lkft/linux-stable-rc-linux-6.15.y - v6.15.3-590-gd93bc5feded1 - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper

Date

June 26, 2025, 11:12 a.m.

Environment
e850-96
qemu-arm64
qemu-x86_64

[   38.400235] ==================================================================
[   38.410561] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   38.418550] Free of addr ffff000802d03401 by task kunit_try_catch/290
[   38.424967] 
[   38.426456] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   38.426515] Tainted: [B]=BAD_PAGE, [N]=TEST
[   38.426534] Hardware name: WinLink E850-96 board (DT)
[   38.426559] Call trace:
[   38.426571]  show_stack+0x20/0x38 (C)
[   38.426608]  dump_stack_lvl+0x8c/0xd0
[   38.426646]  print_report+0x118/0x608
[   38.426677]  kasan_report_invalid_free+0xc0/0xe8
[   38.426711]  check_slab_allocation+0xfc/0x108
[   38.426744]  __kasan_mempool_poison_object+0x78/0x150
[   38.426776]  mempool_free+0x28c/0x328
[   38.426815]  mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   38.426855]  mempool_kmalloc_invalid_free+0xc0/0x118
[   38.426890]  kunit_try_run_case+0x170/0x3f0
[   38.426929]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.426971]  kthread+0x328/0x630
[   38.427008]  ret_from_fork+0x10/0x20
[   38.427044] 
[   38.505003] Allocated by task 290:
[   38.508391]  kasan_save_stack+0x3c/0x68
[   38.512205]  kasan_save_track+0x20/0x40
[   38.516026]  kasan_save_alloc_info+0x40/0x58
[   38.520279]  __kasan_mempool_unpoison_object+0x11c/0x180
[   38.525573]  remove_element+0x130/0x1f8
[   38.529392]  mempool_alloc_preallocated+0x58/0xc0
[   38.534080]  mempool_kmalloc_invalid_free_helper+0x94/0x2a8
[   38.539636]  mempool_kmalloc_invalid_free+0xc0/0x118
[   38.544584]  kunit_try_run_case+0x170/0x3f0
[   38.548750]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.554218]  kthread+0x328/0x630
[   38.557430]  ret_from_fork+0x10/0x20
[   38.560989] 
[   38.562467] The buggy address belongs to the object at ffff000802d03400
[   38.562467]  which belongs to the cache kmalloc-128 of size 128
[   38.574967] The buggy address is located 1 bytes inside of
[   38.574967]  128-byte region [ffff000802d03400, ffff000802d03480)
[   38.586510] 
[   38.587990] The buggy address belongs to the physical page:
[   38.593547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882d02
[   38.601530] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   38.609168] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   38.616113] page_type: f5(slab)
[   38.619250] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000
[   38.626967] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   38.634694] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000
[   38.642505] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   38.650318] head: 0bfffe0000000001 fffffdffe00b4081 00000000ffffffff 00000000ffffffff
[   38.658131] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   38.665936] page dumped because: kasan: bad access detected
[   38.671491] 
[   38.672967] Memory state around the buggy address:
[   38.677749]  ffff000802d03300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   38.684951]  ffff000802d03380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   38.692156] >ffff000802d03400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.699355]                    ^
[   38.702571]  ffff000802d03480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   38.709776]  ffff000802d03500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.716978] ==================================================================
[   38.726091] ==================================================================
[   38.736164] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   38.744147] Free of addr ffff00080586c001 by task kunit_try_catch/292
[   38.750572] 
[   38.752059] CPU: 6 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   38.752115] Tainted: [B]=BAD_PAGE, [N]=TEST
[   38.752129] Hardware name: WinLink E850-96 board (DT)
[   38.752151] Call trace:
[   38.752167]  show_stack+0x20/0x38 (C)
[   38.752204]  dump_stack_lvl+0x8c/0xd0
[   38.752244]  print_report+0x118/0x608
[   38.752276]  kasan_report_invalid_free+0xc0/0xe8
[   38.752309]  __kasan_mempool_poison_object+0xfc/0x150
[   38.752342]  mempool_free+0x28c/0x328
[   38.752378]  mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   38.752420]  mempool_kmalloc_large_invalid_free+0xc0/0x118
[   38.752460]  kunit_try_run_case+0x170/0x3f0
[   38.752499]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   38.752542]  kthread+0x328/0x630
[   38.752576]  ret_from_fork+0x10/0x20
[   38.752614] 
[   38.826787] The buggy address belongs to the physical page:
[   38.832345] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x88586c
[   38.840328] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   38.847967] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   38.854910] page_type: f8(unknown)
[   38.858307] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   38.866026] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   38.873752] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   38.881564] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   38.889378] head: 0bfffe0000000002 fffffdffe0161b01 00000000ffffffff 00000000ffffffff
[   38.897189] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   38.904995] page dumped because: kasan: bad access detected
[   38.910550] 
[   38.912027] Memory state around the buggy address:
[   38.916809]  ffff00080586bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   38.924010]  ffff00080586bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   38.931215] >ffff00080586c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.938414]                    ^
[   38.941630]  ffff00080586c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.948834]  ffff00080586c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.956037] ==================================================================

Metadata Full log Test run details

[   20.208949] ==================================================================
[   20.209022] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   20.209083] Free of addr fff00000c791d901 by task kunit_try_catch/243
[   20.209127] 
[   20.209161] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   20.209247] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.209276] Hardware name: linux,dummy-virt (DT)
[   20.209307] Call trace:
[   20.209331]  show_stack+0x20/0x38 (C)
[   20.209379]  dump_stack_lvl+0x8c/0xd0
[   20.209429]  print_report+0x118/0x608
[   20.209473]  kasan_report_invalid_free+0xc0/0xe8
[   20.209524]  check_slab_allocation+0xfc/0x108
[   20.209570]  __kasan_mempool_poison_object+0x78/0x150
[   20.209620]  mempool_free+0x28c/0x328
[   20.209667]  mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   20.209722]  mempool_kmalloc_invalid_free+0xc0/0x118
[   20.209776]  kunit_try_run_case+0x170/0x3f0
[   20.209825]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.209893]  kthread+0x328/0x630
[   20.209938]  ret_from_fork+0x10/0x20
[   20.209986] 
[   20.210006] Allocated by task 243:
[   20.210034]  kasan_save_stack+0x3c/0x68
[   20.210074]  kasan_save_track+0x20/0x40
[   20.210110]  kasan_save_alloc_info+0x40/0x58
[   20.210149]  __kasan_mempool_unpoison_object+0x11c/0x180
[   20.210192]  remove_element+0x130/0x1f8
[   20.210230]  mempool_alloc_preallocated+0x58/0xc0
[   20.210272]  mempool_kmalloc_invalid_free_helper+0x94/0x2a8
[   20.210316]  mempool_kmalloc_invalid_free+0xc0/0x118
[   20.210358]  kunit_try_run_case+0x170/0x3f0
[   20.210398]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.210444]  kthread+0x328/0x630
[   20.210480]  ret_from_fork+0x10/0x20
[   20.210517] 
[   20.210536] The buggy address belongs to the object at fff00000c791d900
[   20.210536]  which belongs to the cache kmalloc-128 of size 128
[   20.210593] The buggy address is located 1 bytes inside of
[   20.210593]  128-byte region [fff00000c791d900, fff00000c791d980)
[   20.210654] 
[   20.210673] The buggy address belongs to the physical page:
[   20.210703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10791d
[   20.210756] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.210807] page_type: f5(slab)
[   20.210845] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   20.210907] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   20.210951] page dumped because: kasan: bad access detected
[   20.210983] 
[   20.211000] Memory state around the buggy address:
[   20.211031]  fff00000c791d800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.211078]  fff00000c791d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.211123] >fff00000c791d900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.211170]                    ^
[   20.211196]  fff00000c791d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.211240]  fff00000c791da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.211282] ==================================================================
[   20.222833] ==================================================================
[   20.222955] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   20.223016] Free of addr fff00000c7adc001 by task kunit_try_catch/245
[   20.223122] 
[   20.223159] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT 
[   20.223448] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.223483] Hardware name: linux,dummy-virt (DT)
[   20.223573] Call trace:
[   20.223600]  show_stack+0x20/0x38 (C)
[   20.223652]  dump_stack_lvl+0x8c/0xd0
[   20.223702]  print_report+0x118/0x608
[   20.223747]  kasan_report_invalid_free+0xc0/0xe8
[   20.223823]  __kasan_mempool_poison_object+0xfc/0x150
[   20.223888]  mempool_free+0x28c/0x328
[   20.223936]  mempool_kmalloc_invalid_free_helper+0x118/0x2a8
[   20.224105]  mempool_kmalloc_large_invalid_free+0xc0/0x118
[   20.224279]  kunit_try_run_case+0x170/0x3f0
[   20.224411]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.224498]  kthread+0x328/0x630
[   20.224545]  ret_from_fork+0x10/0x20
[   20.224601] 
[   20.224622] The buggy address belongs to the physical page:
[   20.224654] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107adc
[   20.224745] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.224794] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.224849] page_type: f8(unknown)
[   20.224901] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.224957] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.225010] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.225190] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.225296] head: 0bfffe0000000002 ffffc1ffc31eb701 00000000ffffffff 00000000ffffffff
[   20.225410] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   20.225521] page dumped because: kasan: bad access detected
[   20.225576] 
[   20.225610] Memory state around the buggy address:
[   20.225707]  fff00000c7adbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.225752]  fff00000c7adbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.226107] >fff00000c7adc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.226170]                    ^
[   20.226208]  fff00000c7adc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.226267]  fff00000c7adc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.226308] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2z2jyLmJ6z1BqjhwiejBJ9RGyCS

job_id

TEST:linaro@lkft#2z2k2l9byJaNN182er1n5wXsS9a

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2z2k2l9byJaNN182er1n5wXsS9a

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2z2jzZjd6XwbIkbAqyFkpO4xknj/Image.gz
sha256sum	4fe981caa8e1ab0677344dea9975703ca09f32389026eeb9f77fae76c6c0e9ba

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2z2jzZjd6XwbIkbAqyFkpO4xknj/modules.tar.xz
sha256sum	74a01e20d3d706452182b8388f6aa7ab2c9166f6c4a19d7a4587dd3d7a7ca51e

durations

tests

boot	0
kunit	192.49

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   12.648648] ==================================================================
[   12.649314] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   12.650127] Free of addr ffff8881029f9d01 by task kunit_try_catch/260
[   12.650423] 
[   12.650522] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   12.650573] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.650585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.650607] Call Trace:
[   12.650621]  <TASK>
[   12.650641]  dump_stack_lvl+0x73/0xb0
[   12.650672]  print_report+0xd1/0x650
[   12.650696]  ? __virt_addr_valid+0x1db/0x2d0
[   12.650720]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.650742]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   12.650769]  kasan_report_invalid_free+0x10a/0x130
[   12.650793]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   12.650820]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   12.650844]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   12.650869]  check_slab_allocation+0x11f/0x130
[   12.650891]  __kasan_mempool_poison_object+0x91/0x1d0
[   12.650926]  mempool_free+0x2ec/0x380
[   12.650951]  mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   12.650977]  ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10
[   12.651001]  ? update_load_avg+0x1be/0x21b0
[   12.651026]  ? finish_task_switch.isra.0+0x153/0x700
[   12.651054]  mempool_kmalloc_invalid_free+0xed/0x140
[   12.651078]  ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10
[   12.651102]  ? dequeue_task_fair+0x166/0x4e0
[   12.651124]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.651143]  ? __pfx_mempool_kfree+0x10/0x10
[   12.651166]  ? __pfx_read_tsc+0x10/0x10
[   12.651187]  ? ktime_get_ts64+0x86/0x230
[   12.651213]  kunit_try_run_case+0x1a5/0x480
[   12.651239]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.651261]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.651287]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.651310]  ? __kthread_parkme+0x82/0x180
[   12.651332]  ? preempt_count_sub+0x50/0x80
[   12.651358]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.651381]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.651404]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.651426]  kthread+0x337/0x6f0
[   12.651442]  ? trace_preempt_on+0x20/0xc0
[   12.651468]  ? __pfx_kthread+0x10/0x10
[   12.651487]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.651509]  ? calculate_sigpending+0x7b/0xa0
[   12.651531]  ? __pfx_kthread+0x10/0x10
[   12.651549]  ret_from_fork+0x41/0x80
[   12.651891]  ? __pfx_kthread+0x10/0x10
[   12.651936]  ret_from_fork_asm+0x1a/0x30
[   12.651969]  </TASK>
[   12.651981] 
[   12.662484] Allocated by task 260:
[   12.662679]  kasan_save_stack+0x45/0x70
[   12.662993]  kasan_save_track+0x18/0x40
[   12.663265]  kasan_save_alloc_info+0x3b/0x50
[   12.663457]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   12.663876]  remove_element+0x11e/0x190
[   12.664097]  mempool_alloc_preallocated+0x4d/0x90
[   12.664290]  mempool_kmalloc_invalid_free_helper+0x83/0x2e0
[   12.664471]  mempool_kmalloc_invalid_free+0xed/0x140
[   12.664633]  kunit_try_run_case+0x1a5/0x480
[   12.664842]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.665234]  kthread+0x337/0x6f0
[   12.665404]  ret_from_fork+0x41/0x80
[   12.665599]  ret_from_fork_asm+0x1a/0x30
[   12.665888] 
[   12.665994] The buggy address belongs to the object at ffff8881029f9d00
[   12.665994]  which belongs to the cache kmalloc-128 of size 128
[   12.666434] The buggy address is located 1 bytes inside of
[   12.666434]  128-byte region [ffff8881029f9d00, ffff8881029f9d80)
[   12.667096] 
[   12.667197] The buggy address belongs to the physical page:
[   12.667425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9
[   12.667784] flags: 0x200000000000000(node=0|zone=2)
[   12.667961] page_type: f5(slab)
[   12.668312] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   12.668663] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.669120] page dumped because: kasan: bad access detected
[   12.669348] 
[   12.669466] Memory state around the buggy address:
[   12.669664]  ffff8881029f9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.670070]  ffff8881029f9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.670355] >ffff8881029f9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.670671]                    ^
[   12.670947]  ffff8881029f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.671243]  ffff8881029f9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.671560] ==================================================================
[   12.674665] ==================================================================
[   12.675247] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   12.676194] Free of addr ffff888103a04001 by task kunit_try_catch/262
[   12.676488] 
[   12.676642] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc3 #1 PREEMPT(voluntary) 
[   12.676692] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.676772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.676797] Call Trace:
[   12.676821]  <TASK>
[   12.676839]  dump_stack_lvl+0x73/0xb0
[   12.676869]  print_report+0xd1/0x650
[   12.676904]  ? __virt_addr_valid+0x1db/0x2d0
[   12.676937]  ? kasan_addr_to_slab+0x11/0xa0
[   12.676957]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   12.676984]  kasan_report_invalid_free+0x10a/0x130
[   12.677017]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   12.677047]  ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   12.677071]  __kasan_mempool_poison_object+0x102/0x1d0
[   12.677106]  mempool_free+0x2ec/0x380
[   12.677130]  mempool_kmalloc_invalid_free_helper+0x132/0x2e0
[   12.677156]  ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10
[   12.677180]  ? update_load_avg+0x1be/0x21b0
[   12.677202]  ? update_load_avg+0x1be/0x21b0
[   12.677220]  ? update_curr+0x80/0x810
[   12.677240]  ? finish_task_switch.isra.0+0x153/0x700
[   12.677267]  mempool_kmalloc_large_invalid_free+0xed/0x140
[   12.677301]  ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10
[   12.677326]  ? dequeue_task_fair+0x156/0x4e0
[   12.677347]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.677377]  ? __pfx_mempool_kfree+0x10/0x10
[   12.677398]  ? __pfx_read_tsc+0x10/0x10
[   12.677418]  ? ktime_get_ts64+0x86/0x230
[   12.677444]  kunit_try_run_case+0x1a5/0x480
[   12.677470]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.677491]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.677517]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.677541]  ? __kthread_parkme+0x82/0x180
[   12.677582]  ? preempt_count_sub+0x50/0x80
[   12.677616]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.677640]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.677663]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.677696]  kthread+0x337/0x6f0
[   12.677766]  ? trace_preempt_on+0x20/0xc0
[   12.677791]  ? __pfx_kthread+0x10/0x10
[   12.677809]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.677831]  ? calculate_sigpending+0x7b/0xa0
[   12.677853]  ? __pfx_kthread+0x10/0x10
[   12.677871]  ret_from_fork+0x41/0x80
[   12.677892]  ? __pfx_kthread+0x10/0x10
[   12.677910]  ret_from_fork_asm+0x1a/0x30
[   12.677951]  </TASK>
[   12.677963] 
[   12.688361] The buggy address belongs to the physical page:
[   12.688633] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a04
[   12.688973] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.689358] flags: 0x200000000000040(head|node=0|zone=2)
[   12.689598] page_type: f8(unknown)
[   12.689791] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.690160] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.690513] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.691111] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.691394] head: 0200000000000002 ffffea00040e8101 00000000ffffffff 00000000ffffffff
[   12.691872] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.692260] page dumped because: kasan: bad access detected
[   12.692493] 
[   12.692620] Memory state around the buggy address:
[   12.692887]  ffff888103a03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.693156]  ffff888103a03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.693483] >ffff888103a04000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.693832]                    ^
[   12.694025]  ffff888103a04080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.694312]  ffff888103a04100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.694615] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2z2jyLmJ6z1BqjhwiejBJ9RGyCS

job_id

TEST:linaro@lkft#2z2k43Ith0GXrqHIS1HUQzGmLgm

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2z2k43Ith0GXrqHIS1HUQzGmLgm

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2z2k0bZqZSn9XVzQywnOj3pF9S9/bzImage
sha256sum	9197980208d3516ab74c7966c051fb8dc8a70a6c93c6b0af7bd520b43d93459e

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2z2k0bZqZSn9XVzQywnOj3pF9S9/modules.tar.xz
sha256sum	ead902337972221197eb985803def87a4a8d3b17e572371d2f5392640490b3a8

durations

tests

boot	0
kunit	236.11

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - e850-96 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit