lkft/linux-stable-rc-linux-6.15.y - v6.15.7-188-g81bcc8b99854 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 22, 2025, 2:40 p.m.

Environment
qemu-arm64
qemu-x86_64

[   19.269123] ==================================================================
[   19.269202] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   19.269256] Free of addr fff00000c5b89e00 by task kunit_try_catch/237
[   19.269312] 
[   19.269343] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.15.8-rc1 #1 PREEMPT 
[   19.269594] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.269787] Hardware name: linux,dummy-virt (DT)
[   19.269858] Call trace:
[   19.269887]  show_stack+0x20/0x38 (C)
[   19.269950]  dump_stack_lvl+0x8c/0xd0
[   19.270001]  print_report+0x118/0x5d0
[   19.270179]  kasan_report_invalid_free+0xc0/0xe8
[   19.270263]  check_slab_allocation+0xd4/0x108
[   19.270401]  __kasan_mempool_poison_object+0x78/0x150
[   19.270488]  mempool_free+0x28c/0x328
[   19.270554]  mempool_double_free_helper+0x150/0x2e8
[   19.270614]  mempool_kmalloc_double_free+0xc0/0x118
[   19.270674]  kunit_try_run_case+0x170/0x3f0
[   19.270776]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.270841]  kthread+0x328/0x630
[   19.271277]  ret_from_fork+0x10/0x20
[   19.271377] 
[   19.271407] Allocated by task 237:
[   19.271487]  kasan_save_stack+0x3c/0x68
[   19.271587]  kasan_save_track+0x20/0x40
[   19.271655]  kasan_save_alloc_info+0x40/0x58
[   19.271722]  __kasan_mempool_unpoison_object+0x11c/0x180
[   19.271763]  remove_element+0x130/0x1f8
[   19.271823]  mempool_alloc_preallocated+0x58/0xc0
[   19.271865]  mempool_double_free_helper+0x94/0x2e8
[   19.271906]  mempool_kmalloc_double_free+0xc0/0x118
[   19.271969]  kunit_try_run_case+0x170/0x3f0
[   19.272139]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.272228]  kthread+0x328/0x630
[   19.272326]  ret_from_fork+0x10/0x20
[   19.272385] 
[   19.272444] Freed by task 237:
[   19.272546]  kasan_save_stack+0x3c/0x68
[   19.272611]  kasan_save_track+0x20/0x40
[   19.272655]  kasan_save_free_info+0x4c/0x78
[   19.272738]  __kasan_mempool_poison_object+0xc0/0x150
[   19.272779]  mempool_free+0x28c/0x328
[   19.272832]  mempool_double_free_helper+0x100/0x2e8
[   19.272873]  mempool_kmalloc_double_free+0xc0/0x118
[   19.272914]  kunit_try_run_case+0x170/0x3f0
[   19.272953]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.273113]  kthread+0x328/0x630
[   19.273184]  ret_from_fork+0x10/0x20
[   19.273222] 
[   19.273241] The buggy address belongs to the object at fff00000c5b89e00
[   19.273241]  which belongs to the cache kmalloc-128 of size 128
[   19.273326] The buggy address is located 0 bytes inside of
[   19.273326]  128-byte region [fff00000c5b89e00, fff00000c5b89e80)
[   19.273394] 
[   19.273416] The buggy address belongs to the physical page:
[   19.273452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b89
[   19.273511] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   19.273568] page_type: f5(slab)
[   19.273605] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   19.273662] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   19.273702] page dumped because: kasan: bad access detected
[   19.273734] 
[   19.273751] Memory state around the buggy address:
[   19.273782]  fff00000c5b89d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   19.273836]  fff00000c5b89d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.273878] >fff00000c5b89e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   19.273926]                    ^
[   19.273954]  fff00000c5b89e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.273996]  fff00000c5b89f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.274034] ==================================================================
[   19.288153] ==================================================================
[   19.288228] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   19.288310] Free of addr fff00000c78e4000 by task kunit_try_catch/239
[   19.288354] 
[   19.288392] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.15.8-rc1 #1 PREEMPT 
[   19.288474] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.288500] Hardware name: linux,dummy-virt (DT)
[   19.288531] Call trace:
[   19.288554]  show_stack+0x20/0x38 (C)
[   19.288603]  dump_stack_lvl+0x8c/0xd0
[   19.288655]  print_report+0x118/0x5d0
[   19.288700]  kasan_report_invalid_free+0xc0/0xe8
[   19.288757]  __kasan_mempool_poison_object+0x14c/0x150
[   19.288807]  mempool_free+0x28c/0x328
[   19.288853]  mempool_double_free_helper+0x150/0x2e8
[   19.288903]  mempool_kmalloc_large_double_free+0xc0/0x118
[   19.288955]  kunit_try_run_case+0x170/0x3f0
[   19.289005]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.289054]  kthread+0x328/0x630
[   19.289099]  ret_from_fork+0x10/0x20
[   19.289146] 
[   19.289169] The buggy address belongs to the physical page:
[   19.289204] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e4
[   19.289258] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.289315] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.289371] page_type: f8(unknown)
[   19.289410] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.289466] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   19.289514] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.289562] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   19.289610] head: 0bfffe0000000002 ffffc1ffc31e3901 00000000ffffffff 00000000ffffffff
[   19.289658] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   19.289699] page dumped because: kasan: bad access detected
[   19.289730] 
[   19.289747] Memory state around the buggy address:
[   19.289780]  fff00000c78e3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.289822]  fff00000c78e3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.289864] >fff00000c78e4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.289903]                    ^
[   19.289929]  fff00000c78e4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.289969]  fff00000c78e4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.290007] ==================================================================
[   19.296893] ==================================================================
[   19.296957] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   19.297135] Free of addr fff00000c78e4000 by task kunit_try_catch/241
[   19.297188] 
[   19.297223] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G    B            N  6.15.8-rc1 #1 PREEMPT 
[   19.297314] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.297482] Hardware name: linux,dummy-virt (DT)
[   19.297519] Call trace:
[   19.297636]  show_stack+0x20/0x38 (C)
[   19.297700]  dump_stack_lvl+0x8c/0xd0
[   19.297775]  print_report+0x118/0x5d0
[   19.297892]  kasan_report_invalid_free+0xc0/0xe8
[   19.297971]  __kasan_mempool_poison_pages+0xe0/0xe8
[   19.298032]  mempool_free+0x24c/0x328
[   19.298114]  mempool_double_free_helper+0x150/0x2e8
[   19.298181]  mempool_page_alloc_double_free+0xbc/0x118
[   19.298248]  kunit_try_run_case+0x170/0x3f0
[   19.298352]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.298404]  kthread+0x328/0x630
[   19.298458]  ret_from_fork+0x10/0x20
[   19.298506] 
[   19.298527] The buggy address belongs to the physical page:
[   19.298560] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e4
[   19.298612] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   19.298683] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   19.298771] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.298812] page dumped because: kasan: bad access detected
[   19.298843] 
[   19.298860] Memory state around the buggy address:
[   19.299091]  fff00000c78e3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.299146]  fff00000c78e3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.299208] >fff00000c78e4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.299271]                    ^
[   19.299327]  fff00000c78e4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.299371]  fff00000c78e4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.299409] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

30EaRlW1hcZUcAyQauMeYdebh6E

job_id

TEST:linaro@lkft#30EaWVUHqFABEKnxRbofWz5vTxK

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30EaWVUHqFABEKnxRbofWz5vTxK

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30EaSpJ6ulueMjitAIiYHSdicUo/Image.gz
sha256sum	6f108bf41d35f1fce19b9f3dd48bea0e689f69bd759e1a3761fef3bdacebcbc1

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30EaSpJ6ulueMjitAIiYHSdicUo/modules.tar.xz
sha256sum	076bc5627f64b7f8fa64e90c5d7ade67331e333d4f3c6ec9ca7d6c88fba26e07

durations

tests

boot	0
kunit	199.35

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   12.841380] ==================================================================
[   12.842236] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   12.843301] Free of addr ffff888103ca0000 by task kunit_try_catch/259
[   12.843548] 
[   12.843720] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G    B            N  6.15.8-rc1 #1 PREEMPT(voluntary) 
[   12.843767] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.843778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.843799] Call Trace:
[   12.843811]  <TASK>
[   12.843945]  dump_stack_lvl+0x73/0xb0
[   12.843974]  print_report+0xd1/0x610
[   12.843998]  ? __virt_addr_valid+0x1db/0x2d0
[   12.844019]  ? kasan_addr_to_slab+0x11/0xa0
[   12.844039]  ? mempool_double_free_helper+0x184/0x370
[   12.844063]  kasan_report_invalid_free+0x10a/0x130
[   12.844088]  ? mempool_double_free_helper+0x184/0x370
[   12.844114]  ? mempool_double_free_helper+0x184/0x370
[   12.844137]  __kasan_mempool_poison_pages+0x115/0x130
[   12.844160]  mempool_free+0x290/0x380
[   12.844183]  mempool_double_free_helper+0x184/0x370
[   12.844207]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   12.844247]  ? finish_task_switch.isra.0+0x153/0x700
[   12.844274]  mempool_page_alloc_double_free+0xe8/0x140
[   12.844296]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   12.844315]  ? dequeue_task_fair+0x156/0x4e0
[   12.844338]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   12.844546]  ? __pfx_mempool_free_pages+0x10/0x10
[   12.844575]  ? __pfx_read_tsc+0x10/0x10
[   12.844598]  ? ktime_get_ts64+0x86/0x230
[   12.844624]  kunit_try_run_case+0x1a5/0x480
[   12.844646]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.844682]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.844703]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.844727]  ? __kthread_parkme+0x82/0x180
[   12.844748]  ? preempt_count_sub+0x50/0x80
[   12.844772]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.844792]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.844815]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.844838]  kthread+0x337/0x6f0
[   12.844854]  ? trace_preempt_on+0x20/0xc0
[   12.844877]  ? __pfx_kthread+0x10/0x10
[   12.844895]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.844921]  ? calculate_sigpending+0x7b/0xa0
[   12.844943]  ? __pfx_kthread+0x10/0x10
[   12.844961]  ret_from_fork+0x41/0x80
[   12.844981]  ? __pfx_kthread+0x10/0x10
[   12.845000]  ret_from_fork_asm+0x1a/0x30
[   12.845032]  </TASK>
[   12.845045] 
[   12.863097] The buggy address belongs to the physical page:
[   12.863304] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ca0
[   12.864325] flags: 0x200000000000000(node=0|zone=2)
[   12.864959] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   12.865787] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   12.866698] page dumped because: kasan: bad access detected
[   12.867074] 
[   12.867148] Memory state around the buggy address:
[   12.867321]  ffff888103c9ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.868209]  ffff888103c9ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.868995] >ffff888103ca0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.869767]                    ^
[   12.870155]  ffff888103ca0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.870731]  ffff888103ca0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.871296] ==================================================================
[   12.809859] ==================================================================
[   12.810283] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   12.811306] Free of addr ffff888103c9c000 by task kunit_try_catch/257
[   12.811838] 
[   12.812020] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G    B            N  6.15.8-rc1 #1 PREEMPT(voluntary) 
[   12.812211] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.812303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.812328] Call Trace:
[   12.812341]  <TASK>
[   12.812373]  dump_stack_lvl+0x73/0xb0
[   12.812401]  print_report+0xd1/0x610
[   12.812423]  ? __virt_addr_valid+0x1db/0x2d0
[   12.812445]  ? kasan_addr_to_slab+0x11/0xa0
[   12.812465]  ? mempool_double_free_helper+0x184/0x370
[   12.812489]  kasan_report_invalid_free+0x10a/0x130
[   12.812513]  ? mempool_double_free_helper+0x184/0x370
[   12.812540]  ? mempool_double_free_helper+0x184/0x370
[   12.812562]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   12.812587]  mempool_free+0x2ec/0x380
[   12.812610]  mempool_double_free_helper+0x184/0x370
[   12.812634]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   12.812658]  ? dequeue_entities+0x852/0x1740
[   12.812689]  ? irqentry_exit+0x2a/0x60
[   12.812707]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.812731]  mempool_kmalloc_large_double_free+0xed/0x140
[   12.812755]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   12.812782]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.812802]  ? __pfx_mempool_kfree+0x10/0x10
[   12.812823]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   12.812849]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   12.812876]  kunit_try_run_case+0x1a5/0x480
[   12.812896]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.812920]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.812941]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.812965]  ? __kthread_parkme+0x82/0x180
[   12.812986]  ? preempt_count_sub+0x50/0x80
[   12.813013]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.813035]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.813058]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.813082]  kthread+0x337/0x6f0
[   12.813099]  ? trace_preempt_on+0x20/0xc0
[   12.813122]  ? __pfx_kthread+0x10/0x10
[   12.813139]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.813161]  ? calculate_sigpending+0x7b/0xa0
[   12.813183]  ? __pfx_kthread+0x10/0x10
[   12.813201]  ret_from_fork+0x41/0x80
[   12.813234]  ? __pfx_kthread+0x10/0x10
[   12.813252]  ret_from_fork_asm+0x1a/0x30
[   12.813283]  </TASK>
[   12.813294] 
[   12.826829] The buggy address belongs to the physical page:
[   12.827320] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c9c
[   12.827567] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.828127] flags: 0x200000000000040(head|node=0|zone=2)
[   12.828734] page_type: f8(unknown)
[   12.829089] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.829905] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.830297] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.830852] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.831793] head: 0200000000000002 ffffea00040f2701 00000000ffffffff 00000000ffffffff
[   12.832484] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.833010] page dumped because: kasan: bad access detected
[   12.833421] 
[   12.833493] Memory state around the buggy address:
[   12.833645]  ffff888103c9bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.834202]  ffff888103c9bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.834909] >ffff888103c9c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.835629]                    ^
[   12.836007]  ffff888103c9c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.836546]  ffff888103c9c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   12.836975] ==================================================================
[   12.771239] ==================================================================
[   12.772159] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   12.772968] Free of addr ffff888103cfc500 by task kunit_try_catch/255
[   12.773438] 
[   12.773644] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G    B            N  6.15.8-rc1 #1 PREEMPT(voluntary) 
[   12.773767] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.773781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.773804] Call Trace:
[   12.773816]  <TASK>
[   12.773833]  dump_stack_lvl+0x73/0xb0
[   12.773864]  print_report+0xd1/0x610
[   12.773888]  ? __virt_addr_valid+0x1db/0x2d0
[   12.773913]  ? kasan_complete_mode_report_info+0x64/0x200
[   12.773935]  ? mempool_double_free_helper+0x184/0x370
[   12.773960]  kasan_report_invalid_free+0x10a/0x130
[   12.773984]  ? mempool_double_free_helper+0x184/0x370
[   12.774011]  ? mempool_double_free_helper+0x184/0x370
[   12.774033]  ? mempool_double_free_helper+0x184/0x370
[   12.774056]  check_slab_allocation+0x101/0x130
[   12.774079]  __kasan_mempool_poison_object+0x91/0x1d0
[   12.774103]  mempool_free+0x2ec/0x380
[   12.774128]  mempool_double_free_helper+0x184/0x370
[   12.774152]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   12.774175]  ? update_load_avg+0x1be/0x21b0
[   12.774200]  ? finish_task_switch.isra.0+0x153/0x700
[   12.774240]  mempool_kmalloc_double_free+0xed/0x140
[   12.774264]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   12.774288]  ? dequeue_task_fair+0x166/0x4e0
[   12.774310]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.774328]  ? __pfx_mempool_kfree+0x10/0x10
[   12.774350]  ? __pfx_read_tsc+0x10/0x10
[   12.774370]  ? ktime_get_ts64+0x86/0x230
[   12.774395]  kunit_try_run_case+0x1a5/0x480
[   12.774418]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.774436]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.774459]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.774483]  ? __kthread_parkme+0x82/0x180
[   12.774505]  ? preempt_count_sub+0x50/0x80
[   12.774529]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.774549]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.774572]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.774595]  kthread+0x337/0x6f0
[   12.774611]  ? trace_preempt_on+0x20/0xc0
[   12.774636]  ? __pfx_kthread+0x10/0x10
[   12.774654]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.774686]  ? calculate_sigpending+0x7b/0xa0
[   12.774709]  ? __pfx_kthread+0x10/0x10
[   12.774727]  ret_from_fork+0x41/0x80
[   12.774747]  ? __pfx_kthread+0x10/0x10
[   12.774764]  ret_from_fork_asm+0x1a/0x30
[   12.774796]  </TASK>
[   12.774807] 
[   12.788038] Allocated by task 255:
[   12.788452]  kasan_save_stack+0x45/0x70
[   12.788651]  kasan_save_track+0x18/0x40
[   12.789058]  kasan_save_alloc_info+0x3b/0x50
[   12.789267]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   12.789901]  remove_element+0x11e/0x190
[   12.790131]  mempool_alloc_preallocated+0x4d/0x90
[   12.790486]  mempool_double_free_helper+0x8a/0x370
[   12.791054]  mempool_kmalloc_double_free+0xed/0x140
[   12.791421]  kunit_try_run_case+0x1a5/0x480
[   12.791614]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.791958]  kthread+0x337/0x6f0
[   12.792188]  ret_from_fork+0x41/0x80
[   12.792665]  ret_from_fork_asm+0x1a/0x30
[   12.792953] 
[   12.793195] Freed by task 255:
[   12.793488]  kasan_save_stack+0x45/0x70
[   12.793818]  kasan_save_track+0x18/0x40
[   12.794208]  kasan_save_free_info+0x3f/0x60
[   12.794680]  __kasan_mempool_poison_object+0x131/0x1d0
[   12.794971]  mempool_free+0x2ec/0x380
[   12.795170]  mempool_double_free_helper+0x109/0x370
[   12.795422]  mempool_kmalloc_double_free+0xed/0x140
[   12.795642]  kunit_try_run_case+0x1a5/0x480
[   12.796191]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.796616]  kthread+0x337/0x6f0
[   12.796961]  ret_from_fork+0x41/0x80
[   12.797321]  ret_from_fork_asm+0x1a/0x30
[   12.797763] 
[   12.797871] The buggy address belongs to the object at ffff888103cfc500
[   12.797871]  which belongs to the cache kmalloc-128 of size 128
[   12.798625] The buggy address is located 0 bytes inside of
[   12.798625]  128-byte region [ffff888103cfc500, ffff888103cfc580)
[   12.799342] 
[   12.799619] The buggy address belongs to the physical page:
[   12.799995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cfc
[   12.800703] flags: 0x200000000000000(node=0|zone=2)
[   12.800924] page_type: f5(slab)
[   12.801083] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   12.801419] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.801986] page dumped because: kasan: bad access detected
[   12.802469] 
[   12.802721] Memory state around the buggy address:
[   12.803071]  ffff888103cfc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.803607]  ffff888103cfc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.804107] >ffff888103cfc500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.804788]                    ^
[   12.805025]  ffff888103cfc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.805340]  ffff888103cfc600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.805635] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

30EaRlW1hcZUcAyQauMeYdebh6E

job_id

TEST:linaro@lkft#30EaY1yQOqV4JySRXFsKWTVrukm

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30EaY1yQOqV4JySRXFsKWTVrukm

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30EaTw8uvpYx9tCm3ZICfhNMNnI/bzImage
sha256sum	215211c9ffbc30f7da06e446c23393cbd85dd0dce6cfc2e76dfe983268e0fd6f

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30EaTw8uvpYx9tCm3ZICfhNMNnI/modules.tar.xz
sha256sum	a7c1adb8beea2d29cd88ecba2f3d585aa904241bd0d61a861fcebc67fa6cd397

durations

tests

boot	0
kunit	220.14

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit