   13.658081]  </TASK>
[   13.658094] 
[   13.666314] The buggy address belongs to the physical page:
[   13.666714] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b04
[   13.667026] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   13.667287] flags: 0x200000000000040(head|node=0|zone=2)
[   13.667511] page_type: f8(unknown)
[   13.667712] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.668147] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.668563] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.669052] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.669565] head: 0200000000000002 ffffea00040ec101 00000000ffffffff 00000000ffffffff
[   13.669850] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   13.670111] page dumped because: kasan: bad access detected
[   13.670316] 
[   13.670420] Memory state around the buggy address:
[   13.670647]  ffff888103b03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.670856]  ffff888103b03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.671317] >ffff888103b04000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.671781]                    ^
[   13.672032]  ffff888103b04080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.672468]  ffff888103b04100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.672946] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2yxHFATOg4xd5cOk7A6Oo5SQLFr

job_id

TEST:linaro@lkft#2yxHMkevU93EIqRtXZQ3tGY4itd

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yxHMkevU93EIqRtXZQ3tGY4itd

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yxHHKBJSOltLiYsLWwKkWEIluQ/bzImage
sha256sum	453ec96a6544da365eca74576dbe75de49d576db4e04b528c27ab9d3cb251d29

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yxHHKBJSOltLiYsLWwKkWEIluQ/modules.tar.xz
sha256sum	52055fb894ed1f3fdb3335393e3f2e81da91906b8281f913fc0885beb5e85fa3

durations

tests

boot	0
kunit	331.46

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit