lkft/linux-stable-rc-linux-6.15.y - v6.15.3-593-gde19bfa00d6f - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

June 23, 2025, 1:39 p.m.

Environment
qemu-arm64
qemu-x86_64

[   27.763473] ==================================================================
[   27.763600] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   27.763732] Free of addr fff00000c77f0000 by task kunit_try_catch/241
[   27.763825] 
[   27.763911] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc1 #1 PREEMPT 
[   27.764103] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.764171] Hardware name: linux,dummy-virt (DT)
[   27.764252] Call trace:
[   27.764306]  show_stack+0x20/0x38 (C)
[   27.764453]  dump_stack_lvl+0x8c/0xd0
[   27.764612]  print_report+0x118/0x608
[   27.764813]  kasan_report_invalid_free+0xc0/0xe8
[   27.764985]  __kasan_mempool_poison_pages+0xe0/0xe8
[   27.765237]  mempool_free+0x24c/0x328
[   27.765381]  mempool_double_free_helper+0x150/0x2e8
[   27.765557]  mempool_page_alloc_double_free+0xbc/0x118
[   27.765761]  kunit_try_run_case+0x170/0x3f0
[   27.765936]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   27.766155]  kthread+0x328/0x630
[   27.766291]  ret_from_fork+0x10/0x20
[   27.766684] 
[   27.766802] The buggy address belongs to the physical page:
[   27.766942] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077f0
[   27.767078] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   27.767341] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   27.767498] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.767681] page dumped because: kasan: bad access detected
[   27.767897] 
[   27.767984] Memory state around the buggy address:
[   27.768065]  fff00000c77eff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.768223]  fff00000c77eff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.768850] >fff00000c77f0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.768963]                    ^
[   27.769221]  fff00000c77f0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.769337]  fff00000c77f0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.769495] ==================================================================
[   27.700427] ==================================================================
[   27.700599] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   27.700743] Free of addr fff00000c76cff00 by task kunit_try_catch/237
[   27.700974] 
[   27.701075] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc1 #1 PREEMPT 
[   27.701417] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.702035] Hardware name: linux,dummy-virt (DT)
[   27.702137] Call trace:
[   27.702191]  show_stack+0x20/0x38 (C)
[   27.702321]  dump_stack_lvl+0x8c/0xd0
[   27.702463]  print_report+0x118/0x608
[   27.702574]  kasan_report_invalid_free+0xc0/0xe8
[   27.702698]  check_slab_allocation+0xd4/0x108
[   27.702815]  __kasan_mempool_poison_object+0x78/0x150
[   27.702933]  mempool_free+0x28c/0x328
[   27.703064]  mempool_double_free_helper+0x150/0x2e8
[   27.703240]  mempool_kmalloc_double_free+0xc0/0x118
[   27.703472]  kunit_try_run_case+0x170/0x3f0
[   27.703608]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   27.703762]  kthread+0x328/0x630
[   27.703897]  ret_from_fork+0x10/0x20
[   27.704037] 
[   27.704089] Allocated by task 237:
[   27.704171]  kasan_save_stack+0x3c/0x68
[   27.705219]  kasan_save_track+0x20/0x40
[   27.705836]  kasan_save_alloc_info+0x40/0x58
[   27.705950]  __kasan_mempool_unpoison_object+0x11c/0x180
[   27.706075]  remove_element+0x130/0x1f8
[   27.706184]  mempool_alloc_preallocated+0x58/0xc0
[   27.706406]  mempool_double_free_helper+0x94/0x2e8
[   27.706878]  mempool_kmalloc_double_free+0xc0/0x118
[   27.707015]  kunit_try_run_case+0x170/0x3f0
[   27.707189]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   27.707367]  kthread+0x328/0x630
[   27.707477]  ret_from_fork+0x10/0x20
[   27.707568] 
[   27.707846] Freed by task 237:
[   27.707948]  kasan_save_stack+0x3c/0x68
[   27.708095]  kasan_save_track+0x20/0x40
[   27.708339]  kasan_save_free_info+0x4c/0x78
[   27.708702]  __kasan_mempool_poison_object+0xc0/0x150
[   27.709110]  mempool_free+0x28c/0x328
[   27.710086]  mempool_double_free_helper+0x100/0x2e8
[   27.710194]  mempool_kmalloc_double_free+0xc0/0x118
[   27.710333]  kunit_try_run_case+0x170/0x3f0
[   27.710777]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   27.711112]  kthread+0x328/0x630
[   27.712013]  ret_from_fork+0x10/0x20
[   27.712141] 
[   27.712312] The buggy address belongs to the object at fff00000c76cff00
[   27.712312]  which belongs to the cache kmalloc-128 of size 128
[   27.712574] The buggy address is located 0 bytes inside of
[   27.712574]  128-byte region [fff00000c76cff00, fff00000c76cff80)
[   27.712783] 
[   27.713428] The buggy address belongs to the physical page:
[   27.713651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf
[   27.713783] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   27.713904] page_type: f5(slab)
[   27.714003] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   27.714125] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   27.715628] page dumped because: kasan: bad access detected
[   27.715713] 
[   27.716715] Memory state around the buggy address:
[   27.717103]  fff00000c76cfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.717225]  fff00000c76cfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.717334] >fff00000c76cff00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.718826]                    ^
[   27.719211]  fff00000c76cff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.719383]  fff00000c76d0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.719560] ==================================================================
[   27.733645] ==================================================================
[   27.733792] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   27.733977] Free of addr fff00000c77ec000 by task kunit_try_catch/239
[   27.734077] 
[   27.734167] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc1 #1 PREEMPT 
[   27.734682] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.734882] Hardware name: linux,dummy-virt (DT)
[   27.734969] Call trace:
[   27.735022]  show_stack+0x20/0x38 (C)
[   27.735145]  dump_stack_lvl+0x8c/0xd0
[   27.735259]  print_report+0x118/0x608
[   27.735959]  kasan_report_invalid_free+0xc0/0xe8
[   27.737196]  __kasan_mempool_poison_object+0x14c/0x150
[   27.737335]  mempool_free+0x28c/0x328
[   27.737479]  mempool_double_free_helper+0x150/0x2e8
[   27.738960]  mempool_kmalloc_large_double_free+0xc0/0x118
[   27.739141]  kunit_try_run_case+0x170/0x3f0
[   27.739914]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   27.740696]  kthread+0x328/0x630
[   27.741190]  ret_from_fork+0x10/0x20
[   27.741358] 
[   27.741490] The buggy address belongs to the physical page:
[   27.741566] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec
[   27.741695] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.741877] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   27.742247] page_type: f8(unknown)
[   27.742578] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   27.742723] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   27.742863] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   27.742994] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   27.743923] head: 0bfffe0000000002 ffffc1ffc31dfb01 00000000ffffffff 00000000ffffffff
[   27.744162] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   27.744258] page dumped because: kasan: bad access detected
[   27.744338] 
[   27.744403] Memory state around the buggy address:
[   27.744639]  fff00000c77ebf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.744748]  fff00000c77ebf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.744896] >fff00000c77ec000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.745168]                    ^
[   27.745380]  fff00000c77ec080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.745573]  fff00000c77ec100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   27.746077] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2yuYOT8mFhi7537nwLqDo4m2CnP

job_id

TEST:linaro@lkft#2yuYT6Pinx8XSymaWNp6cpzl3Cl

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yuYT6Pinx8XSymaWNp6cpzl3Cl

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yuYPcCNuYU3512XWsLz2H3rgWp/Image.gz
sha256sum	57e05c75085917e237c36a1c6300a885b5a4018f7a22df0831ee3761434117fe

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yuYPcCNuYU3512XWsLz2H3rgWp/modules.tar.xz
sha256sum	08df30bc44d3238a22959b8095bcf790b77fb8886fd1b3a26e269eaac34e9502

durations

tests

boot	0
kunit	345.36

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   19.728157] ==================================================================
[   19.729303] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   19.729913] Free of addr ffff888102c08000 by task kunit_try_catch/260
[   19.731097] 
[   19.731391] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc1 #1 PREEMPT(voluntary) 
[   19.731517] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.731554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   19.731623] Call Trace:
[   19.731666]  <TASK>
[   19.731714]  dump_stack_lvl+0x73/0xb0
[   19.731792]  print_report+0xd1/0x650
[   19.731866]  ? __virt_addr_valid+0x1db/0x2d0
[   19.731942]  ? kasan_addr_to_slab+0x11/0xa0
[   19.732013]  ? mempool_double_free_helper+0x184/0x370
[   19.732094]  kasan_report_invalid_free+0x10a/0x130
[   19.732181]  ? mempool_double_free_helper+0x184/0x370
[   19.732268]  ? mempool_double_free_helper+0x184/0x370
[   19.732349]  __kasan_mempool_poison_pages+0x115/0x130
[   19.732407]  mempool_free+0x290/0x380
[   19.732446]  mempool_double_free_helper+0x184/0x370
[   19.732483]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   19.732518]  ? update_load_avg+0x1be/0x21b0
[   19.732546]  ? dequeue_entities+0x27e/0x1740
[   19.732579]  ? finish_task_switch.isra.0+0x153/0x700
[   19.732662]  mempool_page_alloc_double_free+0xe8/0x140
[   19.732736]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   19.732772]  ? dequeue_task_fair+0x166/0x4e0
[   19.732805]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   19.732834]  ? __pfx_mempool_free_pages+0x10/0x10
[   19.732868]  ? __pfx_read_tsc+0x10/0x10
[   19.732897]  ? ktime_get_ts64+0x86/0x230
[   19.732933]  kunit_try_run_case+0x1a5/0x480
[   19.732970]  ? __pfx_kunit_try_run_case+0x10/0x10
[   19.733005]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   19.733038]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   19.733072]  ? __kthread_parkme+0x82/0x180
[   19.733103]  ? preempt_count_sub+0x50/0x80
[   19.733136]  ? __pfx_kunit_try_run_case+0x10/0x10
[   19.733170]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   19.733202]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   19.733263]  kthread+0x337/0x6f0
[   19.733290]  ? trace_preempt_on+0x20/0xc0
[   19.733326]  ? __pfx_kthread+0x10/0x10
[   19.733351]  ? _raw_spin_unlock_irq+0x47/0x80
[   19.733383]  ? calculate_sigpending+0x7b/0xa0
[   19.733412]  ? __pfx_kthread+0x10/0x10
[   19.733436]  ret_from_fork+0x41/0x80
[   19.733465]  ? __pfx_kthread+0x10/0x10
[   19.733488]  ret_from_fork_asm+0x1a/0x30
[   19.733528]  </TASK>
[   19.733541] 
[   19.756690] The buggy address belongs to the physical page:
[   19.757261] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c08
[   19.758811] flags: 0x200000000000000(node=0|zone=2)
[   19.759289] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   19.760129] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.760930] page dumped because: kasan: bad access detected
[   19.761477] 
[   19.762077] Memory state around the buggy address:
[   19.762448]  ffff888102c07f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.763167]  ffff888102c07f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.764055] >ffff888102c08000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.764630]                    ^
[   19.765264]  ffff888102c08080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.766023]  ffff888102c08100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.766688] ==================================================================
[   19.678056] ==================================================================
[   19.679213] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   19.680319] Free of addr ffff88810a6d8000 by task kunit_try_catch/258
[   19.681942] 
[   19.682511] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc1 #1 PREEMPT(voluntary) 
[   19.682791] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.682834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   19.682892] Call Trace:
[   19.682935]  <TASK>
[   19.682963]  dump_stack_lvl+0x73/0xb0
[   19.683007]  print_report+0xd1/0x650
[   19.683044]  ? __virt_addr_valid+0x1db/0x2d0
[   19.683079]  ? kasan_addr_to_slab+0x11/0xa0
[   19.683110]  ? mempool_double_free_helper+0x184/0x370
[   19.683148]  kasan_report_invalid_free+0x10a/0x130
[   19.683186]  ? mempool_double_free_helper+0x184/0x370
[   19.683261]  ? mempool_double_free_helper+0x184/0x370
[   19.683304]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   19.683343]  mempool_free+0x2ec/0x380
[   19.683380]  mempool_double_free_helper+0x184/0x370
[   19.683417]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   19.683455]  ? dequeue_entities+0x852/0x1740
[   19.683490]  ? irqentry_exit+0x2a/0x60
[   19.683519]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   19.683559]  mempool_kmalloc_large_double_free+0xed/0x140
[   19.683597]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   19.683702]  ? __pfx_mempool_kmalloc+0x10/0x10
[   19.683758]  ? __pfx_mempool_kfree+0x10/0x10
[   19.683791]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   19.683833]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   19.683874]  kunit_try_run_case+0x1a5/0x480
[   19.683915]  ? __pfx_kunit_try_run_case+0x10/0x10
[   19.683950]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   19.683986]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   19.684023]  ? __kthread_parkme+0x82/0x180
[   19.684057]  ? preempt_count_sub+0x50/0x80
[   19.684094]  ? __pfx_kunit_try_run_case+0x10/0x10
[   19.684131]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   19.684166]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   19.684202]  kthread+0x337/0x6f0
[   19.684265]  ? trace_preempt_on+0x20/0xc0
[   19.684308]  ? __pfx_kthread+0x10/0x10
[   19.684334]  ? _raw_spin_unlock_irq+0x47/0x80
[   19.684366]  ? calculate_sigpending+0x7b/0xa0
[   19.684399]  ? __pfx_kthread+0x10/0x10
[   19.684426]  ret_from_fork+0x41/0x80
[   19.684458]  ? __pfx_kthread+0x10/0x10
[   19.684482]  ret_from_fork_asm+0x1a/0x30
[   19.684526]  </TASK>
[   19.684541] 
[   19.707586] The buggy address belongs to the physical page:
[   19.708540] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a6d8
[   19.709451] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.710314] flags: 0x200000000000040(head|node=0|zone=2)
[   19.710922] page_type: f8(unknown)
[   19.711338] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   19.712512] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   19.713438] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   19.714102] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   19.714748] head: 0200000000000002 ffffea000429b601 00000000ffffffff 00000000ffffffff
[   19.715359] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   19.716219] page dumped because: kasan: bad access detected
[   19.716713] 
[   19.716939] Memory state around the buggy address:
[   19.717334]  ffff88810a6d7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.718068]  ffff88810a6d7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.718689] >ffff88810a6d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.719539]                    ^
[   19.720049]  ffff88810a6d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.721387]  ffff88810a6d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.721887] ==================================================================
[   19.610827] ==================================================================
[   19.611827] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   19.612671] Free of addr ffff888102a13b00 by task kunit_try_catch/256
[   19.613734] 
[   19.614342] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.15.4-rc1 #1 PREEMPT(voluntary) 
[   19.614472] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.614498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   19.614528] Call Trace:
[   19.614546]  <TASK>
[   19.614566]  dump_stack_lvl+0x73/0xb0
[   19.614628]  print_report+0xd1/0x650
[   19.614714]  ? __virt_addr_valid+0x1db/0x2d0
[   19.614795]  ? kasan_complete_mode_report_info+0x64/0x200
[   19.614905]  ? mempool_double_free_helper+0x184/0x370
[   19.615023]  kasan_report_invalid_free+0x10a/0x130
[   19.615108]  ? mempool_double_free_helper+0x184/0x370
[   19.615184]  ? mempool_double_free_helper+0x184/0x370
[   19.615237]  ? mempool_double_free_helper+0x184/0x370
[   19.615287]  check_slab_allocation+0x101/0x130
[   19.615321]  __kasan_mempool_poison_object+0x91/0x1d0
[   19.615358]  mempool_free+0x2ec/0x380
[   19.615390]  mempool_double_free_helper+0x184/0x370
[   19.615427]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   19.615460]  ? update_load_avg+0x1be/0x21b0
[   19.615486]  ? dequeue_entities+0x852/0x1740
[   19.615517]  ? finish_task_switch.isra.0+0x153/0x700
[   19.615553]  mempool_kmalloc_double_free+0xed/0x140
[   19.615587]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   19.615673]  ? dequeue_task_fair+0x166/0x4e0
[   19.615740]  ? __pfx_mempool_kmalloc+0x10/0x10
[   19.615771]  ? __pfx_mempool_kfree+0x10/0x10
[   19.615802]  ? __pfx_read_tsc+0x10/0x10
[   19.615830]  ? ktime_get_ts64+0x86/0x230
[   19.615864]  kunit_try_run_case+0x1a5/0x480
[   19.615902]  ? __pfx_kunit_try_run_case+0x10/0x10
[   19.615935]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   19.615968]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   19.616001]  ? __kthread_parkme+0x82/0x180
[   19.616031]  ? preempt_count_sub+0x50/0x80
[   19.616065]  ? __pfx_kunit_try_run_case+0x10/0x10
[   19.616100]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   19.616133]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   19.616167]  kthread+0x337/0x6f0
[   19.616190]  ? trace_preempt_on+0x20/0xc0
[   19.616266]  ? __pfx_kthread+0x10/0x10
[   19.616301]  ? _raw_spin_unlock_irq+0x47/0x80
[   19.616333]  ? calculate_sigpending+0x7b/0xa0
[   19.616363]  ? __pfx_kthread+0x10/0x10
[   19.616388]  ret_from_fork+0x41/0x80
[   19.616418]  ? __pfx_kthread+0x10/0x10
[   19.616442]  ret_from_fork_asm+0x1a/0x30
[   19.616484]  </TASK>
[   19.616498] 
[   19.640133] Allocated by task 256:
[   19.640908]  kasan_save_stack+0x45/0x70
[   19.641389]  kasan_save_track+0x18/0x40
[   19.642025]  kasan_save_alloc_info+0x3b/0x50
[   19.642994]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   19.643809]  remove_element+0x11e/0x190
[   19.644356]  mempool_alloc_preallocated+0x4d/0x90
[   19.645116]  mempool_double_free_helper+0x8a/0x370
[   19.645655]  mempool_kmalloc_double_free+0xed/0x140
[   19.646133]  kunit_try_run_case+0x1a5/0x480
[   19.646661]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   19.647267]  kthread+0x337/0x6f0
[   19.648178]  ret_from_fork+0x41/0x80
[   19.648794]  ret_from_fork_asm+0x1a/0x30
[   19.649504] 
[   19.649710] Freed by task 256:
[   19.650204]  kasan_save_stack+0x45/0x70
[   19.651101]  kasan_save_track+0x18/0x40
[   19.651777]  kasan_save_free_info+0x3f/0x60
[   19.652323]  __kasan_mempool_poison_object+0x131/0x1d0
[   19.653154]  mempool_free+0x2ec/0x380
[   19.653477]  mempool_double_free_helper+0x109/0x370
[   19.654444]  mempool_kmalloc_double_free+0xed/0x140
[   19.655015]  kunit_try_run_case+0x1a5/0x480
[   19.656042]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   19.656855]  kthread+0x337/0x6f0
[   19.657312]  ret_from_fork+0x41/0x80
[   19.657583]  ret_from_fork_asm+0x1a/0x30
[   19.658026] 
[   19.658250] The buggy address belongs to the object at ffff888102a13b00
[   19.658250]  which belongs to the cache kmalloc-128 of size 128
[   19.659142] The buggy address is located 0 bytes inside of
[   19.659142]  128-byte region [ffff888102a13b00, ffff888102a13b80)
[   19.660917] 
[   19.661137] The buggy address belongs to the physical page:
[   19.661801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13
[   19.662545] flags: 0x200000000000000(node=0|zone=2)
[   19.663136] page_type: f5(slab)
[   19.663715] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   19.664372] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   19.665475] page dumped because: kasan: bad access detected
[   19.666170] 
[   19.666478] Memory state around the buggy address:
[   19.667170]  ffff888102a13a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   19.667914]  ffff888102a13a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.668537] >ffff888102a13b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   19.669255]                    ^
[   19.669589]  ffff888102a13b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.670592]  ffff888102a13c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.671296] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2yuYOT8mFhi7537nwLqDo4m2CnP

job_id

TEST:linaro@lkft#2yuYUHT0D3sQNOGwBtcXKr5K4Y5

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yuYUHT0D3sQNOGwBtcXKr5K4Y5

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yuYQaX6toQ86UpOxnubrfhy9Fg/bzImage
sha256sum	464d852aa65e55fe849c2032fadc39c92d3f1038148deeeb5153bf785edfb3cb

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yuYQaX6toQ86UpOxnubrfhy9Fg/modules.tar.xz
sha256sum	48ba027071f05b733fc6db58a63b00001d03de4c8de4a7d017582fc3ae9eedfe

durations

tests

boot	0
kunit	357.02

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit